exploit the possibilities
Showing 1 - 25 of 910 RSS Feed

x86 Files

Cisco AnyConnect Path Traversal / Privilege Escalation
Posted Jun 25, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The attack consists in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service. This service will then launch the vulnerable installer component (vpndownloader), which copies itself to an arbitrary location before being executed with system privileges. Since vpndownloader is also vulnerable to DLL hijacking, a specially crafted DLL (dbghelp.dll) is created at the same location vpndownloader will be copied to get code execution with system privileges. This exploit has been successfully tested against Cisco AnyConnect Secure Mobility Client versions 4.5.04029, 4.5.05030 and 4.7.04056 on Windows 10 version 1909 (x64) and Windows 7 SP1 (x86).

tags | exploit, arbitrary, x86, local, tcp, code execution
systems | cisco, windows, 7
advisories | CVE-2020-3153
MD5 | 0ce466f922be78b19e5b1169c13ef711
Keystone 0.9.2
Posted Jun 23, 2020
Authored by Nguyen Anh Quynh | Site keystone-engine.org

Keystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, and X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go and Rust available and also has native support for Windows and various Unix flavors.

Changes: Added a better installer for Linux , an Ethereum VM architecture, and various other updates.
tags | tool, x86, python, ruby
systems | windows, unix
MD5 | 358fb4dc10cac08d9463bb9c2c7a8695
Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode
Posted Jun 15, 2020
Authored by Xenofon Vassilakopoulos

102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | 979a6e0e42c8f46c1647b1c2de0c533a
Linux/x86 Tiny Read Polymorphic Shellcode
Posted Jun 9, 2020
Authored by Xenofon Vassilakopoulos

75 bytes small Linux/x86 tiny read polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | d6f58fd7c7c280218ab60f1656e524b7
Microsoft Windows NtUserMNDragOver Local Privilege Escalation
Posted May 8, 2020
Authored by Clement LECIGNE, timwr, Grant Willcox | Site metasploit.com

This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008.

tags | exploit, x86
systems | windows, 7
advisories | CVE-2019-0808
MD5 | e65eeb8c736544fe952269396a557f62
Linux/x86 Egghunter Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.

tags | x86, shellcode
systems | linux
MD5 | 3cc1d7e8ad5391ad63e8cd52726be7e0
Linux/x86 Reverse Shell Generator Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.

tags | shell, x86, tcp, shellcode
systems | linux
MD5 | 937201f1ff92ab4fabd623cad7224a07
Linux/x86 Dynamic MMX+FPU Encoded Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | b4cd1c73f54aff707a22b55b2944bd8d
Linux/x86 Add Root User Shellcode
Posted Apr 24, 2020
Authored by Bobby Cooke

107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.

tags | x86, root, shellcode
systems | linux
MD5 | 20be4a130a7c7deaf759ff5c00029968
Microsoft Windows Firewall Disabling Shellcode
Posted Apr 20, 2020
Authored by Bobby Cooke

644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service.

tags | remote, x86, local, shellcode
systems | windows
MD5 | a1d9a1235afb2e385b7e22e9cfe721eb
Linux/x86 Egghunter / Null-Free Shellcode
Posted Apr 20, 2020
Authored by Shubham Singh

33 bytes small Linux/x86 egghunter null-free shellcode.

tags | x86, shellcode
systems | linux
MD5 | f143c7106d8f990b5f7946ceed5264ed
10Strike LANState 9.32 Host Check hostname Buffer Overflow
Posted Apr 1, 2020
Authored by Hodorsec

10Strike LANState version 9.32 on x86 Host Check hostname SEH buffer overflow exploit.

tags | exploit, overflow, x86
MD5 | 7f1eb06b56c5aa79bd94057284b6f222
Linux/x86 Reboot Polymorphic Shellcode
Posted Mar 23, 2020
Authored by Upayan

26 bytes small Linux/x86 reboot polymorphic shellcode.

tags | x86, shellcode
systems | linux
MD5 | 0bb419e343fdc1c9caa66d7e15685c4f
Windows/x86 Null Free WinExec Calc.exe Shellcode
Posted Feb 22, 2020
Authored by Bobby Cooke

195 bytes small Windows/x86 null-free WinExec Calc.exe shellcode.

tags | x86, shellcode
systems | windows
MD5 | 3a4badf48892d3a5e330a3f28dc99060
Linux/x86 Bind Shell Generator Shellcode
Posted Feb 10, 2020
Authored by Bobby Cooke

114 bytes small Linux/x86 bind shell generator shellcode.

tags | shell, x86, shellcode
systems | linux
MD5 | 9b7bafc7ff4aa9cacdbde1039bca23ca
Windows/x86 Dynamic Bind Shell / Null-Free Shellcode
Posted Jan 30, 2020
Authored by Bobby Cooke

571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode.

tags | shell, x86, shellcode
systems | windows
MD5 | 61ae8434a5edb8b37775ebb965df9ff6
Linux/x86 Random Bytes Encoder + XOR/SUB/NOT/ROR execve(/bin/sh) Shellcode
Posted Jan 9, 2020
Authored by Xenofon Vassilakopoulos

114 bytes small Linux/x86 random bytes encoder and XOR/SUB/NOT/ROR execve(/bin/sh) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 6821b8b561a61bc5d34076f52fd398bd
Linux/x86 Execve() Alphanumeric Shellcode
Posted Jan 4, 2020
Authored by bolonobolo

66 bytes small Linux/x86 Execve() alphanumeric shellcode.

tags | x86, shellcode
systems | linux
MD5 | dc65b7d56e2af0a082cb78cc43043b20
Linux/x86 Encoder / Decoder Shellcode
Posted Dec 26, 2019
Authored by Xenofon Vassilakopoulos

117 bytes small Linux/x86 encoding of random bytes + XOR/SUB/NOT/ROR and also decodes ROL/NOT/ADD/XOR execve(/bin/sh) shellcode.

tags | x86, shellcode
systems | linux
MD5 | e07a6559c970bfcdf5f4081ecd9a49e7
Microsoft Windows 7 (x86) BlueKeep RDP Use-After-Free
Posted Nov 19, 2019
Authored by 0xeb-bp

Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit.

tags | exploit, remote, x86, kernel, protocol
systems | windows, 7
advisories | CVE-2019-0708
MD5 | 2c3d703bbfbb24401c0d36420ac618d0
Ubuntu Security Notice USN-4186-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4186-3 - USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-16746, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, CVE-2019-2215
MD5 | 35657c491a35b8937950f7a7a72bcfec
Ubuntu Security Notice USN-4185-3
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4185-3 - USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 48c055fdc23ec8eaea074849871aa586
Ubuntu Security Notice USN-4183-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4183-2 - USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-16746, CVE-2019-17666
MD5 | 63968a584ee33d219857ed9bdd445938
Ubuntu Security Notice USN-4184-2
Posted Nov 14, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4184-2 - USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.

tags | advisory, x86, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666
MD5 | 729df00f6313e1ee60a63c8d339f79f4
Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) Null Free Shellcode
Posted Oct 30, 2019
Authored by Daniel Ortiz

47 bytes small Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) null free shellcode.

tags | x86, shellcode
systems | linux
MD5 | a9113f7b013779f563b04b416050d879
Page 1 of 37
Back12345Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close