▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Perfect hacking tools for linux :
»Frida(https://github.com/frida/frida/releases)
>>Objection - mobile exploration toolkit by Frida(https://github.com/sensepost/objection)
>>Bfinject(https://github.com/BishopFox/bfinject)
>>iFunbox(http://www.i-funbox.com/)
>>Libimobiledevice - library to communicate with the services of the Apple ios devices(https://www.libimobiledevice.org/)
>>iRET (iOS Reverse Engineering Toolkit)(https://www.veracode.com/sites/default/files/Resources/Tools/iRETTool.zip) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
>>Myriam iOS(https://github.com/GeoSn0w/Myriam)
>>iWep Pro - wireless suite of useful applications used to turn your iOS device into a wireless network diagnostic tool(https://itunes.apple.com/us/app/iweppro/id578135585?mt=8)
>>Burp Suite(https://portswigger.net/burp/communitydownload)
>>Cycript(https://cydia.saurik.com/api/latest/3)
>>needle - The iOS Security Testing Framework(https://github.com/FSecureLABS/needle)
>>iLEAPP - iOS Logs, Events, And Preferences Parser(https://github.com/abrignoni/iLEAPP)
>>Cutter - Free and Open Source RE Platform powered by radare2(https://cutter.re/)
>>decrypt0r - automatically download and decrypt SecureRom stuff(https://github.com/shinvou/decrypt0r)
references git
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Perfect hacking tools for linux :
»Frida(https://github.com/frida/frida/releases)
>>Objection - mobile exploration toolkit by Frida(https://github.com/sensepost/objection)
>>Bfinject(https://github.com/BishopFox/bfinject)
>>iFunbox(http://www.i-funbox.com/)
>>Libimobiledevice - library to communicate with the services of the Apple ios devices(https://www.libimobiledevice.org/)
>>iRET (iOS Reverse Engineering Toolkit)(https://www.veracode.com/sites/default/files/Resources/Tools/iRETTool.zip) - includes oTool, dumpDecrypted, SQLite, Theos, Keychain_dumper, Plutil
>>Myriam iOS(https://github.com/GeoSn0w/Myriam)
>>iWep Pro - wireless suite of useful applications used to turn your iOS device into a wireless network diagnostic tool(https://itunes.apple.com/us/app/iweppro/id578135585?mt=8)
>>Burp Suite(https://portswigger.net/burp/communitydownload)
>>Cycript(https://cydia.saurik.com/api/latest/3)
>>needle - The iOS Security Testing Framework(https://github.com/FSecureLABS/needle)
>>iLEAPP - iOS Logs, Events, And Preferences Parser(https://github.com/abrignoni/iLEAPP)
>>Cutter - Free and Open Source RE Platform powered by radare2(https://cutter.re/)
>>decrypt0r - automatically download and decrypt SecureRom stuff(https://github.com/shinvou/decrypt0r)
references git
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
Releases · frida/frida
Clone this repo to build Frida. Contribute to frida/frida development by creating an account on GitHub.
Forwarded from DailyCVE
Forwarded from DailyCVE
Dailycve
OKLite has Multiple vulnerabilities | CVE
Details:
OKLite is a minimalist framework for corporate websites. Displaying corporate website customers is the key focus market, helping typical small enterprises to launch websites easily.
OKLite has a drawback to a logic error, which can be abused…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Data structures and algorithms: where to start?
In programming, algorithms and data structures are a must-have for successfully learning any language. Algorithm is a system of operations performed in a specific order, taking into account specified conditions. There is a separate course at Shultays Education that allows you to learn several skills:
drawing up flowcharts of ideas, thanks to which the programs will be implemented;
programming using classical data structures;
the ability to create and understand linear data structures, sorting algorithms;
the ability to understand algorithms and data structures in Python, increasing the efficiency of working with the language;
the use of classical algorithms that form the basis of many projects.
You can get training not only through Shultais Education courses, but also thanks to books on algorithms and data structure. Their main drawback is that the materials are difficult for those who have no experience in programming at all. A more affordable alternative is to use video tutorials created by professionals who understand how to properly present material. Key benefits of video-assisted learning:
> visualization makes learning the lessons faster. The video demonstrates specific examples of working in a programming environment;
> it is always possible to stop playing in order to perform the exercises on your own;
a registered user can review the video later.
🦑For Shultais Education Algorithms and Data Structures programming courses to be effective, you should know the basic data structures:
linked list;
array;
stack;
queue;
hash table;
map;
trie tree;
graph;
binary tree;
skip list;
heap.
https://shultais.education/courses/algo
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Data structures and algorithms: where to start?
In programming, algorithms and data structures are a must-have for successfully learning any language. Algorithm is a system of operations performed in a specific order, taking into account specified conditions. There is a separate course at Shultays Education that allows you to learn several skills:
drawing up flowcharts of ideas, thanks to which the programs will be implemented;
programming using classical data structures;
the ability to create and understand linear data structures, sorting algorithms;
the ability to understand algorithms and data structures in Python, increasing the efficiency of working with the language;
the use of classical algorithms that form the basis of many projects.
You can get training not only through Shultais Education courses, but also thanks to books on algorithms and data structure. Their main drawback is that the materials are difficult for those who have no experience in programming at all. A more affordable alternative is to use video tutorials created by professionals who understand how to properly present material. Key benefits of video-assisted learning:
> visualization makes learning the lessons faster. The video demonstrates specific examples of working in a programming environment;
> it is always possible to stop playing in order to perform the exercises on your own;
a registered user can review the video later.
🦑For Shultais Education Algorithms and Data Structures programming courses to be effective, you should know the basic data structures:
linked list;
array;
stack;
queue;
hash table;
map;
trie tree;
graph;
binary tree;
skip list;
heap.
https://shultais.education/courses/algo
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Shultais Education
Алгоритмы и структуры данных на Python - онлайн-курс Shultais Education
Курс по классическим алгоритмам и структурам данных на языке Python от Shultais Education.
Forwarded from DailyCVE
Dailycve
Worktile has XSS vulnerability | CVE
Details:
Worktile is a collaborative office platform for companies that solves the pain points of collaboration, office and management for companies with a size of 30-1000 people and helps companies to implement project management, standardize procedures…
Forwarded from DailyCVE
🔵Unpatched File upload vulnerability exists in OKLite:
https://dailycve.com/unpatched-file-upload-vulnerability-exists-oklite
https://dailycve.com/unpatched-file-upload-vulnerability-exists-oklite
Dailycve
Unpatched File upload vulnerability exists in OKLite | CVE
Details:
KLite is a minimalist framework for corporate websites. Displaying corporate website customers is the key focus market, helping typical small enterprises to launch websites easily.
OKLite has a file upload flaw, and the vulnerability can be…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
In order to create a vehicle, Baidu formally joined hands with Geely Holdings and the Internet giants gathered together. Has the 'Warring States Period' begun?
#Technologies
#Technologies
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑📜 Correct way to edit / etc / passwd and / etc / group files in Linux :
Correct way to edit / etc / passwd and / etc / group files with vipw and vigr commands
To safely edit the / etc / password file, simply run:
$ sudo vipw
To safely edit the / etc / group file, run:
$ sudo vigr
The vipw and vigr commands will now lock the / etc / passwd and / etc / group files and prevent other users from making any changes.
To verify this, open two terminal windows.
Run "sudo vipw" in one window and try changing the user's password in another window.
The password will not be updated until you close the vipw command.
Therefore, other users cannot accidentally or deliberately make any changes to the / etc / passwd file while you are editing them as root.
After closing / etc / passwd, the password will be updated successfully.
You can also log in as a normal user and try to change the user's password in another terminal window.
The password will not change until you close the vipw command.
You won't even be able to create new users when editing / etc / passwd with the vipw command.
$ sudo useradd itsecforu
useradd: cannot lock / etc / passwd; try again later.
Likewise, to edit the shadow versions of these files, i.e. / etc / shadow and / etc / gshadow, use the -s flag.
$ sudo vipw -s
$ sudo vigr -s
Other supported options for vipw and vipr commands:
-g , --group
Edit group database.
-h , --help
Display help message and exit.
-p , --passwd
Edit passwd database.
-q , --quiet
Quiet mode.
-R , --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the
CHROOT_DIR directory.
-s , --shadow
Edit shadow or gshadow database
For more details refer to the man pages.
$ man vipw
$ man vigr
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑📜 Correct way to edit / etc / passwd and / etc / group files in Linux :
Correct way to edit / etc / passwd and / etc / group files with vipw and vigr commands
To safely edit the / etc / password file, simply run:
$ sudo vipw
To safely edit the / etc / group file, run:
$ sudo vigr
The vipw and vigr commands will now lock the / etc / passwd and / etc / group files and prevent other users from making any changes.
To verify this, open two terminal windows.
Run "sudo vipw" in one window and try changing the user's password in another window.
The password will not be updated until you close the vipw command.
Therefore, other users cannot accidentally or deliberately make any changes to the / etc / passwd file while you are editing them as root.
After closing / etc / passwd, the password will be updated successfully.
You can also log in as a normal user and try to change the user's password in another terminal window.
The password will not change until you close the vipw command.
You won't even be able to create new users when editing / etc / passwd with the vipw command.
$ sudo useradd itsecforu
useradd: cannot lock / etc / passwd; try again later.
Likewise, to edit the shadow versions of these files, i.e. / etc / shadow and / etc / gshadow, use the -s flag.
$ sudo vipw -s
$ sudo vigr -s
Other supported options for vipw and vipr commands:
-g , --group
Edit group database.
-h , --help
Display help message and exit.
-p , --passwd
Edit passwd database.
-q , --quiet
Quiet mode.
-R , --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the
CHROOT_DIR directory.
-s , --shadow
Edit shadow or gshadow database
For more details refer to the man pages.
$ man vipw
$ man vigr
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from DailyCVE
🔵Patch for date-and-time denial of service vulnerability:
https://dailycve.com/patch-date-and-time-denial-service-vulnerability
https://dailycve.com/patch-date-and-time-denial-service-vulnerability
Dailycve
Patch for date-and-time denial of service vulnerability | CVE
Details:
Date And Time is a Npm code library based on Javascript for JS date and time processing by a personal Date And Time developer. In date-and-time versions prior to 0.14.2, there is a safety vulnerability. The weakness derives from the treatment…
Forwarded from DailyCVE
🔵Patch for HedgeDoc file upload vulnerability:
https://dailycve.com/patch-hedgedoc-file-upload-vulnerability
https://dailycve.com/patch-hedgedoc-file-upload-vulnerability
Dailycve
Patch for HedgeDoc file upload vulnerability | CVE
Detail:
Hedgedoc is a real-time editing and collaboration platform built on Javascript for the Hedgedoc team's Markdown papers. Versions previous to 1.7.1 of HedgeDoc include a file upload vulnerability. Unauthenticated attackers can use this vulnerability…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Apple canceled accessories and became a lucrative business, gaining more than 1.7 billion a year.
#Analytiques
#Analytiques
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Basic bash — Bash if statements: if, elif, else, then, fi
We also have a special elif, which we will learn more about later.
Let's start with a simple example.
In this guide, you will learn:
How to implement an if statement on the Bash command line
How such if statements can also be used inside Bash scripts
Examples showing if, elif, else, then and fi work in Bash
Example 1: a simple if statement on the command line
$ if [ 1 -eq 1 ]; then echo "Matched!"; fi
Matched!
In this example, we are comparing one to one.
Note that -eq means equal.
To do the opposite, you can use -ne, which means not equal, as shown in the following example:
$ if [ 0 -ne 1 ]; then echo "Matched!"; fi
Matched!
In this case, we checked for inequality, and since 0 is not equal to 1, the if statement is correct and the commands after then will be executed.
Let's change this a bit:
$ if [ 1 -ne 1 ]; then echo "Matched!"; else echo "Not Matched!"; fi
Not Matched!
Here we have introduced the else statement; what commands to execute if the condition in the if statement turns out to be false (or incorrect).
When we try to ask if 1 (-ne) is 1 this time, and since 1 is indeed 1, the condition formulated in this if statement is false, and we encounter our else statement with the matching text printed out.
Example 2: Using an if statement in a Bash shell script
It's worth noting that you can easily copy and paste any if statement shown here or elsewhere and use it inside a Bash shell script.
For example:
$ echo '#!/bin/bash' > myscript.sh
$ echo 'if [ 1 -eq 1 ]; then echo "Matched!"; fi' >> myscript.sh
$ chmod +x myscript.sh
$ ./myscript.sh
Matched!
$
Here we just created a small shell script myscript.sh using echo and the redirector> to redirect the output from our echo to a file.
When you use> a new file will be created and any file with the same name will be overwritten, so use with caution.
We then add our if statement again using echo and the double redirector >>, which, unlike>, does not create a new file, but simply adds text to the specified file.
Then we chmod + x to the script to make it executable, and execute the script with the ./ prefix, which is required in bash (any valid pathname will do).
The first line of the script just makes sure that we will be using the bash interpreter for our script.
It is recommended to always install it in bash and other scripts (for other scripts, you can install any interpreter that will execute your script, for example #! / Usr / bin / python3 for Python 3 (.py3 for example), etc.).
When we execute the script, we see that the result is generated as expected (1 equals 1).
Matched!
Example 3: What is elif?
The elif operator provides additional abbreviation flexibility by minimizing the need for nested operators.
Consider the following script test.sh:
#!/bin/bash
if [ 0 -eq 1 ]; then
echo '0=1'
else
if [ 0 -eq 2 ]; then
echo '0=2'
else
echo '0!=2'
fi
fi
And the output from it:
$ ./test.sh
0!=2
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Basic bash — Bash if statements: if, elif, else, then, fi
We also have a special elif, which we will learn more about later.
Let's start with a simple example.
In this guide, you will learn:
How to implement an if statement on the Bash command line
How such if statements can also be used inside Bash scripts
Examples showing if, elif, else, then and fi work in Bash
Example 1: a simple if statement on the command line
$ if [ 1 -eq 1 ]; then echo "Matched!"; fi
Matched!
In this example, we are comparing one to one.
Note that -eq means equal.
To do the opposite, you can use -ne, which means not equal, as shown in the following example:
$ if [ 0 -ne 1 ]; then echo "Matched!"; fi
Matched!
In this case, we checked for inequality, and since 0 is not equal to 1, the if statement is correct and the commands after then will be executed.
Let's change this a bit:
$ if [ 1 -ne 1 ]; then echo "Matched!"; else echo "Not Matched!"; fi
Not Matched!
Here we have introduced the else statement; what commands to execute if the condition in the if statement turns out to be false (or incorrect).
When we try to ask if 1 (-ne) is 1 this time, and since 1 is indeed 1, the condition formulated in this if statement is false, and we encounter our else statement with the matching text printed out.
Example 2: Using an if statement in a Bash shell script
It's worth noting that you can easily copy and paste any if statement shown here or elsewhere and use it inside a Bash shell script.
For example:
$ echo '#!/bin/bash' > myscript.sh
$ echo 'if [ 1 -eq 1 ]; then echo "Matched!"; fi' >> myscript.sh
$ chmod +x myscript.sh
$ ./myscript.sh
Matched!
$
Here we just created a small shell script myscript.sh using echo and the redirector> to redirect the output from our echo to a file.
When you use> a new file will be created and any file with the same name will be overwritten, so use with caution.
We then add our if statement again using echo and the double redirector >>, which, unlike>, does not create a new file, but simply adds text to the specified file.
Then we chmod + x to the script to make it executable, and execute the script with the ./ prefix, which is required in bash (any valid pathname will do).
The first line of the script just makes sure that we will be using the bash interpreter for our script.
It is recommended to always install it in bash and other scripts (for other scripts, you can install any interpreter that will execute your script, for example #! / Usr / bin / python3 for Python 3 (.py3 for example), etc.).
When we execute the script, we see that the result is generated as expected (1 equals 1).
Matched!
Example 3: What is elif?
The elif operator provides additional abbreviation flexibility by minimizing the need for nested operators.
Consider the following script test.sh:
#!/bin/bash
if [ 0 -eq 1 ]; then
echo '0=1'
else
if [ 0 -eq 2 ]; then
echo '0=2'
else
echo '0!=2'
fi
fi
And the output from it:
$ ./test.sh
0!=2
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from DailyCVE
🔵Vulnerability of the Sonicwall SonicWall NetExtender Windows client code problem:
https://dailycve.com/vulnerability-sonicwall-sonicwall-netextender-windows-client-code-problem
https://dailycve.com/vulnerability-sonicwall-sonicwall-netextender-windows-client-code-problem
Dailycve
Vulnerability of the Sonicwall SonicWall NetExtender Windows client code problem | CVE
Details:
The Sonicwall NetExtender Windows client is a client program for SSL VPN (Virtual Private Network) based on Sonicwall's Windows platform in the United States. There is a security flaw in the SonicWall NetExtender Windows client version 10.2.300…
Forwarded from DailyCVE
🔵Vulnerability of the Sonicwall SMA100 operating system order injection :
https://dailycve.com/vulnerability-sonicwall-sma100-operating-system-order-injection
https://dailycve.com/vulnerability-sonicwall-sma100-operating-system-order-injection
Dailycve
Vulnerability of the Sonicwall SMA100 operating system order injection | CVE
Details:
The Sonicwall SMA100 is a safe access gateway system developed in the United States by Sonicwall. The SonicWall SMA100 appliance has a command injection flaw that allows authenticated administrative users to perform an OS command injection using…
Forwarded from UNDERCODE TESTING
German Chancellor Merkel: The decision by Twitter to block the Trump account is "Not right"
#International
MORE DETAILS - https://undercodenews.com/german-chancellor-merkel-the-decision-by-twitter-to-block-the-trump-account-is-not-right/11/01/2021/
#International
MORE DETAILS - https://undercodenews.com/german-chancellor-merkel-the-decision-by-twitter-to-block-the-trump-account-is-not-right/11/01/2021/
