This Metasploit module exploits the ComSndFTP FTP Server version 1.3.7 beta by sending a specially crafted format string specifier as a username. The crafted username is sent to to the server to overwrite the hardcoded function pointer from Ws2_32.dll!WSACleanup. Once this function pointer is triggered, the code bypasses dep and then repairs the pointer to execute arbitrary code. The SEH exit function is preferred so that the administrators are not left with an unhandled exception message. When using the meterpreter payload, the process will never die, allowing for continuous exploitation.
8ca8af4598071a83d2552f14b027f3fdb8f361c95b01bacf03d39857c306caeaThis Metasploit module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 (Multi-target exploit). When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.
40169fda292d731fa83423db95f72a9157b704f1e0c735313549ab77c3e54b4eThis Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 When opening a malicious s3m file in this applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7.
b34af7c1a1ed7cf2711905e10f913bce6d4781228c221060be316b6715a150a5This Metasploit module exploits a stack buffer overflow in Odin Secure FTP 4.1, triggered when processing the response on a LIST command. During the overflow, a structured exception handler record gets overwritten.
8ecb75c11b4c62e6ce7b842e1892561eaa88009d5a9d93ecdf9fc5bde92a10b0This Metasploit module exploits a stack buffer overflow in Nuance PDF Reader v6.0. The vulnerability is triggered when opening a malformed PDF file that contains an overly long string in a /Launch field. This results in overwriting a structured exception handler record. This exploit does not use javascript.
7126b3b381c830c246515407ec24713960237606057c8a16a5129cdc22151571This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
d01b8d0eccb2aec11afecf3d49371c3c926e2d006a81facbb808d6626fec7fa3This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
39c01041cd7a953eb8e64486e1f5865273ee4d2db2d0b6b1cfb86aad1711e782This is a Metasploit module that exploits a remote buffer overflow in Integard Home and Pro version 2.
d4089119cb05d1fbda649606b655fb13dc6b8bd56736cee01e8bbc3e9d7072abThis Metasploit module exploits a buffer overflow in Simple Open Music Player version 1.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
ff61fd7b9e078099ead07530144e241ebf1475c5b918f46fc1b891e77fc94f8fZipGenius version 6.3.1.2552 suffers from a stack buffer overflow vulnerability.
ee6796d1e2a1356131c435a010f02986b0dd87176177a45a88cb77cf5428d21dZipGenius version 6.3.1.2552 stack buffer overflow exploit that leverages zgtips.dll.
182f84b34d3061a772ef73d1cb7a337289948025589e93e60a5bbe0bbaa15630Windows Messagebox with custom title and text shellcode.
bfb767a550c15f0127b50d18eb047c22434148eb8a29252b851930cbdc760bdaRemote Help version 0.0.7 remote denial of service exploit.
defe99432d6b2eee6f03792639bad32f46c3fe9556a76c6ada5c12764d908146Windisc version 1.3 suffers from a stack buffer overflow vulnerability. Full exploit code included.
35273ce169912292844042a3d97dfc0662b96dd9a08ae743128e33f0a8217a9fS.O.M.PL. aka Simple Open Music Player suffers from a buffer overflow vulnerability. Proof of concept included.
49c43c6a08970bf5d2ba90f05fbace520df46cf05783346936b3a3b9032389c1Winplot local buffer overflow exploit that creates a malicious .wp2 file.
82f998f301f4ab0ed6175236dec21034486bef1df09702ffad20aadbd958fd76Changetrack version 4.3-3 suffers from a local privilege escalation vulnerability.
1a24316e8b2fab56fbbf912c6014e79a481b5a2ce5574ff448911085fa63e591Linux/x86 shellcode that binds to port 4444 and is xor-encoded.
42a49a8a5f2981bd589d213073aa7a301074373d1fe4dc5293614f9484bf840186 byte Linux/x86 edit /etc/sudoers for full access.
7d3c24f1326c9839b67cda1c267ce7c0840d066c32b99df5a080ae3f91c26e2f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed