Punisher_Exploit db

 Exploit db

D	Title	Platform
	Linux x86_64 Bindshell with Password (92 bytes)	lin_x86-64
	Linux x86_64 execve Shellcode - 22 bytes	lin_x86-64
	Android Shellcode Telnetd with Parameters	android
	Linux x86_64 - /bin/sh	lin_x86-64
	OS X x64 - tcp bind shellcode, NULL byte free (144 bytes)	osx
	Linux/x86 - execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL)	lin_x86
	Linux/x86 - Create file with permission 7775 and exit (Shell Generator)	lin_x86
	Linux/x86 - execve(/bin/bash) - 31 bytes	lin_x86
	OS X x64 /bin/sh Shellcode, NULL Byte Free, 34 bytes	osx
	Mainframe/System Z Bind Shell	system_z
	Win2003 x64 - Token Stealing shellcode - 59 bytes	win64
	Windows x86 - user32!MessageBox "Hello World!" (199 Bytes Null-Free)	win32
	Linux x86 - /bin/sh ROL/ROR Encoded Shellcode	lin_x86
	Linux x86 Egg Hunter Shellcode (19 bytes)	lin_x86
	win32/xp[TR] sp3 MessageBox - 24Bytes	win32
	Linux x86 /bin/sh ROT7 Encoded Shellcode	lin_x86
	encoded 64 bit execve shellcode	linux
	Linux 64 bit - Encoded execve shellcode	lin_x86-64
	Linux x86 - execve /bin/sh (23 Bytes)	lin_x86-64
	Linux/x86 - chmod('/etc/passwd',0777) shellcode (42 bytes)

	Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)	lin_x86
	Linux/x86 chmod('/etc/shadow','0777') shellcode (42 bytes)	lin_x86
	Linux/x86 - exec('/bin/dash') shellcode (45 bytes)	lin_x86
	Linux/x86 - mkdir HACK & chmod 777 and exit(0) - 29 Bytes	lin_x86
	Linux/x86 - Netcat BindShell Port 5555 - 60 bytes	lin_x86
	linux/x86-64 execve(/bin/sh) 30 bytes	lin_x86-64
	Linux/x86 - Download & Execute	lin_x86
	Linux/x86 - Reboot (28 Bytes)	lin_x86
	Linux/x86 - /etc/passwd Reader (58 bytes)	linux
	Linux/x86 - chmod() 777 /etc/shadow & exit() (33 bytes)	lin_x86
	Linux/x86 - execve /bin/sh shellcode (21 bytes) (2)	lin_x86
	Linux/x86 - execve /bin/sh shellcode (21 bytes)	lin_x86
	Linux/x86 - execve "/bin/sh" - shellcode (26 bytes)	lin_x86
	Linux x86 - /bin/nc -le /bin/sh -vp 17771 Shellcode (58 Bytes)	lin_x86
	linux/x86 - exit(0) (6 bytes)	lin_x86
	Linux x86 - Execve /bin/sh Shellcode Via Push (21 bytes)	lin_x86
	Linux x86-64 - Execve /bin/sh Shellcode Via Push (23 bytes)	lin_x86-64
	Linux/x86 execve "/bin/sh" - shellcode (35 bytes)	lin_x86
	win32/xp sp3 Create ("file.txt") (83 bytes)	win32
	win32/xp sp3 - Restart computer	win32

	Linux custom execve-shellcode Encoder/Decoder	lin_x86
	linux/x86 setreuid(0, 0) + execve("/sbin/halt") + exit(0) (49 bytes)	lin_x86-64
	Create 'my.txt' Working Directory (37 Bytes)	lin_x86
	Linux x86 - Egg-hunter (20 bytes)	lin_x86
	Linux x86 - Typewriter Shellcode Generator	lin_x86
	Disable ASLR in Linux (84 bytes)	lin_x86
	Win x86-64 - Download & execute (Generator)	windows
	linux/x86 - ROT13 encoded execve("/bin/sh") (68 bytes)	lin_x86
	Linux/x86 - chmod 0777 /etc/shadow obfuscated (84 bytes)	lin_x86
	linux/x86 - Obfuscated - map google.com to 127.1.1.1 (98 bytes)	lin_x86
	linux/x86 - Obfuscated execve("/bin/sh") (40 bytes)	lin_x86
	Linux/x86 - Reverse TCP Shell (72 bytes)	lin_x86
	Linux/x86 - TCP Bind Shell (96 bytes)	lin_x86
	Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow (55 Bytes)	linux_mips
	Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd (55 Bytes)	linux_mips
	Linux MIPS execve (36 bytes)	linux
	Obfuscated Shellcode Windows x86 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add...	win32
	Obfuscated Shellcode Windows x64 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add...	win64
	x64 Linux bind TCP port shellcode (81 bytes, 96 with password)	lin_x86-64
	x64 Linux reverse TCP connect (77 to 85 bytes, 90 to 98 with password)	lin_x86-64

	Linux x86 - rmdir (37 bytes)	linux
	Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes)	linux
	Linux/x86 - Add map in /etc/hosts file	lin_x86
	Connect Back (139 bytes)	linux
	Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root...	linux
	Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh	linux
	Linux x86 - Socket Re-use Shellcode (50 bytes)	lin_x86
	Windows - Add Admin User Shellcode (194 bytes)	windows
	Reads Data From /etc/passwd To /tmp/outfile (118 bytes)	lin_x86-64
	MIPS Little Endian - Reverse Shell Shellcode (Linux)	hardware
	Any Windows Version - Messagebox Shellcode (113 bytes)	windows
	Linux/x86 - Multi-Egghunter	lin_x86
	Windows RT ARM - Bind Shell (Port 4444)	arm
	MIPS Little Endian Shellcode	mips
	Linux/x86 - Reverse TCP Bind Shellcode (92 bytes)	lin_x86
	Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode	windows
	Linux/x86 - Remote Port Forwarding Shellcode (87 bytes)	lin_x86
	Windows XP Pro SP3 - Full ROP calc shellcode	windows
	(Raspberry Pi) Linux/ARM - reverse_shell(tcp,10.1.1.2,0x1337)	arm
	(Raspberry Pi) Linux/ARM - execve("/bin/sh", [0], [0 vars]) (30 bytes)	arm

	(Raspberry Pi) Linux/ARM - chmod("/etc/shadow", 0777) (41 bytes)	arm
	Linux x86 - ASLR deactivation (83 bytes)	lin_x86
	Linux x86 - chmod 666 /etc/passwd & /etc/shadow (57 bytes)	lin_x86
	linux/x86 execve(/bin/dash) 42 bytes	linux
	Linux x86_64 - add user with passwd (189 bytes)	lin_x86-64
	Linux/x86 Search For php/html Writable Files and Add Your Code	lin_x86
	Linux/x86 Polymorphic ShellCode - setuid(0)+setgid(0)+add user 'iph' without password to /etc/passwd	lin_x86
	Linux/MIPS - connect back shellcode (port 0x7a69) - 168 bytes	linux_mips
	Linux/MIPS - reboot() - 32 bytes	linux_mips
	linux/x86-64 execve(/bin/sh) 52 bytes	lin_x86-64
	Linux/MIPS - execve /bin/sh - 48 bytes	linux
	Linux/MIPS - add user(UID 0) with password - 164 bytes	linux
	Linux/SuperH - sh4 - setuid(0) ; execve("/bin/sh", NULL, NULL) (27 bytes)	sh4
	MIPS Linux XOR Shellcode Encoder (60 Bytes)	linux_mips
	52 byte Linux MIPS execve	linux_mips
	OSX - Universal ROP shellcode	osx
	Linux x86 egghunt shellcode	linux
	win32/PerfectXp-pc1/sp3 (Tr) Add Admin Shellcode 112 bytes	win32
	SuperH (sh4) Add root user with password	sh4
	Linux/SuperH - sh4 - setuid(0) - chmod("/etc/shadow", 0666) - exit(0) (43 bytes)	sh4

	Linux/x86-32 - ConnectBack with SSL connection - 422 bytes	linux
	DNS Reverse Download and Exec Shellcode	windows
	Allwin WinExec add new local administrator + ExitProcess Shellcode	windows
	OSX/Intel reverse_tcp shell x86_64 - 131 bytes	osx
	Linux/x86 - netcat bindshell port 6666 - 69 bytes	linux
	win32 eggsearch shellcode (33 bytes)	win32
	BSD x86 connect back Shellcode (81 bytes)	bsd_x86
	BSD x86 portbind + fork shellcode (111 bytes)	bsd_x86
	w32 speaking shellcode	windows
	Create a New User with UID 0 - ARM (Meta)	arm
	Linux/ARM - add root user with password - 151 bytes	arm
	OSX/Intel - setuid shell x86_64 - 51 bytes	osx
	ARM Bindshell port 0x1337	arm
	ARM Bind Connect UDP Port 68	arm
	ARM Loader Port 0x1337	arm
	ARM ifconfig eth0 and Assign Address	arm
	win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes	windows
	generic win32 - add new local administrator 326 bytes	windows
	Savant 3.1 Web Server Overflow	windows
	Windows Mobile 6.5 TR Phone Call Shellcode	windows

	Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)	windows
	win32/xp sp3 (Tr) Add Admin Account Shellcode 127 bytes	windows
	Linux/ARM - execve("/bin/sh", [0], [0 vars]) (27 bytes)	arm
	Shellcode Checksum Routine	win32
	bds/x86-bindshell on port 2525 shellcode - 167 bytes	bsd
	Windows XP SP3 English MessageBoxA Shellcode - 87 bytes	windows
	Linux x86 /bin/sh Null-Free Polymorphic Shellcode - 46 bytes	lin_x86
	Linux x86 netcat connect back port 8080 - 76 bytes	lin_x86
	Linux x86 netcat bindshell port 8080 - 75 bytes	linux
	Write-to-file Shellcode (Win32)	multiple
	Linux/x86-64 - execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) (49 bytes)	linux
	Find all writeable folder in filesystem linux polymorphic shellcode (91 bytes)	linux
	ARM Polymorphic - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode Generator	arm
	Linx x86 bind shell port 64533 (97 bytes)	linux
	Drop suid shell root in /tmp/.hiddenshell Linux Polymorphic Shellcode (161 bytes)	linux
	setreuid(0,0) execve("/bin/sh",NULL,NULL) XOR Encoded Linux Shellcode (62 bytes)	linux
	Safari JS JITed shellcode - exec calc (ASLR/DEP bypass)	windows
	125 bind port to 6778 XOR encoded polymorphic linux shellcode	linux
	nc -lp 31337 -e /bin//sh polymorphic linux shellcode (91 bytes)	linux
	Linux/ARM - Polymorphic execve("/bin/sh", ["/bin/sh"], NULL); - XOR 88 encoded (78 bytes)	arm

	Linux/ARM - polymorphic chmod("/etc/shadow", 0777) (84 Bytes)	linux
	Linux/ARM - Disable ASLR Security - 102 bytes	linux
	Linux/ARM - setuid(0) & execve("/bin/sh","/bin/sh",0) (38 bytes)	linux
	Linux/ARM - setuid(0) & kill(-1, SIGKILL) (28 bytes)	linux
	Polymorphic /bin/sh x86 linux shellcode	lin_x86
	Linux/ARM chmod("/etc/shadow", 0777) Shellcode (35 Bytes)	linux
	Linux/ARM - execve("/bin/sh","/bin/sh",0) (30 bytes)	linux
	Allwin WinExec cmd.exe + ExitProcess Shellcode - 195 bytes	windows
	ShellCode WinXP SP3 SPA URLDownloadToFileA + CreateProcessA + ExitProcess	win32
	Linux/x86-64 - Add root user with password - 390 bytes	lin_x86-64
	Linux/x86-64 - Disable ASLR Security - 143 bytes	lin_x86-64
	Polymorphic Bindport 31337 with setreuid (0,0) linux/x86	lin_x86
	Linux/x86-64 - setuid(0) & chmod ("/etc/passwd", 0777) & exit(0) (63 bytes)	lin_x86-64
	Solaris/x86 - Sync() & reboot() & exit(0) - 48 bytes	solaris_x86
	Allwin MessageBoxA Shellcode	windows
	chown root:root /bin/sh x86 linux shellcode (48 bytes)	linux
	linux/x86 - give all user root access when execute /bin/sh (45 bytes)	linux
	x86 linux hard / unclean reboot (29 bytes)	linux
	x86 linux hard / unclean reboot (33 bytes)	linux
	Solaris/x86 - SystemV killall command - 39 bytes	solaris

	unlink "/etc/shadow" x86 linux shellcode (33 bytes)	linux
	sys_setuid(0) & sys_setgid(0) & execve ("/bin/sh") x86 linux shellcode (39 bytes)	linux
	Windows 7 x64 (cmd) Shellcode 61 Bytes	win64
	linux/x86 sys_execve("/bin/sh", "0", "0") with umask 16 (sys_umask(14)) (45 bytes)	linux
	linux/x86 Shellcode Polymorphic - setuid(0) + chmod("/etc/shadow", 0666) Shellcode (61 Bytes)	linux
	change mode 0777 of "/etc/shadow" with sys_chmod syscall	linux
	linux/x86 - kill all running process	linux
	change mode 0777 of "/etc/passwd" with sys_chmod syscall	linux
	sys_execve("/bin/sh", "-c", "reboot") x86 linux shellcode (45 bytes)	linux
	Windows 7 Pro SP1 64 Fr (Beep) Shellcode 39 Bytes	win64
	Linux/x86 pwrite("/etc/shadow", hash, 32, 8) Shellcode 83	linux
	Linux/x86 alphanumeric Bomb FORK Shellcode 117 Bytes	linux
	Solaris/x86 - Remote Download file - 79 bytes	solaris_x86
	Linux/x86 - Disable randomize stack addresse - 106 bytes	linux
	Solaris/x86 - Reboot() - 37 bytes	solaris_x86
	Solaris/x86 - execve("/bin/sh","/bin/sh",NULL) (27 bytes)	solaris_x86
	Solaris/x86 - Halt shellcode - 36 bytes	solaris_x86
	Linux x86 execve("/usr/bin/wget", "aaaa"); (42 bytes)	linux
	WinXP SP2 Fr Download and Exec Shellcode	win32
	Linux x86 - polymorphic execve("/bin/bash","-p",NULL) (57 bytes)	linux

	Linux x86 - execve("/bin/bash","-p",NULL) (33 bytes)	lin_x86
	Linux/x86_64 - reboot(POWER_OFF) shellcode (19 bytes)	lin_x86-64
	Linux/x86_64 execve("/bin/sh"); shellcode (30 bytes)	linux
	linux/x86 - sends "Phuck3d!" to all terminals (60 bytes)	linux
	setreud(getuid(), getuid()) & execve("/bin/sh") Shellcode (34 bytes)	lin_x86
	Linux x86 polymorphic forkbombe - 30 bytes	linux
	Linux x86 forkbombe	linux
	Linux write() & exit(0) shellcode genearator with customizable text	linux
	chmod("/etc/shadow", 0777) shellcode (29 bytes)	linux
	chmod("/etc/shadow", 0777) Shellcode(33 Bytes)	lin_x86
	execve("a->/bin/sh") Local-only Shellcode (14 Bytes)	lin_x86
	chmod("/etc/shadow", 0666) shellcode (36 bytes)	linux
	execve("/bin/sh") shellcode (25 bytes)	linux
	DoS-Badger-Game shellcode (6 bytes)	linux
	SLoc-DoS shellcode (55 bytes)	linux
	linux x86 - nc -lvve/bin/sh -p13377 shellcode	linux
	JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7	windows
	win32/xp sp3 (Ru) WinExec+ExitProcess cmd shellcode 12 bytes	windows
	Shellcode - Win32 MessageBox (Metasploit module)	win32
	JITed egg-hunter stage-0 shellcode	windows

	Win32 Mini HardCode WinExec&ExitProcess Shellcode 16 bytes	windows
	Windows XP Professional SP2 ita calc.exe shellcode 36 bytes	win32
	JITed exec notepad Shellcode	win32
	JITed stage-0 shellcode	win32
	Linux x86 - disabled modsecurity - 64 bytes	lin_x86
	Windows XP Home Edition SP3 English (calc.exe) 37 bytes	win32
	Windows Xp Home Edition SP2 English (calc.exe) 37 bytes	win32
	Linux x86 - execve /bin/sh - 21 bytes	lin_x86
	Linux x86 - /bin/sh 8 bytes	lin_x86
	Win32 Shellcode (cmd.exe) for XP SP3 English 26 Bytes	win32
	Win32 Shellcode (cmd.exe) for XP SP2 Turkish 26 Bytes	win32
	Linux bin/cat /etc/passwd 43 bytes	lin_x86
	Linux x86 - polymorphic shellcode ip6tables -F - 71 bytes	lin_x86
	Linux x86 - ip6tables -F - 47 bytes	lin_x86
	Linux i686 - pacman -S <package> (default package: backdoor) - 64 bytes	linux
	Linux i686 - pacman -R <package> - 59 bytes	linux
	Win32 Shellcode XP SP2 FR (calc) 19 bytes	win32
	linux/x86 chmod 666 /etc/shadow 27 bytes	lin_x86
	linux/x86 overwrite MBR on /dev/sda with `LOL!' 43 bytes	lin_x86
	linux/x86 - kill all processes (9 bytes)	lin_x86

	linux/x86 eject /dev/cdrom 42 bytes	lin_x86
	Windows XP Pro Sp2 English "Message-Box" Shellcode	windows
	Windows XP Pro Sp2 English "Wordpad" Shellcode	windows
	linux/x86 append "/etc/passwd" & exit() 107 bytes	lin_x86
	linux/x86 break chroot 79 bytes	lin_x86
	linux/x86 fork bomb 6 bytes	lin_x86
	win32/xp sp2 (En + Ar) cmd.exe 23 bytes	win32
	Win32 XP SP3 addFirewallRule	win32
	freebsd/x86 portbind shellcode 167 bytes	freebsd_x86
	win32/xp sp2 calc.exe 45 bytes	win32
	linux/x86 unlink(/etc/passwd) & exit() 35 bytes	linux
	Win32 XP SP3 ShellExecuteA shellcode	win32
	Linux - setreuid (0,0) & execve(/bin/rm /etc/shadow)	lin_x86
	win xp sp2 PEB ISbeingdebugged shellcode	windows
	Linux - setuid(0) & execve("/sbin/poweroff -f")	lin_x86
	Linux - setuid(0) and cat /etc/shadow	lin_x86
	Linux - chmod(/etc/shadow, 0666) & exit() (33 bytes)	lin_x86
	Linux - linux/x86 execve() - 51bytes	lin_x86
	linux/x86 - Self-modifying shellcode for IDS evasion (64 bytes)	lin_x86
	linux/x86 - shellcode that forks a HTTP Server on port tcp/8800 (166 bytes)	lin_x86

	linux/x86 listens for shellcode on tcp/5555 and jumps to it	lin_x86
	linux/x86 - Polymorphic shellcode disable Network Card (75 bytes)	lin_x86
	linux/x86 - killall5 polymorphic shellcode (61 bytes)	lin_x86
	linux/x86 - /bin/sh polymorphic shellcode (48 bytes)	lin_x86
	Windows 5.0 - 7.0 x86 - null-free bindshell	win32
	win32/xp sp2 (En) cmd.exe 23 bytes	win32
	Linux/x86 - Port Binding Shellcode (xor-encoded) (152 bytes)	lin_x86
	linux/x86 execve shellcode generator null byte free	generator
	linux/x86 - reboot() polymorphic shellcode (57 bytes)	lin_x86
	linux/x86 Shellcode Polymorphic chmod("/etc/shadow",666) (54 bytes)	lin_x86
	netbsd/x86 kill all processes shellcode 23 bytes	netbsd_x86
	linux/x86 setreuid(geteuid(),geteuid()),execve("/bin/sh",0,0) (34 bytes)	lin_x86
	solaris/x86 portbind/tcp shellcode generator	solaris_x86
	linux/x86 generate portbind payload	generator
	windows xp/sp1 generate portbind payload	generator
	linux/x86 - bindport 8000 & execve iptables -F (176 bytes)	lin_x86
	linux/x86 - bindport 8000 & add user with root access (225+ bytes)	lin_x86
	linux/x86 Bind ASM Code Linux 179 bytes	lin_x86
	freebsd/x86-64 - exec("/bin/sh") shellcode (31 bytes)	freebsd_x86-64
	linux/x86-64 bindshell port:4444 shellcode 132 bytes	lin_x86-64

	freebsd/x86-64 - execve /bin/sh shellcode (34 bytes)	freebsd_x86-64
	linux/x86-64 - setuid(0) + execve(/bin/sh) (49 bytes)	lin_x86
	Serial port shell binding & busybox Launching shellcode	lin_x86
	FreeBSD i386/AMD64 Execve /bin/sh - Anti-Debugging	freebsd_x86
	win32 SEH omelet shellcode 0.1	win32
	linux/x86 File unlinker (18 bytes + file path length)	lin_x86
	linux/x86 Perl script execution (99 bytes + script length)	lin_x86
	linux/x86 file reader (65 bytes + pathname)	lin_x86
	win32 telnetbind by winexec 111 bytes	win32
	win32 PEB!NtGlobalFlags shellcode 14 bytes	win32
	linux/x86 chmod("/etc/shadow",666) & exit(0) (30 bytes)	lin_x86
	win32 XP sp2 (FR) Sellcode cmd.exe 32 bytes	win32
	linux/x86 - killall5 shellcode (34 bytes)	lin_x86
	win32/xp sp2 Shellcode cmd.exe 57 bytes	win32
	linux/x86 PUSH reboot() - 30 bytes	lin_x86
	linux x86 shellcode obfuscator	lin_x86
	solaris/x86 setuid(0), execve(//bin/sh); exit(0) NULL Free (39 bytes)	solaris_x86
	solaris/x86 setuid(0), execve(/bin/cat, /etc/shadow), exit(0) (59 bytes)	solaris_x86
	linux/amd64 - flush iptables rules shellcode (84 bytes)	lin_amd64
	linux/x86 - connect-back port UDP/54321 live packet capture (151 bytes)	lin_x86

	linux/x86 - append rsa key to /root/.ssh/authorized_keys2 (295 bytes)	lin_x86
	linux/x86 - edit /etc/sudoers for full access (86 bytes)	lin_x86
	Ho' Detector (Promiscuous mode detector shellcode) (56 bytes)	lin_x86
	linux/x86 setuid(0) & execve(/bin/sh,0,0) shellcode (28 bytes)	lin_x86
	linux/x86 setresuid(0,0,0) /bin/sh shellcode (35 bytes)	lin_x86
	linux/x86 - iopl(3); asm(cli); while(1){} (12 bytes)	lin_x86
	freebsd/x86 - setreuid, execve(pfctl -d) (56 bytes)	freebsd_x86
	freebsd/x86 - connect back.send.exit /etc/passwd (112 bytes)	freebsd_x86
	freebsd/x86 - kill all processes (12 bytes)	freebsd_x86
	linux/x86 - system-beep shellcode (45 bytes)	lin_x86
	freebsd/x86 rev connect, recv, jmp, return results (90 bytes)	freebsd_x86
	win32 PEB Kernel32.dll ImageBase Finder Alphanumeric 67 bytes	win32
	win32 PEB Kernel32.dll ImageBase Finder (Ascii Printable) 49 bytes	win32
	/bin/sh Polymorphic shellcode with printable ASCII characters	generator
	freebsd/x86 - /bin/cat /etc/master.passwd (NULL free) (65 bytes)	freebsd_x86
	linux/x86 connect back, download a file and execute (149 bytes)	lin_x86
	win32 connectback, receive, save and execute shellcode	win32
	freebsd/x86 - reverse portbind /bin/sh (89 bytes)	freebsd_x86
	freebsd/x86 - setuid(0); execve(ipf -Fa); shellcode (57 bytes)	freebsd_x86
	Version-independent IOS shellcode	hardware

	freebsd/x86 - encrypted shellcode /bin/sh (48 bytes)	freebsd_x86
	linux/x86 shellcode generator / null free	generator
	linux/86 setreuid(geteuid, geteuid) + execve(/bin/sh) shellcode	lin_x86
	linux/mips - (Linksys WRT54G/GL) port bind shellcode (276 bytes)	linux_mips
	linux/mips - (Linksys WRT54G/GL) execve shellcode (60 bytes)	linux_mips
	linux/x86 - connect back.send.exit /etc/shadow (155 bytes)	lin_x86
	linux/x86 - writes a php connectback shell to the fs (508 bytes)	lin_x86
	linux/x86 - rm -rf / attempts to block the process from being stopped	lin_x86
	linux/x86 - setuid(0) . setgid(0) . aslr_off (79 bytes)	lin_x86
	Cisco IOS Connectback Shellcode 1.0	hardware
	Cisco IOS Bind Shellcode 1.0	hardware
	Cisco IOS Tiny Shellcode 1.0	hardware
	Alphanumeric Shellcode Encoder Decoder	generator
	win32 Download and Execute Shellcode Generator (browsers edition)	win32
	win32 Tiny Download and Exec Shellcode 192 bytes	win32
	win32 download and execute 124 bytes	win32
	win32 IsDebuggerPresent ShellCode (NT/XP) 39 bytes	win32
	linux/x86 - raw-socket ICMP/checksum shell (235 bytes)	lin_x86
	linux/x86 - /sbin/iptables -F (40 bytes)	lin_x86
	linux/x86 - kill all processes (11 bytes)	lin_x86

	solaris/sparc download and execute 278 bytes	solaris_sparc
	linux/x86 execve read shellcode - 92 bytes	lin_x86
	linux/x86 - /sbin/ipchains -F (40 bytes)	lin_x86
	linux/x86 - set system time to 0 and exit (12 bytes)	lin_x86
	linux/x86 - add root user r00t with no password to /etc/passwd (69 bytes)	lin_x86
	linux/x86 - chmod 0666 /etc/shadow (36 bytes)	lin_x86
	linux/x86 - forkbomb (7 bytes)	lin_x86
	linux/x86 - execve(rm -rf /) shellcode (45 bytes)	lin_x86
	linux/x86 - setuid(0) + execve(/bin/sh) (28 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) (22 bytes)	lin_x86
	linux/x86-64 execve(/bin/sh) 33 bytes	lin_x86-64
	Utility for generating HTTP/1.x requests for shellcodes	generator
	linux/x86 HTTP/1.x GET, Downloads and execve() (111 bytes+)	lin_x86
	solaris/sparc executes command after setreuid (92 bytes + cmd)	solaris_sparc
	win64 (URLDownloadToFileA) download and execute 218+ bytes	win64
	linux/x86 executes command after setreuid (9 + 40 bytes + cmd)	lin_x86
	solaris/sparc connect-back (with XNOR encoded session) 600 bytes	solaris_sparc
	bsd/x86 - setuid/execve shellcode (30 bytes)	bsd_x86
	bsd/x86 - setuid/portbind shellcode (94 bytes)	bsd_x86
	linux/x86 stdin re-open and /bin/sh exec shellcode	lin_x86

	linux/x86 - re-use of /bin/sh string in .rodata shellcode (16 bytes)	lin_x86
	linux/x86 - setuid(0) and /bin/sh execve() shellcode (30 bytes)	lin_x86
	linux/x86 - setuid/portbind shellcode (96 bytes)	lin_x86
	freebsd/x86 portbind 4883 with auth shellcode	freebsd_x86
	linux/x86 - portbind (define your own port) (84 bytes)	lin_x86
	linux/x86 - execve() Diassembly Obfuscation Shellcode (32 bytes)	lin_x86
	linux/x86 - SET_PORT() portbind (100 bytes)	lin_x86
	linux/x86 - SET_IP() Connectback Shellcode (82 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) (24 bytes)	lin_x86
	openbsd/x86 execve(/bin/sh) 23 bytes	openbsd_x86
	os-x/ppc sync(), reboot() (32 bytes)	osx_ppc
	os-x/ppc execve(/bin/sh), exit() (72 bytes)	osx_ppc
	linux/amd64 - connect-back semi-stealth shellcode (88+ bytes)	lin_amd64
	ThWboard 3.0 Index.PHP Cross-Site Scripting Vulnerability	php
	freebsd/x86 - reboot(RB_AUTOBOOT) Shellcode (7 bytes)	freebsd_x86
	linux/x86 - xor-encoded Connect Back Shellcode (371 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) + ZIP Header (28 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) + RTF Header (30 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) + RIFF Header (28 bytes)	lin_x86
	linux/x86 - execve(/bin/sh) + Bitmap Header (27 bytes)	lin_x86

	linux/x86 - SWAP restore shellcode (109 bytes)	lin_x86
	linux/x86 - SWAP store shellcode (99 bytes)	lin_x86
	freebsd/x86 - execve /bin/sh (23 bytes)	freebsd_x86
	win32 Beep Shellcode (SP1/SP2) 35 bytes	win32
	JetPhoto 1.0/2.0/2.1 gallery.php page Parameter XSS	php
	linux/x86 Password Authentication portbind Shellcode (166 bytes)	lin_x86
	linux/x86 - portbind (port 64713) (86 bytes)	lin_x86
	linux/x86 - execve("/bin/sh", ["/bin/sh", NULL]) (25 bytes)	lin_x86
	linux/x86 - execve("/bin/sh", ["/bin/sh", NULL]) (23 bytes)	lin_x86
	linux/x86 - setuid(0) + execve("/bin/sh", ["/bin/sh", NULL]) (31 bytes)	lin_x86
	linux/x86 - setuid(0),setgid(0) execve(/bin/sh, [/bin/sh, NULL]) (37 bytes)	lin_x86
	linux/x86 - setreuid(0,0) execve("/bin/sh", ["/bin/sh", NULL]) (33 bytes)	lin_x86
	linux/x86 HTTP/1.x GET, Downloads and JMP - (68 bytes+)	lin_x86
	ImageVue 0.16.1 dir.php Folder Permission Disclosure	php
	linux/x86 - TCP Proxy Shellcode (236 bytes)	lin_x86
	linux/x86 -execve /bin/sh anti-ids (40 bytes)	lin_x86
	linux/x86 - execve /bin/sh xored for Intel x86 CPUID (41 bytes)	lin_x86
	linux/x86 - execve /bin/sh (encoded by +1) (39 bytes)	lin_x86
	win32/xp sp2 Pop up message box 110 bytes	win32
	win32 WinExec() Command Parameter 104+ bytes	win32

	linux/x86 Adduser without Password to /etc/passwd 59 bytes	lin_x86
	linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes	lin_x86
	linux/x86 Bind /bin/sh to 31337/tcp 80 bytes	lin_x86
	linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes	lin_x86
	linux/x86 24/7 open cd-rom loop (follows /dev/cdrom symlink) 39 bytes	lin_x86
	linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes	lin_x86
	linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes	lin_x86
	linux/x86 chmod(/etc/shadow, 0666) + exit() (32 bytes)	lin_x86
	linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes	lin_x86
	linux/x86 normal exit with random (so to speak) return value 5 bytes	lin_x86
	linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes	lin_x86
	linux/x86 quick (yet conditional, eax != 0 and edx == 0) exit (4 bytes)	lin_x86
	linux/x86 reboot() - 20 bytes	lin_x86
	linux/x86 setreuid(0, 0) + execve(/bin/sh) (31 bytes)	lin_x86
	linux/x86 execve(/bin/sh) / PUSH - 23 bytes	lin_x86
	linux/x86 cat /dev/urandom > /dev/console (63 bytes)	lin_x86
	linux/x86 Connect Back shellcode 90 bytes	lin_x86
	linux/x86 socket-proxy shellcode 372 bytes	lin_x86
	win32 Download & Exec Shellcode 226 bytes+	win32
	Multi-Format Shellcode Encoding Tool - Beta 2.0 (w32)	generator