The YEHG was established in September 2007 by a small group of young but mature people. The initiatives broke out in the hope of united force that can beat any obstacles and accomplish any goals we desire. We are NOT BLACK Hats. We are not concerned with or employed by Myanmar Government or any organizations.
To become one of the best, respectable, powerful groups in the world who’re ever dedicating their lives in ethical hacking and countermeasures.
1. To share each other in learning new skills, researches and developments
2. To help each other’s desired goal all together
Check out our Home page.
Our presentations about our thoughts of security:
- Coming Soon
We cannot guarantee our tools work for you. Use them at your own risk. We provide source code whenever possible.
DLL Hijack Helper
A manual DLL Hijacking tool
Ready-to-run Mallory GUI Vmware edition. You can get the original Mallory Minimal version to save time in getting it from its author's sometimes-unstable torrent URL.
Pre-compiled ready-to-run Firewalk for BackTrack Distro. Fixed version for the famous Firewalk tool (http://packetstormsecurity.org/UNIX/audit/firewalk/.) that couldn't be compiled on modern nix boxes due to compilation errors. Modified fixed source code included.
Platform: BackTrack 5+ Distro
Find your desired strings in Windows. It's similar to the *inux equivalent tool, strings. Using this tool, you can identify sensitive information disclosure in thickclient applications as stated in CWE-316.
Fuzzing > DLLHijackAuditKitx
By default, DLLHijackAuditKit scans all associated file extensions with all installed applications in default timer of 3 seconds. DLLHijackAuditor from SecurityXploded is great for targetting only one application. However, according to our testing, it sometimes misses flaws. So, we tried to save time by adding timer support and regex support to our favorite HDM's DLLHijackAuditKit. Note that dll files in DLLHijackAuditKit will be detected as virus/trojan as they are generated using Metasploit. We protected it with password - yehg.net
Platform: Windows 2K3/XP
Security > DropItsRights
DropItsRights is a wrapper implementation of DropMyRights program by Michael Howard featured at MSDN. The DropMyRights program puts burden to us because it supports only command line. So, I tweaked it as parameter support and shell extension tweak that allow you to right-click on desired executable or its shortcut that is to be executed with DropMyRights. The original DropMyRights was recompiled and insecure functions such as wcsncat were replaced with their secure versions. Source code included.
Platform: Windows 2K/2K3/XP
Language: MS Visual C++.Net, AutoIt
- Virtual Hacking Lab
Description: This project is a mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats.
- The Ultimate Hacker Web Directory (HWD)
Description: Ever-updated Comprehensive Hacking/Security Links Repository
Goal: To be the Best Hacking Directory of All Times
Started: March 2008
Sub Section: Dll Hijacking
We don't intentionally hunt for vulnerabilities. The following ones are some of what we came across. Surely enough, we are not the only ones who found such holes. Many security researchers may have found the same holes at the same time or so.
Concerning with our disclosure policy, if a vulnerability is critical, we wait for vendor's released fix within an aceptable time frame before disclosure. If a vulnerability is not critical, we disclosure it to inform users and force vendors of affected applications to fix because vendors do not usually have the willingness to fix minor security flaws.
Huawei Mobile Partner | Permission Weakness Local Privilege Escalation
Multiple Windows Applications | Unencrypted Sensitive Information Storage in Memory
zFtp Server <= 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability
smallftpd <= 1.0.3-fix | Connection Saturation Remote Denial of Service Vulnerability
Dll Hijacking Archive
Our DLL Hijacking findings in various applications (PDF reader, media player, office wares, secure wares like PGP, ...etc) with proof-of-concept dlls and demo videos.
This is our ongoing project to maintain the most live ever-updated comprehensive links repository. We take pains to make the HWD sure for quality links resources. Click the logo below to enter into hwd:
Our videos illustrations of various hacking/security processes and tools were tested on our hacking lab environments and intended only for security hardening purpose. Please don't complain if those don't work for you. Watch and forget'em! Submit your desired training requests via the contact form.
Requirement: No more than a web browser with Flash player plugin.
Thick-client Application Security Testing Series
Description: Security in thick-client application has been considered as "not necessary or not required" . This misconception has been rooted in developers' mind and it has shaped the way they develop critical applications. Thus, we've started our first release of Thick-client application security testing training series using trivial consumer-based applications. We'll be adding more videos as and when we have free time.
KNet Web Server Buffer Overflow Exploit Demo
Description: This demo shows exploiting KNet web server buffer overflow vulnerability and gaining SHELL access on target host.
Mallory | Up and Running [View Online | Download]
Description: This demo shows how to set up Mallory to sniff network traffic and redirect these traffic into Burp/Zap proxy. Mallory GUI Vmware can be downloaded from our Virtual Hacking Lab.