From ce871c5c22e6dabc7c35a51e36316b5264544266 Mon Sep 17 00:00:00 2001 From: CPol Date: Sat, 23 Jan 2021 09:53:43 +0000 Subject: [PATCH] GitBook: [master] 4 pages and 8 assets modified --- ...ge (25) (2) (2) (2) (2) (2) (2) (2) (2) (1).png} | Bin ...ge (25) (2) (2) (2) (2) (2) (2) (2) (2) (2).png} | Bin ...45) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1).png} | Bin ...45) (2) (2) (2) (2) (2) (2) (2) (2) (2) (2).png} | Bin 1911-pentesting-fox.md | 2 +- README.md | 4 ++-- pentesting-web/formula-injection.md | 2 +- .../8009-pentesting-apache-jserv-protocol-ajp.md | 4 ++-- 8 files changed, 6 insertions(+), 6 deletions(-) rename .gitbook/assets/{image (25) (2) (2) (2) (2) (2) (2) (2) (1).png => image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1).png} (100%) rename .gitbook/assets/{image (25) (2) (2) (2) (2) (2) (2) (2).png => image (25) (2) (2) (2) (2) (2) (2) (2) (2) (2).png} (100%) rename .gitbook/assets/{image (345) (2) (2) (2) (2) (2) (2) (2) (2) (1).png => image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1).png} (100%) rename .gitbook/assets/{image (345) (2) (2) (2) (2) (2) (2) (2) (2).png => image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (2).png} (100%) diff --git a/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (1).png b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1).png similarity index 100% rename from .gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (1).png rename to .gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1).png diff --git a/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2).png b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (2).png similarity index 100% rename from .gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2).png rename to .gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (2).png diff --git a/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (1).png b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1).png similarity index 100% rename from .gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (1).png rename to .gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1).png diff --git a/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2).png b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (2).png similarity index 100% rename from .gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2).png rename to .gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (2).png diff --git a/1911-pentesting-fox.md b/1911-pentesting-fox.md index 7d458688d..3abebdf0b 100644 --- a/1911-pentesting-fox.md +++ b/1911-pentesting-fox.md @@ -10,7 +10,7 @@ dht udp "DHT Nodes" ![](.gitbook/assets/image%20%28182%29.png) -![](.gitbook/assets/image%20%28345%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png) +![](.gitbook/assets/image%20%28345%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png) InfluxDB diff --git a/README.md b/README.md index 6cec673d4..b6fb2f969 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,8 @@ Here you will find the **typical flow** that **you should follow when pentesting **Click in the title to start!** -If you want to **know** about my **latest modifications**/**additions** or you have **any suggestion for HackTricks or PEASS**, **join the** [**💬**](https://emojipedia.org/speech-balloon/) **\*\*\[**PEASS & HackTricks telegram group here**\]\(**[https://t.me/peass](https://t.me/peass)**\), or** follow me on Twitter ****[**🐦**](https://emojipedia.org/bird/)**\[**@carlospolopm**\]\(**[https://twitter.com/carlospolopm](https://twitter.com/carlospolopm)**\)**. -**If you want to** share some tricks with the community **you can also submit** pull requests **to \[**[https://github.com/carlospolop/hacktricks\*\*\]\(https://github.com/carlospolop/hacktricks](https://github.com/carlospolop/hacktricks**]%28https://github.com/carlospolop/hacktricks)\) that will be reflected in this book. +If you want to **know** about my **latest modifications**/**additions** or you have **any suggestion for HackTricks or PEASS**, **join the** [**💬**](https://emojipedia.org/speech-balloon/)[ PEASS & HackTricks telegram group here](https://t.me/peass)**, or** follow me on Twitter ****[**🐦**](https://emojipedia.org/bird/)[@carlospolopm](https://twitter.com/carlospolopm). +**If you want to** share some tricks with the community **you can also submit** pull requests **to** [https://github.com/carlospolop/hacktricks](https://github.com/carlospolop/hacktricks**]%28https://github.com/carlospolop/hacktricks) that will be reflected in this book. Don't forget to\*\* give ⭐ on the github to motivate me to continue developing this book. ![](.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67%20%286%29%20%284%29%20%283%29.png) diff --git a/pentesting-web/formula-injection.md b/pentesting-web/formula-injection.md index 47b4c3846..706a71516 100644 --- a/pentesting-web/formula-injection.md +++ b/pentesting-web/formula-injection.md @@ -41,5 +41,5 @@ The good news is that **this payload is executed automatically when the file is It's possible to execute a calculator with the following payload **`=cmd|' /C calc'!xxx`** -![](../.gitbook/assets/image%20%2825%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%281%29.png) +![](../.gitbook/assets/image%20%2825%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%281%29.png) diff --git a/pentesting/8009-pentesting-apache-jserv-protocol-ajp.md b/pentesting/8009-pentesting-apache-jserv-protocol-ajp.md index 50f81e8c4..9a2a223c5 100644 --- a/pentesting/8009-pentesting-apache-jserv-protocol-ajp.md +++ b/pentesting/8009-pentesting-apache-jserv-protocol-ajp.md @@ -25,7 +25,7 @@ It’s not often that you encounter port 8009 open and port 8080,8180,8443 or 80 sudo apt-get install libapache2-mod-jk sudo vim /etc/apache2/apache2.conf # append the following line to the config Include ajp.conf -sudo vim /etc/apache2/ajp.conf # create the following file, change HOST to the target address +sudo vim /etc/apache2/ajp.conf # create the following file, change HOST to the target address ProxyRequests Off Order deny,allow @@ -39,7 +39,7 @@ sudo a2enmod proxy_ajp sudo systemctl restart apache2 ``` -A nice side effect of using this setup is that you might thwart IDS/IPS systems in place since the AJP protocol is somewhat binary, but I haven’t verified this. Now you can just point your regular metasploit tomcat exploit to 127.0.0.1:80 and take over that system. Here is the metasploit output also: +A nice side effect of using this setup is that you might thwart IDS/IPS systems in place since the AJP protocol is somewhat binary, but I haven’t verified this. Now you can just point your regular metasploit tomcat exploit to 127.0.0.1:80 and take over that system. Here is the metasploit output also: ```text msf exploit(tomcat_mgr_deploy) > show options