linux提权辅助工具(二):linux-exploit-suggester-2.pl
来自:https://github.com/jondonas/linux-exploit-suggester-2/blob/master/linux-exploit-suggester-2.pl
#!/usr/bin/perl
use strict;
use warnings;
use Getopt::Std; our $VERSION = '1.1'; my %opts;
getopt( 'k,h', \%opts );
usage() if exists $opts{h}; my ( $khost, $is_partial ) = get_kernel();
print "\n\e[00;33m #############################\e[00m\n";
print "\e[00;31m Linux Exploit Suggester 2\e[00m\n";
print "\e[00;33m #############################\e[00m\n";
print "\n Local Kernel: $khost\n"; my %exploits = get_exploits();
print ' Searching among ' . scalar keys(%exploits) . " exploits...\n\n";
print " \e[00;35mPossible Exploits:\e[00m\n"; EXPLOIT:
foreach my $key ( sort keys %exploits ) {
foreach my $kernel ( @{ $exploits{$key}{vuln} } ) { if ( $khost eq $kernel
or ( $is_partial and index($kernel,$khost) == )
) {
print "\e[00;33m[\e[00m\e[00;31m+\e[00m\e[00;33m]\e[00m ";
print "\e[00;33m$key\e[00m";
print " \e[00;33m($kernel)\e[00m" if $is_partial; my $alt = $exploits{$key}{alt};
my $cve = $exploits{$key}{cve};
my $mlw = $exploits{$key}{mil};
if ( $alt or $cve ) {
print "\n";
}
if ( $alt ) { print " Alt: $alt "; }
if ( $cve ) { print " CVE-$cve"; }
if ( $mlw ) { print "\n Source: $mlw"; }
print "\n";
next EXPLOIT;
}
}
}
print "\n";
exit; ######################
## extra functions ##
###################### sub get_kernel {
my $khost = ''; if ( exists $opts{k} ) {
$khost = $opts{k};
}
else {
$khost = `uname -r |cut -d"-" -f1`;
chomp $khost;
} # partial kernels might be provided by the user,
# such as '2.4' or '2.6.'
my $is_partial = $khost =~ /^\d+\.\d+\.\d?/ ? : ;
return ( $khost, $is_partial );
} sub usage {
print <<"EOUSAGE";
Linux Exploit Suggester $VERSION
Usage: \t$ [-h] [-k kernel] [-h] help (this message)
[-k] kernel number eg. 2.6. You can also provide a partial kernel version (eg. 2.4)
to see all exploits available. EOUSAGE
} sub get_exploits {
return (
'w00t' => {
vuln => [
'2.4.10', '2.4.16', '2.4.17', '2.4.18',
'2.4.19', '2.4.20', '2.4.21',
]
},
'brk' => {
vuln => [ '2.4.10', '2.4.18', '2.4.19', '2.4.20', '2.4.21', '2.4.22' ],
},
'ave' => { vuln => [ '2.4.19', '2.4.20' ] }, 'elflbl' => {
vuln => ['2.4.29'],
mil => 'http://www.exploit-db.com/exploits/744/',
}, 'elfdump' => { vuln => ['2.4.27'] },
'elfcd' => { vuln => ['2.6.12'] },
'expand_stack' => { vuln => ['2.4.29'] }, 'h00lyshit' => {
vuln => [
'2.6.8', '2.6.10', '2.6.11', '2.6.12',
'2.6.13', '2.6.14', '2.6.15', '2.6.16',
],
cve => '2006-3626',
mil => 'http://www.exploit-db.com/exploits/2013/',
}, 'kdump' => { vuln => ['2.6.13'] },
'km2' => { vuln => [ '2.4.18', '2.4.22' ] },
'krad' =>
{ vuln => [ '2.6.5', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11' ] }, 'krad3' => {
vuln => [ '2.6.5', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11' ],
mil => 'http://exploit-db.com/exploits/1397',
}, 'local26' => { vuln => ['2.6.13'] },
'loko' => { vuln => [ '2.4.22', '2.4.23', '2.4.24' ] }, 'mremap_pte' => {
vuln => [ '2.4.20', '2.2.24', '2.4.25', '2.4.26', '2.4.27' ],
mil => 'http://www.exploit-db.com/exploits/160/',
}, 'newlocal' => { vuln => [ '2.4.17', '2.4.19' ] },
'ong_bak' => { vuln => ['2.6.5'] },
'ptrace' =>
{ vuln => [ '2.4.18', '2.4.19', '2.4.20', '2.4.21', '2.4.22' ] },
'ptrace_kmod' => {
vuln => [ '2.4.18', '2.4.19', '2.4.20', '2.4.21', '2.4.22' ],
cve => '2007-4573',
},
'ptrace_kmod2' => {
vuln => [
'2.6.26', '2.6.27', '2.6.28', '2.6.29', '2.6.30', '2.6.31',
'2.6.32', '2.6.33', '2.6.34',
],
alt => 'ia32syscall,robert_you_suck',
mil => 'http://www.exploit-db.com/exploits/15023/',
cve => '2010-3301',
},
'ptrace24' => { vuln => ['2.4.9'] },
'pwned' => { vuln => ['2.6.11'] },
'py2' => { vuln => [ '2.6.9', '2.6.17', '2.6.15', '2.6.13' ] },
'raptor_prctl' => {
vuln => [ '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17' ],
cve => '2006-2451',
mil => 'http://www.exploit-db.com/exploits/2031/',
},
'prctl' => {
vuln => [ '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17' ],
mil => 'http://www.exploit-db.com/exploits/2004/',
},
'prctl2' => {
vuln => [ '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17' ],
mil => 'http://www.exploit-db.com/exploits/2005/',
},
'prctl3' => {
vuln => [ '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17' ],
mil => 'http://www.exploit-db.com/exploits/2006/',
},
'prctl4' => {
vuln => [ '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17' ],
mil => 'http://www.exploit-db.com/exploits/2011/',
},
'remap' => { vuln => ['2.4'] },
'rip' => { vuln => ['2.2'] },
'stackgrow2' => { vuln => [ '2.4.29', '2.6.10' ] },
'uselib24' => {
vuln => [ '2.6.10', '2.4.17', '2.4.22', '2.4.25', '2.4.27', '2.4.29' ]
},
'newsmp' => { vuln => ['2.6'] },
'smpracer' => { vuln => ['2.4.29'] },
'loginx' => { vuln => ['2.4.22'] },
'exp.sh' => { vuln => [ '2.6.9', '2.6.10', '2.6.16', '2.6.13' ] },
'vmsplice1' => {
vuln => [
'2.6.17', '2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22',
'2.6.23', '2.6.24', '2.6.24.1',
],
alt => 'jessica biel',
cve => '2008-0600',
mil => 'http://www.exploit-db.com/exploits/5092',
},
'vmsplice2' => {
vuln => [ '2.6.23', '2.6.24' ],
alt => 'diane_lane',
cve => '2008-0600',
mil => 'http://www.exploit-db.com/exploits/5093',
},
'vconsole' => {
vuln => ['2.6'],
cve => '2009-1046',
},
'sctp' => {
vuln => ['2.6.26'],
cve => '2008-4113',
},
'ftrex' => {
vuln => [
'2.6.11', '2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16',
'2.6.17', '2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22',
],
cve => '2008-4210',
mil => 'http://www.exploit-db.com/exploits/6851',
},
'exit_notify' => {
vuln => [ '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29' ],
mil => 'http://www.exploit-db.com/exploits/8369',
},
'udev' => {
vuln => [ '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29' ],
alt => 'udev <1.4.1',
cve => '2009-1185',
mil => 'http://www.exploit-db.com/exploits/8478',
}, 'sock_sendpage2' => {
vuln => [
'2.4.4', '2.4.5', '2.4.6', '2.4.7', '2.4.8', '2.4.9',
'2.4.10', '2.4.11', '2.4.12', '2.4.13', '2.4.14', '2.4.15',
'2.4.16', '2.4.17', '2.4.18', '2.4.19', '2.4.20', '2.4.21',
'2.4.22', '2.4.23', '2.4.24', '2.4.25', '2.4.26', '2.4.27',
'2.4.28', '2.4.29', '2.4.30', '2.4.31', '2.4.32', '2.4.33',
'2.4.34', '2.4.35', '2.4.36', '2.4.37', '2.6.0', '2.6.1',
'2.6.2', '2.6.3', '2.6.4', '2.6.5', '2.6.6', '2.6.7',
'2.6.8', '2.6.9', '2.6.10', '2.6.11', '2.6.12', '2.6.13',
'2.6.14', '2.6.15', '2.6.16', '2.6.17', '2.6.18', '2.6.19',
'2.6.20', '2.6.21', '2.6.22', '2.6.23', '2.6.24', '2.6.25',
'2.6.26', '2.6.27', '2.6.28', '2.6.29', '2.6.30',
],
alt => 'proto_ops',
cve => '2009-2692',
mil => 'http://www.exploit-db.com/exploits/9436',
}, 'sock_sendpage' => {
vuln => [
'2.4.4', '2.4.5', '2.4.6', '2.4.7', '2.4.8', '2.4.9',
'2.4.10', '2.4.11', '2.4.12', '2.4.13', '2.4.14', '2.4.15',
'2.4.16', '2.4.17', '2.4.18', '2.4.19', '2.4.20', '2.4.21',
'2.4.22', '2.4.23', '2.4.24', '2.4.25', '2.4.26', '2.4.27',
'2.4.28', '2.4.29', '2.4.30', '2.4.31', '2.4.32', '2.4.33',
'2.4.34', '2.4.35', '2.4.36', '2.4.37', '2.6.0', '2.6.1',
'2.6.2', '2.6.3', '2.6.4', '2.6.5', '2.6.6', '2.6.7',
'2.6.8', '2.6.9', '2.6.10', '2.6.11', '2.6.12', '2.6.13',
'2.6.14', '2.6.15', '2.6.16', '2.6.17', '2.6.18', '2.6.19',
'2.6.20', '2.6.21', '2.6.22', '2.6.23', '2.6.24', '2.6.25',
'2.6.26', '2.6.27', '2.6.28', '2.6.29', '2.6.30',
],
alt => 'wunderbar_emporium',
cve => '2009-2692',
mil => 'http://www.exploit-db.com/exploits/9435',
},
'udp_sendmsg_32bit' => {
vuln => [
'2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5', '2.6.6',
'2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11', '2.6.12',
'2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17', '2.6.18',
'2.6.19',
],
cve => '2009-2698',
mil =>
'http://downloads.securityfocus.com/vulnerabilities/exploits/36108.c',
},
'pipe.c_32bit' => {
vuln => [
'2.4.4', '2.4.5', '2.4.6', '2.4.7', '2.4.8', '2.4.9',
'2.4.10', '2.4.11', '2.4.12', '2.4.13', '2.4.14', '2.4.15',
'2.4.16', '2.4.17', '2.4.18', '2.4.19', '2.4.20', '2.4.21',
'2.4.22', '2.4.23', '2.4.24', '2.4.25', '2.4.26', '2.4.27',
'2.4.28', '2.4.29', '2.4.30', '2.4.31', '2.4.32', '2.4.33',
'2.4.34', '2.4.35', '2.4.36', '2.4.37', '2.6.15', '2.6.16',
'2.6.17', '2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22',
'2.6.23', '2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28',
'2.6.29', '2.6.30', '2.6.31',
],
cve => '2009-3547',
mil =>
'http://www.securityfocus.com/data/vulnerabilities/exploits/36901-1.c',
},
'do_pages_move' => {
vuln => [
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31',
],
alt => 'sieve',
cve => '2010-0415',
mil => 'Spenders Enlightenment',
},
'reiserfs' => {
vuln => [
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34',
],
cve => '2010-1146',
mil => 'http://www.exploit-db.com/exploits/12130/',
},
'can_bcm' => {
vuln => [
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
cve => '2010-2959',
mil => 'http://www.exploit-db.com/exploits/14814/',
},
'rds' => {
vuln => [
'2.6.30', '2.6.31', '2.6.32', '2.6.33',
'2.6.34', '2.6.35', '2.6.36',
],
mil => 'http://www.exploit-db.com/exploits/15285/',
cve => '2010-3904',
},
'half_nelson' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
alt => 'econet',
cve => '2010-3848',
mil => 'http://www.exploit-db.com/exploits/6851',
},
'half_nelson1' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
alt => 'econet',
cve => '2010-3848',
mil => 'http://www.exploit-db.com/exploits/17787/',
},
'half_nelson2' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
alt => 'econet',
cve => '2010-3850',
mil => 'http://www.exploit-db.com/exploits/17787/',
},
'half_nelson3' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
alt => 'econet',
cve => '2010-4073',
mil => 'http://www.exploit-db.com/exploits/17787/',
},
'caps_to_root' => {
vuln => [ '2.6.34', '2.6.35', '2.6.36' ],
cve => 'n/a',
mil => 'http://www.exploit-db.com/exploits/15916/',
},
'american-sign-language' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
cve => '2010-4347',
mil => 'http://www.securityfocus.com/bid/45408/',
},
'pktcdvd' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35',
'2.6.36',
],
cve => '2010-3437',
mil => 'http://www.exploit-db.com/exploits/15150/',
},
'video4linux' => {
vuln => [
'2.6.0', '2.6.1', '2.6.2', '2.6.3', '2.6.4', '2.6.5',
'2.6.6', '2.6.7', '2.6.8', '2.6.9', '2.6.10', '2.6.11',
'2.6.12', '2.6.13', '2.6.14', '2.6.15', '2.6.16', '2.6.17',
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.28', '2.6.29',
'2.6.30', '2.6.31', '2.6.32', '2.6.33',
],
cve => '2010-3081',
mil => 'http://www.exploit-db.com/exploits/15024/',
},
'memodipper' => {
vuln => [
'2.6.39', '3.0.0', '3.0.1', '3.0.2', '3.0.3', '3.0.4',
'3.0.5', '3.0.6', '3.1.0',
],
cve => '2012-0056',
mil => 'http://www.exploit-db.com/exploits/18411/',
},
'semtex' => {
vuln => [
'2.6.37', '2.6.38', '2.6.39', '3.0.0', '3.0.1', '3.0.2',
'3.0.3', '3.0.4', '3.0.5', '3.0.6', '3.1.0',
],
cve => '2013-2094',
mil => 'http://www.exploit-db.com/download/25444/',
},
'perf_swevent' => {
vuln => [
'3.0.0', '3.0.1', '3.0.2', '3.0.3', '3.0.4', '3.0.5',
'3.0.6', '3.1.0', '3.2.0', '3.3.0', '3.4.0', '3.4.1',
'3.4.2', '3.4.3', '3.4.4', '3.4.5', '3.4.6', '3.4.8',
'3.4.9', '3.5.0', '3.6.0', '3.7.0', '3.8.0', '3.8.1',
'3.8.2', '3.8.3', '3.8.4', '3.8.5', '3.8.6', '3.8.7',
'3.8.8', '3.8.9',
],
cve => '2013-2094',
mil => 'http://www.exploit-db.com/download/26131',
},
'msr' => {
vuln => [
'2.6.18', '2.6.19', '2.6.20', '2.6.21', '2.6.22', '2.6.23',
'2.6.24', '2.6.25', '2.6.26', '2.6.27', '2.6.27', '2.6.28',
'2.6.29', '2.6.30', '2.6.31', '2.6.32', '2.6.33', '2.6.34',
'2.6.35', '2.6.36', '2.6.37', '2.6.38', '2.6.39', '3.0.0',
'3.0.1', '3.0.2', '3.0.3', '3.0.4', '3.0.5', '3.0.6',
'3.1.0', '3.2.0', '3.3.0', '3.4.0', '3.5.0', '3.6.0',
'3.7.0', '3.7.6',
],
cve => '2013-0268',
mil => 'http://www.exploit-db.com/exploits/27297/',
},
'timeoutpwn' => {
vuln => [
'3.4.0', '3.5.0', '3.6.0', '3.7.0', '3.8.0', '3.8.9',
'3.9.0', '3.10.0', '3.11.0', '3.12.0', '3.13.0', '3.4.0',
'3.5.0', '3.6.0', '3.7.0', '3.8.0', '3.8.5', '3.8.6',
'3.8.9', '3.9.0', '3.9.6', '3.10.0', '3.10.6', '3.11.0',
'3.12.0', '3.13.0', '3.13.1'
],
cve => '2014-0038',
mil => 'http://www.exploit-db.com/exploits/31346/',
},
'rawmodePTY' => {
vuln => [
'2.6.31', '2.6.32', '2.6.33', '2.6.34', '2.6.35', '2.6.36',
'2.6.37', '2.6.38', '2.6.39', '3.14.0', '3.15.0'
],
cve => '2014-0196',
mil => 'http://packetstormsecurity.com/files/download/126603/cve-2014-0196-md.c',
},
'overlayfs' => {
vuln => [
'3.13.0', '3.16.0', '3.19.0'
],
cve => '2015-8660',
mil => 'https://www.exploit-db.com/exploits/39230/',
},
'pp_key' => {
vuln => [
'3.4.0', '3.5.0', '3.6.0', '3.7.0', '3.8.0', '3.8.1',
'3.8.2', '3.8.3', '3.8.4', '3.8.5', '3.8.6', '3.8.7',
'3.8.8', '3.8.9', '3.9.0', '3.9.6', '3.10.0', '3.10.6',
'3.11.0', '3.12.0', '3.13.0', '3.13.1'
],
cve => '2016-0728',
mil => 'https://www.exploit-db.com/exploits/39277/',
},
'dirty_cow' => {
vuln => [
'2.6.22', '2.6.23', '2.6.24', '2.6.25', '2.6.26', '2.6.27',
'2.6.27', '2.6.28', '2.6.29', '2.6.30', '2.6.31', '2.6.32',
'2.6.33', '2.6.34', '2.6.35', '2.6.36', '2.6.37', '2.6.38',
'2.6.39', '3.0.0', '3.0.1', '3.0.2', '3.0.3', '3.0.4',
'3.0.5', '3.0.6', '3.1.0', '3.2.0', '3.3.0', '3.4.0',
'3.5.0', '3.6.0', '3.7.0', '3.7.6', '3.8.0', '3.9.0',
'3.10.0', '3.11.0', '3.12.0', '3.13.0', '3.14.0', '3.15.0',
'3.16.0', '3.17.0', '3.18.0', '3.19.0', '4.0.0', '4.1.0',
'4.2.0', '4.3.0', '4.4.0', '4.5.0', '4.6.0', '4.7.0'
],
cve => '2016-5195',
mil => 'https://www.exploit-db.com/exploits/40616/',
},
'af_packet' => {
vuln => ['4.4.0' ],
cve => '2016-8655',
mil => 'https://www.exploit-db.com/exploits/40871/',
},
'packet_set_ring' => {
vuln => ['4.8.0' ],
cve => '2017-7308',
mil => 'https://www.exploit-db.com/exploits/41994/',
},
'clone_newuser' => {
vuln => [
'3.3.5', '3.3.4', '3.3.2', '3.2.13', '3.2.9', '3.2.1',
'3.1.8', '3.0.5', '3.0.4', '3.0.2', '3.0.1', '3.2', '3.0.1', '3.0'
],
cve => 'N\A',
mil => 'https://www.exploit-db.com/exploits/38390/',
},
'get_rekt' => {
vuln => [
'4.4.0', '4.8.0', '4.10.0', '4.13.0'
],
cve => '2017-16695',
mil => 'https://www.exploit-db.com/exploits/45010',
},
'exploit_x' => {
vuln => [
'2.6.22', '2.6.23', '2.6.24', '2.6.25', '2.6.26', '2.6.27',
'2.6.27', '2.6.28', '2.6.29', '2.6.30', '2.6.31', '2.6.32',
'2.6.33', '2.6.34', '2.6.35', '2.6.36', '2.6.37', '2.6.38',
'2.6.39', '3.0.0', '3.0.1', '3.0.2', '3.0.3', '3.0.4',
'3.0.5', '3.0.6', '3.1.0', '3.2.0', '3.3.0', '3.4.0',
'3.5.0', '3.6.0', '3.7.0', '3.7.6', '3.8.0', '3.9.0',
'3.10.0', '3.11.0', '3.12.0', '3.13.0', '3.14.0', '3.15.0',
'3.16.0', '3.17.0', '3.18.0', '3.19.0', '4.0.0', '4.1.0',
'4.2.0', '4.3.0', '4.4.0', '4.5.0', '4.6.0', '4.7.0'
],
cve => '2018-14665',
mil => 'https://www.exploit-db.com/exploits/45697',
},
);
} __END__
=head1 NAME linux_exploit_suggester-.pl - A local exploit suggester for linux =head1 DESCRIPTION This perl script will enumerate the possible exploits available for a given kernel version =head1 USAGE
$ Local_Exploit_Checker [-h] [-k kernel] [-h] help You can also provide a partial kernel version (eg. 2.4)
to see all exploits available. =head1 AUTHOR Jonathan Donas (c) =head1 CHANGELOG
-- added exploit_x -- added get_rekt -- added clone_newuser -- added packet_set_ring -- added af_packet -- added dirty_cow -- added overlayfs and pp_key =cut =head1 LICENSE Linux Exploit Suggester This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version of the License, or
(at your option) any later version. This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
Franklin Street, Fifth Floor, Boston, MA - USA. =cut
linux提权辅助工具(二):linux-exploit-suggester-2.pl的更多相关文章
- 又一款linux提权辅助工具
又一款linux提权辅助工具 – Linux_Exploit_Suggester 2013-09-06 10:34 1455人阅读 评论(0) 收藏 举报 https://github.com/Pen ...
- linux提权辅助工具(三):privchecker.py
来自:https://www.securitysift.com/download/linuxprivchecker.py #!/usr/env python ##################### ...
- linux提权辅助工具(一):linux-exploit-suggester.sh
来自:https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh ...
- linux提权辅助工具(四):LinEnum.sh
来自:https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh #!/bin/bash #A script to e ...
- 后渗透提权辅助工具BeRoot详解
0x00 工具介绍 前言 BeRoot是一个后期开发工具,用于检查常见的Windows的配置错误,以方便找到提高我们提权的方法.其二进制编译地址为: https://github.com/Alessa ...
- windows提权辅助工具koadic
项目地址:https://github.com/zerosum0x0/koadic ┌─[root@sch01ar]─[/sch01ar] └──╼ #git clone https://github ...
- 提权辅助工具:Windows--exploit-suggester.py安装及使用
下载地址 https://github.com/AonCyberLabs/Windows-Exploit-Suggester1.安装xlrd包(注意python2.3版本的pip问题) ...
- Unix/Linux提权漏洞快速检测工具unix-privesc-check
Unix/Linux提权漏洞快速检测工具unix-privesc-check unix-privesc-check是Kali Linux自带的一款提权漏洞检测工具.它是一个Shell文件,可以检测 ...
- Enumy:一款功能强大的Linux后渗透提权枚举工具
Enumy是一款功能强大的Linux后渗透提权枚举工具,该工具是一个速度非常快的可移植可执行文件,广大研究人员可以在针对Linux设备的渗透测试以及CTF的后渗透阶段利用该工具实现权限提升,而Enum ...
随机推荐
- 003-and design-dva.js 知识导图-02-Reducer,Effect,Subscription,Router,dva配置,工具
一.Reducer reducer 是一个函数,接受 state 和 action,返回老的或新的 state .即:(state, action) => state 增删改 以 todos 为 ...
- 001-ant design安装及快速入门【基于纯antd的基本项目搭建】
一.安装使用 1.1.安装 推荐使用 npm 或 yarn 的方式进行开发 npm install antd --save yarn add antd 1.2.浏览器引入 在浏览器中使用 script ...
- java-mybaits-00101-基础安装配制
一.数据库安装 http://jingyan.baidu.com/article/363872ec2e27076e4ba16fc3.html 二.eclipse连接mysql http://jingy ...
- [py][mx]django实现根据城市和课程机构类别过滤
实现根据城市&课程机构过滤 实现点谁谁高亮,支持取交集. 直接上代码吧 本质上是过滤,多层过滤,取交集 def get(self, request): all_orgs = CourseOrg ...
- 什么是API测试
什么是API API是Application Programming Interface的简写. 实现了两个或多个独立系统或模块间的通信和数据交换能力. 什么是API测试 图片.png API测试是不 ...
- ZOJ Monthly, June 2018 Solution
A - Peer Review Water. #include <bits/stdc++.h> using namespace std; int t, n; int main() { sc ...
- ABP官方文档翻译 0.0 ABP官方文档翻译目录
一直想学习ABP,但囿于工作比较忙,没有合适的契机,当然最重要的还是自己懒.不知不觉从毕业到参加工作七年了,没留下点儿什么,总感觉很遗憾,所以今天终于卯足劲鼓起勇气开始写博客.有些事能做的很好,但要跟 ...
- P1083 借教室(差分+二分)
P1083 借教室 第一眼:线段树. 然鹅懒得写. 正解:差分+二分. 显然订单合法的上线可以二分 然后差分数组维护一下.没了. #include<iostream> #include&l ...
- supervisor初试
Supervisor (http://supervisord.org) 是一个用 Python 写的进程管理工具,可以很方便的用来启动.重启.关闭进程(不仅仅是 Python 进程).除了对单个进程的 ...
- android驱动学习---led实验
======================== 驱动: 内核:android-kernel 2.6.36 (必须对应你的板子上内核,不然会出现insmod错误) 目的:通过android应用层用户 ...