▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings

F E A T U R E S :

Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K, Mips, MOS65XX, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).

Having clean/simple/lightweight/intuitive architecture-neutral API.

Provide details on disassembled instruction (called “decomposer” by others).

Provide semantics of the disassembled instruction, such as list of implicit registers read & written.

Implemented in pure C language, with lightweight bindings for D, Clojure, F#, Common Lisp, Visual Basic, PHP, PowerShell, Emacs, Haskell, Perl, Python, Ruby, C#, NodeJS, Java, GO, C++, OCaml, Lua, Rust, Delphi, Free Pascal & Vala (ready either in main code, or provided externally by the community).

Native support for all popular platforms: Windows, Mac OSX, iOS, Android, Linux, *BSD, Solaris, etc.

Thread-safe by design.

Special support for embedding into firmware or OS kernel.

High performance & suitable for malware analysis (capable of handling various X86 malware tricks).


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aquynh/capstone.git

2) Compile from source

On *nix (such as MacOSX, Linux, *BSD, Solaris):

- To compile for current platform, run:

$ ./make.sh

- On 64-bit OS, run the command below to cross-compile Capstone for 32-bit binary:

$ ./make.sh nix32



3) Install Capstone on *nix

To install Capstone, run:

$ sudo ./make.sh install

For FreeBSD/OpenBSD, where sudo is unavailable, run:

$ su; ./make.sh install

Users are then required to enter root password to copy Capstone into machine
system directories.

Afterwards, run ./tests/test* to see the tests disassembling sample code.


NOTE: The core framework installed by "./make.sh install" consist of
following files:

/usr/include/capstone/arm.h
/usr/include/capstone/arm64.h
/usr/include/capstone/capstone.h
/usr/include/capstone/evm.h
/usr/include/capstone/m680x.h
/usr/include/capstone/m68k.h
/usr/include/capstone/mips.h
/usr/include/capstone/mos65xx.h
/usr/include/capstone/platform.h
/usr/include/capstone/ppc.h
/usr/include/capstone/sparc.h
/usr/include/capstone/systemz.h
/usr/include/capstone/tms320c64x.h
/usr/include/capstone/x86.h
/usr/include/capstone/xcore.h
/usr/lib/libcapstone.a
/usr/lib/libcapstone.so (for Linux/*nix), or /usr/lib/libcapstone.dylib (OSX)



4) Cross-compile for Windows from *nix

To cross-compile for Windows, Linux & gcc-mingw-w64-i686 (and also gcc-mingw-w64-x86-64
for 64-bit binaries) are required.

- To cross-compile Windows 32-bit binary, simply run:

$ ./make.sh cross-win32

- To cross-compile Windows 64-bit binary, run:

$ ./make.sh cross-win64

Resulted files libcapstone.dll, libcapstone.dll.a & tests/test*.exe can then
be used on Windows machine.



5) Cross-compile for iOS from Mac OSX.

To cross-compile for iOS (iPhone/iPad/iPod), Mac OSX with XCode installed is required.

- To cross-compile for ArmV7 (iPod 4, iPad 1/2/3, iPhone4, iPhone4S), run:
$ ./make.sh ios_armv7

- To cross-compile for ArmV7s (iPad 4, iPhone 5C, iPad mini), run:
$ ./make.sh ios_armv7s

- To cross-compile for Arm64 (iPhone 5S, iPad mini Retina, iPad Air), run:
$ ./make.sh ios_arm64

- To cross-compile for all iDevices (armv7 + armv7s + arm64), run:
$ ./make.sh ios

Resulted files libcapstone.dylib, libcapstone.a & tests/test* can then
be used on iOS devices.


6) Cross-compile for Android

To cross-compile for Android (smartphone/tablet), Android NDK is required.
NOTE: Only ARM and ARM64 are currently supported.

$ NDK=/android/android-ndk-r10e ./make.sh cross-android arm
or
$ NDK=/android/android-ndk-r10e ./make.sh cross-android arm64

enjoy❤️👍🏻
✅git topic
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to list docker containers :

As you know, Docker is an echo system where you can create or run containers. It is an absolutely free and open-source tool that makes it simpler for you to create, deploy and run your applications using the containers. Containers are small and lightweight alternatives to Virtual Machines that use the host operating system. It allows you to run your application in an isolated environment.

1) If you are a system administrator and responsible for managing Docker, then you may need to know how to list Docker containers. There are several ways to list Docker containers in Linux.

2) In this tutorial, we will show you how to list Docker containers with several examples.

3) List All Docker Containers
If you want to list all Docker containers in your system, including running Docker container and stopped Docker containers, there are several commands you can list them as shown below:

docker container list -a
Or

docker container ls -a
Or

docker container ps -a
Or

docker ps -a

4) You should see all running and stopped Docker containers in the following output:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
592b9fe9f478 drupal "docker-php-entrypoi…" 3 minutes ago Exited (0) About a minute ago mystifying_cartwright
9392aab37f99 wordpress "docker-entrypoint.s…" 5 minutes ago Up 5 minutes 0.0.0.0:8081->80/tcp wpcontainer
bcbc64840b0a mariadb "docker-entrypoint.s…" 6 minutes ago Up 6 minutes 3306/tcp wordpressdb
3e5cddafb61d technosoft2000/calibre-web:v1.1.9 "/bin/bash -c /init/…" 19 hours ago Up 19 hours 0.0.0.0:8082->8083/tcp calibre-web
[/cc
<h3>A brief explanation of each column is shown below:</h3>
<strong>Container ID:</strong> A unique identification of the container.
<strong>Imag:</strong> Docker image name that used to create the container.
<strong>Command:</strong> The name of the command that runs after starting the container.
<strong>Created:</strong> Display container creation time.
<strong>Status:</strong> Display the running status of the container.
<strong>Ports: </strong>Shows the open port.
<strong>Names:</strong> Container name.

5) If you want to list only stopped Docker containers in your system, run the following command:
[cc lang="bash" width="700" escaped="true"]
docker ps --filter "status=exited"
You should see the following output:

6)CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
592b9fe9f478 drupal "docker-php-entrypoi…" 4 minutes ago Exited (0)

> mystifying_cartwright

7) List All Running Docker Containers
If you want to list only running Docker containers in your system, there are several commands to list them.

8) To list all Running Docker containers, run one of the following commands:

docker container ls
Or

docker container list
Or

docker container ps
Or

docker ps

9) You should see all running Docker containers in the following output:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9392aab37f99 wordpress "docker-entrypoint.s…" 6 minutes ago Up 6 minutes 0.0.0.0:8081->80/tcp wpcontainer
bcbc64840b0a mariadb "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 3306/tcp wordpressdb
3e5cddafb61d technosoft2000/calibre-web:v1.1.9 "/bin/bash -c /init/…" 19 hours ago Up 19 hours 0.0.0.0:8082->8083/tcp calibre-web
If you want to list the only ID of the running Docker container, run the following command:

docker container ls -q

10) You should see the following output:

9392aab37f99
bcbc64840b0a
3e5cddafb61d
List All Docker Containers by Size
You can also list all running Docker container with the size of each container

11) For example, list and view the size of the all running Docker containers, run the following command:

docker container list -s

12) You should see all running Docker containers with size column, as shown below:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
9392aab37f99 wordpress "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:8081->80/tcp wpcontainer 2B (virtual 543MB)
bcbc64840b0a mariadb "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 3306/tcp wordpressdb 2B (virtual 407MB)
3e5cddafb61d technosoft2000/calibre-web:v1.1.9 "/bin/bash -c /init/…" 19 hours ago Up 19 hours 0.0.0.0:8082->8083/tcp calibre-web 103MB (virtual 406MB)

13) You can also list and view the size of the all running and stopped containers with the following command:

docker container ls -as
You should see the following output:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
592b9fe9f478 drupal "docker-php-entrypoi…" 5 minutes ago Exited (0) 3 minutes ago mystifying_cartwright 0B (virtual 495MB)
9392aab37f99 wordpress "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:8081->80/tcp wpcontainer 2B (virtual 543MB)
bcbc64840b0a mariadb "docker-entrypoint.s…" 8 minutes ago Up 8 minutes 3306/tcp wordpressdb 2B (virtual 407MB)
3e5cddafb61d technosoft2000/calibre-web:v1.1.9 "/bin/bash -c /init/…" 19 hours ago Up 19 hours 0.0.0.0:8082->8083/tcp calibre-web 103MB (virtual 406MB

✅linux forum
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IS HACKING COMPUTER VIA PORT POSSIBLE ?

What is a port?

The port is a way for the computer to communicate with the outside, and the computer needs it to communicate with the outside world. The server uses different ports to provide different services, so only one IP address is needed to receive different data packets. Because of the port, when a data packet arrives at the computer, it knows which data packet to send to which service program. Therefore, through different ports, the computer and the outside world can communicate without interference. Simply put, a port is like a door. Only when we open this door can the computer communicate with the outside world. All data must pass through the door to enter our system. For example, the well-known "Shockwave" and "Magic Wave" viruses spread through ports 139 and 445, while the famous Trojan "Glacier" controls our computer through port 7626. Therefore, as long as we understand some ports commonly used by virus and Trojan horses and close them, we can avoid many virus and Trojan horse attacks.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hackers can transmit malicious images through Paypal

PayPal resolved a vulnerability that could be used by hackers to insert malicious images into payment pages.

Security researcher Aditya K Sood found that the URL of the payment page set by PayPal users contained a parameter named "image_url". The value of this parameter can be replaced by a URL that points to an image hosted on a remote server. This situation can allow attackers to use third-party vendors’ PayPal payment pages to spread malicious images. Sood proved the existence of the vulnerability by displaying arbitrary images on the vendor's payment page, but he believes that attackers may spread or exploit the malware hidden in the images.

Cybercriminals have always used innocuous-looking image files to hide malware. This technique has been used by the developers of the Lurk downloader, Neverquest malware, Stegoloader information stealer, and a Brazilian Trojan that was recently analyzed by Kaspersky.

Sood pointed out, “This is an insecure design because PayPal allows remote users to inject their own images into the components that PayPal uses for customer transactions. In other words, can an attacker spread malware or Utilization? The answer is yes. Some utilization technologies can achieve this goal."

Attackers can exploit this vulnerability by allowing unverified users to click on specially programmed links. The fact that the URL is hosted on paypal.com increases the likelihood that the victim will open the link.

This vulnerability was reported to PayPal in January, but was only fixed this month. PayPal initially stated that the report was not eligible for a bug reward, but then the company decided to fix the bug and awarded Sood a $1,000 reward.

Sood believes this is a high-risk issue, and he is dissatisfied with PayPal's disagreement with his assessment. PayPal responded that the attack scenario described by Sood is unlikely to happen because there are easier ways to spread malware, and that the company is actively scanning for malicious content.


@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Detailed fresh Proxies List


https://pastebin.com/FkdsbkDc

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑xsser - Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications..->

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

On Debian-based systems (ex: Ubuntu), run:

1) sudo apt-get install python3-pycurl python3-bs4

2) python3-geoip python3-gi python3-cairocffi

3) python3-selenium firefoxdriver

—On other systems such as: Kali, Ubuntu, ArchLinux, ParrotSec, Fedora, etc... also run:

sudo pip3 install pycurl bs4 pygeoip gobject cairocffi selenium

🦑XSSer runs on many platforms. It requires Python (3.x) and the following libraries:

- python3-pycurl - Python bindings to libcurl (Python 3)
- python3-bs4 - error-tolerant HTML parser for Python 3
- python3-geoip - Python3 bindings for the GeoIP IP-to-country resolver library
- python3-gi - Python 3 bindings for gobject-introspection libraries
- python3-cairocffi - cffi-based cairo bindings for Python (Python3)
- python3-selenium - Python3 bindings for Selenium
- firefoxdriver - Firefox WebDriver support

check picture and this git link for more usage
https://github.com/epsylon/xsser

✅git topic
use for learn
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Methode MySQL Row Count: How to get the number of rows in MySQL :

 To get the number of rows in one table, you use the COUNT (*) statement in SELECT like this:

SELECT 
    COUNT (*)
FROM
    table_name;
 

2) For example, to get the number of rows in the grayex table in the sample database, use the following statement:

SELECT 
    COUNT (*)
FROM
    andreyex;
 

+ ---------- +
| COUNT (*) |
+ ---------- +
| 35 |
+ ---------- +
1 row in set (0.01 sec)
 
4) Getting the number of MySQL rows in two or more tables, to get the number of rows across multiple tables, you use the UNION statement to combine the result sets returned by each individual SELECT statement.

5) For example, to get the number of rows of gray and trainings tables in one query, use the following statement.

SELECT 
    'andreyex' tablename, 
     COUNT (*) rows
FROM
    andreyex 
UNION 
SELECT 
    'trainings' tablename, 
     COUNT (*) rows
FROM
    trainings;

+ ----------- + ------ +
| tablename | rows |
+ ----------- + ------ +
| andreyex | 34 |
| trainings | 451 |
+ ----------- + ------ +
2 rows in set (0.01 sec)
 

6) Getting the number of MySQL rows of all tables in a specific database, to get the row count of all tables in a specific database like classicmodels you use the following steps:

First, get all the table names in the database
Second, create an SQL statement that includes all SELECT COUNT (*) FROM table_name statements for all UNION delimited tables.
Third, execute the SQL statement using the prepared statement
First, to get all the table names in a database, you query the following from the information_schema database:

SELECT 
    table_name
FROM
    information_schema.tables
WHERE
    table_schema = 'classicmodels'
        AND table_type = 'BASE TABLE';

 
 

+ -------------- +
| TABLE_NAME |
+ -------------- +
| andreyex |
| trainings |
| sites |
+ -------------- +
3 rows in set (0.02 sec)
 

Second, to build the SQL statement, we use the GROUP_CONCAT and CONCAT functions as follows:

SELECT 
    CONCAT (GROUP_CONCAT (CONCAT ('SELECT \' ',
                        table_name,
                        '\' table_name, COUNT (*) rows FROM ',
                        table_name)
                SEPARATOR 'UNION'),
            'ORDER BY table_name')
INTO @sql 
FROM
    table_list;

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new update faraday - Collaborative Penetration Test and Vulnerability Management Platform

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) download https://github.com/infobyte/faraday/releases

2) Install postgresql >= 9.6 (locally or in a remote server). In order to install PostgreSQL, you can run the following command:

$ sudo apt install postgresql

3) After the installation is completed, verify that PostgreSQL version is higher or equal than 9.6 by running:
$ psql -c "SELECT version()" postgres

4) Go to your Download directory and run the following command:
$ sudo apt install ./yourInstallFileName.deb

5) If PostgreSQL is running in a remote machine please follow these instructions. If, instead, it is running locally, simply run:
$ sudo faraday-manage initdb

6) Start Faraday's server by running:
$ systemctl start faraday-server

7) To know how to run Faraday's multiple commands, please follow this link.
https://github.com/infobyte/faraday/wiki/How-to-run-Faraday

✅git topic
use for learn
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁