7104 matches found
Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?
Well I ran quake 2 using Lithium mod V 1.24 under OllyDBG and it seems that the lithium II mod for quake 2 latest PATCH 3.20 is parsing the '' in nicks. My well crafted nickname '999fffff' is being pushed onto the stack as 004144A1 |. 68 E821AF00 PUSH QUAKE2.00AF21E8 ; ASCII "0.000000 0.000000...
windows 9x/NT/2k/XP Reverse Generic Shellcode w/o Loader 249 bytes
Exploit for win32 platform in category shellcode ================================================================== Windows 9x/NT/2k/XP Reverse Generic Shellcode w/o Loader 249 bytes ================================================================== We use the PEB for the Output/Input/Error...
CVE-2002-2103
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities...
Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7)
Inject a DLL via a reflective loader. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows def...
Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7)
Uploads an executable and runs it staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows...
VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
Inject a VNC Dll via a reflective loader staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include...
Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7)
Inject the meterpreter server DLL staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows...
Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule...
Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)
Spawn a piped command shell staged. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 93 include Msf::Payload::Stager include Msf::Payload::Windows def...
Windows Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 324 include Msf::Payload::Windows include Msf::Payload::Single include...
CVE-2001-1488
Open Projects Network Internet Relay Chat IRC daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the daemon...
Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3)
!/usr/bin/perl -w emanuele@blackbox:$ perl M4DR007-hints.pl www.madroot.edu.ms Security Group WebHints Software hints.cgi Remote Command Execution Vulnerability Affected version: = all code by MadSheep 06.11.2005 hostname: localhost port: default: 80 80 path: /cgi-bin/ /cgi-bin/ your ip for rever...
Webhints 1.03 - Remote Command Execution (Perl) (3)
!/usr/bin/perl -w emanuele@blackbox:$ perl M4DR007-hints.pl www.madroot.edu.ms Security Group WebHints Software hints.cgi Remote Command Execution Vulnerability Affected version: = all code by MadSheep 06.11.2005 hostname: localhost port: default: 80 80 path: /cgi-bin/ /cgi-bin/ your ip for rever...
IPSwitch IMAP Server LOGON Remote Stack Overflow
No description provided by source. / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH...
IPSwitch IMAP Server - LOGON Remote Stack Overflow
IPSwitch IMAP Server - LOGON Remote Stack Overflow / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because o...
IPSwitch IMAP Server - LOGON Remote Stack Overflow
/ IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH checks. Thats right, in this one...
IPSwitch IMAP Server LOGON Remote Stack Overflow
Exploit for unknown platform in category remote exploits ================================================ IPSwitch IMAP Server LOGON Remote Stack Overflow ================================================ / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written...
yager524.txt
/ Yager 1 -- sending handshake UDP...done! -- reading server response UDP...done! -- server port: 1089 -- connecting to 192.168.2.100:1089 TCP...done! -- exploiting WinXP Pro SP1 GER -- ret: 0x300686bd jmp esp in binkw32.dll -- exploiting packet overflow... -- sending packet...done! -- starting...
Exim <= 4.41 dns_build_reverse Local Exploit
No description provided by source. / ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails .... not even m...
CVE-2005-1613
Cross-site scripting XSS vulnerability in member.php in Open Bulletin Board OpenBB 1.0.8 allows remote attackers to inject arbitrary web script or HTML via the reverse parameter in a list action...