{"id":13589561,"url":"https://github.com/belane/linux-soft-exploit-suggester","last_synced_at":"2025-04-09T19:18:16.464Z","repository":{"id":50320941,"uuid":"98024693","full_name":"belane/linux-soft-exploit-suggester","owner":"belane","description":"Search Exploitable Software on Linux","archived":false,"fork":false,"pushed_at":"2023-04-14T16:36:05.000Z","size":1605,"stargazers_count":227,"open_issues_count":0,"forks_count":51,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-04-09T19:18:11.704Z","etag":null,"topics":["ctf","elevate","exploits","hacking-tool","linux","pentest","security","security-tools","vulnerabilities"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/belane.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-07-22T10:37:20.000Z","updated_at":"2025-03-30T07:34:45.000Z","dependencies_parsed_at":"2024-01-07T04:48:28.180Z","dependency_job_id":null,"html_url":"https://github.com/belane/linux-soft-exploit-suggester","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2Flinux-soft-exploit-suggester","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2Flinux-soft-exploit-suggester/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2Flinux-soft-exploit-suggester/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2Flinux-soft-exploit-suggester/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/belane","download_url":"https://codeload.github.com/belane/linux-soft-exploit-suggester/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248094989,"owners_count":21046770,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","elevate","exploits","hacking-tool","linux","pentest","security","security-tools","vulnerabilities"],"created_at":"2024-08-01T16:00:31.612Z","updated_at":"2025-04-09T19:18:16.432Z","avatar_url":"https://github.com/belane.png","language":"Python","readme":"# linux-soft-exploit-suggester\n\nScript to find exploits for all vulnerable software on the system, targeting software packages rather than just kernel vulnerabilities.\nIt uses the [exploit database](https://gitlab.com/exploit-database/exploitdb) to assess the security of packages and search for exploits to help with privilege escalation.\n\n## Usage\n\n### Download\n```\nwget https://raw.githubusercontent.com/belane/linux-soft-exploit-suggester/master/linux-soft-exploit-suggester.py\n```\n\n### Basic use. Downloads the exploit database, generates a list of packages and searches for exploits.\n```\npython linux-soft-exploit-suggester.py\n```\n\n### Run from a list of packages from another system if you can't run from target.\n-\t**Debian/Ubuntu**: `dpkg -l \u003e package_list`\n-\t**RedHat/CentOS**: `rpm -qa \u003e package_list`\n```\npython linux-soft-exploit-suggester.py --file package_list --distro debian\n```\n\n### Update exploit database.\n```\npython linux-soft-exploit-suggester.py --update\n```\n\n### Look for exploits for running processes, setuid binaries and linux capabilities.\n```\npython linux-soft-exploit-suggester.py --juicy\n```\n\n### Filter exploits by local exploit type and minor versions.\n```\npython linux-soft-exploit-suggester.py --level 2 --type local\n```\n\n## Example Output\n\n```\n\u003e python linux-soft-exploit-suggester.py --file packages --db files_exploits.csv\n\n  |  _         __ _  _ |    _    _ | _  |    __    __  __  _  __ |   _  _\n  |·| || |\\/  (_ | ||_ |-  /_)\\/| \\|| |·|-  (_ | ||  )|  )/_)(_  |- /_)|\n  ||| ||_|/\\  __)|_||  |_  \\_ /\\|_/||_|||_  __)|_||_/ |_/ \\_ __) |_ \\_ |\n                                |                 _/  _/\n\n[!] DNSTracer 1.9 - Buffer Overflow - local\n  \t From: dnstracer 1.9\n  \t File: /usr/share/exploitdb/platforms/linux/local/42424.py\n  \t Url: https://www.exploit-db.com/exploits/42424\n[!] GNU Wget \u003c 1.18 - Arbitrary File Upload / Remote Code Execution - remote\n  \t From: wget 1.17.1\n  \t File: /usr/share/exploitdb/platforms/linux/remote/40064.txt\n  \t Url: https://www.exploit-db.com/exploits/40064\n[!] GNU Screen 4.5.0 - Privilege Escalation (PoC) - local\n  \t From: screen 4.3.1\n  \t File: /usr/share/exploitdb/platforms/linux/local/41152.txt\n  \t Url: https://www.exploit-db.com/exploits/41152\n[!] Ghostscript 9.21 - Type Confusion Arbitrary Command Execution (Metasploit) - local\n  \t From: ghostscript 9.21\n  \t File: /usr/share/exploitdb/platforms/linux/local/41955.rb\n  \t Url: https://www.exploit-db.com/exploits/41955\n[!] MAWK 1.3.3-17 - Local Buffer Overflow - local\n  \t From: mawk 1.3.3\n  \t File: /usr/share/exploitdb/platforms/linux/local/42357.py\n  \t Url: https://www.exploit-db.com/exploits/42357\n[!] Sudo 1.8.20 - 'get_process_ttyname()' Privilege Escalation - local\n  \t From: sudo 1.8.20\n  \t File: /usr/share/exploitdb/platforms/linux/local/42183.c\n  \t Url: https://www.exploit-db.com/exploits/42183\n\n...\n```\n\n## Full Help\n\n```\n\u003e python linux-soft-exploit-suggester.py -h\n\n  |  _         __ _  _ |    _    _ | _  |    __    __  __  _  __ |   _  _\n  |·| || |\\/  (_ | ||_ |-  /_)\\/| \\|| |·|-  (_ | ||  )|  )/_)(_  |- /_)|\n  ||| ||_|/\\  __)|_||  |_  \\_ /\\|_/||_|||_  __)|_||_/ |_/ \\_ __) |_ \\_ |\n                                |                 _/  _/\n\nlinux-soft-exploit-suggester:\n  Search for Exploitable Software from package list.\n\noptional arguments:\n  -h, --help            Show this help message and exit\n  -f FILE, --file FILE  Package list file\n  --clean               Use clean package list, if used 'dpkg-query -W'\n  --duplicates          Show duplicate exploits\n  --db DB               Exploits csv file [default: files_exploits.csv]\n  -j, --juicy           Search packages of running processes, setuid binaries and linux capabilities\n  --update              Download latest version of exploits db\n  -d debian|redhat, --distro debian|redhat\n                        Linux flavor, debian or redhat [default: debian]\n  --dos                 Include DoS exploits\n  --intense             Include intense package name search,\n                        when software name doesn't match package name (experimental)\n  -l 1-5, --level 1-5   Software version search variation [default: 1]                        \n                          level 1: Same version                        \n                          level 2: Micro and Patch version                        \n                          level 3: Minor version                        \n                          level 4: Major version                        \n                          level 5: All versions\n  --type TYPE           Exploit type; local, remote, webapps, dos.\n                          e.g.\t--type local\n                        \t--type remote\n  --filter FILTER       Filter exploits by string\n                          e.g.\t--filter \"escalation\"\n\nusage examples:     \n  Basic usage:\n\tpython linux-soft-exploit-suggester.py \n     \n  Update exploit database:\n\tpython linux-soft-exploit-suggester.py --update \n     \n  Search packages from juicy binaries:\n\tpython linux-soft-exploit-suggester.py --juicy \n     \n  Specify package list or exploit db:\n\tpython linux-soft-exploit-suggester.py --file package_list --db files_exploits.csv \n     \n  Use Redhat/Centos format file:\n\tpython linux-soft-exploit-suggester.py --file package_list --distro redhat \n     \n  Search exploit for major version:\n\tpython linux-soft-exploit-suggester.py --file package_list --level 4 \n     \n  Filter by remote exploits:\n\tpython linux-soft-exploit-suggester.py --file package_list --type remote \n     \n  Search specific words in exploit title:\n\tpython linux-soft-exploit-suggester.py --file package_list --filter Overflow\n```\n","funding_links":[],"categories":["📎 Pentest Methodology","Privilege Escalation","Linux"],"sub_categories":["🗝 Privilege Escalation","Linux Privilege Escalation","Tools"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbelane%2Flinux-soft-exploit-suggester","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbelane%2Flinux-soft-exploit-suggester","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbelane%2Flinux-soft-exploit-suggester/lists"}