Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WPA 2 - WIFI HACKING PDFS:
http://webpages.eng.wayne.edu/~fy8421/16sp-csc5991/slides/lab7/wpa2-cracking-kolias.pdf
http://www.og150.com/assets/Wireless%20Pre-Shared%20Key%20Cracking%20WPA,%20WPA2.pdf
https://www.techscience.com/iasc/v25n1/39645/pdf
https://ijarse.com/images/fullpdf/1519302206_SVCET2084ijarse.pdf
https://owasp.org/www-chapter-dorset/assets/presentations/2020-01/OWASP-wlans.pdf
https://benjaminkiesl.github.io/publications/a_formal_analysis_of_ieees_wpa2_cremers_kiesl_medinger.pdf
https://alexandreborgesbrazil.files.wordpress.com/2014/02/cracking_wireless.pdf
http://www.iaea.org/inis/collection/NCLCollectionStore/_Public/46/130/46130069.pdf
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WPA 2 - WIFI HACKING PDFS:
http://webpages.eng.wayne.edu/~fy8421/16sp-csc5991/slides/lab7/wpa2-cracking-kolias.pdf
http://www.og150.com/assets/Wireless%20Pre-Shared%20Key%20Cracking%20WPA,%20WPA2.pdf
https://www.techscience.com/iasc/v25n1/39645/pdf
https://ijarse.com/images/fullpdf/1519302206_SVCET2084ijarse.pdf
https://owasp.org/www-chapter-dorset/assets/presentations/2020-01/OWASP-wlans.pdf
https://benjaminkiesl.github.io/publications/a_formal_analysis_of_ieees_wpa2_cremers_kiesl_medinger.pdf
https://alexandreborgesbrazil.files.wordpress.com/2014/02/cracking_wireless.pdf
http://www.iaea.org/inis/collection/NCLCollectionStore/_Public/46/130/46130069.pdf
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅Bug in discord api, causing a security issue :
https://dailycve.com/bug-discord-api-causing-security-issue
https://dailycve.com/bug-discord-api-causing-security-issue
Dailycve
Bug in discord api, causing a security issue | CVE
Details:
Fetching a guild template via the API on v6 gives you a serialized_source_guild in v8 payload serialisation and not v6.
Steps to Reproduce
GET /api/v6/guilds/templates/{code}
Expected Behavior
v6 guild data (e.g.permission_overwrites areβ¦
Forwarded from UNDERCODE NEWS
Don Brovskis, Vice President of the European: The European Union is still committed to settling the conflict with the United States over the levy on internet services.
#International
#International
Forwarded from UNDERCODE NEWS
Amazon is setting up an affordable housing initiative but is not changing the job standards.
#International
#International
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Parsing the / etc / shadow file :
1.Username: This is your login name.
2. Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3. Last change of password (last change): days since January 1, 1970, when the password was last changed.
4. Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5. Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6. Warning: The number of days before the password expires that the user is warned to change the password.
7. Inactivity: the number of days after the password expires that the account has been disabled.
8. Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
To change the password expiration information for a user, use the chage command on Linux.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
The following options are possible:
-d, --lastday LAST_DAY set date of last password change to LAST_DAY
-E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-h, --help display this help message and exit
-I, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-l, --list show account aging information
-m, --mindays MIN_DAYS set minimum number of days before password
change to MIN_DAYS
-M, --maxdays MAX_DAYS set maximim number of days before password
change to MAX_DAYS
-R, --root CHROOT_DIR directory to chroot into
-W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Parsing the / etc / shadow file :
1.Username: This is your login name.
2. Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3. Last change of password (last change): days since January 1, 1970, when the password was last changed.
4. Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5. Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6. Warning: The number of days before the password expires that the user is warned to change the password.
7. Inactivity: the number of days after the password expires that the account has been disabled.
8. Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
To change the password expiration information for a user, use the chage command on Linux.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
The following options are possible:
-d, --lastday LAST_DAY set date of last password change to LAST_DAY
-E, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-h, --help display this help message and exit
-I, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-l, --list show account aging information
-m, --mindays MIN_DAYS set minimum number of days before password
change to MIN_DAYS
-M, --maxdays MAX_DAYS set maximim number of days before password
change to MAX_DAYS
-R, --root CHROOT_DIR directory to chroot into
-W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅FasterXML jackson-databind code issue vulnerability:
https://dailycve.com/fasterxml-jackson-databind-code-issue-vulnerability
https://dailycve.com/fasterxml-jackson-databind-code-issue-vulnerability
Dailycve
FasterXML jackson-databind code issue vulnerability | CVE
Details:
FasterXML jackson-databind is a JAVA-based library that can use JAVA objects to translate data formats such as XML and JSON. Jackson can quickly translate Java objects to Json objects and xml records, as well as to Java objects with Json and xml.β¦
FasterXML jackson-databind is a JAVA-based library that can use JAVA objects to translate data formats such as XML and JSON. Jackson can quickly translate Java objects to Json objects and xml records, as well as to Java objects with Json and xml.β¦
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Go example code to modify the file name recursively:
package main
import (
"bufio"
"fmt"
"io/ioutil"
"log"
"os"
"strings"
)
var pathSeparator = string(os.PathSeparator)
/**
*/
func rename(path string, old string, new string) (err error) {
files, err := ioutil.ReadDir(path)
if err != nil {
return err
}
for _, fileInfo := range files {
if fileInfo.IsDir() {
err = rename(path+pathSeparator+fileInfo.Name(), old, new)
if err != nil {
return err
}
err = os.Rename(path+pathSeparator+fileInfo.Name(), path+pathSeparator+strings.Replace(fileInfo.Name(), old, new, -1))
if err != nil {
return err
}
} else {
err = os.Rename(path+pathSeparator+fileInfo.Name(), path+pathSeparator+strings.Replace(fileInfo.Name(), old, new, -1))
if err != nil {
return err
}
}
}
return err
}
func main() {
reader := bufio.NewReader(os.Stdin)
filePath, _ := reader.ReadString('\n')
filePath = strings.Replace(filePath, "\n", "", -1)
fmt.Print(οΌ")
reader = bufio.NewReader(os.Stdin)
name, _ := reader.ReadString('\n')
name = strings.Replace(name, "\n", "", -1)
err := rename(filePath, name, "")
if err != nil {
log.FatalfοΌ%v\n", err)
}
err = os.Rename(filePath, strings.Replace(filePath, name, "", -1))
if err != nil {
log.Fatalf
}
fmt.Println("success")
}
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Go example code to modify the file name recursively:
package main
import (
"bufio"
"fmt"
"io/ioutil"
"log"
"os"
"strings"
)
var pathSeparator = string(os.PathSeparator)
/**
*/
func rename(path string, old string, new string) (err error) {
files, err := ioutil.ReadDir(path)
if err != nil {
return err
}
for _, fileInfo := range files {
if fileInfo.IsDir() {
err = rename(path+pathSeparator+fileInfo.Name(), old, new)
if err != nil {
return err
}
err = os.Rename(path+pathSeparator+fileInfo.Name(), path+pathSeparator+strings.Replace(fileInfo.Name(), old, new, -1))
if err != nil {
return err
}
} else {
err = os.Rename(path+pathSeparator+fileInfo.Name(), path+pathSeparator+strings.Replace(fileInfo.Name(), old, new, -1))
if err != nil {
return err
}
}
}
return err
}
func main() {
reader := bufio.NewReader(os.Stdin)
filePath, _ := reader.ReadString('\n')
filePath = strings.Replace(filePath, "\n", "", -1)
fmt.Print(οΌ")
reader = bufio.NewReader(os.Stdin)
name, _ := reader.ReadString('\n')
name = strings.Replace(name, "\n", "", -1)
err := rename(filePath, name, "")
if err != nil {
log.FatalfοΌ%v\n", err)
}
err = os.Rename(filePath, strings.Replace(filePath, name, "", -1))
if err != nil {
log.Fatalf
}
fmt.Println("success")
}
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hi all, https://Best.undercode.help :
In this blog we want to upload daily links about top rated apps/softwares and much more checkout the next message, and thanks.
In this blog we want to upload daily links about top rated apps/softwares and much more checkout the next message, and thanks.
Best 50 websites for watching movies for Free in 2021 :
https://best.undercode.help/best-50-websites-for-watch-movies-for-free-in-2021/
https://best.undercode.help/best-50-websites-for-watch-movies-for-free-in-2021/
best.undercode.help
Best 50 websites for watch movies for free in 2021 :
β¦
Forwarded from UNDERCODE NEWS
Valve officially released a Steam beta announcement, opened the remote fun function for domestic players.
#Updates
#Updates
Forwarded from UNDERCODE NEWS
The Russian government has formed the final version of the list of Russian programs for installation on new mobile devices.
#International
#International
Forwarded from DailyCVE
π΅Linux outlook expose a new bug could crash the service and leak the password:
https://dailycve.com/linux-outlook-expose-new-bug-could-crash-service-and-leak-password
https://dailycve.com/linux-outlook-expose-new-bug-could-crash-service-and-leak-password
Dailycve
Linux outlook expose a new bug could crash the service and leak the password | CVE
Details:
Steps to reproduce
Use the Outlook app, login, restart rambox
Expected behavior
Automatically logged in
Actual behavior
Not logged in, I need to insert username every time
Outlook365
Steps to reproduce
Use the Outlook365 app, login, restartβ¦
Steps to reproduce
Use the Outlook app, login, restart rambox
Expected behavior
Automatically logged in
Actual behavior
Not logged in, I need to insert username every time
Outlook365
Steps to reproduce
Use the Outlook365 app, login, restartβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is BuiltWith?
BuiltWith is a technology search or profiler.
It provides real-time target information to pentesters through the domain API and domain live API .
The domain API provides technical information such as analytics service, built-in plugins, frameworks, libraries, etc. to penetration testers.
The domain API relies on BuiltWith database to provide current and historical technology information about the target.
The Lookup pane retrieves the same information that the domain API provides.
On the other hand, the domain live API does extensive searches on a domain or URL.
It is possible to integrate both APIs into a security product to provide technical information to end users.
1) BuiltWith Domain API
The BuiltWith Domain API provides XML and JSON access to the technology information of a website which includes all technical information as found on detailed lookups at builtwith.com and additional meta data where available.
3) The general access method is as follows -
https://api.builtwith.com/v18/api.[xml|json]?KEY=[YOUR KEY]&LOOKUP=[DOMAIN]
4) Authentication
You must provide your API key in each lookup. See the examples for how this works.
Login or Create a Free Account to get your API key.
5) Client SDK
A Client SDK for C# is available at https://github.com/builtwith/BuiltWith-C-Client-API and can be installed via NuGet package 'BuiltWith'.
6) Get Domain Example
XML Get Single Domain
https://api.builtwith.com/v18/api.xml?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com
7) JSON Get Single Domain
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&LOOKUP=builtwith.com
8)Get Multiple Domains Example
Provide multiple LOOKUP domains as a CSV (up to 16)
https://api.builtwith.com/v18/api.xml?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com,builtwith.com
9) High Throughput Lookups
For ultra fast high performance API lookups use the following syntax.
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&HIDETEXT=yes&NOMETA=yes&NOPII=yes&NOLIVE=yes&NOATTR=yes&LOOKUP=site1.com,site2.com,site3.com,site4.com,site5.com,site6.com,site7.com,site8.com,site9.com,site10.com,site11.com,site12.com,site13.com,site14.com,site15.com,site16.com
10) 16 Root Domains or Subdomains Only Per Lookup - alphabetically random for performance improvements
Text, Meta, Attributes, Contacts all removed
Removes live lookup of results if not in our database
For even higher throughput contact us about dedicated endpoint solutions.
11) Get Specific Page Profile Example
Providing an internal URL or subdomain will get that specific page technology profile. Ensure you encode the LOOKUP parameter.
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com%2FPlace%2FHawaii.htm
Reference: https://api.builtwith.com/domain-api
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is BuiltWith?
BuiltWith is a technology search or profiler.
It provides real-time target information to pentesters through the domain API and domain live API .
The domain API provides technical information such as analytics service, built-in plugins, frameworks, libraries, etc. to penetration testers.
The domain API relies on BuiltWith database to provide current and historical technology information about the target.
The Lookup pane retrieves the same information that the domain API provides.
On the other hand, the domain live API does extensive searches on a domain or URL.
It is possible to integrate both APIs into a security product to provide technical information to end users.
1) BuiltWith Domain API
The BuiltWith Domain API provides XML and JSON access to the technology information of a website which includes all technical information as found on detailed lookups at builtwith.com and additional meta data where available.
3) The general access method is as follows -
https://api.builtwith.com/v18/api.[xml|json]?KEY=[YOUR KEY]&LOOKUP=[DOMAIN]
4) Authentication
You must provide your API key in each lookup. See the examples for how this works.
Login or Create a Free Account to get your API key.
5) Client SDK
A Client SDK for C# is available at https://github.com/builtwith/BuiltWith-C-Client-API and can be installed via NuGet package 'BuiltWith'.
6) Get Domain Example
XML Get Single Domain
https://api.builtwith.com/v18/api.xml?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com
7) JSON Get Single Domain
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&LOOKUP=builtwith.com
8)Get Multiple Domains Example
Provide multiple LOOKUP domains as a CSV (up to 16)
https://api.builtwith.com/v18/api.xml?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com,builtwith.com
9) High Throughput Lookups
For ultra fast high performance API lookups use the following syntax.
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&HIDETEXT=yes&NOMETA=yes&NOPII=yes&NOLIVE=yes&NOATTR=yes&LOOKUP=site1.com,site2.com,site3.com,site4.com,site5.com,site6.com,site7.com,site8.com,site9.com,site10.com,site11.com,site12.com,site13.com,site14.com,site15.com,site16.com
10) 16 Root Domains or Subdomains Only Per Lookup - alphabetically random for performance improvements
Text, Meta, Attributes, Contacts all removed
Removes live lookup of results if not in our database
For even higher throughput contact us about dedicated endpoint solutions.
11) Get Specific Page Profile Example
Providing an internal URL or subdomain will get that specific page technology profile. Ensure you encode the LOOKUP parameter.
https://api.builtwith.com/v18/api.json?KEY=[YOUR KEY]&LOOKUP=hotelscombined.com%2FPlace%2FHawaii.htm
Reference: https://api.builtwith.com/domain-api
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - builtwith/BuiltWith-C-Client-API: BuiltWith C# Client API on Nuget
BuiltWith C# Client API on Nuget. Contribute to builtwith/BuiltWith-C-Client-API development by creating an account on GitHub.
Forwarded from DailyCVE
π΅Digisol Systems DG-HR3400 cross-site scripting vulnerability:
https://dailycve.com/digisol-systems-dg-hr3400-cross-site-scripting-vulnerability
https://dailycve.com/digisol-systems-dg-hr3400-cross-site-scripting-vulnerability
Dailycve
Digisol Systems DG-HR3400 cross-site scripting vulnerability | CVE
Details:
Digisol Systems DG-HR3400 is a wireless router developed in India by Digisol Systems. The cross-site scripting weakness of Digisol DG-HR3400 stems from the machine time NTP host name and the "keyword" in the URL filter.
Affected Versions:β¦
Forwarded from UNDERCODE NEWS
After the day the "falls" of the US Congress, Trump's social media grew by almost 200,000 followers.
#International
#International
Forwarded from UNDERCODE NEWS
Cryptocurrencies are set to record their biggest weekly gains since the Bitcoin bubble peaked about three years ago, but the market crashed that year.
#Analytiques
#Analytiques
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A cheat sheet that contains common enumeration and attack methods for Windows Active Directory:
Get Domain Policy:
Get-DomainPolicy
#Will show us the policy configurations of the Domain about system access or kerberos
(Get-DomainPolicy)."system access"
(Get-DomainPolicy)."kerberos policy"
Get Domain Controllers:
Get-NetDomainController
Get-NetDomainController -Domain <DomainName>
Enumerate Domain Users:
Get-NetUser
Get-NetUser -SamAccountName <user>
Get-NetUser | select cn
Get-UserProperty
#Check last password change
Get-UserProperty -Properties pwdlastset
#Get a spesific "string" on a user's attribute
Find-UserField -SearchField Description -SearchTerm "wtver"
#Enumerate user logged on a machine
Get-NetLoggedon -ComputerName <ComputerName>
#Enumerate Session Information for a machine
Get-NetSession -ComputerName <ComputerName>
#Enumerate domain machines of the current/specified domain where specific users are logged into
Find-DomainUserLocation -Domain <DomainName> | Select-Object UserName, SessionFromName
Enum Domain Computers:
Get-NetComputer -FullData
Get-DomainGroup
#Enumerate Live machines
Get-NetComputer -Ping
Enum Groups and Group Members:
Get-NetGroupMember -GroupName "<GroupName>" -Domain <DomainName>
#Enumerate the members of a specified group of the domain
Get-DomainGroup -Identity <GroupName> | Select-Object -ExpandProperty Member
#Returns all GPOs in a domain that modify local group memberships through Restricted Groups or Group Policy Preferences
Get-DomainGPOLocalGroup | Select-Object GPODisplayName, GroupName
More & source:
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A cheat sheet that contains common enumeration and attack methods for Windows Active Directory:
Get Domain Policy:
Get-DomainPolicy
#Will show us the policy configurations of the Domain about system access or kerberos
(Get-DomainPolicy)."system access"
(Get-DomainPolicy)."kerberos policy"
Get Domain Controllers:
Get-NetDomainController
Get-NetDomainController -Domain <DomainName>
Enumerate Domain Users:
Get-NetUser
Get-NetUser -SamAccountName <user>
Get-NetUser | select cn
Get-UserProperty
#Check last password change
Get-UserProperty -Properties pwdlastset
#Get a spesific "string" on a user's attribute
Find-UserField -SearchField Description -SearchTerm "wtver"
#Enumerate user logged on a machine
Get-NetLoggedon -ComputerName <ComputerName>
#Enumerate Session Information for a machine
Get-NetSession -ComputerName <ComputerName>
#Enumerate domain machines of the current/specified domain where specific users are logged into
Find-DomainUserLocation -Domain <DomainName> | Select-Object UserName, SessionFromName
Enum Domain Computers:
Get-NetComputer -FullData
Get-DomainGroup
#Enumerate Live machines
Get-NetComputer -Ping
Enum Groups and Group Members:
Get-NetGroupMember -GroupName "<GroupName>" -Domain <DomainName>
#Enumerate the members of a specified group of the domain
Get-DomainGroup -Identity <GroupName> | Select-Object -ExpandProperty Member
#Returns all GPOs in a domain that modify local group memberships through Restricted Groups or Group Policy Preferences
Get-DomainGPOLocalGroup | Select-Object GPODisplayName, GroupName
More & source:
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methodsβ¦
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Forwarded from DailyCVE
π΅Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer improper authentication vulnerability:
https://dailycve.com/hitachi-abb-power-grids-fox615-multiservice-multiplexer-improper-authentication-vulnerability
https://dailycve.com/hitachi-abb-power-grids-fox615-multiservice-multiplexer-improper-authentication-vulnerability
Dailycve
Hitachi ABB Power Grids FOX615 Multiservice-Multiplexer improper authentication vulnerability | CVE
Details:
An inappropriate authentication flaw is used in the FOX615 Multiservice-Multiplexer supported by Hitachi ABB Power Grids.
Due to a flaw in the libssh library used by the product, FOX615 Multiservice-Multiplexer has an inappropriate authenticationβ¦