flying text

Thursday 4 June 2015

HOLLA!!! SKYPE USERS:

These weeks are going really bad for messenger application , Recently we saw a bug in IOS which crashes the phone with just a simple text message .
And Now the mighty favourite Skype VOIP client is in spotlight.
A recently discovered bug , affects all version of Skype client in both Desktop and mobile versions
This vulnerability is exploited by just sending a eight character message to any skype user , The bug is annoying that it forces user to reinstall the skype to work again perfectly . The charecter that causes this issue is -- http://:
Yes , its true just send  http://: to any person and the app crashes ,

Its a nice weird world of Information Security , Any thing is possible when it comes to security.

However Microsoft has fixed this issue with an skype update

Monday 1 June 2015

Holla i-users:

A new security bug has been discovered in iOS mobile operating systems , which leads to DOS (Denial Of Service) attack type --- In simple anyone could turn off your phone by sending just a simple text message .

The magical text which performs the magic is:
effective. Power لُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ #

This simple message has the ability to crash your Iphones.

Apple is fixing this issue and will provide a working patch in few days ,

Remedy--
Hide preview in every message app.




Happy Hacking

Thursday 28 May 2015

CVE 2015-4087

CVE 2015-4087




A local dll injection vulnerability has been discovered in the official Audacity 2.0.5.
Since the program is not specified with a fully qualified path name the program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows a local attacker to inject custom code that will be run with the privilege of the program or user executing the program. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. This can be done by tricking a user into running a hostile script from the local file system or a USB drive in some cases.

Since the program is not specified with a fully qualified path name the program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows a local attacker to inject custom code that will be run with the privilege of the program or user executing the program. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. This can be done by tricking a user into running a hostile script from the local file system or a USB drive in some cases.

When a malicious dll is created with the following names:
avformat-52.dll
avutil-50.dll
avcodec-52.dll
and placed in the directory of the installed audacity C:\Program Files (x86)\Audacity . And when Audacity will be started by the legitmate user it will start the process and just close by and in meanwhile the code within the malicious DLL will be executed and can lead to total compromise the system in which it is installed

Vulnerability Information:
Class: DLL Hijacking
Impact: System access
Remotely Exploitable: Yes
Locally Exploitable: Yes

Vulnerable Software:
[+] Audacity

Vulnerable Version(s):
[+] v2.0.5

Vulnerable Libraries:
[+]avformat-52.dll
[+]avutil-50.dll
[+]avcodec-52.dll

Proof of Concept (PoC):
=======================
Manual steps to reproduce the local vulnerability ...
1. Compile dll and rename to avformat-52.dll , avutil-50.dll , avcodec-52.dll
2. Copy avformat-52.dll to C:\Program Files\Audacity
3. Launch Audacity

PoC: Exploit
#include <windows.h>

int alpdaemon()
{
  WinExec("calc", SW_SHOW);
  exit(0);
  return 0;
}

BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved)
{
  alpdaemon();
  return 0;
}

Friday 3 April 2015

Tweak Windows 7 Boot Screen Animation

Posted by Green Hackerz

Email This

BlogThis!

Offer to Twitter

Offer to Facebook

Offer to Pinterest

Labels Customization, Operating System, Tools, Tricks and Tips, Tutorial, Windows 7

Hi GreenHackerz readers....

Tired of viewing the same liveliness over and over every time you boot windows?? At that point you are in luckiness. There is a simple approach to change Windows 7 boot screen. Windows 7 boot updater rolls out it conceivable to improvement boot liveliness, message and in addition foundation. This application lives up to expectations for all adaptations of Windows 7.

The application lives up to expectations by altering the BOOTMGR framework document. Since the application is in beta form and changes certain discriminating framework documents it is constantly prescribed to reinforcement before utilizing it. In spite of the fact that in our testing we found that the application functioned admirably on a Windows 7 framework with no issue.

Windows 7 Boot Updater is a free versatile apparatus that permits you to change your Windows 7 boot screen liveliness. To download this product click here.

The most effective method to utilize:

1.Run the apparatus as administrator.

2. Click Select Animation and search for the envelope that contains your boot movement pictures. On the off chance that you don't have any get some from here.

3.Uncheck Text as it doesn't work at the time of composing this article.

4.Click Go!. It will take sooner or later and show a message.

5.Click OK.

Presently restart your PC and check if the liveliness has been changed effectively. If not, then take after  to recoup your PC.

A debt of gratitude is in order for reading...friends

Stay Connected...
demo