# Ethical Hacking & Cyber Security services

Security Lab

I believe in full disclosure.

CVE / Advisories


Exploiting Linux/x86, beating stack randomization on 2.6 kernel PoC

  • exp_call_rand.pl - Exploit sample against stack randomization ("call *%edx" technique)
  • exp_jmp_rand.pl - Exploit sample against stack randomization ("jmp *%esp" technique)

SQL Injection exploit

Cross Site Scripting (XSS) Stored exploit

Cross Site Scripting (XSS) Reflected exploit

Oracle Evil Views exploit

Oracle Evil cursor injection exploit

Oracle Classic SQL injection exploit

Tru64 exploit

IBM AIX exploit


Solaris/sparc Shellcodes

Linux/x86 Shellcodes

  • bunker_exec.c - Linux/x86 shellcode that executes any command after setreuid.
  • bunker_sc1.c - 32 bytes Linux/x86 shellcode (setreuid + execve).
  • bunker_sc2.c - 30 bytes Linux/x86 shellcode (setuid + execve).
  • bunkercode.c - Linux/x86 bytecode that prints "bunker was here!" on tty.


Misc Tools

  • braviapy - Play with Sony Bravia TVs - JSON/UPnp/SOAP/DIAL remote controlling (github)

Security Tools