GITBOOK-4378: No subject

This commit is contained in:
CPol 2024-08-17 17:01:01 +00:00 committed by gitbook-bot
parent 2c92ce81a6
commit 6a38795eb2
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 48 additions and 9 deletions

View file

@ -392,7 +392,7 @@
* [IIS - Internet Information Services](network-services-pentesting/pentesting-web/iis-internet-information-services.md) * [IIS - Internet Information Services](network-services-pentesting/pentesting-web/iis-internet-information-services.md)
* [ImageMagick Security](network-services-pentesting/pentesting-web/imagemagick-security.md) * [ImageMagick Security](network-services-pentesting/pentesting-web/imagemagick-security.md)
* [JBOSS](network-services-pentesting/pentesting-web/jboss.md) * [JBOSS](network-services-pentesting/pentesting-web/jboss.md)
* [JIRA](network-services-pentesting/pentesting-web/jira.md) * [Jira & Confluence](network-services-pentesting/pentesting-web/jira.md)
* [Joomla](network-services-pentesting/pentesting-web/joomla.md) * [Joomla](network-services-pentesting/pentesting-web/joomla.md)
* [JSP](network-services-pentesting/pentesting-web/jsp.md) * [JSP](network-services-pentesting/pentesting-web/jsp.md)
* [Laravel](network-services-pentesting/pentesting-web/laravel.md) * [Laravel](network-services-pentesting/pentesting-web/laravel.md)

View file

@ -1,8 +1,8 @@
# JIRA # Jira & Confluence
{% hint style="success" %} {% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\ Learn & practice AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte) Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details> <details>
@ -14,7 +14,6 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
{% endhint %}
<figure><img src="../../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure> <figure><img src="../../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
@ -82,14 +81,56 @@ curl https://jira.some.example.com/rest/api/2/mypermissions | jq | grep -iB6 '"h
* [https://github.com/0x48piraj/Jiraffe](https://github.com/0x48piraj/Jiraffe) * [https://github.com/0x48piraj/Jiraffe](https://github.com/0x48piraj/Jiraffe)
* [https://github.com/bcoles/jira\_scan](https://github.com/bcoles/jira\_scan) * [https://github.com/bcoles/jira\_scan](https://github.com/bcoles/jira\_scan)
## Atlasian Plugins
As indicated in this [**blog**](https://cyllective.com/blog/posts/atlassian-audit-plugins), in the documentation about [Plugin modules ↗](https://developer.atlassian.com/server/framework/atlassian-sdk/plugin-modules/) it's possible to check the different types of plugins, like:
* [REST Plugin Module ↗](https://developer.atlassian.com/server/framework/atlassian-sdk/rest-plugin-module): Expose RESTful API endpoints
* [Servlet Plugin Module ↗](https://developer.atlassian.com/server/framework/atlassian-sdk/servlet-plugin-module/): Deploy Java servlets as part of a plugin
* [Macro Plugin Module ↗](https://developer.atlassian.com/server/confluence/macro-module/): Implement Confluence Macros, i.e. parameterised HTML templates
This is an example of the macro plugin type:
```java
package com.atlassian.tutorial.macro;
import com.atlassian.confluence.content.render.xhtml.ConversionContext;
import com.atlassian.confluence.macro.Macro;
import com.atlassian.confluence.macro.MacroExecutionException;
import java.util.Map;
public class helloworld implements Macro {
public String execute(Map<String, String> map, String body, ConversionContext conversionContext) throws MacroExecutionException {
if (map.get("Name") != null) {
return ("<h1>Hello " + map.get("Name") + "!</h1>");
} else {
return "<h1>Hello World!<h1>";
}
}
public BodyType getBodyType() { return BodyType.NONE; }
public OutputType getOutputType() { return OutputType.BLOCK; }
}
```
It's possible to observe that these plugins might be vulnerable to common web vulnerabilities like XSS. For example the previous example is vulnerable because it's reflecting data given by the user.&#x20;
Once a XSS is found, in [**this github repo**](https://github.com/cyllective/XSS-Payloads/tree/main/Confluence) you can find some payloads to increase the impact of the XSS.
<figure><img src="../../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure> <figure><img src="../../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_). If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
{% embed url="https://www.stmcyber.com/careers" %} {% embed url="https://www.stmcyber.com/careers" %}
{% hint style="success" %} {% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\ Learn & practice AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte) Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details> <details>
@ -101,5 +142,3 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
</details>
{% endhint %}