β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to use ASP.NET to encrypt password ?
In ASP, encrypted objects are not provided, we can only use external objects to encrypt. Well now, the encryption solution is provided in ASP.NET. In the namespace System.Web.Security contains the class FormsAuthentication, which has a method HashPasswordForStoringInConfigFile. This method can turn the characters provided by the user into garbled codes, and then store them, or even store them in cookies.
The HashPasswordForStoringInConfigFile method is very simple to use, it supports "SHA1" and "MD5" encryption algorithms.
The following code simply demonstrates its usage:
<%@ Page language="c#" %>
<%@ Import Namespace="System.Web.Security" %>
<html>
<head>
<script language="C#" runat="server">
public void encryptString(Object sender, EventArgs e)
{
SHA1.Text = FormsAuthentication.
MD5.Text =FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "MD5");
}
</script>
</head>
<body>
<form runat="server" ID="Form1">
<p>
<b>Original Clear Text Password: </b>
<br>
<asp:Textbox id="txtPassword" runat="server" />
<asp:Button runat="server" text="Encrypt String" onClick="encryptString" ID="Button1 "/>
</p>
<p>
<b>Encrypted Password In SHA1: </b>
<asp:label id="SHA1" runat="server" />
</p>
<p>
<b>Encrypted Password In MD5: </b>
<asp:label id="MD5" runat="server" />
</p>
</form>
</body>
</html>
As you can see, it is so easy to use. We can encapsulate this encryption program in a function for repeated use. The code is as follows:
public string EncryptPassword(string PasswordString,string PasswordFormat)
{
if (PasswordFormat="SHA1"){
EncryptPassword=FormsAuthortication.HashPasswordForStoringInConfigFile(PasswordString ,"SHA1");
}
elseif (PasswordFormat="MD5")
{EncryptPassword=FormsAuthortication. HashPasswordForStoringInConfigFile(PasswordString ,"MD5");
}
else
{
EncryptPassword="";
}
We can add a field to the database and use insert to store the encrypted password as a string in the database. When the user logs in, the encrypted result of the password entered by the user can be compared with the correct result in the database, and the correctness of the password can be verified by this method
@uNDERCODETesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to use ASP.NET to encrypt password ?
In ASP, encrypted objects are not provided, we can only use external objects to encrypt. Well now, the encryption solution is provided in ASP.NET. In the namespace System.Web.Security contains the class FormsAuthentication, which has a method HashPasswordForStoringInConfigFile. This method can turn the characters provided by the user into garbled codes, and then store them, or even store them in cookies.
The HashPasswordForStoringInConfigFile method is very simple to use, it supports "SHA1" and "MD5" encryption algorithms.
The following code simply demonstrates its usage:
<%@ Page language="c#" %>
<%@ Import Namespace="System.Web.Security" %>
<html>
<head>
<script language="C#" runat="server">
public void encryptString(Object sender, EventArgs e)
{
SHA1.Text = FormsAuthentication.
MD5.Text =FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassword.Text, "MD5");
}
</script>
</head>
<body>
<form runat="server" ID="Form1">
<p>
<b>Original Clear Text Password: </b>
<br>
<asp:Textbox id="txtPassword" runat="server" />
<asp:Button runat="server" text="Encrypt String" onClick="encryptString" ID="Button1 "/>
</p>
<p>
<b>Encrypted Password In SHA1: </b>
<asp:label id="SHA1" runat="server" />
</p>
<p>
<b>Encrypted Password In MD5: </b>
<asp:label id="MD5" runat="server" />
</p>
</form>
</body>
</html>
As you can see, it is so easy to use. We can encapsulate this encryption program in a function for repeated use. The code is as follows:
public string EncryptPassword(string PasswordString,string PasswordFormat)
{
if (PasswordFormat="SHA1"){
EncryptPassword=FormsAuthortication.HashPasswordForStoringInConfigFile(PasswordString ,"SHA1");
}
elseif (PasswordFormat="MD5")
{EncryptPassword=FormsAuthortication. HashPasswordForStoringInConfigFile(PasswordString ,"MD5");
}
else
{
EncryptPassword="";
}
We can add a field to the database and use insert to store the encrypted password as a string in the database. When the user logs in, the encrypted result of the password entered by the user can be compared with the correct result in the database, and the correctness of the password can be verified by this method
@uNDERCODETesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
PS5 is crispy by adopting explosive SSD, initially opposed to adopting "liquid metal"
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FREE FOR NOW, HACK & FIND :
Name of Breach
Domain Name
Date of Breach
Fabrication status
Verification Status
Retirement status
Spam Status
π¦FOR :
Kali Linux
BlackArch Linux
Kali Nethunter
Termux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Ubuntu / Kali Linux / Nethunter / Termux
1) git clone https://github.com/thewhiteh4t/pwnedOrNot.git
2) cd pwnedOrNot
3) pip3 install requests
B) BlackArch Linux
pacman -S pwnedornot
C) Docker
docker pull thewhiteh4t/pwnedornot
docker create -it --name pon thewhiteh4t/pwnedornot
docker start pon -i
MORE USAGE ON SAME GIT LINK..
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FREE FOR NOW, HACK & FIND :
Name of Breach
Domain Name
Date of Breach
Fabrication status
Verification Status
Retirement status
Spam Status
π¦FOR :
Kali Linux
BlackArch Linux
Kali Nethunter
Termux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Ubuntu / Kali Linux / Nethunter / Termux
1) git clone https://github.com/thewhiteh4t/pwnedOrNot.git
2) cd pwnedOrNot
3) pip3 install requests
B) BlackArch Linux
pacman -S pwnedornot
C) Docker
docker pull thewhiteh4t/pwnedornot
docker create -it --name pon thewhiteh4t/pwnedornot
docker start pon -i
MORE USAGE ON SAME GIT LINK..
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
π¦Free official-Code Your First Game: Arcade Classic in JavaScript on Canvas
#LimitedTime
4,5 rating
Display, position, and move filled shapes for retro and prototype gameplay
Move a ball around your game space such that it bounces off boundaries
Handle real-time mouse input
Detect and respond to simple collisions
Program very basic artificial intelligence
Keep and display score during play
Understand the subtle, key difference between a classic game in
this style which is fun to play versus one that isn't
Define and code a win condition and end state for your game
π¦https://www.udemy.com/course/code-your-first-game/
#LimitedTime
4,5 rating
Display, position, and move filled shapes for retro and prototype gameplay
Move a ball around your game space such that it bounces off boundaries
Handle real-time mouse input
Detect and respond to simple collisions
Program very basic artificial intelligence
Keep and display score during play
Understand the subtle, key difference between a classic game in
this style which is fun to play versus one that isn't
Define and code a win condition and end state for your game
π¦https://www.udemy.com/course/code-your-first-game/
Udemy
Free JavaScript Tutorial - Code Your First Game: Arcade Classic in JavaScript on Canvas
Program a complete game today. No special software or install required. All you need is a text editor and a web browser. - Free Course
Forwarded from UNDERCODE NEWS
CCB Labuan Branch statement: not a blockchain bond issuer and does not accept bitcoin transactions.
#international
#international
How to Get and Set Up a Free Windows VM for Malware Analysis.pdf
1.1 MB
PRACTICAL GUIDE
Step 1: Install Virtualization Software
Step 2: Get a Windows Virtual Machine
Step 3: Update the VM and Install Malware Analysis Tools
Step 4: Isolate the Analysis VM and Disable Windows Defender AV
Step 5: Analyze Some Malware
Step 1: Install Virtualization Software
Step 2: Get a Windows Virtual Machine
Step 3: Update the VM and Install Malware Analysis Tools
Step 4: Isolate the Analysis VM and Disable Windows Defender AV
Step 5: Analyze Some Malware
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦No conditions are required for successful exploitation of this vulnerability.
Through this vulnerability, any application software can obtain the following information:
-Hardware data, including: system version, system compilation information, memory and CPU information, battery information, IMEI, baseband version, equipment production serial number, etc.
-Current status data, including: current Basic process information, trace results of all processes, partition mount information, routing table and ARP cache table, operator, current system service status, content provider and broadcast data structure and authority management information maintained by the system, software running time
-log Data, including: system log, system event log, kernel event log, kernel message,
-software data, including: package name, version, signature certificate, usage authority, installation time, last use time
-user sensitive data , Including: connected WiFi network (MAC address, SSID, type, IP, DNS, gateway, DHCP), surrounding available WiFi network SSID/BSSID and type, etc.; Broadcast processing history (can make statistics on user behavior ), current geographic location, historical geographic location, user name of the user's current account, user name and time of the user data synchronization account, and software usage statistics.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦No conditions are required for successful exploitation of this vulnerability.
Through this vulnerability, any application software can obtain the following information:
-Hardware data, including: system version, system compilation information, memory and CPU information, battery information, IMEI, baseband version, equipment production serial number, etc.
-Current status data, including: current Basic process information, trace results of all processes, partition mount information, routing table and ARP cache table, operator, current system service status, content provider and broadcast data structure and authority management information maintained by the system, software running time
-log Data, including: system log, system event log, kernel event log, kernel message,
-software data, including: package name, version, signature certificate, usage authority, installation time, last use time
-user sensitive data , Including: connected WiFi network (MAC address, SSID, type, IP, DNS, gateway, DHCP), surrounding available WiFi network SSID/BSSID and type, etc.; Broadcast processing history (can make statistics on user behavior ), current geographic location, historical geographic location, user name of the user's current account, user name and time of the user data synchronization account, and software usage statistics.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Russian IT companies are outraged by the upcoming cannibalistic law against Google and Apple.
#international
#international
Forwarded from UNDERCODE NEWS
Unique security software that major PC companies are focusing on, the rival horse is that company.
#CyberAttacks
#CyberAttacks
π¦A REAL IP SPOOFING :
Network Scanner detects SIP components, manufacturer and version information.
SIP Enumerator identifies valid SIP users and authentications information.
You can capture SIP traffic using SIP Sniffer which also supports MiTM attack.
Eavesdropper allows you listen the SIP traffic and collect the call-specific information and it supports MiTM attack too.
SIP-VSCAN detects and reports known vulnerabilities and exploits.
You can performs TDoS-based attacks, ush DoS Attack Simulator which has a powerful IP spoofer.
We have seperated MiTM Attacker which allows to act as a proxy in the network.
Attack Scenario Player allows to perform stateful SIP scenarios, and it has pre-defined attack scenarios, you can also add more.
By using SIP Password Cracker you can performs real-time digest authentication cracking by intervening which also support MiTM attack too.
Signaling Manipulator allows generating custom SIP messages helping to perform caller-id spoofing a
Β»> DOWNLOAD: https://github.com/meliht/Mr.SIP
β β β Uππ»βΊπ«Δπ¬πβ β β β
Network Scanner detects SIP components, manufacturer and version information.
SIP Enumerator identifies valid SIP users and authentications information.
You can capture SIP traffic using SIP Sniffer which also supports MiTM attack.
Eavesdropper allows you listen the SIP traffic and collect the call-specific information and it supports MiTM attack too.
SIP-VSCAN detects and reports known vulnerabilities and exploits.
You can performs TDoS-based attacks, ush DoS Attack Simulator which has a powerful IP spoofer.
We have seperated MiTM Attacker which allows to act as a proxy in the network.
Attack Scenario Player allows to perform stateful SIP scenarios, and it has pre-defined attack scenarios, you can also add more.
By using SIP Password Cracker you can performs real-time digest authentication cracking by intervening which also support MiTM attack too.
Signaling Manipulator allows generating custom SIP messages helping to perform caller-id spoofing a
Β»> DOWNLOAD: https://github.com/meliht/Mr.SIP
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - meliht/Mr.SIP: SIP Security Assessment Framework for VoIP Pentesters. Presented at DEFCON, BlackHat & Offzone.
SIP Security Assessment Framework for VoIP Pentesters. Presented at DEFCON, BlackHat & Offzone. - GitHub - meliht/Mr.SIP: SIP Security Assessment Framework for VoIP Pentesters. Presented a...
Forwarded from UNDERCODE NEWS
Radar COVID Vulnerability could allow attackers to fake identities of peoples in application.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
Apple product plan transparent from M1-equipped Mac Work from home and attack the game market.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to remove password from PDF file on Linux ?
Using Pdftk
Pdftk is another great software for processing PDF documents.
it's pre-installed tool
Pdftk can do almost all kinds of pdf operations, for example;
F E A T U R E S
Encrypt and decrypt PDF files.
Combine PDF documents.
Sorting PDF pages Scanning.
Split PDF pages.
Rotate PDF files or pages.
Fill out PDF forms with X / FDF data and / or smoothing forms.
Generate stencils of FDF data from PDF forms.
Apply a background watermark or foreground print.
Check the metadata, bookmarks and PDF metadata.
Add / update PDF bookmarks or metadata.
Attach files to PDF pages or PDF document.
Unzip PDF attachments.
Expand the PDF file into separate pages.
Compressing and unpacking page streams.
Repair the damaged PDF file.
Pddftk is available in the AUR, so you can install it using any AUR helper programs on Arch Linux.
# pacaur -S pdftk
Using Packer:
# packer -S pdftk
Using Trizen:
# trizen -S pdftk
Using Yay:
# yay -S pdftk
Using Yaourt:
# yaourt -S pdftk
On Debian, Ubuntu, Linux Mint, run:
# sudo apt-get instal pdftk
On CentOS, Fedora, Red Hat:
First, install the EPEL repository:
?
# sudo yum install epel-release
Or
#sudo dnf install epel-release
Then install the PDFtk app using the command:
?
# sudo yum install pdftk
Or
#sudo dnf install pdftk
After installing pdftk, you can remove the password from the pdf document with the command:
# pdftk secure.pdf input_pw 123456 output output.pdf
Replace "123456" with the correct password.
This command decrypts the "secure.pdf" file and creates an equivalent non-password protected file named "output.pdf".
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to remove password from PDF file on Linux ?
Using Pdftk
Pdftk is another great software for processing PDF documents.
it's pre-installed tool
Pdftk can do almost all kinds of pdf operations, for example;
F E A T U R E S
Encrypt and decrypt PDF files.
Combine PDF documents.
Sorting PDF pages Scanning.
Split PDF pages.
Rotate PDF files or pages.
Fill out PDF forms with X / FDF data and / or smoothing forms.
Generate stencils of FDF data from PDF forms.
Apply a background watermark or foreground print.
Check the metadata, bookmarks and PDF metadata.
Add / update PDF bookmarks or metadata.
Attach files to PDF pages or PDF document.
Unzip PDF attachments.
Expand the PDF file into separate pages.
Compressing and unpacking page streams.
Repair the damaged PDF file.
Pddftk is available in the AUR, so you can install it using any AUR helper programs on Arch Linux.
# pacaur -S pdftk
Using Packer:
# packer -S pdftk
Using Trizen:
# trizen -S pdftk
Using Yay:
# yay -S pdftk
Using Yaourt:
# yaourt -S pdftk
On Debian, Ubuntu, Linux Mint, run:
# sudo apt-get instal pdftk
On CentOS, Fedora, Red Hat:
First, install the EPEL repository:
?
# sudo yum install epel-release
Or
#sudo dnf install epel-release
Then install the PDFtk app using the command:
?
# sudo yum install pdftk
Or
#sudo dnf install pdftk
After installing pdftk, you can remove the password from the pdf document with the command:
# pdftk secure.pdf input_pw 123456 output output.pdf
Replace "123456" with the correct password.
This command decrypts the "secure.pdf" file and creates an equivalent non-password protected file named "output.pdf".
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β