🔵Patch for ISPConfig SQL injection vulnerability

https://dailycve.com/patch-ispconfig-sql-injection-vulnerability

Satechi releases a 2 in 1 portable magnetic charging dock that can simultaneously charge iPhone 12 and AirPods.
#Technologies

Lenovo Group plans to list on the Shanghai Stock Exchange's Science and Technology Innovation Board.
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Running Keycloak Server in Docker Container:

Using Keycloak, developers can add authentication to applications and secure services with minimal effort.

No need to deal with user storage or authentication.

All of this is available out of the box.

You even get advanced features like User Federation, Identity Brokering, and Social Login.

Keycloak has two main components.

Keycloak Server is the server component of Keycloak.
Keycloak Application Adapter are plugins for applications to access Keycloak authentication services.
In this tutorial, we will create and run a Keycloak server in a Docker container.
Keycloak Features:
Some notable features of Keycloak:

User registration
Single Sign-On / Sign-Off belonging to the same area
2-factor authentication
LDAP integration
Broker Kerberos
Downloading the required images from Docker Hub:
Connect to the server from the UZ administrator using the ssh tool.

Since we have already installed Docker, we can now access the Docker Hub and download the required images.

Here we create two containers,

the actual Jboss / Keycloak server and
MariaDB as Data Warehouse for Keycloak Server
First download the official image of mariadb.

sudo docker pull mariadb
Using default tag: latest
latest: Pulling from library/mariadb
5c939e3a4d10: Pull complete
c63719cdbe7a: Pull complete
19a861ea6baf: Pull complete
651c9d2d6c4f: Pull complete
077e14009561: Pull complete
5f038f59a326: Pull complete
1b0216466f21: Pull complete
1b0570aa273a: Pull complete
07d05628c2aa: Pull complete
8f2f7d8e5cbd: Pull complete
fbf3ad7b2eec: Pull complete
22080b3a46be: Pull complete
8021ad8acbef: Pull complete
0b1f06407ccd: Pull complete
Digest: sha256:6f80d059050b80fd8bd951323f6e4a7dde36d62e355cf01b92d26c34d3f702f6
Status: Downloaded newer image for mariadb:latest
Now download the jboss / keycloak image.
$ sudo docker pull jboss/keycloak
Using default tag: latest
latest: Pulling from jboss/keycloak
03e56b46bf0b: Pull complete
3a13cc2f5d65: Pull complete
315b0e98b961: Pull complete
3ac53bc98ab6: Pull complete
08d597fdd8b1: Pull complete
Digest: sha256:70171289054e77e2a091fd4b7d274807e777bd01d18719a7b7b139b67d1952d4
Status: Downloaded newer image for jboss/keycloak:latest
Create a virtual network in Docker:
To connect MariaDB and Keycloak containers, we need to create a virtual network.

$ sudo docker network create keycloak-network
152e689ac69f722e8b36bcb61558dba740ec909ec27c5a8ba34f2f5ca0694038
Start MariaDB server in Docker container:
Create a directory on the host to store MariaDB database files so that we can use the same database files with other MariaDB server containers.

$ mkdir /home/itsecforu/keycloak_data
Create a MariaDB container and mount the keycloak_data directory in it.

$ sudo docker run -d \
> --name mariadb \
> --net keycloak-network \
> -v /home/ahmer/keycloak_data:/var/lib/mysql \
> -e MYSQL_ROOT_PASSWORD=Root@1234 \
> -e MYSQL_DATABASE=keycloak \
> -e MYSQL_USER=keycloak \
> -e MYSQL_PASSWORD=Keycloak@1234 \
> mariadb
55de1ec4e0c94dbe22897e6122cec57a250c95cbc4dc1be76fc7a06832f7641a
Using Docker, we have successfully launched a MariaDB container that will serve as the datastore for the Keycloak server.

Now check the contents of the keycloak_data directory.

ls /home/itsecforu/keycloak_data/
aria_log.00000001 ibdata1 ibtmp1 mysql
aria_log_control ib_logfile0 keycloak performance_schema
ib_buffer_pool ib_logfile1 multi-master.info
You can see that the MariaDB container has created its database files in the keycloak_data directory.
Start Jboss / Keycloak server in Docker container:
Create and run a Jboss / Keycloak container using the docker command.

$ sudo docker run -d \
> --name keycloak \
> --net keycloak-network \
> -p 8080:8080 \
> -e KEYCLOAK_USER=admin \
> -e KEYCLOAK_PASSWORD=Admin@1234 \
> -e DB_ADDR=mariadb \
> -e DB_USER=keycloak \
> -e DB_PASSWORD=Keycloak@1234 \
> jboss/keycloak
e2b42254fa94804e1ab9cf2924fa0463b8997205f6002e81f542b117f56a91bf
We have created and launched the Jboss / Keycloak container.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Several NEC products are vulnerable to improper authentication in RMCP connections using IPMI over LAN :

https://dailycve.com/several-nec-products-are-vulnerable-improper-authentication-rmcp-connections-using-ipmi-over-lan

For the first time RDNA enters mobile phones, the GPU of Samsung and AMD will be used in the next flagship machine.
#International

"Focus on Japanese market" and CEO DX of the US Box and tailwind "de-PPAP"
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑random hacking tips

SSLstrip
To use SSLstrip, use the following command to enable it in iptables:

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

This makes so that all traffic coming to port 80, which is the default port of HTTP websites, will instead be redirected to port 10000, which is the port the SSLstrip tool uses.

In order to use packet-modifying tools together with SSLstrip, they must be configured to watch for port 10000 instead of 80 and commands below need to be entered into Linux shell:

iptables -I INPUT -j NFQUEUE --queue-num <number>
iptables -I OUTPUT -j NFQUEUE --queue-num <number>

🦑Executable files
Converting scripts into executables :
It's important to note we focus on creating Windows executables, since for both Linux and macOS, the problem becomes trivial, since both operating systems have Python installed by default, therefore allowing us to directly run Python scripts. Another problem is that on Linux, obfuscating such executable file is almost impossible -

Despite all those differences between systems, pyinstaller should work on each one of them anyway.

🦑On Windows
In order to package Python scripts into executable files, you need to have "pyinstaller" installed and you have to run the following command:
pyinstaller <script_name.py> --onefile --noconsole

You might need to use a path to pyinstaller instead, if it's not added to PATH.

--onefile argument ensures all the required libraries and files are put into single executable.

--noconsole argument disables console, so when we run the program, no terminal shows up. Please note that some Python scripts may require "stdin", "stdout" and "stderr" to be handled properly (it is handled in our program).
The created executable can be found in the "dist" folder.

To package multiple files together with the Python script (used for creating trojans), use:
--add-data "abs/path/to/file;."

This is especially useful when creating trojans. The dot means the file will be stored (after running) in a default temp directory. Can be changed to directory of preference.
On Linux

If you need to create .exe file from a Linux machine (not recommended - it's better to do it natively), you need a

Python interpreter in it's Windows version. In order to do that, Wine is required (should be installed by default on Kali Linux).

After you've got both Python downloaded and Wine installed, type in the following command:
wine msiexec /i <python_installer_file>

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Elbrusov will be generated 20 times less than Baikal in 2021, but the developers do not consider this a loss.
#Technologies

Amazon begs the court not to order the resumption of social network web hosting facilities by Parler.
#International

🔵An unpatched SQL injection vulnerability exists in the website of Wuxi Huyi Technology:

https://dailycve.com/unpatched-sql-injection-vulnerability-exists-website-wuxi-huyi-technology

🔵Changzhou Manhao Information Technology Co., Ltd. website has SQL injection vulnerability:

https://dailycve.com/changzhou-manhao-information-technology-co-ltd-website-has-sql-injection-vulnerability

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top scams :

1) Text messaging scam
Be careful with phone messages.

SMS Text Messages From Microsoft - Genuine or Phishing?

Some, claiming that you have won a huge amount of money, etc., are trying to cheat you.

You can also receive these messages, such as from a bank, PayPal or Apple or any well-known brand.

This could be a different type of phishing.

Tips: Don't click on the link, even if it looks like a link from a bank or PayPal, etc.

Do not call the numbers listed. Contact your bank and let them know about the incident.

2) Scammers in technical support
These are the biggest consumer scams at the moment.

This mainly applies to the elderly.

You may receive an unsolicited call from a person who claims to be from Microsoft technical support or any other technical support provider, asking for permission to access your computer and saying that your computer may be infected with viruses or other malware.

Tips: just hang up and don't trust them.

Neither Microsoft nor any technical support team will call you that way.

3) Income tax fraud
You may receive a call / email from a person allegedly owned by the tax authority stating that you have some unpaid taxes and threaten that if you do not pay the full amount due immediately by bank transfer, they will file a lawsuit and etc.

Tips: Don't call that person. Do not transfer money or make payments in a panic.

Call the tax hotline and tell them about the problem.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Patch for Adobe Experience Manager cross-site scripting vulnerability:

https://dailycve.com/patch-adobe-experience-manager-cross-site-scripting-vulnerability

🔵Adobe Experience Manager blind server-side request forgery vulnerability patch:

https://dailycve.com/adobe-experience-manager-blind-server-side-request-forgery-vulnerability-patch

AMD CEO: Apple’s M1 chip leads creativity, GPU collaboration between the two sides will continue.
#International #Technologies

A T-shirt sold on Amazon was titled “Trump was titled”
#International

Enjoy, Support & Share :

T.me/UndercodeUpdates

T.me/UndercodeTesting

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to quickly check if your Linux server is under DoS attack from a single IP address ?

A) What do you need
The only thing you need to do this is a Linux server and a user with sudo privileges.

I will be demonstrating on Ubuntu Server 20.04.

We are going to use the netstat tool to find out what IPs are currently connected to your server.

To install netstat on Ubuntu, you actually install net-tools, for example:

> sudo apt-get install net-tools -y
If you are using CentOS or a Red Hat based installation, netstat should already be installed.

B) How to check your server load
The first thing we're going to do is check the load on our server.

The command we will use for this will return the number of logical processors (threads).

On the server, this number should be pretty low, but it depends on what you are running.

If you know everything is in order, make sure your number is off the charts and record the number.

If you suspect something is happening, run the flow check again and compare the results.

To check the number of logical processors, enter the command:

grep processor / proc / cpuinfo | wc -l

> If this number is significantly higher than your baseline, you may be in trouble.

For example, on my Pop! _OS I have 16 threads, but on a Nextcloud hosted Ubuntu server I only have two.

If any of these numbers doubled, I could be exposed to a DDoS attack.

C) How to check the load on your network
Next, we will check the load on our network.

It can be done with a number of tools, but I choose nload.

To install nload, enter the command:

sudo apt-get install nload -y
On CentOS, this command would be:
sudo dnf install nload -y
To run the tool, just enter the command:
nload


If this load is significantly higher than you think, you may be attacked.

How to find out which IP addresses are connected to your server
The next thing you need to do is find out which IPs are connected to your server.

For this we will use netstat like this:

netstat -ntu | awk '{print $ 5}' | cut -d: -f1 -s | sort | uniq -c | sort -nk1 -r
The output from the above command will list each IP address connected to the server and the number of instances of each.
Be sure to review this list carefully. If you see an IP address with a large number of instances (over 100), the chances of the address being the culprit for the load are pretty high.
Once you are sure of culpability, you can block the IP address with the command:

> sudo route add ADDRESS reject

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Patch for Dell Wyse ThinOS authorization issue vulnerability:

https://dailycve.com/patch-dell-wyse-thinos-authorization-issue-vulnerability