Win10 MailCarrier version 2.51 POP3 User remote buffer overflow exploit.
13098e760a816ccb94607e0bf00c0b7ce7100d3be40e32babf503a1307f8b8a4WinAMP versions 5.55 and below MAKI script universal SEH overwrite exploit.
f94826f92efd36d62df6e4978119b9b375ea487e89205060f3e7030dcc2b335114 bytes small win32 PEB!NtGlobalFlags shellcode.
bd6da0384db9681081f499006fe5902116a197a8ea926b38438711cc2ca8fb4fWinAmp GEN_MSN plugin heap buffer overflow proof of concept exploit that creates a malicious .pls file.
6cc13470a643ecebc9414c4bd17a426ef9b9cd1233f7e12bc459d001d2fd4a32Win32 Download and Execute shellcode generator (browsers edition).
7b4a8ecd0221c424c3a44b73c8e2dbfa850cef48b36272ad109b9efa57e2a47b124 byte win32 download and execute shellcode.
aab5d5a52b27af1060146907b74ed8f440ebb56779c5e3714747edb53d0f0c71Winamp versions 5.34 and below .MP4 file code execution exploit that spawns calc.exe or binds a shell to tcp port 4444.
5231fc6957b90c9479fe8b2675abd7027a9483ca6a35b26a845bb39958c17d7fWinamp versions 5.12 and below crafted .PLS file remote buffer overflow exploit. Written in Perl.
07d8b624ae8c747343fe22839b4742a9d2799a0d8bc965bb30020428d8281ddeThis multi-part tutorial will present several ways in which you can add functionality to closed source Windows executables through DLLs, PE header modification, and good old assembly code. Adding code to existing code caves, modifying PE headers to create code caves and/or importing DLL functions, adding backdoors to programs, and adding plugin support to closed-source programs are all covered.
addfbf9225a75334eb73fe19aa2b943d801118f73553f9dc431330aa37f87327In Windows XP, the task scheduler service runs as "SYSTEM", so if an ordinary user has access to the scheduler they can become an administrator.
29173531c65d43e6210eaaddd378d2be9ca201c234205f2d657fb81b27385a41Multiple browsers Windows mailto protocol Office 2003 file attachment exploit: Application protocols handling in Microsoft Windows is badly designed, i.e. when someone types mailto:someone@somewhere.com into a browser the protocol is first looked up under HKEY_CLASSES_ROOT\%protocol%\shell\open\command, if it is a protocol that is allowed under the current user context then the value is simply replaced by the contents in the address bar at %1.
e9d335bf8d915cd060f8c111a59da1d0d42a6dbbbd5cadd09f58e5c92e11646fThere is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code.
261cc8c6cf2b5eda5136962d8d3719ae3cb6e8c675f3c02463a079710b8a439eWinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
ac1620c545b765e381ee1711f9bad0b294b6f1193c8e749431f4df0125cbca8bWinamp versions 5.12 and below remote buffer overflow universal exploit that makes use of the PLS file handing buffer overflow flaw.
da39fb74316372b26791276c6d55da9f1eb0f5ea23213bbbf6a3cf15301ee5db318 byte useradd shellcode for Russian Windows NT/2k/XP variants.
10017e3f15e72558b80c3010dd58d45700aa807ddf899b075926f63b8f3ebad0Local exploitation of a buffer overflow vulnerability in WinAce 2.6.0.5 allows attackers to execute arbitrary code. Exploit included.
bdad9505e8ee75c208b54f83a3cc991e44dd27b94d4cdb241c613c9529979990WinAce WinHKI version 1.4d suffers from a directory traversal flaw that allows a compressed archive to overwrite files below the extraction directory.
7acca77e689274d3cd982f9d900df6860a2925ef7a040d858a40a2163d48384eWinamp 5.07 is susceptible to denial of service attacks due to file mishandling.
0b5240d3567ef720dcffc5927d8c59d58554de3af62ba3e699f57b60b972857dDetailed analysis and overview of the Winamp 5.05 vulnerability recently patched.
0f5de7b9ebfaf2752d6409fddc9fe0ca060c3f20c2977f51e0bb33c53aa41958A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.
99d0d7a37a9704572d57022f0d3742f404776b272e3755e80703ceb58318934bMailCarrier 2.51 SMTP EHLO / HELO buffer overflow exploit written in python that spawns a shell on port 101 of the target machine.
9cdcfa966f1b52e3db88669267c30a79a0da90da60a10ee65048a42219f21e53In regard to Windows 2003 Servers, both the Distributed Link tracking Server Service and Internet Connection Firewall Service have the Default DACL of Everyone:Full Control, which basically lets anyone connect to the SCM and start and stop these services at will, which in the case of the Internet Connection Firewall Service could cause many headaches for your service based systems.
d215ed928fec0e161f37c0ab08cc9416f69f073313b1b012ea68e781f922f43eWhen an overly long filename is requested via the WinAgents TFTP server, a denial of service occurs due to an error in the handling of the request. Tested against version 3.0, other versions may be susceptible. Exploitation included.
37edc8387891774a869861d51b12bf0f6942164a32c1c8e0af19bfa75a3d0c01Remote exploit for the Lsasrv.dll RPC buffer overflow. Tested against various Russian and English versions of Windows XP Professional, Windows 2000 Professional, and Windows 2000 Advanced Server. Ported to compile properly on Linux.
de64cd542848869101fd0295b16efedcc16a5d8fa502380d2df58defde723411Local buffer overflow exploit for Winamp version 5.1.
f182b48d2c437582583fc964c2c81d32cd54caef71e771fcff223fcbabf8a6c4A simple tutorial on Windows Shellcoding - Shows how to write shellcode in asm that spawns a cmd shell. Includes tools to encode the asm code to avoid NULL bytes, and to generate the typical C shellcode. In Powerpoint and PDF format.
d612a88f1dba4e28d11743cd0d9579d520bc1ffcfcc355aa2d650faad3da1111
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed