β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Parsing the / etc / shadow file :L
The / etc / shadow file stores the actual password in an encrypted format (more like a password hash) for the user account with additional properties related to the user's password.
Basically, it stores secure user account information.
All fields are separated by colons (:).
It contains one entry per line for each user specified in the / etc / passwd file.
π»π΄π 'π π π π°π π :
1) Username: This is your login name.
2) Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3) Last change of password (last change): days since January 1, 1970, when the password was last changed.
4) Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5) Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6)) Warning: The number of days before the password expires that the user is warned to change the password.
7) Inactivity: the number of days after the password expires that the account has been disabled.
8) Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
π¦How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
Use the chage command on Linux to change the password expiration information for a user.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Parsing the / etc / shadow file :L
The / etc / shadow file stores the actual password in an encrypted format (more like a password hash) for the user account with additional properties related to the user's password.
Basically, it stores secure user account information.
All fields are separated by colons (:).
It contains one entry per line for each user specified in the / etc / passwd file.
π»π΄π 'π π π π°π π :
1) Username: This is your login name.
2) Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3) Last change of password (last change): days since January 1, 1970, when the password was last changed.
4) Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5) Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6)) Warning: The number of days before the password expires that the user is warned to change the password.
7) Inactivity: the number of days after the password expires that the account has been disabled.
8) Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
π¦How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
Use the chage command on Linux to change the password expiration information for a user.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦List apps work with iOS 14 home screen widgets :
Acorns: Invest Spare Change
Apollo for Reddit
Aviary (RUB 379)
Balance: Meditation & Sleep
Bazaart Photo Editor & Design
Birch - Organized Photo Notes
Bolt - Workout Tracker Gym Log
Book Track - Library Manager ($ 4.99)
Brief: just the news you need
Calendar 5 by Readdle
Calendars: Planner & Reminders
Calory
CardPointers for Credit Cards
CARROT Weather ($ 4.99)
Cheep: Flight Deals Tracker
ChibiStudio - Avatar Maker
Coinbase - Buy & sell Bitcoin
Copilot: The Smart Money App
Countdown - Countdown to Dates
Curio: hear great journalism
Dark Noise (459 rub.)
DataMan - track data usage (75 rub.)
Date Today (149 rub.)
Day one journal
Debit & Credit
Dice by PCalc (149 rub.)
Documents by Readdle
Drafts
DuckDuckGo Privacy Browser
Flow by Moleskine Studio
FoodNoms - Food Tracker
Friendship Circles
GasBuddy: Find & Pay for Gas
GameTrack
GoodTask - To Do List Manager
Google
HabitMinder
Hard Disk - Monitor Disk Usage (TestFlight beta)
HealthView
Health Auto Export to CSV (149 rubles)
IMDb: Movies & TV Shows
Kahoot! Play & Create Quizzes
LookUp: English dictionary (459 rub.)
Menstrual Period Tracker
Menstrual Period Tracker Pro ($ 5.99)
MFC Deck (TestFlight beta)
Microsoft OneDrive
MusicHarbor - Track New Music
MusicView (75 rub.)
Next: Magic DJs & Playlists (379 rub.)
Nikola for Tesla
Nighthawk for Twitter ($ 3.99)
Night sky
Nudget: Budgeting Made Simple (229 Rub.)
Parcel - Delivery Tracking
PDF Expert: PDF Reader, Editor
Pedometer ++
Pennant
Personal Best Workouts
Photo Widget: Simple
Pillow Automatic Sleep Tracker
Pocketdex for PokΓ©mon GO
Robinhood: Invest. Save. Earn.
Scanner Pro: PDF Scanner App ($ 3.99)
Schooly (TestFlight beta)
Scriptable
Slopes: Ski & Snowboard
SmartGym: Gym & Home Workouts
Soor Player ($ 4.99)
Spark Mail - Email by Readdle
Spendy - Spendings reimagined (229 rub.)
Spend Stack: Budget Tracker (229 rub.)
Streaks (379 rub.)
Sunrise - Day Greeter (149 rubles)
Tangerine: Self-care & Goals
Things 3
Timepage by Moleskin Studio
Todoist: To-Do List & Tasks
TrΓ€ning - Workout Goals
TripIt: Travel Planner
TuneTrack
Twilight Dice | TTRPG Roller
Unwind - Mindful Breathing
Watch chess
WaterMinder (379 rub.)
Weather - The Weather Channel
Weather line
WidgetPack (TestFlight beta)
Widgetsmith
Widget Wizard (149 rub.)
Wikipedia
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦List apps work with iOS 14 home screen widgets :
Acorns: Invest Spare Change
Apollo for Reddit
Aviary (RUB 379)
Balance: Meditation & Sleep
Bazaart Photo Editor & Design
Birch - Organized Photo Notes
Bolt - Workout Tracker Gym Log
Book Track - Library Manager ($ 4.99)
Brief: just the news you need
Calendar 5 by Readdle
Calendars: Planner & Reminders
Calory
CardPointers for Credit Cards
CARROT Weather ($ 4.99)
Cheep: Flight Deals Tracker
ChibiStudio - Avatar Maker
Coinbase - Buy & sell Bitcoin
Copilot: The Smart Money App
Countdown - Countdown to Dates
Curio: hear great journalism
Dark Noise (459 rub.)
DataMan - track data usage (75 rub.)
Date Today (149 rub.)
Day one journal
Debit & Credit
Dice by PCalc (149 rub.)
Documents by Readdle
Drafts
DuckDuckGo Privacy Browser
Flow by Moleskine Studio
FoodNoms - Food Tracker
Friendship Circles
GasBuddy: Find & Pay for Gas
GameTrack
GoodTask - To Do List Manager
HabitMinder
Hard Disk - Monitor Disk Usage (TestFlight beta)
HealthView
Health Auto Export to CSV (149 rubles)
IMDb: Movies & TV Shows
Kahoot! Play & Create Quizzes
LookUp: English dictionary (459 rub.)
Menstrual Period Tracker
Menstrual Period Tracker Pro ($ 5.99)
MFC Deck (TestFlight beta)
Microsoft OneDrive
MusicHarbor - Track New Music
MusicView (75 rub.)
Next: Magic DJs & Playlists (379 rub.)
Nikola for Tesla
Nighthawk for Twitter ($ 3.99)
Night sky
Nudget: Budgeting Made Simple (229 Rub.)
Parcel - Delivery Tracking
PDF Expert: PDF Reader, Editor
Pedometer ++
Pennant
Personal Best Workouts
Photo Widget: Simple
Pillow Automatic Sleep Tracker
Pocketdex for PokΓ©mon GO
Robinhood: Invest. Save. Earn.
Scanner Pro: PDF Scanner App ($ 3.99)
Schooly (TestFlight beta)
Scriptable
Slopes: Ski & Snowboard
SmartGym: Gym & Home Workouts
Soor Player ($ 4.99)
Spark Mail - Email by Readdle
Spendy - Spendings reimagined (229 rub.)
Spend Stack: Budget Tracker (229 rub.)
Streaks (379 rub.)
Sunrise - Day Greeter (149 rubles)
Tangerine: Self-care & Goals
Things 3
Timepage by Moleskin Studio
Todoist: To-Do List & Tasks
TrΓ€ning - Workout Goals
TripIt: Travel Planner
TuneTrack
Twilight Dice | TTRPG Roller
Unwind - Mindful Breathing
Watch chess
WaterMinder (379 rub.)
Weather - The Weather Channel
Weather line
WidgetPack (TestFlight beta)
Widgetsmith
Widget Wizard (149 rub.)
Wikipedia
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 Cloud City IoT Hack, an event that provides developers with a hands-on introduction to some of the very best features Microsoft Azure has to offer, including IoT Hubs, Event Hubs, Azure Functions, Stream Analytics, and Cognitive Services. Four hands-on labs are located in folders named HOL 1, HOL 2, HOL 3, and HOL 4. Here's a synopsis of those labs:
P A R T S :
1) HOL 1 - Attendees create an Azure IoT Hub and program an MXCHIP to send accelerometer data to it.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%201/HOL%201%20-%20MXChip.md
2) HOL 2 - Attendees create an Azure Event Hub and deploy an Azure Function that transforms accelerometer data input to the IoT Hub into "flight data" denoting the disposition on an airplane and transmits it to the Event Hub. Then they connect a UWP client app to the Event Hub and use their MXChip to fly a simulated airplane.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%202/HOL%202%20-%20Functions%20and%20Event%20Hubs.md
3) HOL 3 - The instructor creates a pair of Event Hubs and deploys a Stream Analytics job that analyzes all the air traffic in the room for aircraft that are within two miles of each another. He or she also deploys a UWP app that shows all the air traffic. THIS HOL IS INSTRUCTOR-LED.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%203/HOL%203%20-%20Stream%20Analytics.md
4) HOL 4 - Attendees modify the Azure Function they deployed in HOL 2 to transmit flight data to the input hub used by Stream Analytics. They also connect the client app to the Stream Analytics output and modify the app to transmit warning messages back to the MXChip when their aircraft are within two miles of another.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%204/HOL%204%20-%20Putting%20It%20All%20Together.md
β GIT 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
π¦2020 Cloud City IoT Hack, an event that provides developers with a hands-on introduction to some of the very best features Microsoft Azure has to offer, including IoT Hubs, Event Hubs, Azure Functions, Stream Analytics, and Cognitive Services. Four hands-on labs are located in folders named HOL 1, HOL 2, HOL 3, and HOL 4. Here's a synopsis of those labs:
P A R T S :
1) HOL 1 - Attendees create an Azure IoT Hub and program an MXCHIP to send accelerometer data to it.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%201/HOL%201%20-%20MXChip.md
2) HOL 2 - Attendees create an Azure Event Hub and deploy an Azure Function that transforms accelerometer data input to the IoT Hub into "flight data" denoting the disposition on an airplane and transmits it to the Event Hub. Then they connect a UWP client app to the Event Hub and use their MXChip to fly a simulated airplane.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%202/HOL%202%20-%20Functions%20and%20Event%20Hubs.md
3) HOL 3 - The instructor creates a pair of Event Hubs and deploys a Stream Analytics job that analyzes all the air traffic in the room for aircraft that are within two miles of each another. He or she also deploys a UWP app that shows all the air traffic. THIS HOL IS INSTRUCTOR-LED.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%203/HOL%203%20-%20Stream%20Analytics.md
4) HOL 4 - Attendees modify the Azure Function they deployed in HOL 2 to transmit flight data to the input hub used by Stream Analytics. They also connect the client app to the Stream Analytics output and modify the app to transmit warning messages back to the MXChip when their aircraft are within two miles of another.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%204/HOL%204%20-%20Putting%20It%20All%20Together.md
β GIT 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
GitHub
Azure/CloudIoTHack
An end-to-end IoT Solution Workshop. Contribute to Azure/CloudIoTHack development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π¦ Detecting deprecated shared libraries in memory with UChecker:
A) What is UChecker
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
2) The tool was created by KernelCare during live patching development for shared libraries.
3) With Uchecker, you can identify vulnerable FOSS libraries and fix them.
4) You will have to reload the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
5) As a result, you avoid unnecessary server reboots, which lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
6) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
π¦This example can be just as devastating as rebooting:
1) How UChecker works
Uchecker works with all modern Linux distributions starting from version 6.
2) It is free JSON software that is open for distribution and / or modification under the terms of the GNU General Public License.
3) Uchecker detects processes that are using old (i.e. unpatched) shared libraries.
4) It detects and reports obsolete libraries that are being used by running processes.
5) Its detection capabilities are based on BuildID comparisons.
6 )As a result, the tool knows about deleted or replaced files.
7) The Uchecker tool can determine the process ID and name, as well as the names of the shared libraries that are not patched, as well as their build IDs.
8) Uchecker gets the latest BuildIDs from KC resources.
9) It then starts the process by iterating over / proc / and gets the associated shared library from / proc / <pid> / maps.
10) At this point, Uchecker asks if the shared library has been replaced or removed.
11) Depending on the answer, the program will either parse ELF from the file system or parse ELF from mapped memory.
Uchecker then collects the BuildID from the .note.gnu.build-id.
12) Detecting obsolete in-memory libraries with UChecker
No installation required!
Just run the Uchecker script to find the unpatched libraries on your Linux server:
# curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π¦ Detecting deprecated shared libraries in memory with UChecker:
A) What is UChecker
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
2) The tool was created by KernelCare during live patching development for shared libraries.
3) With Uchecker, you can identify vulnerable FOSS libraries and fix them.
4) You will have to reload the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
5) As a result, you avoid unnecessary server reboots, which lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
6) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
π¦This example can be just as devastating as rebooting:
1) How UChecker works
Uchecker works with all modern Linux distributions starting from version 6.
2) It is free JSON software that is open for distribution and / or modification under the terms of the GNU General Public License.
3) Uchecker detects processes that are using old (i.e. unpatched) shared libraries.
4) It detects and reports obsolete libraries that are being used by running processes.
5) Its detection capabilities are based on BuildID comparisons.
6 )As a result, the tool knows about deleted or replaced files.
7) The Uchecker tool can determine the process ID and name, as well as the names of the shared libraries that are not patched, as well as their build IDs.
8) Uchecker gets the latest BuildIDs from KC resources.
9) It then starts the process by iterating over / proc / and gets the associated shared library from / proc / <pid> / maps.
10) At this point, Uchecker asks if the shared library has been replaced or removed.
11) Depending on the answer, the program will either parse ELF from the file system or parse ELF from mapped memory.
Uchecker then collects the BuildID from the .note.gnu.build-id.
12) Detecting obsolete in-memory libraries with UChecker
No installation required!
Just run the Uchecker script to find the unpatched libraries on your Linux server:
# curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Android Games hacking apps list 3 :
https://xmodgames.download
https://hackerbot.net/software/444-hackerbot-download
https://noxofficial.com/nox-for-pc/
https://www.bluestacks.com
https://www.cheatengine.org/downloads.php
https://sbgamehacker.download/apk/
https://creehack.net
https://gameguardian.net/download
https://gamecihworld.puzl.com
https://www.luckypatchers.com/lucky-patcher-6-0-7-apk/
http://leoplaycard.info
https://gamekiller.co
https://latestmodapks.com/download-freedom-apk-latest/
https://play.google.com/store/apps/details?id=com.acr.rootfilemanager&hl=en_IN
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Android Games hacking apps list 3 :
https://xmodgames.download
https://hackerbot.net/software/444-hackerbot-download
https://noxofficial.com/nox-for-pc/
https://www.bluestacks.com
https://www.cheatengine.org/downloads.php
https://sbgamehacker.download/apk/
https://creehack.net
https://gameguardian.net/download
https://gamecihworld.puzl.com
https://www.luckypatchers.com/lucky-patcher-6-0-7-apk/
http://leoplaycard.info
https://gamekiller.co
https://latestmodapks.com/download-freedom-apk-latest/
https://play.google.com/store/apps/details?id=com.acr.rootfilemanager&hl=en_IN
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Techylist
Xmodgames - Download Xmod Apk For Android (Official)
People have been playing games like Clash of Clans, Minecraft, Clash Royale, Asphalt 8, Mortal Combat, etc. for such a long time that, most of them become dull. This is probably because the game is small or it is very hard after a certain level. So in suchβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How Data Anti-Leakage Software work's :
1) it is possible to completely prohibit the use of U disks, mobile hard drives, SD cards, mobile phones to connect to computers, tablet computers and other devices with storage functions.
2) Completely disable the optical drive, prohibit the use of the floppy drive, and at the same time, you can only prohibit the optical drive from burning and restrict the use of the optical drive without affecting the playback function of the optical drive.
3) Completely disable computer COM ports, computer ports, and printers and other external devices.
4) Fully protect the security of the operating system. It is forbidden to modify the registry, modify the group policy, prohibit the use of msconfig, prohibit entering the computer safe mode, prohibit the use of task manager, prohibit the use of device manager, etc.
5) Comprehensively prevent employees from uninstalling, prevent accidental killing or interception by anti-virus software, maximize the protection of computer information security, and protect the security of corporate business secrets.
6) Allow network administrators to set a blacklist of programs that are forbidden to run on the computer, a whitelist of programs that are only allowed to run, a blacklist of forbidden URLs, and a whitelist of only accessible URLs, thereby enhancing the control over computer use.
7) Effectively prohibit network hotspots, prohibit 360 portable wifi, prohibit Baidu portable wifi, block wifi sharing wizard, prohibit the functions of wifi master key, and prevent employees from using these portable wifi to provide Internet access for their laptops, mobile phones or tablets. .
8) Newly added prohibiting email sending, prohibiting online disk uploading, prohibiting forum attachment uploading, prohibiting FTP uploading, only allowing specific QQ account login, only allowing specific Ali Wangwang account login, prohibiting QQ sending files, prohibiting QQ group sharing file uploads.
9) Exclusive support not only stand-alone installation, stand-alone management, but also support server and client management based on the C/S architecture, thus facilitating the use of users.
10) It can be customized for users, prohibit all kinds of computer equipment and modify any configuration of the operating system at any time, so as to protect computer security and commercial secrets
Written by
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How Data Anti-Leakage Software work's :
1) it is possible to completely prohibit the use of U disks, mobile hard drives, SD cards, mobile phones to connect to computers, tablet computers and other devices with storage functions.
2) Completely disable the optical drive, prohibit the use of the floppy drive, and at the same time, you can only prohibit the optical drive from burning and restrict the use of the optical drive without affecting the playback function of the optical drive.
3) Completely disable computer COM ports, computer ports, and printers and other external devices.
4) Fully protect the security of the operating system. It is forbidden to modify the registry, modify the group policy, prohibit the use of msconfig, prohibit entering the computer safe mode, prohibit the use of task manager, prohibit the use of device manager, etc.
5) Comprehensively prevent employees from uninstalling, prevent accidental killing or interception by anti-virus software, maximize the protection of computer information security, and protect the security of corporate business secrets.
6) Allow network administrators to set a blacklist of programs that are forbidden to run on the computer, a whitelist of programs that are only allowed to run, a blacklist of forbidden URLs, and a whitelist of only accessible URLs, thereby enhancing the control over computer use.
7) Effectively prohibit network hotspots, prohibit 360 portable wifi, prohibit Baidu portable wifi, block wifi sharing wizard, prohibit the functions of wifi master key, and prevent employees from using these portable wifi to provide Internet access for their laptops, mobile phones or tablets. .
8) Newly added prohibiting email sending, prohibiting online disk uploading, prohibiting forum attachment uploading, prohibiting FTP uploading, only allowing specific QQ account login, only allowing specific Ali Wangwang account login, prohibiting QQ sending files, prohibiting QQ group sharing file uploads.
9) Exclusive support not only stand-alone installation, stand-alone management, but also support server and client management based on the C/S architecture, thus facilitating the use of users.
10) It can be customized for users, prohibit all kinds of computer equipment and modify any configuration of the operating system at any time, so as to protect computer security and commercial secrets
Written by
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The trend to the leading advantage of USB port control software :
Compared with similar domestic systems, the Da Shizhi computer file anti-leakage system has many advantages. It has the following leading advantages:
1) There is no need for users to encrypt computer files throughout the process. At present, similar computer file anti-leakage systems usually encrypt user computer files. This not only requires a lot of complex encryption and decryption operations, which increases the user's workload, but also easily destroys files due to the need to format the computer files themselves. However, the present invention does not perform any format conversion or encryption and decryption operations on computer files throughout the entire process, and only performs real-time monitoring of various channels for computer leakage, thereby protecting file security and preventing file leakage.
2) Based on HOOK and window filtering technology, the system can control all potentially leaky programs, URLs, and access behaviors, especially through the preset of program keywords, window class names, window names, and window process information, and Support users to make personalized presets, which can prevent various possible leaks.
3) Realize precise control of the use of USB storage devices. Currently, similar anti-leakage systems can only completely disable the use of USB storage devices, or only allow the use of specific USB storage devices. The present invention can not only realize the above-mentioned functions by making full use of the HOOK and window filtering technology, but also can further set the use authority of the USB storage device. It can only copy files from the USB storage device to the computer, and prohibit the computer to the USB storage device. Copying files, or entering a password from the computer to the USB storage device can be realized, so as to prevent the USB storage device from leaking, but also give full play to the file storage function of the USB storage device.
4) The traditional computer file anti-leakage system focuses on the control of the file itself, and the present invention realizes the key functions of the operating system, computer running programs, computer website access, computer external equipment, etc. by giving full play to the hook and window filtering technology. The position control can realize the overall and three-dimensional computer file anti-leakage control, which is convenient for realizing the realization of the computer file anti-leakage control function.
5) Traditional computer file anti-leakage systems are often based on the HOOK operating system clipboard to prevent file copying. However, many third-party software copy and cut operations are not cached by the operating system's clipboard. Instead, it is stored directly through the third-party software itself, which leads to the failure of the traditional control method of disabling the clipboard based on the HOOK clipboard and the global hook.
Written by
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The trend to the leading advantage of USB port control software :
Compared with similar domestic systems, the Da Shizhi computer file anti-leakage system has many advantages. It has the following leading advantages:
1) There is no need for users to encrypt computer files throughout the process. At present, similar computer file anti-leakage systems usually encrypt user computer files. This not only requires a lot of complex encryption and decryption operations, which increases the user's workload, but also easily destroys files due to the need to format the computer files themselves. However, the present invention does not perform any format conversion or encryption and decryption operations on computer files throughout the entire process, and only performs real-time monitoring of various channels for computer leakage, thereby protecting file security and preventing file leakage.
2) Based on HOOK and window filtering technology, the system can control all potentially leaky programs, URLs, and access behaviors, especially through the preset of program keywords, window class names, window names, and window process information, and Support users to make personalized presets, which can prevent various possible leaks.
3) Realize precise control of the use of USB storage devices. Currently, similar anti-leakage systems can only completely disable the use of USB storage devices, or only allow the use of specific USB storage devices. The present invention can not only realize the above-mentioned functions by making full use of the HOOK and window filtering technology, but also can further set the use authority of the USB storage device. It can only copy files from the USB storage device to the computer, and prohibit the computer to the USB storage device. Copying files, or entering a password from the computer to the USB storage device can be realized, so as to prevent the USB storage device from leaking, but also give full play to the file storage function of the USB storage device.
4) The traditional computer file anti-leakage system focuses on the control of the file itself, and the present invention realizes the key functions of the operating system, computer running programs, computer website access, computer external equipment, etc. by giving full play to the hook and window filtering technology. The position control can realize the overall and three-dimensional computer file anti-leakage control, which is convenient for realizing the realization of the computer file anti-leakage control function.
5) Traditional computer file anti-leakage systems are often based on the HOOK operating system clipboard to prevent file copying. However, many third-party software copy and cut operations are not cached by the operating system's clipboard. Instead, it is stored directly through the third-party software itself, which leads to the failure of the traditional control method of disabling the clipboard based on the HOOK clipboard and the global hook.
Written by
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to find out the last modified date of a file on Linux ?
1) Using stat command
The ls -l command gives you basic information about a file, such as file ownership and permissions, file size and creation date.
The stat command returns the attributes of a file with detailed information, such as when the file was last opened and modified.
The syntax is pretty straightforward.
Stat is followed by the file name or full path to this file.
$ stat filename
2) From the above output, we can clearly see when the file was last accessed (Access Date), Modified Date, Modified Date of other parameters.
If you want to view only the modified date and omit all other information, run the following command:
$ stat -c '% y' file1.txt
3) The -c option is used to return the date in a custom format, and the "% y" flag displays the time it was last modified.
For catalogs, the syntax remains the same.
Just replace the filename with the directory name.
4) Using the date command
The date command displays the current date in basic syntax.
However, when used with the -r option, you can display the last modified date of the file as follows:
$ date -r filename
for instance
$ date -r file1.txt
5) Using the ls -l command
The ls -l command is commonly used to display additional information about files, such as file ownership and permissions, size and creation date.
To list and display the last modified time, use the lt parameter as shown below.
$ ls -lt filename
6) Using httpie
Another way to check the last modified date is to use the httpie command line client tool.
HTTPie is a modern HTTP client similar to Curl and Wget commands
The tool is commonly used to interact with HTTP servers and APIs and can also check when a file residing on a web server was last modified.
7) But first you need to install it using the command:
$ pip3 install httpie --user
Ubuntu / Debian / Mint:
$ sudo apt install httpie
To check when a file was last modified on the web server, use the syntax:
$ http -h [url] | grep 'Last-Modified'
For instance:
$ http -h https://itsecforu.ru/wp-content/uploads/2020/09/Fedora.png | grep -i 'Last-Modified'
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to find out the last modified date of a file on Linux ?
1) Using stat command
The ls -l command gives you basic information about a file, such as file ownership and permissions, file size and creation date.
The stat command returns the attributes of a file with detailed information, such as when the file was last opened and modified.
The syntax is pretty straightforward.
Stat is followed by the file name or full path to this file.
$ stat filename
2) From the above output, we can clearly see when the file was last accessed (Access Date), Modified Date, Modified Date of other parameters.
If you want to view only the modified date and omit all other information, run the following command:
$ stat -c '% y' file1.txt
3) The -c option is used to return the date in a custom format, and the "% y" flag displays the time it was last modified.
For catalogs, the syntax remains the same.
Just replace the filename with the directory name.
4) Using the date command
The date command displays the current date in basic syntax.
However, when used with the -r option, you can display the last modified date of the file as follows:
$ date -r filename
for instance
$ date -r file1.txt
5) Using the ls -l command
The ls -l command is commonly used to display additional information about files, such as file ownership and permissions, size and creation date.
To list and display the last modified time, use the lt parameter as shown below.
$ ls -lt filename
6) Using httpie
Another way to check the last modified date is to use the httpie command line client tool.
HTTPie is a modern HTTP client similar to Curl and Wget commands
The tool is commonly used to interact with HTTP servers and APIs and can also check when a file residing on a web server was last modified.
7) But first you need to install it using the command:
$ pip3 install httpie --user
Ubuntu / Debian / Mint:
$ sudo apt install httpie
To check when a file was last modified on the web server, use the syntax:
$ http -h [url] | grep 'Last-Modified'
For instance:
$ http -h https://itsecforu.ru/wp-content/uploads/2020/09/Fedora.png | grep -i 'Last-Modified'
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Running the Cloud Resource Operator :
#Requested
Operator to provision resources such as Postgres, Redis and storage for you, either in-cluster or through a cloud provider such as Amazon AWS.
This operator depends on the Cloud Credential Operator for creating certain resources such as Amazon AWS Credentials. If using the AWS provider, ensure the Cloud Credential Operator is running
Due to a change in how networking is configured for Openshift >= v4.4.6 the use of cro <= v0.16.1 with these Openshift versions is unsupported. Please use >= v0.17.x of CRO for Openshift >= v4.4.6.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Prerequisites:
1) go
make
2) git-secrets - for preventing cloud-provider credentials being included in commits
3) Ensure you are running at least Go 1.13.
$ go version
go version go1.13 darwin/amd64
4) If not, ensure Go Modules are enabled.
5) Clone this repository into your working directory, outside of $GOPATH. For example:
$ cd ~/dev
6) $ git clone git@github.com:integr8ly/cloud-resource-operator.git
7) Seed the Kubernetes/OpenShift cluster with required resources:
$ make cluster/prepare
8) Run the operator:
$ make run
9) Clean up the Kubernetes/OpenShift cluster:
$ make cluster/clean
π¦TUTORIALS :
1) Provider configmap
The cloud-resource-config configmap defines which provider should be used to provision a specific resource type. Different deployment types can contain different resource type > provider mappings. An example can be seen here. For example, a workshop deployment type might choose to deploy a Postgres resource type in-cluster (openshift), while a managed deployment type might choose AWS to deploy an RDS instance instead.
2) Strategy configmap
A config map object is expected to exist for each provider (Currently AWS or Openshift) that will be used by the operator. This config map contains information about how to deploy a particular resource type, such as blob storage, with that provider. In the Cloud Resources Operator, this provider-specific configuration is called a strategy. An example of an AWS strategy configmap can be seen here.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Running the Cloud Resource Operator :
#Requested
Operator to provision resources such as Postgres, Redis and storage for you, either in-cluster or through a cloud provider such as Amazon AWS.
This operator depends on the Cloud Credential Operator for creating certain resources such as Amazon AWS Credentials. If using the AWS provider, ensure the Cloud Credential Operator is running
Due to a change in how networking is configured for Openshift >= v4.4.6 the use of cro <= v0.16.1 with these Openshift versions is unsupported. Please use >= v0.17.x of CRO for Openshift >= v4.4.6.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Prerequisites:
1) go
make
2) git-secrets - for preventing cloud-provider credentials being included in commits
3) Ensure you are running at least Go 1.13.
$ go version
go version go1.13 darwin/amd64
4) If not, ensure Go Modules are enabled.
5) Clone this repository into your working directory, outside of $GOPATH. For example:
$ cd ~/dev
6) $ git clone git@github.com:integr8ly/cloud-resource-operator.git
7) Seed the Kubernetes/OpenShift cluster with required resources:
$ make cluster/prepare
8) Run the operator:
$ make run
9) Clean up the Kubernetes/OpenShift cluster:
$ make cluster/clean
π¦TUTORIALS :
1) Provider configmap
The cloud-resource-config configmap defines which provider should be used to provision a specific resource type. Different deployment types can contain different resource type > provider mappings. An example can be seen here. For example, a workshop deployment type might choose to deploy a Postgres resource type in-cluster (openshift), while a managed deployment type might choose AWS to deploy an RDS instance instead.
2) Strategy configmap
A config map object is expected to exist for each provider (Currently AWS or Openshift) that will be used by the operator. This config map contains information about how to deploy a particular resource type, such as blob storage, with that provider. In the Cloud Resources Operator, this provider-specific configuration is called a strategy. An example of an AWS strategy configmap can be seen here.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How can you get rid of the Reannewscomm.com virus?
The most effective way to remove any hacker software from your computer is to use a powerful antivirus program that can deal with many system problems, including the activity of malware such as the "Reannewscomm.com" virus.
A complete system scan can take a very long time, depending on the hardware configuration, but this method allows you to get rid of almost any threats and prevent them from occurring in the future.
You can also use alternative removal options for "Reannewscomm.com":
1) If you are sure that there is a browser cracker on your PC, then it is better to immediately disable or remove all suspicious extensions from your browser. This process is slightly different in the applications "Safari" and "Google Chrome", especially since in the second case you can use the special utility "Chrome Cleanup Tool" for this.
2) You can independently find this malicious object through the Task Manager and try to remove it manually, but in most cases it will not work that easily, so you still have to install anti-virus software.
3) If the problem in question occurs on a mobile device, then you will need to use alternative methods to remove viruses from Android or IOS.
4) If none of these steps helped resolve the problem, then it would be wise to roll back to an earlier backup point using the System Restore module. In this case, it is very important to select the time period in which the "Reannewscomm.com" virus was not yet active.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How can you get rid of the Reannewscomm.com virus?
The most effective way to remove any hacker software from your computer is to use a powerful antivirus program that can deal with many system problems, including the activity of malware such as the "Reannewscomm.com" virus.
A complete system scan can take a very long time, depending on the hardware configuration, but this method allows you to get rid of almost any threats and prevent them from occurring in the future.
You can also use alternative removal options for "Reannewscomm.com":
1) If you are sure that there is a browser cracker on your PC, then it is better to immediately disable or remove all suspicious extensions from your browser. This process is slightly different in the applications "Safari" and "Google Chrome", especially since in the second case you can use the special utility "Chrome Cleanup Tool" for this.
2) You can independently find this malicious object through the Task Manager and try to remove it manually, but in most cases it will not work that easily, so you still have to install anti-virus software.
3) If the problem in question occurs on a mobile device, then you will need to use alternative methods to remove viruses from Android or IOS.
4) If none of these steps helped resolve the problem, then it would be wise to roll back to an earlier backup point using the System Restore module. In this case, it is very important to select the time period in which the "Reannewscomm.com" virus was not yet active.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π₯ What is AAA (Authentication, Authorization and Accounting)?
π¦What is Authentication?
1) Authentication is the process of identifying a user or instance.
2) A simple way to verify a user is usually user-supplied data, which is usually a username and password.
3) For example, when logging into Gmail, we will need to enter the correct existing username and password for authentication.
4) Authentication is also important for security, because without identifying users, there will be no security restrictions and associated restrictions.
5) There are also various authentication methods such as certificates, public / private keys, tokens, images, etc., as well as biometrics.
6) Authentication usually requires one verification method to go through, but more recently, multiple methods can be used for one authentication, commonly referred to as two-factor authentication or multi-factor authentication.
A) TACACS and AAA
Tacacs or Tacacs + is an AAA protocol created by Cisco for use with its networking products.
Tacacs is the first generation of the protocol and Tacacs + is the next generation AAA protocol with advanced features.
B) RADIUS and AAA
Radius is another AAA protocol that provides features and services very similar to Tacac.
Radius is an open standard and widely used protocol that is defined by the RFC.
C) LDAP and AAA
LDAP is another popular authentication and authorization protocol associated with AAA.
The popular LDAP protocol provides authentication and authorization in an open manner that is supported by many different devices, systems, and software.
LDAP stores user information such as username, ID, password, home directory, certificate, etc. and verifies authentication with the provided credentials and returns the result.
LDAP also provides users with authorization information.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π₯ What is AAA (Authentication, Authorization and Accounting)?
π¦What is Authentication?
1) Authentication is the process of identifying a user or instance.
2) A simple way to verify a user is usually user-supplied data, which is usually a username and password.
3) For example, when logging into Gmail, we will need to enter the correct existing username and password for authentication.
4) Authentication is also important for security, because without identifying users, there will be no security restrictions and associated restrictions.
5) There are also various authentication methods such as certificates, public / private keys, tokens, images, etc., as well as biometrics.
6) Authentication usually requires one verification method to go through, but more recently, multiple methods can be used for one authentication, commonly referred to as two-factor authentication or multi-factor authentication.
A) TACACS and AAA
Tacacs or Tacacs + is an AAA protocol created by Cisco for use with its networking products.
Tacacs is the first generation of the protocol and Tacacs + is the next generation AAA protocol with advanced features.
B) RADIUS and AAA
Radius is another AAA protocol that provides features and services very similar to Tacac.
Radius is an open standard and widely used protocol that is defined by the RFC.
C) LDAP and AAA
LDAP is another popular authentication and authorization protocol associated with AAA.
The popular LDAP protocol provides authentication and authorization in an open manner that is supported by many different devices, systems, and software.
LDAP stores user information such as username, ID, password, home directory, certificate, etc. and verifies authentication with the provided credentials and returns the result.
LDAP also provides users with authorization information.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to choose a CCTV camera ?
A) Equipment selection criteria
1) Before you buy a security camera , you need to decide where it will be used - outdoors or indoors. For example, indoor units are characterized by a more compact size and aesthetic design. They can organically fit into the interior of the room. Outdoor use requires models equipped with a waterproof and dustproof housing. An outdoor camera can be used inside a building, but it may not fit the design.
2) If the equipment will be installed independently, it is better to choose wireless models. Wi-Fi technology assumes the ability to mount the device anywhere there is a wireless signal. The only thing that is required is a power connection. The disadvantage of wireless technology is the ability to limit transmission distance in the presence of buildings or other obstacles along the way.
3)Pay attention to the POE parameter if the transmission distance is significant. The main feature of this technology is that it can be implemented using a single Ethernet wire. This cable will connect power and also transmit the signal.
4)Separately, it should be said about the cost. As a rule, the higher the price, the more functional and better the equipment works. But today manufacturers offer good and inexpensive IP cameras with decent shooting quality and decent service.
5)If you decide to give preference to cheaper options, you need to remember the following nuances:
B) when buying, you always need to compare the characteristics and parameters of devices;
1) before purchasing, you should familiarize yourself with the software, as well as check the usability of the interface;
2) on the Internet, you can search for recordings made by a camera of a certain model in order to understand how high-quality the picture is;
you should clarify everything regarding service and warranty.
3)Many modern models provide the ability to save videos, but you can find more outdated devices on sale. After the information is recorded, it is uploaded to the FTP server.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to choose a CCTV camera ?
A) Equipment selection criteria
1) Before you buy a security camera , you need to decide where it will be used - outdoors or indoors. For example, indoor units are characterized by a more compact size and aesthetic design. They can organically fit into the interior of the room. Outdoor use requires models equipped with a waterproof and dustproof housing. An outdoor camera can be used inside a building, but it may not fit the design.
2) If the equipment will be installed independently, it is better to choose wireless models. Wi-Fi technology assumes the ability to mount the device anywhere there is a wireless signal. The only thing that is required is a power connection. The disadvantage of wireless technology is the ability to limit transmission distance in the presence of buildings or other obstacles along the way.
3)Pay attention to the POE parameter if the transmission distance is significant. The main feature of this technology is that it can be implemented using a single Ethernet wire. This cable will connect power and also transmit the signal.
4)Separately, it should be said about the cost. As a rule, the higher the price, the more functional and better the equipment works. But today manufacturers offer good and inexpensive IP cameras with decent shooting quality and decent service.
5)If you decide to give preference to cheaper options, you need to remember the following nuances:
B) when buying, you always need to compare the characteristics and parameters of devices;
1) before purchasing, you should familiarize yourself with the software, as well as check the usability of the interface;
2) on the Internet, you can search for recordings made by a camera of a certain model in order to understand how high-quality the picture is;
you should clarify everything regarding service and warranty.
3)Many modern models provide the ability to save videos, but you can find more outdated devices on sale. After the information is recorded, it is uploaded to the FTP server.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS DDE EXPLOIT ?
1)DDE exploitation was also known as dynamic data exchange, it allows data to be transferred between applications without any user interaction.
2)Hackers have used this technique to execute malicious scripts to compromise data.
3) This was reported to Microsoft by Sensepost, Etienne Stalmans and Saif El-Sherei, but this has not been fixed as many applications use the DDE protocol.
4) This exploit does not require a macro feature to be enabled.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS DDE EXPLOIT ?
1)DDE exploitation was also known as dynamic data exchange, it allows data to be transferred between applications without any user interaction.
2)Hackers have used this technique to execute malicious scripts to compromise data.
3) This was reported to Microsoft by Sensepost, Etienne Stalmans and Saif El-Sherei, but this has not been fixed as many applications use the DDE protocol.
4) This exploit does not require a macro feature to be enabled.
β β β Uππ»βΊπ«Δπ¬πβ β β β