what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Microsoft Hyper-V vmswitch.sys Proof Of Concept
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.

tags | exploit, remote, arbitrary, code execution, proof of concept
advisories | CVE-2021-28476
MD5 | f030942316606ad6079ada92310ac838

Related Files

Windows TCP/IP Denial Of Service
Posted Jul 14, 2021
Authored by 0vercl0k | Site github.com

This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.

tags | exploit, denial of service, udp, tcp, proof of concept
systems | windows
advisories | CVE-2021-24086
MD5 | 603e905801bb4f31bf554bafa86b2826
Windows Print Spooler Privilege Escalation
Posted Jun 25, 2020
Authored by shubham0d | Site github.com

This is a proof of concept exploit that takes advantage of a privilege escalation vulnerability in the Windows Print Spooler.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2020-1048
MD5 | b2a9e1b168836f8697b5150dd024d2e8
SMBleed Uninitialized Kernel Memory Read Proof Of Concept
Posted Jun 11, 2020
Authored by ZecOps | Site zecops.com

This is a proof of concept exploit that demonstrates the SMBleed remote kernel memory read vulnerability.

tags | exploit, remote, kernel, proof of concept
advisories | CVE-2020-1206
MD5 | 158c02865ebd54cc54aad47af76b281d
Microsoft Windows Theme API File Parsing
Posted Jan 21, 2020
Authored by Eduardo Braun Prado

This is a proof of concept for CVE-2018-8413 where the Microsoft Windows Theme API had a file parsing vulnerability.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2018-8413
MD5 | 4660771539305d0ceceb493e5e089a53
CurveBall Microsoft Windows CryptoAPI Spoofing Proof Of Concept
Posted Jan 16, 2020
Authored by Kudelski Security

This is a proof of concept exploit that demonstrates the Microsoft Windows CryptoAPI spoofing vulnerability as described in CVE-2020-0601 and disclosed by the NSA.

tags | exploit, spoof, proof of concept
systems | windows
advisories | CVE-2020-0601
MD5 | d2c133f541a9d87a0a3240f578df147d
PortSmash CPU SMT Side-Channel Proof Of Concept
Posted Nov 2, 2018
Authored by Bill Brumley

This is a proof of concept exploit of the PortSmash micro-architecture vulnerability that makes use of an SMT side-channel attack.

tags | exploit, proof of concept
advisories | CVE-2018-5407
MD5 | 64a5a64e0fea774c36ab60f8ecdef54b
Memcached memcrashed Denial Of Service
Posted Mar 6, 2018
Authored by Alex Conrey

This is a proof of concept exploit for the memcached denial of service vulnerability.

tags | exploit, denial of service, proof of concept
MD5 | 2b76cf893e1e529dcdcc9dfd0e852de4
Huge Dirty Cow Proof Of Concept
Posted Nov 30, 2017
Authored by bindecy

This is a proof of concept for the Huge Dirty Cow vulnerability (CVE-2017-1000405). Before running, make sure to set transparent huge pages to "always" with "echo always | sudo tee /sys/kernel/mm/transparent_hugepage/enabled".

tags | exploit, kernel, proof of concept
advisories | CVE-2017-1000405
MD5 | 9d2549b018a6567383860ce3ca06d79a
Linux Kernel 4.1.3 (Ubuntu 17.10) waitid() SMEP/SMAP Privilege Escalation
Posted Nov 7, 2017
Authored by Chris Salls

This is a proof of concept exploit for the waitid bug introduced in version 4.13 of the Linux kernel. It can be used to break out of sandboxes such as that in Google Chrome.

tags | exploit, kernel, proof of concept
systems | linux
advisories | CVE-2017-5123
MD5 | d639706ada72778161ee250f8be0e58d
OS X / iOS Kernel IOHDIXControllerUserClient Use-After-Free
Posted Jun 9, 2016
Authored by Google Security Research, ianbeer

This is a proof of concept of an OS X / iOS kernel use-after-free racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient.

tags | exploit, kernel
systems | apple
advisories | CVE-2016-1807
MD5 | 35e279ae7cff0f34e10da631796d952d
Fuse Local Privilege Escalation
Posted May 23, 2015
Authored by Tavis Ormandy

Fuse (fusermount) suffers from a local privilege escalation vulnerability. This is a proof of concept for Ubuntu.

tags | exploit, local, proof of concept
systems | linux, ubuntu
advisories | CVE-2015-3202
MD5 | 031cc1e86c9ed5762780848933e426a4
NaCl Sandbox Escape For Rowhammer
Posted Mar 10, 2015
Authored by Mark Seaborn

This is a proof-of-concept exploit that is able to escape from Native Client's x86-64 sandbox on machines that are susceptible to the DRAM "rowhammer" problem. It works by inducing a bit flip in read-only code so that the code is no longer safe, producing instruction sequences that wouldn't pass NaCl's x86-64 validator. Note that this uses the CLFLUSH instruction, so it doesn't work in newer versions of NaCl where this instruction is disallowed by the validator.

tags | exploit, x86
systems | linux
MD5 | a775e7efeb523745c95d154aff727703
Rowhammer Linux Kernel Privilege Escalation
Posted Mar 9, 2015
Authored by Mark Seaborn

This is a proof-of-concept exploit that is able to gain kernel privileges on machines that are susceptible to the DRAM "rowhammer" problem. It runs as an unprivileged userland process on x86-64 Linux. It works by inducing bit flips in page table entries (PTEs).

tags | exploit, x86, kernel
systems | linux
MD5 | d7fe41707769b3dece28e753e47286cc
PHP 5.x / Bash Shellshock Proof Of Concept
Posted Nov 25, 2014
Authored by Saeid Bostandoust

This is a proof of concept that demonstrates how the Bash shellshock vulnerability can be used in PHP to bypass disable_functions, safe_mode, etc.

tags | exploit, php, proof of concept, bash
MD5 | 609f2f63959fa7b61f59cd9ad97fb5f9
AVE.CMS 2.09 Blind SQL Injection
Posted May 23, 2013
Authored by mr.pr0n | Site overdoze.ru

AVE.CMS versions less than 2.09 suffer from a remote blind SQL injection vulnerability in the "module" parameter. This is a proof of concept exploit. This issue is addressed in later versions.

tags | exploit, remote, sql injection, proof of concept
MD5 | 0315982b1ccf89c5cfeb0adfb6c968c3
FreeBSD Kernel SCTP Denial Of Service
Posted Aug 3, 2012
Authored by Shaun Colley

The SCTP implementation used by FreeBSD ("reference implementation") is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to find an association by address. if the address found is INADDR_ANY, sctp_findassoc_by_vtag() is called and an attempt is made to find an association by vtag. Before searching for the vtag in a hash table, a pointer is set to NULL, with the intention of redefining it after finding the association. However, if the specified vtag is not found, the function returns and the ptr is never reinitialized, causing a kernel panic when the NULL pointer is later dereferenced by the SCTP_INP_DECR_REF macro when flow returns to sctp_process_control(). This is a proof of concept denial of service exploit.

tags | exploit, remote, denial of service, kernel, proof of concept
systems | freebsd
MD5 | 05cc888759970d3a27b3dd8dfef71014
F5 BIG-IP Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by David Kennedy

This is a proof of concept remote root authentication bypass exploit for F5 BIG-IP. Written in Python.

tags | exploit, remote, root, proof of concept, python
MD5 | 2efab375d33a82c5ef8e6cd39badad18
LibreOffice 3.5.2.2 Memory Corruption
Posted Apr 18, 2012
Authored by shinnai | Site shinnai.altervista.org

LibreOffice version 3.5.2.2 suffers from a soffice.exe\soffice.bin memory corruption vulnerability when handling a malformed RTF file. This is a proof of concept exploit.

tags | exploit, proof of concept
MD5 | 7053d8f0483bacdf0019c43ec1e53220
MS11-046 Proof Of Concept
Posted Apr 18, 2012
Authored by FB1H2S

This is a proof of concept exploit for the vulnerability documented in MS11-046 for the Microsoft Windows Ancillary Function Driver (AFD).

tags | exploit, proof of concept
systems | windows
MD5 | 2431b3c85028ae21eabf187c5609380f
Microsoft Internet Explorer 8 Code Execution
Posted Feb 29, 2012
Authored by Ivan Fratric

This is a proof of concept exploit that allows an attacker to execute arbitrary code via vectors involving a dereferenced memory address in Microsoft Internet Explorer 8. It leverages the issue discussed in MS11-081. The exploit is slightly crippled by the author.

tags | exploit, arbitrary, proof of concept
advisories | CVE-2011-1999
MD5 | 019b8a52cdfa45c64282b47a5068cc29
Apache mod_proxy Proof Of Concept
Posted Oct 11, 2011
Authored by Rodrigo Marcos | Site secforce.co.uk

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. This is a proof of concept exploit that demonstrates this vulnerability.

tags | exploit, remote, web, proof of concept
advisories | CVE-2011-3368
MD5 | 595c25bd025d51c132f83785da87856b
JBoss addURL Misconfiguration Attack
Posted Oct 3, 2011
Authored by y0ug

This is a proof of concept exploit that leverages the addUrl method in the DeploymentScanner module on an exposed JBoss JMX console.

tags | exploit, proof of concept
advisories | CVE-2010-0738
MD5 | 5dacc755b8a3e39cc0ea4915d4ca1983
Adobe Reader / Acrobat 10.0.1 Denial Of Service
Posted Jun 17, 2011
Authored by Soroush Dalili

This is a proof of concept denial of service exploit for Adobe Reader / Acrobat 10.0.1.

tags | exploit, denial of service, proof of concept
systems | linux
MD5 | 4731cd285bed8022afbaec5b944bd27d
Drupal CAPTCHA Logic Security Flaw
Posted Feb 10, 2011
Authored by Michele Orru

This is a proof of concept to demonstrate a logic security flow in the way Drupal CAPTCHA is used to protect login forms from bruteforce. If the CAPTCHA challenge is solved, the next login attempts can be issued without solving any new CAPTCHA challenge.

tags | exploit, proof of concept
MD5 | 2c9031b926a0ce43ba7444e69b2948f0
NING Application Self Replicating Malware
Posted Aug 31, 2010
Authored by James Bercegay

This is a proof of concept, self replicating, social network based malware for NING.

tags | exploit, proof of concept
MD5 | 5a18d712327fbb7191111ebeddc05e49
Page 1 of 4
Back1234Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    27 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close