This Metasploit module exploits a stack based buffer overflow in the ntpd and xntpd service. By sending an overly long 'readvar' request it is possible to execute code remotely. As the stack is corrupted, this module uses the Egghunter technique.
009c6a0959755d8609b7f6680a3f93f21f0a42a6559a05ef0c29a657384e5fbd