BSD/x86 - setreuid(geteuid(), geteuid()) + execve("/bin/sh") Shellcode (36 bytes)

BSD/x86 - setreuidgeteuid, geteuid + execve"/bin/sh" Shellcode 36 bytes. Shellcode exploit for BSDx86 platform / bsd/x86 setreuid/exec shellcode setreuidgeteuid, geteuid and execve"/bin/sh", "/bin/sh", 0 shellcode based on hkpco's setreuid/exec shellcode for linux Tested on FreeBSD / include...

Linux/SPARC - setreuid(0,0) + execve(/bin/sh) Shellcode (64 bytes)

Linux/SPARC - setreuid0,0 + execve/bin/sh Shellcode 64 bytes. Shellcode exploit for LinuxSPARC platform / Linux/SPARC setreuid0,0; execve of /bin/sh shellcode. / char c0de = / anathema / / setreuid0,0; / "\x82\x10\x20\x7e" / mov 126, %g1 / "\x92\x22\x40\x09" / sub %o1, %o1, %o1 / "\x90\x0a\x40\x0...

Linux/x86 - setreuid() + /sbin/iptables -F + exit(0) Shellcode (76 bytes)

Linux/x86 - setreuid + /sbin/iptables -F + exit0 Shellcode 76 bytes. Shellcode exploit for Linuxx86 platform / Author: Sh3llc0d3 Environment: Linux/x86 Developed from: GNU ASM AT&T Syntax Purpose: setreuid - /sbin/iptables -F - exit0 Size: 76 bytes Website: root-exploit.com / char code =...

Linux/x86-64 - setreuid(0,0) + execve(/bin/zsh, [/bin/zsh, NULL]) + XOR Encoded Shellcode (87 bytes)

Linux/x86-64 - setreuid0,0 + execve/bin/zsh, /bin/zsh, NULL + XOR Encoded Shellcode 87 bytes. Shellcode exploit for Linuxx86-64 platform Title: Linux x86-64 setreuid 0,0 & execve"/bin/zsh", "/bin/zsh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware...

Linux/x86 - setreuid(0,0) + execve("/bin/zsh", [/bin/zsh, NULL]) + XOR Encoded Shellcode (53 bytes)

Linux/x86 - setreuid0,0 + execve"/bin/zsh", /bin/zsh, NULL + XOR Encoded Shellcode 53 bytes. Shellcode exploit for Linuxx86 platform Title: Linux x86 setreuid 0,0 & execve"/bin/zsh", "/bin/zsh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37...

Linux/SPARC - setreuid(0,0) + execve() Shellcode (72 bytes)

Linux/SPARC - setreuid0,0 + execve Shellcode 72 bytes. Shellcode exploit for LinuxSPARC platform / Linux/SPARC setreuid0, 0; necessary, /bin/sh drops privs, standard execve. / char c0de = / by michel kaempf / / setuid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x17\x91\xd0\x20\x10" / setgid 0 ; /...

Linux/x86-64 - setreuid(0,0) + execve(/bin/ksh, [/bin/ksh, NULL]) + XOR Encoded Shellcode (87 bytes)

Linux/x86-64 - setreuid0,0 + execve/bin/ksh, /bin/ksh, NULL + XOR Encoded Shellcode 87 bytes. Shellcode exploit for Linuxx86-64 platform Title: Linux x86-64 setreuid 0,0 & execve"/bin/ksh", "/bin/ksh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware...

Solaris/SPARC - setreuid(geteuid()) + setregid(getegid()) + execve(/bin/sh) Shellcode

Solaris/SPARC - setreuidgeteuid + setregidgetegid + execve/bin/sh Shellcode. Shellcode exploit for SolarisSPARC platform / Solaris shellcode - setreuidgeteuid, setregidgetegid, execve /bin/sh Claes M. Nyberg 20020124 , / include static char solariscode = / geteuid / "\x82\x10\x20\x18" / mov 24, %...

freebsd/x86 setreuid, execve(pfctl -d) 56 bytes

No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only turn the firewall off. Assembly code:...

freebsd/x86 - setreuid, execvepfctl -d 56 bytes

freebsd/x86 setreuid, execvepfctl -d 56 bytes. Shellcode exploit for freebsdx86 platform CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only...

freebsd/x86 setreuid, execve(pfctl -d) 56 bytes

Exploit for freebsd/x86 platform in category shellcode =============================================== freebsd/x86 setreuid, execvepfctl -d 56 bytes =============================================== CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 byt...

freebsd/x86 setreuid execve(pfctl -d) 56 bytes

No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group production, kid FreeBSD x86 setreuid0, 0 + execvepfctl -d 56 bytes The simples way to disable the FreeBSD's packet filter. We do not flush all rules pfctl -F all but only turn the firewall off. Assembly code:...

linux/86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode

No description provided by source. / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, eax push byte 70 pop eax int 0x80 ; execve xor eax,eax push eax pu...

linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode

linux/86 setreuidgeteuid, geteuid + execve/bin/sh shellcode. Shellcode exploit for linx86 platform / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, ea...

linux/86 setreuid(geteuid geteuid) + execve(/bin/sh) shellcode

No description provided by source. / setreuidgeteuid, geteuid + execve/bin/sh shellcode - useful for wargames and the like. global start section .text start: ; geteuid push byte 49 pop eax int 0x80 ; setreuid mov ebx, eax mov ecx, eax push byte 70 pop eax int 0x80 ; execve xor eax,eax push eax pu...

linux/x86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode

Exploit for linux/x86 platform in category shellcode =============================================================== linux/x86 setreuidgeteuid, geteuid + execve/bin/sh shellcode =============================================================== / setreuidgeteuid, geteuid + execve/bin/sh shellcode -...

DEBIAN-CVE-2008-0008

The padroproot function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from 1 setresuid, 2 setreuid, 3 setuid, and 4 seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as...

CVE-2008-0008

The padroproot function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from 1 setresuid, 2 setreuid, 3 setuid, and 4 seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as...

Apple iOS Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Payload::Osx include...

solaris/sparc executes command after setreuid (92 bytes + cmd)

No description provided by source. / bunkersparcexec.c V1.0 - Sat Oct 21 17:45:27 CEST 2006 Solaris/sparc bytecode that executes command after setreuid 92 bytes + cmd setreuid0, 0 + execve"/bin/sh", "/bin/sh","-c","cmd", NULL; bunker - http://rawlab.mindcreations.com...