Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2018/01/23 12:0 a.m.50 views

Flexible Poll 1.2 - SQL Injection

Exploit Title: Flexible Poll 1.2 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://ddywpro.com/ Software Link: https://codecanyon.net/item/flexible-poll/4363114 Version: 1.2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5988 Exploit Author: Ihsan Sencan Author...

9.8CVSS9.6AI score0.1915EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.29 views

Quickad 4.0 - SQL Injection

Exploit Title: Classified Ads CMS - Quickad 4.0 - SQL Injection Dork: N/A Date: 23.01.2018 Vendor Homepage: http://bylancer.com/ Software Link: https://codecanyon.net/item/quickad-classified-ads-php-script/19960675 Version: 4.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5972...

9.8CVSS9.8AI score0.1915EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/23 12:0 a.m.40 views

Blizzard Update Agent - JSON RPC DNS Rebinding

All blizzard games are installed alongside a shared tool called "Blizzard Update Agent", investor.activision.com claims they have "500 million monthly active users", who presumably all have this utility installed. The agent utility creates an JSON RPC server listening on localhost port 1120, and...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/22 12:0 a.m.44 views

Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD

!/usr/bin/env python2.7 Herospeed TelnetSwitch daemon running on TCP/787, for allowing enable of the telnetd. Where one small stack overflow allows us to overwrite the dynamicly generated password and enable telnetd. Verified 1 Fullhan IPC FH8830F22W7.1.42.1 2 Fullhan FH8830AR0330FISHEYEW7.1.37.5...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/22 12:0 a.m.105 views

AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution

Unauthenticated LAN remote code execution in AsusWRT Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 22/01/2018 / Last updated: 25/01/2018 Background and summary AsusWRT is the...

10CVSS9.5AI score0.8715EPSS
Exploits11
exploitdb
exploitdb
added 2018/01/21 12:0 a.m.351 views

OTRS 5.0.x/6.0.x - Remote Command Execution (1)

Exploit Title: OTRS 5.0.x/6.0.x - Remote Command Execution 1 Date: 21-01-2018 Exploit Author: Bæln0rn Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE : CVE-2017-169...

9CVSS9AI score0.19901EPSS
Exploits8
exploitdb
exploitdb
added 2018/01/21 12:0 a.m.32 views

PHPFreeChat 1.7 - Denial of Service

Exploit Title: phpFreeChat 1.7 and earlier - Denial of Service Version: 1.7 and earlier Date: 21/01/2018 Vendor Homepage: http://www.phpfreechat.net Software Link: http://www.phpfreechat.net/download Exploit Author: A. Pakbaz CVE : CVE-2018-5954 1 $pid=pcntlfork; if$pid0 echo "\nError! Reduce the...

7.5CVSS7.8AI score0.08933EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/21 12:0 a.m.57 views

Shopware 5.2.5/5.3 - Cross-Site Scripting

Document Title: =============== Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1922 Shopware Security Tracking ID: SW-19834 Security Update:...

6.1CVSS6.5AI score0.04812EPSS
Exploits7
exploitdb
exploitdb
added 2018/01/21 12:0 a.m.65 views

Oracle JDeveloper 11.1.x/12.x - Directory Traversal

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt + ISR: apparition security Vendor: ============= www.oracle.com Product: =========== JDeveloper IDE Oracle JDeveloper is a free...

4.7CVSS5.8AI score0.01448EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/21 12:0 a.m.33 views

CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities

Document Title: =============== CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1836 Release Date: ============= 2018-01-19 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/19 12:0 a.m.44 views

macOS 10.13 (17A365) - Kernel Memory Disclosure due to Lack of Bounds Checking in 'AppleIntelCapriController::getDisplayPipeCapability'

/ AppleIntelCapriController::getDisplayPipeCapability reads an attacker-controlled dword value from a userclient structure input buffer which it uses to index a small array of pointers to memory to copy back to userspace. There is no bounds checking on the attacker supplied value allowing with so...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/18 12:0 a.m.228 views

Primefaces 5.x - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2017-1000486 Primefaces Remote Code Execution Exploit', 'Description' = %q This module exploits an expression language remote code execution...

9.8CVSS9.6AI score0.94104EPSS
Exploits6
exploitdb
exploitdb
added 2018/01/18 12:0 a.m.31 views

GitStack 2.3.10 - Remote Code Execution

Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution Date: 18.01.2018 Software Link: https://gitstack.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description $SERVER'PHPAUTHPW' is directly passed t...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/18 12:0 a.m.54 views

Smiths Medical Medfusion 4000 - 'DHCP' Denial of Service

!/usr/bin/python3 """PoC for MQX RTCS code execution via DHCP options overflow. This is just a quick hack to prove the vulnerability and was designed to run on a private network with the target device. """ import datetime import socket def main: """Use a default valid DHCP packet to overwrite an...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.30 views

Microsoft Edge Chakra JIT - Incorrect Bounds Calculation

/ Let's start with comments in the "GlobOpt::TrackIntSpecializedAddSubConstant" method. // Track bounds for add or sub with a constant. For instance, consider b = a + 2. The value of 'b' should track // that it is equal to the value of 'a' + 2. That part has been done above. Similarly, the value ...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.178 views

Master IP CAM 01 - Multiple Vulnerabilities

Exploit Title: Master IP CAM 01 Multiple Vulnerabilities Date: 17-01-2018 Remote: Yes Exploit Authors: Daniele Linguaglossa, Raffaele Sabato Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89 Vendor: Master IP CAM Version: 3.3.4.2103 CVE: CVE-2018-5723, CVE-2018-5724,...

10CVSS8.7AI score0.19804EPSS
Exploits9
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.41 views

Belkin N600DB Wireless Router - Multiple Vulnerabilities

Exploit Title: Belkin N600DB Wireless Router | Multiple Vulnerabilities Date: 16/01/2018 Exploit Author: Wadeek Hardware Version: F9K1102as v3 Firmware Version: 3.04.11 Vendor Homepage: http://www.belkin.com/fr/support/product/?pid=F9K1102as Firmware Link:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.36 views

Reservo Image Hosting Script 1.5 - Cross-Site Scripting

Exploit Title: Reservo Image Hosting Script 1.5 - Cross Site Scripting Date: 15-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: reservo.co Version: 1.6 CVE-ID: CVE-2018-5705 With support for automatic thumbnails & image resizing in over 200...

6.1CVSS6.3AI score0.01461EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.29 views

Zomato Clone Script - Arbitrary File Upload

Zomato Clone - Arbitrary File Upload Date: 16.01.2018 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/099S4111872/php-scripts/zomato-clone-script Demo: http://jhinstitute.com/demo/foodpanda/ Version: N/A Category: Webapps Tested on: Windows 10...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.35 views

SugarCRM 3.5.1 - Cross-Site Scripting

Exploit Title: sugarCRM 3.5.1 XSS refeclted Date: 16/01/2017 Exploit Author: Guilherme Assmann Vendor Homepage: https://www.sugarcrm.com/ Version: 3.5.1 Tested on: kali linux, windows 7, 8.1, 10, ubuntu - Firefox Download...

6.1CVSS6.3AI score0.06914EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.40 views

D-Link DSL-2640R - DNS Change

D-Link DSL-2640R Unauthenticated Remote DNS Change Vulnerability Firmware Version: UK1.06 Hardware Version: B1 Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg/ Description: The vulnerability exist in the web interface. D-Link's various routers are...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.29 views

Microsoft Edge Chakra - 'AsmJSByteCodeGenerator::EmitCall' Out-of-Bounds Read

/ AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls such as "arridx & ...". In these cases, the index register remains NoRegister which is...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.33 views

Microsoft Edge Chakra JIT - Stack-to-Heap Copy

/ If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those variables should not exist in the stack. In these cases, the...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.32 views

Microsoft Edge Chakra JIT - Out-of-Bounds Write

// Here's the PoC demonstrating OOB write. function optarr, start, end for let i = start; i end; i++ if i === 10 i += 0; // -- a arri = 2.3023e-320; function main let arr = new Array100; arr.fill1.1; for let i = 0; i 1000; i++ optarr, 0, 3; optarr, 0, 100000; main; / What happens here is as...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.22 views

Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)

/ Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: / // Enable the flag using '\n'.repeat0x1000 evalfunction f with function printf; ; ; + '\n'.repeat0x1000; PoC 2: // ./ch poc.js -ForceDeferParse...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.26 views

Microsoft Edge Chakra - Incorrect Scope Handling

// PoC: function funcarg = function printfunc; // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function. printfunc; function func ; // Chakra fails to distinguish whether the function is referenced in the param scope and ends up to emit an invalid opcode...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/17 12:0 a.m.32 views

Microsoft Edge Chakra - 'JavascriptGeneratorFunction::GetPropertyBuiltIns' Type Confusion

/ Here's a snippet of the method. bool JavascriptGeneratorFunction::GetPropertyBuiltInsVar originalInstance, PropertyId propertyId, Var value, PropertyValueInfo info, ScriptContext requestContext, BOOL result if propertyId == PropertyIds::length ... int len = 0; Var varLength; if...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/16 12:0 a.m.83 views

glibc < 2.26 - 'getcwd()' Local Privilege Escalation

/ This software is provided by the copyright owner "as is" and any expressed or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the copyright owner be liable for any direct, indirec...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.38 views

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)

Linux/ARM - Reverse TCP 192.168.1.1:4444/TCP Shell /bin/sh + Password MyPasswd + Null-Free Shellcode 156 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Password Protected Reverse Shell TCP /bin/sh. Null free shellcode 156 bytes Date: 2018-01-15 Tested: armv7l Raspberry Pi v3 Autho...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.59 views

GitStack - Remote Code Execution

Vulnerability Summary The following advisory describes an unauthenticated action that allows a remote attacker to add a user to GitStack and then used to trigger an unauthenticated remote code execution. GitStack is “a software that lets you setup your own private Git server for Windows. This mea...

9.8CVSS9.7AI score0.80982EPSS
Exploits9
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.37 views

D-Link DNS-325 ShareCenter < 1.05B03 - Multiple Vulnerabilities

D-Link DNS-325 ShareCenter Multiple Vulnerabilities Vendor: D-Link Product: D-Link DNS-325 ShareCenter Version: = 1.05B03 Website: http://sharecenter.dlink.com/products/DNS-325 / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.28 views

DarkComet (C2 Server) - File Upload

!/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from Crypto.Cipher import ARC4 from binasci...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.45 views

D-Link DNS-343 ShareCenter < 1.05 - Command Injection

D-Link DNS-343 ShareCenter Remote Root Vendor: D-Link Product: D-Link DNS-343 ShareCenter Version: = 1.05 Website: http://sharecenter.dlink.com/products/DNS-343 / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development D-Link...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.244 views

Oracle PeopleSoft 8.5x - Remote Code Execution

Exploit Title: RCE vulnerability in monitor service of PeopleSoft 8.54, 8.55, 8.56 Date: 30 Oct 2017 Exploit Author: Vahagn Vardanyan Vendor Homepage: Oracle Software Link: Oracle PeopleSoft Version: 8.54, 8.55, 8.56 Tested on: Windows, Linux CVE : CVE-2017-10366...

9.8CVSS9.6AI score0.43492EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.43 views

RISE 1.9 - 'search' SQL Injection

Exploit Title: RISE Ultimate Project Manager 1.9 - SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 30/12/2017 CVE: CVE-2017-17999 Vendor Homepage: http://fairsketch.com/ Version: 1.9 POST /index.php/knowledgebase/getarticlesuggestion/ HTTP/1.1 Host: localhost...

9.8CVSS7AI score0.03344EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.66 views

Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect

Exploit Title: Oracle E-Business suite Open Redirect Google Dork: inurl:OAHTML/cabo/ Date: April 2017 Exploit Author: author Vendor Homepage: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html Software Link: download link if available Version: Oracle E-Business Suite...

5.8CVSS5.9AI score0.14558EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.28 views

Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote Code Execution

!/usr/local/bin/python """ Synology Photo Station = 6.8.2-3461 latest SYNOPHOTOFlickrMultiUpload Race Condition File Write Remote Code Execution Vulnerability Found by: mrme Tested: 6.8.2-3461 latest at the time Vendor Advisory: https://www.synology.com/en-global/support/security/SynologySA1802...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.48 views

ILIAS < 5.2.4 - Cross-Site Scripting

Exploit Title: Cross Site Scripting in ILIAS CMS 5.2.3 Date: Apr 24, 2017 Software Link: https://www.ilias.de Exploit Author: Florian Kunushevci Contact: https://facebook.com/florianx00 CVE: CVE-2018-5688 Category: webapps 1. Description ILIAS before 5.2.4 has XSS via the cmd parameter to the...

6.1CVSS6.3AI score0.03279EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.35 views

PerfexCRM 1.9.7 - Arbitrary File Upload

Exploit Title: PerfexCRM 1.9.7 – Unrestricted php5 File upload Exploit Author: Ahmad Mahfouz Description: PerfexCRM 1.9.7 prone to unrestricted file upload that lead to system take over by misconfigured elfinder plugin Contact: http://twitter.com/eln1x Date: 12/01/2018 CVE: CVE-2017-17976 Version...

9.8CVSS9.7AI score0.12506EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.39 views

Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow

Exploit Title: Disk Pulse Enterprise Server v10.1.18 - Buffer Overflow Exploit Author: Ahmad Mahfouz Description: Disk Pule Enterprise Server Unauthenticated Remote Buffer Overflow SEH Contact: http://twitter.com/eln1x Date: 12/01/2018 CVE: CVE-2017-15663 Version: v10.1.18 Tested on: Windows 7 x6...

7.5CVSS7.6AI score0.13176EPSS
Exploits8
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.27 views

SysGauge Server 3.6.18 - Remote Buffer Overflow

Exploit Title: SysGauge Server 3.6.18 - Buffer Overflow Exploit Author: Ahmad Mahfouz Description: Sysgauge Server Unauthenticated Remote Buffer Overflow SEH Contact: http://twitter.com/eln1x Date: 12/01/2018 CVE: CVE-2018-5359 Version: 3.6.18 Tested on: Windows 7 x64 Software Link:...

9.3CVSS8.2AI score0.08996EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.102 views

pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection

!/usr/bin/env python3 Exploit Title: pfSense = 2.1.3 statusrrdgraphimg.php Command Injection. Date: 2018-01-12 Exploit Author: absolomb Vendor Homepage: https://www.pfsense.org/ Software Link: https://atxfiles.pfsense.org/mirror/downloads/old/ Version: =2.1.3 Tested on: FreeBSD 8.3-RELEASE-p16 CV...

6.5CVSS6.5AI score0.06972EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.45 views

ImgHosting 1.5 - Cross-Site Scripting

Exploit Title: ImgHosting Image Storage System 1.5 - Cross-Site-Scripting Date: 12-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: foxsash.com Version: 1.5 CVE-ID: CVE-2018-5479 ImgHosting – Image Storage System quick and easy image hosting...

6.1CVSS6.3AI score0.02069EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.33 views

Domains & Hostings Manager PRO 3.0 - Authentication Bypass

Exploit Title: Domains & Hostings Manager PRO v 3.0 - Authentication Bypass Date: 13.01.2018 Vendor Homepage: http://endavi.com/ Software Buy: https://codecanyon.net/item/advanced-domains-and-hostings-pro-v3-multiuser/10368735 Demo: http://endavi.com/dhrprodemo/ Version: 3.0 Tested on: Windows 10...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.117 views

Flash Operator Panel 2.31.03 - Command Execution

Document Title: =============== Flash Operator Panel v2.31.03 - Command Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1907 Release Date: ============= 2018-01-08 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.49 views

OBS Studio 20.1.3 - Local Buffer Overflow

author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: OBS-Studio-20.1.3 Local Buffer Overflow Zer0Day SEH Based PoC Date: 2018.01.15 Exploit Author: Greg Priest Version: OBS-Studio-20.1.3 Tested on: Windows7 x64 HUN/ENG Enterprise Software...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/15 12:0 a.m.61 views

Adminer 4.3.1 - Server-Side Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: apparition security Vendor: ============== www.adminer.org Product: ================ Adminer = v4.3.1 Adminer...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/14 12:0 a.m.27 views

Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (26 bytes)

Linux/x86 - execve/bin/sh + Polymorphic Shellcode 26 bytes. Shellcode exploit for Linuxx86 platform / Description ; Title : Polymorphic execve /bin/sh - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/sh shell...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/13 12:0 a.m.19 views

Linux/x86-64 - Flush IPTables Rules (execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL)) Shellcode (43 bytes)

Linux/x86-64 - Flush IPTables Rules execve"/sbin/iptables", "/sbin/iptables", "-F", NULL Shellcode 43 bytes. Shellcode ... / section .text global start start: push 0x3b pop rax cdq push rdx push word 0x462d push rsp pop rcx push rdx mov rbx, 0x73656c6261747069 push rbx mov rbx, 0x2f2f2f6e6962732f...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/13 12:0 a.m.29 views

Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (96 bytes)

Linux/x86-64 - Add Map 127.1.1.1 google.lk In /etc/hosts Shellcode 96 bytes. Shellcode exploit for Linuxx86-64 platform / global start section .text start: ;open push 2 pop rax xor rdi, rdi push rdi ; 0x00 mov rbx, 0x7374736f682f2f2f ; ///hosts push rbx mov rbx, 0x2f2f2f2f6374652f ; /etc//// push...

7.1AI score
Exploits0
Total number of security vulnerabilities47904