windows-exploit-suggester

References

Analyse Windows targets patch levels to find exploits and Metasploit modules.

Example of execution

Find a way to execute systeminfo on the target.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
$ windows-exploit-suggester --update
[*] initiating winsploit version 3.3...
[+] writing to file 2019-06-02-mssb.xls
[*] done

$ windows-exploit-suggester --database 2019-06-02-mssb.xls --systeminfo systeminfo.txt
[*] initiating winsploit version 3.3...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (ascii)
[*] querying database file for potential vulnerabilities
[*] comparing the 2 hotfix(es) against the 24 potential bulletins(s) with a database of 137 known exploits
[*] there are now 24 remaining vulns
[+] [E] exploitdb PoC, [M] Metasploit module, [*] missing bulletin
[+] windows version identified as 'Windows 2003 SP1 32-bit'
[*] 
[M] MS09-043: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638) - Critical
[M] MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) - Important
[M] MS09-002: Cumulative Security Update for Internet Explorer (961260) (961260) - Critical
[M] MS09-001: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Critical
[M] MS08-078: Security Update for Internet Explorer (960714) - Critical
[M] MS08-070: Vulnerabilities in Visual Basic 6 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) - Critical
[*] done