This exploit uses sys_brk directly to expand his break and doesn't rely on the ELF loader to do it. To bypass a check in sys_brk against available memory, a high virtual address is used as the base address. In most cases, the stack is moved so that the break can be expanded.
This Exploit will run a webserver that will create and execute a batch file on the victim's computer when visiting this malicious server. This perl script is a small HTTP server for a check ofthe vulnerability. BTW, you can exploit this vulnerability without a server like this if your apache or etc., allow a request URL that contains '..'.
This is a remote exploit for mod_gzip (debug_mode) on Linux/*BSD systems. It can be used in single mode or brute mode. In single mode, it connects to the target on port 80 and tries to connect to port 2003. In brute mode, it uses a step of 1000 and tries to connect to port 2003. If successful, it will give a shell access to the target.
This exploit is a private version of a public exploit posted to packetstorm. It is a buffer overflow exploit that targets Windows 2000/XP/2003 systems. It crashes the 'services.exe' process when the user exits from the shell. The exploit is written in C and uses the Winsock2 library.
This exploit is used to exploit a buffer overflow vulnerability in ListBox/ComboBox controls in Win32 systems. It is created by xCrZx and was tested on WinXP. It requires the user to enter the handle addresses of the program handles, such as the handle of Edit/RichEdit/etc (to store shellcode) and the handle of ListBox/ComboBox. It then sets the shellcode and return addresses and sends the shellcode and exploit messages.
This exploit is a typical local stack-based overflow vulnerability discovered by c0wboy from 0x333. It enables bruteforcing by using return address from a starting return address to 0x00000000.
This is an helper dynamic library for local privilege escalation through MySQL run with root privileges. It allows attackers to execute arbitrary system commands by creating a custom written dynamic library containing User Defined Functions (UDFs). It was tested on MySQL 4.0.17.
This exploit is based on code by Cody Tubbs (loophole of hhp) and is used to gain root access on a system. It uses a buffer overflow vulnerability to overwrite the return address of the program with the address of the shellcode. The exploit then executes the shellcode which sets the UID to 0 and copies a shell to /tmp/core and sets the permissions to 4555.
This exploit is a Denial of Service (DoS) vulnerability in WU-FTPD 2.6.2. It allows an attacker to send a specially crafted LIST command to the server, which causes the server to freeze. This exploit was discovered by Angelo Rosiello in 2003.
This exploit is a standard buffer overflow in the default Solaris runtime linker (ld.so.1). The exploit uses ld.so.1's own ___cpy() functions to move the shellcode into an appropriate place in memory. The exploit also sets up a signal handler and a longjmp to call the vulnerable function.
Services By CQR