β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Hacking A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
F E A T U R E S :
Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers
ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel.
UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization).
Simulated TCP with Real-time/Out-of-Order Delivery
In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: MSS, sackOk, TS, TS_ack, wscale. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/wangyu-/udp2raw-tunnel.git
2) cd udp2raw-tunnel
3) # Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -k "passwd" --raw-mode faketcp -a
4) Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -k "passwd" --raw-mode faketcp -a
run as client : ./this_program -c -l local_listen_ip:local_port -r server_address:server_port [options]
run as server : ./this_program -s -l server_listen_ip:server_port -r remote_address:remote_port [options]
common options,these options must be same on both side:
--raw-mode <string> avaliable values:faketcp(default),udp,icmp
-k,--key <string> password to gen symetric key,default:"secret key"
--cipher-mode <string> avaliable values:aes128cbc(default),xor,none
--auth-mode <string> avaliable values:hmac_sha1,md5(default),crc32,simple,none
-a,--auto-rule auto add (and delete) iptables rule
-g,--gen-rule generate iptables rule then exit,so that you can copy and
add it manually.overrides -a
--disable-anti-replay disable anti-replay,not suggested
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Hacking A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
F E A T U R E S :
Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers
ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel.
UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization).
Simulated TCP with Real-time/Out-of-Order Delivery
In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: MSS, sackOk, TS, TS_ack, wscale. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/wangyu-/udp2raw-tunnel.git
2) cd udp2raw-tunnel
3) # Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -k "passwd" --raw-mode faketcp -a
4) Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -k "passwd" --raw-mode faketcp -a
run as client : ./this_program -c -l local_listen_ip:local_port -r server_address:server_port [options]
run as server : ./this_program -s -l server_listen_ip:server_port -r remote_address:remote_port [options]
common options,these options must be same on both side:
--raw-mode <string> avaliable values:faketcp(default),udp,icmp
-k,--key <string> password to gen symetric key,default:"secret key"
--cipher-mode <string> avaliable values:aes128cbc(default),xor,none
--auth-mode <string> avaliable values:hmac_sha1,md5(default),crc32,simple,none
-a,--auto-rule auto add (and delete) iptables rule
-g,--gen-rule generate iptables rule then exit,so that you can copy and
add it manually.overrides -a
--disable-anti-replay disable anti-replay,not suggested
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - wangyu-/udp2raw: A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps youβ¦
A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment) - wangyu-/udp2raw
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
WANT TO HACK A LINUX USER ?
1) Quick download:
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
HOW ?
1) Generate initial exploits list based on kernel version
2) Discard exploits that are not applicable based on βadditional checksβ
3) Calculate internal metric (βRankβ) for each candidate exploit and order the list based on the calculation
4) Check for βTagsβ hits for every exploit
π¦Discarding exploits that are not applicable
example:
1) Reqs: pkg=linux-kernel,ver>=3.2,ver<=4.10.6,CONFIG_USER_NS=y, \
sysctl:kernel.unprivileged_userns_clone==1
Requirements set from above states that the kernel version needs to be > 3.2 and <= 4.10.6 but also kernel needs to have usernamespace fucntionality compiled in (CONFIG_USER_NS=y) and enabled (sysctl:kernel.unprivileged_userns_clone==1).
2) For less typical checking, also the ability to run arbitrary Bash command(s) was provided to see if the exploit is applicables for given system, for example:
Reqs: pkg=linux-kernel,ver>=4.4.0,ver<=4.4.0,cmd:grep -qi ip_tables /proc/modules
3) In above scenario command grep -qi ip_tables /proc/modules is run to verify if ip_tables module is loaded (as this is required for the exploit to work) and exploit is meant applicable for the given system only if this command will return TRUE.
β β β Uππ»βΊπ«Δπ¬πβ β β β
WANT TO HACK A LINUX USER ?
1) Quick download:
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
HOW ?
1) Generate initial exploits list based on kernel version
2) Discard exploits that are not applicable based on βadditional checksβ
3) Calculate internal metric (βRankβ) for each candidate exploit and order the list based on the calculation
4) Check for βTagsβ hits for every exploit
π¦Discarding exploits that are not applicable
example:
1) Reqs: pkg=linux-kernel,ver>=3.2,ver<=4.10.6,CONFIG_USER_NS=y, \
sysctl:kernel.unprivileged_userns_clone==1
Requirements set from above states that the kernel version needs to be > 3.2 and <= 4.10.6 but also kernel needs to have usernamespace fucntionality compiled in (CONFIG_USER_NS=y) and enabled (sysctl:kernel.unprivileged_userns_clone==1).
2) For less typical checking, also the ability to run arbitrary Bash command(s) was provided to see if the exploit is applicables for given system, for example:
Reqs: pkg=linux-kernel,ver>=4.4.0,ver<=4.4.0,cmd:grep -qi ip_tables /proc/modules
3) In above scenario command grep -qi ip_tables /proc/modules is run to verify if ip_tables module is loaded (as this is required for the exploit to work) and exploit is meant applicable for the given system only if this command will return TRUE.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
understand that a TCP socket in the "LISTENING" state has two independent queues:
SYN Queue
1) Accept Queue
These two terms are sometimes called "reqsk_queue", "ACK backlog", "listen backlog", or even "TCP backlog", but in this article we use the above two terms to avoid confusion.
2) SYN queue
The SYN queue stores the connection that received the SYN packet (corresponding to the structure of the kernel code: struct inet_request_sock ). Its responsibility is to reply to the SYN+ACK packet, and retransmit it when the ACK packet is not received, until it times out. Under Linux, the number of retransmissions is:
$ sysctl net.ipv4.tcp_synack_retries
net.ipv4.tcp_synack_retries = 5
3) The description of tcp_synack_retries in the document is as follows:
tcp_synack_retries-int integer
For a passive TCP connection, the number of retransmissions of SYNACKs. The value cannot exceed 255.
The default value is 5. If the initial RTO is 1 second, the corresponding last retransmission is 31 seconds.
The corresponding last timeout was 63 seconds later.
4) After sending SYN+ACK, the SYN queue waits for the ACK packet sent from the client (that is, the last packet of the three-way handshake). When receiving an ACK packet, first find the corresponding SYN queue, and then check the related data in the corresponding SYN queue to see if it matches. If it matches, the kernel removes the connection-related data from the SYN queue to create a complete Connect (corresponding to the structure of the kernel code: struct inet_sock ), and add this connection to the Accept queue.
5) Accept queue
Stored in the Accept queue is the established connection, that is, the connection waiting to be taken away by the upper-level application. When the process calls accept(), the socket is taken out of the queue and passed to the upper application.
This is a simple description of how Linux handles SYN packets. By the way, when TCP_DEFER_ACCEPT and TCP_FASTOPEN are turned on for the socket, there will be slight differences in the way of working
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
understand that a TCP socket in the "LISTENING" state has two independent queues:
SYN Queue
1) Accept Queue
These two terms are sometimes called "reqsk_queue", "ACK backlog", "listen backlog", or even "TCP backlog", but in this article we use the above two terms to avoid confusion.
2) SYN queue
The SYN queue stores the connection that received the SYN packet (corresponding to the structure of the kernel code: struct inet_request_sock ). Its responsibility is to reply to the SYN+ACK packet, and retransmit it when the ACK packet is not received, until it times out. Under Linux, the number of retransmissions is:
$ sysctl net.ipv4.tcp_synack_retries
net.ipv4.tcp_synack_retries = 5
3) The description of tcp_synack_retries in the document is as follows:
tcp_synack_retries-int integer
For a passive TCP connection, the number of retransmissions of SYNACKs. The value cannot exceed 255.
The default value is 5. If the initial RTO is 1 second, the corresponding last retransmission is 31 seconds.
The corresponding last timeout was 63 seconds later.
4) After sending SYN+ACK, the SYN queue waits for the ACK packet sent from the client (that is, the last packet of the three-way handshake). When receiving an ACK packet, first find the corresponding SYN queue, and then check the related data in the corresponding SYN queue to see if it matches. If it matches, the kernel removes the connection-related data from the SYN queue to create a complete Connect (corresponding to the structure of the kernel code: struct inet_sock ), and add this connection to the Accept queue.
5) Accept queue
Stored in the Accept queue is the established connection, that is, the connection waiting to be taken away by the upper-level application. When the process calls accept(), the socket is taken out of the queue and passed to the upper application.
This is a simple description of how Linux handles SYN packets. By the way, when TCP_DEFER_ACCEPT and TCP_FASTOPEN are turned on for the socket, there will be slight differences in the way of working
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
A new spy satellite was successfully launched by SpaceX for the National Reconnaissance Agency.
#Technologies
#Technologies
Give a Mask to Phishing URL like a PRO:
1) git clone https://github.com/jaykali/maskphish
2) cd maskphish
3) bash maskphish.sh
β β β Uππ»βΊπ«Δπ¬πβ β β β
1) git clone https://github.com/jaykali/maskphish
2) cd maskphish
3) bash maskphish.sh
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack Android FROM ANY LINUX :
Checks for metasploit service and starts if not present
Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
Start multiple meterpreter reverse_tcp listners
Fast Search in searchsploit
Bypass AV
Create backdoor with another techniq
Autorunscript for listeners ( easy to use )
Drop into Msfconsole
Some other fun stuff :)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Screetsec/TheFatRat.git
2) cd TehFatrat/Setup
3) chmod +x setup.sh && ./setup.sh
4) Extract The lalin-master to your home or another folder
5) chmod +x fatrat
6) chmod +x powerfull.sh
7) And run the tools ( ./fatrat )
8) Easy to Use just input your number
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack Android FROM ANY LINUX :
Checks for metasploit service and starts if not present
Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
Start multiple meterpreter reverse_tcp listners
Fast Search in searchsploit
Bypass AV
Create backdoor with another techniq
Autorunscript for listeners ( easy to use )
Drop into Msfconsole
Some other fun stuff :)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Screetsec/TheFatRat.git
2) cd TehFatrat/Setup
3) chmod +x setup.sh && ./setup.sh
4) Extract The lalin-master to your home or another folder
5) chmod +x fatrat
6) chmod +x powerfull.sh
7) And run the tools ( ./fatrat )
8) Easy to Use just input your number
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - screetsec/TheFatRat: Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitationβ¦
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th...
Forwarded from UNDERCODE NEWS
The SpaceX Starlink project is approved in Australia for the 5 G millimeter wave spectrum.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
When algorithms increase inequality, is there room for ordinary people to rise?
#Analytiques
#Analytiques
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Updated ! Windows hacking :
#Hacking
New Update Gives you one-liners that aids in penetration testing operations, privilege escalation and more :
F E A T U R E S :
It's designed to fix typos in typed commands to the most similar command with just one tab click so seach becomes search and so on, even if you typed any random word similar to an command in this framework.
For you lazy-ones out there like me, it can predict what liner you are trying to use by typing any part of it. For example if you typed use capabilities and clicked tab, it would be replaced with use linux/bash/listallcapabilities and so on. I can see your smile, You are welcome!
If you typed any wrong command then pressed enter, the framework will tell you what is the nearest command to what you have typed which could be the one you really wanted.
Some less impressive things like auto-complete for variables after set command, auto-complete for liners after use and info commands and finally it converts all uppercase to lowercase automatically just-in-case you switched cases by mistake while typing.
Finally, you'll find your normal auto-completion things you were using before, like commands auto-completion and persistent history, etc...
Automation
You can automatically copy the liner you want to clipboard with command copy <liner> instead of using use <liner> and then copying it which saves a lot of time, of course, if you merged it with the following features.
As you may noticed, you can use a resource file from command-line arguments before starting the framework itself or send commands directly.
Inside the framework you can use makerc command like in Metasploit but this time it only saves the correct important commands.
There are history and resource commands so you don't need to exit the framework.
You can execute as many commands as you want at the same time by splitting them with semi-colon.
Searching for any liner here is so easy and accurate, you can search for a liner by its name, function, description, author who added the liner to the framework or even the liner itself.
You can add your own liners by following these steps to create a liner as a python file. After that you can make a Pull request with it then it will be added in the framework and credited with your name of course π.
The ability to reload the database if you added any liner without restarting the framework.
You can add any platform to the liners database just by making a folder in liners folder and creating a ".liner" file there.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Using pip (The best way to install on any OS):
2) pip install one-lin3r
one-lin3r -h
3) Using pacman on Black Arch or any arch-based with black Arch repos:
sudo pacman -S one-lin3r
πΈInstalling it from GitHub:
1) For windows on cmd with administrator rights : (After downloading ZIP and unzip it)
2) python -m pip install ./One-Lin3r-master --user
one-lin3r -h
3) For Linux Debian-based distros. (Ex: Kali, Ubuntu..):
4) git clone https://github.com/D4Vinci/One-Lin3r.git
5) sudo apt install libncurses5-dev
sudo pip3 install ./One-Lin3r --user
one-lin3r -h
Β» For the rest Linux distros.:
1) git clone https://github.com/D4Vinci/One-Lin3r.git
2) sudo pip3 install ./One-Lin3r --user
one-lin3r -h
H O W T O U S E ?>
usage: one-lin3r -h -r R -x X -q
optional arguments:
-h, --help show this help message and exit
-r Execute a resource file (history file).
-x Execute a specific command (use ; for multiples).
-q Quiet mode (no banner).
β β β Uππ»βΊπ«Δπ¬πβ β β β
Updated ! Windows hacking :
#Hacking
New Update Gives you one-liners that aids in penetration testing operations, privilege escalation and more :
F E A T U R E S :
It's designed to fix typos in typed commands to the most similar command with just one tab click so seach becomes search and so on, even if you typed any random word similar to an command in this framework.
For you lazy-ones out there like me, it can predict what liner you are trying to use by typing any part of it. For example if you typed use capabilities and clicked tab, it would be replaced with use linux/bash/listallcapabilities and so on. I can see your smile, You are welcome!
If you typed any wrong command then pressed enter, the framework will tell you what is the nearest command to what you have typed which could be the one you really wanted.
Some less impressive things like auto-complete for variables after set command, auto-complete for liners after use and info commands and finally it converts all uppercase to lowercase automatically just-in-case you switched cases by mistake while typing.
Finally, you'll find your normal auto-completion things you were using before, like commands auto-completion and persistent history, etc...
Automation
You can automatically copy the liner you want to clipboard with command copy <liner> instead of using use <liner> and then copying it which saves a lot of time, of course, if you merged it with the following features.
As you may noticed, you can use a resource file from command-line arguments before starting the framework itself or send commands directly.
Inside the framework you can use makerc command like in Metasploit but this time it only saves the correct important commands.
There are history and resource commands so you don't need to exit the framework.
You can execute as many commands as you want at the same time by splitting them with semi-colon.
Searching for any liner here is so easy and accurate, you can search for a liner by its name, function, description, author who added the liner to the framework or even the liner itself.
You can add your own liners by following these steps to create a liner as a python file. After that you can make a Pull request with it then it will be added in the framework and credited with your name of course π.
The ability to reload the database if you added any liner without restarting the framework.
You can add any platform to the liners database just by making a folder in liners folder and creating a ".liner" file there.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Using pip (The best way to install on any OS):
2) pip install one-lin3r
one-lin3r -h
3) Using pacman on Black Arch or any arch-based with black Arch repos:
sudo pacman -S one-lin3r
πΈInstalling it from GitHub:
1) For windows on cmd with administrator rights : (After downloading ZIP and unzip it)
2) python -m pip install ./One-Lin3r-master --user
one-lin3r -h
3) For Linux Debian-based distros. (Ex: Kali, Ubuntu..):
4) git clone https://github.com/D4Vinci/One-Lin3r.git
5) sudo apt install libncurses5-dev
sudo pip3 install ./One-Lin3r --user
one-lin3r -h
Β» For the rest Linux distros.:
1) git clone https://github.com/D4Vinci/One-Lin3r.git
2) sudo pip3 install ./One-Lin3r --user
one-lin3r -h
H O W T O U S E ?>
usage: one-lin3r -h -r R -x X -q
optional arguments:
-h, --help show this help message and exit
-r Execute a resource file (history file).
-x Execute a specific command (use ; for multiples).
-q Quiet mode (no banner).
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
