β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ The management of Webmin itself mainly includes:
1) * Module management: This part includes inserting a module, deleting a module, copying a module and resetting the category of the module. In addition, Webmin also provides the function of upgrading directly from the Internet.
2) * Interface style management: Webmin provides a variety of interface styles. KDE and Caldera interface styles are provided in version 0.91. Webmin's interface style is actually a module, you can insert a new interface style. In addition, you can also modify some Webmin interface parameters, such as page background color, table background color, etc.
3) * Internationalization support: A great feature of Webmin is to provide multi-language support. The languages ββcurrently supported by Webmin are: English, French, German, Italian, Chinese, Japanese, Korean and other languages.
4) * Webmin server group: Webmin also provides the function of discovering and managing multiple Webmin servers, which provides great convenience for managing multiple UNIX servers at the same time.
5) * Activity log: Webmin's activity log is mainly used for audit system management activities.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ The management of Webmin itself mainly includes:
1) * Module management: This part includes inserting a module, deleting a module, copying a module and resetting the category of the module. In addition, Webmin also provides the function of upgrading directly from the Internet.
2) * Interface style management: Webmin provides a variety of interface styles. KDE and Caldera interface styles are provided in version 0.91. Webmin's interface style is actually a module, you can insert a new interface style. In addition, you can also modify some Webmin interface parameters, such as page background color, table background color, etc.
3) * Internationalization support: A great feature of Webmin is to provide multi-language support. The languages ββcurrently supported by Webmin are: English, French, German, Italian, Chinese, Japanese, Korean and other languages.
4) * Webmin server group: Webmin also provides the function of discovering and managing multiple Webmin servers, which provides great convenience for managing multiple UNIX servers at the same time.
5) * Activity log: Webmin's activity log is mainly used for audit system management activities.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security of Webmin secure your as well !
t.me/undercodeTesting
Because Webmin is a Web-based management tool, so the importance of Webmin itself secure self-evident. Webmin's security is mainly reflected in the following three aspects:
1) * SSL support: By setting Webmin to support SSL, you can access Webmin through https. SSL not only authenticates your Webmin server, but also encrypts network communications during management.
2) * User access control: User access control enables administrators to control which users can access each module, and what operations users who access a certain module can perform on the module.
3) * IP access control: IP access control can limit which IP addresses can access this Webmin server, and access to IP addresses not in the access list will be prohibited.
π¦Through these security enhancements, you can safely use Webmin as your system management tool.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Security of Webmin secure your as well !
t.me/undercodeTesting
Because Webmin is a Web-based management tool, so the importance of Webmin itself secure self-evident. Webmin's security is mainly reflected in the following three aspects:
1) * SSL support: By setting Webmin to support SSL, you can access Webmin through https. SSL not only authenticates your Webmin server, but also encrypts network communications during management.
2) * User access control: User access control enables administrators to control which users can access each module, and what operations users who access a certain module can perform on the module.
3) * IP access control: IP access control can limit which IP addresses can access this Webmin server, and access to IP addresses not in the access list will be prohibited.
π¦Through these security enhancements, you can safely use Webmin as your system management tool.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FULL WEB ADMIN TUTORIALS & TIPS BY UNDERCODE
in our training program all those things are pratical ;) π
in our training program all those things are pratical ;) π
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SCAMMER cc sellet Site list. !!!!π«π«π«π«π«ββββββββ
All Site is selling 95%dead cc.
π¦ Scammer Site.....don t open :
uniccshop.bazar
βBANKOMATβ
Normal Link: Bankomat.cc
Tor Link : https://bankomatccor3gum.onion
βUNICCβ
Normal Link : Unicc.cm /(Important) uniccshop.bazar/
Tor Link : Uniccxide6hker6y.onion
valcc.bazar
βVALIDCCβ
Normal Link : Validcc.name
Normal Link : Validcc.vc
Normal Link : Validcc.tw
Normal Link : Validcc.bz
Tor Link : VALIDCVVMTWP25N5.ONION
Tor Link : VALIDCCVLSSFDGAS.ONION
Tor Link : HU5IYZFPEYIFE46M.ONION
βFESHOPβ
Normal Link : http://fe-acc18.ru/store/index.php
Normal Link :FE-ACC18.RU
Tor Link : hdjd6wv7hjngjhkb.onion
βJSTASHβ
Normal Link : jstash.bazar/
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SCAMMER cc sellet Site list. !!!!π«π«π«π«π«ββββββββ
All Site is selling 95%dead cc.
π¦ Scammer Site.....don t open :
uniccshop.bazar
βBANKOMATβ
Normal Link: Bankomat.cc
Tor Link : https://bankomatccor3gum.onion
βUNICCβ
Normal Link : Unicc.cm /(Important) uniccshop.bazar/
Tor Link : Uniccxide6hker6y.onion
valcc.bazar
βVALIDCCβ
Normal Link : Validcc.name
Normal Link : Validcc.vc
Normal Link : Validcc.tw
Normal Link : Validcc.bz
Tor Link : VALIDCVVMTWP25N5.ONION
Tor Link : VALIDCCVLSSFDGAS.ONION
Tor Link : HU5IYZFPEYIFE46M.ONION
βFESHOPβ
Normal Link : http://fe-acc18.ru/store/index.php
Normal Link :FE-ACC18.RU
Tor Link : hdjd6wv7hjngjhkb.onion
βJSTASHβ
Normal Link : jstash.bazar/
@undercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Network configuration-what listener is running on a port :
t.me/undercodeTesting
π¦ When we use netstat -an, we can sometimes see similar output :
Udp 0 0 0.0.0.0:32768 0.0.0.0:*
But there is no description about this port in / etc / services, what should I do? Is this a hacking program?
Is there a way to see what program is listening on this port?
π¦Use lsof -i: 32768 to see:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
rpc.statd 603 root 4u IPv4 953 UDP *: 32768
rpc.statd 603 root 6u IPv4 956 TCP *: 32768 (LISTEN)
turned out to be rpc program of.
π¦Use lsof -i: port to see the program running on the specified port, as well as the current connection.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Network configuration-what listener is running on a port :
t.me/undercodeTesting
π¦ When we use netstat -an, we can sometimes see similar output :
Udp 0 0 0.0.0.0:32768 0.0.0.0:*
But there is no description about this port in / etc / services, what should I do? Is this a hacking program?
Is there a way to see what program is listening on this port?
π¦Use lsof -i: 32768 to see:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
rpc.statd 603 root 4u IPv4 953 UDP *: 32768
rpc.statd 603 root 6u IPv4 956 TCP *: 32768 (LISTEN)
turned out to be rpc program of.
π¦Use lsof -i: port to see the program running on the specified port, as well as the current connection.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Requirement of Carding Done Through Mobile Requirements:
A) rooted phone.
B) install the following apps;-
1. IMEI changer
2. Phone ID changer
3. Android ID changer
4. Proxy Droid
5. CCleaner Procedure;-
π¦ > Use SOCK5 proxy with Proxy Droid apps.
> You need to change IMEI, Android ID etc before you start carding
> Use CC cleaner to Clean Android Mess and Now connect to your proxy droid with SOCKS5 proxy and connect it.
> Now follow all steps of carding TUTS as you do on PC with mentioned aboveβ¦
> Ok, so you got your cc, your drop and try to be Anonymous as you can make yourself. PS
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Requirement of Carding Done Through Mobile Requirements:
A) rooted phone.
B) install the following apps;-
1. IMEI changer
2. Phone ID changer
3. Android ID changer
4. Proxy Droid
5. CCleaner Procedure;-
π¦ > Use SOCK5 proxy with Proxy Droid apps.
> You need to change IMEI, Android ID etc before you start carding
> Use CC cleaner to Clean Android Mess and Now connect to your proxy droid with SOCKS5 proxy and connect it.
> Now follow all steps of carding TUTS as you do on PC with mentioned aboveβ¦
> Ok, so you got your cc, your drop and try to be Anonymous as you can make yourself. PS
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to evaluate OS security ? full written by undercode
instagram.com/undercodeTesting
π¦ππΌπ' π πππΈβπ
---- With the development of the network, enterprises are connecting their local area networks to wide area networks or connecting their internal networks to the Internet. This gives more and more people (internal and external) access to internal network resources. As a result of this exposure, companies urgently need to address network security issues.
---- A major part of providing effective security is to evaluate how well the existing security mechanism is integrated with the enterprise's network security strategy-that is, to judge whether the security strategy is effectively implemented. The increasing complexity of the network makes the implementation of security policies more and more difficult.
---- Evaluating the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: firewall and operating system (OS).
---- Many companies put their energies on the firewall, and according to the report provided by Aberdeen Group, the most easily overlooked security vulnerabilities are those that exist in the operating environment. Some vendors are committed to providing reliable versions of the operating environment, while most only provide optional, installable security services.
---- The operating system's security mechanism helps protect the machine running the OS from unauthorized access. Special protection for unauthorized access to specific information, specific machine instructions, and UNIX superuser instructions within the machine. Most firewalls and the Internet itself are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors may cause vulnerabilities.
---- The following two factors make the OS security mechanism very important:
---- (1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system and prevent such external intruders.
---- (2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and the FBI report indicates that more than 60% of computer crimes come from inside the enterprise. In most cases, the offenders are those resentful employees or contractors.
---- Evaluating OS security is quite difficult, especially UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires mastering the following three aspects:
---- (1) UNIX system settings
---- (2) Weaknesses caused by different versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
---- (3) Provided by different manufacturers Security patches-The
operating system is constantly patching BUGS and adding features to make the evaluation more complicated. These updates introduce new security vulnerabilities. What is needed at this time is a method for automatically evaluating operating system vulnerabilities and automatically implementing security policies. Only in this way can the gap between security strategy and security implementation be effectively assessed and shortened.
---- OS security scanning? The document just provides the required solution. The scanning software runs on each machine and probes each machine through a series of tests to dig out potential weaknesses. This software evaluates the stand-alone security environment from the perspective of the operating system and generates a detailed report of the vulnerabilities it finds, and proposes solutions.
π¦How to evaluate OS security ? full written by undercode
instagram.com/undercodeTesting
π¦ππΌπ' π πππΈβπ
---- With the development of the network, enterprises are connecting their local area networks to wide area networks or connecting their internal networks to the Internet. This gives more and more people (internal and external) access to internal network resources. As a result of this exposure, companies urgently need to address network security issues.
---- A major part of providing effective security is to evaluate how well the existing security mechanism is integrated with the enterprise's network security strategy-that is, to judge whether the security strategy is effectively implemented. The increasing complexity of the network makes the implementation of security policies more and more difficult.
---- Evaluating the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: firewall and operating system (OS).
---- Many companies put their energies on the firewall, and according to the report provided by Aberdeen Group, the most easily overlooked security vulnerabilities are those that exist in the operating environment. Some vendors are committed to providing reliable versions of the operating environment, while most only provide optional, installable security services.
---- The operating system's security mechanism helps protect the machine running the OS from unauthorized access. Special protection for unauthorized access to specific information, specific machine instructions, and UNIX superuser instructions within the machine. Most firewalls and the Internet itself are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors may cause vulnerabilities.
---- The following two factors make the OS security mechanism very important:
---- (1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system and prevent such external intruders.
---- (2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and the FBI report indicates that more than 60% of computer crimes come from inside the enterprise. In most cases, the offenders are those resentful employees or contractors.
---- Evaluating OS security is quite difficult, especially UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires mastering the following three aspects:
---- (1) UNIX system settings
---- (2) Weaknesses caused by different versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
---- (3) Provided by different manufacturers Security patches-The
operating system is constantly patching BUGS and adding features to make the evaluation more complicated. These updates introduce new security vulnerabilities. What is needed at this time is a method for automatically evaluating operating system vulnerabilities and automatically implementing security policies. Only in this way can the gap between security strategy and security implementation be effectively assessed and shortened.
---- OS security scanning? The document just provides the required solution. The scanning software runs on each machine and probes each machine through a series of tests to dig out potential weaknesses. This software evaluates the stand-alone security environment from the perspective of the operating system and generates a detailed report of the vulnerabilities it finds, and proposes solutions.
---- System Security Scanner (S3) from ISS is a security assessment tool that facilitates the management and implementation of security policies. It enables companies to implement security policies across heterogeneous operating platforms. Currently, S3 supports most popular UNIX versions, including Linux, SunOS4.1.3, Solaris, HP-UX, and AIX. It helps companies to automatically conduct security assessment and maintenance on their operating system platforms. With this effective tool, companies can make full use of the potential of the network and continuously enhance their competitivenessβwithout worrying about security.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SECURITY KERNEL TIPS BY UNDERCODE :
FB.com/undercodeTesting
π¦ππΌπ' π πππΈβπ
1) kernel IP camouflage has security holes
There are serious security holes in the implementation of IP disguise of Linux system 2.2.x kernel. There is a lack of serious inspection of the connection in the relevant core code. The attacker can rewrite the UDP disguise entry in the core so that the attacker's UDP packet can be routed into the internal machine.
2) When an internal IP wants to access the DNS server of the external network, when the sent UDP packet passes through the IP masquerading gateway, the kernel adds an entry to record the connection. For example, a UDP packet connected from port 1035 of internal host A to port 53 of external host C. The kernel replaces the source address of this packet with the IP of the disguised gateway (B). Port, the default is from 61000 port to 65096 port, so in theory, the core can handle 4096 TCP / UDP camouflage connections at the same time.
Host A: 1035-> GW B: 63767-> Host C: 53When
3) an external network sends a UDP packet to a disguised gateway, Linux IP disguise only decides whether this UDP packet should be forwarded to the internal network based on the target port. If the target port has a corresponding entry in the established camouflage connection table, it will update the source ip and source port in this packet to the remote host ip and port of the corresponding entry. As long as the attacker judges the port of the masquerading gateway, he may use his own IP and port to rewrite the masquerading connection table. The port range used by the masquerade gateway to serve masquerade connections is usually from 61000 to 65096, so it is easy for external attackers to determine which ports have been used to establish connections. An attacker can send UDP detection packets to these ports disguised as a gateway, and then check the IP ID of the port's ICMP response packets. Each host sends a packet, the IP ID in its TCP / IP stack will increase by one. Therefore, the ICMP response sent to the port used for IP masquerading will have the IP ID of the internal host.
4) This ID will usually be much different from the current IP ID of the gateway host, usually above 1000. The following example shows the process of exploiting weaknesses:
π¦Host A is an internal host (192.168.1.100)
Host B is a disguised gateway (192.168.1.1 / 10.0.0.1)
Host C is an external DNS server (10.0.0.25).
Host X is an external attacker's IP (10.10.187.13)
. Before the detection, execute the command written by undercode in the disguised gateway: ipchains -L -M -n to display the current disguised connection table Situation:
> UDP 03: 39.21 192.168.1.100 10.0.0.25 1035 (63767)-> 53
is currently a connection sent from port 1035 of 192.168.1.100 to port 53 of 10.0.0.25, the masquerading port is 63767
[from the attacker βs The result of tcpdump on the machine]
(To make it easier to see the problem, here we set the source port of all detection packets to 12345)
[Our detection will start from port 61000, we omitted some of the previous results]
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63762 unreachable [tos 0xd8] (ttl 245, id 13135)
10.10.187.13.12345> 10.0.0.1.63763: udp 0 (DF) [tos 0x18] ( ttl 254, id 23069)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63763 unreachable [tos 0xd8] (ttl 245, id 13136)
10.10.187.13.12345> 10.0.0.1.63764: udp 0 (DF ) [tos 0x18] (ttl 254, id 23070)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63764 unreachable [tos 0xd8] (ttl 245, id 13137)
10.10.187.13.12345> 10.0.0.1.63765: udp 0 (DF) [tos 0x18] ( ttl 254, id 23071)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63765 unreachable [tos 0xd8] (ttl 245, id 13138)
10.10.187.13.12345> 10.0.0.1.63766: udp 0 (DF ) [tos 0x18] (ttl 254, id 23074)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63766 unreachable [tos 0xd8] (ttl 245, id 13139)
10.10.187.13.12345> 10.0.0.1. 63 767: 0 UDP (the DF) [TOS 0x18] (TTL 254, ID 23083)
π¦ SECURITY KERNEL TIPS BY UNDERCODE :
FB.com/undercodeTesting
π¦ππΌπ' π πππΈβπ
1) kernel IP camouflage has security holes
There are serious security holes in the implementation of IP disguise of Linux system 2.2.x kernel. There is a lack of serious inspection of the connection in the relevant core code. The attacker can rewrite the UDP disguise entry in the core so that the attacker's UDP packet can be routed into the internal machine.
2) When an internal IP wants to access the DNS server of the external network, when the sent UDP packet passes through the IP masquerading gateway, the kernel adds an entry to record the connection. For example, a UDP packet connected from port 1035 of internal host A to port 53 of external host C. The kernel replaces the source address of this packet with the IP of the disguised gateway (B). Port, the default is from 61000 port to 65096 port, so in theory, the core can handle 4096 TCP / UDP camouflage connections at the same time.
Host A: 1035-> GW B: 63767-> Host C: 53When
3) an external network sends a UDP packet to a disguised gateway, Linux IP disguise only decides whether this UDP packet should be forwarded to the internal network based on the target port. If the target port has a corresponding entry in the established camouflage connection table, it will update the source ip and source port in this packet to the remote host ip and port of the corresponding entry. As long as the attacker judges the port of the masquerading gateway, he may use his own IP and port to rewrite the masquerading connection table. The port range used by the masquerade gateway to serve masquerade connections is usually from 61000 to 65096, so it is easy for external attackers to determine which ports have been used to establish connections. An attacker can send UDP detection packets to these ports disguised as a gateway, and then check the IP ID of the port's ICMP response packets. Each host sends a packet, the IP ID in its TCP / IP stack will increase by one. Therefore, the ICMP response sent to the port used for IP masquerading will have the IP ID of the internal host.
4) This ID will usually be much different from the current IP ID of the gateway host, usually above 1000. The following example shows the process of exploiting weaknesses:
π¦Host A is an internal host (192.168.1.100)
Host B is a disguised gateway (192.168.1.1 / 10.0.0.1)
Host C is an external DNS server (10.0.0.25).
Host X is an external attacker's IP (10.10.187.13)
. Before the detection, execute the command written by undercode in the disguised gateway: ipchains -L -M -n to display the current disguised connection table Situation:
> UDP 03: 39.21 192.168.1.100 10.0.0.25 1035 (63767)-> 53
is currently a connection sent from port 1035 of 192.168.1.100 to port 53 of 10.0.0.25, the masquerading port is 63767
[from the attacker βs The result of tcpdump on the machine]
(To make it easier to see the problem, here we set the source port of all detection packets to 12345)
[Our detection will start from port 61000, we omitted some of the previous results]
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63762 unreachable [tos 0xd8] (ttl 245, id 13135)
10.10.187.13.12345> 10.0.0.1.63763: udp 0 (DF) [tos 0x18] ( ttl 254, id 23069)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63763 unreachable [tos 0xd8] (ttl 245, id 13136)
10.10.187.13.12345> 10.0.0.1.63764: udp 0 (DF ) [tos 0x18] (ttl 254, id 23070)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63764 unreachable [tos 0xd8] (ttl 245, id 13137)
10.10.187.13.12345> 10.0.0.1.63765: udp 0 (DF) [tos 0x18] ( ttl 254, id 23071)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63765 unreachable [tos 0xd8] (ttl 245, id 13138)
10.10.187.13.12345> 10.0.0.1.63766: udp 0 (DF ) [tos 0x18] (ttl 254, id 23074)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63766 unreachable [tos 0xd8] (ttl 245, id 13139)
10.10.187.13.12345> 10.0.0.1. 63 767: 0 UDP (the DF) [TOS 0x18] (TTL 254, ID 23083)
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
10.0.0.1> 10.10.187.13: ICMP: 10.0.0.1 unreachable The UDP Port 63767 [TOS 0xD8] (TTL 244, ID 17205)
^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^
The ID of the above package is 17205, and its difference from 13139 has exceeded 4000, which means that we found a pretended connection. !!!
10.10.187.13.12345> 10.0.0.1.63768: udp 0 (DF) [tos 0x18] (ttl 254, id 23084)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63768 unreachable [tos 0xd8] (ttl 245, id 13140)
10.10.187.13.12345> 10.0.0.1.63769: udp 0 (DF) [tos 0x18] (ttl 254, id 23088)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63769 unreachable [tos 0xd8] (ttl 245, id 13141)
10.10.187.13.12345> 10.0.0.1.63770: udp 0 (DF) [tos 0x18] (ttl 254, id 23090)
10.0.0.1> 10.10.187.13 : icmp: 10.0.0.1 udp port 63770 unreachable [tos 0xd8] (ttl 245, id
13142 ) 10.10.187.13.12345> 10.0.0.1.63771: udp 0 (DF) [tos 0x18] (ttl 254, id 23091)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63771 unreachable [tos 0xd8] (ttl 245, id 13143)
10.10.187.13.12345> 10.0.0.1.63771: udp 0 (DF) [tos 0x18] ( ttl 254, id 23092)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63772 unreachable [tos 0xd8] (ttl 245, id 13144)
[our detected end of port 65096, we have omitted some results]
now Let's check the situation of the masquerading connection table of the masquerading gateway:
ipchains -L -M -n
> UDP 04: 35.12 192.168.1.100 10.10.187.13 1035 (63767)-> 12345
You can see that the remote host has been replaced by an attack The ip of the attacker is 10.10.187.13, and the target port is also replaced by the source port used for attacker detection: 12345.
Now the attacker can send UDP data from the source port 12345 to port 1035 of the internal host.
π¦Suggestion:
A possible solution to the problem of accessing external DNS is to set it on a disguised gateway A cached domain name server, and then prohibit the disguise of UDP packets.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^
The ID of the above package is 17205, and its difference from 13139 has exceeded 4000, which means that we found a pretended connection. !!!
10.10.187.13.12345> 10.0.0.1.63768: udp 0 (DF) [tos 0x18] (ttl 254, id 23084)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63768 unreachable [tos 0xd8] (ttl 245, id 13140)
10.10.187.13.12345> 10.0.0.1.63769: udp 0 (DF) [tos 0x18] (ttl 254, id 23088)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63769 unreachable [tos 0xd8] (ttl 245, id 13141)
10.10.187.13.12345> 10.0.0.1.63770: udp 0 (DF) [tos 0x18] (ttl 254, id 23090)
10.0.0.1> 10.10.187.13 : icmp: 10.0.0.1 udp port 63770 unreachable [tos 0xd8] (ttl 245, id
13142 ) 10.10.187.13.12345> 10.0.0.1.63771: udp 0 (DF) [tos 0x18] (ttl 254, id 23091)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63771 unreachable [tos 0xd8] (ttl 245, id 13143)
10.10.187.13.12345> 10.0.0.1.63771: udp 0 (DF) [tos 0x18] ( ttl 254, id 23092)
10.0.0.1> 10.10.187.13: icmp: 10.0.0.1 udp port 63772 unreachable [tos 0xd8] (ttl 245, id 13144)
[our detected end of port 65096, we have omitted some results]
now Let's check the situation of the masquerading connection table of the masquerading gateway:
ipchains -L -M -n
> UDP 04: 35.12 192.168.1.100 10.10.187.13 1035 (63767)-> 12345
You can see that the remote host has been replaced by an attack The ip of the attacker is 10.10.187.13, and the target port is also replaced by the source port used for attacker detection: 12345.
Now the attacker can send UDP data from the source port 12345 to port 1035 of the internal host.
π¦Suggestion:
A possible solution to the problem of accessing external DNS is to set it on a disguised gateway A cached domain name server, and then prohibit the disguise of UDP packets.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦AMAZON NEW CARDING METHOD WORKS 100%How to Card Amazon :
π¦ππΌπ' π πππΈβπ
π¦ Method 1
Things you will need:
Quality CC/CVV to an address, full name, phone number, zip code, city, and
state (donβt get junk cards pay good money for good cards)
Socks 4/5 to the state and if you can the city since that would be perfect. This
sock must have never been used before so donβt be cheap and get a quality
sock. Socks are just as important as quality cards!
You will need programs to cleanup cookies and other flagging shit. Get
CCleaner- get the free version it has everything you need. Get the flash cookie
cleaner- it is free as well
Antidetect 7 or Fraudfox VM: These are not needed but they really increase
your carding success to almost 100% if used correctly and setup properly which
both are not very hard to do.
A drop address or if youβre carding digital items you donβt need that.
OK now letβs card
-------------------------X---------------------------------
You just need a Diners Club international cc, Indian NON-VBV
or AMEX, Some Amex are still working
Iβm listing some bins here which will work on Amazon.
542034542034 IN MASTERCARD CREDIT BANK OF INDIA
542086 IN MASTERCARD CREDIT ANDHRA BANK
376900 IN AMEX CREDIT AMERICAN EXPRESS
376901 IN AMEX CREDIT AMERICAN EXPRESS
376902 IN AMEX CREDIT AMERI EXPRESS
376903 IN AMEX CREDIT AMERI EXPRESS
#All are Non-VBV
π¦ First Method (Most successful)
Restart the computer and make sure you have used ccleaner and flash cookie
cleaner and they are running. Used disk cleanup in windows as well.
Create a new account on Amazon using a fresh good socks. Modern protection
against carding tracks the user's behavior on the site. Therefore, you must act as
a typical buyer, not jump directly to your product. Use the search, see different
knick-knacks, add them to the cart, but do not buy. It should be quite different
items, not those that you want to card.
After the virtual shopping logout from Amazon, leave the computer, and stop
the activity on it. Put it to sleep. After 5 or more hours, go back to Amazon and
clean your cart. Now letβs card.
Now find the items falling into the limit of your card somewhere between $30
and $150. Using a credit card, pay for the goods that you selected. You may need
to wait for amazon to approve your order or not. Sometimes itβs random I swear.
Now the order should have been accepted and shipped. If not, then you either
have a shitty card worth less than what you trying to card or you threw a flag. Go
back and check your setup. This is pretty full proof way to card amazon. If
everything is in place and you have your bases covered, you should be in and
out. Make sure you check to see if you IP leaking cause that would throw a flag
as well: https://www.dnsleaktest.com
Now we can also speed up this order if itβs in processing just so it doesnβt get
charged back and flagged before it gets shipped. Send amazon an email from
the email that you created for this account. Gmail is preferred email for this setup
as it is much more trustworthy do to its security signed up measures. Use an
excuse to make them speed it up. There is excuse kind of tie into what you are
buying. So letβs say you want a 800 dollar cannon camera then tell them that you
need it for β day for your college project or you will fail the class etc. Donβt forgetitβs real person on the other end so make your excuse real and donβt go too in
depth.
Now they may ask to call you on the phone number associated with the CC
account. This happens maybe 30% of the time. Just say OK and hope no one
picks up the phone on the other end and luck I on your side. If they send you
another email saying they tried to contact, you but no answer then simply say- βI
am so sorry I changed my number and I havenβt update it with my CC company
yetβ then give them a burner number where you can actually answer.
Now if all goes smooth then you have carded your first real item on Amazon.
Now that you have done that your account is trusted and you can place an order
π¦AMAZON NEW CARDING METHOD WORKS 100%How to Card Amazon :
π¦ππΌπ' π πππΈβπ
π¦ Method 1
Things you will need:
Quality CC/CVV to an address, full name, phone number, zip code, city, and
state (donβt get junk cards pay good money for good cards)
Socks 4/5 to the state and if you can the city since that would be perfect. This
sock must have never been used before so donβt be cheap and get a quality
sock. Socks are just as important as quality cards!
You will need programs to cleanup cookies and other flagging shit. Get
CCleaner- get the free version it has everything you need. Get the flash cookie
cleaner- it is free as well
Antidetect 7 or Fraudfox VM: These are not needed but they really increase
your carding success to almost 100% if used correctly and setup properly which
both are not very hard to do.
A drop address or if youβre carding digital items you donβt need that.
OK now letβs card
-------------------------X---------------------------------
You just need a Diners Club international cc, Indian NON-VBV
or AMEX, Some Amex are still working
Iβm listing some bins here which will work on Amazon.
542034542034 IN MASTERCARD CREDIT BANK OF INDIA
542086 IN MASTERCARD CREDIT ANDHRA BANK
376900 IN AMEX CREDIT AMERICAN EXPRESS
376901 IN AMEX CREDIT AMERICAN EXPRESS
376902 IN AMEX CREDIT AMERI EXPRESS
376903 IN AMEX CREDIT AMERI EXPRESS
#All are Non-VBV
π¦ First Method (Most successful)
Restart the computer and make sure you have used ccleaner and flash cookie
cleaner and they are running. Used disk cleanup in windows as well.
Create a new account on Amazon using a fresh good socks. Modern protection
against carding tracks the user's behavior on the site. Therefore, you must act as
a typical buyer, not jump directly to your product. Use the search, see different
knick-knacks, add them to the cart, but do not buy. It should be quite different
items, not those that you want to card.
After the virtual shopping logout from Amazon, leave the computer, and stop
the activity on it. Put it to sleep. After 5 or more hours, go back to Amazon and
clean your cart. Now letβs card.
Now find the items falling into the limit of your card somewhere between $30
and $150. Using a credit card, pay for the goods that you selected. You may need
to wait for amazon to approve your order or not. Sometimes itβs random I swear.
Now the order should have been accepted and shipped. If not, then you either
have a shitty card worth less than what you trying to card or you threw a flag. Go
back and check your setup. This is pretty full proof way to card amazon. If
everything is in place and you have your bases covered, you should be in and
out. Make sure you check to see if you IP leaking cause that would throw a flag
as well: https://www.dnsleaktest.com
Now we can also speed up this order if itβs in processing just so it doesnβt get
charged back and flagged before it gets shipped. Send amazon an email from
the email that you created for this account. Gmail is preferred email for this setup
as it is much more trustworthy do to its security signed up measures. Use an
excuse to make them speed it up. There is excuse kind of tie into what you are
buying. So letβs say you want a 800 dollar cannon camera then tell them that you
need it for β day for your college project or you will fail the class etc. Donβt forgetitβs real person on the other end so make your excuse real and donβt go too in
depth.
Now they may ask to call you on the phone number associated with the CC
account. This happens maybe 30% of the time. Just say OK and hope no one
picks up the phone on the other end and luck I on your side. If they send you
another email saying they tried to contact, you but no answer then simply say- βI
am so sorry I changed my number and I havenβt update it with my CC company
yetβ then give them a burner number where you can actually answer.
Now if all goes smooth then you have carded your first real item on Amazon.
Now that you have done that your account is trusted and you can place an order