Code Monkey home page Code Monkey logo

linux_exploit_suggester's Introduction

Linux_Exploit_Suggester

Linux Exploit Suggester; based on operating system release number.

This program run without arguments will perform a 'uname -r' to grab the Linux Operating Systems release version, and return a suggestive list of possible exploits. Nothing fancy, so a patched/back-ported patch may fool this script.

Additionally possible to provide '-k' flag to manually enter the Kernel Version/Operating System Release Version.

This script has been extremely useful on site and in exams. Now Open-sourced under GPLv2.

Sample Output

$ perl ./Linux_Exploit_Suggester.pl -k 3.0.0

Kernel local: 3.0.0

Possible Exploits:
[+] semtex
   CVE-2013-2094
   Source: www.exploit-db.com/download/25444/โ€Ž
[+] memodipper
   CVE-2012-0056
   Source: http://www.exploit-db.com/exploits/18411/
[+] perf_swevent
   CVE-2013-2094
   Source: http://www.exploit-db.com/download/26131

$ perl ./Linux_Exploit_Suggester.pl -k 2.6.28

Kernel local: 2.6.28

Possible Exploits:
[+] sock_sendpage2
   Alt: proto_ops    CVE-2009-2692
   Source: http://www.exploit-db.com/exploits/9436
[+] half_nelson3
   Alt: econet    CVE-2010-4073
   Source: http://www.exploit-db.com/exploits/17787/
[+] reiserfs
   CVE-2010-1146
   Source: http://www.exploit-db.com/exploits/12130/
[+] pktcdvd
   CVE-2010-3437
   Source: http://www.exploit-db.com/exploits/15150/
[+] american-sign-language
   CVE-2010-4347
   Source: http://www.securityfocus.com/bid/45408/
[+] half_nelson
   Alt: econet    CVE-2010-3848
   Source: http://www.exploit-db.com/exploits/6851
[+] udev
   Alt: udev <1.4.1    CVE-2009-1185
   Source: http://www.exploit-db.com/exploits/8478
[+] do_pages_move
   Alt: sieve    CVE-2010-0415
   Source: Spenders Enlightenment
[+] pipe.c_32bit
   CVE-2009-3547
   Source: http://www.securityfocus.com/data/vulnerabilities/exploits/36901-1.c
[+] exit_notify
   Source: http://www.exploit-db.com/exploits/8369
[+] can_bcm
   CVE-2010-2959
   Source: http://www.exploit-db.com/exploits/14814/
[+] ptrace_kmod2
   Alt: ia32syscall,robert_you_suck    CVE-2010-3301
   Source: http://www.exploit-db.com/exploits/15023/
[+] half_nelson1
   Alt: econet    CVE-2010-3848
   Source: http://www.exploit-db.com/exploits/17787/
[+] half_nelson2
   Alt: econet    CVE-2010-3850
   Source: http://www.exploit-db.com/exploits/17787/
[+] sock_sendpage
   Alt: wunderbar_emporium    CVE-2009-2692
   Source: http://www.exploit-db.com/exploits/9435
[+] video4linux
   CVE-2010-3081
   Source: http://www.exploit-db.com/exploits/15024/

linux_exploit_suggester's People

Contributors

garu avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

tkrpata shpedoikal kernelbitch silky ericrun atimorin loveshell chenxiao07 kissthink intfrr huap litsand garu pansuo andy737 thurday selboo im-bill freeznet cyberintruder rehope hellove1985 chibuisimaduka no2key linux520 wyxhydd bitland liebesu edrun lordsaibat mdisec cplushua01 zavierxu smile921 dvanh199 test123asa midnitesnake safe3 trevor3000 d4nnyk 0xroot-bf c2y2 ohhdemgirls ocakgun jevey kslinf ricterz xul4y debug001 yongchuan sagaienet xorllc nersle buptlxb cnrkrglu tdr130 bahtiyarb-torba koumdros zephrfish ralfzhb sh3llsh0ck3d akiraaisha nikikisk tangooricha alkenkite z3v2cicidi thundershark vatslav flyawaytang handlemail cvexva vaginessa izogain diggold kernux 0x90shell 0x-jin lifebarier ph0urce justwee bparafina pantuts shuckstark damnya fengxuangit r00tak marktseng conjuringtricks yas3r wrightrocket gr3yr0n1n sixstars dipsec isnuryusuf c3stbon kulminati zhangqin uppentest renini 0x90n

linux_exploit_suggester's Issues

Partial Kernel Version Not Matching

It looks like the wildcard kernel version isn't working, or I'm doing something wrong.

See that version 0.9 is running on Kali (64-bit).

# ./Linux_Exploit_Suggester.pl --help
Linux Exploit Suggester 0.9
Usage:  ./Linux_Exploit_Suggester.pl  [-h] [-k kernel]

[-h] help (this message)
[-k] kernel number eg. 2.6.28

You can also provide a partial kernel version (eg. 2.4)
to see all exploits available.

<SNIP>

But when I specify 2.4, like the example, nothing gets shown.

root@kali:~/# ./Linux_Exploit_Suggester.pl -k '2.4'

Kernel local: 2.4

Searching among 65 exploits...

Possible Exploits:

Same thing for 2.6.

root@kali:~/# ./Linux_Exploit_Suggester.pl -k '2.6'

Kernel local: 2.6

Searching among 65 exploits...

Possible Exploits:

Now when specifying a full kernel version for 2.6.x, I receive exploits.

root@kali:~/# ./Linux_Exploit_Suggester.pl -k '2.6.32'

Kernel local: 2.6.32

Searching among 65 exploits...

Possible Exploits:
[+] american-sign-language
   CVE-2010-4347
   Source: http://www.securityfocus.com/bid/45408/
<SNIP>

If you need any more details, let me know.

Output does not show exploits just shows searching and exits

Hi,
I tested this on a local box, here is the output I got

$ perl ./Linux_Exploit_Suggester.pl -k 4.2.0

Kernel local: 4.2.0

Searching among 65 exploits...

Possible Exploits:

and then it immediately exited.

Unsure whether its unable to search from any exploits or just could not find any.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.