UNDERCODE COMMUNITY
Photo
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Simple random DNS, HTTP/S internet traffic noise generator:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Install requests if you do not have it already installed, using pip:
2) pip install requests
1) git clone https://github.com/1tayH/noisy.git
Navigate into the noisy directory
3)cd noisy
4) Run the script
python noisy.py --config config.json
The program can accept a number of command line arguments:
$ python noisy.py --help
5) usage: noisy.py [-h] [--log -l] --config -c [--timeout -t]
optional arguments:
-h, --help show this help message and exit
--log -l logging level
--config -c config file
--timeout -t for how long the crawler should be running, in seconds
only the config file argument is required.
Output
$ docker run -it noisy --config config.json --log debug
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Simple random DNS, HTTP/S internet traffic noise generator:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Install requests if you do not have it already installed, using pip:
2) pip install requests
1) git clone https://github.com/1tayH/noisy.git
Navigate into the noisy directory
3)cd noisy
4) Run the script
python noisy.py --config config.json
The program can accept a number of command line arguments:
$ python noisy.py --help
5) usage: noisy.py [-h] [--log -l] --config -c [--timeout -t]
optional arguments:
-h, --help show this help message and exit
--log -l logging level
--config -c config file
--timeout -t for how long the crawler should be running, in seconds
only the config file argument is required.
Output
$ docker run -it noisy --config config.json --log debug
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - 1tayH/noisy: Simple random DNS, HTTP/S internet traffic noise generator
Simple random DNS, HTTP/S internet traffic noise generator - 1tayH/noisy
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅Kong wordpress plugin, ssl revoked & outdated, data leak:
https://dailycve.com/kong-wordpress-plugin-ssl-revoked-outdated-data-leak
https://dailycve.com/kong-wordpress-plugin-ssl-revoked-outdated-data-leak
Dailycve
Kong wordpress plugin, ssl revoked & outdated, data leak | CVE
Details:
This plugin allows Kong to apply certificates from Let's Encrypt or any other ACMEv2 service and serve dynamically. Renewal is handled with a configurable threshold time.A bug could cause a possible leak of data due to outdated and revoqued ssl.β¦
This plugin allows Kong to apply certificates from Let's Encrypt or any other ACMEv2 service and serve dynamically. Renewal is handled with a configurable threshold time.A bug could cause a possible leak of data due to outdated and revoqued ssl.β¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
A new online registry website will be created by Russia ministry, for repeat traffic offenders.
#International
#International
β β β Uππ»βΊπ«Δπ¬πβ β β β
New release for this hacking tool :
ARP Poisoning and Sniffing
DHCP Discover and Starvation
Subdomains Identification
Certificate Cloning
TCP Analysis (ISN, Flags)
Username check on social networks
Web Techonologies Identification
and a lot more!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) $ python3 -m pip install --upgrade git+https://github.com/fportantier/habu.git
2) This must works on any system that has Python 3 installed.
Note: On some systems (like Microsoft Windows) you must adjust the command to point to the correct path of the Python executable.
3) Upgrade
Now we have a command to upgrade directly from the Git repo and clean any old command that not longer exists or that has been renamed.
$ habu.upgrade
Β»for example usage:
https://github.com/fportantier/habu
β β β Uππ»βΊπ«Δπ¬πβ β β β
New release for this hacking tool :
ARP Poisoning and Sniffing
DHCP Discover and Starvation
Subdomains Identification
Certificate Cloning
TCP Analysis (ISN, Flags)
Username check on social networks
Web Techonologies Identification
and a lot more!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) $ python3 -m pip install --upgrade git+https://github.com/fportantier/habu.git
2) This must works on any system that has Python 3 installed.
Note: On some systems (like Microsoft Windows) you must adjust the command to point to the correct path of the Python executable.
3) Upgrade
Now we have a command to upgrade directly from the Git repo and clean any old command that not longer exists or that has been renamed.
$ habu.upgrade
Β»for example usage:
https://github.com/fportantier/habu
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - fportantier/habu: Hacking Toolkit
Hacking Toolkit. Contribute to fportantier/habu development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Google workers declared the formation of a labor union and tensions between management have increased.
#International
#International
Forwarded from DailyCVE
π΅chromium:Multiple vulnerabilities debian, kali CVE-2019-8075 CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 :
https://dailycve.com/chromiummultiple-vulnerabilities-debian-kali-cve-2019-8075-cve-2020-6510-cve-2020-6511-cve-2020
https://dailycve.com/chromiummultiple-vulnerabilities-debian-kali-cve-2019-8075-cve-2020-6510-cve-2020-6511-cve-2020
Dailycve
chromium:Multiple vulnerabilities debian, kali CVE-2019-8075 CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 | CVE
Details:
Debian Security Advisory DSA-4824-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 01, 2021 https://www.debian.org/security/faq
- - ----------------β¦
Debian Security Advisory DSA-4824-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 01, 2021 https://www.debian.org/security/faq
- - ----------------β¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SO helping for pentesters:
steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
F E A T U R E S :
simple CLI with the ability to run pure Nmap engine
predefined scans included in the modules
support Nmap Scripting Engine (NSE) with scripts arguments
TOR support (with proxychains)
multiple scans at one time
at this point: 31 modules with 459 scan profiles
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
For any linux open terminal and type:
# Clone this repository
1) git clone --recursive https://github.com/trimstray/sandmap
# Go into the repository
2) cd sandmap
# Install
3) ./setup.sh install
# Run the app
4) sandmap
π¦The etc/main.cfg configuration file has the following structure:
# shellcheck shell=bash
# Specifies the default destination.
# Examples:
# - dest="127.0.0.1,8.8.8.8"
dest="127.0.0.1"
# Specifies the extended Nmap parameters.
# Examples:
# - params="--script ssl-ccs-injection -p 443"
params=""
# Specifies the default output type and path.
# Examples:
# - report="xml"
report=""
# Specifies the TOR connection.
# Examples:
# - tor="true"
tor=""
# Specifies the terminal type.
# Examples:
# - terminal="internal"
terminal="internal"
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SO helping for pentesters:
steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
F E A T U R E S :
simple CLI with the ability to run pure Nmap engine
predefined scans included in the modules
support Nmap Scripting Engine (NSE) with scripts arguments
TOR support (with proxychains)
multiple scans at one time
at this point: 31 modules with 459 scan profiles
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
For any linux open terminal and type:
# Clone this repository
1) git clone --recursive https://github.com/trimstray/sandmap
# Go into the repository
2) cd sandmap
# Install
3) ./setup.sh install
# Run the app
4) sandmap
π¦The etc/main.cfg configuration file has the following structure:
# shellcheck shell=bash
# Specifies the default destination.
# Examples:
# - dest="127.0.0.1,8.8.8.8"
dest="127.0.0.1"
# Specifies the extended Nmap parameters.
# Examples:
# - params="--script ssl-ccs-injection -p 443"
params=""
# Specifies the default output type and path.
# Examples:
# - report="xml"
report=""
# Specifies the TOR connection.
# Examples:
# - tor="true"
tor=""
# Specifies the terminal type.
# Examples:
# - terminal="internal"
terminal="internal"
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - trimstray/sandmap: Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles. - trimstray/sandmap
Forwarded from UNDERCODE NEWS
A new issue due to a malfunction of the mechanism at Shizuoka Branch, unable to earn money at Seven Bank ATMs.
#International
#International
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅influxdb: Unauthorised access - Remote/unauthenticated:
https://dailycve.com/influxdb-unauthorised-access-remoteunauthenticated
https://dailycve.com/influxdb-unauthorised-access-remoteunauthenticated
Dailycve
influxdb: Unauthorised access - Remote/unauthenticated | CVE
Details:
It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in
authentication bypass.
For the stable distribution (buster), this problem has been fixed in
version 1.6.4-1+deb10u1.β¦
It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in
authentication bypass.
For the stable distribution (buster), this problem has been fixed in
version 1.6.4-1+deb10u1.β¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ DNS SAD cache poisoning: interim fix for Linux servers and desktops :
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
###########################################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ DNS SAD cache poisoning: interim fix for Linux servers and desktops :
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
###########################################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
crontab -e#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
β β β Uππ»βΊπ«Δπ¬πβ β β β