Friday, January 22, 2010

Exploit-DB Updates

Lots of new updates in the exploit-db arena. Barabas whipped up a quick browser search bar plugin. See how to get it installed here.

We got a massive CVE / OSVDB entry update from Steve Tornio which was added to our DB. Our “perfect” exploit template now has links to the exploit code, vulnerable app , CVE and OSVDB entries. See this example. You can now search for exploits via CVE or OSVDB.

We’ve added a new column to the database – “V”. We attempt to verify submitted code in a testing environment. Exploits that we manage to verify will be marked accordingly. It will take us a LONG time to get the list updated, bear with us.

The Exploit Database can now be downloaded via SVN. We figured it would be easier to download and track exploits this way, rather than re-downloading the whole archive. We will be adding the exploit-db archive as a package in BackTrack4, but for now you can:

root@bt4:# cd /pentest/exploits/
root@bt4:# svn co svn://

No comments:

Post a Comment