117 bytes small Linux/x86 encoding of random bytes + XOR/SUB/NOT/ROR and also decodes ROL/NOT/ADD/XOR execve(/bin/sh) shellcode.
b82dfb8d4d91af3595f567041ee05b15504b8214cc59b1d265373db0258eb1baMicrosoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit.
6004557d41e57d6f8c6f1e069e636a6c4bd77559c9d558f5f217529403730a3eUbuntu Security Notice 4186-3 - USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.
a22fb499a8eee3d48959f316cc92b99039174e4ec75ff93b2f12800519de703cUbuntu Security Notice 4185-3 - USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.
0943619d6246e8a0cdee4b5acfc1807d3c4914c36a38fbe8ded7be757a4e396bUbuntu Security Notice 4183-2 - USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.
db78d28cd507d49176624aa1c886c5cf61d842620b9c273cac92d9c264a69321Ubuntu Security Notice 4184-2 - USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.
b7e4f5cb2e7a1b61d8abbcf5d64a6bd1b12b10f64ec69db57292af5b7c02380447 bytes small Linux/x86 (NOT|ROT+8 Encoded) execve(/bin/sh) null free shellcode.
5126a940c58c7f5f3299183cf28243ed1ac37a3f18ff919c6188dec22e23f309This Metasploit module exploits a vulnerability in xscreensaver versions since 5.06 on unpatched Solaris 11 systems which allows users to gain root privileges. xscreensaver allows users to create a user-owned file at any location on the filesystem using the -log command line argument introduced in version 5.06. This module uses xscreensaver to create a log file in /usr/lib/secure/, overwrites the log file with a shared object, and executes the shared object using the LD_PRELOAD environment variable. This module has been tested successfully on xscreensaver version 5.15 on Solaris 11.1 (x86) and xscreensaver version 5.15 on Solaris 11.3 (x86).
61fc2ea992be47242e9913209ccde2e47b80ce69f13985b6c1cff3d42dbfc4cf42 bytes small Linux/x86 execve(/bin/sh) socket reuse shellcode.
06940cd962d0fb34cda215179e7f8392804cd9243f8253e5bd126a6f374b2d7925 bytes small Linux/x86 execve /bin/sh shellcode.
6ec3a762f49cf073c4aaf48e89626df8b0be9238e36987f32f78d2e3bcc88c5d91 bytes small Linux/x86 reverse shell NULL free 127.0.0.1:4444 shellcode.
e41394ff0ce73676c56d6dc657e2f1f811e92852a6ff50e91919a685056dc89359 bytes small Linux/x86 add user to /etc/passwd shellcode.
918c61c93c872f56062369ffa875b4e1f3a8d5bf7f31b8e797616444b1efe92b132 bytes small Linux/x86 NOT + XOR-N + random encoded /bin/sh shellcode.
0b23de6ec5c6e6b408103df4a217ec69f9bdb8b72445a298282426667895f102Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.
9e2781775184712bdc9ab152e47752736b9f68280b44bb86504561c48b892cc853 bytes small Linux/x86 bind TCP port 43690 null-free shellcode.
72ee8e6b0c1bb5959452806f1adf21697514884ba37f888de728a9f0fdb94820Linux/x86 TCP reverse shell 127.0.0.1 nullbyte free shellcode.
329c527166985f21f8066e80dbde39d0834fcb98733657d062bf3926cdfd341fUbuntu Security Notice 4096-1 - Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information.
9c08d1b3f406ed6a52e239b25f1fda22470bc5526723ccb15b0e8ad9a95383b9Ubuntu Security Notice 4093-1 - It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
972368dcf6177d5f57f6c9563b2ca592739590e4dce2d1505555c8bf5670da1451 bytes small Linux/x86 force reboot shellcode.
056b859e2f533a5f2b69059671be75c654287ab35a527e356c91da46a8af857c107 bytes small Linux/x86 ASLR disable polymorphic shellcode.
902bab16b50366f3b4ca0945f0cb8dc53bb7fb71398ff7559555ef61d8979c6953 bytes small Linux/x86 chmod(/etc/shadow, 0666) polymorphic shellcode.
9c0ea0090b380aa0a0d32c30792ded1f6dfb9cd0807425b0dfc46a62b08960e7168 bytes small Linux/x86 NOT +SHIFT-N+ XOR-N encoded /bin/sh shellcode.
0535e81b0ede463cd0f475670e1e4a07b636b91c018625cd31f6d3df4b1a1c98Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit.
48d06e50b882f363ce29fb915222dd7ed84f617e38b68912b67b47eacf8f0564An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86.
b12d041b74805140215567e34bac24168770da5ed39aeeca4562c66332b7d51761 bytes small Linux/x86 chmod 666 /etc/passwd and chmod 666 /etc/shadow shellcode.
4ec34454d2a15a5707726a311258a81f29cac15bb8923a1070f411e5d6e08437
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed