Forum Discussion

motisrecon's avatar
motisrecon
Copper Contributor
Nov 26, 2023

Hi new to TC .uwp access, concerns modding os apps / need edge scripts chkd

Forgive the length of post > i have detailed the situation in hope to get the correct assistance.

 

i must paste this script & i hope to not violate the forum rules. This is Microst Edge currently running (its an Xbox X series Os, sry for posting here but ive tried xbox forums & moderators delete instantly!) - if it were pc i would trust my instincts as its functionality is beyond 'browser' level. ive tried direct mail to Microsoft about multiple insecurities regarding accounts being exploited for misuse & how its happening but when the tech / engineer tried to mail me for details i noticed an unusual mail server (tenant!) active to our connection in source code, reply address not official. (consistent with recent phishing scams conducted "alledgedly" by my or accounts, "webauthbroker" silent account 'multi log in' by remote user (without verification or notification by the owner!) - as result enforcement action daily almost causing device / account perm bans.. Now i have provided ms with the details that enables anyone to acquire info on any account & what should be done to safeguard from this. > My endgame is to show the consoles back doors that enable access to network & all devices. I have gathered 5 yrs of research, apps, sites etc that create vulnerabilities! (3rd party / open source)🤔🙄

 

>> if due to this being a console only issue that should only be for ms tech's pls msg or email me & lmk. As i have much more to show, & console forums do not provide for such in depth concerns.

 

Microsoft Edge on Xbox Series X (functioning as xGen9 device, xbx one & xbx S!) > every reboot or login re-installs apps & accounts that are not mine. Possible backup partition, 16 volumes & 2 directory paths; S: & C: / & apps store / events & others show state as 'possibly uninstalled' > upon DL's from store, a silent update initiates! Store app masked to install app packages of any kind & be hosted remotely.. (help me reclaim my device pls). 

 

====================================

Edge script as displayed by simple process explorer app

====================================

 

<?xml version='1.0' encoding='utf-8'?>
<Package xmlns="http://schemas.microsoft.com/appx/manifest/foundation/windows10" xmlns:com="http://schemas.microsoft.com/appx/manifest/com/windows10" xmlns:rescap="http://schemas.microsoft.com/appx/manifest/foundation/windows10/restrictedcapabilities" xmlns:uap="http://schemas.microsoft.com/appx/manifest/uap/windows10" xmlns:uap10="http://schemas.microsoft.com/appx/manifest/uap/windows10/10" xmlns:uap2="http://schemas.microsoft.com/appx/manifest/uap/windows10/2" xmlns:uap3="http://schemas.microsoft.com/appx/manifest/uap/windows10/3" xmlns:uap4="http://schemas.microsoft.com/appx/manifest/uap/windows10/4" xmlns:uap5="http://schemas.microsoft.com/appx/manifest/uap/windows10/5" xmlns:uap6="http://schemas.microsoft.com/appx/manifest/uap/windows10/6" IgnorableNamespaces="uap10">
<Identity Name="Microsoft.MicrosoftEdge.Stable" ProcessorArchitecture="x64" Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" Version="117.0.2045.34" />
<Properties>
<DisplayName>Microsoft Edge</DisplayName>
<PublisherDisplayName>Microsoft Corporation</PublisherDisplayName>
<Description>Reserved</Description>
<Logo>VisualElements\StoreLogo.png</Logo>
</Properties>
<Resources>
<Resource Language="en-us" />
</Resources>
<Dependencies>
<TargetDeviceFamily MaxVersionTested="12.0.0.0" MinVersion="10.0.17701.0" Name="Windows.Core" />
<TargetDeviceFamily MaxVersionTested="12.0.0.0" MinVersion="10.0.17701.0" Name="Windows.Holographic" />
<TargetDeviceFamily MaxVersionTested="12.0.0.0" MinVersion="10.0.17701.0" Name="Windows.Xbox" />
<PackageDependency MinVersion="14.0.25426.0" Name="Microsoft.VCLibs.140.00" Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" />
</Dependencies>
<Capabilities>
<rescap:Capability Name="runFullTrust" />
<rescap:Capability Name="packageManagement" />
<uap4:CustomCapability Name="Microsoft.deployFullTrustOnHost_8wekyb3d8bbwe" />
</Capabilities>
<Applications>
<Application EntryPoint="Windows.FullTrustApplication" Executable="msedge.exe" Id="MSEDGE" uap10:RuntimeBehavior="packagedClassicApp" uap10:TrustLevel="mediumIL">
<uap:VisualElements BackgroundColor="transparent" Description="Microsoft Edge" DisplayName="Microsoft Edge" Square150x150Logo="VisualElements\Square150x150Logo.png" Square44x44Logo="VisualElements\Square44x44Logo.png">
<uap:DefaultTile Square310x310Logo="VisualElements\Square310x310Logo.png" Square71x71Logo="VisualElements\Square71x71Logo.png" Wide310x150Logo="VisualElements\Wide310x150Logo.png">
<uap:ShowNameOnTiles>
<uap:ShowOn Tile="square150x150Logo" />
<uap:ShowOn Tile="wide310x150Logo" />
<uap:ShowOn Tile="square310x310Logo" />
</uap:ShowNameOnTiles>
</uap:DefaultTile>
<uap:SplashScreen Image="VisualElements\Wide310x150Logo.scale-400.png" /> </uap:VisualElements>
<Extensions>


<Extension Category="windows.preInstalledConfigTask" EntryPoint="background_updater_wcos.PreInstallConfigTask" /><com:Extension Category="windows.comServer">
<com:ComServer>
<com:ExeServer Executable="notification_helper.exe">
<com:Class Id="XXXX276B-XXXX-46B4-A254-XXXXX8DB0XX" />
</com:ExeServer>
</com:ComServer>
</com:Extension>
<com:Extension Category="windows.comServer">
<com:ComServer>
<com:ExeServer Executable="background_updater.exe" LaunchAndActivationPermission="O:SYG:SYD:(A;;11;;;IU)(A;;11;;;S-1-15-2-543634040-274359014-2226501544-3561766748-3991453649-3543631192-522786984)S:P(ML;;NX;;;ME)">
<com:Class Id="XXXX276B-XXXX-46B4-A254-XXXXX8DB0XX" />
</com:ExeServer>
</com:ComServer>
</com:Extension>

<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="htm">
<uap:SupportedFileTypes>
<uap:FileType>.htm</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="html">
<uap:SupportedFileTypes>
<uap:FileType>.html</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="pdf">
<uap:SupportedFileTypes>
<uap:FileType>.pdf</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\pdf.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="shtml">
<uap:SupportedFileTypes>
<uap:FileType>.shtml</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="svg">
<uap:SupportedFileTypes>
<uap:FileType>.svg</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="webp">
<uap:SupportedFileTypes>
<uap:FileType>.webp</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="xht">
<uap:SupportedFileTypes>
<uap:FileType>.xht</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>
<uap3:Extension Category="windows.fileTypeAssociation">
<uap3:FileTypeAssociation Name="xhtml">
<uap:SupportedFileTypes>
<uap:FileType>.xhtml</uap:FileType>
</uap:SupportedFileTypes>
<uap:Logo>VisualElements\htm.png</uap:Logo>
<uap2:SupportedVerbs>
<uap3:Verb Id="open" Parameters="-- &quot;%1&quot;">open</uap3:Verb>
</uap2:SupportedVerbs>
</uap3:FileTypeAssociation>
</uap3:Extension>

<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="ftp" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>ftp</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="http" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>http</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="https" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>https</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="irc" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>irc</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="mailto" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>mailto</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="microsoft-edge" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>microsoft-edge</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="mms" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>mms</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="news" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>news</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="nntp" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>nntp</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="sms" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>sms</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="smsto" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>smsto</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="tel" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>tel</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="urn" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>urn</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap3:Extension Category="windows.protocol">
<uap3:Protocol Name="webcal" Parameters="-- &quot;%1&quot;">
<uap:DisplayName>webcal</uap:DisplayName>
<uap:Logo>VisualElements\htm.png</uap:Logo>
</uap3:Protocol>
</uap3:Extension>
<uap5:Extension Category="windows.appExecutionAlias" EntryPoint="Windows.FullTrustApplication" Executable="msedge.exe">
<uap5:AppExecutionAlias>
<uap5:ExecutionAlias Alias="EdgeStable.exe" />
</uap5:AppExecutionAlias>
</uap5:Extension>
</Extensions>
</Application>
</Applications>
<Extensions>
<uap10:Extension Category="windows.hostRuntime" EntryPoint="Windows.FullTrustApplication" Executable="pwahelper.exe" uap10:RuntimeBehavior="packagedClassicApp" uap10:TrustLevel="mediumIL">
<uap10:HostRuntime Id="PWA" />
</uap10:Extension>
<Extension Category="windows.activatableClass.inProcessServer">
<InProcessServer>
<Path>background_updater_winrt.dll</Path>
<ActivatableClass ActivatableClassId="background_updater_wcos.PreInstallConfigTask" ThreadingModel="MTA" />
</InProcessServer>
</Extension>
<uap6:Extension Category="windows.loaderSearchPathOverride">
<uap6:LoaderSearchPathOverride>
<uap6:LoaderSearchPathEntry FolderPath="" />
</uap6:LoaderSearchPathOverride>
</uap6:Extension>
<Extension Category="windows.publisherCacheFolders">
<PublisherCacheFolders>
<Folder Name="DefaultChannel" />
</PublisherCacheFolders>
</Extension>
</Extensions>
</Package>

 

Thx - if this should be forwarded or posted elsewhere pls advise. ive nvr relied on forum advice so forgive my navigation of post.

-note: no modifications of Microsoft apps or device have been done by me or with my consent.

community
security compliance and identity
No RepliesBe the first to reply

Resources