自动探测linux的溢出版本

#!/usr/bin/perl

=head1 USAGE

        $ Local_Exploit_Checker [-h] [-k kernel]

        [-h] help

        [-k] kernel Eg. 2.6.28 

=head1 AUTHOR



use Getopt::Std;



$VERSION="0.6";

my $khost="";

my %opts;

getopt('k,h',\%opts);



if (exists $opts{h}){ &usage;}



if (exists $opts{k}){

        $khost=$opts{k};

}else{

        $khost = `uname -r |cut -d"-" -f1`; 

        chomp($khost);

} 

print "\nKernel local: $khost\n\n"; 



sub usage{

        print "Linux Exploit Suggester $VERSION\n";

        print "Usage: \t$0  [-h] [-k kernel]\n";

        print "\t[-h] help (this message)\n";

        print "\t[-k] kernel number eg. 2.6.28\n"; 

}



my %h; 

$h{'w00t'} = { vuln=>['2.4.10','2.4.16','2.4.17','2.4.18','2.4.19','2.4.20','2.4.21'] }; 

$h{'brk'} = { vuln=>['2.4.10','2.4.18','2.4.19','2.4.20','2.4.21','2.4.22'] }; 

$h{'ave'} = { vuln=>['2.4.19','2.4.20'] }; 

$h{'elflbl'} = { vuln=>['2.4.29'],mil=>"http://www.exploit-db.com/exploits/744/" }; 

$h{'elfdump'} = { vuln=>['2.4.27'] };

$h{'elfcd'} = {vuln=>['2.6.12']}; 

$h{'expand_stack'} = { vuln=>['2.4.29'] }; 

$h{'h00lyshit'} = { vuln=>['2.6.8','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16'],cve=>"2006-3626",mil=>"http://www.exploit-db.com/exploits/2013/"}; 

$h{'kdump'} = { vuln=>['2.6.13'] }; 

$h{'km2'} = { vuln=>['2.4.18','2.4.22'] }; 

$h{'krad'} = { vuln=>['2.6.5','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11'] }; 

$h{'krad3'} = { vuln=>['2.6.5','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11'],mil=>"http://exploit-db.com/exploits/1397" };

$h{'local26'} = { vuln=>['2.6.13'] }; 

$h{'loko'} = { vuln=>['2.4.22','2.4.23','2.4.24'] }; 

$h{'mremap_pte'} = { vuln=>['2.4.20','2.2.24','2.4.25','2.4.26','2.4.27'],mil=>"http://www.exploit-db.com/exploits/160/" }; 

$h{'newlocal'} = { vuln=>['2.4.17','2.4.19'] }; 

$h{'ong_bak'} = { vuln=>['2.6.5'] }; 

$h{'ptrace'} = { vuln=>['2.4.18','2.4.19','2.4.20','2.4.21','2.4.22']};

$h{'ptrace_kmod'} = { vuln=>['2.4.18','2.4.19','2.4.20','2.4.21','2.4.22'],cve=>"2007-4573"};

$h{'ptrace_kmod2'} = { vuln=>['2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34'],alt=>"ia32syscall,robert_you_suck",mil=>"http://www.exploit-db.com/exploits/15023/",cve=>"2010-3301"};

$h{'ptrace24'} = { vuln=>['2.4.9'] }; 

$h{'pwned'} = { vuln=>['2.6.11'] }; 

$h{'py2'} = { vuln=>['2.6.9','2.6.17','2.6.15','2.6.13'] }; 

$h{'raptor_prctl'} = { vuln=>['2.6.13','2.6.14','2.6.15','2.6.16','2.6.17'],cve=>"2006-2451",mil=>"http://www.exploit-db.com/exploits/2031/" };

$h{'prctl'} = { vuln=>['2.6.13','2.6.14','2.6.15','2.6.16','2.6.17'],mil=>"http://www.exploit-db.com/exploits/2004/" }; 

$h{'prctl2'} = { vuln=>['2.6.13','2.6.14','2.6.15','2.6.16','2.6.17'],mil=>"http://www.exploit-db.com/exploits/2005/"};

$h{'prctl3'} = { vuln=>['2.6.13','2.6.14','2.6.15','2.6.16','2.6.17'],mil=>"http://www.exploit-db.com/exploits/2006/" }; 

$h{'prctl4'} = { vuln=>['2.6.13','2.6.14','2.6.15','2.6.16','2.6.17'] ,mil=>"http://www.exploit-db.com/exploits/2011/"};

$h{'remap'} = { vuln=>['2.4.'] }; 

$h{'rip'} = { vuln=>['2.2.'] }; 

$h{'stackgrow2'} = { vuln=>['2.4.29','2.6.10'] }; 

$h{'uselib24'} = { vuln=>['2.6.10','2.4.17','2.4.22','2.4.25','2.4.27','2.4.29'] }; 

$h{'newsmp'} = { vuln=>['2.6.'] }; 

$h{'smpracer'} = { vuln=>['2.4.29'] }; 

$h{'loginx'} = { vuln=>['2.4.22'] }; 

$h{'exp.sh'} = { vuln=>['2.6.9','2.6.10','2.6.16','2.6.13'] };   

$h{'vmsplice1'} = {vuln=>['2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.24.1'],alt=>"jessica biel",cve=>"2008-0600",mil=>"http://www.expliot-db.com/exploits/5092"};

$h{'vmsplice2'} = {vuln=>['2.6.23','2.6.24'],alt=>"diane_lane",cve=>"2008-0600", mil=>"http://www.exploit-db.com/exploits/5093"};

$h{'vconsole'} = {vuln=>['2.6.'],cve=>"2009-1046"};

$h{'sctp'} = {vuln=>['2.6.26'],cve=>"2008-4113"};

$h{'ftrex'} = {vuln=>['2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22'],cve=>"2008-4210",mil=>"http://www.exploit-db.com/exploits/6851"};

$h{'exit_notify'} =  {vuln=>['2.6.25','2.6.26','2.6.27','2.6.28','2.6.29'],mil=>"http://www.exploit-db.com/exploits/8369"};

$h{'udev'} = {vuln=>['2.6.25','2.6.26','2.6.27','2.6.28','2.6.29'],alt=>"udev <1.4.1",cve=>"2009-1185",mil=>"http://www.exploit-db.com/exploits/8478"};

$h{'sock_sendpage2'}={vuln=>['2.4.4','2.4.5','2.4.6','2.4.7','2.4.8','2.4.9','2.4.10','2.4.11','2.4.12','2.4.13','2.4.14','2.4.15','2.4.16','2.4.17','2.4.18','2.4.19','2.4.20','2.4.21','2.4.22','2.4.23','2.4.24','2.4.25','2.4.26','2.4.27','2.4.28','2.4.29','2.4.30','2.4.31','2.4.32','2.4.33','2.4.34','2.4.35','2.4.36','2.4.37','2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30'],alt=>"proto_ops",cve=>"2009-2692",mil=>"http://www.exploit-db.com/exploits/9436"};

$h{'sock_sendpage'}={vuln=>['2.4.4','2.4.5','2.4.6','2.4.7','2.4.8','2.4.9','2.4.10','2.4.11','2.4.12','2.4.13','2.4.14','2.4.15','2.4.16','2.4.17','2.4.18','2.4.19','2.4.20','2.4.21','2.4.22','2.4.23','2.4.24','2.4.25','2.4.26','2.4.27','2.4.28','2.4.29','2.4.30','2.4.31','2.4.32','2.4.33','2.4.34','2.4.35','2.4.36','2.4.37','2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30'],alt=>"wunderbar_emporium",cve=>"2009-2692",mil=>"http://www.exploit-db.com/exploits/9435"};

$h{'udp_sendmsg_32bit'}={vuln=>['2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19'],cve=>"2009-2698", mil=>"http://downloads.securityfocus.com/vulnerabilities/exploits/36108.c"};

$h{'pipe.c_32bit'}={vuln=>['2.4.4','2.4.5','2.4.6','2.4.7','2.4.8','2.4.9','2.4.10','2.4.11','2.4.12','2.4.13','2.4.14','2.4.15','2.4.16','2.4.17','2.4.18','2.4.19','2.4.20','2.4.21','2.4.22','2.4.23','2.4.24','2.4.25','2.4.26','2.4.27','2.4.28','2.4.29','2.4.30','2.4.31','2.4.32','2.4.33','2.4.34','2.4.35','2.4.36','2.4.37','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31'],cve=>"2009-3547",mil=>"http://www.securityfocus.com/data/vulnerabilities/exploits/36901-1.c"};

$h{'do_pages_move'}={vuln=>['2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31'],alt=>"sieve",cve=>"2010-0415",mil=>"Spenders Enlightenment"};

$h{'reiserfs'}={vuln=>['2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34'],cve=>"2010-1146",mil=>"http://www.exploit-db.com/exploits/12130/"};

$h{'can_bcm'}={vuln=>['2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],cve=>"2010-2959",mil=>"http://www.exploit-db.com/exploits/14814/"};

$h{'rds'}={vuln=>['2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],mil=>"http://www.exploit-db.com/exploits/15285/",cve=>"2010-3904"};

$h{'half_nelson'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],alt=>"econet",cve=>"2010-3848",mil=>"http://www.exploit-db.com/exploits/6851"};

$h{'half_nelson1'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],alt=>"econet",cve=>"2010-3848",mil=>"http://www.exploit-db.com/exploits/17787/"};

$h{'half_nelson2'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],alt=>"econet",cve=>"2010-3850",mil=>"http://www.exploit-db.com/exploits/17787/"};

$h{'half_nelson3'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],alt=>"econet",cve=>"2010-4073",mil=>"http://www.exploit-db.com/exploits/17787/"};

$h{'caps_to_root'} = {vuln=>['2.6.34','2.6.35','2.6.36'],cve=>"n/a",mil=>"http://www.exploit-db.com/exploits/15916/"};

$h{'american-sign-language'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],cve=>"2010-4347",mil=>"http://www.securityfocus.com/bid/45408/"};

$h{'pktcdvd'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33','2.6.34','2.6.35','2.6.36'],cve=>"2010-3437",mil=>"http://www.exploit-db.com/exploits/15150/"};

$h{'video4linux'} = {vuln=>['2.6.0','2.6.1','2.6.2','2.6.3','2.6.4','2.6.5','2.6.6','2.6.7','2.6.8','2.6.9','2.6.10','2.6.11','2.6.12','2.6.13','2.6.14','2.6.15','2.6.16','2.6.17','2.6.18','2.6.19','2.6.20','2.6.21','2.6.22','2.6.23','2.6.24','2.6.25','2.6.26','2.6.27','2.6.28','2.6.29','2.6.30','2.6.31','2.6.32','2.6.33'],cve=>"2010-3081",mil=>"http://www.exploit-db.com/exploits/15024/"};

$h{'memodipper'} = {vuln=>['2.6.39','3.0.0','3.0.1','3.0.2','3.0.3','3.0.4','3.0.5','3.0.6','3.1.0'],cve=>"2012-0056",mil=>"http://www.exploit-db.com/exploits/18411/"};

$h{'semtex'}={vuln=>['2.6.37','2.6.38','2.6.39','3.0.0','3.0.1','3.0.2','3.0.3','3.0.4','3.0.5','3.0.6','3.1.0'],cve=>"2013-2094",mil=>"http://www.exploit-db.com/download/25444/&#8206;"};

$h{'perf_swevent'}={vuln=>['3.0.0','3.0.1','3.0.2','3.0.3','3.0.4','3.0.5','3.0.6','3.1.0','3.2','3.3','3.4.0','3.4.1','3.4.2','3.4.3','3.4.4','3.4.5','3.4.6','3.4.8','3.4.9','3.5','3.6','3.7','3.8.0','3.8.1','3.8.2','3.8.3','3.8.4','3.8.5','3.8.6','3.8.7','3.8.8','3.8.9'],cve=>"2013-2094",mil=>"http://www.exploit-db.com/download/26131"};



&run_main; 



sub run_main { 

print "Possible Exploits:\n";

foreach my $key(keys %h){ 

        foreach my $kernel ( @{ $h{$key}->{vuln} }){ 

#                printf "DEBUG:vuln:%s kernel:%s lk:%s\n", $key,$kernel,$khost;

                if($khost=~/^$kernel$/){ 

                         chop($kernel) if ($kernel=~/.$/); 

                         print "[+] ".$key;

                        $alt=$h{$key}->{alt};

                        $cve=$h{$key}->{cve};

                        $mlw=$h{$key}->{mil};

                        if ((length ($alt) >0)||(length ($cve) >0)){print "\n";}

                        if (length ($alt) >0){ print "   Alt: $alt ";} 

                        if (length ($cve) >0){ print "   CVE-$cve";}

                        if (length ($mlw) >0){ print "\n   Source: $mlw";}

                        print "\n"; 

                 } 

              } 

} 

}