- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Can I CONFIGURE Windows Server to host a website?
PART 1
(instagram.com/UnderCodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> set up your first IIS Web site

>Configure a default Web site

🦑When you install IIS, it is preconfigured to serve as a default Web site; however, you may want to change some of the settings. To change the basic settings for the Web site and to emulate the steps that are required to set up Apache for the first time by using the configuration file:

1) Log on to the Web server computer as an administrator.

2) Click Start, point to Settings, and then click Control Panel.

3) Double-click Administrative Tools, and then double-click Internet Services Manager.

4) Right-click the Web site that you want to configure in the left pane, and then click Properties.

5) Click the Web site tab.

6) Type a description for the Web site in the Description box.

7) Type the Internet Protocol (IP) address to use for the Web site or leave the All (Unassigned) default setting.

8) Modify the Transmission Control Protocol (TCP) port as appropriate.

9) Click the Home Directory tab.

10) To use a folder on the local computer, click A directory on this computer, and then click Browse to locate the folder that you want to use.

11) To use a folder that has been shared from another computer on the network, click A share located on another computer, and then either type the network path or click Browse to select the shared folder.

12) Click Read to grant read access to the folder (required).

13) Click OK to accept the Web site properties.

14) Create a new Web site

> To create a new Web site in Apache, you must set up a virtual host and configure the individual settings for the host. If you are using IIS, you can

written by Mr. Botnet(tm)
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑How Start hosting and publishing a website host from windows server:
(instagram.com/UnderCodeTestingCompany)

🦑Create a new Web site:🦑

> To create a new Web site in Apache, you must set up a virtual host and configure the individual settings for the host. If you are using IIS, you can create a new Web site by translating the following terms to the IIS equivalents:

A ) Apache term B) IIS term

>DocumentRoot IIS Web Site Home Directory

>ServerName IIS Host Header

>Listen IIS IP Address and TCP Port


🦑To create a new Web site in IIS, follow these steps:

1) Log on to the Web server computer as an administrator.

2) Click Start, point to Settings, and then click Control Panel.

3) Double-click Administrative Tools, and then double-click Internet Services Manager.

4) Click Action, point to New, and then click Web Site.

5) After the Web Site Creation Wizard starts, click Next.

6) Type a description for the Web site.

7) This description is used internally to identify the Web site in Internet Services Manager only.

8) Select the IP address to use for the site.

9) If you select All (unassigned), the Web site is accessible on all interfaces and all configured IP addresses.

10) Type the TCP port number to publish the site on.

11) Type the Host Header name (the real name that is used to access this site).

12) Click Next.

13) Either type the path to the folder that is holding the Web site documents or click Browse to select the folder, and then click Next.

14) Select the access permissions for the Web site, and then click Next.

> Click Finish.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑 Setup a Windows Server Firewall
How can I configure my Windows Server Firewall?
(instagram.com/UndercodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃

1) Windows Server 2012: Log into your server using remote desktop and press the Windows key to bring up the start menu.

2) Windows Server 2016 or 2019: Log into your server using remote desktop and click the search icon located next to the start menu icon.

3) Check your current Firewall settings

> Open your firewall, you will see the firewall overview, this shows what the current settings are for each profile (Domain, Private and Public).

4) Enabling or Disabling a Firewall rule

> Log on to your server and open up your Windows Firewall.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑 Self htaccess shells and attacks Tutorial
(T.me/UnderCodeTestingOfficial)

🦑WHAT IS HTSHELLS :

- Self contained web shells and other attacks via .htaccess files:

> Attacks are named in the following fashion, module.attack.htaccess and grouped
by attack type in directories.

'> Pick the one you need and copy it to a new file
named .htaccess, check the file to see if it needs editing before you upload it.

>Web shells executes commands from the query parameter c, unless the file states

🦑INSTALLISATION & RUN:

1) git clone https://github.com/wireghoul/htshells

2) cd htshells

3) SOME USFULL COMMADS FOR EXPLOITE & ATTACKS:

== DOS/ # Denial of service attacks
- apache.dos.htaccess
Makes all requests return a 500 internal server error

- mod_rewrite.dos.htaccess
Regular expression dos condition in mod_rewrite consumes a child process

== INFO/ # Information disclosure attacks
- modcheck/
Include additional response headers to indicate which Apache modules are active

- mod_caucho.info.htaccess *untested*
Server status binding for the mod_caucho Resin java server module

- mod_clamav.info.htaccess
Clamav status page binding

- mod_info.info.htaccess
Server info binding for Apache

- mod_ldap.info.htaccess *untested*
Server status binding for the mod_ldap server module

- mod_perl.info.htaccess
Display the mod_perl status page

- mod_php.info.htaccess
Make all php pages show source instead of executing

- mod_status.info.htacces
Server status binding for Apache


== SHELL/ # Interactive command execution
- mod_caucho.shell.htaccess *untested*
JSP based web shell

- mod_cgi.shell.bash.htaccess
Shell using bash under the cgi handler, Requires exec flag to be set on the htaccess file.

- mod_cgi.shell.windows.htaccess *untested*
Gives shell through php.exe via apache cgi configuration directives

- mod_include.shell.htaccess
Server Side Include based web shell

- mod_multi.shell.htaccess
Multiple shells in one .htaccess file, one attack fits all approach

- mod_perl.shell.htaccess *incomplete*
TODO

- mod_php.shell.htaccess
PHP based web shell access via http://domain/path/.htaccess?c=command

- mod_php.shell2.htaccess
Alternate method of invoking a php shell from .htaccess file

- mod_php.stealth.shell.htaccess
PHP based stealth backdoor - see http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html for tutorial

- mod_python.shell.htaccess

- mod_ruby.shell.htaccess

- mod_suphp.shell.htaccess

== TRAVERSAL/ # Directory traversal attacks
- mod_hitlog.traversal.htaccess
Directory traversal attack via hitlog module tries to read /etc/passwd

- mod_layout.traversal.htaccess
Directory traversal attack reads /etc/passwd


== ./ # Various attacks
- mod_auth_remote.phish.htaccess *untested*
Forward basic auth credentials to server of your choice

- mod_badge.admin.htaccess
mod_badge admin page binding

- mod_sendmail.rce.htaccess *untested*
Executes commands configured in the .htaccess file by specifying path and arguments to "sendmail" binary


Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑get informations from instagram:
(facebook.com/UnderCodeTestingCompanie)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:


>The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile

> The information includes:

> Username, Profile Name, URL, Followers, Following, Number of Posts, Bio, Profile Picture URL, Is Business Account ?, Connected to a FB account ?, External URL, Joined Recently ?, Business Category Name, Is private ...

🦑INSTALLISATION & RUN:

1) pkg install -y git python

2) git clone https://github.com/th3unkn0n/osi.ig.git

3) cd osi.ig

4) chmod +x install.sh && ./install.sh

5) python3 main.py

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑The official Exploit Database DANGEROUS Tool:
(t.me/UnderCodeTestingOfficial)

🦑WHAT IS THIS TOOL & WHAT HE DO ?

Included with this repository is the SearchSploit utility, which will allow you to search through exploits, shellcodes and papers (if installed) using one or more terms
> Exploit-DB that also allows you to take a copy of Exploit Database with you, everywhere you go. SearchSploit gives you the power to perform detailed off-line searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.
Many exploits contain links to binary files..

🦑THIS TOOL MUST RUN AS ROOT ON KALI:
INSTALLISATION:

1) Open Terminal and type:

> apt -y install exploitdb

2) apt -y install exploitdb-bin-sploits exploitdb-papers

🦑For manual install:

1) clone the repository, add the binary into $PATH, and edit the config file to reflect the git path:

> sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb

2) sed 's|path_array+=(.*)|path_array+=("/opt/exploitdb")|g' /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc

3) sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

🦑For mac:

If you have homebrew (package, formula) installed, running the following will get you set up:

> user@MacBook:~$ brew update && brew install exploitdb

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ILL POSTS SOME GREAT PAID BOOKS SOON
FROM UNDERCode WHATSAPP GROUPES

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑let s explain: HTTPS/SSL/TLS ATTacks:
(instagram.com/UnderCodeTestingCompany)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

🦑The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology.

> The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3.

> However, like many other attacks also based on a forced this vulnerability is also based on a forced downgrade attack.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ALL SHARED FREE HERE / PARTICAL + THEORIE + EXERCICES

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑POODLE The Famous Dangerous Attack what is and how it works:
(instagram.com/UnderCodeTestingCompany)

>The Padding Oracle On Downgraded Legacy Encryption (POODLE) attack was published in October 2014 and takes advantage of two factors.

> The first factor is the fact that some servers/clients still support SSL 3.0 for interoperability and compatibility with legacy systems.

>The second factor is a vulnerability that exists in SSL 3.0, which is related to block padding. The POODLE vulnerability is registered in the NIST NVD database as CVE-2014-3566.

> The client initiates the handshake and sends a list of supported SSL/TLS versions. An attacker intercepts the traffic, performing a man-in-the-middle (MITM) attack, and impersonates the server until the client agrees to downgrade the connection to SSL 3.0.

🦑The SSL 3.0 vulnerability is in the Cipher Block Chaining (CBC) mode.

>Block ciphers require blocks of fixed length. If data in the last block is not a multiple of the block size, extra space is filled by padding.

> The server ignores the content of padding. It only checks if padding length is correct and verifies the Message Authentication Code (MAC) of the plaintext.

>That means that the server cannot verify if anyone modified the padding content.

> An attacker can decipher an encrypted block by modifying padding bytes and watching the server response. It takes a maximum of 256 SSL 3.0 requests to decrypt a single byte.

>This means that once every 256 requests, the server will accept the modified value. The attacker does not need to know the encryption method or key. Using automated tools, an attacker can retrieve the plaintext character by character. This could easily be a password, a cookie, a session, or other sensitive data.
Prevention

> Completely disable SSL 3.0 on the server (highly recommended unless you must support Internet Explorer 6.0).

> Upgrade the browser (client) to the latest version. If you must use an older version, disable SSLv2 and SSLv3. Most current browsers/servers use TLS_FALLBACK_SCSV. If a client requests a TLS protocol version that is lower than the highest supported by the server (and client), the server will treat it as an intentional downgrade and drop the connection.

> Some TLS 1.0/1.1 implementations are also vulnerable to POODLE because they accept an incorrect padding structure after decryption.

🦑BEAST

> The Browser Exploit Against SSL/TLS (BEAST) attack was disclosed in September 2011. It applies to SSL 3.0 and TLS 1.0 so it affects browsers that support TLS 1.0 or earlier protocols.

> An attacker can decrypt data exchanged between two parties by taking advantage of a vulnerability in the implementation of the Cipher Block Chaining (CBC) mode in TLS 1.0. The BEAST vulnerability is registered in the NIST NVD database as CVE-2011-3389.

> This is a client-side attack that uses the man-in-the-middle technique. The attacker uses MITM to inject packets into the TLS stream. This allows them to guess the Initialization Vector (IV) used with the injected message and then simply compare the results to the ones of the block that they want to decrypt.

>For the BEAST attack to succeed, an attacker must have some control of the victim’s browser. Therefore, the attacker may choose easier attack vectors instead of this one.

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
(t.me/UndercOdeTestingOfficial)

🦑INSTALLISATION & RUN:

> git clone https://github.com/infosecn1nja/ycsm

> cd ycsm

> chmod +x ycsm-setup.sh

1) Setup Nginx Redirector

2) Check Status

3) Blocking Shodan

4) Configure Fail2Ban

5) Quit

> YCSM - Select an Option...

🦑FEATURES:

1) Evade Vendor Sandboxes.

2) Block Shodan Access.

3) Block Vulnerability Scanners & Bots.

4) Auto SSL setup for HTTPS using letsencrypt certbot.

5) Adds original source ip to user-agent header for easy tracking.

6) Auto-Renew for Let's Encrypt SSL Certificates.

7) Nginx Hardening Servers with Fail2Ban.

8) Block Accessing Redirector From Mobile.

9) JQuery profiling users inspired by APT29 useful to sniff tier 1 SOC (https://github.com/samsayen/JQueryingU)

@UnderCodeOfficial

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -