Results 1 to 2 of 2

Thread: 2PL017, a tool for efficiently finding the exploit you need

  1. #1
    Join Date
    2017-Dec
    Posts
    1

    2PL017, a tool for efficiently finding the exploit you need

    Hi guys,

    This is to introduce a tool I have developed to improve the task of searching for exploits, especially linux kernel exploits.

    I have always found a bit awkward the process of searching for exploits with searchsploit or the online exploit database search application or google. With the latter, there are captchas, sometimes hard to solve (those street sign pictures...) or it is easy to repeat the same exploits, especially Linux Kernel exploits for privesc. Another problem is that, with the nomenclature they use in the exploit database, sometimes it is very easy to overlook exploits that are the right ones, but in their name the kernel version is not very specific. With searchsploit, it is also awkward to have to use (at least that's the fastest I could find) locate, cat and grep, and to chain several greps, to find what you need.

    I have written a python GUI program that is very simple to use, and (in my opinion) a much better alternative to the existing ones, overcoming the limitations that they have. It only searches the Exploit database, since it runs local (no packet storm, etc), but for most cases we just use Exploit DB, right ?

    Here is the source file: https://github.com/antlarac/2PL017

    Hope you guyz find it helpful, I know I do!

    There is a couple of minor additions I will make soon to this program.

    Thanks, hope it helps!!

  2. #2
    Join Date
    2016-Dec
    Location
    Canada
    Posts
    209
    Quote Originally Posted by antlarac View Post
    Hi guys,

    This is to introduce a tool I have developed to improve the task of searching for exploits, especially linux kernel exploits.

    I have always found a bit awkward the process of searching for exploits with searchsploit or the online exploit database search application or google. With the latter, there are captchas, sometimes hard to solve (those street sign pictures...) or it is easy to repeat the same exploits, especially Linux Kernel exploits for privesc. Another problem is that, with the nomenclature they use in the exploit database, sometimes it is very easy to overlook exploits that are the right ones, but in their name the kernel version is not very specific. With searchsploit, it is also awkward to have to use (at least that's the fastest I could find) locate, cat and grep, and to chain several greps, to find what you need.

    I have written a python GUI program that is very simple to use, and (in my opinion) a much better alternative to the existing ones, overcoming the limitations that they have. It only searches the Exploit database, since it runs local (no packet storm, etc), but for most cases we just use Exploit DB, right ?

    Here is the source file: https://github.com/antlarac/2PL017

    Hope you guyz find it helpful, I know I do!

    There is a couple of minor additions I will make soon to this program.

    Thanks, hope it helps!!
    Great program, code needs editing because the location of exploit. files isnt where it says.
    easy to start; hard to finish

Similar Threads

  1. Replies: 0
    Last Post: 2017-05-03, 14:47
  2. Replies: 3
    Last Post: 2016-02-02, 13:26

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •