Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jondonas/linux-exploit-suggester-2

Next-Generation Linux Kernel Exploit Suggester
https://github.com/jondonas/linux-exploit-suggester-2

Last synced: 20 days ago
JSON representation

Next-Generation Linux Kernel Exploit Suggester

Host: GitHub
URL: https://github.com/jondonas/linux-exploit-suggester-2
Owner: jondonas
License: gpl-2.0
Created: 2016-07-25T22:28:31.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2023-01-28T05:01:23.000Z (almost 2 years ago)
Last Synced: 2024-10-01T16:22:49.825Z (about 1 month ago)
Language: Perl
Homepage:
Size: 31.3 KB
Stars: 1,844
Watchers: 36
Forks: 301
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-pentest-cheat-sheets - Linux_Exploit_Suggester.pl v2 - Next-generation exploit suggester based on Linux_Exploit_Suggester (updated) (📎 Pentest Methodology / 🗝 Privilege Escalation)
awesome-hacking-lists - jondonas/linux-exploit-suggester-2 - Next-Generation Linux Kernel Exploit Suggester (Perl)

README

        
Linux Exploit Suggester 2

=========================

Next-generation exploit suggester based on [Linux_Exploit_Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester)

Key Improvements Include:

* More exploits!

* Option to download exploit code directly from Exploit DB

* Accurate wildcard matching. This expands the scope of searchable exploits.

* Output colorization for easy viewing.

* And more to come!

This script is extremely useful for quickly finding privilege escalation vulnerabilities both in on-site and exam environments. 

Usage

==============

When run without arguments, the script performs a 'uname -r' to grab the Linux operating system release version, and returns a list of possible exploits. Links to CVEs and applicable exploit POCs are included. Keep in mind that a patched/back-ported patch may fool this script.

```

$ ./linux-exploit-suggester-2.pl

  Local Kernel: 4.4.0

  Searching among 73 exploits...

  Possible Exploits

  [1] af_packet

      CVE-2016-8655

      Source: http://www.exploit-db.com/exploits/40871

  [2] dirty_cow

      CVE-2016-5195

      Source: http://www.exploit-db.com/exploits/40616

  [3] exploit_x

      CVE-2018-14665

      Source: http://www.exploit-db.com/exploits/45697

  [4] get_rekt

      CVE-2017-16695

      Source: http://www.exploit-db.com/exploits/45010

```

Use the **-k** flag to manually enter a wildcard for the kernel/operating system release version.

```

$ ./linux-exploit-suggester-2.pl -k 3

```

Use the **-d** flag to open a download menu to retrieve exploit code directly from Exploit DB. You can either download all exploits or select them individually by number.

```

$ ./linux-exploit-suggester-2.pl -d

  Exploit Download

  (Download all: 'a' / Individually: '2,4,5' / Exit: ^c)

  Select exploits to download: a

  Downloading https://www.exploit-db.com/raw/40871 -> exploit_af_packet

  Downloading https://www.exploit-db.com/raw/40616 -> exploit_dirty_cow

  Downloading https://www.exploit-db.com/raw/45697 -> exploit_exploit_x

  Downloading https://www.exploit-db.com/raw/45010 -> exploit_get_rekt

```

Use the **-h** flag to display the help menu

Contributing

============

This project is in active development. Feel free to suggest a new feature or open a pull request!