▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Hacking A Sponge minecraft server plugin for second factor authentication:

1) SpongeCommon introduced a bug for not capturing the inventory changes on crafting with number press usage. This allows inventory item duplication in combination with FlexibleLogin if the user is not logged in. Sponge fixed in the mentioned above build and commit. So you should update your server version. If that's not possible, FlexibleLogin 0.18.1 includes a workaround. Alternative you could remove the inventory until the player logs in.

2) FlexibleLogin had an incorrect permission check for using the change password command. This allowed unauthorized players to use the command. There is no known usage that this was actively used.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) download:
https://github.com/games647/FlexibleLogin/releases

2) https://www.youtube.com/watch?v=wpYc0hfbL24

3) User Commands
User commands:
/reg /register <password> <password> - Registers using a specific password
/register - Generates your secret code for TOTP
/changepw /cp /changepassword <password> <password> - Changes your current password
/log /l /login <password|code> - Login using your password or time based code
/logout - Logs you out
/mail /setemail - Sets your mail address
/forgot /forgotpassword - Sends a recovery mail to the mail address
/unregister <uuid|name> - delete an account

Admin commands: (you can use /flexiblelogin as an alias)
/fl <reload|rl> - reloads the config
/fl forcelogin <name> - Force login the user
/fl <accounts|acc> <name|ip> - Get list of user accounts
/fl <unregister|unreg> <name|uuid|--all> - Deletes the account of a user or all using the -a flag
/fl <register|reg> <name|uuid> <pass> - Register the user with a specific password
/fl <resetpw|resetpassword> <name> - Sets a new temp password for a new user

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Dark Web pharmacists already sell Pfizer and Bio & Tech’s corona vaccine.
#Leaks

Mitsubishi Electric advances vehicle control technology, also on general highways, for autonomous level 3 driving
#Technologies

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows security trips :

1) Safe Wi-Fi in your home. This may seem like an easy task to some, but insecure or simple passwords in your home are a major problem that you can face day in and day out. The defaults are a bad idea in any advanced community. So make sure you change the default settings or ask your local professional to help you with this. When this is done, make sure the invited expert does not know your WPA2 password, so cover your keyboard while you set it. Remember that you are only responsible for providing the password to those you choose to trust.

2) Consider a VPN. Once you implement a virtual private network (VPN), your work from home is likely to be much safer. Identity thieves and hackers are more likely to extract your identity from outgoing traffic, so filtering is a good idea. Do not connect your devices to a VPN, as this makes your settings vulnerable and easier to hack.

3) Keep your devices locked. Data is largely stolen and re-hashed via insecure devices that are used without any passwords or security software. Any security, such as passwords, fingerprints, templates, or graphical passes, reduces the risk of data disclosure. However, be careful with facial recognition software as you can likely run into problems in financial operating systems when your face is imprinted on the system. Remember, your devices know what you look like, so use fingerprints.

4) Protect your smart TVs and smartphones with additional software. They are the most insecure and can reveal your personal information. This approach is absolutely unacceptable. However, you cannot let others spy on you through their devices. Look out for sophisticated antivirus software that allows you to use browser extensions, smartphone apps, and security gateways for your IoT environment.

5) Enhance your knowledge. Explore as many options as you can of how the Internet of Things is attacked daily by hackers and identity thieves. Improve your information security competencies. Be aware of internet security and remember that your interconnected gadgets are your weakness. As machine learning (ML) and artificial intelligence (AI) become more advanced, consider them as your key weapons against cyber attacks.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Exposure to the production by Samsung of a 600 million pixel sensor lens area covering 12% of the back of the phone.
#Technologies

December's Fastest DNS: Here are the ones to have right away.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑list 3 ransomware real decrytors :

https://www.nomoreransom.org/en/decryption-tools.html

https://www.softpedia.com/get/Antivirus/Removal-Tools/Trend-Micro-Ransomware-File-Decryptor.shtml

https://noransom.kaspersky.com/

https://www.avast.com/en-us/ransomware-decryption-tools

https://www.emsisoft.com/ransomware-decryption-tools/free-download

https://www.mcafee.com/enterprise/en-us/downloads/free-tools/ransomware-decryption.html

https://www.quickheal.com/free-ransomware-decryption-tool/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

WhatsApp: escape users for a particular cause, the latest option is here.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Network hacking exercice:
This is a short introduction on methods that use neural networks in an offensive manner (bug hunting, shellcode obfuscation, etc.) and how to exploit neural networks found in the wild (information extraction, malware injection, backdooring, etc.).

0 - Last Layer Attack
1 - Backdooring
2 - Extracting Information
3 - Brute Forcing
4 - Neural Overflow
5 - Malware Injection
6 - Neural Obfuscation
7 - Bug Hunting
8 - GPU Attack

Download:
https://github.com/Kayzaks/HackingNeuralNetworks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

This is what causes the most issues with radiation and 2020 and oldest smartphones.
#Bugs #Analytiques

Exposure that 2020 Apple TV will be launched on December 8, equipped with A12Z chip.
#Leaks #Technologies

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

A POC Windows crypto-ransomware (Academic)

Run in Background (or not)
Encrypt files using AES-256-CTR(Counter Mode) with random IV for each file.
Multithreaded.
RSA-4096 to secure the client/server communication.
Includes an Unlocker.
Optional TOR Proxy support.
Use an AES CTR Cypher with stream encryption to avoid load an entire file into memory.
Walk all drives by default.
Docker image for compilation.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone github.com/mauri870/ransomware

2) cd ransomware
If you have Docker skip to the next section.

3) You need Go at least 1.11.2 with the $GOPATH/bin in your $PATH and $GOROOT pointing to your Go installation folder. For me:

export GOPATH=~/gopath
export PATH=$PATH:$GOPATH/bin
export GOROOT=/usr/local/go

4) Build the project require a lot of steps, like the RSA key generation, build three binaries, embed manifest files, so, let's leave make do your job:

make deps
make

5) You can build the server for windows with make -e GOOS=windows.

Docker

6) ./build-docker.sh make

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Vodafone: what promotions await us for the Christmas month?
#Updates

Internet Via Satellite: goodbye to 3G, 4G and 5G connections.
#Technologies

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Catch bad SQL queries :
#Hacking

1) download https://github.com/burrito-brothers/shiba

2) Install in a Rails / ActiveRecord project using bundler. Note: this gem is not designed to be run on production. It should be required after minitest/rspec.

# Gemfile

3) gem 'shiba', :group => :test, :require => 'shiba/setup'
If your application lazy loads gems, you will to manually require it.

# config/environments/test.rb or test/test_helper.rb
require 'shiba/setup

4) To get started, try out shiba locally. To verify shiba is actually running, you can run your tests with SHIBA_DEBUG=true.

# Install
bundle

# Run some tests using to generate a SQL report
5) rake test:functional
rails test test/controllers/users_controller_test.rb
SHIBA_DEBUG=true ruby test/controllers/users_controller_test.rb

# 1 problematic query detected
# Report available at /tmp/shiba-explain.log-1550099512

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁