Recent Rogue Anti Virus “Antivirus Pro 2010” uses ClamAV’s  “libclamav.dll” to scan the files.

More detailed report soon…..:)

Happy Deepavali to everyone.

Recently I bought the book “Gray Hat Python – For Hackers and Reverse Engineers” by Justin Seitz. I was trying to buy the book for last two months and finally I got it yesterday using Infibeam Online purchase

Very nice book, Justin Seitz arranged the contents of the book very nicely. From setting up development environment for Python, where to download some packages to how to use emulator contents are  arrangement is really nice.

I already used Python to automate some jobs. I’m really interested to use Python for discovering vulnerability in OS and applications.

My Rating for Gray Hat Python is 5 Star

Recently I saw a community in a Social Networking website. They have discussed some nice topics.

But there are some culprits, they use these type of communities to gain some useful information from people who using this type of communities. I saw post titled “Boost your modem speed to Broadband speed”. He has mentioned like he is having a software to boost the dial-up modem speed to Broadband speed. And people who wants this software post their email address.

More than 100 users posted their email addresses to get the software. And some people also mentioned their phone numbers too. See What a wonderful idea to collect 100 email addresses. Not only the person who posted this topic gets 100 email addresses and also whoever sees the topic gets 100 email addresses.

This is not only way of getting benefit from Social Networking Site. Some people post some interesting topic like “Want to hack a password of a email address” , and the content will be a link to website. The website is full of google ads, may be hosted some exploits.. No need to write a skillful virus to collect email addresses.

People who are all using these Social Networking websites should be much careful about privacy. We dont know the value of our Email address and phone numbers. Your Email Id could be used for spamming, marketing, and phishing.. Moderators of these communities should be careful before approving any post.

Innobuzz (Innobuzz Knowledge Solutions) is a giving training on Ethical hacking and various other fields. They found a unethical and stupid way of advertising, spamming orkut users. The actual spam scrap contains the following message.

The spam message contains a java script, and message tells the user to copy and paste the script in address bar and press “ENTER” button. Once the user did this the script will download andother script “scr.js“. And also the spam scrap contains nice title “Orkut Rank“, this title lets all user to execute the script.

Once “scr.js” script is executed, it will display an advertisement titled “Innobuzz Knowledge Solutions – Newsletter – SQL Injection”, describes about SQL Injection technique. And also an advertisement for Innobuzz’s next course.

Next the “scr.js” is doing the nastiest thing, scraping the spam message to all the contacts found in your orkut profile. Let’s have look into “scr.js”. This “Scr.js” having separate functions for collecting friends list, sending scrap, sending scrp to all contacts in your profile. Lets see the code,

For Collecting all Contacts in your Profile:

var xml = createXMLHttpRequest();
xml.open(“GET”, “/Compose.aspx”, true);

For Sending Scrap:

xml.open(“POST”, “/Scrapbook.aspx”, true);
xml.setRequestHeader(“Content-Type”, “application/x-www-form-urlencoded;”);
xml.send(send);

My Dear Innobuzz there is lot of way to advertise. You are saying that you are conducting course on “Ethical Hacking” and why you are following Unethical way.

Update: Got Reply from Innobuzz .. “Finally, google has closed the website and the script (love4mycommunities.googlepages.com/scr.js)” .