β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦the recent vulnerabilities in the architecture of Intel, AMD and ARM processors:
1) How fortunate that critical vulnerabilities in the architecture of Intel, AMD and ARM processors were published while we were resting.
2) We did not have time to change the equipment, as recommended by US-CERT, as it turned out that it was enough to update the operating systems.
3) Well, the manufacturers had time to release updates.
So, what is the bottom line at the moment.
4) There are two vulnerabilities - Meltdown ("Crash") and Specter ("Ghost").
5) Meltdown allows you to break the barrier between applications and the internal memory of the operating system, which opens access to data stored in the memory of the OS.
Detailed description https://meltdownattack.com/meltdown.pdf.
6) Well, there are also exploits, for example: https://github.com/paboldin/meltdown-exploit.
7) Specter breaks memory isolation between applications themselves: conventionally, one service can crawl into the memory of another.
Description https://spectreattack.com/spectre.pdf. They say exploiting the vulnerability is more difficult, but there are still exploits: https://github.com/crozone/SpectrePoC, https://github.com/Eugnis/spectre-attack.
In general, a nightmare! Update, definitely!
8) Fears about 30% loss of productivity in practice are not justified
π¦Microsoft:
Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1 - KB4056897 or KB4056894
Windows Server 2012 Standard - KB4056899 or KB4056896
Windows 8.1, Windows Server 2012 R2 Standard - KB4056898 or KB4056895
Windows 10 Enterprise - KB4056893
Windows 10 Version 1607, Windows Server 2016 , Windows 10 Mobile - KB4056890
Windows 10 Version 1703 - KB4056891
Windows 10 version 1709 - KB4056892
There may be problems installing the patch due to the antivirus.
Provided a list of antiviruses that block the patch: BitDefender, Carbon Black, Cisco, CrowdStrike, Cylance, Cyren, Endgame, Fortinet, G-DATA, McAfee, Nyotron, Palo-Alto, SentinelOne, Sophos, Trend Micro, VIPRE, Webroot.
9) Modifying or creating the following registry key may help resolve the issue:
?
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD"
Data="0x00000000"
Very short on performance: tests with the Windows 10 update showed a decrease in various performance parameters by 1-2%.
Details: http://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html.
π¦Linux:
Everything is simple, you need a kernel 4.14.12, 4.9.75 or 4.4.110. There are no updates for other branches, but they have a bunch of other unpatched vulnerabilities, so they are not recommended for use.
π¦Apple:
Meltdown has been fixed in iOS 11.2, macOS 10.13.2, and tvOS 11.2. No update is required for watchOS.
Specter, Apple claims, is only practically exploitable via JavaScript in a web browser, so they will keep Safari updated. This patch, as well as the Axis Specter patches, are pending.
π¦Google:
Android with the patch from 2018-01-05 is protected.
Chrome 64 adds Specter protection, but is set to release on January 23rd. For now, if you wish, you can enable Site Isolation to protect against attacks.
π¦Firefox:
Mozilla has provided a browser-based patch to prevent Specter from being used in version 57 of Firefox.
π¦Cisco:
Just doing analysis and getting ready to release patches.
Status here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦the recent vulnerabilities in the architecture of Intel, AMD and ARM processors:
1) How fortunate that critical vulnerabilities in the architecture of Intel, AMD and ARM processors were published while we were resting.
2) We did not have time to change the equipment, as recommended by US-CERT, as it turned out that it was enough to update the operating systems.
3) Well, the manufacturers had time to release updates.
So, what is the bottom line at the moment.
4) There are two vulnerabilities - Meltdown ("Crash") and Specter ("Ghost").
5) Meltdown allows you to break the barrier between applications and the internal memory of the operating system, which opens access to data stored in the memory of the OS.
Detailed description https://meltdownattack.com/meltdown.pdf.
6) Well, there are also exploits, for example: https://github.com/paboldin/meltdown-exploit.
7) Specter breaks memory isolation between applications themselves: conventionally, one service can crawl into the memory of another.
Description https://spectreattack.com/spectre.pdf. They say exploiting the vulnerability is more difficult, but there are still exploits: https://github.com/crozone/SpectrePoC, https://github.com/Eugnis/spectre-attack.
In general, a nightmare! Update, definitely!
8) Fears about 30% loss of productivity in practice are not justified
π¦Microsoft:
Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1 - KB4056897 or KB4056894
Windows Server 2012 Standard - KB4056899 or KB4056896
Windows 8.1, Windows Server 2012 R2 Standard - KB4056898 or KB4056895
Windows 10 Enterprise - KB4056893
Windows 10 Version 1607, Windows Server 2016 , Windows 10 Mobile - KB4056890
Windows 10 Version 1703 - KB4056891
Windows 10 version 1709 - KB4056892
There may be problems installing the patch due to the antivirus.
Provided a list of antiviruses that block the patch: BitDefender, Carbon Black, Cisco, CrowdStrike, Cylance, Cyren, Endgame, Fortinet, G-DATA, McAfee, Nyotron, Palo-Alto, SentinelOne, Sophos, Trend Micro, VIPRE, Webroot.
9) Modifying or creating the following registry key may help resolve the issue:
?
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD"
Data="0x00000000"
Very short on performance: tests with the Windows 10 update showed a decrease in various performance parameters by 1-2%.
Details: http://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html.
π¦Linux:
Everything is simple, you need a kernel 4.14.12, 4.9.75 or 4.4.110. There are no updates for other branches, but they have a bunch of other unpatched vulnerabilities, so they are not recommended for use.
π¦Apple:
Meltdown has been fixed in iOS 11.2, macOS 10.13.2, and tvOS 11.2. No update is required for watchOS.
Specter, Apple claims, is only practically exploitable via JavaScript in a web browser, so they will keep Safari updated. This patch, as well as the Axis Specter patches, are pending.
π¦Google:
Android with the patch from 2018-01-05 is protected.
Chrome 64 adds Specter protection, but is set to release on January 23rd. For now, if you wish, you can enable Site Isolation to protect against attacks.
π¦Firefox:
Mozilla has provided a browser-based patch to prevent Specter from being used in version 57 of Firefox.
π¦Cisco:
Just doing analysis and getting ready to release patches.
Status here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DataOps ?
The demand for information products and access to information resources is growing exponentially.
Today's data management platforms and data platform teams cannot meet the demand for DevOps-enabled products.
DataOps is a practice in which analysts, data scientists, developers, and administrators participate together throughout the entire service lifecycle from design to development and production support.
The goal of DataOps in the enterprise is to truly increase the speed of analysis and generate analytic results for data consumers.
As with DevOps, automation is a key tenet in DataOps, but in the past, data has not been used much for extreme automation.
So using DataOps will help you compete in analytics that will drive competition in the coming years.
DataOps professional responsibilities:
1) Providing access to multiple data sources
2) Facilitate testing and monitoring of data management processes
3) Data model creation and data versioning
4) Data quality, security, privacy, storage management
5) Data infrastructure management and deployment
6) Setting standards, processes and methodology for a data analytics product
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DataOps ?
The demand for information products and access to information resources is growing exponentially.
Today's data management platforms and data platform teams cannot meet the demand for DevOps-enabled products.
DataOps is a practice in which analysts, data scientists, developers, and administrators participate together throughout the entire service lifecycle from design to development and production support.
The goal of DataOps in the enterprise is to truly increase the speed of analysis and generate analytic results for data consumers.
As with DevOps, automation is a key tenet in DataOps, but in the past, data has not been used much for extreme automation.
So using DataOps will help you compete in analytics that will drive competition in the coming years.
DataOps professional responsibilities:
1) Providing access to multiple data sources
2) Facilitate testing and monitoring of data management processes
3) Data model creation and data versioning
4) Data quality, security, privacy, storage management
5) Data infrastructure management and deployment
6) Setting standards, processes and methodology for a data analytics product
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New Update DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just require your Github Access Token to fetch the information.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)download or clone https://github.com/Securityautomation/DumpTheGit
2) Move the repository's file in your webserver(example: Tomcat, XAMPP,
3) LAMP, default(MAC apache) etc.)
4) Open the index.html to access the tool.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New Update DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just require your Github Access Token to fetch the information.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)download or clone https://github.com/Securityautomation/DumpTheGit
2) Move the repository's file in your webserver(example: Tomcat, XAMPP,
3) LAMP, default(MAC apache) etc.)
4) Open the index.html to access the tool.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Securityautomation/DumpTheGit: DumpTheGit searches through public repositories to find sensitive information uploadedβ¦
DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories. - GitHub - Securityautomation/DumpTheGit: DumpTheGit searches through public repos...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§CentOS Server Security Tips :
1) Disable unnecessary commands SUID and SGID
If the setuid and setgid bits are set in binaries, these commands can run tasks with other user or group privileges, such as root privilege, which can lead to serious security problems.
2) Often, buffer overflow attacks can exploit these executables to run unauthorized code as root.
# find / -path / proc -prune -o -type f \ (-perm -4000 -o -perm -2000 \) -exec ls -l {} \;
3) To clear the setuid bit, run the following command:
# chmod us / path / to / binary_file
4) To clear the setgid bit, run the following command:
# chmod gs / path / to / binary_file
5) Check for unknown files and directories
Files or directories not owned by an existing account must be removed or user and group rights assigned.
6) Run the below find command to list files or directories without users and groups.
# find / -nouser -o -nogroup -exec ls -l {} \;
7) List of files available for recording
Keeping a writable file on the system can be dangerous because anyone can change it.
8) Run the command below to display writable files other than symbolic links which are always writable to everyone.
# find / -path / proc -prune -o -perm -2! -type l βls
9) Create strong passwords
Create a password that is at least eight characters long.
Password must contain numbers, special characters and capital letters.
Use pwmake to generate a 128-bit password from / dev / urandom.
# pwmake 128
10) Implement a strong password policy
Force the system to use strong passwords by adding the following line to the /etc/pam.d/passwd file:
password required pam_pwquality.so retry = 3
By adding this line, you enter a policy where the entered password cannot contain more than 3 characters in a monotone sequence, for example abcd, and more than 3 identical consecutive characters, for example 1111.
11) To force users to use a password that is at least 8 characters long, including all character classes, sequential character checking, add the following lines to the /etc/security/pwquality.conf file:
minlen = 8
minclass = 4
maxsequence = 3
maxrepeat = 3
How to Apply Strong User Password Policy in Ubuntu / Debian
Use password aging
The chage command can be used to control the age of a user's password.
To set the age of a user's password to 45 days, use the following command:
# chage -M 45 username
To disable password expiration use the command:
# chage -M -1 username
Force password expiration (user must change password at next login):
# chage -d 0 username
12) Blocking accounts
User accounts can be locked out by running passwd or usermod command:
# passwd -l username
# usermod -L username
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§CentOS Server Security Tips :
1) Disable unnecessary commands SUID and SGID
If the setuid and setgid bits are set in binaries, these commands can run tasks with other user or group privileges, such as root privilege, which can lead to serious security problems.
2) Often, buffer overflow attacks can exploit these executables to run unauthorized code as root.
# find / -path / proc -prune -o -type f \ (-perm -4000 -o -perm -2000 \) -exec ls -l {} \;
3) To clear the setuid bit, run the following command:
# chmod us / path / to / binary_file
4) To clear the setgid bit, run the following command:
# chmod gs / path / to / binary_file
5) Check for unknown files and directories
Files or directories not owned by an existing account must be removed or user and group rights assigned.
6) Run the below find command to list files or directories without users and groups.
# find / -nouser -o -nogroup -exec ls -l {} \;
7) List of files available for recording
Keeping a writable file on the system can be dangerous because anyone can change it.
8) Run the command below to display writable files other than symbolic links which are always writable to everyone.
# find / -path / proc -prune -o -perm -2! -type l βls
9) Create strong passwords
Create a password that is at least eight characters long.
Password must contain numbers, special characters and capital letters.
Use pwmake to generate a 128-bit password from / dev / urandom.
# pwmake 128
10) Implement a strong password policy
Force the system to use strong passwords by adding the following line to the /etc/pam.d/passwd file:
password required pam_pwquality.so retry = 3
By adding this line, you enter a policy where the entered password cannot contain more than 3 characters in a monotone sequence, for example abcd, and more than 3 identical consecutive characters, for example 1111.
11) To force users to use a password that is at least 8 characters long, including all character classes, sequential character checking, add the following lines to the /etc/security/pwquality.conf file:
minlen = 8
minclass = 4
maxsequence = 3
maxrepeat = 3
How to Apply Strong User Password Policy in Ubuntu / Debian
Use password aging
The chage command can be used to control the age of a user's password.
To set the age of a user's password to 45 days, use the following command:
# chage -M 45 username
To disable password expiration use the command:
# chage -M -1 username
Force password expiration (user must change password at next login):
# chage -d 0 username
12) Blocking accounts
User accounts can be locked out by running passwd or usermod command:
# passwd -l username
# usermod -L username
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Merge Fonts Using a FontForge in LINUX
1) Create a new file named βmergefonts.shβ and paste the following code in it:
#!/usr/bin/fontforge
Open($1)
SelectAll()
ScaleToEm(1024)
Generate("1.ttf")
Close()
Open($2)
SelectAll()
ScaleToEm(1024)
Generate("2.ttf")
Close()
Open("1.ttf")
MergeFonts("2.ttf")
Generate("my_custom_font.ttf")
Close()
2) The code is pretty straight forward. The β$1β argument is for your primary font while the β$2β argument is for your secondary font. Fonts are first scaled to a uniform size and then merged to generate a new font. If you do not scale them to a common size, you may get uneven text rendering from the final merged font.
3) To check the size of a font in βemβ units, run the command below (replace βfont.ttfβ with name of your own font file):
$ fontforge -lang=ff -c 'Open($1); Print($em); Close()' font.ttf
You will get some output like this:
4) The glyph named f_i is mapped to U+F001.
But its name indicates it should be mapped to U+FB01.
2048
5) Change βScaleToEm(1024)β lines in the script above with your desired value. You can also edit the script and put an extra β$3β argument to specify the size value from the command line.
6) Now to merge the two fonts, specify fonts as arguments while running βmergefonts.shβ script. The order of these arguments is important as the font specified as the second argument ($2) will be merged into the font specified as first argument ($1). The first argument should be of your main font that you intend to use in your project. Put the βmergefonts.shβ script and two fonts in a folder, launch a new terminal window from the folder and run the following command to merge the fonts:
$ ./mergefonts.sh font1.ttf font2.ttf
7) After running the script, you will find the new merged font as βmy_custom_font.ttfβ in the working directory. You may see some warnings and errors in the terminal after running the command above. These errors wonβt stop the merging process of the fonts. If they are simple warnings, you can ignore them. However, if there are conflicts and errors during the merging process, you may need to review them and fix them individually by manually modifying the glyphs in FontForge GUI app. It totally depends on the kind of fonts you choose for merging and you may not get any errors at all.
8) Note that the very first line in the script is the location of the FontForge binary as shebang. This allows you to directly run the script in the terminal without having to manually specify the FontForge command in the terminal. To check the location of FontForge binary in your system, run the command below:
$ which fontforge
Alternatively, you can run any FontForge script using the β-scriptβ argument.
$ fontforge -script mergefonts.sh font1.ttf font2.ttf
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Merge Fonts Using a FontForge in LINUX
1) Create a new file named βmergefonts.shβ and paste the following code in it:
#!/usr/bin/fontforge
Open($1)
SelectAll()
ScaleToEm(1024)
Generate("1.ttf")
Close()
Open($2)
SelectAll()
ScaleToEm(1024)
Generate("2.ttf")
Close()
Open("1.ttf")
MergeFonts("2.ttf")
Generate("my_custom_font.ttf")
Close()
2) The code is pretty straight forward. The β$1β argument is for your primary font while the β$2β argument is for your secondary font. Fonts are first scaled to a uniform size and then merged to generate a new font. If you do not scale them to a common size, you may get uneven text rendering from the final merged font.
3) To check the size of a font in βemβ units, run the command below (replace βfont.ttfβ with name of your own font file):
$ fontforge -lang=ff -c 'Open($1); Print($em); Close()' font.ttf
You will get some output like this:
4) The glyph named f_i is mapped to U+F001.
But its name indicates it should be mapped to U+FB01.
2048
5) Change βScaleToEm(1024)β lines in the script above with your desired value. You can also edit the script and put an extra β$3β argument to specify the size value from the command line.
6) Now to merge the two fonts, specify fonts as arguments while running βmergefonts.shβ script. The order of these arguments is important as the font specified as the second argument ($2) will be merged into the font specified as first argument ($1). The first argument should be of your main font that you intend to use in your project. Put the βmergefonts.shβ script and two fonts in a folder, launch a new terminal window from the folder and run the following command to merge the fonts:
$ ./mergefonts.sh font1.ttf font2.ttf
7) After running the script, you will find the new merged font as βmy_custom_font.ttfβ in the working directory. You may see some warnings and errors in the terminal after running the command above. These errors wonβt stop the merging process of the fonts. If they are simple warnings, you can ignore them. However, if there are conflicts and errors during the merging process, you may need to review them and fix them individually by manually modifying the glyphs in FontForge GUI app. It totally depends on the kind of fonts you choose for merging and you may not get any errors at all.
8) Note that the very first line in the script is the location of the FontForge binary as shebang. This allows you to directly run the script in the terminal without having to manually specify the FontForge command in the terminal. To check the location of FontForge binary in your system, run the command below:
$ which fontforge
Alternatively, you can run any FontForge script using the β-scriptβ argument.
$ fontforge -script mergefonts.sh font1.ttf font2.ttf
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦
1) Make sure your application is free of vulnerabilities.
The most dangerous threat to an application is its own vulnerabilities and flaws.
Make sure there are no known vulnerabilities in your application.
It can be as a web application, mobile application, or desktop application, and the vulnerability remediation will help prevent threats.
2) Consider testing the security of your application before shipping it to production.
To eliminate the vulnerability, you can conduct security testing of your applications.
Security testing doesn't slow down the development process.
Security testing helps you find and fix vulnerabilities in your application, as well as make your applications more efficient.
Therefore, consider checking the security of your applications before going into production.
3) Bug Bounty program
Many large companies such as Mozilla, Facebook, Yahoo!, Google, Reddit, Square, and Microsoft are organizing Bug Bounty programs to identify vulnerabilities in their applications.
This program allows your organization to find and fix bugs before they become known to the public or known hackers.
This way you can prevent incidents.
4) Train your organization on application security best practices.
You can also protect your apps by educating your employees about their security.
Knowledge of cybersecurity can help your organization counter the threats of your applications.
5) Use an automatic scanner to keep the application secure.
Scanning your entire application is also a good security measure.
Consider using an automated scanner to scan that will run tests daily.
You can also use vulnerability scanning tools that are automated.
Vulnerability scanning tools will search your applications for vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, etc.
6) Think Before Using Open Source In Your Application
open source can be vulnerable.
Thus, using open source code in your application can leave your applications vulnerable to cyber attacks.
So think twice before using open source in your application.
7) Consider encrypting your application source code.
Source code encryption ensures that an attacker cannot gain access to the source code of your applications.
8) Penetration testing also helps protect your applications
Penetration testing is also a pentest.
Penetration testing is useful for protecting cybercriminal applications.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦
1) Make sure your application is free of vulnerabilities.
The most dangerous threat to an application is its own vulnerabilities and flaws.
Make sure there are no known vulnerabilities in your application.
It can be as a web application, mobile application, or desktop application, and the vulnerability remediation will help prevent threats.
2) Consider testing the security of your application before shipping it to production.
To eliminate the vulnerability, you can conduct security testing of your applications.
Security testing doesn't slow down the development process.
Security testing helps you find and fix vulnerabilities in your application, as well as make your applications more efficient.
Therefore, consider checking the security of your applications before going into production.
3) Bug Bounty program
Many large companies such as Mozilla, Facebook, Yahoo!, Google, Reddit, Square, and Microsoft are organizing Bug Bounty programs to identify vulnerabilities in their applications.
This program allows your organization to find and fix bugs before they become known to the public or known hackers.
This way you can prevent incidents.
4) Train your organization on application security best practices.
You can also protect your apps by educating your employees about their security.
Knowledge of cybersecurity can help your organization counter the threats of your applications.
5) Use an automatic scanner to keep the application secure.
Scanning your entire application is also a good security measure.
Consider using an automated scanner to scan that will run tests daily.
You can also use vulnerability scanning tools that are automated.
Vulnerability scanning tools will search your applications for vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, etc.
6) Think Before Using Open Source In Your Application
open source can be vulnerable.
Thus, using open source code in your application can leave your applications vulnerable to cyber attacks.
So think twice before using open source in your application.
7) Consider encrypting your application source code.
Source code encryption ensures that an attacker cannot gain access to the source code of your applications.
8) Penetration testing also helps protect your applications
Penetration testing is also a pentest.
Penetration testing is useful for protecting cybercriminal applications.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is UChecker ?
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
The tool was created by KernelCare during live patching development for shared libraries.
With Uchecker, you can identify vulnerable FOSS libraries and fix them.
2) You will have to reboot the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
3) As a result, you avoid unnecessary server reboots that lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
4) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
5) This practice can be just as devastating as rebooting.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/cloudlinux/kcare-uchecker
2) # curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is UChecker ?
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
The tool was created by KernelCare during live patching development for shared libraries.
With Uchecker, you can identify vulnerable FOSS libraries and fix them.
2) You will have to reboot the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
3) As a result, you avoid unnecessary server reboots that lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
4) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
5) This practice can be just as devastating as rebooting.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/cloudlinux/kcare-uchecker
2) # curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - cloudlinux/kcare-uchecker: A simple tool to detect outdated shared libraries
A simple tool to detect outdated shared libraries. Contribute to cloudlinux/kcare-uchecker development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Windows 10 update removes the need to remember passwords with Windows Hello and FIDO2:
Say goodbye to passwords
Microsoft knows what everyone thinks about passwords, noting that "no one likes passwords (except hackers)."
Since the advent of the computer systems that we all use, we have had to remember passwords - for computer systems, websites, applications, devices, and the like.
βPeople don't like passwords because we have to remember them,β Microsoft explained.
"As a result, we often create passwords that are easy to guess β making them the first target for hackers trying to gain access to your computer or network."
The need for confidentiality meant passwords for everything.
This increased need has led to different types of passwords.
Instead of your birthday, anniversary, dog name, street name, etc., you were forced to remember more complex passwords or have a password manager.
π¦Windows Hello and FIDO2 integration :
You can take advantage of Windows Hello with FIDO2 by updating Windows 10 to version 1903.
Microsoft Edge, Google Chrome and Mozilla Firefox will support biometrics and PINs.
Other Microsoft products such as Office 365, Skype, and Xbox Live can also authenticate using Windows Hello.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Windows 10 update removes the need to remember passwords with Windows Hello and FIDO2:
Say goodbye to passwords
Microsoft knows what everyone thinks about passwords, noting that "no one likes passwords (except hackers)."
Since the advent of the computer systems that we all use, we have had to remember passwords - for computer systems, websites, applications, devices, and the like.
βPeople don't like passwords because we have to remember them,β Microsoft explained.
"As a result, we often create passwords that are easy to guess β making them the first target for hackers trying to gain access to your computer or network."
The need for confidentiality meant passwords for everything.
This increased need has led to different types of passwords.
Instead of your birthday, anniversary, dog name, street name, etc., you were forced to remember more complex passwords or have a password manager.
π¦Windows Hello and FIDO2 integration :
You can take advantage of Windows Hello with FIDO2 by updating Windows 10 to version 1903.
Microsoft Edge, Google Chrome and Mozilla Firefox will support biometrics and PINs.
Other Microsoft products such as Office 365, Skype, and Xbox Live can also authenticate using Windows Hello.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§5 best CLI tools for finding words using regular expressions:
1) Grep command
First of all comes the utility tool grep, which stands for Global Regular Expression Print, a powerful command line tool that comes in handy when searching for a specific string or pattern in a file.
Grep comes by default with modern Linux distributions and gives you the ability to return different search results.
With grep, you can perform a wide variety of functions such as:
Search for strings or matching patterns in the file.
Search for strings or matching patterns in Gzip files.
Count the number of string matches.
Print line numbers containing a string or pattern.
Recursive search for a string in directories.
Perform a reverse search (that is, display results for rows that do not match your search criteria).
Ignore case sensitivity when searching for strings.
The syntax for using the grep command is pretty simple:
$ grep pattern FILE
For example, to find the string "itsecforu" in a file, say hello.txt, ignoring case, run the command:
$ grep -i itsecforu hello.txt
2) sed command
Sed, short for Stream Editor, is another useful command line tool for manipulating text in a text file.
Sed searches, filters, and replaces lines in a given file in a non-interactive way.
By default, the sed command prints the output to STDOUT (standard output), implying that the output is written to the terminal rather than saved to a file.
The Sed command is invoked as follows:
$ sed -OPTIONS command [file]
For example, to replace all instances of "Unix" with "Linux", issue the command:
$ sed 's / Unix / Linux' hello.txt
If you want to redirect the output rather than display it on the terminal, use the redirection sign (>) as follows:
$ sed 's / Unix / Linux' hello.txt> output.txt
The output of the command will be saved in the file output.txt, rather than being printed to the screen.
Check the man pages again for other options that you can use.
$ man sed
3) Team Ack
Ack is a fast and portable command line tool written in Perl.
Ack is considered a convenient replacement for grep, and displays results in a visually appealing form.
The Ack command searches a file or directory for strings that match the search criteria.
Then it highlights the corresponding line.
Ack has the ability to differentiate between files based on their extensions and, to a certain extent, the content in the files.
Ack command syntax:
$ ack [options] PATTERN [FILE ...]
$ ack -f [options] [DIRECTORY ...]
For example, to find the word itsecforu, run:
$ ack itsecforu hello.txt
To install ask on your system, run the command:
$ sudo apt install ack-grep [On Debian / Ubuntu]
$ sudo dnf install ack-grep [On CentOS / RHEL]
4) Team Awk
Awk is a complete scripting language, word processing and data manipulation tool.
It looks for files or programs that contain a search pattern.
When a string or pattern is found, awk performs the action on the match or string and prints the results to STDOUT.
The AWK pattern is enclosed in curly braces, and the entire program is enclosed in single quotes.
Let's take the simplest example.
Suppose you are displaying your system date as shown below:
$ date
Suppose you only want to display the first value, that is, the day of the week.
In this case, pipe the output to awk as shown below:
$ date | awk '{print $ 1}'
To display subsequent values, separate them with a comma, as shown below:
$ date | awk '{print $ 1, $ 2}'
The above command will display the day of the week and date .
5) Silver Searcher
Silver Searcher is a cross-platform open source code search tool similar to ack but with a focus on speed.
It makes it easy to find a specific string in files in no time at all:
$ ag OPTIONS search_pattern / path / to / file
For example, to find the string "Linux" in hello.txt, run the command:
$ ag Linux hello.txt
For additional options:
$ man ag
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§5 best CLI tools for finding words using regular expressions:
1) Grep command
First of all comes the utility tool grep, which stands for Global Regular Expression Print, a powerful command line tool that comes in handy when searching for a specific string or pattern in a file.
Grep comes by default with modern Linux distributions and gives you the ability to return different search results.
With grep, you can perform a wide variety of functions such as:
Search for strings or matching patterns in the file.
Search for strings or matching patterns in Gzip files.
Count the number of string matches.
Print line numbers containing a string or pattern.
Recursive search for a string in directories.
Perform a reverse search (that is, display results for rows that do not match your search criteria).
Ignore case sensitivity when searching for strings.
The syntax for using the grep command is pretty simple:
$ grep pattern FILE
For example, to find the string "itsecforu" in a file, say hello.txt, ignoring case, run the command:
$ grep -i itsecforu hello.txt
2) sed command
Sed, short for Stream Editor, is another useful command line tool for manipulating text in a text file.
Sed searches, filters, and replaces lines in a given file in a non-interactive way.
By default, the sed command prints the output to STDOUT (standard output), implying that the output is written to the terminal rather than saved to a file.
The Sed command is invoked as follows:
$ sed -OPTIONS command [file]
For example, to replace all instances of "Unix" with "Linux", issue the command:
$ sed 's / Unix / Linux' hello.txt
If you want to redirect the output rather than display it on the terminal, use the redirection sign (>) as follows:
$ sed 's / Unix / Linux' hello.txt> output.txt
The output of the command will be saved in the file output.txt, rather than being printed to the screen.
Check the man pages again for other options that you can use.
$ man sed
3) Team Ack
Ack is a fast and portable command line tool written in Perl.
Ack is considered a convenient replacement for grep, and displays results in a visually appealing form.
The Ack command searches a file or directory for strings that match the search criteria.
Then it highlights the corresponding line.
Ack has the ability to differentiate between files based on their extensions and, to a certain extent, the content in the files.
Ack command syntax:
$ ack [options] PATTERN [FILE ...]
$ ack -f [options] [DIRECTORY ...]
For example, to find the word itsecforu, run:
$ ack itsecforu hello.txt
To install ask on your system, run the command:
$ sudo apt install ack-grep [On Debian / Ubuntu]
$ sudo dnf install ack-grep [On CentOS / RHEL]
4) Team Awk
Awk is a complete scripting language, word processing and data manipulation tool.
It looks for files or programs that contain a search pattern.
When a string or pattern is found, awk performs the action on the match or string and prints the results to STDOUT.
The AWK pattern is enclosed in curly braces, and the entire program is enclosed in single quotes.
Let's take the simplest example.
Suppose you are displaying your system date as shown below:
$ date
Suppose you only want to display the first value, that is, the day of the week.
In this case, pipe the output to awk as shown below:
$ date | awk '{print $ 1}'
To display subsequent values, separate them with a comma, as shown below:
$ date | awk '{print $ 1, $ 2}'
The above command will display the day of the week and date .
5) Silver Searcher
Silver Searcher is a cross-platform open source code search tool similar to ack but with a focus on speed.
It makes it easy to find a specific string in files in no time at all:
$ ag OPTIONS search_pattern / path / to / file
For example, to find the string "Linux" in hello.txt, run the command:
$ ag Linux hello.txt
For additional options:
$ man ag
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Too much hacker news & security warning in T.me/UndercodeNews, if you interested join
follow Undercode News:
Twitter.com/UndercodeNews
Fb.com/UndercodeNews
instagram.com/UndercodeNews
follow Undercode News:
Twitter.com/UndercodeNews
Fb.com/UndercodeNews
instagram.com/UndercodeNews
Telegram
UNDERCODE NEWS
Daily News, Hacking News, Tech News, Analytiques and more...
For Updates: UndercodeNews.com
instagram.com/UndercodeNews
Twitter.com/UndercodeNews
For Support: Support@UndercodeNews.com
For Feedback: Feedback@UndercodeNews.com
More:
undercode.help
For Updates: UndercodeNews.com
instagram.com/UndercodeNews
Twitter.com/UndercodeNews
For Support: Support@UndercodeNews.com
For Feedback: Feedback@UndercodeNews.com
More:
undercode.help
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME INTERESTING HACKING COURSES FROM YOUTUBE
1) 9 hours hacking
https://www.youtube.com/watch?v=dz7Ntp7KQGA
2) 1 HOUR BURPSUITE :
https://www.youtube.com/watch?v=vKudm1kDu8k
3) 14 HOURS HACKING :
https://www.youtube.com/watch?v=3Kq1MIfTWCE
4) 40 MINUTES MOBILE HACKING :
https://www.youtube.com/watch?v=3XUo7UBn28o
5) 24 MINUTES jAVA Course Objects& Classes
https://youtu.be/84hGoR9HjAY
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME INTERESTING HACKING COURSES FROM YOUTUBE
1) 9 hours hacking
https://www.youtube.com/watch?v=dz7Ntp7KQGA
2) 1 HOUR BURPSUITE :
https://www.youtube.com/watch?v=vKudm1kDu8k
3) 14 HOURS HACKING :
https://www.youtube.com/watch?v=3Kq1MIfTWCE
4) 40 MINUTES MOBILE HACKING :
https://www.youtube.com/watch?v=3XUo7UBn28o
5) 24 MINUTES jAVA Course Objects& Classes
https://youtu.be/84hGoR9HjAY
β β β Uππ»βΊπ«Δπ¬πβ β β β
YouTube
Ethical Hacking Full Course - Learn Ethical Hacking in 10 Hours | Ethical Hacking Tutorial | Edureka
π₯Certified Ethical Hacking Course - CEH v12 Training : https://www.edureka.co/ceh-ethical-hacking-certification-course
π₯CompTIA Security+ Certification Training: https://www.edureka.co/comptia-security-plus-certification-training
This Edureka video on "Ethicalβ¦
π₯CompTIA Security+ Certification Training: https://www.edureka.co/comptia-security-plus-certification-training
This Edureka video on "Ethicalβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Xrdp Server (Remote Desktop) on Ubuntu 20.04 :
1) Install a Desktop Environment
Unless you are using Ubuntu for desktop (in which case you may ignore this step), you will need to download an externally available desktop environment to get started. For this demonstration, Gnome will be used as the desktop environment, as it is the default environment for newer versions of Ubuntu. So, this guide will be easy to follow for those who are already using an Ubuntu desktop.
$ sudo apt update
$ sudo apt install ubuntu-desktop
2) Install Xrdp
To download and install Xrdp from the standard Ubuntu repositories, enter the following command:
$ sudo apt install xrdp
Verify the install by entering the following command:
$ sudo systemctl status xrdp
3) There is a file in the /etc/ssl/private/ directory named ssl-cert-snakeoil.key that is fundamental to the functions of the Xrdp services. This file must be made readable for an xrdp user. To do so, use the following command:
$ sudo adduser xrdp ssl-cert
4) To make these modifications permanent, reboot the Xrdp service:
$ sudo systemctl restart xrdp
5) Getting Started with Xrdp
Configuring Firewall with Xrdp
We will now open up the Xrdp port, which is port 3389, by configuring the firewall. Enter the following command to allow access from a certain IP range:
$ sudo ufw allow from 192.168.33.0/24 to any port 3389
π¦Connect to the Xrdp Server (for Windows OS)
With the installation and firewall configurations taken care of, you may now connect to the Xrdp server. The following steps show you how to connect to the Xrdp server:
1) Head over to the windows search bar.
Type in βremote.β
2) Select βRemote Desktop Connectionβ to load the RDP client.
3) Navigate to the field labeled βcomputer.β
4) Paste the server IP address.
5) Hit the connect button.
6) The login screen will display, into which you will put your user credentials.
7) Click βok.β
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Xrdp Server (Remote Desktop) on Ubuntu 20.04 :
1) Install a Desktop Environment
Unless you are using Ubuntu for desktop (in which case you may ignore this step), you will need to download an externally available desktop environment to get started. For this demonstration, Gnome will be used as the desktop environment, as it is the default environment for newer versions of Ubuntu. So, this guide will be easy to follow for those who are already using an Ubuntu desktop.
$ sudo apt update
$ sudo apt install ubuntu-desktop
2) Install Xrdp
To download and install Xrdp from the standard Ubuntu repositories, enter the following command:
$ sudo apt install xrdp
Verify the install by entering the following command:
$ sudo systemctl status xrdp
3) There is a file in the /etc/ssl/private/ directory named ssl-cert-snakeoil.key that is fundamental to the functions of the Xrdp services. This file must be made readable for an xrdp user. To do so, use the following command:
$ sudo adduser xrdp ssl-cert
4) To make these modifications permanent, reboot the Xrdp service:
$ sudo systemctl restart xrdp
5) Getting Started with Xrdp
Configuring Firewall with Xrdp
We will now open up the Xrdp port, which is port 3389, by configuring the firewall. Enter the following command to allow access from a certain IP range:
$ sudo ufw allow from 192.168.33.0/24 to any port 3389
π¦Connect to the Xrdp Server (for Windows OS)
With the installation and firewall configurations taken care of, you may now connect to the Xrdp server. The following steps show you how to connect to the Xrdp server:
1) Head over to the windows search bar.
Type in βremote.β
2) Select βRemote Desktop Connectionβ to load the RDP client.
3) Navigate to the field labeled βcomputer.β
4) Paste the server IP address.
5) Hit the connect button.
6) The login screen will display, into which you will put your user credentials.
7) Click βok.β
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β