▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑More basic on Anonimity :

A) Web browsers

> The key application that the non-profit Tor project distributes for free is the Tor browser... It is a security-enhanced version of Firefox that allows all traffic to pass through the Tor anonymous network. Encrypted traffic moves between two computers in different parts of the world, providing the greatest possible anonymity.

> This slows down data transfer significantly. The Tor browser is getting faster, says Mika Lee, a privacy-focused techie who worked for the Electronic Frontier Foundation.

> This is one of the organizations that funds the Tor Project. Over the past month, he has tried using Tor as his primary browser and has only occasionally returned to regular browsers, mainly to visit sites using Flash and others that require plugins.

> After about a week, the transition was almost invisible. “It may not be absolutely necessary, but I’m not uncomfortable either,” says Lee. But there are real benefits in the form of privacy. All Internet users are tracked, but they can stop it if they want.

B) Email
The easiest way to send emails anonymously is to use the Tor Browser email service. This requires you to create a new account without specifying personal information. By comparison, Gmail, Outlook and Yahoo! Mail requires a phone number.

1) Runa Sandvik prefers Guerrilla Mail , a temporary disposable mailing address service. Here you can randomly generate a mailbox with just one click. Using this mail in the Tor Browser means that no one, not even the Guerrilla Mail service itself, will be able to find out your IP address.

2) Encrypting mail messages can be tricky. It is often necessary for the user to copy and paste messages into text boxes and then use the PGP encryption algorithm to encrypt and decrypt them. To fix this problem, Lee suggests using email services like Riseup.net, Mozilla's Thunderbird, the Enigmail encryption plugin, and another plugin called TorBirdy that routes messages over the Tor network.

Your not allowed to copy our tutorials!

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MOST SECURE WAY FOR COMMUNICATE & SHARE FILES:

A) Instant messaging

> Adium and Pidgin are the most popular instant messaging clients on both Mac and Windows platforms that support OTR and Tor encryption protocol.

> The Tor Project is working to create an instant messaging program for maximum security and anonymity. This program will be based on the Instant Bird app and was supposed to be released in March but is delayed. At the moment, the preliminary version can be expected to be received in mid-July.

B) Transferring large files

> Google Drive and Dropbox don't care too much about privacy. Therefore, Lee created the open source software Onionshare ,
https://www.wired.com/2014/05/onionshare/

> which allows large files to be transferred over the Tor network. When you use this program to share a file, the Tor Hidden Service is created. This is a hidden anonymous website that resides on your computer.

> The recipients of the file are given the URL of this site in .onion format, after which they can download it anonymously through their Tor Browser.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑LIST 2 OF ExampleS TRICKS break through the IDS intrusion detection system :

1) Trick: "/./" string insertion method

In view of the special role of "./", we can insert it into the URL to achieve URL transformation. For example, for /msadc/msadcs.dll, we can rewrite it as /././msadc/././msadcs.dll, /./msadc/.//./msadcs.dll and other forms to disrupt IDS The identification mark analysis engine realizes the purpose of deceiving IDS. Moreover, the URL after the rewrite is equivalent to the unmodified URL. The author has shown through experiments that this method can bypass IDS such as Snort.

2) The second trick: "00" ASCII code

Some time ago, the Internet upload vulnerability was used to exploit this feature, and everyone must be familiar with it. Its principle is that the computer automatically truncates the character string at ASCII code 00 when it is processed. We can rewrite /msadc/msadcs.dll to /msadc/msadcs.dll Iloveheikefangxian, use Winhex to change the space between .dll and Ilove to the ASCII code of 00, save it, and then submit it with NC and pipe. In this way, in the view of some IDS, /msadc/msadcs.dll Iloveheikefangxian is not the same as the string with the attack intent specified in its rule set file, so it will be indifferent to the attacker's behavior. Look! How extensive is the application of the principle of "automatically truncating at ASCII code 00 when the computer processes a string"! Philosophically speaking, there is a connection between things. We should think more and dig out the internal laws, so There will be new discoveries.

3) trick: use the path separator "\"

For Web servers like Microsoft's IIS, "\" can also be used as a path separator like "/". Some IDS did not consider the non-standard path separator "\" when setting up the rule set file. If we rewrite /msadc/msadcs.dll to \msadc\ msadcs.dll, we can escape snort, because there is no identification mark of \msadc\ msadcs.dll in the snort rule set file. It is worth mentioning that the path separator "\" also has a magical effect, which is the "%5c" violent library method mentioned in the "Hacker Defense" some time ago. "%5c" is the hexadecimal representation of "\".

4) trick: hexadecimal encoding

For a character, we can use the escape symbol "%" plus its hexadecimal ASCII code to represent it. For example, the first character "/" in /msadc/msadcs.dll can be expressed as %2F, and the following characters can be expressed by their corresponding hexadecimal ASCII code combined with "%". The URL encoded by this method It is no longer what it was before, and there may be no encoded string in the IDS rule set file, so IDS can be bypassed. But this method is invalid for IDS that uses HTTP preprocessing technology.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BASIC ENCRYPTION :


1) "Mobile encryption" is a file encryption method for sending files through U disk, mail or chat software, etc., when the non-local computer is running, this encryption method will change the file format and icon, and the user double-clicks to enter the password Can be opened at the rear.

2) "Normal encryption" refers to files that are still accessed or decrypted locally after the local file is encrypted. This encryption method does not change the file format. The encrypted file is exactly the same as before encryption, except that the password must be entered before access.

3) "Advanced Encryption" is also ordinary encryption, but you can set the access permissions for encrypted files. You can only open encrypted files but prohibit saving as a local disk, only read encrypted files but prohibit copying encrypted files, and only modify encrypted files. It is forbidden to delete encrypted files, or to drag encrypted files, or to print encrypted files, etc., to protect the security of encrypted files. At the same time, once the access is completed, the encrypted files will be automatically re-encrypted, thus ensuring the entire security of the encrypted files and preventing reading The act of leaking encrypted files after encrypting them.

don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Since there is no ready-made tool on the market that can perform this kind of attack, we made the tool ourselves and named it EvilAbigail. Evil maid attacks can target any operating system. In this research, we aimed at the Linux system using LUKS full disk encryption :

1) Generally speaking, when the Linux system uses full disk encryption, a small partition is still not encrypted. This area is used to decrypt and boot the encrypted disk. This partition will be mounted at /boot and contains the kernel and initial RAM disk (initrd). Although it is possible to attack the kernel or bootloader, we still attacked the initrd.

2) Initrd refers to a temporary file system, which is called by the Linux kernel during the startup phase. The initrd is mainly used for preparatory work before the root file system is mounted. The initrd contains the smallest set of directories and executable programs needed to decrypt and mount the root file system. Once the initrd task is completed, it will execute pivot_root to unmount the initrd root file system and mount the real root file system.

3) Generally speaking, initrd is a cpio image compressed by gzip. The Debian-based operating system we tested is like this, but the RedHat-based operating systems (Fedora, RHEL, CentOS) now use dracut, which contains an uncompressed cpio image. Debian-based initrds will use ash shell scripts to execute startup, while dracut will use systemd and its associated configuration methods.

4) In order to execute our attack, we chose to use a bootkit based on LD_PRELOAD, but it can also be injected into a malicious kernel or executable file. Our main goal of using LD_PRELOAD is to inject a shared object into the first executable file in the root file system that has just been decrypted. The first executable file is usually /sbin/init, and the PID is usually 1. The easiest way to attack is to modify the init script and export this environment variable so that the environment variable is set when pivot_root is executed. Because when the file system changes, the shared objects must be copied to the new system at the right time (after decryption). Put the following two lines into the init script of initrd and insert them before switching the file system:

cp /hack.so /${rootmnt}/hack.so
export LD_PRELOAD=/hack.so

5) This is possible because the real root file system is decrypted and mounted under the temporary root file system, which precedes pivot, and the rootmnt variable is filled with the mount point location. However, before that, the target file system needs to be remounted as read-write, because it is read-only by default. In our example, we have modified the init script, modified the script to analyze the kernel command line, so no matter what the parameters provided, the root file system is mounted in read-write mode. Another method is to add mount -o remount,rw /${rootmnt} to the injected command.



don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Shell script
I'll use the following shell script to illustrate the idea.

Nothing fancy, it will display the available disk space on a specific server and partition.

#! / usr / bin / env bash
# Display available disk space on specific server and partition

# default parameters
default_bastion = ""
default_busername = ""
default_server = "localhost"
default_username = "milosz"
default_partition = "/ srv"

# nextcloud server
nextcloud_server = "nextcloud.local"
nextcloud_partition = "/ data"

# dokuwiki server
dokuwiki_bastion = "bastion.example.org"
dokuwiki_busername = "bouncer"
dokuwiki_server = "192.0.2.10"
dokuwiki_username = "dokuwiki"
dokuwiki_partition = "/ wiki"

# kolab server
kolab_bastion = "bastion.example.org"
kolab_busername = "bouncer"
kolab_server = "192.0.2.20"
kolab_username = "monitoring"
kolab_partition = "/"

# get defined servers / applications
applications = "$ ((set -o posix; set) | awk -F '=' '/ _server / {split ($ 1, array," _ "); print array [1]}' | grep -v default)"

# get defined attributes
attributes = "$ ((set -o posix; set) | awk -F '=' '/ default_ / {split ($ 1, array," _ "); print array [2]}')"

for application in $ applications; do
# define attributes for server / application
for attribute in $ attributes; do
application_attribute = "$ {application} _ $ {attribute}"
default_attribute = "default _ $ {attribute}"
if [-n "$ {! application_attribute}"]; then
eval "$ {attribute}" = "$ {! application_attribute}"
else
eval "$ {attribute}" = "$ {! default_attribute}"
fi
done

# perform an action
if [-n "$ bastion"]; then
bastion_param = "- J $ {busername} @ $ {bastion}"
else
bastion_param = ""
fi
echo -n "$ server:"
ssh $ bastion_param $ server -l $ username "bash -c 'df -h --output = avail $ partition | sed 1d'"
done


don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW FIX 80% errors of Android Studio:

1) Close Android Studio Go to C:

\Users\UserName.android and rename the folder:
• build-cache to build-cache_old

2) Go to C:\Users\UserName.AndroidStudio3.2\system and rename these folders:

• caches to caches_old
• compiler to compiler_old
• compile-server to compile-server_old
• conversion to conversion_old
• external_build_system to external_build_system_old
• frameworks to frameworks_old
• gradle to gradle_old
• resource_folder_cache to resource_folder_cache_old

3) Open the Android Studio and open your project again.

Voila!
don't copy our tutorials
(Unix forums)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Data encryption principle :


1) We will build an efficient certificateless signcryption scheme. Because the unrecognizable paradigm encryption and signature scheme is converted into a combined certificate protocol, we use an extended traditional signcryption method to use a certificateless key verification mechanism to pair and verify the associated public key with an identity-based technology.

2) The traditional cryptographic system calculates the corresponding public key according to the user's choice of private key paradigm, and submits it to the certification authority, which verifies their identity and issues a certificate to connect these identities and public keys. Dasein creating a certified infrastructure requires digital certificate management (also known as public key infrastructure, or PKI) that may prove to be cumbersome to maintain. The concept of identity-based (IB) cryptography introduced by Shamir is trying to reduce the burden of PKI. In IB encryption, the private key is not selected by the user, but issued by a trusted authority called the Key Generation Bureau (KGB) or Trusted Authority (TA) and the public key is replaced by an arbitrary string representing the user’s identity, Avoid the need for certificates completely. On the other hand, it has the disadvantage of implicitly establishing a key custodian because the KGB has the ability to recover confidential information from any user.

3) We follow a rather unique method and design a certificateless signcryption method. Instead of combining the same identity-based encryption method with the identity-based encryption method, and transform the result into a certificate-free protocol, we extend the certificate encryption method with the traditional signature scheme, but avoid using the certificate and the latter component to use identity-based Technology to verify the public verification key.

4) Certificateless public key cryptosystem is a new type of public key cryptosystem proposed on the basis of identity-based public key cryptosystem. It not only maintains the advantages of identity-based public key cryptosystems that do not require the use of public key certificates, but also better solves its inherent key escrow problem. Signcryption combines public key encryption and digital signature together. It can complete the two functions of public key encryption and digital signature at the same time in a reasonable logical step, and its calculation and communication cost are lower than the traditional "signature first" After encryption" mode.

don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑📋 How to create your own service What Is My IP :
#FastTips

1) Python, Web Hosting and PHP
For this tutorial, we are going to use Python and assume we already have our own web hosting environment.

2) This is necessary as we need our own online server that will return our external IP address.

🦑Python

1) The Python code you see below will get the page that was set as 'URL', and then it will filter out the H1 header and the end of the H1 header, just like between the header HTML, we will output the external IP address.
import requests
url = 'https://UndercodeNews.com/getip.php'
r = requests.get(url)
r.text
ip = r.text.split('<h1>')[1].split('</h1>')[0]
print(ip)

🦑Web hosting
In your web hosting environment, you will need to host a PHP file containing some code, this code will return the page as shown in the picture below.

For example, in Apache, you would need to store content in the following directory:

/var/www/html/getip.php

#FastTips
don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is a DNS leak and why it matters👨⚕️

1) When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network.

2) If any traffic flows outside of a secure connection to the network, any adversary controlling your traffic will be able to register your activity.

3) DNS or Domain Name System is used to translate domain names such as www.privacyinternational.org into numeric IP addresses, for example. 123.123.123.123, which are required to route data packets on the Internet.

4) Whenever your computer needs to contact a server on the Internet, for example when you enter a URL in your browser, your computer contacts the DNS server and asks for an IP address.

5) Most ISPs assign their customers a DNS server that they control and use to log and record your online activities.

6) Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer over the anonymity network.

7) DNS leaks pose a serious privacy threat as an anonymous network can provide a false sense of security while personal data is leaked.

8) If you are concerned about DNS leaks, you should also understand DNS transparent proxy technology to ensure that the solution you choose preserves your privacy.

don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IMPORTANT 2020 HACKING TOOLS :'

Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)

Shell Spawning (TTY Shell Spawning)

XSS Payloads

Basic SQLi payloads

Local file inclusion payloads (LFI)

Base64 Encoder / Decoder

Hash Generator (MD5, SHA1, SHA256, SHA512)

Useful Linux commands (Port Forwarding, SUID)

RSS Feed (Exploit DB and Cisco Security Advisories)

CVE Search Engine

Various method of data exfiltration and download from a remote machine

Download: https://github.com/LasCC/Hack-Tools

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST HACKING TERMS:

Delete process record.
Alternative Process Implementation.
Redirecting data using Trojans.
Redirection and Disadvantages of Tripwire.
Driver for redirection.
Hiding files and directories.
Binary code fix.
"Keyhole" in the program.
Installing patches in the Windows NT kernel to block the entire security system.
Hardware virus.
Read and write operations for non-volatile memory.
Read and write operations for memory embedded in critical devices
CIH virus.
EEPROM memory and synchronization.
EEPROM memory on Ethernet network adapters.
Serial or parallel EEPROM.
How hardware burns out.
Manufacturers.
Discovery of devices using the CFI specification.
Identifying Devices Using ID or JEDEC ID Mode.
Low-level disk access.
Read / write operations for the master boot record (MBR).
Data corruption in CD images.
Adding network access to the driver.
Using the NDIS Library.
Putting the interface in promiscuous mode.
Finding the correct network adapter.
Using boron tags to keep a hacker safe.
Adding an interactive command interpreter.
Interrupts.
Interrupt request architecture.
Intercept interrupt.
The riddle of the programmable interrupt controller.
Registration of keystrokes.
Program for registering keystrokes in Linux-system.
Keystroke logger for Windows NT / / XP.
Keyboard controller.
Enhanced Hacking Toolkits.
Using the Hacking Toolkit as a Debugger.
Disable Windows system file protection.
Direct writing of data to physical memory.
Kernel buffer overflow.
"Infection" of the kernel image.
Redirecting execution.
Cracking Toolkit Discovery.

don't copy our tutorials
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁