Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 28 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-08-30 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi...

Reversing malware in a custom format: Hidden Bee elements

Malware can be made of many components. Often, we encounter macros and scripts that work as malicious downloaders. Some functionalities can also be achieved by position-independent code—so-called shellcode. But when it comes to more complex elements or core modules, we almost take it for granted...

Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)

include include include include using namespace std; / Title: WoW64Egghunter for Windows 10 32bit apps on 64bit Windows 10 Size: 50 bytes Date: 26/08/2018 Author: n30m1nd - https://www.exploit-db.com/author/?a=8766 Works in: 32 bit processes on a 64 bit Windows 10 OS How to: Compile under Visual...

Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)

/ Title: Linux/ARM - execve"/bin/sh", "/bin/sh", NULL Shellcode 32 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

/ Title: Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes Author: Antonio execve/bin/sh shellcode for MIPS64 tested on MIPS Malta - Linux debian-mips64el 4.9.0-3-5kc-malta 48 bytes gcc -fno-stack-protector -z execstack main.c -o main -g adp, SLAE - 1326, 2018. / include include / .text .global sta...

Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode

/ Exploit Title: Linux x86 Dual Network Stack IPv4 and IPv6 Bind TCP Shellcode Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment1-bindshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connected from Kali 2018.2 This shellcode will...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-08-30 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara...

Linux/x86 - Reverse TCP (fd15:4ba5:5a2b:1002:61b7:23a9:ad3d:5509:1337/TCP) Shell (/bin/sh) + IPv6 Shellcode (Generator) (94 bytes)

Linux/x86 - Reverse TCP fd15:4ba5:5a2b:1002:61b7:23a9:ad3d:5509:1337/TCP Shell /bin/sh + IPv6 Shellcode Generator 94 bytes. Shellcode exploit for Lin... !/usr/bin/env python3 Exploit Title: Linux x86 IPv6 Reverse TCP Shellcode Generator 94 bytes Date: 2018-08-26 Shellcode Author: Kevin Kirsche...

Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)

Linux/ARM - execve"/bin/sh", "/bin/sh", NULL Shellcode 32 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - execve"/bin/sh", "/bin/sh", NULL Shellcode 32 Bytes Date: 2018-08-16 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi...

Linux/x86 - Bind (1337/TCP) Shell (/bin/sh) + (Dual IPv4 and IPv6) Shellcode (146 bytes)

Linux/x86 - Bind 1337/TCP Shell /bin/sh + Dual IPv4 and IPv6 Shellcode 146 bytes. Shellcode exploit for Linuxx86 platform / Exploit Title: Linux x86 Dual Network Stack IPv4 and IPv6 Bind TCP Shellcode Date: 2018-08-18 Shellcode Author: Kevin Kirsche Shellcode Repository:...

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes. Shellcode exploit for LinuxMIPS platform / Title: Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes Date: 2018-08-10 Author: Antonio execve/bin/sh shellcode for MIPS64 tested on MIPS Malta - Linux debian-mips64el 4.9.0-3-5kc-malta 48 bytes gcc...

Peinjector

This module will inject a specified windows payload into a target executable. require 'rex' class MetasploitModule 'Peinjector', 'Description' = %q This module will inject a specified windows payload into a target executable. , 'License' = MSFLICENSE, 'Author' = 'Maximiliano Tedesco ', 'Platform'...

UltraISO 9.7.1.3519 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: UltraISO 9.7.1.3519 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Vendor Homepage: https://www.ultraiso.com Software Link Download : https://www.ultraiso.com/download.html Tested on:...

SharpShooter - Payload Generation Framework

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw's DotNetToJavaScript tool to invoke methods from the...

Valve: Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection

With the vulnerability of the GoldSource Engine, the server is able to perform remote code execution on the client, overwriting the stack when reading the BMP file. The problem is in the LoadBMP8 function, which is executed when the player connects to the server, by loading the...

SEIG SCADA System 9 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Vendor Homepage: https://www.schneider-electric.com Software Link:...

SEIG Modbus 3.4 - Remote Code Execution

Title: SEIG Modbus 3.4 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link: https://github.com/hdbreaker/Ricnar-Exploit-Solutions/tree/master/Medium/CVE-2013-0662-SEIG-Modbus-Driver-v3.34/VERSION%203.4 Version: v3.4...

SEIG SCADA System 9 Remote Code Execution

Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link: https://www.schneider-electric.ie/en/download/document/V9Fullinstallationpackageregisterandreceivefile/ Version: v9 Tested on: Windows7 x...

wePWNise - Generates Architecture Independent VBA Code To Be Used In Office Documents Or Templates And Automates Bypassing Application Control And Exploit Mitigation Software

wePWNise is proof-of-concept Python script which generates VBA code that can be used in Office macros or templates. It was designed with automation and integration in mind, targeting locked down environment scenarios. The tool enumerates Software Restriction Policies SRPs and EMET mitigations and...

Foxit Reader 9.0.1.1049 Use-After-Free

%PDF 1 0 obj 2 0 obj /S /JavaScript /JS / --------------------------------------------------------------------------------------------------- Exploit Title : Foxit Reader RCE with DEP bypass on Heap with shellcode Date : 08/04/2018 4 Aug Exploit Author : Manoj Ahuje Tested on : Windows 7 Pro x32...