▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑One-sentence Trojan horse and prevention method of PHP through security dog/D shield/360
F U L L C O D E :
chineese
https://pastebin.com/zYemD3LF
E N J O Y ❤️👍🏻
🦑One-sentence Trojan horse and prevention method of PHP through security dog/D shield/360
F U L L C O D E :
chineese
https://pastebin.com/zYemD3LF
E N J O Y ❤️👍🏻
Pastebin
-code - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 from high rating till lower py ide used by Hackers :
https://www.jetbrains.com/pycharm/
https://www.spyder-ide.org/
http://www.pydev.org/
https://docs.python.org/3/library/idle
https://wingware.com/
https://eric-ide.python-projects.org/
http://rodeo.yhat.com/
https://thonny.org/
https://www.sublimetext.com/
https://atom.io/
https://www.vim.org/
https://code.visualstudio.com/
E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 from high rating till lower py ide used by Hackers :
https://www.jetbrains.com/pycharm/
https://www.spyder-ide.org/
http://www.pydev.org/
https://docs.python.org/3/library/idle
https://wingware.com/
https://eric-ide.python-projects.org/
http://rodeo.yhat.com/
https://thonny.org/
https://www.sublimetext.com/
https://atom.io/
https://www.vim.org/
https://code.visualstudio.com/
E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
JetBrains
PyCharm: The only Python IDE you need
Built for web, data, and AI/ML professionals. Supercharged with an AI-enhanced IDE experience.
Forwarded from Backup Legal Mega
🦑 2020 PPT-204. Puppet 204 - System Administration Using Puppet —3.04 GB—-
https://mega.nz/folder/TFUk1ayD#GuOdQal3GghV7o1d70oQeA
https://mega.nz/folder/TFUk1ayD#GuOdQal3GghV7o1d70oQeA
mega.nz
File folder on MEGA
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Hack Facebook using Social Engineering
STEP 1 : FIND STARTER WINDOW a.k.a HOLE
On the log on screen, he notice a link named “forgotten account”, Here John will be using the benefit of “forgotten account (password recovery)” feature. Facebook has already served our starter window at: “https://www.facebook.com/login/identify?ctx=recover”.
The page should looks like this:
🦑Hack Facebook using Social Engineering
STEP 1 : FIND STARTER WINDOW a.k.a HOLE
On the log on screen, he notice a link named “forgotten account”, Here John will be using the benefit of “forgotten account (password recovery)” feature. Facebook has already served our starter window at: “https://www.facebook.com/login/identify?ctx=recover”.
The page should looks like this:
n the field “Find Your Account” section, there is a sentence which says, “Please enter your email address or phone number to search for your account”. From here we get another set of windows: email address refers to “Email Account” and phone number refers to “Mobile Phone”. So, John has a hypothesis that, if he had the victim’s email account or mobile phone, then he will have access to the victim’s Facebook account.
STEP 2 : FILL IN THE FORM TO IDENTIFY THE ACCOUNT
Okay, from here John starts thinking deeply. He doesn’t know what is Bima’s e-mail address, but he saved Bima phone number on his mobile phone. He then grabs his phone, and looks for Bima’s phone number. And there he goes, he found it. He begins typing Bima’s phone number in that field. After that he presses “Search” button. The image should look like this:
\
STEP 2 : FILL IN THE FORM TO IDENTIFY THE ACCOUNT
Okay, from here John starts thinking deeply. He doesn’t know what is Bima’s e-mail address, but he saved Bima phone number on his mobile phone. He then grabs his phone, and looks for Bima’s phone number. And there he goes, he found it. He begins typing Bima’s phone number in that field. After that he presses “Search” button. The image should look like this:
\
He got it, he found that Bima’s phone number is connected to his Facebook account. From here, he just holds, and does not press the Continue button. For now, he just made sure that this phone number is connected to the victim’s Facebook account, so that comes closer to his hypothesis.
What John actually did, is doing reconnaissance, or Information Gathering on the victim. From here John has enough information, and is ready to execute. But, John will meet Bima in the canteen, it is impossible for John to bring his computer, right? No problem, he has a handy solution, which is his own mobile phone. So, before he meets Bima, he repeats the STEP 1 and 2 on the Chrome browser in his Android mobile phone. It would be look like this:
What John actually did, is doing reconnaissance, or Information Gathering on the victim. From here John has enough information, and is ready to execute. But, John will meet Bima in the canteen, it is impossible for John to bring his computer, right? No problem, he has a handy solution, which is his own mobile phone. So, before he meets Bima, he repeats the STEP 1 and 2 on the Chrome browser in his Android mobile phone. It would be look like this:
STEP 3: MEET THE VICTIM
Alright, now everything is set up and ready. All John needs to do is grab Bima’s phone, click the Continue button on his phone, read SMS inbox message sent by Facebook (the reset code) on Bima’s phone, remember it and delete the message in a single fraction of time, quickly.
This plan sticks into his head while he is now walking to the canteen. John put his phone in his pocket. He entered the canteen area, looking for Bima. He turned his head left to right figuring out where the heck is Bima. As usual he is in the corner seat, waving his hand to John, he was ready with his meal.
Immediately John takes a small portion of meal this noon, and comes close to the table with Bima. He says hi to Bima, and then they eat together. While eating, John looks around, he notices Bima’s phone is on the table.
After they finish lunch, they are talking about each others day. As usual, until, then, at one point John open a new topic about phones. John tells him, that John needs a new phone, and John needs his advice about which phone is suited for John. Then he asked about Bima’s phone, he asked everything, the model, the specs, everything. And then John asks him to try his phone, John acts like he is really a customer looking for a phone. John’s left hand grabs his phone with his permission, while his right hand is under the table, preparing to open his own phone. John sets his attention on his left hand, his phone, John talked so much about his phone, its weight, its speed and so on.
Now, John begins the Attack with turning off Bima’s phone ring tone volume to zero, to prevent him from recognizing if a new notification comes in. John’s left hand still has his attention, while his right hand is actually pressing the Continue button. As soon as John pressed the button, the message comes in.
Alright, now everything is set up and ready. All John needs to do is grab Bima’s phone, click the Continue button on his phone, read SMS inbox message sent by Facebook (the reset code) on Bima’s phone, remember it and delete the message in a single fraction of time, quickly.
This plan sticks into his head while he is now walking to the canteen. John put his phone in his pocket. He entered the canteen area, looking for Bima. He turned his head left to right figuring out where the heck is Bima. As usual he is in the corner seat, waving his hand to John, he was ready with his meal.
Immediately John takes a small portion of meal this noon, and comes close to the table with Bima. He says hi to Bima, and then they eat together. While eating, John looks around, he notices Bima’s phone is on the table.
After they finish lunch, they are talking about each others day. As usual, until, then, at one point John open a new topic about phones. John tells him, that John needs a new phone, and John needs his advice about which phone is suited for John. Then he asked about Bima’s phone, he asked everything, the model, the specs, everything. And then John asks him to try his phone, John acts like he is really a customer looking for a phone. John’s left hand grabs his phone with his permission, while his right hand is under the table, preparing to open his own phone. John sets his attention on his left hand, his phone, John talked so much about his phone, its weight, its speed and so on.
Now, John begins the Attack with turning off Bima’s phone ring tone volume to zero, to prevent him from recognizing if a new notification comes in. John’s left hand still has his attention, while his right hand is actually pressing the Continue button. As soon as John pressed the button, the message comes in.
Ding.. No sounds. Bima has not recognized the incoming message because the monitor is facing John. John immediately opens the message, reads and remembers the 6 Digit Pin in the SMS, and then deletes it soon. Now he is done with Bima’s phone, John gives Bima’s phone back to him while John’s right hand takes his own phone out and starts typing immediately the 6 Digit Pin he just remembered.
Then John presses Continue. The new page appears, it asked whether he wants to make new password or not.
John will not change the password because he is not evil. But, he now has Bima’s facebook account. And he has succeed with his mission.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friends’ phone? If you correlate to the hypothesis by having your friends’ phone you can get whatever you want, badly.
As you can see, the scenario seems so simple, but hey, how easily you could grab and borrow your friends’ phone? If you correlate to the hypothesis by having your friends’ phone you can get whatever you want, badly.
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑PyPI official warehouse was poisoned by request malicious package, Tencent Security provides a comprehensive solution
> onion anti-intrusion system detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> Overview
On August 5th, Tencent Onion Anti-Intrusion System detected that the official PyPI warehouse was maliciously uploaded with request phishing packages. The attackers used the phishing packages to steal user sensitive information and digital currency keys, plant persistent backdoors, and remote control. activity. Tencent Security Threat Intelligence Center reviewed this software supply chain attack and found that some users have been recruited.
> When the user installs the requests package, it is easy to mistype the name as request. As a result, it will be installed as a request malicious package using pip. Due to the popularity of the requests library and a large amount of downloads, some users have been infected by incorrectly inputting the package name.
> Since the domestic open source mirror sites are synchronized with the official PyPI warehouse, the problem will not only pass through the official warehouse, but may also affect a wider range through various open source mirror sites. Tencent Security Emergency Response Center (TSRC) recommends that all open source mirror sites and companies that rely on open source mirror sites self-check and deal with them as soon as possible to ensure that malicious libraries are removed and user systems are safe.
#News
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁