0a9242663c
2 new exploits
BSD Passive Connection Shellcode
BSD - Passive Connection Shellcode
FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging
FreeBSD i386/AMD64 - Execve /bin/sh (Anti-Debugging)
freebsd/x86 rev connect_ recv_ jmp_ return results (90 bytes)
freebsd/x86 - rev connect_ recv_ jmp_ return results (90 bytes)
freebsd/x86 portbind 4883 with auth shellcode
freebsd/x86 - portbind 4883 with auth shellcode
freebsd/x86 - execve /bin/sh (23 bytes) (2)
freebsd/x86 - execve /bin/sh (2) (23 bytes)
freebsd/x86 chown 0:0 _ chmod 6755 & execve /tmp/sh (44 bytes)
freebsd/x86 - chown 0:0 _ chmod 6755 & execve /tmp/sh (44 bytes)
Windows xp/sp1 generate portbind payload
Windows XP SP1 - portbind payload (Generator)
Linux/x86 - shellcode generator / null free
Alphanumeric Shellcode Encoder Decoder
Utility for generating HTTP/1.x requests for shellcodes
Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)
Linux/x86 - shellcode null free (Generator)
Alphanumeric Shellcode Encoder/Decoder
HTTP/1.x requests for shellcodes (Generator) (18+ bytes / 26+ bytes)
Multi-Format Shellcode Encoding Tool - Beta 2.0 (Win32) (Generator)
Cisco IOS Connectback Shellcode 1.0
Cisco IOS Bind Shellcode 1.0
Cisco IOS Tiny Shellcode 1.0
Cisco IOS Shellcode And Exploitation Techniques (BlackHat)
Cisco IOS - Connectback Shellcode
Cisco IOS - Bind Shellcode 1.0 (116 bytes)
Cisco IOS - Tiny Shellcode
Cisco IOS - Shellcode And Exploitation Techniques (BlackHat)
Linux/mips - (Linksys WRT54G/GL) port bind shellcode (276 bytes)
Linux/mips - (Linksys WRT54G/GL) execve shellcode (60 bytes)
Linux/mips - execve /bin/sh (56 bytes)
Linux/ppc - execve /bin/sh (60 bytes)
Linux/ppc - read & exec shellcode (32 bytes)
Linux/ppc - connect back execve /bin/sh (240 bytes)
Linux/ppc - execve /bin/sh (112 bytes)
Linux/MIPS (Linksys WRT54G/GL) - port bind shellcode (276 bytes)
Linux/MIPS (Linksys WRT54G/GL) - execve shellcode (60 bytes)
Linux/MIPS - execve /bin/sh (56 bytes)
Linux/PPC - execve /bin/sh (60 bytes)
Linux/PPC - read & exec shellcode (32 bytes)
Linux/PPC - connect back execve /bin/sh (240 bytes)
Linux/PPC - execve /bin/sh (112 bytes)
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes)
Linux/x86-64 - setuid(0) + execve(/bin/sh) (49 bytes)
Linux/x86_64 - setuid(0) + execve(/bin/sh) (49 bytes)
Linux/x86 - File unlinker (18 bytes + file path length)
Linux/x86 - Perl script execution (99 bytes + script length)
Linux/x86 - file reader (65 bytes + pathname)
Linux/x86 - File unlinker (18+ bytes)
Linux/x86 - Perl script execution (99+ bytes)
Linux/x86 - file reader (65+ bytes)
Linux x86 shellcode obfuscator
Linux/x86 - shellcode obfuscator
Linux/86 setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode
Linux/x86 - setreuid(geteuid_ geteuid) + execve(/bin/sh) shellcode
Linux/x86 - rm -rf / attempts to block the process from being stopped
Linux/x86 - rm -rf / attempts to block the process from being stopped (132 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads and execve() (111 bytes+)
Linux/x86 - executes command after setreuid (9 + 40 bytes + cmd)
Linux/x86 - HTTP/1.x GET_ Downloads and execve() (111+ bytes)
Linux/x86 - executes command after setreuid (49+ bytes)
Linux/x86 - HTTP/1.x GET_ Downloads and JMP - (68 bytes+)
Linux/x86 - HTTP/1.x GET_ Downloads and JMP - (68+ bytes)
Linux/x86 - examples of long-term payloads hide-wait-change (.s)
Linux/x86 - examples of long-term payloads hide-wait-change 187 bytes+
Linux/x86 - examples of long-term payloads hide-wait-change (.s) (187+ bytes)
Linux/x86 - examples of long-term payloads hide-wait-change (187+ bytes)
Linux - chroot()/execve() code
Linux - chroot()/execve() code (80 bytes)
Linux/x86-64 - bindshell port:4444 shellcode (132 bytes)
Linux/x86-64 - execve(/bin/sh) (33 bytes)
Linux/PPC/x86 execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes)
OS-X/PPC/x86 execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (121 bytes)
Linux/x86 - unix/SPARC irix/mips execve /bin/sh irx.mips (141 bytes)
Linux/x86 - unix/SPARC execve /bin/sh (80 bytes)
Linux/x86 - bsd/x86 execve /bin/sh (38 bytes)
netbsd/x86 kill all processes shellcode (23 bytes)
netbsd/x86 callback shellcode (port 6666) (83 bytes)
netbsd/x86 setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (29 bytes)
netbsd/x86 setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (30 bytes)
netbsd/x86 execve /bin/sh (68 bytes)
openbsd/x86 execve(/bin/sh) (23 bytes)
openbsd/x86 portbind port 6969 (148 bytes)
openbsd/x86 add user w00w00 (112 bytes)
OS-X/ppc sync()_ reboot() (32 bytes)
OS-X/PPC execve(/bin/sh)_ exit() (72 bytes)
OS-X/PPC Add user r00t (219 bytes)
OS-X/PPC execve /bin/sh (72 bytes)
OS-X/PPC add inetd backdoor (222 bytes)
OS-X/PPC reboot (28 bytes)
OS-X/PPC setuid(0) + execve /bin/sh (88 bytes)
OS-X/PPC create /tmp/suid (122 bytes)
OS-X/PPC simple write() (75 bytes)
OS-X/PPC execve /usr/X11R6/bin/xterm (141 bytes)
sco/x86 execve(_/bin/sh__ ..._ NULL); (43 bytes)
Solaris/sparc download and execute (278 bytes)
Solaris/sparc executes command after setreuid (92 bytes + cmd)
Solaris/sparc connect-back (with XNOR encoded session) (600 bytes)
Solaris/sparc setreuid/execve (56 bytes)
Solaris/sparc portbind (port 6666) (240 bytes)
Solaris/SPARC execve /bin/sh (52 bytes)
Solaris/SPARC portbind port 6789 (228 bytes)
Solaris/SPARC connect-back (204 bytes)
Solaris/SPARC portbinding shellcode
Solaris/x86 portbind/tcp shellcode generator
Solaris/x86 setuid(0)_ execve(//bin/sh); exit(0) NULL Free (39 bytes)
Solaris/x86 setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) (59 bytes)
Solaris/x86 execve /bin/sh toupper evasion (84 bytes)
Solaris/x86 add services and execve inetd (201 bytes)
Linux/x86_64 - bindshell port:4444 shellcode (132 bytes)
Linux/x86_64 - execve(/bin/sh) (33 bytes)
Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (99 bytes)
OS-X PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) (121 bytes)
Linux/x86 & unix/SPARC & irix/mips - execve /bin/sh irx.mips (141 bytes)
Linux/x86 & unix/SPARC - execve /bin/sh (80 bytes)
Linux/x86 & bsd/x86 - execve /bin/sh (38 bytes)
netbsd/x86 - kill all processes shellcode (23 bytes)
netbsd/x86 - callback shellcode (port 6666) (83 bytes)
netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (29 bytes)
netbsd/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); (30 bytes)
netbsd/x86 - execve /bin/sh (68 bytes)
openbsd/x86 - execve(/bin/sh) (23 bytes)
openbsd/x86 - portbind port 6969 (148 bytes)
openbsd/x86 - add user w00w00 (112 bytes)
OS-X/ppc - sync()_ reboot() (32 bytes)
OS-X/PPC - execve(/bin/sh)_ exit() (72 bytes)
OS-X/PPC - Add user r00t (219 bytes)
OS-X/PPC - execve /bin/sh (72 bytes)
OS-X/PPC - add inetd backdoor (222 bytes)
OS-X/PPC - reboot (28 bytes)
OS-X/PPC - setuid(0) + execve /bin/sh (88 bytes)
OS-X/PPC - create /tmp/suid (122 bytes)
OS-X/PPC - simple write() (75 bytes)
OS-X/PPC - execve /usr/X11R6/bin/xterm (141 bytes)
sco/x86 - execve(_/bin/sh__ ..._ NULL); (43 bytes)
Solaris/SPARC - download and execute (278 bytes)
Solaris/SPARC - executes command after setreuid (92+ bytes)
Solaris/SPARC - connect-back (with XNOR encoded session) (600 bytes)
Solaris/SPARC - setreuid/execve (56 bytes)
Solaris/SPARC - portbind (port 6666) (240 bytes)
Solaris/SPARC - execve /bin/sh (52 bytes)
Solaris/SPARC - portbind port 6789 (228 bytes)
Solaris/SPARC - connect-back (204 bytes)
Solaris/SPARC - portbinding shellcode
Solaris/x86 - portbind/tcp shellcode (Generator)
Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free (39 bytes)
Solaris/x86 - setuid(0)_ execve(/bin/cat_ /etc/shadow)_ exit(0) (59 bytes)
Solaris/x86 - execve /bin/sh toupper evasion (84 bytes)
Solaris/x86 - add services and execve inetd (201 bytes)
Win32/XP SP2 (En) - cmd.exe (23 bytes)
Win32/XP SP2 (EN) - cmd.exe (23 bytes)
Win32 SEH omelet shellcode 0.1
Win32 -SEH omelet shellcode
Win32 PEB!NtGlobalFlags shellcode (14 bytes)
Win32 - PEB!NtGlobalFlags shellcode (14 bytes)
Win32 PEB Kernel32.dll ImageBase Finder Alphanumeric (67 bytes)
Win32 PEB Kernel32.dll ImageBase Finder (Ascii Printable) (49 bytes)
Win32 connectback_ receive_ save and execute shellcode
Win32 Download and Execute Shellcode Generator (browsers edition)
Win32 - PEB Kernel32.dll ImageBase Finder Alphanumeric (67 bytes)
Win32 - PEB Kernel32.dll ImageBase Finder (ASCII Printable) (49 bytes)
Win32 - connectback_ receive_ save and execute shellcode
Win32 - Download and Execute Shellcode (Generator) (Browsers Edition) (275+ bytes)
Win32 IsDebuggerPresent ShellCode (NT/XP) (39 bytes)
Win32 (NT/XP) - IsDebuggerPresent ShellCode (39 bytes)
Win32 - Download & Exec Shellcode (226 bytes+)
Win32 - Download & Exec Shellcode (226+ bytes)
Windows 9x/NT/2000/XP Reverse Generic Shellcode without Loader (249 bytes)
Windows 9x/NT/2000/XP PEB method (29 bytes)
Windows 9x/NT/2000/XP PEB method (31 bytes)
Windows 9x/NT/2000/XP PEB method (35 bytes)
Windows 9x/NT/2000/XP - Reverse Generic Shellcode without Loader (249 bytes)
Windows 9x/NT/2000/XP - PEB method (29 bytes)
Windows 9x/NT/2000/XP - PEB method (31 bytes)
Windows 9x/NT/2000/XP - PEB method (35 bytes)
Windows/XP download and exec source
Windows XP - download and exec source
Microsoft Windows - (DCOM RPC2) Universal Shellcode
Windows - (DCOM RPC2) Universal Shellcode
Linux - setuid(0) & execve(_/sbin/poweroff -f_)
Linux - setuid(0) & execve(_/sbin/poweroff -f_) (47 bytes)
Win xp sp2 PEB ISbeingdebugged shellcode
Windows XP SP2 - PEB ISbeingdebugged shellcode
Win32 XP SP3 ShellExecuteA shellcode
Win32 XP SP3 - ShellExecuteA shellcode
Win32 XP SP3 addFirewallRule
freebsd/x86 portbind shellcode (167 bytes)
Win32 XP SP3 - addFirewallRule
freebsd/x86 - portbind shellcode (167 bytes)
Win32/XP SP2 (En + Ar) - cmd.exe (23 bytes)
Win32/XP SP2 (EN + AR) - cmd.exe (23 bytes)
Windows XP Pro Sp2 English _Message-Box_ Shellcode
Windows XP Pro Sp2 English _Wordpad_ Shellcode
Windows XP Pro SP2 English - _Message-Box_ Shellcode Null-Free (16 bytes)
Windows XP Pro SP2 English - _Wordpad_ Shellcode Null Free (12 bytes)
Linux x86 - polymorphic shellcode ip6tables -F (71 bytes)
Linux x86 - ip6tables -F (47 bytes)
Linux/x86 - polymorphic shellcode ip6tables -F (71 bytes)
Linux/x86 - ip6tables -F (47 bytes)
Linux x86 - /bin/sh (8 bytes)
Linux x86 - execve /bin/sh (21 bytes)
Linux/x86 - /bin/sh (8 bytes)
Linux/x86 - execve /bin/sh (21 bytes)
Linux x86 - disabled modsecurity (64 bytes)
Linux/x86 - disabled modsecurity (64 bytes)
Win32 Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Win32/XP SP3 (Ru) - WinExec+ExitProcess cmd shellcode (12 bytes)
Shellcode - Win32 MessageBox (Metasploit)
JITed egg-hunter stage-0 shellcode Adjusted universal for XP/Vista/Windows 7
Linux x86 - nc -lvve/bin/sh -p13377 shellcode
Win32/XP SP3 (RU) - WinExec+ExitProcess cmd shellcode (12 bytes)
Win32 - MessageBox (Metasploit)
Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 shellcode Adjusted universal
Linux/x86 - nc -lvve/bin/sh -p13377 shellcode
Linux write() & exit(0) shellcode genearator with customizable text
Linux x86 - polymorphic forkbombe - (30 bytes)
Linux x86 forkbombe
Linux - write() & exit(0) shellcode genearator with customizable text
Linux/x86 - polymorphic forkbombe - (30 bytes)
Linux/x86 - forkbomb
Linux/x86_64 execve(_/bin/sh_); shellcode (30 bytes)
Linux/x86_64 - execve(_/bin/sh_); shellcode (30 bytes)
Linux x86 - execve(_/bin/bash___-p__NULL) (33 bytes)
Linux x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes)
Linux/x86 - execve(_/bin/bash___-p__NULL) (33 bytes)
Linux/x86 - polymorphic execve(_/bin/bash___-p__NULL) (57 bytes)
Linux x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes)
Linux/x86 - execve(_/usr/bin/wget__ _aaaa_); (42 bytes)
Windows 7 Pro SP1 64 Fr (Beep) Shellcode (39 bytes)
Windows 7 Pro SP1 64 FR - (Beep) Shellcode (39 bytes)
change mode 0777 of _/etc/shadow_ with sys_chmod syscall
Linux/x86 - kill all running process
change mode 0777 of _/etc/passwd_ with sys_chmod syscall
Linux x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes)
Linux x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes)
Windows 7 x64 (cmd) Shellcode (61 bytes)
Linux x86 - unlink _/etc/shadow_ shellcode (33 bytes)
Linux x86 - hard / unclean reboot (29 bytes)
Linux x86 - hard / unclean reboot (33 bytes)
change mode 0777 of _/etc/shadow_ with sys_chmod syscall (39 bytes)
Linux/x86 - kill all running process (11 bytes)
change mode 0777 of _/etc/passwd_ with sys_chmod syscall (39 bytes)
Linux/x86 - sys_execve(_/bin/sh__ _-c__ _reboot_) shellcode (45 bytes)
Linux/x86 - sys_setuid(0) & sys_setgid(0) & execve (_/bin/sh_) shellcode (39 bytes)
Windows 7 x64 - cmd Shellcode (61 bytes)
Linux/x86 - unlink _/etc/shadow_ shellcode (33 bytes)
Linux/x86 - hard / unclean reboot (29 bytes)
Linux/x86 - hard / unclean reboot (33 bytes)
Linux - chown root:root /bin/sh x86 shellcode (48 bytes)
Linux/x86 - chown root:root /bin/sh shellcode (48 bytes)
Linux x86 - netcat connect back port 8080 (76 bytes)
Linux/x86 - netcat connect back port 8080 (76 bytes)
Allwin MessageBoxA Shellcode
Windows - MessageBoxA Shellcode
Linux/x86-64 - Disable ASLR Security (143 bytes)
Linux/x86_64 - Disable ASLR Security (143 bytes)
Polymorphic Bindport 31337 with setreuid (0_0) linux/x86
Linux/x86 - Polymorphic Bindport 31337 with setreuid (0_0) (131 bytes)
Linux/x86-64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) (63 bytes)
Linux/x86_64 - setuid(0) & chmod (_/etc/passwd__ 0777) & exit(0) (63 bytes)
Linux/x86-64 - Add root user with password (390 bytes)
Linux/x86_64 - Add root user with password (390 bytes)
ShellCode WinXP SP3 SPA URLDownloadToFileA + CreateProcessA + ExitProcess
Windows XP SP3 SPA - URLDownloadToFileA + CreateProcessA + ExitProcess (176+ bytes)
Polymorphic /bin/sh x86 linux shellcode
Linux/x86 - Polymorphic /bin/sh shellcode (116 bytes)
Linux/ARM chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux x86 - bind shell port 64533 (97 bytes)
Linux/x86 - bind shell port 64533 (97 bytes)
125 bind port to 6778 XOR encoded polymorphic linux shellcode
Linux - 125 bind port to 6778 XOR encoded polymorphic
ARM Polymorphic - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode Generator
ARM - Polymorphic execve(_/bin/sh__ [_/bin/sh_]_ NULL) Shellcode (Generator)
Win32 - Write-to-file Shellcode
Linux/x86-64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)
Linux/x86_64 - execve(_/sbin/iptables__ [_/sbin/iptables__ _-F_]_ NULL) (49 bytes)
Linux x86 - netcat bindshell port 8080 (75 bytes)
Linux/x86 - netcat bindshell port 8080 (75 bytes)
Linux x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)
Linux/x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)
Shellcode Checksum Routine
Shellcode Checksum Routine (18 bytes)
Win32/XP SP3 (Tr) - Add Admin Account Shellcode (127 bytes)
Win32/XP SP3 (TR) - Add Admin Account Shellcode (127 bytes)
Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)
Windows Mobile 6.5 TR (WinCE 5.2) - MessageBox Shellcode (ARM)
Windows Mobile 6.5 TR Phone Call Shellcode
Windows Mobile 6.5 TR - Phone Call Shellcode
Win32/xp pro sp3 (EN) 32-bit - add new local administrator (113 bytes)
Win32/XP Pro SP3 (EN) 32-bit - add new local administrator (113 bytes)
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
ARM - Bindshell port 0x1337
ARM - Bind Connect UDP Port 68
ARM - Loader Port 0x1337
ARM - ifconfig eth0 and Assign Address
w32 speaking shellcode
Win32 - speaking shellcode
BSD x86 connect back Shellcode (81 bytes)
BSD x86 portbind + fork shellcode (111 bytes)
bds/x86 - connect back Shellcode (81 bytes)
bds/x86 - portbind + fork shellcode (111 bytes)
OS-X/Intel reverse_tcp shell x86_64 (131 bytes)
OS-X/Intel - reverse_tcp shell x86_64 (131 bytes)
Allwin WinExec add new local administrator + ExitProcess Shellcode
Windows - WinExec add new local administrator + ExitProcess Shellcode (279 bytes)
Linux x86 - ASLR deactivation (83 bytes)
Linux/x86 - ASLR deactivation (83 bytes)
Linux/x86-32 - ConnectBack with SSL connection (422 bytes)
Linux/x86_32 - ConnectBack with SSL connection (422 bytes)
SuperH (sh4) Add root user with password
SuperH (sh4) - Add root user with password (143 bytes)
Linux x86 egghunt shellcode
Linux/x86 - egghunt shellcode (29 bytes)
OSX - Universal ROP shellcode
OS-X - Universal ROP shellcode
52 byte Linux MIPS execve
Linux/MIPS - execve (52 bytes)
MIPS Linux XOR Shellcode Encoder (60 bytes)
Linux/MIPS - XOR Shellcode Encoder (60 bytes)
Linux/x86-64 - execve(/bin/sh) (52 bytes)
Linux/x86_64 - execve(/bin/sh) (52 bytes)
Linux/x86 - Search For php/html Writable Files and Add Your Code
Linux/x86 - Search For php/html Writable Files and Add Your Code (380+ bytes)
Linux x86_64 - add user with passwd (189 bytes)
Linux/x86_64 - add user with passwd (189 bytes)
Linux x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes)
Linux/x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes)
ntop 1.x - -i Local Format String
ntop 1.x - i Local Format String
(Raspberry Pi) Linux/ARM - reverse_shell (tcp_10.1.1.2_0x1337)
(Raspberry Pi) Linux/ARM - execve(_/bin/sh__ [0]_ [0 vars]) (30 bytes)
(Raspberry Pi) Linux/ARM - chmod(_/etc/shadow__ 0777) (41 bytes)
Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) (72 bytes)
Linux/ARM (Raspberry Pi) - execve(_/bin/sh__ [0]_ [0 vars]) (30 bytes)
Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) (41 bytes)
Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode
Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode
MIPS Little Endian Shellcode
MIPS Little Endian - Shellcode
Media Player Classic 6.4.9 - - FLI File Remote Buffer Overflow
Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow
Linux x86 - Socket Re-use Shellcode (50 bytes)
Linux/x86 - Socket Re-use Shellcode (50 bytes)
Linux x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh
Linux/x86 - chmod (777 /etc/passwd & /etc/shadow)_ Add New Root User (ALI/ALI) & Execute /bin/sh (378 bytes)
Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash
Linux/x86 - Obfuscated Shellcode chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash (521 bytes)
Mouse Media Script 1.6 - - Stored XSS
Mouse Media Script 1.6 - Stored XSS
Linux x86 - rmdir (37 bytes)
Linux/x86 - rmdir (37 bytes)
Linux x64 - Bind TCP port shellcode (81 bytes_ 96 with password)
Linux/x64 - Bind TCP port shellcode (81 bytes / 96 bytes with password)
Linux x64 - Reverse TCP connect (77 to 85 bytes_ 90 to 98 with password)
Linux/x64 - Reverse TCP connect (77 to 85 bytes / 90 to 98 bytes with password)
Windows x86 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 Bytes)
Windows x64 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 Bytes)
Windows x86 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)
Windows x64 - Obfuscated Shellcode Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service (1218 bytes)
Linux MIPS - execve (36 bytes)
Linux/MIPS - execve (36 bytes)
Win x86-64 - Download & execute (Generator)
Windows XP x86-64 - Download & execute (Generator)
Linux x86 - Egg-hunter (20 bytes)
Linux x86 - Typewriter Shellcode Generator
Linux/x86 - Egg-hunter (20 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - execve _/bin/sh_ - shellcode (35 bytes)
Linux/x86 - execve _/bin/sh_ shellcode (35 bytes)
Linux custom execve-shellcode Encoder/Decoder
Linux - custom execve-shellcode Encoder/Decoder
Linux x86 - Execve /bin/sh Shellcode Via Push (21 bytes)
Linux x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)
Linux/x86 - Execve /bin/sh Shellcode Via Push (21 bytes)
Linux/x86_64 - Execve /bin/sh Shellcode Via Push (23 bytes)
Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - execve /bin/sh shellcode (21 bytes) (2)
Linux/x86 - execve /bin/sh shellcode (2) (21 bytes)
Linux - execve(/bin/sh) (30 bytes)
Linux/x86_64 - execve(/bin/sh) (30 bytes)
Linux 64 bit - Encoded execve shellcode
Linux 64bit - Encoded execve shellcode
Linux x86 /bin/sh ROT7 Encoded Shellcode
Linux/x86 - /bin/sh ROT7 Encoded Shellcode
Win32/xp[TR] sp3 - MessageBox (24 bytes)
Win32/XP SP3 (TR) - MessageBox (24 bytes)
Linux x86 - Egg Hunter Shellcode (19 bytes)
Linux/x86 - Egg Hunter Shellcode (19 bytes)
Windows x86 - user32!MessageBox _Hello World!_ (199 Bytes Null-Free)
Windows x86 - user32!MessageBox _Hello World!_ Null-Free (199 bytes)
Linux x86 - /bin/sh ROL/ROR Encoded Shellcode
Linux/x86 - /bin/sh ROL/ROR Encoded Shellcode
OS X x64 /bin/sh Shellcode - NULL Byte Free (34 bytes)
OS-X x64 - /bin/sh Shellcode - NULL Byte Free (34 bytes)
Mainframe/System Z Bind Shell
Mainframe/System Z - Bind Shell
Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL)
Linux/x86 - execve(_/bin/cat__ [_/bin/cat__ _/etc/passwd_]_ NULL) (75 bytes)
OS X x64 - tcp bind shellcode_ NULL byte free (144 bytes)
OS-X x64 - tcp bind shellcode_ NULL byte free (144 bytes)
Linux x86_64 - /bin/sh
Linux/x86_64 - /bin/sh
Linux x86_64 - execve Shellcode (22 bytes)
Linux/x86_64 - execve Shellcode (22 bytes)
Linux x86_64 - Bindshell with Password (92 bytes)
Linux/x86_64 - Bindshell with Password (92 bytes)
Linux x64 - egghunter (24 bytes)
Linux/x64 - egghunter (24 bytes)
Linux x86_64 - Polymorphic execve Shellcode (31 bytes)
Linux/x86_64 - Polymorphic execve Shellcode (31 bytes)
Windows XP-10 - Null-Free WinExec Shellcode (Python)
Windows XP<10 - Null-Free WinExec Shellcode (Python)
x64 Linux Bind TCP Port Shellcode
Linux/x64 - Bind TCP Port Shellcode (103 bytes)
x86_64 Linux bind TCP port shellcode
Linux/x86_64 - bind TCP port shellcode (103 bytes)
Linux/x86 - execve _/bin/sh_ - shellcode 24 byte
Linux/x86 - execve _/bin/sh_ shellcode (24 bytes)
Linux x86_64 - Egghunter (18 bytes)
Linux x86 - Egg-hunter (13 bytes)
Linux/x86_64 - Egghunter (18 bytes)
Linux/x86 - Egg-hunter (13 bytes)
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection
WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Unauthenticated SQL injection
x86_64 Linux xor/not/div Encoded execve Shellcode
Linux/x86_64 - xor/not/div Encoded execve Shellcode (54 bytes)
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection
WordPress Booking Calendar Contact Form Plugin <= 1.1.23 - Shortcode SQL Injection
Linux x86/x86_64 reverse_tcp Shellcode
Linux/x86/x86_64 - reverse_tcp Shellcode
Linux x86/x86_64 tcp_bind Shellcode
Linux x86/x86_64 Read etc/passwd Shellcode
Linux/x86/x86_64 - tcp_bind Shellcode
Linux/x86/x86_64 - Read etc/passwd Shellcode
WordPress Booking Calendar Contact Form <=1.1.24 - Multiple Vulnerabilities
WordPress Booking Calendar Contact Form <= 1.1.24 - Multiple Vulnerabilities
x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version (1)
Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (1) (122 bytes)
x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version (2)
Linux x86 Download & Execute Shellcode
Linux x86_64 - Polymorphic Execve-Stack (47 bytes)
Linux/x86_64 - shell_reverse_tcp with Password - Polymorphic Version (2) (135 bytes)
Linux/x86 - Download & Execute Shellcode
Linux/x86_64 - Polymorphic Execve-Stack (47 bytes)
Linux x86_64 - Reverse Shell Shellcode
Linux/x86_64 - Reverse Shell Shellcode
Linux/x86_x64 - execve(/bin/sh) (26 bytes)
Linux/x86_64 - execve(/bin/sh) (26 bytes)
Linux/x86_x64 - execve(/bin/sh) (25 bytes)
Linux/x86_x64 - execve(/bin/bash) (33 bytes)
Linux/x86_64 - execve(/bin/sh) (25 bytes)
Linux/x86_64 - execve(/bin/bash) (33 bytes)
Linux/x86_64 - bindshell (PORT: 5600) (81 bytes)
Linux/x86_64 - bindshell (Pori: 5600) (81 bytes)
Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
Windows x86 - URLDownloadToFileA()+SetFileAttributesA()+WinExec()+ExitProcess() Shellcode
Linux x86 Reverse TCP Shellcode (ipv6)
Linux x86 Shellcode - Bind TCP Port 1472 (ipv6)
Linux/x86 - Reverse TCP Shellcode (IPv6)
Linux/x86 - Bind TCP Port 1472 (IPv6) (1250 bytes)
Linux x64 - Bind Shell Shellcode Generator
Linux/x64 - Bind Shell Shellcode (Generator)
Windows Null-Free Shellcode - Primitive Keylogger to File (431 (0x01AF) bytes)
Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes)
.Net Framework Execute Native x86 Shellcode
.Net Framework - Execute Native x86 Shellcode
Linux x86_64 Shellcode - Bind TCP Port 1472 (ipv6)
Linux/x86_64 - Bind TCP Port 1472 (IPv6)
Linux x86_64 Shellcode - Reverse TCP (ipv6)
Linux/x86_64 - Reverse TCP (IPv6)
Windows - Null-Free Shellcode - Functional Keylogger to File (601 (0x0259) bytes)
Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes)
Linux x86_64 Shellcode Null-Free Reverse TCP Shell
Linux/x86_64 - Null-Free Reverse TCP Shell
Linux x86_64 Information Stealer Shellcode
Linux/x86_64 - Information Stealer Shellcode
Linux x86 - TCP Bind Shell Port 4444 (656 bytes)
Linux/x86 - TCP Bind Shell Port 4444 (656 bytes)
Linux x86_64 XOR Encode execve Shellcode
Linux/x86_64 - XOR Encode execve Shellcode
Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode
Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Windows x86 WinExec(_cmd.exe__0) Shellcode
Linux x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Windows x86 - WinExec(_cmd.exe__0) Shellcode
Linux/x86 - /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Windows x86 system(_systeminfo_) Shellcode
Windows x86 - system(_systeminfo_) Shellcode
Windows x86 ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode
Windows x86 - ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode
Linux x86 /bin/sh Shellcode + ASLR Bruteforce
Linux/x86 - /bin/sh Shellcode + ASLR Bruteforce
Linux x86_64 /etc/passwd File Sender Shellcode
Linux/x86_64 - /etc/passwd File Sender Shellcode
Linux x86 - TCP Bind Shell Port 4444 (98 bytes)
Linux/x86 - TCP Bind Shell Port 4444 (98 bytes)
Linux x86 - TCP Reverse Shellcode (75 bytes)
Linux/x86 - TCP Reverse Shellcode (75 bytes)
Linux x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password (172 bytes)
Linux/x86_64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password (172 bytes)
Linux x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10
Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure
|
||
|---|---|---|
| .. | ||
| 13465.c | ||
| 13466.c | ||
| 13467.c | ||
| 13468.c | ||
| 13469.c | ||
| 39885.c | ||