hacktricks/todo/other-web-tricks.md

# Mbinu Nyingine za Wavuti

{% hint style="success" %}
Jifunze na zoea AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**Mafunzo ya HackTricks AWS Timu Nyekundu Mtaalam (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze na zoea GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**Mafunzo ya HackTricks GCP Timu Nyekundu Mtaalam (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>
{% endhint %}

### Kichwa cha Mwenyeji

Maranyingi seva ya nyuma huiamini **Kichwa cha Mwenyeji** kufanya baadhi ya vitendo. Kwa mfano, inaweza kutumia thamani yake kama **kikoa cha kutuma upya nywila**. Kwa hivyo unapopokea barua pepe na kiungo cha kusahihisha nywila yako, kikoa kinachotumiwa ni kile ulichoweka kwenye Kichwa cha Mwenyeji. Kisha, unaweza kuomba kusahihisha nywila ya watumiaji wengine na kubadilisha kikoa kuwa kimoja kinachodhibitiwa na wewe ili kuiba nambari zao za kusahihisha nywila. [Andika](https://medium.com/nassec-cybersecurity-writeups/how-i-was-able-to-take-over-any-users-account-with-host-header-injection-546fff6d0f2).

{% hint style="warning" %}
Tambua kwamba inawezekana hata usihitaji kusubiri mtumiaji bonyeza kiungo cha kusahihisha nywila ili kupata ishara, labda hata **filters za barua taka au vifaa/bots vya kati vitabonyeza** kuchambua.
{% endhint %}

### Vigezo vya Kikao

Wakati mwingine unapokamilisha uthibitisho fulani kwa usahihi, seva ya nyuma ita**ongeza tu boolean yenye thamani "Kweli" kwa sifa ya usalama ya kikao chako**. Kisha, mwisho tofauti utajua ikiwa umepita mtihani huo kwa mafanikio.\
Hata hivyo, ikiwa **unapita mtihani** na kikao chako kinapewa thamani ya "Kweli" kwenye sifa ya usalama, unaweza kujaribu **kupata rasilimali nyingine** ambazo **zinategemea sifa ile ile** lakini **haupaswi kuwa na ruhusa** ya kufikia. [Andika](https://medium.com/@ozguralp/a-less-known-attack-vector-second-order-idor-attacks-14468009781a).

### Utendaji wa Usajili

Jaribu kusajili kama mtumiaji anayepo tayari. Jaribu pia kutumia herufi sawa (madoa, nafasi nyingi na Unicode).

### Kuchukua Barua pepe

Sajili barua pepe, kabla ya kuthibitisha, badilisha barua pepe, kisha, ikiwa barua pepe mpya ya uthibitisho inatumwa kwa barua pepe ya kwanza iliyosajiliwa, unaweza kuchukua barua pepe yoyote. Au ikiwa unaweza kuwezesha barua pepe ya pili kuthibitisha ile ya kwanza, unaweza pia kuchukua akaunti yoyote.

### Kufikia Dawati la Huduma za Ndani za Kampuni zinazotumia atlassian

{% embed url="https://yourcompanyname.atlassian.net/servicedesk/customer/user/login" %}

### Mbinu ya TRACE

Wabunifu wanaweza kusahau kulemaza chaguo mbalimbali za kurekebisha katika mazingira ya uzalishaji. Kwa mfano, njia ya HTTP ya `TRACE` imeundwa kwa madhumuni ya uchunguzi. Ikiwezeshwa, seva ya wavuti itajibu maombi yanayotumia njia ya `TRACE` kwa kutoa majibu yanayoiga ombi halisi lililopokelewa. Tabia hii mara nyingi ni salama, lakini mara chache husababisha kufichua habari, kama jina la vichwa vya kuthibitisha vya ndani ambavyo vinaweza kuongezwa kwa maombi na wakala wa kurudisha.![Picha kwa chapisho](https://miro.medium.com/max/60/1\*wDFRADTOd9Tj63xucenvAA.png?q=20)

![Picha kwa chapisho](https://miro.medium.com/max/1330/1\*wDFRADTOd9Tj63xucenvAA.png)


{% hint style="success" %}
Jifunze na zoea AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**Mafunzo ya HackTricks AWS Timu Nyekundu Mtaalam (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze na zoea GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**Mafunzo ya HackTricks GCP Timu Nyekundu Mtaalam (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Angalia [**mpango wa usajili**](https://github.com/sponsors/carlospolop)!
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>
{% endhint %}
GitBook: No commit message 2024-04-06 19:39:38 +00:00			`# Mbinu Nyingine za Wavuti`

Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`{% hint style="success" %}`
			`Jifunze na zoea AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[Mafunzo ya HackTricks AWS Timu Nyekundu Mtaalam (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Jifunze na zoea GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[Mafunzo ya HackTricks GCP Timu Nyekundu Mtaalam (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`<details>`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`<summary>Support HackTricks</summary>`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`* Angalia [mpango wa usajili](https://github.com/sponsors/carlospolop)!`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
			`</details>`
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`{% endhint %}`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
			`### Kichwa cha Mwenyeji`

Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			Maranyingi seva ya nyuma huiamini Kichwa cha Mwenyeji kufanya baadhi ya vitendo. Kwa mfano, inaweza kutumia thamani yake kama kikoa cha kutuma upya nywila. Kwa hivyo unapopokea barua pepe na kiungo cha kusahihisha nywila yako, kikoa kinachotumiwa ni kile ulichoweka kwenye Kichwa cha Mwenyeji. Kisha, unaweza kuomba kusahihisha nywila ya watumiaji wengine na kubadilisha kikoa kuwa kimoja kinachodhibitiwa na wewe ili kuiba nambari zao za kusahihisha nywila. [Andika](https://medium.com/nassec-cybersecurity-writeups/how-i-was-able-to-take-over-any-users-account-with-host-header-injection-546fff6d0f2).
GitBook: No commit message 2024-04-06 19:39:38 +00:00
			`{% hint style="warning" %}`
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`Tambua kwamba inawezekana hata usihitaji kusubiri mtumiaji bonyeza kiungo cha kusahihisha nywila ili kupata ishara, labda hata filters za barua taka au vifaa/bots vya kati vitabonyeza kuchambua.`
GitBook: No commit message 2024-04-06 19:39:38 +00:00			`{% endhint %}`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`### Vigezo vya Kikao`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`Wakati mwingine unapokamilisha uthibitisho fulani kwa usahihi, seva ya nyuma itaongeza tu boolean yenye thamani "Kweli" kwa sifa ya usalama ya kikao chako. Kisha, mwisho tofauti utajua ikiwa umepita mtihani huo kwa mafanikio.\`
			`Hata hivyo, ikiwa unapita mtihani na kikao chako kinapewa thamani ya "Kweli" kwenye sifa ya usalama, unaweza kujaribu kupata rasilimali nyingine ambazo zinategemea sifa ile ile lakini haupaswi kuwa na ruhusa ya kufikia. [Andika](https://medium.com/@ozguralp/a-less-known-attack-vector-second-order-idor-attacks-14468009781a).`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`### Utendaji wa Usajili`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`Jaribu kusajili kama mtumiaji anayepo tayari. Jaribu pia kutumia herufi sawa (madoa, nafasi nyingi na Unicode).`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`### Kuchukua Barua pepe`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`Sajili barua pepe, kabla ya kuthibitisha, badilisha barua pepe, kisha, ikiwa barua pepe mpya ya uthibitisho inatumwa kwa barua pepe ya kwanza iliyosajiliwa, unaweza kuchukua barua pepe yoyote. Au ikiwa unaweza kuwezesha barua pepe ya pili kuthibitisha ile ya kwanza, unaweza pia kuchukua akaunti yoyote.`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			`### Kufikia Dawati la Huduma za Ndani za Kampuni zinazotumia atlassian`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
			`{% embed url="https://yourcompanyname.atlassian.net/servicedesk/customer/user/login" %}`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`### Mbinu ya TRACE`
GitBook: No commit message 2024-04-06 19:39:38 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00			Wabunifu wanaweza kusahau kulemaza chaguo mbalimbali za kurekebisha katika mazingira ya uzalishaji. Kwa mfano, njia ya HTTP ya `TRACE` imeundwa kwa madhumuni ya uchunguzi. Ikiwezeshwa, seva ya wavuti itajibu maombi yanayotumia njia ya `TRACE` kwa kutoa majibu yanayoiga ombi halisi lililopokelewa. Tabia hii mara nyingi ni salama, lakini mara chache husababisha kufichua habari, kama jina la vichwa vya kuthibitisha vya ndani ambavyo vinaweza kuongezwa kwa maombi na wakala wa kurudisha.![Picha kwa chapisho](https://miro.medium.com/max/60/1\*wDFRADTOd9Tj63xucenvAA.png?q=20)
GitBook: No commit message 2024-04-06 19:39:38 +00:00
			`![Picha kwa chapisho](https://miro.medium.com/max/1330/1\*wDFRADTOd9Tj63xucenvAA.png)`
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:37:42 +00:00

			`{% hint style="success" %}`
			`Jifunze na zoea AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[Mafunzo ya HackTricks AWS Timu Nyekundu Mtaalam (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Jifunze na zoea GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[Mafunzo ya HackTricks GCP Timu Nyekundu Mtaalam (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`

			`<details>`

			`<summary>Support HackTricks</summary>`

			`* Angalia [mpango wa usajili](https://github.com/sponsors/carlospolop)!`
			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`

			`</details>`
			`{% endhint %}`