| Email address | berendjanwever at gmail.com |
|---|---|
| Website | skypher.com |
| First Active | 2003-04-10 |
| Last Active | 2016-12-21 |
BETA can convert raw binary shellcode into text that can be used in exploit source-code. It can convert raw binary data to a large number of encodings. It can also do the reverse: decode encoded data into binary from the same types of encodings.
1b45c685a458df166b54860c098ca9021ba8ff6a73dc10f90d7420bdb9c6d2caMicrosoft Internet Explorer suffers from a Content-Encoding: deflate memory corruption vulnerability.
80fa117d24dc8845f2994b4d1e1342b08f6ff97d25b492bb4f924064b92e3e2cVarious reproduction code that demonstrates memory corruption when loading/unloading Adobe objects through an EMBED tag in Firefox.
cbfab4ccb60d417d49251f98b1b677a08ea4a6fa400b4d5b3cd721ce1aeb2be8Windows x86 null-free bindshell for Windows 5.0 through 7.0 all service packs.
04ba99e6d3d4bd989ede7e23e3b2fdf261d5b2e942f08b2197bed07ec00ccd9dMicrosoft Windows x86 null-free bindshell shellcode for Windows 5.0 through 6.0 all service packs.
e30984bbffd193b9456095ecf59c11dc4559ea1dda013038d818184452fc953fMicrosoft Internet Explorer EMBED memory corruption proof of concept exploit that leverages the vulnerability discussed in MS09-014.
fc11bf53d21ba40129e201b7ccaa7856a96e3592bd369f3ebd690e007de4df83This is a small piece of shellcode written in assembler that can scan the user-land address space for small blocks of memory ("eggs") and recombine the eggs into one large block.
8f64a632ae31b520f87ac44f9927c36b3d08aeef8e12e7ea7b7456352c7aadbbMozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode reference crash exploit.
02291ecdde47dce048dcb42adac3b1508cdea7e7ab5645016e1f5be7b0b67ea1A NULL pointer read vulnerability exists in Microsoft Internet Explorer versions 6.0, 7.0, and 8.0 Beta.
da104f3d68f39d3929b4c38e3bf2f61ce309b27f516300071bd2635ddb8f20f7Safari array integer overflow proof of concept exploit.
8d018a338ed08422a4dc3a1d1c8f2bef6a08cd0487577e9ff3d96102ba6ea272ASCII Art / shellcode hybrid called "Julia". This shellcode was created using Ars Ex Machina Coda. The shellcode will only work when it is run in writable and executable memory and if ECX points to the base address of the shellcode.
89cdfca38f956e1128ed018784978d1e02fff9f7c01ce163ba847b1d3b640bc1This is a very cool ASCII Art / shellcode hybrid of "SkyLined".
e752389d0a9b04a413b2b3d936d5fcf8f4d6d34efdbbe2e00c65ccfaa79fd27bThis is a very cool ASCII Art / shellcode hybrid of "SkyLined".
3f50a06a3908cc0e38e66c20fcc5a7aff47435b0847640a4d88ce552494096b6PwnZilla 5 - Exploit for the IDN host name heap buffer overrun in Mozilla browsers such as Firefox, Mozilla, and Netscape.
5fd84b75e862d1b3f6cac437ba7e571a8da0bd7fe4f45638c172f865b261d320Research and development has led to a 90% reliable working exploit for the IDN Heap Buffer overrun in FireFox on WinXP and Win2k3 as long as DEP is turned off and JavaScript is enabled.
58cfafa307dfccf01eda97c1848bac293eebcf18ec5734852be83abf76e17e11A number of issues have been reported lately by various sources about Internet Explorer vulnerabilities in relation to specific COM objects. Research has shown that the root cause is the fact that these COM objects are not designed to be loaded in IE at all. These objects therefore make wrongful assumptions about the state of the process they are loaded into, specifically about the contents of heap memory. This can be abused to uncover unwanted features, like the ability to run arbitrary code on a victims machine.
035a6aa16f04f9d73cacf13f2f3a7db3188f82cf0bd18a282634937ba184ab53Proof-of-Concept exploit code for the MSIE DHTML object handling vulnerabilities (described in MS05-20).
c26eff210455c49cb3320cc55bf604d64f8ad0b37b6bea90265783cad726472fInternetExploiter 3, .ANI-file Animation header length stack based buffer overflow exploit for Internet Explorer. Uses Cascading Style Sheets to load a malicious animated cursor. Runs a bindshell on port 28876.
2c241ffbbd01971af65ed38f537c9d5cc267d13e058013c5e7fd39635abbc94cAnother MSIE flaw that allows for a nest sort loop to cause an exception.
f9e3153a835e256b97c1f3cb90599d1eddf85c9d3a051a20d07215e32baf0dfeTool that can encode shellcode in various ways. Released by the author of the InternetExploiter exploit. Documentation for this tool available here.
66588988e27151588f35c1d98e2e115206867e3150312b3abbf669ddfdcc4681Writing IA32 Restricted Instruction Set Shellcode Decoder Loops - This article addresses the requirements for writing a shellcode decoder loop using a limited number of characters that limits the instruction set. Most of it is based on the author's experience with alphanumeric decoders but the principles apply to any piece of code that is written to work with a limited instruction set.
2aea2ebf088e500f6e82bebaad1ecbf8639a257cb6f76e1538ffef1687c2a19aInternetExploiter.html is a remote exploit for the IE IFRAME html tag buffer overflow vulnerability which binds a shell to tcp port 28876. Tested against IE 6.0 on Win XP SP1 and IE 6.0 on Win2k.
0ecca01eb05bab171b33265b3ea3ac3e0cd2cac3fc0ae02350d422d833d55e3fALPHA 2 Zero-tolerance is a shellcode encoder that will convert any x86 shellcode into 100% alphanumeric code. The resulting code has an OS independent decoder that will convert the encoded shellcode back to the original code and execute it. Features include creating 100% uppercase and unicode-proof code. It also supports automatic EIP grabbing for win32 targets using the Structured Exception Handler. A working version is available for testing on-line at http://www.edup.tudelft.nl/~bjwever.
e066bd9f3ea43a9d5f1e8b0a761255877f816d6e725b96a4cdc15c2c5b381033Remote exploit that makes use of a buffer overrun in the Serv-U FTP server versions 4.2 and below that binds a shell to port 28876.
ea506acc9b54478ebcde1305c05e03a4d7a82d57254fcf230248bb00ffe76634Coppermine Photo Gallery, the picture gallery which allows users to HTTP upload pictures, fails to extension check pictures that are uploaded. Due to this, a file with the extension .jpg.php can be uploaded allowing a remote attacker to execute commands. Sample .jpg.php included. Patch available here.
0d2fe1a4e09dda1f2380a7d53ddb87733772a50e381a3cc8e5217a10c4ca5dab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed