The XPL SEARCH is written in PHP and therefore, can be used both on Linux or Windows.
The following items are required for the proper functioning of the script:
The following databases are available for search:
Basic command to perform the search for vulnerabilities or exploits.
php xpl_search.php --search anything
Displays the help screen, where a brief description of the options are available.
php xpl_search.php --help
Displays the about screen, where a brief description of the script and provides other information.
php xpl_search.php --about
Option used to update the script, direct of the github, the script running on the machine will have the superscript code.
php xpl_search.php --update
Defines which databases will be used, to define more than one database, use the comma.
Below contains the databases and their respective “ID”.
php xpl_search.php --search anything --set-db 1,4
Command used to display information related to a specific CVE-ID.
php xpl_search.php --cve-id 2015-9696
Used to display vulnerabilities or exploits of the specific author(Does not work with CVE).
php xpl_search.php --author Anything
Saves all vulnerabilities or exploits found during the search. The saved files can be found in the folder “log”, divided by subdirectories corresponding to each database.
php xpl_search.php --search anything --save
Saves a “search log” containing basic information about the vulnerabilities or exploits found during the search.
php xpl_search.php --search anything --save-log
Defines which directory, the folder “log” will be created. This command must be used with the command “–save” or “–save-log”. php xpl_search.php –search anything –save –save-dir /medi/pendrive/
Used to define a proxy.
php xpl_search.php --search anything --proxy 127.0.0.1:80
sed to define login:pass if the indicated proxy requires authentication.
php xpl_search.php --search anything --proxy 127.0.0.1:80 --proxy-login admin:root
Defines how long(in seconds), the databases has to respond. By default, 60 seconds is the limit.
php xpl_search.php --respond-time 80
Command not to display the banner/header.
php xpl_search.php --banner-no