Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
US Judge: The Department of Justice. The antitrust case against Google can begin in September 2023
#International
#International
Forwarded from UNDERCODE NEWS
The United States introduces new regulatory standards for digital currencies, Bitcoin diving overnight
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack & secure windows ports :
A) Use the built-in function of the system to close the port
Closing the system port is not an advanced technology. Windows itself has a built-in port management function, but we rarely use it. This function is called "TCP/IP filtering".
1) Enter "Control Panel" β "Network Connections". We can find a "local connection" in it, right-click on the "local connection", select "properties", and then the properties window will appear.
2) In the center of the window, there is an option of "This connection uses the following selected components", in which you can find "Internet Protocol (TCP/IP)", select it and click the right mouse button again, and click "in the new properties window that appears Advanced" button to enter advanced TCP/IP settings. Switch to the "Options" tab, you can find our protagonist "TCP/IP Filtering" in the "Optional Settings". Double-click "TCP/IP Filtering" to set it.
B) Use "TCP/IP Filtering"
3) Let's set the TCP port first. Select the "Allow only" option in the TCP port settings, the "Add" button below will be activated, and we can start adding ports after clicking. Here we only need to add the commonly used ports according to our own situation. For example, we need to add port 80 when we need to browse the web, and add port 110 when receiving mail with mail clients such as Foxmail. As for the ports that need to be closed, just don't add them. Similarly, the UDP port settings are similar. Finally, don't forget to check "Enable TCP/IP filtering (all adapters)" to make the settings take effect.Set the port to be closed
4) Use a network firewall
Closing ports is a function that common network firewalls have. Using a network firewall is also the easiest and fastest way to close the port. Take "Skynet Firewall" as an example, click its "IP Rule Management" and select "Add Rule". The "name" and "description" of the rule can be filled in at will. Select "Receive" in the "Packet Direction" drop-down box, select "Any Address" in the "Other IP Address", select "TCP" for "Packet Protocol Type", fill in 139-139 in the "Local Port" field, and finally Select "Intercept when the above conditions are met". This will prevent others from connecting to port 139 of the machine. If you want to prevent the machine from connecting to the outside, for example, to prevent some rebound connection type Trojans, then just drop down the "Packet Direction" Select "Send" in the box, and select "Other Port" in the port filling field.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack & secure windows ports :
A) Use the built-in function of the system to close the port
Closing the system port is not an advanced technology. Windows itself has a built-in port management function, but we rarely use it. This function is called "TCP/IP filtering".
1) Enter "Control Panel" β "Network Connections". We can find a "local connection" in it, right-click on the "local connection", select "properties", and then the properties window will appear.
2) In the center of the window, there is an option of "This connection uses the following selected components", in which you can find "Internet Protocol (TCP/IP)", select it and click the right mouse button again, and click "in the new properties window that appears Advanced" button to enter advanced TCP/IP settings. Switch to the "Options" tab, you can find our protagonist "TCP/IP Filtering" in the "Optional Settings". Double-click "TCP/IP Filtering" to set it.
B) Use "TCP/IP Filtering"
3) Let's set the TCP port first. Select the "Allow only" option in the TCP port settings, the "Add" button below will be activated, and we can start adding ports after clicking. Here we only need to add the commonly used ports according to our own situation. For example, we need to add port 80 when we need to browse the web, and add port 110 when receiving mail with mail clients such as Foxmail. As for the ports that need to be closed, just don't add them. Similarly, the UDP port settings are similar. Finally, don't forget to check "Enable TCP/IP filtering (all adapters)" to make the settings take effect.Set the port to be closed
4) Use a network firewall
Closing ports is a function that common network firewalls have. Using a network firewall is also the easiest and fastest way to close the port. Take "Skynet Firewall" as an example, click its "IP Rule Management" and select "Add Rule". The "name" and "description" of the rule can be filled in at will. Select "Receive" in the "Packet Direction" drop-down box, select "Any Address" in the "Other IP Address", select "TCP" for "Packet Protocol Type", fill in 139-139 in the "Local Port" field, and finally Select "Intercept when the above conditions are met". This will prevent others from connecting to port 139 of the machine. If you want to prevent the machine from connecting to the outside, for example, to prevent some rebound connection type Trojans, then just drop down the "Packet Direction" Select "Send" in the box, and select "Other Port" in the port filling field.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The hacker, who accessed Trumpβs Twitter account on his 5th attempt, shared the remarkable password.
#CyberAttacks
#CyberAttacks
Forwarded from UNDERCODE NEWS
Biella, a hacker attack at the schoolβs online Open Day with porn videos and Nazi anthems
#CyberAttacks
#CyberAttacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Hacking A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
F E A T U R E S :
Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers
ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel.
UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization).
Simulated TCP with Real-time/Out-of-Order Delivery
In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: MSS, sackOk, TS, TS_ack, wscale. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/wangyu-/udp2raw-tunnel.git
2) cd udp2raw-tunnel
3) # Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -k "passwd" --raw-mode faketcp -a
4) Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -k "passwd" --raw-mode faketcp -a
run as client : ./this_program -c -l local_listen_ip:local_port -r server_address:server_port [options]
run as server : ./this_program -s -l server_listen_ip:server_port -r remote_address:remote_port [options]
common options,these options must be same on both side:
--raw-mode <string> avaliable values:faketcp(default),udp,icmp
-k,--key <string> password to gen symetric key,default:"secret key"
--cipher-mode <string> avaliable values:aes128cbc(default),xor,none
--auth-mode <string> avaliable values:hmac_sha1,md5(default),crc32,simple,none
-a,--auto-rule auto add (and delete) iptables rule
-g,--gen-rule generate iptables rule then exit,so that you can copy and
add it manually.overrides -a
--disable-anti-replay disable anti-replay,not suggested
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Hacking A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
F E A T U R E S :
Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers
ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel.
UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encryption, anti-replay, or connection stalization).
Simulated TCP with Real-time/Out-of-Order Delivery
In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates a few TCP options such as: MSS, sackOk, TS, TS_ack, wscale. Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/wangyu-/udp2raw-tunnel.git
2) cd udp2raw-tunnel
3) # Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -k "passwd" --raw-mode faketcp -a
4) Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -k "passwd" --raw-mode faketcp -a
run as client : ./this_program -c -l local_listen_ip:local_port -r server_address:server_port [options]
run as server : ./this_program -s -l server_listen_ip:server_port -r remote_address:remote_port [options]
common options,these options must be same on both side:
--raw-mode <string> avaliable values:faketcp(default),udp,icmp
-k,--key <string> password to gen symetric key,default:"secret key"
--cipher-mode <string> avaliable values:aes128cbc(default),xor,none
--auth-mode <string> avaliable values:hmac_sha1,md5(default),crc32,simple,none
-a,--auto-rule auto add (and delete) iptables rule
-g,--gen-rule generate iptables rule then exit,so that you can copy and
add it manually.overrides -a
--disable-anti-replay disable anti-replay,not suggested
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - wangyu-/udp2raw: A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps youβ¦
A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment) - wangyu-/udp2raw
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
WANT TO HACK A LINUX USER ?
1) Quick download:
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
HOW ?
1) Generate initial exploits list based on kernel version
2) Discard exploits that are not applicable based on βadditional checksβ
3) Calculate internal metric (βRankβ) for each candidate exploit and order the list based on the calculation
4) Check for βTagsβ hits for every exploit
π¦Discarding exploits that are not applicable
example:
1) Reqs: pkg=linux-kernel,ver>=3.2,ver<=4.10.6,CONFIG_USER_NS=y, \
sysctl:kernel.unprivileged_userns_clone==1
Requirements set from above states that the kernel version needs to be > 3.2 and <= 4.10.6 but also kernel needs to have usernamespace fucntionality compiled in (CONFIG_USER_NS=y) and enabled (sysctl:kernel.unprivileged_userns_clone==1).
2) For less typical checking, also the ability to run arbitrary Bash command(s) was provided to see if the exploit is applicables for given system, for example:
Reqs: pkg=linux-kernel,ver>=4.4.0,ver<=4.4.0,cmd:grep -qi ip_tables /proc/modules
3) In above scenario command grep -qi ip_tables /proc/modules is run to verify if ip_tables module is loaded (as this is required for the exploit to work) and exploit is meant applicable for the given system only if this command will return TRUE.
β β β Uππ»βΊπ«Δπ¬πβ β β β
WANT TO HACK A LINUX USER ?
1) Quick download:
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
HOW ?
1) Generate initial exploits list based on kernel version
2) Discard exploits that are not applicable based on βadditional checksβ
3) Calculate internal metric (βRankβ) for each candidate exploit and order the list based on the calculation
4) Check for βTagsβ hits for every exploit
π¦Discarding exploits that are not applicable
example:
1) Reqs: pkg=linux-kernel,ver>=3.2,ver<=4.10.6,CONFIG_USER_NS=y, \
sysctl:kernel.unprivileged_userns_clone==1
Requirements set from above states that the kernel version needs to be > 3.2 and <= 4.10.6 but also kernel needs to have usernamespace fucntionality compiled in (CONFIG_USER_NS=y) and enabled (sysctl:kernel.unprivileged_userns_clone==1).
2) For less typical checking, also the ability to run arbitrary Bash command(s) was provided to see if the exploit is applicables for given system, for example:
Reqs: pkg=linux-kernel,ver>=4.4.0,ver<=4.4.0,cmd:grep -qi ip_tables /proc/modules
3) In above scenario command grep -qi ip_tables /proc/modules is run to verify if ip_tables module is loaded (as this is required for the exploit to work) and exploit is meant applicable for the given system only if this command will return TRUE.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
understand that a TCP socket in the "LISTENING" state has two independent queues:
SYN Queue
1) Accept Queue
These two terms are sometimes called "reqsk_queue", "ACK backlog", "listen backlog", or even "TCP backlog", but in this article we use the above two terms to avoid confusion.
2) SYN queue
The SYN queue stores the connection that received the SYN packet (corresponding to the structure of the kernel code: struct inet_request_sock ). Its responsibility is to reply to the SYN+ACK packet, and retransmit it when the ACK packet is not received, until it times out. Under Linux, the number of retransmissions is:
$ sysctl net.ipv4.tcp_synack_retries
net.ipv4.tcp_synack_retries = 5
3) The description of tcp_synack_retries in the document is as follows:
tcp_synack_retries-int integer
For a passive TCP connection, the number of retransmissions of SYNACKs. The value cannot exceed 255.
The default value is 5. If the initial RTO is 1 second, the corresponding last retransmission is 31 seconds.
The corresponding last timeout was 63 seconds later.
4) After sending SYN+ACK, the SYN queue waits for the ACK packet sent from the client (that is, the last packet of the three-way handshake). When receiving an ACK packet, first find the corresponding SYN queue, and then check the related data in the corresponding SYN queue to see if it matches. If it matches, the kernel removes the connection-related data from the SYN queue to create a complete Connect (corresponding to the structure of the kernel code: struct inet_sock ), and add this connection to the Accept queue.
5) Accept queue
Stored in the Accept queue is the established connection, that is, the connection waiting to be taken away by the upper-level application. When the process calls accept(), the socket is taken out of the queue and passed to the upper application.
This is a simple description of how Linux handles SYN packets. By the way, when TCP_DEFER_ACCEPT and TCP_FASTOPEN are turned on for the socket, there will be slight differences in the way of working
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
understand that a TCP socket in the "LISTENING" state has two independent queues:
SYN Queue
1) Accept Queue
These two terms are sometimes called "reqsk_queue", "ACK backlog", "listen backlog", or even "TCP backlog", but in this article we use the above two terms to avoid confusion.
2) SYN queue
The SYN queue stores the connection that received the SYN packet (corresponding to the structure of the kernel code: struct inet_request_sock ). Its responsibility is to reply to the SYN+ACK packet, and retransmit it when the ACK packet is not received, until it times out. Under Linux, the number of retransmissions is:
$ sysctl net.ipv4.tcp_synack_retries
net.ipv4.tcp_synack_retries = 5
3) The description of tcp_synack_retries in the document is as follows:
tcp_synack_retries-int integer
For a passive TCP connection, the number of retransmissions of SYNACKs. The value cannot exceed 255.
The default value is 5. If the initial RTO is 1 second, the corresponding last retransmission is 31 seconds.
The corresponding last timeout was 63 seconds later.
4) After sending SYN+ACK, the SYN queue waits for the ACK packet sent from the client (that is, the last packet of the three-way handshake). When receiving an ACK packet, first find the corresponding SYN queue, and then check the related data in the corresponding SYN queue to see if it matches. If it matches, the kernel removes the connection-related data from the SYN queue to create a complete Connect (corresponding to the structure of the kernel code: struct inet_sock ), and add this connection to the Accept queue.
5) Accept queue
Stored in the Accept queue is the established connection, that is, the connection waiting to be taken away by the upper-level application. When the process calls accept(), the socket is taken out of the queue and passed to the upper application.
This is a simple description of how Linux handles SYN packets. By the way, when TCP_DEFER_ACCEPT and TCP_FASTOPEN are turned on for the socket, there will be slight differences in the way of working
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
A new spy satellite was successfully launched by SpaceX for the National Reconnaissance Agency.
#Technologies
#Technologies
Give a Mask to Phishing URL like a PRO:
1) git clone https://github.com/jaykali/maskphish
2) cd maskphish
3) bash maskphish.sh
β β β Uππ»βΊπ«Δπ¬πβ β β β
1) git clone https://github.com/jaykali/maskphish
2) cd maskphish
3) bash maskphish.sh
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack Android FROM ANY LINUX :
Checks for metasploit service and starts if not present
Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
Start multiple meterpreter reverse_tcp listners
Fast Search in searchsploit
Bypass AV
Create backdoor with another techniq
Autorunscript for listeners ( easy to use )
Drop into Msfconsole
Some other fun stuff :)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Screetsec/TheFatRat.git
2) cd TehFatrat/Setup
3) chmod +x setup.sh && ./setup.sh
4) Extract The lalin-master to your home or another folder
5) chmod +x fatrat
6) chmod +x powerfull.sh
7) And run the tools ( ./fatrat )
8) Easy to Use just input your number
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hack Android FROM ANY LINUX :
Checks for metasploit service and starts if not present
Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
Start multiple meterpreter reverse_tcp listners
Fast Search in searchsploit
Bypass AV
Create backdoor with another techniq
Autorunscript for listeners ( easy to use )
Drop into Msfconsole
Some other fun stuff :)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Screetsec/TheFatRat.git
2) cd TehFatrat/Setup
3) chmod +x setup.sh && ./setup.sh
4) Extract The lalin-master to your home or another folder
5) chmod +x fatrat
6) chmod +x powerfull.sh
7) And run the tools ( ./fatrat )
8) Easy to Use just input your number
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - screetsec/TheFatRat: Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitationβ¦
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th...