Forwarded from UNDERCODE NEWS
India has fallen into political polarization, and Wikipedia-related content is also βchaoticβ
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FOR PRO USERS LINUX BOOT PROCESS DIR :
Step 1. Open the init.d directory
Now that we have a basic understanding of the Linux boot process, let's see if we can add Snort to the overall boot process of our Kali.
First, let's go to the /etc/init.d directory, this is the directory of the initializing daemon (not to be confused with inetd). This directory contains all scripts that start various processes during system boot.
kali> cd /etc/init.d
kali> ls -l
As you can see in the screenshot, these files can be executed by the init process at system boot. Take a look at the apache2 process for example. If we go down a little further down the page, we see rc.local.
Step 2. Open rc.local with a text editor
Now let's open rc.local in any text editor, rc.local contains a script to start the necessary processes in the background at system boot. We'll be using Leafpad here.
kali> leafpad /etc/init.d/rc.local
Step 3. Install Snort
Now let's see if we can use what we've learned about autoloading to get Snort IDS to start at system boot. If you don't have Snort installed yet, do it right now by entering the following command in the console:
kali> apt-get install snort
The Snort package will download and install. During its installation, Snort will place its startup script in the /etc/init.d directory. Let's look there and make sure of this.
kali> ls -l
As you can see, Snort has indeed placed its startup script in the /etc/init.d directory. Now all we have to do is execute this script every time the system starts up.
If you compiled Snort from source, you may not have this script. In this case, just create a file called "snort" and save it in the /etc/init.d directory. In this file, place a command to start Snort, for example:
/ usr / sbin / snort -D -c /etc/snort/snort.conf -l / var / log / snor
Make sure that this script has permission to execute it (755).
Step 4. Starting Snort from rc.local
There are many ways to run a script at system startup, but the easiest way is to use the rc.local file. As we saw earlier, the rc.local file contains a script to start various services at boot time. Now all we have to do is add commands to start Snort in this file.
Let's open this file with Leafpad and add two lines at the end of the file to: 1) make sure that the correct interface is selected in promiscuous mode of the NIC (ifconfig eth0 up -arp), and 2) execute the script that Snort put in init.d directory (/etc/init.d/snort start).
Now when your system powers up, Snort will always run in the background. Let's see this. Reboot your Kali system and see if Snort starts automatically.
Now that our system has rebooted, let's check if Snort is running. To do this, type in the console:
kali> ps aux | grep snort
Excellent! Now our network is constantly protected by the Snort package from the moment our system boots!
Be sure to come back as we will continue to explore the inner workings of Linux to give you the skills that professional hackers need!
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FOR PRO USERS LINUX BOOT PROCESS DIR :
Step 1. Open the init.d directory
Now that we have a basic understanding of the Linux boot process, let's see if we can add Snort to the overall boot process of our Kali.
First, let's go to the /etc/init.d directory, this is the directory of the initializing daemon (not to be confused with inetd). This directory contains all scripts that start various processes during system boot.
kali> cd /etc/init.d
kali> ls -l
As you can see in the screenshot, these files can be executed by the init process at system boot. Take a look at the apache2 process for example. If we go down a little further down the page, we see rc.local.
Step 2. Open rc.local with a text editor
Now let's open rc.local in any text editor, rc.local contains a script to start the necessary processes in the background at system boot. We'll be using Leafpad here.
kali> leafpad /etc/init.d/rc.local
Step 3. Install Snort
Now let's see if we can use what we've learned about autoloading to get Snort IDS to start at system boot. If you don't have Snort installed yet, do it right now by entering the following command in the console:
kali> apt-get install snort
The Snort package will download and install. During its installation, Snort will place its startup script in the /etc/init.d directory. Let's look there and make sure of this.
kali> ls -l
As you can see, Snort has indeed placed its startup script in the /etc/init.d directory. Now all we have to do is execute this script every time the system starts up.
If you compiled Snort from source, you may not have this script. In this case, just create a file called "snort" and save it in the /etc/init.d directory. In this file, place a command to start Snort, for example:
/ usr / sbin / snort -D -c /etc/snort/snort.conf -l / var / log / snor
Make sure that this script has permission to execute it (755).
Step 4. Starting Snort from rc.local
There are many ways to run a script at system startup, but the easiest way is to use the rc.local file. As we saw earlier, the rc.local file contains a script to start various services at boot time. Now all we have to do is add commands to start Snort in this file.
Let's open this file with Leafpad and add two lines at the end of the file to: 1) make sure that the correct interface is selected in promiscuous mode of the NIC (ifconfig eth0 up -arp), and 2) execute the script that Snort put in init.d directory (/etc/init.d/snort start).
Now when your system powers up, Snort will always run in the background. Let's see this. Reboot your Kali system and see if Snort starts automatically.
Now that our system has rebooted, let's check if Snort is running. To do this, type in the console:
kali> ps aux | grep snort
Excellent! Now our network is constantly protected by the Snort package from the moment our system boots!
Be sure to come back as we will continue to explore the inner workings of Linux to give you the skills that professional hackers need!
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
KISA conducts simulation training in response to intrusion incidents with domestic cloud providers.
#Updates
#Updates
This exploit verified 100% Foxit Reader 9.7.1 - Remote Command Execution (Javascript API)
https://pastebin.com/Lbn6f8Ne
https://pastebin.com/Lbn6f8Ne
Pastebin
Foxit Reader 9.7.1 - Remote Command Execution (Javascript API) - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Types of hacking/hackers
Broadly speaking, you can say that hackers attempt to break into computers and networks for any of four reasons.
1) There's criminal financial gain, meaning the theft of credit card numbers or defrauding banking systems.
2) Next, gaining street cred and burnishing one's reputation within hacker subculture motivates some hackers as they leave their mark on websites they vandalize as proof that they pulled off the hack.
3) Then there's corporate espionage, when one company's hackers seek to steal information on a competitor's products and services to gain a marketplace advantage.
4) Finally, entire nations engage in state-sponsored hacking to steal business and/or national intelligence, to destabilize their adversaries' infrastructure, or even to sow discord and confusion in the target country. (There's consensus that China and Russia have carried out such attacks, including one on Forbes.com. In addition, the recent attacks on the Democratic National
5) Committee [DNC] made the news in a big wayβespecially after Microsoft says hackers accused of hacking into the Democratic National Committee have exploited previously undisclosed flaws in Microsoft's Windows operating system and Adobe Systems' Flash software. There are also instances of hacking courtesy of the United States government.)
6) There's even another category of cybercriminals: the hacker who is politically or socially motivated for some cause. Such hacker-activists, or βhacktivists,β strive to focus public attention on an issue by garnering unflattering attention on the targetβusually by making sensitive information public. For notable hacktivist groups, along with some of their more famous undertakings, see Anonymous, WikiLeaks, and LulzSec.
malwareByte report
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Types of hacking/hackers
Broadly speaking, you can say that hackers attempt to break into computers and networks for any of four reasons.
1) There's criminal financial gain, meaning the theft of credit card numbers or defrauding banking systems.
2) Next, gaining street cred and burnishing one's reputation within hacker subculture motivates some hackers as they leave their mark on websites they vandalize as proof that they pulled off the hack.
3) Then there's corporate espionage, when one company's hackers seek to steal information on a competitor's products and services to gain a marketplace advantage.
4) Finally, entire nations engage in state-sponsored hacking to steal business and/or national intelligence, to destabilize their adversaries' infrastructure, or even to sow discord and confusion in the target country. (There's consensus that China and Russia have carried out such attacks, including one on Forbes.com. In addition, the recent attacks on the Democratic National
5) Committee [DNC] made the news in a big wayβespecially after Microsoft says hackers accused of hacking into the Democratic National Committee have exploited previously undisclosed flaws in Microsoft's Windows operating system and Adobe Systems' Flash software. There are also instances of hacking courtesy of the United States government.)
6) There's even another category of cybercriminals: the hacker who is politically or socially motivated for some cause. Such hacker-activists, or βhacktivists,β strive to focus public attention on an issue by garnering unflattering attention on the targetβusually by making sensitive information public. For notable hacktivist groups, along with some of their more famous undertakings, see Anonymous, WikiLeaks, and LulzSec.
malwareByte report
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
New Mercedes-Benz HERMES 1 Vulnerability could allow attacker to physical access to device hardware.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
The official version of Apple's macOS Big Sur causes the old MacBook Pro models to black out and become bricks.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Gift Card Sites
https://www.g2a.com
https://www.giftinix.com
https://www.giftcards.com/virtual-gift-cards
https://www.cardcash.com/buy-gift-cards/
https://www.thecardcloset.com/
https://www.cdkeys.com/
https://www.offgamers.com/
https://www.giftcardmall.com/
https://www.egifter.com/
https://www.carddelivery.com/
https://www.igp.com/
https://www.pcgamesupply.com/
https://www.mygiftcardsupply.com/shop/amazon-gift-cards
https://www.woohoo.in/amazon-in-e-gift-card
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Gift Card Sites
https://www.g2a.com
https://www.giftinix.com
https://www.giftcards.com/virtual-gift-cards
https://www.cardcash.com/buy-gift-cards/
https://www.thecardcloset.com/
https://www.cdkeys.com/
https://www.offgamers.com/
https://www.giftcardmall.com/
https://www.egifter.com/
https://www.carddelivery.com/
https://www.igp.com/
https://www.pcgamesupply.com/
https://www.mygiftcardsupply.com/shop/amazon-gift-cards
https://www.woohoo.in/amazon-in-e-gift-card
β β β Uππ»βΊπ«Δπ¬πβ β β β
G2A
G2A.COM - Open the Gate 2 Adventure in the Digital World
Enter the world of endless digital entertainment. Discover the largest global marketplace for digital items and entertainment. Open the gate to adventure!
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FAST PROXIES WEBSITES :
HTTP - http://www.sslproxies24.top/
SOCKS - http://www.socks24.org/
SOCKS - http://www.vipsocks24.net/
SOCKS - http://www.socksproxylist24.top/
SOCKS - http://www.live-socks.net/
MIX HTTP/SOCKS - www.dailyfreeproxy.com/
MIX HTTP/SOCKS - https://proxyscrape.com/free-proxy-list
MIX HTTP/SOCKS - https://propaste.io/archive/none
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FAST PROXIES WEBSITES :
HTTP - http://www.sslproxies24.top/
SOCKS - http://www.socks24.org/
SOCKS - http://www.vipsocks24.net/
SOCKS - http://www.socksproxylist24.top/
SOCKS - http://www.live-socks.net/
MIX HTTP/SOCKS - www.dailyfreeproxy.com/
MIX HTTP/SOCKS - https://proxyscrape.com/free-proxy-list
MIX HTTP/SOCKS - https://propaste.io/archive/none
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BitCracker
BitCracker is the first open source password cracking tool for storage devices (Hard Disk, USB Pendrive, SD card, etc...) encrypted with BitLocker, an encryption feature available on Windows Vista, 7, 8.1 and 10 (Ultimate, Pro and Enterprise editions). BitLocker offers a number of different authentication methods to encrypt a storage device like Trusted Platform Module (TPM), Smart Card, Recovery Password, User supplied password.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/e-ago/bitcracker.git
2) cd bitcracker
3) Running the build.sh script generates 4 executables inside the build directory: bitcracker_hash, bitcracker_rpgen, bitcracker_cuda, bitcracker_opencl.
In order to build bitcracker_cuda coherently with your NVIDIA GPU and CUDA version, you need to modify the src_CUDA/Makefile chosing the correct SM version.
4) You need to create the image of your storage device encrypted with BitLocker using, as an example, the dd command:
sudo dd if=/dev/disk2 of=/path/to/imageEncrypted.img conv=noerror,sync
4030464+0 records in
4030464+0 records out
2063597568 bytes transferred in 292.749849 secs (7049013 bytes/sec)
π¦An example:
/build/bitcracker_hash -o test_hash -i ./Images/imgWin7
---------> BitCracker Hash Extractor <---------
Opening file ./Images/imgWin7
....
Signature found at 0x02208000
Version: 2 (Windows 7 or later)
VMK entry found at 0x022080bc
VMK encrypted with user password found!
VMK encrypted with AES-CCM
VMK entry found at 0x0220819c
VMK encrypted with Recovery key found!
VMK encrypted with AES-CCM
User Password hash:
$bitlocker$0$16$89a5bad722db4a729d3c7b9ee8e76a29$1048576$12$304a4ac192a2cf0103000000$60$24de9a6128e8f8ffb97ac72d21de40f63dbc44acf101e68ac0f7e52ecb1be4a8ee30ca1e69fbe98400707ba3977d5f09b14e388c885f312edc5c85c2
Recovery Key hash:
$bitlocker$2$16$8b7be4f7802275ffbdad3766c7f7fa4a$1048576$12$304a4ac192a2cf0106000000$60$6e72f6ef6ba688e72211b8cf8cc722affd308882965dc195f85614846f5eb7d9037d4d63bcc1d6e904f0030cf2e3a95b3e1067447b089b7467f86688
Output file for user password attack: "hash_user_pass.txt"
Output file for recovery password attack: "hash_recv_pass.txt"
USE FOR LEARN
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BitCracker
BitCracker is the first open source password cracking tool for storage devices (Hard Disk, USB Pendrive, SD card, etc...) encrypted with BitLocker, an encryption feature available on Windows Vista, 7, 8.1 and 10 (Ultimate, Pro and Enterprise editions). BitLocker offers a number of different authentication methods to encrypt a storage device like Trusted Platform Module (TPM), Smart Card, Recovery Password, User supplied password.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/e-ago/bitcracker.git
2) cd bitcracker
3) Running the build.sh script generates 4 executables inside the build directory: bitcracker_hash, bitcracker_rpgen, bitcracker_cuda, bitcracker_opencl.
In order to build bitcracker_cuda coherently with your NVIDIA GPU and CUDA version, you need to modify the src_CUDA/Makefile chosing the correct SM version.
4) You need to create the image of your storage device encrypted with BitLocker using, as an example, the dd command:
sudo dd if=/dev/disk2 of=/path/to/imageEncrypted.img conv=noerror,sync
4030464+0 records in
4030464+0 records out
2063597568 bytes transferred in 292.749849 secs (7049013 bytes/sec)
π¦An example:
/build/bitcracker_hash -o test_hash -i ./Images/imgWin7
---------> BitCracker Hash Extractor <---------
Opening file ./Images/imgWin7
....
Signature found at 0x02208000
Version: 2 (Windows 7 or later)
VMK entry found at 0x022080bc
VMK encrypted with user password found!
VMK encrypted with AES-CCM
VMK entry found at 0x0220819c
VMK encrypted with Recovery key found!
VMK encrypted with AES-CCM
User Password hash:
$bitlocker$0$16$89a5bad722db4a729d3c7b9ee8e76a29$1048576$12$304a4ac192a2cf0103000000$60$24de9a6128e8f8ffb97ac72d21de40f63dbc44acf101e68ac0f7e52ecb1be4a8ee30ca1e69fbe98400707ba3977d5f09b14e388c885f312edc5c85c2
Recovery Key hash:
$bitlocker$2$16$8b7be4f7802275ffbdad3766c7f7fa4a$1048576$12$304a4ac192a2cf0106000000$60$6e72f6ef6ba688e72211b8cf8cc722affd308882965dc195f85614846f5eb7d9037d4d63bcc1d6e904f0030cf2e3a95b3e1067447b089b7467f86688
Output file for user password attack: "hash_user_pass.txt"
Output file for recovery password attack: "hash_recv_pass.txt"
USE FOR LEARN
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - e-ago/bitcracker: BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker
BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker - e-ago/bitcracker
Forwarded from UNDERCODE NEWS
