Offensive Security
c9a65a1f7b
DB: 2021-09-03
...
52 changes to exploits/shellcodes
2021-09-03 21:04:54 +00:00
Offensive Security
b4c96a5864
DB: 2021-09-03
...
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351
DB: 2021-09-03
...
45419 changes to exploits/shellcodes
2 new exploits/shellcodes
Too many to list!
2021-09-03 13:39:06 +00:00
Offensive Security
38590ad9bd
DB: 2021-08-11
...
7 changes to exploits/shellcodes
Amica Prodigy 1.7 - Privilege Escalation
Xiaomi browser 10.2.4.g - Browser Search History Disclosure
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
Simple Library Management System 1.0 - 'rollno' SQL Injection
2021-08-11 05:01:54 +00:00
Offensive Security
e79da91025
DB: 2021-06-30
...
1 changes to exploits/shellcodes
ES File Explorer 4.1.9.7.4 - Arbitrary File Read
2021-06-30 05:02:04 +00:00
Offensive Security
135e56dda8
DB: 2021-06-25
...
16 changes to exploits/shellcodes
BasicNote 1.1.9 - Denial of Service (PoC)
ColorNote 4.1.9 - Denial of Service (PoC)
Notepad notes 2.6.7 - Denial of Service (PoC)
Blacknote 2.2.1 - Denial of Service (PoC)
Inkpad Notepad & To do list 4.3.61 - Denial of Service (PoC)
GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC)
VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution (RCE) (Unauthenticated)
Adobe ColdFusion 8 - Remote Command Execution (RCE)
TP-Link TL-WR841N - Command Injection
Huawei dg8045 - Authentication Bypass
2021-06-25 05:01:52 +00:00
Offensive Security
1dc98b3b8e
DB: 2021-06-05
...
6 changes to exploits/shellcodes
Inkpad Notepad & To do list 4.3.61 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)
Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)
Gitlab 13.10.2 - Remote Code Execution (Authenticated)
2021-06-05 05:01:54 +00:00
Offensive Security
a9fa314bbf
DB: 2021-06-04
...
14 changes to exploits/shellcodes
BasicNote 1.1.9 - Denial of Service (PoC)
ColorNote 4.1.9 - Denial of Service (PoC)
Notepad notes 2.6.7 - Denial of Service (PoC)
Blacknote 2.2.1 - Denial of Service (PoC)
CHIYU IoT Devices - 'Telnet' Authentication Bypass
PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution
Seo Panel 4.8.0 - 'from_time' Reflected XSS
CHIYU IoT Devices - Denial of Service (DoS)
FUDForum 3.1.0 - 'srch' Reflected XSS
FUDForum 3.1.0 - 'author' Reflected XSS
Gitlab 13.9.3 - Remote Code Execution (Authenticated)
4Images 1.8 - 'redirect' Reflected XSS
2021-06-04 05:01:54 +00:00
Offensive Security
3e6d011cf0
DB: 2021-03-17
...
6 changes to exploits/shellcodes
GeoGebra Graphing Calculator 6.0.631.0 - Denial Of Service (PoC)
GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)
GeoGebra CAS Calculator 6.0.631.0 - Denial of Service (PoC)
GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC)
Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection)
2021-03-17 05:02:05 +00:00
Offensive Security
bedbb144ab
DB: 2021-02-16
...
3 changes to exploits/shellcodes
Tasks 9.7.3 - Insecure Permissions
TestLink 1.9.20 - Unrestricted File Upload (Authenticated)
Teachers Record Management System 1.0 - 'searchteacher' SQL Injection
2021-02-16 05:01:53 +00:00
Offensive Security
58ad270f64
DB: 2020-12-17
...
6 changes to exploits/shellcodes
Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption
Adobe (Multiple Products) - XML Injection File Content Disclosure
GitLab 11.4.7 - Remote Code Execution (Authenticated)
Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting
Raysync 3.3.3.8 - RCE
Magic Home Pro 1.5.1 - Authentication Bypass
PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection
Seotoaster 3.2.0 - Stored XSS on Edit page properties
2020-12-17 05:01:57 +00:00
Offensive Security
cf9fbcb5de
DB: 2020-07-06
...
2 changes to exploits/shellcodes
WhatsApp Remote Code Execution - Paper
2020-07-06 05:02:10 +00:00
Offensive Security
d6a1f63996
DB: 2020-07-03
...
3 changes to exploits/shellcodes
WhatsApp Remote Code Execution - Paper
ZenTao Pro 8.8.2 - Command Injection
OCS Inventory NG 2.7 - Remote Code Execution
2020-07-03 05:01:59 +00:00
Offensive Security
1979df6cb3
DB: 2020-06-19
...
51 changes to exploits/shellcodes
Tor Browser < 0.3.2.10 - Use After Free (PoC)
Notepad++ < 7.7 (x64) - Denial of Service
SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service
InputMapper 1.6.10 - Denial of Service
SurfOffline Professional 2.2.0.103 - 'Project Name' Denial of Service (SEH)
XnConvert 1.82 - Denial of Service (PoC)
SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service (PoC)
SpotDialup 1.6.7 - 'Key' Denial of Service (PoC)
Remote Desktop Gateway - 'BlueGate' Denial of Service (PoC)
FreeBSD 12.0 - 'fd' Local Privilege Escalation
iOS < 12.4.1 - 'Jailbreak' Local Privilege Escalation
Easy File Sharing Web Server 7.2 - 'New User' Local Overflow (SEH)
DeviceViewer 3.12.0.1 - Arbitrary Password Change
Winrar 5.80 - XML External Entity Injection
Microsoft Windows Media Center WMV / WMA 6.3.9600.16384 - Code Execution
Siemens TIA Portal - Remote Command Execution
Android 7 < 9 - Remote Code Execution
CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
CTROMS Terminal OS Port Portal - 'Password Reset' Authentication Bypass (Metasploit)
MyBB < 1.8.21 - Remote Code Execution
Nagios XI 5.6.5 - Remote Code Execution / Root Privilege Escalation
Webmin < 1.920 - 'rpc.cgi' Remote Code Execution (Metasploit)
Wolters Kluwer TeamMate 3.1 - Cross-Site Request Forgery
Publisure Hybrid - Multiple Vulnerabilities
NetGain EM Plus 10.1.68 - Remote Command Execution
Pfsense 2.3.4 / 2.4.4-p3 - Remote Code Injection
WordPress Plugin ARforms 3.7.1 - Arbitrary File Deletion
DotNetNuke 9.3.2 - Cross-Site Scripting
VehicleWorkshop 1.0 - 'bookingid' SQL Injection
WordPress Plugin Tutor.1.5.3 - Local File Inclusion
WordPress Plugin tutor.1.5.3 - Persistent Cross-Site Scripting
WordPress Plugin Wordfence.7.4.5 - Local File Disclosure
WordPress Plugin contact-form-7 5.1.6 - Remote File Upload
WordPress Plugin ultimate-member 2.1.3 - Local File Inclusion
WordPress Plugin WOOF Products Filter for WooCommerce 1.2.3 - Persistent Cross-Site Scripting
WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting
Joomla! 3.9.0 < 3.9.7 - CSV Injection
PlaySMS 1.4.3 - Template Injection / Remote Code Execution
Wing FTP Server - Authenticated CSRF (Delete Admin)
WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification
UADMIN Botnet 1.0 - 'link' SQL Injection
Joomla! Component ACYMAILING 3.9.0 - Unauthenticated Arbitrary File Upload
Wordpress Plugin PicUploader 1.0 - Remote File Upload
PHP-Fusion 9.03.50 - 'panels.php' Remote Code Execution
WordPress Plugin Helpful 2.4.11 - SQL Injection
Prestashop 1.7.6.4 - Cross-Site Request Forgery
WordPress Plugin Simple File List 5.4 - Remote Code Execution
Library CMS Powerful Book Management System 2.2.0 - Session Fixation
Joomla! J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated)
Joomla! J2 Store 3.3.11 - 'filter_order_Dir' Authenticated SQL Injection
Beauty Parlour Management System 1.0 - Authentication Bypass
Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes)
Windows/x64 - WinExec Add-Admin Dynamic Null-Free Shellcode (210 Bytes)
Windows/x64 - WinExec Add-Admin (ROOT/I@mR00T$) Dynamic Null-Free Shellcode (210 Bytes)
Linux/x64 - Password Protected Bindshell + Null-free Shellcode (272 Bytes)
Linux/x64 - Password (P3WP3Wl4ZerZ) + Bind (0.0.0.0:4444/TCP) Shell (/bin/bash) + Null-free Shellcode (272 Bytes)
2020-06-19 05:02:01 +00:00
Offensive Security
cf92ea269e
DB: 2020-02-25
...
22 changes to exploits/shellcodes
Quick N Easy Web Server 3.3.8 - Denial of Service (PoC)
Go SSH servers 0.0.2 - Denial of Service (PoC)
Android Binder - Use-After-Free (Metasploit)
Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)
Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit)
Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting
ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure
Real Web Pentesting Tutorial Step by Step - [Persian]
AMSS++ v 4.31 - 'id' SQL Injection
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)
AMSS++ 4.7 - Backdoor Admin Account
SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure
ATutor 2.2.4 - 'id' SQL Injection
I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure
ManageEngine EventLog Analyzer 10.0 - Information Disclosure
eLection 2.0 - 'id' SQL Injection
DotNetNuke 9.5 - Persistent Cross-Site Scripting
DotNetNuke 9.5 - File Upload Restrictions Bypass
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure
Cacti 1.2.8 - Remote Code Execution
Windows\x86 - Null-Free WinExec Calc.exe Shellcode (195 bytes)
2020-02-25 05:01:52 +00:00
Offensive Security
b73c74bb9d
DB: 2020-01-15
...
6 changes to exploits/shellcodes
Redir 3.3 - Denial of Service (PoC)
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
VPN unlimited 6.1 - Unquoted Service Path
IBM RICOH InfoPrint 6500 Printer - HTML Injection
IBM RICOH 6400 Printer - HTML Injection
2020-01-15 05:01:57 +00:00
Offensive Security
8ae8522082
DB: 2019-11-30
...
8 changes to exploits/shellcodes
SpotAuditor 5.3.2 - 'Key' Denial of Service
SpotAuditor 5.3.2 - 'Name' Denial of Service
TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
Mersive Solstice 2.8.0 - Remote Code Execution
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting
2019-11-30 05:01:42 +00:00
Offensive Security
b6ed2c7176
DB: 2019-11-09
...
6 changes to exploits/shellcodes
SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path
Android Janus - APK Signature Bypass (Metasploit)
rConfig - install Command Execution (Metasploit)
Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting
Adive Framework 2.0.7 - Privilege Escalation
Nextcloud 17 - Cross-Site Request Forgery
2019-11-09 05:01:40 +00:00
Offensive Security
588067072a
DB: 2019-10-17
...
15 changes to exploits/shellcodes
sudo 1.8.28 - Security Bypass
sudo 1.2.27 - Security Bypass
Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path
Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
X.Org X Server 1.20.4 - Local Stack Overflow
LiteManager 4.5.0 - 'romservice' Unquoted Serive Path
Solaris xscreensaver 11.4 - Privilege Escalation
Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path
Whatsapp 2.19.216 - Remote Code Execution
Accounts Accounting 7.02 - Persistent Cross-Site Scripting
CyberArk Password Vault 10.6 - Authentication Bypass
Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes)
Linux/x86 - adduser (User) to /etc/passwd Shellcode (74 bytes)
Linux/x86 - execve /bin/sh Shellcode (25 bytes)
Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode (91 bytes)
2019-10-17 05:01:44 +00:00
Offensive Security
0486c1c8ad
DB: 2019-10-05
...
4 changes to exploits/shellcodes
Android - Binder Driver Use-After-Free
PHP 7.1 < 7.3 - disable_functions Bypass
PHP 7.1 < 7.3 - 'json serializer' Disable Functions Bypass
LabCollector 5.423 - SQL Injection
PHP 7.0 < 7.3 (Unix) - 'gc' Disable Functions Bypass
Linux/x86 - NOT + XOR-N + Random Encoded /bin/sh Shellcode (132 bytes)
2019-10-05 05:01:46 +00:00
Offensive Security
b4225f5fa8
DB: 2019-08-31
...
12 changes to exploits/shellcodes
SQL Server Password Changer 1.90 - Denial of Service
Easy MP3 Downloader 4.7.8.8 - 'Unlock Code' Denial of Service
Asus Precision TouchPad 11.0.0.25 - Denial of Service
VX Search Enterprise 10.4.16 - 'User-Agent' Denial of Service
Canon PRINT 2.5.5 - Information Disclosure
QEMU - Denial of Service
Sentrifugo 3.2 - File Upload Restriction Bypass
Sentrifugo 3.2 - Persistent Cross-Site Scripting
DomainMod 4.13 - Cross-Site Scripting
YouPHPTube 7.4 - Remote Code Execution
WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting
2019-08-31 05:02:54 +00:00
Offensive Security
4169f5d10e
DB: 2019-07-16
...
6 changes to exploits/shellcodes
Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)
Streamripper 2.6 - 'Song Pattern' Buffer Overflow
NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass
CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities
FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion
2019-07-16 05:02:16 +00:00
Offensive Security
0a2b5fd16f
DB: 2019-05-30
...
7 changes to exploits/shellcodes
Free SMTP Server 2.5 - Denial of Service (PoC)
Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script
Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation
Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL
Microsoft Windows - AppX Deployment Service Local Privilege Escalation (2)
Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit)
pfSense 2.4.4-p3 (ACME Package 0.59_14) - Persistent Cross-Site Scripting
2019-05-30 05:01:56 +00:00
Offensive Security
1a6935f64a
DB: 2019-05-29
...
3 changes to exploits/shellcodes
Microsoft Windows - 'Win32k' Local Privilege Escalation
EquityPandit 1.0 - Password Disclosure
Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass
Phraseanet < 4.0.7 - Cross-Site Scripting
2019-05-29 05:01:59 +00:00
Offensive Security
a91c0acafc
DB: 2019-05-18
...
14 changes to exploits/shellcodes
Sandboxie 5.30 - 'Programs Alerts' Denial of Service (PoC)
CEWE Photoshow 6.4.3 - 'Password' Denial of Service (PoC)
CEWE Photo Importer 6.4.3 - '.jpg' Denial of Service (PoC)
WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)
Axessh 4.2 - 'Log file name' Denial of Service (PoC)
SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service
Iperius Backup 6.1.0 - Privilege Escalation
VMware Workstation 15.1.0 - DLL Hijacking
JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow
DeepSound 1.0.4 - SQL Injection
Interspire Email Marketer 6.20 - 'surveys_submit.php' Remote Code Execution
2019-05-18 05:02:00 +00:00
Offensive Security
880bbe402e
DB: 2019-03-08
...
14991 changes to exploits/shellcodes
HTC Touch - vCard over IP Denial of Service
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
PeerBlock 1.1 - Blue Screen of Death
WS10 Data Server - SCADA Overflow (PoC)
Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
man-db 2.4.1 - 'open_cat_stream()' Local uid=man
CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation
CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
CCProxy 6.2 - 'ping' Remote Buffer Overflow
Savant Web Server 3.1 - Remote Buffer Overflow (2)
Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3 - Remote Code Execution
Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
2019-03-08 05:01:50 +00:00
Offensive Security
d5509de389
DB: 2019-03-07
...
6 changes to exploits/shellcodes
Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
Android - binder Use-After-Free via racy Initialization of ->allow_user_free
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass
Java Debug Wire Protocol (JDWP) - Remote Code Execution
Linux/x86 - XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)
Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)
2019-03-07 05:01:53 +00:00
Offensive Security
31edb35a91
DB: 2019-03-01
...
9 changes to exploits/shellcodes
FTP Server 1.32 - Denial of Service
WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
TransMac 12.3 - Denial of Service (PoC)
Simple Online Hotel Reservation System - SQL Injection
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)
Joomla! Component J2Store < 3.3.7 - SQL Injection
Usermin 1.750 - Remote Command Execution (Metasploit)
Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)
2019-03-01 05:01:57 +00:00
Offensive Security
f7381cfe15
DB: 2019-02-22
...
9 changes to exploits/shellcodes
Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)
Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)
ScreenStream 3.0.15 - Denial of Service
AirDrop 2.0 - Denial of Service (DoS)
RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)
Memu Play 6.0.7 - Privilege Escalation
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection
EI-Tube 3 - SQL Injection
2019-02-22 05:01:55 +00:00
Offensive Security
26efc559c7
DB: 2019-02-21
...
8 changes to exploits/shellcodes
FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
WinRAR 5.61 - '.lng' Denial of Service
FaceTime - Texture Processing Memory Corruption
Android Kernel < 4.8 - ptrace seccomp Filter Bypass
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation
Apple macOS 10.13.5 - Local Privilege Escalation
mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
HotelDruid 2.3 - Cross-Site Scripting
2019-02-21 05:01:57 +00:00
Offensive Security
f3f1427938
DB: 2019-02-16
...
9 changes to exploits/shellcodes
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS)
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)
AirMore 1.6.1 - Denial of Service (PoC)
Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)
Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)
VSCO 1.1.1.0 - Denial of Service (PoC)
Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
Webiness Inventory 2.3 - SQL Injection
Webiness Inventory 2.3 - 'order' SQL Injection
MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
Jinja2 2.10 - 'from_string' Server Side Template Injection
qdPM 9.1 - 'search_by_extrafields[]' SQL Injection
UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload
2019-02-16 05:01:55 +00:00
Offensive Security
5f3f5c8f09
DB: 2019-02-15
...
18 changes to exploits/shellcodes
Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)
MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS)
runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1)
exacqVision ESM 5.12.2 - Privilege Escalation
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)
DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting
DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting
DomainMOD 4.11.01 - 'category.php CatagoryName_ StakeHolder' Cross-Site Scripting
DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting
DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting
WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection
LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)
2019-02-15 05:01:54 +00:00
Offensive Security
a4b18dada5
DB: 2019-02-14
...
11 changes to exploits/shellcodes
AirDroid 4.2.1.6 - Denial of Service
NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
Ubuntu snapd < 2.37.1 - Local Privilege Escalation
runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)
Netatalk < 3.1.12 - Authentication Bypass
Netatalk 3.1.12 - Authentication Bypass
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)
Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting
PilusCart 1.4.1 - 'send' SQL Injection
2019-02-14 05:01:54 +00:00
Offensive Security
1982f33252
DB: 2019-02-13
...
16 changes to exploits/shellcodes
AirDroid 4.2.1.6 - Denial of Service
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
Android - binder Use-After-Free via fdget() Optimization
Android - binder Use-After-Free of VMA via race Between reclaim and munmap
Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
Ubuntu snapd < 2.37.1 - Local Privilege Escalation
IPFire 2.21 - Cross-Site Scripting
MyBB Bans List 1.0 - Cross-Site Scripting
IPFire 2.21 - Cross-Site Scripting
MyBB Bans List 1.0 - Cross-Site Scripting
Webiness Inventory 2.3 - 'email' SQL Injection
OPNsense < 19.1.1 - Cross-Site Scripting
Jenkins 2.150.2 - Remote Command Execution (Metasploit)
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution
LayerBB 1.1.2 - Cross-Site Scripting
2019-02-13 05:01:49 +00:00
Offensive Security
d622832ea0
DB: 2019-02-12
...
21 changes to exploits/shellcodes
KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (SEH) (PoC)
KnFTP 1.0.0 Server - Multiple Buffer Overflows (PoC) (SEH)
Jzip - Buffer Overflow (Denial of Service) (SEH Unicode)
Jzip - Buffer Overflow (PoC) (SEH Unicode)
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (Denial of Service) (SEH) (PoC)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (Denial of Service) (SEH) (PoC)
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite)
STIMS Buffer 1.1.20 - Buffer Overflow (Denial of Service) (SEH) (PoC)
STIMS Buffer 1.1.20 - Buffer Overflow (PoC) (SEH Overwrite)
Zortam Mp3 Media Studio 20.15 - Overflow (SEH) (Denial of Service)
Zortam Mp3 Media Studio 20.15 - Overflow (PoC) (SEH)
Netatalk 3.1.12 - Authentication Bypass (PoC)
IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC)
Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC)
IP-Tools 2.50 - Local Buffer Overflow (PoC)
Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)
FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC)
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
Remote Process Explorer 1.0.0.16 - Denial of Service SEH Overwrite (PoC)
Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite)
AirDroid 4.2.1.6 - Denial of Service
FutureDj Pro 1.7.2.0 - Denial of Service
NordVPN 6.19.6 - Denial of Service (PoC)
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter)
River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH)
Evince - CBT File Command Injection (Metasploit)
Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure
Netatalk - Bypass Authentication
Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
Indusoft Web Studio 8.1 SP2 - Remote Code Execution
Smoothwall Express 3.1-SP4 - Cross-Site Scripting
Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset
IPFire 2.21 - Cross-Site Scripting
MyBB Bans List 1.0 - Cross-Site Scripting
VA MAX 8.3.4 - Authenticated Remote Code Execution
CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting
Webiness Inventory 2.3 - 'email' SQL Injection
2019-02-12 05:01:49 +00:00
Offensive Security
bb44caca27
DB: 2019-01-16
...
4 changes to exploits/shellcodes
1Password < 7.0 - Denial of Service
Microsoft Windows VCF - Remote Code Execution
ownDMS 4.7 - SQL Injection
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (100 bytes)
2019-01-16 05:01:50 +00:00
Offensive Security
038ac7b860
DB: 2018-10-11
...
4 changes to exploits/shellcodes
FileZilla 3.33 - Buffer Overflow (PoC)
WhatsApp - RTP Processing Heap Corruption
MicroTik RouterOS < 6.43rc3 - Remote Root
Ektron CMS 9.20 SP2 - Improper Access Restrictions
2018-10-11 05:01:43 +00:00
Offensive Security
b311000a22
DB: 2018-10-09
...
16 changes to exploits/shellcodes
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
Linux - Kernel Pointer Leak via BPF
Android - sdcardfs Changes current->fs Without Proper Locking
360 3.5.0.1033 - Sandbox Escape
Git Submodule - Arbitrary Code Execution
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
Imperva SecureSphere 13 - Remote Command Execution
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-09 05:01:44 +00:00
Offensive Security
ed0e1e4d44
DB: 2018-09-25
...
1979 changes to exploits/shellcodes
Couchdb 1.5.0 - 'uuids' Denial of Service
Apache CouchDB 1.5.0 - 'uuids' Denial of Service
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
udisks2 2.8.0 - Denial of Service (PoC)
Termite 3.4 - Denial of Service (PoC)
SoftX FTP Client 3.3 - Denial of Service (PoC)
Silverstripe 2.3.5 - Cross-Site Request Forgery / Open redirection
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
Silverstripe CMS 3.0.2 - Multiple Vulnerabilities
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities
Silverstripe CMS 2.4 - File Renaming Security Bypass
SilverStripe CMS 2.4 - File Renaming Security Bypass
Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
Silverstripe CMS 2.4.x - 'BackURL' Open Redirection
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure
SilverStripe CMS - 'MemberLoginForm.php' Information Disclosure
Silverstripe CMS - Multiple HTML Injection Vulnerabilities
SilverStripe CMS - Multiple HTML Injection Vulnerabilities
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
Monstra CMS before 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)
Monstra CMS < 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
Navigate CMS 2.8 - Cross-Site Scripting
Collectric CMU 1.0 - 'lang' SQL injection
Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection
LG SuperSign EZ CMS 2.5 - Remote Code Execution
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
RICOH Aficio MP 301 Printer - Cross-Site Scripting
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
RICOH MP C6003 Printer - Cross-Site Scripting
Linux/ARM - Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (28 Bytes)
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (52 Bytes)
2018-09-25 05:01:51 +00:00
Offensive Security
d7fa449452
DB: 2018-09-12
...
7 changes to exploits/shellcodes
Zenmap (Nmap) 7.70 - Denial of Service (PoC)
HTML5 Video Player 1.2.5 - Denial of Service (PoC)
Zenmap (Nmap) 7.70 - Denial of Service (PoC)
InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)
Android - 'zygote->init;' Chain from USB Privilege Escalation
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
Monstra CMS 3.0.4 - (Authenticated) Arbitrary File Upload / Remote Code Execution
CMS Made Simple 2.2.5 - Remote Code Execution
CMS Made Simple 2.2.5 - (Authenticated) Remote Code Execution
OpenEMR < 5.0.1 - Remote Code Execution
OpenEMR < 5.0.1 - (Authenticated) Remote Code Execution
Jorani Leave Management 0.6.5 - 'startdate' SQL Injection
Jorani Leave Management 0.6.5 - (Authenticated) 'startdate' SQL Injection
OpenEMR 5.0.1.3 - Arbitrary File Actions
OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions
WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection
WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
2018-09-12 05:01:53 +00:00
Offensive Security
1e34c2b6a5
DB: 2018-08-14
...
11 changes to exploits/shellcodes
IP Finder 1.5 - Denial of Service (PoC)
Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)
PLC Wireless Router GPN2.4P21-C-CN - Denial of Service
Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)
Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow
PostgreSQL 9.4-0.5.3 - Privilege Escalation
Android - Directory Traversal over USB via Injection in blkid Output
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)
Monstra-Dev 3.0.4 - Cross-Site Request Forgery(Account Hijacking)
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting
Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)
2018-08-14 05:01:45 +00:00
Offensive Security
4af1687693
DB: 2018-06-08
...
5 changes to exploits/shellcodes
macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvolattrlist
Apple macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
Apple macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvolattrlist
Forticlient 5.2.3 (Windows 10 x64 Pre Anniversary) - Local Privilege Escalation
Forticlient 5.2.3 (Windows 10 x64 Post Anniversary) - Local Privilege Escalation
Fortinet FortiClient 5.2.3 (Windows 10 x64 Pre-Anniversary) - Local Privilege Escalation
Fortinet FortiClient 5.2.3 (Windows 10 x64 Post-Anniversary) - Local Privilege Escalation
Fortinet FortiClient 5.2.3 (Windows 10 x86) - Local Privilege Escalation
Ftp Server 1.32 - Credential Disclosure
WordPress Form Maker Plugin 1.12.24 - SQL Injection
WordPress Contact Form Maker Plugin 1.12.20 - SQL Injection
Monstra CMS < 3.0.4 - Cross-Site Scripting Automation
2018-06-08 05:01:44 +00:00
Offensive Security
3df6650dac
DB: 2018-05-28
...
11 changes to exploits/shellcodes
Werewolf Online 0.8.8 - Information Disclosure
Bitmain Antminer D3/L3+/S9 - Remote Command Execution
Wordpress Plugin Events Calendar - SQL Injection / Cross-Site Scripting
Ingenious School Management System - 'id' SQL Injection
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery / Cross-Site Scripting
Lyrist - 'id' SQL Injection
BookingWizz Booking System 5.5 - 'id' SQL Injection
Listing Hub CMS 1.0 - SQL Injection
ClipperCMS 1.3.3 - Cross-Site Scripting
My Directory 2.0 - SQL Injection / Cross-Site Scripting
Baby Names Search Engine 1.0 - 'a' SQL Injection
2018-05-28 05:01:49 +00:00
Offensive Security
54b5ed8407
DB: 2018-05-24
...
31 changes to exploits/shellcodes
WordPress Core - 'load-scripts.php' Denial of Service
WordPress Core - 'load-scripts.php' Denial of Service
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
FTPShell Server 6.80 - Denial of Service
Siemens SCALANCE S613 - Remote Denial of Service
Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing
Photodex ProShow Gold 4 (Windows XP SP3) - '.psh' Universal Buffer Overflow (SEH)
Photodex ProShow Gold 4 (Windows XP SP3) - '.psh' Universal Buffer Overflow (SEH)
WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow
WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
FTPShell Server 6.80 - Buffer Overflow (SEH)
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
EasyService Billing 1.0 - SQL Injection / Cross-Site Scripting
EasyService Billing 1.0 - 'p1' SQL Injection
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
PHP Dashboards 4.5 - 'email' SQL Injection
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
PHP Dashboards 4.5 - SQL Injection
Online Store System CMS 1.0 - SQL Injection
Gigs 2.0 - 'username' SQL Injection
GPSTracker 1.0 - 'id' SQL Injection
Shipping System CMS 1.0 - SQL Injection
Wecodex Store Paypal 1.0 - SQL Injection
SAT CFDI 3.3 - SQL Injection
School Management System CMS 1.0 - 'username' SQL Injection
Library CMS 1.0 - SQL Injection
Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection
Wecodex Restaurant CMS 1.0 - 'Login' SQL Injection
eWallet Online Payment Gateway 2 - Cross-Site Request Forgery
Mcard Mobile Card Selling Platform 1 - SQL Injection
Honeywell Scada System - Information Disclosure
NewsBee CMS 1.4 - Cross-Site Request Forgery
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change
WordPress Plugin Peugeot Music - Arbitrary File Upload
BSD - Reverse TCP (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (124 bytes)
BSD - Reverse (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (124 bytes)
BSD/x86 - setuid(0) + Bind TCP (31337/TCP) Shell Shellcode (94 bytes)
BSD/x86 - setuid(0) + Bind (31337/TCP) Shell Shellcode (94 bytes)
BSD/x86 - Bind TCP (31337/TCP) Shell Shellcode (83 bytes)
BSD/x86 - Bind TCP (Random TCP Port) Shell Shellcode (143 bytes)
BSD/x86 - Bind (31337/TCP) Shell Shellcode (83 bytes)
BSD/x86 - Bind (Random TCP Port) Shell Shellcode (143 bytes)
BSD/x86 - Reverse TCP (torootteam.host.sk:2222/TCP) Shell Shellcode (93 bytes)
BSD/x86 - Reverse (torootteam.host.sk:2222/TCP) Shell Shellcode (93 bytes)
BSD/x86 - Reverse TCP (192.168.2.33:6969/TCP) Shell Shellcode (129 bytes)
BSD/x86 - Reverse (192.168.2.33:6969/TCP) Shell Shellcode (129 bytes)
FreeBSD/x86 - Reverse TCP (192.168.1.33:8000/TCP) cat /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - Reverse (192.168.1.33:8000/TCP) cat /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - Reverse TCP (127.0.0.1:8000/TCP) Shell (/bin/sh) + Null-Free Shellcode (89 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:8000/TCP) Shell (/bin/sh) + Null-Free Shellcode (89 bytes)
FreeBSD/x86 - Bind TCP (4883/TCP) Shell (/bin/sh) + Password Shellcode (222 bytes)
FreeBSD/x86 - Bind (4883/TCP) Shell (/bin/sh) + Password Shellcode (222 bytes)
FreeBSD/x86 - Reverse TCP (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (102 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (102 bytes)
Linux/x86 - Bind TCP Shell Shellcode (Generator)
Windows (XP SP1) - Bind TCP Shell Shellcode (Generator)
Linux/x86 - Bind (/TCP) Shell Shellcode (Generator)
Windows (XP SP1) - Bind (/TCP) Shell Shellcode (Generator)
Windows - Reverse TCP (127.0.0.1:123/TCP) Shell + Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Windows - Reverse (127.0.0.1:123/TCP) Shell + Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Linux/x64 - Reverse TCP Shell (/bin/bash) + Semi-Stealth Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind TCP (4919/TCP) Shell (/bin/sh) Shellcode (276 bytes)
Linux/x64 - Reverse (/TCP) Shell (/bin/bash) + Semi-Stealth Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind (4919/TCP) Shell (/bin/sh) Shellcode (276 bytes)
Linux/PPC - Reverse TCP (192.168.1.1:31337/TCP) Shell (/bin/sh) Shellcode (240 bytes)
Linux/PPC - Reverse (192.168.1.1:31337/TCP) Shell (/bin/sh) Shellcode (240 bytes)
Linux/SPARC - Reverse TCP (192.168.100.1:2313/TCP) Shell Shellcode (216 bytes)
Linux/SPARC - Bind TCP (8975/TCP) Shell + Null-Free Shellcode (284 bytes)
Linux/SPARC - Reverse (192.168.100.1:2313/TCP) Shell Shellcode (216 bytes)
Linux/SPARC - Bind (8975/TCP) Shell + Null-Free Shellcode (284 bytes)
Linux/x86 - Bind TCP Listener (5555/TCP) + Receive Shellcode + Payload Loader Shellcode (83 bytes)
Linux/x86 - Bind (/TCP) Listener (5555/TCP) + Receive Shellcode + Payload Loader Shellcode (83 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) + XOR Encoded Shellcode (152 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + XOR Encoded Shellcode (152 bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell (/bin/sh) Shellcode (179 bytes)
Linux/x86 - Bind (8000/TCP) Shell + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind (8000/TCP) Shell + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind (8000/TCP) Shell (/bin/sh) Shellcode (179 bytes)
Linux/x86 - Reverse UDP (54321/UDP) tcpdump Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Reverse (54321/UDP) tcpdump Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Reverse TCP (140.115.53.35:9999/TCP) + Download A File (cb) + Execute Shellcode (149 bytes)
Linux/x86 - Reverse (140.115.53.35:9999/TCP) + Download A File (cb) + Execute Shellcode (149 bytes)
Linux/x86 - Reverse TCP (8192/TCP) cat /etc/shadow Shellcode (155 bytes)
Linux/x86 - Reverse (8192/TCP) cat /etc/shadow Shellcode (155 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + setuid() Shellcode (96 bytes)
Linux/x86 - Bind TCP (2707/TCP) Shell Shellcode (84 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) + setuid() Shellcode (96 bytes)
Linux/x86 - Bind (2707/TCP) Shell Shellcode (84 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (100 bytes)
Linux/x86 - Reverse TCP (192.168.13.22:31337/TCP) Shell (/bin/sh) Shellcode (82 bytes) (Generator)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) Shellcode (100 bytes)
Linux/x86 - Reverse (192.168.13.22:31337/TCP) Shell (/bin/sh) Shellcode (82 bytes) (Generator)
Linux/x86 - Reverse TCP (127.0.0.1:80/TCP) Shell + XOR Encoded Shellcode (371 bytes)
Linux/x86 - Reverse (127.0.0.1:80/TCP) Shell + XOR Encoded Shellcode (371 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) + Password (gotfault) Shellcode (166 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) + Password (gotfault) Shellcode (166 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (80 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + fork() Shellcode (98 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) Shellcode (80 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) + fork() Shellcode (98 bytes)
Linux/x86 - Reverse TCP (127.0.0.1:31337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Reverse (127.0.0.1:31337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Reverse (/TCP) Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Bind TCP (5074/TCP) Shell + ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Bind (5074/TCP) Shell + ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Reverse TCP (200.182.207.235/TCP) Telnet Shel Shellcode (134 bytes)
Linux/x86 - Reverse TCP Shell (/bin/sh) Shellcode (120 bytes)
Linux/x86 - Reverse (200.182.207.235/TCP) Telnet Shel Shellcode (134 bytes)
Linux/x86 - Reverse (/TCP) Shell (/bin/sh) Shellcode (120 bytes)
Linux/x86 - Bind TCP (5074/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Bind TCP (5074/TCP) Shell + fork() Shellcode (130 bytes)
Linux/x86 - Bind (5074/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Bind (5074/TCP) Shell + fork() Shellcode (130 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell Shellcode (132 bytes)
Linux/x64 - Bind (4444/TCP) Shell Shellcode (132 bytes)
NetBSD/x86 - Reverse TCP (6666/TCP) Shell Shellcode (83 bytes)
NetBSD/x86 - Reverse (6666/TCP) Shell Shellcode (83 bytes)
OpenBSD/x86 - Bind TCP (6969/TCP) Shell Shellcode (148 bytes)
OpenBSD/x86 - Bind (6969/TCP) Shell Shellcode (148 bytes)
Solaris/MIPS - Reverse TCP (10.0.0.3:44434/TCP) Shell + XNOR Encoded Traffic Shellcode (600 bytes) (Generator)
Solaris/MIPS - Reverse (10.0.0.3:44434/TCP) Shell + XNOR Encoded Traffic Shellcode (600 bytes) (Generator)
Solaris/SPARC - Bind TCP (6666/TCP) Shell Shellcode (240 bytes)
Solaris/SPARC - Bind (6666/TCP) Shell Shellcode (240 bytes)
Solaris/SPARC - Bind TCP (6789/TCP) Shell (/bin/sh) Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP (192.168.1.4:5678/TCP) Shell (/bin/sh) Shellcode (204 bytes)
Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shell Shellcode (Generator)
Solaris/SPARC - Bind (6789/TCP) Shell (/bin/sh) Shellcode (228 bytes)
Solaris/SPARC - Reverse (192.168.1.4:5678/TCP) Shell (/bin/sh) Shellcode (204 bytes)
Solaris/SPARC - Bind (/TCP) Shell Shellcode (240 bytes)
Solaris/x86 - Bind (/TCP) Shell Shellcode (Generator)
Windows/x86 (5.0 < 7.0) - Bind TCP (28876/TCP) Shell + Null-Free Shellcode
Windows/x86 (5.0 < 7.0) - Bind (28876/TCP) Shell + Null-Free Shellcode
Windows/x86 - Reverse TCP + Download File + Save + Execute Shellcode
Windows/x86 - Reverse (/TCP) + Download File + Save + Execute Shellcode
Windows (XP/2000/2003) - Reverse TCP (127.0.0.1:53/TCP) Shell Shellcode (275 bytes) (Generator)
Windows (XP/2000/2003) - Reverse (127.0.0.1:53/TCP) Shell Shellcode (275 bytes) (Generator)
Windows (XP SP1) - Bind TCP (58821/TCP) Shell Shellcode (116 bytes)
Windows (XP SP1) - Bind (58821/TCP) Shell Shellcode (116 bytes)
FreeBSD/x86 - Bind TCP (1337/TCP) Shell (/bin/sh) Shellcode (167 bytes)
FreeBSD/x86 - Bind (1337/TCP) Shell (/bin/sh) Shellcode (167 bytes)
Linux/x86 - Bind TCP (13377/TCP) Netcat Shell Shellcode
Linux/x86 - Bind (13377/TCP) Netcat Shell Shellcode
Linux/x86 - Reverse TCP (8080/TCP) Netcat Shell Shellcode (76 bytes)
Linux/x86 - Reverse (8080/TCP) Netcat Shell Shellcode (76 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell + setreuid(0_0) + Polymorphic Shellcode (131 bytes)
Linux/x86 - Bind (31337/TCP) Shell + setreuid(0_0) + Polymorphic Shellcode (131 bytes)
Linux/x86 - Bind TCP (64533/TCP) Shell (/bin/sh) Shellcode (97 bytes)
Linux/x86 - Bind (64533/TCP) Shell (/bin/sh) Shellcode (97 bytes)
Linux/x86 - Bind TCP (6778/TCP) Shell + XOR Encoded + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind TCP (31337/TCP) Netcat Shell + Polymorphic Shellcode (91 bytes)
Linux/x86 - Bind (6778/TCP) Shell + XOR Encoded + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind (31337/TCP) Netcat Shell + Polymorphic Shellcode (91 bytes)
Linux/x86 - Bind TCP (8080/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x86 - Bind (8080/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (75 bytes)
BSD/x86 - Bind TCP (2525/TCP) Shell Shellcode (167 bytes)
BSD/x86 - Bind (2525/TCP) Shell Shellcode (167 bytes)
Linux/ARM - Bind TCP (0x1337/TCP) Shell Shellcode
Linux/ARM - Bind UDP (68/UDP) Listener + Reverse TCP (192.168.0.1:67/TCP) Shell Shellcode
Linux/ARM - Bind TCP (0x1337/TCP) Listener + Receive Shellcode + Payload Loader Shellcode
Linux/ARM - Bind (0x1337/TCP) Shell Shellcode
Linux/ARM - Bind (68/UDP) Listener + Reverse (192.168.0.1:67/TCP) Shell Shellcode
Linux/ARM - Bind (0x1337/TCP) Listener + Receive Shellcode + Payload Loader Shellcode
FreeBSD/x86 - Reverse TCP (127.0.0.1:1337/TCP) Shell (/bin/sh) Shellcode (81 bytes) (Generator)
FreeBSD/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + fork() Shellcode (111 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:1337/TCP) Shell (/bin/sh) Shellcode (81 bytes) (Generator)
FreeBSD/x86 - Bind (31337/TCP) Shell (/bin/sh) + fork() Shellcode (111 bytes)
Linux/x86 - Bind TCP (6666/TCP) Netcat (/usr/bin/netcat) Shell (/bin/sh) + Polymorphic + XOR Encoded Shellcode (69/93 bytes)
OSX/x64 - Reverse TCP (FFFFFFFF:4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind (6666/TCP) Netcat (/usr/bin/netcat) Shell (/bin/sh) + Polymorphic + XOR Encoded Shellcode (69/93 bytes)
OSX/x64 - Reverse (FFFFFFFF:4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Reverse TCP (localhost:8080/TCP) Shell + SSL Shellcode (422 bytes)
Linux/x86 - Reverse (localhost:8080/TCP) Shell + SSL Shellcode (422 bytes)
OSX/x64 - Universal ROP + Reverse TCP Shell Shellcode
OSX/x64 - Universal ROP + Reverse (/TCP) Shell Shellcode
Linux/MIPS - Reverse TCP (0x7a69/TCP) Shell Shellcode (168 bytes)
Linux/MIPS - Reverse (0x7a69/TCP) Shell Shellcode (168 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP (10.1.1.2:0x1337/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse (10.1.1.2:0x1337/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Windows/x86 - Bind TCP Shell + Password (damn_it!$$##@;*#) Shellcode (637 bytes)
Windows/x86 - Bind (/TCP) Shell + Password (damn_it!$$##@;*#) Shellcode (637 bytes)
Windows/x64 - Bind TCP (4444/TCP) Shell Shellcode (508 bytes)
Windows/x64 - Bind (4444/TCP) Shell Shellcode (508 bytes)
Linux/x86 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Reverse (192.168.1.10:31337/TCP) Shell Shellcode (92 bytes)
Windows/ARM (RT) - Bind TCP (4444/TCP) Shell Shellcode
Windows/ARM (RT) - Bind (4444/TCP) Shell Shellcode
Linux/x86 - Egg Omelet (Multi-Egghunter) + Reverse TCP (192.168.122.1:43981/TCP) Shell (/bin/sh) Shellcode
Windows/x86 - Reverse TCP (192.168.232.129:4444/TCP) Shell + Persistent Access Shellcode (494 bytes)
Linux/x86 - Egg Omelet (Multi-Egghunter) + Reverse (192.168.122.1:43981/TCP) Shell (/bin/sh) Shellcode
Windows/x86 - Reverse (192.168.232.129:4444/TCP) Shell + Persistent Access Shellcode (494 bytes)
Linux/MIPS (Little Endian) - Reverse TCP (192.168.1.177:31337/TCP) Shell (/bin/sh) Shellcode (200 bytes)
Windows/x86 (7) - Bind TCP (4444/TCP) Shell Shellcode (357 bytes)
Linux/MIPS (Little Endian) - Reverse (192.168.1.177:31337/TCP) Shell (/bin/sh) Shellcode (200 bytes)
Windows/x86 (7) - Bind (4444/TCP) Shell Shellcode (357 bytes)
Linux/x64 - Reverse TCP (127.1.1.1:6969/TCP) Shell (/bin/bash) Shellcode (139 bytes)
Linux/x64 - Reverse (127.1.1.1:6969/TCP) Shell (/bin/bash) Shellcode (139 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free Shellcode (81/96 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free Shellcode (81/96 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Linux/x86 - Reverse TCP (192.168.1.133:33333/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/x86 - Bind TCP (33333/TCP) Shell (/bin/sh) Shellcode (96 bytes)
Linux/x86 - Reverse (192.168.1.133:33333/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/x86 - Bind (33333/TCP) Shell (/bin/sh) Shellcode (96 bytes)
Linux/x86 - Bind TCP (17771/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (58 bytes)
Linux/x86 - Bind (17771/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (58 bytes)
Linux/x86 - Bind TCP (5555/TCP) Netcat Shell Shellcode (60 bytes)
Linux/x86 - Bind (5555/TCP) Netcat Shell Shellcode (60 bytes)
Mainframe/System Z - Bind TCP (12345/TCP) Shell + Null-Free Shellcode (2488 bytes)
Mainframe/System Z - Bind (12345/TCP) Shell + Null-Free Shellcode (2488 bytes)
OSX/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (144 bytes)
OSX/x64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (144 bytes)
Google Android - Bind TCP (1035/TCP) Telnetd Shell + Environment/Parameters Shellcode (248 bytes)
Google Android - Bind (1035/TCP) Telnetd Shell + Environment/Parameters Shellcode (248 bytes)
Linux/x64 - Bind TCP (31173/TCP) Shell (/bin/sh) + Password (1234) Shellcode (92 bytes)
Linux/x64 - Bind (31173/TCP) Shell (/bin/sh) + Password (1234) Shellcode (92 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (162 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (162 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes)
Linux x86/x64 - Reverse TCP (192.168.1.29:4444/TCP) Shell Shellcode (195 bytes)
Linux x86/x64 - Bind TCP (4444/TCP) Shell Shellcode (251 bytes)
Linux x86/x64 - Reverse (192.168.1.29:4444/TCP) Shell Shellcode (195 bytes)
Linux x86/x64 - Bind (4444/TCP) Shell Shellcode (251 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes)
Linux/ARM - Reverse TCP (10.0.0.10:1337/TCP) Shell (/bin/sh) Shellcode (95 bytes)
Linux/ARM - Reverse (10.0.0.10:1337/TCP) Shell (/bin/sh) Shellcode (95 bytes)
Linux/x64 - Reverse TCP (192.168.1.2:1234/TCP) Shell Shellcode (134 bytes)
Linux/x64 - Reverse (192.168.1.2:1234/TCP) Shell Shellcode (134 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (81 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (81 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (86 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (86 bytes)
Linux/x86 - Reverse TCP (::ffff:192.168.64.129:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (159 bytes)
Linux/x86 - Bind TCP (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (1250 bytes)
Linux/x64 - Bind TCP Shell Shellcode (Generator)
Linux/x86 - Reverse (::ffff:192.168.64.129:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (159 bytes)
Linux/x86 - Bind (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (1250 bytes)
Linux/x64 - Bind (/TCP) Shell Shellcode (Generator)
Linux/x64 - Bind TCP (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (199 bytes)
Linux/x64 - Reverse TCP (192.168.209.131:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (203 bytes)
Linux/x64 - Bind (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (199 bytes)
Linux/x64 - Reverse (192.168.209.131:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (203 bytes)
Linux/x86 - Bind TCP (1234/TCP) Shell (/bin/sh) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind (1234/TCP) Shell (/bin/sh) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/bash) Shellcode (656 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/bash) Shellcode (656 bytes)
Linux/x86 - Bind TCP (13337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (56 bytes)
Linux/x86 - Bind (13337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (56 bytes)
Linux/x64 - Reverse TCP (192.168.86.128:1472/TCP) cat /etc/passwd Shellcode (164 bytes)
Linux/x64 - Bind TCP Netcat Shell + Null-Free Shellcode (64 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) Shellcode (98 bytes)
Linux/x64 - Bind TCP (4442/TCP) Ncat Shell + SSL + Multi-Channel (4444-4447/TCP) + Persistant + fork() + IPv4/6 + Password + Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse TCP (192.168.227.129:4444/TCP) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x64 - Reverse TCP (10.1.1.4/TCP) Shell + Continuously Probing via Socket + Port-Range (391-399) + Password (la crips) + Null-Free Shellcode (172 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:10) Xterm Shell Shellcode (68 bytes)
Linux/x64 - Bind TCP (4442/TCP) Shell + Syscall Persistent + Multi-Terminal/Port-Range (4444-4447/TCP) + Password (la crips) + Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 Axis Communication - Reverse TCP (192.168.57.1:443/TCP) Shell (/bin/sh) Shellcode (189 bytes)
Linux/x64 - Reverse (192.168.86.128:1472/TCP) cat /etc/passwd Shellcode (164 bytes)
Linux/x64 - Bind (/TCP) Netcat Shell + Null-Free Shellcode (64 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (98 bytes)
Linux/x64 - Bind (4442/TCP) Ncat Shell + SSL + Multi-Channel (4444-4447/TCP) + Persistant + fork() + IPv4/6 + Password + Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse (192.168.227.129:4444/TCP) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x64 - Reverse (10.1.1.4/TCP) Shell + Continuously Probing via Socket + Port-Range (391-399) + Password (la crips) + Null-Free Shellcode (172 bytes)
Linux/x86 - Reverse (127.1.1.1:10/TCP) Xterm Shell Shellcode (68 bytes)
Linux/x64 - Bind (4442/TCP) Shell + Syscall Persistent + Multi-Terminal/Port-Range (4444-4447/TCP) + Password (la crips) + Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 Axis Communication - Reverse (192.168.57.1:443/TCP) Shell (/bin/sh) Shellcode (189 bytes)
Linux/x64 - Reverse TCP (10.1.1.4:46357/TCP) Shell + Subtle Probing + Timer + Burst + Password (la crips) + Multi-Terminal Shellcode (84/122/172 bytes)
Linux/x64 - Reverse (10.1.1.4:46357/TCP) Shell + Subtle Probing + Timer + Burst + Password (la crips) + Multi-Terminal Shellcode (84/122/172 bytes)
Linux/x86 - Bind TCP/UDP (98/TCP + UDP) Netcat Shell Shellcode (44/52 bytes)
Linux/x86 - Bind TCP (9090/TCP) Shell (/bin/zsh) Shellcode (96 bytes)
Linux/x86 - Reverse TCP (127.255.255.254:9090/TCP) Shell (/bin/zsh) Shellcode (80 bytes)
Linux/x86 - Bind (98/TCP + UDP) Netcat Shell Shellcode (44/52 bytes)
Linux/x86 - Bind (9090/TCP) Shell (/bin/zsh) Shellcode (96 bytes)
Linux/x86 - Reverse (127.255.255.254:9090/TCP) Shell (/bin/zsh) Shellcode (80 bytes)
Linux/x64 - Bind TCP (4444/TCP) + Stager + Egghunter (0x64616564) Shellcode (157 bytes)
Linux/x64 - Bind (4444/TCP) + Stager + Egghunter (0x64616564) Shellcode (157 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)
Linux/x64 - Reverse TCP (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (138 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (175 bytes)
Linux/x64 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x64 - Bind TCP (31337/TCP) Shell Shellcode (150 bytes)
Linux/x64 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
Linux/x64 - Bind TCP (1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)
Linux/x64 - Reverse (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (138 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (175 bytes)
Linux/x64 - Bind (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x64 - Bind (31337/TCP) Shell Shellcode (150 bytes)
Linux/x64 - Reverse (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
Linux/x64 - Bind (1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x64 - Reverse (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 bytes)
OSX/PPC - Reverse TCP Shell (/bin/csh) Shellcode
OSX/PPC - Reverse (/TCP) Shell (/bin/csh) Shellcode
OSX/PPC - Bind TCP (8000/TCP) Shell + OSXPPCLongXOR Encoded Shellcode (300 bytes)
OSX/PPC - Bind (8000/TCP) Shell + OSXPPCLongXOR Encoded Shellcode (300 bytes)
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + Bind TCP (2222/TCP) Shell Shellcode (133 bytes)
BSD/x86 - Bind TCP (2222/TCP) Shell Shellcode (100 bytes)
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + Bind (2222/TCP) Shell Shellcode (133 bytes)
BSD/x86 - Bind (2222/TCP) Shell Shellcode (100 bytes)
Solaris/SPARC - Bind TCP (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind TCP Shell Shellcode
Solaris/SPARC - Bind (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind (/TCP) Shell Shellcode
Linux/x86 - Bind TCP (3879/TCP) Shell (/bin/sh) Shellcode (113 bytes)
Linux/x86 - Bind (3879/TCP) Shell (/bin/sh) Shellcode (113 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) Shellcode (83 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) Shellcode (83 bytes)
Linux/x86 - Reverse TCP (www.netric.org:45295/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind TCP (45295/TCP) Shell (/bin/sh) + fork() Shellcode (200 bytes)
Linux/x86 - Reverse (www.netric.org:45295/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind (45295/TCP) Shell (/bin/sh) + fork() Shellcode (200 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind (31337/TCP) Shell + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + SO_REUSEADDR Set (Avoiding SIGSEGV) + Null-Free Shellcode (103 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:55555/TCP) Shell + Null-Free Shellcode (72 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (65 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + GetPC/Call/Ret Method + Null-Free Shellcode (89 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + Null-Free Shellcode (73 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x86 - Bind (1111/TCP) Shell + SO_REUSEADDR Set (Avoiding SIGSEGV) + Null-Free Shellcode (103 bytes)
Linux/x86 - Reverse (127.1.1.1:55555/TCP) Shell + Null-Free Shellcode (72 bytes)
Linux/x86 - Bind (Random TCP Port) Shell + Null-Free Shellcode (65 bytes)
Linux/x86 - Bind (1111/TCP) Shell + GetPC/Call/Ret Method + Null-Free Shellcode (89 bytes)
Linux/x86 - Bind (1111/TCP) Shell + Null-Free Shellcode (73 bytes)
Linux/x86 - Bind (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell Shellcode (108 bytes)
Linux/x86 - Bind (31337/TCP) Shell Shellcode (108 bytes)
Linux/x86 - Bind TCP Shell Shellcode (112 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:12345/TCP) cat /etc/passwd Shellcode (111 bytes)
Linux/x86 - Bind (/TCP) Shell Shellcode (112 bytes)
Linux/x86 - Reverse (127.1.1.1:12345/TCP) cat /etc/passwd Shellcode (111 bytes)
Linux/x86 - Bind TCP (1337/TCP) Shell Shellcode (89 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Bind (1337/TCP) Shell Shellcode (89 bytes)
Linux/x86 - Reverse (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)
Windows/x86 (NT/XP/2000/2003) - Bind TCP (8721/TCP) Shell Shellcode (356 bytes)
Windows/x86 (2000) - Reverse TCP (192.168.0.247:8721/TCP) Connect + Vampiric Import Shellcode (179 bytes)
Windows/x86 (NT/XP/2000/2003) - Bind (8721/TCP) Shell Shellcode (356 bytes)
Windows/x86 (2000) - Reverse (192.168.0.247:8721/TCP) Connect + Vampiric Import Shellcode (179 bytes)
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)
Linux/ARM - Reverse (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)
Windows/x86 - Reverse UDP (www.example.com:4444/UDP) Keylogger Shellcode (493 bytes)
Windows/x64 - Reverse TCP (192.168.232.129:4444/TCP) Shell + Injection Shellcode (694 bytes)
Windows/x86 - Reverse (www.example.com:4444/UDP) Keylogger Shellcode (493 bytes)
Windows/x64 - Reverse (192.168.232.129:4444/TCP) Shell + Injection Shellcode (694 bytes)
Linux/x86 - Reverse TCP Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - Reverse (/TCP) Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Windows/x64 - Bind TCP (2493/TCP) Shell + Password (h271508F) Shellcode (825 bytes)
Windows/x64 - Bind (2493/TCP) Shell + Password (h271508F) Shellcode (825 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (87 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (87 bytes)
Linux - Reverse TCP Shell + Multi/Dual Mode Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Alphanumeric + Staged Shellcode (103 bytes)
Linux - Bind TCP Shell + Dual/Multi Mode Shellcode (156 bytes)
Linux - Reverse (/TCP) Shell + Multi/Dual Mode Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Alphanumeric + Staged Shellcode (103 bytes)
Linux - Bind (/TCP) Shell + Dual/Multi Mode Shellcode (156 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Linux/x64 - Bind TCP (Random TCP Port) Shell (/bin/sh) Shellcode (54 bytes)
Linux/x64 - Reverse TCP (192.168.1.45:4444/TCP) Shell Shellcode (84 bytes)
Windows/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell + Staged + Alphanumeric Shellcode (332 bytes)
Linux/x64 - Bind (Random TCP Port) Shell (/bin/sh) Shellcode (54 bytes)
Linux/x64 - Reverse (192.168.1.45:4444/TCP) Shell Shellcode (84 bytes)
Windows/x86 - Reverse (127.0.0.1:4444/TCP) Shell + Staged + Alphanumeric Shellcode (332 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:8888/TCP) Shell (/bin/sh) + Null-Free Shellcode (67/69 bytes)
Linux/x86 - Reverse (127.1.1.1:8888/TCP) Shell (/bin/sh) + Null-Free Shellcode (67/69 bytes)
Linux/ARM (Raspberry Pi) - Bind TCP (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (112 bytes)
Linux/ARM (Raspberry Pi) - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (112 bytes)
FreeBSD/x64 - Bind TCP Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x64 - Bind (/TCP) Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x86 - Bind TCP (41254/TCP) Shell (/bin/sh) Shellcode (115 bytes)
FreeBSD/x86 - Bind (41254/TCP) Shell (/bin/sh) Shellcode (115 bytes)
IRIX - Bind TCP Shell (/bin/sh) Shellcode (364 bytes)
IRIX - Bind (/TCP)Shell (/bin/sh) Shellcode (364 bytes)
Android/ARM - Reverse TCP (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)
Android/ARM - Reverse (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)
Linux/StrongARM - Bind TCP Shell (/bin/sh) Shellcode (203 bytes)
Linux/StrongARM - Bind (/TCP) Shell (/bin/sh) Shellcode (203 bytes)
Linux/SuperH (sh4) - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (132 bytes)
Linux/SuperH (sh4) - Bind (31337/TCP) Shell (/bin/sh) Shellcode (132 bytes)
Linux/x64 - Bind TCP (1337/TCP) Shell + Password (pAzzW0rd) + Egghunter Using sys_access() Shellcode (49 bytes)
Linux/x64 - Bind (1337/TCP) Shell + Password (pAzzW0rd) + Egghunter Using sys_access() Shellcode (49 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell (/bin/sh) Shellcode (44 bytes)
Linux/x86 - Bind (Random TCP Port) Shell (/bin/sh) Shellcode (44 bytes)
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh)+ Null-Free Shellcode (80 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/ARM - Reverse (192.168.1.1:4444/TCP) Shell (/bin/sh)+ Null-Free Shellcode (80 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcode (168 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:11111/TCP) Shell + Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse TCP (192.168.3.119:54321/TCP) Shell (/bin/bash) Shellcode (110 bytes)
Linux/ARM - Bind (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcode (168 bytes)
Linux/x86 - Reverse (127.1.1.1:11111/TCP) Shell + Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse (192.168.3.119:54321/TCP) Shell (/bin/bash) Shellcode (110 bytes)
Linux/x64 - Reverse TCP (::1:1472/TCP) Shell + IPv6 + Null-Free Shellcode (113 bytes)
Linux/x64 - Reverse (::1:1472/TCP) Shell + IPv6 + Null-Free Shellcode (113 bytes)
Linux/x86 - Reverse UDP (127.0.0.1:53/UDP) Shell (/bin/sh) Shellcode (668 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (75 bytes)
Linux/x64 - Reverse TCP (192.168.1.8:4444/TCP) Shell Shellcode (104 bytes)
Linux/x86 - Reverse (127.0.0.1:53/UDP) Shell (/bin/sh) Shellcode (668 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (75 bytes)
Linux/x64 - Reverse (192.168.1.8:4444/TCP) Shell Shellcode (104 bytes)
Linux/x64 - Reverse TCP (192.168.1.2:4444/TCP) Shell Shellcode (153 bytes)
Linux/x64 - Reverse (192.168.1.2:4444/TCP) Shell Shellcode (153 bytes)
Linux/ARM (Raspberry Pi) - Bind TCP (4444/TCP) Shell (/bin/sh) Shellcode (192 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP (192.168.0.12:4444/TCP) Shell (/bin/sh) Shellcode (160 bytes)
Linux/ARM (Raspberry Pi) - Bind (4444/TCP) Shell (/bin/sh) Shellcode (192 bytes)
Linux/ARM (Raspberry Pi) - Reverse (192.168.0.12:4444/TCP) Shell (/bin/sh) Shellcode (160 bytes)
Linux/x86 - Bind TCP (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes)
Linux/x86 - Bind (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes)
Linux/x86 - Reverse (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes)
Linux/x86 - Bind TCP (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)
Linux/x86 - Bind (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)
Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)
2018-05-24 05:01:50 +00:00
Offensive Security
7bbc323854
DB: 2018-05-23
...
20 changes to exploits/shellcodes
Siemens SIMATIC S7-1500 CPU - Remote Denial of Service
Microsoft Edge Chakra JIT - Magic Value Type Confusion
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read
MakeMyTrip 7.2.4 - Information Disclosure
Linux 4.4.0 < 4.4.0-53 - AF_PACKET chocobo_root Privilege Escalation (Metasploit)
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery
Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Healwire Online Pharmacy 3.0 - Cross-Site Scripting / Cross-Site Request Forgery
Private Message PHP Script 2.0 - Persistent Cross-Site Scripting
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Private Message PHP Script 2.0 - Cross-Site Scripting
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Cross-Site Scripting / Cross-Site Request Forgery
ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting
ManageEngine Recovery Manager Plus 5.3 - Cross-Site Scripting
Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Panel Authentication Bypass
Auto Dealership & Vehicle Showroom WebSys 1.0 - Multiple Vulnerabilities
Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication Bypass
Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting
Model Agency Media House & Model Gallery 1.0 - Multiple Vulnerabilities
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
Nordex N149/4.0-4.5 - SQL Injection
WebSocket Live Chat - Cross-Site Scripting
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
PaulPrinting CMS Printing 1.0 - SQL Injection
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
ERPnext 11 - Cross-Site Scripting
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Auto Car 1.2 - 'car_title' SQL Injection / Cross-Site Scripting
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Feedy RSS News Ticker 2.0 - 'cat' SQL Injection
NewsBee CMS 1.4 - 'download.php' SQL Injection
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
2018-05-23 05:01:45 +00:00
Offensive Security
0579cde876
DB: 2018-04-30
...
5 changes to exploits/shellcodes
ImageMagick 6.9.3-9/7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick 7.0.1-0 / 6.9.3-9 - 'ImageTragick ' Multiple Vulnerabilities
ImageMagick 6.9.3-9/7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) (Metasploit)
ImageMagick 6.9.3-9 / 7.0.1-0 - 'ImageTragick' Delegate Arbitrary Command Execution (Metasploit)
Oracle WebLogic Server 10.3.6.0 - Java Deserialization
Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Execution
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution
Android Bluetooth - 'Blueborne' Information Leak (1)
Android Bluetooth - 'Blueborne' Information Leak (2)
Apache Struts 2.0.1 < 2.3.33 / 2.5 < 2.5.10 - Arbitrary Code Execution
2018-04-30 05:01:48 +00:00
Offensive Security
4088e4151b
DB: 2018-04-07
...
6 changes to exploits/shellcodes
Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass
Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption
LineageOS 14.1 Blueborne - Remote Code Execution
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
DotNetNuke DNNarticle Module 11 - Directory Traversal
Cobub Razor 0.7.2 - Cross Site Request Forgery
2018-04-07 05:01:44 +00:00
Offensive Security
e3fb91f1d7
DB: 2018-03-24
...
14 changes to exploits/shellcodes
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Dell EMC NetWorker - Denial of Service
WM Recorder 16.8.1 - Denial of Service
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery
XenForo 2 - CSS Loader Denial of Service
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
Linux/x86 - EggHunter Shellcode (11 Bytes)
2018-03-24 05:01:48 +00:00
Offensive Security
b0fc7bfd43
DB: 2018-03-17
...
6 changes to exploits/shellcodes
Android DRM Services - Buffer Overflow
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Spring Data REST < 2.6.9 (Ingalls SR9)_ 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
Contec Smart Home 4.15 - Unauthorized Password Reset
2018-03-17 05:01:46 +00:00
Offensive Security
5947825a84
DB: 2018-03-10
...
15 changes to exploits/shellcodes
uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 - Range header Denial of Service
μTorrent (uTorrent) / BitTorrent WebIU HTTP 1.7.7/6.0.1 - Range header Denial of Service
uTorrent 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC)
μTorrent (uTorrent) 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC)
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
μTorrent (uTorrent) WebUI 0.370 - Authorisation Header Denial of Service
Memcached - 'memcrashed' Denial of Service
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (1)
Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of Service With Shodan API
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
WebLog Expert Enterprise 9.4 - Denial of Service
uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking
μTorrent (uTorrent) 2.0.3 - 'plugin_dll.dll' DLL Hijacking
uTorrent 2.0.3 - DLL Hijacking
μTorrent (uTorrent) 2.0.3 - DLL Hijacking
iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow
Microsoft Office - 'Composite Moniker Remote Code Execution
Mozilla Firefox - Address Bar Spoofing
Tor (Firefox 41 < 50) - Code Execution
Chrome 35.0.1916.153 - Sandbox Escape / Command Execution
WebLog Expert Enterprise 9.4 - Authentication Bypass
uTorrent 1.6 build 474 - 'announce' Key Remote Heap Overflow
μTorrent (uTorrent) 1.6 build 474 - 'announce' Key Remote Heap Overflow
t. hauck jana WebServer 1.0/1.45/1.46 - Directory Traversal
T. Hauck Jana Server 1.0/1.45/1.46 - Directory Traversal
Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution
Werkzeug - 'Debug Shell' Command Execution
TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
TikiWiki Project < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
toronja CMS - SQL Injection
Toronja CMS - SQL Injection
uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery
μTorrent (uTorrent) WebUI 0.310 Beta 2 - Cross-Site Request Forgery
tinybrowser - 'tinybrowser.php' Directory Listing
tinybrowser - 'edit.php' Directory Listing
TinyBrowser - 'tinybrowser.php' Directory Listing
TinyBrowser - 'edit.php' Directory Listing
Xoops 2.5.7.2 - Directory Traversal Bypass
XOOPS 2.5.7.2 - Directory Traversal Bypass
SAP BusinessObjects launch pad - Server-Side Request Forgery
antMan < 0.9.1a - Authentication Bypass
Bacula-Web < 8.0.0-rc2 - SQL Injection
2018-03-10 05:01:50 +00:00
