Release day 🍻🎉
We'll, actually it's uploading day but really feels like we are releasing. ⠀⠀⠀⠀⠀⠀⠀⠀⠀
I have just uploaded both Android and iOS to the stores. Hope the reviewing process doesn't take too long. ⠀⠀⠀⠀⠀⠀⠀⠀⠀
Free version feature is not developed yet but I will let you know in case you want to try it 🙂
echo "hello Ig friends !!" 👋☺️
I'm back, I had to stop using IG for two reasons:
01. Deadlines 🗓️
10. Vacations after deadlines🌴🌞
I had to focus on 01 so I had to starve my distractions and I had to enjoy 10 without using the mobile because I wanted to genuinely enjoy every moment I was having 🕶️💙
Now, I'm back to the office and this semester I won't be teaching at university so I'm gonna have more time⌚ to work on side projects and other ideas I have (also to interact with you 😜). I took this picture doing probably the last commit of a project I have been working at office for 6 monthts. Now, we are doing the spring plans for the next one. I'm gonna use Sails! :3
Code this, not that - Full React crash course
So today I have learnt about props and states in React
What are props?
Most components can be customized when they are created, with different parameters. These creation parameters are called props . For example, one basic React Native component is the Image . When you create an image, you can use a prop named source to control what image it shows.
What are States?
The heart of every React component is its “state”, an object that determines how that component renders & behaves. In other words, “state” is what allows you to create components that are dynamic and interactive.
• • • • •
How can an attacker take control of your device remotely?
Let me tell about how I hacked my Android device and got remote access to the webcam, sms messages, call logs, file system. Scary, huh?
A firewall usually blocks incoming connections on open ports, but does not block outgoing traffic.
A reverse shell (vs bind shell) is a type of shell in which the victim machine acts as a client and initiates a connection to the attacker machine. The attacking machine acts as a server and has a listener port on which it receives the connection.
Instead of the attacker initiating connection to the device, which gets blocked by firewall, a backdoor running on the victim's device can easily initiate an outbound connection to a remote host on the Internet.
Step 1: Create the payload.
MSFvenom is a combination of Msfpayload and Msfencode. It creates your payload and encodes the code to avoid bad characters and evade IDS.
Step 2: Install on victim's machine.
Once the payload is generated, some social engineering is required to get the victim to run the application on their device.
Step 3: Meterpreter.
Once the payload is running on the victim's machine, it's time to set up the Meterpreter session.
Meterpreter is a command line post exploitation tool by Metasploit.
Meterpreter does not create a new process which helps avoid AV. It uses in memory DLL injection. This means source code is run within an already running process. It uses encrypted communication between attacker and victim.
Getting the victim to install an untrusted android APK is tricky. They need to explicitly allow it.
A solution is to inject the meterpreter into an existing APK to make it easier to convince the victim to install the APK and harder for AV to detect the payload.
What can you teach me about steganography?
⚙️ Web Assembly ⚙️⠀
WebAssembly (abbreviated Wasm) is a new technology that will impact how we create web applications. In a nutshell, you'll be able to run native code in the browser, think about running your C, C++, Go, Ruby, Rust, on the web 🤯⠀
I'll not get into all the nitty-gritty. However, the most important aspect to mention is you don't write WebAssembly, you compile other higher level languages to it, and the compiled code can be run in modern browsers. The benefits are:⠀
➡️ Speed (near native perf)⠀
Did you know that AutoCAD design software, which has around 35 years, and is written in C++, was ported to the web with WebAssembly?⠀
Over the last ten months, security researchers filed abuse reports with web hosting providers and have taken down nearly 100,000 URLs that were used to distribute malware,
Of the 380,000 malware samples that security researchers found hosted on newly created or hacked websites, the most common malware family was Emotet (also known as Heodo), a multi-faceted malware strain that can work as a downloader for other malware, a backdoor, a banking trojan, a credentials stealer, or a spam bot, among many other things.