21 bytes small Linux/x86 execve /bin/sh using JMP-CALL-POP shellcode.
7072ff03bdce88914fe922536fba949945b1a59a092d1841f88e4040fc7d73f5
129 bytes small Linux/x86 chmod + execute + hide output via /usr/bin/wget shellcode.
d71026b126f921724e16445e34b085a5d7ac0a2d632fd2da03c87d64173716c6
191 bytes small Windows/x86 start iexplore.exe shellcode.
0847049573c193746ea36e43de7fcdafd94e46024c09f28c2f50f959e6cc4353
210 bytes small Windows/x86 bitsadmin download and execute shellcode.
e9d5c3f3eed4ac99877670df0c79846e46237e60811013236f0f91d47c45142a
Linux/x86 ASCII AND, SUB, PUSH, POPAD encoder shellcode.
0f59482898b8c68eff13a6977fa8a7526c9180866f8a667284241beca5475c10
66 bytes small Linux/x86 Reposition + INC encoder with execve(/bin/sh) shellcode.
e80a4bf85e6119d70fae11d28f8d56550cec2e134850fe17f134fd35b79dc636
43 bytes small Linux/x86 /sbin/iptables -F shellcode.
6446bf86d89910de8c55dcd39fd9780b1c1fbb891262e2a8b15260ab46424841
20 bytes small Linux/x86 execve /bin/sh shellcode.
31a2c43fd439c5d7bc541e9c1b71463958758c334d675cd7ab929cc856150d92
This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript. This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.
60039dc761905e4a2ed93286404ec19777dfd73ef434ef8a80431ab28e2ebbc1
59 bytes small Linux/x86 multiple keys XOR encoder / decoder execve(/bin/sh) shellcode.
f535c1389683c122f2cb79a76398628c16ef71ccc62b96cc600d41025a013199
72 bytes small Linux/x86 shred file shellcode.
d2c6924adaead208a3b0dc435c7c97695d43eb953acf4b9059c341fc8aa4ec92
185 bytes small Linux/x86 OpenSSL encrypt files with aes256cbc shellcode.
842ea3d9b6e3a57c98cbfbd303fd9a148692bcc94bb775068c44aa706bd31176
91 bytes small Linux/x86 reverse shell shellcode and python wrapper.
3f52529e418f414d105f6075e8a10c26fdb6816068e0780c0c7b2c9eae52579a
200 bytes small Linux/x86 rabbit shellcode crypter.
fb37ba82e4027cf10d73e32e412a4e7e6aa23a6579a76d4bce9a870c287d9323
125 bytes small Linux/x86 cat file encode to base64 and post via curl to webserver shellcode.
2919240ee9666114771f7201d4f70cd1483e03a840365e658c60c14e1af48c2c
61 bytes small Linux/x86 MMX-PUNPCKLBW encoder shellcode.
1c90863f3df70f5b09f6aded2f996bf748aa46d19feb3aba4e7bbd6ec5224d33
149 bytes small Linux/x86 add user to passwd file shellcode.
bf73d95b4a5baef9f67e3f2b18778db4bfc0f6b65967c221db6809a94407bca0
Linux/x86 polymorphic shellcode for execve(/bin/sh).
9858aa6d8f4d92a761b460a1cec910804adffbe53f7032067351eca04c326c30
Anyburn version 4.3 x86 "Copy disc to image file" buffer overflow SEH unicode exploit.
093efaf0e4484fa5ee3691f96a71fdfc76d836f48b33f9b0e592f75d34a8ad15
Linux/x86 insertion encoder and decoder shellcode.
232a3ba577ebd0f1ab1c5e2f99d661e44cd0cb77813fb985d5c81b3e1fb9f5e4
This Metasploit module exploits a vulnerability in the FreeBSD kernel, when running on 64-bit Intel processors. By design, 64-bit processors following the X86-64 specification will trigger a general protection fault (GPF) when executing a SYSRET instruction with a non-canonical address in the RCX register. However, Intel processors check for a non-canonical address prior to dropping privileges, causing a GPF in privileged mode. As a result, the current userland RSP stack pointer is restored and executed, resulting in privileged code execution.
f1711c3320d7c4e9f80661d007057fb1b0b673f47fb51ec2968a821bc6aa8991
43 bytes small Linux/x86 iptables -F shellcode.
b63cdfacaa4dd93070543eb2e434fbf0b294c583eff6d71274b9031a60785919
44 bytes small Linux/x86 execve() /bin/sh NOT encoder and decoder shellcode. This technique is useful for bypassing some AV systems.
6654db7674b9291540e7929faf928cae28e1c8115d25095d7d7e17e3f869355d
45 bytes small Linux/x86 XOR encoder and decoder shellcode tool.
53cc6383c1503adc9fee0b000a25b33ee5a694c3e686d5c465a656763c1d5585
Linux/x86 random insertion encoder and decoder shellcode generator.
1c874cdca741bb9b1f5cb83bff6c4ba8db8cdc97becf03410749a4943debc7e3