Twenty Year Anniversary
Showing 1 - 25 of 826 RSS Feed

x86 Files

Linux/x86 Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode
Posted Nov 13, 2018
Authored by Javier Tello

58 bytes small Linux/x86 bind (99999/TCP) netcat traditional (/bin/nc) shell (/bin/bash) shellcode.

tags | shell, x86, tcp, shellcode, bash
systems | linux
MD5 | f4b8522201682477a5e1e7f645023f22
Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) Shellcode
Posted Oct 24, 2018
Authored by Goutham Madhwaraj

44 bytes small Linux/x86 execve(/bin/cat /etc/ssh/sshd_config) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 08e75ccaebbd0e64a304144280cd18e9
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
Posted Oct 19, 2018
Authored by unamer, Dhiraj Mishra, bigric3, Anton Cherepanov | Site metasploit.com

This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64.

tags | exploit, arbitrary, x86, kernel
systems | windows, 7
advisories | CVE-2018-8120
MD5 | 967e04838b302049cc237c549437ccec
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86
Posted Oct 18, 2018
Authored by Jann Horn, Google Security Research

Linux suffers from a semi-arbitrary task stack read on ARM64 (and x86) via /proc/$pid/stack.

tags | advisory, arbitrary, x86
systems | linux
MD5 | 7100e417a396e293988088f73c3b7c3a
Solaris RSH Stack Clash Privilege Escalation
Posted Oct 15, 2018
Authored by Brendan Coles, Qualys Security Advisory | Site metasploit.com

This Metasploit module exploits a vulnerability in RSH on unpatched Solaris systems which allows users to gain root privileges. The stack guard page on unpatched Solaris systems is of insufficient size to prevent collisions between the stack and heap memory, aka Stack Clash. This Metasploit module uploads and executes Qualys' Solaris_rsh.c exploit, which exploits a vulnerability in RSH to bypass the stack guard page to write to the stack and create a SUID root shell. This Metasploit module has offsets for Solaris versions 11.1 (x86) and Solaris 11.3 (x86). Exploitation will usually complete within a few minutes using the default number of worker threads (10). Occasionally, exploitation will fail. If the target system is vulnerable, usually re-running the exploit will be successful. This Metasploit module has been tested successfully on Solaris 11.1 (x86) and Solaris 11.3 (x86).

tags | exploit, shell, x86, root
systems | solaris
advisories | CVE-2017-1000364, CVE-2017-3629, CVE-2017-3630, CVE-2017-3631
MD5 | 91b277586c77a3c37e33c0ac990f0483
ifwatchd Privilege Escalation
Posted Oct 8, 2018
Authored by Tim Brown, Brendan Coles, cenobyte | Site metasploit.com

This Metasploit module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the '-A' command line argument; however, it does not drop privileges when executing user-supplied scripts, resulting in execution of arbitrary commands as root. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 (x86) and 6.5.0 SP1 (x86).

tags | exploit, arbitrary, x86, root
advisories | CVE-2014-2533
MD5 | 7a562f56fafb417de6cf725f6b38c71d
Linux/x86 execve(/bin/sh) + MMX/ROT13/XOR Shellcode
Posted Oct 8, 2018
Authored by Kartik Durg

104 bytes small Linux/x86 execve(/bin/sh) + MMX/ROT13/XOR shellcode (encoder/decoder).

tags | x86, shellcode
systems | linux
MD5 | 91a1c7261b81497074a6cfeffc31630e
Linux/x86 execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode
Posted Oct 4, 2018
Authored by Pedro Cabral

50 bytes small Linux/x86 execve(/bin/sh) + NOT +SHIFT-N+ XOR-N encoded shellcode.

tags | x86, shellcode
systems | linux
MD5 | 64b57a9f7a3293afd5379cf96dc5385d
Solaris EXTREMEPARR dtappgather Privilege Escalation
Posted Sep 25, 2018
Authored by Brendan Coles, Hacker Fantastic, Shadow Brokers | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment (CDE) on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any location on the filesystem using the DTUSERSESSION environment variable. This Metasploit module creates a directory in /usr/lib/locale, writes a shared object to the directory, and runs the specified SUID binary with the shared object loaded using the LC_TIME environment variable. This Metasploit module has been tested successfully on: Solaris 9u7 (09/04) (x86); Solaris 10u1 (01/06) (x86); Solaris 10u2 (06/06) (x86); Solaris 10u4 (08/07) (x86); Solaris 10u8 (10/09) (x86); Solaris 10u9 (09/10) (x86).

tags | exploit, x86, root
systems | solaris
advisories | CVE-2017-3622
MD5 | f10a9baa72d2639e9298d5dc6fb5e7c2
Linux/x86 Egghunter (0x50905090) + sigaction() Shellcode
Posted Sep 20, 2018
Authored by Valbrux

27 bytes small Linux/x86 egghunter (0x50905090) + sigaction() shellcode.

tags | x86, shellcode
systems | linux
MD5 | 98c3b4f85def0478d23b5494b10248c2
Solaris libnspr NSPR_LOG_FILE Privilege Escalation
Posted Sep 18, 2018
Authored by Marco Ivaldi, Brendan Coles | Site metasploit.com

This Metasploit module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library (libnspr) on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the `NSPR_LOG_FILE` environment variable. The log file is created with the privileges of the running process, resulting in privilege escalation when used in combination with a SUID executable. This Metasploit module writes a shared object to the trusted library directory `/usr/lib/secure` and runs the specified SUID binary with the shared object loaded using the `LD_LIBRARY_PATH` environment variable. This Metasploit module has been tested successfully with libnspr version 4.5.1 on Solaris 10u1 (01/06) (x86) and Solaris 10u2 (06/06) (x86).

tags | exploit, arbitrary, x86, root
systems | solaris
advisories | CVE-2006-4842
MD5 | 0f80a93992c7fdfbc617a2b680a3059e
Linux/x86 Random Bytewise XOR + Insertion Encoder Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

54 bytes small Linux/x86 random bytewise XOR + insertion encoder shellcode.

tags | x86, shellcode
systems | linux
MD5 | 06349f5063d609d0069f113064a877b7
Linux/x86 File Modification(/etc/hosts) Polymorphic Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

99 bytes small Linux/x86 file modification (/etc/hosts) polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | b6b68473df8cea8e32cab90f6a2fb2df
Linux/x86 Read File (/etc/passwd) MSF Optimized Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

61 bytes small Linux/x86 read file (/etc/passwd) MSF optimized shellcode.

tags | x86, shellcode
systems | linux
MD5 | 774bb96e53da0cf6170ece1a360e3be1
Linux/x86 Add User(r00t/blank) Polymorphic Shellcode
Posted Sep 14, 2018
Authored by Ray Doyle

103 bytes small Linux/x86 add user (r00t/blank) polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | 688f6c9dd5bbf7d04ce90d82048badff
Linux/x86 IPv6 Reverse TCP Shellcode Generator
Posted Aug 31, 2018
Authored by Kevin Kirsche

94 bytes small Linux/x86 IPv6 reverse TCP shellcode generator.

tags | x86, tcp, shellcode
systems | linux
MD5 | 56a1d4c121dd1129c1e1128c8a0c5b07
Linux/x86 Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
Posted Aug 31, 2018
Authored by Kevin Kirsche

Linux/x86 dual network stack (IPv4 and IPv6) bind TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0dd1f19482e4deabce127fe130413c4a
FreeBSD Security Advisory - FreeBSD-SA-18:09.l1tf
Posted Aug 15, 2018
Site security.freebsd.org

FreeBSD Security Advisory - On certain Intel 64-bit x86 systems there is a period of time during terminal fault handling where the CPU may use speculative execution to try to load data. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods. This issue affects bhyve on FreeBSD/amd64 systems. An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.

tags | advisory, x86, kernel
systems | freebsd, bsd
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | d2d8d94bd9c95b68c83e957598d1c85c
Linux/x86 Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell Shellcode
Posted Aug 3, 2018
Authored by Kartik Durg

86 bytes small Linux/x86 reverse TCP (::FFFF:192.168.1.5:4444/TCP) shell (/bin/sh) + null-free + IPv6 shellcode.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 841854d50e743d5f6ad22336b8cda687
Linux/x86 TCP/4444 Bindshell Shellcode
Posted Jul 24, 2018
Authored by Kartik Durg

100 bytes small Linux/x86 /bin/sh bindshell IPv6 TCP/4444 shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 0dc31090de755d284bd719ffb52f6db9
Linux/x86 Kill Process Shellcode
Posted Jul 9, 2018
Authored by Nathu Nandwani

20 bytes small Linux/x86 kill process shellcode.

tags | x86, shellcode
systems | linux
MD5 | 85b2934d4f610ce119d7650948da097e
Linux/x86 Execve /bin/cat /etc/passwd Shellcode
Posted Jul 2, 2018
Authored by Anurag Srivastava

37 bytes small Linux/x86 execve /bin/cat /etc/passwd shellcode.

tags | x86, shellcode
systems | linux
MD5 | 4d27f629e415202443486cfadf82494b
Linux/x86 TCP/4444 Bindshell Shellcode
Posted May 31, 2018
Authored by Paolo Perego

105 bytes small Linux/x86 bindshell shellcode that spawns on TCP/4444.

tags | x86, tcp, shellcode
systems | linux
MD5 | 843af161ff8f5f667b5b1c61ca684aff
Linux/x86 Egghunter + access() Shellcode
Posted May 31, 2018
Authored by Paolo Perego

38 bytes small Linux/x86 egghunter + access() shellcode.

tags | x86, shellcode
systems | linux
MD5 | 387772621eb89201ab1a444b0f1cfc2f
Linux/x86 TCP/5555 Bindshell Shellcode
Posted May 28, 2018
Authored by Luca Di Domenico

98 bytes small Linux/x86 TCP/5555 bindshell shellcode.

tags | x86, tcp, shellcode
systems | linux
MD5 | 460b0890fcf26db29390427ea3c1ed44
Page 1 of 34
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close