β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP DOWNLOAD SPEED
use the correct channel type for your router
Test a different modem/router. The biggest cause of slowed down
internet is a bad modem.
Scan for viruses.
Check for on-system interference.
Check your filters.
Try getting rid of your cordless phone
Plug in.
Check for external interference.
Check for Foxtel or other types of TV.
use interent download manager
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP DOWNLOAD SPEED
use the correct channel type for your router
Test a different modem/router. The biggest cause of slowed down
internet is a bad modem.
Scan for viruses.
Check for on-system interference.
Check your filters.
Try getting rid of your cordless phone
Plug in.
Check for external interference.
Check for Foxtel or other types of TV.
use interent download manager
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Optimize your devices' DNS :-Speedup net speed :
I'm using Cloudflare as an example, but these techniques will work with any DNS provider.
1οΈβ£ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
1) For IPv4: 1.1.1.1 and 1.0.0.1
2) For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
π °οΈWINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5) Double-click on the active network adapter.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
π ±οΈWith Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
1) Click on Network and Internet.
2) Click on Change Adapter Settings.
3) Right click on the Wi-Fi network you are connected to, then click Properties.
4) Select Internet Protocol Version 4 (or Version 6 if desired).
5) Click Properties.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
WELL DONE
E N J O Y β€οΈππ»
wiki source
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Optimize your devices' DNS :-Speedup net speed :
I'm using Cloudflare as an example, but these techniques will work with any DNS provider.
1οΈβ£ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
1) For IPv4: 1.1.1.1 and 1.0.0.1
2) For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
π °οΈWINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5) Double-click on the active network adapter.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
π ±οΈWith Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
1) Click on Network and Internet.
2) Click on Change Adapter Settings.
3) Right click on the Wi-Fi network you are connected to, then click Properties.
4) Select Internet Protocol Version 4 (or Version 6 if desired).
5) Click Properties.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
WELL DONE
E N J O Y β€οΈππ»
wiki source
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦As a smart contract platform, what are the advantages of BSV?
> Almost all DeFi projects are now on Ethereum. Will the future smart contract platform always be Ethereum?
> Objectively speaking, I think there is a 70% chance that it will still be Ethereum. The premise is that the development of Ethereum 2.0 is smooth. The existing moat of Ethereum is very high, but there are many shortcomings, so it is urgent to upgrade to 2.0 to change everything.
> I think the remaining probability can be given to BSV and DOT.
Needless to say, DOT is actually a faster-moving Ethereum 2.0, the ultimate sharding system, but compared to Ethereum, there are not so many developers and consensus, and it is difficult to replace it.
> If there is a small probability event, BSV is very likely. I am still very optimistic about the BSV smart contract platform.
> The advantage of BSV is that the contract only has operation instructions and results on the chain, and the process is calculated by itself, while Ethereum is the entire chain.
> BSV takes the route of on-demand verification. If you think the result of this contract is related to your interests, you can count it. You only need to compare the results to find out. Those who need it will follow the calculation. There is no need for the whole network to be brainless. Calculate together, this is more efficient.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦As a smart contract platform, what are the advantages of BSV?
> Almost all DeFi projects are now on Ethereum. Will the future smart contract platform always be Ethereum?
> Objectively speaking, I think there is a 70% chance that it will still be Ethereum. The premise is that the development of Ethereum 2.0 is smooth. The existing moat of Ethereum is very high, but there are many shortcomings, so it is urgent to upgrade to 2.0 to change everything.
> I think the remaining probability can be given to BSV and DOT.
Needless to say, DOT is actually a faster-moving Ethereum 2.0, the ultimate sharding system, but compared to Ethereum, there are not so many developers and consensus, and it is difficult to replace it.
> If there is a small probability event, BSV is very likely. I am still very optimistic about the BSV smart contract platform.
> The advantage of BSV is that the contract only has operation instructions and results on the chain, and the process is calculated by itself, while Ethereum is the entire chain.
> BSV takes the route of on-demand verification. If you think the result of this contract is related to your interests, you can count it. You only need to compare the results to find out. Those who need it will follow the calculation. There is no need for the whole network to be brainless. Calculate together, this is more efficient.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Mirai botnet exploits CVE-2020-5902 vulnerability to attack IoT devices
#News
> After the first disclosure of two F5 BIG-IP vulnerabilities in the first week of July , we continued to monitor and analyze these vulnerabilities and other related activities to further understand their severity. According to the workaround released for CVE-2020-5902 , we found an Internet of Things (IoT) Mirai botnet downloader (detected by Trend Micro as Trojan.SH.MIRAI.BOI ), which can be added to new malware Scan in the variant to expose the Big-IP box.
> The samples discovered this time also attempt to exploit the newly disclosed unpatched vulnerabilities. It is recommended that system administrators and individuals using related equipment immediately patch their respective tools.
π¦conventional
As previously reported , this security vulnerability involves a remote code execution (RCE) vulnerability in the BIG-IP management interface, namely the Traffic Management User Interface (TMUI). After analyzing the published information , we noticed from the Apache httpd mitigation rules that one way to exploit this vulnerability is to include an HTTP GET request containing a semicolon character in the URI. In the Linux command line, the semicolon sends a signal to the interpreter that the command line has been completed, which is a character that the vulnerability needs to trigger.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Mirai botnet exploits CVE-2020-5902 vulnerability to attack IoT devices
#News
> After the first disclosure of two F5 BIG-IP vulnerabilities in the first week of July , we continued to monitor and analyze these vulnerabilities and other related activities to further understand their severity. According to the workaround released for CVE-2020-5902 , we found an Internet of Things (IoT) Mirai botnet downloader (detected by Trend Micro as Trojan.SH.MIRAI.BOI ), which can be added to new malware Scan in the variant to expose the Big-IP box.
> The samples discovered this time also attempt to exploit the newly disclosed unpatched vulnerabilities. It is recommended that system administrators and individuals using related equipment immediately patch their respective tools.
π¦conventional
As previously reported , this security vulnerability involves a remote code execution (RCE) vulnerability in the BIG-IP management interface, namely the Traffic Management User Interface (TMUI). After analyzing the published information , we noticed from the Apache httpd mitigation rules that one way to exploit this vulnerability is to include an HTTP GET request containing a semicolon character in the URI. In the Linux command line, the semicolon sends a signal to the interpreter that the command line has been completed, which is a character that the vulnerability needs to trigger.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST MAC-SPOOFER APPS FOR WINDOWS :
(remember mac spoofing in any linux & windows can be done without any extra software from settings-configuration let's share some windows apps for automate this small processπ)
1) https://technitium.com/tmac/
2) http://www.klcconsulting.net/smac/
3) http://www.softpedia.com/get/Network-Tools/Misc-Networking-Tools/Win7-MAC-Changer.shtml ( recommended for old windows )
4) http://www.softpedia.com/get/PORTABLE-SOFTWARE/Network/Portable-Spoof-Me-Now.shtml
5) https://madmacs.en.uptodown.com/
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST MAC-SPOOFER APPS FOR WINDOWS :
(remember mac spoofing in any linux & windows can be done without any extra software from settings-configuration let's share some windows apps for automate this small processπ)
1) https://technitium.com/tmac/
2) http://www.klcconsulting.net/smac/
3) http://www.softpedia.com/get/Network-Tools/Misc-Networking-Tools/Win7-MAC-Changer.shtml ( recommended for old windows )
4) http://www.softpedia.com/get/PORTABLE-SOFTWARE/Network/Portable-Spoof-Me-Now.shtml
5) https://madmacs.en.uptodown.com/
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Technitium
Technitium MAC Address Changer | A Freeware Utility To Spoof MAC Address Instantly
Technitium MAC Address Changer (TMAC) is a freeware utility to instantly change or spoof MAC Address of any network card (NIC).
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST FILE SHARING FOR ANDROID 2020 :
> https://play.google.com/store/apps/details?id=com.lenovo.anyshare.gps
> https://play.google.com/store/apps/details?id=com.majedev.superbeam
> https://play.google.com/store/apps/details?id=com.sand.airdroid
> https://play.google.com/store/apps/details?id=cn.xender
>https://play.google.com/store/apps/details?id=com.dewmobile.kuaiya.play
> https://play.google.com/store/search?q=Send%20Anywhere&c=apps
> https://play.google.com/store/apps/details?id=com.xiaomi.midrop
> https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend
> https://play.google.com/store/apps/details?id=com.wetransfer.app.live
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST FILE SHARING FOR ANDROID 2020 :
> https://play.google.com/store/apps/details?id=com.lenovo.anyshare.gps
> https://play.google.com/store/apps/details?id=com.majedev.superbeam
> https://play.google.com/store/apps/details?id=com.sand.airdroid
> https://play.google.com/store/apps/details?id=cn.xender
>https://play.google.com/store/apps/details?id=com.dewmobile.kuaiya.play
> https://play.google.com/store/search?q=Send%20Anywhere&c=apps
> https://play.google.com/store/apps/details?id=com.xiaomi.midrop
> https://play.google.com/store/apps/details?id=org.mozilla.firefoxsend
> https://play.google.com/store/apps/details?id=com.wetransfer.app.live
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
SHAREit: Transfer, Share Files - Apps on Google Play
Send and receive big files & games, Video Downloader, file manager
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW NORDVPN PREMIUMβ
Live gudrunbjork321@gmail.com:sims1997 Expry: 2021-11-11 01:01:39 19.07.2020 06:02:56
Live e_hollands@hotmail.com:Myrtle6740 Expry: 2021-11-10 02:20:19 19.07.2020 06:03:01
Live brianaustin2@gmail.com:W@K@d3k3 Expry: 2021-11-03 00:00:00 19.07.2020 06:04:25
Live rakiciva@msu.edu:Nino29Kica Expry: 2021-09-18 02:37:39 19.07.2020 06:06:46
Live selfbias@gmail.com:Paranoid1 Expry: 2021-09-17 21:12:29 19.07.2020 06:06:51
Live octaviojr619@msn.com:Octavio0! Expry: 2021-08-29 08:39:24 19.07.2020 06:07:24
Live shadowjohnson1985@gmail.com:sh4d0wm4n Expry: 2021-08-27 19:15:41 19.07.2020 06:08:41
Live stmurray5@gmail.com:Kicker15 Expry: 2021-08-26 22:35:15 19.07.2020 06:08:47
Live jjohnson031982@gmail.com:Drafting2! Expry: 2021-08-26 00:00:00 19.07.2020 06:09:27
Live dravenkish@gmail.com:Roo123dog Expry: 2021-08-25 23:35:13 19.07.2020 06:09:31
Live bazarjani.kian@gmail.com:Kiasadrifeb97 Expry: 2021-08-12 03:20:30 19.07.2020 06:09:39
Live cap_thecrazykid@yahoo.com:Shemale97 Expry: 2021-07-29 21:20:41 19.07.2020 06:11:20
Live adrian.richter1@gmx.de:kaktusse8 Expry: 2021-07-29 16:40:27 19.07.2020 06:11:24
Live ZINDEL.ADAM@GMAIL.COM:09Zman-46 Expry: 2021-07-23 21:57:05 19.07.2020 06:12:03
Live mrtoel@gmail.com:Trumpet1! Expry: 2021-07-09 08:38:43 19.07.2020 06:12:07
Live richardsonalex69@yahoo.com:july1973 Expry: 2020-07-16 14:46:07 19.07.2020 06:12:33
Live sandrosurbakti@gmail.com:sandro135 Expry: 2020-07-24 12:08:14 19.07.2020 06:12:37
Live bill.wheeler101@yahoo.com:Kisses69 Expry: 2021-07-06 19:43:08 19.07.2020 06:12:41
Live thephillipta@gmail.com:padamon00 Expry: 2021-07-04 15:44:37 19.07.2020 06:13:15
Live kennyroy02@aol.com:Knight02 Expry: 2021-07-03 22:42:39 19.07.2020 06:13:20
Live twingenicide@gmail.com:wallnut8545 Expry: 2021-06-28 17:23:37 19.07.2020 06:14:06
Live rossspearman68@gmail.com:Blue1216 Expry: 2021-06-25 23:53:14 19.07.2020 06:14:28
Live angel36s@swbell.net:IFi81u812 Expry: 2021-06-25 14:15:22 19.07.2020 06:14:31
Live robertban666@gmail.com:hastur11 Expry: 2021-06-25 12:18:00 19.07.2020 06:14:34
Live ryanragsdale2001@gmail.com:Ryry2001 Expry: 2021-06-24 13:59:35 19.07.2020 06:14:38
Live sbernard608@gmail.com:00bf35137cf4 Expry: 2021-06-24 05:09:41 19.07.2020 06:15:47
Live alexlockwood550@gmail.com:locky1997 Expry: 2021-06-18 02:43:12 19.07.2020 06:15:51
Live Thedrewster357@gmail.com:DrewHudson357 Expry: 2021-06-16 15:14:04 19.07.2020 06:15:55
Live let_your_soulfly@hotmail.com:Incubus311! Expry: 2021-06-15 10:27:24 19.07.2020 06:16:23
Live kernreeves1998@hotmail.com:TryhardTac0 Expry: 2021-06-14 03:42:50 19.07.2020 06:16:49
Live cmhazelton1998@gmail.com:agletzip1998 Expry: 2021-06-13 07:17:45 19.07.2020 06:16:52
Live matclaxton@hotmail.com:r44267171 Expry: 2021-06-10 11:25:23 19.07.2020 06:16:56
(only verified by us)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW NORDVPN PREMIUMβ
Live gudrunbjork321@gmail.com:sims1997 Expry: 2021-11-11 01:01:39 19.07.2020 06:02:56
Live e_hollands@hotmail.com:Myrtle6740 Expry: 2021-11-10 02:20:19 19.07.2020 06:03:01
Live brianaustin2@gmail.com:W@K@d3k3 Expry: 2021-11-03 00:00:00 19.07.2020 06:04:25
Live rakiciva@msu.edu:Nino29Kica Expry: 2021-09-18 02:37:39 19.07.2020 06:06:46
Live selfbias@gmail.com:Paranoid1 Expry: 2021-09-17 21:12:29 19.07.2020 06:06:51
Live octaviojr619@msn.com:Octavio0! Expry: 2021-08-29 08:39:24 19.07.2020 06:07:24
Live shadowjohnson1985@gmail.com:sh4d0wm4n Expry: 2021-08-27 19:15:41 19.07.2020 06:08:41
Live stmurray5@gmail.com:Kicker15 Expry: 2021-08-26 22:35:15 19.07.2020 06:08:47
Live jjohnson031982@gmail.com:Drafting2! Expry: 2021-08-26 00:00:00 19.07.2020 06:09:27
Live dravenkish@gmail.com:Roo123dog Expry: 2021-08-25 23:35:13 19.07.2020 06:09:31
Live bazarjani.kian@gmail.com:Kiasadrifeb97 Expry: 2021-08-12 03:20:30 19.07.2020 06:09:39
Live cap_thecrazykid@yahoo.com:Shemale97 Expry: 2021-07-29 21:20:41 19.07.2020 06:11:20
Live adrian.richter1@gmx.de:kaktusse8 Expry: 2021-07-29 16:40:27 19.07.2020 06:11:24
Live ZINDEL.ADAM@GMAIL.COM:09Zman-46 Expry: 2021-07-23 21:57:05 19.07.2020 06:12:03
Live mrtoel@gmail.com:Trumpet1! Expry: 2021-07-09 08:38:43 19.07.2020 06:12:07
Live richardsonalex69@yahoo.com:july1973 Expry: 2020-07-16 14:46:07 19.07.2020 06:12:33
Live sandrosurbakti@gmail.com:sandro135 Expry: 2020-07-24 12:08:14 19.07.2020 06:12:37
Live bill.wheeler101@yahoo.com:Kisses69 Expry: 2021-07-06 19:43:08 19.07.2020 06:12:41
Live thephillipta@gmail.com:padamon00 Expry: 2021-07-04 15:44:37 19.07.2020 06:13:15
Live kennyroy02@aol.com:Knight02 Expry: 2021-07-03 22:42:39 19.07.2020 06:13:20
Live twingenicide@gmail.com:wallnut8545 Expry: 2021-06-28 17:23:37 19.07.2020 06:14:06
Live rossspearman68@gmail.com:Blue1216 Expry: 2021-06-25 23:53:14 19.07.2020 06:14:28
Live angel36s@swbell.net:IFi81u812 Expry: 2021-06-25 14:15:22 19.07.2020 06:14:31
Live robertban666@gmail.com:hastur11 Expry: 2021-06-25 12:18:00 19.07.2020 06:14:34
Live ryanragsdale2001@gmail.com:Ryry2001 Expry: 2021-06-24 13:59:35 19.07.2020 06:14:38
Live sbernard608@gmail.com:00bf35137cf4 Expry: 2021-06-24 05:09:41 19.07.2020 06:15:47
Live alexlockwood550@gmail.com:locky1997 Expry: 2021-06-18 02:43:12 19.07.2020 06:15:51
Live Thedrewster357@gmail.com:DrewHudson357 Expry: 2021-06-16 15:14:04 19.07.2020 06:15:55
Live let_your_soulfly@hotmail.com:Incubus311! Expry: 2021-06-15 10:27:24 19.07.2020 06:16:23
Live kernreeves1998@hotmail.com:TryhardTac0 Expry: 2021-06-14 03:42:50 19.07.2020 06:16:49
Live cmhazelton1998@gmail.com:agletzip1998 Expry: 2021-06-13 07:17:45 19.07.2020 06:16:52
Live matclaxton@hotmail.com:r44267171 Expry: 2021-06-10 11:25:23 19.07.2020 06:16:56
(only verified by us)
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Looking for 2020 good proxies free services ?
https://www.proxysite.com/
https://hide.me/en/proxy
https://whoer.net/webproxy
https://www.4everproxy.com/
https://www.hidemyass.com/ (proxie & vpn)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Looking for 2020 good proxies free services ?
https://www.proxysite.com/
https://hide.me/en/proxy
https://whoer.net/webproxy
https://www.4everproxy.com/
https://www.hidemyass.com/ (proxie & vpn)
β β β Uππ»βΊπ«Δπ¬πβ β β β
Proxysite
ProxySite.com - Free Web Proxy Site
Access the wealth of information on the Internet without giving up your privacy. What you do on the Internet is nobodyβs business but your own. ProxySite.com stands between your web use and anyone trying to monitor your activity.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 ANDROID APPS TO KNOW THE DEVICES CONNECTED TO YOUR WI-FI :
- https://play.google.com/store/apps/details?id=com.easymobile.lan.scanner
- https://play.google.com/store/apps/details?id=com.tools.netgel.netx
- https://newzoogle.com/7-best-android-apps-know-devices-connected-wi-fi/
- https://play.google.com/store/apps/details?id=com.overlook.android.fing
- https://apkpure.com/who-s-on-my-wifi/com.whoisonmywifi.agent
- https://apkpure.com/who-uses-my-wifi-network-scanner/com.phuongpn.whousemywifi.networkscanner/download?from=details
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 ANDROID APPS TO KNOW THE DEVICES CONNECTED TO YOUR WI-FI :
- https://play.google.com/store/apps/details?id=com.easymobile.lan.scanner
- https://play.google.com/store/apps/details?id=com.tools.netgel.netx
- https://newzoogle.com/7-best-android-apps-know-devices-connected-wi-fi/
- https://play.google.com/store/apps/details?id=com.overlook.android.fing
- https://apkpure.com/who-s-on-my-wifi/com.whoisonmywifi.agent
- https://apkpure.com/who-uses-my-wifi-network-scanner/com.phuongpn.whousemywifi.networkscanner/download?from=details
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST VIDEO EDITORS FOR ANDROID 2020 :
https://play.google.com/store/apps/details?id=com.quvideo.xiaoying
https://play.google.com/store/apps/details?id=com.stupeflix.replay
https://play.google.com/store/apps/details?id=com.cyberlink.powerdirector.DRA140225_01
https://play.google.com/store/apps/details?id=com.alivestory.android.alive
https://play.google.com/store/apps/details?id=com.nexstreaming.app.kinemasterfree
https://play.google.com/store/apps/details?id=com.camerasideas.instashot
https://play.google.com/store/apps/details?id=com.adobe.premiererush.videoeditor
https://play.google.com/store/apps/details?id=com.wondershare.filmorago
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST VIDEO EDITORS FOR ANDROID 2020 :
https://play.google.com/store/apps/details?id=com.quvideo.xiaoying
https://play.google.com/store/apps/details?id=com.stupeflix.replay
https://play.google.com/store/apps/details?id=com.cyberlink.powerdirector.DRA140225_01
https://play.google.com/store/apps/details?id=com.alivestory.android.alive
https://play.google.com/store/apps/details?id=com.nexstreaming.app.kinemasterfree
https://play.google.com/store/apps/details?id=com.camerasideas.instashot
https://play.google.com/store/apps/details?id=com.adobe.premiererush.videoeditor
https://play.google.com/store/apps/details?id=com.wondershare.filmorago
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
VivaVideo - Video Editor&Maker - Apps on Google Play
Trending Reels Maker: Go Viral with AI-Powered Edits & Effects in Seconds.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Best free DNS servers of 2020 :
OpenDNS
208.67.222.222
Owned by Cisco, OpenDNS has two free options: Family Shield and Home. Family Shield is good for parents who want to make sure their kids canβt access inappropriate content. Home focuses on internet safety and performance.
Cloudflare
1.1.1.1
The βfastest DNS resolver on Earth,β Cloudflareβs free DNS service has:
Unmetered mitigation of DDoS
Global CDN
Shared SSL certificate
Three-page rules
Unlimited bandwidth
1.1.1.1 with Warp
1.1.1.1
A Cloudflare subproduct, 1.1.1.1 with Warp is designed for mobile devices. When you download the app on your smartphone or tablet, it βreplaces the connection between your phone and the internet with a modern, optimized, protocol.β They also pledge to never sell your data.
Google Public DNS
8.8.8.8
Googleβs own DNS product is also free. It focuses on βspeed, security, and validity of results.β It only offers DNS resolution and caching β there is no site-blocking with Public DNS.
Comodo Secure DNS
8.26.56.26
Comodo Secure DNSβs cloud-based Dome Shield Gold package is free (up to 300,000 monthly DNS requests). This gets you:
Protection against malicious domain requests and IP responses
Security from advanced threats like phishing, malware, malicious sites, botnets, C&C callback events, spyware, drive-by-downloads, XXS-injected sites, cookie stealing, anonymizers, TOR encrypted files and web attacks
Multi-location, multi-user and the ability to control network protection remotely
Block pages and domain filtering
Mobile apps
Reporting
Off-network protection
Quad9
9.9.9.9
Quad9 emphasizes security, privacy and performance β the company was founded on the goal to make the internet safer for everyone. It blocks malicious domains, phishing and malware while maintaining your anonymity. Quad9 is constantly expanding to new regions. Right now, it comes in at No. 6 on the DNS Performance Analytics and Comparison ratings.
Verisign Public DNS
64.6.65.6
Verisign touts its superior stability and security features, plus the fact that they donβt sell user data to any third-party companies or for selling/targeting ads.
OpenNIC
13.239.157.177
At its core, OpenNIC is an attempt to combat censorship. Volunteer-run, this free DNS server makes the entire web accessible to everyone. They also prevent βDNS hijackingβ which is when an ISP takes over commonly mistyped URLs.
UncensoredDNS
91.239.100.100
Completely run and funded by founder Thomas Steen Rasmussen, UncensoredDNS is based in Denmark. Itβs a great option for those local to FreeDNS, complete with security features, performance enhancement and reliability.
CleanBrowsing
185.228.168.168
Both free and paid versions of CleanBrowsing are available. The free DNS server focuses on privacy, especially for households with children. It comes with three free filters and blocks most adult content.
Yandex DNS
77.88.8.7
This Russia-based option has a whole list of features:
Performance β Gets you faster access to the web
Protection β Blocks malware and bots
Content filtering β Prohibits access to adult content
UltraRecursive DNS
156.154.70.1
Neustarβs UltraRecursive DNS is also a well-rounded option. It offers performance enhancement with quick query resolution and a reliable infrastructure. It also blocks malware, malicious websites, phishing, spyware and bots (plus DDoS protection). Itβll also block inappropriate or adult content.
Alternate DNS
198.101.242.72
Sick of seeing so many ads online? Alternate DNS is the solution for you. They maintain a database of known ad-serving domains and send a null response to block ads before they connect to your network.
AdGuard DNS
176.103.130.130
AdGuard DNS also focuses on ad blocking. It also blocks counters, malicious websites, and adult content.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Best free DNS servers of 2020 :
OpenDNS
208.67.222.222
Owned by Cisco, OpenDNS has two free options: Family Shield and Home. Family Shield is good for parents who want to make sure their kids canβt access inappropriate content. Home focuses on internet safety and performance.
Cloudflare
1.1.1.1
The βfastest DNS resolver on Earth,β Cloudflareβs free DNS service has:
Unmetered mitigation of DDoS
Global CDN
Shared SSL certificate
Three-page rules
Unlimited bandwidth
1.1.1.1 with Warp
1.1.1.1
A Cloudflare subproduct, 1.1.1.1 with Warp is designed for mobile devices. When you download the app on your smartphone or tablet, it βreplaces the connection between your phone and the internet with a modern, optimized, protocol.β They also pledge to never sell your data.
Google Public DNS
8.8.8.8
Googleβs own DNS product is also free. It focuses on βspeed, security, and validity of results.β It only offers DNS resolution and caching β there is no site-blocking with Public DNS.
Comodo Secure DNS
8.26.56.26
Comodo Secure DNSβs cloud-based Dome Shield Gold package is free (up to 300,000 monthly DNS requests). This gets you:
Protection against malicious domain requests and IP responses
Security from advanced threats like phishing, malware, malicious sites, botnets, C&C callback events, spyware, drive-by-downloads, XXS-injected sites, cookie stealing, anonymizers, TOR encrypted files and web attacks
Multi-location, multi-user and the ability to control network protection remotely
Block pages and domain filtering
Mobile apps
Reporting
Off-network protection
Quad9
9.9.9.9
Quad9 emphasizes security, privacy and performance β the company was founded on the goal to make the internet safer for everyone. It blocks malicious domains, phishing and malware while maintaining your anonymity. Quad9 is constantly expanding to new regions. Right now, it comes in at No. 6 on the DNS Performance Analytics and Comparison ratings.
Verisign Public DNS
64.6.65.6
Verisign touts its superior stability and security features, plus the fact that they donβt sell user data to any third-party companies or for selling/targeting ads.
OpenNIC
13.239.157.177
At its core, OpenNIC is an attempt to combat censorship. Volunteer-run, this free DNS server makes the entire web accessible to everyone. They also prevent βDNS hijackingβ which is when an ISP takes over commonly mistyped URLs.
UncensoredDNS
91.239.100.100
Completely run and funded by founder Thomas Steen Rasmussen, UncensoredDNS is based in Denmark. Itβs a great option for those local to FreeDNS, complete with security features, performance enhancement and reliability.
CleanBrowsing
185.228.168.168
Both free and paid versions of CleanBrowsing are available. The free DNS server focuses on privacy, especially for households with children. It comes with three free filters and blocks most adult content.
Yandex DNS
77.88.8.7
This Russia-based option has a whole list of features:
Performance β Gets you faster access to the web
Protection β Blocks malware and bots
Content filtering β Prohibits access to adult content
UltraRecursive DNS
156.154.70.1
Neustarβs UltraRecursive DNS is also a well-rounded option. It offers performance enhancement with quick query resolution and a reliable infrastructure. It also blocks malware, malicious websites, phishing, spyware and bots (plus DDoS protection). Itβll also block inappropriate or adult content.
Alternate DNS
198.101.242.72
Sick of seeing so many ads online? Alternate DNS is the solution for you. They maintain a database of known ad-serving domains and send a null response to block ads before they connect to your network.
AdGuard DNS
176.103.130.130
AdGuard DNS also focuses on ad blocking. It also blocks counters, malicious websites, and adult content.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AdGuard exposes 295 malicious Chrome extensions that hijack Google and Bing search results
> AdGuard, an ad blocking solution company, pointed out that it recently discovered 295 malicious Chrome extensions. Its characteristic is to hijack the search results of Google and Bing and insert advertisements in them. It is reported that AdGuard employees are researching a series of methods to find fake ad blocking extensions from Googleβs official Chrome web store, and also found some malicious extensions posing as weather forecast widgets or screenshot tools.
> Most of the malicious extensions (245/295) found by AdGuard are fairly simple utilities. Apart from applying a custom background for Chromeβs "New Tab Page", there is no additional use.
However, in the technical analysis shared with ZDNet, AdGuard stated that it found malicious code loaded from the fly-analytics.com domain in all these malicious extensions, and the follow-up was to secretly inject ads into the search results of Google and Bing. .
π¦ormat: extension ID extension name
β flbcjbhgomclbhlchggbmnpekhfeacim, "ScreenShot & Screen Capture Elite"
β aadmpgppfacognoeobmheghfiibdplcf, "Kawaii Wallpaper HD Custom New Tab"
β abgfholnofpihncfdmombecmohpkojdb, βShadow Of The Tomb Raider Wallpaper New Tabβ
β aciloeifdphkogbpagikkpiecbjkmedn, "Kpop SHINee Wallpapers HD New Tab"
β acmgemnaochmalgkipbamjddcplkdmjm, "Tokyo Ghoul Wallpaper HD Custom New Tab"
β addpbbembilhmnkjpenjgcgmihlcofja, "Mega Man Wallpaper HD Custom New Tab"
β adfjcmhegakkhojnallobfjbhenbkopj, βWeather forecast for Chromeβ’β
β aeklcpmgaadjpglhjmcidlekijpnmdhc, "Kpop Blackpink Wallpaper HD Custom New Tab"
β afifalglopajkmdkgnphpfkmgpgdngfj, βKpop Red Velvet HD NewTab Themesβ
β agldjlpmeladgadoikdbndmeljpmnajl, "Tumblr Wallpapers Wallpaper HD Custom New Tab"
β ahmmgfhcokekfofjdndgmkffifklogbo, "season 6 fortnite HD Wallpapers NewTab"
β aippaajbmefpjeajhgaahmicdpgepnnm, "Unicorn Wallpaper HD Custom New Tab"
β akdpobnbjepjbnjklkkbdafemhnbfldj, "My Hero Academia Wallpaper HD Custom New Tab"
β akhiflcfcbnheaofcaflofbmnkmjlnno, βCs Go Wallpaper HD Custom New Tabβ
β aklklkifmplgnobmieahildcfble AMD b, "Super Junior Wallpapers Eunhyuk"
β alppaffmlaefpmopolgpkgmncopkbbep, "Boku No Hero Academia Wallpaper HD New Tab"
β amdnpfcpjglkdfcigaccfgmlmdepdpeo, "D.Gray-man Backgrounds New Tab"
β aomepndmhbbklcjcknnhdabaaofahjcj, "Super Cars β Sports Cars Wallpaper HD New Tab"
β badbchbijjjadlpjkkhmefaghggjjeha, βLil Pump HD New Tabβ
β bbbdfjdplonnggfjjbjhggobffkggnkm, "3D Wallpaper HD Custom New Tab"
β bbdldenhkjcoikalkfkgolomdpnncofc, "Snowman & Gingerbread New Tab Constellations"
β bcdjcbgogdomoebdcbniaifnacjbglil, βGucci Tab Themes HD Bapeβ
β bcepmajicjlaoleoljbpaemkfghohmib, βBulldogs Tabβ
β bdbablmeheiahecklheciomhmkplcoml, "Kobe Bryant β Black Mamba New Tab Themes HD"
β bfeecodfffgkdedfhmgbfindokikafid, "GTA 5 Grand Theft Auto"
β bhifimmocncplbnikchffepggmofkake, "Bangtan Boys Wallpaper HD Custom New Tab"
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AdGuard exposes 295 malicious Chrome extensions that hijack Google and Bing search results
> AdGuard, an ad blocking solution company, pointed out that it recently discovered 295 malicious Chrome extensions. Its characteristic is to hijack the search results of Google and Bing and insert advertisements in them. It is reported that AdGuard employees are researching a series of methods to find fake ad blocking extensions from Googleβs official Chrome web store, and also found some malicious extensions posing as weather forecast widgets or screenshot tools.
> Most of the malicious extensions (245/295) found by AdGuard are fairly simple utilities. Apart from applying a custom background for Chromeβs "New Tab Page", there is no additional use.
However, in the technical analysis shared with ZDNet, AdGuard stated that it found malicious code loaded from the fly-analytics.com domain in all these malicious extensions, and the follow-up was to secretly inject ads into the search results of Google and Bing. .
π¦ormat: extension ID extension name
β flbcjbhgomclbhlchggbmnpekhfeacim, "ScreenShot & Screen Capture Elite"
β aadmpgppfacognoeobmheghfiibdplcf, "Kawaii Wallpaper HD Custom New Tab"
β abgfholnofpihncfdmombecmohpkojdb, βShadow Of The Tomb Raider Wallpaper New Tabβ
β aciloeifdphkogbpagikkpiecbjkmedn, "Kpop SHINee Wallpapers HD New Tab"
β acmgemnaochmalgkipbamjddcplkdmjm, "Tokyo Ghoul Wallpaper HD Custom New Tab"
β addpbbembilhmnkjpenjgcgmihlcofja, "Mega Man Wallpaper HD Custom New Tab"
β adfjcmhegakkhojnallobfjbhenbkopj, βWeather forecast for Chromeβ’β
β aeklcpmgaadjpglhjmcidlekijpnmdhc, "Kpop Blackpink Wallpaper HD Custom New Tab"
β afifalglopajkmdkgnphpfkmgpgdngfj, βKpop Red Velvet HD NewTab Themesβ
β agldjlpmeladgadoikdbndmeljpmnajl, "Tumblr Wallpapers Wallpaper HD Custom New Tab"
β ahmmgfhcokekfofjdndgmkffifklogbo, "season 6 fortnite HD Wallpapers NewTab"
β aippaajbmefpjeajhgaahmicdpgepnnm, "Unicorn Wallpaper HD Custom New Tab"
β akdpobnbjepjbnjklkkbdafemhnbfldj, "My Hero Academia Wallpaper HD Custom New Tab"
β akhiflcfcbnheaofcaflofbmnkmjlnno, βCs Go Wallpaper HD Custom New Tabβ
β aklklkifmplgnobmieahildcfble AMD b, "Super Junior Wallpapers Eunhyuk"
β alppaffmlaefpmopolgpkgmncopkbbep, "Boku No Hero Academia Wallpaper HD New Tab"
β amdnpfcpjglkdfcigaccfgmlmdepdpeo, "D.Gray-man Backgrounds New Tab"
β aomepndmhbbklcjcknnhdabaaofahjcj, "Super Cars β Sports Cars Wallpaper HD New Tab"
β badbchbijjjadlpjkkhmefaghggjjeha, βLil Pump HD New Tabβ
β bbbdfjdplonnggfjjbjhggobffkggnkm, "3D Wallpaper HD Custom New Tab"
β bbdldenhkjcoikalkfkgolomdpnncofc, "Snowman & Gingerbread New Tab Constellations"
β bcdjcbgogdomoebdcbniaifnacjbglil, βGucci Tab Themes HD Bapeβ
β bcepmajicjlaoleoljbpaemkfghohmib, βBulldogs Tabβ
β bdbablmeheiahecklheciomhmkplcoml, "Kobe Bryant β Black Mamba New Tab Themes HD"
β bfeecodfffgkdedfhmgbfindokikafid, "GTA 5 Grand Theft Auto"
β bhifimmocncplbnikchffepggmofkake, "Bangtan Boys Wallpaper HD Custom New Tab"
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ How to learn software reverse engineering skills :
1) In reverse analysis, many people will go to the Internet to learn tutorials such as shelling, and will teach you where to place a breakpoint. After pressing F7, F8, F9 a few times, you will reach the designated position and right-click to shell. This series The operation is the accumulation of years of experience of the master.
- You may have learned this simplest solution, but you do not understand the specific principles. The first person to propose a solution needs to walk through the various pits of this shell to form this so-called skill. It is to save time and labor costs, repeat the work countless times without affecting the quality of the solution.
2) As far as the confrontation industry is concerned, there is no chance. If you can rub your opponent on the ground, you will win. Similarly, many times we only see the glamorous side of security analysts, and only see the patch and attack in the last few seconds, but we donβt know that the analyst has been tortured by this shell and debugging. Repeatedly lying in the pit can finally solve it. . Therefore, what confronts the test is human willfulness and basic skills.
π °οΈWillfulness: Supported by Belief
π ±οΈBasic skills: write code, read code
3) Basic skills are very important. There are a lot of tutorials on the Internet, such as learning to shell out in three days and anti-debugging in two days, but we need basic skills. For example, during the reverse analysis of minesweeping, there are also many tutorials about OllyDbg.
4) They explain in detail what each function does. These functions can actually be learned briefly. What we need to do is to make the code of the disassembly window shown in in @UndercodeTesting next this chat
. It's OK to understand. These automated tools may not be very familiar, but work efficiency is slower; but from another perspective, if you can use every function and shortcut in the OD tool, but the code in the disassembly window is not understandable, then you will use it. ? Therefore, everyone's attention should be placed on the disassembly window.
written
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ How to learn software reverse engineering skills :
1) In reverse analysis, many people will go to the Internet to learn tutorials such as shelling, and will teach you where to place a breakpoint. After pressing F7, F8, F9 a few times, you will reach the designated position and right-click to shell. This series The operation is the accumulation of years of experience of the master.
- You may have learned this simplest solution, but you do not understand the specific principles. The first person to propose a solution needs to walk through the various pits of this shell to form this so-called skill. It is to save time and labor costs, repeat the work countless times without affecting the quality of the solution.
2) As far as the confrontation industry is concerned, there is no chance. If you can rub your opponent on the ground, you will win. Similarly, many times we only see the glamorous side of security analysts, and only see the patch and attack in the last few seconds, but we donβt know that the analyst has been tortured by this shell and debugging. Repeatedly lying in the pit can finally solve it. . Therefore, what confronts the test is human willfulness and basic skills.
π °οΈWillfulness: Supported by Belief
π ±οΈBasic skills: write code, read code
3) Basic skills are very important. There are a lot of tutorials on the Internet, such as learning to shell out in three days and anti-debugging in two days, but we need basic skills. For example, during the reverse analysis of minesweeping, there are also many tutorials about OllyDbg.
4) They explain in detail what each function does. These functions can actually be learned briefly. What we need to do is to make the code of the disassembly window shown in in @UndercodeTesting next this chat
. It's OK to understand. These automated tools may not be very familiar, but work efficiency is slower; but from another perspective, if you can use every function and shortcut in the OD tool, but the code in the disassembly window is not understandable, then you will use it. ? Therefore, everyone's attention should be placed on the disassembly window.
written
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Page Admin Disclosure _ Facebook Bug Bounty 2019.pdf
645.1 KB
Page Admin Disclosure _ Facebook Bug Bounty 2019
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST IP Camera CVE :
1) CVE-2020-3110 A vulnerability in the Cisco Discovery Protocol implementation for the Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP Camera. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to the targeted IP Camera. A successful exploit could allow the attacker to expose the affected IP Camera for remote code execution or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). This vulnerability is fixed in Video Surveillance 8000 Series IP Camera Firmware Release 1.0.7 and later.
2) CVE-2020-11625 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force attacks. NOTE: this is different from
3) CVE-2020-7057.
CVE-2020-11624 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but there's no enforcement. An administrator can click Cancel and proceed to use the device without changing the password. Additionally, they disclose the default username within the login.js script. Since many attacks for IoT devices, including malware and exploits, are based on the usage of default credentials, it makes these cameras an easy target for malicious actors.
4) CVE-2020-11623 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable.
5) CVE-2019-9676 Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.
π¦BEST IP Camera CVE :
1) CVE-2020-3110 A vulnerability in the Cisco Discovery Protocol implementation for the Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP Camera. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to the targeted IP Camera. A successful exploit could allow the attacker to expose the affected IP Camera for remote code execution or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). This vulnerability is fixed in Video Surveillance 8000 Series IP Camera Firmware Release 1.0.7 and later.
2) CVE-2020-11625 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force attacks. NOTE: this is different from
3) CVE-2020-7057.
CVE-2020-11624 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but there's no enforcement. An administrator can click Cancel and proceed to use the device without changing the password. Additionally, they disclose the default username within the login.js script. Since many attacks for IoT devices, including malware and exploits, are based on the usage of default credentials, it makes these cameras an easy target for malicious actors.
4) CVE-2020-11623 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable.
5) CVE-2019-9676 Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.