From e14d8af4993c2c081bb561ad24a66985c7741cab Mon Sep 17 00:00:00 2001 From: Translator Date: Sun, 27 Apr 2025 16:32:56 +0000 Subject: [PATCH] Translated ['src/generic-methodologies-and-resources/phishing-methodolog --- book.toml | 1 + src/SUMMARY.md | 2 + .../phishing-methodology/README.md | 96 ++++++------ theme/ai.js | 141 ++++++++++++++++++ theme/ht_searcher.js | 125 +++++++++------- 5 files changed, 263 insertions(+), 102 deletions(-) create mode 100644 theme/ai.js diff --git a/book.toml b/book.toml index 3d588387c..5826e9a3a 100644 --- a/book.toml +++ b/book.toml @@ -31,6 +31,7 @@ additional-js = [ "theme/tabs.js", "theme/ht_searcher.js", "theme/sponsor.js", + "theme/ai.js" ] no-section-label = true preferred-dark-theme = "hacktricks-dark" diff --git a/src/SUMMARY.md b/src/SUMMARY.md index ab08a68f8..f0af43e7a 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -561,6 +561,7 @@ - [CSRF (Cross Site Request Forgery)](pentesting-web/csrf-cross-site-request-forgery.md) - [Dangling Markup - HTML scriptless injection](pentesting-web/dangling-markup-html-scriptless-injection/README.md) - [SS-Leaks](pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md) +- [DApps - Decentralized Applications](pentesting-web/dapps-DecentralizedApplications.md) - [Dependency Confusion](pentesting-web/dependency-confusion.md) - [Deserialization](pentesting-web/deserialization/README.md) - [NodeJS - \_\_proto\_\_ & prototype Pollution](pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md) @@ -625,6 +626,7 @@ - [Regular expression Denial of Service - ReDoS](pentesting-web/regular-expression-denial-of-service-redos.md) - [Reset/Forgotten Password Bypass](pentesting-web/reset-password.md) - [Reverse Tab Nabbing](pentesting-web/reverse-tab-nabbing.md) +- [RSQL Injection](pentesting-web/rsql-injection.md) - [SAML Attacks](pentesting-web/saml-attacks/README.md) - [SAML Basics](pentesting-web/saml-attacks/saml-basics.md) - [Server Side Inclusion/Edge Side Inclusion Injection](pentesting-web/server-side-inclusion-edge-side-inclusion-injection.md) diff --git a/src/generic-methodologies-and-resources/phishing-methodology/README.md b/src/generic-methodologies-and-resources/phishing-methodology/README.md index 119873599..f32a2c645 100644 --- a/src/generic-methodologies-and-resources/phishing-methodology/README.md +++ b/src/generic-methodologies-and-resources/phishing-methodology/README.md @@ -6,11 +6,11 @@ 1. Fanya utafiti kuhusu mwathirika 1. Chagua **domeni la mwathirika**. -2. Fanya utafiti wa msingi wa wavuti **ukitafuta milango ya kuingia** inayotumiwa na mwathirika na **amua** ni ipi utakuwa **ukijifanya**. +2. Fanya utafiti wa msingi wa wavuti **ukitafuta milango ya kuingia** inayotumiwa na mwathirika na **amua** ni ipi utakuwa **unajifanya**. 3. Tumia **OSINT** ili **kupata barua pepe**. 2. Andaa mazingira 1. **Nunua domeni** ambayo utatumia kwa tathmini ya phishing -2. **Sanidi huduma ya barua pepe** rekodi zinazohusiana (SPF, DMARC, DKIM, rDNS) +2. **Sanidi huduma ya barua pepe** inayohusiana na rekodi (SPF, DMARC, DKIM, rDNS) 3. Sanidi VPS na **gophish** 3. Andaa kampeni 1. Andaa **kigezo cha barua pepe** @@ -21,8 +21,8 @@ ### Mbinu za Mabadiliko ya Jina la Domeni -- **Neno muhimu**: Jina la domeni **linajumuisha** neno muhimu la asili (mfano, zelster.com-management.com). -- **subdomain yenye hyphen**: Badilisha **dot kuwa hyphen** ya subdomain (mfano, www-zelster.com). +- **Neno muhimu**: Jina la domeni **linajumuisha** neno muhimu **lililo muhimu** la domeni asilia (mfano, zelster.com-management.com). +- **subdomain yenye hyphen**: Badilisha **nukta kuwa hyphen** ya subdomain (mfano, www-zelster.com). - **TLD Mpya**: Domeni sawa ikitumia **TLD mpya** (mfano, zelster.org) - **Homoglyph**: In **badilisha** herufi katika jina la domeni kwa **herufi zinazofanana** (mfano, zelfser.com). - **Mabadiliko:** In **badilisha herufi mbili** ndani ya jina la domeni (mfano, zelsetr.com). @@ -30,9 +30,9 @@ - **Kuondoa**: In **ondoa moja** ya herufi kutoka jina la domeni (mfano, zelser.com). - **Kurudia:** In **rudia moja** ya herufi katika jina la domeni (mfano, zeltsser.com). - **Badiliko**: Kama homoglyph lakini si wa siri sana. Inabadilisha moja ya herufi katika jina la domeni, labda kwa herufi iliyo karibu na herufi asilia kwenye kibodi (mfano, zektser.com). -- **Subdomained**: Ingiza **dot** ndani ya jina la domeni (mfano, ze.lster.com). -- **Kuingiza**: In **ingiza herufi** ndani ya jina la domeni (mfano, zerltser.com). -- **Dot iliyokosekana**: Ongeza TLD kwenye jina la domeni. (mfano, zelstercom.com) +- **Subdomained**: Ingiza **nukta** ndani ya jina la domeni (mfano, ze.lster.com). +- **Kuongeza**: In **ongeza herufi** ndani ya jina la domeni (mfano, zerltser.com). +- **Nukta iliyokosekana**: Ongeza TLD kwenye jina la domeni. (mfano, zelstercom.com) **Zana za Kiotomatiki** @@ -47,20 +47,20 @@ ### Bitflipping -Kuna **uwezekano kwamba moja ya bits zilizohifadhiwa au katika mawasiliano inaweza kubadilishwa kiotomatiki** kutokana na sababu mbalimbali kama vile miale ya jua, mionzi ya anga, au makosa ya vifaa. +Kuna **uwezekano kwamba moja ya baadhi ya bits zilizohifadhiwa au katika mawasiliano inaweza kubadilishwa kiotomatiki** kutokana na sababu mbalimbali kama vile miale ya jua, mionzi ya anga, au makosa ya vifaa. Wakati dhana hii inatumika kwa maombi ya DNS, inawezekana kwamba **domeni iliyopokelewa na seva ya DNS** si sawa na domeni iliyotakiwa awali. Kwa mfano, mabadiliko ya bit moja katika jina la domeni "windows.com" yanaweza kubadilisha kuwa "windnws.com." -Wavamizi wanaweza **kunufaika na hili kwa kujiandikisha kwa domeni nyingi za bit-flipping** ambazo zinafanana na domeni ya mwathirika. Nia yao ni kuelekeza watumiaji halali kwenye miundombinu yao. +Washambuliaji wanaweza **kunufaika na hii kwa kujiandikisha kwa domeni nyingi za bit-flipping** ambazo zinafanana na domeni ya mwathirika. Nia yao ni kuelekeza watumiaji halali kwenye miundombinu yao. Kwa maelezo zaidi soma [https://www.bleepingcomputer.com/news/security/hijacking-traffic-to-microsoft-s-windowscom-with-bitflipping/](https://www.bleepingcomputer.com/news/security/hijacking-traffic-to-microsoft-s-windowscom-with-bitflipping/) ### Nunua domeni inayotegemewa -Unaweza kutafuta katika [https://www.expireddomains.net/](https://www.expireddomains.net) kwa domeni iliyokwisha muda ambayo unaweza kutumia.\ -Ili kuhakikisha kwamba domeni iliyokwisha muda unayopanga kununua **ina SEO nzuri tayari** unaweza kutafuta jinsi inavyopangwa katika: +Unaweza kutafuta katika [https://www.expireddomains.net/](https://www.expireddomains.net) kwa domeni iliyokwisha ambayo unaweza kutumia.\ +Ili kuhakikisha kwamba domeni iliyokwisha unayokusudia kununua **ina SEO nzuri tayari** unaweza kutafuta jinsi inavyopangwa katika: - [http://www.fortiguard.com/webfilter](http://www.fortiguard.com/webfilter) - [https://urlfiltering.paloaltonetworks.com/query/](https://urlfiltering.paloaltonetworks.com/query/) @@ -74,7 +74,7 @@ Ili kuhakikisha kwamba domeni iliyokwisha muda unayopanga kununua **ina SEO nzur - [https://anymailfinder.com/](https://anymailfinder.com) Ili **kugundua zaidi** anwani halali za barua pepe au **kuhakiki zile** ulizozigundua tayari unaweza kuangalia kama unaweza kujaribu nguvu kwenye seva za smtp za mwathirika. [Jifunze jinsi ya kuangalia/kugundua anwani ya barua pepe hapa](../../network-services-pentesting/pentesting-smtp/index.html#username-bruteforce-enumeration).\ -Zaidi ya hayo, usisahau kwamba ikiwa watumiaji wanatumia **milango yoyote ya wavuti kuingia kwenye barua zao**, unaweza kuangalia kama ina udhaifu wa **kujaribu nguvu jina la mtumiaji**, na kutumia udhaifu huo ikiwa inawezekana. +Zaidi ya hayo, usisahau kwamba ikiwa watumiaji wanatumia **milango yoyote ya wavuti kuingia kwenye barua zao**, unaweza kuangalia kama inahatarishwa kwa **kujaribu nguvu jina la mtumiaji**, na kutumia udhaifu huo ikiwa inawezekana. ## Sanidi GoPhish @@ -83,7 +83,7 @@ Zaidi ya hayo, usisahau kwamba ikiwa watumiaji wanatumia **milango yoyote ya wav Unaweza kuipakua kutoka [https://github.com/gophish/gophish/releases/tag/v0.11.0](https://github.com/gophish/gophish/releases/tag/v0.11.0) Pakua na uondoe ndani ya `/opt/gophish` na uendeshe `/opt/gophish/gophish`\ -Utapewa nenosiri kwa mtumiaji wa admin kwenye bandari 3333 katika matokeo. Hivyo, fikia bandari hiyo na tumia akidi hizo kubadilisha nenosiri la admin. Unaweza kuhitaji kupitisha bandari hiyo kwa local: +Utapewa nenosiri kwa mtumiaji wa admin kwenye bandari 3333 katika matokeo. Hivyo, fikia bandari hiyo na tumia akidi hizo kubadilisha nenosiri la admin. Unaweza kuhitaji kuunganisha bandari hiyo kwa local: ```bash ssh -L 3333:127.0.0.1:3333 @ ``` @@ -91,7 +91,7 @@ ssh -L 3333:127.0.0.1:3333 @ **TLS certificate configuration** -Kabla ya hatua hii unapaswa kuwa **umeshanunua jina la kikoa** unalotaka kutumia na lazima liwe **linaanika** kwa **IP ya VPS** ambapo unafanya usanidi wa **gophish**. +Kabla ya hatua hii unapaswa kuwa **umeshanunua jina la kikoa** unalotaka kutumia na lazima liwe **linaanika** kwenye **IP ya VPS** ambapo unafanya usanidi wa **gophish**. ```bash DOMAIN="" wget https://dl.eff.org/certbot-auto @@ -107,7 +107,7 @@ mkdir /opt/gophish/ssl_keys cp "/etc/letsencrypt/live/$DOMAIN/privkey.pem" /opt/gophish/ssl_keys/key.pem cp "/etc/letsencrypt/live/$DOMAIN/fullchain.pem" /opt/gophish/ssl_keys/key.crt​ ``` -**Usanidi wa barua pepe** +**Mipangilio ya Barua** Anza kufunga: `apt-get install postfix` @@ -117,7 +117,7 @@ Kisha ongeza kikoa kwenye faili zifuatazo: - **/etc/postfix/transport** - **/etc/postfix/virtual_regexp** -**Badilisha pia thamani za vigezo vifuatavyo ndani ya /etc/postfix/main.cf** +**Badilisha pia thamani za mabadiliko yafuatayo ndani ya /etc/postfix/main.cf** `myhostname = `\ `mydestination = $myhostname, , localhost.com, localhost` @@ -126,7 +126,7 @@ Hatimaye, badilisha faili **`/etc/hostname`** na **`/etc/mailname`** kuwa jina l Sasa, tengeneza **rekodi ya DNS A** ya `mail.` ikielekeza kwenye **anwani ya ip** ya VPS na rekodi ya **DNS MX** ikielekeza kwa `mail.` -Sasa hebu jaribu kutuma barua pepe: +Sasa hebu tujaribu kutuma barua pepe: ```bash apt install mailutils echo "This is the body of the email" | mail -s "This is the subject line" test@email.com @@ -223,13 +223,13 @@ service gophish stop ### Subiri & kuwa halali -Kadiri kikoa kilivyo na umri mrefu ndivyo inavyokuwa na uwezekano mdogo wa kukamatwa kama spam. Hivyo unapaswa kusubiri muda mrefu iwezekanavyo (angalau wiki 1) kabla ya tathmini ya phishing. Aidha, ikiwa utaweka ukurasa kuhusu sekta yenye sifa, sifa iliyopatikana itakuwa bora. +Kadri kikoa kinavyozeeka ndivyo inavyokuwa na uwezekano mdogo wa kukamatwa kama spam. Basi unapaswa kusubiri muda mrefu iwezekanavyo (angalau wiki 1) kabla ya tathmini ya phishing. Zaidi ya hayo, ikiwa utaweka ukurasa kuhusu sekta yenye sifa, sifa iliyopatikana itakuwa bora. Kumbuka kwamba hata kama unapaswa kusubiri wiki moja unaweza kumaliza kuunda kila kitu sasa. ### Sanidi Rekodi ya Reverse DNS (rDNS) -Weka rekodi ya rDNS (PTR) inayotatua anwani ya IP ya VPS hadi jina la kikoa. +Weka rekodi ya rDNS (PTR) inayotatua anwani ya IP ya VPS kwa jina la kikoa. ### Rekodi ya Sender Policy Framework (SPF) @@ -247,13 +247,13 @@ v=spf1 mx a ip4:ip.ip.ip.ip ?all Lazima **uweke rekodi ya DMARC kwa jina jipya la kikoa**. Ikiwa hujui ni nini rekodi ya DMARC [**soma ukurasa huu**](../../network-services-pentesting/pentesting-smtp/index.html#dmarc). -Lazima uunde rekodi mpya ya DNS TXT ikielekeza jina la mwenyeji `_dmarc.` yenye maudhui yafuatayo: +Lazima uunde rekodi mpya ya DNS TXT ikielekeza kwenye jina la mwenyeji `_dmarc.` yenye maudhui yafuatayo: ```bash v=DMARC1; p=none ``` ### DomainKeys Identified Mail (DKIM) -Lazima **uweke DKIM kwa jina jipya la kikoa**. Ikiwa hujui ni nini rekodi ya DMARC [**soma ukurasa huu**](../../network-services-pentesting/pentesting-smtp/index.html#dkim). +Lazima **uweke DKIM kwa jina jipya la kikoa**. Ikiwa hujui ni rekodi gani ya DMARC [**soma ukurasa huu**](../../network-services-pentesting/pentesting-smtp/index.html#dkim). Mafunzo haya yanategemea: [https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy](https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy) @@ -264,7 +264,7 @@ Mafunzo haya yanategemea: [https://www.digitalocean.com/community/tutorials/how- > v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wPibdqPtzYk81njjQCrChIcHzxOp8a1wjbsoNtka2X9QXCZs+iXkvw++QsWDtdYu3q0Ofnr0Yd/TmG/Y2bBGoEgeE+YTUG2aEgw8Xx42NLJq2D1pB2lRQPW4IxefROnXu5HfKSm7dyzML1gZ1U0pR5X4IZCH0wOPhIq326QjxJZm79E1nTh3xj" "Y9N/Dt3+fVnIbMupzXE216TdFuifKM6Tl6O/axNsbswMS1TH812euno8xRpsdXJzFlB9q3VbMkVWig4P538mHolGzudEBg563vv66U8D7uuzGYxYT4WS8NVm3QBMg0QKPWZaKp+bADLkOSB9J2nUpk4Aj9KB5swIDAQAB > ``` -### Jaribu alama yako ya usanidi wa barua pepe +### Test your email configuration score Unaweza kufanya hivyo kwa kutumia [https://www.mail-tester.com/](https://www.mail-tester.com)\ Fikia tu ukurasa huo na tuma barua pepe kwa anwani wanayokupa: @@ -272,7 +272,7 @@ Fikia tu ukurasa huo na tuma barua pepe kwa anwani wanayokupa: echo "This is the body of the email" | mail -s "This is the subject line" test-iimosa79z@srv1.mail-tester.com ``` Unaweza pia **kuangalia usanidi wako wa barua pepe** kwa kutuma barua pepe kwa `check-auth@verifier.port25.com` na **kusoma jibu** (kwa hili utahitaji **kufungua** bandari **25** na kuona jibu katika faili _/var/mail/root_ ikiwa utatuma barua pepe kama root).\ -Angalia kwamba unapita majaribio yote: +Angalia kwamba unapitisha majaribio yote: ```bash ========================================================== Summary of Results @@ -289,32 +289,32 @@ Authentication-Results: mx.google.com; spf=pass (google.com: domain of contact@example.com designates --- as permitted sender) smtp.mail=contact@example.com; dkim=pass header.i=@example.com; ``` -### ​Kuondoa kutoka kwenye Spamhouse Blacklist +### ​Kuondoa kutoka kwenye Orodha ya Spamhouse -Ukurasa [www.mail-tester.com](https://www.mail-tester.com) unaweza kuonyesha ikiwa domain yako inazuia na spamhouse. Unaweza kuomba kuondolewa kwa domain/IP yako hapa: ​[https://www.spamhaus.org/lookup/](https://www.spamhaus.org/lookup/) +Ukurasa [www.mail-tester.com](https://www.mail-tester.com) unaweza kuonyesha ikiwa jina lako la kikoa linazuiwa na spamhouse. Unaweza kuomba jina lako la kikoa/IP kuondolewa kwenye: ​[https://www.spamhaus.org/lookup/](https://www.spamhaus.org/lookup/) -### Kuondoa kutoka kwenye Microsoft Blacklist +### Kuondoa kutoka kwenye Orodha ya Microsoft -​​Unaweza kuomba kuondolewa kwa domain/IP yako hapa [https://sender.office.com/](https://sender.office.com). +Unaweza kuomba jina lako la kikoa/IP kuondolewa kwenye [https://sender.office.com/](https://sender.office.com). -## Unda & Uzindue Kampeni ya GoPhish +## Unda & Anzisha Kampeni ya GoPhish ### Profaili ya Kutuma - Weka **jina la kutambulisha** profaili ya mtumaji -- Amua kutoka kwenye akaunti gani utaenda kutuma barua pepe za phishing. Mapendekezo: _noreply, support, servicedesk, salesforce..._ +- Amua kutoka kwenye akaunti gani unataka kutuma barua pepe za phishing. Mapendekezo: _noreply, support, servicedesk, salesforce..._ - Unaweza kuacha jina la mtumiaji na nenosiri kuwa tupu, lakini hakikisha umeangalia Ignore Certificate Errors ![](<../../images/image (253) (1) (2) (1) (1) (2) (2) (3) (3) (5) (3) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (10) (15) (2).png>) > [!NOTE] > Inapendekezwa kutumia kazi ya "**Send Test Email**" ili kujaribu kwamba kila kitu kinafanya kazi.\ -> Ningependekeza **kutuma barua pepe za majaribio kwa anwani za 10min mails** ili kuepuka kuorodheshwa kwenye orodha ya watu wabaya wakati wa majaribio. +> Ningependekeza **kutuma barua pepe za majaribio kwa anwani za barua pepe za 10min** ili kuepuka kuorodheshwa kwenye orodha ya watu wasiotakikana unapofanya majaribio. ### Kiolezo cha Barua Pepe - Weka **jina la kutambulisha** kiolezo -- Kisha andika **kichwa** (hakuna kitu cha ajabu, ni kitu ambacho ungeweza kutarajia kusoma katika barua pepe ya kawaida) +- Kisha andika **kichwa** (hakuna kitu cha ajabu, ni kitu ambacho unaweza kutarajia kusoma katika barua pepe ya kawaida) - Hakikisha umeangalia "**Add Tracking Image**" - Andika **kiolezo cha barua pepe** (unaweza kutumia vigezo kama katika mfano ufuatao): ```html @@ -337,7 +337,7 @@ WRITE HERE SOME SIGNATURE OF SOMEONE FROM THE COMPANY ``` Kumbuka kwamba **ili kuongeza uaminifu wa barua pepe**, inashauriwa kutumia saini kutoka kwa barua pepe ya mteja. Mapendekezo: -- Tuma barua pepe kwa **anwani isiyo na uwepo** na uangalie kama jibu lina saini yoyote. +- Tuma barua pepe kwa **anwani isiyo na ukweli** na uangalie ikiwa jibu lina saini yoyote. - Tafuta **barua pepe za umma** kama info@ex.com au press@ex.com au public@ex.com na uwatume barua pepe na subiri jibu. - Jaribu kuwasiliana na **barua pepe halali zilizogunduliwa** na subiri jibu. @@ -360,7 +360,7 @@ Kumbuka kwamba **ili kuongeza uaminifu wa barua pepe**, inashauriwa kutumia sain > Kumbuka kwamba ikiwa unahitaji **kutumia rasilimali za kudumu** kwa HTML (labda kurasa za CSS na JS) unaweza kuziokoa katika _**/opt/gophish/static/endpoint**_ na kisha uzifikie kutoka _**/static/\**_ > [!NOTE] -> Kwa mwelekeo unaweza **kuhamasisha watumiaji kwenye ukurasa halali wa wavuti** wa mwathirika, au kuwahamisha kwenye _/static/migration.html_ kwa mfano, weka **gari inayozunguka (**[**https://loading.io/**](https://loading.io)**) kwa sekunde 5 na kisha onyesha kwamba mchakato ulikuwa na mafanikio**. +> Kwa mwelekeo unaweza **kuwapeleka watumiaji kwenye ukurasa halali wa wavuti** wa mwathirika, au kuwapeleka kwenye _/static/migration.html_ kwa mfano, weka **gari inayozunguka (**[**https://loading.io/**](https://loading.io)**) kwa sekunde 5 na kisha onyesha kwamba mchakato umefanikiwa**. ### Watumiaji na Makundi @@ -371,20 +371,20 @@ Kumbuka kwamba **ili kuongeza uaminifu wa barua pepe**, inashauriwa kutumia sain ### Kampeni -Hatimaye, tengeneza kampeni kwa kuchagua jina, template ya barua pepe, ukurasa wa kutua, URL, wasifu wa kutuma na kundi. Kumbuka kwamba URL itakuwa kiungo kitakachotumwa kwa wahanga. +Hatimaye, tengeneza kampeni ukichagua jina, template ya barua pepe, ukurasa wa kutua, URL, wasifu wa kutuma na kundi. Kumbuka kwamba URL itakuwa kiungo kitakachotumwa kwa wahanga. -Kumbuka kwamba **Wasifu wa Kutuma unaruhusu kutuma barua pepe ya majaribio kuona jinsi barua pepe ya mwisho ya udukuzi itakavyokuwa**: +Kumbuka kwamba **Wasifu wa Kutuma unaruhusu kutuma barua pepe ya majaribio kuona jinsi barua pepe ya udukuzi itakavyokuwa**: ![](<../../images/image (192).png>) > [!NOTE] -> Ningependekeza **kutuma barua pepe za majaribio kwa anwani za barua pepe za 10min** ili kuepuka kuorodheshwa kwenye orodha ya mblacklist wakati wa kufanya majaribio. +> Ningependekeza **kutuma barua pepe za majaribio kwa anwani za barua pepe za 10min** ili kuepuka kuorodheshwa kwenye orodha ya mblacklisted wakati wa kufanya majaribio. Mara kila kitu kiko tayari, uzindue kampeni! ## Kloni ya Tovuti -Ikiwa kwa sababu yoyote unataka kunakili tovuti, angalia ukurasa ufuatao: +Ikiwa kwa sababu yoyote unataka kunakili tovuti angalia ukurasa ufuatao: {{#ref}} clone-a-website.md @@ -392,7 +392,7 @@ clone-a-website.md ## Hati na Faili Zenye Backdoor -Katika tathmini za udukuzi (hasa kwa Timu Nyekundu) utataka pia **kutuma faili zinazokuwa na aina fulani ya backdoor** (labda C2 au labda kitu ambacho kitachochea uthibitisho).\ +Katika tathmini za udukuzi (hasa kwa Timu za Red) utataka pia **kutuma faili zinazokuwa na aina fulani ya backdoor** (labda C2 au labda kitu ambacho kitachochea uthibitisho).\ Angalia ukurasa ufuatao kwa mifano: {{#ref}} @@ -403,24 +403,24 @@ phishing-documents.md ### Kupitia Proxy MitM -Shambulio la awali ni la busara kwani unafanyia kazi tovuti halisi na kukusanya taarifa zilizowekwa na mtumiaji. Kwa bahati mbaya, ikiwa mtumiaji hakuweka nywila sahihi au ikiwa programu uliyofanya kazi nayo imewekwa na 2FA, **habari hii haitakuruhusu kujifanya kuwa mtumiaji aliyejipatia hila**. +Shambulio la awali ni la busara kwani unafanya kama tovuti halisi na kukusanya habari iliyowekwa na mtumiaji. Kwa bahati mbaya, ikiwa mtumiaji hakuweka nywila sahihi au ikiwa programu uliyofanya kama inasanidiwa na 2FA, **habari hii haitakuruhusu kujifanya kama mtumiaji aliyejipatia**. -Hapa ndipo zana kama [**evilginx2**](https://github.com/kgretzky/evilginx2)**,** [**CredSniper**](https://github.com/ustayready/CredSniper) na [**muraena**](https://github.com/muraenateam/muraena) zinakuwa na manufaa. Zana hii itakuruhusu kuunda shambulio kama la MitM. Kimsingi, shambulio linafanya kazi kwa njia ifuatayo: +Hapa ndipo zana kama [**evilginx2**](https://github.com/kgretzky/evilginx2)**,** [**CredSniper**](https://github.com/ustayready/CredSniper) na [**muraena**](https://github.com/muraenateam/muraena) zinakuwa na manufaa. Zana hii itakuruhusu kuunda shambulio kama la MitM. K基本, shambulio linafanya kazi kama ifuatavyo: -1. Unajifanya kuwa fomu ya kuingia ya ukurasa halisi wa wavuti. -2. Mtumiaji **anatumia** **taarifa zake** kwenye ukurasa wako wa uongo na zana inatumia hizo kwenye ukurasa halisi wa wavuti, **ikikagua ikiwa taarifa hizo zinafanya kazi**. -3. Ikiwa akaunti imewekwa na **2FA**, ukurasa wa MitM utauliza kwa hiyo na mara **mtumiaji anapoweka** hiyo zana itatuma kwa ukurasa halisi wa wavuti. -4. Mara mtumiaji anapothibitishwa wewe (kama mshambuliaji) utakuwa **umechukua taarifa, 2FA, cookie na taarifa yoyote** ya kila mwingiliano wako wakati zana inafanya MitM. +1. Unafanya **kufanana na fomu ya kuingia** ya ukurasa halisi. +2. Mtumiaji **anatumia** **kuakisi** kwake kwenye ukurasa wako wa uongo na zana inapeleka hizo kwenye ukurasa halisi, **ikikagua ikiwa kuakisi kunafanya kazi**. +3. Ikiwa akaunti imeanzishwa na **2FA**, ukurasa wa MitM utauliza kwa hiyo na mara **mtumiaji anapoweka** hiyo zana itapeleka kwenye ukurasa halisi. +4. Mara mtumiaji anapothibitishwa wewe (kama mshambuliaji) utakuwa **umechukua kuakisi, 2FA, cookie na habari yoyote** ya kila mwingiliano wako wakati zana inafanya MitM. ### Kupitia VNC Je, ni vipi badala ya **kumpeleka mwathirika kwenye ukurasa mbaya** wenye muonekano sawa na wa asili, unampeleka kwenye **kikao cha VNC chenye kivinjari kilichounganishwa na ukurasa halisi wa wavuti**? Utaweza kuona anachofanya, kuiba nywila, MFA iliyotumika, cookies...\ -Unaweza kufanya hivi kwa kutumia [**EvilnVNC**](https://github.com/JoelGMSec/EvilnoVNC) +Unaweza kufanya hivi na [**EvilnVNC**](https://github.com/JoelGMSec/EvilnoVNC) ## Kugundua kugundua -Kwa wazi moja ya njia bora za kujua ikiwa umekamatwa ni **kutafuta kikoa chako ndani ya orodha za mblacklist**. Ikiwa inajitokeza, kwa namna fulani kikoa chako kiligunduliwa kama cha mashaka.\ -Njia rahisi ya kuangalia ikiwa kikoa chako kinajitokeza katika orodha yoyote ya mblacklist ni kutumia [https://malwareworld.com/](https://malwareworld.com) +Kwa wazi moja ya njia bora za kujua ikiwa umekamatwa ni **kutafuta kikoa chako ndani ya orodha za mblacklisted**. Ikiwa inaonekana imeorodheshwa, kwa namna fulani kikoa chako kiligunduliwa kama cha mashaka.\ +Njia rahisi ya kuangalia ikiwa kikoa chako kinaonekana katika orodha yoyote ya mblacklisted ni kutumia [https://malwareworld.com/](https://malwareworld.com) Hata hivyo, kuna njia nyingine za kujua ikiwa mwathirika **anatafuta kwa nguvu shughuli za udukuzi za mashaka katika mazingira** kama ilivyoelezwa katika: @@ -428,7 +428,7 @@ Hata hivyo, kuna njia nyingine za kujua ikiwa mwathirika **anatafuta kwa nguvu s detecting-phising.md {{#endref}} -Unaweza **kununua kikoa chenye jina linalofanana sana** na kikoa cha mwathirika **na/au kuunda cheti** kwa **subdomain** ya kikoa kinachodhibitiwa na wewe **kilichokuwa** na **neno muhimu** la kikoa cha mwathirika. Ikiwa **mwathirika** atafanya aina yoyote ya **maingiliano ya DNS au HTTP** nao, utajua kwamba **anatafuta kwa nguvu** kikoa cha mashaka na itabidi uwe na uangalifu mkubwa. +Unaweza **kununua kikoa chenye jina linalofanana sana** na kikoa cha mwathirika **na/au kuunda cheti** kwa **subdomain** ya kikoa kinachodhibitiwa na wewe **kilichokuwa** na **neno muhimu** la kikoa cha mwathirika. Ikiwa **mwathirika** atafanya aina yoyote ya **DNS au mwingiliano wa HTTP** nao, utajua kwamba **anatafuta kwa nguvu** kikoa cha mashaka na utahitaji kuwa na uangalifu mkubwa. ### Kadiria udukuzi diff --git a/theme/ai.js b/theme/ai.js new file mode 100644 index 000000000..bae463b88 --- /dev/null +++ b/theme/ai.js @@ -0,0 +1,141 @@ +/** + * HackTricks AI Chat Widget v1.14 – animated typing indicator + * ------------------------------------------------------------------------ + * • Replaces the static “…” placeholder with a three‑dot **bouncing** loader + * while waiting for the assistant’s response. + * ------------------------------------------------------------------------ + */ +(function () { + const LOG = "[HackTricks-AI]"; + + /* ---------------- User‑tunable constants ---------------- */ + const MAX_CONTEXT = 3000; // highlighted‑text char limit + const MAX_QUESTION = 500; // question char limit + const TOOLTIP_TEXT = + "💡 Highlight any text on the page,\nthen click to ask HackTricks AI about it"; + + const API_BASE = "https://www.hacktricks.ai/api/assistants/threads"; + const BRAND_RED = "#b31328"; // HackTricks brand + + /* ------------------------------ State ------------------------------ */ + let threadId = null; + let isRunning = false; + + const $ = (sel, ctx = document) => ctx.querySelector(sel); + if (document.getElementById("ht-ai-btn")) { console.warn(`${LOG} Widget already injected.`); return; } + (document.readyState === "loading" ? document.addEventListener("DOMContentLoaded", init) : init()); + + /* ==================================================================== */ + async function init() { + console.log(`${LOG} Injecting widget… v1.14`); + await ensureThreadId(); + injectStyles(); + + const btn = createFloatingButton(); + createTooltip(btn); + const panel = createSidebar(); + const chatLog = $("#ht-ai-chat"); + const sendBtn = $("#ht-ai-send"); + const inputBox = $("#ht-ai-question"); + const resetBtn = $("#ht-ai-reset"); + const closeBtn = $("#ht-ai-close"); + + /* ------------------- Selection snapshot ------------------- */ + let savedSelection = ""; + btn.addEventListener("pointerdown", () => { savedSelection = window.getSelection().toString().trim(); }); + + /* ------------------- Helpers ------------------------------ */ + function addMsg(text, cls) { + const b = document.createElement("div"); + b.className = `ht-msg ${cls}`; + b.textContent = text; + chatLog.appendChild(b); + chatLog.scrollTop = chatLog.scrollHeight; + return b; + } + const LOADER_HTML = ''; + + function setInputDisabled(d) { inputBox.disabled = d; sendBtn.disabled = d; } + function clearThreadCookie() { document.cookie = "threadId=; Path=/; Max-Age=0"; threadId = null; } + function resetConversation() { chatLog.innerHTML=""; clearThreadCookie(); panel.classList.remove("open"); } + + /* ------------------- Panel open / close ------------------- */ + btn.addEventListener("click", () => { + if (!savedSelection) { alert("Please highlight some text first to then ask Hacktricks AI about it."); return; } + if (savedSelection.length > MAX_CONTEXT) { alert(`Highlighted text is too long (${savedSelection.length} chars). Max allowed: ${MAX_CONTEXT}.`); return; } + chatLog.innerHTML=""; addMsg(savedSelection, "ht-context"); panel.classList.add("open"); inputBox.focus(); + }); + closeBtn.addEventListener("click", resetConversation); + resetBtn.addEventListener("click", resetConversation); + + /* --------------------------- Messaging --------------------------- */ + async function sendMessage(question, context=null) { + if (!threadId) await ensureThreadId(); + if (isRunning) { addMsg("Please wait until the current operation completes.", "ht-ai"); return; } + + isRunning = true; setInputDisabled(true); + const loadingBubble = addMsg("", "ht-ai"); + loadingBubble.innerHTML = LOADER_HTML; + + const content = context ? `### Context:\n${context}\n\n### Question to answer:\n${question}` : question; + try { + const res = await fetch(`${API_BASE}/${threadId}/messages`, { method:"POST", credentials:"include", headers:{"Content-Type":"application/json"}, body:JSON.stringify({content}) }); + if (!res.ok) { + let err=`Unknown error: ${res.status}`; + try { const e=await res.json(); if(e.error) err=`Error: ${e.error}`; else if(res.status===429) err="Rate limit exceeded. Please try again later."; } catch(_){} + loadingBubble.textContent = err; return; } + const data = await res.json(); + loadingBubble.remove(); + if (Array.isArray(data.response)) data.response.forEach(p=>{ addMsg( p.type==="text"&&p.text&&p.text.value ? p.text.value : JSON.stringify(p), "ht-ai"); }); + else if (typeof data.response === "string") addMsg(data.response, "ht-ai"); + else addMsg(JSON.stringify(data,null,2), "ht-ai"); + } catch (e) { console.error("Error sending message:",e); loadingBubble.textContent="An unexpected error occurred."; } + finally { isRunning=false; setInputDisabled(false); chatLog.scrollTop=chatLog.scrollHeight; } + } + + async function handleSend(){ const q=inputBox.value.trim(); if(!q)return; if(q.length>MAX_QUESTION){alert(`Your question is too long (${q.length} chars). Max allowed: ${MAX_QUESTION}.`); return;} inputBox.value=""; addMsg(q,"ht-user"); await sendMessage(q,savedSelection||null);} + sendBtn.addEventListener("click", handleSend); + inputBox.addEventListener("keydown", e=>{ if(e.key==="Enter"&&!e.shiftKey){ e.preventDefault(); handleSend(); } }); + } + + /* ==================================================================== */ + async function ensureThreadId(){ const m=document.cookie.match(/threadId=([^;]+)/); if(m&&m[1]){threadId=m[1];return;} try{ const r=await fetch(API_BASE,{method:"POST",credentials:"include"}); const d=await r.json(); if(!r.ok||!d.threadId) throw new Error(`${r.status} ${r.statusText}`); threadId=d.threadId; document.cookie=`threadId=${threadId}; Path=/; Secure; SameSite=Strict; Max-Age=7200`; }catch(e){ console.error("Error creating threadId:",e); alert("Failed to initialise the conversation. Please refresh and try again."); throw e; }} + + /* ==================================================================== */ + function injectStyles(){ const css=` + #ht-ai-btn{position:fixed;bottom:20px;left:50%;transform:translateX(-50%);width:60px;height:60px;border-radius:50%;background:#1e1e1e;color:#fff;font-size:28px;display:flex;align-items:center;justify-content:center;cursor:pointer;z-index:99999;box-shadow:0 2px 8px rgba(0,0,0,.4);transition:opacity .2s} + #ht-ai-btn:hover{opacity:.85} + @media(max-width:768px){#ht-ai-btn{display:none}} + #ht-ai-tooltip{position:fixed;padding:6px 8px;background:#111;color:#fff;border-radius:4px;font-size:13px;white-space:pre-wrap;pointer-events:none;opacity:0;transform:translate(-50%,-8px);transition:opacity .15s ease,transform .15s ease;z-index:100000} + #ht-ai-tooltip.show{opacity:1;transform:translate(-50%,-12px)} + #ht-ai-panel{position:fixed;top:0;right:0;height:100%;width:350px;max-width:90vw;background:#000;color:#fff;display:flex;flex-direction:column;transform:translateX(100%);transition:transform .3s ease;z-index:100000;font-family:system-ui,-apple-system,Segoe UI,Roboto,"Helvetica Neue",Arial,sans-serif} + #ht-ai-panel.open{transform:translateX(0)} + @media(max-width:768px){#ht-ai-panel{display:none}} + #ht-ai-header{display:flex;justify-content:space-between;align-items:center;padding:12px 16px;border-bottom:1px solid #333} + #ht-ai-header .ht-actions{display:flex;gap:8px;align-items:center} + #ht-ai-close,#ht-ai-reset{cursor:pointer;font-size:18px;background:none;border:none;color:#fff;padding:0} + #ht-ai-close:hover,#ht-ai-reset:hover{opacity:.7} + #ht-ai-chat{flex:1;overflow-y:auto;padding:16px;display:flex;flex-direction:column;gap:12px;font-size:14px} + .ht-msg{max-width:90%;line-height:1.4;padding:10px 12px;border-radius:8px;white-space:pre-wrap;word-wrap:break-word} + .ht-user{align-self:flex-end;background:${BRAND_RED}} + .ht-ai{align-self:flex-start;background:#222} + .ht-context{align-self:flex-start;background:#444;font-style:italic;font-size:13px} + #ht-ai-input{display:flex;gap:8px;padding:12px 16px;border-top:1px solid #333} + #ht-ai-question{flex:1;min-height:40px;max-height:120px;resize:vertical;padding:8px;border-radius:6px;border:none;font-size:14px} + #ht-ai-send{padding:0 18px;border:none;border-radius:6px;background:${BRAND_RED};color:#fff;font-size:14px;cursor:pointer} + #ht-ai-send:disabled{opacity:.5;cursor:not-allowed} + /* Loader animation */ + .ht-loading{display:inline-flex;align-items:center;gap:4px} + .ht-loading span{width:6px;height:6px;border-radius:50%;background:#888;animation:ht-bounce 1.2s infinite ease-in-out} + .ht-loading span:nth-child(2){animation-delay:0.2s} + .ht-loading span:nth-child(3){animation-delay:0.4s} + @keyframes ht-bounce{0%,80%,100%{transform:scale(0);}40%{transform:scale(1);} } + ::selection{background:#ffeb3b;color:#000} + ::-moz-selection{background:#ffeb3b;color:#000}`; + const s=document.createElement("style"); s.id="ht-ai-style"; s.textContent=css; document.head.appendChild(s);} + + function createFloatingButton(){ const d=document.createElement("div"); d.id="ht-ai-btn"; d.textContent="🤖"; document.body.appendChild(d); return d; } + function createTooltip(btn){ const t=document.createElement("div"); t.id="ht-ai-tooltip"; t.textContent=TOOLTIP_TEXT; document.body.appendChild(t); btn.addEventListener("mouseenter",()=>{const r=btn.getBoundingClientRect(); t.style.left=`${r.left+r.width/2}px`; t.style.top=`${r.top}px`; t.classList.add("show");}); btn.addEventListener("mouseleave",()=>t.classList.remove("show")); } + function createSidebar(){ const p=document.createElement("div"); p.id="ht-ai-panel"; p.innerHTML=`
HackTricksAI Chat
`; document.body.appendChild(p); return p; } + })(); + \ No newline at end of file diff --git a/theme/ht_searcher.js b/theme/ht_searcher.js index e77213e96..887ddd205 100644 --- a/theme/ht_searcher.js +++ b/theme/ht_searcher.js @@ -1,3 +1,26 @@ +/* ──────────────────────────────────────────────────────────────── + Polyfill so requestIdleCallback works everywhere (IE 11/Safari) + ─────────────────────────────────────────────────────────────── */ +if (typeof window.requestIdleCallback !== "function") { +window.requestIdleCallback = function (cb) { + const start = Date.now(); + return setTimeout(function () { + cb({ + didTimeout: false, + timeRemaining: function () { + return Math.max(0, 50 - (Date.now() - start)); + } + }); + }, 1); +}; +window.cancelIdleCallback = window.clearTimeout; +} + + +/* ──────────────────────────────────────────────────────────────── + search.js + ─────────────────────────────────────────────────────────────── */ + "use strict"; window.search = window.search || {}; (function search(search) { @@ -471,64 +494,58 @@ window.search = window.search || {}; showResults(true); } - (async function loadSearchIndex(lang = window.lang || 'en') { - /* ───────── paths ───────── */ - const branch = lang === 'en' ? 'master' : lang; - const baseRemote = `https://raw.githubusercontent.com/HackTricks-wiki/hacktricks/${branch}`; - const remoteJson = `${baseRemote}/searchindex.json`; - const remoteJs = `${baseRemote}/searchindex.js`; - const localJson = './searchindex.json'; - const localJs = './searchindex.js'; - const TIMEOUT_MS = 5_000; - - /* ───────── helpers ───────── */ - const fetchWithTimeout = (url, opt = {}) => - Promise.race([ - fetch(url, opt), - new Promise((_, r) => setTimeout(() => r(new Error('timeout')), TIMEOUT_MS)) - ]); - - const loadScript = src => - new Promise((resolve, reject) => { - const s = document.createElement('script'); - s.src = src; - s.onload = resolve; - s.onerror = reject; + (async function loadSearchIndex(lang = window.lang || "en") { + const branch = lang === "en" ? "master" : lang; + const rawUrl = + `https://raw.githubusercontent.com/HackTricks-wiki/hacktricks/refs/heads/${branch}/searchindex.js`; + const localJs = "/searchindex.js"; + const TIMEOUT_MS = 10_000; + + const injectScript = (src) => + new Promise((resolve, reject) => { + const s = document.createElement("script"); + s.src = src; + s.onload = () => resolve(src); + s.onerror = (e) => reject(e); document.head.appendChild(s); - }); - - /* ───────── 1. remote JSON ───────── */ + }); + try { - const r = await fetchWithTimeout(remoteJson); - if (!r.ok) throw new Error(r.status); - return init(await r.json()); - } catch (e) { - console.warn('Remote JSON failed →', e); + /* 1 — download raw JS from GitHub */ + const controller = new AbortController(); + const timer = setTimeout(() => controller.abort(), TIMEOUT_MS); + + const res = await fetch(rawUrl, { signal: controller.signal }); + clearTimeout(timer); + if (!res.ok) throw new Error(`HTTP ${res.status}`); + + /* 2 — wrap in a Blob so the browser sees application/javascript */ + const code = await res.text(); + const blobUrl = URL.createObjectURL( + new Blob([code], { type: "application/javascript" }) + ); + + /* 3 — execute it */ + await injectScript(blobUrl); + + /* ───────────── PATCH ───────────── + heavy parsing now deferred to idle time + */ + requestIdleCallback(() => init(window.search)); + return; // ✔ UI remains responsive + } catch (eRemote) { + console.warn("Remote JS failed →", eRemote); } - - /* ───────── 2. remote JS ───────── */ + + /* ───────── fallback: local copy ───────── */ try { - await loadScript(remoteJs); - return init(window.search); - } catch (e) { - console.warn('Remote JS failed →', e); - } - - /* ───────── 3. local JSON ───────── */ - try { - const r = await fetch(localJson); - if (!r.ok) throw new Error(r.status); - return init(await r.json()); - } catch (e) { - console.warn('Local JSON failed →', e); - } - - /* ───────── 4. local JS ───────── */ - try { - await loadScript(localJs); - return init(window.search); - } catch (e) { - console.error('Local JS failed →', e); + await injectScript(localJs); + + /* ───────────── PATCH ───────────── */ + requestIdleCallback(() => init(window.search)); + return; + } catch (eLocal) { + console.error("Local JS failed →", eLocal); } })();