β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is VNC?
2οΈβ£By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.
3οΈβ£One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.
4οΈβ£The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is VNC?
recently send how hack Rdp but about vnc #Definition1οΈβ£VNC (Virtual Network Computing) is a system of remote access to the computer desktop using the RFB protocol (Remote FrameBuffer, a remote frame buffer). Management is carried out by transmitting keystrokes on the keyboard and mouse movements from one computer to another and relaying the contents of the screen through a computer network. In simple terms, using VNC you can connect to another computer and work at it as if you were sitting in front of it.
2οΈβ£By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.
3οΈβ£One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.
4οΈβ£The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Bin For Apple Music & Amazon Musicβ
Bin : 45140510002xxxxx
CVV/Date: RND
IP : Canada π¨π¦
> How use bin https://t.me/UnderCodeTesting/3768
provide us with screanshoats to @Undercode_Bot
π¦ Bin For Twitter Ads + Facebook Ads + Instagram Ads β
Bin: 5262845xxx262xxx
Country: USA πΊπΈ
Bin : 45140510002xxxxx
CVV/Date: RND
IP : Canada π¨π¦
> How use bin https://t.me/UnderCodeTesting/3768
provide us with screanshoats to @Undercode_Bot
π¦ Bin For Twitter Ads + Facebook Ads + Instagram Ads β
Bin: 5262845xxx262xxx
Country: USA πΊπΈ
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#FASTTIP :log formats and values are supported for the --log-format option :
COMBINED - combined journal format,
VCOMBINED - combined log format with a virtual host,
COMMON is a regular log format,
VCOMMON - a regular log format with a virtual host,
W3C is an extended W3C log format,
SQUID - Squid's native log format,
CLOUDFRONT - Amazon CloudFront Web Distribution,
CLOUDSTORAGE - Google Cloud Storage,
AWSELB - Amazon Elastic Load Balancing,
AWSS3 - Amazon Simple Storage Service (S3)
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#FASTTIP :log formats and values are supported for the --log-format option :
COMBINED - combined journal format,
VCOMBINED - combined log format with a virtual host,
COMMON is a regular log format,
VCOMMON - a regular log format with a virtual host,
W3C is an extended W3C log format,
SQUID - Squid's native log format,
CLOUDFRONT - Amazon CloudFront Web Distribution,
CLOUDSTORAGE - Google Cloud Storage,
AWSELB - Amazon Elastic Load Balancing,
AWSS3 - Amazon Simple Storage Service (S3)
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from Backup Legal Mega
Feature Engineering for Machine Learning β-3.76 GBβ
https://www.udemy.com/course/feature-engineering-for-machine-learning/
https://mega.nz/#F!y5kUlICK!XOQA-9hzFSrvRv1_w7yYHw
https://www.udemy.com/course/feature-engineering-for-machine-learning/
https://mega.nz/#F!y5kUlICK!XOQA-9hzFSrvRv1_w7yYHw
Udemy
Feature Engineering for Machine Learning
Learn imputation, variable encoding, discretization, feature extraction, how to work with datetime, outliers, and more.
Forwarded from Backup Legal Mega
Secure Coding- Identifying and Mitigating XML External Entity (XXE) Vulnerabilities β-136 MBβ
#Requested
https://www.pluralsight.com/courses/secure-coding-identifying-mitigating-xxe-vulnerabilities
https://mega.nz/#F!MEJyWCBS!dbu--O0N-SO1rK4JCDQJjA
#Requested
https://www.pluralsight.com/courses/secure-coding-identifying-mitigating-xxe-vulnerabilities
https://mega.nz/#F!MEJyWCBS!dbu--O0N-SO1rK4JCDQJjA
Pluralsight
Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
This course will teach you what XML External Entity vulnerabilities are, how they are exploited, how you can identify the vulnerabilities in your code, and how you can protect your code against exploitation.
π¦Hacking framework This framework is designed to perform penetration testing. Its functions:
> Scan sql vulnerability
> Scan xxs vulnerability
>Dos sites
>Brutforce Ftp
> Brutforse SSh
> Brutforse mail Accounts
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
4οΈβ£for launching only hacking modules
launch as python
>cd modules
banner.py
dos.py
ftp.py
hun_listener.py
Update mail.py
ssh.py
5οΈβ£include passwordlist
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
> Scan sql vulnerability
> Scan xxs vulnerability
>Dos sites
>Brutforce Ftp
> Brutforse SSh
> Brutforse mail Accounts
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/b3-v3r/Hunner.git(choose options via numbers)
2οΈβ£cd Hunner
3οΈβ£python2 hunner.py
4οΈβ£for launching only hacking modules
launch as python
>cd modules
banner.py
dos.py
ftp.py
hun_listener.py
Update mail.py
ssh.py
5οΈβ£include passwordlist
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What does that mean?
It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
π¦FOR PARROT-KALI :
You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).
1οΈβ£DOWNLOAD https://cuckoosandbox.org/
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What does that mean?
It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
π¦FOR PARROT-KALI :
You can either run Cuckoo from your own user or create a new one dedicated just for your sandbox setup. Make sure that the user that runs Cuckoo is the same user that you will use to create and run the virtual machines (at least in the case of VirtualBox), otherwise Cuckoo wonβt be able to identify and launch these Virtual Machines.1οΈβ£
clone https://github.com/cuckoosandbox/cuckoo
or open terminal and type
$ sudo pip install -U pip setuptools
2οΈβ£$ sudo pip install -U cuckoo
3οΈβ£$ virtualenv venv
4οΈβ£$ . venv/bin/activate
5οΈβ£(venv)$ pip install -U pip setuptools
6οΈβ£(venv)$ pip install -U cuckoo
π¦Install Cuckoo from file methode 2 -You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).
1οΈβ£DOWNLOAD https://cuckoosandbox.org/
2οΈβ£$ pip download cuckoo
3οΈβ£$ pip install Cuckoo-2.0.0.tar.gz
4οΈβ£$ pip install *.tar.gz
5οΈβ£choose option simplyShare usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ANONYMOUS VPN/PROXIES 2020
- 7Proxies https://www.7proxies.com/
- AirVPN https://airvpn.org/
- Cryptostorm https://cryptostorm.is/
- Cyberghost https://www.cyberghostvpn.com/en_US/
- ExpressVPN https://www.expressvpn.com
- FreeVPN https://freevpn.me/
- HideMyAss https://www.hidemyass.com/
- IpPVanish https://www.ipvanish.com/
- NordVPN https://nordvpn.com
- PIA https://www.privateinternetaccess.com/
- ProntonVPN https://protonvpn.com/
- Proxy.sh https://proxy.sh/
- SlickVPN https://www.slickvpn.com
- StrongVPN https://strongvpn.com/
- TorGuard https://torguard.net/
- TunnelBear https://www.tunnelbear.com/
- VPNBook (por defecto) http://www.vpnbook.com/
- VPNGate http://www.vpngate.net/en/
- VPNKeys https://www.vpnkeys.com/
- VPNMe https://www.vpnme.me/
- Vyprvpn https://www.goldenfrog.com/es/vyprvpn
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ANONYMOUS VPN/PROXIES 2020
- 7Proxies https://www.7proxies.com/
- AirVPN https://airvpn.org/
- Cryptostorm https://cryptostorm.is/
- Cyberghost https://www.cyberghostvpn.com/en_US/
- ExpressVPN https://www.expressvpn.com
- FreeVPN https://freevpn.me/
- HideMyAss https://www.hidemyass.com/
- IpPVanish https://www.ipvanish.com/
- NordVPN https://nordvpn.com
- PIA https://www.privateinternetaccess.com/
- ProntonVPN https://protonvpn.com/
- Proxy.sh https://proxy.sh/
- SlickVPN https://www.slickvpn.com
- StrongVPN https://strongvpn.com/
- TorGuard https://torguard.net/
- TunnelBear https://www.tunnelbear.com/
- VPNBook (por defecto) http://www.vpnbook.com/
- VPNGate http://www.vpngate.net/en/
- VPNKeys https://www.vpnkeys.com/
- VPNMe https://www.vpnme.me/
- Vyprvpn https://www.goldenfrog.com/es/vyprvpn
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
7Proxies
7Proxies - Best Wireguard Services
We create Wireguard solutions that work brilliantly, deliver fantastic speed and security. Talk to us about solving your VPN challenges.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A REAL extremely buggy web app 2020 RECOMMENDED BY Undercode :
FEATURES :
SQL, HTML, iFrame, SSI, OS Command, PHP, XML, XPath, LDAP and SMTP injections
Blind SQL injection and Blind OS Command injection
Boolean-based and time-based Blind SQL injections
Drupageddon and Drupalgeddon2 (CVE-2018-7600)
AJAX and Web Services issues (JSON/XML/SOAP)
Heartbleed vulnerability (OpenSSL) + detection script included
Shellshock vulnerability (CGI)
Cross-Site Scripting (XSS) and Cross-Site Tracing (XST)
phpMyAdmin BBCode Tag XSS
Cross-Site Request Forgery (CSRF)
Information disclosures: favicons, version info, custom headers,...
Unrestricted file uploads and backdoor files
Old, backup & unreferenced files
Authentication, authorization and session management issues
Password and CAPTCHA attacks
Insecure DistCC, FTP, NTP, Samba, SNMP, VNC, WebDAV configurations
Arbitrary file access with Samba
Directory traversals and unrestricted file access
Local and remote file inclusions (LFI/RFI)
Server Side Request Forgery (SSRF)
XML External Entity attacks (XXE)
Man-in-the-Middle attacks (HTTP/SMTP)
HTTP parameter pollution and HTTP verb tampering
Denial-of-Service (DoS) attacks: Slow Post, SSL-Exhaustion, XML Bomb,...
POODLE vulnerability
BREACH/CRIME/BEAST SSL attacks
HTML5 ClickJacking and web storage issues
Insecure iFrame (HTML5 sandboxing)
Insecure cryptographic storage
Cross-Origin Resource Sharing (CORS) issues
Cross-domain policy file attacks (Flash/Silverlight)
Local privilege escalations: udev, sendpage
Cookie and password reset poisoning
Host header attacks: password reset poisoning en cache pollutions
PHP CGI remote code execution
Dangerous PHP Eval function
Local and remote buffer overflows (BOF)
phpMyAdmin and SQLiteManager vulnerabilities
Nginx web server vulnerabilities
HTTP response splitting, unvalidated redirects and forwards
WSDL SOAP vulnerabilities
Form-based authentication and No-authentication modes
Active Directory LDAP integration
Fuzzing possibilities
and much more...
HINT: download our bee-box VM > it has ALL necessary extensions
bee-box is compatible with VMware and VirtualBox!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ :
DOWNLOAD APP :
https://sourceforge.net/projects/bwapp/
ENJOY π¦ππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A REAL extremely buggy web app 2020 RECOMMENDED BY Undercode :
FEATURES :
SQL, HTML, iFrame, SSI, OS Command, PHP, XML, XPath, LDAP and SMTP injections
Blind SQL injection and Blind OS Command injection
Boolean-based and time-based Blind SQL injections
Drupageddon and Drupalgeddon2 (CVE-2018-7600)
AJAX and Web Services issues (JSON/XML/SOAP)
Heartbleed vulnerability (OpenSSL) + detection script included
Shellshock vulnerability (CGI)
Cross-Site Scripting (XSS) and Cross-Site Tracing (XST)
phpMyAdmin BBCode Tag XSS
Cross-Site Request Forgery (CSRF)
Information disclosures: favicons, version info, custom headers,...
Unrestricted file uploads and backdoor files
Old, backup & unreferenced files
Authentication, authorization and session management issues
Password and CAPTCHA attacks
Insecure DistCC, FTP, NTP, Samba, SNMP, VNC, WebDAV configurations
Arbitrary file access with Samba
Directory traversals and unrestricted file access
Local and remote file inclusions (LFI/RFI)
Server Side Request Forgery (SSRF)
XML External Entity attacks (XXE)
Man-in-the-Middle attacks (HTTP/SMTP)
HTTP parameter pollution and HTTP verb tampering
Denial-of-Service (DoS) attacks: Slow Post, SSL-Exhaustion, XML Bomb,...
POODLE vulnerability
BREACH/CRIME/BEAST SSL attacks
HTML5 ClickJacking and web storage issues
Insecure iFrame (HTML5 sandboxing)
Insecure cryptographic storage
Cross-Origin Resource Sharing (CORS) issues
Cross-domain policy file attacks (Flash/Silverlight)
Local privilege escalations: udev, sendpage
Cookie and password reset poisoning
Host header attacks: password reset poisoning en cache pollutions
PHP CGI remote code execution
Dangerous PHP Eval function
Local and remote buffer overflows (BOF)
phpMyAdmin and SQLiteManager vulnerabilities
Nginx web server vulnerabilities
HTTP response splitting, unvalidated redirects and forwards
WSDL SOAP vulnerabilities
Form-based authentication and No-authentication modes
Active Directory LDAP integration
Fuzzing possibilities
and much more...
HINT: download our bee-box VM > it has ALL necessary extensions
bee-box is compatible with VMware and VirtualBox!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ :
DOWNLOAD APP :
https://sourceforge.net/projects/bwapp/
ENJOY π¦ππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
SourceForge
bWAPP
Download bWAPP for free. an extremely buggy web app ! bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips
1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;
2) Reliable sources. Download and install applications only from official sites and markets;
3) Advance action. Install anti-virus programs that can protect your data.
4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.
5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips
1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;
2) Reliable sources. Download and install applications only from official sites and markets;
3) Advance action. Install anti-virus programs that can protect your data.
4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.
5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is Crowbar?
-Hack OpenVpn
*Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£Kali Linux users can do
# sudo apt install -y crowbar
Else if you wish to install from source, install all the dependencies:
2οΈβ£Debain 9/10+ & Kali Rolling
# sudo apt install -y nmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip
3οΈβ£Debain 7/8 & Kali 1/2
# sudo apt-get install -y nmap openvpn freerdp-x11 vncviewer
π¦Then get latest version from GitHub:
1οΈβ£RDP brute forcing a single IP address using username list file and a single password:
# ./crowbar.py -b rdp -s 192.168.2.211/32 -U ~/Desktop/userlist -c passw0rd
2οΈβ£RDP brute forcing a single IP address using a single username and a password list:
# ./crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C ~/Desktop/passlist
3οΈβ£RDP brute forcing a subnet using a username list and a password list in discovery mode:
# ./crowbar.py -b rdp -s 192.168.2.0/24 -U ~/Desktop/userlist -C ~/Desktop/passlist -d
4οΈβ£Brute Forcing - SSH Private Keys
Below are a few examples which you have using Crowbar.
SSH key brute force attempt to a single IP address using a single username and a single private SSH key:
# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/id_rsa
5οΈβ£SSH key brute force attempt to a single IP address using a single username and all the SSH keys in a folder:
# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/
6οΈβ£SSH key brute force attempt to a subnet using a single username and all the SSH keys in a folder in discovery mode:
# ./crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k ~/.ssh/ -d
PN
Below is an example of attacking OpenVPN using Crowbar.
7οΈβ£Brute Forcing - OpenV
OpenVPN brute force attempt to a single IP address using a configuration file, a single username and a single password with specified port number and optional certificate file. Doesn't matter if its TCP or UDP:
# grep remote ~/Desktop/vpnbook.ovpn
remote vpn.example.com 1194 udp
# host vpn.example.com | awk '{print $1}'
198.7.62.204
# grep '^auth-user-pass' ~/Desktop/vpnbook.ovpn
# ./crowbar.py -b openvpn -s 198.7.62.204/32 -p 1194 -m ~/Desktop/vpnbook.ovpn -k ~/Desktop/vpnbook_ca.crt -u v
π¦Video tutorial :
https://www.youtube.com/watch?v=4QZAWGsveSM
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is Crowbar?
-Hack OpenVpn
*Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£Kali Linux users can do
# sudo apt install -y crowbar
Else if you wish to install from source, install all the dependencies:
2οΈβ£Debain 9/10+ & Kali Rolling
# sudo apt install -y nmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip
3οΈβ£Debain 7/8 & Kali 1/2
# sudo apt-get install -y nmap openvpn freerdp-x11 vncviewer
π¦Then get latest version from GitHub:
1οΈβ£ git clone https://github.com/galkan/crowbarπ¦If you want to use username including DOMAIN, please specify username like below. Backslash (\) is the escape character for python. So you have to use either of the following two formats:
2οΈβ£cd crowbar/
3οΈβ£ pip3 install -r requirements.txt
1οΈβ£ ./crowbar.py -b rdp -u DOMAIN\\gokhan alkan -c Aa123456 -s 10.68.35.150/32π¦HOW USE ?
2015-03-28 11:03:39 RDP-SUCCESS : 10.68.35.150:3389 - "DOMAIN\gokhan alkan":Aa123456,
2οΈβ£ ./crowbar.py -b rdp -u gokhan alkan@ornek -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:04:00 RDP-SUCCESS : 10.68.35.150:3389 - "gokhan alkan@DOMAIN":Aa123456,
1οΈβ£RDP brute forcing a single IP address using username list file and a single password:
# ./crowbar.py -b rdp -s 192.168.2.211/32 -U ~/Desktop/userlist -c passw0rd
2οΈβ£RDP brute forcing a single IP address using a single username and a password list:
# ./crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C ~/Desktop/passlist
3οΈβ£RDP brute forcing a subnet using a username list and a password list in discovery mode:
# ./crowbar.py -b rdp -s 192.168.2.0/24 -U ~/Desktop/userlist -C ~/Desktop/passlist -d
4οΈβ£Brute Forcing - SSH Private Keys
Below are a few examples which you have using Crowbar.
SSH key brute force attempt to a single IP address using a single username and a single private SSH key:
# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/id_rsa
5οΈβ£SSH key brute force attempt to a single IP address using a single username and all the SSH keys in a folder:
# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/
6οΈβ£SSH key brute force attempt to a subnet using a single username and all the SSH keys in a folder in discovery mode:
# ./crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k ~/.ssh/ -d
PN
Below is an example of attacking OpenVPN using Crowbar.
7οΈβ£Brute Forcing - OpenV
OpenVPN brute force attempt to a single IP address using a configuration file, a single username and a single password with specified port number and optional certificate file. Doesn't matter if its TCP or UDP:
# grep remote ~/Desktop/vpnbook.ovpn
remote vpn.example.com 1194 udp
# host vpn.example.com | awk '{print $1}'
198.7.62.204
# grep '^auth-user-pass' ~/Desktop/vpnbook.ovpn
# ./crowbar.py -b openvpn -s 198.7.62.204/32 -p 1194 -m ~/Desktop/vpnbook.ovpn -k ~/Desktop/vpnbook_ca.crt -u v
π¦Video tutorial :
https://www.youtube.com/watch?v=4QZAWGsveSM
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
YouTube
Heybe - Crowbar OpenVPN Bruteforcing
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Downloading the d3dx9 43 file from unauthorized sources is undesirable because:
1) Such sites distribute malicious software or dummy files that simply have the same name as the desired file. Dummy files often lead to the fact that the user makes the only seemingly correct decision - to completely reinstall the operating system.
2) If you downloaded a file and even know in which directory you need to copy it, this does not mean a 100% solution to the problem. DirectX contains many files, so when you restart it, you may encounter a new error with the name of another missing file.
3) If the d3dx9 43 file is incorrectly overwritten in the System32 folder, the system may fail. It can take anywhere from a few hours to a whole day to fix the error and fix the download.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Downloading the d3dx9 43 file from unauthorized sources is undesirable because:
1) Such sites distribute malicious software or dummy files that simply have the same name as the desired file. Dummy files often lead to the fact that the user makes the only seemingly correct decision - to completely reinstall the operating system.
2) If you downloaded a file and even know in which directory you need to copy it, this does not mean a 100% solution to the problem. DirectX contains many files, so when you restart it, you may encounter a new error with the name of another missing file.
3) If the d3dx9 43 file is incorrectly overwritten in the System32 folder, the system may fail. It can take anywhere from a few hours to a whole day to fix the error and fix the download.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
To get rid of constant brute force attacks, you can only select key-based SSH input.
With this approach, you add the public key of the remote client systems to the list of known keys on the SSH server. In this way, these client machines can access SSH without entering a user account password.
When you have this setting, you can disable the password based on your SSH login. Now only clients that have the specified SSH keys can access the server through SSH.
Before moving on to this approach, make sure you add your public key to the server and it works. Otherwise, you block yourself and may lose access to the remote server, especially if you use a cloud server where you do not have physical access to the server.
π Two-factor authentication via SSH
To take SSH security to the next level, you can also enable two-factor authentication. With this approach, you receive a one-time password on your mobile phone, email, or through a third-party authentication application.
You can read about setting up two-factor authentication using SSH here .
Output
You can see all the parameters of your SSH server with this command:
sshd -T
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
With this approach, you add the public key of the remote client systems to the list of known keys on the SSH server. In this way, these client machines can access SSH without entering a user account password.
When you have this setting, you can disable the password based on your SSH login. Now only clients that have the specified SSH keys can access the server through SSH.
Before moving on to this approach, make sure you add your public key to the server and it works. Otherwise, you block yourself and may lose access to the remote server, especially if you use a cloud server where you do not have physical access to the server.
π Two-factor authentication via SSH
To take SSH security to the next level, you can also enable two-factor authentication. With this approach, you receive a one-time password on your mobile phone, email, or through a third-party authentication application.
You can read about setting up two-factor authentication using SSH here .
Output
You can see all the parameters of your SSH server with this command:
sshd -T
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
The Dark Side of _Manual Work is a Bug_.pdf
293.9 KB
The Dark Side of _Manual Work is a Bug_
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Microsoft Edge silently imports Firefox data without permission
#UndercodeNews
> Some users found that the new version of Edge updated to the device through Windows Update will import data from Firefox, even if the user does not authorize Edge to do this.
> According to krankie 's description, Microsoft designed some elements in the UI to "deceive and mislead" users. After updating the system, after the Edge installation is complete, Microsoft will display a maximized Edge window to the user, but it will first pop up a modal dialog box containing only the "Get Started" button.
> Therefore, the user cannot close Edge directly or close the modal dialog box. The only option is to use the task manager to kill this process. But even if you close it, Edge will be automatically fixed to the taskbar.
> Finally, he also mentioned that the new version of Edge imports data from other browsers without user permission.
"Unless you close it through the task manager instead of performing a forced setting, it will copy the data anyway, the worst thing is that most people will never know what Edge is doing, because they will never open it again."
> In addition, Microsoft will cancel the system's default browser settings, so when the user clicks on a URL, they need to re-select the default browser.
> Microsoft has been silent on this. Therefore, although the original wizard was actually manually killed by the user, so far, the reason for importing Edge data into Firefox data is still unknown.
@UndercodeNews
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Microsoft Edge silently imports Firefox data without permission
#UndercodeNews
> Some users found that the new version of Edge updated to the device through Windows Update will import data from Firefox, even if the user does not authorize Edge to do this.
> According to krankie 's description, Microsoft designed some elements in the UI to "deceive and mislead" users. After updating the system, after the Edge installation is complete, Microsoft will display a maximized Edge window to the user, but it will first pop up a modal dialog box containing only the "Get Started" button.
> Therefore, the user cannot close Edge directly or close the modal dialog box. The only option is to use the task manager to kill this process. But even if you close it, Edge will be automatically fixed to the taskbar.
> Finally, he also mentioned that the new version of Edge imports data from other browsers without user permission.
"Unless you close it through the task manager instead of performing a forced setting, it will copy the data anyway, the worst thing is that most people will never know what Edge is doing, because they will never open it again."
> In addition, Microsoft will cancel the system's default browser settings, so when the user clicks on a URL, they need to re-select the default browser.
> Microsoft has been silent on this. Therefore, although the original wizard was actually manually killed by the user, so far, the reason for importing Edge data into Firefox data is still unknown.
@UndercodeNews
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#Terms & #FastTips about Windows servers
> HTTP
This is a web server.
> SMB
The SMB protocol provides the file server on the local network .
> MSSQL
Database management system.
> FTP
A protocol that provides the operation of a file server.
> LDAP
LDAP (Lightweight Directory Access Protocol) is an application layer protocol for accessing the X.500 directory service developed by the IETF as a lightweight version of the ITU-T DAP protocol. LDAP is a relatively simple protocol that uses TCP / IP and allows authentication (bind), search (search) and comparison (compare), as well as the operation of adding, changing or deleting records. Typically, an LDAP server accepts incoming connections to port 389 over TCP or UDP. SSL encapsulated LDAP sessions typically use port 636.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Terms & #FastTips about Windows servers
> HTTP
This is a web server.
> SMB
The SMB protocol provides the file server on the local network .
> MSSQL
Database management system.
> FTP
A protocol that provides the operation of a file server.
> LDAP
LDAP (Lightweight Directory Access Protocol) is an application layer protocol for accessing the X.500 directory service developed by the IETF as a lightweight version of the ITU-T DAP protocol. LDAP is a relatively simple protocol that uses TCP / IP and allows authentication (bind), search (search) and comparison (compare), as well as the operation of adding, changing or deleting records. Typically, an LDAP server accepts incoming connections to port 389 over TCP or UDP. SSL encapsulated LDAP sessions typically use port 636.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β