β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Fast subdomains enumeration tool for penetration testers
t.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone git clone https://github.com/aboul3la/Sublist3r.git
2) cd Sublist3r
3) Installation on Windows:
> c:\python27\python.exe -m pip install -r requirements.txt
Installation on Linux
> sudo pip install -r requirements.txt
Install for Windows:
> c:\python27\python.exe -m pip install requests
Install for Ubuntu/Debian:
> sudo apt-get install python-requests
Install for Centos/Redhat:
> sudo yum install python-requests
Install using pip on Linux :
> sudo pip install requests
π¦argparse Module
Install for Ubuntu/Debian:
> sudo apt-get install python-argparse
> Install for Centos/Redhat:
sudo yum install python-argparse
> Install using pip:
sudo pip install argparse
for coloring in windows install the following libraries
c:\python27\python.exe -m pip install win_unicode_console colorama
π¦Short Form Long Form Description
-d --domain Domain name to enumerate subdomains of
-b --bruteforce Enable the subbrute bruteforce module
-p --ports Scan the found subdomains against specific tcp ports
-v --verbose Enable the verbose mode and display results in realtime
-t --threads Number of threads to use for subbrute bruteforce
-e --engines Specify a comma-separated list of search engines
-o --output Save the results to text file
-h --help show the help message and exit
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Fast subdomains enumeration tool for penetration testers
t.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone git clone https://github.com/aboul3la/Sublist3r.git
2) cd Sublist3r
3) Installation on Windows:
> c:\python27\python.exe -m pip install -r requirements.txt
Installation on Linux
> sudo pip install -r requirements.txt
Install for Windows:
> c:\python27\python.exe -m pip install requests
Install for Ubuntu/Debian:
> sudo apt-get install python-requests
Install for Centos/Redhat:
> sudo yum install python-requests
Install using pip on Linux :
> sudo pip install requests
π¦argparse Module
Install for Ubuntu/Debian:
> sudo apt-get install python-argparse
> Install for Centos/Redhat:
sudo yum install python-argparse
> Install using pip:
sudo pip install argparse
for coloring in windows install the following libraries
c:\python27\python.exe -m pip install win_unicode_console colorama
π¦Short Form Long Form Description
-d --domain Domain name to enumerate subdomains of
-b --bruteforce Enable the subbrute bruteforce module
-p --ports Scan the found subdomains against specific tcp ports
-v --verbose Enable the verbose mode and display results in realtime
-t --threads Number of threads to use for subbrute bruteforce
-e --engines Specify a comma-separated list of search engines
-o --output Save the results to text file
-h --help show the help message and exit
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Dangerous Vuln since few days :
"8220" mining Trojans invade the server to mine, set up a "tsunami" botnet, ready to launch DDoS attacks
twitter.com/undercodeNews
π¦ππΌπ'π πππΈβπ :
> Tencent Security Threat Intelligence Center detected the "8220" mining Trojan variant attack. The "8220" mining gang is good at exploiting WebLogic, JBoss deserialization vulnerabilities, Redis, Hadoop unauthorized access vulnerabilities and other web vulnerabilities to attack server mining. Recently, we found that the gang Trojans spreading through Apache Struts remote code execution vulnerability (CVE-2017-5638) and Tomcat weak password blasting in the attack activities have increased significantly.
> In the horizontal movement stage, the Trojan will use the Redis unauthorized vulnerability access vulnerability implemented by Python to scan about 160,000 randomly generated IPs, and use the implanted shell script hehe.sh to continue to use the machine with the public key authentication record to establish The SSH connection spreads on the intranet, and eventually a variety of Monero mining trojans and Tsunami botnet Trojans are implanted in the trapped machine. The latter is used by the gang to conduct DDoS attacks.
> The attack targets of the "8220" mining Trojan gang include Windows and Linux servers. On the FTP servers it uses, attack modules targeting different operating systems can be found. When the gang releases the mining trojan, it will check whether there are other mining trojans running on the server, and end all competing mining trojans to monopolize server resources.
> According to the similarity of codes, C2 correlation, the same Monero wallet used in mining, decryption method of configuration files, and similar FTP servers, Tencent security experts believe that the StartMiner that appeared in early 2020 is the same as the "8220" mining Trojan Gang. The gang's current version of the malicious program communicates with the C2 server no longer uses the "8220" port. According to the recently captured samples, it summarizes the file names used in its attack preferences and finds that it has a variety of scripts including VBS, PHP, Python , Powershell, Shell features combined attacks.
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Dangerous Vuln since few days :
"8220" mining Trojans invade the server to mine, set up a "tsunami" botnet, ready to launch DDoS attacks
twitter.com/undercodeNews
π¦ππΌπ'π πππΈβπ :
> Tencent Security Threat Intelligence Center detected the "8220" mining Trojan variant attack. The "8220" mining gang is good at exploiting WebLogic, JBoss deserialization vulnerabilities, Redis, Hadoop unauthorized access vulnerabilities and other web vulnerabilities to attack server mining. Recently, we found that the gang Trojans spreading through Apache Struts remote code execution vulnerability (CVE-2017-5638) and Tomcat weak password blasting in the attack activities have increased significantly.
> In the horizontal movement stage, the Trojan will use the Redis unauthorized vulnerability access vulnerability implemented by Python to scan about 160,000 randomly generated IPs, and use the implanted shell script hehe.sh to continue to use the machine with the public key authentication record to establish The SSH connection spreads on the intranet, and eventually a variety of Monero mining trojans and Tsunami botnet Trojans are implanted in the trapped machine. The latter is used by the gang to conduct DDoS attacks.
> The attack targets of the "8220" mining Trojan gang include Windows and Linux servers. On the FTP servers it uses, attack modules targeting different operating systems can be found. When the gang releases the mining trojan, it will check whether there are other mining trojans running on the server, and end all competing mining trojans to monopolize server resources.
> According to the similarity of codes, C2 correlation, the same Monero wallet used in mining, decryption method of configuration files, and similar FTP servers, Tencent security experts believe that the StartMiner that appeared in early 2020 is the same as the "8220" mining Trojan Gang. The gang's current version of the malicious program communicates with the C2 server no longer uses the "8220" port. According to the recently captured samples, it summarizes the file names used in its attack preferences and finds that it has a variety of scripts including VBS, PHP, Python , Powershell, Shell features combined attacks.
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Twitter
UNDERCODE NEWS (@UndercodeNews) | Twitter
The latest Tweets from UNDERCODE NEWS (@UndercodeNews). We provides you daily hacking News & Security Warning & Technologies news & Bugs reports & Analysis... @UndercodeNews @UndercodeUpdate @iUndercode @DailyCve. Aus/Leb
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOLUTION AGAINST THIS NEW MINING VULNERABILITY FOR LINUX :
>the solution
E nterprise operation and maintenance personnel can refer to the following methods to manually remove mining Trojans infected by Linux and Windows systems, and refer to security recommendations to improve server security.
Linux system
a. Kill process / tmp / sh, / tmp / x32b, / tmp / x64b
b. Delete Files
/ tmp / i686 (md5: D4AE941C505EE53E344FB4D4C2E102B7),
/ tmp / x86_64 (md5: 9FE932AC3055045A46D44997A4C6D481)
/ tmp / x32b (md5: EE48AA6068988649E41FEBFA0E3B2169),
/ tmp / x64b (md5: C4D44EED4916675DD408FF0B3562FB1F)
c. Delete crontab scheduled tasks containing "www.jukesxdbrxd.xyz" and "107.189.11.170"
Security recommendations:
a. Do not expose Redis to the public network if necessary. Use a strong Redis password
b. Tomcat server is configured with high-strength password authentication
c. Set ssh non-interactive login StrictHostKeyChecking = ask or StrictHostKeyChecking = yes
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOLUTION AGAINST THIS NEW MINING VULNERABILITY FOR LINUX :
>the solution
E nterprise operation and maintenance personnel can refer to the following methods to manually remove mining Trojans infected by Linux and Windows systems, and refer to security recommendations to improve server security.
Linux system
a. Kill process / tmp / sh, / tmp / x32b, / tmp / x64b
b. Delete Files
/ tmp / i686 (md5: D4AE941C505EE53E344FB4D4C2E102B7),
/ tmp / x86_64 (md5: 9FE932AC3055045A46D44997A4C6D481)
/ tmp / x32b (md5: EE48AA6068988649E41FEBFA0E3B2169),
/ tmp / x64b (md5: C4D44EED4916675DD408FF0B3562FB1F)
c. Delete crontab scheduled tasks containing "www.jukesxdbrxd.xyz" and "107.189.11.170"
Security recommendations:
a. Do not expose Redis to the public network if necessary. Use a strong Redis password
b. Tomcat server is configured with high-strength password authentication
c. Set ssh non-interactive login StrictHostKeyChecking = ask or StrictHostKeyChecking = yes
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOLUTION AGAINST THIS NEW MINING VULNERABILITY FOR windows :
Windows system
a. Kill process isassx.exe, steamhuby.exe, issaasss, isasss.exe, ready.exe, oity.exe, kkw2.exe, 12.exe, 13.exe, mess.exe
b. Delete Files:
c: \ windows \ temp \ app.vbs
c: \ windows \ temp \ apps.vbs
C: \ Windows \ Temp \ ready.exe
C: \ ProgramData \ guvpgnkpwv \ steamhuby.exe
C: \ ProgramData \ tumtkffywq \ issaasss
C: \ Windows \ temp \ 12.exe
C: \ Windows \ temp \ 12.exe
C: \ Windows \ Temp \ mess.exe
% HOMEPATH% \ why.ps1
% HOMEPATH% \ schtasks.ps1
c. Delete scheduled tasks that include "why.ps1, why2.ps1, why3.ps1, kkmswx.ps1"
Security recommendations:
Timely fix Apache Struts high-risk vulnerabilities;
The Tomcat server is configured with high-strength password authentication.
It is recommended that government agencies, large and medium-sized enterprises, and scientific research units adopt Tencent security complete solutions to comprehensively improve the security of information systems.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOLUTION AGAINST THIS NEW MINING VULNERABILITY FOR windows :
Windows system
a. Kill process isassx.exe, steamhuby.exe, issaasss, isasss.exe, ready.exe, oity.exe, kkw2.exe, 12.exe, 13.exe, mess.exe
b. Delete Files:
c: \ windows \ temp \ app.vbs
c: \ windows \ temp \ apps.vbs
C: \ Windows \ Temp \ ready.exe
C: \ ProgramData \ guvpgnkpwv \ steamhuby.exe
C: \ ProgramData \ tumtkffywq \ issaasss
C: \ Windows \ temp \ 12.exe
C: \ Windows \ temp \ 12.exe
C: \ Windows \ Temp \ mess.exe
% HOMEPATH% \ why.ps1
% HOMEPATH% \ schtasks.ps1
c. Delete scheduled tasks that include "why.ps1, why2.ps1, why3.ps1, kkmswx.ps1"
Security recommendations:
Timely fix Apache Struts high-risk vulnerabilities;
The Tomcat server is configured with high-strength password authentication.
It is recommended that government agencies, large and medium-sized enterprises, and scientific research units adopt Tencent security complete solutions to comprehensively improve the security of information systems.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Lenovo Premium Serial Keys
PF1MJJQD ? Product: S145-15IWL Laptop (ideapad)
PF0ZFNFH ? Product: X1 Carbon 5th Gen - Kabylake (Type 20HR, 20HQ) Laptop (ThinkPad)
PF1MJVUX ? Product: 330S-15IKB Laptop (ideapad)
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Lenovo Premium Serial Keys
PF1MJJQD ? Product: S145-15IWL Laptop (ideapad)
PF0ZFNFH ? Product: X1 Carbon 5th Gen - Kabylake (Type 20HR, 20HQ) Laptop (ThinkPad)
PF1MJVUX ? Product: 330S-15IKB Laptop (ideapad)
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
thwethweaung@ucsm.edu.mm:Thwe.031560
bot127@uowmail.edu.au:Brooke98958
claudia.montenegro@fup.edu.co:UNIVERSIDAD-2011123456789123456789
devoss@kilvington.vic.edu.au:sgj9d2
hjyhjony@hrbeu.edu.cn:hjy19811022
iaquishpeq@utn.edu.ec:08041995Ivandress9
bot127@uowmail.edu.au:Brooke98958
claudia.montenegro@fup.edu.co:UNIVERSIDAD-2011123456789123456789
devoss@kilvington.vic.edu.au:sgj9d2
hjyhjony@hrbeu.edu.cn:hjy19811022
iaquishpeq@utn.edu.ec:08041995Ivandress9
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP TORRENTS ?
t.me/UndercodeTesting
1) choose a torrent with high seeders
2) install qbittorent and alwys update your torrent client
3) Add an Exception to Windows Firewall
Windows Firewall can block your torrent client or you can say your incoming BitTorrent connections. So, adding an exception to the Windows firewall will be a good option to boost torrent downloading speed. First, navigate to Options> Preferences> Connections, now check the Add Windows Firewall exception box and then click Apply.
4) change torrent settings
> Options> Preferences> General then check Append .!ud to incomplete files and Pre-allocate all files. Usually, the third option is already checked but if itβs not, check that too.
5) Change the Number of Connections
Navigate to properties> Bandwidth, then set Global maximum number of connections to 150 and the maximum number of connected peer per torrent to 100. Leave the upload slot as it is.
6) Add More Trackers
Trackers are a good way to optimize the torrent download speed. Adding new and faster trackers to your existing torrents can increase the download speed by adding new seeds and peers to your connection.
7) To add new trackers, first right click on the torrent you are downloading and then select Properties. Under the General tab, you will find the trackers list
> Pick the best port for torrenting
As you might know, the BitTorrent protocol depends on the TCP protocol for transferring data over the internet. The recommended and possibly the best TCP port for torrenting is between 6881-6889. So, if youβre still wondering how to make torrent downloads faster, you can try configuring the same on your computer.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP TORRENTS ?
t.me/UndercodeTesting
1) choose a torrent with high seeders
2) install qbittorent and alwys update your torrent client
3) Add an Exception to Windows Firewall
Windows Firewall can block your torrent client or you can say your incoming BitTorrent connections. So, adding an exception to the Windows firewall will be a good option to boost torrent downloading speed. First, navigate to Options> Preferences> Connections, now check the Add Windows Firewall exception box and then click Apply.
4) change torrent settings
> Options> Preferences> General then check Append .!ud to incomplete files and Pre-allocate all files. Usually, the third option is already checked but if itβs not, check that too.
5) Change the Number of Connections
Navigate to properties> Bandwidth, then set Global maximum number of connections to 150 and the maximum number of connected peer per torrent to 100. Leave the upload slot as it is.
6) Add More Trackers
Trackers are a good way to optimize the torrent download speed. Adding new and faster trackers to your existing torrents can increase the download speed by adding new seeds and peers to your connection.
7) To add new trackers, first right click on the torrent you are downloading and then select Properties. Under the General tab, you will find the trackers list
> Pick the best port for torrenting
As you might know, the BitTorrent protocol depends on the TCP protocol for transferring data over the internet. The recommended and possibly the best TCP port for torrenting is between 6881-6889. So, if youβre still wondering how to make torrent downloads faster, you can try configuring the same on your computer.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LIST OF TORRENTS TRAckers for speed up torrents download :
https://220.162.244.175:53880/announce
https://www.ipmart-forum.com:2710/announce
https://tracker2.istole.it:60500/announce
https://tracker.deluxebits.to:3552/announce
udp://coppersurfer.tk:6969/announce
udp://tracker.prq.to/announce
udp://tracker.btzoo.eu:80/announce
https://tracker.torrentbox.com:2710/announce
https://tracker.hexagon.cc:2710/announce
https://tracker.torrent.to:2710/announce
https://axxo.sladinki007.net:6500/announce
https://www.torrent-downloads.to:2710/announce
udp://9.rarbg.com:2710/announce
https://inferno.demonoid.com:3400/announce
https://tracker.prq.to/announce
https://tracker.torrenty.org:6969/announce
https://tpb.tracker.thepiratebay.org/announce
https://t.ppnow.net:2710/announce
https://tracker.paradise-tracker.com:12000/announce
https://www.torrentvideos.com:6969/announce
https://tracker.sladinki007.net:6500/announce
https://tracker.bitebbs.com:6969/announce
udp://tracker.opentrackr.org:1337/announce
udp://tracker.openbittorrent.com:80
udp://tracker.publicbt.com:80
udp://tracker.istole.it:80
udp://tracker.btzoo.eu:80/announce
https://opensharing.org:2710/announce
udp://open.demonii.com:1337/announce
https://announce.torrentsmd.com:8080/announce.php
https://announce.torrentsmd.com:6969/announce
https://bt.careland.com.cn:6969/announce
https://i.bandito.org/announce
https://bttrack.9you.com/announce
udp://coppersurfer.tk:6969/announce
https://tracker.pubt.net:2710/announce
udp://glotorrents.pw:6969/announce
udp://tracker.pomf.se/announce
udp://9.rarbg.com:2710/announce
udp://tracker.istole.it:80/announce
udp://tracker.publicbt.com:80/announce
udp://open.demonii.com:1337/announce
udp://p4p.arenabg.ch:1337/announce
udp://tracker.openbittorrent.com:80/announce
udp://tracker4.piratux.com:6969/announce
udp://open.demonii.com:1337/announce
https://bt1.the9.com:6969/announce
https://tracker.ydy.com:102/announce
udp://tracker.blackunicorn.xyz:6969/announce
udp://inferno.demonoid.ph:3389/announce
https://eztv.sladinki007.eu:60500/announce
https://moviesb4time.biz/announce.php
https://tracker.deadfrog.us:42426/announce
https://mpggalaxy.mine.nu:6969/announce
https://www.sumotracker.org/announce
https://9.rarbg.com:2710/announce
https://mgtracker.org:2710/announce
https://announce.torrentsmd.com:6969/announce
https://bt.careland.com.cn:6969/announce
https://explodie.org:6969/announce
https://tracker1.wasabii.com.tw:6969/announce
https://tracker.best-torrents.net:6969/announce
https://tracker.tfile.me/announce
udp://tracker.publicbt.com:80/announce
https://tracker.torrenty.org:6969/announce
udp://tracker.openbittorrent.com:80/announce
udp://9.rarbg.com:2710/announce
udp://explodie.org:6969/announce
udp://coppersurfer.tk:6969/announce
udp://tracker.openbittorrent.com:80/announce
udp://11.rarbg.com:80/announce
udp://tracker.openbittorrent.com:80
udp://exodus.desync.com:6969/announce
udp://tracker.istole.it:80/announce
udp://tracker.openbittorrent.com:80/announce
https://denis.stalker.h3q.com:6969/announce
udp://9.rarbg.me:2710/announce
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LIST OF TORRENTS TRAckers for speed up torrents download :
https://220.162.244.175:53880/announce
https://www.ipmart-forum.com:2710/announce
https://tracker2.istole.it:60500/announce
https://tracker.deluxebits.to:3552/announce
udp://coppersurfer.tk:6969/announce
udp://tracker.prq.to/announce
udp://tracker.btzoo.eu:80/announce
https://tracker.torrentbox.com:2710/announce
https://tracker.hexagon.cc:2710/announce
https://tracker.torrent.to:2710/announce
https://axxo.sladinki007.net:6500/announce
https://www.torrent-downloads.to:2710/announce
udp://9.rarbg.com:2710/announce
https://inferno.demonoid.com:3400/announce
https://tracker.prq.to/announce
https://tracker.torrenty.org:6969/announce
https://tpb.tracker.thepiratebay.org/announce
https://t.ppnow.net:2710/announce
https://tracker.paradise-tracker.com:12000/announce
https://www.torrentvideos.com:6969/announce
https://tracker.sladinki007.net:6500/announce
https://tracker.bitebbs.com:6969/announce
udp://tracker.opentrackr.org:1337/announce
udp://tracker.openbittorrent.com:80
udp://tracker.publicbt.com:80
udp://tracker.istole.it:80
udp://tracker.btzoo.eu:80/announce
https://opensharing.org:2710/announce
udp://open.demonii.com:1337/announce
https://announce.torrentsmd.com:8080/announce.php
https://announce.torrentsmd.com:6969/announce
https://bt.careland.com.cn:6969/announce
https://i.bandito.org/announce
https://bttrack.9you.com/announce
udp://coppersurfer.tk:6969/announce
https://tracker.pubt.net:2710/announce
udp://glotorrents.pw:6969/announce
udp://tracker.pomf.se/announce
udp://9.rarbg.com:2710/announce
udp://tracker.istole.it:80/announce
udp://tracker.publicbt.com:80/announce
udp://open.demonii.com:1337/announce
udp://p4p.arenabg.ch:1337/announce
udp://tracker.openbittorrent.com:80/announce
udp://tracker4.piratux.com:6969/announce
udp://open.demonii.com:1337/announce
https://bt1.the9.com:6969/announce
https://tracker.ydy.com:102/announce
udp://tracker.blackunicorn.xyz:6969/announce
udp://inferno.demonoid.ph:3389/announce
https://eztv.sladinki007.eu:60500/announce
https://moviesb4time.biz/announce.php
https://tracker.deadfrog.us:42426/announce
https://mpggalaxy.mine.nu:6969/announce
https://www.sumotracker.org/announce
https://9.rarbg.com:2710/announce
https://mgtracker.org:2710/announce
https://announce.torrentsmd.com:6969/announce
https://bt.careland.com.cn:6969/announce
https://explodie.org:6969/announce
https://tracker1.wasabii.com.tw:6969/announce
https://tracker.best-torrents.net:6969/announce
https://tracker.tfile.me/announce
udp://tracker.publicbt.com:80/announce
https://tracker.torrenty.org:6969/announce
udp://tracker.openbittorrent.com:80/announce
udp://9.rarbg.com:2710/announce
udp://explodie.org:6969/announce
udp://coppersurfer.tk:6969/announce
udp://tracker.openbittorrent.com:80/announce
udp://11.rarbg.com:80/announce
udp://tracker.openbittorrent.com:80
udp://exodus.desync.com:6969/announce
udp://tracker.istole.it:80/announce
udp://tracker.openbittorrent.com:80/announce
https://denis.stalker.h3q.com:6969/announce
udp://9.rarbg.me:2710/announce
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β