▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Beware of Linux mining Trojans invading through Kubernetes :

> Recently, the Tencent security team received feedback from some users, and some Linux hosts detected a Trojan file named docker.

> After extracting the investigation clues on site, it was found that the mining Trojan was suspected of invading through the lower version Kubernetes components. After the invasion is successful, the malicious sh script is executed in the machine, and the malicious script performs similar Trojan cleaning. At the same time, the mining machine is pulled from the 82.146.53.166 address and illegally mined after configuration. The malicious sh scripts currently seen mainly include the following 2 versions .

🦑Version one
The function ends other mining-related modules in the current machine, downloads and executes 32/64 different versions of elf miner programs to the tmp directory in the host, named docker, pulls the miner configuration, and deletes the local miner-related files after executing the miner.

🦑Version 2
The function is to end other mining related modules in the current machine, download and execute the 32/64 different versions of the elf mining machine program to the host tmp directory named php, pull the mining machine configuration, delete the local mining machine after executing the mining machine. file. This version of the script also adds scheduled tasks, and attempts to execute the sh script every minute.

🦑 Safety advice
1. Check and clean the docker name suspicious miner and php name suspicious miner files in the root directory of the host, tmp directory;

2. Troubleshoot the crontab task list and delete abnormal scheduled tasks;

3. Check the kubernetes component in the machine and upgrade it to the latest version;

4. Kubelet external access configuration authentication and authorization, prohibit anonymous access.

written by undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Customize Termux Font & Colors:

ⒾⓃⓈⓉⒶⓁⓁⒾⓈⒶⓉⒾⓄⓃ & ⓇⓊⓃ :

1) apt update
2) apt install git -y
3) git clone https://github.com/htr-tech/tstyle
4) cd tstyle
5) bash setup.sh

> in on command install :

apt update && apt install git -y && git clone https://github.com/htr-tech/tstyle && cd tstyle && bash setup.sh && tstyle

6) then choose options via numbers

🦑Features :

Latest Fonts & Themes
Full Offline !
Easy to Use !
✅
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Wi-Fi hacking methods in 2020 :

What you need to hack Wi-Fi ?


1) You need a sufficient number of wireless networks. If you live on the edge of the village and you have within your reach one Wi-Fi network that you can see, then it is invisible that there are not many chances.

The more networks in the area, the better.

2) There are no special hardware requirements, and for some attacks even Wi-Fi adapters that do not support monitor mode are suitable. Nevertheless, I highly recommend adapters with an external antenna, and if the antenna is removable, it is better to buy another larger one. IMHO, half the "skills" of a Wi-Fi cracker in a large antenna ...

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Fast brute force password L:

1)Unfortunately, there are not many access points with WPS enabled. Nevertheless, we will return to them. Now we will consider the classic version of capturing a handshake and breaking a password. Its speed is as follows:

2)automatic handshake capture for all Access Points within reach
two types of brute force with Hashcat are launched: according to the dictionary and the mask in eight digits. Experience shows that quite a few APs lend themselves to. This method also has a good ratio of time to result

3)example we put the wireless interface in monitor mode.

4) Run the command to collect handshakes:


<font style="vertical-align: inherit;"><font style="vertical-align: inherit;">sudo besside-ng INTERFACE -W</font></font>

All handshakes will be saved to the wpa.cap file .


5) If you are going to hack them all, you can all at once convert to hashcat format using cap2hccapx :

https://kali.tools/?p=658#cap2hccapx

> <font style="vertical-align: inherit;"><font style="vertical-align: inherit;">cap2hccapx wpa.cap output.hccapx</font></font>

🦑If you only need the hash of a specific Access Point, then use the network name (ESSID) as a filter. For example, I’m only interested in the Wi-Fi handshake of the netis56 network and I want to save it to the netis56.hccapx file :

<font style="vertical-align: inherit;"><font style="vertical-align: inherit;">cap2hccapx wpa.cap netis56.hccapx netis56</font></font>
If you want to split the wpa.cap file into separate handshakes,

6) use the script from the article “ How to extract handshakes from a capture file with several handshakes ”, and then also convert them with cap2hccapx .

> For a dictionary attack, I use the rockyou dictionary , a cleaned version can be downloaded from this link > https://github.com/Mi-Al/WiFi-autopwner/raw/master/dict/rockyou_cleaned.txt

🦑Example of a successful dictionary hack (hacking time 9 seconds):

Another example of a successful dictionary hack (hacking time 13 seconds):

🦑My command to run:



<font style="vertical-align: inherit;"><font style="vertical-align: inherit;">hashcat --force --hwmon-temp-abort = 100 -m 2500 -D 1,2 -a 0 'HASH.hccapx' /PUT/DO/rockyou_cleaned.txt</font></font>


🦑Mandatory options in this command:

'HASH.hccapx' - your hccapx file with one or more hashes
/ WAY / DO/rockyou_cleaned.txt - path to the dictionary
-m 2500 - the type of hash to be cracked
Optional options:

-a 0 - type of attack: dictionary attack. You can skip, because the default
-D 1.2 - means using both the central processor and the video card to crack the password. If you do not specify, most likely only the video card will be selected
--force - means to ignore warnings. Without this option, the central processor for cracking passwords is not used. Be careful with this option.
--hwmon-temp-abort = 100 - this is the maximum temperature at which brute force will be forcibly interrupted. I have such a climate that in the daytime the room is always more than + 30 ℃, in addition, I run brute-force on the laptop (I do not recommend doing this on the laptop !!!), so in my conditions the default barrier of + 90 ℃ is reached quickly and busting stops. With this option set to a temperature above the default 90, you can actually burn your comp / video card / laptop. Use only at your own peril and risk - I WARNED YOU !!! Although in practice, my temperature reaches 94-96 and then the video card resets frequencies - apparently, it also has its own limit.

🦑To launch a mask attack:


hashcat --force --hwmon-temp-abort=100 -m 2500 -D 1,2 -a 3 'ХЕШ.hccapx' ?d?d?d?d?d?d?d?d

> From the new in this command:

? d? d? d? d? d? d? d? d - a mask, it means eight digits, it takes about 20 minutes on my hardware to add a larger number of digits to the mask, add ? d .
-a 3 - means mask attack.

> In addition to passwords of 8 digits, passwords of 9-11 digits are also common (the latter are most often telephone numbers, so you can specify a mask as 89? D? D? D? D? D? D? D? D? D ), but each an additional digit increases the search time by 10 times.

@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Full wifi hacking @UndercodeTesting

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Best bin checkers sites :

https://iinbinlist.com/

https://www.creditcardrush.com/bin-checker/

https://www.freebinchecker.com/

https://www.bankbinlist.com/

https://www.exactbins.com/


🦑Best Netflix checker sites 2020 :
t.me/undercodeTesting

1) https://pjsins.com/best-netflix-checker-by-xrisky-v2-2020/

2) https://ouo.io/YAdby5
> download

3) https://cracked.to/Thread-NetFlix-Checker-by-xRisky

4) https://checkz.net/tools/tag/netflix-checker-online


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁