GitBook: [master] 8 pages and 19 assets modified

This commit is contained in:
CPol 2021-08-12 11:24:41 +00:00 committed by gitbook-bot
parent 88c4834851
commit 9ec73af839
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
18 changed files with 66 additions and 13 deletions

View file

Before

Width:  |  Height:  |  Size: 40 KiB

After

Width:  |  Height:  |  Size: 40 KiB

View file

Before

Width:  |  Height:  |  Size: 40 KiB

After

Width:  |  Height:  |  Size: 40 KiB

View file

Before

Width:  |  Height:  |  Size: 40 KiB

After

Width:  |  Height:  |  Size: 40 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 142 KiB

View file

Before

Width:  |  Height:  |  Size: 1.3 MiB

After

Width:  |  Height:  |  Size: 1.3 MiB

View file

Before

Width:  |  Height:  |  Size: 1.3 MiB

After

Width:  |  Height:  |  Size: 1.3 MiB

View file

Before

Width:  |  Height:  |  Size: 566 KiB

After

Width:  |  Height:  |  Size: 566 KiB

View file

Before

Width:  |  Height:  |  Size: 740 KiB

After

Width:  |  Height:  |  Size: 740 KiB

View file

@ -154,7 +154,7 @@ If you want to **know** about my **latest modifications**/**additions** or you h
If you want to **share some tricks with the community** you can also submit **pull requests** to ****[**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) ****that will be reflected in this book.
Don't forget to **give ⭐ on the github** to motivate me to continue developing this book.
![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29%20%284%29.png)
![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29%20%285%29.png)
[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\*

View file

@ -227,7 +227,60 @@ lldb -n malware.bin --waitfor
<tr>
<td style="text-align:left"><b>help</b>
</td>
<td style="text-align:left">help breakpoint #Get help of breakpoint command</td>
<td style="text-align:left">
<p>help breakpoint #Get help of breakpoint command</p>
<p>help memory write #Get help to write into the memory</p>
</td>
</tr>
<tr>
<td style="text-align:left"><b>reg</b>
</td>
<td style="text-align:left">
<p>reg read $rax</p>
<p>reg write $rip 0x100035cc0</p>
</td>
</tr>
<tr>
<td style="text-align:left"><b>x/s &lt;reg/memory address&gt;</b>
</td>
<td style="text-align:left">Display the memory as a null-terminated string.</td>
</tr>
<tr>
<td style="text-align:left"><b>x/i &lt;reg/memory address&gt;</b>
</td>
<td style="text-align:left">Display the memory as assembly instruction.</td>
</tr>
<tr>
<td style="text-align:left"><b>x/b &lt;reg/memory address&gt;</b>
</td>
<td style="text-align:left">Display the memory as byte.</td>
</tr>
<tr>
<td style="text-align:left"><b>print object (po)</b>
</td>
<td style="text-align:left">
<p>This will print the object referenced by the param</p>
<p>po $raw</p>
<p><code>{</code>
</p>
<p><code> dnsChanger = {</code>
</p>
<p><code> &quot;affiliate&quot; = &quot;&quot;;</code>
</p>
<p><code> &quot;blacklist_dns&quot; = ();</code>
</p>
<p>Note that most of Apple&#x2019;s Objective-C APIs or methods return objects,
and thus should be displayed via the &#x201C;print object&#x201D; (po)
command. If po doesn&apos;t produce a meaningful output use <code>x/b</code>
<br
/>
</p>
</td>
</tr>
<tr>
<td style="text-align:left"><b>memory write</b>
</td>
<td style="text-align:left">memory write 0x100600000 -s 4 0x41414141 #Write AAAA in that address</td>
</tr>
</tbody>
</table>

View file

@ -95,7 +95,7 @@ It follows a few steps to get the Activation Record performed by **`MCTeslaConfi
2. The JSON payload is encrypted using Absinthe \(**`NACSign`**\)
3. All requests over HTTPs, built-in root certificates are used
![](../../.gitbook/assets/image%20%28563%29.png)
![](../../.gitbook/assets/image%20%28566%29.png)
The response is a JSON dictionary with some important data like:
@ -115,7 +115,7 @@ The response is a JSON dictionary with some important data like:
* Signed using the **device identity certificate \(from APNS\)**
* **Certificate chain** includes expired **Apple iPhone Device CA**
![](../../.gitbook/assets/image%20%28570%29.png)
![](../../.gitbook/assets/image%20%28567%29%20%281%29.png)
### Step 6: Profile Installation

View file

@ -6,7 +6,7 @@
## Attacks Graphic
![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%282%29%20%282%29%20%281%29.png)
![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%282%29%20%282%29%20%282%29%20%281%29.png)
## Tool

View file

@ -44,7 +44,7 @@ In this last case, this means that **you need valid credentials** to access the
### Redis Authentication
**By default** Redis can be accessed **without credentials**. However, it can be **configured** to support **only password, or username + password**.
It is possible to **set a password** in _**redis.conf**_ file with the parameter `requirepass` **or temporary** until the service restarts connecting to it and running: `config set requirepass p@ss$12E45`.
It is possible to **set a password** in _**redis.conf**_ file with the parameter `requirepass` **or temporary** until the service restarts connecting to it and running: `config set requirepass p@ss$12E45`.
Also, a **username** can be configured in the parameter `masteruser` inside the _**redis.conf**_ file.
{% hint style="info" %}
@ -52,8 +52,8 @@ If only password is configured the username used is "**default**".
Also, note that there is **no way to find externally** if Redis was configured with only password or username+password.
{% endhint %}
In cases like this one you will **need to find valid credentials** to interact with Redis so you could try to [**brute-force**](../brute-force.md#redis) ****it.
In case you found valid credentials you need to **authenticate the session** after establishing the connection with the command:
In cases like this one you will **need to find valid credentials** to interact with Redis so you could try to [**brute-force**](../brute-force.md#redis) **\*\*it.
In case you found valid credentials you need to** authenticate the session\*\* after establishing the connection with the command:
```bash
AUTH <username> <password>

View file

@ -339,7 +339,7 @@ The page www.mail-tester.com can indicate you if you your domain is being blocke
* Decide from which account are you going to send the phishing emails. Suggestions: _noreply, support, servicedesk, salesforce..._
* You can leave blank the username and password, but make sure to check the Ignore Certificate Errors
![](../.gitbook/assets/image%20%28253%29%20%281%29%20%282%29%20%281%29%20%281%29%20%281%29.png)
![](../.gitbook/assets/image%20%28253%29%20%281%29%20%282%29%20%281%29%20%281%29%20%282%29%20%282%29.png)
{% hint style="info" %}
It's recommended to use the "**Send Test Email**" functionality to test that everything is working.

View file

@ -126,7 +126,7 @@ If you want to **know** about my **latest modifications**/**additions** or you h
If you want to **share some tricks with the community** you can also submit **pull requests** to ****[**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) ****that will be reflected in this book.
Don't forget to **give ⭐ on the github** to motivate me to continue developing this book.
![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29%20%283%29%20%281%29.png)
![](../.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29%20%284%29.png)
[**Buy me a coffee here**](https://www.buymeacoffee.com/carlospolop)\*\*\*\*