This tool essentially outputs a list of exploits that you might want to try out after you gain local access to a host. Nothing you cannot do manually, and not the most brilliant tool ever but still, useful.
Motivation
The next stage after gaining local access to a host is to escalate privileges, right? Typical techniques include:
- Manipulation of any custom tools which might installed (SUID files, cron jobs)
- Obtaining credentials from backup files (other places) which may have weak file permissions
- Password bruteforcing
- Manipulation of 3rd part tools that have been installed (e.g. weak file permission on config files or in /etc/init.d)
- Exploitation of public vulnerabiliites in software that's currently installed
- This tools focusses on making the last technique as simply as possible. It quickly identifies the existing vulnerabilities (due to poor patching policies, for example), and outputs a link to a public advisory or exploit.
This tool doesn't provide the exploit code or teach you on how to use it. It just points you in the right direction.