/* We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys ( \.Nsi device) discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment holes. On our test Windows 7 32-bit workstat
!-- There is a type confusion issue related to how some arithmetic operations are performed in VBScript. To illustrate, see the following simplified code of VbsVarMod static unsigned char result_lookup_table[18][18] = {...} void VbsVarMod(VAR *v1, VA
Microsoft IE: Memory curruption in CMarkup::DestroySplayTree CVE-2017-8594There is a memory corruption issue in IE that can be triggered with svg use element.The bug was confirmed on IE Version 11.0.9600.18617 (Update Version 11.0.40) running on Win
CVE-2017-7642 Local root privesc in Hashicorp vagrant-vmware-fusion = 4.0.2015 Jul 2017 06:57I'm a big fan of Hashicorp but this is an awful bug to have in software of theircalibre.Their vagrant plugin for vmware fusion uses a product called Ruby En
#!/usr/bin/python#Easy File Sharing Web Server 7.2 - SEH Exploit - Tested successfully on Windows 10 x64#GET 'passWD' Buffer Overflow(SEH)#pop pop ret @ 0x100195f2 : pop esi pop ecx ret in ImageLoad.dll#Author: N_A , N_A[at]tutanota.com#OS Name: Mic
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework####### This exploit sample demonstrates how a typical browser exploit is written using commonly# used components such
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework####### This exploit sample shows how an exploit module could be written to exploit# a bug in an arbitrary TCP server.
[+] Credits: Ilia Shnaidman[+] @0x496c on Twitter[+] Source:http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/Vendor:=============iSmartAlarm, inc.Product:===========================iSmartAl
!DOCTYPE HTML !-- FULL ASLR AND DEP BYPASS USING ASM.JS JIT SPRAY (CVE-2017-5375) PoC Exploit against Firefox 50.0.1 (CVE-2016-9079 - Tor Browser 0day) Tested on: Release 50.0.1 32-bit - Windows 8.1 / Windows 10 https://ftp.mozilla.org/pub/firefox/re
#!/usr/bin/env python # Counter Strike: Condition Zero BSP map exploit # By @Digital_Cold Jun 11, 2017 # # E-DB Note: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42325.zip (bsp-exploit-source.zip) # from bina
# PyCharm 2-0 / 2017 Command Line Buffer Overflow# Author: Sultan albalawi#video:https://www.facebook.com/pentest3/videos/vb.100012552940568/291228291305600/?type=2theater#C:Program Files (x86)JetBrainsPyCharm Edu 2.0.2bin or C:/Program Files/Je
# Exploit Title: RaidenHTTPD 2.0.44 - User-Agent - HTML Injection Cross-site scripting# Exploit Author: sultan albalawi# :@bofheaded# :https://hackinguyz.blogspot.com/#exploit User-Agent HTTP header :#For remote testing use http-live -There is no ne
#!/usr/bin/python from impacket import smb, smbconnection from mysmb import MYSMB from struct import pack, unpack, unpack_from import sys import socket import time ''' MS17-010 exploit for Windows 7+ by sleepya Note: - The exploit should never crash
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core/exploit/powershell'require 'msf/core/post/windows/powershell'require 'msf/core/post/file'class Met
