1. Introduction to ExploitDB
ExploitDB is a vulnerability submission platform for hackers all over the world. The platform will announce the latest vulnerabilities, which can help companies improve the company's security situation, and also help security researchers and penetration test engineers to better conduct security testing. . Exploit-DB provides a complete set of huge archive system, which covers various public attack events, vulnerability reports, security articles, technical tutorials and other resources.
2. Find the vulnerable code online
Search on https://www.exploit-db.com/
3. Find the vulnerable code offline
Use the searchsploit command line tool.
1. Update the database
2. View help information
3. Find vulnerabilities
By default , and are used to filter out Metasploit scripts. Then put the script into
the directory /usr/share/metasploit-framework/modules/**/
corresponding to msf , and then execute reload_all under msfconle
to use it.
4. View the function code of the specific ID
5. Copy path, or file
Copy path : searchsploit -p EDB-ID
Copy the code file to the current directory: searchsploit -m EDB-ID
