This is a tool for searching Exploits from some Exploit Databases. Exploits are inserted at sqlite database(go-exploitdb) can be searched by command line interface. In server mode, a simple Web API can be used.
As the following vulnerabilities database
- ExploitDB(OffensiveSecurity) by CVE number or Exploit Database ID.
- GitHub Repositories
- Awesome Cve Poc
Docker Deployment
There’s a Docker image available docker pull princechrismc/go-exploitdb. When using the container, it takes the same arguments as the normal command line.
Installation for local deployment
Requirements
go-exploitdb requires the following packages.
- git
- SQLite3, MySQL, PostgreSQL, Redis
- latest version of go
Install go-exploitdb
$ mkdir -p $GOPATH/src/github.com/vulsio
$ cd $GOPATH/src/github.com/vulsio
$ git clone https://github.com/vulsio/go-exploitdb.git
$ cd go-exploitdb
$ make install
Usage: Fetch and Insert Exploit
$ go-exploitdb fetch --help
Fetch the data of exploit
Usage:
go-exploitdb fetch [command]
Available Commands:
awesomepoc Fetch the data of Awesome Poc
exploitdb Fetch the data of offensive security exploit db
githubrepos Fetch the data of github repos
Flags:
--batch-size int The number of batch size to insert. NOTE: This Option does not work for dbtype: redis. (default 500)
--expire uint timeout to set for Redis keys in seconds. If set to 0, the key is persistent.
-h, --help help for fetch
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Use "go-exploitdb fetch [command] --help" for more information about a command.
Fetch and Insert Offensive Security ExploitDB
$ go-exploitdb fetch exploitdb
Usage: Search Exploits
$ go-exploitdb search -h
Search the data of exploit
Usage:
go-exploitdb search [flags]
Flags:
-h, --help help for search
--param string All Exploits: None | by CVE: [CVE-xxxx] | by ID: [xxxx] (default: None)
--type string All Exploits by CVE: CVE | by ID: ID (default: CVE)
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Search Exploits by CVE(ex. CVE-2009-4091)
$ go-exploitdb search --type CVE --param CVE-2009-4091
Results:
---------------------------------------
[*]CVE-ExploitID Reference:
CVE: CVE-2009-4091
Exploit Type: OffensiveSecurity
Exploit Unique ID: 10180
URL: https://www.exploit-db.com/exploits/10180
Description: Simplog 0.9.3.2 - Multiple Vulnerabilities
[*]Exploit Detail Info:
[*]OffensiveSecurity:
- Document:
Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt
File Type: webapps
---------------------------------------
Search Exploits by ExploitDB-ID(ex. ExploitDB-ID: 10180)
$ go-exploitdb search --type ID --param 10180
Results:
---------------------------------------
[*]CVE-ExploitID Reference:
CVE: CVE-2009-4091
Exploit Type: OffensiveSecurity
Exploit Unique ID: 10180
URL: https://www.exploit-db.com/exploits/10180
Description: Simplog 0.9.3.2 - Multiple Vulnerabilities
[*]Exploit Detail Info:
[*]OffensiveSecurity:
- Document:
Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt
File Type: webapps
---------------------------------------
[*]CVE-ExploitID Reference:
CVE: CVE-2009-4092
Exploit Type: OffensiveSecurity
Exploit Unique ID: 10180
URL: https://www.exploit-db.com/exploits/10180
Description: Simplog 0.9.3.2 - Multiple Vulnerabilities
[*]Exploit Detail Info:
[*]OffensiveSecurity:
- Document:
Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt
File Type: webapps
---------------------------------------
[*]CVE-ExploitID Reference:
CVE: CVE-2009-4093
Exploit Type: OffensiveSecurity
Exploit Unique ID: 10180
URL: https://www.exploit-db.com/exploits/10180
Description: Simplog 0.9.3.2 - Multiple Vulnerabilities
[*]Exploit Detail Info:
[*]OffensiveSecurity:
- Document:
Path: https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt
File Type: webapps
---------------------------------------
Usage: Start go-exploitdb as server mode
$ go-exploitdb server -h
Start go-exploitdb HTTP server
Usage:
go-exploitdb server [flags]
Flags:
--bind string HTTP server bind to IP address (default: loop back interface
-h, --help help for server
--port string HTTP server port number (default: 1326
Global Flags:
--config string config file (default is $HOME/.go-exploitdb.yaml)
--dbpath string /path/to/sqlite3 or SQL connection string
--dbtype string Database type to store data in (sqlite3, mysql, postgres or redis supported)
--debug debug mode (default: false)
--debug-sql SQL debug mode
--http-proxy string http://proxy-url:port (default: empty)
--log-dir string /path/to/log
--log-json output log as JSON
--log-to-file output log to file
Starting Server
$ go-exploitdb server INFO[09-30|15:05:57] Starting HTTP Server... INFO[09-30|15:05:57] Listening... URL=127.0.0.1:1326
Search Exploits Get by cURL for CVE(ex. CVE-2006-2896)
$ curl http://127.0.0.1:1326/cves/CVE-2006-2896 | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:100 666 100 666 0 0 39340 0 --:--:-- --:--:-- --:--:-- 41625
[
{
"ID": 325173,
"exploit_type": "OffensiveSecurity",
"exploit_unique_id": "1875",
"url": "https://www.exploit-db.com/exploits/1875",
"description": "FunkBoard CF0.71 - 'profile.php' Remote User Pass Change",
"cve_id": "CVE-2006-2896",
"offensive_security": {
"ID": 325173,
"ExploitID": 325173,
"exploit_unique_id": "1875",
"document": {
"OffensiveSecurityID": 325173,
"exploit_unique_id": "1875",
"document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/1875.html",
"description": "FunkBoard CF0.71 - 'profile.php' Remote User Pass Change",
"date": "0001-01-01T00:00:00Z",
"author": "ajann",
"type": "webapps",
"platform": "php",
"port": ""
},
"shell_code": null,
}
}
]
Search Exploits by Unique ID(ex. Exploit Unique ID: 10180)
$ curl http://127.0.0.1:1326/id/10180 | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:100 1936 100 1936 0 0 52643 0 --:--:-- --:--:-- --:--:-- 53777
[
{
"ID": 334917,
"exploit_type": "OffensiveSecurity",
"exploit_unique_id": "10180",
"url": "https://www.exploit-db.com/exploits/10180",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"cve_id": "CVE-2009-4091",
"offensive_security": {
"ID": 334917,
"ExploitID": 334917,
"exploit_unique_id": "10180",
"document": {
"OffensiveSecurityID": 334917,
"exploit_unique_id": "10180",
"document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"date": "0001-01-01T00:00:00Z",
"author": "Amol Naik",
"type": "webapps",
"platform": "php",
"port": ""
},
"shell_code": null,
}
},
{
"ID": 334918,
"exploit_type": "OffensiveSecurity",
"exploit_unique_id": "10180",
"url": "https://www.exploit-db.com/exploits/10180",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"cve_id": "CVE-2009-4092",
"offensive_security": {
"ID": 334917,
"ExploitID": 334917,
"exploit_unique_id": "10180",
"document": {
"OffensiveSecurityID": 334917,
"exploit_unique_id": "10180",
"document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"date": "0001-01-01T00:00:00Z",
"author": "Amol Naik",
"type": "webapps",
"platform": "php",
"port": ""
},
"shell_code": null,
}
},
{
"ID": 334919,
"exploit_type": "OffensiveSecurity",
"exploit_unique_id": "10180",
"url": "https://www.exploit-db.com/exploits/10180",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"cve_id": "CVE-2009-4093",
"offensive_security": {
"ID": 334917,
"ExploitID": 334917,
"exploit_unique_id": "10180",
"document": {
"OffensiveSecurityID": 334917,
"exploit_unique_id": "10180",
"document_url": "https://github.com/offensive-security/exploitdb/exploits/php/webapps/10180.txt",
"description": "Simplog 0.9.3.2 - Multiple Vulnerabilities",
"date": "0001-01-01T00:00:00Z",
"author": "Amol Naik",
"type": "webapps",
"platform": "php",
"port": ""
},
"shell_code": null,
}
}
]
