The exploit allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in the User-Agent HTTP header.
This exploit allows an attacker to execute arbitrary code on a vulnerable SlimFTPd server. By sending a large buffer to certain commands such as CWD, STOR, MKD, STAT, the attacker can trigger a buffer overflow, potentially leading to remote code execution. The attacker needs to be logged in to the server. The vendor has been notified and is working on a fix.
This exploit allows an attacker to execute arbitrary code remotely by exploiting a vulnerability in IntelliTamper 2.07. The exploit is based on the work of Koshi, written in Perl, but this version is more stable. The purpose of this exploit is for educational and learning purposes about win32 exploitation.
Based on Ruder's discovery, this exploit allows an attacker to execute arbitrary code by sending a long parameter to the ping command in the telnet service of CCProxy server. The vulnerability is a stack-based overflow. The exploit uses a shellcode that binds to port 101 and connects back to the attacker using netcat. This exploit has been tested on Windows XP SP1 English.
Plogger is vulnerable to SQL Injection issues that allow for arbitrary file disclosure. The vulnerability can be exploited through plog-download.php and plog-remote.php files. The flaw allows an attacker to inject malicious SQL queries and retrieve arbitrary files from the target server.
The syzygyCMS 0.3 has a Local File Inclusion vulnerability. An attacker can exploit this vulnerability by manipulating the 'page' parameter in the URL to include arbitrary files from the server.
This exploit takes advantage of a format string bug in qwik-smtpd. The exploit overwrites the LSW and MSW of the exit() GOT entry in two stages. It then sends an EXIT command to force the qwik-smtpd to jump into the shellcode. The exploit also circumvents the filtering of spaces chars by using another char (0x10) and decrementing it before calling the int 0x80 syscall.
This script is a remote DoS exploit against a vulnerability in Cisco IOS. It works by using hping to send a large number of packets to the target device, causing it to become unresponsive. The script requires tcsh and hping to be installed. It also requires root privileges or the script to be setuid root due to hping's use of raw sockets. The example provided demonstrates how the script can be used to target a specific IP address and TTL value.
This exploit takes advantage of a stack overflow vulnerability in CCProxy Log. It allows an attacker to execute arbitrary code by sending a specially crafted HTTP request. The exploit includes a shellcode that is injected into the vulnerable process to gain remote access to the system.
This exploit runs calc.exe tested on Win XP Pro sp3;If you run it on another vs of Win make sure you change the retaddress, but it works almost all the time so...
Services By CQR