IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP

Exploit Title: IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP Date: 2020-05-20 Exploit Author: Austin Babcock Vendor Homepage: https://icofx.ro/ Software Link: https://drive.google.com/file/d/1SONzNStAW3pAPU5IUvsYS3z0jYymEZn/view?usp=sharing Version: 2.6.0.0 Tested on: Windows 7...

IcoFX 2.6 Buffer Overflow

Exploit Title: IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP Date: 2020-05-20 Exploit Author: Austin Babcock Vendor Homepage: https://icofx.ro/ Software Link: https://drive.google.com/file/d/1SONzNStAW3pAPU5IUvsYS3z0jYymEZn/view?usp=sharing Version: 2.6.0.0 Tested on: Windows 7...

Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free

Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...

Microsoft Internet Explorer 8/11 and WPAD service (Jscript.dll) - Use-After-Free Exploit

Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit as well as the...

ScareCrow - Payload Creation Framework Designed Around EDR Bypass

If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading not injection into a legitimate Windows process bypassing Application...

CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow', 'Description' = %q This module exploits a buffer overflow within the...

CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow Exploit

Exploit Title: CloudMe 1.11.2 - SEH/DEP/ASLR Buffer Overflow Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Steps to reproduce: 1...

Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow (SEH + DEP)

Exploit Title: Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow SEH + DEP Date: 2020-04-15 Exploit Author: Bailey Belisario Tested On: Windows 7 Ultimate x64 Software Link: https://www.exploit-db.com/apps/32dc10d6e60ceb4d6e57052b6de3a0ba-easympegtodvd.exe Version: 1.7.11 Exploit Length: 1015 Byte...

Easy MPEG To DVD Burner 1.7.11 Buffer Overflow

Exploit Title: Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow SEH + DEP Date: 2020-04-15 Exploit Author: Bailey Belisario Tested On: Windows 7 Ultimate x64 Software Link: https://www.exploit-db.com/apps/32dc10d6e60ceb4d6e57052b6de3a0ba-easympegtodvd.exe Version: 1.7.11 Exploit Length: 1015 Byte...

R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEPASLR Bypass)

R 3.4.4 Windows 10 x64 - Buffer Overflow SEH DEPASLR Bypass !/usr/bin/python Exploit Title: R 3.4.4 Windows 10 x64 - Buffer Overflow SEHDEP/ASLR Bypass Date: 2019-07-15 Exploit Author: blackleitus Vendor Homepage: https://www.r-project.org/ Tested on: Windows 10 Home Single Language 64-bit Social...

10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: 10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow SEHDEP Bypass Vulnerable Software: 10-Strike Network Inventory Explorer 8.54 Vendor Homepage:...

CloudMe Sync SEH Buffer Overflow

Exploit: CloudMe Sync netstat -nao | find "8888" TCP 0.0.0.0:8888 0.0.0.0:0 LISTENING 2640 C:\tasklist | find "2640" CloudMe.exe 2640 Console 1 36,632 K Attacking Machine: root@kali:/Desktop python cloudme.py CloudMe Sync v1.10.9 Buffer Overflow with DEP Bypass + CloudMe Target IP 192.168.12.4...

Detecting reflective DLL loading with Windows Defender ATP

Today's attacks put emphasis on leaving little, if any, forensic evidence to maintain stealth and achieve persistence. Attackers use methods that allow exploits to stay resident within an exploited process or migrate to a long-lived process without ever creating or relying on a file on disk. In...

Windows/x64 - API Hooking Shellcode (117 bytes)

/ Title : Windows x64 API Hooking Shellcode Author : Roziul Hasan Khan Shifat Size : 117 bytes Date : 16/10/2017 Email : email protected Tested On : Windows 7 Ultimate x64 / / This Shellcode hooks DeteleFileW API Warning: Do no Use this Shellcode on explorer.exe Otherwise You won't be able to...

Microsoft Internet Explorer 11 (Windows 7 x86) - 'mshtml.dll' Remote Code Execution (MS17-007)

.class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; var ntdllBase = ""; function infoleak var textarea = document.getElementById"textarea"; var frame = document.createElement"iframe"; textarea.appendChildframe;...

EMC AlphaStor Device Manager Opcode 0x72 Buffer Overflow

require 'msf/core' class MetasploitModule 'EMC AlphaStor Device Manager Opcode 0x72', 'Description' = %q This module exploits a stack based buffer overflow vulnerability found in EMC Alphastor Device Manager. The overflow is triggered when sending a specially crafted packet to the rrobotd.exe...

VUPlayer 2.49 .pls Stack Buffer Overflow

!/usr/bin/python import os,sys Tested Windows 7 Home x86 & Windows 10 Home x86x64 badchars \x00\x0a\x1a\x20\x40 msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -b "\x00\x0a\x1a\x20\x40" -f python buf = "" buf += "\xbf\x3b\x99\xdd\xa3\xdb\xc4\xd9\x74\x24\xf4\x58\x29" buf +=...

Microsoft Office 内存损坏漏洞(CVE-2015-1641)

来源： http://drops.wooyun.org/papers/9809 Microsoft Office 内存损坏漏洞 0x01 漏洞概述 今年4月份微软修补了一个名为CVE-2015-1641的word类型混淆漏洞，攻击者可以构造嵌入了docx的rtf文档进行攻击。word在解析docx文档处理displacedByCustomXML属性时未对customXML对象进行验证，可以传入其他标签对象进行处理，造成类型混淆，导致任意内存写入，最终经过精心构造的标签以及对应的属性值可以造成远程任意代码执行。 根据微软官方MS15-33安全公告里显示，这个漏洞覆盖Office 2007...

Easy File Sharing Web Server 7.2 Buffer Overflow

!/usr/bin/env python Exploit title: Easy File Sharing Web Server v7.2 - Remote SEH Buffer Overflow DEP bypass with ROP Date: 29/11/2015 Exploit Author: Knaps Contact: @TheKnapsy Website: http://blog.knapsy.com Software Link: http://www.sharing-file.com/efssetup.exe Version: Easy File Sharing Web...

Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass) Vulnerability

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: Alreader 2.5 .fb2 SEH Based Stack Overflow ASLR and DEP bypass Date: 25.10.2015 Category: Local Exploit Exploit Author: g00dv1n Contact: email protected Version: 2.5 Tested on: Windows XP SP3 / Windows 7 /...