Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: Microsoft Affected Product: MQ Access Control Affected Versions: 5.1.0.1110 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where Condition Impact: Privilege Escalation Attack vector: IOCTL CVE ID: CVE-2014-4971 2. Vulnerability...

Linux x86 - Socket Re-use Shellcode 50 bytes

Linux x86 - Socket Re-use Shellcode 50 bytes. CVE-2014-4943. Shellcode exploit for linx86 platform / Socket Re-use Combo for linux x86 systems by ZadYree -- 50 bytes Made using sockfd trick + dup20,0, dup20,1, dup20,2 + execve /bin/sh Thanks: Charles Stevenson, ipv, 3LRVS research team gcc -o...

D-Link Devices - 'info.cgi' POST Buffer Overflow (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link info.cgi POST Request Buffer Overflow', 'Description' = %q This module exploits an anonymous remote code execution vulnerabili...

Kolibri Web Server 2.0 - GET (SEH)

Kolibri Web Server 2.0 - GET SEH !/usr/bin/python Exploit Title : Kolibri WebServer 2.0 Get Request SEH Exploit Exploit Author : Revin Hadi S Date : 14/07/2014 Vendor : http://www.senkas.com Version : 2.0 Tested on : Windows XP SP2 Eng, Windows Server 2003 Eng, Win 7 SP1 Eng import socket, sys he...

Linux/x86 - Bind TCP (1337/TCP) Shell Shellcode (89 bytes)

Linux/x86 - Bind TCP 1337/TCP Shell Shellcode 89 bytes. Shellcode exploit for Linuxx86 platform / Title: Shell Bind TCP Shellcode Port 1337 - 89 bytes Platform: Linux/x86 Date: 2014-07-13 Author: Julien Ahrens @MrTuxracer Website: http://www.rcesecurity.com Disassembly of section .text: 00000000 ...

PCMAN FTP 2.07 PORT 命令 缓冲区溢出漏洞（0day）

No description provided by source. Exploit Title: PCMAN FTP 2.07 PORT Command Buffer Overflow Exploit Date: 07 13,2014 Exploit Author: niubl Version: 2.07 Tested on: Windows xp sp3 chinese Email: [email protected] thank for Mahmod Mahajna. i learn from him. 漏洞太多了这个版本软件 import socket as s from sys...

D-Link info.cgi POST Request Buffer Overflow

This module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is a stack based buffer overflow in the mycgi.cgi component, when handling specially crafted POST HTTP requests addresses to the /common/info.cgi handler. This module has been...

win32 / windows 7 Add Admin User Shellcode - 194 bytes

Title: Add Admin User Shellcode 194 bytes - Any Windows Version Release date: 21/06/2014 Author: Giuseppe D'Amore http://it.linkedin.com/pub/giuseppe-d-amore/69/37/66b Size: 194 byte NULL free Tested on: Win8,Win7,WinVista,WinXP,Win2kPro,Win2k8,Win2k8R2,Win2k3 Username: BroK3n Password: BroK3n Ad...

VLC 0.8.6 [b][c][d][a] - (.ASS file) buffer overflow exploit(win32 universal)

No description provided by source. /%VLC vs 0.6.8 bcda .ASS file buffer overflow exploitwin32 universal %Works every time,works on any win32 OS,tested on Windows xp sp2. %My doctor said that I have seriuouse problems ,but I think he's full of it because the voices tell me I'm ok!/ includestdio.h...

HP-UX FTPD Remote Buffer Overflow Exploit

No description provided by source. / theoretical exploit for hpux ftpd vulnerability / / not tested anywhere, needs tweaking / / c 2000 by babcia padlina ltd. [email protected] / include stdio.h include stdlib.h define NOPS 100 define BUFSIZE 1024 char shellcode = / HP-UX shellcode /...

36 bytes chmod("/etc/shadow", 0666) shellcode

No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 36 bytes chmod/etc/shadow, 0666 shellcode Platform: Linux x86 chmod/etc/shadow, 0666; gcc -Wl,-z,execstack filename.c shellcode:...

UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)

No description provided by source. !/usr/bin/python UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - MacOSX Author: dookie Windows PoC: Jason Geffner http://www.exploit-db.com/exploits/14013 import sys, socket, struct msfpayload osx/x86/vforkshellbindtcp R | msfencode -b '\x00\x0a\x0...

PHP 5.4 (5.4.3) Code Execution (Win32)

No description provided by source. // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish...

Linux x86 netcat bindshell port 8080 - 75 bytes

No description provided by source. / 08048060 start: 8048060: eb 2a jmp 804808c GotoCall 08048062 shellcode: 8048062: 5e pop %esi 8048063: 31 c0 xor %eax,%eax 8048065: 88 46 07 mov %al,0x7%esi 8048068: 88 46 0f mov %al,0xf%esi 804806b: 88 46 19 mov %al,0x19%esi 804806e: 89 76 1a mov %esi,0x1a%esi...

XnView 1.92.1 - Command-Line Arguments Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28259/info XnView is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers may exploit this issue only i...

MNOGoSearch 3.1.20 Search.CGI UL Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/7865/info mnoGoSearch 'search.cgi' has been reported prone to a buffer overflow vulnerability. The issue is a result of a lack of sufficient bounds checking performed on user-supplied URI parameters that are passed to the...

CdRecord Version <= 2.0 - Mandrake local root exploit

No description provided by source. !/usr/bin/perl Cdrecord version 2.0 and local root exploit. wsxz@localhost buffer$ perl priv8cdr.pl 4 Using target number 4 Using Mr .dtors 0x808c82c Cdrecord 2.0 i586-mandrake-linux-gnu scsibus: -1 target: -1 lun: -1 Warning: Open by 'devname' is unintentional...

Sam Lantinga splitvt 1.6.3 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1346/info A buffer overflow condition that could be exploited to obtain root exists in splitvt 1.6.3 and earlier. Splitvt is distributed with several Linux distributions. / Local exploit for Debian splitvt 1.6.3-4 - by...

Windows XP SP3 English MessageBoxA Shellcode - 87 bytes

No description provided by source. / Title: Windows XP SP3 English MessageBoxA Shellcode 87 bytes Date: August 20, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Tested on: Windows XP SP3 En Thanks: ishtus Greetz: Astalavista, OffSEC, Exploit-DB Exploit-DB Notes: Tested under Windows...

IWConfig Local ARGV Command Line Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline. Because of this, a local attacker may be able to gain elevated privileges. / Name: iw-config.c Copyright: !sh2k+!tc...