β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is CVE-2014-6271 Detail >?
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
>Written by Undercode- Powered by Gov Site
t.me/UndercOdeTesting
ππΌππ πππΈβπ :
π¦ Current Description
1) GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables,
2) which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka
3) "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
π¦References to Advisories, Solutions, and Tools :
1) By selecting these links, you will be leaving NIST webspace.
2) We have provided these links to other web sites because they may have information that would be of interest to you.
3) No inferences should be drawn on account of other sites being referenced, or not, from this page. T
4) here may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites
Hyperlink Resource
http://advisories.mageia.org/MGASA-2014-0388.html Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html Third Party Advisory
http://jvn.jp/en/jp/JVN55667175/index.html Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 Third Party Advisory VDB Entry Vendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 Third Party Advisory
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1293.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1294.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html Third Party Advisory
http://marc.info/?l=bugtraq&m=141216207813411&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141216668515282&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141235957116749&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141319209015420&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141330425327438&w=2
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is CVE-2014-6271 Detail >?
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
>Written by Undercode- Powered by Gov Site
t.me/UndercOdeTesting
ππΌππ πππΈβπ :
π¦ Current Description
1) GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables,
2) which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka
3) "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
π¦References to Advisories, Solutions, and Tools :
1) By selecting these links, you will be leaving NIST webspace.
2) We have provided these links to other web sites because they may have information that would be of interest to you.
3) No inferences should be drawn on account of other sites being referenced, or not, from this page. T
4) here may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites
Hyperlink Resource
http://advisories.mageia.org/MGASA-2014-0388.html Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html Third Party Advisory
http://jvn.jp/en/jp/JVN55667175/index.html Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126 Third Party Advisory VDB Entry Vendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 Third Party Advisory
http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1293.html Third Party Advisory
http://linux.oracle.com/errata/ELSA-2014-1294.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html Third Party Advisory
http://marc.info/?l=bugtraq&m=141216207813411&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141216668515282&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141235957116749&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141319209015420&w=2 Third Party Advisory
http://marc.info/?l=bugtraq&m=141330425327438&w=2
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ The web pentesting- script lastest post by undercode include CVE-2014-6271 -Verified by UndercOde so use for learn only π
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ CVE identifiers :
MITRE Corporation's documentation defines CVE Identifiers (also called "CVE names", "CVE numbers", "CVE-IDs", and "CVEs") as unique, common identifiers for publicly known information-security vulnerabilities in publicly released software packages.
twitter.com/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
Syntax::
1> In order to support CVE ID's beyond CVE-YEAR-9999 (aka the CVE10k problem, cf. year 10,000 problem) a change was made to the CVE syntax in 2014 and took effect on Jan 13, 2015
2>The new CVE-ID syntax is variable length and includes:
CVE prefix + Year + Arbitrary Digits
3> NOTE: The variable length arbitrary digits will begin at four (4) fixed digits and expand with arbitrary digits only when needed in a calendar year, for example, CVE-YYYY-NNNN and if needed CVE-YYYY-NNNNN, CVE-YYYY-NNNNNN, and so on. This also means there will be no changes needed to previously assigned CVE-IDs, which all include a minimum of 4 digits.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ CVE identifiers :
MITRE Corporation's documentation defines CVE Identifiers (also called "CVE names", "CVE numbers", "CVE-IDs", and "CVEs") as unique, common identifiers for publicly known information-security vulnerabilities in publicly released software packages.
twitter.com/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
Syntax::
1> In order to support CVE ID's beyond CVE-YEAR-9999 (aka the CVE10k problem, cf. year 10,000 problem) a change was made to the CVE syntax in 2014 and took effect on Jan 13, 2015
2>The new CVE-ID syntax is variable length and includes:
CVE prefix + Year + Arbitrary Digits
3> NOTE: The variable length arbitrary digits will begin at four (4) fixed digits and expand with arbitrary digits only when needed in a calendar year, for example, CVE-YYYY-NNNN and if needed CVE-YYYY-NNNNN, CVE-YYYY-NNNNNN, and so on. This also means there will be no changes needed to previously assigned CVE-IDs, which all include a minimum of 4 digits.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to change Xwin's refresh rate bny UndercOde
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) If you are using Redhat your X window configuration file is / etc / X11 / XF86Config Slackware's X Window configuration file is / etc / XF86Config
π¦ In that file you will see something like this:
# 640x400 @ 70 Hz , 31.5 kHz hsync Modeline "640x400" 25.175 640 664 760 800 400 409 411 450 # 640x480 @ 60 Hz, 31.5 kHz hsync Modeline "640x480" 25.175 640 664 760 800 480 491 493 525 # 800x600 @ 56 Hz, 35.15 kHz hsync ModeLine " 800x600 "36 800 824 896 1024 600 601 603 625 # 1024x768 @ 87 Hz interlaced, 35.5 kHz hsync Modeline" 1024x768 "44.9 1024 1048 1208 1264 768 776 784 817 Interlace
# 640x480 @ 72 Hz, 36.5 kHz hsync Modeline" 640x480 "31.5 640 680 720 864 480 488 491 521 # 800x600 @ 60 Hz, 37.8 kHz hsync Modeline β800x600β 40 800 840 968 1056 600 601 605 628 + hsync + vsync
# 800x600 @ 72 Hz, 48.0 kHz hsync Modeline "800x600" 50 800 856 976 1040 600 637 643 666 + hsync + vsync # 1024x768 @ 60 Hz, 48.4 kHz hsync Modeline "1024x768" 65 1024 1032 1176 1344 768 771 777 806 -hsync -vsync
# 1024x768 @ 70 Hz, 56.5 kHz hsync Modeline "1024x768" 75 1024 1048 1184 1328 768 771 777 806 -hsync -vsync # 1280x1024 @ 87 Hz interlaced, 51 kHz hsync Modeline "1280x1024" 80 1280 1296 1512 1568 1024 1025 1037 1165 Interlace
2) These things control the settings of your graphics card.
> For example, the following line notes that the resolution is 1280x1024 and the refresh rate is 76 Hz. The line scan frequency is 81.13 kilohertz # 1280x1024 @ 76 Hz, 81.13 kHz hsync Set the graphics card in this line: Modeline β1280x1024β 135 1280 1312 1416 1664 1024 1027 1030 1064
3) The meaning of each item in this line is as follows: (from the left To the right)
> mode line, resolution, pixel frequency (megahertz), number of pixels per line, clock cycle at which line synchronization (blanking) pulse starts, clock period at which line synchronization (blanking) pulse ends, The number of clock cycles, the number of image lines per frame, the number of scanning lines at the beginning of the frame synchronization pulse, the number of scanning lines at the end of the frame synchronization pulse, and the number of scanning lines per frame.
4) Adjust these numbers to make the most of your graphics card and monitor.
> For example, your graphics card has a megabyte of memory and you can set it to a resolution of 1152x900. :-) What you need to be careful of is to carefully check the scan frequency allowed by your monitor. Some monitors will burn the line scan transistor when they receive too high scan sync pulses. I have burned a display.
5) The transistor is not very easy to buy. The line scan transistor of a color TV is usually not available. The frequency is too low and the power is not high enough. :-( The
> next question is what pixel frequency your graphics card can use. For example, the above line requires 135MHz, but your card only has 125 MHz. It's over 125.
6) If there are multiple mode lines in your configuration file corresponding to the resolution you want, you can use # to seal other low-frequency mode lines, leaving only the frequencies you want. You can change the scanning frequency.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to change Xwin's refresh rate bny UndercOde
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) If you are using Redhat your X window configuration file is / etc / X11 / XF86Config Slackware's X Window configuration file is / etc / XF86Config
π¦ In that file you will see something like this:
# 640x400 @ 70 Hz , 31.5 kHz hsync Modeline "640x400" 25.175 640 664 760 800 400 409 411 450 # 640x480 @ 60 Hz, 31.5 kHz hsync Modeline "640x480" 25.175 640 664 760 800 480 491 493 525 # 800x600 @ 56 Hz, 35.15 kHz hsync ModeLine " 800x600 "36 800 824 896 1024 600 601 603 625 # 1024x768 @ 87 Hz interlaced, 35.5 kHz hsync Modeline" 1024x768 "44.9 1024 1048 1208 1264 768 776 784 817 Interlace
# 640x480 @ 72 Hz, 36.5 kHz hsync Modeline" 640x480 "31.5 640 680 720 864 480 488 491 521 # 800x600 @ 60 Hz, 37.8 kHz hsync Modeline β800x600β 40 800 840 968 1056 600 601 605 628 + hsync + vsync
# 800x600 @ 72 Hz, 48.0 kHz hsync Modeline "800x600" 50 800 856 976 1040 600 637 643 666 + hsync + vsync # 1024x768 @ 60 Hz, 48.4 kHz hsync Modeline "1024x768" 65 1024 1032 1176 1344 768 771 777 806 -hsync -vsync
# 1024x768 @ 70 Hz, 56.5 kHz hsync Modeline "1024x768" 75 1024 1048 1184 1328 768 771 777 806 -hsync -vsync # 1280x1024 @ 87 Hz interlaced, 51 kHz hsync Modeline "1280x1024" 80 1280 1296 1512 1568 1024 1025 1037 1165 Interlace
2) These things control the settings of your graphics card.
> For example, the following line notes that the resolution is 1280x1024 and the refresh rate is 76 Hz. The line scan frequency is 81.13 kilohertz # 1280x1024 @ 76 Hz, 81.13 kHz hsync Set the graphics card in this line: Modeline β1280x1024β 135 1280 1312 1416 1664 1024 1027 1030 1064
3) The meaning of each item in this line is as follows: (from the left To the right)
> mode line, resolution, pixel frequency (megahertz), number of pixels per line, clock cycle at which line synchronization (blanking) pulse starts, clock period at which line synchronization (blanking) pulse ends, The number of clock cycles, the number of image lines per frame, the number of scanning lines at the beginning of the frame synchronization pulse, the number of scanning lines at the end of the frame synchronization pulse, and the number of scanning lines per frame.
4) Adjust these numbers to make the most of your graphics card and monitor.
> For example, your graphics card has a megabyte of memory and you can set it to a resolution of 1152x900. :-) What you need to be careful of is to carefully check the scan frequency allowed by your monitor. Some monitors will burn the line scan transistor when they receive too high scan sync pulses. I have burned a display.
5) The transistor is not very easy to buy. The line scan transistor of a color TV is usually not available. The frequency is too low and the power is not high enough. :-( The
> next question is what pixel frequency your graphics card can use. For example, the above line requires 135MHz, but your card only has 125 MHz. It's over 125.
6) If there are multiple mode lines in your configuration file corresponding to the resolution you want, you can use # to seal other low-frequency mode lines, leaving only the frequencies you want. You can change the scanning frequency.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Infrared devices in Linux full bu UndercOde
This article mainly introduces the relationship between Infrared and Linux, and describes the types of Infrared and the protocols and architectures supported by Linux Infrared. Linux IrDA uses IrDA infrared wireless transmission to communicate with peripheral devices. These devices include printers, modems, fax machines, mobile phones, and today's applications on PDAs.
Pinterest.com/UndercOdeOfficial
π¦ The types of Infrared include:
1) SIR: Standard IR-115200bps (emulation Serial Port)
2) MIR: Middle IR-1.15Mbps
3) FIR: Fast IR-4Mbps
4) VFIR: Very Fast IR-16Mbpshgdi
5) Dongle: Infrared adapters for the serial port
π¦ Linux Infrared Supported protocols:
Linux The protocols supported by IrDA include
1) .IrLAP
2) .IrLMP
3) .IrIAS
4) .IrIAP
5) .IrLPT-transfers between printers
6) .IrCOMM-emulate Serial and Parallel port
7) .IrOBEX-object (file etc.) transmission
8) .IrLAN-infrared network device (HTTP etc.)
9). IrSocket
π¦ The architecture of IrMC Linux Infrared:
Since its development in 1997, Linux IrDA is basically divided into two parts:
1) Linux-IrDA source code integrated in the Linux kernel Kernel version 2.2.x ~
directory-
γγ/ usr / src / linux / net / irda (protocal stuff)
γγ/ usr / src / linux / drivers / net / irda (device drivers)
γγ/ usr / src / linux / include / net / irda (header files)
2) Linux-IrDA tools.
PS. Currently throwing It is an experimental stage.
π¦ Linux system settings:
1) Edit file: /etc/conf.modules
#Irda
alias tty-ldisc-11 irtty
alias char-major-161 ircomm-tty
# post-install ircomm-tty /etc/rc.d /init.d/rc.irda autostart
# post-remove ircomm-tty /etc/rc.d/init.d/rc.irda autostop
2) Run: depmod -a
File the Edit: / etc / IrDA / your ON the IR Chip Drivers the depend.
3) The Run: depmod -a
π¦ HOW TO ?
In Case Dell Inspiron 5000
1) determines BIOS has IrDA enabled, and the recording system allocates resources (IRQ, DMA, I / O Port )
2) When recompiling Kernel
make menuconfig, IrDA modules are enabled, and check the protocols that need to be supported.
3) Install Irda-utils RPM
> irmanager: Detect peripheral infrared devices
irattach: Enable (mount) infrared
irdadump: Monitor the transmission between infrared devices
irdaping : Ping infrared peripheral device
irkbd: infrared keyboard
4) system is set with reference to the previous section
VI /etc/rc.config START_IRDA = Yes
LN -s /etc/rc.config /etc/rc.d/rd3.d/S99irda
the mknod / dev / irnine c 161 0
ln -s / dev / pilot / etc / irnine
E N J O Y
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Infrared devices in Linux full bu UndercOde
This article mainly introduces the relationship between Infrared and Linux, and describes the types of Infrared and the protocols and architectures supported by Linux Infrared. Linux IrDA uses IrDA infrared wireless transmission to communicate with peripheral devices. These devices include printers, modems, fax machines, mobile phones, and today's applications on PDAs.
Pinterest.com/UndercOdeOfficial
π¦ The types of Infrared include:
1) SIR: Standard IR-115200bps (emulation Serial Port)
2) MIR: Middle IR-1.15Mbps
3) FIR: Fast IR-4Mbps
4) VFIR: Very Fast IR-16Mbpshgdi
5) Dongle: Infrared adapters for the serial port
π¦ Linux Infrared Supported protocols:
Linux The protocols supported by IrDA include
1) .IrLAP
2) .IrLMP
3) .IrIAS
4) .IrIAP
5) .IrLPT-transfers between printers
6) .IrCOMM-emulate Serial and Parallel port
7) .IrOBEX-object (file etc.) transmission
8) .IrLAN-infrared network device (HTTP etc.)
9). IrSocket
π¦ The architecture of IrMC Linux Infrared:
Since its development in 1997, Linux IrDA is basically divided into two parts:
1) Linux-IrDA source code integrated in the Linux kernel Kernel version 2.2.x ~
directory-
γγ/ usr / src / linux / net / irda (protocal stuff)
γγ/ usr / src / linux / drivers / net / irda (device drivers)
γγ/ usr / src / linux / include / net / irda (header files)
2) Linux-IrDA tools.
PS. Currently throwing It is an experimental stage.
π¦ Linux system settings:
1) Edit file: /etc/conf.modules
#Irda
alias tty-ldisc-11 irtty
alias char-major-161 ircomm-tty
# post-install ircomm-tty /etc/rc.d /init.d/rc.irda autostart
# post-remove ircomm-tty /etc/rc.d/init.d/rc.irda autostop
2) Run: depmod -a
File the Edit: / etc / IrDA / your ON the IR Chip Drivers the depend.
3) The Run: depmod -a
π¦ HOW TO ?
In Case Dell Inspiron 5000
1) determines BIOS has IrDA enabled, and the recording system allocates resources (IRQ, DMA, I / O Port )
2) When recompiling Kernel
make menuconfig, IrDA modules are enabled, and check the protocols that need to be supported.
3) Install Irda-utils RPM
> irmanager: Detect peripheral infrared devices
irattach: Enable (mount) infrared
irdadump: Monitor the transmission between infrared devices
irdaping : Ping infrared peripheral device
irkbd: infrared keyboard
4) system is set with reference to the previous section
VI /etc/rc.config START_IRDA = Yes
LN -s /etc/rc.config /etc/rc.d/rd3.d/S99irda
the mknod / dev / irnine c 161 0
ln -s / dev / pilot / etc / irnine
E N J O Y
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦All Linux command: bzip2
bzip2
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Function description: Compression program for .bz2 file.
2) Syntax: bzip2 [-cdfhkLstvVz] [-repetitive-best] [-repetitive-fast] [-compression level] [files to be compressed]
3) Supplementary explanation: bzip2 uses a new compression algorithm, and the compression effect is better than traditional LZ77 / The LZ78 compression algorithm is good. If you do not add any parameters, bzip2 will generate a .bz2 compressed file after deleting the file, and delete the original file.
π¦ Parameters:
γ-c or --stdout send compressed and decompressed results to standard output.
γ-d or --decompress performs decompression.
γ-f or --force bzip2 When compressing or decompressing, if the output file has the same name as an existing file, the preset file will not be overwritten by default. To override, use this parameter.
γ-h or --help Display help.
γ-k or --keep bzip2 deletes the original file after compression or
decompression. To keep the original file, use this parameter.
γ-s or --small reduces the amount of memory used during program execution.
γ-t or --test Test the integrity of the .bz2 compressed file.
γ-v or --verbose Display detailed information when compressing or decompressing files.
γ-z or --compress Force compression.
γ-L, --license,
γ-V or --version Display version information.
γ--repetitive-best If there are repeated data in the file, you can use this parameter to improve the compression effect.
γ--repetitive-fast If there is repeated information in the file, this parameter can be used to speed up the execution.
γ-Compression level Block size when compressed.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦All Linux command: bzip2
bzip2
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Function description: Compression program for .bz2 file.
2) Syntax: bzip2 [-cdfhkLstvVz] [-repetitive-best] [-repetitive-fast] [-compression level] [files to be compressed]
3) Supplementary explanation: bzip2 uses a new compression algorithm, and the compression effect is better than traditional LZ77 / The LZ78 compression algorithm is good. If you do not add any parameters, bzip2 will generate a .bz2 compressed file after deleting the file, and delete the original file.
π¦ Parameters:
γ-c or --stdout send compressed and decompressed results to standard output.
γ-d or --decompress performs decompression.
γ-f or --force bzip2 When compressing or decompressing, if the output file has the same name as an existing file, the preset file will not be overwritten by default. To override, use this parameter.
γ-h or --help Display help.
γ-k or --keep bzip2 deletes the original file after compression or
decompression. To keep the original file, use this parameter.
γ-s or --small reduces the amount of memory used during program execution.
γ-t or --test Test the integrity of the .bz2 compressed file.
γ-v or --verbose Display detailed information when compressing or decompressing files.
γ-z or --compress Force compression.
γ-L, --license,
γ-V or --version Display version information.
γ--repetitive-best If there are repeated data in the file, you can use this parameter to improve the compression effect.
γ--repetitive-fast If there is repeated information in the file, this parameter can be used to speed up the execution.
γ-Compression level Block size when compressed.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 topic Geolocation Spy (GeoSpy) is an OSINT analysis and research tool that is used to track and execute
intelligent social engineering attacks in real time. It was created with the aim of teaching the world
show large Internet companies could obtain confidential information such as the status of sessions of their
websites or services and control their users through their browser, without their knowlege, but It evolves
with the aim of helping government organizations, companies and researchers to track the cybercriminals
π¦ ππΌππ πππΈβπ :
1) git clone https://github.com/entynetproject/geospy
2) cd geospy
3) chmod +x install.sh
4) ./install.sh
π¦ Commands:
Geolocation Spy execution
geospy -h
usage: geospy [-h] [-v] [-u URL] [-p PORT] [-ak ACCESSKEY] [-l LOCAL] [-n]
[-ic INJC] [-ud]
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Put the web page URL to clone.
-p PORT, --port PORT Insert your port.
-ak ACCESSKEY, --accesskey ACCESSKEY
Insert your custom Access Key.
-n, --ngrok Insert your ngrok Authtoken.
-ic INJC, --injectcode INJC
Insert your custom REST API path.
-ud, --update Update GeoSpy to the latest version.
π¦ Tested by UndercOde on
Ubuntu
debian
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 topic Geolocation Spy (GeoSpy) is an OSINT analysis and research tool that is used to track and execute
intelligent social engineering attacks in real time. It was created with the aim of teaching the world
show large Internet companies could obtain confidential information such as the status of sessions of their
websites or services and control their users through their browser, without their knowlege, but It evolves
with the aim of helping government organizations, companies and researchers to track the cybercriminals
π¦ ππΌππ πππΈβπ :
1) git clone https://github.com/entynetproject/geospy
2) cd geospy
3) chmod +x install.sh
4) ./install.sh
π¦ Commands:
Geolocation Spy execution
geospy -h
usage: geospy [-h] [-v] [-u URL] [-p PORT] [-ak ACCESSKEY] [-l LOCAL] [-n]
[-ic INJC] [-ud]
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Put the web page URL to clone.
-p PORT, --port PORT Insert your port.
-ak ACCESSKEY, --accesskey ACCESSKEY
Insert your custom Access Key.
-n, --ngrok Insert your ngrok Authtoken.
-ic INJC, --injectcode INJC
Insert your custom REST API path.
-ud, --update Update GeoSpy to the latest version.
π¦ Tested by UndercOde on
Ubuntu
debian
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
entynetproject/quack
Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools. - entynetproject/quack
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security issues with NFS services Full by UndercOde :
The NFS service of the Unix system is equivalent to the file sharing service on the MS system. Some people may think that this is an inappropriate analogy, but the two have surprisingly similar security issues.
> Just as many security problems on NT / Windows machines come from sharing Like resources, the misconfiguration of the NFS service can also allow your system to be taken over by intruders. NFS is built on the RPC (Remote Procedure Call) mechanism. Similarly, NT-based services on the RPC mechanism are not secure; they are shared for MS Resource attacks are currently the most popular NT attack method on the Internet. Attacks on NFS are also the most common method for UNix platform machines.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
The insecurity of NFS is mainly reflected in the following 4 aspects:
1) Novice access control mechanism for NFS handy difficult to achieve control objectives accuracy difficult to achieve
2) NFS no real user authentication mechanism, but only authentication mechanism to process RPC / Mount request
3) earlier NFS allows unauthorized users to obtain a valid file handle
4) In a RPC remote call, a SUID program has superuser privileges.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security issues with NFS services Full by UndercOde :
The NFS service of the Unix system is equivalent to the file sharing service on the MS system. Some people may think that this is an inappropriate analogy, but the two have surprisingly similar security issues.
> Just as many security problems on NT / Windows machines come from sharing Like resources, the misconfiguration of the NFS service can also allow your system to be taken over by intruders. NFS is built on the RPC (Remote Procedure Call) mechanism. Similarly, NT-based services on the RPC mechanism are not secure; they are shared for MS Resource attacks are currently the most popular NT attack method on the Internet. Attacks on NFS are also the most common method for UNix platform machines.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
The insecurity of NFS is mainly reflected in the following 4 aspects:
1) Novice access control mechanism for NFS handy difficult to achieve control objectives accuracy difficult to achieve
2) NFS no real user authentication mechanism, but only authentication mechanism to process RPC / Mount request
3) earlier NFS allows unauthorized users to obtain a valid file handle
4) In a RPC remote call, a SUID program has superuser privileges.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Part 2 :Security issues with NFS services Full by UndercOde
We discuss them from these aspects:
π¦ ππΌππ πππΈβπ :
1) In the default case of most Unix systems When exporting a directory, if you do not specify read-only, the directory is writable; the NFS access control file is prone to misconfiguration. In many cases, it is configured to be accessible by any machine on the Internet. Remote users can use this command to It is found whether there is a configuration vulnerability in NFS. This command is a necessary step for almost all NFS attacks:
> showmount -e www.examl....com The
possible results are as follows:
/ usr (everyone)
/ export / target1 -access = target2
/ export / target2 -access = target1
2) You can mount the / usr directory on this NFS server to the local directory:
# mount www.exampl...com:/usr / tmp
3) This shows that the / usr directory can be mounted by any machine, and may even have write permissions; and / The export / target1 directory specifies host access restrictions, and must be a member of target2.exam,...com or a member of the Netgroup of target2 to mount.
4) Most intruders first use this command to query the NFS vulnerability on the target, just as the Netview command for NT It is worth reminding that the popular invasion method has changed from the previous attack method to determine the target to the method of invasion as long as there is opportunity for the opponent.
5) The intruder may write a script or a program using To scan a large range of addresses, list the results and report to yourself. Therefore, the correct configuration is very important. On the Internet, there are a lot of machines with wrong NFS settings. This configuration is generally stored in the / etc / exports file or / etc / dfs / dfstab.
6) The user authentication requested by the client from the client is composed of the user's UID and the GID of the group to which it belongs. This type of file access security verification is of course for systems without NFSIt is safe; but on the Internet, the root of other machines has the right to set such a UID on its own machine, and the NFS server does not matter whether the UID is on its own machine or not, as long as the UID matches, it will give this user operation on this file
π¦ EXample :
> For example, the directory / home / frank can only be opened for reading and writing by a user with a UID of 501, and this directory can be mounted by a remote machine.Then, the root user of this machine adds a user with a UID of 501, and then uses this The user logs in and mounts the directory, and can get the equivalent of 501 user operation permissions on the NFS server to read and write / home / frank. To solve this problem, you must properly configure exports, limit the host address of the customer, and explicitly set rw = host options, ro (read-only) options, and access = host options.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Part 2 :Security issues with NFS services Full by UndercOde
We discuss them from these aspects:
π¦ ππΌππ πππΈβπ :
1) In the default case of most Unix systems When exporting a directory, if you do not specify read-only, the directory is writable; the NFS access control file is prone to misconfiguration. In many cases, it is configured to be accessible by any machine on the Internet. Remote users can use this command to It is found whether there is a configuration vulnerability in NFS. This command is a necessary step for almost all NFS attacks:
> showmount -e www.examl....com The
possible results are as follows:
/ usr (everyone)
/ export / target1 -access = target2
/ export / target2 -access = target1
2) You can mount the / usr directory on this NFS server to the local directory:
# mount www.exampl...com:/usr / tmp
3) This shows that the / usr directory can be mounted by any machine, and may even have write permissions; and / The export / target1 directory specifies host access restrictions, and must be a member of target2.exam,...com or a member of the Netgroup of target2 to mount.
4) Most intruders first use this command to query the NFS vulnerability on the target, just as the Netview command for NT It is worth reminding that the popular invasion method has changed from the previous attack method to determine the target to the method of invasion as long as there is opportunity for the opponent.
5) The intruder may write a script or a program using To scan a large range of addresses, list the results and report to yourself. Therefore, the correct configuration is very important. On the Internet, there are a lot of machines with wrong NFS settings. This configuration is generally stored in the / etc / exports file or / etc / dfs / dfstab.
6) The user authentication requested by the client from the client is composed of the user's UID and the GID of the group to which it belongs. This type of file access security verification is of course for systems without NFSIt is safe; but on the Internet, the root of other machines has the right to set such a UID on its own machine, and the NFS server does not matter whether the UID is on its own machine or not, as long as the UID matches, it will give this user operation on this file
π¦ EXample :
> For example, the directory / home / frank can only be opened for reading and writing by a user with a UID of 501, and this directory can be mounted by a remote machine.Then, the root user of this machine adds a user with a UID of 501, and then uses this The user logs in and mounts the directory, and can get the equivalent of 501 user operation permissions on the NFS server to read and write / home / frank. To solve this problem, you must properly configure exports, limit the host address of the customer, and explicitly set rw = host options, ro (read-only) options, and access = host options.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ the purpose is to make NFS file handles difficult to guess. This information is generated by the stat (2) system call. Unfortunately, this call is used A function vn_stat () has a problem:
t.me/UndercOdeTesting
...
sb-> st_gen = vap-> va_gen;
sb-> st_blocks = vap-> va_bytes / S_BLKSIZE;
return (0);} The
π¦ above program code is exposed to generate st_gen All the information of this number, using this information, unauthorized users can get the handle of the file. The correct program should only allow this information to be exposed to root:
...
sb-> st_flags = vap-> va_flags;
if (suser (p-> p_ucred, & p-> p_acflag)) {
sb-> st_gen = 0;
} else {
sb-> st_gen = vap-> va_gen;
}
sb-> st_blocks = vap-> va_bytes / S_BLKSIZE;
return (0);
} In
this way, if it is not root, he can only get 0.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ the purpose is to make NFS file handles difficult to guess. This information is generated by the stat (2) system call. Unfortunately, this call is used A function vn_stat () has a problem:
t.me/UndercOdeTesting
...
sb-> st_gen = vap-> va_gen;
sb-> st_blocks = vap-> va_bytes / S_BLKSIZE;
return (0);} The
π¦ above program code is exposed to generate st_gen All the information of this number, using this information, unauthorized users can get the handle of the file. The correct program should only allow this information to be exposed to root:
...
sb-> st_flags = vap-> va_flags;
if (suser (p-> p_ucred, & p-> p_acflag)) {
sb-> st_gen = 0;
} else {
sb-> st_gen = vap-> va_gen;
}
sb-> st_blocks = vap-> va_bytes / S_BLKSIZE;
return (0);
} In
this way, if it is not root, he can only get 0.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security issues with NFS services
>most dangerous error is to export the directory containing the SUID program, and the file has the execution right .SUID program itself is equivalent to superuser.
pinterest.com/UndercOdeOfficial
π¦ solution:
1) and remove any shared solution from the NT, the best solution is to ban NFS service, or AFS service instead (Andrew File System).
2) if Be sure to open NFS, do not allow a single machine to be both client and server;
3) The file system exported is only set to read-only
4) The execution of programs with SUID characteristics is prohibited
5) Do not export the home directory
6) Do not export Implementation feature
7) Use some secure NFS implementation (though not necessarily really secure)
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security issues with NFS services
>most dangerous error is to export the directory containing the SUID program, and the file has the execution right .SUID program itself is equivalent to superuser.
pinterest.com/UndercOdeOfficial
π¦ solution:
1) and remove any shared solution from the NT, the best solution is to ban NFS service, or AFS service instead (Andrew File System).
2) if Be sure to open NFS, do not allow a single machine to be both client and server;
3) The file system exported is only set to read-only
4) The execution of programs with SUID characteristics is prohibited
5) Do not export the home directory
6) Do not export Implementation feature
7) Use some secure NFS implementation (though not necessarily really secure)
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ updates Wifi hack 2019 automate various wireless networks
twitter.com/UndercOdeTC
π¦Features :
1) Capture victims' traffic.
2) MAC address spoofing.
3) Set-up honeypot and evil twin attacks.
4) Show the list of in range access points.
5) Wireless adapter|card|dongle power amplification.
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/aress31/wirespy
2) go dir
3) chmod +x wirespy.sh
4) Run the script with root privileges:
> sudo ./wirespy.sh
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack
π¦ Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status
> Compatible with rooted Termux
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ updates Wifi hack 2019 automate various wireless networks
twitter.com/UndercOdeTC
π¦Features :
1) Capture victims' traffic.
2) MAC address spoofing.
3) Set-up honeypot and evil twin attacks.
4) Show the list of in range access points.
5) Wireless adapter|card|dongle power amplification.
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/aress31/wirespy
2) go dir
3) chmod +x wirespy.sh
4) Run the script with root privileges:
> sudo ./wirespy.sh
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack
π¦ Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status
> Compatible with rooted Termux
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Cracking Windows User Passwords
twitter.com/UNdercOdeTC
π¦ ππΌππ πππΈβπ :
1) the user name and password of the Windows system are stored in a SAM (Security Account Manager) file
> In Windows systems based on the NT kernel, including Windows 7 and later versions,
2) this file is saved in the "C: \ Windows \ System32 \ Config" directory. For security reasons, Microsoft has added some extra security measures to protect this file. First, after the operating system starts, the SAM file will be locked at the same time. This means that the user cannot open or copy the SAM file while the operating system is running. In addition to locking, the entire SAM file is encrypted and invisible.
3) Use John the Ripper tool to crack Windows user password.
a) Check the hard drive in the current system
> fdisk -l
The output shows that there is a disk in the current system and there is only one partition. The file system type is NTFS, which is also the disk that is stored in the Windows system.
b) Mount the hard drive. The execution command is as follows:
root@kali:~# mkdir /sda1
root@kali:~# mount /dev/sda1 /sda1/ /dev/sda1
After executing the above command, there is no output information.
c) Switch directories and enter the location of the Windows SAM file. The execution command is as follows:
root@kali:~# cd /sda1/WINDOWS/system32/config/
In this directory, you can see the SAM file.
d) Use SamDump2 to extract the SAM file. The execution command is as follows:
root@kali:/sda1/WINDOWS/system32/config# samdump2 utc system > /root/hash.txt
You can see from the output that the SAM file is extracted. Redirected the contents of the file to the /root/hash.txt file.
e) Run the john command to implement a password attack. The execution command is as follows:
root@kali:/sda1/WINDOWS/system32/config# /usr/sbin/john /root/hash.txt --format=nt
Created directory: /root/.undercode
Loaded 6 password hashes with no
different salts (NT MD4 [128/128 SSE2 + 32/32])
(Guest)
guesses: 4 time: 0:00:03:13 0.09% (3) (ETA: Mon May 12 06:46:42 2014) c/s: 152605K trying: 2KRIN.P - 2KRIDY8
guesses: 4 time: 0:00:04:26 0.13% (3) (ETA: Mon May 12 04:02:53 2014) c/s: 152912K trying: GR0KUHI - GR0KDN1
guesses: 4 time: 0:00:04:27 0.13% (3) (ETA: Mon May 12 04:15:42 2014) c/s: 152924K trying: HKCUUHT - HKCUGDS
THAT IT !
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Cracking Windows User Passwords
twitter.com/UNdercOdeTC
π¦ ππΌππ πππΈβπ :
1) the user name and password of the Windows system are stored in a SAM (Security Account Manager) file
> In Windows systems based on the NT kernel, including Windows 7 and later versions,
2) this file is saved in the "C: \ Windows \ System32 \ Config" directory. For security reasons, Microsoft has added some extra security measures to protect this file. First, after the operating system starts, the SAM file will be locked at the same time. This means that the user cannot open or copy the SAM file while the operating system is running. In addition to locking, the entire SAM file is encrypted and invisible.
3) Use John the Ripper tool to crack Windows user password.
a) Check the hard drive in the current system
> fdisk -l
The output shows that there is a disk in the current system and there is only one partition. The file system type is NTFS, which is also the disk that is stored in the Windows system.
b) Mount the hard drive. The execution command is as follows:
root@kali:~# mkdir /sda1
root@kali:~# mount /dev/sda1 /sda1/ /dev/sda1
After executing the above command, there is no output information.
c) Switch directories and enter the location of the Windows SAM file. The execution command is as follows:
root@kali:~# cd /sda1/WINDOWS/system32/config/
In this directory, you can see the SAM file.
d) Use SamDump2 to extract the SAM file. The execution command is as follows:
root@kali:/sda1/WINDOWS/system32/config# samdump2 utc system > /root/hash.txt
You can see from the output that the SAM file is extracted. Redirected the contents of the file to the /root/hash.txt file.
e) Run the john command to implement a password attack. The execution command is as follows:
root@kali:/sda1/WINDOWS/system32/config# /usr/sbin/john /root/hash.txt --format=nt
Created directory: /root/.undercode
Loaded 6 password hashes with no
different salts (NT MD4 [128/128 SSE2 + 32/32])
(Guest)
guesses: 4 time: 0:00:03:13 0.09% (3) (ETA: Mon May 12 06:46:42 2014) c/s: 152605K trying: 2KRIN.P - 2KRIDY8
guesses: 4 time: 0:00:04:26 0.13% (3) (ETA: Mon May 12 04:02:53 2014) c/s: 152912K trying: GR0KUHI - GR0KDN1
guesses: 4 time: 0:00:04:27 0.13% (3) (ETA: Mon May 12 04:15:42 2014) c/s: 152924K trying: HKCUUHT - HKCUGDS
THAT IT !
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Twitter
UNDERCODE TESTING COMPANY (@UnderCodeTC) | Twitter
The latest Tweets from UNDERCODE TESTING COMPANY (@UnderCodeTC). πΈππ§πππππ & πΈππ¨ππͺπ€ ππ‘πππ₯ππ. Lebanon-North
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking Linux User Passwords
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) Cracking a Linux password is basically similar to cracking a Windows password, with only one difference in the process. Linux systems do not use the SAM folder to hold password hashes. The Linux system includes the encrypted password hash in a file called shadow, whose absolute path is / etc / shadow.
2) However, before using the John the Ripper to crack the / etc / shadow file, you also need the / etc / passwd file. This is the same reason that extracting the Windows password hash requires the system file and the SAM file. John the Ripper comes with a feature that combines shadow and passwd files so that you can use this tool to crack user passwords on Linux systems. This section will introduce methods to crack Linux user passwords.
3) Use John the Ripper tool to crack Linux user password. The specific operation steps are shown below.
(1) Use unshadow to extract the password hash. The execution command is as follows:
root@kali:~# unshadow /etc/passwd /etc/shadow > /tmp/linux_hashes.txt
After executing the above command, the / etc / passwd / file is combined with the / etc / shadow / file to generate a file called linux_hashes.txt, which is stored in the / tmp / directory.
(2) Crack the Linux user password. The execution command is as follows:
root@kali:~# john --format=crypt --show /tmp/linux_hashes.txt
root:123456:0:0:root:/root:/bin/bash
bob:123456:1000:1001::/home/bob:/bin/sh
alice:123456:1001:1002::/home/alice:/bin/sh
3 password hashes cracked, 0 left
(3)From the output, you can see that there are three users in the current system and their passwords are 123456.
270-01Note: Before using John the Ripper to start cracking Linux passwords, you need to use a version of John the Ripper that supports cracking different types of password hashes. If you use the wrong version or use the unpatched John the Ripper, the program will return the error message No password hashes loaded. Most modern Linux systems use SHA hash encryption algorithms to save passwords.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking Linux User Passwords
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) Cracking a Linux password is basically similar to cracking a Windows password, with only one difference in the process. Linux systems do not use the SAM folder to hold password hashes. The Linux system includes the encrypted password hash in a file called shadow, whose absolute path is / etc / shadow.
2) However, before using the John the Ripper to crack the / etc / shadow file, you also need the / etc / passwd file. This is the same reason that extracting the Windows password hash requires the system file and the SAM file. John the Ripper comes with a feature that combines shadow and passwd files so that you can use this tool to crack user passwords on Linux systems. This section will introduce methods to crack Linux user passwords.
3) Use John the Ripper tool to crack Linux user password. The specific operation steps are shown below.
(1) Use unshadow to extract the password hash. The execution command is as follows:
root@kali:~# unshadow /etc/passwd /etc/shadow > /tmp/linux_hashes.txt
After executing the above command, the / etc / passwd / file is combined with the / etc / shadow / file to generate a file called linux_hashes.txt, which is stored in the / tmp / directory.
(2) Crack the Linux user password. The execution command is as follows:
root@kali:~# john --format=crypt --show /tmp/linux_hashes.txt
root:123456:0:0:root:/root:/bin/bash
bob:123456:1000:1001::/home/bob:/bin/sh
alice:123456:1001:1002::/home/alice:/bin/sh
3 password hashes cracked, 0 left
(3)From the output, you can see that there are three users in the current system and their passwords are 123456.
270-01Note: Before using John the Ripper to start cracking Linux passwords, you need to use a version of John the Ripper that supports cracking different types of password hashes. If you use the wrong version or use the unpatched John the Ripper, the program will return the error message No password hashes loaded. Most modern Linux systems use SHA hash encryption algorithms to save passwords.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Crunch tools -debian-parrot-kali tools :
twitter.com/UndercOdeTc
π¦ ππΌππ πππΈβπ :
a) Crunch is a tool for creating password dictionaries, which is usually used for brute force cracking. Passwords generated using the Crunch tool can be sent to a terminal, a file, or another program. The following will introduce the creation of a password dictionary using the Crunch tool> https://github.com/crunchsec/crunch
b) Generate a dictionary using Crunch. The specific operation steps are shown below.
1) Start the crunch command. The execution command is shown below.
root@kali:~# crunch
After executing the above command, the following information will be output:
2) Crunch can create a wordlist based on criteria you specify. The outout from crunch can be sent to the screen, file, or to another program.
Usage: crunch <min> <max> [options]
where min and max are numbers
Please refer to the man page for instructions and examples on how to use crunch.
3) The output shows the version and syntax of the crunch command. The syntax for generating a password using the crunch command is as follows:
4) crunch [minimum length] [maximum length] [character set] [options]
The options commonly used by the crunch command are shown below.
-o: Used to specify the location of the output dictionary file.
-b: specifies the maximum number of bytes written to the file. The size can be specified in KB, MB, or GB, but must be used with the -o START option.
-t: Set the special format used.
-l: This option is used to identify some characters of the placeholder when the -t option specifies @,%, or ^.
5) Create a password list file and save it on the desktop. Among them, the minimum length of the generated password list is 8 and the maximum length is 10, and ABCDEFGabcdefg0123456789 is used as the character set. The execution command is as follows:
root@kali:~# crunch 8 10 ABCDEFGabcdefg0123456789 βo /root/Desktop/
generatedCrunch.txt
Notice: Detected unicode characters. If you are piping crunch output
to another program such as john or aircrack please make sure that program
can handle unicode input.
Do you want to continue? [Y/n] y
Crunch will now generate the following amount of data: 724845943848960 bytes
691266960 MB
675065 GB
659 TB
0 PB
Crunch will now generate the following number of lines: 66155263819776
AAAAAAAA
AAAAAAAB
AAAAAAAC
AAAAAAAD
AAAAAAAE
AAAAAAAF
AAAAAAAG
AAAAAAAa
AAAAAAAb
AAAAAAAc
β¦β¦
AAdb6gFe
AAdb6gFf
AAdb6gFg
AAdb6gF0
AAdb6gF1
AAdb6gF2
AAdb6gF3
AAdb6gF4
AAdb6gF5
From the output information above, you can see that a 659TB large file will be generated, with a total of 66,552,638,976,976 lines. After the execution of the above command is completed, a dictionary file named generatedCrunch.txt will be generated on the desktop. Because there are many passwords generated by combination, it takes a long time.
6) After the above password dictionary file is generated, use the Nano command to open it. The execution command is as follows:
root@kali:~# nano /root/Desktop/generatedCrunch.txt
After executing the above command, the generatedCrunch.txt file will be opened. This file holds all passwords generated using the crunch command.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Crunch tools -debian-parrot-kali tools :
twitter.com/UndercOdeTc
π¦ ππΌππ πππΈβπ :
a) Crunch is a tool for creating password dictionaries, which is usually used for brute force cracking. Passwords generated using the Crunch tool can be sent to a terminal, a file, or another program. The following will introduce the creation of a password dictionary using the Crunch tool> https://github.com/crunchsec/crunch
b) Generate a dictionary using Crunch. The specific operation steps are shown below.
1) Start the crunch command. The execution command is shown below.
root@kali:~# crunch
After executing the above command, the following information will be output:
2) Crunch can create a wordlist based on criteria you specify. The outout from crunch can be sent to the screen, file, or to another program.
Usage: crunch <min> <max> [options]
where min and max are numbers
Please refer to the man page for instructions and examples on how to use crunch.
3) The output shows the version and syntax of the crunch command. The syntax for generating a password using the crunch command is as follows:
4) crunch [minimum length] [maximum length] [character set] [options]
The options commonly used by the crunch command are shown below.
-o: Used to specify the location of the output dictionary file.
-b: specifies the maximum number of bytes written to the file. The size can be specified in KB, MB, or GB, but must be used with the -o START option.
-t: Set the special format used.
-l: This option is used to identify some characters of the placeholder when the -t option specifies @,%, or ^.
5) Create a password list file and save it on the desktop. Among them, the minimum length of the generated password list is 8 and the maximum length is 10, and ABCDEFGabcdefg0123456789 is used as the character set. The execution command is as follows:
root@kali:~# crunch 8 10 ABCDEFGabcdefg0123456789 βo /root/Desktop/
generatedCrunch.txt
Notice: Detected unicode characters. If you are piping crunch output
to another program such as john or aircrack please make sure that program
can handle unicode input.
Do you want to continue? [Y/n] y
Crunch will now generate the following amount of data: 724845943848960 bytes
691266960 MB
675065 GB
659 TB
0 PB
Crunch will now generate the following number of lines: 66155263819776
AAAAAAAA
AAAAAAAB
AAAAAAAC
AAAAAAAD
AAAAAAAE
AAAAAAAF
AAAAAAAG
AAAAAAAa
AAAAAAAb
AAAAAAAc
β¦β¦
AAdb6gFe
AAdb6gFf
AAdb6gFg
AAdb6gF0
AAdb6gF1
AAdb6gF2
AAdb6gF3
AAdb6gF4
AAdb6gF5
From the output information above, you can see that a 659TB large file will be generated, with a total of 66,552,638,976,976 lines. After the execution of the above command is completed, a dictionary file named generatedCrunch.txt will be generated on the desktop. Because there are many passwords generated by combination, it takes a long time.
6) After the above password dictionary file is generated, use the Nano command to open it. The execution command is as follows:
root@kali:~# nano /root/Desktop/generatedCrunch.txt
After executing the above command, the generatedCrunch.txt file will be opened. This file holds all passwords generated using the crunch command.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β