BYPASSING UAC ON WINDOWS 10 USING DISK CLEANUP
full with pictures

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FastTips for speedup windows 10 :

1) Disable Startup Programs

2) Switch to the “Startup” tab and check for unnecessary apps with higher impact on the system. You can do so by clicking on “Startup Impact” label. Next, right-click on applications and click on “Disable”. Do this for every unnecessary app. This will speed up Windows 10 every time you turn on your PC.

3) Disable Background Apps
Background apps are Windows apps which run in the background to receive notifications and updates. While messaging and email apps may require background sync, apps like Candy Crush and Calculator don’t need it at all. These apps constantly run in the background and make the computer slow, besides draining the battery. So to speed up Windows 10, first disable the background apps. Here is how to do it.

4) Regularly, then you may skip this section. However, if you don’t use Cortana and want to limit your search to just PC, then it’s better to disable it at once. This will save you a lot of computer resources as Cortana keeps hogging memory and important resources in the background. Follow these steps to disable Cortana and speed up Windows 10 significantly.

5) Uninstall Multiple Antivirus Programs
It is a bad idea to install multiple Antivirus programs to secure your PC. Antivirus checks file integrity in the background which in turn eats disk usage. Having multiple antiviruses will further make your computer slow. In fact, installing an antivirus on Windows 10 is completely avoidable as it comes with Windows Defender pre-installed. And frankly, it’s pretty good and reliable. In case, your PC is attacked by some rogue virus and Windows Defender is unable to remove it then we recommend you to install Malwarebytes to clean up your PC. Malwarebytes will speed up Windows 10 and also remove the viruses.

6) Change Power Plan to high performance

7) Disable Windows UpdateBlock Telemetry Service
Windows is increasingly tracking users with its various tools and techniques. It constantly sends and retrieves data to its server in the background. All these background telemetry services hog down crucial computer resources which further makes your PC slow down. So to block these telemetry services from running in the background, you can use a personalized host file. It blocks the server and the PC from establishing a communication. A user named Scorthyn on Reddit has created the host file and you can use it on your Windows 10 PC

8) Disable Indexing on Older Windows 10 PCs
In simple terms, Indexing means keeping a list of all the files located in your PC. It helps Windows in finding the file quickly when you hit the search button. However, on older PCs, the indexing process eats up too many resources and makes the PC remarkably slow. Note that if you are using a Windows PC with powerful configs then disabling indexing will not make a considerable difference.

9) Debloat Windows 10
Of late, Windows has become incredibly bloated with useless apps and services. These apps take up crucial RAM, processing power and disk space. It significantly slows down the system and you are left with a laggy mess. The sad part is that you can’t even uninstall these apps through the Control Panel


10) Keep a Check on Background Processes

11) Use an Efficient Browser
Most of us use a web browser on our Windows 10 PC to browse the internet. In my case, I use Chrome all the time because I am deep into the Google’s ecosystem. However, it is quite popularly know that Chrome is a resource hogger. It really eats up most of my computer resources, making it slow and overall laggy for a few seconds

12) Switch to an SSD
I believe Windows 10 is a great Operating Systemv — almost as good as the macOS — but it has been marred by sloppy hardware over the years. Most of us use Windows 10 on a mechanical hard drive(HDD) which is quite slow and further results in slow performance.

E N J O Y ❤️👍🏻
@UndercodeTesting
written combined between wiki & redit
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Java se basics
1). Java basic data types and expressions, branch and loop.

2). Use of String and StringBuffer, regular expressions.

3). Object-oriented abstraction, encapsulation, inheritance, polymorphism, class and object, object initialization and recovery; constructor, this keyword, method and method parameter passing process, static keyword, internal class.

4). Object instantiation process, method coverage, final keywords, abstract classes, interfaces, inheritance advantages and disadvantages analysis; object polymorphism: conversion between subclasses and parent classes, abstract classes and interfaces are many Application in the state, the benefits of polymorphism.

5). Java exception handling, the mechanism of exception.

6). Commonly used design patterns: Singleton, Template, Strategy patterns.

7). JavaAPI introduction: a kind of basic data type packaging class, System and Runtime class, Date and DateFomat class, etc.

8). Java collection introduction: Collection, Set, List, ArrayList, LinkedList, Hashset, Map, HashMap, Iterator and other commonly used collection APIs.

9).JavaI/O input and output streams: File and FileRandomAccess classes, byte stream InputStream and OutputStream, character stream Reader and Writer, and corresponding implementation classes, IO performance analysis, byte and character conversion stream, and the concept of packaging stream, And commonly used packaging, computer coding.

10). Java advanced features: reflection and generics.

11). Multithreading principle: how to create multithreading (Thread, Runnable) in the program, thread safety issues, thread synchronization, communication between threads, deadlock.

12). You can remember some of the Java knowledge points you encounter daily with cloud notes such as Youdaoyun, such as the syntactic sugar of java8

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is the correct learning posture for "C Primer Plus"?

1) We often hear people arguing that "Python, Java, PHP... are the best languages in the world", but we rarely hear people praise the C language.

2) Why do so many people do not learn C language? Because many people find it too difficult to use the C language as an introductory language. There are pointers, callbacks, and recursive operations that are too difficult. Why do so many people find C language difficult? Asynchronous Jun summarized based on the sharing of netizens:

3) C language itself has certain difficulties

Compared with the more popular Java, Python and other languages, C language is a bit more difficult to get started, especially some of the function pointers, pointer functions, callbacks, and recursion in the C language inside. I think this thing is too difficult. , It is too abstract to understand, and unpredictable to use. The pointer is a threshold for learning C language, and once you cross it, you will be able to get there. How many people are falling on the pointer.


4) C language is a process-oriented language

In principle, functions and modules can be called indiscriminately in the C language. If the framework is not strong, the code written is a mess and very difficult to maintain. Many beginners use the C language to implement a function, basically put it in a file or function, messy code together, if you use pointers to implement the function, the code is almost impossible to see, of course this is a common problem for beginners.

5) When it comes to learning the C language, one thousand people may have a thousand feelings. The functions are too complicated and the pointers cannot be understood...Those who have been abused by it have really tried many times.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The Most #requested tutorial
The Fully Remote Attack Surface of the iPhone
full with pictures

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑4 dependency injection methods of Spring Bean by Undercode:)

The so-called dependency injection is actually assigning values to properties in the object, because there are other objects in the object, so dependencies are formed. Spring has 4 ways to assign values to attributes:

1) Constructor injection
Constructor injection refers to injecting attributes or objects in the constructor to achieve dependency injection. As shown below, define a bean with id userDaoImpl in the tag, and inject the value of name as username and value as admin. After the injection is completed Get the value admin directly through this.username. The reference type uses the ref attribute, and the basic type uses the value attribute.

public class UserDaoImpl {

private String username;

public UserDaoImpl(String username) {
this.username = username;
}
<bean id="userDaoImpl" class="com.example.UserDaoImpl">
<constructor-arg name="username" value="admin"></constructor-arg>
</bean>

2) set method injection
The set method injection is to realize the dependency injection of attributes or objects by implementing get and set methods in the class. As shown below, define a Bean with an id of userDaoImpl in the label, and inject the value of name as username and value as admin , After the injection is completed, the value admin is directly obtained through getUsername().

public class UserDaoImpl {

private String username;


public String getUsername() {
return username;
}

public void setUsername(String username) {
this.username = username;
}
}
<bean id="userDaoImpl" class="com.example.UserDaoImpl">
<property name="username" value="admin"></property>
</bean>

3) Automatic assembly
Spring provides the function of automatic assembly, which simplifies our configuration. Automatic assembly is not turned on by default. There are two common ways:

byName: Automatic assembly by parameter name, as shown below, after the autowire with id of userService is set to byName, the IOC container will auto-assemble by name, and find that there is an attribute called userDao in the UserService class, and then look at the IOC container Is there an id of userDao, if so, install it.

 id="userDao" class="com.example.UserDao"></bean>
    <bean id="userService" class="com.example.UserService" autowire="byName"/>

4) Annotation
The @Undercode_Autowired as example annotation can realize automatic assembly, as long as the annotation is marked on the corresponding attribute, but the @autowired_autowired annotation is only injected according to byType.

 class UserController {

    @Autowired_example
    private IUserService userService;
}

🦑The @Resource annotation can realize automatic assembly. It has two important attributes: name and type. The name attribute is resolved to the name of the bean, and the type attribute is resolved to the type of the bean. So if the name attribute is used, the automatic injection strategy of byName is used, and the automatic injection strategy of byType is used if the type attribute is used. If neither the name nor the type attribute is specified, then the byName automatic injection strategy will be used through the reflection mechanism.

ENJOY❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑All Popular WAYS TO HACK YOUR WIRELESS NETWORK?

Wireless Attacks have grown to be a very popular as it’s an easy way to attack a company’s network and steal information. Hackers use various methods and styles to steal your WiFi password and information. Below are a few ways a hacker can attack your wireless network to gain access to your data. Make sure you have security protocols and measures in place to for each!

1) Rouge Access Point
When an unauthorized access point (AP) is installed on your network and broadcasts a WiFi signal (SSID) that a hacker uses to hack your network.

2) Man in the Middle Attack
Hackers trick computers or mobile devices into sending their transmissions to the attacker’s system using various methods like creating duplicate wireless signals (SSID).

3) War Driving
War driving is when someone drives around with a WiFi scanning device and special software looking for vulnerable access points hack. They’ve even have taken it a step further and are now using drones to look for vulnerable access points in high rise offices. Ways to address this is turn down he power of your access point signal or hide your WiFi signal.

4) WEP ATTACKS
WEP Attacks: If your Wireless Network is using WEP Encryption to password protect it, you might as well call your WiFi SSID “FREE NETWORK ACCESS STEAL FROM ME”. Why? WEP is an earlier encryption method for WiFi that hackers have mastered how to crack quite easily.

5) Bluetooth Attacks: There are a variety of ways to attack a Bluetooth device that allows a hacker to takeover and steal information.

6) Bluejacking. This is the practice of sending unsolicited messages to nearby Bluetooth devices. It usually happens in crowded areas where a sender can find devices that are broadcasting their Bluetooth signal they can send messages to.

Bluesnarfing. Any unauthorized access to or theft of information from a Bluetooth connection is bluesnarfing.

Bluebugging. Allows an attacker to take over a device / phone. Attackers can listen in on phone conversations, enable call forwarding, send messages, and more.

Make sure that you put password protection on your Bluetooth device, keep you devices software up to date, and turn off your Bluetooth when not in use.

(darkwiki)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to implement user management in MySQL :

1)) What is the main function of the authorization mechanism?
The basic function of the authorization mechanism is to give a user on a host the select, insert, update, and delete permissions for a database. And its additional functions include whether to allow anonymous use of the database, using some specific functions of MysQL,

2)) How does the authorization mechanism work?
The combination of host and user is regarded as the only sign in MySQL. For example, the user lee on host 1 and host 2 are actually different, and their permissions to use MySQL can also be different. The core problem of the entire authorization mechanism is to solve the problem of granting a user who logs in from a host to use a database. You can test the authority of a user on a host for database operations through the script mysqlaccess. All authorization information is stored in the user, host and db tables of the database mysql. We can connect to this database through mysql mysql commands, and display the contents of each data table through select from user (or db, host).

3))The permissions granted in the user table are the basic authorization of the entire authorization mechanism, that is to say, the definition in user is applicable to any user + host, unless otherwise defined in the db table, therefore, for the user It is best to authorize based on a certain database. The main purpose of the host table is to maintain a list of "safe" servers. When considering the authority of a certain user/host to a certain database, we also need to study the matching search mechanism of the authorization mechanism:

4))First, we need to introduce the concept of a wildcard, which includes "% ", which means any (host, user or database), and if a record is empty, it also means any.

5))Secondly, a user's password can be encrypted in the authorization mechanism, and it must be encrypted. The encryption method is password ('password'). If the password is directly filled in, the database will be inaccessible.

ENJOY❤️👍🏻
written by
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Install ZFS Filesystem on Ubuntu :

ZFS is a file system created by Sun Microsystems. It was first shipped with Solaris but now available in other LINUX and UNIX operating systems. ZFS uses virtual storage pools known as zpools that can deal with the storage and management of a large amount of data.
Removing the ZFS storage pool

F E A T U R E S :

Let’s take a look at some of the features of ZFS file system:

> High storage capacity
> Data integrity
> Protection against data corruption
> Efficient data protection
> Date compression

🦑Installing ZFS Filesystem on Ubuntu
We will be using the command line Terminal application for the installation of the ZFS filesystem. To launch the command line Terminal, use the Ctrl+Alt+T keyboard shortcut.

Now to install the ZFS filesystem on Ubuntu, issue the following command in Terminal:

1) $ sudo apt install zfsutils-linux

2) When prompted for the password, provide the sudo password.

3) After running the above command, the system might ask for confirmation that if you want to continue the installation or not. Press y to continue; after that, the package will be installed on your system.

To verify ZFS file system installation, issue the following command in Terminal:

$ which zfs

4) Creating the ZFS storage pool
After the installation is completed, we will now create a storage pool for our drives. Here are the steps to do so:

> First, find out the names of the drives for the pool. Use the following command in Terminal to do so:

$ sudo fdisk –l

5) To create the striped pool, use the following syntax:

$ sudo zpool create <pool_name> <drive1> <drive2>
To create the mirror pool, use the following syntax:

$ sudo zpool create <pool_name> mirror <drive1> <drive2>

6) If any error occurs, try forcing the command using the -f option after the zpool create command.

In the following example, we will create the striped pool named “test” using the /dev/sdb and /dev/sdc.

$ sudo zpool create test /dev/sdb /dev/sdc

7 )To find out where the pool has been mounted, use the following command in Terminal:

$ df –h

8 )From the above command, we can see that the pool has been mounted at the /test. You can also change the mount point for the pool using the following syntax:

$ sudo zfs set mountpoint=<path> <pool_name>
For example, to set export/zfs as the new mount point, the command would be:

$ sudo zfs set mountpoint=/export/zfs test

9) Then use the following command to verify if the mount point has changed:

$ df –h | grep test

10) You can also create the directories under the storage pool. For example, to create a directory named files under the storage pool, the command would be:

$ sudo zfs create test/files

11) To view all the ZFS storage pools on the system, you can use the following command in Terminal:

$ zpool list
It lists all the pools along with their size, space usage, health, and some other information.

12) To view all the configurations and status of each device in the ZFS storage pool, use the following command in Terminal:

$ zfs status

13) If you experience some issues related to drives in the pool, you can use the events option. Issue the following command in Terminal to view events associated with a specific pool:

$ sudo zpool events pool_name –v

14) Removing the ZFS storage pool
If you no longer need the pool, you can remove it. However, note that removing the pool will also remove the files contained within it.

Use the following command syntax to remove the storage pool:

$ sudo zpool destroy pool_name
In this article, you have learned how to install the ZFS file system on Ubuntu 20.04 LTS (Focal Fossa). You have also learned how to create a storage pool in the ZFS file system and remove it when you no longer need it.

ENJOY❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Muhstik botnet aggressively attacked domestic cloud servers, thousands of servers have been lost :

>undercode detected a large number of attacks originating from overseas IP and some domestic IP against domestic cloud server tenants. The attacker blasted into the server via SSH (port 22), then executed malicious commands to download the Muhstik botnet Trojan, set up a botnet and controlled the lost server to execute SSH lateral movement, download the Monero mining Trojan, and accept remote commands to initiate DDoS attacks.

> After user authorization conducted a traceability analysis of the attack and found that the cloud servers of many well-known domestic companies were attacked by the botnet. At present, thousands of servers have been compromised, experts recommend that relevant companies take necessary measures to intercept intruders and restore systems that have been compromised.

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Updated WireSpy enables the automation of various WiFi attacks to conduct Man-In-The-Middle-Attacks (MITMAs).

> WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.

🦑Two type of attacks are supported at the moment:

1) Evil twin: Force victims to auto-connect to the honeypot by spoofing a "trusted" hotspot (clone an existing access point and de-authenticate its users to force them to transparently connect to the spoofed honeypot).

2) Honeypot: Set up a simple rogue hotspot and wait for clients to connect.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aress31/wirespy.git

2) cd wirespy

3) $ chmod +x wirespy.sh

4) $ sudo ./wirespy.sh

5) COMMANDS :
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

F E A T U R E S :

> Capture victims' traffic.

> MAC address spoofing.

> Set-up honeypot and evil twin attacks.

> Show the list of in range access points.
Wireless adapter|card|dongle power amplification.

🦑Tested by Undercode On :

- ubuntu

- undercode Linux

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TeamViewer exposes vulnerable computers that can be hacked without passwords by browsing specific web pages :

> TeamViewer officially announced that a vulnerability has recently been fixed, which may allow an attacker to quietly establish a connection with your computer and further exploit the system. Vulnerability number: CVE-2020-13699, this vulnerability affects TeamViewer versions: 8,9,10,11,12,13,14,15.

> The picture above shows the CVE-2020-13699 PoC demonstration. Using an invisible iframe code in the web page will start the TeamViewer Windows desktop client and force it to open the remote SMB share . That is to say, the attacker does not need to know the TeamViewer password. This vulnerability will The system session permission of the victim machine is automatically authenticated and obtained permission.

> Windows will perform NTLM authentication when opening the SMB share, and can forward the request (using a tool such as a responder) to execute code (or capture the
request for hash cracking).

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Repair USB disk and other removable devices via linux :
#FastTips

For our purposes, let's assume that you've already identified the problematic device / dev / sdb.

1) First, you need to make sure the drive is offline:

> sudo umount / dev / sdb


2) Now run the fsck command:

> sudo fsck / dev / sdb

3) Check the output for errors. If nothing appears, check the exit code with echo $ ?.

> There are also some flag options that we can add to enable automatic fixes.

4) Regardless, you can use -pfsck for automatic repair.

> sudo fsck -p / dev / sdb


5) Likewise, -y fixes will be applied to any detected file system corruption.

#FastTips
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

T E R M S :

🦑The DNS ( Domain Name System ) is indisputably one of the most important parts of the internet. DNS is used to translate an actual name into these IP address numbers. Each device connected to the Internet has a unique IP address that other machines use to find the device. DNS records explain the link

🦑Alexa traffic rank is determined by the web information company Alexa. Alexa internet, inc. is a California based subsidiary company of Amazone.com that provides commercial web traffic data. All Website ranking data provided by Alexa ( Amazon ) Tool. Check your Alexa rank now free our Tool Alexa rank checker.

🦑What is ROT13 Encoding
It’s a letter substitution cipher and the latter’s are or are short for rotate. we rotating well each letter in the alphabet hash a numeric position 1 to 26 a is at position 1 and b is at position2 and z is a last position 26.

🦑What is URL Encoding
URL encoding is simply just a way we can safely transfer data in the URL it is typically used inside the URL for things like URL parameter and query strings. when submitting get request or form posts request. it is simply just an encoding technique.

🦑What is base64 encoding
Base64 is a group of binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. Each Base64 digit represents exactly 6 bits of data.

base64 is a way to take any form of data to transform it into a long string of plaintext to be sent over the web.

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁'

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑RANDOM TIPS RELATED TO GNOME :
#FastTips

> GNOME has many libraries and components, but now we only need to know two of them: GTK+ and GNOME. You may have heard of TK, which is another toolkit for writing graphical interface applications using perl. TK The task is to tell X Server how to draw buttons, menus, dialog boxes, etc., and return some signals to trigger the corresponding Perl function to handle some changes.

> As an intermediary between the Perl program and X Server. GTK+ does similar work , But it turns out that it works more beautifully. It can provide all graphical elements, such as: buttons, text labels, text input, etc., using a loop waiting for events to achieve interaction.

> The GNOME library establishes an abstraction on top of GTK+ The first layer provides more advanced graphical objects, such as: main application window, about window, button panel, dialog box, color and font selection box, and provides collaboration with other GNOME environment programs (such as spelling checkers, calculators) interface.

@UNDERCODE_Testing
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Random pc hacking tips :

1) Control your computer through the "mouse hole" :

> The night was dark and the wind was high, and a black figure rushed into a computer room. Skillfully opened a computer with important data. However, the data in this computer has been encrypted. To obtain these data, an administrator account must be used. The black shadow smiled disdainfully, and used a known ordinary authority account to enter the system. With the "help" of Microsoft Windows keyboard event privilege escalation vulnerability, it is easy to obtain administrator privileges to steal data. After leaving the computer room, his figure disappeared into the boundless darkness.

　　
2) Discover new vulnerabilities

> Due to design flaws, Windows desktop applications have overflow errors when processing keyboard events sent through the keybd_event() function. Attackers can send malicious keyboard events to desktop applications running with higher authority (such as explorer.exe). Execute arbitrary code with administrator rights. This vulnerability allows an account with ordinary user rights to use administrator rights to perform arbitrary operations on the system. The systems affected..

3) ready for intrusion tools

> pulist: A process PID viewer, you can view the PID value of the current system process at the command prompt.

　　
> keybd: An overflow tool for keyboard event privilege escalation vulnerability, through which system administrator privileges can be obtained.

　　
> nc: The "Swiss Army Knife" of hacker intrusion, a powerful tool for system port monitoring.

　　
4) Invasion process

　　
> One, get the process PID value

　　
> According to the characteristics of the vulnerability, we need to obtain the process PID value of a desktop application (such as explorer.exe). In the "Task Manager" of the system, we can't see the PID value of the process, so we need to use a small tool that can view the PID value of the system process-pulist. Run "pulist.exe" in the "command prompt" to display the PID value of the current system process...

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑bs2.dll manual deletion methode :

1. Click start, choose'run'
2. Type'cmd'-You should now have a DOS-commando window open.
3. Type cd "%WinDir%\System"
4. regsvr32 /u "..\rem00001.dll "
5. regsvr32 /u "..\bs2.dll"
6. regsvr32 /u "..\bs3.dll"
7. Click start, choose'run '
8. Type'regedit '
9. Find the key
HKEY_LOCAL_MACHINE\Software \Microsoft\Windows\CurrentVersion\Run
and delete the entry'BookedSpace' (BS2 variant) or'Bsx3' (BS3 variant).
10. Reboot your computer
11. Delete the'rem00001.dll','bs2.dll' or ' bs3.dll' file in the Windows folder.
12. Click start, choose'run' 13. Type'regedit

14. delete the key

HKEY_LOCAL_MACHINE\Software\Remanent or HKEY_LOCAL_MACHINE_Software\BookedSpace


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁