Linux Exploit Suggester-2 is a powerful tool for identifying vulnerabilities in Linux systems and suggesting exploits that can be used to gain access. It is a command-line tool that can be run on any Linux system and is designed to be fast, accurate, and easy to use.
- Vulnerability detection: Linux Exploit Suggester-2 can detect a wide range of vulnerabilities in Linux systems, including kernel exploits, local privilege escalation exploits, and more.
- Exploit suggestions: Once vulnerabilities are detected, Linux Exploit Suggester-2 suggests exploits that can be used to gain access to the system.
- Kernel version detection: Linux Exploit Suggester-2 can detect the kernel version of the system, making it easy to determine which exploits are likely to work.
- Compatibility with multiple distributions: Linux Exploit Suggester-2 is compatible with a wide range of Linux distributions, including Ubuntu, Debian, Fedora, and more.
- Easy to use: Linux Exploit Suggester-2 has a simple command-line interface that makes it easy to use, even for those with little experience in exploiting vulnerabilities.
To install Linux Exploit Suggester-2, you will need to have Python 3 installed on your system. Once Python 3 is installed, you can install Linux Exploit Suggester-2 by running the following command:
bashCopy code
git clone https://github.com/jondonas/linux-exploit-suggester-2 cd linux-exploit-suggester-2 pip3 install -r requirements.txt
When run without arguments, the script performs a 'uname -r' to grab the Linux operating system release version, and returns a list of possible exploits. Links to CVEs and applicable exploit POCs are included. Keep in mind that a patched/back-ported patch may fool this script.
$ ./linux-exploit-suggester-2.pl
Local Kernel: 4.4.0
Searching among 73 exploits...
Possible Exploits
[1] af_packet
CVE-2016-8655
Source: http://www.exploit-db.com/exploits/40871
[2] dirty_cow
CVE-2016-5195
Source: http://www.exploit-db.com/exploits/40616
[3] exploit_x
CVE-2018-14665
Source: http://www.exploit-db.com/exploits/45697
[4] get_rekt
CVE-2017-16695
Source: http://www.exploit-db.com/exploits/45010
Use the -k flag to manually enter a wildcard for the kernel/operating system release version.
$ ./linux-exploit-suggester-2.pl -k 3
Use the -d flag to open a download menu to retrieve exploit code directly from Exploit DB. You can either download all exploits or select them individually by number.
$ ./linux-exploit-suggester-2.pl -d
Exploit Download
(Download all: 'a' / Individually: '2,4,5' / Exit: ^c)
Select exploits to download: a
Downloading https://www.exploit-db.com/raw/40871 -> exploit_af_packet
Downloading https://www.exploit-db.com/raw/40616 -> exploit_dirty_cow
Downloading https://www.exploit-db.com/raw/45697 -> exploit_exploit_x
Downloading https://www.exploit-db.com/raw/45010 -> exploit_get_rekt
Use the -h flag to display the help menu
We welcome any contributions to Linux Exploit Suggester-2, whether it's in the form of bug reports, feature requests, or code contributions. Please refer to the CONTRIBUTING.md for more information on how to contribute.
We have a code of conduct that all contributors and users must follow. Please refer to the CODE_OF_CONDUCT.md for more information.
Linux Exploit Suggester-2 is released under the MIT license. Please refer to the LICENSE file for more information.
Please be aware that using Linux Exploit Suggester-2 for malicious purposes is illegal and we do not promote or condone such activities. The tool is intended for educational and research purposes only. Use it at your own risk.
Linux Exploit Suggester-2 is a powerful tool for identifying vulnerabilities in Linux systems and suggesting exploits that can be used to gain access. It is fast, accurate, and easy to use, making it a valuable tool for anyone working with Linux systems.