0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [#3193] No subject

This commit is contained in:
CPol 2022-05-08 22:42:39 +00:00 committed by gitbook-bot
parent 9301e94752
commit ae9261cbcf
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
14 changed files with 79 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.gitbook/assets/1_6qc-agcjyzwmf8rgnvr_eg.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 34 KiB

BIN
.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.4 KiB

BIN
.gitbook/assets/ine_logo-1-.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 75 KiB

BIN
.gitbook/assets/ine_logo-2-.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 43 KiB

BIN
.gitbook/assets/ine_logo.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 36 KiB

11
generic-methodologies-and-resources/pentesting-methodology.md
View File

@ -23,7 +23,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">\
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!\\
{% embed url="https://go.intigriti.com/hacktricks" %}
@ -78,7 +78,7 @@ There are also several tools that can perform **automatic vulnerabilities assess
In some scenarios a **Brute-Force** could be useful to **compromise** a **service**. [**Find here a CheatSheet of different services brute forcing**](brute-force.md)**.**
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">\
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!\\
{% embed url="https://go.intigriti.com/hacktricks" %}
@ -164,6 +164,13 @@ Check also the page about [**NTLM**](../windows-hardening/ntlm/), it could be ve
* [**CBC-MAC**](../cryptography/cipher-block-chaining-cbc-mac-priv.md)
* [**Padding Oracle**](../cryptography/padding-oracle-priv.md)
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

9
generic-methodologies-and-resources/pentesting-network/README.md
View File

@ -17,7 +17,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">****\
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">****\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
@ -791,6 +791,13 @@ Bettercap broadcast SSDP packets searching for all kind of services (UDP Port 19
Bettercap broadcast WSD packets searching for services (UDP Port 3702).
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

12
network-services-pentesting/pentesting-snmp/README.md
View File

@ -18,11 +18,12 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1).png" alt="" data-size="original">
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
## SNMP - Explained
@ -243,6 +244,13 @@ Entry_5:
Command: hydra -P {Big_Passwordlist} -v {IP} snmp
```
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

7
network-services-pentesting/pentesting-web/README.md
View File

@ -410,6 +410,13 @@ Entry_11:
Command: hydra -l admin -P {Big_Passwordlist} {IP} -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'
```
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

7
pentesting-web/file-upload/README.md
View File

@ -312,6 +312,13 @@ This helps to upload a file that complins with the format of several different f
More information in: [https://medium.com/swlh/polyglot-files-a-hackers-best-friend-850bf812dd8a](https://medium.com/swlh/polyglot-files-a-hackers-best-friend-850bf812dd8a)
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

7
pentesting-web/hacking-jwt-json-web-tokens.md
View File

@ -261,6 +261,13 @@ However, imagine a situation where the maximun length of the ID is 4 (0001-9999)
{% embed url="https://github.com/ticarpi/jwt_tool" %}
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

14
pentesting-web/ldap-injection.md
View File

@ -18,11 +18,12 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
## LDAP Injection
@ -235,7 +236,14 @@ intitle:"phpLDAPadmin" inurl:cmd.php
### More Payloads
[https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection)
{% embed url="https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LDAP%20Injection" %}
{% hint style="danger" %}
<img src="../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>

14
pentesting-web/sql-injection/postgresql-injection/README.md
View File

@ -16,11 +16,14 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
<img src="../../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">
{% hint style="danger" %}
<img src="../../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
****
**This page aims to explain different tricks that could help you to exploit a SQLinjection found in a postgresql database and to compliment the tricks you can find on** [**https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md**](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md)
@ -169,6 +172,13 @@ SELECT $$hacktricks$$;
SELECT $TAG$hacktricks$TAG$;
```
{% hint style="danger" %}
<img src="../../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>

9
pentesting-web/xss-cross-site-scripting/README.md
View File

@ -19,7 +19,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
</details>
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12).png" alt="" data-size="original">
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
@ -1107,6 +1107,13 @@ Find m**ore SVG payloads in** [**https://github.com/allanlw/svg-cheatsheet**](ht
Find some [**tools for XSS here**](xss-tools.md)**.**
{% hint style="danger" %}
<img src="../../.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (12) (1).png" alt="" data-size="original">\
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
{% endhint %}
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>