🦑PHP Ransomware 2020:
Ransomware will self-destruct upon running, which means you only have one chance at decrypting your data.

Keep also in mind that each decryption file has a uniquely generated salt used in encryption and as such cannot be replaced with another decryption file.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) download the code https://github.com/ivan-sincek/php-ransomware

2) cd php-ransomware

3) Requires PHP v5.5.0 or greater because openssl_pbkdf2() is being used.

4) Copy \src\encrypt.php to your server's web root directory (e.g. to \xampp\htdocs\ on XAMPP).

Navigate to the encryption file with your preferred web browser.

5) Decryption file will be created automaticly after the encryption phase.

P.S. On web servers other than XAMPP (Apache) you might need to load OpenSSL and Multibyte String libraries within PHP.

6) In XAMPP it is as simple as uncommenting the following in the "php.ini" file:

> extension=php_openssl.dll

> extension=mbstring
✅git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

TODAY TOPICS :

EC-Council - Computer Hacking Forensic Investigator (CHFIv9)
https://t.me/UnderCodeTesting/11684

How JavaScript email attachments may carry malicious code ?
https://t.me/UnderCodeTesting/11685

Some good fresh sock5
https://t.me/UnderCodeTesting/11686

Vulnserver 5 tutorials + pictures (pdf)
https://t.me/UnderCodeTesting/11688

Linux privilege escalation auditing tool
https://t.me/UnderCodeTesting/11695

cdaengine0400.dll manual deletion method
https://t.me/UnderCodeTesting/11696

SUB DOMAINS FINDER TOOLS KALI
https://t.me/UnderCodeTesting/11697

May you interested in those links
(collection hack)
https://t.me/UnderCodeTesting/11698

How to solve the problem that there is a black border around the Windows 10 monitor that cannot be displayed in full screen?
https://t.me/UnderCodeTesting/11699

6 days Lab vulnhub tutorial
https://t.me/UnderCodeTesting/11700

What is HMAC (Hach-based Message Authentication Code) ?
https://t.me/UnderCodeTesting/11701

How to create an HMAC using OpenSSL tip
https://t.me/UnderCodeTesting/11702

Which Programming language is the fastest in 2020, compared to 27 languages
https://t.me/UnderCodeTesting/11703

PHP Ransomware 2020
https://t.me/UnderCodeTesting/11704

ENJOY FRIENDS❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Web hack and more2020 topic

> OpenWAF is the first fully open source Web application protection system (WAF), based on nginx_lua API analysis of HTTP request information. OpenWAF is composed of two functional engines: behavior analysis engine and rule engine. The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information.
  
> Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/titansec/OpenWAF#bugs-and-patches.git

2) cd /opt

3) apt-get install gcc wget git swig make perl build-essential zlib1g-dev libgeoip-dev libncurses5-dev libreadline-dev -y

4) wget http://www.over-yonder.net/~fullermd/projects/libcidr/libcidr-1.2.3.tar.xz

5) wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz

6) wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz

7) wget https://openresty.org/download/openresty-1.15.8.2.tar.gz

8) tar -xvf libcidr-1.2.3.tar.xz

9) tar -zxvf pcre-8.43.tar.gz

10) tar -zxvf openssl-1.1.1d.tar.gz

11) tar -zxvf openresty-1.15.8.2.tar.gz

12) rm -rf pcre-8.43.tar.gz \

13) openssl-1.1.1d.tar.gz \

14) openresty-1.15.8.2.tar.gz

15) cd /opt/libcidr-1.2.3

16) make && make install

🦑Tested on:

debian/ubuntu

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A simple way for others to prompt for an empty number when they call your phone :

1) When you don’t want to be annoyed by others and are embarrassed to turn off the phone, it’s a good idea to let someone call your phone to prompt an empty number. Here is a way to make your mobile phone become an empty number at any time. It is very simple~~ Friends in need can make a note...
　　
2) Enter **21*999999# in the standby mode and press the dial button~ OK ! ~ done
　　
3) in this state, someone hit you over the phone number is empty and you will not receive phone
　　preliminary judging most phones can
　　
> Note: Since there is no test for all models, we can not guarantee success rate
　　
4) in this state, even if to remind shutdown Power also will not cancel
　　
5) the code number to cancel the empty state is the same as above ## 21 # enter the
　　
6) last remind remember to finish off state so as not to cause delay in releasing the empty No.
　　
7) this principle probably use call forwarding to achieve, but do not answer incoming calls There is no charge if you pass, so this method will not waste your phone bill...

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑This really a good debugger for windows 64/32
#reverse

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Download a snapshot from GitHub, SourceForge or OSDN
> https://github.com/x64dbg/x64dbg

2) extract it in a location your user has write access to.

3) Optionally use x96dbg.exe to register a shell extension and add shortcuts to your desktop.

4) You can now run x32\x32dbg.exe if you want to debug a 32-bit executable or x64\x64dbg.exe to debug a 64-bit executable! If

5) you are unsure you can always run x96dbg.exe and chose your architecture there if win 64/or win 32 .

6) You can also compile x64dbg yourself with a few easy steps!


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Does your phone have ROOT? Mobile phone vulnerabilities after ROOT cannot be prevented :

1) Maybe your phone ROOT is just to install a game and install a tool. To us ordinary people, ROOT represents convenience and freedom. In fact, what you don't know is that it also brings convenience and freedom for hackers to violate your privacy. See how the mobile phone after ROOT opens the door for loopholes.

2) Even when all the information is disclosed, Android Root application developers still have an unknown side.

🦑ROOT also opens the door for vulnerability exploitation

The latest research found that by promoting powerful root applications, the few app distributors are putting millions of Android users in a very dangerous situation. Root programs can easily be reverse engineered, allowing malware to use exploit tools to bypass important security checks on Android.

1) On Thursday, researchers from the University of California, Riverside, published a report entitled " Android Root and its suppliers: a double-edged sword " at the ACM Computer and Communication Security Conference . They spent a month of free time reverse engineering A Root tool contains 167 vulnerabilities. In the end, the researchers concluded that by providing a large variety of highly customized vulnerabilities, root vendors can easily lead to reverse engineering and are difficult to detect, which raises the security risk for all Android users.

2) ROOT: a double-edged sword

Researchers from the University of California, Riverside put forward in the paper:

"We found that they are not only working hard to integrate and integrate known exploits, but also to develop new exploits in order to remain competitive. However, these exquisite exploits are not well protected. Once they fall into the wrong hands, they will Cause extremely dangerous effects."

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🌐 How to block .git in Apache, Nginx and Cloudflare?

A) Nginx
If you are using Nginx you can add the following location directive in nginx.conf file

location ~ /\.git {
deny all;
}

Alternatively, you can return a 404 error if you don't want an attacker to assume that you have .git on your server.
location ~ /\.git {
return 404;
}
In this case, the server will return an HTTP 404 status code.
Whatever you choose, remember to restart Nginx after changing the configuration.

> service nginx restart

B) Apache HTTP
Let's see how to block access to .git on Apache web server.

You can use RedirectMatch or DirectoryMatch for this.

Using RedirectMatch is probably the easiest.

You just need to add the following to your httpd.conf or .htaccess file.

RedirectMatch 404 /\.git
The above setting will give 404 when someone accesses .git and the following will show 403.

RedirectMatch 403 /\.git
Then let's try using the DirectoryMatch rule by adding the following to the httpd.conf file.
<DirectoryMatch "^/.*/\.git/">
Deny from all
</Directorymatch>
Restart Apache and try to access the url including .git; it will show the server a 403 Forbidden error.

C) Cloudflare
But as you can guess, this will only work if your site is running over the Cloudflare network.

Sign in to Cloudflare
Go to Firewall >> Firewall Rules >> Create a Firewall rule tab.
Name the rule - GIT
Select field –- URI
Operator - contains
Value - .git
Choose an action - Block and save
It will take approximately 1 minute to propagate the rule to all Cloudflare datacenters.
After that, Cloudflare will do the rest.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

AWESOME FREE API FOR TRACKING (Topic 2020)

https://github.com/ActivityWatch/activitywatch

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Anonymously Hiding Tools

- Anonmously Surf

- Multitor

🦑Information gathering tools

- Network Map (nmap)

- Dracnmap

- Port scanning

- Host to IP

- Xerosploit

- RED HAWK (All In One Scanning)

- ReconSpider(For All Scaning)

- IsItDown (Check Website Down/Up)

- Infoga - Email OSINT

- ReconDog

- Striker

- SecretFinder (like API & etc)

- Find Info Using Shodan

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

if you are looking for good & helpful tools you should try the those tools coded by The great NSA :

https://github.com/nationalsecurityagency

DETAILED PROXIES LIST

https://pastebin.com/1Zxmetki

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑50+ encryptions/encodings Topic 2020 tool for any linux/windows

F E A T U R E S :

50+ encryptions/encodings supported such as binary, Morse code and Base64. Classical ciphers like the Caesar cipher, Affine cipher and the Vigenere cipher. Along with modern encryption like repeating-key XOR and more. For the full list, click here

Custom Built Artificial Intelligence with Augmented Search (AuSearch) for answering the question "what encryption was used?" Resulting in decryptions taking less than 3 seconds.

Custom built natural language processing module Ciphey can determine whether something is plaintext or not. Whether that plaintext is JSON, a CTF flag, or English, Ciphey can get it in a couple of milliseconds.

Multi Language Support at present, only German & English (with AU, UK, CAN, USA variants).

Supports encryptions and hashes Which the alternatives such as CyberChef Magic do not.
C++ core Blazingly fast.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/Ciphey/Ciphey.git

2) cd Ciphey

3) python3 -m pip install ciphey --upgrade

4) File Input ciphey -f encrypted.txt

5) Unqualified input ciphey -- "Encrypted input"

6) Normal way ciphey -t "Encrypted input"

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Currently CoreDNS is able to:

Serve zone data from a file; both DNSSEC (NSEC only) and DNS are supported (file and auto).

Retrieve zone data from primaries, i.e., act as a secondary server (AXFR only) (secondary).

Sign zone data on-the-fly (dnssec).

Load balancing of responses (loadbalance).

Allow for zone transfers, i.e., act as a primary server (file +
transfer).

Automatically load zone files from disk (auto).

Caching of DNS responses (cache).

Use etcd as a backend (replacing SkyDNS) (etcd).

Use k8s (kubernetes) as a backend (kubernetes).

Serve as a proxy to forward queries to some other (recursive)
nameserver (forward).

Provide metrics (by using Prometheus) (prometheus).

Provide query (log) and error (errors) logging.

Integrate with cloud providers (route53).

Support the CH class: version.bind and friends (chaos).

Support the RFC 5001 DNS name server identifier (NSID) option
(nsid).

Profiling support (pprof).

Rewrite queries (qtype, qclass and qname) (rewrite and
template).

Block ANY queries (any).

Provide DNS64 IPv6 Translation (dns64).

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) $ git clone https://github.com/coredns/coredns

2) $ cd coredns

3) $ make

CoreDNS

requires Go to compile. However, if you already have docker installed and prefer not to setup a Go environment, you could build CoreDNS easily:

$ docker run --rm -i -t -v $PWD:/v -w /v golang:1.14 make
The above command alone will have coredns binary generated.

🦑Examples
When starting CoreDNS without any configuration, it loads the whoami and log plugins and starts listening on port 53 (override with -dns.port), it should show the following:

.:53
CoreDNS-1.6.6
linux/amd64, go1.13.5, aa8c32
The following could be used to query the CoreDNS server that is running now:

dig @127.0.0.1 -p 53 www.example.com

✅git 2020
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Encryption algorithm :
YOU SHOULD KNOW FOR ANY PROJECT— :

1) This project builds an efficient certificateless encryption scheme. Compared with the general example, it transforms the identity-based encryption and signature scheme into a combined certificateless protocol, and uses a certificateless encryption verification mechanism to extend the traditional signature encryption method. Based on the technology of identity authentication, pairing is used to verify the related public key. As long as the amortized cost of this verification is low, the result will be as efficient as basic encryption.

2) It not only maintains the advantages of identity-based public key cryptosystems that do not require the use of public key certificates, but also better solves its inherent key escrow problem. Signcryption combines public key encryption and digital signatures At the same time, the two functions of public key encryption and digital signature can be completed in a reasonable logical step, and the calculation amount and communication cost are lower than the traditional "sign before encryption" mode.

3) Use certificateless signature encryption algorithm based on bilinear pairing to use in wireless sensor network. Construct an efficient certificateless encryption scheme. Compared with the general paradigm, the identity-based encryption and signature scheme is transformed into a combined certificateless protocol, and the certificateless encryption verification mechanism is used to extend the traditional signature encryption method. According to the basic identity-based authentication Technology, pairing is used to verify the related public key. As long as the amortized cost of this verification is low, the result will be as efficient as basic encryption.

4) The PBC encryption algorithm is implanted in wireless sensors with limited memory and processing speed (wireless sensors use 51 cores). The ROM is only 4K and has to deal with the sensor's own information transmission, sensor signal detection and peripherals The state of the device is supervised, so it is extremely challenging to use in wireless sensor networks.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁