River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)

Exploit Title: RiverPastAudioConverter - Buffer Overflow SEH Date: 06.02.2019 Vendor Homepage: www.riverpast.com Software Link: https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=3D1 Exploit Author: Matteo Malvica Tested Version: 7.7.16 Tested on: Windows 10 -...

Zortam MP3 Media Studio 24.15 Local Buffer Overflow

Exploit Title: Zortam MP3 Media Studio Version 24.15 Exploit SEH Version: 24.15 Exploit Author: Manpreet Singh Kheberi Date: December 13 2018 Download Link: https://www.zortam.com/download.html Vendor Homepage: https://www.zortam.com Tested on: Windows Xp Sp3 x64 Type: Bind shell print...

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)

Exploit Title: Zortam MP3 Media Studio Version 24.15 Exploit SEH Version: 24.15 Exploit Author: Manpreet Singh Kheberi Date: December 13 2018 Download Link: https://www.zortam.com/download.html Vendor Homepage: https://www.zortam.com Tested on: Windows Xp Sp3 x64 Type: Bind shell print...

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow SEH Exploit Title: Zortam MP3 Media Studio Version 24.15 Exploit SEH Version: 24.15 Exploit Author: Manpreet Singh Kheberi Date: December 13 2018 Download Link: https://www.zortam.com/download.html Vendor Homepage: https://www.zortam.com Teste...

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: Zortam MP3 Media Studio Version 24.15 Exploit SEH Exploit Author: Manpreet Singh Kheberi Download Link: https://www.zortam.com/download.html Vendor Homepage: https://www.zortam.com Tested on: Windows Xp Sp3 x64 Type: Bind shel...

Moxa NPort W2x50A 2.1 OS Command Injection Vulnerability

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS command injection vulnerabilities. Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection...

Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)

Title: Linux/x86 - Bind 4444/TCP Shell + IPv6 Shellcode 100 bytes Length : 100bytes Author: Kartik Durg Write-up Link: https://iamroot.blog/2018/07/17/0x1-shellbindtcpipv6-linux-x86/ Tested on: Ubuntu 16.0.4.1 i686 / global start section .text start: ;References: ;1http://syscalls.kernelgrok.com/...

10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Scanner 3.0 - Local Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafel Date: 2018-06-05 Vendor Homepage: https://www.10-strike.com/ Vulnerable Software: https://www.10-strike.com/network-scanner/network-scanner.exe Tested on: Windows XP Professional ...

10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafelx Date: 2018-06-05 Vendor Homepage: https://www.10-strike.com/ Vulnerable Software:...

CloudMe Sync 1.11.0 - Buffer Overflow (SEH) (DEP Bypass) Exploit

Exploit for windows platform in category remote exploits Author: Juan Prescotto Tested Against: Win7 Pro SP1 64 bit Software Download: https://www.cloudme.com/downloads/CloudMe1109.exe Tested Against Version: 1.10.9 Special Thanks to my wife for allowing me spend countless hours on this passion o...

Linux/x86 - Bind (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)

Linux/x86 - Bind 9443/TCP Shell + fork + Null-Free Shellcode 113 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux x86 TCP Bind Shell + fork - 113 bytes NULL Free Author: Amine Kanane Student-ID: SLAE - 1203 Desc: Listen for a connection on Local Port 9443 and spawn a command shell Th...

Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)

/ Title: Linux x86 TCP Bind Shell + fork - 113 bytes NULL Free Author: Amine Kanane Student-ID: SLAE - 1203 Desc: Listen for a connection on Local Port 9443 and spawn a command shell This version support multiple simultaneous connections using fork. Also this shellcode does not use the classic...

Grok-backdoor - Backdoor With Ngrok Tunnel Support

Grok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the communication. Ngrok-backdoor can generate windows, linux and mac binaries using Pyinstaller. Disclaimer: All the code provided on this repository is for educational/research purposes only. Any actions and/or activities...

Disk Savvy Enterprise 10.4.18 Buffer Overflow

Exploit Title: Disk Savvy Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 01/02/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.disksavvy.com/ Software Link: http://www.disksavvy.com/setups/disksavvyentsetupv10.4.18.exe Version: 10.4.18 CVE:...

Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcod

/ Title: Linux/ARM - IP Controlled Bind Shell TCP /bin/sh. Null free shellcode 168 bytes Date: 2018-02-17 Tested: armv7l Raspberry Pi v3 and armv6l Raspberry Pi Zero W Author: rtmcx - twitter: @rtmcx Description: The shellcode will only allow the connection to execute the shell if originating fro...

GoAhead Web Server 2.5 < 3.6.5 - HTTPd LD_PRELOAD Arbitrary Module Load Exploit

This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

GoAhead Web Server 2.5 &lt; 3.6.5 - HTTPd &#039;LD_PRELOAD&#039; Arbitrary Module Load (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GoAhead Web Server LDPRELOAD Arbitrary Module Load', 'Description' = %q This module triggers an arbitrary shared library load vulnerability in...

GoAhead Web Server LD_PRELOAD Arbitrary Module Load

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GoAhead Web Server LDPRELOAD Arbitrary Module Load', 'Description' = %q This module triggers an arbitrary shared library load vulnerability in...

SysGauge Server 3.6.18 Buffer Overflow

Exploit Title: SysGauge Server 3.6.18 - Buffer Overflow Exploit Author: Ahmad Mahfouz Description: Sysgauge Server Unauthenticated Remote Buffer Overflow SEH Contact: http://twitter.com/eln1x Date: 12/01/2018 CVE: CVE-2018-5359 Version: 3.6.18 Tested on: Windows 7 x64 Software Link:...

GoAhead Web Server LD_PRELOAD Arbitrary Module Load

This module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...