This commit is contained in:
Carlos Polop 2024-12-14 12:47:54 +01:00
parent cfff5cc9a8
commit 9f71c0cb84
199 changed files with 199 additions and 6 deletions

View file

@ -223,3 +223,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -165,3 +165,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -89,3 +89,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -109,3 +109,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -306,3 +306,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -61,3 +61,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -72,3 +72,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -219,3 +219,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -110,3 +110,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -104,3 +104,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -92,3 +92,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -48,3 +48,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -66,3 +66,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -439,3 +439,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -68,3 +68,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -721,3 +721,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -49,3 +49,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -688,3 +688,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -138,3 +138,4 @@ Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data
</details>
{% endhint %}

View file

@ -852,3 +852,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&u
Get Access Today:
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=pentesting-postgresql" %}

View file

@ -195,3 +195,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -224,3 +224,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -71,3 +71,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -145,3 +145,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -57,3 +57,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -423,3 +423,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -617,3 +617,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -617,3 +617,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -125,3 +125,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -652,3 +652,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -86,3 +86,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -59,3 +59,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -319,3 +319,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -76,3 +76,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -83,3 +83,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -375,3 +375,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -119,3 +119,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -88,3 +88,4 @@ Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data
</details>
{% endhint %}

View file

@ -750,3 +750,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -124,3 +124,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}
</details>
{% endhint %}

View file

@ -271,3 +271,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}
</details>
{% endhint %}

View file

@ -160,3 +160,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -463,3 +463,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -36,3 +36,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -611,3 +611,4 @@ According to the W3C documentation, the `window.location` and `document.location
* [Angular Document](https://angular.io/api/common/DOCUMENT)
* [Angular Location](https://angular.io/api/common/Location)
* [Angular Router](https://angular.io/api/router/Router)

View file

@ -304,3 +304,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -33,3 +33,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -49,3 +49,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -33,3 +33,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -37,3 +37,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -122,3 +122,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -503,3 +503,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -6,3 +6,4 @@ Django's default cache storage method is [Python pickles](https://docs.python.or
Django cache is stored in one of four places: [Redis](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/redis.py#L12), [memory](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/locmem.py#L16), [files](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/filebased.py#L16), or a [database](https://github.com/django/django/blob/48a1929ca050f1333927860ff561f6371706968a/django/core/cache/backends/db.py#L95). Cache stored in a Redis server or database are the most likely attack vectors (Redis injection and SQL injection), but an attacker may also be able to use file-based cache to turn an arbitrary write into RCE. Maintainers have marked this as a non-issue. It's important to note that the cache file folder, SQL table name, and Redis server details will vary based on implementation.
This HackerOne report provides a great, reproducible example of exploiting Django cache stored in a SQLite database: https://hackerone.com/reports/1415436

View file

@ -68,3 +68,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -274,3 +274,4 @@ Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/grte.png" alt="
</details>
{% endhint %}

View file

@ -351,3 +351,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -87,3 +87,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -127,3 +127,4 @@ Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/grte.png" alt="
</details>
{% endhint %}

View file

@ -112,3 +112,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -140,3 +140,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -47,3 +47,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -52,3 +52,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -39,3 +39,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -690,3 +690,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -1,2 +1,3 @@
# GWT - Google Web Toolkit

View file

@ -66,3 +66,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -301,3 +301,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -69,3 +69,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -58,3 +58,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -155,3 +155,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -161,3 +161,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -41,3 +41,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -140,3 +140,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -145,3 +145,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}
</details>
{% endhint %}

View file

@ -35,3 +35,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -340,3 +340,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -35,3 +35,4 @@ iI you know the secret you can sign a the cookie.
```bash
cookie-monster -e -f new_cookie.json -k secret
```

View file

@ -546,3 +546,4 @@ Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/grte.png" alt="
</details>
{% endhint %}

View file

@ -128,3 +128,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -95,3 +95,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -842,3 +842,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -110,3 +110,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -78,3 +78,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -62,3 +62,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -42,3 +42,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -62,3 +62,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -50,3 +50,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -254,3 +254,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -461,3 +461,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -103,3 +103,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -64,3 +64,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -165,3 +165,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -74,3 +74,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -63,3 +63,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %}

View file

@ -34,3 +34,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

View file

@ -148,3 +148,4 @@ Use [**Trickest**](https://trickest.com/?utm_source=hacktricks\&utm_medium=text\
Get Access Today:
{% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=put-method-webdav" %}

View file

@ -51,3 +51,4 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details>
{% endhint %}

View file

@ -69,3 +69,4 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details>
{% endhint %}

Some files were not shown because too many files have changed in this diff Show more