7260 matches found
Linux/ARM - Polymorphic execve("/bin/sh", ["/bin/sh"], NULL); - XOR 88 encoded - 78 bytes
No description provided by source. / Title: Linux/ARM - Polymorphic execve/bin/sh, /bin/sh, NULL; - XOR 88 encoded - 78 bytes Date: 2010-06-28 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Database of shellcodes...
Samba SMB 2.2.x,CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7106/info Samba is prone to a buffer-overflow vulnerability when the 'smbd' service tries to reassemble specially crafted SMB/CIFS packets. An attacker can exploit this vulnerability by creating a specially formatted...
MS Excel Malformed FEATHEADER Record Exploit (MS09-067)
No description provided by source. MS Excel Malformed FEATHEADER Record Exploit CVE-2009-3129, MS09-067, OSVDB-59860 Vulnerble application MS office 2003/2007 Tested on XP SP2 - MS Ofice 2003 v. 11.5604.5606 Sean Larsson - Original Discovery !/usr/bin/python import sys import zlib Allwin WinExec...
openmovieeditor <= 0.0.20060901 (name) Local Buffer Overflow Exploit
No description provided by source. / openmovieeditor buffer overflow exploit by qnix qnixatbsdmaildotorg Dont forget to change the return address RETADDR -------------------------- devil: \ envt/envt -s 2 Shellcode: linux/x86 setuid0,setgid0 execve/bin/sh, /bin/sh, NULL 37 bytes + Setting memory...
GlobalLink 2.6.1.2 'HanGamePlugincn18.dll' ActiveX Control Multiple Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27626/info GlobalLink is prone to multiple buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit...
Panda Global Protection 2010 local Dos (unfiltered wcscpy())
No description provided by source. include windows.h include string.h include ddk/ntapi.h include tlhelp32.h define SystemModuleInfo 11 / Program : Panda Global Protection 2010 3.01.00 Homepage : http://www.pandasecurity.com Discovery : 2010/04/09 Author Contacted : 2010/07/15 Status of vuln :...
VUPlayer 2.49 - .ASX File (HREF) Local Buffer Overflow Exploit (1)
No description provided by source. !/usr/bin/perl intro; does not need a thread method shellcode to run as best as can. seh work great too! win32exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com my $shellcode =...
Solaris/SPARC 2.5.1/2.6/7/8 Derived 'login' Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3681/info The 'login' program is used in UNIX systems to authenticate users with a username and password. The utility is typically invoked at the console, by 'telnetd', 'rlogind', and if configured to do so, SSH. Versions...
Citrix Presentation Server Client WFICA.OCX ActiveX - Heap BOF Exploit
No description provided by source. !-- Citrix Presentation Server Client WFICA.OCX ActiveX Component Heap Buffer Overflow Exploit Vulnerability discovered by Andrew Christensen and Aaron Portnoy http://www.securityfocus.com/bid/21458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6334...
3Com Ftp Server 2.0 - Remote Overflow Exploit
No description provided by source. / Email fixed brotha /str0ke / / 3Com Ftp Server remote overflow exploit author : c0d3r kaveh razavi [email protected] package : 3CDaemon version 2.0 revision 10 advisory : http://secway.org/advisory/ad20041011.txt company address : 3com.com it is just a simp...
Xmame <= 0.102 (-pb/-lang/-rec) Local Buffer Overflow Exploit
No description provided by source. / xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed a vulnerable...
Linux/x86_64 reboot(POWER_OFF) 19 bytes shellcode
No description provided by source. Linux/x8664 rebootPOWEROFF 19 bytes shellcode Date: 2010-04-25 Author: zbt Tested on: x8664 Debian GNU/Linux / ; rebootLINUXREBOOTMAGIC1, LINUXREBOOTMAGIC2, LINUXREBOOTCMDPOWEROFF section .text global start start: mov edx, 0x4321fedc mov esi, 0x28121969 mov edi,...
Zinf 2.2.1 - Local Buffer Overflow Exploit
No description provided by source. / -------------------------------Advisory---------------------------------- Luigi Auriemma aluigiaaaattttttautisticiD000torg I don't know why this bug has not been tracked but moreover I don't completely know why it has not been fixed yet in the Windows version ...
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow
No description provided by source. !/usr/bin/perl Exploit Title: CoolPlayer+ Portable v2.19.4 - Local Buffer Overflow Date: 11-15-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: CoolPlayer+ Portable v2.19.4 Software Link:...
AOL 9.5 (rtx) Local Buffer Overflow Exploit
No description provided by source. !/usr/bin/python Bug : AOL 9.5 rtx Local Buffer Overflow Exploit by sup3r Tested on : XP SP3 header1 = \x3c\x48\x54\x4d\x4c\x3e\x3c\x46\x4f\x4e\x54\x20\x20\x53\x49\x5a \x45\x3d\x32\x20\x50\x54\x53\x49\x5a\x45\x3d\x31\x30\x20\x46\x41...
linux/x86 execve /bin/sh setreuid(12,12) 50 bytes
No description provided by source. / Linux/x86 An example of setregid, execve /bin/sh I used this in practise, hence the setregid12, 12; / include stdio.h char c0de = / main: / / setregid12, 12; / \x29\xc0 / subl %eax, %eax / \xb0\x47 / movb $71, %al / \x29\xdb / subl %ebx, %ebx / / Here's the GI...
ASX to MP3 Converter 3.0.0.100 - Local stack overflow exploit
No description provided by source. !/usr/bin/python import time ASX to MP3 Converter Version 3.0.0.100 = Local stack overflow exploit Author: Hazem Mofeed PoC: http://www.exploit-db.com/exploits/11930 Tested On: Windows Xp Home Edition SP3 Home: http://hakxer.wordpress.com print ' Exploited by...
bds/x86-bindshell on port 2525 shellcode - 167 bytes
No description provided by source. / ================================================== bds/x86-bindshell on port 2525 shellcode 167 bytes ================================================== / / -------------- bds/x86-bindshell on port 2525 167 bytes ------------------------- AUTHOR : beosroot OS ...
PHP 5.4 (5.4.3) Code Execution (Win32)
No description provided by source. // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish...
linux/x86 upload & exec 189 bytes
No description provided by source. UPLOAD & EXEC SHELLCODE 1 converting asm to hex 2 asm code 3 hex output 4 upload function This is an 'upload and exec' shellcode for the x86 platform. File has to be in executable format, cool if you know the distribution of the target, otherwise it is useless...