Merge branch 'HackTricks-wiki:master' into master

SUMMARY.md

@@ -630,7 +630,7 @@
     * [Big Binary Files Upload (PostgreSQL)](pentesting-web/sql-injection/postgresql-injection/big-binary-files-upload-postgresql.md)
     * [RCE with PostgreSQL Languages](pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-languages.md)
     * [RCE with PostgreSQL Extensions](pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md)
-  * [SQLMap - Cheetsheat](pentesting-web/sql-injection/sqlmap/README.md)
+  * [SQLMap - CheatSheet](pentesting-web/sql-injection/sqlmap/README.md)
     * [Second Order Injection - SQLMap](pentesting-web/sql-injection/sqlmap/second-order-injection-sqlmap.md)
 * [SSRF (Server Side Request Forgery)](pentesting-web/ssrf-server-side-request-forgery/README.md)
   * [URL Format Bypass](pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md)

pentesting-web/captcha-bypass.md

@@ -1,8 +1,8 @@
 # Captcha Bypass
 
 {% hint style="success" %}
-Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
-Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
+Learn & practice AWS Hacking:<img src="../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../.gitbook/assets/arte.png" alt="" data-size="line">\
+Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
 
 <details>
 
@@ -22,19 +22,16 @@ To **bypass** the captcha during **server testing** and automate user input func
 1. **Parameter Manipulation**:
    * **Omit the Captcha Parameter**: Avoid sending the captcha parameter. Experiment with changing the HTTP method from POST to GET or other verbs, and altering the data format, such as switching between form data and JSON.
    * **Send Empty Captcha**: Submit the request with the captcha parameter present but left empty.
-
 2. **Value Extraction and Reuse**:
    * **Source Code Inspection**: Search for the captcha value within the page's source code.
    * **Cookie Analysis**: Examine the cookies to find if the captcha value is stored and reused.
    * **Reuse Old Captcha Values**: Attempt to use previously successful captcha values again. Keep in mind that they might expire at any time.
    * **Session Manipulation**: Try using the same captcha value across different sessions or the same session ID.
-
 3. **Automation and Recognition**:
    * **Mathematical Captchas**: If the captcha involves math operations, automate the calculation process.
    * **Image Recognition**:
      * For captchas that require reading characters from an image, manually or programmatically determine the total number of unique images. If the set is limited, you might identify each image by its MD5 hash.
      * Utilize Optical Character Recognition (OCR) tools like [Tesseract OCR](https://github.com/tesseract-ocr/tesseract) to automate character reading from images.
-
 4. **Additional Techniques**:
    * **Rate Limit Testing**: Check if the application limits the number of attempts or submissions in a given timeframe and whether this limit can be bypassed or reset.
    * **Third-party Services**: Employ captcha-solving services or APIs that offer automated captcha recognition and solving.
@@ -42,13 +39,17 @@ To **bypass** the captcha during **server testing** and automate user input func
    * **User-Agent and Header Manipulation**: Alter the User-Agent and other request headers to mimic different browsers or devices.
    * **Audio Captcha Analysis**: If an audio captcha option is available, use speech-to-text services to interpret and solve the captcha.
 
-
 ## Online Services to solve captchas
 
+### [CapSolver](https://www.capsolver.com/?utm\_source=google\&utm\_medium=ads\&utm\_campaign=scraping\&utm\_term=hacktricks\&utm\_content=captchabypass)
+
+[**CapSolver**](https://www.capsolver.com/?utm\_source=google\&utm\_medium=ads\&utm\_campaign=scraping\&utm\_term=hacktricks\&utm\_content=captchabypass) is an AI-powered service that specializes in solving various types of captchas automatically, empowers data collection by helping developers easily overcome the captcha challenges encountered during Web Scraping. It supports captchas such as **reCAPTCHA V2, reCAPTCHA V3, hCaptcha, DataDome, AWS Captcha, Geetest, and Cloudflare turnstile among others**. For developers, Capsolver offers API integration options detailed in [**documentation**](https://docs.capsolver.com/?utm\_source=github\&utm\_medium=banner\_github\&utm\_campaign=fcsrv)**,** facilitating the integration of captcha solving into applications. They also provide browser extensions for [Chrome](https://chromewebstore.google.com/detail/captcha-solver-auto-captc/pgojnojmmhpofjgdmaebadhbocahppod) and [Firefox](https://addons.mozilla.org/es/firefox/addon/capsolver-captcha-solver/), making it easy to use their service directly within a browser. Different pricing packages are available to accommodate varying needs, ensuring flexibility for users.
+
+{% embed url="https://www.capsolver.com/?utm_campaign=scraping&utm_content=captchabypass&utm_medium=ads&utm_source=google&utm_term=hacktricks" %}
 
 {% hint style="success" %}
-Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
-Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
+Learn & practice AWS Hacking:<img src="../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../.gitbook/assets/arte.png" alt="" data-size="line">\
+Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
 
 <details>
 

pentesting-web/sql-injection/README.md

@@ -289,7 +289,7 @@ a' UNION SELECT EXTRACTVALUE(xmltype('<?xml version="1.0" encoding="UTF-8"?><!DO
 
 ## Automated Exploitation
 
-Check the [SQLMap Cheetsheat](sqlmap/) to exploit a SQLi vulnerability with [**sqlmap**](https://github.com/sqlmapproject/sqlmap).
+Check the [SQLMap Cheatsheet](sqlmap/) to exploit a SQLi vulnerability with [**sqlmap**](https://github.com/sqlmapproject/sqlmap).
 
 ## Tech specific info
 

pentesting-web/sql-injection/sqlmap/README.md

@@ -1,4 +1,4 @@
-# SQLMap - Cheetsheat
+# SQLMap - Cheatsheet
 
 {% hint style="success" %}
 Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\

pentesting-web/web-tool-wfuzz.md

@@ -67,7 +67,7 @@ Examples:
 -z list,each-element-here,hexlify #Inline list and to hex before sending values
 ```
 
-## CheetSheet
+## CheatSheet
 
 ### Login Form bruteforce
 

windows-hardening/authentication-credentials-uac-and-efs/uac-user-account-control.md

@@ -111,7 +111,7 @@ whoami /groups | findstr Level
 ## UAC bypass
 
 {% hint style="info" %}
-Note that if you have graphical access to the victim, UAC bypass is straight forward as you can simply click on "Yes" when the UAS prompt appears
+Note that if you have graphical access to the victim, UAC bypass is straight forward as you can simply click on "Yes" when the UAC prompt appears
 {% endhint %}
 
 The UAC bypass is needed in the following situation: **the UAC is activated, your process is running in a medium integrity context, and your user belongs to the administrators group**.