π¦For this example, we use mobile broadband connection details. Write down the IP address. Note: In order to make this example more effective, you must use a LAN network. Switch to the computer to be used to attack and open a command prompt
us to use the unlimited data package 65500 ping victim computer
, enter the following command
1) ping 10.128.131.108 -t | 65500
here,
2) "Ping" sends the packet to the victim
3) "10.128.131.108" is the victim's IP address
4) "-T" indicates that the packet should be sent before the program stops
5) "-L" specifies the data payload to be sent to the victim
You will get a result similar to the one shown below
us to use the unlimited data package 65500 ping victim computer
, enter the following command
1) ping 10.128.131.108 -t | 65500
here,
2) "Ping" sends the packet to the victim
3) "10.128.131.108" is the victim's IP address
4) "-T" indicates that the packet should be sent before the program stops
5) "-L" specifies the data payload to be sent to the victim
You will get a result similar to the one shown below
π¦Flooding the target computer with packets does not have much impact on the victim. To make the attack more effective, you should use ping from multiple computers to attack the target computer.
1) The above attacks can be used to attack routers, web servers, etc.
2) If you want to view the impact of the attack on the target computer, you can open the task manager and view the network activity.
3) Right click on the taskbar
4) Select Start Task Manager
5) Click the Network tab
6) You will get results similar to the following
1) The above attacks can be used to attack routers, web servers, etc.
2) If you want to view the impact of the attack on the target computer, you can open the task manager and view the network activity.
3) Right click on the taskbar
4) Select Start Task Manager
5) Click the Network tab
6) You will get results similar to the following
π¦1) The purpose of denial of service attacks is to deny legitimate users access to resources such as networks and servers.
2) There are two types of attacks, denial of service and distributed denial of service.
3) You can use SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow to perform a denial of service attack
4) Operating system, router configuration, firewall and intrusion detection system security patches can be used to prevent denial of service attacks.
written @Undercoder
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
2) There are two types of attacks, denial of service and distributed denial of service.
3) You can use SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow to perform a denial of service attack
4) Operating system, router configuration, firewall and intrusion detection system security patches can be used to prevent denial of service attacks.
written @Undercoder
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦x900 Hulu Premium Accounts :
pastebin.com/h1eXJqVY
> non cracked by us
> send screanshoats @Undercode_bot after login
> total verified accounts X 700
pastebin.com/h1eXJqVY
> non cracked by us
> send screanshoats @Undercode_bot after login
> total verified accounts X 700
Pastebin
HULU PREMIUM X 900 - Pastebin.com
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Efficient configuration of Linux proxy server-Squid :
A) proxy services
1) agency services refers to other hosts on by a machine with standard IP address instead of the IP address is no standard number of machines and the Internet dealing with the provision of agency services this machine called proxy server.
2) When a machine with an internal address wants to connect to the Internet, it first sends the request to a proxy server with a standard IP address, and the proxy server sends the request to the destination address of the request through its standard IP address.
3) Then the server at the target address sends the returned result back to the proxy server, and the proxy server sends the data to the internal host intact. Several machines with internal addresses form an internal network. The role of the proxy server is to communicate the internal network and the Internet and solve the problem of the internal network accessing the Internet.
4) This kind of proxy is irreversible. Hosts on the Internet cannot access any machine with an internal address, which can ensure the security of internal data.
5) An advantage of the agent software is that it can inspect many things other than data packets. Squid checks the payload of the data packet, that is, the portion of the TCP (or UDP) portion of the data packet that traverses the firewall. Based on the information in the packet header (the IP part of the packet) and the packet payload (TCP part), the proxy firewall can decide where the packet will be sent, what the packet requests, and what must be provided based on the packet Information determines what action to take.
6) For Web users, Squid is a high-performance proxy cache server, which can speed up the speed of intranet browsing the Internet and improve the hit rate of client access. Squid not only supports the HTTP protocol, but also supports protocols such as FTP, gopher, SSL, and WAIS. Unlike common proxy caching software, Squid uses a single, non-modular, I / O-driven process to handle all client requests.
7) Squid caches data elements in memory and caches DNS search results. In addition, it also supports non-modular DNS queries to passively cache failed requests. Squid supports SSL and access control. Because of the use of ICP, Squid can implement overlapping proxy arrays, thereby maximizing bandwidth savings.
Squid is composed of a main service program Squid, a DNS query program dnsserver, several rewriting requests and performing authentication procedures, and several management tools. When Squid is started, it can spawn a specified number of dnsserver processes, and each dnsserver process can perform a separate DNS query, which greatly reduces the time the server waits for DNS queries.
8) Another advantage of Squid is that it uses access control lists (ACL) and access permission lists (ARL). Access control lists and access permission lists reduce potential Internet illegal connections by blocking specific network connections. These lists can be used to ensure that hosts on the intranet cannot access threatening or inappropriate sites
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Efficient configuration of Linux proxy server-Squid :
A) proxy services
1) agency services refers to other hosts on by a machine with standard IP address instead of the IP address is no standard number of machines and the Internet dealing with the provision of agency services this machine called proxy server.
2) When a machine with an internal address wants to connect to the Internet, it first sends the request to a proxy server with a standard IP address, and the proxy server sends the request to the destination address of the request through its standard IP address.
3) Then the server at the target address sends the returned result back to the proxy server, and the proxy server sends the data to the internal host intact. Several machines with internal addresses form an internal network. The role of the proxy server is to communicate the internal network and the Internet and solve the problem of the internal network accessing the Internet.
4) This kind of proxy is irreversible. Hosts on the Internet cannot access any machine with an internal address, which can ensure the security of internal data.
5) An advantage of the agent software is that it can inspect many things other than data packets. Squid checks the payload of the data packet, that is, the portion of the TCP (or UDP) portion of the data packet that traverses the firewall. Based on the information in the packet header (the IP part of the packet) and the packet payload (TCP part), the proxy firewall can decide where the packet will be sent, what the packet requests, and what must be provided based on the packet Information determines what action to take.
6) For Web users, Squid is a high-performance proxy cache server, which can speed up the speed of intranet browsing the Internet and improve the hit rate of client access. Squid not only supports the HTTP protocol, but also supports protocols such as FTP, gopher, SSL, and WAIS. Unlike common proxy caching software, Squid uses a single, non-modular, I / O-driven process to handle all client requests.
7) Squid caches data elements in memory and caches DNS search results. In addition, it also supports non-modular DNS queries to passively cache failed requests. Squid supports SSL and access control. Because of the use of ICP, Squid can implement overlapping proxy arrays, thereby maximizing bandwidth savings.
Squid is composed of a main service program Squid, a DNS query program dnsserver, several rewriting requests and performing authentication procedures, and several management tools. When Squid is started, it can spawn a specified number of dnsserver processes, and each dnsserver process can perform a separate DNS query, which greatly reduces the time the server waits for DNS queries.
8) Another advantage of Squid is that it uses access control lists (ACL) and access permission lists (ARL). Access control lists and access permission lists reduce potential Internet illegal connections by blocking specific network connections. These lists can be used to ensure that hosts on the intranet cannot access threatening or inappropriate sites
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from iUNDERCODE - iOs JAILBREAK & MODS
π¦MICROSOFT OFFICE FOR MAC OFFICIAL MICROSOFT DOWNLOAD SITE
> link revoqued in 24 h
> https://officecdn.microsoft.com/pr/C1297A47-86C4-4C1F-97FA-950631F94777/MacAutoupdate/Microsoft_Office_16.31.19111002_Installer.pkg
> link revoqued in 24 h
> https://officecdn.microsoft.com/pr/C1297A47-86C4-4C1F-97FA-950631F94777/MacAutoupdate/Microsoft_Office_16.31.19111002_Installer.pkg
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦There are two ways to
compile and install the Squid
squid software package: one is the rpm package used by RedHat, and the other is the source code package.
π¦Installation of rpm package:
1. Enter / mnt / cdrom / RedHat / RPMS.
2. Run rpm -ivh squid-2.2.STABLE4-8.I386.rpm.
Installation of source code package:
1. Download squid-2.2.STABLE4-src.tar.gz from http://www.squid-cache.org.
2. Copy the file to the / usr / local directory.
3. Unzip the file tar xvzf squid-2.2.STABLE4-src.tar.gz, generate a new directory squid-2.2.STABLE4 in the / usr / local directory, in order to facilitate the use of mv squid-2.2.STABLE4 squid rename the directory squid. .
4. Enter the Squid directory.
5. Execute ./configure, you can use ./configure -prefix = / directory / you / want to specify the installation directory. The system default installation directory is / usr / local / squid.
6. Run make all.
7. Run make install.
8. After the installation is complete, the Squid executable file is in the bin subdirectory of the installation directory, and the configuration file is in the etc subdirectory.
Configure the squid
configuration file squid.conf
Squid has a main configuration file squid.conf, located in the / etc / squid directory, users only need to modify the configuration file.
π¦only -|anonymous hackers do this xd :)
WRITTEN BY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦There are two ways to
compile and install the Squid
squid software package: one is the rpm package used by RedHat, and the other is the source code package.
π¦Installation of rpm package:
1. Enter / mnt / cdrom / RedHat / RPMS.
2. Run rpm -ivh squid-2.2.STABLE4-8.I386.rpm.
Installation of source code package:
1. Download squid-2.2.STABLE4-src.tar.gz from http://www.squid-cache.org.
2. Copy the file to the / usr / local directory.
3. Unzip the file tar xvzf squid-2.2.STABLE4-src.tar.gz, generate a new directory squid-2.2.STABLE4 in the / usr / local directory, in order to facilitate the use of mv squid-2.2.STABLE4 squid rename the directory squid. .
4. Enter the Squid directory.
5. Execute ./configure, you can use ./configure -prefix = / directory / you / want to specify the installation directory. The system default installation directory is / usr / local / squid.
6. Run make all.
7. Run make install.
8. After the installation is complete, the Squid executable file is in the bin subdirectory of the installation directory, and the configuration file is in the etc subdirectory.
Configure the squid
configuration file squid.conf
Squid has a main configuration file squid.conf, located in the / etc / squid directory, users only need to modify the configuration file.
π¦only -|anonymous hackers do this xd :)
WRITTEN BY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MORE FOR squid
The squid.conf configuration file is divided into 13 parts, namely:
1. NETWORK OPTIONS (related network options)
2οΌOPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM (relevant options for the neighbor selection algorithm)
3. OPTIONS WHICH AFFECT THE CACHE SIZE (define cache size option)
4οΌLOGFILE PATHNAMES AND CACHE DIRECTORIES (define the log file path and cache directory)
5οΌOPTIONS FOR EXTERNAL SUPPORT PROGRAMS (external support program options)
6οΌOPTIONS FOE TUNING THE CACHE (Adjust cache option)
7. TIMEOUTS (Timeout)
8. ACCESS CONTROLS (Access Control)
9οΌADMINISTRATIVE PARAMETERS (Management parameters)
10. OPTIONS FOR THE CACHE REGISTRATION SERVICE (cache
registration service option)
11. HTTPD-ACCELERATOE OPTIONS (HTTPD acceleration option)
12. MISCELLANEOUS (Miscellaneous)
13. DELAY POOL PARAMETERS (delay pool options)
WRITTEN BY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MORE FOR squid
The squid.conf configuration file is divided into 13 parts, namely:
1. NETWORK OPTIONS (related network options)
2οΌOPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM (relevant options for the neighbor selection algorithm)
3. OPTIONS WHICH AFFECT THE CACHE SIZE (define cache size option)
4οΌLOGFILE PATHNAMES AND CACHE DIRECTORIES (define the log file path and cache directory)
5οΌOPTIONS FOR EXTERNAL SUPPORT PROGRAMS (external support program options)
6οΌOPTIONS FOE TUNING THE CACHE (Adjust cache option)
7. TIMEOUTS (Timeout)
8. ACCESS CONTROLS (Access Control)
9οΌADMINISTRATIVE PARAMETERS (Management parameters)
10. OPTIONS FOR THE CACHE REGISTRATION SERVICE (cache
registration service option)
11. HTTPD-ACCELERATOE OPTIONS (HTTPD acceleration option)
12. MISCELLANEOUS (Miscellaneous)
13. DELAY POOL PARAMETERS (delay pool options)
WRITTEN BY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
For Any Suggessions or any Missed Tutorials,... leave a message @UndercodePosts
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Researchers detect StrandHogg 2.0 vulnerability in low version systems such as Android 9.0 β οΈ
1) Promon researchers have just exposed a StrandHogg 2.0 privilege escalation vulnerability that affects low-level systems such as Android 9.0. If it is used by a hacker, all users' applications will be tainted by it. Promon notified Google of the CVE-2020-0096 security vulnerability, and the search giant has been downgraded to "critical". Fortunately, the vulnerability has not been widely exploited in the wild. But after today βs disclosure, tens of millions of Android device users will become more vulnerable.
2) The Promon announcement pointed out that the vulnerability allowed malicious applications to obtain an assumed legal identity while completely hiding themselves.
3) Once a malicious application is installed on the device, users can be infected with personal data such as text messages, photos, login credentials, tracking GPS movements, call logs, and listening to users through cameras and microphones.
π¦Promon said that Google had received the vulnerability disclosure notice on December 4, 2019, which means that the search giant has five months to fix the vulnerability before it is exposed to the public
4) It should be noted that StrandHogg 2.0 is more complex than the first-generation vulnerabilities, making it difficult to be detected by anti-virus and security scanners.
5) End users need to be careful not to install Android apps from untrusted sources that are never known, so as not to be affected by such malicious attacks.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Researchers detect StrandHogg 2.0 vulnerability in low version systems such as Android 9.0 β οΈ
1) Promon researchers have just exposed a StrandHogg 2.0 privilege escalation vulnerability that affects low-level systems such as Android 9.0. If it is used by a hacker, all users' applications will be tainted by it. Promon notified Google of the CVE-2020-0096 security vulnerability, and the search giant has been downgraded to "critical". Fortunately, the vulnerability has not been widely exploited in the wild. But after today βs disclosure, tens of millions of Android device users will become more vulnerable.
2) The Promon announcement pointed out that the vulnerability allowed malicious applications to obtain an assumed legal identity while completely hiding themselves.
3) Once a malicious application is installed on the device, users can be infected with personal data such as text messages, photos, login credentials, tracking GPS movements, call logs, and listening to users through cameras and microphones.
π¦Promon said that Google had received the vulnerability disclosure notice on December 4, 2019, which means that the search giant has five months to fix the vulnerability before it is exposed to the public
4) It should be noted that StrandHogg 2.0 is more complex than the first-generation vulnerabilities, making it difficult to be detected by anti-virus and security scanners.
5) End users need to be careful not to install Android apps from untrusted sources that are never known, so as not to be affected by such malicious attacks.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ WIth this android 9.0 bug-andd many others cve
> we already tracked many -|anonymous hackers π
> we already tracked many -|anonymous hackers π
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Domain information mining architecture based on graph embedding
1) Based on massive security big data, undercode has in-depth research in knowledge graph, graph calculation and other aspects. In the application of graph neural network, the embedding and determination of domain name nodes based on multiple types of graph structures are realized.
2) The following figure is the main structure currently embedded in the domain name intelligence map. First of all, according to the relationship between the domain name and other entities, construct a homogenous relationship diagram of the domain name, then train the graph embedding representation of the domain name based on the graph embedding technology, and finally, according to the specific needs, combine other dimensions of data to achieve the corresponding tasks.
3) The embedding implementation of the homogeneous domain name map based on the sample download relationship is described in detail below :
π¦Domain information mining architecture based on graph embedding
1) Based on massive security big data, undercode has in-depth research in knowledge graph, graph calculation and other aspects. In the application of graph neural network, the embedding and determination of domain name nodes based on multiple types of graph structures are realized.
2) The following figure is the main structure currently embedded in the domain name intelligence map. First of all, according to the relationship between the domain name and other entities, construct a homogenous relationship diagram of the domain name, then train the graph embedding representation of the domain name based on the graph embedding technology, and finally, according to the specific needs, combine other dimensions of data to achieve the corresponding tasks.
3) The embedding implementation of the homogeneous domain name map based on the sample download relationship is described in detail below :
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Squid's configuration file is very large, but users can modify the corresponding options according to their actual situation, do not need to configure all options. Here are a few commonly used options.
1. http-port
defines the port where Squid listens for HTTP client connection requests. The default is 3128, or 80 if HTTPD acceleration mode is used. You can specify multiple ports, but all specified ports must be on one command line.
2. cachemem
specifies the ideal memory value that Squid can use. It is recommended to be set to 1/3 of the memory.
3. cachedir Directory-Name Mbytes Level1 Level2
specifies the size and directory structure of the swap space that Squid uses to store objects. You can use the following formula to estimate the number of subdirectories required by the system.
Known quantity:
DS = total available swap space (in KB) / number of swap spaces
OS = average size of each object = 20k
NO = average number of objects stored in each secondary subdirectory = 256
unknown amount:
4.
Objects with maximumobjectsize greater than this value will not be stored. If you want to increase access speed, reduce this value; if you want to maximize bandwidth savings and reduce costs, increase this value.
5. dnsnameservers
defines the name servers used by Squid for domain name resolution.
6. ACL
defines the access control list. The definition syntax is:
acl aclname acltype string ...
acl aclname acltype "file" ...
7οΌhttpaccess
allows or prohibits certain types of users to access based on an access control list.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Squid's configuration file is very large, but users can modify the corresponding options according to their actual situation, do not need to configure all options. Here are a few commonly used options.
1. http-port
defines the port where Squid listens for HTTP client connection requests. The default is 3128, or 80 if HTTPD acceleration mode is used. You can specify multiple ports, but all specified ports must be on one command line.
2. cachemem
specifies the ideal memory value that Squid can use. It is recommended to be set to 1/3 of the memory.
3. cachedir Directory-Name Mbytes Level1 Level2
specifies the size and directory structure of the swap space that Squid uses to store objects. You can use the following formula to estimate the number of subdirectories required by the system.
Known quantity:
DS = total available swap space (in KB) / number of swap spaces
OS = average size of each object = 20k
NO = average number of objects stored in each secondary subdirectory = 256
unknown amount:
4.
Objects with maximumobjectsize greater than this value will not be stored. If you want to increase access speed, reduce this value; if you want to maximize bandwidth savings and reduce costs, increase this value.
5. dnsnameservers
defines the name servers used by Squid for domain name resolution.
6. ACL
defines the access control list. The definition syntax is:
acl aclname acltype string ...
acl aclname acltype "file" ...
7οΌhttpaccess
allows or prohibits certain types of users to access based on an access control list.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Anonymous browsers 2020 list :
https://www.torproject.org/
https://u.is/en/download.html
www.waterfox.net
https://www.srware.net/iron/
https://www.comodo.com/home/browsers-toolbars/
https://brave.com/
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Anonymous browsers 2020 list :
https://www.torproject.org/
https://u.is/en/download.html
www.waterfox.net
https://www.srware.net/iron/
https://www.comodo.com/home/browsers-toolbars/
https://brave.com/
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦D-TECT - Pentesting the Modern Web
> linux
π¦Features:
Sub-domain Scanning
Port Scanning
Wordpress Scanning
Wordpress Username Enumeration
Wordpress Backup Grabbing
Sensitive File Detection
Same-Site Scripting Scanning
Click Jacking Detection
Powerful XSS vulnerability scanning
SQL Injection vulnerability scanning
User-Friendly UI
π¦πβπππΈπππππΈπππβ & βπβ :
git clone https://github.com/bibortone/D-Tech.git
cd D-Tech
python d-tect.py
β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦D-TECT - Pentesting the Modern Web
> linux
π¦Features:
Sub-domain Scanning
Port Scanning
Wordpress Scanning
Wordpress Username Enumeration
Wordpress Backup Grabbing
Sensitive File Detection
Same-Site Scripting Scanning
Click Jacking Detection
Powerful XSS vulnerability scanning
SQL Injection vulnerability scanning
User-Friendly UI
π¦πβπππΈπππππΈπππβ & βπβ :
git clone https://github.com/bibortone/D-Tech.git
cd D-Tech
python d-tect.py
β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β