vuln

Vuln A simple program for practicing buffer overflow attacks...

NetChess 2.1 Buffer Overflow

Exploit Title: NetChess2.1 Buffer Overflow SEH Date: 8/1/2022 Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"...

10-Strike Network Inventory Explorer 9.3 Buffer Overflow Vulnerability

10-Strike Network Inventory Explorer versions 9.3 and below are vulnerable to a SEH based buffer overflow which leads to code execution or local privilege escalation. The vulnerable part of the program is the functionality to add computers from a text file. I. VULNERABILITY...

Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes)

Exploit Title: Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode 240 bytes Exploit Author: Armando Huesca Prida Tested on: Windows 7 Professional 6.1.7601 SP1 Build 7601 x86 Windows Vista Ultimate 6.0.6002 SP2 Build 6002 x86 Windows Server 2003 Enterprise Editio...

Torrent 3GP Converter 1.51 - Stack Overflow (SEH) Exploit

Exploit Title: Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Author: boku Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link: http://www.torrentrockyou.com/download/tr3gpconverter.exe Version: Torrent 3GP Converter Version 1.51 Build 116 Tested...

RGui 3.5.0 Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass Date: 01-09-2018 Vulnerable Software: RGui 3.5.0 Vendor Homepage: https://www.r-project.org/ Version: 3.5.0 Software Link:...

Emacs - movemail Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Emacs movemail Privilege Escalation', 'Description' = %q This module exploits a SUID installation of the Emacs movemail utility to run a command ...

Adult Filter 1.0 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: Adult Filter 1.0 - Buffer Overflow SEH Exploit Author: Özkan Mustafa Akkuş AkkuS Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Tested on: Windows X...

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)

/ Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes Author: cq674350529 - execve'/bin/sh', tcp - 192.168.2.157/31337 - used in HTTP Request - tested on D-Link dir-850l router, avoid bad chars '\x00', '\x20', '\x23', '\x0d\x0a' - based on rigan's shellcode...

WM Recorder 16.8.1 - Denial of Service Exploit

Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: WM Recorder 16.8.1 - Denial of Service Date: 03-20-2018 Vulnerable Software: WM Recorder 16.8.1 Vendor Homepage: http://wmrecorder.com/home/ Version: 16.8.1 Software Link:...

Dup Scout Enterprise 10.5.12 - Share Username Local Buffer Overflow

Dup Scout Enterprise 10.5.12 - Share Username Local Buffer Overflow !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Dup Scout Enterprise 10.5.12 - Local Buffer Overflow Date: 02-22-2018 Vulnerable Software: Dup Scout Enterprise v10.5.12 Vendor Homepage: http://www.dupscout.com...

Easy MPEG/AVI/DIVX/WMV/RM To DVD Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Field Buffer Overflow SEH Date: 05-10-2017 Exploit Author: Venkat Rajgor Vendor Homepage: http://www.divxtodvd.net/ Software Link:...

TP-Link WR940N - (Authenticated) Remote Code

TP-Link WR940N - Authenticated Remote Code import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in th...

Motorola Netopia Netoctopus SDCS Stack Buffer Overflow

require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...

Disk Sorter Enterprise 9.5.12 - GET Remote Buffer Overflow (SEH)

Disk Sorter Enterprise 9.5.12 - GET Remote Buffer Overflow SEH !/usr/bin/env python Exploit Title: DiskSorter Enterprise 9.5.12 - 'GET' Remote buffer overflow SEH Date: 2017-03-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.disksorter.com...

Dup Scout Enterprise 9.1.14 Buffer Overflow

!/usr/bin/python print "Dup Scout Enterprise 9.1.14 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Disk Sorter Enterprise 9.1.12 Buffer Overflow

!/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Disk Savvy Enterprise 9.1.14 - 'Login' Remote Buffer Overflow

!/usr/bin/python print "Disk Savvy Enterprise 9.1.14 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow

!/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

VX Search Enterprise 9.1.12 - 'Login' Remote Buffer Overflow

!/usr/bin/python print "VX Search Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...