This exploit code is for a buffer overflow vulnerability in GlobalScape Secure FTP Server. The code is written in Python and is designed to overwrite the EIP (Extended Instruction Pointer) register. It sends a malicious buffer to the server and then connects to port 4444 on the victim machine. This code can be used to gain unauthorized access to the victim machine.
This vulnerability allows an attacker to execute SQL queries on the database without the need for authentication. By injecting malicious SQL code into the 'user_id' parameter, an attacker can retrieve sensitive information from the database.
This code is a setuid ARPUS/ce exploit that can be used to escalate privileges on a system. It overwrites the /etc/ld.so.preload file, which can severely impact the system. The exploit takes advantage of a vulnerability in the ce program, which drops privileges under certain conditions. By exporting a faulty display, the program does not drop privileges, allowing the attacker to gain root access.
This exploit overwrites the thr_jmp_table in ESRI Arcgis 9.x, allowing for local root privilege escalation. The exploit has been tested on Solaris 10.
This exploit allows an attacker to gain system privileges on BulletProof FTP Server v2.4.0.31. The attacker can execute arbitrary commands with system-level privileges.
The OpenSiteAdmin 0.9.7 BETA version is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by injecting a malicious file path in the 'path' parameter of the 'pageHeader.php' file. This allows the attacker to include and execute arbitrary files on the server.
This exploit takes advantage of a remote buffer overflow vulnerability in Quiksoft EasyMail 6. The vulnerable method is AddAttachment. The latest version of the software does not support this method. The exploit was created out of boredom and interest sparked by a similar post. For more details, refer to the advisory at http://www.bmgsec.com.au/advisory/48/.
This is a Proof of Concept (POC) for a stack buffer overflow vulnerability in Notepad++ version 5.4.5. The vulnerability allows an attacker to overwrite the stack and potentially execute arbitrary code.
This exploit takes advantage of a format string vulnerability in the Snmppd SNMP proxy daemon. The vulnerability allows an attacker to hijack the Global Offset Table (GOT) entry of the strdup function. The exploit is successful on the third attempt.
This is a scanner program written in C that is used to scan for the second dcom vulnerability (MS03-039). It is based on the work of buildtheb0x, kid, and farp, and also on packet sniffs of MS's dcom2 scanner.
Services By CQR
