▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Gift Card Sites

https://www.g2a.com

https://www.giftinix.com

https://www.giftcards.com/virtual-gift-cards

https://www.cardcash.com/buy-gift-cards/

https://www.thecardcloset.com/

https://www.cdkeys.com/

https://www.offgamers.com/

https://www.giftcardmall.com/

https://www.egifter.com/

https://www.carddelivery.com/

https://www.igp.com/

https://www.pcgamesupply.com/

https://www.mygiftcardsupply.com/shop/amazon-gift-cards

https://www.woohoo.in/amazon-in-e-gift-card



▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

A code signing bypass for the VW Polo.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑FAST PROXIES WEBSITES :

HTTP - http://www.sslproxies24.top/

SOCKS - http://www.socks24.org/

SOCKS - http://www.vipsocks24.net/

SOCKS - http://www.socksproxylist24.top/

SOCKS - http://www.live-socks.net/

MIX HTTP/SOCKS - www.dailyfreeproxy.com/

MIX HTTP/SOCKS - https://proxyscrape.com/free-proxy-list

MIX HTTP/SOCKS - https://propaste.io/archive/none
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Wechat chat can bring topics: add “#” to generate topics.
#Updates

As we told before, Windows 10 introduces annoying full-screen ads.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BitCracker

BitCracker is the first open source password cracking tool for storage devices (Hard Disk, USB Pendrive, SD card, etc...) encrypted with BitLocker, an encryption feature available on Windows Vista, 7, 8.1 and 10 (Ultimate, Pro and Enterprise editions). BitLocker offers a number of different authentication methods to encrypt a storage device like Trusted Platform Module (TPM), Smart Card, Recovery Password, User supplied password.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/e-ago/bitcracker.git

2) cd bitcracker

3) Running the build.sh script generates 4 executables inside the build directory: bitcracker_hash, bitcracker_rpgen, bitcracker_cuda, bitcracker_opencl.

In order to build bitcracker_cuda coherently with your NVIDIA GPU and CUDA version, you need to modify the src_CUDA/Makefile chosing the correct SM version.

4) You need to create the image of your storage device encrypted with BitLocker using, as an example, the dd command:

sudo dd if=/dev/disk2 of=/path/to/imageEncrypted.img conv=noerror,sync
4030464+0 records in
4030464+0 records out
2063597568 bytes transferred in 292.749849 secs (7049013 bytes/sec)

🦑An example:

/build/bitcracker_hash -o test_hash -i ./Images/imgWin7

---------> BitCracker Hash Extractor <---------
Opening file ./Images/imgWin7

....

Signature found at 0x02208000
Version: 2 (Windows 7 or later)

VMK entry found at 0x022080bc
VMK encrypted with user password found!
VMK encrypted with AES-CCM

VMK entry found at 0x0220819c
VMK encrypted with Recovery key found!
VMK encrypted with AES-CCM

User Password hash:
$bitlocker$0$16$89a5bad722db4a729d3c7b9ee8e76a29$1048576$12$304a4ac192a2cf0103000000$60$24de9a6128e8f8ffb97ac72d21de40f63dbc44acf101e68ac0f7e52ecb1be4a8ee30ca1e69fbe98400707ba3977d5f09b14e388c885f312edc5c85c2

Recovery Key hash:
$bitlocker$2$16$8b7be4f7802275ffbdad3766c7f7fa4a$1048576$12$304a4ac192a2cf0106000000$60$6e72f6ef6ba688e72211b8cf8cc722affd308882965dc195f85614846f5eb7d9037d4d63bcc1d6e904f0030cf2e3a95b3e1067447b089b7467f86688

Output file for user password attack: "hash_user_pass.txt"
Output file for recovery password attack: "hash_recv_pass.txt"

USE FOR LEARN
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Is an online “Hackathon” possible? Challenges of new hires of major corporations.
#Updates

85% of companies around the world have accelerated automation due to the pandemic.
#Analytiques

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A simple way for others to prompt for an empty number when they call your phone

When you don't want to be annoyed by others and are embarrassed to turn off the phone, it is a good idea to let others call your phone to prompt an empty number. Here is a way to make your mobile phone become an empty number at any time. It is very simple~~ Friends in need can make a note...
　　
Enter **21*999999# in the standby mode and press the dial button~ OK ! ~ done
　　
example someone hit you over the phone number is empty and you will not receive phone preliminary judging most phones can
　　
Note: Since there is no test for all models, we can not guarantee success rate
ex　　

the code number to cancel the empty state is the same as above ## 21 # enter the
　　
last remind remember to finish off state so as not to cause delay in releasing the empty No.
　　
this principle probably use call forwarding to achieve, but do not answer incoming calls There is no charge if you pass, so this method will not waste your phone bill

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The startup sound is back on the Apple Silicon-equipped Mac, I’m worried about software compatibility.
#Technologies

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Another good wordpress bot :

Promise API
Stream API
Pagination API
HTTP2 support
Request cancelation
RFC compliant caching
Follows redirects
Retries on failure
Progress events
Handles gzip/deflate/brotli
Timeout handling
Errors with metadata
JSON mode
WHATWG URL support
HTTPS API
Hooks
Instances with custom defaults
Types
Composable
Plugins

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) https://github.com/sindresorhus/got

2) cd got

3) $ npm install got

4) Promise
const got = require('got');

(async () => {
try {
const response = await got('https://sindresorhus.com');
console.log(response.body);
//=> '<!doctype html> ...'
} catch (error) {
console.log(error.response.body);
//=> 'Internal server error ...'
}
})();
JSON
const got = require('got');

(async () => {
const {body} = await got.post('https://httpbin.org/anything', {
json: {
hello: 'world'
},
responseType: 'json'
});

console.log(body.data);
//=> {hello: 'world'}
})();

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

New Amazon Bug allowing an attacker to decrypts and becomes particularly important in a multi-recipient setting.
#Bugs

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The new amazon Bug:

AWS: In-band protocol negotiation and robustness weaknesses in AWS KMS and Encryption SDKs

{
"eventVersion": "1.05",
"userIdentity": {
"type": "AWSAccount",
"principalId": "<redacted this is the principal ID of the victim>",
"accountId": "<redacted - this is the AWS account ID of the victim>"
},
"eventTime": "2020-06-21T21:05:04Z",
"eventSource": "kms.amazonaws.com",
"eventName": "Decrypt",
"awsRegion": "us-west-2",
"sourceIPAddress": "<redacted - this is the IP address of the victim>",
"userAgent": "<redacted - this is the user agent of the victim>",
"errorCode": "InvalidCiphertextException",
"requestParameters": {
// The encryption context might include other data from the victim
"encryptionContext": {
"aws-crypto-public-key": "AzfNOGOnNYFmpHspKrAm1L6XtRybONkmkhmB/IriKSA7b2NsV4MEPMph9yX2KTPKWw=="
},
"encryptionAlgorithm": "SYMMETRIC_DEFAULT"
},
"responseElements": null,
"requestID": "aeced8e8-75a2-42c3-96ac-d1fa2a1c5ee6",
"eventID": "780a0a6e-4ad8-43d4-a426-75d05022f870",
"readOnly": true,
"resources": [
{
"accountId": "<redacted - this is the account ID of the attacker>",
"type": "AWS::KMS::Key",
"ARN": <redacted - this is the key ARN of the attacker>
}
],
"eventType": "AwsApiCall",
"recipientAccountId": "<redacted - this is the account ID of the attacker>",
"sharedEventID": "033e147c-8a36-42f5-9d6c-9e071eb752b7"
}

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

2020 Korea Digital Forensics Society Winter Conference.
#international

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A scamming message for Hosting letter:

Dear CEO,

(It's very urgent, please transfer this email to your CEO. If this email affects you, we are very sorry, please ignore this email. Thanks)

We are a Network Service Company which is the domain name registration center in China.
We received an application from Hua Hai Ltd on June 17 , 2019. They want to register ”itsecforu” as their Internet Keyword and ”itsecforu .cn“ 、 ”itsecforu .com.cn” 、 ”itsecforu .net.cn“ 、 ”itsecforu .org.cn ”、” itsecforu .asia “domain names, they are in China and Asia domain names. But after checking it, we find ”itsecforu” conflicts with your company. In order to deal with this matter better, so we send you email and confirm whether this company is your distributor or business partner in China or not?



Best Regards

*************************************

Mike Zhang | Service Manager

Cn YG Domain (Head Office)

8006, Xinlong Building, No. 415 WuBao Road, Shanghai 201105, China

Tel: + 86-2161918696 | Fax: + 86-2161918697 | Mob: + 86-1582177 1823

Web: www (dot) cnygdomain (dot) com (dot) cn

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

All JetBrains clients should update their products.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🖧LINUX SECURITY TIP
How to monitor packets passing through the firewall


Configure rsyslog to use the log file /var/log/firewall_trace.log for firewall tracing.

$ cat << EOF | sudo tee /etc/rsyslog.d/01-firewall_trace.conf
# Log messages generated by iptables firewall to file
if \ $ syslogfacility-text == 'kern' and \ $ msg contains 'TRACE' then /var/log/firewall_trace.log
# stop processing it further
& stop
EOF
Apply rsyslog configuration.

$ sudo systemctl restart rsyslog
Rotate the log file to save disk space.
$ cat << EOF | sudo tee /etc/logrotate.d/firewall_trace.conf
/var/log/firewall_trace.log
{
rotate 7
daily
missingok
notifempty
delaycompress
compress
postrotate
invoke-rc.d rsyslog rotate> / dev / null
endscript
}
EOF
You should be sure to rate these logs hourly by size or send them to an external logging service, which I highly recommend.
How to track incoming packages
Use raw and PREROUTING to monitor packets coming in on any network interface.

$ sudo iptables -t raw -A PREROUTING -p tcp --destination 1.2.3.4 --dport 443 -j TRACE
Let's see the raw table
$ sudo iptables -t raw -L -v -n --line-numbers
Chain PREROUTING (policy ACCEPT 3501 packets, 946K bytes)
num pkts bytes target prot opt ​​in out source destination
1 468 28159 TRACE tcp - * * 0.0.0.0/0 1.2.3.4 tcp dpt: 443
Chain OUTPUT (policy ACCEPT 885 packets, 695K bytes)
num pkts bytes target prot opt ​​in out source destination
The trail to the internal network will look like this.

[...]
Jul 18 18:33:27 cerberus kernel: [68907.892027] TRACE: raw: PREROUTING: policy: 2 IN = eth0 OUT = MAC = 00: 15: 17: c3: a1: aa: 00: 15: 17: c3: fb : 07: 01: 00 SRC = 172.69.63.16 DST = 1.2.3.4 LEN = 40 TOS = 0x00 PREC = 0x00 TTL = 56 ID = 64783 DF PROTO = TCP SPT = 62598 DPT = 443 SEQ = 234589096 ACK = 404477568 WINDOW = 82 RES = 0x00 ACK URGP = 0
Jul 18 18:33:27 cerberus kernel: [68907.892093] TRACE: mangle: INPUT: policy: 1 IN = eth0 OUT = MAC = 00: 15: 17: c3: a1: aa: 00: 15: 17: c3: fb : 07: 01: 00 SRC = 172.69.63.16 DST = 1.2.3.4 LEN = 40 TOS = 0x00 PREC = 0x00 TTL = 56 ID = 64783 DF PROTO = TCP SPT = 62598 DPT = 443 SEQ = 234589096 ACK = 404477568 WINDOW = 82 RES = 0x00 ACK URGP = 0
Jul 18 18:33:27 cerberus kernel: [68907.892113] TRACE: filter: INPUT: rule: 6 IN = eth0 OUT = MAC = 00: 15: 17: c3: a1: aa: 00: 15: 17: c3: fb : 07: 01: 00 SRC = 172.69.63.16 DST = 1.2.3.4 LEN = 40 TOS = 0x00 PREC = 0x00 TTL = 56 ID = 64783 DF PROTO = TCP SPT = 62598 DPT = 443 SEQ = 234589096 ACK = 404477568 WINDOW = 82 RES = 0x00 ACK URGP = 0
Jul 18 18:33:27 cerberus kernel: [68907.892150] TRACE: raw: PREROUTING: policy: 2 IN = eth0 OUT = MAC = 00: 15: 17: c3: a1: aa: 00: 15: 17: c3: fb : 07: 01: 00 SRC = 172.69.63.16 DST = 1.2.3.4 LEN = 40 TOS = 0x00 PREC = 0x00 TTL = 56 ID = 64784 DF PROTO = TCP SPT = 62598 DPT = 443 SEQ = 234589096 ACK = 404477569 WINDOW = 82 RES = 0x00 ACK RST URGP = 0
[...]
Map the filyer table, INPUT chain, rule number 6, which will accept bound and established connections.

$ sudo iptables -t filter -L INPUT 6 -v -n --line-numbers
6 979K 851M ACCEPT all - * * 0.0.0.0/0 0.0.0.0/0
Remove the first rule in the raw table, the PREROUTING chain.
$ sudo iptables -t raw -D PREROUTING 1

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁