what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2020-04-24

Linux/x86 Egghunter Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.

tags | x86, shellcode
systems | linux
MD5 | 3cc1d7e8ad5391ad63e8cd52726be7e0
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 937201f1ff92ab4fabd623cad7224a07
Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | b4cd1c73f54aff707a22b55b2944bd8d
URLCrazy Domain Name Typo Tool 0.7.1
Posted Apr 24, 2020
Authored by Andrew Horton (urbanadventurer) | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Added --debug to show debugging output for development. No longer requires pry gem unless debugging. Checks for a low ulimit and shows a warning.
tags | tool, web
systems | unix
MD5 | a20c223e81c93371dc4a1c486cbcfdc3
Linux/x86 Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | 20be4a130a7c7deaf759ff5c00029968
Linux/x64_86 ROL Encoded Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.

tags | shellcode, bash
systems | linux
MD5 | 8dfa373d1ce188f0f22dd71251acb232
Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution
Posted Apr 24, 2020
Authored by LiquidWorm | Site zeroscience.mk

Furukawa Electric ConsciusMAP version 2.8.1 java deserialization remote code execution exploit.

tags | exploit, java, remote, code execution
advisories | CVE-2020-12133
MD5 | 6bdde55e22751554fa630c47df38d1df
Air Sender 1.0.2 Arbitrary File Upload
Posted Apr 24, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Air Sender version 1.0.2 for iOS suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
systems | ios
MD5 | 1be8fe922a7c416f5c4ef8ecbdd3f758
Edimax EW-7438RPn 1.13 Remote Code Execution
Posted Apr 24, 2020
Authored by Besim Altinok

Edimax EW-7438RPn version 1.13 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | eb9a776702dad8d882e50756b71269bf
EspoCRM 5.8.5 Privilege Escalation
Posted Apr 24, 2020
Authored by Besim Altinok

EspoCRM version 5.8.5 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 07af60aea92379df6242bd27e0f30ab8
Linux Password Protected Bindshell Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

272 bytes small Linux/x86_64 null free password protected bindshell shellcode.

tags | shellcode
systems | linux
MD5 | b2aad21499e34b3822eb8138541d15fd
Linux/x64_86 Egghunter Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.

tags | shellcode, bash
systems | linux
MD5 | a26b8168f0e16f88cec1b72030695f38
Popcorn Time 6.2 Unquoted Service Path
Posted Apr 24, 2020
Authored by Uriel Yochpaz, Jonatan Schor

Popcorn Time version 6.2 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 2d8a6acf8b3814ba576ffad8ece4beec
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close