β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Share several IDS open source systems :
Prelude IDS
From the perspective of design, it is positioned to meet the needs of large-scale networks, and realizes network detectors, log analyzers, and alarm information centralized viewing and analysis tools. The network detector part is basically a copy of Snort's functions and is fully compatible with Snort's rule set. ( http://www.prelude-ids.org/ )
Firestorm
It is a very high-performance network intrusion detection system (NIDS). Currently it only implements the detector part and is fully compatible with Snort's rule set, but plans include real support for analysis, reporting, remote console and real-time sensor configuration. It is fully pluggable, so it is very flexible. It can record alarm information to the Prelude IDS manager. It claims to be much better than Snort in performance. http://www.scaramanga.co.uk/firestorm/
NetSTAT
Based on the research results of STAT (State Transition Analysis Technique) describing the attack, using the unique STATL language to describe the attack, the attack description text is converted into C++ code by the STATL interpretation tool and compiled into the detection engine to realize the detection function. It has been released. STATL language interpretation conversion tool and a basic example network detector part (a few examples of detection functions). To be proficient in using this IDS tool requires relatively strong programming skills, but with this IDS, very complex detection functions can be achieved.
http://www.cs.ucsb.edu/~rsg/STAT/
Bro
It is a real-time network intrusion detection software implemented by Vern Paxson. It was released in 1998 under the BSD license. Its original design goal was to achieve a real-time alarm, separation of mechanism and strategy, and highly scalable intrusion detection and network under a 100M network. Monitor the audit system.
https://www.bro.org/
Suricata
It is a system that supports IDS, IPS and NSM. The system has a Snort-like architecture and relies on signatures like Snort. It can even use the same Emerging Threat rule set used by VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. https://suricata-ids.org/
OSSEC
OSSEC open source security information management system (OPEN SOURCE SECURITY INFORMATION MANAGEMENT) is an open source host-based intrusion detection system, which can be referred to as HIDS for short. It has log analysis, file integrity check, policy monitoring, rootkit detection, real-time alarm and linkage response functions. https://ossec.github.io/
enjoyβ€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Share several IDS open source systems :
Prelude IDS
From the perspective of design, it is positioned to meet the needs of large-scale networks, and realizes network detectors, log analyzers, and alarm information centralized viewing and analysis tools. The network detector part is basically a copy of Snort's functions and is fully compatible with Snort's rule set. ( http://www.prelude-ids.org/ )
Firestorm
It is a very high-performance network intrusion detection system (NIDS). Currently it only implements the detector part and is fully compatible with Snort's rule set, but plans include real support for analysis, reporting, remote console and real-time sensor configuration. It is fully pluggable, so it is very flexible. It can record alarm information to the Prelude IDS manager. It claims to be much better than Snort in performance. http://www.scaramanga.co.uk/firestorm/
NetSTAT
Based on the research results of STAT (State Transition Analysis Technique) describing the attack, using the unique STATL language to describe the attack, the attack description text is converted into C++ code by the STATL interpretation tool and compiled into the detection engine to realize the detection function. It has been released. STATL language interpretation conversion tool and a basic example network detector part (a few examples of detection functions). To be proficient in using this IDS tool requires relatively strong programming skills, but with this IDS, very complex detection functions can be achieved.
http://www.cs.ucsb.edu/~rsg/STAT/
Bro
It is a real-time network intrusion detection software implemented by Vern Paxson. It was released in 1998 under the BSD license. Its original design goal was to achieve a real-time alarm, separation of mechanism and strategy, and highly scalable intrusion detection and network under a 100M network. Monitor the audit system.
https://www.bro.org/
Suricata
It is a system that supports IDS, IPS and NSM. The system has a Snort-like architecture and relies on signatures like Snort. It can even use the same Emerging Threat rule set used by VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. https://suricata-ids.org/
OSSEC
OSSEC open source security information management system (OPEN SOURCE SECURITY INFORMATION MANAGEMENT) is an open source host-based intrusion detection system, which can be referred to as HIDS for short. It has log analysis, file integrity check, policy monitoring, rootkit detection, real-time alarm and linkage response functions. https://ossec.github.io/
enjoyβ€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦small linux helpful tools :
1)
sudo apt-get install screenfetch
sudo apt-get install neofetch
2) sudo apt-get install sl
3)
sudo apt-get install yes
4)
sudo apt-get install rev
5)
sudo apt-get install fortune
6)
sudo apt-get install figlet
7)
sudo apt-get install toilet
8)
sudo apt-get install cowsay
9)
sudo apt-get install xcowsay
10)
sudo apt-get install cmatrix
11)
sudo apt-get install oneko
12)
sudo apt-get install lolcat
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦small linux helpful tools :
1)
sudo apt-get install screenfetch
sudo apt-get install neofetch
2) sudo apt-get install sl
3)
sudo apt-get install yes
4)
sudo apt-get install rev
5)
sudo apt-get install fortune
6)
sudo apt-get install figlet
7)
sudo apt-get install toilet
8)
sudo apt-get install cowsay
9)
sudo apt-get install xcowsay
10)
sudo apt-get install cmatrix
11)
sudo apt-get install oneko
12)
sudo apt-get install lolcat
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
PrivEsc_ DLL Hijacking.pdf
377 KB
The way that Windows loads DLLs then, is to search the following directories in this order:
β The directory from which the application loaded β C:\Windows\System32 β C:\Windows\System β C:\Windows β The current working directory β Directories in the system PATH environment variable β Directories in the user PATH environment variable
β The directory from which the application loaded β C:\Windows\System32 β C:\Windows\System β C:\Windows β The current working directory β Directories in the system PATH environment variable β Directories in the user PATH environment variable
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Google chrome another 2020 plugins collection :
#Adblock Plus
https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?utm_source=chrome-app-launcher-info-dialog
#Proxy SwitchyOmega
https://chrome.google.com/webstore/detail/proxy-switchyomega/padekgcemlokbadohgkifijomclgjgif?utm_source=chrome-app-launcher-info-dialog
#Tampermonkey
https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?utm_source=chrome-app-launcher-info-dialog
#
https://greasyfork.org/zh-CN/scripts/24508-userscript-show-site-all-userjs
#
https://chrome.google.com/webstore/detail/%E5%B7%A5%E5%85%B7%E5%96%B5/coppgeobilocdhiclhgmadabblhfjgpm?utm_source=chrome-app-launcher-info-dialog
#XSS
https://chrome.google.com/webstore/detail/xss%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7/focmpdmaogbbmkdcdnofaifpkmcbmfdp?utm_source=chrome-app-launcher-info-dialog
#XssSniper
https://chrome.google.com/webstore/detail/xsssniper/pnhekakhikkhloodcedfcmfpjddcagpi?utm_source=chrome-app-launcher-info-dialog
#OneTab
https://chrome.google.com/webstorehttps://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog/detail/onetab/chphlpgkkbolifaimnlloiipkdnihall?utm_source=chrome-app-launcher-info-dialog
#Hack Tab Web Security Tests
https://chrome.google.com/webstore/detail/hack-tab-web-security-tes/nipgnhajbnocidffkedmkbclbihbalag?utm_source=chrome-app-launcher-info-dialog
#Dark Mode
https://chrome.google.com/webstore/detail/dark-mode/dmghijelimhndkbmpgbldicpogfkceaj?utm_source=chrome-app-launcher-info-dialog
#Cookie Hacker
https://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog
#Chameleon
https://chrome.google.com/webstore/detail/chameleon/dmpojjilddefgnhiicjcmhbkjgbbclob?utm_source=chrome-app-launcher-info-dialog
#GNOME Shell integration
https://chrome.google.com/webstore/detail/gnome-shell-integration/gphhapmejobijbbhgpjhcjognlahblep?utm_source=chrome-app-launcher-info-dialog
#TeamViewer
https://chrome.google.com/webstore/detail/teamviewer/oooiobdokpcfdlahlmcddobejikcmkfo?utm_source=chrome-app-launcher-info-dialog
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Google chrome another 2020 plugins collection :
#Adblock Plus
https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?utm_source=chrome-app-launcher-info-dialog
#Proxy SwitchyOmega
https://chrome.google.com/webstore/detail/proxy-switchyomega/padekgcemlokbadohgkifijomclgjgif?utm_source=chrome-app-launcher-info-dialog
#Tampermonkey
https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?utm_source=chrome-app-launcher-info-dialog
#
https://greasyfork.org/zh-CN/scripts/24508-userscript-show-site-all-userjs
#
https://chrome.google.com/webstore/detail/%E5%B7%A5%E5%85%B7%E5%96%B5/coppgeobilocdhiclhgmadabblhfjgpm?utm_source=chrome-app-launcher-info-dialog
#XSS
https://chrome.google.com/webstore/detail/xss%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7/focmpdmaogbbmkdcdnofaifpkmcbmfdp?utm_source=chrome-app-launcher-info-dialog
#XssSniper
https://chrome.google.com/webstore/detail/xsssniper/pnhekakhikkhloodcedfcmfpjddcagpi?utm_source=chrome-app-launcher-info-dialog
#OneTab
https://chrome.google.com/webstorehttps://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog/detail/onetab/chphlpgkkbolifaimnlloiipkdnihall?utm_source=chrome-app-launcher-info-dialog
#Hack Tab Web Security Tests
https://chrome.google.com/webstore/detail/hack-tab-web-security-tes/nipgnhajbnocidffkedmkbclbihbalag?utm_source=chrome-app-launcher-info-dialog
#Dark Mode
https://chrome.google.com/webstore/detail/dark-mode/dmghijelimhndkbmpgbldicpogfkceaj?utm_source=chrome-app-launcher-info-dialog
#Cookie Hacker
https://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog
#Chameleon
https://chrome.google.com/webstore/detail/chameleon/dmpojjilddefgnhiicjcmhbkjgbbclob?utm_source=chrome-app-launcher-info-dialog
#GNOME Shell integration
https://chrome.google.com/webstore/detail/gnome-shell-integration/gphhapmejobijbbhgpjhcjognlahblep?utm_source=chrome-app-launcher-info-dialog
#TeamViewer
https://chrome.google.com/webstore/detail/teamviewer/oooiobdokpcfdlahlmcddobejikcmkfo?utm_source=chrome-app-launcher-info-dialog
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google
Adblock Plus - free ad blocker - Chrome Web Store
Remove ads on YouTube and everywhere else you browse.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The scanner attempts to overcome the tuner's frequency response by averaging scans from both the positive and negative frequency offsets of the baseband data.
Tested on:
-Windows 7 (x86 and x64)
-Ubuntu 12.04 (x86), 12.10 (x64), 13.04 (x64) and 14.04 (x64)
-OS X Snow Leopard (10.6) and Mountain Lion (10.8)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Press CTRLALTT to open a command window and run the following command to install the libraries:
sudo apt-get install python python-wxgtk3.0 rtl-sdr
Install the software using:
sudo pip install -U rtlsdrscanner
Now you should be able to run the program:
python -m rtlsdrscanner
B) MORE INSTALL & WINDOWS USERS
> https://eartoearoak.com/software/rtlsdr-driver-installation/
β VERIFIED
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The scanner attempts to overcome the tuner's frequency response by averaging scans from both the positive and negative frequency offsets of the baseband data.
Tested on:
-Windows 7 (x86 and x64)
-Ubuntu 12.04 (x86), 12.10 (x64), 13.04 (x64) and 14.04 (x64)
-OS X Snow Leopard (10.6) and Mountain Lion (10.8)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Press CTRLALTT to open a command window and run the following command to install the libraries:
sudo apt-get install python python-wxgtk3.0 rtl-sdr
Install the software using:
sudo pip install -U rtlsdrscanner
Now you should be able to run the program:
python -m rtlsdrscanner
B) MORE INSTALL & WINDOWS USERS
> https://eartoearoak.com/software/rtlsdr-driver-installation/
β VERIFIED
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME HACKING RESOURCES :
Security Hardening CentO 7
https://highon.coffee/blog/security-harden-centos-7/
MetaSploit Cheatsheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
Google Hacking Database:
https://www.exploit-db.com/google-hacking-database/
Windows Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=6
Linux Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=5
Metasploit Cheat Sheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
A bit dated but most is still relevant
http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html
NetCat
http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf
http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf
http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf
http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html
http://h.ackack.net/cheat-sheets/netcat
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME HACKING RESOURCES :
Security Hardening CentO 7
https://highon.coffee/blog/security-harden-centos-7/
MetaSploit Cheatsheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
Google Hacking Database:
https://www.exploit-db.com/google-hacking-database/
Windows Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=6
Linux Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=5
Metasploit Cheat Sheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
A bit dated but most is still relevant
http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html
NetCat
http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf
http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf
http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf
http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html
http://h.ackack.net/cheat-sheets/netcat
Verified β
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
www.sans.org
Cyber Security Resources | SANS Institute
A collection of cybersecurity resources along with helpful links to SANS websites, web content and free cybersecurity resources.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MinGW and MSYS
While Cygwin's goal is to make it possible to build unmodified applications on Windows at the cost of external dependencies, MinGW + MSYS's goal is to produce applications without external dependencies.
MinGW and MSYS are independent packages, but they are often confused and confused with each other (and often confused with Cygwin as well). We can say that MinGW is the equivalent of GCC and binutils, and MSYS is the extended equivalent of coreutils.
Let's start with MSYS. MSYS is a more βnativeβ and lightweight alternative to Cygwin. This package includes a library with POSIX function implementations, but it is intended for internal use and the authors strongly discourage linking their applications with it.
The MSYS library does not implement UNIX on top of Windows, but follows Windows conventions β for example, it deliberately ignores the case of letters in file paths. The main purpose of MSYS is to provide the necessary programs for build scripts like the Bourne shell, make, and so on, which is usually required for autotools.
MinGW contains versions of GCC and binutils (as assembler, ld linker, and so on) that produce Windows executables in PE / COFF format. This is where we come to a key point: MinGW, like all other parts of the GNU toolchain, is also a platform independent project.
Cross-compiling in the GNU toolchain has long been common, and in GCC the target platform and host are independent of each other. You can run GCC on Linux for x86 and build Linux programs on ARM, or vice versa. It's not just the working and target architectures of a processor that don't have to match. In the same way, even the OS and the format of the executable file do not have to match.
We put MinGW
The authors of many GNU / Linux distributions have already done their best for us, so many cross-versions of GCC, including MinGW, can be downloaded from the repositories.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) For example, on Fedora:
$ sudo dnf install mingw32-gcc
$ sudo dnf install mingw64-gcc
2) Or on Debian:
$ sudo apt-get install gcc-mingw-w64-i686
$ sudo apt-get install gcc-mingw-w64-x86-64
If you are using MacOS, the MinGW can be supplied from the Homebrew : brew install mingw-w64.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MinGW and MSYS
While Cygwin's goal is to make it possible to build unmodified applications on Windows at the cost of external dependencies, MinGW + MSYS's goal is to produce applications without external dependencies.
MinGW and MSYS are independent packages, but they are often confused and confused with each other (and often confused with Cygwin as well). We can say that MinGW is the equivalent of GCC and binutils, and MSYS is the extended equivalent of coreutils.
Let's start with MSYS. MSYS is a more βnativeβ and lightweight alternative to Cygwin. This package includes a library with POSIX function implementations, but it is intended for internal use and the authors strongly discourage linking their applications with it.
The MSYS library does not implement UNIX on top of Windows, but follows Windows conventions β for example, it deliberately ignores the case of letters in file paths. The main purpose of MSYS is to provide the necessary programs for build scripts like the Bourne shell, make, and so on, which is usually required for autotools.
MinGW contains versions of GCC and binutils (as assembler, ld linker, and so on) that produce Windows executables in PE / COFF format. This is where we come to a key point: MinGW, like all other parts of the GNU toolchain, is also a platform independent project.
Cross-compiling in the GNU toolchain has long been common, and in GCC the target platform and host are independent of each other. You can run GCC on Linux for x86 and build Linux programs on ARM, or vice versa. It's not just the working and target architectures of a processor that don't have to match. In the same way, even the OS and the format of the executable file do not have to match.
We put MinGW
The authors of many GNU / Linux distributions have already done their best for us, so many cross-versions of GCC, including MinGW, can be downloaded from the repositories.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) For example, on Fedora:
$ sudo dnf install mingw32-gcc
$ sudo dnf install mingw64-gcc
2) Or on Debian:
$ sudo apt-get install gcc-mingw-w64-i686
$ sudo apt-get install gcc-mingw-w64-x86-64
If you are using MacOS, the MinGW can be supplied from the Homebrew : brew install mingw-w64.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦FULL MITM IN ANY DEBIAN BASE OS (KLAI/PARROT)
The method weβre going to use will employ Kali Linux, so itβll help to have a certain degree of familiarity with Kali before we start.
1) To start with our attacks, the following are crucial prerequisites:
the network interface installed on our machine
and the IP of the WiFi router that our Victim uses.
View the network interface configuration
Run the following command in the terminal to find out the name of the network interface that youβre using:
$ sudo ifconfig
2) You will be displayed a long list of network interfaces, out of which you have to choose one and note it down somewhere.
As for the IP of the Router youβre using, use:
$ ip route show
On the terminal and you will be shown the IP of your network router. Now to do further processes, I have logged in to kali root mode.
STEP 1:Obtain the IP configuration from the Victim
Next up, you need to get the IP of your Victimβs Router. This is easy, and there are several different ways you can find it out. For instance, you can use a Network Monitoring Software Tool, or you can download a routers user interface program that lets you list all the devices and their IPs on a particular network.
STEP 2:Turn on the packet forwarding in Linux
This is very important because if your machine isnβt exchanging packets, the attack will result in a failure as your internet connection will be disrupted. By enabling the packet forwarding, you disguise your local machine to act as the network router.
To turn on packet forwarding, run the following command in a new terminal:
$ sysctl -w net.ipv4.ip_forward=1
STEP 3: Redirect packages to your machine with arpspoof
Arpspoof is a preinstalled Kali Linux utility that lets you expropriate traffic to a machine of your choice from a switched LAN. This is why Arpspoof serves as the most accurate way to redirect traffic, practically letting you sniff traffic on the local network.
Use the following syntax to start intercepting packages from the Victim to your Router:
$ arpspoof -i [Network Interface Name] -t [Victim IP] [Router IP]
This has only enabled the monitoring the incoming packets from the Victim to the Router. Do not close the terminal just yet as itβll stop the attack.
STEP 4: Intercept packages from the Router
Youβre doing here the same as the previous step, except itβs just reversed. Leaving the previous terminal open as it is, opens up a new terminal to start extracting packages from the Router. Type the following command with your network interface name and router IP:
$ arpspoof -i [Network Interface Name] -t [Router IP] [Victim IP]
Youβre probably realizing at this point that weβve switched the position of the arguments in the command we used in the previous step.
Up till now, youβve infiltrated to the connection between your Victim and the Router
STEP 5: Sniffing images from the targetβs browser history
Letβs see what websites our target like to visit often and what images do they see there. We can achieve this using specialized software called driftnet.
Driftnet is a program that lets us monitor the network traffic from certain IPs and discern images from TCP streams in use. The program can display the images in JPEG, GIF, and other image formats.
To see what images are being seen on the target machine, use the following command
$ driftnet -i [Network Interface Name]
STEP 6: Sniffing URLs information from victim navigation
You can also sniff out the websiteβs URL that our Victim often visits. The program weβre going to use is a command-line tool known as urlsnarf. It sniffs out and saves the HTTPs request from a designated IP in the Common log format. Fantastic utility to perform offline post-processing traffic analysis with other network forensics tools.
The syntax youβll put in the command terminal to sniff out the URLs is:
$ urlsnarf -i [Network interface name]
As long as each terminal is functional and youβve accidentally not closed one of them, things shouldβve gone smoothly for you so far.
π¦FULL MITM IN ANY DEBIAN BASE OS (KLAI/PARROT)
The method weβre going to use will employ Kali Linux, so itβll help to have a certain degree of familiarity with Kali before we start.
1) To start with our attacks, the following are crucial prerequisites:
the network interface installed on our machine
and the IP of the WiFi router that our Victim uses.
View the network interface configuration
Run the following command in the terminal to find out the name of the network interface that youβre using:
$ sudo ifconfig
2) You will be displayed a long list of network interfaces, out of which you have to choose one and note it down somewhere.
As for the IP of the Router youβre using, use:
$ ip route show
On the terminal and you will be shown the IP of your network router. Now to do further processes, I have logged in to kali root mode.
STEP 1:Obtain the IP configuration from the Victim
Next up, you need to get the IP of your Victimβs Router. This is easy, and there are several different ways you can find it out. For instance, you can use a Network Monitoring Software Tool, or you can download a routers user interface program that lets you list all the devices and their IPs on a particular network.
STEP 2:Turn on the packet forwarding in Linux
This is very important because if your machine isnβt exchanging packets, the attack will result in a failure as your internet connection will be disrupted. By enabling the packet forwarding, you disguise your local machine to act as the network router.
To turn on packet forwarding, run the following command in a new terminal:
$ sysctl -w net.ipv4.ip_forward=1
STEP 3: Redirect packages to your machine with arpspoof
Arpspoof is a preinstalled Kali Linux utility that lets you expropriate traffic to a machine of your choice from a switched LAN. This is why Arpspoof serves as the most accurate way to redirect traffic, practically letting you sniff traffic on the local network.
Use the following syntax to start intercepting packages from the Victim to your Router:
$ arpspoof -i [Network Interface Name] -t [Victim IP] [Router IP]
This has only enabled the monitoring the incoming packets from the Victim to the Router. Do not close the terminal just yet as itβll stop the attack.
STEP 4: Intercept packages from the Router
Youβre doing here the same as the previous step, except itβs just reversed. Leaving the previous terminal open as it is, opens up a new terminal to start extracting packages from the Router. Type the following command with your network interface name and router IP:
$ arpspoof -i [Network Interface Name] -t [Router IP] [Victim IP]
Youβre probably realizing at this point that weβve switched the position of the arguments in the command we used in the previous step.
Up till now, youβve infiltrated to the connection between your Victim and the Router
STEP 5: Sniffing images from the targetβs browser history
Letβs see what websites our target like to visit often and what images do they see there. We can achieve this using specialized software called driftnet.
Driftnet is a program that lets us monitor the network traffic from certain IPs and discern images from TCP streams in use. The program can display the images in JPEG, GIF, and other image formats.
To see what images are being seen on the target machine, use the following command
$ driftnet -i [Network Interface Name]
STEP 6: Sniffing URLs information from victim navigation
You can also sniff out the websiteβs URL that our Victim often visits. The program weβre going to use is a command-line tool known as urlsnarf. It sniffs out and saves the HTTPs request from a designated IP in the Common log format. Fantastic utility to perform offline post-processing traffic analysis with other network forensics tools.
The syntax youβll put in the command terminal to sniff out the URLs is:
$ urlsnarf -i [Network interface name]
As long as each terminal is functional and youβve accidentally not closed one of them, things shouldβve gone smoothly for you so far.
Stopping the attack
Once youβre satisfied with what youβve got your hands on, you may stop the attack by closing each terminal. You can use the ctrl+C shortcut to go about it quickly.
And donβt forget to disable packet forwarding that you had enabled to carry out the attack. Type in the following command in the terminal:
$ sysctl -w net.ipv4.ip_forward=0
enjoyβ€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
Once youβre satisfied with what youβve got your hands on, you may stop the attack by closing each terminal. You can use the ctrl+C shortcut to go about it quickly.
And donβt forget to disable packet forwarding that you had enabled to carry out the attack. Type in the following command in the terminal:
$ sysctl -w net.ipv4.ip_forward=0
enjoyβ€οΈππ»
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Google Hangouts on Ubuntu:
Install YakYak on Ubuntu
For Ubuntu, there are a few options available to install yakyak. Yakyak officially offers a DEB package for Debian/Ubuntu and derivatives. Itβs also available as a snap package from Snapcraft. If youβre interested, itβs also possible to manually download and run yakyak without any installation.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Yakyak DEB package
Grab the latest yakyak DEB package.
Letβs install the DEB package using APT. Launch the terminal and run the following command.
$ sudo apt update
$sudo apt install ./yakyak-1.5.9-linux-amd64.deb
2) Yakyak snap package
Snaps are universal Linux packages that can be installed on any Linux distro. All it needs is snappy (snap package manager) configured. Ubuntu comes with snap pre-installed. However, if you donβt have it installed, install it right away!
$ sudo apt update && sudo apt install snapd
3) Letβs make sure that snappy is ready to work. Install the βcoreβ snap and restart the service.
$ sudo snap install core
$ sudo systemctl restart snapd
4) Finally, install yakyak snap.
$ sudo snap install yakyak
Yakyak manual run
This is not the recommended method of using yakyak in the long run. If a new version is released, you have to repeat this entire procedure manually again.
5) Download yakyak compressed package from GitHub
https://github.com/yakyak/yakyak
Extract the package.
$ tar -xvf yakyak-1.5.9-linux-x64.tar.gz
6) Mark the yakyak executable file.
$ chmod +x yakyak
7) Launch the app by running the command.
$ ./yakyak
β verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Google Hangouts on Ubuntu:
Install YakYak on Ubuntu
For Ubuntu, there are a few options available to install yakyak. Yakyak officially offers a DEB package for Debian/Ubuntu and derivatives. Itβs also available as a snap package from Snapcraft. If youβre interested, itβs also possible to manually download and run yakyak without any installation.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Yakyak DEB package
Grab the latest yakyak DEB package.
Letβs install the DEB package using APT. Launch the terminal and run the following command.
$ sudo apt update
$sudo apt install ./yakyak-1.5.9-linux-amd64.deb
2) Yakyak snap package
Snaps are universal Linux packages that can be installed on any Linux distro. All it needs is snappy (snap package manager) configured. Ubuntu comes with snap pre-installed. However, if you donβt have it installed, install it right away!
$ sudo apt update && sudo apt install snapd
3) Letβs make sure that snappy is ready to work. Install the βcoreβ snap and restart the service.
$ sudo snap install core
$ sudo systemctl restart snapd
4) Finally, install yakyak snap.
$ sudo snap install yakyak
Yakyak manual run
This is not the recommended method of using yakyak in the long run. If a new version is released, you have to repeat this entire procedure manually again.
5) Download yakyak compressed package from GitHub
https://github.com/yakyak/yakyak
Extract the package.
$ tar -xvf yakyak-1.5.9-linux-x64.tar.gz
6) Mark the yakyak executable file.
$ chmod +x yakyak
7) Launch the app by running the command.
$ ./yakyak
β verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - yakyak/yakyak: Desktop chat client for Google Hangouts
Desktop chat client for Google Hangouts. Contribute to yakyak/yakyak development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Google quantum computing on the cover of "Science" quantum simulation of chemical reactions
#technologies
#technologies
Forwarded from UNDERCODE NEWS
On the morning of 28 August, the share price of Xiaomi Group increased by more than 10.7 percent at 23.65
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WITH BEEF KALI-PARROT
1) The BeEF Framework
A Linux OS such as Kali Linux, Parrot OS, BlackArch, Backbox, or Cyborg OS is required to install BeEF on your local machine.
Although BeEF comes pre-installed in various pen-testing operating systems, it might be possible that it is not installed in your case. To check if whether BeEF is installed, look for BeEF in your Kali Linux directory. To do so, go to applications>Kali Linux>System Services>beef start.
2) Alternatively, you can fire up BeEF from a new terminal emulator by entering the following code:
$ cd /usr/share/beef-xss
$ cd ./beef
3) To install BeEF on your Kali Linux machine, open the command interface and type in the following command:
$ sudo apt-get update
$ sudo apt-get install beef-xss
4) BeEF should now be installed under /usr/share/beef-xss.
You can start using BeEF using the address described previously in this section.
Β» Welcome to BeEF
5) Now, you can see the BeEF GUI in its full glory. Access the BeEF server by launching your web browser and looking up the localhost (127.0.0.1).
6) You can access the BeEF web GUI by typing the following URL in your web browser:
http://localhost:3000/ui/authentication
7) The default user credentials, both the username and password, are βbeef:β
$ beef-xss-1
$ BeEF Login Web GUI
8) Now that you have logged into the BeEF web GUI, proceed to the βHooked Browsersβ section. Online Browsers and Offline Browsers. This section shows the victimβs hooked status.
Using BeEF
This walkthrough will demonstrate how to use BeEF in your local network using the localhost.
9) For the connections to be made outside the network, we will need to open ports and forward them to the users waiting to connect. In this article, we will stick to our home network. We will discuss port forwarding in future articles.
10) Hooking a Browser
To get to the core of what BeEF is about, first, you will need to understand what a BeEF hook is. It is a JavaScript file, used to latch on to a targetβs browser to exploit it while acting as a C&C between it and the attacker. This is what is meant by a βhookβ in the context of using BeEF. Once a web browser is hooked by BeEF, you can proceed to inject further payloads and begin with post-exploitation.
To find your local IP address, you open a new terminal and enter the following:
$ sudo ifconfig
Follow the steps below to perform the attack:
11) To target a web browser, you will first need to identify a webpage that the victim to-be likes to visit often, and then attach a BeEF hook to it.
Deliver a javascript payload, preferably by including the javascript hook into the web pageβs header. The target browser will become hooked once they visit this site.
If you have been able to follow these steps without any problems, you should be able to see the hooked IP address and OS platform in the BeEF GUI. You can find out more about the compromised system by clicking on the hooked browser listed in the window.
Also, there are several generic webpage templates they have made available for your use.
http://localhost:3000/demos/butcher/index.html
Powered by wiki
β verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WITH BEEF KALI-PARROT
1) The BeEF Framework
A Linux OS such as Kali Linux, Parrot OS, BlackArch, Backbox, or Cyborg OS is required to install BeEF on your local machine.
Although BeEF comes pre-installed in various pen-testing operating systems, it might be possible that it is not installed in your case. To check if whether BeEF is installed, look for BeEF in your Kali Linux directory. To do so, go to applications>Kali Linux>System Services>beef start.
2) Alternatively, you can fire up BeEF from a new terminal emulator by entering the following code:
$ cd /usr/share/beef-xss
$ cd ./beef
3) To install BeEF on your Kali Linux machine, open the command interface and type in the following command:
$ sudo apt-get update
$ sudo apt-get install beef-xss
4) BeEF should now be installed under /usr/share/beef-xss.
You can start using BeEF using the address described previously in this section.
Β» Welcome to BeEF
5) Now, you can see the BeEF GUI in its full glory. Access the BeEF server by launching your web browser and looking up the localhost (127.0.0.1).
6) You can access the BeEF web GUI by typing the following URL in your web browser:
http://localhost:3000/ui/authentication
7) The default user credentials, both the username and password, are βbeef:β
$ beef-xss-1
$ BeEF Login Web GUI
8) Now that you have logged into the BeEF web GUI, proceed to the βHooked Browsersβ section. Online Browsers and Offline Browsers. This section shows the victimβs hooked status.
Using BeEF
This walkthrough will demonstrate how to use BeEF in your local network using the localhost.
9) For the connections to be made outside the network, we will need to open ports and forward them to the users waiting to connect. In this article, we will stick to our home network. We will discuss port forwarding in future articles.
10) Hooking a Browser
To get to the core of what BeEF is about, first, you will need to understand what a BeEF hook is. It is a JavaScript file, used to latch on to a targetβs browser to exploit it while acting as a C&C between it and the attacker. This is what is meant by a βhookβ in the context of using BeEF. Once a web browser is hooked by BeEF, you can proceed to inject further payloads and begin with post-exploitation.
To find your local IP address, you open a new terminal and enter the following:
$ sudo ifconfig
Follow the steps below to perform the attack:
11) To target a web browser, you will first need to identify a webpage that the victim to-be likes to visit often, and then attach a BeEF hook to it.
Deliver a javascript payload, preferably by including the javascript hook into the web pageβs header. The target browser will become hooked once they visit this site.
If you have been able to follow these steps without any problems, you should be able to see the hooked IP address and OS platform in the BeEF GUI. You can find out more about the compromised system by clicking on the hooked browser listed in the window.
Also, there are several generic webpage templates they have made available for your use.
http://localhost:3000/demos/butcher/index.html
Powered by wiki
β verified
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β