prashant_uniyal

While passing by common websites, we had came across various security issues in them in the past. Be it a bug on Facebook, Flipkart or Indian Shopping sites, we have brought up many issues in the past and have responsibly disclosed them. This time while passing by few mobile operators website, we noticed Cross-site scripting a.k.a XSS, 2nd top on the OWASP top 10 list. These vulnerabilities can be noticed very easily and can be used by cyber crooks to execute malicious scripts on the website, and ...

In the past few years, malware and Trojans have moved with a rapid pace when it comes to mobile portability. Many famous Trojans and malwares have been detected and analyzed in the past. Android being the latest and a popular mobile platform has become all time famous target of cyber crooks and malware authors. Android application package file or APK is the file format used to distribute and install application software and middle-ware into Android operating system.To make an APK file, a program ...

Now I just need to scramble the code. For this purpose I created a HTML file containing the code and encoder and decoder. This file will assemble the virus and will provide us the viral code. The HTML code is:
<html>
<head><title>Ashi assmebler by "vinnu"</title>
<script language=javascript>
var ashi='trigger();function trigger(){var
vin=document.getElementsByTagName(\"a\");var total=0;var index=0;var
address;for(var ...

This is a google's free page uploading facility (http://sites.google.com/site). I loaded the .js file as an attatchment. But it contained nothing initially.It was meant for controlling the Botnet and commanding it later in forming the XSS tunnels. It was the second stage of two staged botnet formation.Note: The third party free sites are also useful to connect to a botnet if you do not have any dedicated server. In ur script file at free site like google,you can place a script that can redirect ...

Evading AV Signatures..Derailing the Antivirus

Author: "vinnu"
Greetz : Prashant Uniyal, b0nd, Lord Deathstorm, D4rk357, G4H
Team : Legion Of Xtremers (LOX).


The perimeter defence (antivirus) is still considered fullproof measure by most of people
in virtual world. Such an assumption is fatal and can lead to more sophisticated compromise
of systems.

Note: In my last paper, "Heap spray -- Slipping CPU ...

Above exploit will take nearly a minute to spraY the heap. Also study the performance graph of memory and cpu in taskmanager for
better understanding the heap spray technique.


2. IE iepeers:

The following code can trigger the vulnerability in ieepeers.dll in internet explorer:


<html><body>
<button id='butid' onclick='trigger();' style='display:none'></button>

<!--place the sprayer ...

Heap Spray --- Slipping CPU to our pocket

Author : "vinnu"
Team : "Legion Of Xtremers" (LOXians)
Greetz : Prashant Uniyal, b0nd, D4rk357, skylined

Rootkit Information:

IDE: any text editor
Language : Javascript
Targets: Web browsers


As the name defines itself Heap Spray technique uses the spraying of heap memory
with injection vector.
Injection Vector: Nop sled + Shellcode ...

Team : Legion Of Xtremers / Garage4Hackers
author : "vinnu"
Greetz : Prashant Uniyal, b0nd, D4rk457, and Secfence team.
Exploit path : http://www.exploit-db.com/exploits/14403/
Exploit by : Ivanlef0u


Windows Link exploit (shortcut file) race condition tackling

The .lnk exploit retrieves a DLL from remote machine and execute it while the icon
for the shortcut (.lnk file) is resolved.

The race condition: ...