This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
fb9122139453d8f4446211b8abc04b50ffab8420069b74155ee605f46c1cdf71
Kernel MSM versions prior to 3.10 suffer from a memory leak in the Genlock driver.
bab34632681acb34290802692cd529eb033d5bfde86c6aaad103565ca18886e2
Multiple issues have been identified in the Goodix GT915 touchscreen driver for Android. The issues were found in the write handler of the procfs entry created by the driver, which by default is readable and writeable to users without any specific privileges.
5468cf6bc4a573bce23d6d2362d62f883dc4f5f44ad54aabb748028e15ad7c7f
A stack-based buffer overflow and a kernel memory disclosure vulnerability have been discovered in the system call handlers of the camera driver for Android.
5e4baafc3b719ae7fddd0675ed808b960988f0436701a0308d0d5005f17017a3
This is a whitepaper called Taint analysis and pattern matching with Pin. All examples in this document are considered a proof of concept and are meant to give others ideas.
ec76a2f8def58b42c1d7b3105a4bea93f29bbf23d2776a4316a9981f1cb84489
OpenVZ kernel version 2.6.32 suffers from multiple memory leaks.
8564ad61e7645a172b677d9f8cf2e6d215eaeb5a393a80fab15d31814d976364
This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
a3c3ec6b1802094e54da93c80785e1f8daf941d0b55ab312515a20eaca92d966
27 bytes small Linux/SuperH setuid(0); execve("/bin/sh",NULL,NULL) shellcode.
b10a669c6e4b3181ef2c671d6b89f203e8448c950e8c52c0df80c2a0ad194d71
This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
ca11bac88062dc522d672fa82c2a551edd60d21ac03d21285a21b27cae625fa6
This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
28f8e63bc35c46325d56c474d5128a74937d61727270c174964c2dd144d25d2a
Whitepaper called Bypassing IDS with Return Oriented Programming. It heavily discusses and shows the point of leveraging polymorphic shellcode in order to bypass detection.
7b4233a85e4bc362abaaeaf8b2d2687ed81a3db3a7a699bbe6949214aeb66bae
This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
fe20eb082c9b42613c0b48b9b4c5c32bc58c455f4ab0be359ce7c8d85d7fa30e
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation.
e4427d5468cdea58f2f78c268fd4dfef942c4d3deff183d345a2ca145d77d671
PHP version 5.3.6 proof of concept buffer overflow exploit.
1dd6733f0605c788059da351818004a21d990674130a330bede2b8de3032be99
143 bytes small Linux/SuperH sh4 add root user with password shellcode.
9dfaa19c7c70387a951fecf63dda0dc5cbf3d6994790436ec8af033e25311bdf
422 bytes small Linux/x86-32 connectback with SSL connection shellcode.
8487f1b7de1c3a9fc9b52f4a78e489eb7cf9494c5be31b21fcbcff1f15509b04
Linux/x86 /usr/bin/netcat -ltp6666 -e/bin/sh shellcode.
84aa0c4d97e3ba738247628d5bb9d317fcac19a4b680f5764acf2335664d47e8
Whitepaper discussing how to make a backdoor with return oriented programming and ROPgadget. Written in French.
359f35beea9bb5e9dd45e28409ccda1fe40ca5f1e3ecfdbb92abacf00fc0bf60
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation.
1b980fc86e7341b8c082abf927494528ed554d57e0c25f7b4c5ba63ecfca3eb0
Metasploit framework plugin that generates shellcode to create a new user with uid 0 for the ARM architecture.
9d8fcf7ca8c8fb2be14a67055397ccae9e20e5aebce90829954cd7e054d0e01d
Whitepaper called How To Create a Shellcode on ARM Architecture.
afc96ecde2f45d34049429d3da01bbc11524655aa7184ff5ccbd014a45ed7f61
151 bytes small Linux/ARM add root user with password shellcode.
a38fa7ee86bfb26c74a2b910895893e7c577f127befaa4eca299f339c86515f9
27 bytes small Linux/ARM execve("/bin/sh",[0],[0],[0 vars]) shellcode.
fbf32dea532b903395b1f7142db9bda7e4bc07537952d97bf32a5de0356b6e44
Whitepaper called How to create a polymorphic shellcode.
d1fd355e88fcde0310c5c3e33b05b23f2ada9bbf2558047dd96893d2881e67eb
Whitepaper called How to create a shellcode on Linux / x86.
be8ad7a3a06855a46d70be336cf0396e40311d917b41a72c66e17cc4f8048afc