4072 matches found
QNX 6.4.x/6.5.x ifwatchd - Local root Exploit
No description provided by source. !/bin/sh QNX 6.4.x/6.5.x ifwatchd local root exploit by cenobyte 2013 [email protected] - vulnerability description: Setuid root ifwatchd watches for addresses added to or deleted from network interfaces and calls up/down scripts for them. Any user can...
htpasswd Apache 1.3.31 - Local Exploit
No description provided by source. !/usr/bin/perl Proof Of Concept exploit for htpasswd of Apache. Read the advisory for more information. - Luiz Fernando Camargo - foxtrotatflowsecurity.org $shellcode = \x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68...
rsync <= 2.5.7 - Local stack overflow Root Exploit
No description provided by source. / rsync = 2.5.7 Local Exploit Saved EIP on stack is overwritten with address of shellcode in memory Generally rsync is not setuid or setgid so just a local shell is of no use So i used a portbinding shellcode as a PoC of a different attack vector. RET is...
BitchX <= 1.0c20 Local Buffer Overflow Exploit
No description provided by source. / Tested on BitchX-1.0c19 /str0ke / / P.o.C Exploit Code for BitchX made for Version BitchX-1.0c20cvs -- Date 20020325 C 2004. GroundZero Security Research and Software Development http://www.groundzero-security.com released under the GNU GPL -...
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4)
No description provided by source. usage: exploit.py print print Destiny Media Player 1.61 .lst File Local Stack Overflow Exploit\n print Founder: Encrypt3d.M!nd print exploit & code: Stack print Tested on: Windows XP Pro SP2 Fr\n print Greetings to: print All friends \n print buff = \x41 2052 EI...
HexChat 2.9.4 - Local Exploit
No description provided by source. !/usr/bin/python HexChat 2.9.4 Local Exploit Bug found by Jules Carter @iMulitia Exploit by Matt hostess Andreko mandreko at accuvant.com http://www.mattandreko.com/2013/04/buffer-overflow-in-hexchat-294.html junk1 = B30 shellcode = msfvenom -p windows/messagebo...
Euphonics Audio Player 1.0 - (.pls) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w ----------------------------------------------------------------------------- Author : h4ck3r47 Euphonics Audio Player v1.0 .pls Local Buffer Overflow Exploit Tested in Windows Pro Sp3 English Gr33tz to : str0ke , T.N.T:18 , AlpHaNiX , All...
Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed...
Juergen Weigert screen 3.9 User Supplied Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1641/info Various format string vulnerabilities exist in versions 3.9.5 and prior of 'screen' that may allow local users to elevate their privileges. If screen is setuid root, it is possible to alter the contents of the...
Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit
No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...
Xsok 1.02 - "-xsokdir" Local Buffer Overflow Game Exploit
No description provided by source. / 0x333xsok 2 = xsok 1.02 local game exploit Happy new year ! 2 : coded by c0wboy c 0x333 Outsiders Security Labs / www.0x333.org / include stdio.h include unistd.h define BIN /usr/games/xsok define RETADD 0xbffffa3c define SIZE 200 unsigned char shellcode = /...
UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow Exploit 2
No description provided by source. ultra iso exploit thomas . pollet @ gmail . com import struct scode=metasploit calc.exe shellcode \xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49 \x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36...
Windows Escalate UAC Protection Bypass
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
Solaris 10 libnspr - constructor Local Root Exploit
No description provided by source. !/bin/sh $Id: raptorlibnspr3,v 1.1 2006/10/24 15:54:57 raptor Exp $ raptorlibnspr3 - Solaris 10 libnspr constructor exploit Copyright c 2006 Marco Ivaldi [email protected] Local exploitation of a design error vulnerability in version 4.6.1 of NSPR, as...
Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit
No description provided by source. / 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3...
Oracle Solaris - 'su' Local Solaris Vulnerability
No description provided by source. From http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/su/su.c 521 for j = 0; initenvj != 0; j++ 1 522 if initvar = getenvinitenvj 2 ... 535 else 536 var = char 537 mallocstrleninitenvj 3 538 + strleninitvar 539 + 2; 540 void strcpyvar, initenvj;...
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
No description provided by source...
Linux Kernel 2.6.10 File Lock Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12949/info A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. An attacker may leverage this...
SudoEdit 1.6.8 - Local Change Permission Exploit
No description provided by source...
PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...