Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)

; Title: add root user toor:toor ; Date: 20180811 ; Author: epi ; https://epi052.gitlab.io/notes-to-self/ ; Tested on: linux/x8664 SMP CentOS-7 3.10.0-862.2.3.el7.x8664 GNU/Linux ; ; Shellcode Length: 99 bytes ; Action: Adds a user into /etc/passwd with the following information ; username: toor ...

Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)

Linux/x64 - Add Root User toor/toor Shellcode 99 bytes. Shellcode exploit for Linuxx86-64 platform ; Title: add root user toor:toor ; Date: 20180811 ; Author: epi ; https://epi052.gitlab.io/notes-to-self/ ; Tested on: linux/x8664 SMP CentOS-7 3.10.0-862.2.3.el7.x8664 GNU/Linux ; ; Shellcode Lengt...

CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)

CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link:...

CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)

Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1109.exe Tested on: Windows 10 Home x...

Router vulnerability reproduce the ultimate Upanishads--based on the MIPS shellcode writing-vulnerability warning-the black bar safety net

Foreword Today we talk about how in the MIPS architecture to write shellcode for. In the previous two articles, we were introduced based on the MIPS buffer overflow practice, and further how to use learn to the overflow of knowledge reproduction and verification of router vulnerabilities. But in...

Wedding Slideshow Studio 1.36 Buffer Overflow

Exploit Title: Socumsoft Wedding Slideshow Studio 1.36 Date: 02.08.2018 Exploit Author: Achilles Vendor Homepage: http://www.socusoft.com Vulnerable Software: http://www.socusoft.com/down/wedding-slideshow-studio.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the...

Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)

Linux/x86 - Reverse TCP ::FFFF:192.168.1.5:4444/TCP Shell /bin/sh + Null-Free + IPv6 Shellcode 86 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note...

Linux/ARM - Bind (4444/TCP) Shell +IPv6 Shellcode (128 Bytes)

Linux/ARM - Bind 4444/TCP Shell +IPv6 Shellcode 128 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IPv6 4444/TCP Bind Shellcode 128 Bytes Date: 2018-07-25 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP...

Wedding Slideshow Studio 1.36 - Buffer Overflow

Exploit Title: Socumsoft Wedding Slideshow Studio 1.36 Date: 02.08.2018 Exploit Author: Achilles Vendor Homepage: http://www.socusoft.com Vulnerable Software: http://www.socusoft.com/down/wedding-slideshow-studio.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the...

Microsoft Windows Defender Evasive Executable

This module allows you to generate a Windows EXE that evades against Microsoft Windows Defender. Multiple techniques such as shellcode encryption, source code obfuscation, Metasm, and anti-emulation are used to achieve this. For best results, please try to use payloads that use a more secure...

Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)

Linux/ARM - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 116 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Date: 2018-07-25 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi...

Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)

/ Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.34-v7+ 1110 SMP Mon Apr 16 15:18:51 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...

My Video Converter 1.5.24 Buffer Overflow

!/usr/bin/env python Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : [email protected] Youtube Channel : www.youtube.com/c/Pentestingwithspirit Discovey Date : 29/07/2018 Software Link...

sRDI - Shellcode Implementation Of Reflective DLL Injection

sRDI allows for the conversion of DLL files to position independent shellcode. Functionality is accomplished via two components: C project which compiles a PE loader implementation RDI to shellcode Conversion code which attaches the DLL, RDI, and user data together with a bootstrap This project i...

Threat Roundup for July 20-27

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between July 20 and 27. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

FTPShell Client 5.22 Remote Buffer Overflow

!/usr/bin/python Exploit Title : FTPShell Client 5.22 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : [email protected] Youtube Channel : www.youtube.com/c/Pentestingwithspirit Discovey Date : 17/07/2018 Software Link :...

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Title: 10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/bandwidth-monitor/download.shtml Run script, open ...

10-Strike Bandwidth Monitor 3.7 Local Buffer Overflow

Title: 10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Date: 2018-07-24 Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/bandwidth-monitor/download.shtml Run script, open up generated txt file and copy to...

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Title: 10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Date: 2018-07-24 Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link:...

10-Strike LANState 8.8 Local Buffer Overflow

Exploit Title: 10-Strike LANState 8.8 - Local Buffer Overflow SEH Date: 2018-07-24 Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/lanstate/download.shtml Version 8.8 Tested on: Windows 7 SP 1 x86 Open LANState, File -...