Next-generation exploit suggester based on Linux_Exploit_Suggester
Key Improvements Include:
- More exploits! (Last updated: Nov 5, 2017)
- Accurate wildcard matching. This expands the scope of searchable exploits.
- Output colorization for easy viewing.
- And more to come!
When run without arguments, this program performs a 'uname -r' to grab the Linux operating system release version, and returns a list of possible exploits. Links to applicable exploit POCs are included. Keep in mind that a patched/back-ported patch may fool this script.
In addition, you can use the '-k' flag to manually enter a wildcard for the kernel/operating system release version.
This script is extremely useful for quickly finding privilege escalation vulnerabilities both in on-site and exam environments.
Specific kernel matching:
$ ./linux-exploit-suggester.pl -k 3.5.0 Local Kernel: 3.5.0 Searching among 69 exploits... Possible Exploits: [+] dirty_cow CVE-2016-5195 Source: https://www.exploit-db.com/exploits/40616/ [+] msr CVE-2013-0268 Source: http://www.exploit-db.com/exploits/27297/ [+] perf_swevent CVE-2013-2094 Source: http://www.exploit-db.com/download/26131 [+] pp_key CVE-2016-0728 Source: https://www.exploit-db.com/exploits/39277/ [+] timeoutpwn CVE-2014-0038 Source: http://www.exploit-db.com/exploits/31346/
Wildcard matching:
$ ./linux-exploit-suggester.pl -k 3 Local Kernel: 3 Searching among 69 exploits... Possible Exploits: [+] dirty_cow (3.0.0) CVE-2016-5195 Source: https://www.exploit-db.com/exploits/40616/ [+] memodipper (3.0.0) CVE-2012-0056 Source: http://www.exploit-db.com/exploits/18411/ [+] msr (3.0.0) CVE-2013-0268 Source: http://www.exploit-db.com/exploits/27297/ [+] overlayfs (3.13.0) CVE-2015-8660 Source: https://www.exploit-db.com/exploits/39230/ [+] perf_swevent (3.0.0) CVE-2013-2094 Source: http://www.exploit-db.com/download/26131 [+] pp_key (3.4.0) CVE-2016-0728 Source: https://www.exploit-db.com/exploits/39277/ [+] rawmodePTY (3.14.0) CVE-2014-0196 Source: http://packetstormsecurity.com/files/download/126603/cve-2014-0196-md.c [+] semtex (3.0.0) CVE-2013-2094 Source: http://www.exploit-db.com/download/25444/ [+] timeoutpwn (3.4.0) CVE-2014-0038 Source: http://www.exploit-db.com/exploits/31346/