Exploit the possiblities
Showing 1 - 25 of 100 RSS Feed

Files

WebKit JSC Incorrect Optimization
Posted Oct 3, 2017
Authored by Google Security Research, lokihardt

A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.

tags | exploit, proof of concept
advisories | CVE-2017-7117
MD5 | c93b1f362e5c29a309a5639c5750833c

Related Files

Huge Dirty Cow Proof Of Concept
Posted Nov 30, 2017
Authored by bindecy

This is a proof of concept for the Huge Dirty Cow vulnerability (CVE-2017-1000405). Before running, make sure to set transparent huge pages to "always" with "echo always | sudo tee /sys/kernel/mm/transparent_hugepage/enabled".

tags | exploit, kernel, proof of concept
advisories | CVE-2017-1000405
MD5 | 9d2549b018a6567383860ce3ca06d79a
PTP-RAT Screen Share Proof Of Concept
Posted Nov 9, 2017
Authored by Alan Monie | Site github.com

PTP-RAT is a proof of concept that allows data theft via screen-share protocols. Each screen flash starts with a header. This contains a magic string, "PTP-RAT-CHUNK" followed by a sequence number. When the receiver is activated, it starts taking screenshots at twice the transmission frequency (the Nyquist rate). When it detects a valid header, it decodes the pixel colour information and waits on the next flash. As soon as a valid header is not detected, it reconstructs all the flashes and saves the result to a file. To transfer a file, you run an instance of the Rat locally on your hacktop, and set that up as a receiver. Another instance is run on the remote server and this acts as a sender. You simply click on send file, and select a file to send. The mouse pointer disappears and the screen begins to flash as the file is transmitted via the pixel colour values. At the end of the transfer, a file-save dialog appears on the receiver, and the file is saved.

tags | tool, remote, protocol, rootkit, proof of concept
MD5 | a9f22c83ef28df19417af14c266ee39a
Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
Posted Nov 7, 2017
Authored by Chris Salls

This is a proof of concept exploit for the waitid bug introduced in version 4.13 of the Linux kernel. It can be used to break out of sandboxes such as that in Google Chrome.

tags | exploit, kernel, proof of concept
systems | linux
advisories | CVE-2017-5123
MD5 | d639706ada72778161ee250f8be0e58d
OpenText Documentum Content Server SQL Injection
Posted Apr 25, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. This code is a proof of concept exploit.

tags | exploit, remote, arbitrary, sql injection, proof of concept
advisories | CVE-2014-2513, CVE-2015-4533, CVE-2017-7221
MD5 | ed0b1a8a36df7ddba8be8a3ed4dee545
CVE-2017-0199 Practical Exploitation
Posted Apr 17, 2017
Authored by David Routin

This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.

tags | exploit, proof of concept
advisories | CVE-2017-0199
MD5 | b03e34017c4b989f9ac59f7b459a5cfe
Windows Download And Execute Shellcode
Posted Jun 10, 2016
Authored by B3mB4m

Windows download and execute shellcode that leverages putty.exe as a proof of concept.

tags | shellcode, proof of concept
systems | windows
MD5 | e3c07a82ead61e95fef1b53feffcb002
OS X / iOS Kernel IOHDIXControllerUserClient Use-After-Free
Posted Jun 9, 2016
Authored by Google Security Research, ianbeer

This is a proof of concept of an OS X / iOS kernel use-after-free racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient.

tags | exploit, kernel
systems | apple
advisories | CVE-2016-1807
MD5 | 35e279ae7cff0f34e10da631796d952d
IBM Java Issue 70 Bad Patch
Posted Apr 12, 2016
Authored by Adam Gowdiak | Site security-explorations.com

The patch for Issue 70 in IBM Java discovered by Security Explorations in 2013 was found to be faulty. Included are the full report and a proof of concept.

tags | exploit, java, proof of concept
systems | linux
advisories | CVE-2013-5456
MD5 | 0d5c6c7e0a9744495ab910305201e727
Oracle Java Security Fix Bypass
Posted Mar 11, 2016
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has released details and a proof of concept to bypass a broken security fix found in the Oracle Java SE fix from September, 2013.

tags | exploit, java, proof of concept
systems | linux
advisories | CVE-2013-5838
MD5 | 369b993c622ffb5038ab3ff0a3006afc
Adobe Flash Sound.loadPCMFromByteArray Dangling Pointer
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A proof of concept is included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2016-0984
MD5 | d9a96009aa0e74c0fb2788f487ab68dd
Cryptokiller Tool 1.0
Posted Sep 23, 2015
Authored by Mert SARICA

Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.

tags | tool, proof of concept
MD5 | c7d54277ec4c4b2f135c1bd9971aa87c
Qualys Security Advisory - userhelper / libuser
Posted Jul 23, 2015
Authored by Qualys Security Advisory

The libuser library implements a standardized interface for manipulating and administering user and group accounts, and is installed by default on Linux distributions derived from Red Hat's codebase. During an internal code audit at Qualys, they discovered multiple libuser-related vulnerabilities that allow local users to perform denial-of-service and privilege-escalation attacks. As a proof of concept, they developed an unusual local root exploit against one of libuser's applications. Both the advisory and exploit are included in this post.

tags | exploit, local, root, vulnerability, proof of concept
systems | linux, redhat
advisories | CVE-2015-3245, CVE-2015-3246
MD5 | d10eb7969178d2c38456f40ec558206a
NTP MON_GETLIST Query Amplification DDoS
Posted Jul 9, 2015
Authored by Todor Donev

A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.

tags | exploit, denial of service, udp, spoof, protocol, proof of concept
MD5 | 927b290ed377bd2256daf8009c796658
Fuse Local Privilege Escalation
Posted May 23, 2015
Authored by Tavis Ormandy

Fuse (fusermount) suffers from a local privilege escalation vulnerability. This is a proof of concept for Ubuntu.

tags | exploit, local, proof of concept
systems | linux, ubuntu
advisories | CVE-2015-3202
MD5 | 031cc1e86c9ed5762780848933e426a4
ElasticSearch Directory Traversal Proof Of Concept
Posted May 1, 2015
Authored by John Heasman, Pedro Andujar

ElasticPwn is a proof of concept exploit that demonstrates the directory traversal vulnerability in versions prior to 1.5.2 and 1.4.5.

tags | exploit, proof of concept
advisories | CVE-2015-3337
MD5 | e96503dbd5ce98ac55146844e8d7c6c6
Linux.Zariche File Prepender Virus
Posted Mar 12, 2015
Authored by TMZ

Source code for Linux.Zariche, a proof of concept elf (x86_64) file prepender, written in Vala. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, proof of concept
systems | linux
MD5 | 367de68d9e9604a69a4e2ce440386280
PHP 5.x / Bash Shellshock Proof Of Concept
Posted Nov 25, 2014
Authored by Saeid Bostandoust

This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.

tags | exploit, php, proof of concept, bash
MD5 | 609f2f63959fa7b61f59cd9ad97fb5f9
Mozilla Firefox Secret Leak
Posted Sep 3, 2014
Authored by Michal Zalewski

The recent release of Firefox 32 fixes another interesting image parsing issue found by afl. Following a refactoring of memory management code, the past few versions of the browser ended up using uninitialized memory for certain types of truncated images, which is easily measurable with a simple <canvas> + toDataURL() harness that examines all the fuzzer-generated test cases. Depending on a variety of factors, problems like that may leak secrets across web origins, or more prosaically, may help attackers bypass security measures such as ASLR. This code is a proof of concept for versions prior to 32.

tags | exploit, web, proof of concept, fuzzer
advisories | CVE-2014-1564
MD5 | 2235bb65ae6abe2af194f34a079a0f08
Tor Timing Attack Proof Of Concept
Posted Mar 31, 2014
Authored by Jann Horn

This write up is a proof of concept end-to-end correlation for Tor connections using an active timing attack.

tags | paper, proof of concept
MD5 | 5ca8d02d1879930b83dfabcf15c06dc0
NETGEAR WNR1000v3 Password Disclosure
Posted Jan 13, 2014
Authored by c1ph04

Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials. The flaw was reported to Netgear in April of 2013 and the vendor has yet to issue a patch. Included is a proof of concept exploit.

tags | exploit, proof of concept, info disclosure
MD5 | 98a82d122386c278a6275ad62de10c6a
Samsung DVR Authentication Bypass
Posted Aug 20, 2013
Authored by Andrea Fabrizi

Samsung DVRs put usernames and passwords base64 encoded into cookies. They also fail to validate the cookies in many places, so any values work, allowing for authentication bypass. A proof of concept exploit that lists all users and passwords is included.

tags | exploit, proof of concept, bypass
MD5 | 2b4dcb70387cbebcb1fc92c1e2470d57
Taint Analysis And Pattern Matching With Pin
Posted Aug 9, 2013
Authored by Jonathan Salwan

This is a whitepaper called Taint analysis and pattern matching with Pin. All examples in this document are considered a proof of concept and are meant to give others ideas.

tags | paper, proof of concept
MD5 | c5ef0ac5a3d4879f18e7d2cc93faa32f
AVE.CMS 2.09 Blind SQL Injection
Posted May 23, 2013
Authored by mr.pr0n | Site overdoze.ru

AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the "module" parameter. This is a proof of concept exploit. This issue is addressed in later versions.

tags | exploit, remote, sql injection, proof of concept
MD5 | 0315982b1ccf89c5cfeb0adfb6c968c3
tcgetkey 0.1
Posted Dec 28, 2012
Authored by gat3way

tcgetkey is a set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. It is a proof of concept and only works against TrueCrypt running on Linux hosts.

tags | tool, proof of concept
systems | linux, unix
MD5 | 403e7adc9de4a9695a73c1a3c185e3f5
Ideas On Advanced Runtime Encryption Of .NET Executables
Posted Dec 14, 2012
Authored by belial | Site nullsecurity.net

This paper reveals the aspects of .NET runtime encryption and presents a proof of concept implementation for Hyperion, the implementation that generates a random key and uses it to encrypt the input file with AES-128.

tags | paper, proof of concept
MD5 | 172ba433a4e5da5946d5545f78fe33ca
Page 1 of 4
Back1234Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close