Windows/x64 - Reverse TCP (192.168.201.11:4444) Shellcode (330 Bytes)

Title: Windows/x64 - Reverse TCP 192.168.201.11:4444 Shellcode 330 Bytes Author: Xenofon Vassilakopoulos Tested on: Windows/x64 - 10.0.19043 N/A Build 19043 / MIT License Copyright c 2021 Xenofon Vassilakopoulos Permission is hereby granted, free of charge, to any person obtaining a copy of this...

CloudMe 1.11.2 - Buffer Overflow ROP (DEP,ASLR) Exploit (2)

Exploit Title: CloudMe 1.11.2 - Buffer Overflow ROP DEP,ASLR Exploit Author: Bobby Cooke boku CVE: CVE-2018-6892 Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: 1.11.2 Tested On: Windows 10 x64 - 10.0.19041 Build 19041 Script:...

Windows/x86 - Download using mshta.exe Shellcode (100 bytes)

Shellcode Title: Windows/x86 Download using mshta.exe Shellcode 100 bytes Shellcode Author: Siddharth Sharma Shellcode Length: 100 bytes Tested on: WIN7x86 / Description Simply, instead of using mshta.exe to download file as: mshta.exe http://:/ , We could use below shellcode that does the same...

10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH) (ASLR + DEP Bypass)

Exploit Title: 10-Strike Bandwidth Monitor 3.9 - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: 2020-07-07 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pro 1909 x86 Version:...

Bandwidth Monitor 3.9 Full ROP Buffer Overflow

Exploit Title: Bandwidth Monitor 3.9 - Full ROP Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pro 1909 x86 Version:...

Windows x86 Pingback, Reverse TCP Inline

Connect back to attacker and report UUID Windows x86 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 307 include Msf::Payload::Windows include Msf::Payload::Single include...

Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow

Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Version v4.2 Tested on: Windows 7 SP1 EN x86...

Axessh 4.2 - (Log file name) Local Stack-based Buffer Overflow Exploit

Exploit for windows platform in category local exploits Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link:...

Windows x86 - Hide Console Window Shellcode (182 bytes)

Windows x86 - Hide Console Window Shellcode 182 bytes. Shellcode exploit for Winx86 platform / MIT License Copyright c 2017 Ege Balcı Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the...

All Windows Null-Free Shellcode - Functional Keylogger to File - 601 0x0259 bytes

All Windows Null-Free Shellcode - Functional Keylogger to File - 601 0x0259 bytes. Shellcode exploit for windows platform / ; Exploit Title: All windows null free shellcode - functional keylogger to file - 601 0x0259 bytes ; Date: Sat May 7 19:32:08 GMT 2016 ; Exploit Author: Fugu ; Vendor...

Windows XP SP3 English MessageBoxA Shellcode - 87 bytes

No description provided by source. / Title: Windows XP SP3 English MessageBoxA Shellcode 87 bytes Date: August 20, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Tested on: Windows XP SP3 En Thanks: ishtus Greetz: Astalavista, OffSEC, Exploit-DB Exploit-DB Notes: Tested under Windows...

Alt-N WebAdmin 2.0.x USER Parameter Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. /...

Windows 9x/NT/2k/XP Reverse Generic Shellcode without Loader 249 bytes

No description provided by source. We use the PEB for the Output/Input/Error Handles. typedef struct PEB BOOLEAN InheritedAddressSpace ; BOOLEAN ReadImageFileExecOptions ; BOOLEAN BeingDebugged ; BOOLEAN Spare ; HANDLE Mutant ; PVOID ImageBaseAddress ; PPEB LDR DATA LoaderData ; PRTL USER PROCESS...

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

Exploit for windows platform in category local exploits ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to...

win32/xp sp2 ARABIC (ar) Message Box Shellcode (87 bytes)

Title : Windows XP SP2 ARABIC ar Message Box Shellcode 87 bytes Author :TrOoN E-mail : email protected | Facebook : www.facebook.com/fysl.fyslm Home : city 617 logts : Draria . algeria Web Site : www.1337day.com platform : WinDows sp2 arabiC Type : shell COde | etc... WARNING : Windows XP SP2...

D.R. Software Audio Converter 8.1 Buffer Overflow

!/usr/bin/perl +Exploit Title: D.R. Software Audio Converter 8.1 DEP Bypass Exploit +Date: 13\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://download.cnet.com/Audio-Converter/3000-21404-10045287.html +Found By: Sud0 from Corelan Teamhttp://www.exploit-db.com/exploits/13760/ or also created...

D.R. Software Audio Converter 8.1 - DEP Bypass

!/usr/bin/perl +Exploit Title: D.R. Software Audio Converter 8.1 DEP Bypass Exploit +Date: 13\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://download.cnet.com/Audio-Converter/3000-21404-10045287.html +Found By: Sud0 from Corelan Teamhttp://www.exploit-db.com/exploits/13760/ or also created...

A-PDF All to MP3 2.3.0 - Universal DEP Bypass

A-PDF All to MP3 2.3.0 - Universal DEP Bypass !/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/A Dep bypa...

A-PDF All to MP3 2.3.0 - Universal DEP Bypass

!/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/A Dep bypass method: LoadLibraryA"kernel32.dll" +...

A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit

Exploit for windows platform in category local exploits !/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/...