0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [master] 3 pages modified

This commit is contained in:
CPol 2020-11-03 11:04:12 +00:00 committed by gitbook-bot
parent 16cf9356a8
commit 267406828e
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
3 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
brute-force.md
View File

@ -37,6 +37,14 @@ crunch 6 8 -t ,@@^^%%
cewl example.com -m 5 -w words.txt
```
### [CUPP](https://github.com/Mebus/cupp)
Generate passwords based on your knowledge of the victim \(names, dates...\)
```text
python3 cupp.py -h
```
### [pydictor](https://github.com/LandGrey/pydictor)
### Wordlists

2
mobile-apps-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-2.md
View File

@ -212,7 +212,5 @@ Java.perform(function () {
});
```
There is a part 5 that I am not going to explain because there isn't anything new. But if you want to read it is here: [https://11x256.github.io/Frida-hooking-android-part-5/](https://11x256.github.io/Frida-hooking-android-part-5/)

7
pentesting/pentesting-postgresql.md
View File

@ -2,9 +2,9 @@
## **Basic Information**
**PostgreSQL** is an ****open source object-relational database system that uses and extends the SQL language.
**PostgreSQL** is an _\*\*_open source object-relational database system that uses and extends the SQL language.
**Default port:** 5432, and if this port is already in use it seems that postgresql will use the next port \(5433 probably\) which is not in use.
**Default port:** 5432, and if this port is already in use it seems that postgresql will use the next port \(5433 probably\) which is not in use.
```text
PORT STATE SERVICE
@ -86,8 +86,7 @@ Client authentication is controlled by a config file frequently named _**pg\_hba
![](https://lh4.googleusercontent.com/Ff8YbD3ppYmN2Omp-4M-0AAVhLsr4c2i7d7HUjgkE-O6NZ5zbaST1hdMPrp1AL_xTXJalYe0HYxUk76vWJUfHZ5GuCDvIL1A-sMV44Z0CYSVgLM9ttFTDu-BhzewBGc7FeMarTLqsu_N1ztXJg)
**Each** record **specifies** a **connection type**, a **client IP address range** \(if relevant for the connection type\), a **database name**, a **user name**, and the **authentication method** to be used for connections matching these parameters. The **first record with a match**ing connection type, client address, requested database, and user name **is used** to perform authentication. There is no "fall-through" or "backup": **if one record is chosen and the authentication fails, subsequent records are not considered**. If no record matches, access is denied.
The **password-based** authentication methods are **md5**, **crypt**, and **password**. These methods operate similarly except for the way that the password is sent across the connection: respectively, MD5-hashed, crypt-encrypted, and clear-text. A limitation is that the crypt method does not work with passwords that have been encrypted in pg\_authid.
The **password-based** authentication methods are **md5**, **crypt**, and **password**. These methods operate similarly except for the way that the password is sent across the connection: respectively, MD5-hashed, crypt-encrypted, and clear-text. A limitation is that the crypt method does not work with passwords that have been encrypted in pg\_authid.
## **POST**