Remote root exploit for Samba 2.2.x and prior that works against Linux (all distributions), FreeBSD (4.x, 5.x), NetBSD (1.x) and OpenBSD (2.x, 3.x and 3.2 non-executable stack). It has a scanning abilities so a range of machines can be penetration tested at once on a network.
d6672353da22242d8fc89098e6e31eb2c358a76ff09164f2b7f0f5060a5f0c03Solaris Sparc shellcode that writes netric was here.
e3af7d99040def573ba17626a6c290811b8d7652264094ec8340fdf45dac57c5Solaris Sparc shellcode that sets the effective uid to 0 and executes a shell.
b4f74f95b8bd45fe94c359024720079f6ee3e0151ca7a8a1f62db7483e21af68Core grep is a utility that works like grep but was designed to be used against core files.
d20e5c8dc13d0cce1e98db9f2a8559cb03f62d5dee59b44f124f195121335d7eGespuis acts as an irc bouncer and exploits BitchX/Epic clients spawning a bindshell.
dd15eaa198ba5124d4a8fee6a3430072539d129c6f1f74f1e39e66f5101144cbLinux x86 shellcode that plays /tmp/wav.
fb85d75711fadc267300b543395f49fba747f72fadfbbf8a0d7b72ba000d8dfdLinux x86 shell code that flushes iptables.
f41d98b684a98ae4ddb6475aa4b3d8dcdc3580000bb8b4a4687c7e68ac12e4f8BSD x86 194 byte forking portbind shellcode.
679460791b82bc71cc358ebb7838a48a15a4b36b0568f604d4ecd681342df6ccLinux x86 200 byte forking portbind shellcode.
8596f6bc924b6a977ba4454ed405e1eae9f64cab5c9f56b54386872551a9c83eBSD x86 124 byte connect back shellcode.
5c802bdef5259c9a4b2a1f2cce119173bc88d78f7568286a371993d88972fcd1Linux x86 131 byte connect back shellcode.
2f7b6f86b4a4d840961d8bbb4ba116066ddd329e45325fc389c858403fdb8850ISC dhcpd v3.0.1rc8 and below remote root format string exploit. Tested against Debian 3.0, Mandrake 8.1, Red Hat 7.2, 7.3, and 8.0, and SuSE 7.3. Includes the option to check for vulnerability on any platform by crashing the service.
dc98b1acb4120f20825c608246e44cb64ff5010e26e9ed5cbf306e84e6158122Xsun-expl.c is a local exploit for the SPARC architecture that makes use of the Xsun -co heap overflow found in April, 2002 on Solaris 2.6, 7, and 8.
97e55a2ca5d9e617ff856cd2414f020155d9ce6262a00ab465fbed2df4dbfdb0291 byte BSD ptrace shellcode which injects a bindcode into the ppid, useful for breaking chroot.
6550b1322a482de0869c99df39964fef13a59b4b140fc85adee39bda14d4dcafRemote root exploit for Linux systems running Null httpd 0.5.0. Tested to work against Red Hat Linux 7.3.
f3ad09d77c82a11ae03bbf3d43ee72abb5ba62e08fc75bd608fa3668f74758b5nbtstat is a NetBIOS name lookup tool. This tool provides similar functionality as the nbtstat package by Todd Sabin.
631d06ed5ab62c8e09176aacdd3b3916bedf336095ec0c415116bb6ae0ceb738BSD x86 shellcode which does a seteuid(0,0); execve /bin/sh; exit.
5ebf0df299333aa85731a40589283c24601e346f27eb4c85540bbcb350879e59Linux x86 shellcode which does a seteuid(0,0); execve /bin/sh; exit.
6cc8b3b1f1020f760ddff5d729e18b3d55edc7d5fa9c559ca025ce8ea9f1a718AFD v1.2.14 local root heap overflow exploit. Includes offset for Redhat 7.3 and instructions for finding offsets.
ba11ab3a60f47300732402f63f4607eedc8d209f484e0f0110e129539aaa8781mayday.c ported to Windows with Cygwin by here.
f81814e793e5a10cdc99db3199af9b69c783d40388670df372d1e74de3dfe1c0mayday.c - SHOUTcast v1.8.9 remote linux/x86 exploit. Included shellcode binds to port 10000. Advisory available here.
cf57fccf75cc0dcfa305f423ad2a3440aa5b6d87bea093ab6c0a2841a6d6f92bNullsoft's SHOUTcast v1.8.9 contains a buffer overflow which can be exploited by a DJ to gain shell access to the system. Windows, Linux, and FreeBSD are known to be vulnerable.
7158bd00e24e44b040e478a07b40240d2a892aa29113f26ce162fe843ee4f733Posadis m5pre1 local buffer overflow exploit.
02990a3bf9a9b52f587bd26ec96d8142429acc8d34e02e69e765ef4fb60221b1Posadis m5pre2 local format string exploit.
025e81c77e339b0490a61b132dcf3996293528d7e06703be59938c0e883873e7IIS 5.0 remote win32 exploit for the null.printer buffer overflow.
ce2073743bd10136edc549bb174a68f191651fd565885d653fb6d128c2ecc388
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed