Skip to content

Instantly share code, notes, and snippets.

View whylovejp's full-sized avatar

whylovejn whylovejp

5 followers · 7 following
View GitHub Profile
@whylovejp
whylovejp / exp
Created October 12, 2012 05:18
Microsoft Office Excel ReadAV Arbitrary Code Execution
#!/usr/bin/perl
# Microsoft Office Excel ReadAV Arbitrary Code Execution
# Author: Jean Pascal Pereira <pereira@secbiz.de>
# Vendor URI: http://office.microsoft.com
# Vendor Description:
# Microsoft Excel is a commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Mac OS X.
@whylovejp
whylovejp / VLC Player 2.0.3 ReadAV Arbitrary Code Execution
Created October 11, 2012 07:59
code excu.pl
#!/usr/bin/perl
# VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution
# Author: Jean Pascal Pereira <pereira@secbiz.de>
# Vendor URI: http://www.videolan.org/vlc/
# Vendor Description:
# VLC is a free and open source cross-platform multimedia player
@whylovejp
whylovejp / exploit
Created October 6, 2012 01:37
Windows Escalate UAC Protection Bypass
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
@whylovejp
whylovejp / e
Created September 27, 2012 04:27
QNX QCONN Remote Command Execution Vulnerability
# Title : QNX QCONN Remote Command Execution Vurnerability
# Version : QNX 6.5.0 >= , QCONN >= 1.4.207944
# Download: http://www.qnx.com/download/feature.html?programid=23665 (QNX Neutrino 6.5.0 SP1)
# Vendor : http://www.qnx.com
# Date : 2012/09/09
# CVE : N/A
# Exploit Author : Mor!p3r(moriper[at]gmail.com)
import telnetlib
import sys
@whylovejp
whylovejp / gist:3782307
Created September 25, 2012 14:36
#!/usr/bin/python
# Exploit Title: NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow
# Version: 7.5.1
# Date: 2012-08-07
# Author: Julien Ahrens
# Website: http://www.inshell.net
# Software Link: http://www.soundeditorpro.com/
# Tested on: Windows XP SP3 Professional German
# Howto: Copy MRUList201202.dat to %appdata%\Sound Editor Pro\ --> Launch app --> Click on "File" Menu
@whylovejp
whylovejp / aa
Created September 25, 2012 14:28
aa
#!/usr/bin/python
# CVE-2012-4415: PoC for guacd buffer overflow vulnerability
#
# Copyright (c) 2012 Timo Juhani Lindfors <timo.lindfors@iki.fi>
#
# Allows arbitrary code execution on Debian i386 guacd 0.6.0-1 with
# default configuration. Uses return-to-libc to bypass non-executable
# stack.
#
import socket, struct
@whylovejp
whylovejp / whylovejp-pc
Created September 24, 2012 02:45
ipconfig /all and the address
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : WWW-1380339175C
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
@whylovejp
whylovejp / gist:3759508
Created September 21, 2012 02:57
#!/usr/bin/python
import subprocess
while 1:
subprocess.Popen("mysql -u root mysql --password=blah", shell=True).wait()
@whylovejp
whylovejp / gist:3759440
Created September 21, 2012 02:32
# Exploit Title: Solar FTP Server 2.2 Remote DOS crash POC
# crash:http://img542.imageshack.us/img542/7633/solar.jpg
# Date: July 4, 2012
# Author: coolkaveh
# coolkaveh () rocketmail com
# https://twitter.com/coolkaveh
# Vendor Homepage: http://solarftp.com/
# Version: 2.2
# Tested on: windows XP SP3
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@whylovejp
whylovejp / bar_chart.html
Created September 20, 2012 03:47 — forked from codefactory/bar_chart.html
d3.js로 만든 bar chart
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>D3.js Bar Chart</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
font-family: dotum;
font-size: 11px;