He got it, he found that Bimaβs phone number is connected to his Facebook account. From here, he just holds, and does not press the Continue button. For now, he just made sure that this phone number is connected to the victimβs Facebook account, so that comes closer to his hypothesis.
What John actually did, is doing reconnaissance, or Information Gathering on the victim. From here John has enough information, and is ready to execute. But, John will meet Bima in the canteen, it is impossible for John to bring his computer, right? No problem, he has a handy solution, which is his own mobile phone. So, before he meets Bima, he repeats the STEP 1 and 2 on the Chrome browser in his Android mobile phone. It would be look like this:
What John actually did, is doing reconnaissance, or Information Gathering on the victim. From here John has enough information, and is ready to execute. But, John will meet Bima in the canteen, it is impossible for John to bring his computer, right? No problem, he has a handy solution, which is his own mobile phone. So, before he meets Bima, he repeats the STEP 1 and 2 on the Chrome browser in his Android mobile phone. It would be look like this:
STEP 3: MEET THE VICTIM
Alright, now everything is set up and ready. All John needs to do is grab Bimaβs phone, click the Continue button on his phone, read SMS inbox message sent by Facebook (the reset code) on Bimaβs phone, remember it and delete the message in a single fraction of time, quickly.
This plan sticks into his head while he is now walking to the canteen. John put his phone in his pocket. He entered the canteen area, looking for Bima. He turned his head left to right figuring out where the heck is Bima. As usual he is in the corner seat, waving his hand to John, he was ready with his meal.
Immediately John takes a small portion of meal this noon, and comes close to the table with Bima. He says hi to Bima, and then they eat together. While eating, John looks around, he notices Bimaβs phone is on the table.
After they finish lunch, they are talking about each others day. As usual, until, then, at one point John open a new topic about phones. John tells him, that John needs a new phone, and John needs his advice about which phone is suited for John. Then he asked about Bimaβs phone, he asked everything, the model, the specs, everything. And then John asks him to try his phone, John acts like he is really a customer looking for a phone. Johnβs left hand grabs his phone with his permission, while his right hand is under the table, preparing to open his own phone. John sets his attention on his left hand, his phone, John talked so much about his phone, its weight, its speed and so on.
Now, John begins the Attack with turning off Bimaβs phone ring tone volume to zero, to prevent him from recognizing if a new notification comes in. Johnβs left hand still has his attention, while his right hand is actually pressing the Continue button. As soon as John pressed the button, the message comes in.
Alright, now everything is set up and ready. All John needs to do is grab Bimaβs phone, click the Continue button on his phone, read SMS inbox message sent by Facebook (the reset code) on Bimaβs phone, remember it and delete the message in a single fraction of time, quickly.
This plan sticks into his head while he is now walking to the canteen. John put his phone in his pocket. He entered the canteen area, looking for Bima. He turned his head left to right figuring out where the heck is Bima. As usual he is in the corner seat, waving his hand to John, he was ready with his meal.
Immediately John takes a small portion of meal this noon, and comes close to the table with Bima. He says hi to Bima, and then they eat together. While eating, John looks around, he notices Bimaβs phone is on the table.
After they finish lunch, they are talking about each others day. As usual, until, then, at one point John open a new topic about phones. John tells him, that John needs a new phone, and John needs his advice about which phone is suited for John. Then he asked about Bimaβs phone, he asked everything, the model, the specs, everything. And then John asks him to try his phone, John acts like he is really a customer looking for a phone. Johnβs left hand grabs his phone with his permission, while his right hand is under the table, preparing to open his own phone. John sets his attention on his left hand, his phone, John talked so much about his phone, its weight, its speed and so on.
Now, John begins the Attack with turning off Bimaβs phone ring tone volume to zero, to prevent him from recognizing if a new notification comes in. Johnβs left hand still has his attention, while his right hand is actually pressing the Continue button. As soon as John pressed the button, the message comes in.
Ding.. No sounds. Bima has not recognized the incoming message because the monitor is facing John. John immediately opens the message, reads and remembers the 6 Digit Pin in the SMS, and then deletes it soon. Now he is done with Bimaβs phone, John gives Bimaβs phone back to him while Johnβs right hand takes his own phone out and starts typing immediately the 6 Digit Pin he just remembered.
Then John presses Continue. The new page appears, it asked whether he wants to make new password or not.
John will not change the password because he is not evil. But, he now has Bimaβs facebook account. And he has succeed with his mission.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friendsβ phone? If you correlate to the hypothesis by having your friendsβ phone you can get whatever you want, badly.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friendsβ phone? If you correlate to the hypothesis by having your friendsβ phone you can get whatever you want, badly.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some good mods apk :
> netflix mod apk
https://t.me/UnderCodeTesting/7272
> Spootify mod apk
https://apkmody.io/apps/spotify-premium-apk
> https://apkmody.io/apps/textnow-premium-mod-apk
> Textnow mod apk
https://apkmody.io/apps/textnow-premium-mod-apk
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some good mods apk :
> netflix mod apk
https://t.me/UnderCodeTesting/7272
> Spootify mod apk
https://apkmody.io/apps/spotify-premium-apk
> https://apkmody.io/apps/textnow-premium-mod-apk
> Textnow mod apk
https://apkmody.io/apps/textnow-premium-mod-apk
β β β Uππ»βΊπ«Δπ¬πβ β β β
Telegram
UNDERCODE TESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW HACK/MOD AN ANDROID APK ?
1) Any decompilation of the Android application can freely customize any unreinforced APK installation package, can modify the application icon and application name, replace any text and pictures on the interface, translate or Chinese-made multi-language version, It also supports cracking of application software through advanced SMALI code.
2) It has a large number of templates for Android applications and games to facilitate decompilation. Provide a large number of the latest and most complete applications as customized templates. You can directly download and perform reverse engineering, cracking, modification, viewing source code, viewing installation package information and other operations (partial The application cannot be reverse-engineered temporarily due to reinforcement.
3) Provide multi-channel packaging function. Use the packaged APK installation package as a template. After decompilation, dynamically modify the configuration file or the channel logo in the SMALI code to achieve batch re-multi-channel packaging. Because it is not source code level packaging, it is greatly Improve the speed and efficiency of batch packaging.
4) Providing random package name and application name packaged functionality for adult theaters, adult games, APP , they would often be mobile security software and mobile butler class reported virus software that case, you can randomly from time through this function to replace the package name and application name repackaging, Coupled with the web download program, users can download the latest installation package in real time, avoiding the situation of reporting poison .
5) View the source code of the Android application at will
After decompiling the APK installation package, the source code is obtained by de-mapping. The JAVA code obtained by decompilation is suitable for analyzing the source code and viewing the internal logic of the application. Decompilation is not allowed. The decompilation project can only be modified based on the SMALI code.
6) Built-in many Android application decompilation tools
The software also provides a large number of small tools to view the installation package information, and can view mobile phone information, real-time logs, install and manage mobile phone applications, manage mobile phone files, etc. when the mobile phone is connected to the computer. Directly customize and modify the installed applications on the phone.
π¦Decompilation process:
1) Select an apk saved on the hard disk locally to start decompiling, or you can select an application from the application template to decompile
2) Modify the application icon, application name, parameters and version number
3) Modify any picture on the application interface
4) Add or delete app permissions
5) Add language support, localize or modify any string on the interface
6) Modify the code logic, realize the cracking of members, add functions or hide functions, you need to understand the basic code knowledge of smali
7) Search and replace keywords, you can change the text in the application to your own, is it cool?
8) Add small plug-ins, add pop-up registration code, pop-up message box, etc. on any interface of any application, is it very dragging?
10) After everything is changed, pack it on your phone and see the result
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW HACK/MOD AN ANDROID APK ?
1) Any decompilation of the Android application can freely customize any unreinforced APK installation package, can modify the application icon and application name, replace any text and pictures on the interface, translate or Chinese-made multi-language version, It also supports cracking of application software through advanced SMALI code.
2) It has a large number of templates for Android applications and games to facilitate decompilation. Provide a large number of the latest and most complete applications as customized templates. You can directly download and perform reverse engineering, cracking, modification, viewing source code, viewing installation package information and other operations (partial The application cannot be reverse-engineered temporarily due to reinforcement.
3) Provide multi-channel packaging function. Use the packaged APK installation package as a template. After decompilation, dynamically modify the configuration file or the channel logo in the SMALI code to achieve batch re-multi-channel packaging. Because it is not source code level packaging, it is greatly Improve the speed and efficiency of batch packaging.
4) Providing random package name and application name packaged functionality for adult theaters, adult games, APP , they would often be mobile security software and mobile butler class reported virus software that case, you can randomly from time through this function to replace the package name and application name repackaging, Coupled with the web download program, users can download the latest installation package in real time, avoiding the situation of reporting poison .
5) View the source code of the Android application at will
After decompiling the APK installation package, the source code is obtained by de-mapping. The JAVA code obtained by decompilation is suitable for analyzing the source code and viewing the internal logic of the application. Decompilation is not allowed. The decompilation project can only be modified based on the SMALI code.
6) Built-in many Android application decompilation tools
The software also provides a large number of small tools to view the installation package information, and can view mobile phone information, real-time logs, install and manage mobile phone applications, manage mobile phone files, etc. when the mobile phone is connected to the computer. Directly customize and modify the installed applications on the phone.
π¦Decompilation process:
1) Select an apk saved on the hard disk locally to start decompiling, or you can select an application from the application template to decompile
2) Modify the application icon, application name, parameters and version number
3) Modify any picture on the application interface
4) Add or delete app permissions
5) Add language support, localize or modify any string on the interface
6) Modify the code logic, realize the cracking of members, add functions or hide functions, you need to understand the basic code knowledge of smali
7) Search and replace keywords, you can change the text in the application to your own, is it cool?
8) Add small plug-ins, add pop-up registration code, pop-up message box, etc. on any interface of any application, is it very dragging?
10) After everything is changed, pack it on your phone and see the result
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Follow Undercode Testing on :
> Twitter
> Twitter
> instagram
> Facebook
> Pinterest
> Linkedln
> Youtube
> Telegram
> Linkedln
> Youtube
> Telegram
Twitter
UNDERCODE TESTING {TRAINING} (@UndercodeTrain) | Twitter
The latest Tweets from UNDERCODE TESTING {TRAINING} (@UndercodeTrain). Expert Hacking | Training | Security | Hosting & much more ... @UndercodeNews @UndercodeTrain @iUndercode @DailyCve. Lebanon
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The blackmailer virus VirLocker strikes again? How to prevent VirLocker virus (with recovery guide included)
#FastTips
1) VirLocker's polymorphic function
VirLocker's changeable capabilities make everyone a headache, researchers, victims, security companies, etc. Every time VirLocker adds itself to a file, in fact the file is different from other versions of itself in many ways. VirLocker can add "pseudo-code" to some parts of itself to make the files different. It can use different APIs in the main loader of the malware to avoid partial fingerprint recognition. It can use different XOR and ROL seeds to make the files available. The encrypted content of the executable file is completely different and so on. This level of polymorphism makes it very difficult to handle.Even when the decompression stub in each file is different, it is usually used to identify each variant, it only leaves behavior and heuristics as a feasible detection method.
2) if the payload stub can be different in each creation request, and the encryption code is always seeded differently, the embedded original file will of course always be different. It depends on the file it attacks, and the resource is just a small icon of the original file it attacks. This leaves very little suitable for testing.
3) The execution of VirLocker is by no means simple. Compared with the blackmailer virus scenario that we have seen in a single case, it truly reflects multiple types of protection. When the infection is executed, the FUD wrapper (which can be polymorphic in some respects itself) unpacks the first decryption function mixed with Base64 and XOR and is always seeded differently. This new decryption function then decrypts another new decryption function mixed with XOR/ROL and is always seeded differently.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The blackmailer virus VirLocker strikes again? How to prevent VirLocker virus (with recovery guide included)
#FastTips
1) VirLocker's polymorphic function
VirLocker's changeable capabilities make everyone a headache, researchers, victims, security companies, etc. Every time VirLocker adds itself to a file, in fact the file is different from other versions of itself in many ways. VirLocker can add "pseudo-code" to some parts of itself to make the files different. It can use different APIs in the main loader of the malware to avoid partial fingerprint recognition. It can use different XOR and ROL seeds to make the files available. The encrypted content of the executable file is completely different and so on. This level of polymorphism makes it very difficult to handle.Even when the decompression stub in each file is different, it is usually used to identify each variant, it only leaves behavior and heuristics as a feasible detection method.
2) if the payload stub can be different in each creation request, and the encryption code is always seeded differently, the embedded original file will of course always be different. It depends on the file it attacks, and the resource is just a small icon of the original file it attacks. This leaves very little suitable for testing.
3) The execution of VirLocker is by no means simple. Compared with the blackmailer virus scenario that we have seen in a single case, it truly reflects multiple types of protection. When the infection is executed, the FUD wrapper (which can be polymorphic in some respects itself) unpacks the first decryption function mixed with Base64 and XOR and is always seeded differently. This new decryption function then decrypts another new decryption function mixed with XOR/ROL and is always seeded differently.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recently we post some large wordlists but anyway this so helpful for you :
wordlistctl: large database of dictionaries [Dictionary Collection]
wordlistctl is a program that contains a large database of dictionaries :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
wordlistctl is created by blackarch.org developers, web site: https://github.com/BlackArch/wordlistctl
How to install wordlistctl
Installing wordlistctl on Kali Linux:
1) sudo apt install python3-pip python3-libtorrent python3-coloredlogs
2) git clone https://github.com/BlackArch/wordlistctl
3) cd wordlistctl
4) Open the requirements.txt file
5) gedit requirements.txt
And remove the line from there
> libtorrent
Then continue:
6) sudo pip3 install -r requirements.txt
7) python3 ./wordlistctl.py
8) In BlackArch, this program is in the standard repository β install directly from there.
> sudo pacman -S wordlistctl
9) How to use wordlistctl
10) All dictionaries are divided into 5 categories:
username
password
hostname
filename
misc = other
11) To show all dictionaries, for example, in the password category:
> wordlistctl -F password
With the -S option, you can search by dictionary names, for example, search for βRU..
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recently we post some large wordlists but anyway this so helpful for you :
wordlistctl: large database of dictionaries [Dictionary Collection]
wordlistctl is a program that contains a large database of dictionaries :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
wordlistctl is created by blackarch.org developers, web site: https://github.com/BlackArch/wordlistctl
How to install wordlistctl
Installing wordlistctl on Kali Linux:
1) sudo apt install python3-pip python3-libtorrent python3-coloredlogs
2) git clone https://github.com/BlackArch/wordlistctl
3) cd wordlistctl
4) Open the requirements.txt file
5) gedit requirements.txt
And remove the line from there
> libtorrent
Then continue:
6) sudo pip3 install -r requirements.txt
7) python3 ./wordlistctl.py
8) In BlackArch, this program is in the standard repository β install directly from there.
> sudo pacman -S wordlistctl
9) How to use wordlistctl
10) All dictionaries are divided into 5 categories:
username
password
hostname
filename
misc = other
11) To show all dictionaries, for example, in the password category:
> wordlistctl -F password
With the -S option, you can search by dictionary names, for example, search for βRU..
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - BlackArch/wordlistctl: Fetch, install and search wordlist archives from websites and torrent peers.
Fetch, install and search wordlist archives from websites and torrent peers. - BlackArch/wordlistctl
RDP Pivoting with Metasploit .pdf
1.4 MB
RDP HACKING FULL WITH PICTURES
E N J O Y β€οΈππ»
E N J O Y β€οΈππ»