Ding.. No sounds. Bima has not recognized the incoming message because the monitor is facing John. John immediately opens the message, reads and remembers the 6 Digit Pin in the SMS, and then deletes it soon. Now he is done with Bimaβs phone, John gives Bimaβs phone back to him while Johnβs right hand takes his own phone out and starts typing immediately the 6 Digit Pin he just remembered.
Then John presses Continue. The new page appears, it asked whether he wants to make new password or not.
John will not change the password because he is not evil. But, he now has Bimaβs facebook account. And he has succeed with his mission.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friendsβ phone? If you correlate to the hypothesis by having your friendsβ phone you can get whatever you want, badly.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friendsβ phone? If you correlate to the hypothesis by having your friendsβ phone you can get whatever you want, badly.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some good mods apk :
> netflix mod apk
https://t.me/UnderCodeTesting/7272
> Spootify mod apk
https://apkmody.io/apps/spotify-premium-apk
> https://apkmody.io/apps/textnow-premium-mod-apk
> Textnow mod apk
https://apkmody.io/apps/textnow-premium-mod-apk
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some good mods apk :
> netflix mod apk
https://t.me/UnderCodeTesting/7272
> Spootify mod apk
https://apkmody.io/apps/spotify-premium-apk
> https://apkmody.io/apps/textnow-premium-mod-apk
> Textnow mod apk
https://apkmody.io/apps/textnow-premium-mod-apk
β β β Uππ»βΊπ«Δπ¬πβ β β β
Telegram
UNDERCODE TESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW HACK/MOD AN ANDROID APK ?
1) Any decompilation of the Android application can freely customize any unreinforced APK installation package, can modify the application icon and application name, replace any text and pictures on the interface, translate or Chinese-made multi-language version, It also supports cracking of application software through advanced SMALI code.
2) It has a large number of templates for Android applications and games to facilitate decompilation. Provide a large number of the latest and most complete applications as customized templates. You can directly download and perform reverse engineering, cracking, modification, viewing source code, viewing installation package information and other operations (partial The application cannot be reverse-engineered temporarily due to reinforcement.
3) Provide multi-channel packaging function. Use the packaged APK installation package as a template. After decompilation, dynamically modify the configuration file or the channel logo in the SMALI code to achieve batch re-multi-channel packaging. Because it is not source code level packaging, it is greatly Improve the speed and efficiency of batch packaging.
4) Providing random package name and application name packaged functionality for adult theaters, adult games, APP , they would often be mobile security software and mobile butler class reported virus software that case, you can randomly from time through this function to replace the package name and application name repackaging, Coupled with the web download program, users can download the latest installation package in real time, avoiding the situation of reporting poison .
5) View the source code of the Android application at will
After decompiling the APK installation package, the source code is obtained by de-mapping. The JAVA code obtained by decompilation is suitable for analyzing the source code and viewing the internal logic of the application. Decompilation is not allowed. The decompilation project can only be modified based on the SMALI code.
6) Built-in many Android application decompilation tools
The software also provides a large number of small tools to view the installation package information, and can view mobile phone information, real-time logs, install and manage mobile phone applications, manage mobile phone files, etc. when the mobile phone is connected to the computer. Directly customize and modify the installed applications on the phone.
π¦Decompilation process:
1) Select an apk saved on the hard disk locally to start decompiling, or you can select an application from the application template to decompile
2) Modify the application icon, application name, parameters and version number
3) Modify any picture on the application interface
4) Add or delete app permissions
5) Add language support, localize or modify any string on the interface
6) Modify the code logic, realize the cracking of members, add functions or hide functions, you need to understand the basic code knowledge of smali
7) Search and replace keywords, you can change the text in the application to your own, is it cool?
8) Add small plug-ins, add pop-up registration code, pop-up message box, etc. on any interface of any application, is it very dragging?
10) After everything is changed, pack it on your phone and see the result
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW HACK/MOD AN ANDROID APK ?
1) Any decompilation of the Android application can freely customize any unreinforced APK installation package, can modify the application icon and application name, replace any text and pictures on the interface, translate or Chinese-made multi-language version, It also supports cracking of application software through advanced SMALI code.
2) It has a large number of templates for Android applications and games to facilitate decompilation. Provide a large number of the latest and most complete applications as customized templates. You can directly download and perform reverse engineering, cracking, modification, viewing source code, viewing installation package information and other operations (partial The application cannot be reverse-engineered temporarily due to reinforcement.
3) Provide multi-channel packaging function. Use the packaged APK installation package as a template. After decompilation, dynamically modify the configuration file or the channel logo in the SMALI code to achieve batch re-multi-channel packaging. Because it is not source code level packaging, it is greatly Improve the speed and efficiency of batch packaging.
4) Providing random package name and application name packaged functionality for adult theaters, adult games, APP , they would often be mobile security software and mobile butler class reported virus software that case, you can randomly from time through this function to replace the package name and application name repackaging, Coupled with the web download program, users can download the latest installation package in real time, avoiding the situation of reporting poison .
5) View the source code of the Android application at will
After decompiling the APK installation package, the source code is obtained by de-mapping. The JAVA code obtained by decompilation is suitable for analyzing the source code and viewing the internal logic of the application. Decompilation is not allowed. The decompilation project can only be modified based on the SMALI code.
6) Built-in many Android application decompilation tools
The software also provides a large number of small tools to view the installation package information, and can view mobile phone information, real-time logs, install and manage mobile phone applications, manage mobile phone files, etc. when the mobile phone is connected to the computer. Directly customize and modify the installed applications on the phone.
π¦Decompilation process:
1) Select an apk saved on the hard disk locally to start decompiling, or you can select an application from the application template to decompile
2) Modify the application icon, application name, parameters and version number
3) Modify any picture on the application interface
4) Add or delete app permissions
5) Add language support, localize or modify any string on the interface
6) Modify the code logic, realize the cracking of members, add functions or hide functions, you need to understand the basic code knowledge of smali
7) Search and replace keywords, you can change the text in the application to your own, is it cool?
8) Add small plug-ins, add pop-up registration code, pop-up message box, etc. on any interface of any application, is it very dragging?
10) After everything is changed, pack it on your phone and see the result
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Follow Undercode Testing on :
> Twitter
> Twitter
> instagram
> Facebook
> Pinterest
> Linkedln
> Youtube
> Telegram
> Linkedln
> Youtube
> Telegram
Twitter
UNDERCODE TESTING {TRAINING} (@UndercodeTrain) | Twitter
The latest Tweets from UNDERCODE TESTING {TRAINING} (@UndercodeTrain). Expert Hacking | Training | Security | Hosting & much more ... @UndercodeNews @UndercodeTrain @iUndercode @DailyCve. Lebanon
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The blackmailer virus VirLocker strikes again? How to prevent VirLocker virus (with recovery guide included)
#FastTips
1) VirLocker's polymorphic function
VirLocker's changeable capabilities make everyone a headache, researchers, victims, security companies, etc. Every time VirLocker adds itself to a file, in fact the file is different from other versions of itself in many ways. VirLocker can add "pseudo-code" to some parts of itself to make the files different. It can use different APIs in the main loader of the malware to avoid partial fingerprint recognition. It can use different XOR and ROL seeds to make the files available. The encrypted content of the executable file is completely different and so on. This level of polymorphism makes it very difficult to handle.Even when the decompression stub in each file is different, it is usually used to identify each variant, it only leaves behavior and heuristics as a feasible detection method.
2) if the payload stub can be different in each creation request, and the encryption code is always seeded differently, the embedded original file will of course always be different. It depends on the file it attacks, and the resource is just a small icon of the original file it attacks. This leaves very little suitable for testing.
3) The execution of VirLocker is by no means simple. Compared with the blackmailer virus scenario that we have seen in a single case, it truly reflects multiple types of protection. When the infection is executed, the FUD wrapper (which can be polymorphic in some respects itself) unpacks the first decryption function mixed with Base64 and XOR and is always seeded differently. This new decryption function then decrypts another new decryption function mixed with XOR/ROL and is always seeded differently.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The blackmailer virus VirLocker strikes again? How to prevent VirLocker virus (with recovery guide included)
#FastTips
1) VirLocker's polymorphic function
VirLocker's changeable capabilities make everyone a headache, researchers, victims, security companies, etc. Every time VirLocker adds itself to a file, in fact the file is different from other versions of itself in many ways. VirLocker can add "pseudo-code" to some parts of itself to make the files different. It can use different APIs in the main loader of the malware to avoid partial fingerprint recognition. It can use different XOR and ROL seeds to make the files available. The encrypted content of the executable file is completely different and so on. This level of polymorphism makes it very difficult to handle.Even when the decompression stub in each file is different, it is usually used to identify each variant, it only leaves behavior and heuristics as a feasible detection method.
2) if the payload stub can be different in each creation request, and the encryption code is always seeded differently, the embedded original file will of course always be different. It depends on the file it attacks, and the resource is just a small icon of the original file it attacks. This leaves very little suitable for testing.
3) The execution of VirLocker is by no means simple. Compared with the blackmailer virus scenario that we have seen in a single case, it truly reflects multiple types of protection. When the infection is executed, the FUD wrapper (which can be polymorphic in some respects itself) unpacks the first decryption function mixed with Base64 and XOR and is always seeded differently. This new decryption function then decrypts another new decryption function mixed with XOR/ROL and is always seeded differently.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recently we post some large wordlists but anyway this so helpful for you :
wordlistctl: large database of dictionaries [Dictionary Collection]
wordlistctl is a program that contains a large database of dictionaries :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
wordlistctl is created by blackarch.org developers, web site: https://github.com/BlackArch/wordlistctl
How to install wordlistctl
Installing wordlistctl on Kali Linux:
1) sudo apt install python3-pip python3-libtorrent python3-coloredlogs
2) git clone https://github.com/BlackArch/wordlistctl
3) cd wordlistctl
4) Open the requirements.txt file
5) gedit requirements.txt
And remove the line from there
> libtorrent
Then continue:
6) sudo pip3 install -r requirements.txt
7) python3 ./wordlistctl.py
8) In BlackArch, this program is in the standard repository β install directly from there.
> sudo pacman -S wordlistctl
9) How to use wordlistctl
10) All dictionaries are divided into 5 categories:
username
password
hostname
filename
misc = other
11) To show all dictionaries, for example, in the password category:
> wordlistctl -F password
With the -S option, you can search by dictionary names, for example, search for βRU..
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recently we post some large wordlists but anyway this so helpful for you :
wordlistctl: large database of dictionaries [Dictionary Collection]
wordlistctl is a program that contains a large database of dictionaries :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
wordlistctl is created by blackarch.org developers, web site: https://github.com/BlackArch/wordlistctl
How to install wordlistctl
Installing wordlistctl on Kali Linux:
1) sudo apt install python3-pip python3-libtorrent python3-coloredlogs
2) git clone https://github.com/BlackArch/wordlistctl
3) cd wordlistctl
4) Open the requirements.txt file
5) gedit requirements.txt
And remove the line from there
> libtorrent
Then continue:
6) sudo pip3 install -r requirements.txt
7) python3 ./wordlistctl.py
8) In BlackArch, this program is in the standard repository β install directly from there.
> sudo pacman -S wordlistctl
9) How to use wordlistctl
10) All dictionaries are divided into 5 categories:
username
password
hostname
filename
misc = other
11) To show all dictionaries, for example, in the password category:
> wordlistctl -F password
With the -S option, you can search by dictionary names, for example, search for βRU..
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - BlackArch/wordlistctl: Fetch, install and search wordlist archives from websites and torrent peers.
Fetch, install and search wordlist archives from websites and torrent peers. - BlackArch/wordlistctl
RDP Pivoting with Metasploit .pdf
1.4 MB
RDP HACKING FULL WITH PICTURES
E N J O Y β€οΈππ»
E N J O Y β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/AeonDave/doork doork
doork works with Python version 2.6.x and 2.7.x on any platform. You have also to install
2) pip install beautifulsoup4
3) pip install requests
4) pip install Django
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/AeonDave/doork doork
doork works with Python version 2.6.x and 2.7.x on any platform. You have also to install
2) pip install beautifulsoup4
3) pip install requests
4) pip install Django
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ANOTHER WHATSAPP HACKING -2020 UPDATED
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Update Firefox browser to the latest version
2) Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
3) chmod +x geckodriver
4) sudo mv -f geckodriver /usr/local/share/geckodriver
5) sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
6) sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
7) Clone the repo with git clone https://github.com/OWASP/QRLJacking then do cd QRLJacking/QRLJacker
8) Install all the requirements with pip install -r requirements.txt
9) Now you can run the framework with python3 QrlJacker.py --help
π¦Tested by us on :
> Ubuntu lastest v
> Kali Linux lastest v
> parrot os lastest v
> fedora lastest v
π¦MORE TUTORIAL ABOUT IT :
https://www.owasp.org/index.php/QRLJacking
https://www.owasp.org/index.php/OWASP_QRLJacker
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ANOTHER WHATSAPP HACKING -2020 UPDATED
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Update Firefox browser to the latest version
2) Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
3) chmod +x geckodriver
4) sudo mv -f geckodriver /usr/local/share/geckodriver
5) sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
6) sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
7) Clone the repo with git clone https://github.com/OWASP/QRLJacking then do cd QRLJacking/QRLJacker
8) Install all the requirements with pip install -r requirements.txt
9) Now you can run the framework with python3 QrlJacker.py --help
π¦Tested by us on :
> Ubuntu lastest v
> Kali Linux lastest v
> parrot os lastest v
> fedora lastest v
π¦MORE TUTORIAL ABOUT IT :
https://www.owasp.org/index.php/QRLJacking
https://www.owasp.org/index.php/OWASP_QRLJacker
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
Releases Β· mozilla/geckodriver
WebDriver Classic proxy for automating Firefox through Marionette - mozilla/geckodriver
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 topic fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Kali Linux (Tool Page)
open terminal and type :
> apt -y install seclists
enjoyβ€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 topic fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Kali Linux (Tool Page)
open terminal and type :
> apt -y install seclists
enjoyβ€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
TLS & SSL Penetration Testing.pdf
1.3 MB
Full tutorial with pictures
enjoyβ€οΈππ»
enjoyβ€οΈππ»