Microsoft HTML Help Compiler 4.74.8702.0 - Local Overflow (SEH)

Microsoft HTML Help Compiler 4.74.8702.0 - Local Overflow SEH !/usr/bin/env python Exploit Title: Microsoft HTML Help Compiler SEH Based Overflow Date: 2015-08-13 Exploit Author: St0rn Twitter: st0rnpentest Vendor Homepage: www.microsoft.com Software Link:...

MASM32 Quick Editor Buffer Overflow

!/usr/bin/env python Exploit Title: MASM32 quick editor .QSE SEH Based Buffer Overflow ASLR & SAFESEH bypass Date: 2015-08-15 Exploit Author: St0rn Twitter: st0rnpentest Vendor Homepage: http://www.masm32.com/ Software Link: http://www.masm32.com/masmdl.htm Version: MASM32 11 qeditor 4.0g Tested...

Microsoft HTML Help Compiler 4.74.8702.0 - Local Overflow (SEH)

!/usr/bin/env python Exploit Title: Microsoft HTML Help Compiler SEH Based Overflow Date: 2015-08-13 Exploit Author: St0rn Twitter: st0rnpentest Vendor Homepage: www.microsoft.com Software Link:...

linux/x86 /bin/sh ROL/ROR Encoded Shellcode

Custom shellcode encoder/decoder that switches between byte ROR and byte ROL 1. Update eRORoROL-encoder.py with your shellcode 2. Run eRORoROL-encoder.py 3. Copy output from eRORoROL-encoder.py and update eRORoROL-decoder.nasm 4. Run eRORoROLcompile.sh -----eRORoROL-encoder.py BEGIN CODE-----...

Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free

Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free. Shellcode exploit for win32 platform / This file was automatically generated by mkhex.sh, which, together with the complete and heavily commented assembly source code for this shellcode, is available at...

Linux x86 - /bin/sh ROL/ROR Encoded Shellcode

Linux x86 - /bin/sh ROL/ROR Encoded Shellcode. Shellcode exploit for linx86 platform Custom shellcode encoder/decoder that switches between byte ROR and byte ROL 1. Update eRORoROL-encoder.py with your shellcode 2. Run eRORoROL-encoder.py 3. Copy output from eRORoROL-encoder.py and update...

Linux x86 Egg Hunter Shellcode 19 bytes

Linux x86 Egg Hunter Shellcode 19 bytes. Shellcode exploit for linx86 platform / Title: Linux x86 Egg Hunter Shellcode 19 bytes Date: 4 August 2015 Author: Guillaume Kaddouch Website: http://networkfilter.blogspot.com Twitter: @gkweb76 Tested on: Ubuntu 14.04.2 LTS x86, Kali Linux 1.0.9 x86 This...

PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow Exploit

PCMan FTP Server version 2.0.7 PUT command buffer overflow exploit that spawns a bindshell on tcp/9988. !/usr/bin/python title: PCMan FTP Server v2.0.7 Buffer Overflow - PUT Command author: @shipcod3 Jay Turla nc 9988 Tested on Windows XP Service Pack 3 - English description: Buffer overflow is...

PCMan FTP Server 2.0.7 - PUT Remote Buffer Overflow

PCMan FTP Server 2.0.7 - PUT Remote Buffer Overflow !/usr/bin/python title: PCMan FTP Server v2.0.7 Buffer Overflow - PUT Command author: @shipcod3 Jay Turla nc 9988 Tested on Windows XP Service Pack 3 - English description: Buffer overflow is triggered upon sending long string using the command...

Tomabo MP4 Player 3.11.3 - '.m3u' Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Tomabo MP4 Player 3.11.3 - .m3u SEH Buffer Overflow Date: 03/08/2015 Exploit Author: Saeid Atabaki E-Mail: bytecod3r gmail.com, saeid Nsecurity.org Linkedin: https://www.linkedin.com/in/saeidatabaki Vendor Homepage: http://tomabo.com/mp4-player/index.html Version:...

Tomabo MP4 Player 3.11.3 SEH Buffer Overflow

!/usr/bin/python Exploit Title: Tomabo MP4 Player 3.11.3 - .m3u SEH Buffer Overflow Date: 03/08/2015 Exploit Author: Saeid Atabaki E-Mail: bytecod3r gmail.com, saeid Nsecurity.org Linkedin: https://www.linkedin.com/in/saeidatabaki Vendor Homepage: http://tomabo.com/mp4-player/index.html Version:...

PCMan FTP Server 2.0.7 PUT Buffer Overflow

!/usr/bin/python title: PCMan FTP Server v2.0.7 Buffer Overflow - PUT Command author: @shipcod3 Jay Turla nc 9988 Tested on Windows XP Service Pack 3 - English description: Buffer overflow is triggered upon sending long string using the command PUT to PCMAN FTP 2.07 import socket import sys...

Heroes Of Might And Magic III .h3m Map File Buffer Overflow Exploit

This Metasploit module embeds an exploit into an uncompressed map file .h3m for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution. This module requires Metasploit: http://metasploit.com/downloa...

Heroes of Might and Magic III .h3m Map file Buffer Overflow

This module embeds an exploit into an uncompressed map file .h3m for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution. This module requires Metasploit: https://metasploit.com/download Current...

Multiple OS Malicious Shellcode Remote Code Execution

Numerous shellcodes exist that aim at exploiting remote machines, in order to take control over them or run malicious code. The download or transfer of these payloads might indicate an attack is underway...

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution Exploit

Exploit for windows platform in category local exploits / Exploit Title : Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution Date : 2015-07-29 Exploit Author : John AAkerblom, Pierre Lindblad Website: http://h3minternals.net Vendor Homepage : 3do.com defunct,...

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution

/ Exploit Title : Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution Date : 2015-07-29 Exploit Author : John AAkerblom, Pierre Lindblad Website: http://h3minternals.net Vendor Homepage : 3do.com defunct, https://sites.google.com/site/heroes3hd/ Version : 4.0.0.0 AND HoMM 3 HD...

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution / Exploit Title : Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution Date : 2015-07-29 Exploit Author : John AAkerblom, Pierre Lindblad Website: http://h3minternals.net Vendor Homepage : 3do.com defunct,...

Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution Exploit

Foxit Reader versions 7.0.8 through 7.1.5 suffer from a PNG conversion parsing tEXt chunk arbitrary code execution vulnerability. Exploit Title: Foxit Reader PNG Conversion Parsing tEXt chunk - Arbitrary Code Execution Date: 07/07/2015 Exploit Author: Sascha Schirra Vendor Homepage:...

Foxit Reader - '.png' Conversion Parsing tEXt Chunk Arbitrary Code Execution

Exploit Title: Foxit Reader PNG Conversion Parsing tEXt chunk - Arbitrary Code Execution Date: 07/07/2015 Exploit Author: Sascha Schirra Vendor Homepage: https://www.foxitsoftware.com Software Link: https://www.foxitsoftware.com/downloads/ Version: 7.0.8 - 7.1.5 maybe also older versions tested...