auth_overflow.c is the example code from book the ” The art of Exploitation ” I rewrite the example code as following to exploit the program. Tested on win XP
Security
TheSystem 1.0 – Command Injection Exploit
just for fun and practice purpose to write this exploit for ” TheSystem 1.0 – Command Injection “
[Demo] VLC media player 2.2.8 Use-After-Free Code Execution
VLC media player 2.2.8 has a Use-After-Free vulnerability which allows an attacker to execute arbitrary code. the exploit use ROP to bypass DEP protection. tested it on Win10 64 successfully exploit attempt should pop up calc.exe ( Windows Calculator ) Ref : https://www.exploit-db.com/exploits/44979/
Demo Firefox 46.0.1 – ASM.JS JIT-Spray Remote Code Execution
Reference : Firefox 46.0.1 – ASM.JS JIT-Spray Remote Code Execution https://www.exploit-db.com/exploits/44293/ shellcode2asmjs: Generate arbitrary ASM.JS JIT-Spray payloads https://github.com/rh0dev/shellcode2asmjs
Happy New Year 2018
Shellcode with Chinese characters, win32/64 windows 7
Microsoft release powershell tool to query the status of Windows mitigations for CVE-2017-5715 and CVE-2017-5754
Server : https://support.microsoft.com/en-hk/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution Clients: https://support.microsoft.com/en-hk/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in omg~~ GG.. XD