M7L3: Easily Find an Exploit in Exploit DB and Get It Compiled All from Your Terminal
Step 1: ./Searchsploit
My example below shows a target that’s running Apache 2.0.x., that’s no longer supported, as the most recent Apache versions are 2.4.x and 2.2.x. Navigate to /usr/share/exploitdb
# ./searchsploit apache 2.2
Several exploits are returned. I narrow down to most appropriate exploits depending on the kind of platform in use plus any other relevant factors I learned in the recognizance phase.
Step 2: Select Exploit and Copy to Root
Step 2: Choose your Exploit and Copy it to the Root
I will try to use and exploit 3996.c as my target of choice runs Windows; therefore, I will try using exploit 3996.c. Next, I will copy the exploit on over to my root directory for ease of use
cp /usr/share/exploitdb/platform/windows/remote/3996.c /root/3996.c
Step 3: Review File Using Gedit
Move to /root and gedit the exploit.
Analyze the exploit to acquire more information including requirements and usage.
Step 4: Compile the Exploit
The next step is compiling the exploit. My file in this example is written in C+, as signified by the ‘.c’. I will similarly retitle my exploit ‘apache’ with the use of switch ‘-o’
gcc 3996.c -o apache.
To execute I need to enter:
Step 5: Permissions
I don’t see this example giving you any problems with permissions for any reason, however, if it does, take permission of the file by issuing the following command, using the above example.
chmod +x ./apache
Hope you enjoyed!