Public exploits
Last updated
Last updated
Exploit Database
SecurityFocus Exploit Archives
Packet Storm
Searchsploit
Nmap NSE scripts
The Browser Exploitation Framework (BEEF)
Metasploit
When using publicly available exploits it is rare that these exploits will work without at least some minor modifications. Others may require more extensive modifications such as updating the payload.
Searchploit includes a mirror function that will copy an exploit into the current working directory searchsploit -m 43321
Headers such as 'winsock' are hints that c programs were intended for compilation on windows and require cross-compilation
Target IP address and port
Attacking machine IP address and port
Return address for memory corruption exploits
Payload (typically generated with msfvenom)
mingw-w64 is a popular cross compiler available on Linux
install mingw using sudo apt install mingw-w64
After installation, mingw-w64 can be used to compile Windows PE files
i686-w64-mingw32-gcc 42341.c -o syncbreeze.exe
There are several additional consideration for modifying web exploits
Does the exploit initiate an HTTP or HTTPS connection?
Does the exploit access a web application through a specific path or route?
Does the exploit leverage a pre-authentication vulnerability, or are credentials required?
How are the GET and POST requests crafted to trigger and exploit the vulnerability?
Does the exploit rely on default application settings that might have been changed at install?
Will oddities such as self-signed certificates disrupt the exploit?