execve("/bin/sh",{"/bin/sh",NULL},NULL) shellcode for Mac OSX on both the PPC and x86 platforms.
a8906c546585510d29afd14973965fe1856fd3050999ab89dc35b4d8c1a853fbA sign extending bug in AppleFileServer exists while parsing a FPLoginExt packet. Exploit included.
f172aaf165f55268a1cc2d2eb0e697bd235cf9e069b14565a19c5b48a3a6788fSmall application written to make life easier. It dumps C style opcodes between two provided offsets.
4e7b34bd72aa38097381c48faee3882bfff8bfafa9e16fcbd8a7d692399b7651Local root exploit for mRouter installed by iSync on Mac OS X 10.3.
9a814a90dbb6e5458ed265b55264c5bf185da8f2b4e2f51e6fe813505c80c98aMac OSX versions 10.3.x with a Darwin Kernel equal to or below 7.7.0 are susceptible to a denial of service flaw that may allow for possible privilege escalation.
237a3224700bab126e3d93c2630bea4ae47220dea9a8923e14614ec3c58c12e9Proof of concept exploit for iTunes 4.3.7 on OS X 10.3.7. Shellcode binds a shell to port 4444.
b05f72bd3493e1d0b8d1ee90794c20b56668c3916fe59f0c1ec9dedcf40e49feWeaponX is a kernel based rootkit for Mac OSX which is roughly based on adore. It runs as a kernel extension, similar to a LKM. Requires Xcode. Readme available here.
3e90b2abe3d92f157460c7cb61234e34310154dedaf128616cccf864093686c1New Macintosh OS-X rootkit that is roughly based off of adore. It hides itself from kextstat, netstat, utmp and wtmp. Further revisions to include a reverse shell triggered by ARP and DNS packets.
cf7423b74f6d5920cebbf766912f5ecca0db3ada2792d9264af8fd6b9f44d996Statistics Server 5.02x for Windows contains a buffer overflow caused by a long GET request. Includes perl exploit which spawns a winshell with system privileges on port 8008 on Statistics Server 5.02x/Win2k.
4d5eb9ffd94b406e9662e8575bcca3692763124371afe9b77e28d789f947712f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed