1195 matches found
MASM32 11R - Crash (PoC)
MASM32 11R - Crash PoC EXPLOIT TITLE: Masm32v11r Buffer OverflowSEH overwrite crash POC AUTHOR: VIKRAMADITYA "-OPTIMUS" Date of Testing: 22nd September 2015 Download Link : http://www.masm32.com/masmdl.htm Tested On : Windows 10 Steps to Crash :- Step 1: Execute this python script Step 2: This...
MASM32 11R - Crash (PoC)
EXPLOIT TITLE: Masm32v11r Buffer OverflowSEH overwrite crash POC AUTHOR: VIKRAMADITYA "-OPTIMUS" Date of Testing: 22nd September 2015 Download Link : http://www.masm32.com/masmdl.htm Tested On : Windows 10 Steps to Crash :- Step 1: Execute this python script Step 2: This script will create a file...
Microsoft Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Source: https://code.google.com/p/google-security-research/issues/detail?id=321 The PoC triggers a crashes due to a pool buffer overflow while drawing the caption bar of window. The trigger depends on the current window layout and resolution. The PoC takes an offset on the command line to be able...
MASM32 11R - Crash POC Exploit
Exploit for windows platform in category dos / poc EXPLOIT TITLE: Masm32v11r Buffer OverflowSEH overwrite crash POC AUTHOR: VIKRAMADITYA "-OPTIMUS" Date of Testing: 22nd September 2015 Download Link : http://www.masm32.com/masmdl.htm Tested On : Windows 10 Steps to Crash :- Step 1: Execute this...
Total Commander 8.52 (Windows 10) - Local Buffer Overflow
Total Commander 8.52 Windows 10 - Local Buffer Overflow !/usr/bin/python EXPLOIT TITLE: Total Commander 8.52 Buffer Overflow AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: UnN0n Date of Testing: 19th September 2015 Download Link : http://tcmd852.s3-us-west-1.amazonaws.com/tc852x32b1.exe Tested On :...
Total Commander 8.52 - Local Buffer Overflow
!/usr/bin/python EXPLOIT TITLE: Total Commander 8.52 Buffer Overflow AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: UnN0n Date of Testing: 19th September 2015 Download Link : http://tcmd852.s3-us-west-1.amazonaws.com/tc852x32b1.exe Tested On : Windows XP Service Pack 2 Steps to Exploit Step 1: Execute...
Total Commander 8.52 Buffer Overflow
!/usr/bin/python EXPLOIT TITLE: Total Commander 8.52 Buffer Overflow AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: UnN0n Date of Testing: 19th September 2015 Download Link : http://tcmd852.s3-us-west-1.amazonaws.com/tc852x32b1.exe Tested On : Windows XP Service Pack 2 Steps to Exploit Step 1: Execute...
Total Commander 8.52 - Buffer Overflow (Windows 10) Exploit
Exploit for windows platform in category local exploits !/usr/bin/python EXPLOIT TITLE: Total Commander 8.52 Buffer Overflow AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: UnN0n Date of Testing: 19th September 2015 Download Link : http://tcmd852.s3-us-west-1.amazonaws.com/tc852x32b1.exe Tested On :...
IKEView R60 - Local Buffer Overflow (SEH)
IKEView R60 - Local Buffer Overflow SEH !/usr/bin/python EXPLOIT TITLE: IKEView R60 Buffer overflowSEH Local Exploit AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: hyp3rlinx Date of Testing: 17th September 2015 Download Link : https://www.exploit-db.com/apps/e74a3dcf9bd8a2dd05026532fbf9bb36-IKEView.exe...
FineCMS高级版前台getshell(demo成功)
简要描述: demo也shell了哦 详细说明: 看到\member\api\uc.php define'DISCUZROOT', dirnamedirnamedirnameFILE.'/member/ucenter/'; include DISCUZROOT.'api/uc.php'; 就是包含了uc的那个插件。但是这个功能只有高级版才有,免费版没有 然后uckey都是默认的 8808cer8o1UJsEpt2G2Jn0uhEn/YgEva589Mfo0 然后就可以直接getshell了 附上脚本 ! /usr/bin/env python coding=utf-8 import...
ColdFusion 9-10 - Credential Disclosure Exploit
ColdFusion...
Apache James Server 2.3.2 - Remote Command Execution
Exploit Title: Apache James Server 2.3.2 Authenticated User Remote Command Execution Date: 16\10\2014 Vendor Homepage: http://james.apache.org/server/ Software Link: http://ftp.ps.pl/pub/apache/james/server/apache-james-2.3.2.zip 版本: Apache James Server 2.3.2 Tested on: Ubuntu, Debian...
Magento eCommerce - Remote Code Execution
Magento eCommerce - Remote Code Execution Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Debugged At : Indishell Laboriginally develop...
Magento eCommerce - Remote Code Execution Exploit
Magento shoplift exploit that adds an administrator account. Flaw originally discovered by CheckPoint. Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh...
Google Chrome 43.0 - Certificate MIME Handling Integer Overflow
Google Chrome 43.0 - Certificate MIME Handling Integer Overflow ! /usr/bin/python2 import socket import sys import time kHost = '127.0.0.1' kPort = 443 def bindlisten: s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.setsockoptsocket.SOLSOCKET, socket.SOREUSEADDR, 1 s.setsockoptsocket.SOLSOCKE...
php: denial of service when processing a crafted file with Fileinfo
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service application crash or possibly execute...
php: denial of service when processing a crafted file with Fileinfo
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...
Seagate Dashboard 4.0.21.0 - Crash (PoC)
Seagate Dashboard 4.0.21.0 - Crash PoC !/usr/bin/env python Exploit Title: Crash PoC Seagate Dashboard 4.0.21.0 Date: 2015-06-20 Exploit Author: HexTitan Vendor Homepage: http://www.seagate.com/ Software Link: http://www.seagate.com/support/downloads/item/seagate-dashboard-windows-master-dl/...
Seagate Dashboard 4.0.21.0 - Crash (PoC)
!/usr/bin/env python Exploit Title: Crash PoC Seagate Dashboard 4.0.21.0 Date: 2015-06-20 Exploit Author: HexTitan Vendor Homepage: http://www.seagate.com/ Software Link: http://www.seagate.com/support/downloads/item/seagate-dashboard-windows-master-dl/ Version: 4.0.21.0 Tested on: Windows 8.1...
CVE-2015-4604
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...