Published on September 19th, 2015 📆 | 3967 Views ⚑
0XPL-Search — Exploit Search
XPL SEARCH is a script made in PHP, to perform quick searches for vulnerabilities or exploits in multiple databases
[adsense size='1']
Dependencies:
The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows.
The following items are required for the proper functioning of the script:
- PHP Version (cli) 5.5.8 or higher
- php5-cli Lib
- cURL support Enabled
- php5-curl Lib
- cURL Version 7.40.0 or higher
- allow_url_fopen On
- Permission: Writing & Reading
Databases:
The following databases are available for search:
Commands
âsearch / -s
Basic command to perform the search for vulnerabilities or exploits.
php xpl_search.php --search anything
âhelp/ -h
Displays the help screen, where a brief description of the options are available.
php xpl_search.php --help
âabout / -a
Displays the about screen, where a brief description of the script and provides other information.
php xpl_search.php --about
âupdate
Option used to update the script, direct of the github, the script running on the machine will have the superscript code.
php xpl_search.php --update
âset-db
Defines which databases will be used, to define more than one database, use the comma.
Below contains the databases and their respective âIDâ.
 php xpl_search.php --search anything --set-db 1,4
âcve-id
Command used to display information related to a specific CVE-ID.
php xpl_search.php --cve-id 2015-9696
âauthor
Used to display vulnerabilities or exploits of the specific author(Does not work with CVE).
php xpl_search.php --author Anything
âsave
Saves all vulnerabilities or exploits found during the search. The saved files can be found in the folder âlogâ, divided by subdirectories corresponding to each database.
php xpl_search.php --search anything --save
[adsense size='1']
âsave-log
Saves a âsearch logâ containing basic information about the vulnerabilities or exploits found during the search.
php xpl_search.php --search anything --save-log
âsave-dir
Defines which directory, the folder âlogâ will be created. This command must be used with the command ââsaveâ or ââsave-logâ. php xpl_search.php âsearch anything âsave âsave-dir /medi/pendrive/
âproxy / -p
Used to define a proxy.
php xpl_search.php --search anything --proxy 127.0.0.1:80
âproxy-login
sed to define login:pass if the indicated proxy requires authentication.
php xpl_search.php --search anything --proxy 127.0.0.1:80 --proxy-login admin:root
ârespond-time
Defines how long(in seconds), the databases has to respond. By default, 60 seconds is the limit.
php xpl_search.php --respond-time 80
âbanner-no
Command not to display the banner/header.
php xpl_search.php --banner-no
Gloss