View RSS Feed

prashant_uniyal

  1. XSS threats on leading Indian mobile operators websites

    While passing by common websites, we had came across various security issues in them in the past. Be it a bug on Facebook, Flipkart or Indian Shopping sites, we have brought up many issues in the past and have responsibly disclosed them. This time while passing by few mobile operators website, we noticed Cross-site scripting a.k.a XSS, 2nd top on the OWASP top 10 list. These vulnerabilities can be noticed very easily and can be used by cyber crooks to execute malicious scripts on the website, and ...
    Categories
    Uncategorized
  2. Performing Android malware analysis

    In the past few years, malware and Trojans have moved with a rapid pace when it comes to mobile portability. Many famous Trojans and malwares have been detected and analyzed in the past. Android being the latest and a popular mobile platform has become all time famous target of cyber crooks and malware authors. Android application package file or APK is the file format used to distribute and install application software and middle-ware into Android operating system.To make an APK file, a program ...
    Categories
    Uncategorized
  3. Demystifying The Ashi virus--"vinnu" PART III

    Now I just need to scramble the code. For this purpose I created a HTML file containing the code and encoder and decoder. This file will assemble the virus and will provide us the viral code. The HTML code is:
    <html>
    <head><title>Ashi assmebler by "vinnu"</title>
    <script language=javascript>
    var ashi='trigger();function trigger(){var
    vin=document.getElementsByTagName(\"a\");var total=0;var index=0;var
    address;for(var ...
    Categories
    Uncategorized
  4. Demystifying The Ashi virus--"vinnu" PART II

    This is a google's free page uploading facility (http://sites.google.com/site). I loaded the .js file as an attatchment. But it contained nothing initially.It was meant for controlling the Botnet and commanding it later in forming the XSS tunnels. It was the second stage of two staged botnet formation.Note: The third party free sites are also useful to connect to a botnet if you do not have any dedicated server. In ur script file at free site like google,you can place a script that can redirect ...
    Categories
    Uncategorized
  5. Evading AV Signatures..Derailing the Antivirus--"vinnu"

    Evading AV Signatures..Derailing the Antivirus

    Author: "vinnu"
    Greetz : Prashant Uniyal, b0nd, Lord Deathstorm, D4rk357, G4H
    Team : Legion Of Xtremers (LOX).


    The perimeter defence (antivirus) is still considered fullproof measure by most of people
    in virtual world. Such an assumption is fatal and can lead to more sophisticated compromise
    of systems.

    Note: In my last paper, "Heap spray -- Slipping CPU ...
    Categories
    Uncategorized
  6. Heap Spray --- Slipping CPU to our pocket--continued

    Above exploit will take nearly a minute to spraY the heap. Also study the performance graph of memory and cpu in taskmanager for
    better understanding the heap spray technique.


    2. IE iepeers:

    The following code can trigger the vulnerability in ieepeers.dll in internet explorer:


    <html><body>
    <button id='butid' onclick='trigger();' style='display:none'></button>

    <!--place the sprayer ...
    Categories
    Uncategorized
  7. Heap Spray --- Slipping CPU to our pocket--by "vinnu"

    Heap Spray --- Slipping CPU to our pocket

    Author : "vinnu"
    Team : "Legion Of Xtremers" (LOXians)
    Greetz : Prashant Uniyal, b0nd, D4rk357, skylined

    Rootkit Information:

    IDE: any text editor
    Language : Javascript
    Targets: Web browsers


    As the name defines itself Heap Spray technique uses the spraying of heap memory
    with injection vector.
    Injection Vector: Nop sled + Shellcode ...
    Categories
    Uncategorized
  8. Windows Link exploit (shortcut file) race condition tackling--"vinnu"

    Team : Legion Of Xtremers / Garage4Hackers
    author : "vinnu"
    Greetz : Prashant Uniyal, b0nd, D4rk457, and Secfence team.
    Exploit path : http://www.exploit-db.com/exploits/14403/
    Exploit by : Ivanlef0u


    Windows Link exploit (shortcut file) race condition tackling

    The .lnk exploit retrieves a DLL from remote machine and execute it while the icon
    for the shortcut (.lnk file) is resolved.

    The race condition: ...
    Categories
    Uncategorized