EPS Files (CVE-2008-3019)

EPS is a standard file format for importing and exporting PostScript files. It is usually a single page PostScript program that describes an illustration or an entire page. An EPS file can contain any combination of text, graphics and images. A remote code execution vulnerability was reported in...

IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit

Exploit for unknown platform in category remote exploits ============================================================ IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit ============================================================ / IntelliTamper 2.07 Location: HTTP Header Remote Code...

Mozilla FireFox <= 1.0.1 Remote GIF Heap Overflow Exploit

No description provided by source. / Mozilla FireFox = 1.0.1 Remote GIF Heap Overflow Exploit by Darkeagle of uKt Researcherz darkeagle at linkin-park dot cc greetz to all my friends 8 and... Happy Birthday uKt research team 8 1 year 8 http://unl0ck.org !!!-script kiddie edition-!!!...

Ethereal 10.x AFP Protocol Dissector Remote Format String Exploit

No description provided by source. / etherealv0.10.: AFP remote format string exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xethereal-afp-fmt.c -o xethereal-afp-fmt ethereal homepage/url: http://www.ethereal.com syntax: ./xethereal-afp-fmt -spSrPanc -h host vulnerable...

intellitamperimgsrc-overflow.txt

/ IntelliTamper 2.07 imgsrc Remote Buffer Overflow Expoit Discovered & Written by r0ut3r writ3r at gmail.com Many Thanks to Luigi Auriemma http://aluigi.org Greets to shinnai http://www.shinnai.net and Guido Landi IntelliTamper contains a remote buffer overflow vulnerability. The HTML parser, mor...

Alphanumeric Shellcode Encoder Decoder

Alphanumeric Shellcode Encoder Decoder. Shellcode exploit for generator platform / ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Alphanumeric Shellcode Encoder Decoder Copyright © 1985-2008 Avri Schneider - Aladdin Knowledg...

IntelliTamper 2.07 - 'imgsrc' Remote Buffer Overflow

/ IntelliTamper 2.07 imgsrc Remote Buffer Overflow Expoit Discovered & Written by r0ut3r writ3r at gmail.com Many Thanks to Luigi Auriemma http://aluigi.org Greets to shinnai http://www.shinnai.net and Guido Landi IntelliTamper contains a remote buffer overflow vulnerability. The HTML parser, mor...

IntelliTamper 2.07 - imgsrc Remote Buffer Overflow

IntelliTamper 2.07 - imgsrc Remote Buffer Overflow / IntelliTamper 2.07 imgsrc Remote Buffer Overflow Expoit Discovered & Written by r0ut3r writ3r at gmail.com Many Thanks to Luigi Auriemma http://aluigi.org Greets to shinnai http://www.shinnai.net and Guido Landi IntelliTamper contains a remote...

IrfanView <= 3.99 IFF File Local Stack Buffer Overflow Exploit

No description provided by source. /Irfan View 3.99 .IFF File Local Stack Buffer Overflow This sploit runs calc.exe tested on Win XP Pro sp3;If you run it on another vs of Win make sure you chance the retaddress,but it works almost all the time so.. . Credits for finding the bug and sploit go to...

IrfanView 3.99 - '.IFF' File Local Stack Buffer Overflow

/Irfan View 3.99 .IFF File Local Stack Buffer Overflow This sploit runs calc.exe tested on Win XP Pro sp3;If you run it on another vs of Win make sure you chance the retaddress,but it works almost all the time so.. . Credits for finding the bug and sploit go to fl0 fl0w. Gretez to all romanian...

Cisco IOS shellcode explanation - additional

Anyone spot the typo? It's also in a comment in the exploit source, but doesn't affect how the code works: "addi 7,7,233" should read "addi 7,7,2330" The first offset requirement to authenticate is at 0x174 and the second privilege level is at 0xde4 Its worth noting that at some stage around IOS...

Cisco IOS shellcode explanation

Hi, Lots of people have been asking for details about the slightly unorthodox shellcode I used within the IOS FTP exploit, so here goes: .equ vtyinfo, 0x8182da60 //contains a pointer to the VTY info structure .equ terminate, 0x80e4086c lis 4,vtyinfo@ha la 4,vtyinfo@l4 xor 8,8,8 //Clear r8 lwzx...

CoolPlayer m3u File Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe x86/shikataganai succeeded, final size 169 my $shellcode = "\xd9\xca\xd9\x74\x24\xf4\x5e\xb8\xf5\x65\x2d\xfb\x31\xc9\xb1"...

CoolPlayer m3u File Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ================================================= CoolPlayer m3u File Local Buffer Overflow Exploit ================================================= !/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com...

Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)

Cisco IOS 12.318 FTP Server - Remote Attached to GDB / Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To...

CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow

!/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe x86/shikataganai succeeded, final size 169 my $shellcode = "\xd9\xca\xd9\x74\x24\xf4\x5e\xb8\xf5\x65\x2d\xfb\x31\xc9\xb1"...

coolplayerm3u-overflow.txt

!/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe x86/shikataganai succeeded, final size 169 my $shellcode = "\xd9\xca\xd9\x74\x24\xf4\x5e\xb8\xf5\x65\x2d\xfb\x31\xc9\xb1"...

CoolPlayer 2.18 - .m3u File Local Buffer Overflow

CoolPlayer 2.18 - .m3u File Local Buffer Overflow !/usr/bin/perl ksOSe - 07/29/2008 use warnings; use strict; http://www.metasploit.com EXITFUNC=seh, CMD=c:\WINDOWS\system32\calc.exe x86/shikataganai succeeded, final size 169 my $shellcode =...

Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)

/ Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To protect the innocent a critical step has been omitte...

IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow Exploit (c)

No description provided by source. / IntelliTamper 2.0.7 html parser Remote Buffer Overflow Just a C version of Guido Landi's discovery. Written by r0ut3r writ3r at gmail.com kit:/home/r0ut3r/publichtml gcc -o intell intell.c kit:/home/r0ut3r/publichtml ./intell + Building payload + Success writi...