Translated ['src/pentesting-web/account-takeover.md'] to sw

2025-10-10 18:36:50 +00:00 · 2025-04-20 14:57:41 +00:00 · 2025-04-20 14:57:41 +00:00 · c3dd3d8324
commit c3dd3d8324
parent 7884127561
2 changed files with 68 additions and 18 deletions
--- a/src/pentesting-web/account-takeover.md
+++ b/src/pentesting-web/account-takeover.md
@ -12,12 +12,12 @@ Barua pepe ya akaunti inapaswa kujaribiwa kubadilishwa, na mchakato wa uthibitis
 2. Akaunti inapaswa kuundwa kwa kutumia Unicode\
 kwa mfano: `vićtim@gmail.com`

-Kama ilivyoelezwa katika [**hili mazungumzo**](https://www.youtube.com/watch?v=CiIyaZ3x49c), shambulio la awali linaweza pia kufanywa kwa kutumia watoa huduma wa utambulisho wa upande wa tatu:
+Kama ilivyoelezwa katika [**hii hotuba**](https://www.youtube.com/watch?v=CiIyaZ3x49c), shambulio la awali linaweza pia kufanywa kwa kutumia watoa huduma wa utambulisho wa upande wa tatu:

 - Unda akaunti katika utambulisho wa upande wa tatu kwa barua pepe inayofanana na ya mwathirika kwa kutumia herufi za unicode (`vićtim@company.com`).
 - Mtoa huduma wa upande wa tatu haipaswi kuthibitisha barua pepe
 - Ikiwa mtoa huduma wa utambulisho anathibitisha barua pepe, labda unaweza kushambulia sehemu ya domain kama: `victim@ćompany.com` na kujiandikisha kwa hiyo domain na kutumaini kwamba mtoa huduma wa utambulisho anaunda toleo la ascii la domain wakati jukwaa la mwathirika linanormalize jina la domain.
- Ingia kupitia mtoa huduma huyu wa utambulisho katika jukwaa la mwathirika ambaye anapaswa kunormalize herufi za unicode na kukuruhusu ufikie akaunti ya mwathirika.
+- Ingia kupitia mtoa huduma huyu wa utambulisho katika jukwaa la mwathirika ambaye anapaswa ku-normalize herufi za unicode na kukuruhusu ufikie akaunti ya mwathirika.

 Kwa maelezo zaidi, rejelea hati kuhusu Unicode Normalization:

@ -45,7 +45,7 @@ cors-bypass.md

 ## **Csrf to Account Takeover**

-Ikiwa ukurasa unahatarishwa na CSRF unaweza kuwa na uwezo wa kumfanya **mtumiaji abadilishe nenosiri lake**, barua pepe au uthibitisho ili uweze kufikia hiyo:
+Ikiwa ukurasa unahatarishwa kwa CSRF unaweza kuwa na uwezo wa kumfanya **mtumiaji abadilishe nenosiri lake**, barua pepe au uthibitisho ili uweze kuifikia:

 {{#ref}}
 csrf-cross-site-request-forgery.md
@ -61,7 +61,7 @@ xss-cross-site-scripting/

 ## **Same Origin + Cookies**

-Ikiwa unapata XSS iliyopunguzwa au kuchukua subdomain, unaweza kucheza na vidakuzi (kuvifunga kwa mfano) kujaribu kuathiri akaunti ya mwathirika:
+Ikiwa unapata XSS iliyopunguzwa au kuchukua subdomain, unaweza kucheza na vidakuzi (kuvifunga kwa mfano) ili kujaribu kuathiri akaunti ya mwathirika:

 {{#ref}}
 hacking-with-cookies/
@ -101,7 +101,7 @@ Mbinu hizi za urekebishaji ni bora katika hali ambapo JSON inatumika kwa usafiri

 ## Change email of current session

-Kutoka [ripoti hii](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea):
+Kutoka [hii ripoti](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea):

 - Mshambuliaji anahitaji kubadilisha barua yake pepe na mpya
 - Mshambuliaji anapata kiungo cha kuthibitisha mabadiliko ya barua pepe
@ -109,17 +109,17 @@ Kutoka [ripoti hii](https://dynnyd20.medium.com/one-click-account-take-over-e500
 - Barua pepe ya mwathirika inabadilishwa kuwa ile iliyotajwa na mshambuliaji
 - Mshambuliaji anaweza kurejesha nenosiri na kuchukua akaunti

-Hii pia ilitokea katika [**ripoti hii**](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea).
+Hii pia ilitokea katika [**hii ripoti**](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea).

 ### Bypass email verification for Account Takeover
- Mshambuliaji anaingia na attacker@test.com na kuthibitisha barua pepe wakati wa kujiandikisha.
+- Mshambuliaji anaingia na attacker@test.com na kuthibitisha barua pepe wakati wa usajili.
 - Mshambuliaji anabadilisha barua pepe iliyothibitishwa kuwa victim@test.com (hakuna uthibitisho wa pili kwenye mabadiliko ya barua pepe)
 - Sasa tovuti inaruhusu victim@test.com kuingia na tumepita uthibitisho wa barua pepe wa mtumiaji mwathirika.

 ### Old Cookies

 Kama ilivyoelezwa [**katika chapisho hili**](https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9), ilikuwa inawezekana kuingia kwenye akaunti, kuhifadhi vidakuzi kama mtumiaji aliyethibitishwa, kutoka, na kisha kuingia tena.\
-Kwa kuingia mpya, ingawa vidakuzi tofauti vinaweza kuundwa vidakuzi vya zamani vilianza kufanya kazi tena.
+Kwa kuingia mpya, ingawa vidakuzi tofauti vinaweza kuundwa, vya zamani vilianza kufanya kazi tena.

 ## References

--- a/theme/ht_searcher.js
+++ b/theme/ht_searcher.js
@ -471,17 +471,67 @@ window.search = window.search || {};
        showResults(true);
    }

-    var branch = lang === "en" ? "master" : lang
-    fetch(`https://raw.githubusercontent.com/HackTricks-wiki/hacktricks/refs/heads/${branch}/searchindex.json`)
-        .then(response => response.json())
-        .then(json => init(json))        
-        .catch(error => { // Try to load searchindex.js if fetch failed
-            var script = document.createElement('script');
-            script.src = `https://raw.githubusercontent.com/HackTricks-wiki/hacktricks/refs/heads/${branch}/searchindex.js`;
-            script.onload = () => init(window.search);
-            document.head.appendChild(script);
+    (async function loadSearchIndex(lang = window.lang || 'en') {
+        /* ───────── paths ───────── */
+        const branch      = lang === 'en' ? 'master' : lang;
+        const baseRemote  = `https://raw.githubusercontent.com/HackTricks-wiki/hacktricks/${branch}`;
+        const remoteJson  = `${baseRemote}/searchindex.json`;
+        const remoteJs    = `${baseRemote}/searchindex.js`;
+        const localJson   = './searchindex.json';
+        const localJs     = './searchindex.js';
+        const TIMEOUT_MS  = 5_000;
+        
+        /* ───────── helpers ───────── */
+        const fetchWithTimeout = (url, opt = {}) =>
+            Promise.race([
+            fetch(url, opt),
+            new Promise((_, r) => setTimeout(() => r(new Error('timeout')), TIMEOUT_MS))
+            ]);
+        
+        const loadScript = src =>
+            new Promise((resolve, reject) => {
+            const s = document.createElement('script');
+            s.src      = src;
+            s.onload   = resolve;
+            s.onerror  = reject;
+            document.head.appendChild(s);
            });
        
+        /* ───────── 1. remote JSON ───────── */
+        try {
+            const r = await fetchWithTimeout(remoteJson);
+            if (!r.ok) throw new Error(r.status);
+            return init(await r.json());
+        } catch (e) {
+            console.warn('Remote JSON failed →', e);
+        }
+        
+        /* ───────── 2. remote JS ───────── */
+        try {
+            await loadScript(remoteJs);
+            return init(window.search);
+        } catch (e) {
+            console.warn('Remote JS failed →', e);
+        }
+        
+        /* ───────── 3. local JSON ───────── */
+        try {
+            const r = await fetch(localJson);
+            if (!r.ok) throw new Error(r.status);
+            return init(await r.json());
+        } catch (e) {
+            console.warn('Local JSON failed →', e);
+        }
+        
+        /* ───────── 4. local JS ───────── */
+        try {
+            await loadScript(localJs);
+            return init(window.search);
+        } catch (e) {
+            console.error('Local JS failed →', e);
+        }
+    })();
+
    // Exported functions
    search.hasFocus = hasFocus;
 })(window.search);