Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost-LPE-Metasploit-Module This is an implementation of th...

Linux/ARM 0.0.0.0:1337/TCP Bindshell Shellcode

100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP. Title: Linux/ARM Raspberry Pi - Bind 0.0.0.0:1337/TCP Shell /bin/sh + Null-Free Shellcode 100 bytes Date: 2020-06-09 Architecture: armv6l GNU/Linux Website: http://www.theanuragsrivastava.com Author: Anurag...

Linux/ARM execve /bin/dash Shellcode

32 bytes small Linux/ARM execve /bin/dash shellcode. Title: Linux/ARM - execve /bin/dash Shellcode 32 bytes Date: 2020-06-08 Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: Anurag Srivastava Description: execve shellcode / Objdump...

Code Blocks 17.12 Local Buffer Overflow

Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...

Code Blocks 17.12 - 'File Name' Local Buffer Overflow (Unicode) (SEH) (PoC)

Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode

102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode. Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-15 Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux...

Linux/ARM - execve /bin/dash Shellcode (32 bytes)

Title: Linux/ARM - execve /bin/dash Shellcode 32 bytes Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: Anurag Srivastava Description: execve shellcode / Objdump pi@raspberrypi:/hex $ objdump -d ed1 ed1: file format elf32-littlearm Disassembly of...

Linux/ARM - Bind (0.0.0.0:1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (100 bytes)

Title: Linux/ARM Raspberry Pi - Bind 0.0.0.0:1337/TCP Shell /bin/sh + Null-Free Shellcode 100 bytes Date: 2020-06-09 Architecture: armv6l GNU/Linux Website: http://www.theanuragsrivastava.com Author: Anurag Srivastava / bindwala: file format elf32-littlearm Disassembly of section .text: 00010054 ...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost. The exploit targets a remote code execution vulnerability in the Windows SMBv3 server. The PoC is written in Python and uses a shellcode written in x64 assembly language. The PoC consists of two main components: 1. ...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode (102 bytes)

Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 102 bytes Original shellcode:...

Linux/x86 ASLR Deactivation Polymorphic - Shellcode

124 bytes small ASLR deactivation polymorphic shellcode. Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 12...

Linux/x86 ASLR Deactivation Polymorphic Shellcode (124 bytes)

Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 124 bytes Original shellcode:...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost CVE-2020-0796 Automate Exploitation and Detection...

Linux/x86 Tiny Read Polymorphic Shellcode (75 bytes)

Title: Linux/x86 - Tiny Read Polymorphic Shellcode 75 bytes Author: Xenofon Vassilakopoulos Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Blog: https://xenovass.wordpress.com/2019/06/26/slae-assignment-6-create-polymorphic-shellcode/ Architecture: i686 GNU/Linux Shellco...

10-Strike Bandwidth Monitor 3.9 Buffer Overflow Exploit

10-Strike Bandwidth Monitor version 3.9 ROP VirtualAlloc buffer overflow exploit with SEH, DEP, and ASLR. Exploit Title: 10-Strike Bandwidth Monitor 3.9 - ROP VirtualAlloc - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/...

10-Strike Bandwidth Monitor 3.9 Buffer Overflow

Exploit Title: 10-Strike Bandwidth Monitor 3.9 - ROP VirtualAlloc - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pr...

exploitdb-bin-sploits

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It aims to serve as the most comprehensive collection ...

macOS/x64 zsh RickRolling - Shellcode

198 bytes small macOS/x64 RickRolling shellcode. / Shellcode Title: macOS/x64 - zsh RickRolling Shellcode 198 Bytes Shellcode Author: Bobby Cooke Date: May 31st, 2020 Tested on: macOS Catalina v10.15.4 Shellcode Description: MacOS Catalina Dynamic, No-Null Shellcode that will Unmute the systems...

GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More

In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I'm not responsible for your actions. Bypass Techniques Anti-Debugger To try bypass the Debuggers, I'm using the "IsDebuggerPresent" of "Windows.h" librarie to checks if a...