How to use the command searchsploit (with examples)
The searchsploit command is a powerful tool that allows users to search the exploit database’s database for exploits, shellcodes, and papers. It can be used to quickly find relevant information about specific vulnerabilities and their associated exploits. With various command line arguments, searchsploit offers several use cases to cater to different needs.
Use case 1: Search for an exploit, shellcode, or paper
Code:
searchsploit search_terms
Motivation: This use case is useful when you want to search for a specific exploit, shellcode, or paper related to a vulnerability. By providing the search terms, searchsploit will return a list of matched results.
Explanation: The search_terms parameter is used to specify the keywords you want to search for. It can include the name of the vulnerability, software, or any other relevant details.
Example Output:
$ searchsploit Heartbleed
----------------------------------- ----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/)
----------------------------------- ----------------------------------
OpenSSL Heartbeat (Heartbleed) Yo | exploits/multiple/remote/32745.py
OpenSSL TLS Heartbeat Buffer Overf | exploits/multiple/remote/32745.txt
----------------------------------- ----------------------------------
Use case 2: Search for a known specific version
Code:
searchsploit <software_name> <version_number>
Motivation: This use case is helpful when you need to find exploits for a particular version of a software package. It allows you to quickly identify vulnerabilities and their associated exploits for a specific version of the software.
Explanation: The command takes the name of the software as the first parameter and the version number as the second parameter. It will search for exploits specific to that version or any other version whose range covers the one specified.
Example Output:
$ searchsploit sudo 1.8.27
--------------------------------|-----------------|-------------
Exploit Title | Path | (/usr/share/exploitdb/)
--------------------------------|-----------------|-------------
No exploits found for version | 1.8.27 |
--------------------------------|-----------------|-------------
Use case 3: Show the exploit-db link to the found resources
Code:
searchsploit --www search_terms
Motivation: This use case allows you to quickly access the exploit-db link for the found resources. It is helpful when you want to view additional details and information provided in the link.
Explanation: By using the --www flag, searchsploit will display the exploit-db link associated with each of the search results.
Example Output:
$ searchsploit --www Heartbleed
----------------------------------- ---------------------------------- ----------------------
Exploit Title | Path | URL
----------------------------------- ---------------------------------- ----------------------
OpenSSL Heartbeat (Heartbleed) Yo | exploits/multiple/remote/32745.py | https://www.exploit-db.com/exploits/32745/
OpenSSL TLS Heartbeat Buffer Overf | exploits/multiple/remote/32745.txt | https://www.exploit-db.com/exploits/32745/
----------------------------------- ---------------------------------- ----------------------
Use case 4: Make a copy of the resource to the current directory
Code:
searchsploit --mirror exploit_number
Motivation: This use case allows you to make a local copy of an exploit from the exploit-db database. Having the exploit locally gives you the flexibility to further analyze and investigate it.
Explanation: The --mirror flag, followed by the exploit number, instructs searchsploit to make a copy of the exploit to the current working directory. The exploit number can be found in the search results.
Example Output:
$ searchsploit --mirror 32745
[+] Downloading: exploits/multiple/remote/32745.py
[+] File saved to: /path/to/current_directory/exploits/multiple/remote/32745.py
Use case 5: Open the resource to read with the pager defined in the $PAGER environment variable
Code:
searchsploit --explore exploit_number
Motivation: This use case allows you to open and read an exploit using your preferred pager defined in the $PAGER environment variable. It provides a convenient way to view exploit details within the terminal.
Explanation: The --explore flag, followed by the exploit number, opens the exploit file using the default pager defined in the $PAGER environment variable. You can navigate through the exploit file using your preferred pager’s controls.
Example Output:
$ searchsploit --explore 32745
(Note: The output will open the exploit file in the defined pager, such as less or more)
Use case 6: Update the local exploit database
Code:
searchsploit --update
Motivation: This use case ensures that you have the latest version of the exploit database. It is important to regularly update the database to access the most recent exploits and vulnerability information.
Explanation: The --update flag triggers the update process of the local exploit database. It retrieves the latest version of the database and updates it to the system.
Example Output:
$ searchsploit --update
[*] Updating searchsploit ...
[*] searchsploit is not the latest version - please update
[*] Most recent version is 2022-10-13
[*] 256039 exploits available
[+] Downloading: exploits.tar.gz
...
Conclusion: The searchsploit command is an invaluable tool for searching and exploring the exploit database. With different use cases, it allows users to search for specific vulnerabilities, view associated exploits, make local copies, and keep the database up-to-date. Whether you are a security professional, researcher, or enthusiast, searchsploit simplifies the process of finding and analyzing exploits, shellcodes, and papers associated with vulnerabilities.
