diff --git a/backdoors/empire.md b/backdoors/empire.md index 7ed4b6152..47ab30bfa 100644 --- a/backdoors/empire.md +++ b/backdoors/empire.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: 'https://github.com/EmpireProject/Empire' ---- - # Empire diff --git a/backdoors/icmpsh.md b/backdoors/icmpsh.md index fe2dd16e0..ab9fb510c 100644 --- a/backdoors/icmpsh.md +++ b/backdoors/icmpsh.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: 'https://github.com/inquisb/icmpsh' ---- - # ICMPsh Download the backdoor from: [https://github.com/inquisb/icmpsh](https://github.com/inquisb/icmpsh) diff --git a/backdoors/merlin.md b/backdoors/merlin.md index d93c9e97c..d4cd71634 100644 --- a/backdoors/merlin.md +++ b/backdoors/merlin.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: https://github.com/Ne0nd0g/merlin ---- - # Merlin ## Installation diff --git a/backdoors/salseo.md b/backdoors/salseo.md index 51f2e7477..af729cef7 100644 --- a/backdoors/salseo.md +++ b/backdoors/salseo.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: https://github.com/Hackplayers/Salsa-tools ---- - # Salseo ## Compiling the binaries diff --git a/linux-unix/linux-privilege-escalation-checklist.md b/linux-unix/linux-privilege-escalation-checklist.md index 8c02d160d..38fd00a6d 100644 --- a/linux-unix/linux-privilege-escalation-checklist.md +++ b/linux-unix/linux-privilege-escalation-checklist.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: Checklist for privilege escalation in Linux ---- - # Checklist - Linux Privilege Escalation {% hint style="warning" %} diff --git a/misc/basic-python/web-requests.md b/misc/basic-python/web-requests.md index 13764513b..3968774b5 100644 --- a/misc/basic-python/web-requests.md +++ b/misc/basic-python/web-requests.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: 'Get request, Post request (regular, json, file)' ---- - # Web Requests ```python diff --git a/pentesting/pentesting-printers/accounting-bypass.md b/pentesting/pentesting-printers/accounting-bypass.md index 9286e98fd..c8955e407 100644 --- a/pentesting/pentesting-printers/accounting-bypass.md +++ b/pentesting/pentesting-printers/accounting-bypass.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: From http://hacking-printers.net/wiki/index.php/Accounting_bypass ---- - # Accounting bypass ## **Introduction** diff --git a/pentesting/pentesting-printers/cross-site-printing.md b/pentesting/pentesting-printers/cross-site-printing.md index 9d8483cd7..cc88f396c 100644 --- a/pentesting/pentesting-printers/cross-site-printing.md +++ b/pentesting/pentesting-printers/cross-site-printing.md @@ -17,12 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: >- - Information from - http://hacking-printers.net/wiki/index.php/Cross-site_printing ---- - # Cross-Site Printing You can make a user send HTTP POST request to the port 9100 of several IPs trying to reach an open raw print port open. If found, the **HTTP header is either printed as plain text or discarded** based on the printer's settings. The **POST data** however can **contain** arbitrary print jobs like **PostScript** or **PJL** commands to be **interpreted**. diff --git a/pentesting/pentesting-printers/factory-defaults.md b/pentesting/pentesting-printers/factory-defaults.md index eb6960113..6aa0396e2 100644 --- a/pentesting/pentesting-printers/factory-defaults.md +++ b/pentesting/pentesting-printers/factory-defaults.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: From http://hacking-printers.net/wiki/index.php/Factory_defaults ---- - # Factory Defaults **Resetting** a device to factory defaults is a security-critical functionality as it **overwrites protection mechanisms** like user-set passwords. This can usually be done by pressing a **special key combination** on the printer's **control panel**. Performing such a cold reset only takes seconds and therefore is a realistic scenario for local attackers or penetration testers, who can for example sneak into the copy room at lunchtime. However, **physical access** to the device is **not always an option**. diff --git a/pentesting/pentesting-printers/firmware-updates.md b/pentesting/pentesting-printers/firmware-updates.md index 0a3a17372..218eea026 100644 --- a/pentesting/pentesting-printers/firmware-updates.md +++ b/pentesting/pentesting-printers/firmware-updates.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: 'Info from http://hacking-printers.net/wiki/index.php/Firmware_updates' ---- - # Firmware updates The dangers of malicious firmware updates are well-known and have been discussed early by [\[1\]](http://hacking-printers.net/wiki/index.php/Firmware_updates#cite_note-1) and [\[2\]](http://hacking-printers.net/wiki/index.php/Firmware_updates#cite_note-2). In contrast to other networked devices however, **it is common for printers to deploy firmware updates as ordinary print jobs**. This opens up a wide gateway for attackers because access to printing functionality is usually a low hurdle. One can only speculate about the motivation for such insecure design decisions but it seems logical that historic reasons play a role: Printers used to be connected by parallel or USB cable. Without network connectivity, security was less important and without a password-protected web server or similar functionality the printing channel was the only way to send data to the device. diff --git a/pentesting/pentesting-printers/print-job-manipulation.md b/pentesting/pentesting-printers/print-job-manipulation.md index f429dbdfa..371c78a6f 100644 --- a/pentesting/pentesting-printers/print-job-manipulation.md +++ b/pentesting/pentesting-printers/print-job-manipulation.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: From http://hacking-printers.net/wiki/index.php/Print_job_manipulation ---- - # Print job manipulation ## Content Overlay diff --git a/pentesting/pentesting-printers/print-job-retention.md b/pentesting/pentesting-printers/print-job-retention.md index 9b2cae6ce..1325d4f57 100644 --- a/pentesting/pentesting-printers/print-job-retention.md +++ b/pentesting/pentesting-printers/print-job-retention.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: From http://hacking-printers.net/wiki/index.php/Print_job_retention ---- - # Print Job Retention ## Job Retention diff --git a/pentesting/pentesting-printers/scanner-and-fax.md b/pentesting/pentesting-printers/scanner-and-fax.md index 49374a3ae..e1d1b5ef2 100644 --- a/pentesting/pentesting-printers/scanner-and-fax.md +++ b/pentesting/pentesting-printers/scanner-and-fax.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: From http://hacking-printers.net/wiki/index.php/Fax_and_Scanner ---- - # Scanner and Fax ## Scanner diff --git a/pentesting/pentesting-printers/software-packages.md b/pentesting/pentesting-printers/software-packages.md index 6bdab073e..9e934eabc 100644 --- a/pentesting/pentesting-printers/software-packages.md +++ b/pentesting/pentesting-printers/software-packages.md @@ -17,10 +17,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ---- -description: 'Info from http://hacking-printers.net/wiki/index.php/Software_packages' ---- - # Software packages In the recent years, printer vendors have started to introduce the **possibility to install custom software on their devices**. The format of such ‘printer apps’ is proprietary and SDKs are not available to the public. The feature of writing customized software which runs on printers was intended and is reserved for resellers and contractors, not for end-users. Hereby a printer fleet can be adapted to the special needs and business processes of a company; document solution providers can easily integrate printers into their management software. One popular example is NSi AutoStore [\[1\]](http://hacking-printers.net/wiki/index.php/Software_packages#cite_note-1) which can be installed on many MFPs and automatically uploads scanned or copied documents to predefined locations. Obviously, the feature to run custom code on a printer device is a potential security threat. Furthermore code signing of software packages is potentially harder than it is for [firmware](http://hacking-printers.net/wiki/index.php/Firmware_updates) as software is not only written by the printer manufacturer but by a broader range of developers who need to be in possession of the secret key to sign their software. Therefore it is logical to include the secret key in SDKs which are protected by being exclusively available from developer platforms. This article is an effort to systematically gather information on vendor-specific software platforms/SDKs.