exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	c7b4bfd8e6	DB: 2017-08-23 23 new exploits Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit) IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit) BSD - Passive Connection Shellcode (124 bytes) BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes) BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes) BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes) BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes) BSD/x86 - Bind Random Port Shellcode (143 bytes) BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh Shellcode (27 bytes) BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes) BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes) BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes) BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes) BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes) BSD/x86 - cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes) BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes) BSD/x86 - execve /bin/cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes) FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes) BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes) FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes) FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes) FreeBSD/x86 - kill all processes Shellcode (12 bytes) FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes) FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes) FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes) FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes) FreeBSD/x86 - Kill All Processes Shellcode (12 bytes) FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes) FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes) FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes) FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes) FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes) FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes) Linux/x86 - Bind Shellcode (Generator) Windows XP SP1 - Bind Shellcode (Generator) (Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode Linux/x86 - cmd Null-Free Shellcode (Generator) (Generator) - Alphanumeric Shellcode (Encoder/Decoder) Linux/x86 - Bind TCP Shellcode (Generator) Windows XP SP1 - Bind TCP Shell Shellcode (Generator) Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator) Linux/x86 - Command Null-Free Shellcode (Generator) Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator) Win32 - Multi-Format Encoding Tool Shellcode (Generator) iOS - Version-independent Shellcode Cisco IOS - Connectback 21/TCP Shellcode Windows x86 - Multi-Format Encoding Tool Shellcode (Generator) iOS Version-independent - Null-Free Shellcode Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes) Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes) Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes) Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes) Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes) Linux/x86 - killall5 polymorphic Shellcode (61 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes) Linux/x86 - reboot() polymorphic Shellcode (57 bytes) Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes) Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes) Linux/x86 - killall5 Polymorphic Shellcode (61 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes) Linux/x86 - reboot() Polymorphic Shellcode (57 bytes) Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes) Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes) Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes) Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes) Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes) Linux/x86 - Shellcode Obfuscator (Generator) Linux/x86 - Shellcode Obfuscator Null-Free (Generator) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes) Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes) Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes) Linux/x86 - /sbin/iptables -F Shellcode (40 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes) Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes) Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes) Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes) Linux/x86 - executes command after setreuid Shellcode (49+ bytes) Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes) Linux/x86 - setreuid + executes command (49+ bytes) Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes) Linux/x86 - Bind 2707/TCP Shellcode (84 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes) Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes) Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes) Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes) Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes) Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes) Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes) Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind 64713/TCP Shellcode (86 bytes) Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes) Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - TCP Proxy Shellcode (236 bytes) Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes) Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes) Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes) Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes) Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes) Linux/x86 - snoop /dev/dsp Shellcode (172 bytes) Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes) Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes) Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - chroot + standart Shellcode (66 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes) Linux/x86 - setreuid/execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Shellcode (64 bytes) Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes) Linux/x86 - setreuid + execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes) Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes) Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes) Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes) Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - iptables -F Shellcode (45 bytes) Linux/x86 - iptables -F Shellcode (58 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes) Linux/x86 - connect Shellcode (120 bytes) Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes) Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind 5074/TCP Shellcode (92 bytes) Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes) Linux/x86 - Add User (t00r) Shellcode (82 bytes) Linux/x86 - Add User Shellcode (104 bytes) Linux/x86 - break chroot Shellcode (34 bytes) Linux/x86 - break chroot Shellcode (46 bytes) Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes) Linux/x86 - Add Root User (t00r) Shellcode (82 bytes) Linux/x86 - Add Root User Shellcode (104 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes) Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes) Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes) Linux/x86 - chroot()/execve() code Shellcode (80 bytes) Linux/x86 - Add User (z) Shellcode (70 bytes) Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes) Linux/x86 - Add Root User (z) Shellcode (70 bytes) Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes) Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes) Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes) Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes) BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes) OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes) OSX/PPC - sync()_ reboot() Shellcode (32 bytes) OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes) OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes) OSX/PPC - sync() + reboot() Shellcode (32 bytes) OSX/PPC - Add user _r00t_ Shellcode (219 bytes) OSX/PPC - Add Root User (r00t) Shellcode (219 bytes) Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid/execve Shellcode (56 bytes) Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes) Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid + execve Shellcode (56 bytes) Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes) Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes) Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes) Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes) Win32 - SEH Omelet Shellcode Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes) Win32 - PEB!NtGlobalFlags Shellcode (14 bytes) Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes) Win32/XP SP2 - cmd.exe Shellcode (57 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - ConnectBack + Download A File + Save + Execute Shellcode Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes) Win32 - Download File + Execute Shellcode (192 bytes) Win32 - Download File + Execute Shellcode (124 bytes) Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes) Win32 SP1/SP2 - Beep Shellcode (35 bytes) Win32/XP SP2 - Pop up message box Shellcode (110 bytes) Win32 - WinExec() Command Parameter Shellcode (104+ bytes) Win32 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes) Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes) Windows x86 - SEH Omelet Shellcode Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes) Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes) Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes) Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator) Windows x86 - Download File + Execute Shellcode (192 bytes) Windows x86 - Download File + Execute Shellcode (124 bytes) Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes) Windows SP1/SP2 x86 - Beep Shellcode (35 bytes) Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes) Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes) Windows x86 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP - Download File + Execute Shellcode Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes) Windows XP - Download File + Execute Null-Free Shellcode Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes) Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes) Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Windows XP SP3 x86 - ShellExecuteA Shellcode Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes) Win32/XP SP2 - calc.exe Shellcode (45 bytes) Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes) Windows XP SP2 x86 - calc.exe Shellcode (45 bytes) Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes) Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes) Linux/x86 - break chroot Shellcode (79 bytes) Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes) Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes) Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes) Win32 XP SP2 (FR) - calc Shellcode (19 bytes) Windows XP SP2 x86 (French) - calc Shellcode (19 bytes) Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes) Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes) Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - /bin/sh Shellcode (8 bytes) Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes) Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes) Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - execve /bin/sh Shellcode (8 bytes) Linux/x86 - disabled modsecurity Shellcode (64 bytes) Win32 - JITed Stage-0 Shellcode Win32 - JITed exec notepad Shellcode Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Linux/x86 - Disabled modsecurity Shellcode (64 bytes) Windows x86 - JITed Stage-0 Shellcode Windows x86 - JITed exec notepad Shellcode Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes) Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes) Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes) Win32 - MessageBox Shellcode (Metasploit) Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes) Windows x86 - MessageBox Shellcode (Metasploit) Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes) Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Genearator With Customizable Text) Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Generator) Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes) Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes) Windows XP SP2 (FR) - Download File + Execute Shellcode Windows XP SP2 (French) - Download File + Execute Shellcode Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes) Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes) Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes) Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes) Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes) Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes) Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes) Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes) Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes) Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes) Linux/x86 - Bind Shell 64533 Shellcode (97 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes) Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes) Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes) Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Win32 - Write-to-file Shellcode (278 bytes) Windows x86 - Write-to-file Null-Free Shellcode (278 bytes) Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes) Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 English - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes) Win32 - Checksum Routine Shellcode (18 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes) Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes) Windows x86 - Checksum Routine Shellcode (18 bytes) Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes) Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes) Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes) Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes) Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes) Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes) ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader (0x1337/TCP) Shellcode ARM - ifconfig eth0 192.168.0.2 up Shellcode ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes) Win32 - Speaking 'You got pwned!' Shellcode FreeBSD/x86 - connect back Shellcode (81 bytes) BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes) Win32 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes) Linux/x86 - ASLR deactivation Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator) Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator) BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes) Windows x86 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes) Linux/x86 - Disable ASLR Security Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes) Linux/x86 - Egghunter Shellcode (29 bytes) Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes) Linux/x86 - Egghunter Null-Free Shellcode (29 bytes) Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes) Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator) Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes) Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes) Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes) Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes) Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes) Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes) Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes) Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes) Windows x64 - Bind TCP Shell Shellcode (508 bytes) Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes) Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes) Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes) Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes) Windows RT ARM - Bind Shell 4444/TCP Shellcode Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode Windows - Messagebox Shellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes) Windows - Add Administrator 'BroK3n' Shellcode (194 bytes) Windows - Messagebox Null-FreeShellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes) Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes) Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes) Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes) Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes) Linux/x86 - Disable ASLR Shellcode (84 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes) Linux/x86 - Disable ASLR Security Shellcode (84 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes) Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes) Win32/XP SP3 - Restart computer Shellcode (57 bytes) Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator) Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes) Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes) Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes) Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes) Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (21 bytes) Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes) Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes) Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes) Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes) Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes) Linux/x86 - exec('/bin/dash') Shellcode (45 bytes) Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes) Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes) Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes) Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes) Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes) Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes) Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes) Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes) OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes) Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator) Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator) OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes) Linux/x86-64 - /bin/sh Shellcode (34 bytes) Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes) OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes) Linux/x86-64 - execve /bin/sh Shellcode (34 bytes) Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes) Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python) Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes) Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes) Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes) Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes) Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes) Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes) Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes) Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes) Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes) Win32 .Net Framework - Execute Native x86 Shellcode Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Windows .Net Framework x86 - Execute Native x86 Shellcode Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator) Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes) Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes) Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes) BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes) Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shellcode (64 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes) Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes) Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes) Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes) Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes) Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes) Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes) Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes) Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes) Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes) Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes) Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes) Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes) Windows x64 - WinExec() Shellcode (93 bytes) Windows x64 - cmd.exe WinExec() Shellcode (93 bytes) Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes) Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes) Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator) Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes) Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes) Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes) Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes) Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes) Linux/x86 - Bind Shell Shellcode (44 bytes) Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes) Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes) Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Disable ASLR Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes) Linux/x86 - Disable ASLR Security Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes) Linux/x86-64 - /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes) Linux/x86-64 - execve /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes) Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes) Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes) Linux x86 - /bin/sh Shellcode (24 bytes) Linux x86 - execve /bin/sh Shellcode (24 bytes) Linux/x86_64 - kill All Processes Shellcode (19 bytes) Linux/x86_64 - Kill All Processes Shellcode (19 bytes) Php Cloud mining Script - Authentication Bypass (Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass	2017-08-23 05:01:29 +00:00
Offensive Security	9e9bf495c2	DB: 2017-04-26 26 new exploits PHP 5.4.0RC6 (x64t) - Denial of Service PHP 5.4.0RC6 (x64) - Denial of Service Evostream Media Server 1.7.1 (x64) - Denial of Service PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH) VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Dmitry 1.3a - Local Buffer Overflow Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Apple Safari - Array concat Memory Corruption Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation Dell Customer Connect 1.3.28.0 - Privilege Escalation LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit Nginx 1.4.0 (Generic Linux x64) - Remote Exploit Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution Microsoft Office Word - Malicious Hta Execution (Metasploit) WePresent WiPG-1000 - Command Injection (Metasploit) OSX/Intel - setuid shell x86_64 Shellcode (51 bytes) OSX/Intel (x86-64) - setuid shell Shellcode (51 bytes) OSX/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes) OSX/Intel (x86-64) - reverse_tcp shell Shellcode (131 bytes) Linux x86 / x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86 / x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86 / x86_64 - Read /etc/passwd Shellcode (156 bytes) Linux x86/x86-64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86/x86-64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86/x86-64 - Read /etc/passwd Shellcode (156 bytes) Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86-64 - Egghunter Shellcode (38 bytes) Linux/x86-64 - Reverse Shell Shellcode (84 bytes) FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery WordPress Plugin KittyCatfish 2.2 - SQL Injection WordPress Plugin Car Rental System 2.5 - SQL Injection WordPress Plugin Wow Viral Signups 2.1 - SQL Injection WordPress Plugin Wow Forms 2.1 - SQL Injection Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection October CMS 1.0.412 - Multiple Vulnerabilities	2017-04-26 05:01:18 +00:00
Offensive Security	6e7ec5be32	DB: 2017-03-10 20 new exploits Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service Apache Struts2 - Skill Name Remote Code Execution Apache Struts 2 - Skill Name Remote Code Execution Linux - Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Linux - TCP Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Apache Struts2 < 2.3.1 - Multiple Vulnerabilities Apache Struts 2 < 2.3.1 - Multiple Vulnerabilities Country on Sale Script - SQL Injection Media Search Engine Script - 'search' Parameter SQL Injection Soundify 1.1 - 'tid' Parameter SQL Injection BistroStays 3.0 - 'guests' Parameter SQL Injection Nlance 2.2 - SQL Injection Busewe 1.2 - SQL Injection Fashmark 1.2 - 'category' Parameter SQL Injection TradeMart 1.1 - SQL Injection Drupal 7.x Module Services - Remote Code Execution WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution FTP Voyager Scheduler 16.2.0 - Cross-Site Request Forgery	2017-03-10 05:01:18 +00:00
Offensive Security	06a7933be4	DB: 2017-03-09 8 new exploits USBPcap - Privilege Escalation Linux - Reverse Shell Shellcode (66 bytes) Linux - Reverse Shell Shellcode (65 bytes) Themeforest Clone Script - SQL Injection Graphicriver Clone Script - SQL Injection Codecanyon Clone Script - SQL Injection Audiojungle Clone Script - SQL Injection Videohive Clone Script - SQL Injection Envato Clone Script - SQL Injection Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery	2017-03-09 05:01:19 +00:00
Offensive Security	7fa7a111c4	DB: 2017-03-01 5 new exploits BlueIris 4.5.1.4 - Denial of Service Synchronet BBS 3.16c - Denial of Service Cisco AnyConnect Secure Mobility Client 4.3.04027 - Privilege Escalation Linux/x86-64 - Reverse Shell Shellcode (84 bytes) NETGEAR DGN2200v1/v2/v3/v4 - Cross-Site Request Forgery	2017-03-01 05:01:18 +00:00
Offensive Security	3710b90d25	DB: 2017-02-24 6 new exploits macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read Linux/x86-64 - Egghunter Shellcode (38 bytes) WordPress Plugin Mail Masta 1.0 - SQL Injection Joomla! Component Store for K2 3.8.2 - SQL Injection Joomla! Component UserExtranet 1.3.1 - SQL Injection Joomla! Component MultiTier 3.1 - SQL Injection	2017-02-24 05:01:18 +00:00
Offensive Security	ae0dd9fa7c	DB: 2017-02-20 14 new exploits Linux - Reverse Shell Shellcode (66 bytes) Joomla! Component com_Joomlaoc - 'id' SQL Injection Joomla! Component Joomloc 1.0 - 'id' Parameter SQL Injection Joomla! Component com_awdwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload Horde 3.3.5 - Administration Interface admin/PHPshell.php PATH_INFO Parameter Cross-Site Scripting Horde 3.3.5 - Cross-Site Scripting Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection Joomla! Component OS Property 3.0.8 - SQL Injection Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection Joomla! Component OS Services Booking 2.5.1 - SQL Injection Joomla! Component Room Management 1.0 - SQL Injection Joomla! Component Bazaar Platform 3.0 - SQL Injection Joomla! Component Google Map Store Locator 4.4 - SQL Injection Joomla! Component Most Wanted Real Estate 1.1.0 - SQL Injection NETGEAR DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution Sawmill Enterprise 8.7.9 - Authentication Bypass PHPShell 2.4 - Session Fixation	2017-02-20 05:01:17 +00:00
Offensive Security	2f2ccec5c2	DB: 2017-02-17 8 new exploits Linux - Dual/Multi mode Bind Shell Shellcode (156 bytes) Joomla! Component 'com_spidercalendar' - SQL Injection Joomla! Component Spider Calendar - SQL Injection Joomla! Component 'com_spidercatalog' - 'Product_ID' Parameter SQL Injection Joomla! Component Spider Catalog 1.1 - 'Product_ID' Parameter SQL Injection Joomla! Component 'com_spidercalendar' - 'date' Parameter Blind SQL Injection Joomla! Component Spider Calendar - 'date' Parameter Blind SQL Injection Joomla! Component 'com_spidercalendar' 3.2.6 - SQL Injection Joomla! Component Spider Calendar 3.2.6 - SQL Injection Joomla! Component 'com_spidercontacts' 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component Spider Contacts 1.3.6 - 'contacts_id' Parameter SQL Injection Joomla! Component 'com_spiderfaq' - SQL Injection Joomla! Component Spider FAQ - SQL Injection Joomla! Component Spider Calendar Lite 3.2.16 - SQL Injection Joomla! Component Spider Catalog Lite 1.8.10 - SQL Injection Joomla! Component Spider Facebook 1.6.1 - SQL Injection Joomla! Component Spider FAQ Lite 1.3.1 - SQL Injection WordPress Plugin Corner Ad 1.0.7 - Cross-Site Scripting dotCMS 3.6.1 - Blind Boolean SQL Injection Joomla! Component JEmbedAll 1.4 - SQL Injection	2017-02-17 05:01:19 +00:00
Offensive Security	8290029acb	DB: 2017-02-03 12 new exploits Microsoft Windows 2000 - RPC DCOM Interface Denial of Service Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows 2003/XP - Remote Denial of Service Microsoft Windows Server 2003/XP - Remote Denial of Service Microsoft Windows 2003/XP - IPv6 Remote Denial of Service Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows Server 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit) Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC) Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow Microsoft Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service NT 4.0 / Windows 2000 - TCP/IP Printing Service Denial of Service Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows 2000 - Telnet Server Denial of Service Microsoft Windows Server 2000 - Telnet Server Denial of Service Microsoft Windows 2000 - Telnet 'Username' Denial of Service Microsoft Windows Server 2000 - Telnet 'Username' Denial of Service Microsoft Windows 2000 - RunAs Service Denial of Service Microsoft Windows Server 2000 - RunAs Service Denial of Service Microsoft Windows 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows 2000/XP - GDI Denial of Service Microsoft Windows Server 2000/XP - GDI Denial of Service Microsoft Windows 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (1) Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (2) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows 2000 - Lanman Denial of Service (1) Microsoft Windows 2000 - Lanman Denial of Service (2) Microsoft Windows Server 2000 - Lanman Denial of Service (1) Microsoft Windows Server 2000 - Lanman Denial of Service (2) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows 2000/XP - Registry Access Local Denial of Service Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows 10 - SMBv3 Tree Connect (PoC) Google Android - 'rkp_set_init_page_ro' RKP Memory Corruption Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension Microsoft Windows 2000 - Named Pipes Predictability Microsoft Windows Server 2000 - Named Pipes Predictability Microsoft Windows 2000 - Still Image Service Privilege Escalation Microsoft Windows Server 2000 - Still Image Service Privilege Escalation Microsoft Windows 2000/NT 4 - DLL Search Path Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows 2000 - Debug Registers Microsoft Windows Server 2000 - Debug Registers Microsoft Windows 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking Microsoft Windows 2000/NT 4 - NTFS File Hiding Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1) Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2) Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ) Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation Ghostscript 9.20 - 'Filename' Command Execution Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows Server 2000 - RSVP Server Authority Hijacking (PoC) Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (1) Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (2) Microsoft Windows 2000 - WINS Remote Code Execution Microsoft Windows Server 2000 - WINS Remote Code Execution Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit) Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Python) WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Perl) Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft Windows Server 2000 SP4 - DNS RPC Remote Buffer Overflow Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000) Microsoft IIS 5.0/6.0 FTP Server (Windows 2000) - Remote Stack Overflow Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Internet Explorer 5 (Windows 2000/95/98/NT 4) - XML HTTP Redirect Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect Microsoft Index Server 2.0 / Indexing Services (Windows 2000) - Directory Traversal Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - Directory Traversal Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut Exploit Microsoft Windows 2000 - Remote CPU-overload Microsoft Windows Server 2000 - Remote CPU-overload Microsoft Windows 2000 - telnet.exe NTLM Authentication Microsoft Windows Server 2000 - telnet.exe NTLM Authentication Microsoft Indexing Services (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting Microsoft Indexing Services (Windows 2000) - File Verification Microsoft Indexing Service (Windows 2000) - File Verification SurfControl SuperScout WebFilter for windows 2000 - File Disclosure SurfControl SuperScout WebFilter for windows 2000 - SQL Injection Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow SurfControl SuperScout WebFilter for Windows 2000 - File Disclosure SurfControl SuperScout WebFilter for Windows 2000 - SQL Injection Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows 2000 - Active Directory Remote Stack Overflow Microsoft Windows Server 2000 - Active Directory Remote Stack Overflow Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows Server 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Microsoft Windows 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (1) Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2) Linux - Multi/Dual mode Reverse Shell Shellcode (129 bytes) Travel Portal Script 9.33 - SQL Injection Movie Portal Script 7.35 - SQL Injection Itech Travel Portal Script 9.33 - SQL Injection Itech Movie Portal Script 7.35 - SQL Injection Auction Script 6.49 - SQL Injection Itech Auction Script 6.49 - 'mcid' Parameter SQL Injection Itech News Portal Script 6.28 - SQL Injection Itech News Portal Script 6.28 - 'inf' Parameter SQL Injection Video Sharing Script 4.94 - SQL Injection Itech Video Sharing Script 4.94 - 'v' Parameter SQL Injection Itech Classifieds Script 7.27 - 'pid' Parameter SQL Injection Itech Classifieds Script 7.27 - SQL Injection Video Sharing Script 4.94 - 'uid' Parameter SQL Injection Itech Video Sharing Script 4.94 - SQL Injection WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python) WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby) Itech Travel Portal Script 9.35 - SQL Injection Property Listing Script - 'propid' Parameter Blind SQL Injection Itech Inventory Management Software 3.77 - SQL Injection Itech Movie Portal Script 7.37 - SQL Injection Itech News Portal Script 6.28 - 'sc' Parameter SQL Injection Itech Auction Script 6.49 - 'pid' Parameter SQL Injection	2017-02-03 05:01:17 +00:00
Offensive Security	6df10a3616	DB: 2017-01-30 2 new exploits Linux - Multi/Dual mode execve(_/bin/sh__ NULL_ 0) Shellcode (37 bytes) TrueConf Server 4.3.7 - Multiple Vulnerabilities	2017-01-30 05:01:18 +00:00
Offensive Security	a9e80c57e9	DB: 2016-07-18 164 new exploits Snitz Forums 3.3.03 - Remote Command Execution Exploit CdRecord <= 2.0 - Mandrake Local Root Exploit Snitz Forums 3.3.03 - Remote Command Execution Exploit CdRecord <= 2.0 - Mandrake Local Root Exploit Webfroot Shoutbox < 2.32 (Apache) Remote Exploit Mandrake Linux 8.2 - /usr/mail Local Exploit Microsoft Windows Media Services - (nsiislog.dll) Remote Exploit Microsoft Windows - (RPC DCOM) Remote Exploit (48 Targets) Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit Microsoft Windows - (RPC2) Universal Exploit & DoS (RPC3) (MS03-039) Eudora 6.0.3 Attachment Spoofing Exploit (windows) Redhat 6.2 /sbin/restore - Exploit Oracle (oidldapd connect) Local Command Line Overflow Exploit Redhat 6.2 /sbin/restore - Exploit Oracle (oidldapd connect) Local Command Line Overflow Exploit CVS - Remote Entry Line Root Heap Overflow Exploit UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit CVS - Remote Entry Line Root Heap Overflow Exploit UNIX 7th Edition /bin/mkdir Local Buffer Overflow Exploit Microsoft Outlook Express Window Opener Microsoft Outlook Express Javascript Execution Microsoft Outlook Express Window Opener Microsoft Outlook Express Javascript Execution Ping of Death Remote Denial of Service Exploit Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Internet Explorer Overly Trusted Location Cache Exploit Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Internet Explorer Overly Trusted Location Cache Exploit Apache HTTPd - Arbitrary Long HTTP Headers DoS (C) Microsoft Internet Explorer Remote Null Pointer Crash (mshtml.dll) CVSTrac Remote Arbitrary Code Execution Exploit LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit IPD (Integrity Protection Driver) Local Exploit Bird Chat 1.61 - Denial of Service D-Link DCS-900 Camera Remote IP Address Changer Exploit GD Graphics Library Heap Overflow Proof of Concept Exploit vBulletin LAST.php SQL Injection miniBB - Input Validation Hole ('user') phpBB highlight Arbitrary File Upload (Santy.A) Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search) PhpInclude.Worm - PHP Scripts Automated Arbitrary File Inclusion ZeroBoard Worm Source Code Invision Power Board <= 1.3.1 - Login.php SQL Injection Veritas Backup Exec Remote File Access Exploit (windows) ZENworks 6.5 Desktop/Server Management Remote Stack Overflow MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow ZENworks 6.5 Desktop/Server Management Remote Stack Overflow MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit Novell eDirectory 8.7.3 iMonitor Remote Stack Overflow Microsoft Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) PHP-Nuke <= 7.8 - Search Module Remote SQL Injection Exploit SGI IRIX <= 6.5.28 - (runpriv) Design Error Sybase EAServer 5.2 (WebConsole) Remote Stack Overflow Exploit Microsoft Internet Explorer 7 Popup Address Bar Spoofing Weakness Microsoft Internet Explorer 6/7 (XML Core Services) Remote Code Execution Exploit Invision Community Blog Mod 1.2.4 - SQL Injection Microsoft Windows - (MessageBox) Memory Corruption Local Denial of Service Twilight Webserver 1.3.3.0 (GET) Remote Denial of Service Exploit PHP COM extensions (inconsistent Win32) safe_mode Bypass Exploit Microsoft Internet Explorer - Recordset Double Free Memory Exploit (MS07-009) phpGalleryScript 1.0 - (init.gallery.php include_class) RFI Md-Pro <= 1.0.8x (Topics topicid) Remote SQL Injection DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service PoC Yahoo! Music Jukebox 2.2 AddImage() ActiveX Remote BoF Exploit Woltlab Burning Board Addon JGS-Treffen SQL Injection pSys 0.7.0.a (shownews) Remote SQL Injection JAMM CMS (id) Remote Blind SQL Injection Exploit Clever Copy 3.0 (results.php) Remote SQL Injection Exploit GLLCTS2 (listing.php sort) Remote Blind SQL Injection Exploit PHPMyCart (shop.php cat) Remote SQL Injection Cartweaver 3 (prodId) Remote Blind SQL Injection Exploit Oxygen 2.0 (repquote) Remote SQL Injection MyMarket 1.72 - BlindSQL Injection Exploit easyTrade 2.x - (detail.php id) Remote SQL Injection CaupoShop Classic 1.3 - (saArticle[ID]) Remote SQL Injection AcmlmBoard 1.A2 (pow) Remote SQL Injection Catviz 0.4.0 beta1 - Multiple Remote SQL Injection Vulnerabilities DZCP (deV!L_z Clanportal) <= 1.4.9.6 - Blind SQL Injection Exploit Webspell 4 (Auth Bypass) SQL Injection Microsoft Internet Explorer 7 - Memory Corruption PoC (MS09-002) kloxo 5.75 - Multiple Vulnerabilities Microsoft Office Web Components (Spreadsheet) ActiveX BoF PoC PulseAudio setuid - Local Privilege Escalation Exploit PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation PulseAudio setuid - Local Privilege Escalation Exploit PulseAudio setuid (Ubuntu 9.04 & Slackware 12.2.0) - Local Privilege Escalation Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) eWebeditor Directory Traversal eWebeditor ASP Version - Multiple Vulnerabilities Radasm .rap file Local Buffer Overflow Microsoft Internet Explorer 6 / 7 / 8 - 'winhlp32.exe' 'MsgBox()' Remote Code Execution Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) (38 bytes) Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) shellcode (38 bytes) Joomla Component com_event - SQL Injection Aix - execve /bin/sh (88 bytes) BSD - Passive Connection Shellcode bsd/PPC - execve /bin/sh (128 bytes) bsd/x86 - setuid/execve shellcode (30 bytes) bsd/x86 - setuid/portbind shellcode (94 bytes) bsd/x86 - execve /bin/sh multiplatform (27 bytes) bsd/x86 - execve /bin/sh setuid (0) (29 bytes) bsd/x86 - portbind port 31337 (83 bytes) bsd/x86 - portbind port random (143 bytes) bsd/x86 - break chroot (45 bytes) bsd/x86 - execve /bin/sh Crypt /bin/sh (49 bytes) bsd/x86 - execve /bin/sh ENCRYPT* (57 bytes) bsd/x86 - connect (93 bytes) bsd/x86 - cat /etc/master.passwd \| mail [email] (92 bytes) bsd/x86 - reverse portbind (129 bytes) bsdi/x86 - execve /bin/sh (45 bytes) bsdi/x86 - execve /bin/sh (46 bytes) AIX - execve /bin/sh shellcode (88 bytes) BSD - Passive Connection Shellcode (124 bytes) BSD/PPC - execve /bin/sh shellcode (128 bytes) BSD/x86 - setuid(0) then execve /bin/sh shellcode (30 bytes) BSD/x86 - setuid/portbind (TCP 31337) shellcode (94 bytes) BSD/x86 - execve /bin/sh multiplatform shellcode (27 bytes) BSD/x86 - execve /bin/sh setuid (0) shellcode (29 bytes) BSD/x86 - portbind port 31337 shellcode (83 bytes) BSD/x86 - portbind port random shellcode (143 bytes) BSD/x86 - break chroot shellcode (45 bytes) BSD/x86 - execve /bin/sh Crypt /bin/sh shellcode (49 bytes) BSD/x86 - execve /bin/sh ENCRYPT* shellcode (57 bytes) BSD/x86 - connect torootteam.host.sk:2222 shellcode (93 bytes) BSD/x86 - cat /etc/master.passwd \| mail [email] shellcode (92 bytes) BSD/x86 - reverse 6969 portbind shellcode (129 bytes) BSDi/x86 - execve /bin/sh shellcode (45 bytes) BSDi/x86 - execve /bin/sh shellcode (46 bytes) Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption Adobe Acrobat Reader DC 15.016.20045 - Invalid Font (.ttf ) Memory Corruption (1) bsdi/x86 - execve /bin/sh toupper evasion (97 bytes) FreeBSD i386/AMD64 - Execve /bin/sh (Anti-Debugging) freebsd/x86 - setreuid_ execve(pfctl -d) (56 bytes) freebsd/x86 - connect back.send.exit /etc/passwd (112 bytes) freebsd/x86 - kill all processes (12 bytes) freebsd/x86 - rev connect_ recv_ jmp_ return results (90 bytes) freebsd/x86 - /bin/cat /etc/master.passwd (NULL free) (65 bytes) freebsd/x86 - reverse portbind /bin/sh (89 bytes) freebsd/x86 - setuid(0); execve(ipf -Fa); shellcode (57 bytes) freebsd/x86 - encrypted shellcode /bin/sh (48 bytes) freebsd/x86 - portbind 4883 with auth shellcode freebsd/x86 - reboot(RB_AUTOBOOT) Shellcode (7 bytes) freebsd/x86 - execve /bin/sh (23 bytes) freebsd/x86 - execve /bin/sh (2) (23 bytes) freebsd/x86 - execve /bin/sh (37 bytes) freebsd/x86 - kldload /tmp/o.o (74 bytes) freebsd/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh (44 bytes) freebsd/x86 - execve /tmp/sh (34 bytes) freebsd/x86 - connect (102 bytes) freebsd/x86-64 - exec(_/bin/sh_) shellcode (31 bytes) freebsd/x86-64 - execve /bin/sh shellcode (34 bytes) Linux/x86 - execve shellcode generator null byte free Linux/x86 - generate portbind payload Windows XP SP1 - portbind payload (Generator) /bin/sh Polymorphic shellcode with printable ASCII characters Linux/x86 - shellcode null free (Generator) Alphanumeric Shellcode Encoder/Decoder HTTP/1.x requests for shellcodes (Generator) (18+ bytes / 26+ bytes) Multi-Format Shellcode Encoding Tool - Beta 2.0 (Win32) (Generator) iOS Version-independent shellcode Cisco IOS - Connectback Shellcode Cisco IOS - Bind Shellcode 1.0 (116 bytes) Cisco IOS - Tiny Shellcode Cisco IOS - Shellcode And Exploitation Techniques (BlackHat) HPUX - execve /bin/sh (58 bytes) Linux/amd64 - flush iptables rules shellcode (84 bytes) Linux/amd64 - connect-back semi-stealth shellcode (88+ bytes) Linux/MIPS (Linksys WRT54G/GL) - port bind shellcode (276 bytes) BSDi/x86 - execve /bin/sh toupper evasion shellcode (97 bytes) FreeBSD i386 & AMD64 - Execve /bin/sh shellcode (Anti-Debugging) (140 bytes) FreeBSD/x86 - setreuid_ execve(pfctl -d) shellcode (56 bytes) FreeBSD/x86 - connect back.send.exit /etc/passwd shellcode (112 bytes) FreeBSD/x86 - kill all processes shellcode (12 bytes) FreeBSD/x86 - rev connect_ recv_ jmp_ return results shellcode (90 bytes) FreeBSD/x86 - /bin/cat /etc/master.passwd NULL free shellcode (65 bytes) FreeBSD/x86 - reverse portbind 127.0.0.1:8000 /bin/sh shellcode (89 bytes) FreeBSD/x86 - setuid(0); execve(ipf -Fa); shellcode (57 bytes) FreeBSD/x86 - encrypted shellcode /bin/sh (48 bytes) FreeBSD/x86 - portbind 4883 with auth shellcode (222 bytes) FreeBSD/x86 - reboot(RB_AUTOBOOT) Shellcode (7 bytes) FreeBSD/x86 - execve /bin/sh shellcode (23 bytes) FreeBSD/x86 - execve /bin/sh shellcode (2) (23 bytes) FreeBSD/x86 - execve /bin/sh shellcode (37 bytes) FreeBSD/x86 - kldload /tmp/o.o shellcode (74 bytes) FreeBSD/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh shellcode (44 bytes) FreeBSD/x86 - execve /tmp/sh shellcode (34 bytes) FreeBSD/x86 - connect (Port 31337) shellcode (102 bytes) FreeBSD/x86-64 - exec(_/bin/sh_) shellcode (31 bytes) FreeBSD/x86-64 - execve /bin/sh shellcode (34 bytes) Linux/x86 - execve shellcode null byte free (Generator) Linux/x86 - portbind payload shellcode (Generator) Windows XP SP1 - portbind payload shellcode (Generator) (Generator) - /bin/sh Polymorphic shellcode with printable ASCII characters Linux/x86 - cmd shellcode null free (Generator) (Generator) - Alphanumeric Shellcode Encoder/Decoder HTTP/1.x requests for shellcodes (Generator) (18+ bytes / 26+ bytes) Win32 - Multi-Format Shellcode Encoding Tool (Generator) iOS - Version-independent shellcode Cisco IOS - Connectback (Port 21) Shellcode Cisco IOS - Bind Shellcode Password Protected (116 bytes) Cisco IOS - Tiny Shellcode (New TTY_ Privilege level to 15_ No password) HPUX - execve /bin/sh shellcode (58 bytes) Linux/x86-64 - flush iptables rules shellcode (84 bytes) Linux/x86-64 - connect-back semi-stealth shellcode (88+ bytes) Linux/MIPS (Linksys WRT54G/GL) - 4919 port bind shellcode (276 bytes) Linux/MIPS - execve /bin/sh (56 bytes) Linux/PPC - execve /bin/sh (60 bytes) Linux/MIPS - execve /bin/sh shellcode (56 bytes) Linux/PPC - execve /bin/sh shellcode (60 bytes) Linux/PPC - connect back execve /bin/sh (240 bytes) Linux/PPC - execve /bin/sh (112 bytes) Linux/SPARC - connect back (216 bytes) Linux/SPARC - portbind port 8975 (284 bytes) Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh shellcode (240 bytes) Linux/PPC - execve /bin/sh shellcode (112 bytes) Linux/SPARC - connect back (192.168.100.1:2313) shellcode (216 bytes) Linux/SPARC - portbind port 8975 shellcode (284 bytes) Linux/x86 - Port Binding Shellcode (xor-encoded) (152 bytes) Linux/x86 - 4444 Port Binding Shellcode (xor-encoded) (152 bytes) Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) (34 bytes) Linux/x86 - bindport 8000 & execve iptables -F (176 bytes) Linux/x86 - bindport 8000 & add user with root access (225+ bytes) Linux/x86 - Bind ASM Code Linux (179 bytes) Linux/x86_64 - setuid(0) + execve(/bin/sh) (49 bytes) Serial port shell binding & busybox Launching shellcode Linux/x86 - File unlinker (18+ bytes) Linux/x86 - Perl script execution (99+ bytes) Linux/x86 - file reader (65+ bytes) Linux/x86 - chmod(_/etc/shadow__666) & exit(0) (30 bytes) Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) shellcode (34 bytes) Linux/x86 - bindport 8000 & execve iptables -F shellcode (176 bytes) Linux/x86 - bindport 8000 & add user with root access shellcode (225+ bytes) Linux/x86 - 8000 Bind Port ASM Code Linux shellcode (179 bytes) Linux/x86-64 - setuid(0) + execve(/bin/sh) shellcode (49 bytes) Linux/x86 - Serial port shell binding & busybox Launching shellcode (82 bytes) Linux/x86 - File unlinker shellcode (18+ bytes) Linux/x86 - Perl script execution shellcode (99+ bytes) Linux/x86 - file reader shellcode (65+ bytes) Linux/x86 - chmod(_/etc/shadow__666) & exit(0) shellcode (30 bytes) Linux/x86 - PUSH reboot() (30 bytes) Linux/x86 - PUSH reboot() shellcode (30 bytes) Linux/x86 - connect-back port UDP/54321 live packet capture (151 bytes) Linux/x86 - append rsa key to /root/.ssh/authorized_keys2 (295 bytes) Linux/x86 - edit /etc/sudoers for full access (86 bytes) Ho' Detector - Promiscuous mode detector shellcode (56 bytes) Linux/x86 - connect-back port UDP/54321 live packet capture shellcode (151 bytes) Linux/x86 - append rsa key to /root/.ssh/authorized_keys2 shellcode (295 bytes) Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) for full access shellcode (86 bytes) Linux/x86 - Ho' Detector - Promiscuous mode detector shellcode (56 bytes) Linux/x86 - iopl(3); asm(cli); while(1){} (12 bytes) Linux/x86 - iopl(3); asm(cli); while(1){} shellcode (12 bytes) Linux/x86 - connect back_ download a file and execute (149 bytes) Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode Linux/x86 - connect back.send.exit /etc/shadow (155 bytes) Linux/x86 - writes a php connectback shell to the fs (508 bytes) Linux/x86 - rm -rf / attempts to block the process from being stopped (132 bytes) Linux/x86 - setuid(0) . setgid(0) . aslr_off (79 bytes) Linux/x86 - raw-socket ICMP/checksum shell (235 bytes) Linux/x86 - /sbin/iptables -F (40 bytes) Linux/x86 - kill all processes (11 bytes) Linux/x86 - connect back (140.115.53.35:9999)_ download a file (cb) and execute shellcode (149 bytes) Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode (39 bytes) Linux/x86 - connect back (Port )8192.send.exit /etc/shadow shellcode (155 bytes) Linux/x86 - writes a php connectback shell (/var/www/cb.php) to the filesystem shellcode (508 bytes) Linux/x86 - rm -rf / attempts to block the process from being stopped shellcode (132 bytes) Linux/x86 - setuid(0) . setgid(0) . aslr_off shellcode (79 bytes) Linux/x86 - raw-socket ICMP/checksum shell shellcode (235 bytes) Linux/x86 - /sbin/iptables -F shellcode (40 bytes) Linux/x86 - kill all processes shellcode (11 bytes) Linux/x86 - /sbin/ipchains -F (40 bytes) Linux/x86 - set system time to 0 and exit (12 bytes) Linux/x86 - add root user r00t with no password to /etc/passwd (69 bytes) Linux/x86 - chmod 0666 /etc/shadow (36 bytes) Linux/x86 - forkbomb (7 bytes) Linux/x86 - /sbin/ipchains -F shellcode (40 bytes) Linux/x86 - set system time to 0 and exit shellcode (12 bytes) Linux/x86 - Add root user _r00t_ with no password to /etc/passwd shellcode (69 bytes) Linux/x86 - chmod 0666 /etc/shadow shellcode (36 bytes) Linux/x86 - forkbomb shellcode (7 bytes) Linux/x86 - setuid(0) + execve(/bin/sh) (28 bytes) Linux/x86 - execve(/bin/sh) (22 bytes) Linux/x86 - HTTP/1.x GET_ Downloads and execve() (111+ bytes) Linux/x86 - executes command after setreuid (49+ bytes) Linux/x86 - stdin re-open and /bin/sh exec shellcode Linux/x86 - setuid(0) + execve(/bin/sh) shellcode (28 bytes) Linux/x86 - execve(/bin/sh) shellcode (22 bytes) Linux/x86 - HTTP/1.x GET_ Downloads and execve() shellcode (111+ bytes) Linux/x86 - executes command after setreuid shellcode (49+ bytes) Linux/x86 - stdin re-open and /bin/sh exec shellcode (39 bytes) Linux/x86 - setuid/portbind shellcode (96 bytes) Linux/x86 - portbind (define your own port) (84 bytes) Linux/x86 - setuid/portbind (Port 31337) shellcode (96 bytes) Linux/x86 - portbind (2707) shellcode (84 bytes) Linux/x86 - SET_PORT() portbind (100 bytes) Linux/x86 - SET_IP() Connectback Shellcode (82 bytes) Linux/x86 - execve(/bin/sh) (24 bytes) Linux/x86 - xor-encoded Connect Back Shellcode (371 bytes) Linux/x86 - execve(/bin/sh) + ZIP Header (28 bytes) Linux/x86 - execve(/bin/sh) + RTF Header (30 bytes) Linux/x86 - execve(/bin/sh) + RIFF Header (28 bytes) Linux/x86 - execve(/bin/sh) + Bitmap Header (27 bytes) Linux/x86 - SWAP restore shellcode (109 bytes) Linux/x86 - SWAP store shellcode (99 bytes) Linux/x86 - Password Authentication portbind Shellcode (166 bytes) Linux/x86 - portbind (port 64713) (86 bytes) Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) (25 bytes) Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) (23 bytes) Linux/x86 - setuid(0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) (31 bytes) Linux/x86 - setuid(0)_setgid(0) execve(/bin/sh_ [/bin/sh_ NULL]) (37 bytes) Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) (33 bytes) Linux/x86 - HTTP/1.x GET_ Downloads and JMP - (68+ bytes) Linux/x86 - SET_PORT() portbind 31337 tcp shellcode (100 bytes) Linux/x86 - SET_IP() Connectback (192.168.13.22:31337) Shellcode (82 bytes) Linux/x86 - execve(/bin/sh) shellcode (24 bytes) Linux/x86 - xor-encoded Connect Back (127.0.0.1:80) Shellcode (371 bytes) Linux/x86 - execve(/bin/sh) + ZIP Header shellcode (28 bytes) Linux/x86 - execve(/bin/sh) + RTF Header shellcode (30 bytes) Linux/x86 - execve(/bin/sh) + RIFF Header shellcode (28 bytes) Linux/x86 - execve(/bin/sh) + Bitmap Header shellcode (27 bytes) Linux/x86 - /tmp/swr to SWAP restore shellcode (109 bytes) Linux/x86 - SWAP store from /tmp/sws shellcode (99 bytes) Linux/x86 - Password Authentication portbind (64713) Shellcode (166 bytes) Linux/x86 - portbind (port 64713) shellcode (86 bytes) Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (25 bytes) Linux/x86 - execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (23 bytes) Linux/x86 - setuid(0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (31 bytes) Linux/x86 - setuid(0)_setgid(0) execve(/bin/sh_ [/bin/sh_ NULL]) shellcode (37 bytes) Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) shellcode (33 bytes) Linux/x86 - HTTP/1.x GET_ Downloads and JMP shellcode (68+ bytes) Linux/x86 - execve /bin/sh anti-ids (40 bytes) Linux/x86 - execve /bin/sh xored for Intel x86 CPUID (41 bytes) Linux/x86 - execve /bin/sh (encoded by +1) (39 bytes) Linux/x86 - Adduser without Password to /etc/passwd (59 bytes) Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh (39 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp (80 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp + fork() (98 bytes) Linux/x86 - 24/7 open cd-rom loop (follows /dev/cdrom symlink) (39 bytes) Linux/x86 - eject cd-rom (follows /dev/cdrom symlink) + exit() (40 bytes) Linux/x86 - eject/close cd-rom loop (follows /dev/cdrom symlink) (45 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() (32 bytes) Linux/x86 - execve /bin/sh anti-ids shellcode (40 bytes) Linux/x86 - execve /bin/sh xored for Intel x86 CPUID shellcode (41 bytes) Linux/x86 - execve /bin/sh shellcode (encoded by +1) (39 bytes) Linux/x86 - Add User _xtz_ without Password to /etc/passwd shellcode (59 bytes) Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh shellcode (39 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/tcp + fork() shellcode (98 bytes) Linux/x86 - 24/7 open cd-rom loop (follows /dev/cdrom symlink) shellcode (39 bytes) Linux/x86 - eject cd-rom (follows /dev/cdrom symlink) + exit() shellcode (40 bytes) Linux/x86 - eject/close cd-rom loop (follows /dev/cdrom symlink) shellcode (45 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() shellcode (32 bytes) Linux/x86 - normal exit with random (so to speak) return value (5 bytes) Linux/x86 - getppid() + execve(/proc/pid/exe) (51 bytes) Linux/x86 - quick (yet conditional_ eax != 0 and edx == 0) exit (4 bytes) Linux/x86 - reboot() (20 bytes) Linux/x86 - setreuid(0_ 0) + execve(/bin/sh) (31 bytes) Linux/x86 - execve(/bin/sh) / PUSH (23 bytes) Linux/x86 - cat /dev/urandom > /dev/console (63 bytes) Linux/x86 - normal exit with random (so to speak) return value shellcode (5 bytes) Linux/x86 - getppid() + execve(/proc/pid/exe) shellcode (51 bytes) Linux/x86 - quick (yet conditional_ eax != 0 and edx == 0) exit shellcode (4 bytes) Linux/x86 - reboot() shellcode (20 bytes) Linux/x86 - setreuid(0_ 0) + execve(/bin/sh) shellcode (31 bytes) Linux/x86 - execve(/bin/sh) / PUSH shellcode (23 bytes) Linux/x86 - cat /dev/urandom > /dev/console shellcode (63 bytes) Linux/x86 - dup2(0_0); dup2(0_1); dup2(0_2); (15 bytes) Linux/x86 - if(read(fd_buf_512)<=2) _exit(1) else buf(); (29 bytes) Linux/x86 - _exit(1); (7 bytes) Linux/x86 - read(0_buf_2541); chmod(buf_4755); (23 bytes) Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) (36 bytes) Linux/x86 - dup2(0_0); dup2(0_1); dup2(0_2); shellcode (15 bytes) Linux/x86 - if(read(fd_buf_512)<=2) _exit(1) else buf(); shellcode (29 bytes) Linux/x86 - _exit(1); shellcode (7 bytes) Linux/x86 - read(0_buf_2541); chmod(buf_4755); shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) shellcode (36 bytes) Linux/x86 - /bin/sh Standard Opcode Array Payload (21 bytes) Linux/x86 - examples of long-term payloads hide-wait-change (.s) (187+ bytes) Linux/x86 - examples of long-term payloads hide-wait-change (187+ bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload (23 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload (27 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload (45 bytes) Linux/x86 - chroot & standart (66 bytes) Linux/x86 - upload & exec (189 bytes) Linux/x86 - setreuid/execve (31 bytes) Linux/x86 - /bin/sh Standard Opcode Array Payload shellcode (21 bytes) Linux/x86 - examples of long-term payloads hide-wait-change shellcode (.s) (187+ bytes) Linux/x86 - examples of long-term payloads hide-wait-change shellcode (187+ bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (23 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (27 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload shellcode (45 bytes) Linux/x86 - chroot & standart shellcode (66 bytes) Linux/x86 - upload & exec shellcode (189 bytes) Linux/x86 - setreuid/execve shellcode (31 bytes) Linux/x86 - Radically Self Modifying Code (70 bytes) Linux/x86 - Magic Byte Self Modifying Code (76 bytes) Linux/x86 - execve code (23 bytes) Linux/x86 - execve(_/bin/ash__0_0); (21 bytes) Linux/x86 - execve /bin/sh alphanumeric (392 bytes) Linux/x86 - execve /bin/sh IA32 0xff-less (45 bytes) Linux/x86 - symlink /bin/sh xoring (56 bytes) Linux/x86 - portbind port 5074 toupper (226 bytes) Linux/x86 - add user t00r ENCRYPT (116 bytes) Linux/x86 - chmod 666 shadow ENCRYPT (75 bytes) Linux/x86 - symlink . /bin/sh (32 bytes) Linux/x86 - kill snort (151 bytes) Linux/x86 - shared memory exec (50 bytes) Linux/x86 - iptables -F (45 bytes) Linux/x86 - iptables -F (58 bytes) Linux/x86 - Reverse telnet (134 bytes) Linux/x86 - connect (120 bytes) Linux/x86 - chmod 666 /etc/shadow (41 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy (126 bytes) Linux/x86 - eject /dev/cdrom (64 bytes) Linux/x86 - xterm -ut -display [IP]:0 (132 bytes) Linux/x86 - ipchains -F (49 bytes) Linux/x86 - chmod 666 /etc/shadow (82 bytes) Linux/x86 - execve /bin/sh (29 bytes) Linux/x86 - execve /bin/sh (24 bytes) Linux/x86 - execve /bin/sh (38 bytes) Linux/x86 - execve /bin/sh (30 bytes) Linux/x86 - execve /bin/sh setreuid(12_12) (50 bytes) Linux/x86 - portbind port 5074 (92 bytes) Linux/x86 - portbind port 5074 + fork() (130 bytes) Linux/x86 - add user t00r (82 bytes) Linux/x86 - add user (104 bytes) Linux/x86 - break chroot (34 bytes) Linux/x86 - break chroot (46 bytes) Linux/x86 - break chroot execve /bin/sh (80 bytes) Linux/x86 - execve /bin/sh encrypted (58 bytes) Linux/x86 - execve /bin/sh xor encrypted (55 bytes) Linux/x86 - execve /bin/sh tolower() evasion (41 bytes) execve of /bin/sh after setreuid(0_0) Linux - chroot()/execve() code (80 bytes) Linux/x86 - execve /bin/sh toupper() evasion (55 bytes) Linux/x86 - add user (70 bytes) Linux/x86 - break chroot setuid(0) + /bin/sh (132 bytes) Linux/x86_64 - bindshell port:4444 shellcode (132 bytes) Linux/x86_64 - execve(/bin/sh) (33 bytes) Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes) OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (121 bytes) Linux/x86 & unix/SPARC & irix/mips - execve /bin/sh irx.mips (141 bytes) Linux/x86 & unix/SPARC - execve /bin/sh (80 bytes) Linux/x86 & bsd/x86 - execve /bin/sh (38 bytes) netbsd/x86 - kill all processes shellcode (23 bytes) netbsd/x86 - callback shellcode (port 6666) (83 bytes) netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (29 bytes) netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (30 bytes) netbsd/x86 - execve /bin/sh (68 bytes) openbsd/x86 - execve(/bin/sh) (23 bytes) openbsd/x86 - portbind port 6969 (148 bytes) openbsd/x86 - add user w00w00 (112 bytes) OS-X/ppc - sync()_ reboot() (32 bytes) OS-X/PPC - execve(/bin/sh)_ exit() (72 bytes) OS-X/PPC - Add user r00t (219 bytes) OS-X/PPC - execve /bin/sh (72 bytes) OS-X/PPC - add inetd backdoor (222 bytes) OS-X/PPC - reboot (28 bytes) OS-X/PPC - setuid(0) + execve /bin/sh (88 bytes) OS-X/PPC - create /tmp/suid (122 bytes) OS-X/PPC - simple write() (75 bytes) OS-X/PPC - execve /usr/X11R6/bin/xterm (141 bytes) sco/x86 - execve(_/bin/sh__ ..._ NULL); (43 bytes) Solaris/SPARC - download and execute (278 bytes) Solaris/SPARC - executes command after setreuid (92+ bytes) Solaris/SPARC - connect-back (with XNOR encoded session) (600 bytes) Solaris/SPARC - setreuid/execve (56 bytes) Solaris/SPARC - portbind (port 6666) (240 bytes) Solaris/SPARC - execve /bin/sh (52 bytes) Solaris/SPARC - portbind port 6789 (228 bytes) Solaris/SPARC - connect-back (204 bytes) Solaris/SPARC - portbinding shellcode Linux/x86 - Radically Self Modifying Code shellcode (70 bytes) Linux/x86 - Magic Byte Self Modifying Code shellcode (76 bytes) Linux/x86 - execve code shellcode (23 bytes) Linux/x86 - execve(_/bin/ash__0_0); shellcode (21 bytes) Linux/x86 - execve /bin/sh alphanumeric shellcode (392 bytes) Linux/x86 - execve /bin/sh IA32 0xff-less shellcode (45 bytes) Linux/x86 - symlink /bin/sh xoring shellcode (56 bytes) Linux/x86 - portbind port 5074 toupper shellcode (226 bytes) Linux/x86 - Add user _t00r_ encrypt shellcode (116 bytes) Linux/x86 - chmod 666 shadow ENCRYPT shellcode (75 bytes) Linux/x86 - symlink . /bin/sh shellcode (32 bytes) Linux/x86 - kill snort shellcode (151 bytes) Linux/x86 - shared memory exec shellcode (50 bytes) Linux/x86 - iptables -F shellcode (45 bytes) Linux/x86 - iptables -F shellcode (58 bytes) Linux/x86 - Reverse telnet shellcode (134 bytes) Linux/x86 - connect shellcode (120 bytes) Linux/x86 - chmod 666 /etc/shadow shellcode (41 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy shellcode (126 bytes) Linux/x86 - eject /dev/cdrom shellcode (64 bytes) Linux/x86 - xterm -ut -display [IP]:0 shellcode (132 bytes) Linux/x86 - ipchains -F shellcode (49 bytes) Linux/x86 - chmod 666 /etc/shadow shellcode (82 bytes) Linux/x86 - execve /bin/sh shellcode (29 bytes) Linux/x86 - execve /bin/sh shellcode (24 bytes) Linux/x86 - execve /bin/sh shellcode (38 bytes) Linux/x86 - execve /bin/sh shellcode (30 bytes) Linux/x86 - execve /bin/sh setreuid(12_12) shellcode (50 bytes) Linux/x86 - portbind port 5074 shellcode (92 bytes) Linux/x86 - portbind port 5074 + fork() shellcode (130 bytes) Linux/x86 - Add user _t00r_ shellcode (82 bytes) Linux/x86 - Add user shellcode (104 bytes) Linux/x86 - break chroot shellcode (34 bytes) Linux/x86 - break chroot shellcode (46 bytes) Linux/x86 - break chroot execve /bin/sh shellcode (80 bytes) Linux/x86 - execve /bin/sh encrypted shellcode (58 bytes) Linux/x86 - execve /bin/sh xor encrypted shellcode (55 bytes) Linux/x86 - execve /bin/sh tolower() evasion shellcode (41 bytes) Linux/x86 - execve of /bin/sh after setreuid(0_0) shellcode (46+ bytes) Linux/x86 - chroot()/execve() code shellcode (80 bytes) Linux/x86 - execve /bin/sh toupper() evasion shellcode (55 bytes) Linux/x86 - Add user _z_ shellcode (70 bytes) Linux/x86 - break chroot setuid(0) + /bin/sh shellcode (132 bytes) Linux/x86-64 - bindshell port:4444 shellcode (132 bytes) Linux/x86-64 - execve(/bin/sh) shellcode (33 bytes) Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (99 bytes) OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) shellcode (121 bytes) Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh shellcode (141 bytes) Linux/x86 & Unix/SPARC - execve /bin/sh shellcode (80 bytes) Linux/x86 & bsd/x86 - execve /bin/sh shellcode (38 bytes) NetBSD/x86 - kill all processes shellcode (23 bytes) NetBSD/x86 - callback shellcode (port 6666) (83 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); shellcode (30 bytes) NetBSD/x86 - execve /bin/sh shellcode (68 bytes) OpenBSD/x86 - execve(/bin/sh) ( shellcode 23 bytes) OpenBSD/x86 - portbind port 6969 shellcode (148 bytes) OpenBSD/x86 - Add user _w00w00_ (112 shellcode bytes) OS-X/PPC - sync()_ reboot() shellcode (32 bytes) OS-X/PPC - execve(/bin/sh)_ exit() shellcode (72 bytes) OS-X/PPC - Add user _r00t_ shellcode (219 bytes) OS-X/PPC - execve /bin/sh shellcode (72 bytes) OS-X/PPC - Add inetd backdoor shellcode (222 bytes) OS-X/PPC - reboot shellcode (28 bytes) OS-X/PPC - setuid(0) + execve /bin/sh shellcode (88 bytes) OS-X/PPC - create /tmp/suid shellcode (122 bytes) OS-X/PPC - simple write() shellcode (75 bytes) OS-X/PPC - execve /usr/X11R6/bin/xterm shellcode (141 bytes) SCO/x86 - execve(_/bin/sh__ ..._ NULL); shellcode (43 bytes) Solaris/SPARC - download and execute shellcode (278 bytes) Solaris/SPARC - executes command after setreuid shellcode (92+ bytes) Solaris/SPARC - connect-back (with XNOR encoded session) shellcode (600 bytes) Solaris/SPARC - setreuid/execve shellcode (56 bytes) Solaris/SPARC - portbind (port 6666) shellcode (240 bytes) Solaris/SPARC - execve /bin/sh shellcode (52 bytes) Solaris/SPARC - portbind port 6789 shellcode (228 bytes) Solaris/SPARC - connect-bac shellcode k (204 bytes) Solaris/SPARC - portbinding shellcode (240 bytes) Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free (39 bytes) Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) (59 bytes) Solaris/x86 - execve /bin/sh toupper evasion (84 bytes) Solaris/x86 - add services and execve inetd (201 bytes) Unixware - execve /bin/sh (95 bytes) Windows 5.0 < 7.0 x86 - null-free bindshell Win32/XP SP2 (EN) - cmd.exe (23 bytes) Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free shellcode (39 bytes) Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) shellcode (59 bytes) Solaris/x86 - execve /bin/sh toupper evasion shellcode (84 bytes) Solaris/x86 - Add services and execve inetd shellcode (201 bytes) UnixWare - execve /bin/sh shellcode (95 bytes) Windows 5.0 < 7.0 x86 - null-free bindshell shellcode Win32/XP SP2 (EN) - cmd.exe shellcode (23 bytes) Win32 -SEH omelet shellcode Win32 - telnetbind by Winexec (111 bytes) Win32 - PEB!NtGlobalFlags shellcode (14 bytes) Win32 XP SP2 FR - Sellcode cmd.exe (32 bytes) Win32/XP SP2 - cmd.exe (57 bytes) Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric (67 bytes) Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) (49 bytes) Win32 - connectback_ receive_ save and execute shellcode Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes) Win32 - Tiny Download and Exec Shellcode (192 bytes) Win32 - download and execute (124 bytes) Win32 (NT/XP) - IsDebuggerPresent ShellCode (39 bytes) Win32 SP1/SP2 - Beep Shellcode (35 bytes) Win32/XP SP2 - Pop up message box (110 bytes) Win32 - WinExec() Command Parameter (104+ bytes) Win32 - Download & Exec Shellcode (226+ bytes) Windows NT/2000/XP - useradd shellcode for russian systems (318 bytes) Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes) Windows 9x/NT/2000/XP - PEB method (29 bytes) Windows 9x/NT/2000/XP - PEB method (31 bytes) Windows 9x/NT/2000/XP - PEB method (35 bytes) Windows XP/2000/2003 - Connect Back shellcode for Overflow Exploit (275 bytes) Windows XP/2000/2003 - Download File and Exec (241 bytes) Windows XP - download and exec source Windows XP SP1 - Portshell on port 58821 (116 bytes) Windows - (DCOM RPC2) Universal Shellcode Win64 - (URLDownloadToFileA) download and execute (218+ bytes) Linux/x86 - kill all processes (9 bytes) Linux - setuid(0) & execve(_/sbin/poweroff -f_) (47 bytes) Linux - setuid(0) and cat /etc/shadow Linux - chmod(/etc/shadow_ 0666) & exit() (33 bytes) Linux - Linux/x86 execve() (51bytes) Win32 - SEH omelet shellcode Win32 - telnetbind by Winexec shellcode (111 bytes) Win32 - PEB!NtGlobalFlags shellcode (14 bytes) Win32 XP SP2 FR - Sellcode cmd.exe shellcode (32 bytes) Win32/XP SP2 - cmd.exe shellcode (57 bytes) Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric shellcode (67 bytes) Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) shellcode (49 bytes) Win32 - connectback_ receive_ save and execute shellcode Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes) Win32 - Tiny Download and Exec Shellcode (192 bytes) Win32 - download and execute shellcode (124 bytes) Win32/NT/XP - IsDebuggerPresent ShellCode (39 bytes) Win32 SP1/SP2 - Beep Shellcode (35 bytes) Win32/XP SP2 - Pop up message box shellcode (110 bytes) Win32 - WinExec() Command Parameter shellcode (104+ bytes) Win32 - Download & Exec Shellcode (226+ bytes) Windows NT/2000/XP - add user _slim_ shellcode for Russian systems (318 bytes) Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes) Windows 9x/NT/2000/XP - PEB method shellcode (29 bytes) Windows 9x/NT/2000/XP - PEB method shellcode (31 bytes) Windows 9x/NT/2000/XP - PEB method shellcode (35 bytes) Windows XP/2000/2003 - Connect Back shellcode for Overflow Exploit (275 bytes) Windows XP/2000/2003 - Download File and Exec shellcode (241 bytes) Windows XP - download and exec source shellcode Windows XP SP1 - Portshell on port 58821 shellcode (116 bytes) Windows - (DCOM RPC2) Universal Shellcode Win64 - (URLDownloadToFileA) download and execute shellcode (218+ bytes) Linux/x86 - kill all processes shellcode (9 bytes) Linux/x86 - setuid(0) & execve(_/sbin/poweroff -f_) shellcode (47 bytes) Linux/x86 - setuid(0) and cat /etc/shadow shellcode (49 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) & exit() shellcode (33 bytes) Linux/x86 - Linux/x86 execve() shellcode (51 bytes) Windows XP SP2 - PEB ISbeingdebugged shellcode Linux/x86 - overwrite MBR on /dev/sda with _LOL!' (43 bytes) Win32 XP SP3 - ShellExecuteA shellcode Linux - setreuid (0_0) & execve(/bin/rm /etc/shadow) Win32 XP SP3 - addFirewallRule freebsd/x86 - portbind shellcode (167 bytes) Win32/XP SP2 - calc.exe (45 bytes) Linux/x86 - unlink(/etc/passwd) & exit() (35 bytes) Win32/XP SP2 (EN + AR) - cmd.exe (23 bytes) Linux/x86 - chmod 666 /etc/shadow (27 bytes) Linux/x86 - break chroot (79 bytes) Linux/x86 - fork bomb (6 bytes) Linux/x86 - append _/etc/passwd_ & exit() (107 bytes) Windows XP SP2 - PEB ISbeingdebugged shellcode (56 bytes) Linux/x86 - overwrite MBR on /dev/sda with _LOL!' shellcode (43 bytes) Win32 XP SP3 - ShellExecuteA shellcode Linux/x86 - setreuid (0_0) & execve(/bin/rm /etc/shadow) shellcode Win32 XP SP3 - Add Firewall Rule to allow TCP traffic on port 445 shellcode FreeBSD/x86 - portbind (Port 1337) shellcode (167 bytes) Win32/XP SP2 - calc.exe shellcode (45 bytes) Linux/x86 - unlink(/etc/passwd) & exit() shellcode (35 bytes) Win32/XP SP2 (EN + AR) - cmd.exe shellcode (23 bytes) Linux/x86 - chmod 666 /etc/shadow shellcode (27 bytes) Linux/x86 - break chroot shellcode (79 bytes) Linux/x86 - fork bomb shellcode (6 bytes) Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes) Linux/x86 - eject /dev/cdrom (42 bytes) Win32 XP SP2 FR - calc (19 bytes) Linux/x86 - eject /dev/cdrom shellcode (42 bytes) Win32 XP SP2 FR - calc shellcode (19 bytes) Linux/x86 - ip6tables -F (47 bytes) Linux i686 - pacman -S <package> (default package: backdoor) (64 bytes) Linux i686 - pacman -R <package> (59 bytes) Linux - bin/cat /etc/passwd (43 bytes) Win32 XP SP3 English - cmd.exe (26 bytes) Win32 XP SP2 Turkish - cmd.exe (26 bytes) Linux/x86 - /bin/sh (8 bytes) Linux/x86 - execve /bin/sh (21 bytes) Windows XP Home Edition SP2 English - calc.exe (37 bytes) Windows XP Home Edition SP3 English - calc.exe (37 bytes) Linux/x86 - disabled modsecurity (64 bytes) Win32 - JITed stage-0 shellcode Win32 - JITed exec notepad Shellcode Windows XP Professional SP2 ITA - calc.exe shellcode (36 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Linux/x86 - ip6tables -F shellcode (47 bytes) Linux/i686 - pacman -S <package> (default package: backdoor) shellcode (64 bytes) Linux/i686 - pacman -R <package> shellcode (59 bytes) Linux/x86 - bin/cat /etc/passwd shellcode (43 bytes) Win32 XP SP3 English - cmd.exe shellcode (26 bytes) Win32 XP SP2 Turkish - cmd.exe shellcode (26 bytes) Linux/x86 - /bin/sh shellcode (8 bytes) Linux/x86 - execve /bin/sh shellcode (21 bytes) Windows XP Home Edition SP2 English - calc.exe shellcode (37 bytes) Windows XP Home Edition SP3 English - calc.exe shellcode (37 bytes) Linux/x86 - disabled modsecurity shellcode (64 bytes) Win32 - JITed stage-0 shellcode Win32 - JITed exec notepad Shellcode Windows XP Professional SP2 ITA - calc.exe shellcode (36 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes) Win32 - MessageBox (Metasploit) Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes) Win32 - MessageBox shellcode (Metasploit) chmod(_/etc/shadow__ 0666) shellcode (36 bytes) execve(_/bin/sh_) shellcode (25 bytes) DoS-Badger-Game shellcode (6 bytes) SLoc-DoS shellcode (55 bytes) execve(_a->/bin/sh_) Local-only Shellcode (14 bytes) chmod(_/etc/shadow__ 0777) Shellcode(33 bytes) chmod(_/etc/shadow__ 0777) shellcode (29 bytes) Linux/x86 - chmod(_/etc/shadow__ 0666) shellcode (36 bytes) Linux/x86-64 - execve(_/bin/sh_) shellcode (25 bytes) Linux/x86 - DoS-Badger-Game shellcode (6 bytes) Linux/x86 - SLoc-DoS shellcode (55 bytes) Linux/x86 - execve(_a->/bin/sh_) Local-only Shellcode (14 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) shellcode (29 bytes) Linux/x86 - polymorphic forkbombe (30 bytes) Linux/x86 - forkbomb setreud(getuid()_ getuid()) & execve(_/bin/sh_) Shellcode (34 bytes) Linux/x86_64 - reboot(POWER_OFF) shellcode (19 bytes) Linux/x86_64 - execve(_/bin/sh_); shellcode (30 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals (60 bytes) Linux/x86 - execve(_/bin/bash___-p__NULL) (33 bytes) Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes) Windows XP SP2 FR - Download and Exec Shellcode Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes) Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) (45 bytes) Solaris/x86 - execve(_/bin/sh___/bin/sh__NULL) (27 bytes) Linux/x86 - polymorphic forkbombe shellcode (30 bytes) Linux/x86 - forkbomb shellcode (6 bytes) Linux/x86 - setreud(getuid()_ getuid()) & execve(_/bin/sh_) Shellcode (34 bytes) Linux/x86-64 - reboot(POWER_OFF) shellcode (19 bytes) Linux/x86-64 - execve(_/bin/sh_); shellcode (30 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals shellcode (60 bytes) Linux/x86 - execve(_/bin/bash___-p__NULL) shellcode (33 bytes) Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) shellcode (57 bytes) Windows XP SP2 FR - Download and Exec Shellcode Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); shellcode (42 bytes) Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) shellcode (45 bytes) Solaris/x86 - execve(_/bin/sh___/bin/sh__NULL) shellcode (27 bytes) Solaris/x86 - Reboot() (37 bytes) Solaris/x86 - Remote Download file (79 bytes) Linux/x86 - Disable randomize stack addresse (106 bytes) Linux/x86 - pwrite(_/etc/shadow__ hash_ 32_ 8) Shellcode 83 Solaris/x86 - Reboot() shellcode (37 bytes) Solaris/x86 - Remote Download file shellcode (79 bytes) Linux/x86 - Disable randomize stack addresse shellcode (106 bytes) Linux/x86 - pwrite(_/etc/shadow__ hash_ 32_ 8) Shellcode (83 bytes) Windows 7 Pro SP1 64 FR - (Beep) Shellcode (39 bytes) Linux/x86 - Shellcode Polymorphic - setuid(0) + chmod(_/etc/shadow__ 0666) Shellcode (61 bytes) change mode 0777 of _/etc/shadow_ with sys_chmod syscall (39 bytes) Linux/x86 - kill all running process (11 bytes) change mode 0777 of _/etc/passwd_ with sys_chmod syscall (39 bytes) Windows 7 Pro SP1 64 FR - (Beep) Shellcode (39 bytes) Linux/x86 - Polymorphic setuid(0) + chmod(_/etc/shadow__ 0666) Shellcode (61 bytes) Linux/x86 - change mode 0777 of _/etc/shadow_ with sys_chmod syscall shellcode (39 bytes) Linux/x86 - kill all running process shellcode (11 bytes) Linux/x86 - change mode 0777 of _/etc/passwd_ with sys_chmod syscall shellcode (39 bytes) Windows 7 x64 - cmd Shellcode (61 bytes) Linux/x86 - hard / unclean reboot (29 bytes) Linux/x86 - hard / unclean reboot (33 bytes) Solaris/x86 - SystemV killall command (39 bytes) Linux/x86 - hard / unclean reboot shellcode (29 bytes) Linux/x86 - hard / unclean reboot shellcode (33 bytes) Solaris/x86 - SystemV killall command shellcode (39 bytes) Linux/x86 - give all user root access when execute /bin/sh (45 bytes) Linux/x86 - give all user root access when execute /bin/sh shellcode (45 bytes) Linux/x86 - netcat connect back port 8080 (76 bytes) Linux/x86 - netcat connect back port 8080 shellcode (76 bytes) Windows - MessageBoxA Shellcode Windows - MessageBoxA Shellcode (238 bytes) Solaris/x86 - Sync() & reboot() & exit(0) (48 bytes) Solaris/x86 - Sync() & reboot() & exit(0) shellcode (48 bytes) Linux/x86_64 - Disable ASLR Security (143 bytes) Linux/x86-64 - Disable ASLR Security shellcode (143 bytes) Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) (131 bytes) Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) shellcode (131 bytes) Linux/x86_64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) (63 bytes) Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) shellcode (63 bytes) Linux/x86_64 - Add root user with password (390 bytes) Linux/x86-64 - Add root user _shell-storm_ with password _leet_ shellcode (390 bytes) Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess (176+ bytes) Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess shellcode (176+ bytes) Linux/ARM - setuid(0) & kill(-1_ SIGKILL) (28 bytes) Linux/ARM - setuid(0) & kill(-1_ SIGKILL) shellcode (28 bytes) Linux/ARM - execve(_/bin/sh___/bin/sh__0) (30 bytes) Linux/ARM - execve(_/bin/sh___/bin/sh__0) shellcode (30 bytes) Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) (84 bytes) Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) shellcode (84 bytes) Linux/ARM - Disable ASLR Security (102 bytes) Linux/ARM - Disable ASLR Security shellcode (102 bytes) Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded (78 bytes) Linux/ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL); - XOR 88 encoded shellcode (78 bytes) Linux/x86 - bind shell port 64533 (97 bytes) Linux/x86 - bind shell port 64533 shellcode (97 bytes) Drop suid shell root in /tmp/.hiddenshell Linux Polymorphic Shellcode (161 bytes) Linux - Drop suid shell root in /tmp/.hiddenshell Polymorphic Shellcode (161 bytes) Linux - 125 bind port to 6778 XOR encoded polymorphic Linux - 125 bind port to 6778 XOR encoded polymorphic shellcode (125 bytes) Linux - nc -lp 31337 -e /bin//sh polymorphic shellcode (91 bytes) Linux - _nc -lp 31337 -e /bin//sh_ polymorphic shellcode (91 bytes) Win32 - Write-to-file Shellcode Win32 - Write-to-file Shellcode (278 bytes) Linux/x86_64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes) Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) shellcode (49 bytes) Linux/x86 - netcat bindshell port 8080 (75 bytes) Linux/x86 - netcat bindshell port 8080 shellcode (75 bytes) Mini-Stream RM-MP3 Converter 3.1.2.1 - (.pls) Stack Buffer Overflow universal PHP-Nuke 8.1 SEO Arabic - Remote File Include bds/x86 - bindshell on port 2525 shellcode (167 bytes) BSD/x86 - bindshell on port 2525 shellcode (167 bytes) Win32 - Shellcode Checksum Routine (18 bytes) Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) (27 bytes) Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (27 bytes) Integard Home and Pro 2 - Remote HTTP Buffer Overflow Exploit Audiotran 1.4.2.4 SEH Overflow Exploit Joomla Component (com_elite_experts) SQL Injection Win32/XP SP3 (TR) - Add Admin Account Shellcode (127 bytes) Win32/XP SP3 (TR) - Add Admin _zrl_ Account Shellcode (127 bytes) Traidnt UP - Cross-Site Request Forgery Add Admin Account Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities Win32/XP Pro SP3 (EN) 32-bit - add new local administrator (113 bytes) Win32 - add new local administrator (326 bytes) Win32/XP Pro SP3 (EN) 32-bit - Add new local administrator _secuid0_ shellcode (113 bytes) Win32 - Add new local administrator shellcode _secuid0_ (326 bytes) HP Data Protector Media Operations NULL Pointer Dereference Remote DoS AnyDVD <= 6.7.1.0 - Denial of Service ARM - Bindshell port 0x1337 ARM - Bind Connect UDP Port 68 ARM - Loader Port 0x1337 ARM - ifconfig eth0 and Assign Address ARM - Bindshell port 0x1337shellcode ARM - Bind Connect UDP Port 68 shellcode ARM - Loader Port 0x1337 shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 shellcode Linux/ARM - add root user with password (151 bytes) Linux/ARM - Add root user _shell-storm_ with password _toor_ shellcode (151 bytes) OS-X/Intel - setuid shell x86_64 (51 bytes) OS-X/Intel - setuid shell x86_64 shellcode (51 bytes) Create a New User with UID 0 - ARM (Metasploit) ARM - Create a New User with UID 0 shellcode (Metasploit) (Generator) (66+ bytes) Windows Win32k Pointer Dereferencement PoC (MS10-098) Win32 - speaking shellcode bds/x86 - connect back Shellcode (81 bytes) bds/x86 - portbind + fork shellcode (111 bytes) bsd/x86 - connect back Shellcode (81 bytes) BSD/x86 - 31337 portbind + fork shellcode (111 bytes) Win32 - eggsearch shellcode (33 bytes) Arkeia Backup Client Type 77 - Overflow (Win32) Oracle 9i XDB FTP PASS Overflow (Win32) SHOUTcast DNAS/Win32 1.9.4 - File Request Format String Overflow SHTTPD <= 1.34 - URI-Encoded POST Request Overflow (Win32) Icecast <= 2.0.1 - Header Overwrite (Win32) McAfee ePolicy Orchestrator / ProtectionPilot Overflow Oracle 9i XDB HTTP PASS Overflow (Win32) Linux/SuperH - sh4 - setuid(0) - chmod(_/etc/shadow__ 0666) - exit(0) (43 bytes) Linux/SuperH (sh4) - setuid(0) - chmod(_/etc/shadow__ 0666) - exit(0) shellcode (43 bytes) Linux/x86 - netcat bindshell port 6666 (69 bytes) Linux/x86 - netcat bindshell port 6666 shellcode (69 bytes) OS-X/Intel - reverse_tcp shell x86_64 (131 bytes) OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes) Windows - WinExec add new local administrator + ExitProcess Shellcode (279 bytes) Windows - WinExec add new local administrator _RubberDuck_ + ExitProcess Shellcode (279 bytes) Linux/x86 - ASLR deactivation (83 bytes) Linux/x86 - ASLR deactivation shellcode (83 bytes) Linux/x86 - ConnectBack with SSL connection (422 bytes) Linux/x86 - ConnectBack with SSL connection shellcode (422 bytes) SuperH (sh4) - Add root user with password (143 bytes) Linux/SuperH (sh4) - Add root user _shell-storm_ with password _toor_ shellcode (143 bytes) Win32/PerfectXp-pc1/SP3 TR - Add Admin Shellcode (112 bytes) Win32/PerfectXp-pc1/SP3 TR - Add Admin _kpss_ Shellcode (112 bytes) Linux/MIPS - execve (52 bytes) Linux/MIPS - execve shellcode (52 bytes) QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS Linux/SuperH - sh4 - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) (27 bytes) Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) shellcode (27 bytes) Linux/MIPS - execve /bin/sh (48 bytes) Linux/MIPS - add user(UID 0) with password (164 bytes) Linux/MIPS - execve /bin/sh shellcode (48 bytes) Linux/MIPS - Add user(UID 0) _rOOt_ with password _pwn3d_ shellcode (164 bytes) Linux/x86_64 - execve(/bin/sh) (52 bytes) Linux/x86-64 - execve(/bin/sh) shellcode (52 bytes) Linux/MIPS - reboot() (32 bytes) Linux/MIPS - reboot() shellcode (32 bytes) GdiDrawStream BSoD using Safari Linux/x86 - Polymorphic ShellCode - setuid(0)+setgid(0)+add user 'iph' without password to /etc/passwd Linux/x86 - Polymorphic Shellcode setuid(0) + setgid(0) + add user _iph_ without password to /etc/passwd Linux/x86 - Search For php/html Writable Files and Add Your Code (380+ bytes) Linux/x86 - Search For php/html Writable Files and Add Your Code shellcode (380+ bytes) Linux/x86_64 - add user with passwd (189 bytes) Linux/x86-64 - Add user _t0r_ with password _Winner_ shellcode (189 bytes) Linux/x86 - execve(/bin/dash) (42 bytes) Linux/x86 - execve(/bin/dash) shellcode (42 bytes) Linux/x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes) Linux/x86 - chmod 666 /etc/passwd & /etc/shadow shellcode (57 bytes) Microsoft Windows Kernel - Intel x64 SYSRET PoC Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) (72 bytes) Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) (30 bytes) Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) (41 bytes) Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) shellcode (72 bytes) Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) shellcode (30 bytes) Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) shellcode (41 bytes) Windows XP Pro SP3 - Full ROP calc shellcode Windows XP Pro SP3 - Full ROP calc shellcode (428 bytes) Novell Client 2 SP3 - nicm.sys Local Privilege Escalation MIPS Little Endian - Shellcode MIPS - (Little Endian) system() Shellcode (80 bytes) Windows RT ARM - Bind Shell (Port 4444) Windows RT ARM - Bind Shell (Port 4444) shellcode Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation Linux/x86 - Multi-Egghunter Linux/x86 - Multi-Egghunter shellcode MIPS Little Endian - Reverse Shell Shellcode (Linux) Linux/MIPS - (Little Endian) Reverse Shell (192.168.1.177:31337) Shellcode (200 bytes) Nvidia (nvsvc) Display Driver Service - Local Privilege Escalation Windows - Add Admin User Shellcode (194 bytes) Windows - Add Admin User _BroK3n_ Shellcode (194 bytes) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035) OpenVPN Private Tunnel Core Service - Unquoted Service Path Elevation Of Privilege Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation MQAC.sys Arbitrary Write Privilege Escalation Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh (378 bytes) Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh shellcode (378 bytes) VirtualBox 3D Acceleration Virtual Machine Escape Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash (521 bytes) Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User _ALI_ & Execute /bin/bash (521 bytes) Connect Back (139 bytes) Linux/x86-64 - Connect Back shellcode (139 bytes) Linux/x86 - Add map in /etc/hosts file Linux/x86 - Add map in /etc/hosts file (google.com 127.1.1.1) shellcode (77 bytes) Microsoft Bluetooth Personal Area Networking - (BthPan.sys) Privilege Escalation MS14-060 Microsoft Windows OLE Package Manager Code Execution Position independent & Alphanumeric 64-bit execve(_/bin/sh\0__NULL_NULL); (87 bytes) Linux/x86-64 - Position independent & Alphanumeric execve(_/bin/sh\0__NULL_NULL); shellcode (87 bytes) Offset2lib: Bypassing Full ASLR On 64 bit Linux Linux/x86 - rmdir (37 bytes) Linux/x86 - rmdir shellcode (37 bytes) Linux/x64 - Bind TCP port shellcode (81 bytes / 96 bytes with password) Linux/x86-64 - Bind TCP port shellcode (81 bytes / 96 bytes with password) Linux/x64 - Reverse TCP connect (77 to 85 bytes / 90 to 98 bytes with password) Linux/x86-64 - Reverse TCP connect shellcode (77 to 85 bytes / 90 to 98 bytes with password) RedStar 3.0 Desktop - (Software Manager swmng.app) Privilege Escalation RedStar 3.0 Desktop - (Software Manager swmng.app) Privilege Escalation Windows x86 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes) Windows x64 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes) Windows x86 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes) Windows x64 - Obfuscated Shellcode Add Administrator _ALI_ & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes) Linux/MIPS - execve (36 bytes) Linux/MIPS - execve /bin/sh shellcode (36 bytes) Windows XP x86-64 - Download & execute (Generator) Windows XP x86-64 - Download & execute shellcode (Generator) Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow (55 bytes) Linux/MIPS - (Little Endian) Chmod 666 /etc/shadow shellcode (55 bytes) Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd (55 bytes) Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd shellcode (55 bytes) Reads Data From /etc/passwd To /tmp/outfile (118 bytes) Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile shellcode (118 bytes) Linux/x86 - ROT13 encoded execve(_/bin/sh_) (68 bytes) Linux/x86 - ROT13 encoded execve(_/bin/sh_) shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow obfuscated (84 bytes) Linux/x86 - Obfuscated map google.com to 127.1.1.1 (98 bytes) Linux/x86 - Obfuscated execve(_/bin/sh_) (40 bytes) Linux/x86 - chmod 0777 /etc/shadow obfuscated shellcode (84 bytes) Linux/x86 - Obfuscated map google.com to 127.1.1.1 shellcode (98 bytes) Linux/x86 - Obfuscated execve(_/bin/sh_) shellcode (40 bytes) Linux/x86 - Reverse TCP Shell (72 bytes) Linux/x86 - TCP Bind Shell (96 bytes) Linux/x86 - Reverse TCP Shell shellcode (72 bytes) Linux/x86 - TCP Bind Shel shellcode l (96 bytes) Linux - Disable ASLR (84 bytes) Linux/x86 - Disable ASLR shellcode (84 bytes) Linux/x86 - Egg-hunter (20 bytes) Linux/x86 - Egg-hunter shellcode (20 bytes) Create 'my.txt' Working Directory (37 bytes) Linux/x86 - Create 'my.txt' Working Directory shellcode (37 bytes) Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) (49 bytes) Linux/x86 - setreuid(0_ 0) + execve(_/sbin/halt_) + exit(0) shellcode (49 bytes) Win32/XP SP3 - Create (_file.txt_) (83 bytes) Win32/XP SP3 - Restart computer Linux - custom execve-shellcode Encoder/Decoder Win32/XP SP3 - Create (_file.txt_) shellcode (83 bytes) Win32/XP SP3 - Restart computer shellcode (57 bytes) Linux/x86 - custom execve-shellcode Encoder/Decoder Linux/x86_64 - Execve /bin/sh Shellcode Via Push (23 bytes) Linux/x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes) Linux/x86 - exit(0) (6 bytes) Linux/x86 - exit(0) shellcode (6 bytes) Windows 8.0 < 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058) Linux/x86 - chmod() 777 /etc/shadow & exit() (33 bytes) Linux/x86 - chmod() 777 /etc/shadow & exit() shellcode (33 bytes) Linux/x86 - /etc/passwd Reader (58 bytes) Linux/x86 - /etc/passwd Reader shellcode (58 bytes) Linux/x86 - mkdir HACK & chmod 777 and exit(0) (29 bytes) Linux/x86 - Netcat BindShell Port 5555 (60 bytes) Linux/x86 - mkdir HACK & chmod 777 and exit(0) shellcode (29 bytes) Linux/x86 - Netcat BindShell Port 5555 shellcode (60 bytes) Linux/x86_64 - execve(/bin/sh) (30 bytes) Linux/x86-64 - execve(/bin/sh) shellcode (30 bytes) Linux/x86 - Download & Execute Linux/x86 - Reboot (28 bytes) Linux/x86 - Download & Execute shellcode Linux/x86 - Reboot shellcode (28 bytes) Linux/x86 - execve /bin/sh (23 bytes) Linux/x86 - execve /bin/sh shellcode (23 bytes) Linux 64bit - Encoded execve shellcode Linux/x86-64 - Encoded execve shellcode (57 bytes) encoded 64 bit execve shellcode Linux/x86-64 - encoded execve shellcode (57 bytes) Win32/XP SP3 (TR) - MessageBox (24 bytes) Win32/XP SP3 (TR) - MessageBox shellcode (24 bytes) Windows XP SP3 x86 / 2003 SP2 x86 - NDProxy Privilege Escalation (MS14-002) Windows x86 - user32!MessageBox _Hello World!_ Null-Free (199 bytes) Windows x86 - user32!MessageBox _Hello World!_ Null-Free shellcode (199 bytes) Symantec Endpoint Protection Manager Authentication Bypass and Code Execution Adobe Flash XMLSocket Destructor Not Cleared Before Setting User Data in connect Adobe Flash Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash Shared Object Type Confusion Adobe Flash Heap-Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec Adobe Flash Heap-Based Buffer Overflow Due to Indexing Error When Loading FLV File Adobe Flash Shared Object Type Confusion Windows 2003 x64 - Token Stealing shellcode (59 bytes) OS-X x64 - /bin/sh Shellcode - NULL Byte Free (34 bytes) OS-X/x86-64 - /bin/sh Shellcode - NULL Byte Free (34 bytes) Mainframe/System Z - Bind Shell Mainframe/System Z - Bind Shell shellcode (2488 bytes) ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC Linux/x86 - execve(/bin/bash) (31 bytes) Linux/x86 - execve(/bin/bash) shellcode (31 bytes) Linux/x86 - Create file with permission 7775 and exit (Shell Generator) Linux/x86 - Create file with permission 7775 and exit shellcode (Generator) Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) (75 bytes) Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) shellcode (75 bytes) OS-X x64 - tcp bind shellcode_ NULL byte free (144 bytes) OS-X/x86-64 - tcp bind shellcode_ NULL byte free (144 bytes) Linux/x86_64 - /bin/sh Linux/x86-64 - /bin/sh shellcode Android Shellcode Telnetd with Parameters Android - Telnetd (Port 1035) with Parameters Shellcode (248 bytes) Microsoft Windows - Font Driver Buffer Overflow (MS15-078) Linux/x86_64 - execve Shellcode (22 bytes) Linux/x86-64 - execve Shellcode (22 bytes) Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2) Windows Kernel - DeferWindowPos Use-After-Free (MS15-073) Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073) Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061) Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061) Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061) Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061) Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2) Windows Kernel - DeferWindowPos Use-After-Free (MS15-073) Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073) Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061) Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061) Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061) Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061) Windows Kernel - WindowStation Use-After-Free (MS15-061) Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061) Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1) Windows Kernel - FlashWindowEx Memory Corruption (MS15-097) Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097) Windows Kernel - Use-After-Free with Cursor Object (MS15-097) Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097) Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097) Windows Kernel - WindowStation Use-After-Free (MS15-061) Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061) Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1) Windows Kernel - FlashWindowEx Memory Corruption (MS15-097) Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097) Windows Kernel - Use-After-Free with Cursor Object (MS15-097) Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097) Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097) Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097) Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application) Linux/x86_64 - Bindshell with Password (92 bytes) Linux/x86-64 - Bindshell with Password shellcode (92 bytes) Symantec pcAnywhere 12.5.0 Windows x86 - Remote Code Execution Linux/x64 - egghunter (24 bytes) Linux/x86-64 - egghunter shellcode (24 bytes) Linux/x86_64 - Polymorphic execve Shellcode (31 bytes) Linux/x86-64 - Polymorphic execve Shellcode (31 bytes) Windows XP<10 - Null-Free WinExec Shellcode (Python) Windows XP < 10 - Null-Free WinExec Shellcode (Python) (Generator) win32k Desktop and Clipboard - Null Pointer Derefence win32k Clipboard Bitmap - Use-After-Free win32k Desktop and Clipboard - Null Pointer Derefence win32k Clipboard Bitmap - Use-After-Free Microsoft Windows 8.1 - win32k Local Privilege Escalation (MS15-010) Adobe Flash Selection.SetSelection - Use-After-Free Adobe Flash Sound.setTransform - Use-After-Free Linux/x64 - Bind TCP Port Shellcode (103 bytes) Linux/x86-64 - Bind TCP Port Shellcode (103 bytes) Linux/x86_64 - bind TCP port shellcode (103 bytes) TCP Bindshell with Password Prompt (162 bytes) Linux/x86-64 - bind TCP port shellcode (103 bytes) Linux/x86-64 - TCP Bindshell with Password Prompt shellcode (162 bytes) TCP Reverse Shell with Password Prompt (151 bytes) Linux/x86-64 - TCP Reverse Shell with Password Prompt shellcode (151 bytes) Linux/x86_64 - Egghunter (18 bytes) Linux/x86 - Egg-hunter (13 bytes) Linux/x86-64 - Egghunter shellcode (18 bytes) Linux/x86 - Egg-hunter shellcode (13 bytes) Adobe Flash - Use-After-Free When Setting Stage Linux/x86_64 - xor/not/div Encoded execve Shellcode (54 bytes) Linux/x86-64 - xor/not/div Encoded execve Shellcode (54 bytes) Linux x86 & x86_64 - reverse_tcp Shellcode Linux x86 & x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86 & x86_64 - tcp_bind Shellcode Linux x86 & x86_64 - Read etc/passwd Shellcode Linux x86 & x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86 & x86_64 - Read /etc/passwd Shellcode (156 bytes) Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (1) (122 bytes) Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (1) (122 bytes) Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (2) (135 bytes) Linux/x86 - Download & Execute Shellcode Linux/x86_64 - Polymorphic Execve-Stack (47 bytes) Linux/x86-64 - shell_reverse_tcp with Password Polymorphic shellcode (2) (135 bytes) Linux/x86 - Download & Execute Shellcode (135 bytes) Linux/x86-64 - Polymorphic Execve-Stack shellcode (47 bytes) Microsoft Windows - afd.sys Dangling Pointer Privilege Escalation (MS14-040) Linux/ARM - Connect back to {ip:port} with /bin/sh (95 bytes) Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh shellcode (95 bytes) Windows x86 - Null-Free Download & Run via WebDAV Shellcode (96 bytes) Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation Windows x86 - Null-Free Download & Run via WebDAV Shellcode (96 bytes) Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040) Linux/x86_64 - Reverse Shell Shellcode Linux/x86-64 - Reverse Shell Shellcode Linux/x86_64 - execve(/bin/sh) (26 bytes) Linux/x86-64 - execve(/bin/sh) shellcode (26 bytes) Linux/x86_64 - execve(/bin/sh) (25 bytes) Linux/x86_64 - execve(/bin/bash) (33 bytes) Linux/x86-64 - execve(/bin/sh) shellcode (25 bytes) Linux/x86-64 - execve(/bin/bash) shellcode (33 bytes) Linux/x86_64 - bindshell (Pori: 5600) (81 bytes) Linux/x86-64 - bindshell (Pori: 5600) shellcode (81 bytes) Linux/x86_64 - Read /etc/passwd (65 bytes) Linux/x86-64 - Read /etc/passwd shellcode (65 bytes) Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039) Linux/x86_64 - bindshell (Port 5600) (86 bytes) Linux/x86-64 - bindshell (Port 5600) shellcode (86 bytes) Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode (394 bytes) Linux/x86 - Reverse TCP Shellcode (IPv6) Linux/x86 - Bind TCP Port 1472 (IPv6) (1250 bytes) Linux/x86 - Reverse TCP Shellcode (IPv6) (159 bytes) Linux/x86 - Bind TCP Port 1472 (IPv6) shellcode (1250 bytes) Linux/x64 - Bind Shell Shellcode (Generator) PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit) Linux/x86-64 - Bind Shell Shellcode (Generator) PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (Metasploit) Win32 .Net Framework - Execute Native x86 Shellcode Linux/x86_64 - Bind TCP Port 1472 (IPv6) Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes) Linux/x86_64 - Reverse TCP (IPv6) Linux/x86-64 - Reverse TCP shellcode (IPv6) (203 bytes) Linux/x86 - Bindshell with Configurable Port (87 bytes) Linux/x86 - Bindshell with Configurable Port shellcode (87 bytes) Linux/x86_64 - Null-Free Reverse TCP Shell Linux/x86-64 - Null-Free Reverse TCP Shell shellcode (134 bytes) Linux/x86_64 - Information Stealer Shellcode Linux/x86-64 - Information Stealer Shellcode (399 bytes) Linux/x86 - TCP Bind Shell Port 4444 (656 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes) Linux/x86_64 - XOR Encode execve Shellcode Linux/x86-64 - XOR Encode execve Shellcode Windows x86 - WinExec(_cmd.exe__0) Shellcode Windows x86 - WinExec(_cmd.exe__0) Shellcode (184 bytes) Windows x86 - system(_systeminfo_) Shellcode Windows x86 - system(_systeminfo_) Shellcode (224 bytes) Windows - Custom Font Disable Policy Bypass PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit) Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode (250 bytes) Linux/x86_64 - /etc/passwd File Sender Shellcode Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes) Windows 7 SP1 x86 - Privilege Escalation (MS16-014) Linux 64bit - NetCat Bind Shell Shellcode (64 bytes) Linux/x86-64 - NetCat Bind Shell Shellcode (64 bytes) Linux/x86 - TCP Bind Shell Port 4444 (98 bytes) Linux/x86 - TCP Bind Shell Port 4444 shellcode (98 bytes) Linux 64bit - Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) (176 bytes) Linux/x86-64 - Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) (176 bytes) Linux/x86_64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password (172 bytes) Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password shellcode (172 bytes) Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 shellcode (68 bytes)	2016-07-18 05:02:52 +00:00
Offensive Security	b51e0f27d5	DB: 2016-07-17 52 new exploits Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) (38 bytes) Linux/x86 - unlink(/etc/passwd) & exit() (35 bytes) Linux i686 - pacman -S <package> (default package: backdoor) (64 bytes) Linux i686 - pacman -R <package> (59 bytes) Linux i686 - pacman -S <package> (default package: backdoor) (64 bytes) Linux i686 - pacman -R <package> (59 bytes) JITed stage-0 shellcode JITed exec notepad Shellcode Win32 - JITed stage-0 shellcode Win32 - JITed exec notepad Shellcode Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) JITed egg-hunter stage-0 shellcode Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Windows - JITed egg-hunter stage-0 shellcode Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes) Linux/x86 - nc -lvve/bin/sh -p13377 shellcode Linux/x86 - polymorphic forkbombe - (30 bytes) Linux/x86 - forkbomb Linux/x86 - polymorphic forkbombe (30 bytes) Linux/x86 - forkbomb Linux/x86_64 - execve(_/bin/sh_); shellcode (30 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals (60 bytes) Linux/x86_64 - execve(_/bin/sh_); shellcode (30 bytes) Linux/x86 - sends _Phuck3d!_ to all terminals (60 bytes) Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes) Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes) Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) (45 bytes) Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes) Linux/x86 - sys_execve(_/bin/sh__ _0__ _0_) with umask 16 (sys_umask(14)) (45 bytes) Linux/x86 - Disable randomize stack addresse (106 bytes) Linux/x86 - pwrite(_/etc/shadow__ hash_ 32_ 8) Shellcode 83 Linux/x86 - alphanumeric Bomb FORK Shellcode (117 bytes) Linux/x86 - Disable randomize stack addresse (106 bytes) Linux/x86 - pwrite(_/etc/shadow__ hash_ 32_ 8) Shellcode 83 Linux/x86 - alphanumeric Bomb FORK Shellcode (117 bytes) Linux/x86 - Shellcode Polymorphic - setuid(0) + chmod(_/etc/shadow__ 0666) Shellcode (61 bytes) Linux/x86 - kill all running process (11 bytes) Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes) Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes) Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes) Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes) Linux/x86 - unlink _/etc/shadow_ shellcode (33 bytes) Linux/x86 - hard / unclean reboot (29 bytes) Linux/x86 - hard / unclean reboot (33 bytes) Linux/x86 - unlink _/etc/shadow_ shellcode (33 bytes) Linux/x86 - hard / unclean reboot (29 bytes) Linux/x86 - hard / unclean reboot (33 bytes) Linux/x86 - chown root:root /bin/sh shellcode (48 bytes) Linux/x86 - give all user root access when execute /bin/sh (45 bytes) Linux/x86 - chown root:root /bin/sh shellcode (48 bytes) Linux/x86 - give all user root access when execute /bin/sh (45 bytes) Linux/ARM - setuid(0) & kill(-1_ SIGKILL) (28 bytes) Linux/ARM - execve(_/bin/sh___/bin/sh__0) (30 bytes) Linux/ARM - polymorphic chmod(_/etc/shadow__ 0777) (84 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes) Linux/ARM - Disable ASLR Security (102 bytes) Linux/x86 - bind shell port 64533 (97 bytes) Safari JS JITed shellcode - exec calc (ASLR/DEP bypass) Windows - Safari JS JITed shellcode - exec calc (ASLR/DEP bypass) Win32 - Write-to-file Shellcode Linux/x86_64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes) Linux/x86 - netcat bindshell port 8080 (75 bytes) Shellcode Checksum Routine (18 bytes) Win32 - Shellcode Checksum Routine (18 bytes) Win32/XP SP3 (TR) - Add Admin Account Shellcode (127 bytes) Win32/XP Pro SP3 (EN) 32-bit - add new local administrator (113 bytes) Win32 - add new local administrator (326 bytes) Win32/XP Pro SP3 (EN) 32-bit - add new local administrator (113 bytes) Win32 - add new local administrator (326 bytes) Win32 - speaking shellcode Linux/x86 - netcat bindshell port 6666 (69 bytes) DNS Reverse Download and Exec Shellcode Windows - DNS Reverse Download and Exec Shellcode Linux/x86_32 - ConnectBack with SSL connection (422 bytes) Linux/x86 - ConnectBack with SSL connection (422 bytes) Linux/x86 - egghunt shellcode (29 bytes) Linux/MIPS - execve /bin/sh (48 bytes) Linux/MIPS - add user(UID 0) with password (164 bytes) Linux/MIPS - execve /bin/sh (48 bytes) Linux/MIPS - add user(UID 0) with password (164 bytes) Linux/x86 - execve(/bin/dash) (42 bytes) Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh (378 bytes) Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash (521 bytes) Linux/x86 - rmdir (37 bytes) Linux/MIPS - execve (36 bytes) Windows XP x86-64 - Download & execute (Generator) Linux/x86 - /etc/passwd Reader (58 bytes) Linux - execve /bin/sh (23 bytes) Linux/x86 - execve /bin/sh (23 bytes) Linux/x86/x86_64 - reverse_tcp Shellcode Linux x86 & x86_64 - reverse_tcp Shellcode Linux/x86/x86_64 - tcp_bind Shellcode Linux/x86/x86_64 - Read etc/passwd Shellcode Linux x86 & x86_64 - tcp_bind Shellcode Linux x86 & x86_64 - Read etc/passwd Shellcode .Net Framework - Execute Native x86 Shellcode Win32 .Net Framework - Execute Native x86 Shellcode	2016-07-17 05:07:02 +00:00
Offensive Security	8fea20e59f	DB: 2016-05-17 12 new exploits Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit Microsoft Windows WebDAV - Remote PoC Exploit Microsoft Windows IIS WebDAV - 'ntdll.dll' Remote Exploit Microsoft Windows IIS 5.0 WebDAV - Remote PoC Exploit Microsoft Windows WebDav II - Remote Root Exploit (2) Microsoft Windows WebDAV - Remote Root Exploit (2) Microsoft Windows WebDav III - Remote Root Exploit (xwdav) Microsoft Windows WebDAV IIS 5.0 - Remote Root Exploit (3) (xwdav) Dream FTP 1.2 - Remote Format String Exploit BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit Apache Tomcat (webdav) - Remote File Disclosure Exploit Apache Tomcat (WebDAV) - Remote File Disclosure Exploit Apache Tomcat (webdav) - Remote File Disclosure Exploit (ssl support) Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch) Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch) Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP) Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP) Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote DoS PoC Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow Liferay 6.0.x Webdav File Reading Vulnerability Liferay 6.0.x WebDAV - File Reading Vulnerability Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities Microsoft IIS 6.0 and 7.5 (+ PHP) - Multiple Vulnerabilities Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (2) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (3) Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (1) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (2) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (3) Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (4) BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (2) Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability (1) Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness Apache HTTP Server <= 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit Apache Struts 2.x XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability EasyCafe Server <= 2.2.14 Remote File Read EasyCafe Server <= 2.2.14 - Remote File Read x86_64 Linux bind TCP port shellcode TCP Bindshell with Password Prompt - 162 bytes x86_64 Linux bind TCP port shellcode TCP Bindshell with Password Prompt - 162 bytes Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#) CakePHP Framework 3.2.4 - IP Spoofing Multiples Nexon Games - Unquoted Path Privilege Escalation eXtplorer 2.1.9 - Archive Path Traversal Web interface for DNSmasq / Mikrotik - SQL Injection Microsoft Excel 2010 - Crash PoC Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation Web2py 2.14.5 - Multiple Vulnerabilities	2016-05-17 05:03:19 +00:00
Offensive Security	830ff3bd6a	DB: 2016-04-10	2016-04-10 05:03:48 +00:00
Offensive Security	958f5c3f9d	DB: 2016-01-29 40 new exploits	2016-01-29 05:03:51 +00:00
Offensive Security	a5b96c2067	DB: 2016-01-28 11 new exploits	2016-01-28 05:02:01 +00:00
Offensive Security	61c40e641e	DB: 2016-01-03 5 new exploits	2016-01-03 05:03:46 +00:00
Offensive Security	7c733046b7	DB: 2015-06-30 9 new exploits	2015-06-30 05:03:19 +00:00
Offensive Security	f6c02117f7	DB: 2015-06-17 10 new exploits	2015-06-17 05:03:19 +00:00
Offensive Security	cc553d1147	DB: 2015-04-20 11 new exploits	2015-04-20 12:44:13 +00:00
Offensive Security	7fe14b4b98	Update: 2015-02-05 30 new exploits	2015-02-05 08:37:11 +00:00
Offensive Security	406b1feedc	Update: 2015-01-01 15 new exploits	2015-01-01 08:39:22 +00:00
Offensive Security	73654ec124	Updated 11_12_2014	2014-11-12 04:43:24 +00:00
Offensive Security	8b9c29c462	Updated 09_25_2014	2014-09-25 04:43:46 +00:00
Offensive Security	d1f84651f9	Updated 09_17_2014	2014-09-17 04:44:23 +00:00
Offensive Security	afeaf30889	Updated 09_11_2014	2014-09-11 04:44:07 +00:00
Offensive Security	545c6bdf18	Updated 08_06_2014	2014-08-06 04:39:53 +00:00
Offensive Security	fffbf04102	Updated	2013-12-03 19:44:07 +00:00

28 commits