EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Exploit

Exploit Title: EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Exploit Author: Harrison Neal Vendor Homepage: https://www.ibm.com/us-en/ Version: 6100-09-04-1441, 7100-03-05-1524, 7100-04-00-0000, 7200-01-01-1642 Tested on: IBM AIX PPC CVE: CVE-2017-3623 EBBISLAND / EBBSHAVE RPC Buffe...

Linux/x86 - Execve() Alphanumeric Shellcode (66 bytes)

Title: Linux/x86 - Execve Alphanumeric Shellcode 66 bytes Shellcode Author: bolonobolo Tested on: Linux x86 execve.asm global start section .text start: ; int 0x80 ------------ push 0x30 pop eax xor al, 0x30 push eax pop edx dec eax xor ax, 0x4f73 xor ax, 0x3041 push eax push edx pop eax...

Linux/x86_x64 sys_creat(ajit), 0755) Shellcode (53 bytes)

/ --------------------------------------------------------------------------------------------------- Linux/x86x64 - syscreat"ajit", 0755 - 53 bytes Ajith Kp http://fb.com/ajithkp560 http://www.terminalcoders.blogspot.com Vishnu Nath Kp http://www.terminalcoders.blogspot.com Sayooj S Nambiar...

AVS Audio Converter 9.1.2.600 - Stack Overflow (PoC)

Exploit Title: AVS Audio Converter 9.1.2.600 - Stack Overflow PoC Date: December 2019-12-28 Exploit Author: boku Original DoS: https://www.exploit-db.com/exploits/47788 Original DoS Author: ZwX Software Vendor: http://www.avs4you.com/ Software Link: http://www.avs4you.com/avs-audio-converter.aspx...

Domain Quester Pro 6.02 - Stack Overflow (SEH)

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

Domain Quester Pro 6.02 Stack Overflow

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

Prime95 29.8 Build 6 Buffer Overflow

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Date: 2019-12-22 Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python...

Prime95 Version 29.8 build 6 - Buffer Overflow (SEH)

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Date: 2019-12-22 Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python...

Linux/x64 - Reverse TCP Stager Shellcode (188 bytes)

; Title: Linux/x64 - Reverse TCP Stager Shellcode 188 bytes ; Author: Lee Mazzoleni ; Tested on: Ubuntu 18.04.2 LTS ; reverse tcp stager - download and execute up to 4096 bytes of additional payload - no null bytes in this ; this code is 188 bytes total less if you delete the exit syscall at the...

FTP Commander Pro 8.03 - Local Stack Overflow

FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...

SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...

Anviz CrossChex 4.3.12 - Local Buffer Overflow

Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 ...

Anviz CrossChex 4.3.12 Local Buffer Overflow

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ （膜一波，现在unamer的代码已经可以执行shellcode了） CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit

EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload: times = 10000 count = 0 while count times: count += 1 print'time through %d' % count try:...

RedPeanut - A Small RAT Developed In .Net Core 2 And Its Agent In .Net 3.5/4.0

RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0. RedPeanut code execution is based on shellcode generated with DonutCS. It is therefore a hybrid, although developed in .Net it does not rely solely on the Assembly.Load. This increases the detection surface, but...

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium named after a password to one of the self-executable archives. Titanium is the final result of a...

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

Linux/x86 - execve(/bin/sh) socket reuse Shellcode (42 bytes)

Exploit Name: Linux/x86 - execve/bin/sh socket reuse Shellcode 42 bytes Author : WangYihang Tested on: Linuxx86 Shellcode Length: 42 CVE: N/A ;================================================================================ Shellcode : char shellcode =...