204 matches found
Exploit for Improper Input Validation in Microsoft
Weaponized CVE-2019-0604 Automated Exploit Tool to Maximize C...
Ronin - A Ruby Platform For Vulnerability Research And Exploit Development
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories. Console Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience method...
metasploit-framework
This repository is an offensive tool for Metasploit Framework. The Metasploit Framework is a comprehensive platform for developing and executing exploits, post-exploitation tools, and malware. It is a powerful tool for penetration testers, security researchers, and red teamers. The framework...
CTF-All-In-One
This is a book about CTF Capture The Flag competitions, specifically the Pwn binary exploitation module. The book is written by Yang Cheng, a member of L-Team, and is aimed at beginners. It covers the basics of binary security, including x86/x64 platforms, Linux systems, and the basics of exploit...
How to Increase Your Security Posture with Fewer Resources
With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...
Exploitability Analysis: Smash the Ref Bug Class
In April 2020, security researcher Gil Dabah published a paper on a set of vulnerabilities he had discovered within the Win32k subsystem of the Windows operating system. These vulnerabilities demonstrated instances of a new class of bugs, dubbed “Smash the Ref.” Dabah’s research included 13 test...
The Basics of Exploit Development 5: x86-64 Buffer Overflows
In this article we will be covering a technique similar to the one in the first installment of this series, however, with the twist in that this exploit will be of a 64-bit process running on Windows 10. Due to the nature of modern operating systems and the exploit mitigation techniques they...
linux-exploit-development-tutorial
It is an offensive tool for Linux. This is a tutorial for Linux exploit development, specifically targeting stack and heap security mechanisms. The tutorial covers various topics, including format string attacks, integer overflow, and buffer overflow attacks. It also discusses how to bypass...
JITSploitation I: A JIT Bug
By Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS...
pwntools
This is an offensive tool for exploit development and CTF Capture The Flag framework. The tool is called pwntools and is used for exploit development and CTF challenges. It provides a set of tools and libraries for exploiting vulnerabilities and solving CTF challenges. The tool is written in Pyth...
pwntools
This repository is an offensive tool for binary exploitation, specifically a Python library for writing exploits. It is not a PoC exploit for a specific CVE, but rather a toolkit for creating exploits. The primary vulnerability class targeted by this library is not explicitly stated, but it is...
Pi-hole 4.3.2 Remote Code Execution
!/usr/bin/env python2 Exploit Title: Pi-hole 4.3.2 - Remote Code Execution Authenticated Date: 2020-08-04 Exploit Author: Luis Vacas @CyberVaca Vendor Homepage: https://pi-hole.net/ Software Link: https://github.com/pi-hole/pi-hole Version: = 4.3.2 Tested on: Ubuntu 19.10 CVE : CVE-2020-8816...
CloudMe 1.11.2 SEH Buffer Overflow Exploit
import socket import sys target = "127.0.0.1" Written by : lutzenfried Clement Cruchet Exploiting CloudMe 1.11.2 Publisher : CloudMe AB Windows x64 10.0.18362 Build 18362 Buffer Overflow using SEH overwritten technic POP POP RET Exploit for CVE-2018-6892 Technical information used for exploit...
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
Posted by Mateusz Jurczyk, Project Zero This post is the third of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published a...
The Basics of Exploit Development 4: Unicode Overflows
If you have read the previous articles in this series, welcome back and keep reading. If not, I would encourage you to read those first before proceeding, as this article builds on concepts laid down in the previous installments. In this article, we will be covering a technique similar to the one...
The Basics of Exploit Development 3: Egg Hunters
Hello dear reader. If you have read the other articles in this series, welcome back! If not I encourage you to read the previous installments before proceeding with this post. This post covers a surprisingly useful technique in exploit development called Egg Hunters. In order to demonstrate how E...
metasploit-framework
This is an offensive tool for Metasploit Framework. It is a collection of Ruby code that provides a framework for developing and executing exploits, as well as a platform for testing and validating vulnerabilities. The repository contains a wide range of modules and tools for various tasks,...
The Basics of Exploit Development 1: Win32 Buffer Overflows
In this article we will cover the creation of an exploit for a 32-bit Windows application vulnerable to a buffer overflow using X64dbg and the associated ERC plugin. As this is the first article in this series, we will be looking at an exploit where we have a complete EIP overwrite and ESP points...
Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - Cable Haunt Remote Code Execution
Sagemcom F@ST 3890 501019-T1 Cable Modem - Cable Haunt Remote Code Execution // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47936.zip function buf2hexbuffer // buffer is an ArrayBuffer return Array.prototype.map.callnew Uint8Arraybuffer, x...
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH) Exploit
!/usr/bin/env python Author: Xavi Beltran Contact: email protected Exploit Development: https://xavibel.com/2019/08/31/seh-based-local-buffer-overflow-dameware-remote-support-v-12-1-0-34/ Date: 14/7/2019 Description: SEH based Buffer Overflow DameWare Remote Support V. 12.1.0.34 Tools Computer...