Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-29 08:01:00 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/700-pentesting-epp.md

41 lines
3.3 KiB
Markdown
Raw Blame History

# 700 - Pentesting EPP
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
## Basic Information
Protokali ya Upangaji Inayoweza Kupanuliwa (EPP) ni protokali ya mtandao inayotumika kwa **usimamizi wa majina ya kikoa na rasilimali nyingine za mtandao** na usajili wa majina ya kikoa na wasajili. Inaruhusu automatisering ya usajili wa majina ya kikoa, upya, uhamisho, na mchakato wa kufuta, kuhakikisha mfumo wa mawasiliano wa kawaida na salama kati ya vyombo tofauti katika mfumo wa majina ya kikoa (DNS). EPP imeundwa kuwa na uwezo wa kubadilika na kupanuka, ikiruhusu kuongeza vipengele na amri mpya kadri mahitaji ya miundombinu ya mtandao yanavyoendelea.
Kimsingi, ni moja ya protokali ambazo **wasajili wa TLD wataweza kutoa kwa wasajili wa majina ya kikoa** ili kusajili majina mapya katika TLD.
### Pentest
[**Katika makala hii ya kuvutia sana**](https://hackcompute.com/hacking-epp-servers/) unaweza kuona jinsi utafiti wa usalama ulivyogundua kuwa **utekelezaji wa protokali hii** ulikuwa na udhaifu wa XXE (XML External Entity) kwani protokali hii inatumia XML kuwasiliana, ambayo ingewawezesha washambuliaji kuchukua udhibiti wa TLD tofauti kumi.
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
<summary>Support HackTricks</summary>
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
{% endhint %}
Reference in a new issue View git blame Copy permalink