LinuxCommandLibrary

searchsploit

Exploit Database Archive Search

TLDR

Search for an exploit, shellcode, or paper

$ searchsploit [search_terms]
copy


Search for a known specific version, e.g. sudo version 1.8.27
$ searchsploit sudo 1.8.27
copy


Show the exploit-db link to the found resources
$ searchsploit --www [search_terms]
copy


Copy ([m]irror) the resource to the current directory (requires the number of the exploit)
$ searchsploit --mirror [exploit_number]
copy


E[x]amine the resource, using the pager defined in the $PAGER environment variable
$ searchsploit --examine [exploit_number]
copy


[u]pdate the local Exploit Database
$ searchsploit --update
copy


Search for the [c]ommon [v]ulnerabilities and [e]xposures (CVE) value
$ searchsploit --cve [2021-44228]
copy


Check results in nmap's XML output with service version (nmap -sV -oX nmap-output.xml) for known exploits
$ searchsploit --nmap [path/to/nmap-output.xml]
copy

SYNOPSIS

searchsploit [options] term1 [term2] ... [termN]

DESCRIPTION

Allow you to search through exploits and shellcodes using one or more terms from Exploit-DB

OPTIONS

-c, --case [Term] Perform a case-sensitive search (Default is inSEnsITiVe). -e, --exact [Term] Perform an EXACT match on exploit title (Default is AND) [Implies "-t"]. -h, --help Show this help screen. -j, --json [Term] Show result in JSON format. -m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory. -o, --overflow [Term] Exploit titles are allowed to overflow their columns. -p, --path [EDB-ID] Show the full path to an exploit (and also copies the path to the clipboard if possible). -t, --title [Term] Search JUST the exploit title (Default is title AND the file's path). -u, --update Check for and install any exploitdb pack‐ age updates (deb or git). -w, --www [Term] Show URLs to Exploit-DB.com rather than the local path. -x, --examine [EDB-ID] Examine (aka opens) the exploit using $PAGER. --colour Disable colour highlighting in search re‐ sults. --id Display the EDB-ID value rather than lo‐ cal path. --nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml). Use "-v" (verbose) to try even more combinations --exclude="term" Remove values from results. By using "|" to separated you can chain multiple values. e.g. --exclude="term1|term2|term3".

EXAMPLE

searchsploit afd windows local searchsploit -t oracle windows searchsploit -p 39446 searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"

AVAILABILITY

As this is bash script, should be available on most *nix systems.

BUGS

No bugs have been reported for this version. Any bugs should be re‐ ported to Exploit-DB's GitHub repo (https://github.com/offensive-secu‐ rity/exploit-database).

NOTES

https://www.exploit-db.com/ Exploit Database Homepage https://www.exploit-db.com/searchsploit/ SearchSploit manual

COPYRIGHT

Distributed under GNU General Public License v2.0 (https://github.com/offensive-security/exploit-database/blob/master/LI‐ CENSE.md)

AUTHOR

Offensive Security (https://www.offensive-security.com/) Unix-Ninja g0tmi1k (https://twitter.com/g0tmi1k)

Copied to clipboard