- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑 Self htaccess shells and attacks Tutorial
(T.me/UnderCodeTestingOfficial)

🦑WHAT IS HTSHELLS :

- Self contained web shells and other attacks via .htaccess files:

> Attacks are named in the following fashion, module.attack.htaccess and grouped
by attack type in directories.

'> Pick the one you need and copy it to a new file
named .htaccess, check the file to see if it needs editing before you upload it.

>Web shells executes commands from the query parameter c, unless the file states

🦑INSTALLISATION & RUN:

1) git clone https://github.com/wireghoul/htshells

2) cd htshells

3) SOME USFULL COMMADS FOR EXPLOITE & ATTACKS:

== DOS/ # Denial of service attacks
- apache.dos.htaccess
Makes all requests return a 500 internal server error

- mod_rewrite.dos.htaccess
Regular expression dos condition in mod_rewrite consumes a child process

== INFO/ # Information disclosure attacks
- modcheck/
Include additional response headers to indicate which Apache modules are active

- mod_caucho.info.htaccess *untested*
Server status binding for the mod_caucho Resin java server module

- mod_clamav.info.htaccess
Clamav status page binding

- mod_info.info.htaccess
Server info binding for Apache

- mod_ldap.info.htaccess *untested*
Server status binding for the mod_ldap server module

- mod_perl.info.htaccess
Display the mod_perl status page

- mod_php.info.htaccess
Make all php pages show source instead of executing

- mod_status.info.htacces
Server status binding for Apache


== SHELL/ # Interactive command execution
- mod_caucho.shell.htaccess *untested*
JSP based web shell

- mod_cgi.shell.bash.htaccess
Shell using bash under the cgi handler, Requires exec flag to be set on the htaccess file.

- mod_cgi.shell.windows.htaccess *untested*
Gives shell through php.exe via apache cgi configuration directives

- mod_include.shell.htaccess
Server Side Include based web shell

- mod_multi.shell.htaccess
Multiple shells in one .htaccess file, one attack fits all approach

- mod_perl.shell.htaccess *incomplete*
TODO

- mod_php.shell.htaccess
PHP based web shell access via http://domain/path/.htaccess?c=command

- mod_php.shell2.htaccess
Alternate method of invoking a php shell from .htaccess file

- mod_php.stealth.shell.htaccess
PHP based stealth backdoor - see http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html for tutorial

- mod_python.shell.htaccess

- mod_ruby.shell.htaccess

- mod_suphp.shell.htaccess

== TRAVERSAL/ # Directory traversal attacks
- mod_hitlog.traversal.htaccess
Directory traversal attack via hitlog module tries to read /etc/passwd

- mod_layout.traversal.htaccess
Directory traversal attack reads /etc/passwd


== ./ # Various attacks
- mod_auth_remote.phish.htaccess *untested*
Forward basic auth credentials to server of your choice

- mod_badge.admin.htaccess
mod_badge admin page binding

- mod_sendmail.rce.htaccess *untested*
Executes commands configured in the .htaccess file by specifying path and arguments to "sendmail" binary


Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑get informations from instagram:
(facebook.com/UnderCodeTestingCompanie)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:


>The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile

> The information includes:

> Username, Profile Name, URL, Followers, Following, Number of Posts, Bio, Profile Picture URL, Is Business Account ?, Connected to a FB account ?, External URL, Joined Recently ?, Business Category Name, Is private ...

🦑INSTALLISATION & RUN:

1) pkg install -y git python

2) git clone https://github.com/th3unkn0n/osi.ig.git

3) cd osi.ig

4) chmod +x install.sh && ./install.sh

5) python3 main.py

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑The official Exploit Database DANGEROUS Tool:
(t.me/UnderCodeTestingOfficial)

🦑WHAT IS THIS TOOL & WHAT HE DO ?

Included with this repository is the SearchSploit utility, which will allow you to search through exploits, shellcodes and papers (if installed) using one or more terms
> Exploit-DB that also allows you to take a copy of Exploit Database with you, everywhere you go. SearchSploit gives you the power to perform detailed off-line searches through your locally checked-out copy of the repository. This capability is particularly useful for security assessments on segregated or air-gapped networks without Internet access.
Many exploits contain links to binary files..

🦑THIS TOOL MUST RUN AS ROOT ON KALI:
INSTALLISATION:

1) Open Terminal and type:

> apt -y install exploitdb

2) apt -y install exploitdb-bin-sploits exploitdb-papers

🦑For manual install:

1) clone the repository, add the binary into $PATH, and edit the config file to reflect the git path:

> sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb

2) sed 's|path_array+=(.*)|path_array+=("/opt/exploitdb")|g' /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc

3) sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

🦑For mac:

If you have homebrew (package, formula) installed, running the following will get you set up:

> user@MacBook:~$ brew update && brew install exploitdb

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ILL POSTS SOME GREAT PAID BOOKS SOON
FROM UNDERCode WHATSAPP GROUPES

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑let s explain: HTTPS/SSL/TLS ATTacks:
(instagram.com/UnderCodeTestingCompany)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

🦑The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology.

> The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3.

> However, like many other attacks also based on a forced this vulnerability is also based on a forced downgrade attack.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ALL SHARED FREE HERE / PARTICAL + THEORIE + EXERCICES

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑POODLE The Famous Dangerous Attack what is and how it works:
(instagram.com/UnderCodeTestingCompany)

>The Padding Oracle On Downgraded Legacy Encryption (POODLE) attack was published in October 2014 and takes advantage of two factors.

> The first factor is the fact that some servers/clients still support SSL 3.0 for interoperability and compatibility with legacy systems.

>The second factor is a vulnerability that exists in SSL 3.0, which is related to block padding. The POODLE vulnerability is registered in the NIST NVD database as CVE-2014-3566.

> The client initiates the handshake and sends a list of supported SSL/TLS versions. An attacker intercepts the traffic, performing a man-in-the-middle (MITM) attack, and impersonates the server until the client agrees to downgrade the connection to SSL 3.0.

🦑The SSL 3.0 vulnerability is in the Cipher Block Chaining (CBC) mode.

>Block ciphers require blocks of fixed length. If data in the last block is not a multiple of the block size, extra space is filled by padding.

> The server ignores the content of padding. It only checks if padding length is correct and verifies the Message Authentication Code (MAC) of the plaintext.

>That means that the server cannot verify if anyone modified the padding content.

> An attacker can decipher an encrypted block by modifying padding bytes and watching the server response. It takes a maximum of 256 SSL 3.0 requests to decrypt a single byte.

>This means that once every 256 requests, the server will accept the modified value. The attacker does not need to know the encryption method or key. Using automated tools, an attacker can retrieve the plaintext character by character. This could easily be a password, a cookie, a session, or other sensitive data.
Prevention

> Completely disable SSL 3.0 on the server (highly recommended unless you must support Internet Explorer 6.0).

> Upgrade the browser (client) to the latest version. If you must use an older version, disable SSLv2 and SSLv3. Most current browsers/servers use TLS_FALLBACK_SCSV. If a client requests a TLS protocol version that is lower than the highest supported by the server (and client), the server will treat it as an intentional downgrade and drop the connection.

> Some TLS 1.0/1.1 implementations are also vulnerable to POODLE because they accept an incorrect padding structure after decryption.

🦑BEAST

> The Browser Exploit Against SSL/TLS (BEAST) attack was disclosed in September 2011. It applies to SSL 3.0 and TLS 1.0 so it affects browsers that support TLS 1.0 or earlier protocols.

> An attacker can decrypt data exchanged between two parties by taking advantage of a vulnerability in the implementation of the Cipher Block Chaining (CBC) mode in TLS 1.0. The BEAST vulnerability is registered in the NIST NVD database as CVE-2011-3389.

> This is a client-side attack that uses the man-in-the-middle technique. The attacker uses MITM to inject packets into the TLS stream. This allows them to guess the Initialization Vector (IV) used with the injected message and then simply compare the results to the ones of the block that they want to decrypt.

>For the BEAST attack to succeed, an attacker must have some control of the victim’s browser. Therefore, the attacker may choose easier attack vectors instead of this one.

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
(t.me/UndercOdeTestingOfficial)

🦑INSTALLISATION & RUN:

> git clone https://github.com/infosecn1nja/ycsm

> cd ycsm

> chmod +x ycsm-setup.sh

1) Setup Nginx Redirector

2) Check Status

3) Blocking Shodan

4) Configure Fail2Ban

5) Quit

> YCSM - Select an Option...

🦑FEATURES:

1) Evade Vendor Sandboxes.

2) Block Shodan Access.

3) Block Vulnerability Scanners & Bots.

4) Auto SSL setup for HTTPS using letsencrypt certbot.

5) Adds original source ip to user-agent header for easy tracking.

6) Auto-Renew for Let's Encrypt SSL Certificates.

7) Nginx Hardening Servers with Fail2Ban.

8) Block Accessing Redirector From Mobile.

9) JQuery profiling users inspired by APT29 useful to sniff tier 1 SOC (https://github.com/samsayen/JQueryingU)

@UnderCodeOfficial

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊------

🦑FREE CCAM SERVERS By UndercOde:
(T.me/UnderCodeRepoUpdates)

🦑CCAM LONG LINES ( All scrambel channel)

> HOST s7.cccambird.com

>Port
14400

>User
89833551

> Pass
cccambird

>
Expire On : 21-11-2019 at 00:00 GMT

@ Steave
--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊---——

-------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊-----

🦑(ITWSV- Integrated Tool for Web Security Vulnerability: 2019
ITWSV is automated penetration testing tool which performs information gathering, auditing and reporting.
(T.me/UnderCodetestingOfficial)

🦑Installisation:

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3)chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

6) CHOOSE options via numbers

🦑TESTED ON:

>kali

>debian


@ steave(tm)
--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊----

https://m.youtube.com/watch?v=WnN6dbos5u8

15 HOURS FULL 🦑🦑🦑

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑EXPLAINING VISUAL HACKING:
(instagram.com/UnderCodeTestingCompany)

> Your confidential information could be visually hacked from a PC or other electronic device, or it could be hacked from information contained on a paper document left in a print tray, on your desk, or even at your local coffee shop.

>But visual hacking involving sensitive information and criminal intent is not just a transgression or simple annoyance – the stealing of personal information can quickly become a very serious and costly problem.

🦑HOW DANGEROUS IS VISUAL HACKING?

>very dangerous! It takes only one piece of information to leave a company exposed to a data breach, and this can cost companies millions of dollars in legal expenses, regulatory fines, and more importantly, lost business.

🦑ARE YOU VULNERABLE?

>The short answer to this question is – yes you are! If you handle or access sensitive information, you are vulnerable to visual hacking.

>According to researchers, visual hacking has become a pervasive problem that occurs at all levels of an organization and in all industry sectors, and it doesn’t matter whether you’re an intern or a C suite executive.

🦑PROTECTING YOUR SENSITIVE INFORMATION
The following advice will help protect your personal and confidential information

Step 1:
Assess your situation prior to accessing sensitive information, just to see if you’re in a vulnerable situation. Consider relocating to a more private space if you’re currently in a crowded area, like an airplane or coffee shop; or alternatively, work on something else until you become less exposed.

Step 2:
Develop a visual privacy strategy. Talk to senior management with a view to prevention training and implementing organization-wide awareness of visual hacking.

Step 3:
Determine whether visitors, employees, and/or contractors have easy access to sensitive information in both workspaces and off-site locations. If there is a vulnerability, consider setting up internal firewalls or block off office sections from non-department members and visitors.

Step 4:
Invest in products proven to protect your personal and confidential information. A privacy filter screen can protect your private data. You can buy filter for monitors, laptops, and Macbooks. Our privacy filters are affordable and of great quality.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -