β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ The difference between file descriptors and file pointers:
#fastTips
> File descriptor: Open the file in the linux system to get the file descriptor, which is a small positive integer. Each process stores a file descriptor table in the PCB (Process Control Block). The file descriptor is the index of this table, and each entry has a pointer to the opened file.
> File pointer: The file pointer is used as the handle of I/O in C language. The file pointer points to a data structure called the FILE structure in the process user area. The FILE structure includes a buffer and a file descriptor. The file descriptor is an index of the file descriptor table, so in a sense, the file pointer is the handle of the handle (on Windows systems, the file descriptor is called the file handle).
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ The difference between file descriptors and file pointers:
#fastTips
> File descriptor: Open the file in the linux system to get the file descriptor, which is a small positive integer. Each process stores a file descriptor table in the PCB (Process Control Block). The file descriptor is the index of this table, and each entry has a pointer to the opened file.
> File pointer: The file pointer is used as the handle of I/O in C language. The file pointer points to a data structure called the FILE structure in the process user area. The FILE structure includes a buffer and a file descriptor. The file descriptor is an index of the file descriptor table, so in a sense, the file pointer is the handle of the handle (on Windows systems, the file descriptor is called the file handle).
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ What is Socket :
#prohack
1οΈβ£ Socket socket:
Socket originated from Unix, and one of the basic philosophy of Unix/Linux is "everything is a file", which can be operated with the "open open -
> read/write -> close" mode. Socket is an implementation of this mode, socket is a special file, and some socket functions are operations on it (read/write IO, open, close).
> To put it plainly, Socket is the application layer to communicate with the TCP/IP protocol family The middleware abstraction layer is a set of interfaces. In the design mode, Socket is actually a facade mode. It hides the complex TCP/IP protocol family behind the Socket interface. For users, a simple set of interfaces is all. Let Socket organize the data to meet the specified protocol.
π³Note: In fact, the socket has no concept of layers, it is just a facade design pattern application, making programming easier. It is a software abstraction layer. In network programming, we use a lot of sockets.
2οΈβ£The socket descriptor is
actually an integer. The handles we are most familiar with are 0, 1, and 2, 0 is standard input, 1 is standard output, and 2 is standard error output. 0, 1, 2 are represented by integers, the corresponding FILE * structure is stdin, stdout, stderr
> The socket API was originally developed as part of the UNIX operating system, so the socket API is integrated with other I/O devices in the system. In particular, when an application wants to create a socket for Internet communication, the operating system returns a small integer as a descriptor to identify the socket. Then, the application program uses the descriptor as a transfer parameter to complete a certain operation by calling a function (such as transmitting data through the network or receiving input data).
3οΈβ£In many operating systems, socket descriptors and other I/O descriptors are integrated, so applications can perform socket I/O or I/O read/write operations on files.
4οΈβ£When an application wants to create a socket, the operating system returns a small integer as a descriptor. The application uses this descriptor to refer to the socket. An application that requires an I/O request requests the operating system to open a file. The operating system creates a file descriptor for the application to access the file. From the perspective of the application, the file descriptor is an integer that the application can use to read and write files.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ What is Socket :
#prohack
1οΈβ£ Socket socket:
Socket originated from Unix, and one of the basic philosophy of Unix/Linux is "everything is a file", which can be operated with the "open open -
> read/write -> close" mode. Socket is an implementation of this mode, socket is a special file, and some socket functions are operations on it (read/write IO, open, close).
> To put it plainly, Socket is the application layer to communicate with the TCP/IP protocol family The middleware abstraction layer is a set of interfaces. In the design mode, Socket is actually a facade mode. It hides the complex TCP/IP protocol family behind the Socket interface. For users, a simple set of interfaces is all. Let Socket organize the data to meet the specified protocol.
π³Note: In fact, the socket has no concept of layers, it is just a facade design pattern application, making programming easier. It is a software abstraction layer. In network programming, we use a lot of sockets.
2οΈβ£The socket descriptor is
actually an integer. The handles we are most familiar with are 0, 1, and 2, 0 is standard input, 1 is standard output, and 2 is standard error output. 0, 1, 2 are represented by integers, the corresponding FILE * structure is stdin, stdout, stderr
> The socket API was originally developed as part of the UNIX operating system, so the socket API is integrated with other I/O devices in the system. In particular, when an application wants to create a socket for Internet communication, the operating system returns a small integer as a descriptor to identify the socket. Then, the application program uses the descriptor as a transfer parameter to complete a certain operation by calling a function (such as transmitting data through the network or receiving input data).
3οΈβ£In many operating systems, socket descriptors and other I/O descriptors are integrated, so applications can perform socket I/O or I/O read/write operations on files.
4οΈβ£When an application wants to create a socket, the operating system returns a small integer as a descriptor. The application uses this descriptor to refer to the socket. An application that requires an I/O request requests the operating system to open a file. The operating system creates a file descriptor for the application to access the file. From the perspective of the application, the file descriptor is an integer that the application can use to read and write files.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Termux optimization :
> Terminal color
Mainly used zshto replace bashas the default shell. Use one-click installation script to install, one-step installation, by the way, external storage is started, and you can directly access the directory under the SD card.
1οΈβ£ Execute the following command to ensure that curl is installed
> sh -c "$(curl -fsSL https://github.com/Cabbagec/termux-ohmyzsh/raw/master/install.sh)"
2οΈβ£Android 6.0 and above will pop up a box to confirm whether it is authorized.
3οΈβ£After authorization, Termuxyou can easily access the SD card file. After the script allows, you have the following two options:
> Enter a number, leave blank to not to change: 14 Enter a number, leave blank to not to change: 6
> Select separately
> you want to continue to change the selection color, continue to run the script to filter again:
$ ~/termux-ohmyzsh/install.sh
exitRestart sessionssession effective configuration
4οΈβ£Access to external storage optimization :
> After executing the above zshone-click configuration script and granting file access permissions, a directory will be generated at home directory storageand several directories will be generated , and the soft links will all point to the corresponding directory of the external memory card
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Termux optimization :
> Terminal color
Mainly used zshto replace bashas the default shell. Use one-click installation script to install, one-step installation, by the way, external storage is started, and you can directly access the directory under the SD card.
1οΈβ£ Execute the following command to ensure that curl is installed
> sh -c "$(curl -fsSL https://github.com/Cabbagec/termux-ohmyzsh/raw/master/install.sh)"
2οΈβ£Android 6.0 and above will pop up a box to confirm whether it is authorized.
3οΈβ£After authorization, Termuxyou can easily access the SD card file. After the script allows, you have the following two options:
> Enter a number, leave blank to not to change: 14 Enter a number, leave blank to not to change: 6
> Select separately
> you want to continue to change the selection color, continue to run the script to filter again:
$ ~/termux-ohmyzsh/install.sh
exitRestart sessionssession effective configuration
4οΈβ£Access to external storage optimization :
> After executing the above zshone-click configuration script and granting file access permissions, a directory will be generated at home directory storageand several directories will be generated , and the soft links will all point to the corresponding directory of the external memory card
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦VNC FOR BEGINERS
#FastTips
>The VNC Host: Display field is used to enter the host IP address and display number. In fact, usually the display number is not required.
>as example you can specify the port number if it differs from the standard one. The entries for IP: 1 (first display on IP) and IP: 5901 (port 5901 on IP) are identical. That is, 192.168.0.100:1 and 192.168.0.100:5901 for the program are one and the same.
> If after the colon you use the number <200, then the program thinks that you have indicated the display number and is trying to connect to port 5900 + n. If you need to use a TCP port less than 200, then specify a negative number, for example: 24.67.132.27:-80
In this field you can specify various protocols that will tell the program whether to use SSL, SSH, together or not to use anything at all. But, in my opinion, itβs easier to switch values in the graphical menu than to remember little-used notations.
>VNC Password - here you can specify the password for VNC authentication - you can leave the field blank and in this case the
>VNC viewer will display a password input dialog box.
>Proxy / Gateway - proxy and gateway, most users do not need this.
>Use SSL - use SSL
Use SSL + SSH - use SSL with SSH. This is usually not necessary, since SSH also provides encryption like SSL. In practice, it may be needed only with certain firewall settings to circumvent restrictions.
>None - do not use encryption, just start VNC viewer
>Save - save the profile with the entered settings
>Load - load a profile with the entered settings
Connecting with ssvnc using SSL
The server settings here and here said that you need to transfer the certificate to the client machine - it is this certificate that will be needed to encrypt traffic using SSL.
Important : SSL certificate can be replaced on the fly !!! That is, SSL encryption will prevent passive traffic interception, but if the attacker uses certificate substitution tools, then you are not protected from this attack!
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦VNC FOR BEGINERS
#FastTips
>The VNC Host: Display field is used to enter the host IP address and display number. In fact, usually the display number is not required.
>as example you can specify the port number if it differs from the standard one. The entries for IP: 1 (first display on IP) and IP: 5901 (port 5901 on IP) are identical. That is, 192.168.0.100:1 and 192.168.0.100:5901 for the program are one and the same.
> If after the colon you use the number <200, then the program thinks that you have indicated the display number and is trying to connect to port 5900 + n. If you need to use a TCP port less than 200, then specify a negative number, for example: 24.67.132.27:-80
In this field you can specify various protocols that will tell the program whether to use SSL, SSH, together or not to use anything at all. But, in my opinion, itβs easier to switch values in the graphical menu than to remember little-used notations.
>VNC Password - here you can specify the password for VNC authentication - you can leave the field blank and in this case the
>VNC viewer will display a password input dialog box.
>Proxy / Gateway - proxy and gateway, most users do not need this.
>Use SSL - use SSL
Use SSL + SSH - use SSL with SSH. This is usually not necessary, since SSH also provides encryption like SSL. In practice, it may be needed only with certain firewall settings to circumvent restrictions.
>None - do not use encryption, just start VNC viewer
>Save - save the profile with the entered settings
>Load - load a profile with the entered settings
Connecting with ssvnc using SSL
The server settings here and here said that you need to transfer the certificate to the client machine - it is this certificate that will be needed to encrypt traffic using SSL.
Important : SSL certificate can be replaced on the fly !!! That is, SSL encryption will prevent passive traffic interception, but if the attacker uses certificate substitution tools, then you are not protected from this attack!
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
_How_I_Chained_4_vulnerabilities_on_GitHub_Enterprise,_From_SSRF.pdf
700.9 KB
The most requested tutorial- full
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recommended to start-top-Related free tutorials for exploit
#resources
* [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode.
* [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database.
* [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits.
π¦Recommended to start-top-Related free tutorials for exploit
#resources
* [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode.
* [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database.
* [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits.
-as long as you learn the better
β β β Uππ»βΊπ«Δπ¬πβ β β ββ β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Social Engineering #Resources
[Social Engineering Framework](http://www.social-engineer.org/framework/general-discussion/) - Information resource for social engineers.
π¦Lock Picking #Resources
Schuyler Towne channel - Lockpicking videos and security talks.
[bosnianbill](https://www.youtube.com/user/bosnianbill) - More lockpicking videos.
/r/lockpicking - Resources for learning lockpicking, equipment recommendations.
β topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Social Engineering #Resources
[Social Engineering Framework](http://www.social-engineer.org/framework/general-discussion/) - Information resource for social engineers.
π¦Lock Picking #Resources
Schuyler Towne channel - Lockpicking videos and security talks.
[bosnianbill](https://www.youtube.com/user/bosnianbill) - More lockpicking videos.
/r/lockpicking - Resources for learning lockpicking, equipment recommendations.
β topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
Security Through Education
General Discussion - Security Through Education
The Social-Engineer Framework is a online searchable resource for the security professional, penetration tester or enthusiast.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hacking Distributions
[Kali](https://www.kali.org/) - GNU/Linux distribution designed for digital forensics and penetration testing.
ArchStrike - Arch GNU/Linux repository for security professionals and enthusiasts.
[BlackArch](https://www.blackarch.org/) - Arch GNU/Linux-based distribution for penetration testers and security researchers.
Network Security Toolkit (NST) - Fedora-based bootable live operating system designed to provide easy access to best-of-
breed open source network security applications.
[BackBox](https://backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments.
Parrot - Distribution similar to Kali, with multiple architecture.
[Fedora Security Lab](https://labs.fedoraproject.org/en/security/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
The Pentesters Framework - Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.
[AttifyOS](https://github.com/adi0x90/attifyos) - GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.
PentestBox - Opensource pre-configured portable penetration testing environment for Windows OS.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Hacking Distributions
[Kali](https://www.kali.org/) - GNU/Linux distribution designed for digital forensics and penetration testing.
ArchStrike - Arch GNU/Linux repository for security professionals and enthusiasts.
[BlackArch](https://www.blackarch.org/) - Arch GNU/Linux-based distribution for penetration testers and security researchers.
Network Security Toolkit (NST) - Fedora-based bootable live operating system designed to provide easy access to best-of-
breed open source network security applications.
[BackBox](https://backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments.
Parrot - Distribution similar to Kali, with multiple architecture.
[Fedora Security Lab](https://labs.fedoraproject.org/en/security/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
The Pentesters Framework - Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.
[AttifyOS](https://github.com/adi0x90/attifyos) - GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.
PentestBox - Opensource pre-configured portable penetration testing environment for Windows OS.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Kali Linux
Kali Linux | Penetration Testing and Ethical Hacking Linux Distribution
Home of Kali Linux, an Advanced Penetration Testing Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.
malicious.link post snagging-creds-from-locked-machine.pdf
401.9 KB
malicious link-new trick
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Network Vulnerability Scanners top rated in 2020
[Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws.
Nexpose - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
[Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
OpenVAS - Free software implementation of the popular Nessus vulnerability assessment system.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Network Vulnerability Scanners top rated in 2020
[Netsparker Application Security Scanner](https://www.netsparker.com/) - Application security scanner to automatically find security flaws.
Nexpose - Commercial vulnerability and risk management assessment engine that integrates with Metasploit, sold by Rapid7.
[Nessus](https://www.tenable.com/products/nessus-vulnerability-scanner) - Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
OpenVAS - Free software implementation of the popular Nessus vulnerability assessment system.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Invicti
Invicti (formerly Netsparker) | Web Application and API Security for Enterprise
Accurate and automated application security testing that scales like no other solution. Secure thousands of websites, applications, and APIs with the industryβs only DAST-first AppSec platform.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦some Static Analyzers
#prohack
[Brakeman](https://github.com/presidentbeef/brakeman) - Static analysis security vulnerability scanner for Ruby on Rails applications.
cppcheck - Extensible C/C++ static analyzer focused on finding bugs.
[FindBugs](http://findbugs.sourceforge.net/) - Free software static analyzer to look for bugs in Java code.
sobelow - Security-focused static analysis for the Phoenix Framework.
[bandit](https://pypi.python.org/pypi/bandit/) - Security oriented static analyser for python code.
Progpilot - Static security analysis tool for PHP code.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦some Static Analyzers
#prohack
[Brakeman](https://github.com/presidentbeef/brakeman) - Static analysis security vulnerability scanner for Ruby on Rails applications.
cppcheck - Extensible C/C++ static analyzer focused on finding bugs.
[FindBugs](http://findbugs.sourceforge.net/) - Free software static analyzer to look for bugs in Java code.
sobelow - Security-focused static analysis for the Phoenix Framework.
[bandit](https://pypi.python.org/pypi/bandit/) - Security oriented static analyser for python code.
Progpilot - Static security analysis tool for PHP code.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - presidentbeef/brakeman: A static analysis security vulnerability scanner for Ruby on Rails applications
A static analysis security vulnerability scanner for Ruby on Rails applications - presidentbeef/brakeman
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST NETWORK HACKING TOOLS :
[Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks.
dsniff - Collection of tools for network auditing and pentesting.
[scapy](https://github.com/secdev/scapy) - Python-based interactive packet manipulation program & library.
Printer Exploitation Toolkit (PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
[Praeda](http://h.foofus.net/?page_id=218) - Automated multi-function printer data harvester for gathering usable data during security assessments.
routersploit - Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
[CrackMapExec](https://github.com/byt3bl33d3r/
CrackMapExec) - Swiss army knife for pentesting networks.
impacket - Collection of Python classes for working with network protocols.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.
IKEForce - Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST NETWORK HACKING TOOLS :
[Zarp](https://github.com/hatRiot/zarp) - Network attack tool centered around the exploitation of local networks.
dsniff - Collection of tools for network auditing and pentesting.
[scapy](https://github.com/secdev/scapy) - Python-based interactive packet manipulation program & library.
Printer Exploitation Toolkit (PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
[Praeda](http://h.foofus.net/?page_id=218) - Automated multi-function printer data harvester for gathering usable data during security assessments.
routersploit - Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
[CrackMapExec](https://github.com/byt3bl33d3r/
CrackMapExec) - Swiss army knife for pentesting networks.
impacket - Collection of Python classes for working with network protocols.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.
IKEForce - Command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - hatRiot/zarp: Network Attack Tool
Network Attack Tool. Contribute to hatRiot/zarp development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Special Exfiltration Tools
[DET](https://github.com/sensepost/DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.
pwnat - Punches holes in firewalls and NATs.
[tgcd](http://tgcd.sourceforge.net/) - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.
Iodine - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed.
β git topic
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Special Exfiltration Tools
[DET](https://github.com/sensepost/DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.
pwnat - Punches holes in firewalls and NATs.
[tgcd](http://tgcd.sourceforge.net/) - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.
Iodine - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed.
β git topic
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - sensepost/DET: (extensible) Data Exfiltration Toolkit (DET)
(extensible) Data Exfiltration Toolkit (DET). Contribute to sensepost/DET development by creating an account on GitHub.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Sniffers tools & protocol analyzersβ οΈ
[tcpdump/libpcap](http://www.tcpdump.org/) - Common packet analyzer that runs under the command line.
Wireshark - Widely-used
graphical, cross-platform network protocol analyzer.
[netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - Swiss army knife for for network sniffing.
Dshell - Network forensic analysis framework.
[Debookee](http://www.iwaxx.com/debookee/) - Simple and powerful network traffic analyzer for macOS.
Dripcap - Caffeinated packet analyzer.
β git topic
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Sniffers tools & protocol analyzersβ οΈ
[tcpdump/libpcap](http://www.tcpdump.org/) - Common packet analyzer that runs under the command line.
Wireshark - Widely-used
graphical, cross-platform network protocol analyzer.
[netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - Swiss army knife for for network sniffing.
Dshell - Network forensic analysis framework.
[Debookee](http://www.iwaxx.com/debookee/) - Simple and powerful network traffic analyzer for macOS.
Dripcap - Caffeinated packet analyzer.
β git topic
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
www.tcpdump.org
Home | TCPDUMP & LIBPCAP
Web site of Tcpdump and Libpcap
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 ransomware :
> A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties:
π¦FEATURES
>encrypt all user files with AES-256-CBC.
>Random AES key and IV for each file.
>Works even without internet connection.
>Communication with the server to decrypt Client-private-key.
>encrypt AES key with client-public-key RSA-2048.
>encrypt client-private-key with RSA-2048 server-public-key.
>Change computer wallpaper -> Gnome, LXDE, KDE, XFCE.
>Decryptor that communicate to server to send keys.
>python webserver
>Daemon
>Kill databases
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£DOWNLOAD OR CLONE https://github.com/tarcisio-marinho/GonnaCry
2οΈβ£go dir then
3οΈβ£First the ransomware needs to know some pathβs, such as the desktop directory path, trash, home, etcβ¦
To get the user and home directory i will use some glibc librarys from unistd.h 12
char * home = get_home_enviroment(); // /home/USER/
char * desktop = get_desktop_enviroment(home); // /home/USER/Desktop/
char * username = get_username(); USERNAME
char * trash = get_trash_path(home); // /home/USER/.local/share/Trash/
char * media = get_media_path(username);
With the paths we can enter in each folder, find files inside it, create new files, whatever we want.
> First part - Finding the files
4οΈβ£For each file in the list, he will try to open and create a new file.
old = fopen(files->info[2], "rb");
if(old != NULL){
new_name = (char*) malloc(sizeof(char) * (strlen(files->info[2]) + 11));
strcpy(new_name, files->info[2]);
strcat(new_name, ".GNNCRY");
new = fopen(new_name, "wb");
5οΈβ£Generate a unique random key and IV for each file and call encrypt function(I let you guess what it does :slight_smile:).
6οΈβ£After the encryption, now we need to shred the old file, to never come back.
7οΈβ£Now the old file bytes are overwritten with zeros, and then deleted.
Even with some recovery tool software, the original file is lost.
goto Second part - Start Encryption; //This repeats for each file on the linked list.
Third part - create Desktop file: enc_files.gc
This file will help the decryptor to get the path, key and iv used to encrypt each file.
First field is the random Key, then the random IV and the file path.
π¦VIDEO TUTORIAL : https://youtu.be/pLluFxHrc30
ENJOYβ€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 ransomware :
> A ransomware is a form of malware that prevent legitimate users from accessing their device or data and asks for a payment in exchange for the stolen functionality. They have been used for mass extortion in various forms, but the most successful seem to be encrypting ransomware: most of the user data are encrypted and the key can be retrieved with a payment to the attacker. To be widely successful a ransomware must fulfill three properties:
π¦FEATURES
>encrypt all user files with AES-256-CBC.
>Random AES key and IV for each file.
>Works even without internet connection.
>Communication with the server to decrypt Client-private-key.
>encrypt AES key with client-public-key RSA-2048.
>encrypt client-private-key with RSA-2048 server-public-key.
>Change computer wallpaper -> Gnome, LXDE, KDE, XFCE.
>Decryptor that communicate to server to send keys.
>python webserver
>Daemon
>Kill databases
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£DOWNLOAD OR CLONE https://github.com/tarcisio-marinho/GonnaCry
2οΈβ£go dir then
3οΈβ£First the ransomware needs to know some pathβs, such as the desktop directory path, trash, home, etcβ¦
To get the user and home directory i will use some glibc librarys from unistd.h 12
char * home = get_home_enviroment(); // /home/USER/
char * desktop = get_desktop_enviroment(home); // /home/USER/Desktop/
char * username = get_username(); USERNAME
char * trash = get_trash_path(home); // /home/USER/.local/share/Trash/
char * media = get_media_path(username);
With the paths we can enter in each folder, find files inside it, create new files, whatever we want.
> First part - Finding the files
4οΈβ£For each file in the list, he will try to open and create a new file.
old = fopen(files->info[2], "rb");
if(old != NULL){
new_name = (char*) malloc(sizeof(char) * (strlen(files->info[2]) + 11));
strcpy(new_name, files->info[2]);
strcat(new_name, ".GNNCRY");
new = fopen(new_name, "wb");
5οΈβ£Generate a unique random key and IV for each file and call encrypt function(I let you guess what it does :slight_smile:).
6οΈβ£After the encryption, now we need to shred the old file, to never come back.
7οΈβ£Now the old file bytes are overwritten with zeros, and then deleted.
Even with some recovery tool software, the original file is lost.
goto Second part - Start Encryption; //This repeats for each file on the linked list.
Third part - create Desktop file: enc_files.gc
This file will help the decryptor to get the path, key and iv used to encrypt each file.
First field is the random Key, then the random IV and the file path.
π¦VIDEO TUTORIAL : https://youtu.be/pLluFxHrc30
ENJOYβ€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - tarcisio-marinho/GonnaCry: A Linux Ransomware
A Linux Ransomware. Contribute to tarcisio-marinho/GonnaCry development by creating an account on GitHub.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦TERMUX COMMANDS :
> Search for the specific package in termux:
pkg search package-name
It will show you all the package related to that package name.
>List all the available packages in termux:
pkg list-all
it will show you all the packages that are available in the APT repository of termux.
>Install a Package:
pkg install packageName
you can install any package from the list, just type pkg install package-name.
>Uninstall a Package:
pkg uninstall packageName
you can uninstall any package from the list, just type pkg uninstall package-name.it will ask you where if you wanna delete the package or not press y and the package will be uninstalled.
>Install Python in termux:
pkg install python
Just type this command and it will be installed in your termux press y if it asks for confirmation.after installing python you can write code and also run your own python scripts. Type python to check if python is properly installed or not.
>Install Git in termux:
pkg install git
Git will allow you to download any project from the github.
>Download projects from GitHub repository :
git clone Link-of-the-project
If you want to download any project from the git hub you can just use the above just change the Link-of-the-project with your link
e.g: git clone https://github.com/adi1090x/termux-style.git
>Check all the running processes in termux:
top
This command will show you all the tasks running on your termux. To quit the top command on termux just press CTRL+C on your keyboard.
π¦Need more ?
>https://www.learntermux.tech/2020/01/basic-commands-in-termux.html
ENJOYβ€οΈππ»
β 2020Termux
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦TERMUX COMMANDS :
> Search for the specific package in termux:
pkg search package-name
It will show you all the package related to that package name.
>List all the available packages in termux:
pkg list-all
it will show you all the packages that are available in the APT repository of termux.
>Install a Package:
pkg install packageName
you can install any package from the list, just type pkg install package-name.
>Uninstall a Package:
pkg uninstall packageName
you can uninstall any package from the list, just type pkg uninstall package-name.it will ask you where if you wanna delete the package or not press y and the package will be uninstalled.
>Install Python in termux:
pkg install python
Just type this command and it will be installed in your termux press y if it asks for confirmation.after installing python you can write code and also run your own python scripts. Type python to check if python is properly installed or not.
>Install Git in termux:
pkg install git
Git will allow you to download any project from the github.
>Download projects from GitHub repository :
git clone Link-of-the-project
If you want to download any project from the git hub you can just use the above just change the Link-of-the-project with your link
e.g: git clone https://github.com/adi1090x/termux-style.git
>Check all the running processes in termux:
top
This command will show you all the tasks running on your termux. To quit the top command on termux just press CTRL+C on your keyboard.
π¦Need more ?
>https://www.learntermux.tech/2020/01/basic-commands-in-termux.html
ENJOYβ€οΈππ»
β 2020Termux
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - adi1090x/termux-style: Simple script to change color-schemes and fonts for Termux.
Simple script to change color-schemes and fonts for Termux. - adi1090x/termux-style
β β β Uππ»βΊπ«6π¬πβ β β β
π¦HACKERS REAL TIPS
#fAStTips
>Data-driven attack
A data-driven attack refers to an attack launched when a seemingly harmless special program sent or copied by a hacker to a target computer is executed. This attack allows hackers to modify files related to network security on the target computer, making it easier for hackers to invade the target computer next time. Data-driven attacks mainly include buffer overflow attacks, format string attacks, input verification attacks, synchronization vulnerability attacks, and trust vulnerability attacks.
>Forged information attack
Forged information attack refers to hackers sending fake routing information to construct a false path between the source computer and the target computer, so that the data packets flowing to the target computer pass through the computer operated by the hacker, so as to obtain the bank account in these data packets Personal sensitive information such as passwords.
>Attacks against information protocol weaknesses
In a local area network, the source path option of the IP address allows the IP packet to choose a path to the target computer. When a hacker tries to connect to an unreachable computer A located behind the firewall, he only needs to set the IP address source path option in the sent request packet, so that a destination address of the packet points to the firewall, but the final address points to Computer A. When the packet reaches the firewall, it is allowed to pass because it points to the firewall instead of computer A. The source path of the firewall's IP layer to process the message was changed and sent to the internal network, the message thus reached the unreachable computer A, thereby achieving a vulnerability attack on the information protocol.
>Remote control
Remote manipulation refers to a hacker launching an executable program in the target computer, the program will display a fake login interface, when the user enters account, password and other login information in the interface, the program will enter the account and password entered by the user To the hackerβs computer. At the same time, the program closes the login interface, prompting the message "System has failed" and asking the user to log in again. This attack is similar to phishing websites that are often encountered on the Internet.
>Attack by mistake of system administrator
In the local area network, people are one of the most important factors for the security of the local area network. When the system administrator makes mistakes such as configuration errors of the WWW server system and ordinary users expand user rights, these mistakes can provide hackers with an opportunity. Hackers use these mistakes, plus the command of finger, netstat, etc., to achieve intrusion attacks.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦HACKERS REAL TIPS
#fAStTips
>Data-driven attack
A data-driven attack refers to an attack launched when a seemingly harmless special program sent or copied by a hacker to a target computer is executed. This attack allows hackers to modify files related to network security on the target computer, making it easier for hackers to invade the target computer next time. Data-driven attacks mainly include buffer overflow attacks, format string attacks, input verification attacks, synchronization vulnerability attacks, and trust vulnerability attacks.
>Forged information attack
Forged information attack refers to hackers sending fake routing information to construct a false path between the source computer and the target computer, so that the data packets flowing to the target computer pass through the computer operated by the hacker, so as to obtain the bank account in these data packets Personal sensitive information such as passwords.
>Attacks against information protocol weaknesses
In a local area network, the source path option of the IP address allows the IP packet to choose a path to the target computer. When a hacker tries to connect to an unreachable computer A located behind the firewall, he only needs to set the IP address source path option in the sent request packet, so that a destination address of the packet points to the firewall, but the final address points to Computer A. When the packet reaches the firewall, it is allowed to pass because it points to the firewall instead of computer A. The source path of the firewall's IP layer to process the message was changed and sent to the internal network, the message thus reached the unreachable computer A, thereby achieving a vulnerability attack on the information protocol.
>Remote control
Remote manipulation refers to a hacker launching an executable program in the target computer, the program will display a fake login interface, when the user enters account, password and other login information in the interface, the program will enter the account and password entered by the user To the hackerβs computer. At the same time, the program closes the login interface, prompting the message "System has failed" and asking the user to log in again. This attack is similar to phishing websites that are often encountered on the Internet.
>Attack by mistake of system administrator
In the local area network, people are one of the most important factors for the security of the local area network. When the system administrator makes mistakes such as configuration errors of the WWW server system and ordinary users expand user rights, these mistakes can provide hackers with an opportunity. Hackers use these mistakes, plus the command of finger, netstat, etc., to achieve intrusion attacks.
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β