75 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005654)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005654 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fix infinite loop when wear-leveling work failed Following process will trigger...
EUVD-2006-6602
Malware in sbrugna...
EUVD-2005-3285
Malware in sbrugna...
EUVD-2025-31925
Malicious code in bioql PyPI...
PT-2025-40188
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to wear-leveling within the UBI Unsorted Block Image subsystem. A flaw in the ubi wl put peb function can lead to an infinite loop under...
DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware
Introduction In February 2024, we discovered a new malware campaign targeting government entities in the Middle East. We dubbed it "DuneQuixote"; and our investigation uncovered over 30 DuneQuixote dropper samples actively employed in the campaign. These droppers, which exist in two versions –...
Windows/x64 - PIC Null-Free Calc.exe Shellcode (169 Bytes)
import ctypes, struct from keystone import Shellcode Author: Senzee Shellcode Title: Windows/x64 - PIC Null-Free Calc.exe Shellcode 169 Bytes Date: 07/26/2023 Platform: Windows x64 Tested on: Windows 11 Home/Windows Server 2022 Standard/Windows Server 2019 Datacenter OS Version respectively:...
Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode
; Name: Windows/x64 - Delete File shellcode / Dynamic PEB method null-free Shellcode ; Author: Nayani ; Tested on: Microsoft Windows Version 10.0.22621 Build 22621 ; Description: ; This an implementation of DeleteFileA Windows api to delete a file in the C:/Windows/Temp/ directory. ; To test this...
Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes
; Title: Name: Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes ; Author: Xavi Beltran ; Contact: email protected ; Website: https://xavibel.com/2023/01/18/shellcode-windows-x86-create-administrator-user-dynamic-peb-edt/ ; Date: 18/01/2022 ; Tested...
Windows/x86 Download File / Execute Shellcode (458 bytes)
; Exploit Title: Windows/x86 - Download File and Execute / Dynamic PEB & EDT method Shellcode 458 bytes ; Exploit Author: Techryptic @Tech ; Date: 2022-01-31 ; Tested on: WIN7X86 ; Shoutout to 848 Advanced Software Exploitation and DSU. ; Description: ; The shellcode works in three parts. The fir...
Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode (415 bytes)
; Name: Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode 415 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this...
Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes
; Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes ; Description: ; This is a shellcode that pop a calc.exe. The shellcode iuses ; the PEB method to locate the baseAddress of the required module and the Export Directory Table ; to locate symbols. Als...
Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)
; Name: Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode 230 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This is a shellcode that ; pop a MessageBox and show the text "Pwn3d by h4pp1n3ss". In order to accomplish...
Windows/x64 - Reverse TCP (192.168.201.11:4444) Shellcode (330 Bytes)
Title: Windows/x64 - Reverse TCP 192.168.201.11:4444 Shellcode 330 Bytes Author: Xenofon Vassilakopoulos Tested on: Windows/x64 - 10.0.19043 N/A Build 19043 / MIT License Copyright c 2021 Xenofon Vassilakopoulos Permission is hereby granted, free of charge, to any person obtaining a copy of this...
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
Shellcode Title: Windows/x64 - Dynamic NoNull Add RDP Admin BOKU:SP3C1ALM0V3 Shellcode 387 Bytes Shellcode Author: Bobby Cooke boku Tested on: Windows 10 v2004 x64 Compiled from: Kali Linux x8664 Full Disclosure: github.com/boku7/x64win-AddRdpAdminShellcode Shellcode Description: 64bit Windows 10...
Windows/x64 - Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes
Shellcode Title: Windows\x64 Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode 232 bytes Shellcode Author: Bobby Cooke Date: March 2020-03-17 Tested On: Windows 10 Pro 1909 x86: HelpPane.exe, notepad.exe, certutil.exe Windows 10 Pro 1909 x8664: mmc.exe, xwizard.exe ! Will onl...
Windows/x86 - Null-Free WinExec Calc.exe Shellcode (195 bytes)
Title: Windows\x86 - Null-Free WinExec Calc.exe Shellcode 195 bytes Shellcode Author: Bobby Cooke Technique: PEB & Export Directory Table Tested On: Windows 10 Pro x86 10.0.18363 Build 18363 start: ; Create a new stack frame mov ebp, esp ; Set base stack pointer for new stack-frame sub esp, 0x20 ...
Windows/10 Pro - Dynamic Null-Free PopCalc Shellcode (223 bytes)
; Shellcode Title: Dynamic, Null-Free PopCalc Shellcode 223 Bytes ; Shellcode Author: Bobby Cooke ; Technique: PEB & Export Directory Table ; Tested On: Windows 10 Pro x86 10.0.18363 Build 18363 Create a new stack frame push ebp ; push current base pointer to the stack mov ebp, esp ; Set Base Sta...
Windows/x86 - Dynamic Bind Shell + Null-Free Shellcode (571 Bytes)
Shellcode Title: Windows/x86 - Dynamic Bind Shell + Null-Free Shellcode 571 Bytes Shellcode Author: Bobby Cooke Technique: PEB & Export Directory Table Tested On: Windows 10 Pro x86 10.0.18363 Build 18363 Shellcode Function: When executed, this shellcode creates a cmd.exe bind shell, using the...
In-depth analysis of the thread and process handle leak vulnerability, under-vulnerability warning-the black bar safety net
PROCESSVM It covers the VM access permissions three types: WRITE/READ/OPERATION. The first two permissions should be self-explanatory, the third permission allows the operation of the virtual address space itself, such as modifying the page protection VirtualProtectEx or allocating memory with...