jondonas / linux-exploit-suggester-2 Goto Github PK
View Code? Open in Web Editor NEWNext-Generation Linux Kernel Exploit Suggester
License: GNU General Public License v2.0
Next-Generation Linux Kernel Exploit Suggester
License: GNU General Public License v2.0
Thx for you work @jondonas. Doing LES with perl is a good idea because it works on very old machines. So its a great alternative to mezt- LES that requires bash 4+ https://github.com/mzet-/linux-exploit-suggester/issues/53
Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory.
https://inventory.rawsec.ml/tools.html#Linux%20Exploit%20Suggester%202
An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.
More details about features here.
Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.
Mainly because this is giving visibility to your tool, more and more people are using the Rawsec's CyberSecurity Inventory, this helps them find what they need.
The badge shows to your community that your are inventoried. This also shows you care about your project and want it growing, that your tool is not an abandonware.
Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that , but there are several styles available.
If you want to thank us, you can help make the project better known by tweeting about it! For example:
That's all, this message is just to notify you if you care.
Consider adding in an option to select which exploit and have the script wget the source code down for you.
i.e.
Possible Exploits:
Select your exploit: 2
Obtaining code....
(background: the script performs wget https://www.exploit-db.com/raw/38390 -o 38390)
Just a thought.
hi guys
#Select exploits to download: a
result not download.
can you help me pls?
On kernel 2.6.28-11-generic LES2 is suggesting:
[+] half_nelson
Alt: econet CVE-2010-3848
Source: http://www.exploit-db.com/exploits/6851
But this exploit is for Linux kernel < 2.6.22 open/ftruncate local exploit
and of course 2.6.28 > 2.6.22
root@kali:# ./linux-exploit-suggester-2.pl -k 2.6.18 -d
...
Exploit Download
(Download all: 'a' / Individually: '2,4,5' / Exit: ^c)
Select exploits to download: a
Can't download exploit for american-sign-language
Downloading https://www.exploit-db.com/raw/14814 -> exploit_can_bcm
Can't download exploit for do_pages_move
Downloading https://www.exploit-db.com/raw/6851 -> exploit_ftrex
Downloading https://www.exploit-db.com/raw/17787 -> exploit_half_nelson1
Downloading https://www.exploit-db.com/raw/17787 -> exploit_half_nelson2
Downloading https://www.exploit-db.com/raw/17787 -> exploit_half_nelson3
Downloading https://www.exploit-db.com/raw/27297 -> exploit_msr
Can't download exploit for pipe.c_32bit
Downloading https://www.exploit-db.com/raw/15150 -> exploit_pktcdvd
Downloading https://www.exploit-db.com/raw/12130 -> exploit_reiserfs
Downloading https://www.exploit-db.com/raw/9435 -> exploit_sock_sendpage
Downloading https://www.exploit-db.com/raw/9436 -> exploit_sock_sendpage2
Can't download exploit for udp_sendmsg_32bit
Downloading https://www.exploit-db.com/raw/15024 -> exploit_video4linux
Downloading https://www.exploit-db.com/raw/5092 -> exploit_vmsplice1
pi@:~$ ./linux-exploit-suggester-2.pl
./linux-exploit-suggester-2.pl: command substitution: line 1: syntax error near unexpected token `newline'
./linux-exploit-suggester-2.pl: command substitution: line 1: `</span>uname -r |cut -d"-" -f1<span class="pl-pds">'
./linux-exploit-suggester-2.pl: line 1: payload:allShortcutsEnabled:false: command not found
pi@:~$ perl --version
This is perl 5, version 32,
run command ./linux-exploit-suggester-2.pl -k 4.4.0
get this
[2] dirty_cow
CVE-2016-5195
Source: http://www.exploit-db.com/exploits/40616
but the vul only exists in Linux Kernel 2.6.22 < 3.9 (x86/x64)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.