Windows/x86 - MSVCRT System + Add RDP Admin + Disable Firewall + Enable RDP Shellcode (644 Bytes)

644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service. Exploit Title: Windows/x86 -...

ALLPlayer 7.6 Buffer Overflow

Exploit Title: ALLPlayer v7.6 Local Buffer Overflow SEHUnicode Version: 7.6 Date: 20-04-2020 Exploit Author: Xenofon Vassilakopoulos Tested on: Windows 7 Home Premium SP1 x86 Steps to reproduce : 1. generate the test.m3u using this exploit 2. open ALLPlayer then go to Open audio file 3. load the...

Nsauditor 3.2.1.0 Buffer Overflow

Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Date: 2020-04-17 Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows...

Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Date: 2020-04-17 Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows...

Linux/x86 Egghunter / Null-Free Shellcode (33 bytes)

/ Title: Linux/x86 - EggHunter + Null-Free Shellcode 33 Bytes Author: Shubham Singh Tested on: x86 GNU/Linux Shellcode Length: 33 Bytes Student ID: SLAE - 1342 Description: Null-Free Egg Hunter Shellcode - 33 Bytes file format elf32-i386 Disassembly of section .text: 08048060 : 8048060: eb 05 jmp...

Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite)) Exploit

Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows 10.0.18363.778 x86 Pro EN...

Atomic Alarm Clock 6.3 Stack Overflow

Exploit Title: Atomic Alarm Clock 6.3 - Venetian Blinds Zipper - Unicode SEH Stack Overflow Exploit Author: Bobby Cooke Date: April 17th, 2020 Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/ataclock.exe Tested On...

Code Blocks 16.01 - Buffer Overflow (SEH) UNICODE

Exploit Title: Code Blocks 16.01 - Buffer Overflow SEH UNICODE Date: 2020-04-17 Exploit Author: T3jv1l Software Link: https://sourceforge.net/projects/codeblocks/files/Binaries/16.01/Windows/codeblocks-16.01-setup.exe Software version: 16.01 buffer="A"536 buffer buffer+="\x61\x41" POPAD + Aligned...

Code Blocks 16.01 Buffer Overflow

Exploit Title: Code Blocks 16.01 - Buffer Overflow SEH UNICODE Date: 2020-04-17 Exploit Author: T3jv1l Software Link: https://sourceforge.net/projects/codeblocks/files/Binaries/16.01/Windows/codeblocks-16.01-setup.exe Software version: 16.01 buffer="A"536 buffer buffer+="\x61\x41" POPAD + Aligned...

Easy MPEG To DVD Burner 1.7.11 Buffer Overflow

Exploit Title: Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow SEH + DEP Date: 2020-04-15 Exploit Author: Bailey Belisario Tested On: Windows 7 Ultimate x64 Software Link: https://www.exploit-db.com/apps/32dc10d6e60ceb4d6e57052b6de3a0ba-easympegtodvd.exe Version: 1.7.11 Exploit Length: 1015 Byte...

BlazeDVD 7.0.2 Buffer Overflow

Exploit Title: BlazeDVD 7.0.2 - Buffer Overflow SEH Date: 2020-04-15 Exploit Author: areyou1or0 Software Link: http://www.blazevideo.com/dvd-player/free-dvd-player.html Version: 7.0.2 Tested on: Windows 7 Pro x86 !/usr/bin/python file = "exploit.plf" offset ="A"612-4 nseh = "\xeb\x1e\x90\x90" seh...

PSKernel-Primitives

This repository contains a collection of PowerShell primitives for exploitation, specifically targeting Windows systems. The code is written in PowerShell and utilizes various Windows APIs to achieve its goals. The repository includes several functions, each with a specific purpose: 1...

Government VPN Servers Targeted in Zero-Day Attack

As the Chinese government turns to virtual private networks VPNs to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said. According to security analysts...

CVE-2020-7356

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter ‘wayfinderseqid’ in wayfindermeetinginput.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injectin...

AIDA64 Engineer 6.20.5300 - (Report File) filename Buffer Overflow (SEH) Exploit

Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86 SP1 - Build 7601...

AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)

Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Date: 2020-04-02 Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86...

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the...

10Strike LANState 9.32 - (Force Check) Buffer Overflow (SEH) Exploit

Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601 Description: - Exploits th...

10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)

Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Date: 2020-04-01 Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601...

10-Strike Network Inventory Explorer 9.03 Buffer Overflow

!/usr/bin/python Exploit Title: 10-Strike Network Inventory Explorer - Read-from-file Buffer Overflow SEHROP Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Date: 2020-03-30 Exploit Author: Hodorsec [email protected] /...