β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦how can we protect the security of shared folders in the local area network? This requires the following means:
> Method 1: Record the shared file access log and check who is accessing my shared file in real time.
γγ
Sometimes, I shared a file on a Windows XP computer. Perhaps, for some reason, we need to know who is accessing this file now. For example, when we turn off the computer, the system will prompt how many users are connected to this shared folder. We need to know who the users are and how should this be achieved? In fact, this is relatively simple, we can use the built-in functions of the operating system to achieve. You can follow the steps below.
γγ
> Step 1: Open the control panel, management tools, computer management (local), system tools, and then select the shared folder. In this window, there is a "session" option. Double-click to open this option. In the window on the right, it will show which computers are accessing your computer. However, in this window, you can only see which computers are connected to your computer, and you don't know which shared files they are accessing.
> Step 2: Select "System Tools", Shared Folder, and Open File in turn. At this time, some shared resources on this computer and which computers are accessing them will be displayed in the window. At the same time, some useful information will be displayed in this window, such as which shared file was opened; when did it start to access; and how much time has been idle.
γγ
In addition, we may sometimes for certain purposes, such as employees may think that this person cannot access this file. At this point, we can right-click the session directly, and then select close session from the shortcut menu, we can prevent this user from accessing the shared file without affecting the normal access of other users.
> This feature is sometimes very useful. As we all know, the system has a maximum number of connections. Sometimes employees will reflect, why can't I ask your shared files. We saw that it turned out that the number of connections reached the upper limit. At this point, we can query how many users are currently connected to my computer in this way, and then we can disconnect some users who do not need access and allow users who need access to connect.
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦how can we protect the security of shared folders in the local area network? This requires the following means:
> Method 1: Record the shared file access log and check who is accessing my shared file in real time.
γγ
Sometimes, I shared a file on a Windows XP computer. Perhaps, for some reason, we need to know who is accessing this file now. For example, when we turn off the computer, the system will prompt how many users are connected to this shared folder. We need to know who the users are and how should this be achieved? In fact, this is relatively simple, we can use the built-in functions of the operating system to achieve. You can follow the steps below.
γγ
> Step 1: Open the control panel, management tools, computer management (local), system tools, and then select the shared folder. In this window, there is a "session" option. Double-click to open this option. In the window on the right, it will show which computers are accessing your computer. However, in this window, you can only see which computers are connected to your computer, and you don't know which shared files they are accessing.
> Step 2: Select "System Tools", Shared Folder, and Open File in turn. At this time, some shared resources on this computer and which computers are accessing them will be displayed in the window. At the same time, some useful information will be displayed in this window, such as which shared file was opened; when did it start to access; and how much time has been idle.
γγ
In addition, we may sometimes for certain purposes, such as employees may think that this person cannot access this file. At this point, we can right-click the session directly, and then select close session from the shortcut menu, we can prevent this user from accessing the shared file without affecting the normal access of other users.
> This feature is sometimes very useful. As we all know, the system has a maximum number of connections. Sometimes employees will reflect, why can't I ask your shared files. We saw that it turned out that the number of connections reached the upper limit. At this point, we can query how many users are currently connected to my computer in this way, and then we can disconnect some users who do not need access and allow users who need access to connect.
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
There is a speculation that TikTok has invited Netflix to negotiate on the sale of TikTok's US company #international
Process Memory and Memory Corruptions.pdf
1.1 MB
The prerequisite for this part of the tutorial is a basic understanding of ARM assembly (covered in the rst tutorial series βARM Assembly Basicsβ). In this chapter you will get an introduction into the memory layout of a process in a 32-bit Linux environment. After that you will learn the fundamentals of Stack and Heap related memory corruptions and how they look like in a debugger
#exploitation
#exploitation
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL NEW TERMUX PACKAGES :
x11-repo Termux repo for x11 packages pkg
install x11-repo
vnc server For graphical output pkg install tigervnc
openbox wm Openbox Window Manager pkg
install openbox obconf
xsetroot Set color background for X pkg install xorg-xsetroot
xterm X terminal pkg install xterm
xcompmgr Composite manager or desktop effects pkg install xcompmgr
xfsettingsd The settings daemon, to set themes & icons pkg install xfce4-settings
polybar Easy and fast status bar pkg install polybar libnl
st Suckless/Simple terminal pkg install st
geany Graphical text editor pkg install geany
thunar File manager (optional) pkg install thunar
pcmanfm File manager pkg install pcmanfm
rofi An application launcher pkg install rofi
feh Simple image viewer pkg install feh
neofetch System info program pkg install neofetch
git VCS, for cloning repos pkg install git
wget Command line downloader pkg
install wget
curl To transfer/get internet data pkg install curl
zsh A very good shell pkg install zsh
vim Command line text editor (! - hard to exit :D) pkg install vim
htop System monitor (optional) pkg install htop
elinks Command line web browser (optional) pkg install elinks
mutt Command line mail client (optional) pkg install mutt
mc Command line file manager (optional) pkg install mc
ranger Command line file manager (optional) pkg install ranger
cmus Command line music player (optional) pkg install cmus
cava Console-based audio visualizer (optional) pkg install cava
pulseaudio Sound system & audio server (optional) pkg install pulseaudio
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ALL NEW TERMUX PACKAGES :
x11-repo Termux repo for x11 packages pkg
install x11-repo
vnc server For graphical output pkg install tigervnc
openbox wm Openbox Window Manager pkg
install openbox obconf
xsetroot Set color background for X pkg install xorg-xsetroot
xterm X terminal pkg install xterm
xcompmgr Composite manager or desktop effects pkg install xcompmgr
xfsettingsd The settings daemon, to set themes & icons pkg install xfce4-settings
polybar Easy and fast status bar pkg install polybar libnl
st Suckless/Simple terminal pkg install st
geany Graphical text editor pkg install geany
thunar File manager (optional) pkg install thunar
pcmanfm File manager pkg install pcmanfm
rofi An application launcher pkg install rofi
feh Simple image viewer pkg install feh
neofetch System info program pkg install neofetch
git VCS, for cloning repos pkg install git
wget Command line downloader pkg
install wget
curl To transfer/get internet data pkg install curl
zsh A very good shell pkg install zsh
vim Command line text editor (! - hard to exit :D) pkg install vim
htop System monitor (optional) pkg install htop
elinks Command line web browser (optional) pkg install elinks
mutt Command line mail client (optional) pkg install mutt
mc Command line file manager (optional) pkg install mc
ranger Command line file manager (optional) pkg install ranger
cmus Command line music player (optional) pkg install cmus
cava Console-based audio visualizer (optional) pkg install cava
pulseaudio Sound system & audio server (optional) pkg install pulseaudio
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Install/Setup Powershell Empire on Kali Linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Spin up a Kali Linux
2) cd /opt
3) git clone https://github.com/EmpireProject/Empire.git
4) cd Empire
5) ./setup/install.sh
A. Hit enter to set a random server password
6) ./empire Setup/Configure HTTP listener
1. listeners
2. uselistener http A. set Name http80 B. set Host http://<IP addr of Kali Linux>:80
C. execute
D. back Create Powershell stager
7) usestager multi/launcher http80 2. execute
8) Copy Powershell output string Detonate Powershell stager
1. Spin up a Windows 10 VM and login
2. Open a Powershell prompt as Administrator
3. Copy Powershell output string and hit enter
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Install/Setup Powershell Empire on Kali Linux
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Spin up a Kali Linux
2) cd /opt
3) git clone https://github.com/EmpireProject/Empire.git
4) cd Empire
5) ./setup/install.sh
A. Hit enter to set a random server password
6) ./empire Setup/Configure HTTP listener
1. listeners
2. uselistener http A. set Name http80 B. set Host http://<IP addr of Kali Linux>:80
C. execute
D. back Create Powershell stager
7) usestager multi/launcher http80 2. execute
8) Copy Powershell output string Detonate Powershell stager
1. Spin up a Windows 10 VM and login
2. Open a Powershell prompt as Administrator
3. Copy Powershell output string and hit enter
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - EmpireProject/Empire: Empire is a PowerShell and Python post-exploitation agent.
Empire is a PowerShell and Python post-exploitation agent. - EmpireProject/Empire
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST SITES FOR PREMIUM PROXIES 2020 :
https://us.norton.com/internetsecurity-emerging-threats-what-to-do-about-krack-vulnerability.html
https://www.namogoo.com/customer-hijacking-prevention/wifi-router-hacked-impact-ecommerce/
http://adios-hola.org/
http://buyproxies.org/
https://instantproxies.com/
https://www.proxyfish.com/
https://proxyvoxy.com/?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY
https://www.hidemyass.com/en-gb/index
https://www.tunnelbear.com/
https://www.openproxy.co/
https://www.xroxy.com/
https://tuxler.com/
https://generatepress.com
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST SITES FOR PREMIUM PROXIES 2020 :
https://us.norton.com/internetsecurity-emerging-threats-what-to-do-about-krack-vulnerability.html
https://www.namogoo.com/customer-hijacking-prevention/wifi-router-hacked-impact-ecommerce/
http://adios-hola.org/
http://buyproxies.org/
https://instantproxies.com/
https://www.proxyfish.com/
https://proxyvoxy.com/?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY
https://www.hidemyass.com/en-gb/index
https://www.tunnelbear.com/
https://www.openproxy.co/
https://www.xroxy.com/
https://tuxler.com/
https://generatepress.com
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Norton
What you need to do about the WPA2 Wi-Fi network vulnerability
It may take some time for the manufacturer of your devices to come up with a security patch for this. In the meantime, there are extra steps you can take to help secure your devices.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦updated 2020 HACKING TOOL (TERMUX/LINUX)
DNSRecon is a Python port of a Ruby script that I wrote to learn the language and about DNS in early . This time I wanted to learn about Python and extend the functionality of the original tool and in the process re-learn how DNS works and how could it be used in the process of a security assessment and network troubleshooting.
π¦F E A T U R E S :
-Check all NS Records for Zone Transfers.
-Enumerate General DNS Records for a given
-Domain (MX, SOA, NS, A, AAAA, SPF and TXT).
-Perform common SRV Record Enumeration.
-Top Level Domain (TLD) Expansion.
-Check for Wildcard Resolution.
-Brute Force subdomain and host A and AAAA
-records given a domain and a wordlist.
-Perform a PTR Record lookup for a given IP Range or CIDR.
-Check a DNS Server Cached records for A, AAAA and
-CNAME Records provided a list of host records in a text file to check.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ Ubuntu / Debian / Backtrack
Installation instructions for Ubuntu 10.10 they should work with little to no modification on previous versions. Install needed packages, for Backtrack you only need to install git-core:
1) $ sudo apt-get install libavahi-compat-libdnssd1 git-core
2) $ sudo apt-get install python-setuptools
Once those packages are installed we will install the supporting libraries for python to be able to run the script:
3) $ sudo easyinstall netaddr
4) $ sudo easyinstall dnspython
5) Navigate to the folder you want to install the DNSRecon script and run the following command to download the script and files:
$ git clone git://github.com/darkoperator/dnsrecon.git
6) To keep the script and associated files updated just navigate into the dnsrecon folder and run:
$ git pull
FOR CENTOS : https://github.com/darkoperator/dnsrecon/wiki/Installation-Instructions
β git topic 2020
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦updated 2020 HACKING TOOL (TERMUX/LINUX)
DNSRecon is a Python port of a Ruby script that I wrote to learn the language and about DNS in early . This time I wanted to learn about Python and extend the functionality of the original tool and in the process re-learn how DNS works and how could it be used in the process of a security assessment and network troubleshooting.
π¦F E A T U R E S :
-Check all NS Records for Zone Transfers.
-Enumerate General DNS Records for a given
-Domain (MX, SOA, NS, A, AAAA, SPF and TXT).
-Perform common SRV Record Enumeration.
-Top Level Domain (TLD) Expansion.
-Check for Wildcard Resolution.
-Brute Force subdomain and host A and AAAA
-records given a domain and a wordlist.
-Perform a PTR Record lookup for a given IP Range or CIDR.
-Check a DNS Server Cached records for A, AAAA and
-CNAME Records provided a list of host records in a text file to check.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ Ubuntu / Debian / Backtrack
Installation instructions for Ubuntu 10.10 they should work with little to no modification on previous versions. Install needed packages, for Backtrack you only need to install git-core:
1) $ sudo apt-get install libavahi-compat-libdnssd1 git-core
2) $ sudo apt-get install python-setuptools
Once those packages are installed we will install the supporting libraries for python to be able to run the script:
3) $ sudo easyinstall netaddr
4) $ sudo easyinstall dnspython
5) Navigate to the folder you want to install the DNSRecon script and run the following command to download the script and files:
$ git clone git://github.com/darkoperator/dnsrecon.git
6) To keep the script and associated files updated just navigate into the dnsrecon folder and run:
$ git pull
FOR CENTOS : https://github.com/darkoperator/dnsrecon/wiki/Installation-Instructions
β git topic 2020
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Updated list Twitter Followers apps
& tools 2020
https://mytoptweet.com
http://www.socialbro.com/
http://crowdriff.com/riffle/
http://www.twitonomy.com/
https://klout.com/#/overview
http://sumall.com
https://www.socialrank.com/
http://klear.com/
http://bluenod.com/
http://analytics.twitter.com/
http://www.socialbearing.com/
https://itunes.apple.com/us/app/stats-for-twitter/id984958311?ref=producthunt
https://buffer.com/library/best-twitter-tips/
http://www.beatstrap.me/
http://www.tweetchat.com/
http://chatsalad.com/
http://twubs.com/twitter-chats
http://nurph.com/
http://twchat.com/
http://nuzzel.com/
http://buzzsumo.com/
http://www.swayy.co/#content
https://buffer.com/library/shareable-content-newsletters-and-tools/
http://twipho.net/
http://blog.digg.com/post/91454524841/digg-deeper
http://www.news.me/
http://latest.is/
http://twurly.org/
https://filta.io/
http://thehash.today/?ref=producthunt
http://www.brookdaily.com/
https://www.crowdfireapp.com/
http://manageflitter.com/
http://www.tweepi.com/
https://unfollowers.com/
http://doesfollow.com/
https://buffer.com/library/the-skrillex-way-of-content-ebbs-and-flows-build-and-drop/
https://commun.it/quick_actions
http://tuns.it/?ref=producthunt
http://twindr.me/?ref=producthunt
https://toolset.co
http://www.linkreaser.com/
http://followfly.co/
https://ritetag.com/
https://buffer.com/library/a-scientific-guide-to-hashtags-which-ones-work-when-and-how-many/
http://hashtagify.me/
http://seen.co/
https://tagboard.com/
https://buffer.com/pablo
http://www.tryspruce.com/?ref=producthunt
http://www.twitshot.com/?ref=producthunt
https://shareasimage.com/
http://getfinch.es/
https://warble.co/
http://keyhole.co/
http://onemilliontweetmap.com/
https://www.twilert.com/
https://en.mention.com/
http://mentionmapp.com/
http://twazzup.com/
http://bufferapp.com
http://hootsuite.com
http://sproutsocial.com
http://tweet4.me/
https://t.co/wIhlmwNgGG
http://www.tweriod.com/
http://trends24.in/
http://trendsmap.com/
http://itrended.com
https://tweetdeck.twitter.com/
https://sites.google.com/site/yorufukurou/home-en
http://kottke.org/14/07/the-last-of-the-great-twitter-apps
β 2020
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Updated list Twitter Followers apps
& tools 2020
https://mytoptweet.com
http://www.socialbro.com/
http://crowdriff.com/riffle/
http://www.twitonomy.com/
https://klout.com/#/overview
http://sumall.com
https://www.socialrank.com/
http://klear.com/
http://bluenod.com/
http://analytics.twitter.com/
http://www.socialbearing.com/
https://itunes.apple.com/us/app/stats-for-twitter/id984958311?ref=producthunt
https://buffer.com/library/best-twitter-tips/
http://www.beatstrap.me/
http://www.tweetchat.com/
http://chatsalad.com/
http://twubs.com/twitter-chats
http://nurph.com/
http://twchat.com/
http://nuzzel.com/
http://buzzsumo.com/
http://www.swayy.co/#content
https://buffer.com/library/shareable-content-newsletters-and-tools/
http://twipho.net/
http://blog.digg.com/post/91454524841/digg-deeper
http://www.news.me/
http://latest.is/
http://twurly.org/
https://filta.io/
http://thehash.today/?ref=producthunt
http://www.brookdaily.com/
https://www.crowdfireapp.com/
http://manageflitter.com/
http://www.tweepi.com/
https://unfollowers.com/
http://doesfollow.com/
https://buffer.com/library/the-skrillex-way-of-content-ebbs-and-flows-build-and-drop/
https://commun.it/quick_actions
http://tuns.it/?ref=producthunt
http://twindr.me/?ref=producthunt
https://toolset.co
http://www.linkreaser.com/
http://followfly.co/
https://ritetag.com/
https://buffer.com/library/a-scientific-guide-to-hashtags-which-ones-work-when-and-how-many/
http://hashtagify.me/
http://seen.co/
https://tagboard.com/
https://buffer.com/pablo
http://www.tryspruce.com/?ref=producthunt
http://www.twitshot.com/?ref=producthunt
https://shareasimage.com/
http://getfinch.es/
https://warble.co/
http://keyhole.co/
http://onemilliontweetmap.com/
https://www.twilert.com/
https://en.mention.com/
http://mentionmapp.com/
http://twazzup.com/
http://bufferapp.com
http://hootsuite.com
http://sproutsocial.com
http://tweet4.me/
https://t.co/wIhlmwNgGG
http://www.tweriod.com/
http://trends24.in/
http://trendsmap.com/
http://itrended.com
https://tweetdeck.twitter.com/
https://sites.google.com/site/yorufukurou/home-en
http://kottke.org/14/07/the-last-of-the-great-twitter-apps
β 2020
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Audiense
Audiense - Audience Intelligence and X Marketing
Put consumer segmentation and cultural insights at the centre of your strategy
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦another methode #forbeginers how can we protect the security of shared folders in the local area network? This requires the following means:
When setting access permissions for shared folders, set important shared files as read-only.
1) Most of the time, users only need to view or copy the shared file, and often do not directly modify the shared folder. However, for convenience, some employees directly share a folder and file in a readable and writable manner. This is very dangerous.
2) On the one hand, these unrestricted shared file homes and shared files have become carriers of virus transmission. During my work, I discovered that some users do not have permission restrictions when sharing files. After some time, I went to look at the shared file again, and found that there were traces of viruses or Trojan horses in some shared files or shared folders.
3) It turns out that because this shared folder has write permissions, how other users open this file, if there is a virus or Trojan horse in this computer, it will be infected to this shared folder. In this way, other computers that access this shared folder are also caught. It can be seen that the shared folders without protection measures and the shared files inside have become a good carrier for virus transmission.
4) On the other hand, when the data is changed illegally, it is difficult to find out who is playing the prank. Although the relevant log information can be used to query who has accessed the shared file and whether any changes have been made. However, based on this information alone, it is impossible to know what changes the user made to this shared folder.
5) Sometimes, when we open a shared file, we accidentally press a space bar or a character key, accidentally overwrite a word, etc. These situations are often encountered in actual work. Sometimes, even if he finds the responsible person, he doesn't know what has been changed. Therefore, when the shared file is set to be writable, it is difficult to prevent employees from changing it intentionally or unintentionally.
6) Third, if files are shared in a writable way, the unity of data may not be guaranteed. For example, the personnel department has shared an attendance file in a readable and writable manner. At this time, if the financial department modifies this document, the personnel department does not know. Because the financial staff may forget to tell the personnel department, at this time, the data between the two departments will be inconsistent, which may cause some unnecessary troubles.
>Moreover, since there is no relevant evidence, no one can tell who is right and who is wrong.
7) In order to solve these problems, I suggest that corporate users, when sharing folders, it is best to set the permissions of the folder to read-only. If this shared folder sometimes needs to save files in this folder by other users, it cannot be set as read-only. Then we can also set the files in the shared folder as read-only.
> In this case, because the folders are read-only, viruses and Trojan horses cannot infect these folders, thereby avoiding being a source of contamination for spreading viruses; moreover, it can also prevent unauthorized changes by users, which may lead to inconsistent data. and many more.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦another methode #forbeginers how can we protect the security of shared folders in the local area network? This requires the following means:
When setting access permissions for shared folders, set important shared files as read-only.
1) Most of the time, users only need to view or copy the shared file, and often do not directly modify the shared folder. However, for convenience, some employees directly share a folder and file in a readable and writable manner. This is very dangerous.
2) On the one hand, these unrestricted shared file homes and shared files have become carriers of virus transmission. During my work, I discovered that some users do not have permission restrictions when sharing files. After some time, I went to look at the shared file again, and found that there were traces of viruses or Trojan horses in some shared files or shared folders.
3) It turns out that because this shared folder has write permissions, how other users open this file, if there is a virus or Trojan horse in this computer, it will be infected to this shared folder. In this way, other computers that access this shared folder are also caught. It can be seen that the shared folders without protection measures and the shared files inside have become a good carrier for virus transmission.
4) On the other hand, when the data is changed illegally, it is difficult to find out who is playing the prank. Although the relevant log information can be used to query who has accessed the shared file and whether any changes have been made. However, based on this information alone, it is impossible to know what changes the user made to this shared folder.
5) Sometimes, when we open a shared file, we accidentally press a space bar or a character key, accidentally overwrite a word, etc. These situations are often encountered in actual work. Sometimes, even if he finds the responsible person, he doesn't know what has been changed. Therefore, when the shared file is set to be writable, it is difficult to prevent employees from changing it intentionally or unintentionally.
6) Third, if files are shared in a writable way, the unity of data may not be guaranteed. For example, the personnel department has shared an attendance file in a readable and writable manner. At this time, if the financial department modifies this document, the personnel department does not know. Because the financial staff may forget to tell the personnel department, at this time, the data between the two departments will be inconsistent, which may cause some unnecessary troubles.
>Moreover, since there is no relevant evidence, no one can tell who is right and who is wrong.
7) In order to solve these problems, I suggest that corporate users, when sharing folders, it is best to set the permissions of the folder to read-only. If this shared folder sometimes needs to save files in this folder by other users, it cannot be set as read-only. Then we can also set the files in the shared folder as read-only.
> In this case, because the folders are read-only, viruses and Trojan horses cannot infect these folders, thereby avoiding being a source of contamination for spreading viruses; moreover, it can also prevent unauthorized changes by users, which may lead to inconsistent data. and many more.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Hefei Changxin is scheduled to become the fourth biggest 17 nm memory DRAM factory in the world next year
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 powerfull multi tools :
F E A T U R E S :
WHOIS
DNSWALK
FIERCE
DNSRecon
DNSenum
NMAP
DMitry
theHarvester
LBD
SSLScan
SSLYze
WhatWeb
Automater
Grabber
Parsero
Uniscan
Metagoofil
A2SV
WPScan
Droopescan
WPSeku
XssPy
Spaghetti
sublist3r
WAFW00F
nslookup
nslookup
dirsearch
OWASP Joomscan
Spaghetti
Globuster
Grabber
OTHER TOOLS
Pureblood
Wapiti
Lscript
Trity
RED_HAWK
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/penetrate2hack/ITWSV.git
2) cd ITWSV
3) chmod +x start.sh
4) chmod +x update.sh (only if required)
5) ./start.sh
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 powerfull multi tools :
F E A T U R E S :
WHOIS
DNSWALK
FIERCE
DNSRecon
DNSenum
NMAP
DMitry
theHarvester
LBD
SSLScan
SSLYze
WhatWeb
Automater
Grabber
Parsero
Uniscan
Metagoofil
A2SV
WPScan
Droopescan
WPSeku
XssPy
Spaghetti
sublist3r
WAFW00F
nslookup
nslookup
dirsearch
OWASP Joomscan
Spaghetti
Globuster
Grabber
OTHER TOOLS
Pureblood
Wapiti
Lscript
Trity
RED_HAWK
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/penetrate2hack/ITWSV.git
2) cd ITWSV
3) chmod +x start.sh
4) chmod +x update.sh (only if required)
5) ./start.sh
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - penetrate2hack/ITWSV: ITWSV- Integrated Tool for Web Security Vulnerability
ITWSV- Integrated Tool for Web Security Vulnerability - penetrate2hack/ITWSV
What is mad-metasploit, db_autopwn.pdf
1.8 MB
mad-metasploit is my project related to metasploit framework To sum upβ¦
"Metasploit custom modules, plugins, resource script and.. awesome metasploit collection"
and db_autopwn is automation exploit plugin on metasploit-framework. but it is deprecated.. :(
I keeping db_autopwn source code on my github repo, and added to mad-metasploit project! Now, letβs use Mad-Metasploit to launch an automated attac
"Metasploit custom modules, plugins, resource script and.. awesome metasploit collection"
and db_autopwn is automation exploit plugin on metasploit-framework. but it is deprecated.. :(
I keeping db_autopwn source code on my github repo, and added to mad-metasploit project! Now, letβs use Mad-Metasploit to launch an automated attac
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How iPhone and Mac will also be hacked. An iMessage password may be stolen ?
Get infected
as long as you receive a message
1) The so-called identity credential information specifically includes WiFi passwords, login credentials, and email login information. The scope of the vulnerability is relatively wide, including most of Apple's operating systems, including macOS (that is, OS X), watchOS, tvOS, watchOS, and iOS. So iPhone, iPod touch, Apple Watch, Apple TV, Mac device users need to pay attention.
2) The vulnerability was reported by Tyler Bohan, a senior researcher at Cisco Talos, but Bohan did not disclose the details of the vulnerability, and our knowledge is relatively limited.
3) The high-risk vulnerability exists in ImageIO-ImageIO is actually an API of these operating systems. The attacker can construct a TIFF file (an image file format)-which contains malicious code exploiting the vulnerability, and then send this image to Apple users in the form of MMS or iMessage.
4) After receiving the message, the Apple user was recruited. This process does not require any interaction by the user , because the system will automatically process the received pictures. Specifically, what can be done to exploit this vulnerability, as described above, is to obtain stored identity credential information from the device memory. From the perspective of not requiring user interaction, the vulnerability is indeed a high-risk level. Bohan called it a "very dangerous bug".
5) In addition to sending messages, the vulnerability can also be used to build web pages containing malicious code. Apple users can use Safari to browse the web pages to leak identity credentials. This process does not require users to perform any operations on the web pages.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How iPhone and Mac will also be hacked. An iMessage password may be stolen ?
Get infected
as long as you receive a message
1) The so-called identity credential information specifically includes WiFi passwords, login credentials, and email login information. The scope of the vulnerability is relatively wide, including most of Apple's operating systems, including macOS (that is, OS X), watchOS, tvOS, watchOS, and iOS. So iPhone, iPod touch, Apple Watch, Apple TV, Mac device users need to pay attention.
2) The vulnerability was reported by Tyler Bohan, a senior researcher at Cisco Talos, but Bohan did not disclose the details of the vulnerability, and our knowledge is relatively limited.
3) The high-risk vulnerability exists in ImageIO-ImageIO is actually an API of these operating systems. The attacker can construct a TIFF file (an image file format)-which contains malicious code exploiting the vulnerability, and then send this image to Apple users in the form of MMS or iMessage.
4) After receiving the message, the Apple user was recruited. This process does not require any interaction by the user , because the system will automatically process the received pictures. Specifically, what can be done to exploit this vulnerability, as described above, is to obtain stored identity credential information from the device memory. From the perspective of not requiring user interaction, the vulnerability is indeed a high-risk level. Bohan called it a "very dangerous bug".
5) In addition to sending messages, the vulnerability can also be used to build web pages containing malicious code. Apple users can use Safari to browse the web pages to leak identity credentials. This process does not require users to perform any operations on the web pages.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β