seeing is believing
Showing 101 - 125 of 1,922 RSS Feed

Proof of Concept Files

Adobe Flash Sound.loadPCMFromByteArray Dangling Pointer
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A proof of concept is included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2016-0984
MD5 | d9a96009aa0e74c0fb2788f487ab68dd
glibc getaddrinfo Stack-Based Buffer Overflow
Posted Feb 17, 2016
Authored by Fermin J. Serna, Kevin Stadmeyer | Site googleonlinesecurity.blogspot.com

glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated. Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow. Included in this archive is a copy of the Google Security blog post and proof of concept code that demonstrates the vulnerability.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2015-7547
MD5 | 5ca816f1d5b6f51ee9db2cab14ca2a96
Network Scanner 4.0.0.0 SEH Crash Proof Of Concept
Posted Feb 15, 2016
Authored by INSECT.B

Network Scanner version 4.0.0.0 SEH crash proof of concept exploit.

tags | exploit, proof of concept
MD5 | fb160e57dfefe27495d8dfea5297e7bc
Adobe Photoshop CC 16.1.1 / Bridge CC 6.1.1 Memory Corruption
Posted Feb 12, 2016
Authored by Francis Provencher

Adobe Photoshop CC versions 16.1.1 (2015.1.1) and below and Bridge CC versions 6.1.1 and below suffer from multiple memory corruption vulnerabilities. Proof of concept files included.

tags | exploit, vulnerability, proof of concept
systems | linux
advisories | CVE-2016-0951, CVE-2016-0952, CVE-2016-0953
MD5 | b3e490463576d3b4ad4537389f6f3139
Microsoft Windows WebDAV BSoD Proof Of Concept
Posted Feb 12, 2016
Authored by koczkatamas

Microsoft Windows WebDAV blue screen of death denial of service proof of concept exploit that leverages the vulnerability outlined in MS16-016.

tags | exploit, denial of service, proof of concept
systems | windows
advisories | CVE-2016-0051
MD5 | 423f7cd1a32ca960ef14733ee2dd7b65
Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption
Posted Feb 7, 2016
Authored by Google Security Research, natashenka

This proof of concept file causes memory corruption when it is scanned by the face recognition library in android.media.process.

tags | exploit, proof of concept
systems | linux
MD5 | dea9ba225479ebfa9d3367b39aa8f9a6
Android Libstagefright Tag Parsing Heap Buffer Overflow
Posted Jan 27, 2016
Authored by Google Security Research, scvitti

This proof of concept demonstrates the Android Libstagefright heap buffer overflow that occurs due to an integer overflow in MP3 ID3 tag parsing.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2015-6604
MD5 | ff9b3227da297d81a6576c0ad5330a06
Adobe Flash Stage Setting Use-After-Free
Posted Jan 9, 2016
Authored by Google Security Research, mjurczyk

Proof of concept code that demonstrates a use-after-free when setting stage in Adobe Flash.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-8634
MD5 | 12a73f95928808527a6b1a814379fd1a
Microsoft Windows Kernel Win32k!OffsetChildren Null Pointer Dereference
Posted Dec 18, 2015
Authored by Nils, Google Security Research

This proof of concept exploit triggers a null pointer vulnerability in OffsetChildren on Windows 7 32-bit. By mapping the null page an attacker can leverage this vulnerability to write to an arbitrary address.

tags | exploit, arbitrary, proof of concept
systems | linux, windows, 7
advisories | CVE-2015-6171
MD5 | 22fc86d3464aaadd67a48f82e434c1c1
Win32k Null Pointer Dereference
Posted Dec 18, 2015
Authored by Nils, Google Security Research

This proof of concept exploit triggers a null pointer condition on Windows 7 32-bit, which can potentially be exploited on versions of Windows that allow mapping the null page (e.g. Windows 7 32-bit).

tags | exploit, proof of concept
systems | linux, windows, 7
advisories | CVE-2015-6174
MD5 | b1897836add1009c2f7164a8ddf36c8a
Win32k Clipboard Bitmap Use-After-Free
Posted Dec 18, 2015
Authored by Nils, Google Security Research

This proof of concept exploit triggers a crash on Windows 7 32-bit with Special Pool enabled on win32k.sys. The kernel crashes due to a use-after-free condition with bitmaps in the clipboard.

tags | exploit, kernel, proof of concept
systems | linux, windows, 7
advisories | CVE-2015-6173
MD5 | 4fdf5628f6a5f64c30d17180c647be6f
Microsoft Office / COM Object DLL Planting With Els.dll
Posted Dec 8, 2015
Authored by Google Security Research, scvitti

It is possible for an attacker to execute a DLL planting attack in Microsoft Office with a specially crafted OLE object. Testing was performed on a Windows 7 x64 virtual machine with Office 2013 installed and the latest updates applied. Proof of concept included.

tags | exploit, proof of concept
systems | linux, windows, 7
advisories | CVE-2015-6128
MD5 | 94387353b752607c2ee09cf93bb87bb2
FreeType 2.6.1 TrueType Parsing Heap-Based Out Of Bounds Read
Posted Nov 9, 2015
Authored by Google Security Research, mjurczyk

A heap-based out-of-bounds memory read has been encountered in FreeType. It has been reproduced with the current version of freetype2 from master git branch, with a 64-bit build of the ftbench utility compiled with AddressSanitizer. Three proof of concepts are included.

tags | exploit, proof of concept
systems | linux
MD5 | bd57d35619a54a475bd054970de2edf3
Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 Android.media.process face recognition memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7897
MD5 | f6f4ce12e0194b75eb288e879eeca714
Samsung Galaxy S6 LibQjpeg DoIntegralUpsample Crash
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 LibQjpeg memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7896
MD5 | e864ae62b2e6a520546674e7aa350a53
Beckoff CX9020 CPU Model Remote Code Execution
Posted Oct 23, 2015
Authored by Photubias

This proof of concept exploit allows any attack to reboot any CX9020 PLC and add random (Web) users to be configured.

tags | exploit, web, proof of concept
advisories | CVE-2015-4051
MD5 | 7e1cc2c85a3acb1409945fa7a6993562
Java SE 7 Improper Initialization
Posted Oct 22, 2015
Authored by Adam Gowdiak | Site security-explorations.com

Issue number 42 from SE-2014-02 has been addressed by Oracle. Included in this archive are proof of concepts and information regarding the fix.

tags | exploit, proof of concept
systems | linux
MD5 | 36d312e4f7e10290eea818c4638e62b0
Microsoft Office 2007 And 2010 RTF Frmtxtbrl EIP Corruption
Posted Oct 8, 2015
Authored by Google Security Research, scvitti

This proof of concept shows a crash that was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This sample also reproduced in Office 2010 running on Windows 7 x86. It did not reproduce in Microsoft Office 2013 running under Windows 8.1 x86.

tags | exploit, x86, proof of concept
systems | linux, windows, 7
MD5 | 1128dbfd7ec8f86a7ab1a7b5e1f5fd56
WinRAR Settings Import Command Execution
Posted Oct 2, 2015
Authored by R-73eN

WinRAR settings import command execution proof of concept exploit.

tags | exploit, proof of concept
MD5 | f453221b6cc219b9fa544217fe9dba67
ElasticSearch Path Traversal Arbitrary File Download
Posted Oct 1, 2015
Authored by Pedro Andujar

Proof of concept code that demonstrates a path traversal vulnerability in ElasticSearch that allows for arbitrary file disclosure.

tags | exploit, arbitrary, proof of concept
systems | linux
advisories | CVE-2015-5531
MD5 | 07ca3f109ce62eba569e1484ff2cf009
Rowhammer Linux Kernel Privilege Escalation Proof Of Concept
Posted Sep 28, 2015
Authored by Google Security Research, mseaborn

Proof of concept exploit code for the Linux Rowhammer DRAM privilege escalation vulnerability.

tags | exploit, proof of concept
systems | linux
MD5 | 2a3a58b2b7cb030ce8a4bc92628f308e
Webfig Terminal Offline Brute Force Attack
Posted Sep 27, 2015
Authored by Jonas

The encryption scheme used by Mikrotik's Webfig terminal software as seen on the RB750GL running RouterOS version 6.18 is susceptible to offline brute force attacks that allow a third party to recover login credentials (username and password) as well as full decryption of the terminal session. Full write up and proof of concept tools are included in this archive.

tags | exploit, proof of concept
MD5 | 7779cf6c49eb2aafa1d2ca6c2fd1f7fc
Ubuntu Apport kernel_crashdump Symlink
Posted Sep 26, 2015
Authored by halfdog

This is a short write-up of the Ubuntu Apport kernel_crashdump symlink vulnerabilities along with some proof of concept code.

tags | exploit, vulnerability, proof of concept
systems | linux, ubuntu
advisories | CVE-2015-1338
MD5 | c31a63cba229a9419f43183d7f48eab0
Windows Kernel NtGdiBitBlt Buffer Overflow
Posted Sep 24, 2015
Authored by Nils, Google Security Research

The attached proof of concept exploit triggers a buffer overflow in the NtGdiBitBlt system call. It reproduces reliable on Win 7 32-bit with Special Pool enabled on win32k.sys.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2015-2512
MD5 | dd38caa719984d93c5d2fb05b5681419
Cryptokiller Tool 1.0
Posted Sep 23, 2015
Authored by Mert SARICA

Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.

tags | tool, proof of concept
MD5 | c7d54277ec4c4b2f135c1bd9971aa87c
Page 5 of 77
Back34567Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close