From a48e960c55510fb1ffdb76b375f70a932654dd00 Mon Sep 17 00:00:00 2001 From: CPol Date: Tue, 30 Aug 2022 17:41:09 +0000 Subject: [PATCH] GitBook: [#3426] No subject --- README.md | 9 -------- .../linux-forensics.md | 14 ----------- .../shells/full-ttys.md | 14 ----------- .../tunneling-and-port-forwarding.md | 21 ----------------- .../android-app-pentesting/smali-changes.md | 14 ----------- .../113-pentesting-ident.md | 14 ----------- .../2375-pentesting-docker.md | 23 +------------------ .../5353-udp-multicast-dns-mdns.md | 14 ----------- .../554-8554-pentesting-rtsp.md | 14 ----------- .../873-pentesting-rsync.md | 14 ----------- .../pentesting-finger.md | 14 ----------- .../pentesting-rpcbind.md | 14 ----------- network-services-pentesting/pentesting-vnc.md | 14 ----------- .../pentesting-web/nginx.md | 14 ----------- .../url-format-bypass.md | 14 ----------- .../pentesting-kubernetes-from-the-outside.md | 14 ----------- .../reversing-tools-basic-methods/README.md | 14 ----------- .../asreproast.md | 14 ----------- .../kerberos-authentication.md | 10 -------- windows-hardening/ntlm/smbexec.md | 14 ----------- .../stealing-credentials/README.md | 21 ----------------- .../rottenpotato.md | 14 ----------- 22 files changed, 1 insertion(+), 321 deletions(-) diff --git a/README.md b/README.md index ad0b99555..819d17800 100644 --- a/README.md +++ b/README.md @@ -64,15 +64,6 @@ Through Security Skills as a Service, we help organizations to **defend against {% embed url="https://securityhubs.io/" %} -### [SecurityBoat](https://securityboat.in/) - -![](<.gitbook/assets/SB logo black\_034525.png>) - -**Securityboat** is a cybersecurity company focused on providing top of the line **penetration testing services** and the most comprehensive **automated security testing** solutions based on an extensive **manual security testing methodology** that utilizes various case-specific and **industry-tested** solutions. They are committed to providing clear communication on cybersecurity issues, developing solutions, and prioritizing **business risk**.\ -**Make the right choice by contacting us for your security:** - -{% embed url="https://securityboat.in/contact-us" %} - ### [Intigriti](https://www.intigriti.com) ![](.gitbook/assets/i3.png) diff --git a/forensics/basic-forensic-methodology/linux-forensics.md b/forensics/basic-forensic-methodology/linux-forensics.md index 0b5ed10d7..393fb2d7d 100644 --- a/forensics/basic-forensic-methodology/linux-forensics.md +++ b/forensics/basic-forensic-methodology/linux-forensics.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Initial Information Gathering ### Basic Information @@ -416,13 +409,6 @@ Note that not all diffs can feature all types. For instance, diffs from the inde * [https://cdn.ttgtmedia.com/rms/security/Malware%20Forensics%20Field%20Guide%20for%20Linux%20Systems\_Ch3.pdf](https://cdn.ttgtmedia.com/rms/security/Malware%20Forensics%20Field%20Guide%20for%20Linux%20Systems\_Ch3.pdf) * [https://www.plesk.com/blog/featured/linux-logs-explained/](https://www.plesk.com/blog/featured/linux-logs-explained/) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/generic-methodologies-and-resources/shells/full-ttys.md b/generic-methodologies-and-resources/shells/full-ttys.md index 2a388d611..d961c78a4 100644 --- a/generic-methodologies-and-resources/shells/full-ttys.md +++ b/generic-methodologies-and-resources/shells/full-ttys.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Full TTY Note that the shell you set in the `SHELL` variable **must** be **listed inside** _**/etc/shells**_ or `The value for the SHELL variable was not found the /etc/shells file This incident has been reported`. Also note that the next snippets only work in bash. If you're in a zsh, change to a bash before obtaining the shell by running `bash`. @@ -111,13 +104,6 @@ If for some reason you cannot obtain a full TTY you **still can interact with pr expect -c 'spawn sudo -S cat "/root/root.txt";expect "*password*";send "";send "\r\n";interact' ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/generic-methodologies-and-resources/tunneling-and-port-forwarding.md b/generic-methodologies-and-resources/tunneling-and-port-forwarding.md index 1b4c9cceb..80e0e77d5 100644 --- a/generic-methodologies-and-resources/tunneling-and-port-forwarding.md +++ b/generic-methodologies-and-resources/tunneling-and-port-forwarding.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Nmap tip {% hint style="warning" %} @@ -271,13 +264,6 @@ victim> python client.py --server-ip --server-port 9999 --ntl victim> python client.py --server-ip --server-port 9999 --ntlm-proxy-ip --ntlm-proxy-port 8080 --domain CONTOSO.COM --username Alice --hashes 9b9850751be2515c8231e5189015bbe6:49ef7638d69a01f26d96ed673bf50c45 ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## **Socat** [https://github.com/andrew-d/static-binaries](https://github.com/andrew-d/static-binaries) @@ -471,13 +457,6 @@ ping 1.1.1.100 #After a successful connection, the victim will be in the 1.1.1.1 * [https://github.com/z3APA3A/3proxy](https://github.com/z3APA3A/3proxy) * [https://github.com/jpillora/chisel](https://github.com/jpillora/chisel) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/mobile-pentesting/android-app-pentesting/smali-changes.md b/mobile-pentesting/android-app-pentesting/smali-changes.md index 9aaa499a3..248763fe1 100644 --- a/mobile-pentesting/android-app-pentesting/smali-changes.md +++ b/mobile-pentesting/android-app-pentesting/smali-changes.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - Sometimes it is interesting to modify the application code to access hidden information for you (maybe well obfuscated passwords or flags). Then, it could be interesting to decompile the apk, modify the code and recompile it. @@ -206,13 +199,6 @@ move-result-object v12 invoke-virtual {v12}, Landroid/widget/Toast;->show()V ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/113-pentesting-ident.md b/network-services-pentesting/113-pentesting-ident.md index f379a7014..9dd59b77f 100644 --- a/network-services-pentesting/113-pentesting-ident.md +++ b/network-services-pentesting/113-pentesting-ident.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Basic Information Is an [Internet](https://en.wikipedia.org/wiki/Internet) [protocol](https://en.wikipedia.org/wiki/Protocol\_\(computing\)) that helps identify the user of a particular [TCP](https://en.wikipedia.org/wiki/Transmission\_Control\_Protocol) connection. @@ -112,13 +105,6 @@ Entry_2: Note: apt install ident-user-enum ident-user-enum {IP} 22 23 139 445 (try all open ports) ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/2375-pentesting-docker.md b/network-services-pentesting/2375-pentesting-docker.md index cebee4b97..14027578a 100644 --- a/network-services-pentesting/2375-pentesting-docker.md +++ b/network-services-pentesting/2375-pentesting-docker.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Docker Basics ### What is @@ -90,7 +83,7 @@ ctr container delete ### Podman -**Info** [**from here**](https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html#:\~:text=What%20is%20Podman%3F,and%20support%20for%20rootless%20containers.) +**Info** [**from here**](https://ti8m.com/blog/Why-Podman-is-worth-a-look-.html) Podman is an open source, OCI ([Open Container Initiative](https://github.com/opencontainers)) compliant container engine. It is driven by Red Hat and incorporates a few major differences from Docker, such as its daemonless architecture and support for rootless containers. At their core, **both tools do the same thing: manage images and containers**. One of **Podman’s objectives is to have a Docker-compatible API**. Hence almost all CLI (command line interface) commands from the Docker CLI are also available in Podman. @@ -223,13 +216,6 @@ msf> use exploit/linux/http/docker_daemon_tcp nmap -sV --script "docker-*" -p ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Compromising In the following page you can find ways to **escape from a docker container**: @@ -363,13 +349,6 @@ falco-probe found and loaded in dkms You can use auditd to monitor docker. -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/5353-udp-multicast-dns-mdns.md b/network-services-pentesting/5353-udp-multicast-dns-mdns.md index dcec89a37..bcfc67734 100644 --- a/network-services-pentesting/5353-udp-multicast-dns-mdns.md +++ b/network-services-pentesting/5353-udp-multicast-dns-mdns.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Basic Information Multicast DNS (mDNS) is a **zero-configuration protocol** that lets you perform **DNS-like operations** on the local network in the absence of a conventional, unicast DNS server. The protocol uses the **same** API, **packet formats**, and operating semantics as DNS, allowing you to resolve domain names on the local network. **DNS Service Discovery (DNS-SD)** is a protocol that allows clients to **discover a list of named instances of services** (such as test.\_ipps.\_tcp.local, or linux.\_ssh.\_tcp.local) in a domain using standard DNS queries. DNS-SD is most often used in conjunction with mDNS but isn’t dependent on it. They’re both used by many IoT devices, such as network printers, Apple TVs, Google Chromecast, Network-Attached Storage (NAS) devices, and cameras.\ @@ -113,13 +106,6 @@ For more information check: * [Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things](https://books.google.co.uk/books/about/Practical\_IoT\_Hacking.html?id=GbYEEAAAQBAJ\&redir\_esc=y) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/554-8554-pentesting-rtsp.md b/network-services-pentesting/554-8554-pentesting-rtsp.md index 8d0170dbd..7573df8f7 100644 --- a/network-services-pentesting/554-8554-pentesting-rtsp.md +++ b/network-services-pentesting/554-8554-pentesting-rtsp.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Basic Information > The **Real Time Streaming Protocol** (**RTSP**) is a network control protocol designed for use in entertainment and communications systems to control streaming media servers. The protocol is used for establishing and controlling media sessions between end points. Clients of media servers issue VHS-style commands, such as play, record and pause, to facilitate real-time control of the media streaming from the server to a client (Video On Demand) or from a client to the server (Voice Recording). @@ -107,13 +100,6 @@ Cameradar allows you to: * Print a summary of all the informations Cameradar could get * [https://github.com/Ullaakut/cameradar](https://github.com/Ullaakut/cameradar) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/873-pentesting-rsync.md b/network-services-pentesting/873-pentesting-rsync.md index a52297b2d..3307ed0aa 100644 --- a/network-services-pentesting/873-pentesting-rsync.md +++ b/network-services-pentesting/873-pentesting-rsync.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## **Basic Information** > **rsync** is a utility for efficiently [transferring](https://en.wikipedia.org/wiki/File\_transfer) and [synchronizing](https://en.wikipedia.org/wiki/File\_synchronization) [files](https://en.wikipedia.org/wiki/Computer\_file) between a computer and an external hard drive and across [networked](https://en.wikipedia.org/wiki/Computer\_network) [computers](https://en.wikipedia.org/wiki/Computer) by comparing the [modification times](https://en.wikipedia.org/wiki/Timestamping\_\(computing\))and sizes of files.[\[3\]](https://en.wikipedia.org/wiki/Rsync#cite\_note-man\_page-3) It is commonly found on [Unix-like](https://en.wikipedia.org/wiki/Unix-like) [operating systems](https://en.wikipedia.org/wiki/Operating\_system). The rsync algorithm is a type of [delta encoding](https://en.wikipedia.org/wiki/Delta\_encoding), and is used for minimizing network usage. [Zlib](https://en.wikipedia.org/wiki/Zlib) may be used for additional [data compression](https://en.wikipedia.org/wiki/Data\_compression),[\[3\]](https://en.wikipedia.org/wiki/Rsync#cite\_note-man\_page-3) and [SSH](https://en.wikipedia.org/wiki/Secure\_Shell) or [stunnel](https://en.wikipedia.org/wiki/Stunnel) can be used for security. @@ -118,13 +111,6 @@ find /etc \( -name rsyncd.conf -o -name rsyncd.secrets \) Inside the config file sometimes you could find the parameter _secrets file = /path/to/file_ and this file could contains usernames and passwords allowed to authenticate to rsyncd. -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/pentesting-finger.md b/network-services-pentesting/pentesting-finger.md index 4bb898860..794f94e01 100644 --- a/network-services-pentesting/pentesting-finger.md +++ b/network-services-pentesting/pentesting-finger.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## **Basic Info** **Finger** is a program you can use to find information about computer users. It usually lists the login name, the full name, and possibly other details about the user you are fingering. These details may include the office location and phone number (if known), login time, idle time, time mail was last read, and the user's plan and project files. @@ -87,13 +80,6 @@ finger user@host@victim finger @internal@external ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/pentesting-rpcbind.md b/network-services-pentesting/pentesting-rpcbind.md index 379a79243..fb06af338 100644 --- a/network-services-pentesting/pentesting-rpcbind.md +++ b/network-services-pentesting/pentesting-rpcbind.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Basic Information Provides information between Unix based systems. Port is often probed, it can be used to fingerprint the Nix OS, and to obtain information about available services. Port used with NFS, NIS, or any rpc-based service. @@ -131,13 +124,6 @@ Entry_3: Command: nmap -sSUC -p 111 {IP} ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/pentesting-vnc.md b/network-services-pentesting/pentesting-vnc.md index 539b8d9ac..ae8467ba3 100644 --- a/network-services-pentesting/pentesting-vnc.md +++ b/network-services-pentesting/pentesting-vnc.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Basic Information In computing, **Virtual Network Computing** (**VNC**) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical-screen updates back in the other direction, over a network.\ @@ -71,13 +64,6 @@ I save the tool here also for ease of access: * `port:5900 RFB` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/network-services-pentesting/pentesting-web/nginx.md b/network-services-pentesting/pentesting-web/nginx.md index b229319d6..c65224ebf 100644 --- a/network-services-pentesting/pentesting-web/nginx.md +++ b/network-services-pentesting/pentesting-web/nginx.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Missing root location ``` @@ -289,13 +282,6 @@ Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulne * [**http://blog.zorinaq.com/nginx-resolver-vulns/**](http://blog.zorinaq.com/nginx-resolver-vulns/) * [**https://github.com/yandex/gixy/issues/115**](https://github.com/yandex/gixy/issues/115) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md b/pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md index de3dbbc1e..7b8477493 100644 --- a/pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md +++ b/pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ### Localhost ```bash @@ -219,13 +212,6 @@ Both of them describe a way of parsing URI/URLs, with one slight difference. The image from [https://claroty.com/2022/01/10/blog-research-exploiting-url-parsing-confusion/](https://claroty.com/2022/01/10/blog-research-exploiting-url-parsing-confusion/) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/pentesting/pentesting-kubernetes/pentesting-kubernetes-from-the-outside.md b/pentesting/pentesting-kubernetes/pentesting-kubernetes-from-the-outside.md index 1f01f1557..c66a7b4ce 100644 --- a/pentesting/pentesting-kubernetes/pentesting-kubernetes-from-the-outside.md +++ b/pentesting/pentesting-kubernetes/pentesting-kubernetes-from-the-outside.md @@ -1,12 +1,5 @@ # Pentesting Kubernetes Services -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - Kubernetes uses several **specific network services** that you might find **exposed to the Internet** or in an **internal network once you have compromised one pod**. ## Finding exposed pods with OSINT @@ -230,13 +223,6 @@ For example, a remote attacker can abuse this by accessing the following URL: `h {% embed url="https://labs.f-secure.com/blog/attacking-kubernetes-through-kubelet" %} -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/reversing/reversing-tools-basic-methods/README.md b/reversing/reversing-tools-basic-methods/README.md index dfcc5d586..f3fe7024a 100644 --- a/reversing/reversing-tools-basic-methods/README.md +++ b/reversing/reversing-tools-basic-methods/README.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Wasm decompiler / Wat compiler Online: @@ -403,13 +396,6 @@ So, in this challenge, knowing the values of the buttons, you needed to **press * [https://github.com/0xZ0F/Z0FCourse\_ReverseEngineering](https://github.com/0xZ0F/Z0FCourse\_ReverseEngineering) * [https://github.com/malrev/ABD](https://github.com/malrev/ABD) (Binary deobfuscation) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/windows-hardening/active-directory-methodology/asreproast.md b/windows-hardening/active-directory-methodology/asreproast.md index 86d9f8afc..a8eed510b 100644 --- a/windows-hardening/active-directory-methodology/asreproast.md +++ b/windows-hardening/active-directory-methodology/asreproast.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## ASREPRoast The ASREPRoast attack looks for **users without Kerberos pre-authentication required attribute (**[_**DONT\_REQ\_PREAUTH**_](https://support.microsoft.com/en-us/help/305144/how-to-use-the-useraccountcontrol-flags-to-manipulate-user-account-pro)_**)**_. @@ -76,13 +69,6 @@ Set-DomainObject -Identity -XOR @{useraccountcontrol=4194304} -Verbos [**More information about AS-RRP Roasting in ired.team**](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/windows-hardening/active-directory-methodology/kerberos-authentication.md b/windows-hardening/active-directory-methodology/kerberos-authentication.md index b5b3a285c..803671d4c 100644 --- a/windows-hardening/active-directory-methodology/kerberos-authentication.md +++ b/windows-hardening/active-directory-methodology/kerberos-authentication.md @@ -16,11 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} - **This information was extracted from the post:** [**https://www.tarlogic.com/en/blog/how-kerberos-works/**](https://www.tarlogic.com/en/blog/how-kerberos-works/) ## Kerberos (I): How does Kerberos work? – Theory @@ -217,11 +212,6 @@ After that, if user privileges are rigth, this can access to service. If is the * Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft: [https://www.microsoft.com/en-us/download/details.aspx?id=36036](https://www.microsoft.com/en-us/download/details.aspx?id=36036) * Fun with LDAP, Kerberos (and MSRPC) in AD Environments: [https://speakerdeck.com/ropnop/fun-with-ldap-kerberos-and-msrpc-in-ad-environments?slide=58](https://speakerdeck.com/ropnop/fun-with-ldap-kerberos-and-msrpc-in-ad-environments?slide=58) -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -
Support HackTricks and get benefits! diff --git a/windows-hardening/ntlm/smbexec.md b/windows-hardening/ntlm/smbexec.md index 8fd1cda70..c5de8b2c9 100644 --- a/windows-hardening/ntlm/smbexec.md +++ b/windows-hardening/ntlm/smbexec.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## How does it works **Smbexec works like Psexec.** In this example\*\*,\*\* **instead** of pointing the "_binpath_" to a malicious executable inside the victim, we are going to **point it** to **cmd.exe or powershell.exe** and one of they will download and execute the backdoor. @@ -63,13 +56,6 @@ It errors out because our service doesn't respond, but if we look at our Metaspl All the info was extracted from here: [https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-2-psexec-and-services/](https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-2-psexec-and-services/) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/windows-hardening/stealing-credentials/README.md b/windows-hardening/stealing-credentials/README.md index 7a29b82c0..97006378e 100644 --- a/windows-hardening/stealing-credentials/README.md +++ b/windows-hardening/stealing-credentials/README.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Credentials Mimikatz ```bash @@ -166,13 +159,6 @@ cme smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds #~ cme smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE' --ntds-pwdLastSet ``` -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - ## Stealing SAM & SYSTEM This files should be **located** in _C:\windows\system32\config\SAM_ and _C:\windows\system32\config\SYSTEM._ But **you cannot just copy them in a regular way** because they protected. @@ -330,13 +316,6 @@ Download it from:[ http://www.tarasco.org/security/pwdump\_7](http://www.tarasco [**Learn about some credentials protections here.**](credentials-protections.md) -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits! diff --git a/windows-hardening/windows-local-privilege-escalation/rottenpotato.md b/windows-hardening/windows-local-privilege-escalation/rottenpotato.md index ef5a47ee9..3612fbd78 100644 --- a/windows-hardening/windows-local-privilege-escalation/rottenpotato.md +++ b/windows-hardening/windows-local-privilege-escalation/rottenpotato.md @@ -16,13 +16,6 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} - The info in this page info was extracted [from this post](https://www.absolomb.com/2018-05-04-HackTheBox-Tally/) Service accounts usually have special privileges (SeImpersonatePrivileges) and this could be used to escalate privileges. @@ -106,13 +99,6 @@ Server username: NT AUTHORITY\SYSTEM Success! We have our SYSTEM shell and can grab the root.txt file! -{% hint style="danger" %} -\ -_A **digital transformation** tailored to your organization is unique. It also comes with its **risks**. **Defend yourself against hackers**. Get protection before it's too late. **Talk to the professionals at Securityboat**:_ - -{% embed url="https://securityboat.in/contact-us" %} -{% endhint %} -
Support HackTricks and get benefits!