refer to:
https://github.com/jondonas/linux-exploit-suggester-2
这个1.5k star, 用起来还可以。
1. 下载脚本。
2. 运行: perl ./linux-exploit-suggester-2.pl
就可以看到各种信息(基于当前的linux版本, 然后得到多少漏洞,附带自动下载脚本的功能)
$ ./linux-exploit-suggester-2.pl
Local Kernel: 4.4.0
Searching among 73 exploits...
Possible Exploits
[1] af_packet
CVE-2016-8655
Source: http://www.exploit-db.com/exploits/40871
[2] dirty_cow
CVE-2016-5195
Source: http://www.exploit-db.com/exploits/40616
[3] exploit_x
CVE-2018-14665
Source: http://www.exploit-db.com/exploits/45697
[4] get_rekt
CVE-2017-16695
Source: http://www.exploit-db.com/exploits/45010
3. 每个下载下来的脚本,在顶部注释都有基本的使用方法(当然了也需要使用者知道这些漏洞的基本原理和用法)
$ ./linux-exploit-suggester-2.pl -d Exploit Download (Download all: 'a' / Individually: '2,4,5' / Exit: ^c) Select exploits to download: a Downloading https://www.exploit-db.com/raw/40871 -> exploit_af_packet Downloading https://www.exploit-db.com/raw/40616 -> exploit_dirty_cow Downloading https://www.exploit-db.com/raw/45697 -> exploit_exploit_x Downloading https://www.exploit-db.com/raw/45010 -> exploit_get_rekt
然后就可以下载了。
下载之后的使用:
一般来说, 基本中都会有基本的用法提示。
