Code for afp bug found by Braden Thomas. The code establishes a session with a server using an Open Directory domain.
DelphiTurk CodeBank 3.1 (and previous versions) discloses username and password to local users.
This script demonstrates a remote denial of service vulnerability in Foxmail Server. By sending a specially crafted email, an attacker can cause the server to crash, resulting in a denial of service for legitimate users.
This is a local exploit script written in bash that targets exim versions <= 4.42. It includes a C code snippet that is used to get the address of a given environment variable. The script then compiles the C code and copies it to /usr/bin. It then changes directory to /usr/exim/bin and executes the exim binary with a crafted argument that triggers the exploit.
This is a buffer overflow exploit for Free Download Manager version 3.0 Build 844. The exploit utilizes a SEH overflow and a shellcode builder/assembler technique called 'shell building'. It demonstrates how power can be obtained with limitations to the buffer.
This is a local root exploit for Adobe Version Cue on Mac OS X. It allows an attacker to gain root privileges on the system.
This is a proof of concept exploit for the 3CServer v1.1 FTP server. It uses a buffer overflow vulnerability to overwrite the SEH pointer. The exploit code is written in C and includes a shellcode that opens a reverse shell on port 1180. The exploit works by sending a specially crafted FTP command to the server.
This exploit allows an attacker to create a directory called "xfinder" in the user's home directory. Once the root user modifies the directory using Finder, the exploit will write to the .DS_Store file in that directory. The data written to the .DS_Store file will consist of the filenames/subdirectories and attributes of the directory. The exploit works by linking the .DS_Store file to /etc/crontab and creating a special unicode(utf8 encoded) file in the directory. The file created in unicode contains a line that will overwrite /etc/sudoers with "ALL ALL=(ALL) ALL" when written to /etc/crontab. This allows the attacker to escalate privileges and sudo to root.
This exploit targets Amaya Web Editor version 11 and allows remote attackers to overwrite the Structured Exception Handler (SEH) chain, leading to arbitrary code execution. It takes advantage of a vulnerability in the handling of the 'dir' parameter in the HTML code.
This exploit takes advantage of a vulnerability in the PERLIO_DEBUG functionality. It allows an attacker to overwrite the /etc/ld.so.preload file and gain root privileges on the targeted system.
Services By CQR