Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)

Title: Linux/x86 - Bind 4444/TCP Shell + IPv6 Shellcode 100 bytes Length : 100bytes Author: Kartik Durg Write-up Link: https://iamroot.blog/2018/07/17/0x1-shellbindtcpipv6-linux-x86/ Tested on: Ubuntu 16.0.4.1 i686 / global start section .text start: ;References: ;1http://syscalls.kernelgrok.com/...

Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)

Linux/x86 - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 100 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - Bind 4444/TCP Shell + IPv6 Shellcode 100 bytes Length : 100bytes Author: Kartik Durg Write-up Link: https://iamroot.blog/2018/07/17/0x1-shellbindtcpipv6-linux-x86/ Tested...

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

/ ; Title : Reverse Shell IPv6 with Password - Shellcode ; Author : Hashim Jawad @ihack4falafel ; OS : Linux kali 4.15.0-kali2-amd64 1 SMP Debian 4.15.11-1kali1 2018-03-21 x8664 GNU/Linux ; Arch : x8664 ; Size : 115 bytes section .text global start start: ; int socketint domain, int type, int...

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

Linux/x64 - Reverse ::1:1337/TCP + IPv6 + Password pwnd Shellcode 115 bytes. Shellcode exploit for Linuxx86-64 platform / ; Title : Reverse Shell IPv6 with Password - Shellcode ; Author : Hashim Jawad @ihack4falafel ; OS : Linux kali 4.15.0-kali2-amd64 1 SMP Debian 4.15.11-1kali1 2018-03-21 x8664...

Linux/ARM - Bind (/TCP) Shell Shellcode (104 bytes)

/ Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the...

Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes)

Linux/ARM - Bind 1234/TCP Shell /bin/sh Shellcode 104 bytes. Shellcode exploit for ARM platform / Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1...

Payload Generation Framework: SharpShooter

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw’s DotNetToJavaScript tool to invoke methods from the...

Linux/x86 - Kill Process Shellcode (20 bytes)

/ Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int main unsigned short pid = 2801; char shellcode = "\x31\xc0" / xor eax, eax / "\xb0\x25...

Linux/x86 - Kill Process Shellcode (20 bytes)

Linux/x86 - Kill Process Shellcode 20 bytes. Shellcode exploit for Linuxx86 platform / Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int...

BST (Binary String Toolkit) - Quickly And Easily Convert Binary Strings For All Your Exploit Development Needs

The Binary String Toolkit or BST for short is a rather simple utility to convert binary strings to various formats suitable for later inclusions in source codes, such as those used to develop exploits in the security field. Features Dump files content to standard output in a binary string format...

Boxoft WAV To MP3 Converter 1.1 Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter versions 1.0 and 1.1. By constructing a specially crafted WAV file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. This module requir...

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)

/ Linux/x86 - execve /bin/cat /etc//passwd shellcode 37 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 37 Greetz - Manish Kishan Tanwar,Kishan Sharma,Vardan,Himanshu,Ravi and Spirited w0lf Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51...

Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Boxoft WAV to MP3 Converter v1.1 Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter...

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode 37 bytes. Shellcode exploit for Linuxx86 platform...

Boxoft WAV to MP3 Converter v1.1 Buffer Overflow

This module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter versions 1.0 and 1.1. By constructing a specially crafted WAV file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. This module requires...

RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

Introduction Through FireEye Dynamic Threat Intelligence DTI, we observed RIG Exploit Kit EK delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner similar activity has been reported by Trend Micro. Apart from leveraging a...

The MIPS buffer overflow vulnerability practice-vulnerability warning-the black bar safety net

This practice from the learn-decrypt router vulnerability notes, and summaries. Mainly used to review and consolidate the entire process, the entire process is not very smooth, the main problem in the point that the overflow function of the address determination. This write your own exploit code ...

Audiograbber 1.83 - Local Buffer Overflow (SEH)

Audiograbber 1.83 - Local Buffer Overflow SEH Exploit Title: Audiograbber 1.83 - Local Buffer Overflow SEH Date: 2018-06-16 Exploit Author: Dennis 'dhn' Herrmann Vendor Homepage: https://www.audiograbber.org/ Version: 1.83 Tested on: Windows 7 SP1 x86 !/usr/bin/env python $Id: exploit.py,v 1.0...

Audiograbber 1.83 - Local Buffer Overflow (SEH)

Exploit Title: Audiograbber 1.83 - Local Buffer Overflow SEH Date: 2018-06-16 Exploit Author: Dennis 'dhn' Herrmann Vendor Homepage: https://www.audiograbber.org/ Version: 1.83 Tested on: Windows 7 SP1 x86 !/usr/bin/env python $Id: exploit.py,v 1.0 2018/06/16 13:25:59 dhn Exp $ Tested with Window...

Easy Chat Server 3.1 Add User Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python ---------------------------------------------------------------------------------------------------------- Exploit Title : Easy Chat Server 3.1 - 'Add user' Local Buffer Overflow Exploit Author : Hashim Jawad -...