239 matches found
MS Windows Animated Cursor (.ANI) Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits =============================================================== MS Windows Animated Cursor .ANI Local Buffer Overflow Exploit =============================================================== / MS Windows .ANI File Local Buffer Overflow Credit...
Microsoft Windows - Animated Cursor '.ani' Local Buffer Overflow
/ MS Windows .ANI File Local Buffer Overflow Credits go to Trirat Puttaraksa cause his PoC inspired this source. devcode's exploit didnt work for me, so I made my own. This exploit launches calc.exe on a lot of app Word, Winamp, etc.... Turn off DEP to get it work on Explorer. Tested against Win ...
Microsoft Windows - Animated Cursor .ani Local Buffer Overflow
Microsoft Windows - Animated Cursor .ani Local Buffer Overflow / MS Windows .ANI File Local Buffer Overflow Credits go to Trirat Puttaraksa cause his PoC inspired this source. devcode's exploit didnt work for me, so I made my own. This exploit launches calc.exe on a lot of app Word, Winamp, etc...
IrfanView 3.99 - '.ani' Local Buffer Overflow (1)
/ IrfanView 3.99 .ANI File Buffer Overflow IrfanView is vulnerable to a buffer overflow when opening a crafted .ani file. The overflow occurs while it is creating a snapshot of the file. This exploit launches calc.exe. Tested against Win XP SP2 FR. Have Fun! Coded and discovered by Marsu Note: th...
irfanview-ani.txt
/ IrfanView 3.99 .ANI File Buffer Overflow IrfanView is vulnerable to a buffer overflow when opening a crafted .ani file. The overflow occurs while it is creating a snapshot of the file. This exploit launches calc.exe. Tested against Win XP SP2 FR. Have Fun! Coded and discovered by Marsu Note: th...
Microsoft Windows - Animated Cursor .ani Local Stack Overflow
Microsoft Windows - Animated Cursor .ani Local Stack Overflow / Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete...
Corel Wordperfect X3 13.0.0.565 (.PRS) Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ==================================================================== Corel Wordperfect X3 13.0.0.565 .PRS Local Buffer Overflow Exploit ==================================================================== / wp13exp.c - Wordperfect X3 remote...
PHP 5.2.1 with PECL phpDOC Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ======================================================== PHP 5.2.1 with PECL phpDOC Local Buffer Overflow Exploit ======================================================== 0day.today 2018-03-14...
WebMod 0.48 (Content-Length) Remote Buffer Overflow Exploit PoC
Exploit for unknown platform in category remote exploits =============================================================== WebMod 0.48 Content-Length Remote Buffer Overflow Exploit PoC =============================================================== / WebMod Stack Buffer Overflow by cybermind Kevin...
win32 Beep Shellcode SP1/SP2 35 bytes
win32 Beep Shellcode SP1/SP2 35 bytes. Shellcode exploit for win32 platform / Shellcode can be changed to work with any windows distribution by changing the address of Beep in kernel32.dll Addresses for SP1 and SP2 -xnull / include unsigned char beepsp1 = "\x55\x89\xE5\x83\xEC\x18\xC7\x45\xFC"...
win32 Beep Shellcode (SP1/SP2) 35 bytes
Exploit for win32 platform in category shellcode ======================================= win32 Beep Shellcode SP1/SP2 35 bytes ======================================= / Shellcode can be changed to work with any windows distribution by changing the address of Beep in kernel32.dll Addresses for SP1...
eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ====================================================== eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit ====================================================== !/usr/bin/perl eSignal v7.6 remote exploit c VizibleSoft ==...
MS Windows Metafile (WMF) Remote File Download Exploit Generator
No description provided by source. / \ / WMF nDay download Exploit Generator \ by Unl0ck Research Team / \ / greetz: rst/ghc ed, uf0, fost , uKt choix, nekd0, payhash, antq , blacksecurity black , 0x557 kaka, swan, sam, nolife , sowhat, tty64 izik ; This sploit is now full shit, so... kiddies par...
Kaspersky AntiVirus - 'klif.sys' Local Privilege Escalation
/ Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char code=0x68,0x00,0x02,0x00,0x00, //push 0x200...
Kaspersky AntiVirus ""klif.sys"" Privilege Escalation Vulnerability
No description provided by source. / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include windows.h undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet; unsigned char...
Kaspersky AntiVirus - klif.sys Local Privilege Escalation
Kaspersky AntiVirus - klif.sys Local Privilege Escalation / Added NOSTRICT to 1 on line 2 /str0ke ! milw0rm.com / define NOSTRICT 1 include undef STRICT PUCHAR pCodeBase=PUCHAR0xBE9372C0; PDWORD pJmpAddress=PDWORD0xBE9372B0; PUCHAR pKAVRets=PUCHAR0xBE935087,PUCHAR0xBE935046; PUCHAR pKAVRet;...
WFTPD Server 3.21 - Remote Buffer Overflow
WFTPD Server 3.21 - Remote Buffer Overflow / WFTPD buffer overflow exploit, c axl 2004, [email protected] Discovered by the very same guy :p Tested WFTPD versions: - WFTPD Pro Server 3.21 Release 1 trial latest version - WFTPD Pro Server 3.20 Release 2 trial - WFTPD Server 3.21 Release 1 trial...
WFTPD Server <= 3.21 Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits =================================================== WFTPD Server pragma commentlib, "ws232.lib" include include define MAXLINE 0x1000 //define OLDCODE // Try not to uncomment this... ifdef OLDCODE static char retaddr = "\xAC\x9C\xEC\x77"; /...
ms.winhelp.exploit.txt
Date: Mon, 24 May 1999 07:18:23 +0100 From: Mnemonix To: [email protected] Subject: Exploit and Analysis of the Winhlp32.exe buffer overrun. Analysis of the winhlp32.exe buffer overrun. The buffer overrun in winhlp32.exe occurs when it attempts to read a cnt file with an overly lon...