β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 update wireless protocol investigation
any linux/macos
The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/jopohl/urh
2) cd urh
3) sudo python3 -m pip install --upgrade pip # Update your pip installation
4) sudo python3 -m pip install urh # Install URH
5) python setup.py install
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 update wireless protocol investigation
any linux/macos
The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios. URH allows easy demodulation of signals combined with an automatic detection of modulation parameters making it a breeze to identify the bits and bytes that fly over the air. As data often gets encoded before transmission, URH offers customizable decodings to crack even sophisticated encodings like CC1101 data whitening. When it comes to protocol reverse-engineering, URH is helpful in two ways. You can either manually assign protocol fields and message types or let URH automatically infer protocol fields with a rule-based intelligence. Finally, URH entails a fuzzing component aimed at stateless protocols and a simulation environment for stateful attacks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/jopohl/urh
2) cd urh
3) sudo python3 -m pip install --upgrade pip # Update your pip installation
4) sudo python3 -m pip install urh # Install URH
5) python setup.py install
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jopohl/urh: Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss - jopohl/urh
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What are the hazards website vulnerabilities :
The harm of SQL injection vulnerabilities is not only reflected in the database level, but also may endanger the operating system that hosts the database; if SQL injection is used to hang horses, it may also be used to spread malware, etc. These hazards include but are not limited to:
1) Database information leakage: user privacy information stored in the database is leaked.
2) Web page tampering: tampering with specific web pages by operating the database.
3) The website is hacked to spread malicious software: modify the value of some fields in the database, embed the link of the network horse, and carry out a hacking attack.
4) The database was maliciously operated: The database server was attacked and the database system administrator account was tampered with.
5) The server is controlled remotely and a backdoor is installed: the operating system support provided by the database server allows hackers to modify or control the operating system.
6) Destroy hard disk data and paralyze the entire system.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What are the hazards website vulnerabilities :
The harm of SQL injection vulnerabilities is not only reflected in the database level, but also may endanger the operating system that hosts the database; if SQL injection is used to hang horses, it may also be used to spread malware, etc. These hazards include but are not limited to:
1) Database information leakage: user privacy information stored in the database is leaked.
2) Web page tampering: tampering with specific web pages by operating the database.
3) The website is hacked to spread malicious software: modify the value of some fields in the database, embed the link of the network horse, and carry out a hacking attack.
4) The database was maliciously operated: The database server was attacked and the database system administrator account was tampered with.
5) The server is controlled remotely and a backdoor is installed: the operating system support provided by the database server allows hackers to modify or control the operating system.
6) Destroy hard disk data and paralyze the entire system.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WEB HACK METHODE BY UNDERCODE:
π Injection of OS command to attack web applications :
A) What is OS Command Injection?
OS Command Injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server running an application, and typically completely compromise the application and all of its data.
Very often, an attacker can exploit an OS command injection vulnerability to compromise other parts of the hosting infrastructure, using trust relationships to attack other systems in an organization.
B) Execution of arbitrary commands
1) Consider a shopping app that allows a user to see if an item is in stock at a particular store.
2) This information is available via a URL, for example:
3) To provide information on promotions, the application must query various legacy systems.
4) For historical reasons, functionality is implemented by invoking a shell command with product IDs and storing the IDs:
stockreport.pl 381 29
5) This command displays the stock status for the specified item, which is returned to the user.
Since the application does not implement any protection against OS command injection, an attacker can send the following input to execute an arbitrary command:
& echo aiwefwlguh &
9) If this input is passed in the productID parameter, then the command executed by the application is:
stockreport.pl & echo aiwefwlguh & 29
10) The echo command simply causes the passed string to fly to stdout, which is a useful way to test some types of OS command injection.
The & character is the shell command separator, and therefore actually three separate commands are executed one after the other.
As a result, the output returned to the user is:
Error - productID was not provided
aiwefwlguh
29: command not found
11) These lines of output demonstrate that:
The original stockreport.pl command was executed with no expected arguments and therefore returned an error.
12) The echo command was injected and the provided string was reflected in the output.
The original argument 29 was executed as the command that caused the error.
13) Placing an extra command separator & after the entered command is usually good practice, as it separates the command you entered from what follows the insertion point.
This reduces the likelihood that subsequent action will prevent the execution of the command entered.
WRITTEN BY
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WEB HACK METHODE BY UNDERCODE:
π Injection of OS command to attack web applications :
A) What is OS Command Injection?
OS Command Injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server running an application, and typically completely compromise the application and all of its data.
Very often, an attacker can exploit an OS command injection vulnerability to compromise other parts of the hosting infrastructure, using trust relationships to attack other systems in an organization.
B) Execution of arbitrary commands
1) Consider a shopping app that allows a user to see if an item is in stock at a particular store.
2) This information is available via a URL, for example:
3) To provide information on promotions, the application must query various legacy systems.
4) For historical reasons, functionality is implemented by invoking a shell command with product IDs and storing the IDs:
stockreport.pl 381 29
5) This command displays the stock status for the specified item, which is returned to the user.
Since the application does not implement any protection against OS command injection, an attacker can send the following input to execute an arbitrary command:
& echo aiwefwlguh &
9) If this input is passed in the productID parameter, then the command executed by the application is:
stockreport.pl & echo aiwefwlguh & 29
10) The echo command simply causes the passed string to fly to stdout, which is a useful way to test some types of OS command injection.
The & character is the shell command separator, and therefore actually three separate commands are executed one after the other.
As a result, the output returned to the user is:
Error - productID was not provided
aiwefwlguh
29: command not found
11) These lines of output demonstrate that:
The original stockreport.pl command was executed with no expected arguments and therefore returned an error.
12) The echo command was injected and the provided string was reflected in the output.
The original argument 29 was executed as the command that caused the error.
13) Placing an extra command separator & after the entered command is usually good practice, as it separates the command you entered from what follows the insertion point.
This reduces the likelihood that subsequent action will prevent the execution of the command entered.
WRITTEN BY
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π What is the .htpasswd file and why is it needed ?
.htpasswd is a system file used to store usernames and passwords.
This file is typically used by a web server like Apache, Nginx, etc. to authenticate users using HTTP basic authentication.
A) What is the content of the .htpasswd file?
.htpasswd is a text file containing ASCII text.
1) The structure of .htpaswd is very simple, where each line stores a username and associated passwords.
2) The username and password are separated by a colon.
3) In addition, the password is stored encrypted rather than in clear text to keep the password secure.
example :
ismail:$apr1$/5EzxSg3$SXVemrqNIb/TrKvJv4Z5r0
ahmet:$apr1$cEKbD/Wa$M012WG8Txqp/dhso8.znk0
ali:$apr1$o/t1Efly$E7798GsGjMWoNUpqmG4l60
How do I create a .httpaswd file?
B) The .htpasswd file can be created using the htpasswd command, touch command, or a text editor .
1) But the most suitable way is to use the httpasswd command.
2) You can also edit the contents of the .htpasswd file using the htpasswd command.
3) Next, we will create a .htpasswd file using the htpasswd command, where we will provide the filename with the -c option.
$ htpasswd -c .htpasswd itsecforu
Or we can specify the full path as shown below.
$ htpasswd -c /var/www/mysite/.htpasswd itsecforu
Alternatively, we can use the touch command where the generated .htpasswd file will be an empty file with its own name.
$ touch .htpasswd
4) Another alternative for creating the .htpasswd file is to use the command line or a text editor.
5) We will use the nano text editor as an example, but alternatively text editors such as vi, vim, KWrite can be used.
$ nano .htpasswd
6) Setting up the .htpasswd file
Since the .htpasswd file is used for Apache and its associated web server software to authenticate users, we must configure the web server to use the .htpasswd file.
7) Next, we'll enable HTTP Basic Authentication by specifying a .htpasswd file for the username and password.
AuthUserFile /var/www/mysite/.htpasswd
AuthType Basic
Require valid-user
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π What is the .htpasswd file and why is it needed ?
.htpasswd is a system file used to store usernames and passwords.
This file is typically used by a web server like Apache, Nginx, etc. to authenticate users using HTTP basic authentication.
A) What is the content of the .htpasswd file?
.htpasswd is a text file containing ASCII text.
1) The structure of .htpaswd is very simple, where each line stores a username and associated passwords.
2) The username and password are separated by a colon.
3) In addition, the password is stored encrypted rather than in clear text to keep the password secure.
example :
ismail:$apr1$/5EzxSg3$SXVemrqNIb/TrKvJv4Z5r0
ahmet:$apr1$cEKbD/Wa$M012WG8Txqp/dhso8.znk0
ali:$apr1$o/t1Efly$E7798GsGjMWoNUpqmG4l60
How do I create a .httpaswd file?
B) The .htpasswd file can be created using the htpasswd command, touch command, or a text editor .
1) But the most suitable way is to use the httpasswd command.
2) You can also edit the contents of the .htpasswd file using the htpasswd command.
3) Next, we will create a .htpasswd file using the htpasswd command, where we will provide the filename with the -c option.
$ htpasswd -c .htpasswd itsecforu
Or we can specify the full path as shown below.
$ htpasswd -c /var/www/mysite/.htpasswd itsecforu
Alternatively, we can use the touch command where the generated .htpasswd file will be an empty file with its own name.
$ touch .htpasswd
4) Another alternative for creating the .htpasswd file is to use the command line or a text editor.
5) We will use the nano text editor as an example, but alternatively text editors such as vi, vim, KWrite can be used.
$ nano .htpasswd
6) Setting up the .htpasswd file
Since the .htpasswd file is used for Apache and its associated web server software to authenticate users, we must configure the web server to use the .htpasswd file.
7) Next, we'll enable HTTP Basic Authentication by specifying a .htpasswd file for the username and password.
AuthUserFile /var/www/mysite/.htpasswd
AuthType Basic
Require valid-user
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦445 port intrusion reason detailed analysis :
In Windows NT 4.0, a challenge response protocol is used to establish a session with a remote machine. The successful session will become a secure tunnel through which the two parties can exchange information. The general sequence of this process is as follows:
1) The session requester (client) sends a data packet to the session receiver (server) to request the establishment of a secure tunnel;
2) The server generates a random 64-digit number (implementation challenge) and sends it back to the client;
3) The client obtains the 64-digit number generated by the server, disrupts it with the password of the account that is trying to establish a session, and returns the result to the server (response);
4) After the server accepts the response, it sends it to the local security authentication (LSA). The LSA verifies the response by using the user's correct password to confirm the identity of the requester. If the account of the requester is a local account of the server, the verification occurs locally; if the account requested is a domain account, the response is sent to the domain controller for verification. When the response to the challenge is verified as correct, an access token is generated and then sent to the client. The client uses this access token to connect to the resource on the server until the proposed session is terminated.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦445 port intrusion reason detailed analysis :
In Windows NT 4.0, a challenge response protocol is used to establish a session with a remote machine. The successful session will become a secure tunnel through which the two parties can exchange information. The general sequence of this process is as follows:
1) The session requester (client) sends a data packet to the session receiver (server) to request the establishment of a secure tunnel;
2) The server generates a random 64-digit number (implementation challenge) and sends it back to the client;
3) The client obtains the 64-digit number generated by the server, disrupts it with the password of the account that is trying to establish a session, and returns the result to the server (response);
4) After the server accepts the response, it sends it to the local security authentication (LSA). The LSA verifies the response by using the user's correct password to confirm the identity of the requester. If the account of the requester is a local account of the server, the verification occurs locally; if the account requested is a domain account, the response is sent to the domain controller for verification. When the response to the challenge is verified as correct, an access token is generated and then sent to the client. The client uses this access token to connect to the resource on the server until the proposed session is terminated.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOR VS VPN, VPN AND TOR, one of which is more anonymous ?
> If your purpose is to encrypt the transmitted data such that it can not be examined by your Internet provider, then you can come up with both Tor and your VPN! I would not consider using any third-party VPNs, as all the transmitted traffic + client IP (that is, your IP address) can be identified by their user. If you use a VPN provider from a third party, then you are sure to get a spyware that knows your real IP address at least as well! If this is a paying VPN, then anonymity is completely not acceptable, since the VPN operator not only knows your IP address and has access to all sent data, but also knows who you are from your payment information.
> The self-configured OpenVPN enables transmitted information to be secured and your computers to be inserted into a virtual private network. Your actual IP address and bypass web blocking can also be covered.
> But this alternative is not ideal for anonymity, since you need to reserve a VPS for the OpenVPN service, for which you have to pay. While OpenVPN can allow you to remain anonymous, whether you use cryptocurrencies or other anonymous payment methods.
> Using a single proxy has the same downside as a VPN: your exact IP address is exposed by the eavesdropper + proxy application. In the absence of encryption, an added downside is that your ISP can also examine your traffic and also restrict links to websites.
> If a proxy chain is used, the situation of IP concealment increases because (depending on the settings), any next proxy knows (always) the IP address of the previous node and (sometimes) the IP address of 1 node before the previous one. If we assume that traffic at every point is not encrypted, and a certain portion of public proxies are only honeypots, then the proxy alternative is not the safest way to guarantee confidentiality.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOR VS VPN, VPN AND TOR, one of which is more anonymous ?
> If your purpose is to encrypt the transmitted data such that it can not be examined by your Internet provider, then you can come up with both Tor and your VPN! I would not consider using any third-party VPNs, as all the transmitted traffic + client IP (that is, your IP address) can be identified by their user. If you use a VPN provider from a third party, then you are sure to get a spyware that knows your real IP address at least as well! If this is a paying VPN, then anonymity is completely not acceptable, since the VPN operator not only knows your IP address and has access to all sent data, but also knows who you are from your payment information.
> The self-configured OpenVPN enables transmitted information to be secured and your computers to be inserted into a virtual private network. Your actual IP address and bypass web blocking can also be covered.
> But this alternative is not ideal for anonymity, since you need to reserve a VPS for the OpenVPN service, for which you have to pay. While OpenVPN can allow you to remain anonymous, whether you use cryptocurrencies or other anonymous payment methods.
> Using a single proxy has the same downside as a VPN: your exact IP address is exposed by the eavesdropper + proxy application. In the absence of encryption, an added downside is that your ISP can also examine your traffic and also restrict links to websites.
> If a proxy chain is used, the situation of IP concealment increases because (depending on the settings), any next proxy knows (always) the IP address of the previous node and (sometimes) the IP address of 1 node before the previous one. If we assume that traffic at every point is not encrypted, and a certain portion of public proxies are only honeypots, then the proxy alternative is not the safest way to guarantee confidentiality.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What skills should modern network performance monitoring tools have? Network and application monitoring >
The network performance monitoring tool is an indispensable tool for the IT industry, but when using it, you must also pay attention to what skills the network performance monitoring tool should have. The following editor will explain the modern network performance monitoring in detail. What kind of skills the tool should have.
In the past, enterprise network engineers had to provide network access and sufficient bandwidth for various connected servers, applications, and terminal devices. From the perspective of the OSI model, these tools mainly focus on the 1-4 layer network. Since all traffic and data flows passing through a network share all bandwidth and queue resources, the higher OSI level is somewhat ignored.
Slowly, network equipment becomes more and more complex, and now different data streams in the network can be identified and treated differently. Various quality of service (QoS) and application layer process shaping techniques can also be used to achieve this goal. In addition, with the increasing dependence on key business applications, network engineers also urgently need to understand the higher levels of the OSI model so that they can discover the performance of the network, server operating systems, virtualization software, and applications themselves. Questions or other issues. However, in order to solve these problems, they need some tools.
In many scenarios, network performance monitoring tools have evolved from more traditional and simple network monitoring software. These monitoring tools usually use ICMP ping and Simple Network Monitoring Protocol (SNMP) polling/traps to check the network status. More modern supplementary features include monitoring, baselineization, and intelligent analysis of all states of the application itself. The most advanced network monitoring tools can also perform the following 5 functions :
1) Network and application monitoring
2) Network problem analysis
3) Application data and flow interception analysis
4) Virtualization and operating system problem detection
5) Root cause analysis
Different network performance monitoring vendors have different granularity in performing these tasks. Moreover, the more precise the task, the more complex it will be to implement and manage. Therefore, we must accurately understand the needs of our own organization, and then properly balance the granularity and complexity. So, let's continue to analyze the 5 common functions of modern network performance monitoring tools.
enjoy β€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What skills should modern network performance monitoring tools have? Network and application monitoring >
The network performance monitoring tool is an indispensable tool for the IT industry, but when using it, you must also pay attention to what skills the network performance monitoring tool should have. The following editor will explain the modern network performance monitoring in detail. What kind of skills the tool should have.
In the past, enterprise network engineers had to provide network access and sufficient bandwidth for various connected servers, applications, and terminal devices. From the perspective of the OSI model, these tools mainly focus on the 1-4 layer network. Since all traffic and data flows passing through a network share all bandwidth and queue resources, the higher OSI level is somewhat ignored.
Slowly, network equipment becomes more and more complex, and now different data streams in the network can be identified and treated differently. Various quality of service (QoS) and application layer process shaping techniques can also be used to achieve this goal. In addition, with the increasing dependence on key business applications, network engineers also urgently need to understand the higher levels of the OSI model so that they can discover the performance of the network, server operating systems, virtualization software, and applications themselves. Questions or other issues. However, in order to solve these problems, they need some tools.
In many scenarios, network performance monitoring tools have evolved from more traditional and simple network monitoring software. These monitoring tools usually use ICMP ping and Simple Network Monitoring Protocol (SNMP) polling/traps to check the network status. More modern supplementary features include monitoring, baselineization, and intelligent analysis of all states of the application itself. The most advanced network monitoring tools can also perform the following 5 functions :
1) Network and application monitoring
2) Network problem analysis
3) Application data and flow interception analysis
4) Virtualization and operating system problem detection
5) Root cause analysis
Different network performance monitoring vendors have different granularity in performing these tasks. Moreover, the more precise the task, the more complex it will be to implement and manage. Therefore, we must accurately understand the needs of our own organization, and then properly balance the granularity and complexity. So, let's continue to analyze the 5 common functions of modern network performance monitoring tools.
enjoy β€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Network and application monitoring :
As mentioned earlier, modern network monitoring tools have evolved from network monitoring using ICMP ping and SNMP protocols to more complex tools. The regular ping command from the network monitoring server will be sent to various networks, servers and other terminal devices that need to be monitored. If the monitored device does not respond to the ping request, the monitoring tool may mark the device as "down" and then alert the support staff.
1) SNMP collects and organizes various types of data from network and server components that support this protocol.
For network devices, this usually means constantly monitoring the status of specific device interfaces and data throughput. In addition, it will monitor the hardware status, including power, fan, and memory usage.
2) Some network performance monitoring tools can also collect and respond to various system log (Syslog) messages. System log is a common standard for log messages of infrastructure devices. These messages will be sent and stored in a centralized network monitoring tool, after analysis, will be used to notify support engineers in the event of a system failure.
3) The network monitoring tool has comprehensive monitoring capabilities. It can monitor not only availability and performance statistics, but even the entire application layer. This kind of monitoring usually depends on the configured software plug-in or operating system settings to send monitoring data back to the central monitoring server.
enjoy β€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Network and application monitoring :
As mentioned earlier, modern network monitoring tools have evolved from network monitoring using ICMP ping and SNMP protocols to more complex tools. The regular ping command from the network monitoring server will be sent to various networks, servers and other terminal devices that need to be monitored. If the monitored device does not respond to the ping request, the monitoring tool may mark the device as "down" and then alert the support staff.
1) SNMP collects and organizes various types of data from network and server components that support this protocol.
For network devices, this usually means constantly monitoring the status of specific device interfaces and data throughput. In addition, it will monitor the hardware status, including power, fan, and memory usage.
2) Some network performance monitoring tools can also collect and respond to various system log (Syslog) messages. System log is a common standard for log messages of infrastructure devices. These messages will be sent and stored in a centralized network monitoring tool, after analysis, will be used to notify support engineers in the event of a system failure.
3) The network monitoring tool has comprehensive monitoring capabilities. It can monitor not only availability and performance statistics, but even the entire application layer. This kind of monitoring usually depends on the configured software plug-in or operating system settings to send monitoring data back to the central monitoring server.
enjoy β€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β