Wednesday, May 31, 2023

您已收到来自 MeiG Smart Technology Co., Ltd 的消息



Alina Mao 

Sales Manager /Principal
MeiG Smart Technology Co., Ltd

4th road of Zhangba Road, high-tech district, Xi'an,China.

View Profile

Unsubscribe     |   Help 
您收到一封邀请电子邮件,因为他的电子邮件原本是发给 的。找出为什么包括这个。
©  2023 LinkedIn Ireland Unlimited Company, Wilton Place, Dublin, Wilton Plaza, LinkedIn2。 LinkedIn 是 LinkedIn Ireland Unlimited Company 的注册企业名称。 LinkedIn 和 LinkedIn dIn 徽标是 LinkedIn 的注册商标.  .


Potao Express Samples


2011- July 2015
  • Aka  Sapotao and node69
  • Group - Sandworm / Quedagh APT
  • Vectors - USB, exe as doc, xls
  • Victims - RU, BY, AM, GE 
  • Victims - MMM group, UA gov
  • has been serving modified versions of the encryption software (Win32/FakeTC) that included a backdoor to selected targets. 
  • Win32/FakeTC - data theft from encrypted drives
  • The Potao main DLL only takes care of its core functionality; the actual spying functions are implemented in the form of downloadable modules. The plugins are downloaded each time the malware starts, since they aren't stored on the hard drive.
  • 1st Full Plugin and its export function is called Plug. Full plugins run continuously until the infected system is restarted
  • 2nd Light Plugin with an export function Scan. Light plugins terminate immediately after returning a buffer with the information they harvested off the victim's machine.
  • Some of the plugins were signed with a certificate issued to "Grandtorg":
  • Traffic 
  • Strong encryption. The data sent is encapsulated using the XML-RPC protocol.
  • MethodName value 10a7d030-1a61-11e3-beea-001c42e2a08b is always present in Potao traffic.
  • After receiving the request the C&C server generates an RSA-2048 public key and signs this generated key with another, static RSA-2048 private key .
  • In 2nd stage the malware generates a symmetric AES-256 key. This AES session key is encrypted with the newly received RSA-2048 public key and sent to the C&C server.
  • The actual data exchange after the key exchange is then encrypted using symmetric cryptography, which is faster, with the AES-256 key
  • The Potao malware sends an encrypted request to the server with computer ID, campaign ID, OS version, version of malware, computer name, current privileges, OS architecture (64 or 32bits) and also the name of the current process.
  • Potao USB - uses social engineering, exe in the root disguised as drive icon
  • Potao Anti RE -  uses the MurmurHash2 algorithm for computing the hashes of the API function names.
  • Potao Anti RE - encryption of strings
  • Russian TrueCrypt Win32/FakeTC - The malicious program code within the otherwise functional TrueCrypt software runs in its own thread. This thread, created at the end of the Mount function, enumerates files on the mounted encrypted drive, and if certain conditions are met, it connects to the C&C server, ready to execute commands from the attackers.
  • IOC


Read more
  1. Hack Tools Pc
  2. Pentest Tools For Ubuntu
  3. New Hacker Tools
  4. Hacking Tools Hardware
  5. Hacking Tools
  6. Hacking Tools Hardware
  7. How To Install Pentest Tools In Ubuntu
  8. Hacking Tools
  9. Kik Hack Tools
  10. Usb Pentest Tools
  11. Hack Tools For Mac
  12. Hacker Tools Apk
  13. Hack Tools For Games
  14. Nsa Hack Tools Download
  15. Hacker Tools Mac
  16. Bluetooth Hacking Tools Kali
  17. Hacker Tools 2019
  18. Pentest Tools Github
  19. Hacking Tools Usb
  20. Pentest Tools Framework
  21. Hack Tools Pc
  22. Hacker Tools Free Download
  23. Hacking Apps
  24. Hacking Tools 2019
  25. Underground Hacker Sites
  26. Hack Tools Online
  27. Hacking Tools Usb
  28. Pentest Tools Download
  29. Hacker
  30. How To Make Hacking Tools
  31. How To Hack
  32. Pentest Tools Find Subdomains
  33. Physical Pentest Tools
  34. Hack Tools For Mac
  35. Github Hacking Tools
  36. Black Hat Hacker Tools
  37. Pentest Tools Tcp Port Scanner
  38. Best Pentesting Tools 2018
  39. Hack Tools For Games
  40. Hacker Tools For Mac
  41. Hack Rom Tools
  42. Hack Tool Apk No Root
  43. What Is Hacking Tools
  44. Hack Tool Apk
  45. Hacking Tools Software
  46. Hacking Tools
  47. Hacking Tools Software
  48. Pentest Automation Tools
  49. Pentest Tools Subdomain
  50. Hacker Tools For Ios
  51. Pentest Tools Find Subdomains
  52. Free Pentest Tools For Windows
  53. Hacking Tools Usb
  54. Hacking Tools For Beginners
  55. Nsa Hacker Tools
  56. Pentest Tools For Mac
  57. Pentest Tools Kali Linux
  58. Hacker Tools For Windows
  59. Hacking Tools Usb
  60. New Hack Tools
  61. Pentest Tools Url Fuzzer
  62. Hacker Tools
  63. Hack Tools For Games
  64. Underground Hacker Sites
  65. Physical Pentest Tools
  66. Hacking Tools Windows 10
  67. Hack Tools Mac
  68. Pentest Box Tools Download
  69. Free Pentest Tools For Windows
  70. Easy Hack Tools
  71. Hacking Tools Windows
  72. Pentest Tools Review
  73. Pentest Tools Url Fuzzer
  74. Tools 4 Hack
  75. Hacking Tools 2020
  76. New Hacker Tools
  77. Hacker Tools Apk
  78. Hack Tools Github
  79. Hack Apps
  80. Hacking Tools Pc
  81. Hacker Tools Software
  82. Pentest Tools Url Fuzzer
  83. Hacker Tools For Mac
  84. Nsa Hack Tools
  85. Hacking Tools Software
  86. Hacking Tools Download
  87. Hacking Tools Download
  88. Hackers Toolbox
  89. Hacking Tools For Windows Free Download
  90. Hacking Tools For Beginners
  91. Hacking Tools Usb
  92. Pentest Tools For Android
  93. Hack Rom Tools
  94. Pentest Tools Apk
  95. Hacking Tools
  96. Hacker Security Tools
  97. Growth Hacker Tools
  98. Hacker Tools
  99. Hack Tools Github
  100. Hacker Tools Hardware
  101. Nsa Hack Tools Download

$$$ Bug Bounty $$$

What is Bug Bounty ?

A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for discovering and reporting software bugs. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy.

Many software vendors and websites run bug bounty programs, paying out cash rewards to software security researchers and white hat hackers who report software vulnerabilities that have the potential to be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Typically, payment amounts are commensurate with the size of the organization, the difficulty in hacking the system and how much impact on users a bug might have.

Mozilla paid out a $3,000 flat rate bounty for bugs that fit its criteria, while Facebook has given out as much as $20,000 for a single bug report. Google paid Chrome operating system bug reporters a combined $700,000 in 2012 and Microsoft paid UK researcher James Forshaw $100,000 for an attack vulnerability in Windows 8.1.  In 2016, Apple announced rewards that max out at $200,000 for a flaw in the iOS secure boot firmware components and up to $50,000 for execution of arbitrary code with kernel privileges or unauthorized iCloud access.

While the use of ethical hackers to find bugs can be very effective, such programs can also be controversial. To limit potential risk, some organizations are offering closed bug bounty programs that require an invitation. Apple, for example, has limited bug bounty participation to few dozen researchers.

More info

  1. Hacker Tool Kit
  2. Hacker Tools 2020
  3. Hacking Tools For Windows Free Download
  4. Best Hacking Tools 2019
  5. Hacker Tools Mac
  6. Hack Apps
  7. Tools For Hacker
  8. Hack And Tools
  9. Hacker Tools Mac
  10. Hacking Tools Name
  11. Hacking Tools 2020
  12. Hacker Tools
  13. Hacker Tools For Ios
  14. Hack Tools
  15. Android Hack Tools Github
  16. Hacker Security Tools
  17. Hacking Tools For Mac
  18. Nsa Hacker Tools
  19. Pentest Tools Url Fuzzer
  20. Hacker Tools 2020
  21. Hacking Tools For Windows
  22. Hacker Tools Github
  23. Tools 4 Hack
  24. Hack Tools
  25. Hacking Apps
  26. Hacker Tools Free Download
  27. Android Hack Tools Github
  28. Hack Tools For Ubuntu
  29. Hack Tools Online
  30. Pentest Automation Tools
  31. Wifi Hacker Tools For Windows
  32. Blackhat Hacker Tools
  33. Hacker Tools Software
  34. Beginner Hacker Tools
  35. Hackers Toolbox
  36. Hacking Tools Download
  37. Hacker Tools Github
  38. Hack Tool Apk No Root
  39. Hacker Tools Github
  40. Growth Hacker Tools
  41. Hacking Tools For Windows 7
  42. Best Hacking Tools 2020
  43. Best Pentesting Tools 2018
  44. Pentest Tools Bluekeep
  45. Underground Hacker Sites
  46. Hackers Toolbox
  47. Hacking Tools For Beginners
  48. Install Pentest Tools Ubuntu
  49. Hacking Tools For Windows Free Download
  50. Hacking Tools Name
  51. Pentest Tools Url Fuzzer
  52. Hack Tools For Games
  53. Pentest Tools Linux
  54. Hack Tools Github
  55. Hack Tools 2019
  56. Pentest Reporting Tools
  57. Tools 4 Hack
  58. Hackrf Tools
  59. Hacking Apps
  60. Hack Tools For Games
  61. Hacks And Tools
  62. Install Pentest Tools Ubuntu
  63. Computer Hacker
  64. Install Pentest Tools Ubuntu
  65. Bluetooth Hacking Tools Kali
  66. Usb Pentest Tools
  67. Pentest Automation Tools
  68. Hacker Tools 2019
  69. Hack Tools
  70. Hacker Tools For Ios
  71. Pentest Tools Tcp Port Scanner
  72. Hacking Apps
  73. Pentest Tools Apk
  74. Hack Tools Github
  75. Hacker Tools Free Download
  76. Pentest Tools Alternative
  77. Hacker Tools Online
  78. New Hacker Tools
  79. Github Hacking Tools
  80. Hacking Tools For Kali Linux
  81. Hack Tools For Games
  82. Hack Tools
  83. Hacker
  84. Hacker Tools Windows
  85. Hack Tools For Pc
  86. Hacking Tools For Pc
  87. Nsa Hacker Tools
  88. Hacking Tools Kit
  89. New Hack Tools
  90. Nsa Hacker Tools
  91. Hacker Tools

Top System Related Commands In Linux With Descriptive Definitions

Commands are just like an instructions given to a system to do something and display an output for that instruction. So if you don't know how to gave an order to a system to do a task then how it can do while you don't know how to deal with. So commands are really important for Linux users. If you don't have any idea about commands of Linux and definitely you also don't know about the Linux terminal. You cannot explore Linux deeply. Because terminal is the brain of the Linux and you can do everything by using Linux terminal in any Linux distribution. So, if you wanna work over the Linux distro then you should know about the commands as well.
In this blog you will get a content about commands of Linux which are collectively related to the system. That means if you wanna know any kind of information about the system like operating system, kernel release information, reboot history, system host name, ip address of the host, current date and time and many more.


If you know about the command but you don't have any idea to use it. In this way you just type the command, then space and then type -h or --help or ? to get all the usage information about that particular command like "uname" this command is used for displaying the Linux system information. You don't know how to use it. Just type the command with help parameter like: uname -h or uname --help etc.


The "uname" is a Linux terminal command responsible of displaying the information about Linux system. This command has different parameter to display a particular part of information like kernel release (uname -r) or all the information displayed by typing only one command (uname -a).


This command is used to show how long the system has been running and how much load on it at current state of the CPU. This command is very useful when you system slows down or hang etc and you can easily get the info about the load on the CPU with the help of this command.


The "hostname" is the the command in Linux having different parameters to display the information bout the current host which is running the kernel at that time. If you wanna know about the parameters of hostname command then you just type hostname --help or hostname -h to get all the info about the command and the usage of the command.

last reboot

The "last reboot" is the command in Linux operating system used to display the reboot history. You just have to type this command over the Linux terminal it will display the reboot history of that Linux system.


The "date" is the command used in Linux operating system to show the date of the day along with the current time of the day.


The "cal" command in Linux used to display the calendar which has the current date highlighted with a square box along with a current month dates and days just like a real calendar.


The "w" is the command used in Linux distro for the sake of getting the information about current user. If you type this command it will display who is online at the time.


The "whoami" is the command in Linux operating system used to show the information that who you are logged in as. For example if you are logged in as a root then it'll display "root" etc.

finger user

The "finger user" is the command used in Linux distribution to display the information about user which is online currently over that Linux system.

More articles