β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated GEnerate a custom wordlist-bruteforce with more speed and sucess :
t.me/undercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/digininja/CeWL
2) cd CeWL
3) ./cew.rb
CeWL 5.4.2 (Break Out) Robin Wood (robin@digi.ninja) (https://digi.ninja/)
Usage: cewl [OPTIONS] ... <url>
OPTIONS:
-h, --help: Show help.
-k, --keep: Keep the downloaded file.
-d <x>,--depth <x>: Depth to spider to, default 2.
-m, --min_word_length: Minimum word length, default 3.
-o, --offsite: Let the spider visit other sites.
-w, --write: Write the output to the file.
-u, --ua <agent>: User agent to send.
-n, --no-words: Don't output the wordlist.
-a, --meta: include meta data.
--meta_file file: Output file for meta data.
-e, --email: Include email addresses.
--email_file <file>: Output file for email addresses.
--meta-temp-dir <dir>: The temporary directory used by exiftool when parsing files, default /tmp.
-c, --count: Show the count for each word found.
-v, --verbose: Verbose.
--debug: Extra debug information.
Authentication
--auth_type: Digest or basic.
--auth_user: Authentication username.
--auth_pass: Authentication password.
Proxy Support
--proxy_host: Proxy host.
--proxy_port: Proxy port, default 8080.
--proxy_username: Username for proxy, if required.
--proxy_password: Password for proxy, if required.
Headers
--header, -H: In format name:value - can pass multiple.
<url>: The site to spider.
π¦Running CeWL in a Docker container
To quickly use CeWL on your machine with Docker, you have to build it :
1) Build the container :
docker build -t cewl .
2) Container usage without interacting with local files :
docker run -it --rm cewl [OPTIONS] ... <url>
3) Container usage with local files as input or output :
# you have to mount the current directory when calling the container
docker run -it --rm -v "${PWD}:/host" cewl [OPTIONS] ... <url>
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated GEnerate a custom wordlist-bruteforce with more speed and sucess :
t.me/undercodeTesting
π¦ πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/digininja/CeWL
2) cd CeWL
3) ./cew.rb
CeWL 5.4.2 (Break Out) Robin Wood (robin@digi.ninja) (https://digi.ninja/)
Usage: cewl [OPTIONS] ... <url>
OPTIONS:
-h, --help: Show help.
-k, --keep: Keep the downloaded file.
-d <x>,--depth <x>: Depth to spider to, default 2.
-m, --min_word_length: Minimum word length, default 3.
-o, --offsite: Let the spider visit other sites.
-w, --write: Write the output to the file.
-u, --ua <agent>: User agent to send.
-n, --no-words: Don't output the wordlist.
-a, --meta: include meta data.
--meta_file file: Output file for meta data.
-e, --email: Include email addresses.
--email_file <file>: Output file for email addresses.
--meta-temp-dir <dir>: The temporary directory used by exiftool when parsing files, default /tmp.
-c, --count: Show the count for each word found.
-v, --verbose: Verbose.
--debug: Extra debug information.
Authentication
--auth_type: Digest or basic.
--auth_user: Authentication username.
--auth_pass: Authentication password.
Proxy Support
--proxy_host: Proxy host.
--proxy_port: Proxy port, default 8080.
--proxy_username: Username for proxy, if required.
--proxy_password: Password for proxy, if required.
Headers
--header, -H: In format name:value - can pass multiple.
<url>: The site to spider.
π¦Running CeWL in a Docker container
To quickly use CeWL on your machine with Docker, you have to build it :
1) Build the container :
docker build -t cewl .
2) Container usage without interacting with local files :
docker run -it --rm cewl [OPTIONS] ... <url>
3) Container usage with local files as input or output :
# you have to mount the current directory when calling the container
docker run -it --rm -v "${PWD}:/host" cewl [OPTIONS] ... <url>
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 5258952501098909 10/21 307 Sehaki Kamal ADDRESS Vancouver BC J8T 3T8 CANADA
Use any vpn
Location Canada
Make Amazon prime
Enjoy
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Use any vpn
Location Canada
Make Amazon prime
Enjoy
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hack Wifi In 15 MintuesβΌοΈ
t.me/undercodeTesting
π¦ ππΌπ π πππΈβπ :
1) Download kali linux - https://www.kali.org/downloads/
1.1 Install Kali Linux on a USB flash drive or virtual machine
1.3 Run from a USB flash drive or virtual machine under Kali
2. Open the console
2.1 We write: iwconfig and check if our LAN card! If you have problems at this moment (this will not happen with laptops), then you need to buy this card. For 300 rubles you can take a usb tplink card with alik and everything will be in chocolate.
2.2 Now we turn on the monitoring mode: airmon-ng start wlan0 (vlan0 is the value from the parameters of the network card, you may have a slightly different one, for example mon0)
2.3 Now you need to scan: airodump-ng wlan0
2.4 Here we will see a list of Wi-Fi networks within the radius of our device, it depends on the network card. Here we need to select the target of the attack, we choose according to your taste, I usually take the one who has the best signal (The signal level is determined by the abbreviation pwr)
2.5 Now we need to press ctrl + c and stop scanning
2.6 Select the victim and write: airodump-ng --bssid ( here we write the bsidey of the victim's router, you see it above) --channel (here we write the channel, it is indicated as ch, for example 1 or 8) -w / tmp / nazvanie (this is the path where the final file and name will be) wlan0
2.7 At the very bottom we see those who are connected to the network, we select the one with a larger number in the Frames value (it is more active)
3. Open another console and write: aireplay-ng -0 1 (1 - this is the number of deauthorization packages, immediately put 50 and wait) -a (here we write the routerβs sideside, we see it in the very top line where its characteristics: level signal, channel, etc.) -s (poppy address of the user we are attacking, you can find out his poppy under STATION) wlan0
3.1 We wait until there is an inscription with a handshake in the first console, it will be indicated there for a while, it will be at the top. We do this command in the second console until the handshake passes. If it doesnβt work at all, then we write this command instead of the one: aireplay-ng -0 1 -a AP_BSSID -c CLIENT_BSSID mon0 βignore-negative-one (this is for Android devices), you can still deauthorize the entire network at once aireplay-ng --deauth 5 -a (here you register the router poppy) wlan0
4. When we received the handshake, we go along the path that we indicated and:
4.1 Decrypt this hash ourselves, give people who can do it
4.2 Turn to the https://xsrc.ru service (not ads) and throw the hash here, it quickly finds ( I have in a couple of seconds), it may be longer, but obviously faster than on my laptop in 2009: D
After decryption, you will receive a notification letter in the mail, and to get the password you need a key, 1 costs 100 rubles, the more - the cheaper. This is the only negative of this method, but I prefer it. After purchasing the key, it will come to the post office, then enter it on the site and you're done.
That's ready, then with ours, now ours! we do what we want with the network: we replace the DNS, listen to traffic or just watch movies and sit on our favorite forum :)
http://wpa-sec.stanev.org/ Service for decrypting hashes for free,
π¦ A few words about security at work:
If you use this method in your neighbors, at school, university, and other simple places - it does not matter. If you go to the office, company, or any place that has important data - get ready. Learn basic security concepts in kali linux. Although vryatli in + - a serious company has the simplest protection that can be opened in this way. Usually. They have data going through their server, which needs to be broken in order to get a password.
On security, when you are sitting in a hacked / free wifi point, Iβll tell you a couple of rules:
Use a VPN
Try not to log in to important services
Or use a VPN + TOP bundle
Or instead of vpn you can use ssh tunnel.
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hack Wifi In 15 MintuesβΌοΈ
t.me/undercodeTesting
π¦ ππΌπ π πππΈβπ :
1) Download kali linux - https://www.kali.org/downloads/
1.1 Install Kali Linux on a USB flash drive or virtual machine
1.3 Run from a USB flash drive or virtual machine under Kali
2. Open the console
2.1 We write: iwconfig and check if our LAN card! If you have problems at this moment (this will not happen with laptops), then you need to buy this card. For 300 rubles you can take a usb tplink card with alik and everything will be in chocolate.
2.2 Now we turn on the monitoring mode: airmon-ng start wlan0 (vlan0 is the value from the parameters of the network card, you may have a slightly different one, for example mon0)
2.3 Now you need to scan: airodump-ng wlan0
2.4 Here we will see a list of Wi-Fi networks within the radius of our device, it depends on the network card. Here we need to select the target of the attack, we choose according to your taste, I usually take the one who has the best signal (The signal level is determined by the abbreviation pwr)
2.5 Now we need to press ctrl + c and stop scanning
2.6 Select the victim and write: airodump-ng --bssid ( here we write the bsidey of the victim's router, you see it above) --channel (here we write the channel, it is indicated as ch, for example 1 or 8) -w / tmp / nazvanie (this is the path where the final file and name will be) wlan0
2.7 At the very bottom we see those who are connected to the network, we select the one with a larger number in the Frames value (it is more active)
3. Open another console and write: aireplay-ng -0 1 (1 - this is the number of deauthorization packages, immediately put 50 and wait) -a (here we write the routerβs sideside, we see it in the very top line where its characteristics: level signal, channel, etc.) -s (poppy address of the user we are attacking, you can find out his poppy under STATION) wlan0
3.1 We wait until there is an inscription with a handshake in the first console, it will be indicated there for a while, it will be at the top. We do this command in the second console until the handshake passes. If it doesnβt work at all, then we write this command instead of the one: aireplay-ng -0 1 -a AP_BSSID -c CLIENT_BSSID mon0 βignore-negative-one (this is for Android devices), you can still deauthorize the entire network at once aireplay-ng --deauth 5 -a (here you register the router poppy) wlan0
4. When we received the handshake, we go along the path that we indicated and:
4.1 Decrypt this hash ourselves, give people who can do it
4.2 Turn to the https://xsrc.ru service (not ads) and throw the hash here, it quickly finds ( I have in a couple of seconds), it may be longer, but obviously faster than on my laptop in 2009: D
After decryption, you will receive a notification letter in the mail, and to get the password you need a key, 1 costs 100 rubles, the more - the cheaper. This is the only negative of this method, but I prefer it. After purchasing the key, it will come to the post office, then enter it on the site and you're done.
That's ready, then with ours, now ours! we do what we want with the network: we replace the DNS, listen to traffic or just watch movies and sit on our favorite forum :)
http://wpa-sec.stanev.org/ Service for decrypting hashes for free,
π¦ A few words about security at work:
If you use this method in your neighbors, at school, university, and other simple places - it does not matter. If you go to the office, company, or any place that has important data - get ready. Learn basic security concepts in kali linux. Although vryatli in + - a serious company has the simplest protection that can be opened in this way. Usually. They have data going through their server, which needs to be broken in order to get a password.
On security, when you are sitting in a hacked / free wifi point, Iβll tell you a couple of rules:
Use a VPN
Try not to log in to important services
Or use a VPN + TOP bundle
Or instead of vpn you can use ssh tunnel.
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ LINUX is one of the CVS servers
> HOW IT WORKS ? AND HOW TO HACK ?
π¦ ππΌππ πππΈβπ :
1)marked with the version of the source file 1. The concept of
source files is the most important a component of a software unit, the management of the source file is composed of the entire software management The most important part is the key to efficient software development. To manage source files, you must mark the source files. It is generally considered that only the file name is needed. In fact, under a version maintenance tool, the source file The mark includes two parts: the file name and version. That is: the source file can be represented by the following binary tuple {filename, version}; the
2) so-called version, the general software developers have an intuitive understanding, but it is difficult to make Accurate definition. Version refers to the potential existence of a specific instance of a specific object. A specific object here refers to a software component that is managed by a version maintenance tool, generally refers to a source file. A specific instance refers to software development A real copy of the software component unit recovered by the personnel from the software storage room with certain contents and attributes.
3) The version is defined as a potential The existence is based on the following considerations: the version is used as a representation part of the source file, and the software personnel's reference to it actually wants to get different source files corresponding to different versions, so the version is an abstraction. It is used to define a specific instance The content and attributes that should be. That is to say, the version is a potential existence of a specific instance, an abstraction of different incarnations of the source file.
4) With the above understanding of the concept of version, everyone has a certain understanding of version maintenance tools: version maintenance The tool should shield the storage method of the source file from the developer. The developer does not need to understand what source files are in the software repository, but only needs to explain what source files are needed and what source files are to be stored. The version maintenance tool automatically completes all this work. The theory about version maintenance also includes: version space, dimension, version representation, storage, merge and other theories, because we mainly explain the cvs linux server here, so everything is simple, right Friends who are interested in this area can read related books
5) The cvs mentioned in this chapter is such a powerful tool. Before talking about cvs, we will introduce several other version maintenance tools.
π¦ LINUX is one of the CVS servers
> HOW IT WORKS ? AND HOW TO HACK ?
π¦ ππΌππ πππΈβπ :
1)marked with the version of the source file 1. The concept of
source files is the most important a component of a software unit, the management of the source file is composed of the entire software management The most important part is the key to efficient software development. To manage source files, you must mark the source files. It is generally considered that only the file name is needed. In fact, under a version maintenance tool, the source file The mark includes two parts: the file name and version. That is: the source file can be represented by the following binary tuple {filename, version}; the
2) so-called version, the general software developers have an intuitive understanding, but it is difficult to make Accurate definition. Version refers to the potential existence of a specific instance of a specific object. A specific object here refers to a software component that is managed by a version maintenance tool, generally refers to a source file. A specific instance refers to software development A real copy of the software component unit recovered by the personnel from the software storage room with certain contents and attributes.
3) The version is defined as a potential The existence is based on the following considerations: the version is used as a representation part of the source file, and the software personnel's reference to it actually wants to get different source files corresponding to different versions, so the version is an abstraction. It is used to define a specific instance The content and attributes that should be. That is to say, the version is a potential existence of a specific instance, an abstraction of different incarnations of the source file.
4) With the above understanding of the concept of version, everyone has a certain understanding of version maintenance tools: version maintenance The tool should shield the storage method of the source file from the developer. The developer does not need to understand what source files are in the software repository, but only needs to explain what source files are needed and what source files are to be stored. The version maintenance tool automatically completes all this work. The theory about version maintenance also includes: version space, dimension, version representation, storage, merge and other theories, because we mainly explain the cvs linux server here, so everything is simple, right Friends who are interested in this area can read related books
5) The cvs mentioned in this chapter is such a powerful tool. Before talking about cvs, we will introduce several other version maintenance tools.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Introduction to several version maintenance tools
1) The full name of SCCS SCCS is Source Code Control System. Before the introduction First define the concept of the working file. The so-called working file refers to the source file with "write" permission obtained from the software storage room.
2) SCCS is a basic source file version control tool, which is suitable for the version maintenance of any text file. It is based on the version control of a single file. Usually, its software storage room and the file to be maintained are in the same directory. When
3) SCCS is working, there is a special SCCS format file that retains the encoded version of its source file, which records enough Information to generate a new version, and records who has the right to modify the file, and has a "lock" for that version. The version of
4) SCCS is a good four-tuple, namely: release number, level number, branch number, sequence number (release, level , banch, Sequence)
π¦ RCS
1) RCS is another basic source code management tool, is WALTER.f.Tichy in 1980 at Purdue University Indina developed .RCS and SCCS similar, but also based on a single Version of the piece of file management maintenance system .RSC by RSC files; use for maintenance of RCS and SCCS similar process, also submitted by the recovery mode, and not many repeat
2) RCS file, the source file is a storage room in the RCS system, it is a special encoding file that contains sufficient information to restore the old version of the developer for the development of source files usually use it .V suffix.
π¦ its structure is as follows:
1) the RCS head, the part of the record corresponding to the version of the file The first version number of the tree,
2) Version description: This part describes the attribute properties of each node in the RCS tree
3) Initial information: part of the content is expressed when creating the first RCS version
π¦ The file content
1) RCS is similar to SCCS, RCS organizes the maintained version into a tree structure. However, RCS allows multiple branches, that is, the version of RCS SCCS is not a number that is in the form of four-tuple; serial number, grade number, [branch number, serial number] following version of the tree.
2) Summary of
> both versions maintenance tools have in common is: using the "lock" mode Only users who insist on having a "lock" have the right to modify the file. The mechanism they use is the so-called "lock-modify-unlock". Using this means that there is only one well-known weakness, that is, no more users Concurrent use.
> Second, build a cvs server under Linux 1. CVS
π¦ introduction and basic principles
1) The full name of CVS is Current Version Control. CVS is a GNU software package. Developed by Intersolv, the latest version is 1.10.8. It is A maintenance tool based on the RCS system. It explicitly separates the storage of source files and the user's working space, and has expanded the RCS recovery submission function in a certain mode. And makes it beneficial for parallel development.
2) CVS will RCS of the source file The member of its source tree hierarchy concentrated in a directory, the directory absolute path defined by the environment variable CVSROOT.
3) Visible in the directory can be divided into two parts: one is $ {CVSROOT} / CVSROOT, which contains a number of management files required CVS . The other part is the RCS file formed by the source files, and is structured according to the structure of the source tree of software development.
π¦ The characteristics of CVS during source code management
1) The source code space is separated from the user space. The
CVS system separates the source code files Put under the repository, the user must make a copy of the file under the repository to modify the file,
2) Simultaneous access to the
π¦ Introduction to several version maintenance tools
1) The full name of SCCS SCCS is Source Code Control System. Before the introduction First define the concept of the working file. The so-called working file refers to the source file with "write" permission obtained from the software storage room.
2) SCCS is a basic source file version control tool, which is suitable for the version maintenance of any text file. It is based on the version control of a single file. Usually, its software storage room and the file to be maintained are in the same directory. When
3) SCCS is working, there is a special SCCS format file that retains the encoded version of its source file, which records enough Information to generate a new version, and records who has the right to modify the file, and has a "lock" for that version. The version of
4) SCCS is a good four-tuple, namely: release number, level number, branch number, sequence number (release, level , banch, Sequence)
π¦ RCS
1) RCS is another basic source code management tool, is WALTER.f.Tichy in 1980 at Purdue University Indina developed .RCS and SCCS similar, but also based on a single Version of the piece of file management maintenance system .RSC by RSC files; use for maintenance of RCS and SCCS similar process, also submitted by the recovery mode, and not many repeat
2) RCS file, the source file is a storage room in the RCS system, it is a special encoding file that contains sufficient information to restore the old version of the developer for the development of source files usually use it .V suffix.
π¦ its structure is as follows:
1) the RCS head, the part of the record corresponding to the version of the file The first version number of the tree,
2) Version description: This part describes the attribute properties of each node in the RCS tree
3) Initial information: part of the content is expressed when creating the first RCS version
π¦ The file content
1) RCS is similar to SCCS, RCS organizes the maintained version into a tree structure. However, RCS allows multiple branches, that is, the version of RCS SCCS is not a number that is in the form of four-tuple; serial number, grade number, [branch number, serial number] following version of the tree.
2) Summary of
> both versions maintenance tools have in common is: using the "lock" mode Only users who insist on having a "lock" have the right to modify the file. The mechanism they use is the so-called "lock-modify-unlock". Using this means that there is only one well-known weakness, that is, no more users Concurrent use.
> Second, build a cvs server under Linux 1. CVS
π¦ introduction and basic principles
1) The full name of CVS is Current Version Control. CVS is a GNU software package. Developed by Intersolv, the latest version is 1.10.8. It is A maintenance tool based on the RCS system. It explicitly separates the storage of source files and the user's working space, and has expanded the RCS recovery submission function in a certain mode. And makes it beneficial for parallel development.
2) CVS will RCS of the source file The member of its source tree hierarchy concentrated in a directory, the directory absolute path defined by the environment variable CVSROOT.
3) Visible in the directory can be divided into two parts: one is $ {CVSROOT} / CVSROOT, which contains a number of management files required CVS . The other part is the RCS file formed by the source files, and is structured according to the structure of the source tree of software development.
π¦ The characteristics of CVS during source code management
1) The source code space is separated from the user space. The
CVS system separates the source code files Put under the repository, the user must make a copy of the file under the repository to modify the file,
2) Simultaneous access to the
CVS system allows multiple developers to obtain the same version of the source file of the same file at the same time. Of course, this is also the main reason why CVS is widely used
3) When a developer extracts a file, he will create a copy in his workspace that is independent of other developers.
4) The version number of this file is the same as the "header" version of the file, unless he uses the commit command to complete the permanent upgrade of the version. At this time, other users can use the undate command to match their version number with the "latest header version number.": If the user finds that the header version has changed after checkout, the RCS system's rcsmerge command can be used to form a new file. This new file and including the original content, but also includes content modified by the user. this weakness and other conflicts occur simultaneously on the same file modification developers, can notify them manually modify
5) Therefore, CVS system is a Copy-modify-Merge algorithm and The advantage of the algorithm that is not the lock-modify-unlockj mechanism used by the two systems mentioned above is that software developers can get a copy of the source file (Copy) and will not lock the file. ",
6) Thus providing the possibility for parallel development, after getting the copy, developers can modify it in their own development environment (Modify ), And then submit your modified file and merge it with the source file. Merge to form a new version.
3) When a developer extracts a file, he will create a copy in his workspace that is independent of other developers.
4) The version number of this file is the same as the "header" version of the file, unless he uses the commit command to complete the permanent upgrade of the version. At this time, other users can use the undate command to match their version number with the "latest header version number.": If the user finds that the header version has changed after checkout, the RCS system's rcsmerge command can be used to form a new file. This new file and including the original content, but also includes content modified by the user. this weakness and other conflicts occur simultaneously on the same file modification developers, can notify them manually modify
5) Therefore, CVS system is a Copy-modify-Merge algorithm and The advantage of the algorithm that is not the lock-modify-unlockj mechanism used by the two systems mentioned above is that software developers can get a copy of the source file (Copy) and will not lock the file. ",
6) Thus providing the possibility for parallel development, after getting the copy, developers can modify it in their own development environment (Modify ), And then submit your modified file and merge it with the source file. Merge to form a new version.