7257 matches found
CVE-2019-25679
RealTerm Serial Terminal 2.0.0.70 contains a local SEH buffer overflow in the Echo Port tab that allows code execution when a crafted payload is pasted into the Port field and the Change button is clicked. The exploit can use a POP POP RET gadget chain with shellcode; results reported include arb...
CVE-2019-25679
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...
PT-2026-30487
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...
CVE-2018-25255
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...
CVE-2018-25255 10-Strike LANState 8.8 Local Buffer Overflow SEH
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...
CVE-2018-25255
10-Strike LANState 8.8 has a local buffer overflow in structured exception handling. An attacker can craft a malicious LSM map file with a payload in the ObjCaption parameter to overflow a buffer, overwrite the SEH chain, and execute shellcode when the file is opened in LANState. This vulnerabili...
CVE-2018-25255
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...
PT-2026-30375
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that...
PT-2026-30374
NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and...
HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/custom/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf...
HTTPS Fetch, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
HTTPS Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The sock...
HTTPS Fetch, Windows shellcode stage, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/https/x86/custom/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... ms...
HTTPS Fetch, Windows shellcode stage, Reverse TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/custom/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options...
HTTP Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an HTTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socke...
HTTPS Fetch, Windows shellcode stage, Windows x86 Reverse Named Pipe (SMB) Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/https/x86/custom/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set...
HTTPS Fetch, Windows shellcode stage, Reverse HTTP Stager Proxy
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Tunnel communication over HTTP Module Options msf use payload/cmd/windows/https/x86/custom/reversehttpproxypstore msf payloadreversehttpproxypstore show actions ...actions... msf payloadreversehttpproxypstore set ACTIO...
HTTPS Fetch, Windows shellcode stage, Find Tag Ordinal Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Use an established connection Module Options msf use payload/cmd/windows/https/x86/custom/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and...
HTTPS Fetch, Windows shellcode stage, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/custom/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...sho...
HTTPS Fetch, Windows shellcode stage, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Listen for a connection No NX Module Options msf use payload/cmd/windows/https/x86/custom/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show...