Exploit the possiblities
Showing 51 - 75 of 1,930 RSS Feed

Proof of Concept Files

Microsoft Edge chakra.dll Information Leak / Type Confusion
Posted Jan 6, 2017
Authored by Brian Pak

Proof of concept exploit for Microsoft Edge bugs that allow for remote code execution.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2016-7200, CVE-2016-7201
MD5 | 12ebdc28ffaf2d37ecd5cda905cbbbdf
PHPMailer / Zend-mail / SwiftMailer Remote Code Execution
Posted Jan 3, 2017
Authored by Dawid Golunski

This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.

tags | exploit, web, shell, php, proof of concept
advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074
MD5 | a0be91defae2564f4405c81fdeab38cd
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 27, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2016-10033
MD5 | fd1e17cbce43e18c7ccf541988b20ac8
Gstreamer 0.10.x Logic Error
Posted Dec 15, 2016
Authored by Chris Evans | Site scarybeastsecurity.blogspot.com

A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete "scripting" inside a music player. Read the homepage link for full analysis. Proof of concept exploit included in this archive.

tags | exploit, proof of concept
MD5 | da231d9408e25a8f4d0e8b1c067159dc
XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery
Posted Dec 12, 2016
Authored by Ayushman Dutta

XFINITY Gateway Technicolor DPC3941T wifi password changing cross site request forgery proof of concept code.

tags | exploit, proof of concept, csrf
advisories | CVE-2016-7454
MD5 | 15a5f462d705cc849d2ab2c6db485d3d
Microsoft Windows 10 x86/x64 WLAN AutoConfig Named Pipe Proof Of Concept
Posted Dec 7, 2016
Authored by Jeremy Brown

Microsoft Windows 10 x86/x64 build 10.0.14393 WLAN autoconfig named pipe denial of service proof of concept exploit.

tags | exploit, denial of service, x86, proof of concept
systems | windows
MD5 | d78a9bd236d6a1942ee373d12364f61f
ntpd 4.2.8 Stack Overflow Proof Of Concept
Posted Nov 30, 2016
Authored by N_A

Remote ntpd version 4.2.8 stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
MD5 | 736431083273dddf2edec7ebea2090c2
WinPower 4.9.0.4 Privilege Escalation
Posted Nov 29, 2016
Authored by Kacper Szurek

WinPower version 4.9.0.4 suffers from a privilege escalation vulnerability. Proof of concept code included.

tags | exploit, proof of concept
MD5 | ed0607905b845ef7350dce9ad139b90e
Microsoft Windows Kernel NtSetWindowLongPtr Privilege Escalation
Posted Nov 28, 2016
Authored by Enrique Nissim

Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr privilege escalation proof of concept exploit. Leverages the issue as noted in MS16-135.

tags | exploit, kernel, proof of concept
systems | windows
advisories | CVE-2016-7255
MD5 | 22e9d6e6eea9e3931c0a3320e5216f50
Linux ntpd 4.2.8 derive_nonce Stack Overflow
Posted Nov 25, 2016
Authored by Todor Donev

Linux ntpd 4.2.8 derive_nonce remote stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
systems | linux
MD5 | 82c7c116090828fd0e56ef327c62c461
Gstreamer Heap Corruption
Posted Nov 25, 2016
Authored by Chris Evans

A full analysis and proof of concept 0-day exploits for a heap corruption vulnerability in the gstreamer decoder.

tags | exploit, proof of concept
MD5 | 3a4f02974a472c9519faae24f2a7c085
Linux Kernel 2.6.32-rc1 x86_64 Register Leak
Posted Nov 23, 2016
Authored by Spender

Linux kernel version 2.6.32-rc1 x86_64 register leak proof of concept code.

tags | exploit, kernel, proof of concept
systems | linux
MD5 | d243180fe92ea99f0ca63f222c678db2
Linux Kernel 2.6.32-642 / 3.16.0-4 Inode Integer Overflow
Posted Nov 23, 2016
Authored by Todor Donev

Linux kernels 2.6.32-642 and 3.16.0-4 inode integer overflow proof of concept exploit.

tags | exploit, overflow, kernel, proof of concept
systems | linux
MD5 | 5e4bac26711257f2b173173b9a893edf
ATutor 2.2.2 Cross Site Request Forgery
Posted Nov 14, 2016
Authored by Saravana Kumar

ATutor version 2.2.2 cross site request forgery proof of concept that adds a new course.

tags | exploit, proof of concept, csrf
MD5 | f14414f1cea85260c58ebbcfd9f1fd8b
Microsoft Windows Server AD LDAP RootDSE Netlogon Denial Of Service
Posted Nov 4, 2016
Authored by Todor Donev

Microsoft Windows Server AD LDAP RootDSE Netlogon (CLDAP "AD Ping") query reflection denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | windows
MD5 | 1ef1ea7ca509fdc362e39c90d0f9814e
LDAP Amplication Denial Of Service
Posted Nov 4, 2016
Authored by ShadowHatesYou

This proof of concept is an LDAP Distributed Reflective Denial of Service/Bandwidth Amplification Attack, similar to DNS and NTP amplification attacks where the target of the DoS is spoofed as the source IP in a request to the reflectors(In this case, LDAP servers). The reflectors then respond to the spoofed target IP with a bigger answer than the original question, resulting in the target experiencing what appears to be a distributed denial of service attack, even though there may only be one true source. suffers from a denial of service vulnerability.

tags | exploit, denial of service, spoof, proof of concept
MD5 | 3c0c963c42fa117bd2ae19bab9220098
Memcached 1.4.33 Proof Of Concept
Posted Nov 3, 2016
Authored by dawu, p0wd3r

These are three memcached version 1.4.33 proof of concept exploits.

tags | exploit, proof of concept
advisories | CVE-2016-8704, CVE-2016-8705, CVE-2016-8706
MD5 | f20d5fea3aa6c8e990bb1dbdfe3080fd
CherryTree 0.36.9 Memory Corruption
Posted Oct 27, 2016
Authored by n30m1nd

CherryTree version 0.36.9 memory corruption proof of concept exploit.

tags | exploit, proof of concept
MD5 | 398fad4cb2fa52540527dc4eb4bcd30e
DirtyCow Local Root Proof Of Concept
Posted Oct 21, 2016
Authored by Robin Verton

DirtyCow local root proof of concept exploit that overwrites passwd.

tags | exploit, local, root, proof of concept
advisories | CVE-2016-5195
MD5 | 121f1c681c29b7ccd0d3886ff9506757
Adobe Flash 23 Sandbox Bypass
Posted Sep 27, 2016
Authored by Leone Pontorieri

Adobe Flash versions 23 and below local-with-filesystem sandbox bypass via navigateToURL() and UI redressing. Proof of concept included.

tags | exploit, local, proof of concept, bypass
MD5 | 38c6974d18edf9f552f3b82e5e96af58
Microsoft GDI+ DecodeCompressedRLEBitmap Out-Of-Bounds Write
Posted Aug 17, 2016
Authored by Google Security Research, mjurczyk

Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in DecodeCompressedRLEBitmap.

tags | exploit, proof of concept
advisories | CVE-2016-3301
MD5 | ed4ca067a0a3dbfed17f7574c32d899d
Microsoft GDI+ ValidateBitmapInfo Out-Of-Bounds Write
Posted Aug 17, 2016
Authored by Google Security Research, mjurczyk

Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in ValidateBitmapInfo.

tags | exploit, proof of concept
advisories | CVE-2016-3303
MD5 | e076fd55171c0047b67378cb671f502f
MSIE Read AV In MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal
Posted Aug 12, 2016
Authored by Google Security Research, mbarbella

Microsoft Internet Explorer read AV in MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal proof of concept exploit.

tags | exploit, proof of concept
advisories | CVE-2016-3288
MD5 | c3cf16202bf545a763df0d66ffff4ccf
Halliburton LogView Pro 9.7.5 Crash
Posted Aug 2, 2016
Authored by Karn Ganeshen

Halliburton LogView Pro version 9.7.5 crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | ad3d14dfe852c992951fd5f07efd5672
LastPass 4.1.20a Communication Design Flaw
Posted Jul 28, 2016
Authored by Tavis Ormandy, Google Security Research

LastPass version 4.1.20a on Windows suffers from some issues where the add-on works by injecting elements and event handlers into the page. The attached proof of concept will delete a given file.

tags | exploit, proof of concept
systems | windows
MD5 | 9b28f8160440516c79eb2816fc644a8c
Page 3 of 78
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close