accept no compromises
Showing 1 - 25 of 100 RSS Feed


WebKit JSC Incorrect Optimization
Posted Oct 3, 2017
Authored by Google Security Research, lokihardt

A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.

tags | exploit, proof of concept
advisories | CVE-2017-7117
MD5 | c93b1f362e5c29a309a5639c5750833c

Related Files

OpenText Documentum Content Server SQL Injection
Posted Apr 25, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. This code is a proof of concept exploit.

tags | exploit, remote, arbitrary, sql injection, proof of concept
advisories | CVE-2014-2513, CVE-2015-4533, CVE-2017-7221
MD5 | ed0b1a8a36df7ddba8be8a3ed4dee545
CVE-2017-0199 Practical Exploitation
Posted Apr 17, 2017
Authored by David Routin

This article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.

tags | exploit, proof of concept
advisories | CVE-2017-0199
MD5 | b03e34017c4b989f9ac59f7b459a5cfe
Windows Download And Execute Shellcode
Posted Jun 10, 2016
Authored by B3mB4m

Windows download and execute shellcode that leverages putty.exe as a proof of concept.

tags | shellcode, proof of concept
systems | windows
MD5 | e3c07a82ead61e95fef1b53feffcb002
OS X / iOS Kernel IOHDIXControllerUserClient Use-After-Free
Posted Jun 9, 2016
Authored by Google Security Research, ianbeer

This is a proof of concept of an OS X / iOS kernel use-after-free racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient.

tags | exploit, kernel
systems | apple
advisories | CVE-2016-1807
MD5 | 35e279ae7cff0f34e10da631796d952d
IBM Java Issue 70 Bad Patch
Posted Apr 12, 2016
Authored by Adam Gowdiak | Site

The patch for Issue 70 in IBM Java discovered by Security Explorations in 2013 was found to be faulty. Included are the full report and a proof of concept.

tags | exploit, java, proof of concept
systems | linux
advisories | CVE-2013-5456
MD5 | 0d5c6c7e0a9744495ab910305201e727
Oracle Java Security Fix Bypass
Posted Mar 11, 2016
Authored by Adam Gowdiak | Site

Security Explorations has released details and a proof of concept to bypass a broken security fix found in the Oracle Java SE fix from September, 2013.

tags | exploit, java, proof of concept
systems | linux
advisories | CVE-2013-5838
MD5 | 369b993c622ffb5038ab3ff0a3006afc
Adobe Flash Sound.loadPCMFromByteArray Dangling Pointer
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A proof of concept is included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2016-0984
MD5 | d9a96009aa0e74c0fb2788f487ab68dd
Cryptokiller Tool 1.0
Posted Sep 23, 2015
Authored by Mert SARICA

Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.

tags | tool, proof of concept
MD5 | c7d54277ec4c4b2f135c1bd9971aa87c
Qualys Security Advisory - userhelper / libuser
Posted Jul 23, 2015
Authored by Qualys Security Advisory

The libuser library implements a standardized interface for manipulating and administering user and group accounts, and is installed by default on Linux distributions derived from Red Hat's codebase. During an internal code audit at Qualys, they discovered multiple libuser-related vulnerabilities that allow local users to perform denial-of-service and privilege-escalation attacks. As a proof of concept, they developed an unusual local root exploit against one of libuser's applications. Both the advisory and exploit are included in this post.

tags | exploit, local, root, vulnerability, proof of concept
systems | linux, redhat
advisories | CVE-2015-3245, CVE-2015-3246
MD5 | d10eb7969178d2c38456f40ec558206a
NTP MON_GETLIST Query Amplification DDoS
Posted Jul 9, 2015
Authored by Todor Donev

A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.

tags | exploit, denial of service, udp, spoof, protocol, proof of concept
MD5 | 927b290ed377bd2256daf8009c796658
Fuse Local Privilege Escalation
Posted May 23, 2015
Authored by Tavis Ormandy

Fuse (fusermount) suffers from a local privilege escalation vulnerability. This is a proof of concept for Ubuntu.

tags | exploit, local, proof of concept
systems | linux, ubuntu
advisories | CVE-2015-3202
MD5 | 031cc1e86c9ed5762780848933e426a4
ElasticSearch Directory Traversal Proof Of Concept
Posted May 1, 2015
Authored by John Heasman, Pedro Andujar

ElasticPwn is a proof of concept exploit that demonstrates the directory traversal vulnerability in versions prior to 1.5.2 and 1.4.5.

tags | exploit, proof of concept
advisories | CVE-2015-3337
MD5 | e96503dbd5ce98ac55146844e8d7c6c6
Linux.Zariche File Prepender Virus
Posted Mar 12, 2015
Authored by TMZ

Source code for Linux.Zariche, a proof of concept elf (x86_64) file prepender, written in Vala. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan, proof of concept
systems | linux
MD5 | 367de68d9e9604a69a4e2ce440386280
PHP 5.x / Bash Shellshock Proof Of Concept
Posted Nov 25, 2014
Authored by Saeid Bostandoust

This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.

tags | exploit, php, proof of concept, bash
MD5 | 609f2f63959fa7b61f59cd9ad97fb5f9
Mozilla Firefox Secret Leak
Posted Sep 3, 2014
Authored by Michal Zalewski

The recent release of Firefox 32 fixes another interesting image parsing issue found by afl. Following a refactoring of memory management code, the past few versions of the browser ended up using uninitialized memory for certain types of truncated images, which is easily measurable with a simple <canvas> + toDataURL() harness that examines all the fuzzer-generated test cases. Depending on a variety of factors, problems like that may leak secrets across web origins, or more prosaically, may help attackers bypass security measures such as ASLR. This code is a proof of concept for versions prior to 32.

tags | exploit, web, proof of concept, fuzzer
advisories | CVE-2014-1564
MD5 | 2235bb65ae6abe2af194f34a079a0f08
Tor Timing Attack Proof Of Concept
Posted Mar 31, 2014
Authored by Jann Horn

This write up is a proof of concept end-to-end correlation for Tor connections using an active timing attack.

tags | paper, proof of concept
MD5 | 5ca8d02d1879930b83dfabcf15c06dc0
NETGEAR WNR1000v3 Password Disclosure
Posted Jan 13, 2014
Authored by c1ph04

Netgear WNR1000v3 routers suffer from a flaw in the password recovery flow that allows for disclosure of the plaintext router credentials. The flaw was reported to Netgear in April of 2013 and the vendor has yet to issue a patch. Included is a proof of concept exploit.

tags | exploit, proof of concept, info disclosure
MD5 | 98a82d122386c278a6275ad62de10c6a
Samsung DVR Authentication Bypass
Posted Aug 20, 2013
Authored by Andrea Fabrizi

Samsung DVRs put usernames and passwords base64 encoded into cookies. They also fail to validate the cookies in many places, so any values work, allowing for authentication bypass. A proof of concept exploit that lists all users and passwords is included.

tags | exploit, proof of concept, bypass
MD5 | 2b4dcb70387cbebcb1fc92c1e2470d57
Taint Analysis And Pattern Matching With Pin
Posted Aug 9, 2013
Authored by Jonathan Salwan

This is a whitepaper called Taint analysis and pattern matching with Pin. All examples in this document are considered a proof of concept and are meant to give others ideas.

tags | paper, proof of concept
MD5 | c5ef0ac5a3d4879f18e7d2cc93faa32f
AVE.CMS 2.09 Blind SQL Injection
Posted May 23, 2013
Authored by mr.pr0n | Site

AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the "module" parameter. This is a proof of concept exploit. This issue is addressed in later versions.

tags | exploit, remote, sql injection, proof of concept
MD5 | 0315982b1ccf89c5cfeb0adfb6c968c3
tcgetkey 0.1
Posted Dec 28, 2012
Authored by gat3way

tcgetkey is a set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. It is a proof of concept and only works against TrueCrypt running on Linux hosts.

tags | tool, proof of concept
systems | linux, unix
MD5 | 403e7adc9de4a9695a73c1a3c185e3f5
Ideas On Advanced Runtime Encryption Of .NET Executables
Posted Dec 14, 2012
Authored by belial | Site

This paper reveals the aspects of .NET runtime encryption and presents a proof of concept implementation for Hyperion, the implementation that generates a random key and uses it to encrypt the input file with AES-128.

tags | paper, proof of concept
MD5 | 172ba433a4e5da5946d5545f78fe33ca
FreeBSD Kernel SCTP Denial Of Service
Posted Aug 3, 2012
Authored by Shaun Colley

The SCTP implementation used by FreeBSD ("reference implementation") is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to find an association by address. if the address found is INADDR_ANY, sctp_findassoc_by_vtag() is called and an attempt is made to find an association by vtag. Before searching for the vtag in a hash table, a pointer is set to NULL, with the intention of redefining it after finding the association. However, if the specified vtag is not found, the function returns and the ptr is never reinitialized, causing a kernel panic when the NULL pointer is later dereferenced by the SCTP_INP_DECR_REF macro when flow returns to sctp_process_control(). This is a proof of concept denial of service exploit.

tags | exploit, remote, denial of service, kernel, proof of concept
systems | freebsd
MD5 | 05cc888759970d3a27b3dd8dfef71014
F5 BIG-IP Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by David Kennedy

This is a proof of concept remote root authentication bypass exploit for F5 BIG-IP. Written in Python.

tags | exploit, remote, root, proof of concept, python
MD5 | 2efab375d33a82c5ef8e6cd39badad18
LibreOffice Memory Corruption
Posted Apr 18, 2012
Authored by shinnai | Site

LibreOffice version suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit.

tags | exploit, proof of concept
MD5 | 7053d8f0483bacdf0019c43ec1e53220
Page 1 of 4

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    2 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By