β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Python Scapy tools developed for LAN tests and advanced reconnaissance.:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip3 install scapy
2) pip3 install netaddr
3) git clone https://github.com/peppelinux/pyLAN-tools.git
4) : arpscan.py [-h] -i I [-r R [R ...]] [-t T]
[-exclude EXCLUDE [EXCLUDE ...]] [-only ONLY [ONLY ...]]
[-debug]
arpscan usage examples
5) # scans only selected peers in the local network reachable on eth2 interface
6) python2 arpscan.py -i eth2 -t 0.01 -only 1 2 3 4 5 6 7 8 9 10 50 150 200 250 251 252 253 254
10.21.0.75 bc:5f:f4:f4:d0:d9 (eth2)
10.21.0.254 d4:ca:6d:e6:6a:d7
# scans only selected networks
python2 arpscan.py -i eth2 -t 0.01 -r 192.168.0.0/24 192.168.1.0/24 172.17.0.0/12
192.168.1.1 08:00:27:7c:f9:41
7) arpscan todo
parallelization with subprocess per every -r lan (performance improvements)
8) choose a number of worker to delegate a subset of addresses (address_pool/num_workers)
vendor database intergration and representation (as netdiscover already does)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Python Scapy tools developed for LAN tests and advanced reconnaissance.:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip3 install scapy
2) pip3 install netaddr
3) git clone https://github.com/peppelinux/pyLAN-tools.git
4) : arpscan.py [-h] -i I [-r R [R ...]] [-t T]
[-exclude EXCLUDE [EXCLUDE ...]] [-only ONLY [ONLY ...]]
[-debug]
arpscan usage examples
5) # scans only selected peers in the local network reachable on eth2 interface
6) python2 arpscan.py -i eth2 -t 0.01 -only 1 2 3 4 5 6 7 8 9 10 50 150 200 250 251 252 253 254
10.21.0.75 bc:5f:f4:f4:d0:d9 (eth2)
10.21.0.254 d4:ca:6d:e6:6a:d7
# scans only selected networks
python2 arpscan.py -i eth2 -t 0.01 -r 192.168.0.0/24 192.168.1.0/24 172.17.0.0/12
192.168.1.1 08:00:27:7c:f9:41
7) arpscan todo
parallelization with subprocess per every -r lan (performance improvements)
8) choose a number of worker to delegate a subset of addresses (address_pool/num_workers)
vendor database intergration and representation (as netdiscover already does)
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
peppelinux/pyLAN-tools
LAN hacking tools with Python and Scapy. Contribute to peppelinux/pyLAN-tools development by creating an account on GitHub.
Forwarded from DailyCVE
π΅Unpatched binary vulnerability exists in ABC viewing software(DC: 212-2021)
https://dailycve.com/unpatched-binary-vulnerability-exists-abc-viewing-software
https://dailycve.com/unpatched-binary-vulnerability-exists-abc-viewing-software
Dailycve
Unpatched binary vulnerability exists in ABC viewing software | CVE
Details:
ABC Picture Viewer is a permanently free program for image viewing that turns on hardware acceleration intelligently and supports multiple image formats.
In the ABC picture watching program, there is a binary flaw which can be abused by attackersβ¦
Forwarded from DailyCVE
π΅Unpatched WPS Office has a denial of service vulnerability(DC 213-2021)
https://dailycve.com/wps-office-has-denial-service-vulnerability-0
https://dailycve.com/wps-office-has-denial-service-vulnerability-0
Forwarded from UNDERCODE NEWS
Apple drops exclusive features from its own software that it has illegally inserted as public sentiment deteriorates.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Trojan Horse Programs
(1) Blackmail Trojan
This type of Trojan will encrypt, destroy, modify, copy, lock, and delete data. This type of Trojan uses the data in the user's system as a condition of extortion and releases it after the user pays the ransom.
(2) Mail-Finder Trojan
The task of this type of Trojan is to find all email contacts from its target email client. The Trojan can send the list to its creator. In some cases, phishing emails are used to forward themselves to these contacts through phishing emails without the victimβs knowledge, thereby self-propagating.
(3) Fake anti-virus Trojan horse
Such Trojans will send false messages to users informing them that their devices have been infected with viruses. Sometimes complex reports and scan results are used to show a high level of threat, making users panic. Then, the Trojan horse author charges users for virus removal services.
(4) Download Trojan
The purpose of this type of Trojan is to download other malware from the Internet without the device ownerβs knowledge.
(5) Botnet Trojan
Botnet Trojan horses are used to damage web browsers, infect other devices, force them to join the botnet army, and execute various cyber crimes.
(6) Backdoor/remote access Trojan
This type of Trojan allows cybercriminals to remotely access and control the intruding device, such as:
Access and modify files;
Restart the target system;
Install or uninstall other software;
Send and receive information with other connected IoT devices;
Get many other similar privileges.
(7) Spy Trojan
This type of Trojan, also known as spyware, monitors user behavior, such as surfing the Internet and what users type on websites and devices (such as personal information, financial data, login credentials, etc.). This information will then be used to perform identity theft crimes, financial fraud or ransomware attacks.
π¦Trojan Horse Programs
(1) Blackmail Trojan
This type of Trojan will encrypt, destroy, modify, copy, lock, and delete data. This type of Trojan uses the data in the user's system as a condition of extortion and releases it after the user pays the ransom.
(2) Mail-Finder Trojan
The task of this type of Trojan is to find all email contacts from its target email client. The Trojan can send the list to its creator. In some cases, phishing emails are used to forward themselves to these contacts through phishing emails without the victimβs knowledge, thereby self-propagating.
(3) Fake anti-virus Trojan horse
Such Trojans will send false messages to users informing them that their devices have been infected with viruses. Sometimes complex reports and scan results are used to show a high level of threat, making users panic. Then, the Trojan horse author charges users for virus removal services.
(4) Download Trojan
The purpose of this type of Trojan is to download other malware from the Internet without the device ownerβs knowledge.
(5) Botnet Trojan
Botnet Trojan horses are used to damage web browsers, infect other devices, force them to join the botnet army, and execute various cyber crimes.
(6) Backdoor/remote access Trojan
This type of Trojan allows cybercriminals to remotely access and control the intruding device, such as:
Access and modify files;
Restart the target system;
Install or uninstall other software;
Send and receive information with other connected IoT devices;
Get many other similar privileges.
(7) Spy Trojan
This type of Trojan, also known as spyware, monitors user behavior, such as surfing the Internet and what users type on websites and devices (such as personal information, financial data, login credentials, etc.). This information will then be used to perform identity theft crimes, financial fraud or ransomware attacks.
(don't copy any tutorial)β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅Joomla! Cross-site scripting vulnerability :
https://dailycve.com/joomla-cross-site-scripting-vulnerability
https://dailycve.com/joomla-cross-site-scripting-vulnerability
Dailycve
Joomla! Cross-site scripting vulnerability | CVE
Details:
Joomla! is a world-renowned content management system. This is a software framework developed using the language of PHP and the database of MySQL. It will run on different platforms, including Linux, Windows, and MacOSX.
Hey! Joomla! 3.1.0β¦
Forwarded from DailyCVE
π΅Unpatched Awbs Advanced Webhost Billing System cross-site request forgery vulnerability:
https://dailycve.com/unpatched-awbs-advanced-webhost-billing-system-cross-site-request-forgery-vulnerability
https://dailycve.com/unpatched-awbs-advanced-webhost-billing-system-cross-site-request-forgery-vulnerability
Dailycve
Unpatched Awbs Advanced Webhost Billing System cross-site request forgery vulnerability | CVE
Details:
Awbs Advanced Webhost Billing System is a network billing management system based on Php, used in the United States to handle Awbs hosts. The platform can offer commercial facilities for web hosting and/or domain name registration, and can provideβ¦
Forwarded from UNDERCODE NEWS
German privacy agency reported that an online laptop and electronics store was fined EUR 10.4 million for staff control in breach of GDPR.
#International
#International
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Configuring proxy settings in CentOS 8/7 | RHEL 8/7 and Fedora:
1) Configure system-wide proxy settings in the desktop interface
For users using a desktop environment on Fedora / CentOS and RHEL Linux, changes can be made in the system control panel.
Go to Settings > Network > Network Proxy
2) Select βManualβ to enter proxy settings.
3) Fill in the proxy values ββfor http, https and ftp.
If you have a SOCKS proxy, also set it accordingly.
After saving the changes, the system will automatically apply the new parameters.
4) Proxy in Firefox browser
If you have a Firefox browser, you need to update your proxy settings under Settings> Network Settings> Manual Proxy Settings.
5) Configure system-wide proxy settings in CLI
We will add a shell script file to /etc/profile.d/proxy.sh.
This will ensure that the settings are applied to all registered users.
sudo vi /etc/profile
Add proxy settings.
# set proxy config via profie.d - should apply for all users
#
PROXY_URL="http://10.10.1.10:8080/"
export http_proxy="$PROXY_URL"
export https_proxy="$PROXY_URL"
export ftp_proxy="$PROXY_URL"
export no_proxy="127.0.0.1,localhost"
# For curl
export HTTP_PROXY="$PROXY_URL"
export HTTPS_PROXY="$PROXY_URL"
export FTP_PROXY="$PROXY_URL"
export NO_PROXY="127.0.0.1,localhost"
Where:
10.10.1.10 - proxy server ip, can be replaced with hostname
8080 - proxy server port
If authentication is required, the syntax is:
http: // username: password @ proxyserver: proxyport /
then run:
$ source /etc/profile
Confirm :
$ env | grep -i proxy
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Configuring proxy settings in CentOS 8/7 | RHEL 8/7 and Fedora:
1) Configure system-wide proxy settings in the desktop interface
For users using a desktop environment on Fedora / CentOS and RHEL Linux, changes can be made in the system control panel.
Go to Settings > Network > Network Proxy
2) Select βManualβ to enter proxy settings.
3) Fill in the proxy values ββfor http, https and ftp.
If you have a SOCKS proxy, also set it accordingly.
After saving the changes, the system will automatically apply the new parameters.
4) Proxy in Firefox browser
If you have a Firefox browser, you need to update your proxy settings under Settings> Network Settings> Manual Proxy Settings.
5) Configure system-wide proxy settings in CLI
We will add a shell script file to /etc/profile.d/proxy.sh.
This will ensure that the settings are applied to all registered users.
sudo vi /etc/profile
Add proxy settings.
# set proxy config via profie.d - should apply for all users
#
PROXY_URL="http://10.10.1.10:8080/"
export http_proxy="$PROXY_URL"
export https_proxy="$PROXY_URL"
export ftp_proxy="$PROXY_URL"
export no_proxy="127.0.0.1,localhost"
# For curl
export HTTP_PROXY="$PROXY_URL"
export HTTPS_PROXY="$PROXY_URL"
export FTP_PROXY="$PROXY_URL"
export NO_PROXY="127.0.0.1,localhost"
Where:
10.10.1.10 - proxy server ip, can be replaced with hostname
8080 - proxy server port
If authentication is required, the syntax is:
http: // username: password @ proxyserver: proxyport /
then run:
$ source /etc/profile
Confirm :
$ env | grep -i proxy
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅Eclipse Hawkbit access control error vulnerability:
https://dailycve.com/eclipse-hawkbit-access-control-error-vulnerability
https://dailycve.com/eclipse-hawkbit-access-control-error-vulnerability
Dailycve
Eclipse Hawkbit access control error vulnerability | CVE
Details:
Eclipse hawkBit is an Eclipse Foundation back-end domain-independent application. This product is used for rolling out app upgrades to computers with a restricted side.
Forwarded from DailyCVE
π΅DELL EMC Avamar Server SQL injection vulnerability(DC: 217-2021):
https://dailycve.com/dell-emc-avamar-server-sql-injection-vulnerability
https://dailycve.com/dell-emc-avamar-server-sql-injection-vulnerability
Dailycve
DELL EMC Avamar Server SQL injection vulnerability | CVE
Details:
DELL Dell EMC Avamar Cloud is a series of Dell EMC fully virtualized server backup and recovery tools (DELL).
There are SQL injection bugs on DELL EMC Avamar Server 19.1, 19.2, and 19.3. This vulnerability can be used by unauthenticated remoteβ¦
Forwarded from UNDERCODE NEWS
Google has found third-party browser developers misusing access to their cloud resources built on the open source Chromium project.
#Updates
#Updates
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ brute force directories and files in webservers :
Fast
Easy and simple to use
Multithreading
Wildcard responses filtering (invalid webpages)
Keep alive connections
Support for multiple extensions
Support for every HTTP method
Support for HTTP request data
Support for raw request
Extensions excluding
Reporting (Plain text, JSON, XML, Markdown, CSV)
Recursive brute forcing
Target enumeration from an IP range
Sub-directories brute forcing
Force extensions
HTTP and SOCKS proxy support
HTTP cookies and headers support
HTTP headers from file
User agent randomization
Proxy host randomization
Batch processing
Request delaying
429 response code detecting
Multiple wordlist formats (lowercase, uppercase, capitalization)
Default configuration from file
Option to force requests by hostname
Option to add custom suffixes and prefixes
Option to whitelist response codes, support ranges (-i 200,300-399)
Option to blacklist response codes, support ranges (-x 404,500-599)
Option to exclude responses by sizes
Option to exclude responses by texts
Option to exclude responses by regexp(s)
Option to exclude responses by redirects
Options to display only items with response length from range
Option to remove all extensions from every wordlist entry
Quiet mode
Debug mode
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/maurosoria/dirsearch.git
2) cd dirsearch
3) python3 dirsearch.py -u <URL> -e <EXTENSIONS>
4) To can use SOCKS proxy or work with ../ in the wordlist, you need to install pips with requirements.txt: pip3 install -r requirements.txt
If you are using Windows and don't have git, you can install the ZIP file here. Dirsearch also supports Docker
Dirsearch requires python 3 or greater
5) dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]
Example:
root/
index.%EXT%
Passing the extensions "asp" and "aspx" (-e asp,aspx) will generate the following dictionary:
root/
index
index.asp
index.aspx
For wordlists without %EXT% (like SecLists), you need to use the -f | --force-extensions switch to append extensions to every word in the wordlists, as well as the "/". And for entries in the wordlist that you do not want to force, you can add %NOFORCE% at the end of them so dirsearch won't append any extension.
Example:
admin
home.%EXT%
api%NOFORCE%
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ brute force directories and files in webservers :
Fast
Easy and simple to use
Multithreading
Wildcard responses filtering (invalid webpages)
Keep alive connections
Support for multiple extensions
Support for every HTTP method
Support for HTTP request data
Support for raw request
Extensions excluding
Reporting (Plain text, JSON, XML, Markdown, CSV)
Recursive brute forcing
Target enumeration from an IP range
Sub-directories brute forcing
Force extensions
HTTP and SOCKS proxy support
HTTP cookies and headers support
HTTP headers from file
User agent randomization
Proxy host randomization
Batch processing
Request delaying
429 response code detecting
Multiple wordlist formats (lowercase, uppercase, capitalization)
Default configuration from file
Option to force requests by hostname
Option to add custom suffixes and prefixes
Option to whitelist response codes, support ranges (-i 200,300-399)
Option to blacklist response codes, support ranges (-x 404,500-599)
Option to exclude responses by sizes
Option to exclude responses by texts
Option to exclude responses by regexp(s)
Option to exclude responses by redirects
Options to display only items with response length from range
Option to remove all extensions from every wordlist entry
Quiet mode
Debug mode
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/maurosoria/dirsearch.git
2) cd dirsearch
3) python3 dirsearch.py -u <URL> -e <EXTENSIONS>
4) To can use SOCKS proxy or work with ../ in the wordlist, you need to install pips with requirements.txt: pip3 install -r requirements.txt
If you are using Windows and don't have git, you can install the ZIP file here. Dirsearch also supports Docker
Dirsearch requires python 3 or greater
5) dirsearch.py [-u|--url] target [-e|--extensions] extensions [options]
Example:
root/
index.%EXT%
Passing the extensions "asp" and "aspx" (-e asp,aspx) will generate the following dictionary:
root/
index
index.asp
index.aspx
For wordlists without %EXT% (like SecLists), you need to use the -f | --force-extensions switch to append extensions to every word in the wordlists, as well as the "/". And for entries in the wordlist that you do not want to force, you can add %NOFORCE% at the end of them so dirsearch won't append any extension.
Example:
admin
home.%EXT%
api%NOFORCE%
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - maurosoria/dirsearch: Web path scanner
Web path scanner. Contribute to maurosoria/dirsearch development by creating an account on GitHub.
Forwarded from DailyCVE
π΅Unpatched Maxthon browser (Windows client) has dll hijacking vulnerability:
https://dailycve.com/unpatched-maxthon-browser-windows-client-has-dll-hijacking-vulnerability
https://dailycve.com/unpatched-maxthon-browser-windows-client-has-dll-hijacking-vulnerability
Dailycve
Unpatched Maxthon browser (Windows client) has dll hijacking vulnerability | CVE
Details:
The web browser is the Maxthon Browser.
There is a DLL hijacking flaw in the Maxthon browser (Windows client). Attackers are able to run malicious code exploiting this loophole.
Affected Versions:
Maxthon Browser (Windows client) 5
β¦
Forwarded from DailyCVE
π΅McAfee Agent authorization issue vulnerability (DC: 219-2021)
https://dailycve.com/mcafee-agent-authorization-issue-vulnerability
https://dailycve.com/mcafee-agent-authorization-issue-vulnerability
Dailycve
McAfee Agent authorization issue vulnerability | CVE
Details:
Mcafee McAfee Agent (MA) is a collection of Mcafee (Mcafee) client components that provide safe connectivity between the managed products and ePolicy Orchestrator (anti-virus software management platform). McAfee Agent for Windows previous toβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Microsoft's application to support the SpaceX Starlink Internet satellite group in an FCC lawsuit failed.
#bugs
#bugs
