- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Top 4 Exploited Plugins in WordPress:
(T.me/UnderCodeTestingOfficial

Now, let’s take a look at the four exploited plugins that had endangered thousands of WordPress users. This list showcases the plugins that contained high-risk exploits:

1) Visual CSS Style Editor
Also known as the Yellow Pencil Visual Theme Customizer, this plugin is used to customize color, font, and the overall theme of a website without using code.

> There was a vulnerability found in the 7.1.9 version of this plugin that endangered as many as 30,000 websites. In the yellow-pencil.php file, there is the yp_remote_get_first() function that checks a certain parameter which triggers privilege escalation.

> Unfortunately, this can let users without proper access to perform top-level actions like changing fundamental options. What is the worst-case scenario? A hacker redirecting the homepage or getting full admin access to your site.

2) WooCommerce Checkout Manager
The WooCommerce Checkout Manager plugin customizes a WooCommerce powered online store’s checkout page. It has more than 50,000 active installations as of writing. This just goes to show that mainstream plugins can also be at risk.

> The plugin had a security flaw that allowed users to delete any media files even unrelated to their checkout process. The deletion of any media in $_POST[‘wccm_default_keys_load’] also removed the metadata from the site’s WordPress library.

3) Ad Inserter
Ad Inserter is used to manage ads and has more than 200,000 active installations. It supports platforms like Google Adsense and Amazon Native Shopping Ads.

> allowed authenticated users with any role – including subscriber – to execute arbitrary PHP code. Not only that, there was another security hole that allowed regular users to utilize the debug mode that should be available to access for administrators only.

4) Social Warfare
With more than 60,000 users, social warfare is one of the most used lightweight WordPress social sharing plugins.


> In March 2019, there was a bug found in version 3.5.2. It came from its clone feature – used to duplicate settings from a site – which was not restricted to the administrator role. The flaw would let hackers overwrite plugin settings on the victim’s site.

> It was found that attackers had modified the twitter_id value that directed to a cross-site scripting injection point.

Written by ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑 How to SEcure ANY WOrdpress Or wix or.. WEBSITE:🦑
(T.me/UnderCodeTestingOfficial)

With so many ways for bad actors to breach your site, how do you stay protected? The following security practices make for a subset of this extensive WordPress security guide:

1) Keep Your WordPress Updated
Using the latest version of WordPress is highly recommended. Not only can you enjoy the newest features but it also guarantees that the latest known security issues are patched.

2) Check Your Plugins Status Regularly
If you’re unsure about the security of the installed plugins, you can check them manually. This allows you to know if one of your plugins is vulnerable to security breaches.

3) Backup Your Site
In case the worst-case scenario occurs, it’s best to have a clean site backup you can restore your site to, decreasing any downtime. Take help from this guide to take a backup effortlessly.

4) Install a Firewall
An end-point firewall is the best way to protect your site from these attacks. Continuous monitoring and blocking of any malicious traffic can secure your site like no other.

> One such firewall is Astra’s hacker-tested firewall. It is known to block 100+ attacks including common attacks like the SQL injection, XSS, CSRF, Bad bots, etc. You can even use this firewall to block or whitelist IP/range/country that are threats for you.

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑What is BBQSQL?

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
(instagram.com/UnderCodeTestingCompany)

> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool,

> allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier

🦑INSTALLISATION & RUN:

1) its require linux os

first clone this repo

> git clone https://github.com/Neohapsis/bbqsql

2) cd bbqsql

3)Or for kali (debian base os)

open terminal and type:

>sudo pip install bbqsql

🦑HOW RUN?

SOME COMMANDS:

${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.

${char_index}: This tells bbqSQL which character from the subselect to query.

${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.

${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.

${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.

Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.

🦑Don t missing those requests:

Similar to other SQL injection tools you provide certain request information.

> URL
> HTTP Method
>Headers
>Cookies
>Encoding methods
>Redirect behavior
>Files
>HTTP Auth
>Proxies

@ Mr. BotNet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

t.me/UnderCodeTestingOfficial

# Support % Share

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑WireSpy enables the automation of various WiFi attacks to conduct Man-In-The-Middle-Attacks (MITMAs).
(facebook.com/UnderCodeTestingCompanie)

🦑LET S START:

WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.

Two type of attacks are supported at the moment:

A) Evil twin: Force victims to auto-connect to the honeypot by spoofing a "trusted" hotspot (clone an existing access point and de-authenticate its users to force them to transparently connect to the spoofed honeypot).

B) Honeypot: Set up a simple rogue hotspot and wait for clients to connect.

🦑INSTALLISATION & RUN:
(work root termux)

1) git clone https://github.com/aress31/wirespy

2) cd wirespy

3) chmod +x wirespy.sh

> Run the script with root privileges:

4) sudo ./wirespy.sh

5) Type help to display the list of available commands.

🦑Features:

> Capture victims' traffic.

>MAC address spoofing.

> Set-up honeypot and evil twin attacks.

> Show the list of in range access points.

> Wireless adapter|card|dongle power amplification.

🦑Tested On:

> kali linux

> Termux

> parrot

@ Steave(tm)

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑Why Linux is More Secure than Windows +
How install Anitvirus linux:

(t.me/UnderCodeTestingOfficial)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Hackers don’t typically target Linux

The most cited reason for Linux’s safety relates to its low usage numbers. Linux has less than three percent of the market, compared to Windows, which operates on more than 80 percent of all devices. Microsoft and Linux are practically friends now, so that might change a little. (Probably to Microsoft’s favor.)

2) It’s more difficult to execute a dangerous attachment in the Linux OS

If you’ve never worked with Linux, you may not realize that it doesn’t operate quite the same as Windows or Mac. In those environments, opening a dangerous attachment is simply a matter of double-clicking.
Linux is easy to learn with the right resources, but there are extra steps to take before executing a malicious software. On Linux, users need to save the attachment before executing it, and if set up correctly, they would need permissions granted before they could open it.

3) Linux does not give users admin access by default

In a Windows environment, users are often given a high level of access automatically. This lets them click on links and download files indiscriminately, easily leading to the issues mentioned above. Many users don’t have access to the root directories on their computers, which means that even if they do manage to infect their systems, they’ll be limited in the damage they can do.

4) Linux has more people looking out for security issues

Although Microsoft has an army of developers working on their OS, the number of developers working on Linux is bigger. And that’s one of the biggest reasons to go Linux.
>Although Linux may be safer, there are things administrators can do to keep systems safe. If a hacker does target your network, these small measures will either prevent it or minimize any damage it might do

🦑I recommended to members in undercOde to

use clamav abti-viruse more safer( for debian base install)

> apt-get update

> apt-get install clamav

& its avaible for any linux distro

official site:

> https://www.clamav.net/documents/installing-clamav


Written By Steave(tm)

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑How to Use CMD to Remove Virus from Any Drive in Windows 10
(instagram.com/UnderCodeTestingCompany)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Now, follow the steps below to delete viruses from your computer or storage device using CMD.

1) Type cmd in the search bar, right-click "Command Prompt" and choose "Run as an administrator".

2) Type F: and press "Enter". (Replace "F" with the drive letter of the infected partition or device.)

3) Type attrib -s -h -r /s /d *.* and hit "Enter".

4) Type dir and hit "Enter". Now you will see all the files under the assigned drive. (The dir command displays a list of a directory's files and subdirectories.)

5) For your information, a virus name may contain words like "autorun" and with ".inf" as the extension. Thus, if you find such suspicious files, type del autorun.inf to remove the virus.

>the official software http://down.easeus.com/product/drw_trial_setup

6) Here are the basic attributes of the 'attrib' command:

🦑Some usefull commands:

R – represents the "Read-only" attribute of a file or folder. Read-only means the file cannot be written on or executed.

H – the "Hidden" attribute.

A – stands for "Archiving" which prepares a file for archiving.

S – the "System" attribute changes the selected files or folders from user files into system files.

I - "not content indexed file" attribute.

>The "attrib" Syntax:

>ATTRIB [+ attribute | – attribute] [pathname] [/S [/D]]

>In the above command, let's see what the different parameters and switches are:

'+ / –': To enact or to cancel the specified attribute.
'attribute': As explained above.
'/S': Searching throughout the entire path including subfolders.
'/D': Include any process folder.
'pathname': Path where the target file or folder is located.

Here is the proper syntax order for attrib command:

ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [+I | -I] [drive:][path][filename] [/S [/D] [/L]]
use cmd to remove virus in Windows 10

Written BY mr. Botnet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Can I CONFIGURE Windows Server to host a website?
PART 1
(instagram.com/UnderCodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> set up your first IIS Web site

>Configure a default Web site

🦑When you install IIS, it is preconfigured to serve as a default Web site; however, you may want to change some of the settings. To change the basic settings for the Web site and to emulate the steps that are required to set up Apache for the first time by using the configuration file:

1) Log on to the Web server computer as an administrator.

2) Click Start, point to Settings, and then click Control Panel.

3) Double-click Administrative Tools, and then double-click Internet Services Manager.

4) Right-click the Web site that you want to configure in the left pane, and then click Properties.

5) Click the Web site tab.

6) Type a description for the Web site in the Description box.

7) Type the Internet Protocol (IP) address to use for the Web site or leave the All (Unassigned) default setting.

8) Modify the Transmission Control Protocol (TCP) port as appropriate.

9) Click the Home Directory tab.

10) To use a folder on the local computer, click A directory on this computer, and then click Browse to locate the folder that you want to use.

11) To use a folder that has been shared from another computer on the network, click A share located on another computer, and then either type the network path or click Browse to select the shared folder.

12) Click Read to grant read access to the folder (required).

13) Click OK to accept the Web site properties.

14) Create a new Web site

> To create a new Web site in Apache, you must set up a virtual host and configure the individual settings for the host. If you are using IIS, you can

written by Mr. Botnet(tm)
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑How Start hosting and publishing a website host from windows server:
(instagram.com/UnderCodeTestingCompany)

🦑Create a new Web site:🦑

> To create a new Web site in Apache, you must set up a virtual host and configure the individual settings for the host. If you are using IIS, you can create a new Web site by translating the following terms to the IIS equivalents:

A ) Apache term B) IIS term

>DocumentRoot IIS Web Site Home Directory

>ServerName IIS Host Header

>Listen IIS IP Address and TCP Port


🦑To create a new Web site in IIS, follow these steps:

1) Log on to the Web server computer as an administrator.

2) Click Start, point to Settings, and then click Control Panel.

3) Double-click Administrative Tools, and then double-click Internet Services Manager.

4) Click Action, point to New, and then click Web Site.

5) After the Web Site Creation Wizard starts, click Next.

6) Type a description for the Web site.

7) This description is used internally to identify the Web site in Internet Services Manager only.

8) Select the IP address to use for the site.

9) If you select All (unassigned), the Web site is accessible on all interfaces and all configured IP addresses.

10) Type the TCP port number to publish the site on.

11) Type the Host Header name (the real name that is used to access this site).

12) Click Next.

13) Either type the path to the folder that is holding the Web site documents or click Browse to select the folder, and then click Next.

14) Select the access permissions for the Web site, and then click Next.

> Click Finish.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑 Setup a Windows Server Firewall
How can I configure my Windows Server Firewall?
(instagram.com/UndercodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃

1) Windows Server 2012: Log into your server using remote desktop and press the Windows key to bring up the start menu.

2) Windows Server 2016 or 2019: Log into your server using remote desktop and click the search icon located next to the start menu icon.

3) Check your current Firewall settings

> Open your firewall, you will see the firewall overview, this shows what the current settings are for each profile (Domain, Private and Public).

4) Enabling or Disabling a Firewall rule

> Log on to your server and open up your Windows Firewall.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑 Self htaccess shells and attacks Tutorial
(T.me/UnderCodeTestingOfficial)

🦑WHAT IS HTSHELLS :

- Self contained web shells and other attacks via .htaccess files:

> Attacks are named in the following fashion, module.attack.htaccess and grouped
by attack type in directories.

'> Pick the one you need and copy it to a new file
named .htaccess, check the file to see if it needs editing before you upload it.

>Web shells executes commands from the query parameter c, unless the file states

🦑INSTALLISATION & RUN:

1) git clone https://github.com/wireghoul/htshells

2) cd htshells

3) SOME USFULL COMMADS FOR EXPLOITE & ATTACKS:

== DOS/ # Denial of service attacks
- apache.dos.htaccess
Makes all requests return a 500 internal server error

- mod_rewrite.dos.htaccess
Regular expression dos condition in mod_rewrite consumes a child process

== INFO/ # Information disclosure attacks
- modcheck/
Include additional response headers to indicate which Apache modules are active

- mod_caucho.info.htaccess *untested*
Server status binding for the mod_caucho Resin java server module

- mod_clamav.info.htaccess
Clamav status page binding

- mod_info.info.htaccess
Server info binding for Apache

- mod_ldap.info.htaccess *untested*
Server status binding for the mod_ldap server module

- mod_perl.info.htaccess
Display the mod_perl status page

- mod_php.info.htaccess
Make all php pages show source instead of executing

- mod_status.info.htacces
Server status binding for Apache


== SHELL/ # Interactive command execution
- mod_caucho.shell.htaccess *untested*
JSP based web shell

- mod_cgi.shell.bash.htaccess
Shell using bash under the cgi handler, Requires exec flag to be set on the htaccess file.

- mod_cgi.shell.windows.htaccess *untested*
Gives shell through php.exe via apache cgi configuration directives

- mod_include.shell.htaccess
Server Side Include based web shell

- mod_multi.shell.htaccess
Multiple shells in one .htaccess file, one attack fits all approach

- mod_perl.shell.htaccess *incomplete*
TODO

- mod_php.shell.htaccess
PHP based web shell access via http://domain/path/.htaccess?c=command

- mod_php.shell2.htaccess
Alternate method of invoking a php shell from .htaccess file

- mod_php.stealth.shell.htaccess
PHP based stealth backdoor - see http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html for tutorial

- mod_python.shell.htaccess

- mod_ruby.shell.htaccess

- mod_suphp.shell.htaccess

== TRAVERSAL/ # Directory traversal attacks
- mod_hitlog.traversal.htaccess
Directory traversal attack via hitlog module tries to read /etc/passwd

- mod_layout.traversal.htaccess
Directory traversal attack reads /etc/passwd


== ./ # Various attacks
- mod_auth_remote.phish.htaccess *untested*
Forward basic auth credentials to server of your choice

- mod_badge.admin.htaccess
mod_badge admin page binding

- mod_sendmail.rce.htaccess *untested*
Executes commands configured in the .htaccess file by specifying path and arguments to "sendmail" binary


Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑get informations from instagram:
(facebook.com/UnderCodeTestingCompanie)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:


>The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile

> The information includes:

> Username, Profile Name, URL, Followers, Following, Number of Posts, Bio, Profile Picture URL, Is Business Account ?, Connected to a FB account ?, External URL, Joined Recently ?, Business Category Name, Is private ...

🦑INSTALLISATION & RUN:

1) pkg install -y git python

2) git clone https://github.com/th3unkn0n/osi.ig.git

3) cd osi.ig

4) chmod +x install.sh && ./install.sh

5) python3 main.py

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑The official Exploit Database DANGEROUS Tool:
(t.me/UnderCodeTestingOfficial)

🦑WHAT IS THIS TOOL & WHAT HE DO ?

Included with this repository is the SearchSploit utility, which will allow you to search through exploits, shellcodes and papers (if installed) using one or more terms
> Exploit-DB that also allows you to take a copy of Exploit Database with you, everywhere you go. SearchSploit gives you the power to perform detailed off-line searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.
Many exploits contain links to binary files..

🦑THIS TOOL MUST RUN AS ROOT ON KALI:
INSTALLISATION:

1) Open Terminal and type:

> apt -y install exploitdb

2) apt -y install exploitdb-bin-sploits exploitdb-papers

🦑For manual install:

1) clone the repository, add the binary into $PATH, and edit the config file to reflect the git path:

> sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb

2) sed 's|path_array+=(.*)|path_array+=("/opt/exploitdb")|g' /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc

3) sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

🦑For mac:

If you have homebrew (package, formula) installed, running the following will get you set up:

> user@MacBook:~$ brew update && brew install exploitdb

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ILL POSTS SOME GREAT PAID BOOKS SOON
FROM UNDERCode WHATSAPP GROUPES

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑let s explain: HTTPS/SSL/TLS ATTacks:
(instagram.com/UnderCodeTestingCompany)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

🦑The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology.

> The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3.

> However, like many other attacks also based on a forced this vulnerability is also based on a forced downgrade attack.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -