4.2 KiB
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Angalia mpango wa usajili!
- Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
- Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud github repos.
Katika jibu la ping TTL:
127 = Windows
254 = Cisco
Mengine, baadhi ya linux
$1$- md5
$2$au 2a - Blowfish
$5$- sha256
$6$- sha512
Ikiwa hujui kilicho nyuma ya huduma, jaribu kufanya ombi la HTTP GET.
UDP Scans
nc -nv -u -z -w 1 <IP> 160-16
Pakiti tupu ya UDP inatumwa kwa bandari maalum. Ikiwa bandari ya UDP iko wazi, hakuna jibu litatumwa kutoka kwa mashine lengwa. Ikiwa bandari ya UDP imefungwa, pakiti ya ICMP port unreachable inapaswa kutumwa kutoka kwa mashine lengwa.\
Kuskania bandari za UDP mara nyingi hakuhakikishi, kwani firewalls na routers zinaweza kuondoa pakiti za ICMP.
Hii inaweza kusababisha positives za uwongo katika skani yako, na utaona mara kwa mara
skani za bandari za UDP zikionyesha bandari zote za UDP zikiwa wazi kwenye mashine iliyoskanwa.
o Skana nyingi za bandari hazisakanii bandari zote zinazopatikana, na kwa kawaida zina orodha iliyowekwa ya “bandari za kuvutia” zinazokaguliwa.
CTF - Tricks
Katika Windows tumia Winzip kutafuta faili.
Mito mbadala ya data: dir /r | find ":$DATA"\
binwalk --dd=".*" <file> #Extract everything
binwalk -M -e -d=10000 suspicious.pdf #Extract, look inside extracted files and continue extracing (depth of 10000)
Crypto
featherduster\
Basae64(6—>8) —> 0...9, a...z, A…Z,+,/
Base32(5 —>8) —> A…Z, 2…7
Base85 (Ascii85, 7—>8) —> 0...9, a...z, A...Z, ., -, :, +, =, ^, !, /, *, ?, &, <, >, (, ), [, ], {, }, @, %, $, #
Uuencode --> Anza na "begin <mode> <filename>" na herufi za ajabu
Xxencoding --> Anza na "begin <mode> <filename>" na B64
Vigenere (uchambuzi wa mzunguko) —> https://www.guballa.de/vigenere-solver
Scytale (mabadiliko ya wahusika) —> https://www.dcode.fr/scytale-cipher
25x25 = QR
factordb.com
rsatool
Snow --> Ficha ujumbe kwa kutumia nafasi na tab
Characters
%E2%80%AE => Wahusika wa RTL (andika payloads kwa nyuma)
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.