exploit the possibilities
Showing 1 - 25 of 834 RSS Feed

x86 Files

Microsoft Windows VCF Arbitrary Code Execution
Posted Jan 22, 2019
Authored by Eduardo Braun Prado

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

tags | exploit, arbitrary, x86, code execution, proof of concept
systems | windows, 7
MD5 | 094fed868f7fb979125879d67bb9e5a4
Linux/x86 TCP/4444 Bindshell Shellcode
Posted Jan 17, 2019
Authored by Joao Batista

100 bytes small Linux/x86 TCP/4444 bindshell shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | e1b4afaf5ebf9bfb0ad5bef8869172a1
Windows/x86 Download With TFTP And Execute Shellcode
Posted Jan 11, 2019
Authored by Semen Alexandrovich Lyhin

Windows/x86 download with TFTP and execute shellcode generator.

tags | x86, shellcode
systems | windows
MD5 | 6413c20d83d87e4275f9682f0e103365
Linux/x86 wget chmod Shellcode
Posted Jan 11, 2019
Authored by strider

119 bytes small Linux/x86 wget chmod execute over execve /bin/sh -c shellcode.

tags | x86, shellcode
systems | linux
MD5 | 3b6d756021554dc382d9974400bab037
Hodorsec Linux Binary Encryption Utility
Posted Jan 10, 2019
Authored by Hodorsec

This archive contains a Linux x86/x64 payload AES-128 CBC encrypter and payload decrypter/runner.

tags | tool, x86
systems | linux, unix
MD5 | 5a5ac347d6ff823061529155881b38a8
Linux/x86 Kill All Processes Shellcode
Posted Dec 24, 2018
Authored by strider

14 bytes small Linux/x86 kill all processes shellcode.

tags | x86, shellcode
systems | linux
MD5 | 2b320915f55becda067c82d586332d41
Linux/x86 execve(/usr/bin/ncat -lvp 1337 -e /bin/bash) Shellcode
Posted Dec 12, 2018
Authored by T3jv1l

95 bytes small Linux/x86 execve(/usr/bin/ncat -lvp 1337 -e /bin/bash) null-free shellcode.

tags | x86, shellcode, bash
systems | linux
MD5 | f20cb38bce77dbfeb39dd788015b42cc
Linux/x86 /usr/bin/head -n99 cat etc/passwd Shellcode
Posted Dec 5, 2018
Authored by Nelis

61 bytes small Linux/x86 /usr/bin/head -n99 cat etc/passwd shellcode.

tags | x86, shellcode
systems | linux
MD5 | 2fbbef5bdb2a35867aacd529a1fda03c
Linux/x86 Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode
Posted Nov 13, 2018
Authored by Javier Tello

58 bytes small Linux/x86 bind (99999/TCP) netcat traditional (/bin/nc) shell (/bin/bash) shellcode.

tags | shell, x86, tcp, shellcode, bash
systems | linux
MD5 | f4b8522201682477a5e1e7f645023f22
Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) Shellcode
Posted Oct 24, 2018
Authored by Goutham Madhwaraj

44 bytes small Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 08e75ccaebbd0e64a304144280cd18e9
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
Posted Oct 19, 2018
Authored by unamer, Dhiraj Mishra, bigric3, Anton Cherepanov | Site metasploit.com

This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64.

tags | exploit, arbitrary, x86, kernel
systems | windows, 7
advisories | CVE-2018-8120
MD5 | 967e04838b302049cc237c549437ccec
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86
Posted Oct 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a semi-arbitrary task stack read on ARM64 (and x86) via /proc/$pid/stack.

tags | advisory, arbitrary, x86
systems | linux
MD5 | 7100e417a396e293988088f73c3b7c3a
Solaris RSH Stack Clash Privilege Escalation
Posted Oct 15, 2018
Authored by Brendan Coles, Qualys Security Advisory | Site metasploit.com

This Metasploit module exploits a vulnerability in RSH on unpatched Solaris systems which allows users to gain root privileges. The stack guard page on unpatched Solaris systems is of insufficient size to prevent collisions between the stack and heap memory, aka Stack Clash. This Metasploit module uploads and executes Qualys' Solaris_rsh.c exploit, which exploits a vulnerability in RSH to bypass the stack guard page to write to the stack and create a SUID root shell. This Metasploit module has offsets for Solaris versions 11.1 (x86) and Solaris 11.3 (x86). Exploitation will usually complete within a few minutes using the default number of worker threads (10). Occasionally, exploitation will fail. If the target system is vulnerable, usually re-running the exploit will be successful. This Metasploit module has been tested successfully on Solaris 11.1 (x86) and Solaris 11.3 (x86).

tags | exploit, shell, x86, root
systems | solaris
advisories | CVE-2017-1000364, CVE-2017-3629, CVE-2017-3630, CVE-2017-3631
MD5 | 91b277586c77a3c37e33c0ac990f0483
ifwatchd Privilege Escalation
Posted Oct 8, 2018
Authored by Tim Brown, Brendan Coles, cenobyte | Site metasploit.com

This Metasploit module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the '-A' command line argument; however, it does not drop privileges when executing user-supplied scripts, resulting in execution of arbitrary commands as root. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 (x86) and 6.5.0 SP1 (x86).

tags | exploit, arbitrary, x86, root
advisories | CVE-2014-2533
MD5 | 7a562f56fafb417de6cf725f6b38c71d
Linux/x86 execve(/bin/sh) + MMX/ROT13/XOR Shellcode
Posted Oct 8, 2018
Authored by Kartik Durg

104 bytes small Linux/x86 execve(/bin/sh) + MMX/ROT13/XOR shellcode (encoder/decoder).

tags | x86, shellcode
systems | linux
MD5 | 91a1c7261b81497074a6cfeffc31630e
Linux/x86 execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode
Posted Oct 4, 2018
Authored by Pedro Cabral

50 bytes small Linux/x86 execve(/bin/sh) + NOT +SHIFT-N+ XOR-N encoded shellcode.

tags | x86, shellcode
systems | linux
MD5 | 64b57a9f7a3293afd5379cf96dc5385d
Solaris EXTREMEPARR dtappgather Privilege Escalation
Posted Sep 25, 2018
Authored by Brendan Coles, Hacker Fantastic, Shadow Brokers | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment (CDE) on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any location on the filesystem using the DTUSERSESSION environment variable. This Metasploit module creates a directory in /usr/lib/locale, writes a shared object to the directory, and runs the specified SUID binary with the shared object loaded using the LC_TIME environment variable. This Metasploit module has been tested successfully on: Solaris 9u7 (09/04) (x86); Solaris 10u1 (01/06) (x86); Solaris 10u2 (06/06) (x86); Solaris 10u4 (08/07) (x86); Solaris 10u8 (10/09) (x86); Solaris 10u9 (09/10) (x86).

tags | exploit, x86, root
systems | solaris
advisories | CVE-2017-3622
MD5 | f10a9baa72d2639e9298d5dc6fb5e7c2
Linux/x86 Egghunter (0x50905090) + sigaction() Shellcode
Posted Sep 20, 2018
Authored by Valbrux

27 bytes small Linux/x86 egghunter (0x50905090) + sigaction() shellcode.

tags | x86, shellcode
systems | linux
MD5 | 98c3b4f85def0478d23b5494b10248c2
Solaris libnspr NSPR_LOG_FILE Privilege Escalation
Posted Sep 18, 2018
Authored by Marco Ivaldi, Brendan Coles | Site metasploit.com

This Metasploit module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library (libnspr) on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the `NSPR_LOG_FILE` environment variable. The log file is created with the privileges of the running process, resulting in privilege escalation when used in combination with a SUID executable. This Metasploit module writes a shared object to the trusted library directory `/usr/lib/secure` and runs the specified SUID binary with the shared object loaded using the `LD_LIBRARY_PATH` environment variable. This Metasploit module has been tested successfully with libnspr version 4.5.1 on Solaris 10u1 (01/06) (x86) and Solaris 10u2 (06/06) (x86).

tags | exploit, arbitrary, x86, root
systems | solaris
advisories | CVE-2006-4842
MD5 | 0f80a93992c7fdfbc617a2b680a3059e
Linux/x86 Random Bytewise XOR + Insertion Encoder Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

54 bytes small Linux/x86 random bytewise XOR + insertion encoder shellcode.

tags | x86, shellcode
systems | linux
MD5 | 06349f5063d609d0069f113064a877b7
Linux/x86 File Modification(/etc/hosts) Polymorphic Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

99 bytes small Linux/x86 file modification (/etc/hosts) polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | b6b68473df8cea8e32cab90f6a2fb2df
Linux/x86 Read File (/etc/passwd) MSF Optimized Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

61 bytes small Linux/x86 read file (/etc/passwd) MSF optimized shellcode.

tags | x86, shellcode
systems | linux
MD5 | 774bb96e53da0cf6170ece1a360e3be1
Linux/x86 Add User(r00t/blank) Polymorphic Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

103 bytes small Linux/x86 add user (r00t/blank) polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | 688f6c9dd5bbf7d04ce90d82048badff
Linux/x86 IPv6 Reverse TCP Shellcode Generator
Posted Aug 31, 2018
Authored by Kevin Kirsche

94 bytes small Linux/x86 IPv6 reverse TCP shellcode generator.

tags | x86, tcp, shellcode
systems | linux
MD5 | 56a1d4c121dd1129c1e1128c8a0c5b07
Linux/x86 Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
Posted Aug 31, 2018
Authored by Kevin Kirsche

Linux/x86 dual network stack (IPv4 and IPv6) bind TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0dd1f19482e4deabce127fe130413c4a
Page 1 of 34
Back12345Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    3 Files
  • 21
    Jan 21st
    17 Files
  • 22
    Jan 22nd
    15 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close