what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 1,219 RSS Feed

Shellcode Files

MS17-010 SMB Remote Code Execution Detection
Posted Sep 1, 2024
Authored by Luke Jennings, Sean Dillon | Site metasploit.com

Uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. If the machine is missing the MS17-010 patch, the module will check for an existing DoublePulsar (ring 0 shellcode/malware) infection. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.

tags | exploit, shellcode, info disclosure
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
SHA-256 | 7da47a7e8285d0a6b8ee0d6e5384264f78b38a3863420fbdc47ecf044ace7dde
Cisco ASA Authentication Bypass (EXTRABACON)
Posted Aug 31, 2024
Authored by Sean Dillon, Zachary Harding, Shadow Brokers, Dylan Davis, Equation Group, William Webb, Nate Caroe, Jeff Jarmoc | Site metasploit.com

This Metasploit module patches the authentication functions of a Cisco ASA to allow uncredentialed logins. Uses improved shellcode for payload.

tags | exploit, shellcode
systems | cisco
advisories | CVE-2016-6366
SHA-256 | ac78a9f2d7331bfc6089f521bb49fc475153b66e3c5eb8ac274c23830a542a52
Linux/x64 XOR (/bin//sh) Shell Creation Shellcode
Posted Feb 28, 2024
Authored by Alexys

55 bytes small Linux/x64 shellcode that create a shell with execve() sending an argument using XOR (/bin//sh).

tags | shell, shellcode
systems | linux
SHA-256 | dd9cd816ff8fe9dd6be1a0a2fe0b49cf0524f491dbdd68c06004dfcc6d90b9b0
Windows/x64 PIC Null-Free TCP Reverse Shell Shellcode
Posted Sep 8, 2023
Authored by Senzee

476 bytes small Windows/x64 PIC null-free TCP reverse shell shellcode.

tags | shell, tcp, shellcode
systems | windows
SHA-256 | bba5751e922713bc181d1684a80fe65ee53eab2de87b3bbaf9cb5fc3fdccc945
Linux/x64 memfd_create ELF Loader Shellcode
Posted Aug 22, 2023
Authored by Ivan Nikolsky, Tomas Globis

170 bytes small Linux/x64 memfd_create ELF Loader shellcode.

tags | shellcode
systems | linux
SHA-256 | 2dc407857824c17594024902be962b49ce532aee8e9d3c302790295cd4d64e3c
Savant Web Server 3.1 Remote Buffer Overflow
Posted Aug 3, 2023
Authored by 0xBOF90

Savant Web Server version 3.1 remote buffer overflow exploit with egghunter shellcode.

tags | exploit, remote, web, overflow, shellcode
SHA-256 | 55105bce6fa65050219f56386fd46c40c00c4c48c7e09a9b26fcab79d90e4458
Windows/x64 PIC NULL-Free Calc.exec Shellcode
Posted Jul 31, 2023
Authored by Senzee

169 bytes small Windows/x64 PIC NULL-free calc.exec shellcode.

tags | shellcode
systems | windows
SHA-256 | 4d8ef778b3fa4d33d047bc1cf28b30c55e64f1c18779fd433649fe60f5ea0bef
Windows/x64 Add Administrator Shellcode
Posted Jun 30, 2023
Authored by Mr Empy

326 bytes small Windows/x64 add administrative user dynamic PEB and EDT method shellcode.

tags | shellcode
systems | windows
SHA-256 | ce836880761cfda2559a206f8a4eddd7cafbcbfe3f946cceb11b3d189d914798
Windows/x64 Delete File / Dynamic PEB Method NULL-Free Shellcode
Posted Apr 26, 2023
Authored by Nayani

This Windows/x64 shellcode is an implementation of the DeleteFileA Windows API to delete a file in the C:/Windows/Temp/ directory.

tags | shellcode
systems | windows
SHA-256 | 5aec26b7e7e54f4fd6d0132a04967aea1827335f4327596bf01678300a0e46bb
Linux/x86_64 Bash Shellcode
Posted Apr 6, 2023
Authored by Jeenika Anadani

71 bytes small Linux/x86_64 bash shellcode with XOR encoding.

tags | shellcode, bash
systems | linux
SHA-256 | 801d1c974de1f03b559e03ce6feeaff70b28545726389af5b9766890611a1dc5
Linux/x86 Polymorphic Netcat Shellcode
Posted Apr 3, 2023
Authored by Eduardo Silva

92 bytes small Linux/x86 polymorphic nc -lvve/bin/sh -p13377 shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 05c38fb813c23c380d6dd1aa3c46be607e0be4322b049a9a2b1ada74e5f3ebc6
FlipRotation 1.0 Decoder Shellcode
Posted Apr 3, 2023
Authored by Eduardo Silva

146 bytes small FlipRotation version 1.0 decoder shellcode.

tags | shellcode
SHA-256 | caaf753479490907a0b5aab043a31cea50405595c33d8f36d7b099eb3ca98baa
Windows/x86 Create Administrator User Shellcode
Posted Apr 3, 2023
Authored by Xavi Beltran

373 bytes small Windows/x86 create administrator user dynamic PEB and EDT method null-free shellcode.

tags | x86, shellcode
systems | windows
SHA-256 | bc0be9163bb975df26f17d6f2ca0289dfedc8e8f35a9bd95e0682e7123f4061e
macOS/x64 Execve Caesar Cipher String Null-Free Shellcode
Posted Dec 22, 2022
Authored by Bobby Cooke

286 bytes small macOS/x64 execve Caesar cipher string null-free shellcode.

tags | shellcode
SHA-256 | aa23ac4a240ae6871b72d0723b1c8d4ebded5889ad862b0dd0455f86699c05a2
macOS/x64 Execve Null-Free Shellcode
Posted Dec 22, 2022
Authored by Bobby Cooke

253 bytes small macOS/x64 execve null-free shellcode.

tags | shellcode
SHA-256 | 8b589116ca43d93bd39b3f0f87c1530ec372e055ebb8ddff6b021bf288966dd7
monomorph MD5-Monomorphic Shellcode Packer
Posted Sep 29, 2022
Authored by Retr0id | Site github.com

This tool packs up to 4KB of compressed shellcode into an executable binary, near-instantly. The output file will always have the same MD5 hash: 3cebbe60d91ce760409bbe513593e401. Currently, only Linux x86-64 is supported. It would be trivial to port this technique to other platforms, although each version would end up with a different MD5.

tags | tool, x86, shellcode
systems | linux, unix
SHA-256 | 1401bc41094d6c399524f490182dedc77295916d73ec25d4c7ea3751f754d6cc
3DES Shellcode Crypter
Posted Jul 11, 2022
Authored by D7X

This tool is a 3DES shellcode crypter.

tags | shellcode
SHA-256 | 9e6475d7e02bb5bcc0b7670b1ca005b4e4ecb987abc3fd2dcd7a5d44af829d04
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution
Posted May 11, 2022
Authored by Pedro Ribeiro, Radek Domanski | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the Cisco RV series router's SSL VPN functionality. The default SSL VPN configuration is exploitable, with no authentication required and works over the Internet! The stack is executable and no ASLR is in place, which makes exploitation easier. Successful execution of this module results in a reverse root shell. A custom payload is used as Metasploit does not have ARMLE null free shellcode. This vulnerability was presented by the Flashback Team in Pwn2Own Austin 2021 and OffensiveCon 2022. For more information check the referenced advisory. This module has been tested in firmware versions 1.0.03.15 and above and works with around 65% reliability. The service restarts automatically so you can keep trying until you pwn it. Only the RV340 router was tested, but other RV series routers should work out of the box.

tags | exploit, overflow, shell, root, shellcode
systems | cisco
advisories | CVE-2022-20699
SHA-256 | 619682621429d96cd23a1e1bcd69a008398c5244223265886c52e2e417242d02
XDNR Shellcode Cryptor / Encoder
Posted Apr 19, 2022
Authored by Xenofon Vassilakopoulos

X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion.

tags | tool, shellcode
SHA-256 | 79b9b9a6dd757b66b2e94d3630b76899ed2e53218846c0933182d8877820babb
Firefox MCallGetProperty Write Side Effects Use-After-Free
Posted Mar 1, 2022
Authored by timwr, maxpl0it, 360 ESG Vulnerability Research Institute | Site metasploit.com

This Metasploit modules exploits CVE-2020-26950, a use-after-free exploit in Firefox. The MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This exploit uses a somewhat novel technique of spraying ArgumentsData structures in order to construct primitives. The shellcode is forced into executable memory via the JIT compiler, and executed by writing to the JIT region pointer. This exploit does not contain a sandbox escape, so firefox must be run with the MOZ_DISABLE_CONTENT_SANDBOX environment variable set, in order for the shellcode to run successfully. This vulnerability affects Firefox versions prior to 82.0.3, Firefox ESR versions prior to 78.4.1, and Thunderbird versions prior to 78.4.2, however only Firefox versions up to 79 are supported as a target. Additional work may be needed to support other versions such as Firefox 82.0.1.

tags | exploit, shellcode
advisories | CVE-2020-26950
SHA-256 | c5497acbfe1516edccf2f8747d261489391c42dfa92ad82028efc92b075df944
Solaris/SPARC chmod() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

64 bytes small Solaris/SPARC setuid(0) + chmod (/bin/ksh) + exit(0) shellcode.

tags | shellcode
systems | solaris
SHA-256 | ac0a8ce6fdd207649a67626e1818a1afd680783d1a46fb94677718a1d1994210
Solaris/SPARC execve() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

60 bytes small Solaris/SPARC setuid(0) + execve (/bin/ksh) shellcode.

tags | shellcode
systems | solaris
SHA-256 | d785c150823ddd32cb42d29580182ea9055608bea403fff7662eca6bf006f946
Linux/MIPS N32 MSB Reverse Shell Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

Linux/MIPS N32 MSB reverse shell shellcode that showcases various techniques to avoid badchars.

tags | shell, shellcode
systems | linux
SHA-256 | b1b0100dc2ab1910886ea650ac52df457851a4b14a3d07a98e33678c077b6d6e
Solaris/SPARC chmod() Shellcode
Posted Feb 18, 2022
Authored by Marco Ivaldi

Solaris/SPARC chmod() shellcode with a max size of 36 bytes.

tags | shellcode
systems | solaris
SHA-256 | 844bef47108ea6b399c1949416ca0526422e2fc8ce504d583c3f36aaa4144470
Windows/x86 Locate kernel32 Base Address / Stack Crack Method Null Free Shellcode
Posted Feb 8, 2022
Authored by Tarek Ahmed

171 bytes small Windows/x86 shellcode with a new method to find the kernel32 base address by walking down the stack and look for a possible Kernel32 address using a custom SEH handler. Each address found on the stack will be tested using the Exception handling function. If it's valid and starts with 7, then it's a possible kernel32 address.

tags | x86, shellcode
systems | windows
SHA-256 | e7941faf4a7799cf5e35fcf962b075b17a9570e4f37e959633b2962f8d3bf53d
Page 1 of 49
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close