Easy CD DVD Copy 1.3.24 Buffer Overflow

!/usr/bin/python Exploit Title : Easy CD DVD Copy v1.3.24 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.divxtodvd.net/index.htm Vulnerable Software: http://www.divxtodvd.net/easycddvdcopy.exe Test...

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

SWAMI KARUPASAMI THUNAI Exploit Title: Allok Video Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable Software: Allok Video Converter Vendor Homepage:...

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow SEH !/usr/bin/python Exploit Title : Easy CD DVD Copy v1.3.24 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.divxtodvd.net/index.htm Vulnerable...

Linux/x86 - EggHunter + Null-Free Shellcode (11 Bytes)

Linux/x86 - EggHunter + Null-Free Shellcode 11 Bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - EggHunter Shellcode 11 Bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 11 Description: Smallest Null-Free Egg Hunter Shellcode - 11 Bytes Details: 1. Work...

CVE-2011-3178

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode...

Code injection

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode...

CVE-2011-3178 openbuildservice webui code injection

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode...

CVE-2011-3178

In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode...

Linux/x86 execve /bin/sh Shellcode (18 bytes)

/ Linux/x86 - execve /bin/sh shellcode 18 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 18 Disassembly of section .text: 08048060 : 8048060: 6a 0b push 0xb 8048062: 58 pop eax 8048063: 53 push ebx 8048064: 68 2f 2f 73 68 push 0x68732f2f 8048069: 68 2f 62 69 6e push...

Linux/x86 exit(0) Shellcode (5 bytes)

/ Smallest Linux/x86 - exit0 shellcode 5 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 5 exitchotu: file format elf32-i386 Disassembly of section .text: 08048060 : 8048060: 6a 01 push 0x1 8048062: 58 pop eax 8048063: cd 80 int 0x80 ===============POC by Anurag...

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

Linux/x86 - execve/bin/sh Shellcode 18 bytes. Shellcode exploit for Linuxx86 platform / Linux/x86 - execve /bin/sh shellcode 18 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 18 Disassembly of section .text: 08048060 : 8048060: 6a 0b push 0xb 8048062: 58 pop eax...

MikroTik RouterOS 6.41.36.42rc27 - SMB Buffer Overflow

MikroTik RouterOS 6.41.36.42rc27 - SMB Buffer Overflow !/usr/bin/env python import socket import struct import sys import telnetlib NETBIOSSESSIONMESSAGE = "\x00" NETBIOSSESSIONREQUEST = "\x81" NETBIOSSESSIONFLAGS = "\x00" trick from http://shell-storm.org/shellcode/files/shellcode-881.php will...

MikroTik RouterOS 6.38.4 (MIPSBE) - Chimay Red Stack Clash Remote Code Execution

MikroTik RouterOS 6.38.4 MIPSBE - Chimay Red Stack Clash Remote Code Execution !/usr/bin/env python3 Mikrotik Chimay Red Stack Clash Exploit by BigNerd95 Tested on RouterOS 6.38.4 mipsbe using a CRS109 Used tools: pwndbg, rasm2, mipsrop for IDA I used ropper only to automatically find gadgets ASL...

Xion 1.0.125 - .m3u Local SEH-Based Unicode Venetian Exploit

Exploit for windows platform in category local exploits !/usr/bin/perl Title: Xion 1.0.125 .m3u File Local SEH-based Unicode The “Venetian” Exploit Vulnerability Type: Execute Code, Overflow UTF-16LE buffer, Memory corruption Date: Feb 18, 2018 Author: James Anderson synthetic Original Advisory:...

Adobe Flash Player Use After Free Remote Code Execution Vulnerability(CVE-2018-4878)

EXECUTIVE SUMMARY The 1st of February, Adobe published an advisory concerning a Flash vulnerability CVE-2018-4878. This vulnerability is a use after free that allows Remote Code Execute through a malformed Flash object. Additionally KISA Korean CERT published an advisory about a Flash 0-day used ...

Disk Savvy Enterprise 10.4.18 Buffer Overflow

Exploit Title: Disk Savvy Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 01/02/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.disksavvy.com/ Software Link: http://www.disksavvy.com/setups/disksavvyentsetupv10.4.18.exe Version: 10.4.18 CVE:...

NoMachine x86 < 6.0.80 - nxfuse Privilege Escalation Exploit

Exploit for windows platform in category local exploits include “stdafx.h” include define DEVICE L”\\.\nxfs-709fd562-36b5-48c6-9952-302da6218061″ define DEVICE2 L”\\.\nxfs-net-709fd562-36b5-48c6-9952-302da6218061709fd562-36b5-48c6-9952-302da6218061” define IOCTL 0x00222014 define IOCTL2...

Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)

Exploit Title: Disk Savvy Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 01/02/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.disksavvy.com/ Software Link: http://www.disksavvy.com/setups/disksavvyentsetupv10.4.18.exe Version: 10.4.18 CVE:...

Disk Pulse Enterprise 10.4.18 - &#039;Import Command&#039; Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Disk Pulse Enterprise v10.4.18 - 'Import Command' Buffer Overflow SEH Date: 2018-01-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.diskpulse.com Software Link:...

VENOM 1.0.15 - Metasploit Shellcode Generator/Compiler/Listener

The script will use msfvenom metasploit to generate shellcode in diferent formats c | python | ruby | dll | msi | hta-psh injects the shellcode generated into one template example: python "the python funtion will execute the shellcode into ram" and uses compilers like gcc gnu cross compiler or...