freebsd/x86 setuid(0); execve(ipf -Fa); shellcode 57 bytes

No description provided by source. ; sm4x - 2008 ; setuid0; execve//sbin/ipf, //sbin/ipf, -Faa, 0, 0; ; 57 bytes ; FreeBSD 7.0-RELEASE global start start: main: ; --------------------- setuid 0 xor eax, eax xor ecx, ecx push eax push eax mov al, 0x17 int 0x80 ; --------------------- -Faa xor eax,...

Adobe util.printf() Buffer Overflow (2)

No description provided by source. $Id: adobeutilprintf.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes

No description provided by source. Title : win32/PerfectXp-pc1/sp3 Tr Add Admin Shellcode 112 bytes Author : KaHPeSeSe Screenshot : http://i53.tinypic.com/289yamq.jpg Desc. : usr: kpss , pass: 12345 , localgroup: Administrator Tested on : PERFECT XP PC1 / SP3 Date : 18/07/2011 Not : a.q kpss :...

VideoCharge Studio 2.12.3.685 - GetHttpResponse() MITM Remote Code Execution Exploit

No description provided by source. !/usr/bin/python Exploit Title: VideoCharge Studio v2.12.3.685 GetHttpResponse MITM Remote Code Execution Exploit SafeSEH/ASLR/DEP Bypass Version: v2.12.3.685 Date: 2014-02-19 Author: Julien Ahrens @MrTuxracer Homepage: http://www.rcesecurity.com Software Link:...

bds/x86-bindshell on port 2525 shellcode - 167 bytes

No description provided by source. / ================================================== bds/x86-bindshell on port 2525 shellcode 167 bytes ================================================== / / -------------- bds/x86-bindshell on port 2525 167 bytes ------------------------- AUTHOR : beosroot OS ...

FreeBSD 3.3,Linux Mandrake 7.0 'xsoldier' Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via ...

Lattice Semiconductor PAC-Designer 6.21 - (.PAC) Exploit

No description provided by source. !/usr/bin/python -w ------------------------------------------------------------------------------------ Exploit: Lattice Semiconductor PAC-Designer 6.21 possibly all versions CVE: CVE-2012-2915 Author: b33f Ruben Boonen - http://www.fuzzysecurity.com/ OS: WinXP...

Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC

No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the RewriteRule kung/. $1 rule if not you must...

Ntpd Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2540/info NTP, the Network Time Protocol, is used to synchronize the time between a computer and another system or time reference. It uses UDP as a transport protocol. There are two protocol versions in use: NTP v3 and NT...

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit

No description provided by source. !/usr/bin/python +Exploit Title: MP3 CD Converter Professional Universal DEP Bypass Exploit +Date: 11\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CV...

SpongeBob SquarePants Typing Buffer Overflow (SEH)

No description provided by source. SEH overwrite exploit for SpongeBob SquarePants Typing from The Learning Company http://goo.gl/1EHaD Date: May 4th 2011 Author: Infant Overflow .-. - - || / \ | | | | | | | | / Fresh out the womb laying the smack down on SpongeBob I like my sploits like I like m...

Linux - setreuid (0,0) & execve(/bin/rm /etc/shadow)

No description provided by source. / rmtheshadow.c by mrme Just for fun : visit: http://www.corelan.be:8800/ / include stdio.h include string.h char sc = x31xc0 // xor %eax,%eax xb0x46 // mov $046,%al x31xdb // xor %ebx,%ebx x31xc9 // xor %ecx,%ecx xcdx80 // int $080 x31xc0 // xor %eax,%eax x50 /...

Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)

No description provided by source. / ,sSSSis ,sSSSs, Beta v2.0 w32. iS dP dY ,SP Encodes binary data to/from a variety of formats. .SP dSS ,sS Copyright C 2003-2005 by Berend-Jan Wever dS' Sb ,sY [email protected] .SP dSSP' sSSSSSSP http://spaces.msn.com/members/berendjanwever iS: This...

Linux/x86-64 - Disable ASLR Security - 143 bytes

No description provided by source. / Title: Linux/x86-64 - Disable ASLR Security - 143 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33 Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/...

change mode 0777 of "/etc/shadow" with sys_chmod syscall

No description provided by source. / 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

MiniShare <= 1.4.1 - Remote Buffer Overflow Exploit

No description provided by source. / MiniShare = 1.4.1, Remote Buffer Overflow Exploit v0.1. Bind a shellcode to the port 101. Full disclosure and exploit by class101 at DFind.kd-team.com & n3ws at EFnet 07 november 2004 Thanx to HDMoore and Metasploit.com for their kickass ASM work...

Unreal Tournament Remote Buffer Overflow Exploit (SEH)

No description provided by source. Unreal Tournament Remote Buffer Overflow Exploit SEH Windows Discovered by: Luigi Auriemma http://aluigi.altervista.org/adv/unsecure-adv.txt Coded By: Fulcrum 08/02/2011 Patch: http://www.unrealadmin.org/forums/showthread.php?t=15616 Vulnerable: all ut99 servers...

MP3Info 0.8.5a - Buffer Overflow

No description provided by source. Waste of CPU clock N2 Exploit for: mp3info! Latest version Author: jsacco - [email protected] Vendor: http://ibiblio.org/mp3info/ No-one-cares-about programs! junk = \x90\x90\x90\x908 shellcode =...

Samhain Labs 1.x HSFTP Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9715/info hsftp has been found to be prone to a remote print format string vulnerability. This issue is due to the application improper use of a format printing function. Ultimately this vulnerability could allow for...

CPE17 Autorun Killer <= 1.7.1 Stack Buffer Overflow Exploit

No description provided by source. CPE17 Autorun Killer = 1.7.1 Stack Buffer Overflow exploit by Xelenonz require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::FILEFORMAT def initializeinfo = superupdateinfoinfo, 'Name' = 'CPE17 Autorun Killer = 1.7.1 Stack Buffer Overfl...