Exploit Search: XPL-Search

Posted on Posted in Tools

The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows.

The following items are required for the proper functioning of the script:

  • PHP Version (cli) 5.5.8 or higher
  • php5-cli Lib
  • cURL support Enabled
  • php5-curl Lib
  • cURL Version 7.40.0 or higher
  • allow_url_fopen On
  • Permission: Writing & Reading

pirata-1000x463

Databases:

The following databases are available for search:

  1. Exploit-DB
  2. MIlw00rm
  3. Packet Storm Security
  4. Intelligent Exploit
  5. IEDB
  6. CVE

Install on Kali Linux

wget https://raw.githubusercontent.com/CoderPirata/XPL-SEARCH/master/xpl%20search.php -O /opt/xpl_search.php

use 

php /opt/xpl_search.php [Param]

Commands

–search / -s

Basic command to perform the search for vulnerabilities or exploits.

php /opt/xpl_search.php --search anything

 

–help/ -h

Displays the help screen, where a brief description of the options are available.

php /opt/xpl_search.php --help

 

–about / -a

Displays the about screen, where a brief description of the script and provides other information.

php /opt/xpl_search.php --about

 

–update

Option used to update the script, direct of the github, the script running on the machine will have the superscript code.

php /opt/xpl_search.php --update

 

–set-db

Defines which databases will be used, to define more than one database, use the comma.
Below contains the databases and their respective “ID”.

  1. Exploit-DB
  2. MIlw00rm
  3. Packet Storm Security
  4. Intelligent Exploit
  5. IEDB
  6. CVE
 php /opt/xpl_search.php --search anything --set-db 1,4

 

–cve-id

Command used to display information related to a specific CVE-ID.

php /opt/xpl_search.php --cve-id 2015-9696

 

–author

Used to display vulnerabilities or exploits of the specific author(Does not work with CVE).

php /opt/xpl_search.php --author Anything

 

–save

Saves all vulnerabilities or exploits found during the search. The saved files can be found in the folder “log”, divided by subdirectories corresponding to each database.

php /opt/xpl_search.php --search anything --save

 

–save-log

Saves a “search log” containing basic information about the vulnerabilities or exploits found during the search.

php /opt/xpl_search.php --search anything --save-log

 

–save-dir

Defines which directory, the folder “log” will be created. This command must be used with the command “–save” or “–save-log”. php /opt/xpl_search.php –search anything –save –save-dir /medi/pendrive/

 

–proxy / -p

Used to define a proxy.

php /opt/xpl_search.php --search anything --proxy 127.0.0.1:80

 

–proxy-login

sed to define login:pass if the indicated proxy requires authentication.

php /opt/xpl_search.php --search anything --proxy 127.0.0.1:80 --proxy-login admin:root

 

–respond-time

Defines how long(in seconds), the databases has to respond. By default, 60 seconds is the limit.

php /opt/xpl_search.php --respond-time 80

 

–banner-no

Command not to display the banner/header.

php /opt/xpl_search.php --banner-no

Video and Demo by Meta-Thrunks!

Facebooktwittergoogle_plus