Microsoft Windows Kernel - 'win32k!vSolidFillRect' Buffer Overflow (MS15-061)

Source: https://code.google.com/p/google-security-research/issues/detail?id=313 The PoC triggers a pool buffer overflow in win32k!vSolidFillRect. ​When using Special Pool we get the crash immediately on the overwrite. Without Special Pool we often get a crash in the same function, but sometimes i...

[SECURITY] Fedora 22 Update: ipython-2.4.1-8.fc22

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

A buffer overflow vulnerability in the easy tutorial-vulnerability warning-the black bar safety net

This article is similar to the“dummies series use a buffer overflow”. In such vulnerability, our approach is the use of the network, the program Controller, input, etc., send large data buffer to the program, overwriting the program memory of the important part. In these buffer overwrite program...

Mock SMTP Server 1.0 - Remote Crash (PoC)

!/usr/bin/python Exploit Title: Mock SMTP Server 1.0 Remote Crash PoC Date: 23-08-2015 Exploit Author: Shankar Damodaran Author's Twitter : @sh4nx0r Vendor Homepage: http://mocksmtpserver.codeplex.com Software Link: http://mocksmtpserver.codeplex.com/downloads/get/87077 Version: 1.0 Tested on:...

Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File

Source: https://code.google.com/p/google-security-research/issues/detail?id=426&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately, and: http://localhost/LoadMP4.swf?file=crash3006694.flv If there is no crash at first, refres...

Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File

Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File Source: https://code.google.com/p/google-security-research/issues/detail?id=426&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately, and:...

[SECURITY] Fedora 21 Update: ipython-2.4.1-7.fc21

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

[SECURITY] Fedora 22 Update: ipython-2.4.1-7.fc22

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

D-link DIR-645 Command Injection - Buffer Overflow Exploit

Exploit for hardware platform in category web applications Exploit Title: DIR-645 D-link Command Injection - Buffer Overflow Type: Command Injection - Buffer Overflow Date: 22/07/2015 Exploit Author: DNO Version: DIR-645 FW 1.04b12 Tested on: linux "ubuntu" CVE : N/A...

Chrome ui::AXTree::Unserialize Use-After-Free Exploit

Chrome suffers from a ui::AXTree::Unserialize related use-after-free vulnerability. 1503A - Chrome - ui::AXTree::Unserialize use-after-free CVE-2015-1277 TL;DR After 60 day deadline has passed, I am releasing details on an unfixed use-after-free vulnerability in Chrome's accessibility features,...

Immunity Debugger 1.85 - Crash PoC

Exploit for windows platform in category dos / poc Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name:...

Immunity Debugger 1.85 - Crash (PoC)

Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name: .exe.exe and put any program inside and try debug it. -T...

Immunity Debugger 1.85 - Crash (PoC)

Immunity Debugger 1.85 - Crash PoC Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name: .exe.exe and put any...

Android Debugger vulnerability exists, you can get the device memory data-vulnerability warning-the black bar safety net

A structure of delicate ELFExecutable and Linkable Formatfile can cause the debugger to crash, and then through the tombstone file and the corresponding logd log files exposure of memory contents. This can be used for denial of service attacks, can help bypass ASLR to execute malicious code. Only...

Cloud Source Repositories: Google Quietly Launches GitHub Competitor

After the death of Google code this winter, Google is apparently back in the business through the launch of its private Git repository hosting service on Google Cloud Platform called Cloud Source Repositories. Not yet officially announced, but Google started providing free beta access to its new...

Buffer Overflow in My Wifi Router Software

Hi there, I have seen a buffer overflow in My Wifi Router software version 1.0 The link of the software is available :- http://mywifirouter.software.informer.com/1.0/ Exploit :- After running the software you will see two places to enter details i.e "Hotspot Name" and "Password". To exploit this...

The Windows kernel attack-vulnerability warning-the black bar safety net

This article summarizes the current windows kernel attacks of various attack techniques. Describes and demonstrates some of the common bypass windows kernel protection method, and a reverse three describes how to pass kernel defects found in similar bypass method. By the kernel attack and memory...

JDWP 代码执行漏洞

JPDAJava Platform Debugger Architecture 是 Java 平台调试体系结构的缩写，通过 JPDA 提供的 API，开发人员可以方便灵活的搭建 Java 调试应用程序。JPDA 主要由三个部分组成：Java虚拟机工具接口（JVMTI），Java 调试线协议（JDWP），以及 Java 调试接口（JDI）。JDWP协议可以支持远程调试，当次接口未授权访问时，可以执行Java代码，造成代码执行，获取服务器权限。服务端监听80端口记录访问： 使用jdwp-shellifier，执行系统命令：python jdwp-shellifier.py -t...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gdb-6.3.0.0 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

Quick Search 1.1.0.189 - search textbox Buffer Overflow (SEH Unicode) (Egghunter)

Quick Search 1.1.0.189 - search textbox Buffer Overflow SEH Unicode Egghunter !/usr/bin/perl = Exploit Title: Quick Search 1.1.0.189 'search textbox' Unicode SEH egghunter Buffer Overflow Date: 2015-04-23 Exploit Author: Tomislav Paskalev Vulnerable Software: Quick Search v1.1.0.189 Vendor...