β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Blackmailed by locked machine? Android unlock crack method
by undercode :
t.me/UndercodeTesting
π¦ βββ£ 'ββ’ ββ£ββ‘β£
Android emulator (RE file manager)
REQUIREMENTS :
Huawei ADB driver
ApkIDE less month version
Unlock: 1) First, after running the main program to get the ROOT program, the phone will be automatically restarted after it is stuck, and then you will get the following directly
I was blinded at that time! Because the mobile phone is equipped with some hard-to-find software, and there is still a lot of data, I do nβt want to clear it. Then I first learned the "mobile sample analysis" of the last public account push. .
2) Start learning to decompress because the virus of the previous author directly obtains an SO file to decompress to get the installation package, and then directly run the tool to get the process name, disable and delete it (I just stuck this step for an afternoon) I started to simply think that it was over The main program can be opened,
3) Then decompile wifikill pro to get smdev.wifikillpro.com, then run am force-stop smdev.wifikillpro.com and found that it is not useful! I am desperate!
4) Then go to the big file in the main program to change it to ZIP, and then use the Android emulator to get the virus program released by the main program
5) Forgot to install the file manager at the beginning of the Android emulator test,
It took many and many times to submit the package of the virus program
6) After obtaining the basic information of the virus program, you can perform a decompilation: cia.apk (virus package name) com.chunuo.l (virus real name)
7) Start process killing and virus deletion. Return to the "Mobile Sample Analysis" command to ban the virus program, and then go to the mobile phone homepage,
8) Then use RE Manager to delete the virus program. Then delete the main program
writtenn by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Blackmailed by locked machine? Android unlock crack method
by undercode :
t.me/UndercodeTesting
π¦ βββ£ 'ββ’ ββ£ββ‘β£
Android emulator (RE file manager)
REQUIREMENTS :
Huawei ADB driver
ApkIDE less month version
Unlock: 1) First, after running the main program to get the ROOT program, the phone will be automatically restarted after it is stuck, and then you will get the following directly
I was blinded at that time! Because the mobile phone is equipped with some hard-to-find software, and there is still a lot of data, I do nβt want to clear it. Then I first learned the "mobile sample analysis" of the last public account push. .
2) Start learning to decompress because the virus of the previous author directly obtains an SO file to decompress to get the installation package, and then directly run the tool to get the process name, disable and delete it (I just stuck this step for an afternoon) I started to simply think that it was over The main program can be opened,
3) Then decompile wifikill pro to get smdev.wifikillpro.com, then run am force-stop smdev.wifikillpro.com and found that it is not useful! I am desperate!
4) Then go to the big file in the main program to change it to ZIP, and then use the Android emulator to get the virus program released by the main program
5) Forgot to install the file manager at the beginning of the Android emulator test,
It took many and many times to submit the package of the virus program
6) After obtaining the basic information of the virus program, you can perform a decompilation: cia.apk (virus package name) com.chunuo.l (virus real name)
7) Start process killing and virus deletion. Return to the "Mobile Sample Analysis" command to ban the virus program, and then go to the mobile phone homepage,
8) Then use RE Manager to delete the virus program. Then delete the main program
writtenn by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from TARJETAS PRO UNDER CARDING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ LiveCCN β :
374207289062001|02|24|9127
374207212051006|07|20|2310
374207670392009|02|20|2410
374207930492003|04|20|2493
374202532774007|06|22|5316
374202509031001|07|24|6185
372328545401007|05|20|2788
374204031742006|04|20|2201
372329167191009|05|20|3516
375341651270659|02|20|2521
374205587922009|09|23|2622
374207822117015|12|20|2235
372650630751008|10|20|2475
379005322391006|01|20|2314
372742017743110|04|20|2511
372329574231000|05|20|9581
375341740132225|06|20|2442
379136124372376|71|12|0229
379136513422101|30|42|0255
374206986581008|10|20|2221
374207348481002|04|23|3095
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ LiveCCN β :
374207289062001|02|24|9127
374207212051006|07|20|2310
374207670392009|02|20|2410
374207930492003|04|20|2493
374202532774007|06|22|5316
374202509031001|07|24|6185
372328545401007|05|20|2788
374204031742006|04|20|2201
372329167191009|05|20|3516
375341651270659|02|20|2521
374205587922009|09|23|2622
374207822117015|12|20|2235
372650630751008|10|20|2475
379005322391006|01|20|2314
372742017743110|04|20|2511
372329574231000|05|20|9581
375341740132225|06|20|2442
379136124372376|71|12|0229
379136513422101|30|42|0255
374206986581008|10|20|2221
374207348481002|04|23|3095
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL you need to know aboUT WhatsApp UAF Vulnerability Analysis (CVE-2019-11932)
t.me/UndercodeTesting
π¦ βββ£ 'ββ’ ββ£ββ‘β£ :
1) The attacker sends GIF files to users through any channel. One of them can be WhatsApp as a document (for example, press the "Gallery" button and select "Document" to send the damaged GIF)
If the attacker is in the contact list of the user (ie friend), the corrupted GIF will be downloaded automatically without any user interaction.
2) The user wants to send the media file to any of his / her WhatsApp friends. Therefore, the user presses the "Gallery" button and opens the WhatsApp Gallery to select the media file to be sent to his friend. Please note that the user does not have to send anything, because just opening WhatsApp Gallery will trigger the error. No additional touch is required after pressing WhatsApp Gallery.
3) Since WhatsApp will display a preview of each media (including the received GIF file), it will trigger a double-free error and our RCE utilization.
This vulnerability will affect WhatsApp versions prior to 2.19.244, and Android 8.1 and 9.0 versions.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ALL you need to know aboUT WhatsApp UAF Vulnerability Analysis (CVE-2019-11932)
t.me/UndercodeTesting
π¦ βββ£ 'ββ’ ββ£ββ‘β£ :
1) The attacker sends GIF files to users through any channel. One of them can be WhatsApp as a document (for example, press the "Gallery" button and select "Document" to send the damaged GIF)
If the attacker is in the contact list of the user (ie friend), the corrupted GIF will be downloaded automatically without any user interaction.
2) The user wants to send the media file to any of his / her WhatsApp friends. Therefore, the user presses the "Gallery" button and opens the WhatsApp Gallery to select the media file to be sent to his friend. Please note that the user does not have to send anything, because just opening WhatsApp Gallery will trigger the error. No additional touch is required after pressing WhatsApp Gallery.
3) Since WhatsApp will display a preview of each media (including the received GIF file), it will trigger a double-free error and our RCE utilization.
This vulnerability will affect WhatsApp versions prior to 2.19.244, and Android 8.1 and 9.0 versions.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from TARJETAS PRO UNDER CARDING
π¦ BIN Netflix
Bin : 511842003062xxxx
Fetcha : 05/23
Bin : 511842005991xxxx
Fetcha : 03/24
Bin : 511842007478xxxx
Fetcha : 11/25
Bin : 511842000167xxxx
Fetcha : 06/25
Bin : 511842004404xxxx
Fetcha : 10/25
CVV: 000
IP : Peru
> how use bin : https://t.me/UnderCodeTesting/3768
> cc generators 2020 : https://t.me/UnderCodeTesting/3411
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Bin : 511842003062xxxx
Fetcha : 05/23
Bin : 511842005991xxxx
Fetcha : 03/24
Bin : 511842007478xxxx
Fetcha : 11/25
Bin : 511842000167xxxx
Fetcha : 06/25
Bin : 511842004404xxxx
Fetcha : 10/25
CVV: 000
IP : Peru
> how use bin : https://t.me/UnderCodeTesting/3768
> cc generators 2020 : https://t.me/UnderCodeTesting/3411
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Best Web path scanner :
t.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/maurosoria/dirsearch.git
2) cd dirsearch
3) python3 dirsearch.py -u <URL> -e <EXTENSION>
π¦FEATURES :
Multithreaded
Keep alive connections
Support for multiple extensions (-e|--extensions asp,php)
Reporting (plain text, JSON)
Heuristically detects invalid web pages
Recursive brute forcing
HTTP proxy support
User agent randomization
Batch processing
Request delaying
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Best Web path scanner :
t.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/maurosoria/dirsearch.git
2) cd dirsearch
3) python3 dirsearch.py -u <URL> -e <EXTENSION>
π¦FEATURES :
Multithreaded
Keep alive connections
Support for multiple extensions (-e|--extensions asp,php)
Reporting (plain text, JSON)
Heuristically detects invalid web pages
Recursive brute forcing
HTTP proxy support
User agent randomization
Batch processing
Request delaying
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS PROCESS INJECTION ?
This technique involves the execution of malicious code and injecting the same into another running valid process, thereby causing the process to execute the code while preventing suspicion and evading detection. This allows the malicious code to run using the processβs memory, resources and elevated privileges. In addition, it allows the code to potentially evade suspicion from security solutions such as host-based firewalls, antivirus, EDRs and so on, as the code is running under a valid process.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHAT IS PROCESS INJECTION ?
This technique involves the execution of malicious code and injecting the same into another running valid process, thereby causing the process to execute the code while preventing suspicion and evading detection. This allows the malicious code to run using the processβs memory, resources and elevated privileges. In addition, it allows the code to potentially evade suspicion from security solutions such as host-based firewalls, antivirus, EDRs and so on, as the code is running under a valid process.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Nowadays, there are various methods utilized by attackers and malwares to perform process injection techniques .
> The following describes some of these techniques (Process Injection )
t.me/UndercodeTesting
1) Classic DLL injection: In this method, the malware creates a DLL on the disk and links its path string in the virtual address space of the target process, thus ensuring the process executes it. The DLL then inherits the same access to all objects and resources as the target process. In addition, since the malware creates a DLL on the disk, it makes it susceptible to being detected by security products
2) Process hollowing: In this method, the malware spawns a new instance of the target process by overwriting the memory space of the target process and replacing it with the malicious code. This technique is known as process hollowing and makes the malware stealthier than the classic DLL injection, as it feels like a valid process
3) Portable executable (βPEβ) injection: In this method, the malware copies its malicious code into the virtual address space of the target process and causes it to execute via a shellcode or the CreateRemoteThread function. The malware allocates memory in the target process and loads its malicious code into it instead of linking its path string, as in the case of classic DLL injection. In addition, this means the target process is running two (2) different codes (the legitimate process and the malware) via it and relies on Windows APIs
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Nowadays, there are various methods utilized by attackers and malwares to perform process injection techniques .
> The following describes some of these techniques (Process Injection )
t.me/UndercodeTesting
1) Classic DLL injection: In this method, the malware creates a DLL on the disk and links its path string in the virtual address space of the target process, thus ensuring the process executes it. The DLL then inherits the same access to all objects and resources as the target process. In addition, since the malware creates a DLL on the disk, it makes it susceptible to being detected by security products
2) Process hollowing: In this method, the malware spawns a new instance of the target process by overwriting the memory space of the target process and replacing it with the malicious code. This technique is known as process hollowing and makes the malware stealthier than the classic DLL injection, as it feels like a valid process
3) Portable executable (βPEβ) injection: In this method, the malware copies its malicious code into the virtual address space of the target process and causes it to execute via a shellcode or the CreateRemoteThread function. The malware allocates memory in the target process and loads its malicious code into it instead of linking its path string, as in the case of classic DLL injection. In addition, this means the target process is running two (2) different codes (the legitimate process and the malware) via it and relies on Windows APIs
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ANDROID PENTESTING GUIDE :
>Installed SDKs are on the following paths:
1) Windows:
C:\Users\<username>\AppData\Local\Android\sdk
MacOS:
/Users/<username>/Library/Android/sdk
Note: On Linux, you need to choose an SDK directory. /opt, /srv, and /usr/local are common choices.
2) Setting up the Android NDK :
> The Android NDK contains prebuilt versions of the native compiler and toolchain. Both the GCC and Clang compilers have traditionally been supported, but active support for GCC ended with NDK revision 14. The device architecture and host OS determine the appropriate version. The prebuilt toolchains are in the toolchains directory of the NDK, which contains one subdirectory for each architecture.
π¦Architecture Toolchain name
ARM-based arm-linux-androideabi-<gcc-version>
x86-based x86-<gcc-version>
MIPS-based mipsel-linux-android-<gcc-version>
ARM64-based aarch64-linux-android-<gcc-version>
X86-64-based x86_64-<gcc-version>
MIPS64-based mips64el-linux-android-<gcc-version>
Besides picking the right architecture, you need to specify the correct sysroot for the native API level you want to target. The sysroot is a directory that contains the system headers and libraries for your target. Native APIs vary by Android API level. Possible sysroots for each Android API level are in $NDK/platforms/. Each API level directory contains subdirectories for the various CPUs and architectures.
3) One possibility for setting up the build system is exporting the compiler path and necessary flags as environment variables. To make things easier, however, the NDK allows you to create a so-called standalone toolchainβa "temporary" toolchain that incorporates the required settings.
4) To set up a standalone toolchain, download the latest stable version of the NDK. Extract the ZIP file, change into the NDK root directory, and run the following command:
$ ./build/tools/make_standalone_toolchain.py --arch arm --api 24 --install-dir /tmp/android-7-toolchain
5) This creates a standalone toolchain for Android 7.0 (API level 24) in the directory /tmp/android-7-toolchain. For convenience, you can export an environment variable that points to your toolchain directory, (we'll be using this in the examples). Run the following command or add it to your .bash_profile or other startup script:
$ export TOOLCHAIN=/tmp/android-7-toolchain
π¦Testing Device
For dynamic analysis, you'll need an Android device to run the target app on. In principle, you can test without a real Android device and use only the emulator. However, apps execute quite slowly on a emulator, and simulators may not give realistic results. Testing on a real device makes for a smoother process and a more realistic environment. On the other hand, emulators allow you to easily change SDK versions or create multiple devices
π¦ANDROID PENTESTING GUIDE :
>Installed SDKs are on the following paths:
1) Windows:
C:\Users\<username>\AppData\Local\Android\sdk
MacOS:
/Users/<username>/Library/Android/sdk
Note: On Linux, you need to choose an SDK directory. /opt, /srv, and /usr/local are common choices.
2) Setting up the Android NDK :
> The Android NDK contains prebuilt versions of the native compiler and toolchain. Both the GCC and Clang compilers have traditionally been supported, but active support for GCC ended with NDK revision 14. The device architecture and host OS determine the appropriate version. The prebuilt toolchains are in the toolchains directory of the NDK, which contains one subdirectory for each architecture.
π¦Architecture Toolchain name
ARM-based arm-linux-androideabi-<gcc-version>
x86-based x86-<gcc-version>
MIPS-based mipsel-linux-android-<gcc-version>
ARM64-based aarch64-linux-android-<gcc-version>
X86-64-based x86_64-<gcc-version>
MIPS64-based mips64el-linux-android-<gcc-version>
Besides picking the right architecture, you need to specify the correct sysroot for the native API level you want to target. The sysroot is a directory that contains the system headers and libraries for your target. Native APIs vary by Android API level. Possible sysroots for each Android API level are in $NDK/platforms/. Each API level directory contains subdirectories for the various CPUs and architectures.
3) One possibility for setting up the build system is exporting the compiler path and necessary flags as environment variables. To make things easier, however, the NDK allows you to create a so-called standalone toolchainβa "temporary" toolchain that incorporates the required settings.
4) To set up a standalone toolchain, download the latest stable version of the NDK. Extract the ZIP file, change into the NDK root directory, and run the following command:
$ ./build/tools/make_standalone_toolchain.py --arch arm --api 24 --install-dir /tmp/android-7-toolchain
5) This creates a standalone toolchain for Android 7.0 (API level 24) in the directory /tmp/android-7-toolchain. For convenience, you can export an environment variable that points to your toolchain directory, (we'll be using this in the examples). Run the following command or add it to your .bash_profile or other startup script:
$ export TOOLCHAIN=/tmp/android-7-toolchain
π¦Testing Device
For dynamic analysis, you'll need an Android device to run the target app on. In principle, you can test without a real Android device and use only the emulator. However, apps execute quite slowly on a emulator, and simulators may not give realistic results. Testing on a real device makes for a smoother process and a more realistic environment. On the other hand, emulators allow you to easily change SDK versions or create multiple devices
Forwarded from TARJETAS PRO UNDER CARDING
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from TARJETAS PRO UNDER CARDING
π¦ BIN Shopping Multifunctionalπ³
π³527515008098xxxx
Fetcha : 07/23
CVV : RND
IP : USA
β½οΈVICTORIA SECRET
β½οΈEBAY
β½οΈAMAZON [πͺπΈ]
β½οΈZULILY
β½οΈDREAM PRODUCT
β½οΈAWS
> how use bin : https://t.me/UnderCodeTesting/3768
> cc generators 2020 : https://t.me/UnderCodeTesting/3411
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π³527515008098xxxx
Fetcha : 07/23
CVV : RND
IP : USA
β½οΈVICTORIA SECRET
β½οΈEBAY
β½οΈAMAZON [πͺπΈ]
β½οΈZULILY
β½οΈDREAM PRODUCT
β½οΈAWS
> how use bin : https://t.me/UnderCodeTesting/3768
> cc generators 2020 : https://t.me/UnderCodeTesting/3411
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β