This Metasploit module exploits a stack buffer overflow in 32bit ftp client, triggered when trying to download a file that has an overly long filename.
12a0acd3b85279ca0f783e238d8bda5078df822aab5d81ee1c2c190dce51d449
This Metasploit module exploits a stack buffer overflow in FTPShell 5.1. The overflow gets triggered when the ftp clients tries to process an overly response to a PWD command. This will overwrite the saved EIP and structured exception handler.
f519ce182ff34cf63de5ac4b785653619bb701dd2e8f49ec8d3eeefccfe0e84a
This Metasploit module exploits a stack buffer overflow in Nuance PDF Reader v6.0. The vulnerability is triggered when opening a malformed PDF file that contains an overly long string in a /Launch field. This results in overwriting a structured exception handler record. This exploit does not use javascript.
7126b3b381c830c246515407ec24713960237606057c8a16a5129cdc22151571
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
d01b8d0eccb2aec11afecf3d49371c3c926e2d006a81facbb808d6626fec7fa3
This Metasploit module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
39c01041cd7a953eb8e64486e1f5865273ee4d2db2d0b6b1cfb86aad1711e782
Xion Player version 1.0.125 local stack buffer overflow exploit that creates a malicious .m3u file.
623e89f49bcef9f0a3b4ba99e4d3ef07532083ae2fdac43b0fe5118d47d2d2a5
UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.
a6a08e41b5947372974aff9b14a2282596f65cf35a007410bc1f76fed9559f49
Rumba FTP Client version 4.2 PASV buffer overflow exploit.
ef99f45759b0dbf236f569178c372ca29338d9b16557909fdab8401928066c7b
ZipGenius version 6.3.1.2552 stack buffer overflow exploit that leverages zgtips.dll.
182f84b34d3061a772ef73d1cb7a337289948025589e93e60a5bbe0bbaa15630
TweakFS version 1.0 stack buffer overflow exploit that creates a malicious .zip file.
905ad02a613f983dda9eaae9bab76456411f4e51d7ef6ac4c81902c6d115408a
eZip Wizard version 3.0 buffer overflow exploit that creates a malicious .zip file.
f010a2dae64b554d9b39247ff8f0eb04a16bae1238dea7fc4dc4d26fbce69b92
ZipScan version 2.2c buffer overflow exploit that creates a malicious .zip file.
1ceca7cff059a32bb8f47a5ede4b7d904ae8a6fab410175e36f81eadad238be9
Windows Messagebox with custom title and text shellcode.
bfb767a550c15f0127b50d18eb047c22434148eb8a29252b851930cbdc760bda
eDisplay Personal FTP Server version 1.0.0 post-authentication stack buffer overflow exploit with egg hunter shellcode.
d8bcac4e6d3681225a51e49277ef1f2caa310dfb4ef9362e17866f83feece047
QuickZip version 4.60.019 stack buffer overflow exploit for XP SP3.
c249e4b1ead7403ecda55a227cb5bf69e66217aaf1853b178e0c25e90293670b
QuickZip version 4.60 local buffer overflow proof of concept exploit that creates a malicious .zip file. This version does not have the egghunter.
3fbe6073961b268eabead158a13d7511eaec9db110657a8f6c485ad7f1e516de
QuickZip version 4.60 local universal buffer overflow proof of concept exploit that creates a malicious .zip file.
bda6eb9c164d209bdd722327bea22163fc6cb422354539e0a5fc6722ec4af74b
Exploit writing tutorial 9 - Introduction to Win32 shellcoding.
3706f35a0ce8ee03fa0b64d0df8875570a1887011f234d325ca5f281b133b56b
Exploit writing tutorial 8 - Win32 Egg Hunting.
cdc785e5c04945be39fd37440864d660ed1b41c96631356fd999a24924338d8d
Evalsmsi version 2.1.03 suffers from authentication bypass, cross site scripting and remote SQL injection vulnerabilities.
834cb18db01bac6d42973fa19f768087cfa19787f75c929e18d05a3e51acf628
CoreFTP version 2.1 b1637 password field universal buffer overflow exploit.
ebe25b2d175b639ca561230fa33a91e6188b5bfe6aba3cc5aa9543c93302bb84
TurboFTP server version 1.00.712 remote denial of service exploit.
2f1046f88e7a2d9e5f7e2baad89094a92f1d3c70e7ee2f94e235d2bc85b8a9a1
M.J.M. Quick Player version 1.2 stack buffer overflow exploit that creates a malicious .m3u file.
85d1dfa1e061e767ced38cff60f6e57cc0f9f53e044e47d7c5d19097a437a8bb
AIMP2 versions 2.51 build 330 and below audio converter playlist buffer overflow exploit.
c6e39bb3fcec1877067eb985ee4f07a6fd968d11e76815fc2c325d912e99073b
Xion Audio Player version 1.0 build 121 local buffer overflow exploit.
9fe8f6658b4b6b8a229b0f92ef86e601a9421567effd4ad2b338d0beed4c076b