Egg Hunting Staged Shellcode High Ports Remote Code Execution

Egg Hunting is a staged shellcode technique. A remote attacker can use Egg Hunting to cause a stack-based overflow on the target. Successful implementation will allow attackers to execute shellcode on a remote machine...

Watermark Master 2.2.23 Buffer Overflow

!/usr/bin/python Exploit Title:Watermark Master Buffer Overflow SEH Date found: 31.10.2013 Exploit Author: metacom URL:http://www.videocharge.com/download.php Software Link:www.videocharge.com/download/WatermarkMasterInstall.exe Version: 2.2.23 Vulnerable products:Watermark Master and Watermark...

AudioCoder 0.8.22 (.m3u) - SEH Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/perl Exploit Title: AudioCoder 0.8.22 .m3u - SEH Buffer Overflow Date: 10-18-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: AudioCoder 0.8.22 http://www.mediacoderhq.com/audio/ Software Link:...

AudioCoder 0.8.22 SEH Buffer Overflow

!/usr/bin/perl Exploit Title: AudioCoder 0.8.22 .m3u - SEH Buffer Overflow Date: 10-18-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: AudioCoder 0.8.22 http://www.mediacoderhq.com/audio/ Software Link: http://www.fosshub.com/download/AudioCoder-0.8.22.5506.exe...

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow

!/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage: http://www.watchguard.com Version: = 11.7.4u1 Tested on: XTMv CVE :...

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow

Watchguard Firewall XTM 11.7.4u1 - Remote Buffer Overflow !/usr/bin/perl -w Exploit Title: WatchGuard Firewall XTM version 11.7.4u1 - Remote buffer overflow exploit sessionid cookie Date: Oct 18 2013 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage:...

Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)

Exploit for windows platform in category local exploits !/usr/bin/perl Exploit Title: Photodex ProShow Producer v5.0.3310 - Local Buffer Overflow SEH Date: 10-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Photodex ProShow Producer v5.0.3310 Software Link:...

Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)

!/usr/bin/perl Exploit Title: Photodex ProShow Producer v5.0.3310 - Local Buffer Overflow SEH Date: 10-26-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Photodex ProShow Producer v5.0.3310 Software Link: http://files.photodex.com/release/pspro503310.exe Version:...

D-Link DIR-605L - Captcha Handling Buffer Overflow (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Boa/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DIR-605L Captcha Handling...

Messagebox Shellcode (113 bytes) - Any Windows Version

/ User32-free Messagebox Shellcode for any Windows version ======================================================== Title: User32-free Messagebox Shellcode for any Windows version Release date: 16/10/2013 Author: Giuseppe D'Amore http://it.linkedin.com/pub/giuseppe-d-amore/69/37/66b Size: 113 byt...

Any Windows Version - Messagebox Shellcode 113 bytes

Any Windows Version - Messagebox Shellcode 113 bytes. Shellcode exploit for windows platform / User32-free Messagebox Shellcode for any Windows version ======================================================== Title: User32-free Messagebox Shellcode for any Windows version Release date: 16/10/2013...

Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow

Aladdin Knowledge Systems Ltd. PrivAgent - ActiveX Control Overflow Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow // heap spray for IE7 //calc - 196 bytes var shellcode =...

Internet Haut Debit Mobile Buffer Overflow

!/usr/bin/python Exploit Title:Internet Haut Debit Mobile Buffer Overflow SEH Software Link:https://app.box.com/s/4h9cm20hp5iiask8rwrm Poc video demo :http://www.youtube.com/watch?v=sAHfjmNHiow&feature=youtu.be Version:PCWMATMARV1.0.0B03 Date found: 10.10.2013 Date published:10.10.2013 Exploit...

Multiple DNS NO SUCH NAME Error Responses (CVE-2012-0006)

The Domain Name System DNS is an hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. When a DNS client needs to look up a name used in a program, it queries DNS servers to resolve the name. If the query names are...

Linux/ARM - reverse_shell (tcp,10.1.1.2,0x1337)

/ Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on: ARM1176JZF-S v6l - Raspberry Pi Author: midnitesnake / Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on:...

Ofilter Player 1.2.0.1 Buffer Overflow

Exploit Title : Ofilter Player Version 1.2.0.1 - skin1.ini - SEH Based Buffer Overflow PoC Date : 12-09-2013 Exploit Author : gunslinger Author Homepage : http://www.cr0security.com Software Link : http://download.cnet.com/Ofilter-Player/3000-21394-78232.html Price : Free to try; $19.99 to buy...

Linux/ARM chmod("/etc/passwd", 0777) shellcode 39 bytes

39 bytes small Linux/ARM chmod"/etc/passwd", 0777 shellcode. / Title : Linux/ARM - chmod"/etc/passwd", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include...

Linux/ARM creat("/root/pwned", 0777) shellcode 39 bytes

39 bytes small Linux/ARM creat"/root/pwned", 0777 shellcode. / Title : Linux/ARM - creat"/root/pwned", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include...

Linux/ARM execve("/bin/sh", [], [0 vars]) shellcode 35 bytes

35 bytes small Linux/ARM execve"/bin/sh", , 0 vars shellcode. / Title : Linux/ARM - execve"/bin/sh", , 0 vars - 35 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / includ...

Linux/ARM - creat("/root/pwned", 0777) Shellcode (39 bytes)

Linux/ARM - creat"/root/pwned", 0777 Shellcode 39 bytes. Shellcode exploit for ARM platform / Title : Linux/ARM - creat"/root/pwned", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and...