Forwarded from UNDERCODE NEWS
Sony is planning to raise PS5 inventory, TSMC ASE is preparing more funding for capacity.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
FULL NETWORK HACKING LIKE A PRO :
DOWNLOAD :https://github.com/billyshin/Python_Hacking
1) Programs and Tools written in Python that are useful in hacking in Kali Linux.
Required: Kali Linux, Python2, scapy package, netfilterqueue
pip install scapy
pip install scapy-http
pip install netfilterqueue
Contents:
2) mac_changer.py - A program that is used to change the MAC Address to ensure anonymity.
Usage: python mac_changer.py -i [Interface] -m [new MAC Address]
network_scanner.py - A program that uses target IP Address to get the target MAC Address under the same network.
Usage: python network_scanner.py -t [Taget IP Address]
3) arp_spoof.py - A program that functions exactly the same as arpspoof command in Kali Linux. It takes target ip address and gateway ip address as command line arguments.
Usage: python arp_spoof.py -t [Target IP Address] -g [Gateway]
packet_sniffer.py - A program that acts as MITM (Man In The Middle) to sniff/capture data through http layer such as url, username, password, etc. It must run with arp_spoof.py simultaneously.
Usage: python arp_spoof.py -t [Target IP Address] -g [Gateway]
python packet_sniffer.py -i [Interface]
4) dns_spoof.py - A program that acts as MITM (Man In The Middle) to intercept packets and store them in netfilterqueue and redirect target device to a certain IP Address.
Usage: python dns_spoof.py -i [IP Address]
file_interceptor.py - A program that hijacks target's HTTP request and modifies HTTP status code as well as HTTP response in order to redirect to user specified url.
Usage: iptables -I FORWARD -j NFQUEUE --queue-num 0
python arp_spoof.py -t [Target IP Address] -g [Gateway]
python file_interceptor.py -r [Redirect URL]
5) download.py - A program that download a file from input URL and save it to input destination location.
Usage: python download.py -u [URL] -d [Destination loaction]
reverse_backdoor.py - A backdoor program that allows hacker to execute simple commands on target device using reversed TCP. Need to change ip_address to your current IP Address in main code. It must be run in the target device locally, and thus social engineering or any other MITM attack should be used. It works in all environment that supports Python. listener.py only works when reverse_backdoor.py is running locally in target device.
6) listener.py - A socket program that allows us to listen from the reverser_backdoor.py program.
Usage: reverse_backdoor.py is running in target device
python listener.py -i [IP Address]
β β β Uππ»βΊπ«Δπ¬πβ β β β
FULL NETWORK HACKING LIKE A PRO :
DOWNLOAD :https://github.com/billyshin/Python_Hacking
1) Programs and Tools written in Python that are useful in hacking in Kali Linux.
Required: Kali Linux, Python2, scapy package, netfilterqueue
pip install scapy
pip install scapy-http
pip install netfilterqueue
Contents:
2) mac_changer.py - A program that is used to change the MAC Address to ensure anonymity.
Usage: python mac_changer.py -i [Interface] -m [new MAC Address]
network_scanner.py - A program that uses target IP Address to get the target MAC Address under the same network.
Usage: python network_scanner.py -t [Taget IP Address]
3) arp_spoof.py - A program that functions exactly the same as arpspoof command in Kali Linux. It takes target ip address and gateway ip address as command line arguments.
Usage: python arp_spoof.py -t [Target IP Address] -g [Gateway]
packet_sniffer.py - A program that acts as MITM (Man In The Middle) to sniff/capture data through http layer such as url, username, password, etc. It must run with arp_spoof.py simultaneously.
Usage: python arp_spoof.py -t [Target IP Address] -g [Gateway]
python packet_sniffer.py -i [Interface]
4) dns_spoof.py - A program that acts as MITM (Man In The Middle) to intercept packets and store them in netfilterqueue and redirect target device to a certain IP Address.
Usage: python dns_spoof.py -i [IP Address]
file_interceptor.py - A program that hijacks target's HTTP request and modifies HTTP status code as well as HTTP response in order to redirect to user specified url.
Usage: iptables -I FORWARD -j NFQUEUE --queue-num 0
python arp_spoof.py -t [Target IP Address] -g [Gateway]
python file_interceptor.py -r [Redirect URL]
5) download.py - A program that download a file from input URL and save it to input destination location.
Usage: python download.py -u [URL] -d [Destination loaction]
reverse_backdoor.py - A backdoor program that allows hacker to execute simple commands on target device using reversed TCP. Need to change ip_address to your current IP Address in main code. It must be run in the target device locally, and thus social engineering or any other MITM attack should be used. It works in all environment that supports Python. listener.py only works when reverse_backdoor.py is running locally in target device.
6) listener.py - A socket program that allows us to listen from the reverser_backdoor.py program.
Usage: reverse_backdoor.py is running in target device
python listener.py -i [IP Address]
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - billyshin/Python_Hacking: Network hacking tools written in Python
Network hacking tools written in Python. Contribute to billyshin/Python_Hacking development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Probe Digital releases a long-distance IP zoom camera solution with high-magnification resolution.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
Android Application Structure :
Fundamental background knowledge is important for building any skill, and mobile hacking is no different. Android applications are written primarily in Java, Kotlin (transpiled to Java), and C++. When distributed, they use the .apk extension which stands for Android PacKage. An APK is really just a ZIP file containing all the assets and bytecode for an app. A typical unzipped APK structure looks like this:
myapp.apk
βββ AndroidManifest.xml
βββ META-INF/
βββ classes.dex
βββ lib/
βββ res/
βββ resources.arsc
Letβs briefly cover each of these:
AndroidManifest.xml
This is a compressed version of the AndroidManifest.xml file which contains all of the basic application information such as the package name, package version, externally accessibly activities and services, minimum device version, and more. The compressed version of this file is not humanly readable, but there are a couple of tools that are able to uncompress it, most notably being apktool (more on that later).
META-INF/
The META-INF/ folder is essentially a manifest of metadata information including the developer certificate and checksums for all the files contained within an APK. If you were to try and make changes to an APK without removing and re-signing this folder, you would get an error when installing the modified version.
classes.dex
The classes.dex file (sometimes there are multiple) contains all the compiled bytecode of an Android application. Later on, this is what we will decompile into Java source files.
resources.arsc
The resources.arsc file contains metadata about the resources and the XML nodes of the compiled resource files like XML layout files, drawables, strings, and more. It also contains information about their attributes (like width, position, etc) and the resource IDs, which are used globally by both Java and XML app files in the app. This file is compressed into a binary form that is read into memory during runtime. Apktool can also decompress these files and output them into a humanly-readable format for you to explore.
res/
The βresβ folder contains compressed binary XML versions of the resource XML files that are paired with the resources.arsc file during runtime to read images, translations, etc. These XML files are in the same binary format as the AndroidManifest.xml file and can be easily decoded with apktool.
lib/
Not all Android apps contain a lib/ folder, but any app with native C++ libraries will. Within this folder, you will find different folders per-architecture, each one containing .so files specifically compiled for that target architecture such as βarmeabi-v7aβ and βx86β. This is also why you cannot install an app on an x86 device without it providing x86-compiled libs (Google for βINSTALL_FAILED_NO_MATCHING_ABISβ).
β β β Uππ»βΊπ«Δπ¬πβ β β β
Android Application Structure :
Fundamental background knowledge is important for building any skill, and mobile hacking is no different. Android applications are written primarily in Java, Kotlin (transpiled to Java), and C++. When distributed, they use the .apk extension which stands for Android PacKage. An APK is really just a ZIP file containing all the assets and bytecode for an app. A typical unzipped APK structure looks like this:
myapp.apk
βββ AndroidManifest.xml
βββ META-INF/
βββ classes.dex
βββ lib/
βββ res/
βββ resources.arsc
Letβs briefly cover each of these:
AndroidManifest.xml
This is a compressed version of the AndroidManifest.xml file which contains all of the basic application information such as the package name, package version, externally accessibly activities and services, minimum device version, and more. The compressed version of this file is not humanly readable, but there are a couple of tools that are able to uncompress it, most notably being apktool (more on that later).
META-INF/
The META-INF/ folder is essentially a manifest of metadata information including the developer certificate and checksums for all the files contained within an APK. If you were to try and make changes to an APK without removing and re-signing this folder, you would get an error when installing the modified version.
classes.dex
The classes.dex file (sometimes there are multiple) contains all the compiled bytecode of an Android application. Later on, this is what we will decompile into Java source files.
resources.arsc
The resources.arsc file contains metadata about the resources and the XML nodes of the compiled resource files like XML layout files, drawables, strings, and more. It also contains information about their attributes (like width, position, etc) and the resource IDs, which are used globally by both Java and XML app files in the app. This file is compressed into a binary form that is read into memory during runtime. Apktool can also decompress these files and output them into a humanly-readable format for you to explore.
res/
The βresβ folder contains compressed binary XML versions of the resource XML files that are paired with the resources.arsc file during runtime to read images, translations, etc. These XML files are in the same binary format as the AndroidManifest.xml file and can be easily decoded with apktool.
lib/
Not all Android apps contain a lib/ folder, but any app with native C++ libraries will. Within this folder, you will find different folders per-architecture, each one containing .so files specifically compiled for that target architecture such as βarmeabi-v7aβ and βx86β. This is also why you cannot install an app on an x86 device without it providing x86-compiled libs (Google for βINSTALL_FAILED_NO_MATCHING_ABISβ).
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
It would place a traffic limit for U.S. home broadband. Are Chinese operators going to follow up?
#International
#International
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Read this before you got scammed with malware's:
Graphics and Image Data Representations:
------------------------------------------ββββββ
+ 1-Bit Images
also "binary image"
+ 8-Bit Gray-Level Images
0x00 ~ 0xFF, gray scale
* Frame buffer / Video card
* Dithering
+ 24-Bit Colour Images
RGB / RGBA, where A -> alpha channel
+ 8-Bit Colour Images
+ Colour Lookup Tables
* LUTs / palette
* Devise a Color Lookup Table
* human are more sensitive to R & G than to B,
so we can shrink R & G range 0..255 into 0..7 (3bit), B 2bit.
+ GIF, Graphics Interchange Format
* Lempel-Ziv-Welch
* 8-Bit color
* GIF87a / GIF89a
_____________________
| [GIF Signature] |
| [Screen Descriptor] |
| [Global Color map] |
| ... |
| [Image descriptor] | | Repeated
| [Local colot map] | | 1 to n times.
| [Raster Data] | |
| ... |
| [GIF Terminator] |
|_____________________|
* od -c a.gif
+ JPEG
+ PNG
+ PS/PDF
+ BMP(Windows)
β β β Uππ»βΊπ«Δπ¬πβ β β β
Read this before you got scammed with malware's:
Graphics and Image Data Representations:
------------------------------------------ββββββ
+ 1-Bit Images
also "binary image"
+ 8-Bit Gray-Level Images
0x00 ~ 0xFF, gray scale
* Frame buffer / Video card
* Dithering
+ 24-Bit Colour Images
RGB / RGBA, where A -> alpha channel
+ 8-Bit Colour Images
+ Colour Lookup Tables
* LUTs / palette
* Devise a Color Lookup Table
* human are more sensitive to R & G than to B,
so we can shrink R & G range 0..255 into 0..7 (3bit), B 2bit.
+ GIF, Graphics Interchange Format
* Lempel-Ziv-Welch
* 8-Bit color
* GIF87a / GIF89a
_____________________
| [GIF Signature] |
| [Screen Descriptor] |
| [Global Color map] |
| ... |
| [Image descriptor] | | Repeated
| [Local colot map] | | 1 to n times.
| [Raster Data] | |
| ... |
| [GIF Terminator] |
|_____________________|
* od -c a.gif
+ JPEG
+ PNG
+ PS/PDF
+ BMP(Windows)
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Phil Spencer, Director of Xbox, has been named Gaming Person of the Year 2020 by international media.
#International
#International
Forwarded from UNDERCODE NEWS
Through stretching the window cache, the Google Chrome development team is seeking solutions to consistency problems. .
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEFORE HACK CCTV; What is RTSP USED FOR ANY CCTV, and what is it for :
1) Real-time streaming protocol (born real time streaming protocol, abbr RTSP..) - application protocol for use in systems that work with multimedia data (media content, media content), and allows you to remotely control the flow of data from the server, providing the ability to execute commands , such as start (start), pause (pause) and stop (stop) broadcasting (playing) of multimedia content, as well as time access to files located on the server.
2) RTSP does not perform compression, nor does it define the media encapsulation method and transport protocols. Streaming data is not itself part of the RTSP protocol. Most RTSP servers use a standard real-time transport protocol for this, which carries audio and video data.
3) Not only can RTSP be found in IP cameras, other devices can also use this protocol to stream media (video and audio).
4) To play video using the RTSP protocol, you need to know the source URL, as well as the username and password.
Β» Example address:
one
rtsp://118.39.210.69/rtsp_tunnel?h26x=4&line=1&inst=1
Some RTSP servers are configured to allow access to the media stream without a password.
The URL address of the media stream is not standard, devices send it when connected after authorization.
Usually RTSP runs on 554, 5554 and 8554 protocols.
Video from IP cameras via RTSP protocol can be opened in VLC and Mplayer . How to do it is written in the article " How to record video from an IP camera (RTSP stream) ". It also shows you how to record streaming video.
VLC and Mplayer players are able to work with this protocol thanks to the openRTSP utility , RTSP client for receiving and recording streaming media ".
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEFORE HACK CCTV; What is RTSP USED FOR ANY CCTV, and what is it for :
1) Real-time streaming protocol (born real time streaming protocol, abbr RTSP..) - application protocol for use in systems that work with multimedia data (media content, media content), and allows you to remotely control the flow of data from the server, providing the ability to execute commands , such as start (start), pause (pause) and stop (stop) broadcasting (playing) of multimedia content, as well as time access to files located on the server.
2) RTSP does not perform compression, nor does it define the media encapsulation method and transport protocols. Streaming data is not itself part of the RTSP protocol. Most RTSP servers use a standard real-time transport protocol for this, which carries audio and video data.
3) Not only can RTSP be found in IP cameras, other devices can also use this protocol to stream media (video and audio).
4) To play video using the RTSP protocol, you need to know the source URL, as well as the username and password.
Β» Example address:
one
rtsp://118.39.210.69/rtsp_tunnel?h26x=4&line=1&inst=1
Some RTSP servers are configured to allow access to the media stream without a password.
The URL address of the media stream is not standard, devices send it when connected after authorization.
Usually RTSP runs on 554, 5554 and 8554 protocols.
Video from IP cameras via RTSP protocol can be opened in VLC and Mplayer . How to do it is written in the article " How to record video from an IP camera (RTSP stream) ". It also shows you how to record streaming video.
VLC and Mplayer players are able to work with this protocol thanks to the openRTSP utility , RTSP client for receiving and recording streaming media ".
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Google "Ascending Strike": from every perspective to preserve the three-dimensional effect of illumination, 2D becomes "4D"
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Brute force RTSP-HACK CAMERA FROM IP:
As already mentioned BEFORE THIS MESSAGE, the URI ("page" address) at which the media stream is available differs from device to device. That is, if you do not have credentials for authentication using the RTSP protocol, then to get the route (URL) of the media stream, you will have to search for it by brute force.
1) You can look at the variety of addresses at https://www.ispyconnect.com/sources.aspx .
2) Program Cameradar able to search for the source address and select the user's password. As stated in the description, Cameradar hacks RTSP CCTV cameras.
Cameradar allows you to:
A) Detect open RTSP hosts on any available target host
B) Determine which device model is broadcasting
C) Launch automatic dictionary attacks to find the route of their flow (ex: /live.sdp)
D) Launch automatic dictionary attacks to guess camera username and password
E)Receive a complete and convenient report on the results
To install the program, see the page https://kali.tools/?p=6132
π¦The launch is very simple:
1) cameradar -t Π₯ΠΠ‘Π’
The " -t , --targets " option sets the target. The target can be a file listing hosts or network ranges, IP address, IP range, subnet, or a combination of both. Example: --targets = "192.168.1.72,192.168.1.74"
2) The program makes a lot of requests and if some of them fail, it displays these errors on the screen, as a result of which the output becomes cluttered, so I prefer to add " 2> / dev / null " to the command .
Examples of successful launches:
cameradar -t 201.191.170.250 2>/dev/null
cameradar -t 98.124.38.218 2>/dev/null
3) The description of the program mentions "nmap", but this is Cameradar's own library, it is written in Go and has nothing to do with the original Nmap network scanner - perhaps this is the reason for such slowness.
4) You can scan the network to collect Cameradar targets, for example, using Masscan :
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Brute force RTSP-HACK CAMERA FROM IP:
As already mentioned BEFORE THIS MESSAGE, the URI ("page" address) at which the media stream is available differs from device to device. That is, if you do not have credentials for authentication using the RTSP protocol, then to get the route (URL) of the media stream, you will have to search for it by brute force.
1) You can look at the variety of addresses at https://www.ispyconnect.com/sources.aspx .
2) Program Cameradar able to search for the source address and select the user's password. As stated in the description, Cameradar hacks RTSP CCTV cameras.
Cameradar allows you to:
A) Detect open RTSP hosts on any available target host
B) Determine which device model is broadcasting
C) Launch automatic dictionary attacks to find the route of their flow (ex: /live.sdp)
D) Launch automatic dictionary attacks to guess camera username and password
E)Receive a complete and convenient report on the results
To install the program, see the page https://kali.tools/?p=6132
π¦The launch is very simple:
1) cameradar -t Π₯ΠΠ‘Π’
The " -t , --targets " option sets the target. The target can be a file listing hosts or network ranges, IP address, IP range, subnet, or a combination of both. Example: --targets = "192.168.1.72,192.168.1.74"
2) The program makes a lot of requests and if some of them fail, it displays these errors on the screen, as a result of which the output becomes cluttered, so I prefer to add " 2> / dev / null " to the command .
Examples of successful launches:
cameradar -t 201.191.170.250 2>/dev/null
cameradar -t 98.124.38.218 2>/dev/null
3) The description of the program mentions "nmap", but this is Cameradar's own library, it is written in Go and has nothing to do with the original Nmap network scanner - perhaps this is the reason for such slowness.
4) You can scan the network to collect Cameradar targets, for example, using Masscan :
> > sudo masscan 0.0.0.0/0 --exclude 255.255.255.255 --randomize-hosts --rate 200 -p 554,5554,8554 --output-filename cameras.xml
The following commands create the β camera β directory and filter all IP addresses from cameras * .xml files into camera / hosts.txt file .
> > mkdir camera
cat cameras*.xml | grep -o -E '[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}' | sort | uniq > camera/hosts.txt
Counting the number of IP addresses on which at least one port from 554, 5554 and 855 is open.
> >cat camera/hosts.txt | wc -l
> > 10955
(Don't copy our tips)β β β Uππ»βΊπ«Δπ¬πβ β β β
Telegram
UNDERCODE TESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEFORE HACK CCTV; What is RTSP USED FOR ANY CCTV, and what is it for :
1) Real-time streaming protocol (born real time streaming protocol, abbr RTSP..) - application protocol for use in systems that work with multimedia dataβ¦
π¦BEFORE HACK CCTV; What is RTSP USED FOR ANY CCTV, and what is it for :
1) Real-time streaming protocol (born real time streaming protocol, abbr RTSP..) - application protocol for use in systems that work with multimedia dataβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Bitcoin is expected to hit the longest consecutive month since 2019 since smashing the milestone.
#Updates
#Updates
