β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Cross-site scripting (XSS) for beginers:
It is a code injection attack that enables an attacker in the window of another user to run malicious JavaScript.
The perpetrator does not hit his victim specifically. Instead in order to get the website to send the malicious JavaScript to him, he exploits a flaw in a website that the victim visits. The malicious JavaScript seems to be a genuine component of the website for the victim's browser and the website has thereby acted as an unwitting accomplice to the intruder. It is possible to execute these attacks using HTML, JavaScript, VBScript, ActiveX, Flash, but malicious JavaScript is the most widely used XSS.
Such attacks can also capture data from account hijacking, user interface updates, cookie theft/poisoning, or false ads and generate DoS attacks.
π¦Example ( examples from wiki) :
Letβs take an example to understand how it works. We have a vulnerable webpage that we got by the metasploitable machine. Now we will test the field that is highlighted in red arrow for XSS.
1) Metasploitable
First of all, we make a simple alert script
<script>
alert(βI am Vulnerableβ)
</script>
2) It will produce the following output β
Simple Alert
π¦Types of XSS Attacks
XSS attacks are often divided into three types β
1) Persistent XSS, where the malicious string originates from the website's database.
2) Reflected XSS, where the malicious string originates from the victim's request.
3) DOM-based XSS, where the vulnerability is in the client-side code rather than the server-side code.
Generally, cross-site scripting is found by vulnerability scanners so that you donβt have to do all the manual job by putting a JavaScript on it like
<script>
alert('XSS')
</script>
Burp Suite and acunetix are considered as the best vulnerability scanners.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Cross-site scripting (XSS) for beginers:
It is a code injection attack that enables an attacker in the window of another user to run malicious JavaScript.
The perpetrator does not hit his victim specifically. Instead in order to get the website to send the malicious JavaScript to him, he exploits a flaw in a website that the victim visits. The malicious JavaScript seems to be a genuine component of the website for the victim's browser and the website has thereby acted as an unwitting accomplice to the intruder. It is possible to execute these attacks using HTML, JavaScript, VBScript, ActiveX, Flash, but malicious JavaScript is the most widely used XSS.
Such attacks can also capture data from account hijacking, user interface updates, cookie theft/poisoning, or false ads and generate DoS attacks.
π¦Example ( examples from wiki) :
Letβs take an example to understand how it works. We have a vulnerable webpage that we got by the metasploitable machine. Now we will test the field that is highlighted in red arrow for XSS.
1) Metasploitable
First of all, we make a simple alert script
<script>
alert(βI am Vulnerableβ)
</script>
2) It will produce the following output β
Simple Alert
π¦Types of XSS Attacks
XSS attacks are often divided into three types β
1) Persistent XSS, where the malicious string originates from the website's database.
2) Reflected XSS, where the malicious string originates from the victim's request.
3) DOM-based XSS, where the vulnerability is in the client-side code rather than the server-side code.
Generally, cross-site scripting is found by vulnerability scanners so that you donβt have to do all the manual job by putting a JavaScript on it like
<script>
alert('XSS')
</script>
Burp Suite and acunetix are considered as the best vulnerability scanners.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
FREE ANDROID REVERSE ENGiNEERING :
Android emulators 5.1 (ARM), 7.1.1 (ARM) and 9.0 (x86)
androguard
apktool
AXMLPrinter
baksmali / smali
classyshark
CFR
dex2jar
enjarify
frida
google play api
google play crawler
google play downloader
jadx
java decompiler
krakatau
procyon
radare2
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/cryptax/androidre.git
2) cd androidre
3) Normally, you just need to do:
$ docker pull cryptax/android-re:latest
Unless you want to build your own image - then see below the Customization section.
4) Running the container
There are a few options:
running the container locally: you just want to run on your own machine and don't want to bother about SSH or VNC.
running to connect via SSH or VNC: the container will be available as a standalone host you can log into via SSH, or VNC.
5) Running the container locally
$ docker run -it --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix cryptax/android-re:latest /bin/bash
You are directly connected to the container.
Note you can also share a directory with your host using -v hostdir:containerdir.
If you try to use any graphical interface and get an error like No protocol specified followed by an crash (SEGFAULT), using this command before running the docker should fix it: xhost +local:docker.
IMPORTANT: if you want to use the Android emulator x86 image, you need to set the --privileged option in the command line, i.e:
$ docker run -it --privileged --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix cryptax/android-re:latest /bin/bash
6) Running to connect via SSH or VNC
Run the container:
$ docker run -d --name androidre -p SSH_PORT:22 -p VNC_PORT:5900 cryptax/android-re
β β β Uππ»βΊπ«Δπ¬πβ β β β
FREE ANDROID REVERSE ENGiNEERING :
Android emulators 5.1 (ARM), 7.1.1 (ARM) and 9.0 (x86)
androguard
apktool
AXMLPrinter
baksmali / smali
classyshark
CFR
dex2jar
enjarify
frida
google play api
google play crawler
google play downloader
jadx
java decompiler
krakatau
procyon
radare2
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/cryptax/androidre.git
2) cd androidre
3) Normally, you just need to do:
$ docker pull cryptax/android-re:latest
Unless you want to build your own image - then see below the Customization section.
4) Running the container
There are a few options:
running the container locally: you just want to run on your own machine and don't want to bother about SSH or VNC.
running to connect via SSH or VNC: the container will be available as a standalone host you can log into via SSH, or VNC.
5) Running the container locally
$ docker run -it --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix cryptax/android-re:latest /bin/bash
You are directly connected to the container.
Note you can also share a directory with your host using -v hostdir:containerdir.
If you try to use any graphical interface and get an error like No protocol specified followed by an crash (SEGFAULT), using this command before running the docker should fix it: xhost +local:docker.
IMPORTANT: if you want to use the Android emulator x86 image, you need to set the --privileged option in the command line, i.e:
$ docker run -it --privileged --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix cryptax/android-re:latest /bin/bash
6) Running to connect via SSH or VNC
Run the container:
$ docker run -d --name androidre -p SSH_PORT:22 -p VNC_PORT:5900 cryptax/android-re
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - cryptax/androidre: Reverse engineering Android
Reverse engineering Android. Contribute to cryptax/androidre development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Gates bombards federal offices for not supplying or facing significant issues with new crown vaccinations.
#international
#international
You can follow & Stay tunned :
A) Undercode Testing :
instagram.com/UndercodeTesting
Fb.com/UndercodeTesting
Join our fcb group Fb.com/groups/UndercodeTesting
twitter.com/UndercodeUpdate
Youtube.com/Undercode
UndercodeTesting.com
B) Follow & stay updated undercode News:
Instagram.com/UndercodeNews
Fb.com/undercodeNews
Twitter.com/UndercodeNews
UndercodeNews.com
https://m.youtube.com/channel/UCU7X3-cwK7yR3SlSjlCPOkQ
A) Undercode Testing :
instagram.com/UndercodeTesting
Fb.com/UndercodeTesting
Join our fcb group Fb.com/groups/UndercodeTesting
twitter.com/UndercodeUpdate
Youtube.com/Undercode
UndercodeTesting.com
B) Follow & stay updated undercode News:
Instagram.com/UndercodeNews
Fb.com/undercodeNews
Twitter.com/UndercodeNews
UndercodeNews.com
https://m.youtube.com/channel/UCU7X3-cwK7yR3SlSjlCPOkQ
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Android Hacking Apps & tools : list 7
Β» Mobile Apps (Hack On Android)
[AndroRat](https://github.com/wszf/androrat) - Android Remote Administrative Tool
cspoilt - A tool that enumerates local hosts, finds vulnerabilities and their exploits, cracks Wi-Fi password, installs backdoors blablabla!!!
[Hackode](https://play.google.com/store/apps/details?id=com.techfond.hackode&hl=en) - All In One Android Pentest Tool
zANTI - Network mapping, port discovery, sniffing, packet manipulation, DoS, MITM blablabla!!
[FaceNiff](http://faceniff.ponury.net/) - Intercept and sniff WiFi network traffic for Social Media packets
Droidsheep - Android application that analyzes security in wireless networks and also captures Twitter, Linked, Facebook, and other accounts
[USB Cleaver](https://forum.xda-developers.com/showthread.php?t=1656497) - Silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information
Shark - Network Packate analysis tool
[DroidBox](https://github.com/pjlantz/droidbox) - Dynamic analysis of Android apps
Wi-Fi Kill - Disable other Users from WiFi Access
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Android Hacking Apps & tools : list 7
Β» Mobile Apps (Hack On Android)
[AndroRat](https://github.com/wszf/androrat) - Android Remote Administrative Tool
cspoilt - A tool that enumerates local hosts, finds vulnerabilities and their exploits, cracks Wi-Fi password, installs backdoors blablabla!!!
[Hackode](https://play.google.com/store/apps/details?id=com.techfond.hackode&hl=en) - All In One Android Pentest Tool
zANTI - Network mapping, port discovery, sniffing, packet manipulation, DoS, MITM blablabla!!
[FaceNiff](http://faceniff.ponury.net/) - Intercept and sniff WiFi network traffic for Social Media packets
Droidsheep - Android application that analyzes security in wireless networks and also captures Twitter, Linked, Facebook, and other accounts
[USB Cleaver](https://forum.xda-developers.com/showthread.php?t=1656497) - Silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information
Shark - Network Packate analysis tool
[DroidBox](https://github.com/pjlantz/droidbox) - Dynamic analysis of Android apps
Wi-Fi Kill - Disable other Users from WiFi Access
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - wszf/androrat: androrat
androrat. Contribute to wszf/androrat development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ ways to connect to SSH and SCP through a proxy server (jump) on Linux :
1) SCP via proxy
Method 1: using scp with ProxyJump
In openssh package version 7.4p1-11 or newer, we can use the ProxyJump option to transfer files using a proxy server.
The scp command syntax for proxy file transfers is:
# scp -o "ProxyJump <User> @ <Proxy-Server>" <File-Name> <User> @ <Destination-Server>: <Destination-Path>
For instance:
# scp -o "ProxyJump user@10.23.100.70" dataFile.txt user@192.168.10.100: / tmp
user@10.23.100.70's password:
user@192.168.10.100's password:
dataFile.txt
Where my proxy is 10.23.100.70 and the target server is 192.168.10.100.
Method 2: using scp with ProxyCommand
SCP uses ssh as its main protocol and hence we can use ssh options along with scp commands.
2) Setting up SSH to make your life easier
The syntax for using the ProxyCommand option with the scp command is:
# scp -o "ProxyCommand ssh <user> @ <Proxy-Server> nc% h% p" <File-Name> <User @ <Destination-Server>: <Destination-Path>
Where:
% h will be replaced with the hostname to connect
% p will be replaced with port
3) When using the ProxyCommand parameter, make sure the nmap-ncat package is installed on the proxy that provides the nc command, otherwise the following error message will be displayed.
ssh_exchange_identification: Connection closed by remote host
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ ways to connect to SSH and SCP through a proxy server (jump) on Linux :
1) SCP via proxy
Method 1: using scp with ProxyJump
In openssh package version 7.4p1-11 or newer, we can use the ProxyJump option to transfer files using a proxy server.
The scp command syntax for proxy file transfers is:
# scp -o "ProxyJump <User> @ <Proxy-Server>" <File-Name> <User> @ <Destination-Server>: <Destination-Path>
For instance:
# scp -o "ProxyJump user@10.23.100.70" dataFile.txt user@192.168.10.100: / tmp
user@10.23.100.70's password:
user@192.168.10.100's password:
dataFile.txt
Where my proxy is 10.23.100.70 and the target server is 192.168.10.100.
Method 2: using scp with ProxyCommand
SCP uses ssh as its main protocol and hence we can use ssh options along with scp commands.
2) Setting up SSH to make your life easier
The syntax for using the ProxyCommand option with the scp command is:
# scp -o "ProxyCommand ssh <user> @ <Proxy-Server> nc% h% p" <File-Name> <User @ <Destination-Server>: <Destination-Path>
Where:
% h will be replaced with the hostname to connect
% p will be replaced with port
3) When using the ProxyCommand parameter, make sure the nmap-ncat package is installed on the proxy that provides the nc command, otherwise the following error message will be displayed.
ssh_exchange_identification: Connection closed by remote host
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Online fortune-telling is investigated by CCTV: touching porcelain with high technology and researching psychology is "money"!
#international
#international
