Real Name | Bobby Cooke |
---|---|
Email address | private |
First Active | 2019-12-13 |
Last Active | 2022-12-22 |
LibreHealth version 2.0.0 authenticated remote code execution exploit.
fd3ae68fe9fcdda0cdbf3f0ce37942eea7334c997e346091df15a89867a1c66b
LibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.
72dc0f0110132301f3990ed51cc51e800ab71dfb943e71ad251f75ff30848051
Online Course Registration version 1.0 unauthenticated remote code execution exploit.
a151de8ab314ed412ce9857ad2d9bed5fb186f222306d71070d50f445af469ba
10-Strike Bandwidth Monitor version 3.9 services Svc10StrikeBandMontitor, Svc10StrikeBMWD, and Svc10StrikeBMAgent suffer from unquoted service path vulnerabilities.
988460dcd7c34ca37336597a2f2529a94e3d321ba6e6a335123548b0c0e9485b
Bandwidth Monitor version 3.9 full ROP buffer overflow exploit with SEH, DEP, and ASLR taken into consideration.
1164b8ef72c13f03af8ee99373ab4ced9527b6e1d29b01bf7dad339ae7af4667
10-Strike Bandwidth Monitor version 3.9 ROP VirtualAlloc buffer overflow exploit with SEH, DEP, and ASLR.
5b92597d6f29e2ea57ed39807be4f8d438671808c7140ef7a99598b58a6f2e4b
198 bytes small macOS/x64 RickRolling shellcode.
45c7075c008f666fbb2fd9dadac0c02ddf70076745868d713f14861c733cdd1e
Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
6a765a2a578f06a7b02f8904bda572779f3d00d6d0bf387951c135a5b72cf9db
ACal version 2.2.6 suffers from a one-click remote code execution vulnerability.
b32ebcce27b52719f4cf51ee40137cc6d13cbab93a57f639a9f947d5d9d8ddf0
WebTareas version 2.0p8 suffers from a cross site scripting vulnerability.
c416b5620fefd7baa3d5708623dcf013feaec0cff7211fa9c063bdf7e6ea12a3
Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities.
015c32b2f3ffc4e91ba637f9293f09e7320caeb03bcd1d7fcba4cb418aa58392
Online Scheduling System version 1.0 suffers from an authentication bypass vulnerability.
6afcc5b0051b6eec0e838842890ca8ab551609a47811313dd84cb767b3e02fed
Online Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.
872919a2779e6e04e5d200971fb18ef5498c54070aaccf8201ff0a606608bc9c
ChemInv version 1 suffers from a persistent cross site scripting vulnerability.
ce55a4c9abc9f7ac209d854759125740884e7c0fcb843b7e2e23ca696c5974d9
39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs.
f15f64c0d4291382054a30e3697719a38ea41de5b89587531e1baff5818409e8
80 bytes small Linux/x86 reverse shell generator shellcode with customizable TCP port and IP address.
b6288f9069a67ab9a6e3d01fe3b23d7615e89b3fbb4002b6507be11140b269ff
155 bytes small Linux/x86 shellcode that has a MMX stub decoder that dynamically decodes the payload in memory. The FPU GetPC technique is used to determine the offset from EIP dynamically in running memory. Once decoded. this shellcode adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
d72edd6daaf006feaf82398a3b67d4281ff9258ee56eeaedca56c7d0ab3e4980
107 bytes small Linux/x86 shellcode that adds the user 'ctl' with the password 'ctl' to the /etc/passwd file with the UID and GID of 0 (root). This shellcode uses legacy passwd functionality. Therefore the /etc/shadow file does not need to be accessed or modified.
e9483cceb2d45bc3e4c29c88655dc4a6e6bcedc432d98e81e5ab936189311836
57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload.
0b2a9ee02c0b7d0258cad51519bebf538bc5adf11a6b79a09c2f9a31449092a7
272 bytes small Linux/x86_64 null free password protected bindshell shellcode.
3b354d90a8edf71f759af7fb2d5a48d129b38945626e7de89ff29bd0b2c1fa8f
63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode.
c3ff54b357a821a1566c2d7a70204024eb13af4cdf6c240a1725a87696156951
644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service.
45196bef615997ff1457d3b58b9dd0c6f69545d940fc57d196cd73a34f489870
Atomic Alarm Clock version 6.3 unicode SEH stack overflow exploit.
238263daa45c17575706ddcfa1c46f8602cbe4121be203dfefbbee10cd6d9ab1
Atomic Alarm Clock version 6.3 suffers from an unquoted service path vulnerability.
109cb650d3271cb2bae078be488ea7009f907d54e3c2a6e3fbce3f31d8dab25c
Free Desktop Clock version 3.0 unicode SEH stack overflow exploit.
4a9467fce8cd0ec571f7fe4bdf044c16d4b4a8954c296e5934ea1f8fe3d4e619