An overlong string as DSC comment (more than 42000 bytes) results in a direct EIP overwrite. Exception is first-chance so the program will never crash. At the moment of the redirection EAX and ESI are user-controlled. This portion of the buffer begins with '%' (it is the next DSC comment) but as you can see the resulting pattern is nop-equivalent.
This is a proof of concept (PoC) exploit for a remote stack overflow vulnerability in Crob FTP Server 3.6.1 on Windows XP. The exploit is designed to execute arbitrary code on the vulnerable server.
This exploit allows an attacker to bypass the admin login of PHP/MYSQL scripts. By using the login '-' and password '-', the attacker can gain admin access.
This POC code binds shell on port 2001 of a vulnerable e-Post SPA-PRO Mail @Solomon IMAP server. It assumes default mailbox configuration C:mailinbox%USERNAME%. Any changes to the mailbox configuration will cause this POC to fail due to the length differences.
This script sets up a fake SMTP server which allows an attacker to exploit a buffer overflow vulnerability. The script contains an egghunter and a bind shell payload.
This is a remote root exploit for Ethereal (0.10.0 to 0.10.10) SIP Dissector. It adds a user named 'su' with password 'su' on the victim host.
Execution of a particular program from the Arachne suite reliably causes a kernel panic due to a NULL-pointer dereference in nfs4_proc_lock().
This proof of concept code demonstrates an integer overflow vulnerability in the Cisco VPN Client. If a maliciously crafted file containing malformed characters is read by the application, it will crash. This vulnerability has been tested on various Windows operating systems and different versions of the Cisco VPN Client.
Xlpd is an LPD (Line Printer Daemon) application for MS Windows platforms. When applying Xlpd, your local PC with a printer becomes a print server where the print jobs from various remote systems are requested and processed in a networked environment. Xlpd helps you print remote files locally without manually downloading them into your local computer. When you are connected to a remote UNIX/Linux system with Xmanager or Xshell program and want to print some data of the remote system, just enter the print command on the terminal prompt.
This exploit allows a local user on the server to read other people's emails. The exploit code includes padding with NOPs and uses the Aleph1 shellcode for executing a shell. The exploit requires a local user account on the server.