This is a tool for searching Exploits from some Exploit Databases. Exploits are inserted at sqlite database(go-exploitdb) can be searched by command line interface. In server mode, a simple Web API can be used.
As the following vulnerabilities database
- ExploitDB(OffensiveSecurity) by CVE number or Exploit Database ID.
- GitHub Repositories
- Awesome Cve Poc
Docker Deployment
There’s a Docker image available docker pull princechrismc/go-exploitdb
. When using the container, it takes the same arguments as the normal command line.
Installation for local deployment
Requirements
go-exploitdb requires the following packages.
- git
- SQLite3, MySQL, PostgreSQL, Redis
- latest version of go
Install go-exploitdb
$ mkdir -p $GOPATH/src/github.com/vulsio
$ cd $GOPATH/src/github.com/vulsio
$ git clone https://github.com/vulsio/go-exploitdb.git
$ cd go-exploitdb
$ make install
Usage: Fetch and Insert Exploit
$ go-exploitdb fetch --help
Fetch the data of exploit
Usage:
go-exploitdb fetch [command]
Available Commands:
awesomepoc Fetch the data of Awesome Poc
exploitdb Fetch the data of offensive security exploit db
githubrepos Fetch the data of github repos
Flags:
--batch-size int The number of batch size to insert. NOTE: This Option does not work for dbtype: redis. (default 500)
--expire uint timeout to set for Redis keys in seconds. If set to 0, the key is persistent.
-h, --help help for fetch
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Use "go-exploitdb fetch [command] --help" for more information about a command.
Fetch and Insert Offensive Security ExploitDB
$ go-exploitdb fetch exploitdb
Usage: Search Exploits
$ go-exploitdb search -h
Search the data of exploit
Usage:
go-exploitdb search [flags]
Flags:
-h, --help help for search
--param string All Exploits: None | by CVE: [CVE-xxxx] | by ID: [xxxx] (default: None)
--type string All Exploits by CVE: CVE | by ID: ID (default: CVE)
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Search Exploits by CVE(ex. CVE-2009-4091)
$ go-exploitdb search --type CVE --param CVE-2009-4091
Results:
---------------------------------------
[*]CVE-ExploitID Reference:
CVE: CVE-2009-4091
Exploit Type: OffensiveSecurity
Exploit Unique ID: 10180
URL: https://www.exploit-db.com/exploits/10180
Description: Simplog 0.9.3.2 - Multiple Vulnerabilities
[*]Exploit Detail Info:
[*]OffensiveSecurity:
- Document:
Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt
File Type: webapps
---------------------------------------
Search Exploits by ExploitDB-ID(ex. ExploitDB-ID: 10180)
$ go-exploitdb search --type ID --param 10180 Results: --------------------------------------- [*]CVE-ExploitID Reference: CVE: CVE-2009-4091 Exploit Type: OffensiveSecurity Exploit Unique ID: 10180 URL: https://www.exploit-db.com/exploits/10180 Description: Simplog 0.9.3.2 - Multiple Vulnerabilities [*]Exploit Detail Info: [*]OffensiveSecurity: - Document: Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt File Type: webapps --------------------------------------- [*]CVE-ExploitID Reference: CVE: CVE-2009-4092 Exploit Type: OffensiveSecurity Exploit Unique ID: 10180 URL: https://www.exploit-db.com/exploits/10180 Description: Simplog 0.9.3.2 - Multiple Vulnerabilities [*]Exploit Detail Info: [*]OffensiveSecurity: - Document: Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt File Type: webapps --------------------------------------- [*]CVE-ExploitID Reference: CVE: CVE-2009-4093 Exploit Type: OffensiveSecurity Exploit Unique ID: 10180 URL: https://www.exploit-db.com/exploits/10180 Description: Simplog 0.9.3.2 - Multiple Vulnerabilities [*]Exploit Detail Info: [*]OffensiveSecurity: - Document: Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt File Type: webapps ---------------------------------------
Usage: Start go-exploitdb as server mode
$ go-exploitdb server -h Start go-exploitdb HTTP server Usage: go-exploitdb server [flags] Flags: --bind string HTTP server bind to IP address (default: loop back interface -h, --help help for server --port string HTTP server port number (default: 1326 Global Flags: --config string config file (default is $HOME/.go-exploitdb.yaml) --dbpath string /path/to/sqlite3 or SQL connection string --dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported) --debug debug mode (default: false) --debug-sql SQL debug mode --http-proxy string http://proxy-url:port (default: empty) --log-dir string /path/to/log --log-json output log as JSON --log-to-file output log to file
Starting Server
$ go-exploitdb server INFO[09-30|15:05:57] Starting HTTP Server... INFO[09-30|15:05:57] Listening... URL=127.0.0.1:1326
Search Exploits Get by cURL for CVE(ex. CVE-2006-2896)
$ curl http://127.0.0.1:1326/cves/CVE-2006-2896 | jq % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:100 666 100 666 0 0 39340 0 --:--:-- --:--:-- --:--:-- 41625 [ { "ID": 325173, "exploit_type": "OffensiveSecurity", "exploit_unique_id": "1875", "url": "https://www.exploit-db.com/exploits/1875", "description": "FunkBoard CF0.71 - 'profile.php' Remote User Pass Change", "cve_id": "CVE-2006-2896", "offensive_security": { "ID": 325173, "ExploitID": 325173, "exploit_unique_id": "1875", "document": { "OffensiveSecurityID": 325173, "exploit_unique_id": "1875", "document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/1875.html", "description": "FunkBoard CF0.71 - 'profile.php' Remote User Pass Change", "date": "0001-01-01T00:00:00Z", "author": "ajann", "type": "webapps", "platform": "php", "port": "" }, "shell_code": null, } } ]
Search Exploits by Unique ID(ex. Exploit Unique ID: 10180)
$ curl http://127.0.0.1:1326/id/10180 | jq % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:100 1936 100 1936 0 0 52643 0 --:--:-- --:--:-- --:--:-- 53777 [ { "ID": 334917, "exploit_type": "OffensiveSecurity", "exploit_unique_id": "10180", "url": "https://www.exploit-db.com/exploits/10180", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "cve_id": "CVE-2009-4091", "offensive_security": { "ID": 334917, "ExploitID": 334917, "exploit_unique_id": "10180", "document": { "OffensiveSecurityID": 334917, "exploit_unique_id": "10180", "document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "date": "0001-01-01T00:00:00Z", "author": "Amol Naik", "type": "webapps", "platform": "php", "port": "" }, "shell_code": null, } }, { "ID": 334918, "exploit_type": "OffensiveSecurity", "exploit_unique_id": "10180", "url": "https://www.exploit-db.com/exploits/10180", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "cve_id": "CVE-2009-4092", "offensive_security": { "ID": 334917, "ExploitID": 334917, "exploit_unique_id": "10180", "document": { "OffensiveSecurityID": 334917, "exploit_unique_id": "10180", "document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "date": "0001-01-01T00:00:00Z", "author": "Amol Naik", "type": "webapps", "platform": "php", "port": "" }, "shell_code": null, } }, { "ID": 334919, "exploit_type": "OffensiveSecurity", "exploit_unique_id": "10180", "url": "https://www.exploit-db.com/exploits/10180", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "cve_id": "CVE-2009-4093", "offensive_security": { "ID": 334917, "ExploitID": 334917, "exploit_unique_id": "10180", "document": { "OffensiveSecurityID": 334917, "exploit_unique_id": "10180", "document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt", "description": "Simplog 0.9.3.2 - Multiple Vulnerabilities", "date": "0001-01-01T00:00:00Z", "author": "Amol Naik", "type": "webapps", "platform": "php", "port": "" }, "shell_code": null, } } ]
Leave a Reply