β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dump Login Passwords From Current Linux Users :
T.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
We will use git to clone the mimipenguin repository, so first install git on the system if in case you donβt have it.
$ sudo apt install git #Debian/Ubuntu systems
$ sudo yum install git #RHEL/CentOS systems
$ sudo dnf install git #Fedora 22+
> Then clone the mimipenguin directory in your home folder (any where else) like this:
$ git clone https://github.com/huntergregal/mimipenguin.git
Once you have downloaded the directory, move into it and run mimipenguin as follows:
$ cd mimipenguin/
$ ./mimipenguin.sh
> Note: If you encounter the error below, use the sudo command like so:
Root required - You are dumping memory...
Even mimikatz requires administrator
Dump Login Passwords in Linux
Dump Login Passwords in Linux
π¦mimipenguin provides you the desktop environment along with the username and password.
Alternatively, run the Python script as follows:
$ sudo ./mimipenguin.py
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Dump Login Passwords From Current Linux Users :
T.me/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
We will use git to clone the mimipenguin repository, so first install git on the system if in case you donβt have it.
$ sudo apt install git #Debian/Ubuntu systems
$ sudo yum install git #RHEL/CentOS systems
$ sudo dnf install git #Fedora 22+
> Then clone the mimipenguin directory in your home folder (any where else) like this:
$ git clone https://github.com/huntergregal/mimipenguin.git
Once you have downloaded the directory, move into it and run mimipenguin as follows:
$ cd mimipenguin/
$ ./mimipenguin.sh
> Note: If you encounter the error below, use the sudo command like so:
Root required - You are dumping memory...
Even mimikatz requires administrator
Dump Login Passwords in Linux
Dump Login Passwords in Linux
π¦mimipenguin provides you the desktop environment along with the username and password.
Alternatively, run the Python script as follows:
$ sudo ./mimipenguin.py
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Virus classification and their characteristics
youtube.com/Undercode
π¦ππΌπ'π πππΈβπ :
To really identify the virus and kill the virus in time, we also need to have a more detailed understanding of the virus, and the more detailed the better!
Viruses are written separately by many scattered individuals or organizations, and there is no standard to measure and divide, so the classification of viruses can be roughly divided from multiple angles.
According to the target of infection, viruses can be divided into the following categories:
a. Guided virus
The target of this type of virus attack is the boot sector of the disk, so that the system can obtain priority execution rights during startup, so as to achieve the purpose of controlling the entire system. This type of virus infects the boot sector, so it causes losses It is relatively large, in general, it will cause the system to fail to start normally, but it is also easier to kill such viruses. Most antivirus software can kill such viruses, such as KV300 and KILL series.
b. File virus
Early such viruses generally infected executable files with extensions such as exe, com, etc., so that when you execute an executable file, the virus program was activated. Recently, some viruses have infected files with extensions of dll, ovl, sys, etc., because these files are usually the configuration and link files of a program, so the virus is automatically loaded by the quilt when executing a program. They are loaded by inserting whole paragraphs of virus code or scattered into the blank bytes of these files. For example, CIH virus splits itself into 9 segments and embeds them into the executable file of the PE structure. The number of sections has not increased, this is its hidden side.
c. Network viruses
This virus is the product of the rapid development of the Internet in recent years. The target of infection is no longer limited to a single mode and a single executable file, but more comprehensive and more hidden. Now some network viruses can infect almost all OFFICE files, such as WORD, EXCEL, e-mail, etc. The method of attack has also changed, from the original deletion and modification of files to file encryption and the stealing of user's useful information (such as hacking programs). The qualitative leap of transmission has also taken place. Network, such as e-mail, electronic advertising, etc.
d. Compound virus
It is classified as a "composite virus" because they have certain characteristics of both "boot" and "file" viruses. They can infect both the boot sector file of the disk and some executable files. If there is no comprehensive removal of this type of virus, the residual virus can recover itself and cause infection of boot sector files and executable files. Therefore, it is extremely difficult to check and kill such viruses. The antivirus software used must also have The function of killing two types of viruses.
The above is divided according to the objects infected by the virus. If divided according to the damage degree of the virus, we can divide the virus into the following types:
a, benign virus:
The reason why these viruses call them benign viruses is because the purpose of their invasion is not to damage your system, but just to play with it. Most of them are junior virus enthusiasts who want to test their level of developing virus programs. They don't want to damage your system, they just make some sounds, or show some prompts. There is no other harm besides occupying some hard disk space and CPU processing time. For example, some Trojan virus programs are also like this, just want to steal some communication information on your computer, such as passwords, IP addresses, etc., for use when needed.
b. Malignant virus
π¦Virus classification and their characteristics
youtube.com/Undercode
π¦ππΌπ'π πππΈβπ :
To really identify the virus and kill the virus in time, we also need to have a more detailed understanding of the virus, and the more detailed the better!
Viruses are written separately by many scattered individuals or organizations, and there is no standard to measure and divide, so the classification of viruses can be roughly divided from multiple angles.
According to the target of infection, viruses can be divided into the following categories:
a. Guided virus
The target of this type of virus attack is the boot sector of the disk, so that the system can obtain priority execution rights during startup, so as to achieve the purpose of controlling the entire system. This type of virus infects the boot sector, so it causes losses It is relatively large, in general, it will cause the system to fail to start normally, but it is also easier to kill such viruses. Most antivirus software can kill such viruses, such as KV300 and KILL series.
b. File virus
Early such viruses generally infected executable files with extensions such as exe, com, etc., so that when you execute an executable file, the virus program was activated. Recently, some viruses have infected files with extensions of dll, ovl, sys, etc., because these files are usually the configuration and link files of a program, so the virus is automatically loaded by the quilt when executing a program. They are loaded by inserting whole paragraphs of virus code or scattered into the blank bytes of these files. For example, CIH virus splits itself into 9 segments and embeds them into the executable file of the PE structure. The number of sections has not increased, this is its hidden side.
c. Network viruses
This virus is the product of the rapid development of the Internet in recent years. The target of infection is no longer limited to a single mode and a single executable file, but more comprehensive and more hidden. Now some network viruses can infect almost all OFFICE files, such as WORD, EXCEL, e-mail, etc. The method of attack has also changed, from the original deletion and modification of files to file encryption and the stealing of user's useful information (such as hacking programs). The qualitative leap of transmission has also taken place. Network, such as e-mail, electronic advertising, etc.
d. Compound virus
It is classified as a "composite virus" because they have certain characteristics of both "boot" and "file" viruses. They can infect both the boot sector file of the disk and some executable files. If there is no comprehensive removal of this type of virus, the residual virus can recover itself and cause infection of boot sector files and executable files. Therefore, it is extremely difficult to check and kill such viruses. The antivirus software used must also have The function of killing two types of viruses.
The above is divided according to the objects infected by the virus. If divided according to the damage degree of the virus, we can divide the virus into the following types:
a, benign virus:
The reason why these viruses call them benign viruses is because the purpose of their invasion is not to damage your system, but just to play with it. Most of them are junior virus enthusiasts who want to test their level of developing virus programs. They don't want to damage your system, they just make some sounds, or show some prompts. There is no other harm besides occupying some hard disk space and CPU processing time. For example, some Trojan virus programs are also like this, just want to steal some communication information on your computer, such as passwords, IP addresses, etc., for use when needed.
b. Malignant virus
We classify viruses that only interfere with software systems, steal information, modify system information, and do not cause serious consequences such as hardware damage and data loss, as "malignant viruses." After such viruses invade the system, except for normal use, There is no other loss. After the system is damaged, you only need to reinstall a part of the system file to restore it. Of course, you must kill these viruses and reinstall the system.
c. Very malignant virus
This type of virus is more damaged than the above type b virus. Generally, if you are infected with this type of virus, your system will completely crash, and it will not start normally at all. The useful data you keep in the hard disk may also vary It can't be obtained, the lighter is just deleting system files and applications.
d. Catastrophic virus
This type of virus can know the degree of damage it will bring to us from its name. This type of virus generally destroys the boot sector file of the disk, modifies the file allocation table and hard disk partition table, causing the system to not start at all. Sometimes It will even format or lock your hard drive, making you unable to use it. Once infected with this kind of virus, your system will be difficult to recover, and the data remaining on the hard disk will be difficult to obtain. The damage caused is very huge, so when should our evolution theory be the worst?
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
c. Very malignant virus
This type of virus is more damaged than the above type b virus. Generally, if you are infected with this type of virus, your system will completely crash, and it will not start normally at all. The useful data you keep in the hard disk may also vary It can't be obtained, the lighter is just deleting system files and applications.
d. Catastrophic virus
This type of virus can know the degree of damage it will bring to us from its name. This type of virus generally destroys the boot sector file of the disk, modifies the file allocation table and hard disk partition table, causing the system to not start at all. Sometimes It will even format or lock your hard drive, making you unable to use it. Once infected with this kind of virus, your system will be difficult to recover, and the data remaining on the hard disk will be difficult to obtain. The damage caused is very huge, so when should our evolution theory be the worst?
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦FIX YOUR PC INFECTED
1. Scanning method of anti-virus software
This is probably the first choice for most of our friends, and I am afraid that it is the only choice. Nowadays, there are more and more types of viruses, and the methods of concealment are becoming more and more clever. Virus software developers pose challenges.
2. Observation method
This method can only be accurately observed when you understand the symptoms of some virus outbreaks and where you usually live. When the hard disk is booting, it often crashes, the system boot time is long, the running speed is very slow, the hard disk cannot be accessed, and special sounds or prompts appear. When the above failures occur in the first point, we must first consider that It βs strange, but you ca nβt go all the way through. I did nβt talk about software and hardware failures, and those symptoms may also appear! We can observe from the following aspects for those caused by viruses:
a, memory observation
This method is generally used for viruses found under DOS. We can use the "mem / c / p" command under DOS to check the memory usage of each program, and find the memory occupied by viruses (generally not occupied separately, but attached Among other programs), the memory occupied by some viruses is also relatively hidden. You cannot find it with "mem / c / p", but you can see that there is less than 1k or a few K in the total basic memory of 640K.
b. Registry observation method
This kind of method is generally applicable to the so-called hacker programs that have recently appeared, such as Trojan horse programs. These viruses are generally modified or activated in the registry to achieve automatic startup or loading. Generally, they are implemented in the following places:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
Wait, for details, please refer to my other article-"Troubleshooting Trojans", where there will be a more detailed analysis of the possible registration areas.
c. System configuration file observation method
This type of method is also generally suitable for hacker programs. Such viruses are generally hidden in system.ini, wini.ini (Win9x / WinME) and the startup group. There is a "shell =" item in the system.ini file In the wini.ini file, there are "load =" and "run =" items. These viruses generally load their own programs in these items. Note that sometimes some original programs are modified. We can run the msconfig.exe program in Win9x / WinME to check one by one. For details, please refer to my article "Troubleshooting Trojan Horses".
d. Character string observation method
This method is mainly aimed at some special viruses. When these viruses invade, they will write corresponding feature codes. For example, CIH virus will write a string like "CIH" in the invaded file. Of course, we cannot easily find , We can use the hexadecimal code editor to edit the main system files (such as Explorer.exe). Of course, it is better to back up before editing, after all, it is the main system file.
e. Hard disk space observation method
Some viruses will not damage your system files, but only generate a hidden file. This file generally has little content, but it takes up a lot of hard disk space. Sometimes it is too large to allow your hard disk to run general programs, but you I ca nβt see it. At this time, we have to open the resource manager, and then set the properties of the content we view to a file that can view all the properties ...
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦FIX YOUR PC INFECTED
1. Scanning method of anti-virus software
This is probably the first choice for most of our friends, and I am afraid that it is the only choice. Nowadays, there are more and more types of viruses, and the methods of concealment are becoming more and more clever. Virus software developers pose challenges.
2. Observation method
This method can only be accurately observed when you understand the symptoms of some virus outbreaks and where you usually live. When the hard disk is booting, it often crashes, the system boot time is long, the running speed is very slow, the hard disk cannot be accessed, and special sounds or prompts appear. When the above failures occur in the first point, we must first consider that It βs strange, but you ca nβt go all the way through. I did nβt talk about software and hardware failures, and those symptoms may also appear! We can observe from the following aspects for those caused by viruses:
a, memory observation
This method is generally used for viruses found under DOS. We can use the "mem / c / p" command under DOS to check the memory usage of each program, and find the memory occupied by viruses (generally not occupied separately, but attached Among other programs), the memory occupied by some viruses is also relatively hidden. You cannot find it with "mem / c / p", but you can see that there is less than 1k or a few K in the total basic memory of 640K.
b. Registry observation method
This kind of method is generally applicable to the so-called hacker programs that have recently appeared, such as Trojan horse programs. These viruses are generally modified or activated in the registry to achieve automatic startup or loading. Generally, they are implemented in the following places:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
Wait, for details, please refer to my other article-"Troubleshooting Trojans", where there will be a more detailed analysis of the possible registration areas.
c. System configuration file observation method
This type of method is also generally suitable for hacker programs. Such viruses are generally hidden in system.ini, wini.ini (Win9x / WinME) and the startup group. There is a "shell =" item in the system.ini file In the wini.ini file, there are "load =" and "run =" items. These viruses generally load their own programs in these items. Note that sometimes some original programs are modified. We can run the msconfig.exe program in Win9x / WinME to check one by one. For details, please refer to my article "Troubleshooting Trojan Horses".
d. Character string observation method
This method is mainly aimed at some special viruses. When these viruses invade, they will write corresponding feature codes. For example, CIH virus will write a string like "CIH" in the invaded file. Of course, we cannot easily find , We can use the hexadecimal code editor to edit the main system files (such as Explorer.exe). Of course, it is better to back up before editing, after all, it is the main system file.
e. Hard disk space observation method
Some viruses will not damage your system files, but only generate a hidden file. This file generally has little content, but it takes up a lot of hard disk space. Sometimes it is too large to allow your hard disk to run general programs, but you I ca nβt see it. At this time, we have to open the resource manager, and then set the properties of the content we view to a file that can view all the properties ...
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β