329 matches found
CDex Genre 1.79 Stack Buffer Overflow
''' Exploit Title: CDex Genre Stack Buffer Overflow Date: 10/9/2015 Exploit Author: UnN0n Software Link: http://cdex.mu/download Version: 1.79 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- Generate a File by python code mentioned below. 2- Goto...
FileZilla Client 2.2.x - Remote Buffer Overflow (SEH)
Exploit Title: Filezilla client 2.2.X SEH buffer overflow exploit Date: 02/08/2015 Exploit Author: ly0n Vendor Homepage: filezilla-project.org/ Software Link: http://www.oldapps.com/filezilla.php?app=7cdf14e88e9dfa85fb661c1c6e649e90 Version: tested on filezilla 2.2.21 Tested on: Windows XP sp3...
VUPlayer-2.49---(.m3u)
VUPlayer 2.49 .M3u Universal buffer overflow exploit w/ DEP bypass Author: mrme Download: http://vuplayer.com/ Tested on Wind0ws XP SP3 /noexecute=alwayson sc = "\x89\xe1\xd9\xee\xd9\x71\xf4\x58\x50\x59\x49\x49\x49\x49" "\x43\x43\x43\x43\x43\x43\x51\x5a\x56\x54\x58\x33\x30\x56"...
Mini-stream-RM-MP3-Converter
Tested on Windows XP SP3 Pro Found By : Cyber-Zone ABDELKHALEK http://www.securityfocus.com/bid/34494 The way exploit written is slightly different than above Vulnerability handler = "ftp://" buff1 = "D" 17418 eip = "\x7D\xA5\x04\x10" 0x1004A57D jmp esp C:\Program...
Realtek-Audio-Microphone-Calibration-1.1.1.6
App. has classic buffer overflow vulnerability it can be triggered by passing too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite filepath = "C:\ShellCode\MicCal 1.1.1.6 - Exploit.bin" f = openfilepath, "wb" dummy data f.write'\x90'...
ealtek-Audio-Control-Panel-1.0.1.65
App. has classic buffer overflow vulnerability it can be triggered by passing a too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite filepath = "C:\ShellCode\RTLCPL 1.1.1.6 - Exploit.bin" f = openfilepath, "wb" f.write'BraniX'...
Windows-XP-2003-Afd.sys-Escalation
MS11-080 - CVE-2011-2005 Afd.sys Privilege Escalation Exploit Author: [email protected] - Matteo Memelli HalDispatchTable+0x4+1 from ctypes import windll, CDLL, Structure, byref, sizeof, POINTER, cchar, cshort, cushort, cint, cuint, culong, cvoidp, clong, ccharp from ctypes.wintypes import HANDLE...
BlazeDVD-Pro-player-6.1-Stack-Based-Buffer
BlazeDVD Pro player 6.1 Local stack based buffer overflow Author: PuN1sh3r Email: [email protected] Date: Mon Jul 15 03:01:37 EDT 2013 Vendor link: http://www.blazevideo.com/download.htmm Software Link: http://www.blazevideo.com/download.php?product=BlazeDVDPro App Version: 6.1 $file =...
BulletProof FTP Client 2010 Buffer Overflow
!/usr/bin/python ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Exploit Date: Sep 05 2014 Vulnerability Discovery: Gabor Seljan Exploit Author: Robert Kugler Software Link: http://www.bpftp.com/ Versio...
BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits !/usr/bin/python ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Exploit Date: Sep 05 2014 Vulnerability Discovery: Gabor Seljan Exploit Author:...
BulletProof FTP Client 2010 - Buffer Overflow (SEH)
!/usr/bin/python ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Exploit Date: Sep 05 2014 Vulnerability Discovery: Gabor Seljan Exploit Author: Robert Kugler Software Link: http://www.bpftp.com/ Versio...
Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow
No description provided by source. Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow http://www.offensive-security.com Tested on Windows 7 http://www.offensive-security.com/vulndev/symantec-endpoint-protection-0day/ Authors: Matteo 'ryujin' Memelli & Alexandru 'sickness' Uifalvi at...
A-PDF All to MP3 Converter 2.0.0 DEP Bypass
No description provided by source. Exploit Title: A-PDF All to MP3 Converter v.2.0.0 DEP Bypass Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: 2.0.0 Tested on: Win XP SP3 French Date: 12/05/2011 Author: h1ch4m Email: [email protected] Home: http://net-effects.blogspot.com Big...
WM Downloader 3.1.2.2 - Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl WM Downloader 3.1.2.2 .m3u File WinXP Sp3fr Buffer Overflow stack Exploit Author: hadji samir , [email protected] Download : Tested : Windows XP SP3 fr DATE : 2010-07-31 thanks mo3tazz et zaitoun lakhal m3a slada naklouh ; vive TCT 05 et DGM8 my...
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow
No description provided by source. !/usr/bin/perl Exploit Title: CoolPlayer+ Portable v2.19.4 - Local Buffer Overflow Date: 11-15-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: CoolPlayer+ Portable v2.19.4 Software Link:...
Windows XP PRO SP3 - Full ROP calc shellcode
No description provided by source. / Shellcode: Windows XP PRO SP3 - Full ROP calc shellcode Author: b33f http://www.fuzzysecurity.com/ Notes: This is probably not the most efficient way but I gave the dll's a run for their money ; Greets: Donato, Jahmel OS-DLL's used: Base | Top | Size | Version...
WFTPD Server <= 3.21 Remote Buffer Overflow Exploit
No description provided by source. / WFTPD buffer overflow exploit, c axl 2004, [email protected] Discovered by the very same guy :p Tested WFTPD versions: - WFTPD Pro Server 3.21 Release 1 trial latest version - WFTPD Pro Server 3.20 Release 2 trial - WFTPD Server 3.21 Release 1 trial latest...
Ollydbg <= 1.10 Format String Bug
No description provided by source. // Exploit opens a new cmd.exe.Tested on win2ken+sp4en+ollydbg v1.09d // Open exploit with ollydebug and run the exploit from ollydebugF9 key. // Coded by Ahmet Cihana.k.a. hurby // Thanx to r3db4r0n, Murat Erdo??ana.k.a. Stormwr, Onur Cihana.k.a.eurnie and...
Destiny Media Player 1.61 - (.m3u File) Local Stack Overflow Exploit
No description provided by source. usage: exploit.py After creating the m3u file, start the program then File Open Playlist exploit.m3u print print Destiny Media Player 1.61 .m3u File Local Stack Overflow Exploit\n print Founder: aBo MoHaMeD print exploit & code: His0k4 print Tested on: Windows X...
Windows XP Pro Sp2 English "Message-Box" Shellcode
No description provided by source. +-----------------------------------------------------+ | Windows XP Pro Sp2 English Message-Box Shellcode. | +-----------------------------------------------------+ Size : 16 Bytes, Null-Free. Author : Aodrulez. Email : [email protected] Shellcode =...