Hack_Windows,_Android,_Mac_using_TheFatRat_Step_by_Step_tutorial
5.9 MB
hack android & windows via payloads with pictures
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π Brute SSH the remote server :
1) For brute-force attacks (brute-force attacks), we will use the Hydra tool , which is included with the Kali Linux distribution. SSH is present on any Linux or Unix server and is generally the primary use for administrators to access and control their systems.
Warning: Hydra is an attack tool
β Use it only on your own systems and networks unless you have written permission from the owner. Otherwise, it is illegal . "
2) To implement the attack, use the command:
# hydra -s 22 -l root -P / usr / share / wordlists / fasttrack .txt 192.168.1.1 -t 4 ssh
3) Now let's analyze it:
- s - The flag indicates the port. It is worth noting that administrators can replace the default port 22 for the ssh service , in order to find out on which port the service is running, it is necessary to perform an initial scan of the target using the Nmap tool . We wrote about how to do this earlier in the article .
- l - the flag indicates the login, in our example we use root and admin. (we can provide a link to the dictionary here)
- P - the flag indicates the password, in our case we use the fasttrack .txt dictionary from the kali distribution , which is located in the / usr / share / wordlists / directory
4) It is worth noting that in order to effectively carry out a brute-force attack, it is worth paying due attention to the preparation of the dictionary, namely: taking into account geographical and linguistic peculiarities, including in the dictionary the name of the company, the names of its subsidiaries, the names of the operating services and applications, the names of employees, etc.
192.168.1.1 - ip address of the target, since the target we are using has a white ip, it is smeared
- t - the flag indicates the number of simultaneously used threads. We indicate 4
ssh - used protocol
5) Based on the results of the team's work, we see that the passwords from the dictionary did not fit for the admin and root logins
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π Brute SSH the remote server :
1) For brute-force attacks (brute-force attacks), we will use the Hydra tool , which is included with the Kali Linux distribution. SSH is present on any Linux or Unix server and is generally the primary use for administrators to access and control their systems.
Warning: Hydra is an attack tool
β Use it only on your own systems and networks unless you have written permission from the owner. Otherwise, it is illegal . "
2) To implement the attack, use the command:
# hydra -s 22 -l root -P / usr / share / wordlists / fasttrack .txt 192.168.1.1 -t 4 ssh
3) Now let's analyze it:
- s - The flag indicates the port. It is worth noting that administrators can replace the default port 22 for the ssh service , in order to find out on which port the service is running, it is necessary to perform an initial scan of the target using the Nmap tool . We wrote about how to do this earlier in the article .
- l - the flag indicates the login, in our example we use root and admin. (we can provide a link to the dictionary here)
- P - the flag indicates the password, in our case we use the fasttrack .txt dictionary from the kali distribution , which is located in the / usr / share / wordlists / directory
4) It is worth noting that in order to effectively carry out a brute-force attack, it is worth paying due attention to the preparation of the dictionary, namely: taking into account geographical and linguistic peculiarities, including in the dictionary the name of the company, the names of its subsidiaries, the names of the operating services and applications, the names of employees, etc.
192.168.1.1 - ip address of the target, since the target we are using has a white ip, it is smeared
- t - the flag indicates the number of simultaneously used threads. We indicate 4
ssh - used protocol
5) Based on the results of the team's work, we see that the passwords from the dictionary did not fit for the admin and root logins
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SINCE LINUX IS A GOOD target BY HACKERS IN 2020
INSTALL 1 FROM THOSE ANTI-MALWARES & FIREWALLS :
https://www.clamav.net/
https://secure2.sophos.com/en-us/products/free-tools.aspx
https://firejailtools.wordpress.com/
http://rkhunter.sourceforge.net/
https://www.qubes-os.org/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SINCE LINUX IS A GOOD target BY HACKERS IN 2020
INSTALL 1 FROM THOSE ANTI-MALWARES & FIREWALLS :
https://www.clamav.net/
https://secure2.sophos.com/en-us/products/free-tools.aspx
https://firejailtools.wordpress.com/
http://rkhunter.sourceforge.net/
https://www.qubes-os.org/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
SOPHOS
Cybersecurity as a Service Delivered | Sophos
We Deliver Superior Cybersecurity Outcomes for Real-World Organizations Worldwide with a Broad Portfolio of Advanced Security Products and Services.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME FACEBOOK SCRAPER TOOLS 2020 :
facebook-post-scraper. Has comments. Uses Selenium.
facebook-scraper-selenium. "Scrape posts from any group or user into a .csv file without needing to register for any API access".
>https://github.com/brutalsavage/facebook-post-scraper
Ultimate Facebook Scraper. "Scrapes almost everything about a Facebook user's profile". Uses Selenium.
>https://github.com/apurvmishra99/facebook-scraper-selenium
Unofficial APIs. List of unofficial APIs for various services, none for Facebook for now, but might be worth to check in the future.
> https://github.com/Rolstenhouse/unofficial-apis
major-scrapy-spiders. Has a profile spider for Scrapy.
>https://github.com/talhashraf/major-scrapy-spiders
facebook-page-post-scraper. Seems abandoned.
FBLYZE. Fork (?).
> https://github.com/DIYgod/RSSHub/blob/master/lib/routes/facebook/page.js
RSSHub. Generates an RSS feed from Facebook pages.
RSS-Bridge. Also generates RSS feeds from Facebook pages.
> https://github.com/RSS-Bridge/rss-bridge/blob/master/bridges/FacebookBridge.php
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME FACEBOOK SCRAPER TOOLS 2020 :
facebook-post-scraper. Has comments. Uses Selenium.
facebook-scraper-selenium. "Scrape posts from any group or user into a .csv file without needing to register for any API access".
>https://github.com/brutalsavage/facebook-post-scraper
Ultimate Facebook Scraper. "Scrapes almost everything about a Facebook user's profile". Uses Selenium.
>https://github.com/apurvmishra99/facebook-scraper-selenium
Unofficial APIs. List of unofficial APIs for various services, none for Facebook for now, but might be worth to check in the future.
> https://github.com/Rolstenhouse/unofficial-apis
major-scrapy-spiders. Has a profile spider for Scrapy.
>https://github.com/talhashraf/major-scrapy-spiders
facebook-page-post-scraper. Seems abandoned.
FBLYZE. Fork (?).
> https://github.com/DIYgod/RSSHub/blob/master/lib/routes/facebook/page.js
RSSHub. Generates an RSS feed from Facebook pages.
RSS-Bridge. Also generates RSS feeds from Facebook pages.
> https://github.com/RSS-Bridge/rss-bridge/blob/master/bridges/FacebookBridge.php
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - brutalsavage/facebook-post-scraper: Facebook Post Scraper π΅οΈπ±οΈ
Facebook Post Scraper π΅οΈπ±οΈ. Contribute to brutalsavage/facebook-post-scraper development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Serious RCE Flaw Revealed in Popular LibreOffice and OpenOffice Programs ?
1) It's since 2019 and simply opening an innocent office document file on your system could allow hackers to hack into your computer.
2) No, I'm not talking about another vulnerability in Microsoft Office, but about two other most popular alternatives - LibreOffice and Apache OpenOffice - free open source office software used by millions of Windows, MacOS and Linux users.
3) Security researcher Alex Infyur discovered a serious remote code execution (RCE) vulnerability in these two open source office suites, which could be caused by simply opening a maliciously crafted ODT (OpenDocument Text) file.
4) The attack relies on exploiting a directory traversal vulnerability, identified as CVE-2018-16858, to automatically launch a specific software-related python library using a hidden onmouseover event.
5)To exploit this vulnerability, InfΓΌhr created an ODT file with a white hyperlink (so it cannot be seen) that contains an "onmouseover" event to trick the victim into running a locally available python file on their system when placing the mouse anywhere. to an invisible hyperlink.
6) According to the researcher, a python file named "pydoc.py", which is part of LibreOffice's native Python interpreter, accepts arbitrary commands in one of its parameters and executes them through the command line or system console.
PoC Exploit example video :
https://www.youtube.com/watch?v=zVHsKPwtPo4
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Serious RCE Flaw Revealed in Popular LibreOffice and OpenOffice Programs ?
1) It's since 2019 and simply opening an innocent office document file on your system could allow hackers to hack into your computer.
2) No, I'm not talking about another vulnerability in Microsoft Office, but about two other most popular alternatives - LibreOffice and Apache OpenOffice - free open source office software used by millions of Windows, MacOS and Linux users.
3) Security researcher Alex Infyur discovered a serious remote code execution (RCE) vulnerability in these two open source office suites, which could be caused by simply opening a maliciously crafted ODT (OpenDocument Text) file.
4) The attack relies on exploiting a directory traversal vulnerability, identified as CVE-2018-16858, to automatically launch a specific software-related python library using a hidden onmouseover event.
5)To exploit this vulnerability, InfΓΌhr created an ODT file with a white hyperlink (so it cannot be seen) that contains an "onmouseover" event to trick the victim into running a locally available python file on their system when placing the mouse anywhere. to an invisible hyperlink.
6) According to the researcher, a python file named "pydoc.py", which is part of LibreOffice's native Python interpreter, accepts arbitrary commands in one of its parameters and executes them through the command line or system console.
PoC Exploit example video :
https://www.youtube.com/watch?v=zVHsKPwtPo4
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
YouTube
CVE-2020-1301 SMBLOST POC exploit
A proof of concept for smblost smb1 vulnerability (CVE-2020-1301).
Find the poc code here: https://github.com/shubham0d/CVE-2020-1301
Update to code execution coming soon.
Credits: https://airbus-cyber-security.com/diving-into-the-smblost-vulnerability-cveβ¦
Find the poc code here: https://github.com/shubham0d/CVE-2020-1301
Update to code execution coming soon.
Credits: https://airbus-cyber-security.com/diving-into-the-smblost-vulnerability-cveβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install and Configure Psensor Sensor Monitor in Linux ?
Installing Psensor
1) It is recommended that you install the βlm-sensorsβ package first before installing psensor to enable extended support for reading various sensors built into the hardware. Run the command below to install lm-sensors in Ubuntu:
$ sudo apt install lm-sensors
2) You can search for the term βlm-sensorsβ in package managers of other Linux distributions.
Once lm-sensors package has been installed, run the command below to enable detection of sensors:
$ sudo sensors-detect
3) Follow the on-screen instructions and enter your answers after carefully reading each question. When you are asked to βautomatically add linesβ, choose yes. Once you are through the command line wizard, reboot your system and run the command below to view sensor information in a terminal:
$ sensors
4) Now to install psensor in Ubuntu, run the command below:
$ sudo apt install psensor
Packages for other Linux distributions are available here (scroll down).
π¦First Run Setup
Launch βPsensorβ from the application launcher to start the app. You will be presented with a window showing various graphs, sensor readings and threshold values. You will also get a system tray icon for quick access to menu options and current readings.
Now there are two things you might want to configure to tweak the behaviour of the Psensor app. First, you may want to disable the graphical window so that it doesnβt appear everytime you run Psensor. To do so, go to preferences and check the βHide window on startupβ checkbox in the βStartupβ tab. To manually view the graphical window, you can use the βShowβ option in the system tray icon.
Secondly, you may want to automatically launch Psensor in every session. In the same βStartupβ tab, you will find another checkbox βLaunch on session startupβ. Check it to launch Psensor automatically on every boot.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install and Configure Psensor Sensor Monitor in Linux ?
Installing Psensor
1) It is recommended that you install the βlm-sensorsβ package first before installing psensor to enable extended support for reading various sensors built into the hardware. Run the command below to install lm-sensors in Ubuntu:
$ sudo apt install lm-sensors
2) You can search for the term βlm-sensorsβ in package managers of other Linux distributions.
Once lm-sensors package has been installed, run the command below to enable detection of sensors:
$ sudo sensors-detect
3) Follow the on-screen instructions and enter your answers after carefully reading each question. When you are asked to βautomatically add linesβ, choose yes. Once you are through the command line wizard, reboot your system and run the command below to view sensor information in a terminal:
$ sensors
4) Now to install psensor in Ubuntu, run the command below:
$ sudo apt install psensor
Packages for other Linux distributions are available here (scroll down).
π¦First Run Setup
Launch βPsensorβ from the application launcher to start the app. You will be presented with a window showing various graphs, sensor readings and threshold values. You will also get a system tray icon for quick access to menu options and current readings.
Now there are two things you might want to configure to tweak the behaviour of the Psensor app. First, you may want to disable the graphical window so that it doesnβt appear everytime you run Psensor. To do so, go to preferences and check the βHide window on startupβ checkbox in the βStartupβ tab. To manually view the graphical window, you can use the βShowβ option in the system tray icon.
Secondly, you may want to automatically launch Psensor in every session. In the same βStartupβ tab, you will find another checkbox βLaunch on session startupβ. Check it to launch Psensor automatically on every boot.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Social media giant Facebook launched Facebook Pay in August of this year, a payment program for small and medium-sized businessesβ online transactions
#Updates
_
#Updates
_
Forwarded from UNDERCODE NEWS
Go up against the breeze! Google aims to amend guidance to reiterate that its charging scheme must be used for in-app transactions.
#international
_
#international
_
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
The Bank of China will stop moving money from the cell phone edition of Windows Phone tomorrow.
#Updates
_
#Updates
_
Forwarded from UNDERCODE NEWS
Microsoft CEO talks about the negotiation of acquiring Tiktok: the taste has changed, I will never participate
#international
_
#international
_
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 ANDROID MALWARE:
Generic Android Deobfuscator :
Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Building requires the Java Development Kit 8 (JDK) to be installed.
Because this project contains submodules for Android frameworks, either clone with --recursive:
git clone --recursive https://github.com/CalebFenton/simplify.git
Or update submodules at any time with:
git submodule update --init --recursive
2) Then, to build a single jar which contains all dependencies:
./gradlew fatjar
3) The Simplify jar will be in simplify/build/libs/. You can test it's working by simplifying the provided obfuscated example app. Here's how you'd run it (you may need to change simplify.jar):
java -jar simplify/build/libs/simplify.jar -it 'org/cf/obfuscated' -et 'MainActivity' simplify/obfuscated-app.a
π¦FULL USAGE & EXAMPLE :
https://github.com/CalebFenton/simplify
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 ANDROID MALWARE:
Generic Android Deobfuscator :
Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Building requires the Java Development Kit 8 (JDK) to be installed.
Because this project contains submodules for Android frameworks, either clone with --recursive:
git clone --recursive https://github.com/CalebFenton/simplify.git
Or update submodules at any time with:
git submodule update --init --recursive
2) Then, to build a single jar which contains all dependencies:
./gradlew fatjar
3) The Simplify jar will be in simplify/build/libs/. You can test it's working by simplifying the provided obfuscated example app. Here's how you'd run it (you may need to change simplify.jar):
java -jar simplify/build/libs/simplify.jar -it 'org/cf/obfuscated' -et 'MainActivity' simplify/obfuscated-app.a
π¦FULL USAGE & EXAMPLE :
https://github.com/CalebFenton/simplify
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Facebook complains about Apple: users should be allowed to choose their favorite SMS application ?
#Updates
_
#Updates
_
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TERMUX HACKING TOOLS LIST & USAGE :
- [Clickjacking-Tester](https://github.com/D4Vinci/Clickjacking-Tester) - A python script designed to check if the website if vulnerable of clickjacking and create a poc.[](https://github.com/D4Vinci/Clickjacking-Tester/stargazers/)
- [Dr0p1t-Framework](https://github.com/D4Vinci/Dr0p1t-Framework) - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks.[](https://github.com/D4Vinci/Dr0p1t-Framework/stargazers/)
- [elpscrk](https://github.com/D4Vinci/elpscrk) - A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v.[](https://github.com/D4Vinci/elpscrk/stargazers/)
- [SecLists](https://github.com/danielmiessler/SecLists) - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more..[](https://github.com/danielmiessler/SecLists/stargazers/)
- [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script.[](https://github.com/darkoperator/dnsrecon/stargazers/)
- [HiddenEye](https://github.com/DarkSecDevelopers/HiddenEye) - Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ].[](https://github.com/DarkSecDevelopers/HiddenEye/stargazers/)
- [Intersect-2.5](https://github.com/deadbits/Intersect-2.5) - Post-Exploitation Framework.[](https://github.com/deadbits/Intersect-2.5/stargazers/)
- [wifite](https://github.com/derv82/wifite) - No description provided[ - A python script designed to check if the website if vulnerable of clickjacking and create a poc.[](https://github.com/D4Vinci/Clickjacking-Tester/stargazers/)
- [Dr0p1t-Framework](https://github.com/D4Vinci/Dr0p1t-Framework) - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks.[](https://github.com/D4Vinci/Dr0p1t-Framework/stargazers/)
- [elpscrk](https://github.com/D4Vinci/elpscrk) - A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v.[](https://github.com/D4Vinci/elpscrk/stargazers/)
- [SecLists](https://github.com/danielmiessler/SecLists) - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more..[](https://github.com/danielmiessler/SecLists/stargazers/)
- [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script.[](https://github.com/darkoperator/dnsrecon/stargazers/)
- [HiddenEye](https://github.com/DarkSecDevelopers/HiddenEye) - Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ].[](https://github.com/DarkSecDevelopers/HiddenEye/stargazers/)
- [Intersect-2.5](https://github.com/deadbits/Intersect-2.5) - Post-Exploitation Framework.[](https://github.com/deadbits/Intersect-2.5/stargazers/)
- [wifite](https://github.com/derv82/wifite) - No description provided[![->](
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - D4Vinci/Clickjacking-Tester: A python script designed to check if the website if vulnerable of clickjacking and createβ¦
A python script designed to check if the website if vulnerable of clickjacking and create a poc - D4Vinci/Clickjacking-Tester