Twenty Year Anniversary
Showing 101 - 125 of 801 RSS Feed

x86 Files

PaX Reference Count Overflow Mitigation Bypass
Posted Jul 8, 2016
Authored by Jann Horn, Google Security Research

PaX contains a mitigation for reference count overflows that is intended to prevent atomic_t variables from reaching 0x80000000 and, more importantly, wrapping around to zero. A documented special case on x86 is that, because "atomically increment unless current value is X" cannot be implemented without a cmpxchg loop, the code instead increments the counter, checks for an overflow and, if an overflow happened, immediately decrements the counter back.

tags | exploit, overflow, x86
systems | linux
MD5 | e880c7eff8d7b6a8064df89a254883a5
Linux/x86 TCP Bind Shell Port 4444 Shellcode
Posted Jul 4, 2016
Authored by sajith

98 bytes small Linux/x86 TCP bindshell shellcode that binds to port 4444.

tags | x86, tcp, shellcode
systems | linux
MD5 | 4a1ea50781ae2e42b0e0532389538780
Windows 7 SP1 x86 Privilege Escalation
Posted Jun 30, 2016
Authored by blomster81

Windows 7 SP1 x86 privilege escalation exploit that leverages the issue documented in MS16-014.

tags | exploit, x86
systems | windows, 7
advisories | CVE-2016-0400
MD5 | 74a7278c257d49aa95bce167963b335c
Linux x86 /bin/sh Shellcode With ASLR Bruteforce
Posted Jun 28, 2016
Authored by Pawan Lal

Linux x86 /bin/sh shellcode with ASLR bruteforce.

tags | x86, shellcode
systems | linux
MD5 | 43af17a9f8995210c6ea8bee7f04535b
Windows x86 ShellExecuteA(NULL,NULL,"cmd.exe",NULL,NULL,1) Shellcode
Posted Jun 22, 2016
Authored by Roziul Hasan Khan Shifat

Windows x86 ShellExecuteA(NULL,NULL,"cmd.exe",NULL,NULL,1) shellcode.

tags | x86, shellcode
systems | windows
MD5 | db4fd3b0e05f42ba77be8d93b2ef686c
Microsoft Windows x86 system("systeminfo") Shellcode
Posted Jun 13, 2016
Authored by Roziul Hasan Khan Shifat

Microsoft Windows x86 system("systeminfo") shellcode.

tags | x86, shellcode
systems | windows
MD5 | 7b0e1c8c8aff3137e6f85ee51b04ef90
Windows x86 WinExec("cmd.exe",0) Shellcode
Posted Jun 7, 2016
Authored by Roziul Hasan Khan Shifat

Windows x86 WinExec("cmd.exe",0) shellcode.

tags | x86, shellcode
systems | windows
MD5 | 577b3de97beca0d12e1bf7f04ebc974c
Linux x86 /bin/nc -le /bin/sh -vp13337 Shellcode
Posted Jun 7, 2016
Authored by sajith

56 bytes small Linux/x86 /bin/nc -le /bin/sh -vp13337 shellcode.

tags | x86, shellcode
systems | linux
MD5 | dc7b508935ae05a428d9dd6ff6d915c7
Keystone 0.9
Posted May 31, 2016
Authored by Nguyen Anh Quynh | Site keystone-engine.org

Keystone is a lightweight multi-platform, multi-architecture assembler framework. Highlight features include multi-architecture, with support for Arm, Arm64 (AArch64/Armv8), Hexagon, Mips, PowerPC, Sparc, SystemZ, & X86 (include 16/32/64bit). It has a clean and lightweight architecture-neutral API. It's implemented in C/C++ languages, with bindings for Python, NodeJS, Ruby, Go and Rust available and also has native support for Windows and various Unix flavors.

tags | tool, x86, python, ruby
systems | windows, unix
MD5 | da122aa5ce802c38054bd1e7441e7369
Linux x86 / x64 execve(/bin/bash) Shellcode
Posted Mar 28, 2016
Authored by Ajith KP

33 bytes small Linux x86 / x64 execve(/bin/bash) shellcode.

tags | x86, shellcode, bash
systems | linux
MD5 | 4fad56246b397db1d2afc362fd9c0885
Linux x86 / x64 execve(/bin/sh) Shellcode
Posted Mar 24, 2016
Authored by Ajith KP

26 bytes small Linux x86 / x64 execve(/bin/sh) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 42fc268a7ee3ac09e6cec8aaa22135de
Comodo Antivirus Forwards Emulated API Calls To Real API
Posted Mar 23, 2016
Authored by Tavis Ormandy, Google Security Research

Comodo Antivirus includes a x86 emulator that is used to unpack and monitor obfuscated executables, this is common practice among antivirus products. The idea is that emulators can run the code safely for a short time, giving the sample enough time to unpack itself or do something that can be profiled. Needless to say, this is a very significant and complicated attack surface, as an attacker can trigger emulation simply by sending the victim an email or getting them to visit a website with zero user interaction. Multiple memory corruption issues have been found with the emulator.

tags | exploit, x86
systems | linux
MD5 | b0d2ff12669de241bd05f2f3090eee5b
Comodo Antivirus PSUBUSB Stack Buffer Overflow
Posted Mar 23, 2016
Authored by Tavis Ormandy, Google Security Research

Comodo Antivirus includes a full x86 emulator that is used to unpack executables that are being scanned. Files read from disk or received over the network, including email, browser cache and so on can all trigger emulation. The emulator itself uses a sequence of nested lookup tables to translate opcodes to the routines that emulate them. The xmm/ymm registers are used like a union in C. For example, the registers can be treated as 4 floats, 2 doubles, 2 dwords, 8 shorts and so on - whatever is appropriate. The comodo emulator uses a union to represent these registers, and then each emulated instruction uses whichever union member matches it's function. For example, PUNPCKLBW would use regs->words, PSRLQ would use regs->qwords and so on. The code for PSUBUSB incorrectly uses the wrong union member (words instead of bytes), meaning it will clobber double the space allocated by CPU::MMX_OPCODE(). The fix for this vulnerability is to use the bytes member of the union instead.

tags | advisory, x86
systems | linux
MD5 | 18e722c8e08dee73572315444edd1ce4
Comodo Antivirus Win32 Emulation Integer / Heap Overflow
Posted Mar 23, 2016
Authored by Tavis Ormandy, Google Security Research

A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated programs (CreateFile, LoadLibrary, etc). The emulator itself is located in MACH32.DLL, which is compiled without /DYNAMICBASE, and runs as NT AUTHORITY\SYSTEM. These API routines access memory from the emulated virtual machine, perform the requested operation, and then poke the result back into the emulator. Because these emulated routines are all native code, they must take care not to trust values extracted from the emulator, which is running attacker controlled code. Browsing through the list of emulated routines, MSVBVM60!rtcLowerCaseVar jumped out as an obvious case of integer overflow due to trusting attacker-provided parameters.

tags | exploit, overflow, x86
systems | linux, windows
MD5 | d90a9a8e3ca03311bb0cf2f5d45238f0
Red Hat Security Advisory 2016-0450-01
Posted Mar 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0450-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file could possibly use this flaw to escalate their privileges on the system. It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host.

tags | advisory, denial of service, overflow, arbitrary, x86, kernel, local
systems | linux, redhat
advisories | CVE-2013-2596, CVE-2015-2151
MD5 | 3d1ebf75586be6efc736f3e37729f3bc
Debian Security Advisory 3470-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3470-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345, CVE-2015-8504, CVE-2015-8558, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922
MD5 | 39bf91a809d301fe035ac60af251050f
Debian Security Advisory 3469-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3469-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-8345, CVE-2015-8504, CVE-2015-8558, CVE-2015-8743, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922
MD5 | 34b6d4c51cc5e4f14224ee3dfa59d600
Debian Security Advisory 3471-1
Posted Feb 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3471-1 - Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-7295, CVE-2015-7504, CVE-2015-7512, CVE-2015-7549, CVE-2015-8345, CVE-2015-8504, CVE-2015-8550, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2015-8744, CVE-2015-8745, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981
MD5 | ded9adc12dd631492b3380a60465ca09
Red Hat Security Advisory 2016-0103-01
Posted Feb 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #DB is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, denial of service, x86, kernel, local
systems | linux, redhat
advisories | CVE-2015-8104, CVE-2016-0728, CVE-2016-0774
MD5 | 28b58ec3dcd7bed7f48354876eaed0f5
Linux/x86 Download And Execute Shellcode
Posted Feb 1, 2016
Authored by B3mB4m

Linux/x86 download and execute shellcode.

tags | x86, shellcode
systems | linux
MD5 | 77236914e17e6d5765f8ad5e5b3f0171
Debian Security Advisory 3454-1
Posted Jan 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3454-1 - Multiple vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-5307, CVE-2015-8104, CVE-2016-0495, CVE-2016-0592
MD5 | 928150f1f1fbd941210a4cf479174f9f
64-Bit Linux/x86 unlink ecryptfs-mount-private Shellcode
Posted Jan 24, 2016
Authored by srm

64-bit Linux/x86 unlink ecryptfs-mount-private shellcode.

tags | x86, shellcode
systems | linux
MD5 | c023134e3c2ac7b5673b4aa296e2b7c3
Red Hat Security Advisory 2016-0046-01
Posted Jan 19, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0046-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | 979b27fedb6e66dbdba1eaa7a7dedae5
Red Hat Security Advisory 2016-0024-01
Posted Jan 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0024-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | d059f2158ce2e87f3a78a3da557db557
Microsoft Office / COM Object WMALFXGFXDSP.dll DLL Planting
Posted Jan 12, 2016
Authored by Google Security Research, scvitti

It is possible for an attacker to execute a DLL planting attack in Microsoft Office 2010 on Windows 7 x86 with a specially crafted OLE object.

tags | exploit, x86
systems | linux, windows, 7
advisories | CVE-2016-0016
MD5 | 23b7ee95c59b96ae7e931da8df2eacb9
Page 5 of 32
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    16 Files
  • 26
    May 26th
    17 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close