#
windows-exploit-suggester
#
References
Analyse Windows targets patch levels to find exploits and Metasploit modules.
- https://github.com/GDSSecurity/Windows-Exploit-Suggester
- https://inventory.raw.pm/tools.html#Windows-Exploit-Suggester
#
Example of execution
Find a way to execute systeminfo
on the target.
$ windows-exploit-suggester --update
[*] initiating winsploit version 3.3...
[+] writing to file 2019-06-02-mssb.xls
[*] done
$ windows-exploit-suggester --database 2019-06-02-mssb.xls --systeminfo systeminfo.txt
[*] initiating winsploit version 3.3...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (ascii)
[*] querying database file for potential vulnerabilities
[*] comparing the 2 hotfix(es) against the 24 potential bulletins(s) with a database of 137 known exploits
[*] there are now 24 remaining vulns
[+] [E] exploitdb PoC, [M] Metasploit module, [*] missing bulletin
[+] windows version identified as 'Windows 2003 SP1 32-bit'
[*]
[M] MS09-043: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638) - Critical
[M] MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) - Important
[M] MS09-002: Cumulative Security Update for Internet Explorer (961260) (961260) - Critical
[M] MS09-001: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Critical
[M] MS08-078: Security Update for Internet Explorer (960714) - Critical
[M] MS08-070: Vulnerabilities in Visual Basic 6 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) - Critical
[*] done