The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows.
The following items are required for the proper functioning of the script:
- PHP Version (cli) 5.5.8 or higher
- php5-cli Lib
- cURL support Enabled
- php5-curl Lib
- cURL Version 7.40.0 or higher
- allow_url_fopen On
- Permission: Writing & Reading
The following databases are available for search:
Install on Kali Linux
wget https://raw.githubusercontent.com/CoderPirata/XPL-SEARCH/master/xpl%20search.php -O /opt/xpl_search.php
php /opt/xpl_search.php [Param]
–search / -s
Basic command to perform the search for vulnerabilities or exploits.
php /opt/xpl_search.php --search anything
Displays the help screen, where a brief description of the options are available.
php /opt/xpl_search.php --help
–about / -a
Displays the about screen, where a brief description of the script and provides other information.
php /opt/xpl_search.php --about
Option used to update the script, direct of the github, the script running on the machine will have the superscript code.
php /opt/xpl_search.php --update
Defines which databases will be used, to define more than one database, use the comma.
Below contains the databases and their respective “ID”.
php /opt/xpl_search.php --search anything --set-db 1,4
Command used to display information related to a specific CVE-ID.
php /opt/xpl_search.php --cve-id 2015-9696
Used to display vulnerabilities or exploits of the specific author(Does not work with CVE).
php /opt/xpl_search.php --author Anything
Saves all vulnerabilities or exploits found during the search. The saved files can be found in the folder “log”, divided by subdirectories corresponding to each database.
php /opt/xpl_search.php --search anything --save
Saves a “search log” containing basic information about the vulnerabilities or exploits found during the search.
php /opt/xpl_search.php --search anything --save-log
Defines which directory, the folder “log” will be created. This command must be used with the command “–save” or “–save-log”. php /opt/xpl_search.php –search anything –save –save-dir /medi/pendrive/
–proxy / -p
Used to define a proxy.
php /opt/xpl_search.php --search anything --proxy 127.0.0.1:80
sed to define login:pass if the indicated proxy requires authentication.
php /opt/xpl_search.php --search anything --proxy 127.0.0.1:80 --proxy-login admin:root
Defines how long(in seconds), the databases has to respond. By default, 60 seconds is the limit.
php /opt/xpl_search.php --respond-time 80
Command not to display the banner/header.
php /opt/xpl_search.php --banner-no
Video and Demo by Meta-Thrunks!