what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2020-04-24

Linux/x86 Egghunter Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.

tags | x86, shellcode
systems | linux
MD5 | 3cc1d7e8ad5391ad63e8cd52726be7e0
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 937201f1ff92ab4fabd623cad7224a07
Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | b4cd1c73f54aff707a22b55b2944bd8d
URLCrazy Domain Name Typo Tool 0.7.1
Posted Apr 24, 2020
Authored by Andrew Horton | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Added --debug to show debugging output for development. No longer requires pry gem unless debugging. Checks for a low ulimit and shows a warning.
tags | tool, web
systems | unix
MD5 | a20c223e81c93371dc4a1c486cbcfdc3
Linux/x86 Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | 20be4a130a7c7deaf759ff5c00029968
Linux/x64_86 ROL Encoded Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.

tags | shellcode, bash
systems | linux
MD5 | 8dfa373d1ce188f0f22dd71251acb232
Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution
Posted Apr 24, 2020
Authored by LiquidWorm | Site zeroscience.mk

Furukawa Electric ConsciusMAP version 2.8.1 java deserialization remote code execution exploit.

tags | exploit, java, remote, code execution
advisories | CVE-2020-12133
MD5 | 6bdde55e22751554fa630c47df38d1df
Air Sender 1.0.2 Arbitrary File Upload
Posted Apr 24, 2020
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Air Sender version 1.0.2 for iOS suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
systems | ios
MD5 | 1be8fe922a7c416f5c4ef8ecbdd3f758
Edimax EW-7438RPn 1.13 Remote Code Execution
Posted Apr 24, 2020
Authored by Besim Altinok

Edimax EW-7438RPn version 1.13 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | eb9a776702dad8d882e50756b71269bf
EspoCRM 5.8.5 Privilege Escalation
Posted Apr 24, 2020
Authored by Besim Altinok

EspoCRM version 5.8.5 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 07af60aea92379df6242bd27e0f30ab8
Linux Password Protected Bindshell Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

272 bytes small Linux/x86_64 null free password protected bindshell shellcode.

tags | shellcode
systems | linux
MD5 | b2aad21499e34b3822eb8138541d15fd
Linux/x64_86 Egghunter Execve Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.

tags | shellcode, bash
systems | linux
MD5 | a26b8168f0e16f88cec1b72030695f38
Popcorn Time 6.2 Unquoted Service Path
Posted Apr 24, 2020
Authored by Uriel Yochpaz, Jonatan Schor

Popcorn Time version 6.2 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 2d8a6acf8b3814ba576ffad8ece4beec
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close