Search This Blog

Powered by Blogger.

How to get an admin password on a work PC in an Active Directory domain?

  ⚙How to get an admin password on a work PC in an Active Directory domain? A) First, find the location of the shortcut for the installed Po...

Wednesday, November 4, 2020

Does your phone have ROOT? Mobile phone vulnerabilities after ROOT cannot be prevented


 Does your phone have ROOT? Mobile phone vulnerabilities after ROOT cannot be prevented :


1) Maybe your phone ROOT is just to install a game and install a tool. To us ordinary people, ROOT represents convenience and freedom. In fact, what you don't know is that it also brings convenience and freedom for hackers to violate your privacy. See how the mobile phone after ROOT opens the door for loopholes.

2) Even when all the information is disclosed, Android Root application developers still have an unknown side.

πŸ¦‘ROOT also opens the door for vulnerability exploitation

The latest research found that by promoting powerful root applications, the few app distributors are putting millions of Android users in a very dangerous situation. Root programs can easily be reverse engineered, allowing malware to use exploit tools to bypass important security checks on Android.

1) On Thursday, researchers from the University of California, Riverside, published a report entitled " Android Root and its suppliers: a double-edged sword " at the ACM Computer and Communication Security Conference . They spent a month of free time reverse engineering A Root tool contains 167 vulnerabilities. In the end, the researchers concluded that by providing a large variety of highly customized vulnerabilities, root vendors can easily lead to reverse engineering and are difficult to detect, which raises the security risk for all Android users.

2) ROOT: a double-edged sword

Researchers from the University of California, Riverside put forward in the paper:

"We found that they are not only working hard to integrate and integrate known exploits, but also to develop new exploits in order to remain competitive. However, these exquisite exploits are not well protected. Once they fall into the wrong hands, they will Cause extremely dangerous effects."




New Way Hacking

Leaked By ABSHQ

Saturday, October 31, 2020

Web Hack And More 2020 Topic


 

   Web Hack And More 2020 Topic

> OpenWAF is the first fully open source Web application protection system (WAF), based on nginx_lua API analysis of HTTP request information. OpenWAF is composed of two functional engines: behavior analysis engine and rule engine. The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information.
  
> Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities.

πŸ„ΈπŸ„½πŸ…‚πŸ…ƒπŸ„°πŸ„»πŸ„»πŸ„ΈπŸ…‚πŸ„°πŸ…ƒπŸ„ΈπŸ„ΎπŸ„½ & πŸ…πŸ…„πŸ„½ :

1) git clone https://github.com/titansec/OpenWAF#bugs-and-patches.git
    
2) cd /opt
    
3) apt-get install gcc wget git swig make perl build-essential zlib1g-dev libgeoip-dev libncurses5-dev libreadline-dev -y
   
4)  wget http://www.over-yonder.net/~fullermd/projects/libcidr/libcidr-1.2.3.tar.xz
   
5)  wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz
    
6) wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz
    
7) wget https://openresty.org/download/openresty-1.15.8.2.tar.gz
    
8) tar -xvf libcidr-1.2.3.tar.xz
  
9)  tar -zxvf pcre-8.43.tar.gz
    
10) tar -zxvf openssl-1.1.1d.tar.gz
    
11) tar -zxvf openresty-1.15.8.2.tar.gz
    
12) rm -rf pcre-8.43.tar.gz \
        
13)    openssl-1.1.1d.tar.gz \
       
14)     openresty-1.15.8.2.tar.gz
    
15) cd /opt/libcidr-1.2.3
   
16)  make && make install

BY ANONYMOUS BLACK SEC....

 

Blogger news

Blogroll

About