▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Non-technical-Controlling Linux with Language: Linux's Speech Recognition Software Full by UndercOde
pinterest.com/UndercOdeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Linux ViaVoice requires the machine's configuration: a 16-bit sound card. In fact, ViaVoice is designed and developed specifically for Red Hat, but users can run ViaVoice normally in the Red Hat, environment and other Linux versions. Of course, users may also encounter some problems during the installation process.

2) Before installing ViaVoice speech recognition software, you must first install the Java runtime environment. ViaVoice versions were tested in a JRE-1.2.2 environment. Using the correct-old stable version can avoid incompatibilities in different JRE environments.

3) After the JRE installation is complete, put the installation disk into the CD-ROM drive and run vvsetup in the root directory, and then run vvstartuser to set yourself as a ViaVoice user and set the appropriate volume. Finally, practice repeatedly to make the software adapt to your voice. Remember that the order of installation must never be reversed.

4) "Tuning" ViaVoice is
like other speech recognition software. ViaVoice, installed for the first time, cannot recognize the user's voice very accurately. The user must "tune" it before it can recognize the user's voice.

5) One way to “tweak” ViaVoice is to repeat the words in the user manual repeatedly. For most users, this is not difficult, but the words in the manual may not be used often by users, so this method is not very efficient.

6) A better method is to use ViaVoice's Dictation application software at work. It is written in Java. When the user dictates, some words may not be recognized correctly. When this happens, the user can modify it using the appropriate tools in Dictation. ViaVoice can then modify the recognition tool to more accurately identify the user's voice. This method may take more effort, but similar modifications can be done with voice commands. However, please keep it in mind as Dictation is not very stable.

7) An expert once said that the current speech recognition software can reach a 98% accuracy rate after only 10 to 60 hours of "tuning". But so far, the results of testing ViaVoice in the Linux environment are that it is only 92% to 95% accurate, and most voice commands can be correctly recognized. Even if the user spends only a few hours practicing, you can find that the accuracy of ViaVoice is significantly improved. However, users should pay special attention when using it, the pronunciation of words, the quality of the microphone and the surrounding environment will affect the accuracy of speech recognition.

8) viva voice official site http://www.vivavocesrs.com/

9) XVoice Controls Linux Desktop
> After users have completed the installation and training of ViaVoice, they can install Xvoice. Xvoice's role is to control the desktop system and application software. ViaVoice does not have these features. Users can go to xvoice.sourceforge.net to download the Xvoice software. Note that you must install the RPM in advance, because the source program requires ViaVoice in the Linux SDK to be interrupted.

10) After the installation is complete, enter xvoice m in the last window that appears, taking care not to run Dictation. At this point, the user can do a simple test, dictate the command "next window", and another window should appear on the desktop.

11) Xvoice allows users to pre-set some spoken commands for operations. A set of spoken commands is called a grammar group. Syntax groups can be associated with a specific application, window, or a module in an application, or they can be generated by context. Operations invoked by dictated commands can include keyboard strokes, mouse events, running external commands, or any combination of the three.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Leverage GNOME Libraries to make writing applications easier
http://pinterest.com/UndercOdeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> This application has a menu menu and a detachable sub-menu, as well as a status bar that displays menu prompts, and automatically stores user-defined accelerator keys (hot keys). There is a standard "" About "" box In addition, all menu standard items have the ability to automatically switch languages ​​(try "" LANG = zh_TW.Big5 ./hello_world "", you will see a menu of Chinese characters).



/ * Hello World (Gnome Edition)
* Listing 1
* This code is public domain, so use it as you please.



* libraries that gnome needs, such as gtk, imlib, etc ...*/
#include

/* this is usually defined by autoconf but were just using simple makefiles */
#define VERSION ""1.0""

/* ""callback"" function (signal handler) which will quit the application*/
static void
exit_hello(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
}

/* callback function for when the window closes */
static int
delete_event(GtkWidget *widget, gpointer data)
{
gtk_main_quit ();
return FALSE; /* false means continue with closing the window */
}

/* a callback for the about menu item, it will display a simple ""About""
* dialog box standard to all gnome applications
*/
void
about_hello(GtkWidget *widget, gpointer data)
{
GtkWidget *box;
const char *authors[] = {
""James Bond"",
NULL
};

box = gnome_about_new(/*title: */ ""Hello World (Gnome Edition)"",
/*version: */VERSION,
/*copyright: */ ""(C) 1999 Secret Agents Inc."",
/*authors: */authors,
/*other comments: */
""An extremely complicated application which ""
""does absolutely nothing useful"",
NULL);
gtk_widget_show(box);
}

/* define the menus here */

static GnomeUIInfo file_menu [] = {
/* some item which is not one of the standard ones, the null
* would be the callback, however we dont want to really do anything */
GNOMEUIINFO_ITEM_NONE(""Something"",""Just an item which does nothing"",NULL),
/* standard exit item */
GNOMEUIINFO_MENU_EXIT_ITEM(exit_hello,NULL),
GNOMEUIINFO_END
};

static GnomeUIInfo help_menu [] = {
/* load the helpfiles for this application if available */
GNOMEUIINFO_HELP(""hello_world""),
/* the standard about item */
GNOMEUIINFO_MENU_ABOUT_ITEM(about_hello,NULL),
GNOMEUIINFO_END
};

/* define the main menubar */
static GnomeUIInfo main_menu [] = {
GNOMEUIINFO_MENU_FILE_TREE(file_menu),
GNOMEUIINFO_MENU_HELP_TREE(help_menu),
GNOMEUIINFO_END
};

🦑then /* Our main function */
int
main(int argc, char *argv[])
{
GtkWidget *app; /* pointer to our main window */
GtkWidget *w; /* pointer to some widget */

/* initialize gnome */
......

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Termux-Webpentest... tool
> txtool is made to help you for easly pentesting in termux,
t.me/UndercOdeTesting

1) git clone https://github.com/kuburan/txtool.git

2) cd txtool

3) apt install python2

4) ./install.py

5) Mtxtool

@UndercOdeTesting

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑2020 all Android Cve - VULNERABILITIES TO GAIN ACCESS ON ANY ANDROID :
twitter.com/UndercOdeTC

> CVE References Type Severity Updated AOSP versions

1) CVE-2020-0014 A-128674520 EoP High 8.0, 8.1, 9, 10

2) CVE-2020-0015 A-139017101 EoP High 8.0, 8.1, 9, 10

3) CVE-2019-2200 A-67319274 EoP High 10

4) CVE-2020-0017 A-123232892 [2] ID High 8.0, 8.1, 9, 10

5) CVE-2020-0018 A-139945049 ID High 8.0, 8.1, 9, 10

6) CVE-2020-0020 A-143118731 ID High 10

7) CVE-2020-0021 A-141413692 [2] [3] DoS High 10

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Let s Start with First Android Vulnerabilitie :
instagram.com/UndercOdeTestingCompany

🦑 CVE-2020-0014 A-128674520 EoP High 8.0, 8.1, 9, 10 :

1) RESTRICT AUTOMERGE
Make toasts non-clickable

2) Since enforcement was only on client-side, in Toast class, an app could

3) use reflection (or other means) to make the Toast clickable. This is a
security vulnerability since it allows tapjacking, that is, intercept touch
events and do stuff like steal PINs and passwords.

🦑This CL brings the enforcement to the system by applying flag
FLAG_NOT_TOUCHABLE.

Test: atest CtsWindowManagerDeviceTestCases:ToastTest
Test: Construct app that uses reflection to remove flag FLAG_NOT_TOUCHABLE and
log click events. Then:

1) Observe click events are logged without this CL.

2) Observer click events are not logged with this CL.

Bug: 128674520

Change-Id: Ic36585bc4f186e0224f5b687c49c0b3d9266838c
(cherry picked from commit b81f269ae2afb446b9d4a909fc2bcf038af00c41)

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CVE-2020-0015 A-139017101 EoP High 8.0, 8.1, 9, 10
Android bug details :
instagram.com/UndercOdeTestingCompany

1) KeyChain: Do not allow hiding Cert Install dialog

2) Do not allow apps to float a window on top of the certificate
installation / naming dialog.

3) This obscures the CA certificate installation dialog and could be used
to trick a user into installing a CA certificate.

4) This is fixed by adding the HIDE_NON_SYSTEM_OVERLAY_WINDOWS system
flag when the activity is created (onCreate), so that another activity
starting in the foreground would not be able to obscure the dialog.

Bug: 139017101
Test: Manual, with an app that floats a window.
Change-Id: Iff8e678743c3883cf1f7f64390097a768ca00856
(cherry picked from commit afdacb2ec4c5cdc2fb2a9943fa5b48100f4725c8)


@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CVE-2020-0015 A-139017101 EoP High 8.0, 8.1, 9, 10
ANDROID BUG DETAIL :

🦑 Revoke granted permission when the permission defining app is removed.☠️

> Bug: 67319274

> Test: atest android.permission.cts.RemovePermissionTest

> Change-Id: I22df546f5cd19e10045131d36dc3f5033f727baa

> Merged-In: I20c4c975a1dd41a0a6c3e068988fe60be51dd1b4
(cherry picked from commit bde381848d0d07780710ce36e0c974646ba8f995)

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NOW ANDROID SYSTEM BUGS SUCH BLUETOOTH-SOFTWARE BUGS ANDROID 7-8-9
twitter.com/UndercOdeTC



🦑 CVE References Type Severity Updated AOSP versions


1) CVE-2020-0022 A-143894715 DoS Moderate 10

> GAP: Correct the continuous pkt length in l2cap

L2cap continuous pkt length wrongly calculated in
reassembly logic when remote sends more data
than expected.

Wrong pkt length leading to memory corruption

Hence the Correct the continuous pkt length in
l2cap reassembly logic.

Bug: 135239489
Bug: 143894715
CRs-Fixed: 2434229
Test: make and internal testing
Change-Id: I758d9e31465b99e436b9b1841320000f08186c97
Merged-In: I758d9e31465b99e436b9b1841320000f08186c97
(cherry picked from commit 337bd4579453bd6bf98ff519de3ac1019cd30d28)
(cherry picked from commit 602f4b44fe30ec8b225e1cee5f96817607d93e5a)


2) RCE Critical 8.0, 8.1, 9
CVE-2020-0023 A-145130871 ID Critical 10
>Enforce BLUETOOTH_PRIVILEGED in setPhonebookAccessPermission

Bug: 145130871
Test: POC
Merged-In: Ib4985e18de9f6695acc371da78deb240d42671f1
Change-Id: I3b8897166e223179fcbcf8c7a64e0c4d4ca974ef
(cherry picked from commit 8d1e8979f56acfe477bd3b84994a716a8391a8eb)


3) CVE-2020-0005 A-141552859 EOP High 8.0, 8.1, 9, 10

4) CVE-2020-0026 A-140419401 EoP High 8.0, 8.1, 9, 10

5) CVE-2020-0027 A-144040966 EoP High 8.0, 8.1, 9, 10

6) CVE-2020-0028 A-122652057 [2] ID High 9

🦑hope after all those and more bugs coming for android, may you figured out the meaning of: ''NOTHING SAFE''

🦑For any doubt feel free to ask us

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑some Hack-News by UndercOde from our tweets : MIT: Blockchain voting system Voatz is vulnerable and vulnerable
16-2-2020
Twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> A recent study by the MIT team of engineers found a series of shocking vulnerabilities in a blockchain voting system called Voatz. After reverse engineering Voatz's Android app, researchers concluded that by invading voters' phones, attackers could observe, suppress and change votes almost at will. The paper states that a cyber attack could also reveal where a given user is voting and may suppress voting in the process.

>The researchers said that the most disturbing thing is that an attacker who broke the server that manages the Voatz API can even change the ballot when the vote comes, which should theoretically prevent the threat of distributed ledger.

>The researchers concluded: "Given the gravity of the failure discussed in this article, the lack of transparency, the risks of voter privacy, and the trivial nature of the attack, we recommend that any recent plans to use this application for high-risk elections be abandoned."

>Voatz's blockchain-based voting project is designed to replace absentee ballots, and security researchers are skeptical, but many in the tech community have expressed strong interest and it has received more than $ 9 million in venture capital. Under Voatz, users will vote remotely through the app and verify their identity through the phone's facial recognition system.

>Voatz has been used in some minor elections in the United States, collecting more than 150 votes early West Virginia elections.

> Voatz challenged MIT's findings in a blog post, saying the research methodology was "wrong." The company's main complaint is that researchers are testing outdated versions of the Voatz client software and have not tried to connect to the Voatz server itself.

> "This flawed approach invalidates any claims about its ability to disrupt the entire system," the blog post wrote.Voatz also highlighted measures that allow voters and election officials to verify ballots after the fact. "Each ballot filed with Voatz will generate a paper ballot, and every voter who uses Voatz will receive a ballot," said Hilary Braseth, the company's product owner.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Google removes more than 500 malicious extensions few days ago
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) After more than two months of in-depth investigation by Cisco Duo Security team and security researcher Jamila Kaya, Google recently announced the removal of more than 500 malicious Chrome extensions from the official online store. These extensions are known to inject malicious advertisements into user browsing sessions.

2) The malicious code injected by these extensions activates under certain conditions and redirects users to specific pages. In some cases, the redirect address may be a member link on a legitimate website such as Macys, DELL, or BestBuy; in other cases, it may be a malicious site, such as a download site for malware or a phishing page.

4) According to a report shared by the Duo Security team and Jamila Kaya, these malicious extensions have been online for at least two years. These malicious extensions were originally discovered by Kaya, who discovered them during a routine threat scan to access malicious websites through a universal URL pattern.

5) Using CRXcavator (a service for analyzing Chrome extensions), Kaya discovered the original cluster of extensions, which ran on almost the same code base, but used a variety of common names, and few related to their true use information.

6) Kaya said that we then returned the findings to Google. Later, Google found more extensions that met this pattern after self-examination, and then deleted more than 500 extensions. It is unclear how many users have more than 500 malicious extensions installed, but the number may exceed millions.

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CVE-2020-7053 LINUX DEBIAN TRACKER- AGAINST KALI-PARROT-(DEBIAN FORKS)
pinterest.com/UndercOdeOfficial

🦑 DESCRIPTION :

1) In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c.

> This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.

2)
Release Version Status
linux (PTS) jessie 3.16.56-1+deb8u1 fixed
jessie (security) 3.16.81-1 fixed
stretch 4.9.210-1 fixed
stretch (security) 4.9.189-3+deb9u2 fixed
buster 4.19.98-1 vulnerable
buster (security) 4.19.67-2+deb10u2 vulnerable
bullseye 5.4.13-1 fixed
sid 5.4.19-1 fixed


3) [stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)


4) MORE DETAILS :

Base Score 7.8 5.3
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Access Vector Local Local
Access Complexity Low Low
Privileges Required Low Low
User Interaction None None
Scope Unchanged Unchanged
Confidentiality Impact High Low
Integrity Impact High Low
Availability Impact High Low
CVSSv3 Version 3.1 3.1


Powered by Wiki
WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

We recently Posted Carding Tutorial 2020 from deep web to UndercOde wa Grps, will forward Then to here later

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Carding Tutorial: How to Buy Any Product Online for Free : FOR PROTECTING YOUR SITE- PRODUCT NOT USE FOR HACK :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Welcome dear visitors, I hope you are all right, today I posted a post about Carding, with this tip, you can buy any product online for free. Here today, I posted a complete combing tutorial method. What is grooming?

2) Carding is a term describing online trafficking of credit cards, bank accounts and other personal information, and related fraud services. The term "comb" is often associated with credit card fraud. At this point every shopping site or other purchase on the site using a credit card will attract hackers' attention, they notice this and start using it for profit.

3) Grooming is completely fraudulent and illegal in Australia and other countries. But most cases in chinia and the US are for online shopping.

4) Grooming is insecure and a complete scam for all users. There are many tricks and secrets to sorting out, which makes every country illegal and fraudulent.

5) Primarily, Carders used fake credit cards for online shopping or used credit cards for cracking. Today I will share all the secret and hidden tips of Carding.

6) I think you have to see some recently posts in the UndercOde facebook or whatsapp groups, according to them learn free carding.

7) Carding exactly is example :

>One person cracks someone's credit card and their details and buys a small amount of product online and tries to deliver it in a fake place. This is Cardel. But 99% of cadres are fake and will deceive you with your money. So don't try to contact any truck. Grooming or not grooming is a type of cybercrime.

8) Carding is used to obtain online products through fake payment methods. Carders uses information and data from others. This is a big deal for anyone and their money. If someone finds it in this case, there are hard rules for punishing them. Cyber ​​police departments handle these cases and they are not affected by anything from any government in any country.

🦑 First, Before Starts Require :

1) computer
(windows 7 recommended not 10)

2) MacBook

2) laptop

3) Android phone

4) (One of them.) VPN: But Trusted providers :
A virtual private network VPN is a network built using a public line (usually the Internet) to connect to a private network, such as a company's internal network. There are many systems that allow you to create a network using the Internet as a medium for transmitting data. VPNs use encryption and other security mechanisms to protect private networks to ensure that only authorized users can access the network, and data cannot access the network.


5) Remote Desktop Protocol RDP is a proprietary protocol developed by Microsoft that provides users with a graphical interface to connect to another computer through a network connection. The user uses the RDP client software for this purpose, and another computer must run the RDP server software. Most versions of Microsoft Windows (including Windows Mobile Linux, Unix OS X iOS Android, and other operating systems) exist client RDP servers built into the Windows operating system; there are also RDP servers for Unix and OS X. By default, the server listens on TCP port 3389 and UDP port 3389. Microsoft currently refers to its official RDP client software as Remote Desktop Connection (formerly known as "Terminal Services Client"). This protocol is an extension of the ITU-T T.128 application sharing protocol.

6) Socks 5 SOCKet Secure (SOCKS) is an Internet protocol that routes network packets between clients and servers through a proxy server. SOCKS5 also provides authentication, so only authorized users can access the server. In fact, the SOCKS server proxies TCP connections to arbitrary IP addresses and provides methods for forwarding UDP packets.

7) Don t Forget to run MacOS in Virtual box Not VMWARE

8) Crdit card combing

9) You need a reliable credit card. You need to buy a Bitcoin-based credit card. Buy any credit card from any website and you will get all your credit card information.

Example :

Tamar

Middle Name Jamsin

Last name Mozes

Billing address 9006 peppertree circle

Wichita

State KS

Zip Code 67226

Country america

Phone3166342050

Card type credit card

Credit card number 5102 4129 0001 1332

import and export. Date 6 / June 2020

Name card Tamar Mozes

Cvv2 474

Social Security Number 515 16 4160

Birthday 18

Birth Month 02

Born in 1999

Account Information example ID tmrmzes@exmaplecom

Password: ProtectionTest1ByUTC


WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁