▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 collection of android Exploits and Hacks
Fb.com/UndercOdeTestingcompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/sundaysec/Android-Exploits.git

> Recommend you grab exploitpack latest version

wget https://github.com/juansacco/exploitpack/archive/master.zip

2) Extract then Navigate into the folder and type:

3) java -jar ExploitPack.jar

4) Load the exploits

🦑Common Tools(In mobile Exploits):

> SSH

> VNC server

> A compiler (gcc / agcc)

> Android SDK (adb!)

> XCode

> Jailbroken iDevice

> Rooted Android Device

@ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Objects and classes in PHP Lets Undercode hive s you a small good example in php
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

class WeatherEntry
{

private $date;
private $comment = "";
private $temperature = 0;

private $isRainy = false;

public function __construct($date, string $comment, int $temperature)
{
$this->date = $date;
$this->comment = $comment;
$this->temperature = $temperature;
}

public function isCold()
{
return $this->temperature < 0;
}

public function setRainStatus($rain_status)
{
$this->isRainy = $rain_status;
}

public function getDayDescription()
{
$dt = strtotime($this->date);
$delta = time() - $dt;
$days = ceil($delta / 86400);

$res = "Это было $days дней назад. В тот день было ";

if ($this->isCold()) {
$res .= "холодно. ";
}
else {
$res .= "довольно тепло. ";
}

if ($this->isRainy) {
$res .= "Семенил дождь.";
}
else {
$res .= "На небе не было ни облачка.";
}

return $res;
}
}

🦑Creating an object based on a class:

$firstSeptember = new WeatherEntry("2018-09-01", "День знаний", 14);
$firstSeptember->setRainStatus(false);

print($firstSeptember->getDayDescription());

@UndercOdeOfficial

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Open Databases and Hacking with Shodan guide: details:
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) special search engines Shodan and Censys are used. Databases have a specific pattern in the form of a port and a so-called header. For example, for MongoDB, this is the standard port 27017 and the header is “mongodb server information”. Such patterns exist for other databases.

2) The most popular option is MongoDB. At the time of writing, 69,100 results have been indexed . Most of them are closed (the Authentication partially enabled parameter indicates this ).

3) To fully work with the results of issuing a database: filter records by size, date of entry into the index, number of collections, etc. need to use more functional tools. One of them is Lampyre .

If you don’t want to deliver software to yourself, you can use the familiar Shodan Command-Line Interface . For those who want to work using the command line, I have prepared a file with commands that allow you to find and analyze data in json or xlsx formats.

4) To work with more exotic databases, I recommend using LeakLooker . The script is written in Python and works with Shodan. In addition to standard databases, it supports Kibana, CouchDB.

> see next tutorial how install

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Find open databases 2019-2020
fb.com/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) pip3 install colorama

2) pip3 install hurry.filesize

3) pip3 install beautifulsoup4

4) pip3 install pybinaryedge

5) git clone https://github.com/woj-ciech/LeakLooker

6) cd LeakLooker

7) PycharmProjects/LeakLooker# python leaklooker.py -h

🦑Example :
>/PycharmProjects/LeakLooker# python leaklooker.py --rethink --listing --first 21 --last 37

🦑New version supports:

Elasticsearch
CouchDB
MongoDB
Gitlab
Rsync
Jenkins
Sonarqube
Kibana
CassandraDB
RethinkDB
Directory listing
Amazon S3

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Finding open databases with Lampyre
t.me/undercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) For more flexible settings, you can use the Lampyre tool for Windows.
> https://lampyre.io/

2) After downloading the application, you must specify the mail and confirm your account. After starting in Online Mode, you need to click New Investidation, select the folder for storing the project and start working.

3) In the List of requests, select Shodan search. We enter the API key and our query in the Query field, which will allow us to find open databases.

> all:"mongodb server information" all:"metrics"
https://lampyre.io/

4) You can also specify additional parameters in the Shodan - 2 window. For example, country and port. We start using the “Execute” button. Next up are the results. For graphic display, select “Schema” -> ”Network”.

5) Lampyre can filter found queries using the ExploreDB: MongoDB built-in query . Select the necessary IPs, then right-click on the menu and specify ExploreDB: MongoDB.

6) Then we get all the requests in a convenient format. You can filter by database size and other parameters that are not in Shodan. Confirmation that the database is open is the parameter text , which has the status open. It is worth sorting the results by the Size and Count documents parameters , since the most interesting databases will contain the maximum number of records in the tables.

7) You can also notice that Lampyre supports working with ExploreDB: ElasticSearch. We do everything by analogy using the query:

> port:"9200" all:"elastic indices"

8) now you receive in a convenient form the ElasticSearch database. They can be viewed by clicking on the link in the “ http query top 500 “ column .

9) you receive in a convenient form the ElasticSearch database. They can be viewed by clicking on the link in the “ http query top 500 “ column .

10) As a result, you find an open database of some store where you can find the phone, date of creation, description, mail and some other interesting information.

11) You can use any manager convenient for you to work with the resulting databases. For example, for MongoDB, NoSQL Manager for MongoDB, Robo 3T, or Studio 3T for MongoDB is suitable. Consider, for example, one of the options.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Analyzing Databases Using Robo 3T for MongoDB
The choice fell on the free version of Robo 3T . Portable version takes about 15 mb and allows you to quickly connect to the desired database. After starting, see a window where you need to specify the IP address.
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Right-click and add using the Add button.

2) Specify the desired IP and click Save.

3) After a successful connection, see the database. If the connection has occurred, a new client will appear in the left pane as showing on your computer

4) So You can use any manager to work with the database. You can also process data from the command line. Despite the fact that Studio 3T for MongoDB has more functionality (which is available for a trial period of 30 days

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Microsoft Access?
Microsoft Access is a Database Management System offered by Microsoft. It uses the Microsoft Jet Database Engine and comes as a part of the Microsoft Office suite of application.

Microsoft Access offers the functionality of a database and the programming capabilities to create easy to navigate screens (forms).
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Database File:
It is a file which stores the entire database. The database file is saved to your hard drive or other storage devices.

2) Datatypes:
Datatypes are the properties of each field. Every field has one datatype like text, number, date, etc.

3) Table
A Table is an object which stores data in Row & Column format to store data.
A Table is usually related to other tables in the database file.
Each column must have Unique name
We can also define Primary Key in a table.

4) Query
Queries answer a question by selecting and sorting and filtering data based on search criteria.
Queries show a selection of data based on criteria (limitations) you provide.
Queries can pull from one or more related Tables and other Queries.
Types of Query can be SELECT, INSERT, UPDATE, DELETE.

5) Form
A form is a database object that you can use to create a user interface for a database application.
Forms help you to display live data from the table. It mainly used to ease the process of data entry or editing.

6) Report
A report is an object in desktop databases primarily used for formatting, calculating, printing, and summarizing selected data.
You can even customize the report's look and feel.

7) Macros
Macros are mini computer programming constructs. They allow you to set up commands and processes in your forms, like, searching, moving to another record, or running a formula.

8) Modules:
Modules are procedures(functions) which you can write using Visual Basic for Applications (VBA).

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MS Access Datatypes
MS Access common data types are listed below:
t.me/UNderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Type of Data Description Size
Short Text Text, including numbers which does not need calculation. (e.g., Mobile numbers). Up to 255 characters.

> Long Text This data type is used for lengthy text or alphanumeric data. Maximum 63, 999 characters.

> Number Numeric data type used for storing mathematical calculations. 1, 2, 4, 8, and 16 bytes.

> Date/Time Store Date/time for the years 100 through 9999. 8 bytes.

> Currency It allows you to store currency values and numeric data with one to four decimal places. 8 bytes.

> Auto Number Assign a unique number or assigned by Microsoft Access when any new record is created. Usually used as the primary key Four bytes (16 bytes if it is set as a Replication ID).

> Yes/No It only stores logical values Yes and No. 1 bit

>Attachment It stores files, such as digital photos. Multiple files can be attached per record. Up to 2 GB Data can be stored.

> OLE objects OLE objects can store audio, video, other Binary Large Objects. Up to 2 GB data can be stored.

>Hyperlink Text or combinations of text and numbers stored. That text is used as hyperlink address. Each part of a Hyperlink data type allows you to store a maximum 2048 characters.

> Calculated Helps you to create an expression that uses data from one or more fields. You can create an expression which uses data from one or more fields.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑dumps() method converts dictionary object of python into JSON string data format.
t.me/UndercOdeTesting

Now lets we perform our first encoding example with Python.

import json

x = {
"name": "Ken",
"age": 45,
"married": True,
"children": ("Alice","Bob"),
"pets": ['Dog'],
"cars": [
{"model": "Audi A1", "mpg": 15.1},
{"model": "Zeep Compass", "mpg": 18.1}
]
}
# sorting result in asscending order by keys:
sorted_string = json.dumps(x, indent=4, sort_keys=True)
print(sorted_string)

🦑Output:

{"person": {"name": "Kenn", "sex": "male", "age": 28}})
Let's create a JSON file of the dictionary using the same function dump()

# here we create new data_file.json file with write mode using file i/o operation
with open('json_file.json', "w") as file_write:
# write json data into file
json.dump(person_data, file_write)

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How get alot of Traffics to your sites
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Website design should not be intimidating. For verification, you can ask several friends who do not understand sites and understand, look at the site and evaluate. Gather people's opinions about what they like and what they don't like.

2) The layout of the site should be normal so that nothing and wherever it moves around and crawls. Check the site in several browsers will help you service BrowserShots .

3) Consider how you can interest visitors who have arrived, because of which they will have to stay on your site or come to you again. For example, make a service on your site, an interesting section, answers to questions, etc.

4) Create a feedback and feedback page. In general, make it possible for your visitors to leave you a message, because if someone does not like something, you will most likely be told this.

5) Give your site visitor the opportunity to subscribe to updates, so you can invite him again and again to your site.

6) It is necessary to achieve indexing of the site by search engines. The faster you do it, the better, since you’ll get into the search results faster and most likely you will get your first visitors from search engines faster.

7) Perform internal site optimization.

8) If your site supports RSS, then you need to add your site to feedburner. After adding your RSS to feedburner you need to do the following. Go to the Analyze tab, then go to FeedBurner Stat [PRO] and uncheck the line Item link clicks - optimize for. With this action, we made sure that all your links in RSS will now be direct to the site, thereby if someone plunders your RSS, then all links will be direct to you.

9) After your site is indexed, I recommend adding it to social bookmarks .
Also add your site to the site ratings: mail (paid registration) and rambler .

10) Add your site to rss aggregators.

11) Add your site to the ratings of sites (blogs).

12) Make a promotion on thematic forums, how to do it I wrote in a post - promotion using forums.


Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Resource infection mechanisms for your sites:
twitter.com/UndercOdeTc

🦑 The site may become infected due to:

1) introducing a program whose purpose is to intercept access to the CMS , FTP protocols and then send them back (as a rule, the virus “enters” along with pirated software when downloading a file while visiting a site with viruses);

2) direct selection by attackers of the login characters, password set to enter the server, or CMS;

3) the possibility (due to the vulnerability of templates, plugins) to manage a site that is hosted on such popular engines as WordPress, Joomla;

4) the human factor (this may be negligence, or inexperience of the owner of the hosting, system administrator, transfer of confidential information to a third party, or its incorrect storage)

5) placement of counters, advertising (some viruses are able to use ad units, counter codes if they are provided by an unverified partner to penetrate the resource);

6) actions of site users who intentionally or inadvertently leave malicious content (this can be a downloaded file, link).

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Ways to prevent site infection:
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> Following some guidelines by UndercOde will help to minimize the risk of infection or hacking.

1) Reliable storage of logins and passwords

2) Storage of all information regarding access to an account, admin panel, FTP, passwords to other programs can only be entrusted to password managers, for example, KeePass.

> The most vulnerable storage locations are: Total Commander, browsers, text files, FTP clients. It is necessary to periodically change the passwords, and after transferring them to third parties (for example, the webmaster) do this without fail. It is advisable not to set simple or too short passwords, it is better to create keys using a password generator.

3) Using the backup function

> Hosting providers often provide the ability to copy files, and caution is never superfluous. You need to regularly backup (3-4 times a month), this also applies to the local computer.

4) Using the secure FTP connection option

> Since the FTP protocol does not have protection, attackers can intercept files during transmission over the network. To maintain security, you must use protocol versions that have reliable protection against interception (SFTP or SSH).

5) Regular updating of CMS, server software

> If you use third-party CMS, you need to update them regularly. At the same time, you need to download extensions, as well as plugins necessary for the control panel to work (including other software) from reliable, preferably official sources. It is highly recommended not to download and then run suspicious files.

6) Installing an antivirus program

> All computers with access to the server must be equipped with a reliable antivirus program, which must be updated regularly.

7) Advertising from trusted partners

> Advertising blocks, counter codes, banners should be placed exclusively from partners who have proven their reliability.

8) Site security audit

> To reduce risks, you need to regularly monitor user activity in the admin panel, on the hosting (if they are available to several users), to quickly find out about possible attempts to hack the site. You also need to track the files that appear in the directives, to inspect the code. It is convenient to carry out such a procedure using a special service, for example, Yandex.Webmaster. Using the Security tab, you can see the time of checks, as well as use information about threats, virus pages detected by Yandex anti-virus program.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How it Works The Classic computer viruses :
t.me//UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) This category includes programs that distribute their copies to the resources of the local computer in order to:

2) the subsequent launch of your code with any user actions;
further implementation in other computer resources.
Unlike worms, viruses do not use network services to penetrate other computers. A copy of the virus gets to remote computers only if, for some reason, the infected object is activated on another computer, for

🦑example:

1) upon infection of accessible disks, the virus penetrated the files located on a network share;

2) the virus copied itself onto removable media or infected the files on it;

3) the user sent an email with the infected attachment.

4) Some viruses contain the properties of other types of malicious software, such as a backdoor procedure or a Trojan component to destroy information on a disk.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The most active mobile threats in December 2019
t.me/UNdercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) xHelper and Guerrilla are leaders in the ranking of mobile malware.
xHelper is a malicious Android application , active since March 2019, used to download other malicious applications and display ads . The application is able to hide itself from user and mobile anti-virus programs and reinstall itself if the user uninstalls it.

2) Guerilla is a clicker for Android that can interact with the remote control server , download additional malicious plugins and aggressively wind clicks on ads without the consent or knowledge of the user.

3) Hiddad - A modular backdoor for Android that provides superuser privileges for downloaded malware , and also helps implement it in system processes. He can access key security details built into the OS , which allows him to receive confidential user data .

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Most common vulnerabilities in December 2019:
t.me/UndercodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Remote command injection over HTTP was the most common vulnerability affecting 33% of organizations worldwide.

> The vulnerabilities “remote execution of MVPower DVR code” and “disclosure of information in the Git repository on a web server ” in the second and third places affected 32% and 29% of organizations, respectively.

2) Remote command injection over HTTP. Attackers remotely exploit this vulnerability by sending a special request to the victim. Successful exploitation will allow an attacker to execute arbitrary code on the victim’s device.

3) Remote code execution MVPower DVR. An MVPower DVR device has a remote code execution vulnerability. An attacker could use this vulnerability to execute arbitrary code on a vulnerable router using a specially crafted request.

4) Disclosure of information in the Git repository on a web server. A vulnerability was discovered in the Git Repository that could lead to the disclosure of account information.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

What is the RC4 cryptographic algorithm ?
t.me/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> RC4 (or ARC4) is the most frequently used stream cipher in cryptography; it is used in some of the most popular protocols such as transport layer security (TLS) or secure socket layer (SSL) to protect Internet traffic and wired equivalent privacy (WEP) to add wireless network security. Using WEP is not recommended in modern systems; however, some RC4-based systems are safe enough for common use.

1) The RC4 cryptography algorithm its full name is Rivest Cipher 4, taking 2) the alternative acronym RC for “Ron’s Code” which is used by RC2, RC5 and RC 6 encryption algorithms.

3) RC4 is part of the most commonly used encryption methods such as WEP, TKIP (WPA) for wireless cards and TLS. RC4’s substantial speed and simplicity are among the main factors that have helped it to be used in such a wide range of applications.

4) Implementing RC4 both in hardware and software is quite easy, requiring few resources to deliver high throughput

5) RC4 generates a pseudorandom stream of bytes (key stream) which is XOR added to the plain text for encryption. Deciphering the message is done in the same way.

6) To generate the key stream, the encryption algorithm has an internal secret state consisting of the following:

-A permutation of 256 bytes called S vector or simply "S";

-Two 8-bit index pointers: i and j; and

-The permutation is initialised with a variable-length key, usually 40-256 bits, using a key scheduling algorithm (KSA). Once key scheduling is done, the ciphering “key stream” is produced by means of a pseudo-random generation algorithm (PRGA).

7) RC4 uses two blocks for encryption: KSA and PRGA. The following is RC4’s pseudo-code:

/ * S = S VECTOR with fixed 256 bytes * /size

/ * K = VECTOR which contains the seed * /

/ * L = length of seed (IV length plus SK length) * /

/ * N = 256, S vector size * /

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WorldList Download sites :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

>https://www.mediafire.com/file/m7tjhgfd61lfeu4/BIG-WPA-LIST-1.rar/file
(@ official site wireshark)

>https://github.com/berzerk0/Probable-Wordlists

>https://www.mediafire.com/file/6botgtnsy0rjfj9/BIG-WPA-LIST-2.rar/file
(@ official site wireshark)

>https://www.wirelesshack.org/wpa-wpa2-word-list-dictionaries.html

> https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm

> http://ftp.icm.edu.pl/packages/wordlists/

POsted By UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WEP encryption algorithm 100 reason why wep old & not recommended :
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) The cryptographic algorithm used by the WEP encryption method (and the TKIP encryption method used by WPA) is RC4, according to the standard, with 64-bit keys (the seed). These 64 bits consist of 24 bits for the initialisation vector (IV) plus 40-bit shared key (secret). The 40-bit shared key has to be distributed manually.

2) the initialisation vector is dynamically produced and should be different for every data frame. The initial IV goal was to encrypt 802.11 frames with different keys to prevent a potential attacker from capturing enough encrypted traffic with the same key and finally deducing the key.

3) new tools have been developed, such as BackTrack 2) and “Klein’s attack on RC4” have been expanded allowing an attacker to easily obtain the shared key in a few minutes, for example, as accomplished by the PTW attack

3) Both sides must know the secret key and the IV. The key is known by both sides since it is stored in the configuration of each network device; however, the IV is produced at one end and is sent in a frame to the other end.

4) WEP is encrypted via the following steps:

1- Calculate CRC-32 for 802.11 frame payload and concatenate the result (ICV);

2- Concatenate the 40-bit shared secret key to the 24-bit IV to form a 64-bit seed;

3- Input the seed obtained in step 2 into the RC4 pseudo-random number generator (PRNG) to generate a sequence of pseudo-random characters (called key stream) with a number of octets equal to the number of octets in step 1;

4- XOR the resulting characters from steps 1 and 3 to obtain the cipher-text; and

5- Send the IV (unencrypted) and the encrypted message within the IEEE 802.11 frame “frame body” field.

5) The decoding algorithm is similar to the previous one. As the other end will know the IV and the secret key then it will have the seed and can thus generate the key stream. XOR operation of encrypted received data with the key stream will unencrypt the message (payload and ICV). CRC is done. It should be noted that WEP has come to be considered unsafe

Posted By UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best Wifi Hack Tools :
fb.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Nmap - Nmap ("Network Mapper") is free open source . Utility for network research and security auditing. It was designed to quickly scan large networks, although it works great against individual hosts. Nmap uses raw IP packets in a new way to determine which hosts are available on the network, what services (application name and version) these hosts offer, which operating systems (and OS versions) they use, what type of packet filters / firewalls are used, and also dozens of other features. Nmap runs on most types of computers and is adapted to all operating systems.
> Official site - https://nmap.org/

2) Nikto - Nikto is an open source (GPL) web server scanner that performs comprehensive tests against web servers for several items, including over 3200 potentially dangerous files / CGIs, versions on more than 625 servers, and specific versions problems on more than 230 servers. Scan items and plugins are often updated and can be automatically updated (if necessary).

Offsite - https://cirt.net/Nikto2

3) THC-AMAP - AMAP is the next generation tool for scanning and testing for penetration into the network. It performs fast and reliable discovery of application protocols running on specific ports.

Offsite - http://www.thc.org/thc-amap/

4) Wireshark- . Wireshark is the world's most important network protocol analyzer. This allows you to see what is happening on your network at a microscopic level. . Wireshark is one of the best tools for network analysis [protocols], if not the best. With Wireshark, you can analyze the network to the greatest detail to see what happens. M You can use the Live to capture packets, deep inspection of hundreds of protocols, viewing and filtering.

Offsite - https://www.wireshark.org/download.html

5) THC-Hydra - The number one of the biggest security holes is passwords, as each hack shows a security password. Hydra is one of the best brute and security testing software that supports numerous attack protocols. New modules are easy to add, in addition, the program is reliable and fast.

Off. site - https://www.thc.org/thc-hydra/

6) Metasploit Framework - The Metasploit Framework is an advanced open source platform for developing, testing and using exploit code. This project originally began as a portable network game and has become a powerful tool for penetration testing, exploit development, and vulnerability research.

Offsite - https://www.metasploit.com/

7) Jhon The Ripper - John the Ripper is a popular password cracking tool that is most often used to perform dictionary attacks. John the Ripper accepts samples of text strings (from a text file referred to as a wordlist, available here, here or here, which contains popular and complex words found in a dictionary or password that were hacked earlier, are encrypted in the same way as a password ( including both the encryption algorithm and the key), and comparing the output with the encrypted string, this tool can also be used to make various changes to the dictionaries, including brute force and Rainbow attacks.

Off. site - http://www.openwall.com/john/

8) Aircrack-ng . - A set of Wi-Fi (wireless networks) is a legendary tool, because it is very effective when used in the right hands. For those entrusted with breaking into a network or auditing wireless networks, Aircrack-NG will be their best friend. If you are an ordinary hacker, you can crack the WEP protocol in a few minutes, and you should be skilled enough to be able to crack WPA / WPA2.

Off. site - http://www.aircrack-ng.org/

Written By UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁