SysWhispers - AV/EDR Evasion Via Direct System Calls

SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported from Windows XP to 10. Example generated files available in example-output/. Introduction Various security products place hooks in user-mode APIs which allow...

CVE-2016-8354

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity...

netbsd/x86 setreuid(0, 0); execve("/bin//sh", ..., NULL); 29 bytes

No description provided by source. / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve/bin//sh, ..., NULL; note: unsafe shellcode, but 29 bytes long; doesn't work if eax & 0x40000000 != 0; / include sys/types.h include stdio.h include string.h char scode = \x99 // cltd...

Notepad++ 5.4.5 - .C .CPP Local Stack Buffer Overflow (PoC)

Notepad++ 5.4.5 - .C .CPP Local Stack Buffer Overflow PoC / 0dayNotepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow POC by fl0 fl0w / / LATEST FIXES Notepad++ v5.4.5 fixed bugs from v5.4.4 : 1. Fix plugins shortcuts not working bug. 2. Fix the tooltip on toolbar display bug for the plugins icons. ...

Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow PoC (0day)

Exploit for unknown platform in category dos / poc ============================================================= Notepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow PoC 0day ============================================================= / 0dayNotepad++ 5.4.5 Local .C/CPP Stack Buffer Overflow POC b...

netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 30 bytes

netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 30 bytes. Shellcode exploit for netbsdx86 platform / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve"/bin//sh", ..., NULL; / include include include char scode = "\x31\xc0" // xor %eax,%eax "\x50" // push %eax...

solaris/x86 execve /bin/sh toupper evasion 84 bytes

solaris/x86 execve /bin/sh toupper evasion 84 bytes. Shellcode exploit for solarisx86 platform / Solaris/x86 Used for toupper evasion look to the linux version for an explanation and usage example. / char c0de = / main: / "\xeb\x33" / jmp callz / / start: / "\x5e" / popl %esi / "\x8d\x06" / leal...

freebsd/x86 execve /tmp/sh 34 bytes

Exploit for freebsd/x86 platform in category shellcode =================================== freebsd/x86 execve /tmp/sh 34 bytes =================================== / FreeBSD shellcode - execve /tmp/sh Claes M. Nyberg 20020120 , / / void main asm" xorl %eax, %eax eax = 0 pushl %eax string ends with...

asmcodes.txt

http://www.rootshell.com/ ----------------- begin asmcodes.txt --------------------- -- Assembly drop in replacements -- Probably useless, but can be a little fun ;- Here are some assembly instructions that you can drop into your favorite buffer overflow exploit. Generally, replacing existing...