Valve: Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection

With the vulnerability of the GoldSource Engine, the server is able to perform remote code execution on the client, overwriting the stack when reading the BMP file. The problem is in the LoadBMP8 function, which is executed when the player connects to the server, by loading the...

SysGauge Pro 4.6.12 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : SysGauge Pro v4.6.12 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software : http://www.sysgauge.com/setups/sysgaugeprosetupv4.6.12.exe...

SysGauge Pro 4.6.12 Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title : SysGauge Pro v4.6.12 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software :...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 Exploit CVE-2017-11882 Exploit accepts over 17...

Windows/x64 - Download & Execute Shellcode (358 bytes)

/ Title : Windows x64 Download+Execute Shellcode Author : Roziul Hasan Khan Shifat Date : 24-11-2016 size : 358 bytes Tested on : Windows 7 x64 Professional Email : email protected / / section .text global start start: ;----------------------------- sub rsp,88 lea r14,rsp sub rsp,88...

LanSpy 2.0.0.155 local code execution vulnerability

No description provided by source. import struct 32bit Alphanum-ish shellcodes Bad chars detected: 00 2d 20 MessageBoxA at = 00404D80 msgboxshellcode = "\x31\xC0\x50\x68" "\x70\x77\x6E\x64" "\x54\x5F\x50\x57" "\x57\x50\x35\xC4" "\x80\x80\x55\x35" "\x44\xCD\xC0\x55" "\x50\xC3" WinExec at - 004EC4F...

LanSpy 2.0.0.155 - Local Buffer Overflow

LanSpy 2.0.0.155 - Local Buffer Overflow !/usr/bin/python LanSpy 2.0.0.155 - Buffer Overflow Exploit by n30m1nd Date: 2016-10-18 Exploit Author: n30m1nd Vendor Homepage: www.lantricks.com Software Link: https://www.exploit-db.com/apps/42114d0f9e88ad76acaa0f145dabf923-lanspysetup.exe Version: LanS...

Windows x64 - WinExec() Shellcode (93 bytes)

Windows x64 - WinExec Shellcode 93 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 WinExec shellcode Date : 15-10-2016 Author : Roziul Hasan Khan Shifat size : 93 bytes Tested on : Windows 7 Ultimate x64 / / Disassembly of section .text: 0000000000000000 : 0: 99 cltd 1: 65 4...

LanSpy 2.0.0.155 Buffer Overflow

!/usr/bin/python LanSpy 2.0.0.155 - Buffer Overflow Exploit by n30m1nd Date: 2016-10-18 Exploit Author: n30m1nd Vendor Homepage: www.lantricks.com Software Link: https://www.exploit-db.com/apps/42114d0f9e88ad76acaa0f145dabf923-lanspysetup.exe Version: LanSpy 2.0.0.155 Tested on: Tested on Win7...

Windows/x64 - WinExec() Shellcode (93 bytes)

/ Title : Windows x64 WinExec shellcode Date : 15-10-2016 Author : Roziul Hasan Khan Shifat size : 93 bytes Tested on : Windows 7 Ultimate x64 / / Disassembly of section .text: 0000000000000000 : 0: 99 cltd 1: 65 48 8b 42 60 mov %gs:0x60%rdx,%rax 6: 48 8b 40 18 mov 0x18%rax,%rax a: 48 8b 70 10 mo...

NScan 0.9.1 - Target Local Buffer Overflow

NScan 0.9.1 - Target Local Buffer Overflow ''' + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NECROSCAN-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: =================== nscan.hypermart.net Product:...

Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess Shellcode

Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess Shellcode. Shellcode exploit for win32 platform / Title : Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess shellcode Date : 12-07-2016 Author : Roziul Hasan Khan Shifat Tested on: Windows 7 x86 / /...

Windows/x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394

/ Title : Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess shellcode Date : 12-07-2016 Author : Roziul Hasan Khan Shifat Tested on: Windows 7 x86 / / Disassembly of section .text: 00000000 : 0: 31 c9 xor %ecx,%ecx 2: 64 8b 41 30 mov %fs:0x30%ecx,%eax 6: 8b 40 0c mov...

Windows/x86 - WinExec("cmd.exe",0) Shellcode (184 bytes)

/ Title : Windows x86 WinExec"cmd.exe",0 shellcode Date : 07/06/2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x86 / / To Compile: -------------- $nasm -f win32 winexec.asm -o exec.obj Linking: ---------- $ "C:\Program Files\CodeBlocks\MinGW\bin\ld.exe" -o winexec.exe...

Windows x86 WinExec"cmd.exe",0 Shellcode

Windows x86 WinExec"cmd.exe",0 Shellcode. Shellcode exploit for win32 platform / Title : Windows x86 WinExec"cmd.exe",0 shellcode Date : 07/06/2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x86 / / To Compile: -------------- $nasm -f win32 winexec.asm -o exec.obj Linkin...

x86 Windows Null-Free Download & Run via WebDAV Shellcode 96 bytes

x86 Windows Null-Free Download & Run via WebDAV Shellcode 96 bytes. Shellcode exploit for win32 platform / Author: Sean Dillon Copyright: c 2016 RiskSense, Inc. https://risksense.com Release Date: March 1, 2016 Description: x86 Windows null-free download & run via WebDAV shellcode Assembled Size:...

Windows/x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes)

/ Author: Sean Dillon Copyright: c 2016 RiskSense, Inc. https://risksense.com Release Date: March 1, 2016 Description: x86 Windows null-free download & run via WebDAV shellcode Assembled Size: 96 bytes Tested On: Windows XP, Windows 10 License: http://opensource.org/licenses/MIT Build/Run: MSVC...

Windows XP-10 - Null-Free WinExec Shellcode Python

Windows XP-10 - Null-Free WinExec Shellcode Python. Shellcode exploit for generator platform All Windows Null-Free WinExec Shellcode """ Coded by B3mB4m Concat : [email protected] Home : b3mb4m.blogspot.com 10.12.2015 Tested on : Windows XP/SP3 x86 Windows 7 Ultimate x64 Windows 8.1 Pro Build 9600 x...

win32/xp SP3 x86 Null-Free WinExec Shellcode

This is a tool written in python to generate shellcode to use on Microsoft Windows. All Windows Null-Free WinExec Shellcode """ Coded by B3mB4m Concat : email protected Home : b3mb4m.blogspot.com 10.12.2015 Tested on : Windows XP/SP3 x86 Windows 7 Ultimate x64 Windows 8.1 Pro Build 9600 x64 Windo...

IconLover 5.42 - Local Buffer Overflow

Exploit Title: IconLover v5.42 Buffer Overflow Exploit Date: 29/09/2015 Exploit Author: cor3sm4sh3r Author email: cor3sm4sh3ratgmail.com Contact: https://in.linkedin.com/in/cor3sm4sh3r Twitter: https://twitter.com/cor3sm4sh3r Category: Local Tested : win XP professional sp2 ''' Credits & Authors:...