3266 matches found
Pegasus ImagN - ActiveX Control Remote Buffer Overflow
?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49". "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...
3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow
/ 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny...
Winamp 5.34 - .mp4 Code Execution
Winamp 5.34 - .mp4 Code Execution /\ Winamp = 5.34 .MP4 File Code Execution Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call eax, and it might be complicated...
3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow
3proxy 0.5.3g Windows x86 - proxy.c logurl Remote Buffer Overflow / 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/...
phpLocal.txt
Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...
Avoid UTF8/tolower
UTF8 Safe, tolower Safe Encoder This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework NOTE: Read this if you plan on using this encoder: This encoder has some limitations that must be considered. First, this encoder cannot ...
Non-Upper Encoder
Encodes payloads as non-alpha based bytes. This allows payloads to bypass tolower calls, but will fail isalpha. Table based design from Russel Sanford. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...
Non-Alpha Encoder
Encodes payloads as non-alpha based bytes. This allows payloads to bypass both toupper and tolower calls, but will fail isalpha. Table based design from Russel Sanford. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
Polymorphic XOR Additive Feedback Encoder
This encoder implements a polymorphic XOR additive feedback encoder. The decoder stub is generated based on dynamic instruction substitution and dynamic block ordering. Registers are also selected dynamically. This module requires Metasploit: https://metasploit.com/download Current source:...
Generic Shell Variable Substitution Command Encoder
This encoder uses standard Bourne shell variable substitution tricks to avoid commonly restricted characters. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Generic Shell Variable Substitution...
SPARC DWORD XOR Encoder
This encoder is optyx's 48-byte SPARC encoder with some tweaks. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPARC DWORD XOR Encoder', 'Description' = %q This encoder is optyx's 48-byte SPAR...
Alpha2 Alphanumeric Unicode Uppercase Encoder
Encodes payload as unicode-safe uppercase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodeupper' class MetasploitModule...
Alpha2 Alphanumeric Unicode Mixedcase Encoder
Encodes payload as unicode-safe mixedcase text. This encoder uses SkyLined's Alpha2 encoding suite. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/encoder/alpha2/unicodemixed' class MetasploitModule...
Alpha2 Alphanumeric Mixedcase Encoder
Encodes payloads as alphanumeric mixedcase text. This encoder uses SkyLined's Alpha2 encoding suite. A pure alpha encoder is impossible without having a register that points at or near the shellcode. In a default configuration the first few bytes at the beginning are an fnstenv getpc stub the sam...
mailenable-imap-examine.py.txt
!/usr/bin/python Remote Mailenable Enterprise 1.1 EXAMINE buffer Overflow Discovered and exploited by [email protected] This vulnerability affects Mailenable Enterprise 1.1 without the ME-10009.EXE patch. Details: SEH gets overwritten at 965 968 in VMWare bytes in the EXAMINE command. Filteri...
MailEnable Enterprise Edition 1.1 - 'EXAMINE' Remote Buffer Overflow
!/usr/bin/python Remote Mailenable Enterprise 1.1 EXAMINE buffer Overflow Discovered and exploited by [email protected] This vulnerability affects Mailenable Enterprise 1.1 without the ME-10009.EXE patch. Details: SEH gets overwritten at 965 968 in VMWare bytes in the EXAMINE command. Filteri...
PPC LongXOR Encoder
This encoder is ghandi's PPC dword xor encoder but uses a tag-based terminator rather than a length. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PPC LongXOR Encoder', 'Description' = %q Thi...
PPC LongXOR Encoder
This encoder is ghandi's PPC dword xor encoder with some size tweaks by HDM. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PPC LongXOR Encoder', 'Description' = %q This encoder is ghandi's PP...
The "none" Encoder
This "encoder" does not transform the payload in any way. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'The "none" Encoder', 'Description' = %q This "encoder" does not transform the payload i...
Single-byte XOR Countdown Encoder
This encoder uses the length of the payload as a position-dependent encoder key to produce a small decoder stub. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Single-byte XOR Countdown...