Questions tagged [exploit]

An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch, or vulnerability in order to cause unintended or unanticipated behavior to occur. This frequently includes such things as gaining control of a computer system, allowing privilege escalation, or a denial of service attack.

790 questions

votes

1 answer

why will my buffer overflow exploit open a user shell only instead of a root shell?

I have been following a few tutorials on bufferoverflow exploitation. But my problem is, that I am not able to open a root shell, I will always get a normal user shell instead. I have checked the following points I re-verified the following items…

asked Oct 16 '17 at 20:57

Zapho Oxx

votes

1 answer

Why does fireshepard kill firesheep?

I presume there is a bug in the firesheep which fireshepard exploits. The responsible line might be in that weird string in cookie value for facebook. fireshepard source firesheep source

security exploit

asked Nov 29 '10 at 01:52

bbaja42

2,099
18
34

votes

3 answers

Format string exploit ends in segfault

I'm reading now the "Hacking - The Art of Exploitation" book. This is my simplified version of a code for exploiting format-strings. /* fmt_vuln.c */ #include #include #include int main (int argc, char *argv[]){ …

c path formatting environment-variables exploit

asked Oct 28 '15 at 07:25

mik mik

votes

6 answers

Executing JavaScript from Flex: Is this javascript function dangerous?

I have a flex application that needs the ability to generate and execute JavaScript. When I say this, I mean I need to execute raw JavaScript that I create in my Flex application (not just an existing JavaScript method) I am currently doing this by…

javascript apache-flex exploit

asked Aug 21 '08 at 16:55

mmattax

27,172
41
116
149

votes

4 answers

Trying to smash the stack

I am trying to reproduce the stackoverflow results that I read from Aleph One's article "smashing the stack for fun and profit"(can be found here:http://insecure.org/stf/smashstack.html). Trying to overwrite the return address doesn't seem to work…

c gcc stack-overflow gnu exploit

asked May 27 '13 at 01:15

Mike G

4,829
11
47
76

votes

1 answer

Return into libc - Illegal instruction

I am messing around with buffer overflows, particularly the return into libc kind. I have the following vulnerable code: #include #include main( int argc, char **argv) { char buffer[80]; getchar(); strcpy(buffer,…

c security buffer-overflow exploit

asked Nov 26 '12 at 20:32

F. P.

5,018
10
55
80

votes

3 answers

What exactly does this PHP exploit code (found on my app)?

I've found this code in base 64 on all php files of one of my client's site (wordpress) and I'm trying to understand what it does. I'm also trying to figure out if it was an application exploit or a direct FTP access that has past this…

php exploit

asked Feb 23 '12 at 21:14

Keyne Viana

6,194
2
24
55

votes

1 answer

Heap exploitation with Glibc 2.12.1

I've been searching with no good results. I wonder if the techniques explained in texts as Malloc Maleficarum or Malloc Des-Malleficarum are effective in glibc version 2.12.1. In the second mentioned text is said that the techniques are tested in…

glibc exploit heap-corruption shellcode

asked Jan 26 '12 at 13:29

newlog

1,050
1
11
23

votes

3 answers

Fuzzing command line arguments [argv]

I have a binary I've been trying to fuzz with AFL, the only thing is AFL only fuzzes STDIN, and File inputs and this binary takes input through its arguments pass_read [input1] [input2]. I was wondering if there are any methods/fuzzers that allow…

reverse-engineering argv exploit fuzzing american-fuzzy-lop

asked Jul 25 '20 at 16:42

rooter

votes

1 answer

Is PHP immune to "HTTP Response Splitting" vulnerabilities?

alert(1)"); echo 1; But it turns out PHP automatically does the encoding: Set-Cookie: test=test%0D%0A%3Cscript%3Ealert%281%29%3C%2Fscript%3E Does that mean it's impossible to reproduce HTTP…

php security http-headers exploit

asked Jun 09 '11 at 03:10

cpuer

7,413
14
35
39

votes

3 answers

Is this code an exploit? What is this code?

I'm looking at a site that has been exploited by someone/something. The site has had a bunch of links injected into it's footer that links to pharmaceutical pitches, and who knows what else. There are/were a lot of links right at the top of the…

php exploit shellcode

asked May 31 '11 at 18:55

rhaag71

votes

0 answers

Hacked python server

I did a stupid thing. I started a local python server using sudo python3 -m http.server I was just gonna access some documents and turn it off but I forgot about it and left it running for 2 days. The server was running on a digital ocean instance…

python security exploit

asked Sep 12 '19 at 20:07

user25470

votes

1 answer

What is the difference between a buffer overflow attack and a ROP attack?

I started studying software security, and I'm having trouble getting what buffer overflow attack and ROP attack are. From what I understand is, Buffer overflow attack: When a buffer has a certain size, fill the buffer and an add additional code so…

security assembly buffer-overflow exploit

asked Jun 08 '19 at 18:04

yoon

1,177
2
15
28

votes

2 answers

Google Drive API -- get direct video download for different formats

It's known that by simply retrieving a Google API key that one can download any file (of any size) directly (and even embed a video to a website etc...), the problem is: when using the standard Google API URL in the form:…

javascript node.js google-api google-drive-api exploit

asked Mar 05 '19 at 03:20

B''H Bi'ezras -- Boruch Hashem

3,665
3
33
83

votes

1 answer

CVE-2018-14667; generating a valid payload for RichFaces 3.X

I am currently running on a virtual machine JBoss 5.1.0GA + RichFaces 3.X + photoalbum demo which makes me vulnerable (only accessible from my LAN) to CVE-2018-14667. I have tested the payload mentioned in…

java jboss richfaces exploit

asked Nov 21 '18 at 05:35

Gerald

Prev 1 2 3

…

52 53 Next