Guide on Searchsploit

Hey guys Ashish this side. In this write-up, I’m going to share some basic info about the Searchsploit tool, So let’s hop into it.

Introduction to SearchSploit

Included in the Exploit Database repository on GitHub is “searchsploit”, a command line search tool for Exploit-DB that also allows you to take a copy of Exploit Database with you, everywhere you go. SearchSploit gives you the power to perform detailed offline searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.

Source: https://www.exploit-db.com/searchsploit/

Installation

sudo apt -y install exploitdb

After installation is complete we can execute it from any location of our terminal.

searchsploit

If your tool is outdated then you can use the “-u” option which will automatically update your tool.

searchsploit -u

Title Searching

Using the –t option enables the “title” parameter to search for an exploit with a specific title. Because by default, searchsploit will try both the title of the exploit as well as the path. Searching for an exploit with a specific title gives quick and sorted results.

searchsploit -t 

The above command will search for exploits related to the php platform and will show all exploits available in the exploit DB database.

Advance Title Searching

Even you can use the –t option, to get the more fine result in finding the exploit of any particular platform. For example, if you want to find out php exploit for the windows platform, then you can consider the following command.

searchsploit -t php windows

Now you can compare the current output result with the previous result.

Copy To Directory

using –m options enable “copy to directory/folder parameter” as this option provides the same information as above related to the exploit, as well as copies the exploit in your current working directory.

searchsploit 36746
searchsploit -m 36746

Examine an Exploit

Using — examine option enables examine parameter to read the functionality of that exploit with the help of $PAGER.

searchsploit 36746 --examine

The above command will open the text file of the exploit to review its functionality, code, and other information.

Examining Nmap result

As we all know, Nmap has a very remarkable feature that lets you save its output result in .xml format and we can identify each exploit associated with the Nmap XML file.

nmap -sV 192.168.186.135 -oX result.xml

With the help of the above command, we have saved the scanning result of Nmap in an XML file, so that we can search for the exploit related to scanned ports/services.

searchsploit --nmap result.xml

Here you can observe that it is using the verbose mode to examine XML files and had shown all possible exploits of running services.

Exploit-DB Online

Using the –w option enables website URL because on its website you will get more detailed information such as CVE-ID, setup files, tags, and vulnerability mappings which are not included in searchsploit.

searchsploit ubuntu 2.4.7 –w

The above command will show all available Exploit DB website links for the exploit related to Ubuntu 2.4.7.

Eliminate Unwanted Results

using –exclude option, it enables exclude parameter to remove the unwanted result from inside the list of exploits. You can also remove multiple terms by separating the terms with a “|” (pipe). This can be considered in the following:

searchsploit ubuntu 2.4.7
searchsploit ubuntu 2.4.7 --exclude="Privilege Escalation"

In the following image, we have shown the default result varies when we use –exclude option it. Even you can eliminate more terms with the help of “|” (pipe)

Moreover, we can use the universal Grep command to remove the unwanted result from its output result. This can be considered in the following:

searchsploit ubuntu 14.04
searchsploit ubuntu 14.04 | grep "Buffer Overflow"

The above command will only look for all available exploits of ubuntu 14.04 on Buffer Overflow and dump the result.

If this article was helpful consider following me and a clap would really motivate me to write more such blogs & articles.

Keep Coming for more.

Happy Hacking!!!