Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)

/ Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) + sigaction() Shellcode (52 Bytes)

Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL + sigaction Shellcode 52 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Date: 2018-09-24 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-09-24 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information...

Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)

/ Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode global start section .text ;zeroing ecx xor ecx,ecx start: ;increment inc ecx ;sigaction syscall number push byte 67 pop ea...

Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes)

Linux/x86 - Egghunter 0x50905090 + sigaction Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux Date: 2018-09-19 This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode...

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

/ Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $...

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Date: 2018-09-18 Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System...

Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)

/ Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o polyaddusershellcode -z execstack -fno-stack-protector polyaddusershellcode.c / / Disassembly of section...

Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

/ Title: Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o xorencodedshellcode -z execstack -fno-stack-protector xorencodedshellcode.c / / Disassembly of section .text: 08048060 : 804806...

Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)

/ Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o readfileshellcode -z execstack -fno-stack-protector readfileshellcode.c / / Disassembly of section .text: 08048060 :...

Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

/ Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o polyhostsshellcode -z execstack -fno-stack-protector polyhostsshellcode.c / / Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51 pus...

Linux/86 - File Modification (/etc/hosts 127.1.1.1 google.com) + Polymorphic Shellcode (99 bytes)

Linux/86 - File Modification /etc/hosts 127.1.1.1 google.com + Polymorphic Shellcode 99 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o...

Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes)

Linux/x86 - Read File /etc/passwd + MSF Optimized Shellcode 61 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 g...

Linux/x86 - Add Root User (r00t/blank) + Polymorphic Shellcode (103 bytes)

Linux/x86 - Add Root User r00t/blank + Polymorphic Shellcode 103 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc...

Easy File Sharing Web Server 6.9 Buffer Overflow Exploit

Easy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP. !/usr/bin/python Exploit Title: Easy File Sharing Web Server 6.9 - 'POST' msg.ghp 'UserID' Remote Buffer Overflow SEHDEP Bypass + ROP Google Dork: intitle:"Login - powered by...

DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: DVD Photo Slideshow Professional 8.07 - Buffer Overflow SEH Exploit Author:T3jv1l Vendor Homepage:http://www.dvd-photo-slideshow.com/ Software:www.dvd-photo-slideshow.com/dpsinstall.exe Category:Local...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)

Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Date: 2018-08-31 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara Syste...

iSmartViewPro 1.5 DDNS Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'DDNS/IP/DID' Buffer Overflow Discovery by: Luis Martinez Discovery Date: 2018-09-03 Vendor Homepage: https://securimport.com/ Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested Version: 1.5...

iSmartViewPro 1.5 - DDNS Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: iSmartViewPro 1.5 - 'DDNS/IP/DID' Buffer Overflow Discovery by: Luis Martinez Vendor Homepage: https://securimport.com/ Software Link:...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...