Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
The Ministry of Commerce of China announced a new law to be extended to international firms and began to enforce it immediately.
#International
#International
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE TESTING
🔵Nissan source code leaked through misconfigured Git server:
https://dailycve.com/nissan-source-code-leaked-through-misconfigured-git-server
https://dailycve.com/nissan-source-code-leaked-through-misconfigured-git-server
Dailycve
Nissan source code leaked through misconfigured Git server | CVE
Details:
Due to a misconfiguration of the company's Git server, the source code of Nissan North America was leaked online, and the server was exposed online because of the default username and password admin/admin. The leaked information included the…
Forwarded from UNDERCODE TESTING
🔵Google patches Android's crucial remote code execution weakness:
https://dailycve.com/google-patches-androids-crucial-remote-code-execution-weakness
https://dailycve.com/google-patches-androids-crucial-remote-code-execution-weakness
Dailycve
Google patches Android's crucial remote code execution weakness | CVE
Details:
Google has released an Android security update that addresses 43 vulnerabilities, including a critical remote code execution vulnerability in an Android system component tracked as CVE-2021-0316. Google has resolved these shortcomings by issuing…
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Perfect hacking tools for linux :
»Frida(https://github.com/frida/frida/releases)
>>Objection - mobile exploration toolkit by Frida(https://github.com/sensepost/objection)
>>Bfinject(https://github.com/BishopFox/bfinject)
>>iFunbox(http://www.i-funbox.com/)
>>Libimobiledevice - library to communicate with the services of the Apple ios devices(https://www.libimobiledevice.org/)
>>iRET (iOS Reverse Engineering Toolkit)(https://www.veracode.com/sites/default/files/Resources/Tools/iRETTool.zip) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
>>Myriam iOS(https://github.com/GeoSn0w/Myriam)
>>iWep Pro - wireless suite of useful applications used to turn your iOS device into a wireless network diagnostic tool(https://itunes.apple.com/us/app/iweppro/id578135585?mt=8)
>>Burp Suite(https://portswigger.net/burp/communitydownload)
>>Cycript(https://cydia.saurik.com/api/latest/3)
>>needle - The iOS Security Testing Framework(https://github.com/FSecureLABS/needle)
>>iLEAPP - iOS Logs, Events, And Preferences Parser(https://github.com/abrignoni/iLEAPP)
>>Cutter - Free and Open Source RE Platform powered by radare2(https://cutter.re/)
>>decrypt0r - automatically download and decrypt SecureRom stuff(https://github.com/shinvou/decrypt0r)
references git
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Perfect hacking tools for linux :
»Frida(https://github.com/frida/frida/releases)
>>Objection - mobile exploration toolkit by Frida(https://github.com/sensepost/objection)
>>Bfinject(https://github.com/BishopFox/bfinject)
>>iFunbox(http://www.i-funbox.com/)
>>Libimobiledevice - library to communicate with the services of the Apple ios devices(https://www.libimobiledevice.org/)
>>iRET (iOS Reverse Engineering Toolkit)(https://www.veracode.com/sites/default/files/Resources/Tools/iRETTool.zip) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
>>Myriam iOS(https://github.com/GeoSn0w/Myriam)
>>iWep Pro - wireless suite of useful applications used to turn your iOS device into a wireless network diagnostic tool(https://itunes.apple.com/us/app/iweppro/id578135585?mt=8)
>>Burp Suite(https://portswigger.net/burp/communitydownload)
>>Cycript(https://cydia.saurik.com/api/latest/3)
>>needle - The iOS Security Testing Framework(https://github.com/FSecureLABS/needle)
>>iLEAPP - iOS Logs, Events, And Preferences Parser(https://github.com/abrignoni/iLEAPP)
>>Cutter - Free and Open Source RE Platform powered by radare2(https://cutter.re/)
>>decrypt0r - automatically download and decrypt SecureRom stuff(https://github.com/shinvou/decrypt0r)
references git
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
Releases · frida/frida
Clone this repo to build Frida. Contribute to frida/frida development by creating an account on GitHub.
Forwarded from DailyCVE
Forwarded from DailyCVE
Dailycve
OKLite has Multiple vulnerabilities | CVE
Details:
OKLite is a minimalist framework for corporate websites. Displaying corporate website customers is the key focus market, helping typical small enterprises to launch websites easily.
OKLite has a drawback to a logic error, which can be abused…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Data structures and algorithms: where to start?
In programming, algorithms and data structures are a must-have for successfully learning any language. Algorithm is a system of operations performed in a specific order, taking into account specified conditions. There is a separate course at Shultays Education that allows you to learn several skills:
drawing up flowcharts of ideas, thanks to which the programs will be implemented;
programming using classical data structures;
the ability to create and understand linear data structures, sorting algorithms;
the ability to understand algorithms and data structures in Python, increasing the efficiency of working with the language;
the use of classical algorithms that form the basis of many projects.
You can get training not only through Shultais Education courses, but also thanks to books on algorithms and data structure. Their main drawback is that the materials are difficult for those who have no experience in programming at all. A more affordable alternative is to use video tutorials created by professionals who understand how to properly present material. Key benefits of video-assisted learning:
> visualization makes learning the lessons faster. The video demonstrates specific examples of working in a programming environment;
> it is always possible to stop playing in order to perform the exercises on your own;
a registered user can review the video later.
🦑For Shultais Education Algorithms and Data Structures programming courses to be effective, you should know the basic data structures:
linked list;
array;
stack;
queue;
hash table;
map;
trie tree;
graph;
binary tree;
skip list;
heap.
https://shultais.education/courses/algo
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Data structures and algorithms: where to start?
In programming, algorithms and data structures are a must-have for successfully learning any language. Algorithm is a system of operations performed in a specific order, taking into account specified conditions. There is a separate course at Shultays Education that allows you to learn several skills:
drawing up flowcharts of ideas, thanks to which the programs will be implemented;
programming using classical data structures;
the ability to create and understand linear data structures, sorting algorithms;
the ability to understand algorithms and data structures in Python, increasing the efficiency of working with the language;
the use of classical algorithms that form the basis of many projects.
You can get training not only through Shultais Education courses, but also thanks to books on algorithms and data structure. Their main drawback is that the materials are difficult for those who have no experience in programming at all. A more affordable alternative is to use video tutorials created by professionals who understand how to properly present material. Key benefits of video-assisted learning:
> visualization makes learning the lessons faster. The video demonstrates specific examples of working in a programming environment;
> it is always possible to stop playing in order to perform the exercises on your own;
a registered user can review the video later.
🦑For Shultais Education Algorithms and Data Structures programming courses to be effective, you should know the basic data structures:
linked list;
array;
stack;
queue;
hash table;
map;
trie tree;
graph;
binary tree;
skip list;
heap.
https://shultais.education/courses/algo
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Shultais Education
Алгоритмы и структуры данных на Python - онлайн-курс Shultais Education
Курс по классическим алгоритмам и структурам данных на языке Python от Shultais Education.
Forwarded from DailyCVE
Dailycve
Worktile has XSS vulnerability | CVE
Details:
Worktile is a collaborative office platform for companies that solves the pain points of collaboration, office and management for companies with a size of 30-1000 people and helps companies to implement project management, standardize procedures…
Forwarded from DailyCVE
🔵Unpatched File upload vulnerability exists in OKLite:
https://dailycve.com/unpatched-file-upload-vulnerability-exists-oklite
https://dailycve.com/unpatched-file-upload-vulnerability-exists-oklite
Dailycve
Unpatched File upload vulnerability exists in OKLite | CVE
Details:
KLite is a minimalist framework for corporate websites. Displaying corporate website customers is the key focus market, helping typical small enterprises to launch websites easily.
OKLite has a file upload flaw, and the vulnerability can be…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
In order to create a vehicle, Baidu formally joined hands with Geely Holdings and the Internet giants gathered together. Has the 'Warring States Period' begun?
#Technologies
#Technologies
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑📜 Correct way to edit / etc / passwd and / etc / group files in Linux :
Correct way to edit / etc / passwd and / etc / group files with vipw and vigr commands
To safely edit the / etc / password file, simply run:
$ sudo vipw
To safely edit the / etc / group file, run:
$ sudo vigr
The vipw and vigr commands will now lock the / etc / passwd and / etc / group files and prevent other users from making any changes.
To verify this, open two terminal windows.
Run "sudo vipw" in one window and try changing the user's password in another window.
The password will not be updated until you close the vipw command.
Therefore, other users cannot accidentally or deliberately make any changes to the / etc / passwd file while you are editing them as root.
After closing / etc / passwd, the password will be updated successfully.
You can also log in as a normal user and try to change the user's password in another terminal window.
The password will not change until you close the vipw command.
You won't even be able to create new users when editing / etc / passwd with the vipw command.
$ sudo useradd itsecforu
useradd: cannot lock / etc / passwd; try again later.
Likewise, to edit the shadow versions of these files, i.e. / etc / shadow and / etc / gshadow, use the -s flag.
$ sudo vipw -s
$ sudo vigr -s
Other supported options for vipw and vipr commands:
-g , --group
Edit group database.
-h , --help
Display help message and exit.
-p , --passwd
Edit passwd database.
-q , --quiet
Quiet mode.
-R , --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the
CHROOT_DIR directory.
-s , --shadow
Edit shadow or gshadow database
For more details refer to the man pages.
$ man vipw
$ man vigr
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑📜 Correct way to edit / etc / passwd and / etc / group files in Linux :
Correct way to edit / etc / passwd and / etc / group files with vipw and vigr commands
To safely edit the / etc / password file, simply run:
$ sudo vipw
To safely edit the / etc / group file, run:
$ sudo vigr
The vipw and vigr commands will now lock the / etc / passwd and / etc / group files and prevent other users from making any changes.
To verify this, open two terminal windows.
Run "sudo vipw" in one window and try changing the user's password in another window.
The password will not be updated until you close the vipw command.
Therefore, other users cannot accidentally or deliberately make any changes to the / etc / passwd file while you are editing them as root.
After closing / etc / passwd, the password will be updated successfully.
You can also log in as a normal user and try to change the user's password in another terminal window.
The password will not change until you close the vipw command.
You won't even be able to create new users when editing / etc / passwd with the vipw command.
$ sudo useradd itsecforu
useradd: cannot lock / etc / passwd; try again later.
Likewise, to edit the shadow versions of these files, i.e. / etc / shadow and / etc / gshadow, use the -s flag.
$ sudo vipw -s
$ sudo vigr -s
Other supported options for vipw and vipr commands:
-g , --group
Edit group database.
-h , --help
Display help message and exit.
-p , --passwd
Edit passwd database.
-q , --quiet
Quiet mode.
-R , --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the
CHROOT_DIR directory.
-s , --shadow
Edit shadow or gshadow database
For more details refer to the man pages.
$ man vipw
$ man vigr
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from DailyCVE
🔵Patch for date-and-time denial of service vulnerability:
https://dailycve.com/patch-date-and-time-denial-service-vulnerability
https://dailycve.com/patch-date-and-time-denial-service-vulnerability
Dailycve
Patch for date-and-time denial of service vulnerability | CVE
Details:
Date And Time is a Npm code library based on Javascript for JS date and time processing by a personal Date And Time developer. In date-and-time versions prior to 0.14.2, there is a safety vulnerability. The weakness derives from the treatment…