From 432905643112ea3a73f52ea091dd795e3125aa1f Mon Sep 17 00:00:00 2001 From: CPol Date: Sun, 1 May 2022 16:40:57 +0000 Subject: [PATCH] GitBook: [#3166] No subject --- network-services-pentesting/pentesting-snmp/README.md | 6 +++--- pentesting-web/hacking-jwt-json-web-tokens.md | 8 +++----- pentesting-web/ldap-injection.md | 6 +++--- .../sql-injection/postgresql-injection/README.md | 10 ++++------ pentesting-web/xss-cross-site-scripting/README.md | 6 +++--- 5 files changed, 16 insertions(+), 20 deletions(-) diff --git a/network-services-pentesting/pentesting-snmp/README.md b/network-services-pentesting/pentesting-snmp/README.md index 212d57b7..b0882243 100644 --- a/network-services-pentesting/pentesting-snmp/README.md +++ b/network-services-pentesting/pentesting-snmp/README.md @@ -1,7 +1,5 @@ # 161,162,10161,10162/udp - Pentesting SNMP -## 161,162,10161,10162/udp - Pentesting SNMP -
Support HackTricks and get benefits! @@ -18,11 +16,13 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\*\*\*\* +{% hint style="danger" %} + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} +{% endhint %} ## 161,162,10161,10162/udp - Pentesting SNMP diff --git a/pentesting-web/hacking-jwt-json-web-tokens.md b/pentesting-web/hacking-jwt-json-web-tokens.md index 0406ac81..1a21fa68 100644 --- a/pentesting-web/hacking-jwt-json-web-tokens.md +++ b/pentesting-web/hacking-jwt-json-web-tokens.md @@ -1,7 +1,5 @@ # JWT Vulnerabilities (Json Web Tokens) -## JWT Vulnerabilities (Json Web Tokens) -
Support HackTricks and get benefits! @@ -18,13 +16,13 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\*\*\*\* +{% hint style="danger" %} + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} - -## JWT Vulnerabilities (Json Web Tokens) +{% endhint %} **Part of this post was taken from:** [**https://github.com/ticarpi/jwt\_tool/wiki/Attack-Methodology**](https://github.com/ticarpi/jwt\_tool/wiki/Attack-Methodology)\ **Author of the great tool to pentest JWTs** [**https://github.com/ticarpi/jwt\_tool**](https://github.com/ticarpi/jwt\_tool) diff --git a/pentesting-web/ldap-injection.md b/pentesting-web/ldap-injection.md index ad670a42..c60d0148 100644 --- a/pentesting-web/ldap-injection.md +++ b/pentesting-web/ldap-injection.md @@ -1,7 +1,5 @@ # LDAP Injection -## LDAP Injection -
Support HackTricks and get benefits! @@ -18,11 +16,13 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\*\*\*\* +{% hint style="danger" %} + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} +{% endhint %} ## LDAP Injection diff --git a/pentesting-web/sql-injection/postgresql-injection/README.md b/pentesting-web/sql-injection/postgresql-injection/README.md index b9d22e37..5801111a 100644 --- a/pentesting-web/sql-injection/postgresql-injection/README.md +++ b/pentesting-web/sql-injection/postgresql-injection/README.md @@ -1,7 +1,5 @@ # PostgreSQL injection -## PostgreSQL injection -
Support HackTricks and get benefits! @@ -18,17 +16,17 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\*\*\*\* +{% hint style="danger" %} + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} - -## PostgreSQL injection +{% endhint %} **This page aims to explain different tricks that could help you to exploit a SQLinjection found in a postgresql database and to compliment the tricks you can find on** [**https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md**](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md) -### Network Interaction - Privilege Escalation, Port Scanner, NTLM challenge response disclosure & Exfiltration +## Network Interaction - Privilege Escalation, Port Scanner, NTLM challenge response disclosure & Exfiltration **`dblink`** is a **PostgreSQL module** that offers several interesting options from the attacker point of view. It can be used to **connect to other PostgreSQL instances** of perform **TCP connections**.\ **These functionalities** along with the **`COPY FROM`** functionality can be used to **escalate privileges**, perform **port scanning** or grab **NTLM challenge responses**.\ diff --git a/pentesting-web/xss-cross-site-scripting/README.md b/pentesting-web/xss-cross-site-scripting/README.md index 00814806..f94237be 100644 --- a/pentesting-web/xss-cross-site-scripting/README.md +++ b/pentesting-web/xss-cross-site-scripting/README.md @@ -1,7 +1,5 @@ # XSS (Cross Site Scripting) -## XSS (Cross Site Scripting) -
Support HackTricks and get benefits! @@ -18,11 +16,13 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\*\*\*\* +{% hint style="danger" %} + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} +{% endhint %} ## XSS (Cross Site Scripting)