▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#DefinitionS HACKING TERMS

1️⃣SOCIAL WORKERS VULNERABILITY :

When you specifically Google:) /Baidu social worker, the answer is social work, we said that social workers would have nothing to do with this. Social workers are called social engineering, which is a technology that studies the weakness of human nature to attack. For instance the website administrator is called Xiao Ming.Then the administrator password of the website is likely to be xiaoming, or even xiaohong, why is it with Xiaohong? Because it may be the person Xiao Ming likes, of course, it may also have xiaofeng, but the probability is very low, at least much lower than the previous two. Social work attacks are usually attacked with this idea. To put it simply, you can also understand it as human flesh, and some of the materials that are extracted from human flesh on the Internet all use social engineering technology. Xiaofeng gives a simple example. For example, if you are looking for the qq number of a star, you can search for the name of his company in the qq group. The xx company group may appear, and then you know how to find the qq number.

2️⃣WebShell

WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After a hacker has invaded a website, these asp or php backdoor files are usually mixed with the normal web page files in the WEB directory of the website server, and they are usually hidden deeper because they cannot be found by the administrator and cannot be accessed after being deleted. Take control. A website is hung with a webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The web transactions between hackers are carried out through webshell. For example, how much do I spend to buy webshell permissions for this website, and the attacker is responsible for finding a way to put a webshell backdoor in this website, so that everyone should understand.


ENJOY 🦑👍🏻
written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A REAL extremely buggy web app 2020 RECOMMENDED BY Undercode :

FEATURES :

SQL, HTML, iFrame, SSI, OS Command, PHP, XML, XPath, LDAP and SMTP injections

Blind SQL injection and Blind OS Command injection

Boolean-based and time-based Blind SQL injections

Drupageddon and Drupalgeddon2 (CVE-2018-7600)

AJAX and Web Services issues (JSON/XML/SOAP)

Heartbleed vulnerability (OpenSSL) + detection script included

Shellshock vulnerability (CGI)

Cross-Site Scripting (XSS) and Cross-Site Tracing (XST)

phpMyAdmin BBCode Tag XSS

Cross-Site Request Forgery (CSRF)

Information disclosures: favicons, version info, custom headers,...

Unrestricted file uploads and backdoor files

Old, backup & unreferenced files

Authentication, authorization and session management issues

Password and CAPTCHA attacks

Insecure DistCC, FTP, NTP, Samba, SNMP, VNC, WebDAV configurations

Arbitrary file access with Samba

Directory traversals and unrestricted file access

Local and remote file inclusions (LFI/RFI)

Server Side Request Forgery (SSRF)

XML External Entity attacks (XXE)

Man-in-the-Middle attacks (HTTP/SMTP)

HTTP parameter pollution and HTTP verb tampering

Denial-of-Service (DoS) attacks: Slow Post, SSL-Exhaustion, XML Bomb,...

POODLE vulnerability

BREACH/CRIME/BEAST SSL attacks

HTML5 ClickJacking and web storage issues

Insecure iFrame (HTML5 sandboxing)

Insecure cryptographic storage

Cross-Origin Resource Sharing (CORS) issues

Cross-domain policy file attacks (Flash/Silverlight)

Local privilege escalations: udev, sendpage

Cookie and password reset poisoning

Host header attacks: password reset poisoning en cache pollutions

PHP CGI remote code execution

Dangerous PHP Eval function

Local and remote buffer overflows (BOF)

phpMyAdmin and SQLiteManager vulnerabilities

Nginx web server vulnerabilities

HTTP response splitting, unvalidated redirects and forwards

WSDL SOAP vulnerabilities

Form-based authentication and No-authentication modes

Active Directory LDAP integration

Fuzzing possibilities
and much more...

HINT: download our bee-box VM > it has ALL necessary extensions

bee-box is compatible with VMware and VirtualBox!

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 :

DOWNLOAD APP :
https://sourceforge.net/projects/bwapp/

ENJOY 🦑👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Website #Summary attack defense solution by Undercode

1️⃣Static Page :

Due to the slow opening speed of dynamic pages, a large amount of data needs to be frequently called from the database. For a cc attacker, even a few broilers can consume all the website resources, so dynamic pages are vulnerable to cc attacks. Normally, the static page is only a few tens of kb, while the dynamic page may need to be called from the tens of megabytes database, so the consumption situation is very obvious. For the forum, often need a good server to run stably, because the forum is very It is difficult to be purely static.

2️⃣Hide server ip
Using CDN acceleration can hide the real ip of the server , resulting in the attacker not being able to attack the real ip, but this can only prevent some of the more attackers unless you really hide the ip.

3️⃣Prohibit proxy access
As mentioned earlier, the attacker attacks through a large number of proxies. Setting up to prohibit proxy access or limit the number of proxy connections can also play a certain role in protection.

4️⃣Shield attack ip
Thousands of tcp connections usually appear on the server when being attacked by cc. Open cmd and enter netstat -an. If a large number of external IPs appear, you will be attacked. At this time, you can use protective software to block the attack ip or manually block. This method is often used. passive.

5️⃣Use protection software
Personally think that the use of protective software is the smallest, and can only stop small attacks. Many software claim to be able to effectively identify attack methods to intercept. also for theme,and hostfile...

ENJOY 🦑👍🏻
written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 vulnerability names :

1️⃣Violence Library
this loophole now rarely met, but there are many sites have this vulnerability could use, violence Library is submitted character to get the database file address, we have been able to download the database file location, it took the equivalent of the most important sites The database contains all the information of the website and of course the data of all users!

2️⃣Injection Vulnerability
This vulnerability is the SQL injection vulnerability mentioned earlier. It is the most widely used and highly lethal vulnerability.


3️⃣Side note: When
we invade a site, it may be impeccably consolidated. We can find the site with the same server as this site, and then invade the site, using privilege escalation, sniffing and other methods to invade the site we want to invade. For example, if you and I are in a building, my house is very safe, but your house is full of loopholes. Now a thief wants to invade my house. He monitored my house (that is, scanned) and found that there is nothing Use the thing, then this thief finds that your house and my house are in one building, and your house is easy to enter. He can enter your house first, and then get the key of the whole building (server authority) through your house, so naturally get my With the key, you can enter my home (website).

ENJOY 🦑👍🏻
written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DIFFERENCE BETWEEN INTRANET & EXTRANET :

> Intranet

Generally speaking, local area networks, such as Internet cafes, campus networks, and corporate intranets, all fall into this category. If the IP address is within the following three ranges, it means that we are in the internal network: 10.0.0.0—10.255.255.255, 172.16.0.0—172.31.255.255, 192.168.0.0—192.168.255.255.


> Extranet

Direct connection to the Internet (Internet) allows any computer to access each other, and the external network needs to be connected to broadband to achieve.

written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

2020 VMWAre Exploit vCloud Director 9.7.0.15498291 - Remote Code Execution

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best ways for Cracking Passwords :

1) Record the screen
In order to prevent the keyboard recording tool, a method of entering the password using the mouse and the picture is generated. At this time, the hacker can take a screenshot of the user's screen through the Trojan program and then record the position of the mouse click, and record the position of the mouse to compare the screenshot of the screenshot to crack this method. User password.


2) Multiple monitoring of the keyboard
If the user password is more complicated, it is difficult to use brute force cracking. At this time, hackers often install a Trojan virus to the user, design a "keylogger" program, record and monitor the user's keyboard operation, and then record it through various methods. The user's keyboard content is transmitted to the hacker, so that the hacker can crack the user's password by analyzing the user's keyboard information.


3) Phishing and fake website fraud
"Phishing" attacks use fraudulent emails and forged websites to log in to conduct fraudulent activities. Fraudees often reveal their sensitive information (such as user name, password, account number, PIN code or credit card details), phishing Mainly by sending e-mails to lure users to log in to fake online banking and online securities websites, to defraud users' account passwords for theft.


4) Brute force cracking
The most basic of password cracking techniques is brute force cracking, also called password cracking, which Xiaofeng calls the most brainless operation. If the hacker knows the account number in advance, such as mail account, QQ user account, online banking account, birthday, etc., and the user's password is set very simple, such as using a simple combination of numbers, hackers can quickly crack using brute force tools Come out the password. Therefore, users should try to set the password more complicated.

5) Use a sniffer to obtain
On a local area network, if a hacker wants to quickly obtain a large number of accounts (including user name and password), the most effective method is to use the Sniffer program.

6) Bad habits of using passwords
Some employees of the company set a long password, but they wrote the password on paper. Others used their own names or their birthdays as passwords, and some people used commonly used words as passwords. These bad habits will lead to Passwords can be easily cracked.

7) Remote control by implanting a Trojan
Use the remote control Trojan to monitor all operations of the user's local computer. Any keyboard and mouse operations of the user will be intercepted by the remote hacker.



SHARE US ❤️👍🏻
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑YOU MUST KNOW THOSE :

1️⃣Remote control

A very popular type of tool, the most famous of which is the gray pigeon. The main function of remote control is to control the computer. It is generally used for batch management of enterprise computers, school computer rooms, Internet cafes, etc., but after being used by hackers, many new Functions, such as keyloggers and peeking at videos, are serious violations in a sense. With the upgrade of anti-virus software and the crackdown on such software, fewer and fewer people play remote control.


2️⃣Broiler

The so-called "broiler chicken" is a very vivid analogy, used to compare to those computers or servers that we can control at will. That is the machine controlled by the remote control software.


3️⃣Trojan

It is those programs that pretend to be normal, but when these are run by the program, they will get the entire control of the computer. There are many hackers that use Trojan horses to destroy computers. For example, the premise of remote control to control computers is to first generate Trojan horses, and then find a way to let the other party run to control them.


4️⃣Web Trojan

On the surface, it pretends to be a normal webpage file, but the virus code is directly inserted into the normal webpage file. When someone visits, the webpage Trojan will execute the corresponding vulnerability code to destroy it. For example, someone visits a pornographic site and finds that the CPU is very high. In fact, the mining code is called inside. When you visit the website, you will use your computer to mine.


5️⃣Hanging horse

It is to put a web Trojan in someone else's website file, and insert malicious code into the other party's normal web file, so that the reader hits the horse and hangs the horse to describe an operation behavior, not a technology.


6️⃣back door

This is an image analogy. For example, if you want to download a Tencent QQ, but you downloaded it from an online file that is not an official file, but someone else first binds the virus file to a normal file, which will be poisoned when opened. Usually this The virus is called a backdoor because the victim cannot find it.


7️⃣Weak password

Refers to those passwords that are not strong enough to be guessed easily. Passwords (passwords) like 123456, abc123, abcdefg, woainixiaofeng are common intrusion methods for hackers. About 20 out of 100 passwords are such weak passwords.


8️⃣shell

Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window that can run commands. I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!


ENJOY 🦑👍🏻
written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑several methods of hacking :

1️⃣ tx database

The tx database has been leaked, and the password is queried through the database

2️⃣ Intranet capture

Sometimes, the internal network sniffing packet capture can also intercept the password, Xiaofeng has not tested qq, but now it seems unlikely.

3️⃣ Fishing

Phishing software, phishing websites, etc., imitating the official trick to entice users to enter the account password to send to the server.

(Have you ever seen anything in the QQ space message board of other people, "Why are your photos in other people's space?" and then a URL. You click to enter a disguised space page to log you in. Once you log in, sorry your space will be sent automatically. Countless ads)

4️⃣ Social workers

Based on the understanding of the user, the password combination is derived.

5️⃣Remote control The remote control goes online and the keyboard records.


6️⃣ Brute force cracking is
generally aimed at weak passwords, strong passwords are not easy to be cracked.

7️⃣ Ask him directly.
This method is simple and rude. Of course, the other party's behavior may also be simple and rude.

8️⃣Account appeal

One of the methods of social work, which requires all kinds of kinky ideas to obtain all kinds of information

9️⃣Disguise security center mail

(If there is an email sent to your secret security mailbox asking you to fill in the verification code you just received, then this must be fake)


SHARE US ❤️👍🏻
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Powerefull Web Hacking root termux— any Linux :

FEATURES :

-Real platform independence. Tested on Windows, Linux, BSD and OS X.

-No native library dependencies. All of the framework has been written in pure Python.

-Good performance when compared with other frameworks written in Python and other scripting languages.

-Very easy to use.

-Plugin development is extremely simple.

-The framework also collects and unifies the results of well known tools:

-sqlmap, xsser, openvas, dnsrecon, theharvester...😁😍

-Integration with standards: CWE, CVE and OWASP.


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
```1️⃣sudo bash

2️⃣apt-get install python2.7 python2.7-dev python-pip python-docutils

3️⃣git perl nmap sslscan

4️⃣cd /opt

5️⃣git clone https://github.com/golismero/golismero.git

6️⃣cd golismero

7️⃣pip install -r requirements.txt

8️⃣pip install -r requirements_unix.txt

9️⃣ln -s ${PWD}/golismero.py /usr/bin/golismero
exit

```🦑If you have an API key for Shodan, or an OpenVAS server or SpiderFoot server you want to integrate with GoLismero, run the following commands:

mkdir ~/.golismero
touch ~/.golismero/user.conf
chmod 600 ~/.golismero/user.conf
nano ~/.golismero/user.conf

🔟At the editor, add the following sections to the file, as appropriate:

[shodan:Configuration]
apikey = <INSERT YOUR SHODAN API KEY HERE>

[openvas]
host = <INSERT THE OPENVAS HOST HERE>
user = <INSERT THE OPENVAS USERNAME HERE>
password = <INSERT THE OPENVAS PASSWORD HERE>

spiderfoot
url = <INSERT THE SPIDERFOOT URL HERE>

🦑This command will launch GoLismero with all default options and show the report on standard output:

golismero scan <target>

> If you omit the default command "scan" GoLismero is smart enough to figure out what you're trying to do, so this works too:

golismero <target>

> You can also set a name for your audit with --audit-name:

golismero scan <target> --audit-name <name>

> And you can produce reports in different file formats. The format is guessed from the file extension, and you can write as many files as you want:

golismero scan <target> -o <output file name>



✅git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME IP ATTACKS #DEFINITIONS

> Hide server ip
Using CDN acceleration can hide the real ip of the server , resulting in the attacker not being able to attack the real ip, but this can only prevent some of the more attackers unless you really hide the ip.

> Prohibit proxy access
As mentioned earlier, the attacker attacks through a large number of proxies. Setting up to prohibit proxy access or limit the number of proxy connections can also play a certain role in protection.

> Shield attack ip
Thousands of tcp connections usually appear on the server when being attacked by cc. Open cmd and enter netstat -an. If a large number of external IPs appear, you will be attacked. At this time, you can use protective software to block the attack ip or manually block. This method is often used. passive.

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Fasttip : Network configuration-Find computer IP based on NETBIOS name special old bios versions :

1️⃣Use the nmblookup test to find the IP of the machine with the NETBIOS name test in the same network, if This machine
has multiple IPs, which are also listed.

2️⃣My linux forcibly died under yesterday's sudden power failure.
When I enter again, I cannot enter KDE.
What should I do?

 -s -y /
fsck -s -y /var
fsck -s -y /usr

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK CAM IP WAY 3(SEARCH FOR WAY 2-1 ON @UndercodeTesting)
> Termux-Linux 2020 tool :
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.

🦑What does the tool to? Look, a list!


>Search

> Brute force

> SSID and WPAPSK Password Disclosure

> E-mail, FTP, DNS, MSN Password Disclosure

> Exploit

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/jimywork/shodanwave.git

2️⃣$ cd /opt/

3️⃣$ git clone https://github.com/fbctf/shodanwave.git

4️⃣$ cd shodanwave

5️⃣$ pip install -r requirements.txt

6️⃣python shodanwave.py -u usernames.txt -w passwords.txt -k Shodan API key --t OUTPUT
python shodanwave.py --help

7️⃣Required if using Proxy!!!

> Modify your Tsocks config!!

> Add/Modify the following at the bottom:
server =
server_type = <4 or 5>
server_port =
default_pass = (Might be required for proxy)

8️⃣Shodan API search engine for Internet-connected devices.
https://www.shodan.io/

Requests Requests: HTTP for Humans
http://docs.python-requests.org/en/master/

Netwave Exploit Netwave IP Camera - Password Disclosure
https://www.exploit-db.com/exploits/41236/

ENJOY ❤️👍🏻

✅topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is VNC?

recently send how hack Rdp but about vnc #Definition

1️⃣VNC (Virtual Network Computing) is a system of remote access to the computer desktop using the RFB protocol (Remote FrameBuffer, a remote frame buffer). Management is carried out by transmitting keystrokes on the keyboard and mouse movements from one computer to another and relaying the contents of the screen through a computer network. In simple terms, using VNC you can connect to another computer and work at it as if you were sitting in front of it.

2️⃣By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.

3️⃣One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.

4️⃣The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.

written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#FASTTIP :log formats and values are supported for the --log-format option :

COMBINED - combined journal format,

VCOMBINED - combined log format with a virtual host,

COMMON is a regular log format,

VCOMMON - a regular log format with a virtual host,

W3C is an extended W3C log format,

SQUID - Squid's native log format,

CLOUDFRONT - Amazon CloudFront Web Distribution,

CLOUDSTORAGE - Google Cloud Storage,

AWSELB - Amazon Elastic Load Balancing,

AWSS3 - Amazon Simple Storage Service (S3)

written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁