#!/usr/bin/perl # # Title: PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit # # Summary: With PowerCHM you can create your CHM files # automatically from Html Files (including .htm, .html # and .mht), Text Files (.txt), Microsoft Word Documents # (.
# exploit.py # Abee Chm Maker 1.9.5 Stack overflow Exploit # By:Encrypt3d.M!nd # # After importing Devil_inside.cmp file into the program # go to FileMake CHM.. Then...watch :) . # # i've used SEH overwrite method to make it more stable. # btw:it's
#!/usr/bin/perl # My Simple Forum v7.1 # Remote Command Execution Exploit (Apache Log Poisoning/Injection) # Local File Inclusion at /theme/default/index.template.php?action=[lf]%00 # XSS at /theme/default/index.template.php?Name=[XSS] - This needs
/* XM Easy Personnal FTP Server = 5.7.0 Remote Denial of Service with Request (NLST) --------------------------------------------------------------------------------------------------------- The vulnerability is caused due to an error in handling th
---------------------------------------------xmlcrash.html-------------------------------------------- html script // k`sOSe - works both on windows and linux // heap spray here :) /script iframe src=xmlcrash.xml /html ------------------------------
#!/usr/bin/perl -w # IncrediMail Xe (latest version) XSS Vulnerability # # Discovered by :Bui Quang Minh # # Description:The most of popular Mail Client now exclude Script Code for mail content. #It aims to avoid the type of XSS exploitation (For e.g
/* Femitter Server FTP 1.x Multiple Vulnerability ---------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when processing FTP requests. This can be exploited to read, mod
Microsoft GdiPlus.dll EMF GpFont::SetData Stack Overflow Write up by redsand@blacksecurity.org Credits to mIKEJONES for providing the .EMF Crash An integer overflow has been found within the Microsoft Windows gdiplus.dll [0x4ED67060] This vulnerabil
Hey gang, Been a few days since our last post, but not to worry! Still lots of fun stuff happening in the blacksec community. Our latest post is a brief analysis of the jbig2 vulnerability recently patched by Adobe in APSB09-01 (aka CVE-2009-0658).
