How to Get Exploits

Posted on

When you are looking for the methods to hack the system, you need the certain exploit to take advantage of the certain vulnerability in the operating system, service, or application. Do not forget that exploitation is very specific, there is no one silver bullet that will allow you to exploit all systems. You will have to find the exploit that will specifically take advantage of the vulnerability in the system that you are attacking. It is what the thing called Exploit Database can be useful.

Exploit Database or EDB is the name of the project of Offensive Security. This one will help you to get the exploit that will work in the certain circumstance. Then, if you think that it will work on your target, you are able to simply copy and paste it into Kali for the attack.

The first step is to fire up Kali and open the browser such as Iceweasel, the name of the default browser in Kali. If you use the default browser in Kali, you are able to see that there is the built in shortcut to the Exploit DB in the browser shortcut bar. When you click on it, it will take you to the Exploit Database. For those who are not using Iceweasel and its built in shortcut, you can navigate to Exploit DB.

The second step is to search the Exploit Database. If you look at the top menu bar in the official website of the Exploit Database, the second thing from the right is the menu item named “Search”. You can click on it. It will enable you to search the database of exploits and returns the search function screen. You can use this function to find some recent Windows exploits. In the search window, you are able to enter any of the information such as description, free text search, author, platform, type, language, port, OSVDB, or CVE.

The third step is to open the exploit. Fro the search results page, you have to click on any of the two pages of search results and it will take you to the certain exploit. For instance, when you click on the first exploit in the list entitled “Internet Explorer TextRange Use-After Free (MS14_012), you will be taken to the screen that displays the exploit code.

The fourth one is to open up searchsploit. Aside from being developed by Offensives Security, Kali has built into the local database of exploits based on the same Exploit Database. You can access it by heading to Applications > Kali Linux > Exploitation Tools > Exploit Database and clicking on searchsploit.

The fifth one is to search the Exploit Database with searchsploit. As you have opened the terminal for searchsploit, yo can now use the tool to search the local copy of the Exploit Database. in fact, the local copy of the exploit database is faster to search. However, it does not have all the updates that the online database does. Despite the fact, this one works faster and is effective, unless you are looking for the newest exploits.

Leave a Reply

Your email address will not be published. Required fields are marked *