exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from b33f

First Active2011-06-01
Last Active2017-08-22
Windows Escalate UAC Protection Bypass (Via COM Handler Hijack)
Posted Aug 22, 2017
Authored by b33f, OJ Reeves, Matt Nelson | Site metasploit.com

This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This Metasploit module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This Metasploit module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.

tags | exploit, registry
systems | windows
SHA-256 | 5643c9d59dd3082682db29197c72dec6efcfecef92c481633dd466d8973ffddb
MS16-032 Secondary Logon Handle Privilege Escalation
Posted Jul 12, 2016
Authored by b33f, James Forshaw, khr0x40sh | Site metasploit.com

This Metasploit module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This Metasploit module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.

tags | exploit
systems | windows
advisories | CVE-2016-0099
SHA-256 | 26f03a91eb8c8dde8874f73e8d5a247d4da47b1e8ea13cc74ba383ffcb0b25c5
Microsoft Internet Explorer OLE Pre-IE11 Code Execution
Posted Nov 21, 2014
Authored by b33f, GradiusX

Microsoft Internet Explorer OLE Pre-IE11 automation array remote code execution / powershell VirtualAlloc MS14-064 exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
SHA-256 | d3053b664458c408fee9df099a23f568d9bd4a2935dc2bc5f92cc1ab8dda07aa
BlazeVideo HDTV Player Pro 6.6 Filename Handling
Posted Nov 30, 2012
Authored by sinn3r, b33f | Site metasploit.com

This Metasploit module exploits a vulnerability found in BlazeVideo HDTV Player's filename handling routine. When supplying a string of input data embedded in a .plf file, the MediaPlayerCtrl.dll component will try to extract a filename by using PathFindFileNameA(), and then copies whatever the return value is on the stack by using an inline strcpy. As a result, if this input data is long enough, it can cause a stack-based buffer overflow, which may lead to arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-80896
SHA-256 | ab34370a5debea1b2a8db24c582834304ee72c0e5a992dbbbcfedc31867011f6
Windows XP Pro SP3 Full ROP Calc Shellcode
Posted Nov 5, 2012
Authored by b33f

Microsoft Windows Pro SP3 full ROP calc.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | 289f3c1bf7939844f15a89531a486537d36030fca3be043135f9d4ec1f1d3550
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
Posted Nov 1, 2012
Authored by shinnai, sinn3r, b33f, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Aladdin Knowledge System's ActiveX component. By supplying a long string of data to the ChooseFilePath() function, a buffer overflow occurs, which may result in remote code execution under the context of the user.

tags | exploit, remote, overflow, code execution, activex
advisories | OSVDB-86723
SHA-256 | 52766c2b3fde61f7b666e4b1325dcd3fd7b5e615f7cb3ac20c90295ebd3f492b
Aladdin Knowledge System Ltd Buffer Overflow
Posted Oct 28, 2012
Authored by b33f

Aladdin Knowledge System Ltd PrivAgent.ocx ChooseFilePath buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 6b0e1f5b8ce0b43f6fe89b5aefc2eb998856bca69d78c4825813a7b9d9459d3d
NCMedia Sound Editor Pro 7.5.1 Buffer Overflow
Posted Oct 3, 2012
Authored by b33f

NCMedia Sound Editor Pro version 7.5.1 buffer overflow exploit with SEH and DEP.

tags | exploit, overflow
SHA-256 | 4195ae37fdb252cffc6ea369a4e3f28b378fc74c86697f3ab2e437a9b9fbd9c1
Lattice Semiconductor PAC-Designer 6.21 Overflow
Posted Jun 8, 2012
Authored by b33f

Lattice Semiconductor PAC-Designer version 6.21 suffers from a stack-based buffer overflow.

tags | exploit, overflow
advisories | CVE-2012-2915
SHA-256 | 520230c976f66176275e60d6714d34242413e22d709e7dd05023f8285270adbe
TFTP Server 1.4 ST(RRQ) Buffer Overflow
Posted May 14, 2012
Authored by b33f, JK

This Metasploit module creates a buffer overflow condition by sending a Read Request (RRQ) packet to TFTP server version 1.4.

tags | exploit, overflow
SHA-256 | fa9a0be38e83a3162d8474b2cb10cba8e6ec243cb4cbcc36423fedb3d72656ab
BlazeVideo HDTV Player 6.6 Professional Buffer Overflow
Posted Apr 4, 2012
Authored by b33f

BlazeVideo HDTV Player version 6.6 Professional buffer overflow exploit with SEH + DEP + ASLR bypass.

tags | exploit, overflow
SHA-256 | f5b576d7baf1601664d205e9e05ca99f4fbeb993a5658b7404fac8d5620e1548
Blade API Monitor Unicode Bypass Buffer Overflow
Posted Feb 20, 2012
Authored by b33f

Blade API Monitor unicode bypass exploit that leverages a serial number buffer overflow vulnerability.

tags | exploit, overflow, bypass
SHA-256 | c109d660b442ebc03a56a50cd730ba3d2d076545a02df2184c4d3368a7dd25c8
TFTP Server 1.4 ST RRQ Overflow
Posted Jan 11, 2012
Authored by b33f

TFTP Server version 1.4 read request packet buffer overflow exploit that spawns a reverse shell to port 9988.

tags | exploit, overflow, shell
SHA-256 | a201aaa089a6bcd7806a570bb387706be9f0b4e2056e93422d3b8acf44b2a9c1
Microsoft Office 2003 Home/Pro Buffer Overflow
Posted Jan 8, 2012
Authored by b33f, g11tch

Microsoft Office 2003 Home/Pro buffer overflow exploit with a magic payload download.

tags | exploit, overflow
SHA-256 | a5df7f790abb9961479c3b3d997d64657f4eb426c3b9605dd2ffa79bf09958af
ActFax Server FTP Remote Buffer Overflow
Posted Jun 9, 2011
Authored by b33f

ActFax Server FTP post authentication remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 4be2f3a68350281866ccffc27102dc7ca96ae58300eeb928a65f39b7f23e1fea
Easy FTP Server 1.7.0.2 Buffer Overflow
Posted Jun 1, 2011
Authored by b33f

Easy FTP Server version 1.7.0.2 post authentication buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 2a6596bad306c2f92f31a99a5af952a2ecb1fa44c6c4f1578665dd5c22713689
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close