A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
Find a file
Offensive Security 855e59f932 DB: 2016-12-07
9 new exploits

MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)
Asterisk - (SIP channel driver / in pedantic mode) Remote Crash
Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)
Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash

F5 BIG-IP - Remote Root Authentication Bypass (1)
F5 BIG-IP - Authentication Bypass (1)

Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow
NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow

NetCat 0.7.1 - Denial of Service
Microsoft Event Viewer 1.0 - XML External Entity Injection
Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection
Apache CouchDB 2.0.0 - Local Privilege Escalation

Samba 2.2.8 - Remote Root Exploit
Samba 2.2.8 - Remote Code Execution

Microsoft Windows - WebDAV Remote Root Exploit (2)
Microsoft Windows - WebDAV Remote Code Execution (2)

Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav)
Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)

miniSQL (mSQL) 1.3 - Remote GID Root Exploit
miniSQL (mSQL) 1.3 - GID Remote Code Execution
Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit
GtkFtpd 1.0.4 - Remote Root Buffer Overflow
Real Server 7/8/9 (Windows / Linux) - Remote Code Execution
GtkFtpd 1.0.4 - Buffer Overflow
Solaris Sadmind - Default Configuration Remote Root Exploit
Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit
Solaris Sadmind - Default Configuration Remote Code Execution
Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution

ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit
ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution

ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit
ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force

Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit
Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution

Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit
Ethereal 0.10.0 < 0.10.2 - IGAP Overflow
Monit 4.1 - Remote Root Buffer Overflow
Monit 4.2 - Remote Root Buffer Overflow
Monit 4.1 - Buffer Overflow
Monit 4.2 - Buffer Overflow

INND/NNRP < 1.6.x - Remote Root Overflow
INND/NNRP < 1.6.x - Overflow Exploit

LPRng (RedHat 7.0) - lpd Remote Root Format String
LPRng (RedHat 7.0) - 'lpd' Format String

BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit
BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4)
BIND 8.2.x - (TSIG) Stack Overflow (1)
BIND 8.2.x - (TSIG) Stack Overflow (2)
BIND 8.2.x - (TSIG) Stack Overflow (3)
BIND 8.2.x - (TSIG) Stack Overflow (4)

HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit
HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution

CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit
CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow

Solaris /bin/login (SPARC/x86) - Remote Root Exploit
Solaris /bin/login (SPARC/x86) - Remote Code Execution

Drcat 0.5.0-beta - (drcatd) Remote Root Exploit
Drcat 0.5.0-beta - 'drcatd' Remote Code Execution

Dropbear SSH 0.34 - Remote Root Exploit
Dropbear SSH 0.34 - Remote Code Execution

Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow
Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution

Monit 4.2 - Basic Authentication Remote Root Exploit
Monit 4.2 - Basic Authentication Remote Code Execution

WvTFTPd 0.9 - Remote Root Heap Overflow
WvTFTPd 0.9 - Heap Overflow

Qwik SMTP 0.3 - Remote Root Format String
Qwik SMTP 0.3 - Format String

Citadel/UX 6.27 - Remote Root Format String
Citadel/UX 6.27 - Format String

Knox Arkeia Server Backup 5.3.x - Remote Root Exploit
Knox Arkeia Server Backup 5.3.x - Remote Code Execution
Smail 3.2.0.120 - Remote Root Heap Overflow
mtftpd 0.0.3 - Remote Root Exploit
Smail 3.2.0.120 -  Heap Overflow
mtftpd 0.0.3 - Remote Code Execution

dSMTP Mail Server 3.1b - Linux Remote Root Format String
dSMTP Mail Server 3.1b (Linux) - Format String Exploit

IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit
IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution

linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit
linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution

MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow
Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow

GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit
GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution

ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution

dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow
dproxy-nexgen (Linux/x86) - Buffer Overflow

Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow
Kerberos 1.5.1 - Kadmind Buffer Overflow

webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)
webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution

VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution

MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow

Sun Solaris 10 - rpc.ypupdated Remote Root Exploit
Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution

ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution

Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit)
Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit)

Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python)

Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit
Solaris 9 (UltraSPARC) - sadmind Remote Code Execution

Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution
Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution

Microworld eScan AntiVirus < 3.x - Remote Root Command Execution
Microworld eScan AntiVirus < 3.x - Remote Code Execution

AIX5l with FTP-Server - Remote Root Hash Disclosure
AIX5l with FTP-Server - Hash Disclosure

McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution)
McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution)

ProFTPd 1.3.3c - Compromised Source Remote Root Trojan
ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution

Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit
Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution

MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)
Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)

ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution
ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution

DreamBox DM800 1.5rc1 - Remote Root File Disclosure
DreamBox DM800 1.5rc1 - File Disclosure

TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite
TelnetD encrypt_keyid - Function Pointer Overwrite
F5 BIG-IP - Remote Root Authentication Bypass (2)
MySQL - Remote Root Authentication Bypass
F5 BIG-IP - Authentication Bypass (2)
MySQL - Authentication Bypass

ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection
ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection

WIDZ 1.0/1.5 - Remote Root Compromise
WIDZ 1.0/1.5 - Remote Code Execution
Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities
Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)
DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow

proManager 0.73 - (note.php) SQL Injection
ProManager 0.73 - 'note.php' SQL Injection

pNews 1.1.0 - (nbs) Remote File Inclusion
pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion

Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion
Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion

eFiction 3.1.1 - (path_to_smf) Remote File Inclusion
eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion

FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection
FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection

Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion
Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion

SimpNews 2.40.01 - (print.php newnr) SQL Injection
SimpNews 2.40.01 - 'newnr' Parameter SQL Injection

PHPNews 0.93 - (format_menue) Remote File Inclusion
PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion

meBiblio 0.4.5 - (index.php action) Remote File Inclusion
meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion

Joomla! Component rapidrecipe 1.6.5 - SQL Injection
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection

mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting
pLog - 'albumID' SQL Injection
smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PLog 1.0.6 - 'albumID' Parameter SQL Injection
smeweb 1.4b - SQL Injection / Cross-Site Scripting

Joomla! Component joomradio 1.0 - 'id' SQL Injection
Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection

Battle Blog 1.25 - (comment.asp) SQL Injection
Battle Blog 1.25 - 'comment.asp' SQL Injection

1Book Guestbook Script - Code Execution
1Book Guestbook Script 1.0.1 - Code Execution
PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Joomla! Component EasyBook 1.1 - (gbid) SQL Injection
427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting
Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection
427bb 2.3.1 - SQL Injection / Cross-Site Scripting
Power Phlogger 2.2.5 - (css_str) SQL Injection
pSys 0.7.0.a - (shownews) SQL Injection
Joomla! Component JoomlaDate - (user) SQL Injection
Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection
pSys 0.7.0.a - 'shownews' Parameter SQL Injection
Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection
JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection
phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Joomla! Component yvcomment 1.16 - Blind SQL Injection
JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection
phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting
Joomla! Component yvComment 1.16 - Blind SQL Injection

BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion
BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion

Joomla! Component rapidrecipe - SQL Injection
Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection

Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection
Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection
real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - (article) SQL Injection
real estate Web site 1.0 - SQL Injection / Cross-Site Scripting
Telephone Directory 2008 - SQL Injection / Cross-Site Scripting
ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection
Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite
pNews 2.08 - (shownews) SQL Injection
Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite
pNews 2.08 - 'shownews' Parameter SQL Injection
ErfurtWiki R1.02b - (css) Local File Inclusion
DCFM Blog 0.9.4 - (comments) SQL Injection
yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Insanely Simple Blog 0.5 - (index) SQL Injection
ASPPortal Free Version - 'Topic_Id' SQL Injection
Experts 1.0.0 - (answer.php) SQL Injection
SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ErfurtWiki R1.02b - Local File Inclusion
DCFM Blog 0.9.4 - SQL Injection
Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection
Insanely Simple Blog 0.5 - SQL Injection
ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection
Experts 1.0.0 - 'answer.php' SQL Injection
SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting

Yuhhu 2008 SuperStar - 'board' SQL Injection
Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection

eFiction 3.0 - (toplists.php list) SQL Injection
eFiction 3.0 - 'toplists.php' SQL Injection

pSys 0.7.0 Alpha - (chatbox.php) SQL Injection
pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection

pNews 2.03 - (newsid) SQL Injection
pNews 2.03 - 'newsid' Parameter SQL Injection

Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection
Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection

FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection
FlexPHPNews 0.0.6 & PRO - Authentication Bypass

E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities
E-ShopSystem - Authentication Bypass / SQL Injection

Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload
Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload

427BB Fourtwosevenbb 2.3.2 - SQL Injection
427BB 2.3.2 - SQL Injection

Joomla! Component 'com_joomradio' - SQL Injection
Joomla! Component JoomRadio 1.0 - SQL Injection

Joomla! Component 'com_elite_experts' - SQL Injection
Joomla! Component Elite Experts - SQL Injection

ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection
ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection

Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection
Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection

Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit
Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit

alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting
Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting

SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion
SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion

PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion
PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion
PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting

Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure
Seowonintech Routers fw: 2.3.9 - File Disclosure

PHPNews 1.2.x - auth.php SQL Injection
PHPNews 1.2.x - 'auth.php' SQL Injection
efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting
efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection
efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection
efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection
efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting
efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection
efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection
efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection

427BB 2.2 - showthread.php SQL Injection
427BB 2.2 - 'showthread.php' SQL Injection

BrowserCRM - results.php Cross-Site Scripting

Simpnews 2.x - Wap_short_news.php Remote File Inclusion
Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion

ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting
ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting
Yblog - funk.php id Parameter Cross-Site Scripting
Yblog - tem.php action Parameter Cross-Site Scripting
Yblog - uss.php action Parameter Cross-Site Scripting
Yblog - 'funk.php' Cross-Site Scripting
Yblog - 'tem.php' Cross-Site Scripting
Yblog - 'uss.php' Cross-Site Scripting
Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting
Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting
Simpnews 2.x - 'index.php' Cross-Site Scripting
Simpnews 2.x - 'pwlost.php' Cross-Site Scripting

PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities
PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting
Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection
Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting
Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection
Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting
SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting
SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting
SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting
SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection
BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection
BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting
BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection
BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection
BrowserCRM 5.100.1 - URI Cross-Site Scripting
BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting
Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection
BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting
BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting
2016-12-07 05:01:17 +00:00
platforms DB: 2016-12-07 2016-12-07 05:01:17 +00:00
files.csv DB: 2016-12-07 2016-12-07 05:01:17 +00:00
README.md DB: 2016-11-28 2016-11-28 05:01:17 +00:00
searchsploit Code cleanup - adds comments & formatting 2016-11-07 12:24:58 +00:00

The Exploit Database Git Repository

This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.

This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.

Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.

root@kali:~# searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]

==========
 Examples
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446

=========
 Options
=========
   -c, --case     [Term]      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact    [Term]      Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help                 Show this help screen.
   -j, --json     [Term]      Show result in JSON format.
   -m, --mirror   [EDB-ID]    Mirror (aka copies) an exploit to the current working directory.
   -o, --overflow [Term]      Exploit titles are allowed to overflow their columns.
   -p, --path     [EDB-ID]    Show the full path to an exploit (and also copies the path to the clipboard if possible).
   -t, --title    [Term]      Search JUST the exploit title (Default is title AND the file's path).
   -u, --update               Check for and install any exploitdb package updates (deb or git).
   -w, --www      [Term]      Show URLs to Exploit-DB.com rather than the local path.
   -x, --examine  [EDB-ID]    Examine (aka opens) the exploit using $PAGER.
       --colour               Disable colour highlighting in search results.
       --id                   Display the EDB-ID value rather than local path.
       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                              Use "-v" (verbose) to try even more combinations
=======
 Notes
=======
 * You can use any number of search terms.
 * Search terms are not case-sensitive (by default), and ordering is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching using numbers - i.e. versions).
 * When updating from git or displaying help, search terms will be ignored.

root@kali:~#
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
 Exploit Title                                                                   |  Path
                                                                                 | (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin)            | ./windows/local/6757.txt
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service                  | ./windows/dos/17133.c
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)            | ./windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080)                | ./windows/local/21844.rb
Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)   | ./win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Privilege Escalation (MS14-040)            | ./win_x86-64/local/39525.py
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
    URL: https://www.exploit-db.com/exploits/39446/
   Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py

Copied EDB-ID 39446's path to the clipboard.
root@kali:~#

SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).