:(

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IDEAS & NOTE FOR BEGINERS :
#forBeginers

1) Worms (Worms)
network worms spread from one system to another through a network connection
. The network mechanism used by the worm to complete its own replication.
E-mail mechanism.
Remote execution capability.
Remote login capability. The

process of worm reproduction.
Check the host table or similar place where the remote system address is stored. Search for the system to be infected,
establish a connection with the remote host,
copy yourself into the remote system and run the copy of the

2) computer virus (Viruses), the

biological concept of a virus,
small DNA or RNA gene segments


According to statistics, as of 2000.11, there are a total of more than 55,000
viruses with the characteristics of
viruses.
Antivirus methods

🧜‍♀️Computer viruses (referred to as viruses) are programs that can infect other programs. The main characteristics of viruses are as follows:

① Dependence.

② The virus is contagious.

③ The virus is latent.

④ Viruses are destructive.

⑤ The virus is targeted.

🧜‍♀️The structural :

-boot module of the virus is responsible for guiding the virus to the memory, protecting the corresponding storage space to prevent it from being overwritten by other programs, and modifying some necessary system parameters to prepare for the activation of the virus.

-The infection module is responsible for infecting viruses to other computer programs. It is the core of the entire virus program and consists of two parts: one part judges whether the infection conditions are met, and the other part implements the infection.

-The performance module virus trigger condition determines
the specific performance part of some viruses.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME 2020 ANDROID/IOS HACKING APPS :

https://github.com/wszf/androrat

https://www.zimperium.com/zanti-mobile-penetration-testing

https://f-droid.org/en/packages/org.csploit.android/

https://www.cydiahacks.net/xsellize-repo-source.html
(ios cracked cydia repo)

https://github.com/BishopFox/iSpy

https://github.com/GeoSn0w/Myriam

https://github.com/S3Jensen/iRET

https://extigy.github.io/repo/

https://itunes.apple.com/us/app/iweppro-wifi-passwords-generator/id578135585?mt=8

https://github.com/GeoSn0w/Myriam

https://github.com/BishopFox/iSpy

https://github.com/BishopFox/firecat

https://www.highsterspyapp.com/

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Back with a long pending vulnerability that I found during my bug bounty hunt, though a late blog but I found it worth sharing. I have found this vulnerability in India’s largest online health platform website.
By this vulnerability, I was able to read source code of the application , sensitive les like webcong where I got APIs key of mail server, sms, payment gateway etc and further I was also able to use these mail server key to send mail from thei..

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑anti-virus software development process :

A) Simple Scanners

1)Use virus signatures to identify viruses.

2) Use signature string scanning to detect

3) changes in file lengths of known viruses.

B) Second generation: Heuristic Scanners

1) Use heuristic rules to search for possible virus infections.
Search for code segments that are often related to viruses, such as the beginning part of the encryption cycle used in deformed viruses.
Integrity checking: program checksum (checksum), the

2) third generation of Hash function ：Activity Traps

3) TSR to identify the virus infection through behavioral rather than structural program

4) does not require the development of a large number of virus signatures and heuristic rules, so long as the behavior of the virus to identify a small set of

5) fourth generation: full protection (Full-featured Protection)
various anti Comprehensive application of virus technology
scanning
> behavior capture

> access control

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Use Azure Functions to play serverless :
#Fasttips

Serverless&Azure Functions

1) With serverless computing, developers do not need to manage the infrastructure, so they can build applications faster. With serverless applications, the cloud service provider will automatically provision, scale, and manage the infrastructure required to run the code.

2) To understand the definition of serverless computing, it is important to note that the server is still running code.

3) The server name comes from the fact that the tasks associated with infrastructure provisioning and management are not visible to developers.

4) This approach allows developers to focus more on business logic and deliver more value to the core of the business. Serverless computing can help teams increase productivity, bring products to market faster, and allow organizations to better optimize resources and stay focused on innovation.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Access control


1) Each file in the directory has a unique file owner, which has most access permissions, and can also authorize and revoke files.

2) In order to prevent forged access to files, the system does not allow any user to write to the file directory. All file directories can only be maintained through the operating system controlled by the main file command. Users can perform reasonable directory operations through the system, but users are prohibited from directly accessing the directories.

3) Access Control List An access control list is a type of data structure used to record all subjects and access methods that can access the entity.
Each entity corresponds to an access control table, which lists all the subjects and access methods that can access the entity.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑basic Shell commands

1) Basic commands

View relevant Shell operation commands under Hadoop.

[root@hop01 hadoop2.7]# bin/hadoop fs
[root@hop01 hadoop2.7]# bin/hdfs dfs
dfs is the implementation class of fs

2) View the command description

[root@hop01 hadoop2.7]# hadoop fs -help ls

3) Recursively create directories

[root@hop01 hadoop2.7]# hadoop fs -mkdir -p /hopdir/myfile

4) View the catalog

[root@hop01 hadoop2.7]# hadoop fs -ls /
[root@hop01 hadoop2.7]# hadoop fs -ls /hopdir

5) Cut and paste files

hadoop fs -moveFromLocal /opt/hopfile/java.txt /hopdir/myfile

hadoop fs -ls /hopdir/myfile

6) ew file content

hadoop fs -cat /hopdir/myfile/java.txt

hadoop fs -tail /hopdir/myfile/java.txt

7) Append file content

hadoop fs -appendToFile /opt/hopfile/c++.txt /hopdir/myfile/java.txt

8) Copy files

The copyFromLocal command is the same as the put command

hadoop fs -copyFromLocal /opt/hopfile/c++.txt /hopdir

9) Copy HDFS files to local

hadoop fs -copyToLocal /hopdir/myfile/java.txt /opt/hopfile/
10) Copy files in HDFS

hadoop fs -cp /hopdir/myfile/java.txt /hopdir
11) Move files in HDFS

hadoop fs -mv /hopdir/c++.txt /hopdir/myfile
12) Merge and download multiple files

The basic commands get and copyToLocal commands have the same effect.

hadoop fs -getmerge /hopdir/myfile/* /opt/merge.txt
13) delete files

hadoop fs -rm /hopdir/myfile/java.txt
14) View folder information

hadoop fs -du -s -h /hopdir/myfile
15) delete the folder

bin/hdfs dfs -rm -r /hopdir/file0703

written by
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MySQL data is synchronized to ES search engine in full and incremental mode :
#ProTips

configuration full text by Undercode

/usr/local/logstash/sync-config/cicadaes.conf

input {
stdin {}
jdbc {
jdbc_connection_string => "jdbc:mysql://127.0.0.1:3306/cicada?characterEncoding=utf8"
jdbc_user => "root"
jdbc_password => "root123"
jdbc_driver_library => "/usr/local/logstash/sync-config/mysql-connector-java-5.1.13.jar"
jdbc_driver_class => "com.mysql.jdbc.Driver"
jdbc_paging_enabled => "true"
jdbc_page_size => "50000"
jdbc_default_timezone => "Asia/Shanghai"
statement_filepath => "/usr/local/logstash/sync-config/user_sql.sql"
schedule => "* * * * *"
type => "User"
lowercase_column_names => false
record_last_run => true
use_column_value => true
tracking_column => "updateTime"
tracking_column_type => "timestamp"
last_run_metadata_path => "/usr/local/logstash/sync-config/user_last_time"
clean_run => false
}
jdbc {
jdbc_connection_string => "jdbc:mysql://127.0.0.1:3306/cicada?characterEncoding=utf8"
jdbc_user => "root"
jdbc_password => "root123"
jdbc_driver_library => "/usr/local/logstash/sync-config/mysql-connector-java-5.1.13.jar"
jdbc_driver_class => "com.mysql.jdbc.Driver"
jdbc_paging_enabled => "true"
jdbc_page_size => "50000"
jdbc_default_timezone => "Asia/undercode"
statement_filepath => "/usr/local/logstash/sync-config/log_sql.sql"
schedule => "* * * * *"
type => "Log"
lowercase_column_names => false
record_last_run => true
use_column_value => true
tracking_column => "updateTime"
tracking_column_type => "timestamp"
last_run_metadata_path => "/usr/local/logstash/sync-config/log_last_time"
clean_run => false
}
}
filter {
json {
source => "message"
remove_field => ["message"]
}
}
output {
if [type] == "User" {
elasticsearch {
hosts => ["127.0.0.1:9200"]
index => "cicada_user_search"
document_type => "user_search_index"
}
}
if [type] == "Log" {
elasticsearch {
hosts => ["127.0.0.1:9200"]
index => "cicada_log_search"
document_type => "log_search_index"
}
}
}

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux system: Build Rocketmq4.3 middleware under centos7, configure monitoring station :


1) Download the installation package
URL

https://www.apache.org/dyn/closer.cgi?path=rocketmq/4.3.2/rocketmq-all-4.3.2-bin-release.zip
# We suggest the following mirror site for your download
http://mirrors.tuna.tsinghua.edu.cn/apache/rocketmq/4.3.2/rocketmq-all-4.3.2-bin-release.zip

2) Upload files
[root@localhost mysoft]# pwd
/usr/local/mysoft
[root@localhost mysoft]# unzip rocketmq-all-4.3.2-bin-release.zip
[root@localhost mysoft]# mv rocketmq-all-4.3.2-bin-release rocket4.3
[root@localhost mysoft]# rm -f rocketmq-all-4.3.2-bin-release.zip

3) Modify the relevant configuration
The default configuration of rocketmq is extremely memory intensive and needs to be modified.

1) Modify the runserver.sh configuration,

comment out the original, and add a new configuration

[root@localhost bin]# vim runserver.sh
#JAVA_OPT="${JAVA_OPT} -server -Xms4g -Xmx4g -Xmn2g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m"
JAVA_OPT="${JAVA_OPT} -server -Xms256m -Xmx256m -Xmn512m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m"

2) Modify the configuration of runbroker.sh,

comment out the original and add a new configuration

[root@localhost bin]# vim runbroker.sh
#JAVA_OPT="${JAVA_OPT} -server -Xms8g -Xmx8g -Xmn4g"
JAVA_OPT="${JAVA_OPT} -server -Xms256m -Xmx256m -Xmn128m"

3) Modify the tools.sh configuration,

comment out the original and add a new configuration

[root@localhost bin]# vim tools.sh
#JAVA_OPT="${JAVA_OPT} -server -Xms1g -Xmx1g -Xmn256m -XX:PermSize=128m -XX:MaxPermSize=128m"
JAVA_OPT="${JAVA_OPT} -server -Xms256m -Xmx256m -Xmn256m -XX:PermSize=128m -XX:MaxPermSize=128m"

4) Start the service
To start in order

nohup sh /usr/local/mysoft/rocket4.3/bin/mqnamesrv

nohup sh /usr/local/mysoft/rocket4.3/bin/mqbroker -n localhost:9876

@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to install Social Engineering Toolkit in Termux ?

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) pkg update && pkg upgrade -y

2) apt install curl -y

3) curl -LO https://raw.githubusercontent.com/Hax4us/setoolkit/master/setoolkit.sh

4) sh setoolkit.sh

5) cd setoolkit

6) ./setup.py install

7) ./setoolkit

#fastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁