7258 matches found
Microsoft PowerPoint 2003 SP2 Local Code Execution Exploit (french)
No description provided by source. / 30.07.2006 NSRocket presents Microsoft PowerPoint 2003 SP2 updated french version exploit tested on WinXP SP2 Microsoft PowerPoint is prone to a remote code execution issue which may be triggered when a malformed PPT file is closed. Code execution is possib...
eIQ-ESA.txt
!/usr/bin/perl -w http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom - 03/23/2006 Bug found by KF of digitalmunition.com. http://www.zerodayinitiative.com/advisories/ZDI-06-023.html Exploit for Syslog Server by eiQnetworks OEM for Several vendors There MUST be a syslog...
eIQnetworks ESA (Syslog Server) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl -w http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom - 03/23/2006 Bug found by KF of digitalmunition.com. http://www.zerodayinitiative.com/advisories/ZDI-06-023.html Exploit for Syslog Server by eiQnetworks OEM for Severa...
sipXtapi.txt
!/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the code for ret address\n\n"; if not...
SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================= SIPfoundry sipXtapi CSeq Remote Buffer Overflow Exploit ========================================================= !/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09...
filecopa101.txt
!/usr/bin/perl -w bad char 0x00 0x0a tested on win00 SP4 English on filecopa ftp server 6/4/2006 version use Net::FTP; $target = $ARGV0 || die "usage:$0 "; my $user = "test"; my $pass = "test"; $shellcode = "\xd9\xee\xd9\x74\x24\xf4\x5b\x31\xc9\xb1\x5e\x81\x73\x17\xe0\x66"...
SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the...
Cyrus IMAPD 2.3.2 - pop3d Remote Buffer Overflow (2)
Cyrus IMAPD 2.3.2 - pop3d Remote Buffer Overflow 2 !/usr/bin/ruby cyrus-imapd pop3d exploit by bannedit 05/23/2006 This exploit takes advantage of a stack based overflow. Once the stack corruption has occured it is possible to overwrite a pointer which is later used for a memcpy this gives us a...
solaris/sparc connect-back with XNOR encoded session 600 bytes
solaris/sparc connect-back with XNOR encoded session 600 bytes. Shellcode exploit for solarissparc platform / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o i...
Cyrus IMAPD 2.3.2 - 'pop3d' Remote Buffer Overflow (2)
!/usr/bin/ruby cyrus-imapd pop3d exploit by bannedit 05/23/2006 This exploit takes advantage of a stack based overflow. Once the stack corruption has occured it is possible to overwrite a pointer which is later used for a memcpy this gives us a write anything anywhere condition similar to a forma...
Microsoft IIS - ASP Stack Overflow (MS06-034)
Microsoft IIS - ASP Stack Overflow MS06-034 include include / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because the new SE...
Microsoft IIS ASP Stack Overflow Exploit (MS06-034)
No description provided by source. include stdio.h include windows.h / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because t...
Microsoft IIS ASP Stack Overflow Exploit (MS06-034)
Exploit for unknown platform in category local exploits =================================================== Microsoft IIS ASP Stack Overflow Exploit MS06-034 =================================================== include include / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by...
Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/ruby cyrus-imapd pop3d exploit by bannedit 05/23/2006 This exploit takes advantage of a stack based overflow. Once the stack corruption has occured it is possible to overwrite a pointer which is later used for a memcpy this gives us a write anything...
Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
Exploit for multiple platform in category remote exploits ============================================================ Cyrus IMAPD 2.3.2 pop3d Remote Buffer Overflow Exploit 2 ============================================================ !/usr/bin/ruby cyrus-imapd pop3d exploit by bannedit...
solaris/sparc connect-back (with XNOR encoded session) 600 bytes
Exploit for solaris/sparc platform in category shellcode ================================================================ solaris/sparc connect-back with XNOR encoded session 600 bytes ================================================================ / black-RXenc-con-back-SOLARIS.c MIPS This is a...
Microsoft IIS - ASP Stack Overflow (MS06-034)
include include / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because the new SEH protection mechanisms, you should set the...
linux/x86 - setuid/portbind shellcode 96 bytes
linux/x86 setuid/portbind shellcode 96 bytes. Shellcode exploit for linx86 platform / $Id: portbind-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ portbind-linux.c - setuid/portbind shellcode for Linux/x86 Copyright c 2003 Marco Ivaldi Simple portbind shellcode that bind's a setuid0 shell on port...
linux/x86 - setuid0 and /bin/sh execve shellcode 30 bytes
linux/x86 setuid0 and /bin/sh execve shellcode 30 bytes. Shellcode exploit for linx86 platform / $Id: setuid-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ setuid-linux.c - setuid/execve shellcode for Linux/x86 Copyright c 2004 Marco Ivaldi Short fully-functional setuid0 and /bin/sh execve...
linux/x86 setuid(0) and /bin/sh execve() shellcode 30 bytes
Exploit for linux/x86 platform in category shellcode =========================================================== linux/x86 setuid0 and /bin/sh execve shellcode 30 bytes =========================================================== / $Id: setuid-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $...