DB: 2022-11-10

20 changes to exploits/shellcodes/ghdb

0 new exploits/shellcodes

Too many to list!

exploits/android/remote/47157.txt

@@ -9,4 +9,4 @@ CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns ....
 With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video (with tiles enabled - ps_pps->i1_tiles_enabled_flag) you can possibly do RCE. The codec affected is HVEC (a.k.a H.265 and MPEG-H Part 2)
 
 POC:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47157.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47157.zip

exploits/ios/local/47409.txt

@@ -11,7 +11,7 @@ This is an alternative (and complete) exploit for CVE-2019-8605. I have only imp
 
 POC:
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47409.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47409.zip
 
 [1] https://gist.github.com/ur0/a9b2d8088479a70665f729c4e9bf8720
 [2] https://twitter.com/Pwn20wnd/status/1163392040073191426

exploits/linux/dos/46745.txt

@@ -211,4 +211,4 @@ That leaves numbers 2 and 3, I guess, unless someone has a better idea?
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46745.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46745.zip

exploits/linux/dos/46781.txt

@@ -290,4 +290,4 @@ Segmentation fault (core dumped)
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46781.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46781.zip

exploits/multiple/dos/46565.txt

@@ -23,4 +23,4 @@ $ /ssd/chrome_trunk/src/out/Tsan/chrome --enable-blink-features=MojoJS
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46565.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46565.zip

exploits/multiple/dos/46566.txt

@@ -28,4 +28,4 @@ The testcase assumes that the domains test0.com - test63.com all resolve to your
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46566.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46566.zip

exploits/multiple/dos/46570.txt

@@ -12,4 +12,4 @@ I've attached a PoC (using the MojoJS bindings) that demonstrates the issue in a
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46570.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46570.zip

exploits/multiple/dos/46571.txt

@@ -48,4 +48,4 @@ $ /ssd/chrome_trunk/src/out/Asan/chrome --enable-blink-features=MojoJS --user-da
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46571.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46571.zip

exploits/multiple/dos/46648.txt

@@ -48,4 +48,4 @@ The gained primitive (obtaining more or less arbitrary entitlements) can then e.
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46648.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46648.zip

exploits/windows/dos/46569.txt

@@ -45,4 +45,4 @@ Please also note that most of the logic shown above for CObjectElement::FinalCre
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46569.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46569.zip

exploits/windows/dos/46604.txt

@@ -6,4 +6,4 @@
 # CVE : CVE-2019-0808
 
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46604.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46604.zip

exploits/windows/dos/46867.txt

@@ -127,4 +127,4 @@ MiniGDIEx!DllUnregisterServer+0x2f95:
 ---
 
 PoC files:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46867.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46867.zip

exploits/windows/dos/47454.md

@@ -22,4 +22,4 @@ After this steps we can see next:
 I was use msec.dll (!exploitable) is a Windows debugging extension (Windbg) that provides automated crash analysis and security risk assessment [Download msec.dll](https://archive.codeplex.com/?p=msecdbg)
 As you can see msec.dll checked this crash and decide that is EXPLOITABLE crash, because SEH chain is corrupted. It is means that attacker can use this vulnerability for remote code execution.
 
-EDB Note: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47454.bsp
+EDB Note: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47454.bsp

exploits/windows/local/46189.txt

@@ -14,4 +14,4 @@ Antivirus signature DAT file version: 1297458144
 
 POC:
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46189.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46189.zip

exploits/windows/local/46683.txt

@@ -6,4 +6,4 @@ This vulnerability allows low privileged users to hijack file that are owned by
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46683.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46683.zip

exploits/windows/local/46747.txt

@@ -32,4 +32,4 @@ The PoC executes ExitProcess inside the hardened process and verifies the return
 
 
 Proof of Concept:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/46747.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46747.zip

exploits/windows/local/47389.txt

@@ -45,7 +45,7 @@ C:\Windows\win.ini has had it's security descriptor rewritten to grant
 'Full Control' to the low privileged user.
 
 PoC files:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47389.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47389.zip
 
 References:
 https://github.com/sgabe/CVE-2019-1253

exploits/windows/remote/42031.py

@@ -9,8 +9,8 @@ EternalBlue exploit for Windows 7/2008 by sleepya
 The exploit might FAIL and CRASH a target system (depended on what is overwritten)
 
 EDB Note: Shellcode
-- x64 ~ https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/42030.asm
-- x86 ~ https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/42031.asm
+- x64 ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42030.asm
+- x86 ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42031.asm
 
 Tested on:
 - Windows 7 SP1 x64

exploits/windows_x86-64/dos/47393.txt

@@ -15,7 +15,7 @@ Open aaaaa.ml via affected notepad++
 
 POC files:
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/47393.zip
+https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47393.zip
 
 Result:
 

exploits/windows_x86-64/remote/42030.py

@@ -10,8 +10,8 @@ The exploit might FAIL and CRASH a target system (depended on what is overwritte
 The exploit support only x64 target
 
 EDB Note: Shellcode
-- x64 ~ https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/42030.asm
-- x86 ~ https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/42031.asm
+- x64 ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42030.asm
+- x86 ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42031.asm
 
 Tested on:
 - Windows 2012 R2 x64