ASL IT Security - Advanced IT Security, Ethical Hacking and Penetration Testing

Code Releases

ASL HackMe Labs is yet another vulnerabile web application to practice various web based attacks. You can practice many web application attacks with these labs. Can be installed in both XAMPP and WAMPP.
Attacks You Can Practice With ASL HackMe Labs are

1) SQLi login bypass
2) SQLi Error Based
3) SQLi UNION based
4) Bilnd SQLi
5) SQLi filter bypassing
6) SQLi with INSERT_INTO
7) User Agent based SQLi
8) XSS through SQLi
9) Upload webshell through SQLi
10) XSS
11) User Agent based XXS
12) Full Path Disclosure
13) LFI
14) RFI
15) PHP Wrapper injections
16) Cookie based SQLi
17) Image Upload bypasses
18) Javascript Login Bypass
19) Logs Poisoning
20) Remote Command Execution
21) Header Injections

Download here...

Research Papers

21 July 2014
by: Daryl
in: Papers

Manual analysis of mailcious PDF malware

A paper discussing on how to manually analyze malicious pdf documents, extract javascript from pdf, test shellcode etc.

Recreating exploits from malware samples found in the Wild..

This is a paper on how to analyze and reverse engineer malware samples found in the wild. And for an offensive approach to security how to recreate these weapons to use against the mailcious hackers.

Uac a total Joke!

A UAC bypass method discovered by us.

Defeating Captcha by image reconstruction !

An interesting project to defeat Liberty Reserve captcha. This technique can be used to crack other similar captchs's also.

Web Vulnerabilities

XSS vulnerability in AOL search. We are trying to contact the AOL team. No reply from them yet.

There is a Cross Site Scripting Vulnerability in yahoo.com subdomain. Its in upcoming.yahoo.com . This vulnerability allows the attacker to steal cookies and perform session hijacking attacks or use XSS worms. The vendor has been notified regarding the vulnerability details.

Sql Injection in Facebook applications!

Pragyan CMS v 3,0 mulltiple vulnerabilities!

Exploits

MS Office 2007 and 2010 - OLE Arbitrary Command Execution

http://www.exploit-db.com/exploits/35216/

Microsoft Word Record Parsing Buffer Overflow

http://packetstormsecurity.com/files/92937/Microsoft-Word-Record-Parsing-Buffer-Overflow.html

SAP Player 0.9 Buffer Overflow

http://packetstormsecurity.com/files/92937/Microsoft-Word-Record-Parsing-Buffer-Overflow.html

Microsoft Office 2008 SP0 RTF Pfragments exploit for the Mac.

http://packetstormsecurity.com/files/111961/Office-2008-SP0-RTF-Pfragments-MAC-Exploit.html

Digital Music Pad version 8.2.3.4.8 SEH overflow exploit.

http://packetstormsecurity.com/files/97146/Digital-Music-Pad-8.2.3.4.8-SEH-Overflow.html

Quick Player version 1.3 unicode SEH exploit.

http://packetstormsecurity.com/files/94356/Quick-Player-1.3-Unicode-SEH-Exploit.html

This Metasploit module exploits a buffer overflow in Digital Music Pad version 8.2.3.3.4. When opening a malicious pls file with the Digital Music Pad, a remote attacker could overflow a buffer and execute arbitrary code.

http://packetstormsecurity.com/files/94303/Digital-Music-Pad-8.2.3.3.4-SEH-Overflow.html

DJ Studio Pro version 8.1.3.2.1 SEH overwrite exploit.

http://packetstormsecurity.com/files/93983/DJ-Studio-Pro-8.1.3.2.1-SEH-Overwrite.html

Audiotran version 1.4.2.4 SEH overflow exploit that creates a malicious .pls file.

http://packetstormsecurity.com/files/93705/Audiotran-1.4.2.4-SEH-Overflow.html

Virtual DJ Trial version 6.1.2 SEH buffer overflow crash proof of concept exploit.

http://packetstormsecurity.com/files/93502/Virtual-DJ-Trial-6.1.2-Buffer-Overflow.html

Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.

http://packetstormsecurity.com/files/93302/Microsoft-Office-Property-Code-Execution.html

Microsoft Excel Featheader buffer overflow exploit that leverages the vulnerability noted in MS09-067.

http://packetstormsecurity.com/files/92977/Microsoft-Excel-Featheader-Buffer-Overflow.html

Mediacoder version 0.7.5.4710 buffer overflow exploit that binds a shell to port 5555.