hacktricks/network-services-pentesting/27017-27018-mongodb.md

# 27017,27018 - Pentesting MongoDB

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure>

Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

**Hacking Insights**\
Engage with content that delves into the thrill and challenges of hacking

**Real-Time Hack News**\
Keep up-to-date with fast-paced hacking world through real-time news and insights

**Latest Announcements**\
Stay informed with the newest bug bounties launching and crucial platform updates

**Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!

## Informazioni di base

**MongoDB** è un **sistema di gestione di database** **open source** che utilizza un **modello di database orientato ai documenti** per gestire forme diverse di dati. Offre flessibilità e scalabilità per gestire dati non strutturati o semi-strutturati in applicazioni come analisi di big data e gestione dei contenuti. **Porta predefinita:** 27017, 27018
```
PORT      STATE SERVICE VERSION
27017/tcp open  mongodb MongoDB 2.6.9 2.6.9
```
## Enumerazione

### Manuale
```python
from pymongo import MongoClient
client = MongoClient(host, port, username=username, password=password)
client.server_info() #Basic info
#If you have admin access you can obtain more info
admin = client.admin
admin_info = admin.command("serverStatus")
cursor = client.list_databases()
for db in cursor:
print(db)
print(client[db["name"]].list_collection_names())
#If admin access, you could dump the database also
```
**Alcuni comandi MongoDB:**
```bash
show dbs
use <db>
show collections
db.<collection>.find()  #Dump the collection
db.<collection>.count() #Number of records of the collection
db.current.find({"username":"admin"})  #Find in current db the username admin
```
### Automatic
```bash
nmap -sV --script "mongo* and default" -p 27017 <IP> #By default all the nmap mongo enumerate scripts are used
```
### Shodan

* Tutti i mongodb: `"mongodb server information"`
* Cerca server mongodb completamente aperti: `"mongodb server information" -"partially enabled"`
* Solo autenticazione parzialmente abilitata: `"mongodb server information" "partially enabled"`

## Login

Per impostazione predefinita, mongo non richiede password.\
**Admin** è un database mongo comune.
```bash
mongo <HOST>
mongo <HOST>:<PORT>
mongo <HOST>:<PORT>/<DB>
mongo <database> -u <username> -p '<password>'
```
Lo script nmap: _**mongodb-brute**_ verificherà se sono necessarie credenziali.
```bash
nmap -n -sV --script mongodb-brute -p 27017 <ip>
```
### [**Brute force**](../generic-methodologies-and-resources/brute-force.md#mongo)

Controlla dentro _/opt/bitnami/mongodb/mongodb.conf_ per sapere se sono necessarie credenziali:
```bash
grep "noauth.*true" /opt/bitnami/mongodb/mongodb.conf | grep -v "^#" #Not needed
grep "auth.*true" /opt/bitnami/mongodb/mongodb.conf | grep -v "^#\|noauth" #Not needed
```
## Previsione dell'Objectid di Mongo

Esempio [da qui](https://techkranti.com/idor-through-mongodb-object-ids-prediction/).

Gli ID Object di Mongo sono stringhe **esadecimali di 12 byte**:

![http://techidiocy.com/\_id-objectid-in-mongodb/](../.gitbook/assets/id-and-ObjectIds-in-MongoDB.png)

Ad esempio, ecco come possiamo analizzare un ID Object reale restituito da un'applicazione: 5f2459ac9fa6dc2500314019

1. 5f2459ac: 1596217772 in decimale = Venerdì, 31 Luglio 2020 17:49:32
2. 9fa6dc: Identificatore della macchina
3. 2500: ID del processo
4. 314019: Un contatore incrementale

Dei suddetti elementi, l'identificatore della macchina rimarrà lo stesso finché il database sta eseguendo la stessa macchina fisica/virtuale. L'ID del processo cambierà solo se il processo MongoDB viene riavviato. Il timestamp verrà aggiornato ogni secondo. L'unica sfida nel prevedere gli ID Object semplicemente incrementando i valori del contatore e del timestamp, è il fatto che Mongo DB genera ID Object e assegna ID Object a livello di sistema.

Lo strumento [https://github.com/andresriancho/mongo-objectid-predict](https://github.com/andresriancho/mongo-objectid-predict), dato un ID Object di partenza (puoi creare un account e ottenere un ID di partenza), restituisce circa 1000 probabili ID Object che potrebbero essere stati assegnati ai prossimi oggetti, quindi devi solo forzarli.

## Post

Se sei root puoi **modificare** il file **mongodb.conf** in modo che non siano necessarie credenziali (_noauth = true_) e **accedere senza credenziali**.

***

<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure>

Unisciti al server [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) per comunicare con hacker esperti e cacciatori di bug bounty!

**Approfondimenti sul hacking**\
Interagisci con contenuti che approfondiscono l'emozione e le sfide dell'hacking

**Notizie di hacking in tempo reale**\
Rimani aggiornato con il mondo dell'hacking in rapida evoluzione attraverso notizie e approfondimenti in tempo reale

**Ultimi annunci**\
Rimani informato sulle nuove bug bounty in arrivo e sugli aggiornamenti cruciali della piattaforma

**Unisciti a noi su** [**Discord**](https://discord.com/invite/N3FrSbmwdy) e inizia a collaborare con i migliori hacker oggi!

{% hint style="success" %}
Impara e pratica l'Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Impara e pratica l'Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Supporta HackTricks</summary>

* Controlla i [**piani di abbonamento**](https://github.com/sponsors/carlospolop)!
* **Unisciti al** 💬 [**gruppo Discord**](https://discord.gg/hRep4RUj7f) o al [**gruppo telegram**](https://t.me/peass) o **seguici** su **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Condividi trucchi di hacking inviando PR ai** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos di github.

</details>
{% endhint %}
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`# 27017,27018 - Pentesting MongoDB`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<summary>Support HackTricks</summary>`
arte 2024-01-03 10:42:55 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure>`
hp 2023-02-27 09:28:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Join [HackenProof Discord](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!`
hp 2023-02-27 09:28:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Hacking Insights\`
			`Engage with content that delves into the thrill and challenges of hacking`
hp 2023-07-14 15:03:41 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Real-Time Hack News\`
			`Keep up-to-date with fast-paced hacking world through real-time news and insights`
hp 2023-07-14 15:03:41 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Latest Announcements\`
			`Stay informed with the newest bug bounties launching and crucial platform updates`
new link 2022-11-05 09:07:43 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Join us on [Discord](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`## Informazioni di base`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`MongoDB è un sistema di gestione di database open source che utilizza un modello di database orientato ai documenti per gestire forme diverse di dati. Offre flessibilità e scalabilità per gestire dati non strutturati o semi-strutturati in applicazioni come analisi di big data e gestione dei contenuti. Porta predefinita: 27017, 27018`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`PORT STATE SERVICE VERSION`
			`27017/tcp open mongodb MongoDB 2.6.9 2.6.9`
			```
Translated to Italian 2024-02-10 13:03:23 +00:00			`## Enumerazione`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Italian 2024-02-10 13:03:23 +00:00			`### Manuale`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```python
			`from pymongo import MongoClient`
			`client = MongoClient(host, port, username=username, password=password)`
			`client.server_info() #Basic info`
			`#If you have admin access you can obtain more info`
			`admin = client.admin`
			`admin_info = admin.command("serverStatus")`
			`cursor = client.list_databases()`
			`for db in cursor:`
Translated to Italian 2024-02-10 13:03:23 +00:00			`print(db)`
			`print(client[db["name"]].list_collection_names())`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`#If admin access, you could dump the database also`
			```
Translated to Italian 2024-02-10 13:03:23 +00:00			`Alcuni comandi MongoDB:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`show dbs`
			`use <db>`
			`show collections`
			`db.<collection>.find() #Dump the collection`
			`db.<collection>.count() #Number of records of the collection`
			`db.current.find({"username":"admin"}) #Find in current db the username admin`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`### Automatic`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`nmap -sV --script "mongo* and default" -p 27017 <IP> #By default all the nmap mongo enumerate scripts are used`
			```
GitBook: [#3160] No subject 2022-05-01 13:25:53 +00:00			`### Shodan`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			* Tutti i mongodb: `"mongodb server information"`
			* Cerca server mongodb completamente aperti: `"mongodb server information" -"partially enabled"`
			* Solo autenticazione parzialmente abilitata: `"mongodb server information" "partially enabled"`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`## Login`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Per impostazione predefinita, mongo non richiede password.\`
Translated to Italian 2024-02-10 13:03:23 +00:00			`Admin è un database mongo comune.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`mongo <HOST>`
			`mongo <HOST>:<PORT>`
			`mongo <HOST>:<PORT>/<DB>`
			`mongo <database> -u <username> -p '<password>'`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Lo script nmap: _mongodb-brute_ verificherà se sono necessarie credenziali.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`nmap -n -sV --script mongodb-brute -p 27017 <ip>`
			```
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`### [Brute force](../generic-methodologies-and-resources/brute-force.md#mongo)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Controlla dentro _/opt/bitnami/mongodb/mongodb.conf_ per sapere se sono necessarie credenziali:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`grep "noauth.*true" /opt/bitnami/mongodb/mongodb.conf \| grep -v "^#" #Not needed`
			`grep "auth.*true" /opt/bitnami/mongodb/mongodb.conf \| grep -v "^#\\|noauth" #Not needed`
			```
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`## Previsione dell'Objectid di Mongo`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Italian 2024-02-10 13:03:23 +00:00			`Esempio [da qui](https://techkranti.com/idor-through-mongodb-object-ids-prediction/).`
a 2024-02-08 21:36:15 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Gli ID Object di Mongo sono stringhe esadecimali di 12 byte:`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`![http://techidiocy.com/\_id-objectid-in-mongodb/](../.gitbook/assets/id-and-ObjectIds-in-MongoDB.png)`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Ad esempio, ecco come possiamo analizzare un ID Object reale restituito da un'applicazione: 5f2459ac9fa6dc2500314019`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`1. 5f2459ac: 1596217772 in decimale = Venerdì, 31 Luglio 2020 17:49:32`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`2. 9fa6dc: Identificatore della macchina`
			`3. 2500: ID del processo`
Translated to Italian 2024-02-10 13:03:23 +00:00			`4. 314019: Un contatore incrementale`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Dei suddetti elementi, l'identificatore della macchina rimarrà lo stesso finché il database sta eseguendo la stessa macchina fisica/virtuale. L'ID del processo cambierà solo se il processo MongoDB viene riavviato. Il timestamp verrà aggiornato ogni secondo. L'unica sfida nel prevedere gli ID Object semplicemente incrementando i valori del contatore e del timestamp, è il fatto che Mongo DB genera ID Object e assegna ID Object a livello di sistema.`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Lo strumento [https://github.com/andresriancho/mongo-objectid-predict](https://github.com/andresriancho/mongo-objectid-predict), dato un ID Object di partenza (puoi creare un account e ottenere un ID di partenza), restituisce circa 1000 probabili ID Object che potrebbero essere stati assegnati ai prossimi oggetti, quindi devi solo forzarli.`
GitBook: [master] one page and one asset modified 2020-09-16 10:00:23 +00:00
GitBook: [#3160] No subject 2022-05-01 13:25:53 +00:00			`## Post`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Se sei root puoi modificare il file mongodb.conf in modo che non siano necessarie credenziali (_noauth = true_) e accedere senza credenziali.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
a 2024-02-08 21:36:15 +00:00			`***`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure>`
hp 2023-07-14 15:03:41 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Unisciti al server [HackenProof Discord](https://discord.com/invite/N3FrSbmwdy) per comunicare con hacker esperti e cacciatori di bug bounty!`
GITBOOK-3816: No subject 2023-03-05 19:54:13 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Approfondimenti sul hacking\`
Translated to Italian 2024-02-10 13:03:23 +00:00			`Interagisci con contenuti che approfondiscono l'emozione e le sfide dell'hacking`
hp 2023-02-27 09:28:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Notizie di hacking in tempo reale\`
			`Rimani aggiornato con il mondo dell'hacking in rapida evoluzione attraverso notizie e approfondimenti in tempo reale`
hp 2023-02-27 09:28:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`Ultimi annunci\`
			`Rimani informato sulle nuove bug bounty in arrivo e sugli aggiornamenti cruciali della piattaforma`
hp 2023-02-27 09:28:45 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:09:41 +00:00			`Unisciti a noi su [Discord](https://discord.com/invite/N3FrSbmwdy) e inizia a collaborare con i migliori hacker oggi!`
new link 2022-11-05 09:07:43 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% hint style="success" %}`
			`Impara e pratica l'Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Impara e pratica l'Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`<summary>Supporta HackTricks</summary>`
arte 2024-01-03 10:42:55 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`* Controlla i [piani di abbonamento](https://github.com/sponsors/carlospolop)!`
			`* Unisciti al 💬 [gruppo Discord](https://discord.gg/hRep4RUj7f) o al [gruppo telegram](https://t.me/peass) o seguici su Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Condividi trucchi di hacking inviando PR ai [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos di github.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:34:23 +00:00			`{% endhint %}`