This
tool compares a targets patch levels against the Microsoft vulnerability
database in order to detect potential missing patches on the target. It also
notifies the user if there are public exploits and Metasploit modules available
for the missing bulletins.
It
requires the 'systeminfo' command
output from a Windows host in order to compare that the Microsoft security
bulletin database and determine the patch level of the host.
It
has the ability to automatically download the security bulletin database from
Microsoft with the --update flag, and saves it as an Excel spreadsheet.
First Download windows exploit suggester from here and
unzip in your pc
Now to update the script using
./windows-exploit-suggester.py --update
Now download xlrd-0.9.4 from here and install in your pc using
./setup.py install ( which is prerequisite)
Now run systeminfo command in windows prompt and save the resultant file on
the Desktop as
Win7-ultimate.txt.
Now copy File Win7-ultimate.txt in Windows-Exploit-Suggester-master folder
on Kali Linux as shown below.
Now run the following
command & you will get the result.
./windows-exploit-suggester.py
--database 2015-09-25-mssb.xlsx --systeminfo win7-ultimate-systeminfo.txt
Now it will show all
possible exploits for an operating system Victim windows PC.
0 comments:
Post a Comment