7261 matches found
Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)
No description provided by source. include stdio.h include windows.h / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because t...
Download & Exec polymorphed shellcode Engine
No description provided by source. Download & Exec polymorphed shellcode engine POC This downloading and execution code is not detectable by popular AVs. Greetz 2: DarkEagle and Unl0ck researcherz; Str0ke and milw0rm; HD Moor and metasploit project; Maxus, Fuchunic, YrSam, Garry; Offtopic and PTT...
Monit <= 4.2 - Remote Root Buffer Overflow Exploit
No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA www eos-india net poc 305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...
Tower Toppler 0.96 HOME Environment Variable Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8132/info A problem with the software may make elevation of privileges possible. It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the...
Solaris 8 libsldap Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...
Xcmail 0.99.6 Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/311/info XCmail is an X11 mail client for linux. Arthur [email protected] discovered an exploitable buffer overflow vulnerability in xcmail. The bug appears when replying to a message with a long subject line, and...
netbsd/x86 setreuid(0, 0); execve("/bin//sh", ..., NULL); 29 bytes
No description provided by source. / minervini at neuralnoise dot com c 2005 NetBSD/i386 2.0, setreuid0, 0; execve/bin//sh, ..., NULL; note: unsafe shellcode, but 29 bytes long; doesn't work if eax & 0x40000000 != 0; / include sys/types.h include stdio.h include string.h char scode = \x99 // cltd...
w32-speaking-shellcode
No description provided by source. A null-free shellcode for 32-bit versions of Windows 5.0-7.0 all service packs that uses Microsoft Speech API to say You got pwned! over the speakers. Includes optional code that fixes stack alignment adds 5 bytes and bypasses EAF adds 29 bytes. Features: NULL...
MP3 Studio 1.0 - (.mpf) Local BOF Exploit (SEH)
No description provided by source. !/usr/bin/perl MP3 Studio v1.0 mpf File Local BOF Exploit SEH Exploited by: Koshi Download: http://www.software112.com/products/mp3-millennium+download.html Based on PoC/findings by HACK4LOVE http://milw0rm.com/exploits/9277 Tested on WinXP SP3 I've used address...
J-Integra 2.11 - ActiveX SetIdentity() Buffer Overflow Exploit
No description provided by source. !-- Exploit Title: J-Integra v2.11 ActiveX SetIdentity Buffer Overflow Exploit Found By: DrIDE Download: http://j-integra.intrinsyc.com/ Greets: bz1p, [email protected] for finding the app. Tested on: XP SP3 IE7 CVE: 0day Notes: This is not the same control as...
Easy Chat Server 3.1 - Stack Buffer Overflow
No description provided by source. Exploit-DB Note: Must install to 'C:\Program Files\EFS Software\Easy Chat Server' Exploit Title: Easy Chat Server 3.1 stack buffer overflow Date: 9 May 2014 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.echatserver.com/...
Linux x86 - /bin/sh 8 bytes
No description provided by source. / 08048334 main: 8048334: 99 cltd 8048335: 6a 0b push $0xb 8048337: 58 pop %eax 8048338: 60 pusha 8048339: 59 pop %ecx 804833a: cd 80 int $0x80 using this code. step1. This code is compiled. step2. strace -x output binary step3. get execve args in strace result...
Squid 2.4.1 - Remote Buffer Overflow Exploit
No description provided by source. / 7350squish - x86/linux squid remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to third parties,...
Oracle 8.x cmctl Buffer Overflow Vulnerability
No description provided by source. / source: http://www.securityfocus.com/bid/1968/info cmctl is the Connection Control Manager, part of the Oracle 8i installation. A vulnerability exists that can allow elevation of privileges. The problem occurs in the way cmctl handles the user-supplied command...
34 bytes setreud(getuid(), getuid()) & execve("/bin/sh") Shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 14.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 34 bytes setreudgetuid, getuid & execve/bin/sh shellcode Platform: Linux x86 setreuidgetuid, getuid; execve/bin/sh; gcc -Wl,-z,execstack...
Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit
No description provided by source. GoldenFTP 4.70 PASS Exploit Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on XP SP3 Vendor Contacted: 1/17/2011 no response For this exploit to work correctly, you need to know the subnet that the server is running on. You also need ...
Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH
No description provided by source. Exploit Title: Acoustica MP3 Audio Mixer 2.471 Extended M3U directives SEH Date: September 8 2010 Author: Carlos Hollmann Software Link: http://www.acoustica.com/downloading.asp?p=1 Version: 2.471 Tested on: Windows xp sp3 running on VMware Fusion 3.1 and...
Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF
No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF From: The eh?-Team || The Great White Fuzz we're not sure yet Author: dookie2000ca Date: 14/02/2010 Found by: loneferret Date Found: 13/02/2010 Software link:...
Windows Mobile 6.5 TR Phone Call Shellcode
No description provided by source...
APSIS Pound 1.5 - Remote Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately this...