mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2025-12-12 07:40:49 -08:00
translate
This commit is contained in:
Carlos Polop
1
.github/pull_request_template.md
vendored
1
.github/pull_request_template.md
vendored
@@ -15,4 +15,3 @@ In any case, thanks for contributing to HackTricks!
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -4,7 +4,6 @@
|
||||
|
||||
|
||||
|
||||
|
||||
# General
|
||||
.DS_Store
|
||||
.AppleDouble
|
||||
|
||||
@@ -43,7 +43,7 @@ def ref(matchobj):
|
||||
if href.endswith("/"):
|
||||
href = href+"README.md" # Fix if ref points to a folder
|
||||
chapter, _path = findtitle(href, book, "source_path")
|
||||
logger.debug(f'Recursive title search result: {chapter['name']}')
|
||||
logger.debug(f'Recursive title search result: {chapter["name"]}')
|
||||
title = chapter['name']
|
||||
except Exception as e:
|
||||
try:
|
||||
|
||||
@@ -12,7 +12,6 @@ from tqdm import tqdm #pip3 install tqdm
|
||||
import traceback
|
||||
|
||||
|
||||
|
||||
MASTER_BRANCH = "master"
|
||||
VERBOSE = True
|
||||
MAX_TOKENS = 10000 #gpt-4-1106-preview
|
||||
@@ -214,23 +213,25 @@ def split_text(text, model):
|
||||
return chunks
|
||||
|
||||
|
||||
def copy_gitbook_dir(source_path, dest_path):
|
||||
folder_name = ".gitbook/"
|
||||
source_folder = os.path.join(source_path, folder_name)
|
||||
destination_folder = os.path.join(dest_path, folder_name)
|
||||
if not os.path.exists(source_folder):
|
||||
print(f"Error: {source_folder} does not exist.")
|
||||
else:
|
||||
# Copy the .gitbook folder
|
||||
shutil.copytree(source_folder, destination_folder)
|
||||
print(f"Copied .gitbook folder from {source_folder} to {destination_folder}")
|
||||
def copy_dirs(source_path, dest_path):
|
||||
folder_names = ["theme/", "src/images/"]
|
||||
for folder_name in folder_names:
|
||||
source_folder = os.path.join(source_path, folder_name)
|
||||
destination_folder = os.path.join(dest_path, folder_name)
|
||||
if not os.path.exists(source_folder):
|
||||
print(f"Error: {source_folder} does not exist.")
|
||||
else:
|
||||
# Copy the theme folder
|
||||
shutil.copytree(source_folder, destination_folder)
|
||||
print(f"Copied .gitbook folder from {source_folder} to {destination_folder}")
|
||||
|
||||
def copy_summary(source_path, dest_path):
|
||||
file_name = "src/SUMMARY.md"
|
||||
source_filepath = os.path.join(source_path, file_name)
|
||||
dest_filepath = os.path.join(dest_path, file_name)
|
||||
shutil.copy2(source_filepath, dest_filepath)
|
||||
print("[+] Copied SUMMARY.md")
|
||||
def copy_files(source_path, dest_path):
|
||||
file_names = ["src/SUMMARY.md", "hacktricks-preprocessonr.py", "book.toml", ".gitignore"]
|
||||
for file_name in file_names:
|
||||
source_filepath = os.path.join(source_path, file_name)
|
||||
dest_filepath = os.path.join(dest_path, file_name)
|
||||
shutil.copy2(source_filepath, dest_filepath)
|
||||
print(f"[+] Copied {file_name}")
|
||||
|
||||
def translate_file(language, file_path, file_dest_path, model, client):
|
||||
global VERBOSE
|
||||
@@ -384,10 +385,10 @@ if __name__ == "__main__":
|
||||
exit(1)
|
||||
|
||||
# Copy summary
|
||||
copy_summary(source_folder, dest_folder)
|
||||
copy_files(source_folder, dest_folder)
|
||||
|
||||
# Copy .gitbook folder
|
||||
copy_gitbook_dir(source_folder, dest_folder)
|
||||
copy_dirs(source_folder, dest_folder)
|
||||
|
||||
# Create the branch and copy the translated files
|
||||
cp_translation_to_repo_dir_and_check_gh_branch(branch, dest_folder, translate_files)
|
||||
|
||||
@@ -39,4 +39,3 @@ _Hacktricks logos & motion designed by_ [_@ppiernacho_](https://www.instagram.co
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -506,4 +506,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -16,4 +16,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -141,4 +141,3 @@ From a **white box security** review, you would need the **System Auditor role**
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -119,4 +119,3 @@ python rbdel.py -u <workgroup>\\<user> -p <pass> <ip> azureadssosvc$
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -70,4 +70,3 @@ Open-AADIntOffice365Portal -ImmutableID qIMPTm2Q3kimHgg4KQyveA== -Issuer "http:/
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -33,4 +33,3 @@ az storage queue policy set --name <queue-name> --permissions rwd --expiry 2024-
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -43,4 +43,3 @@ az storage blob service-properties delete-policy update \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -27,4 +27,3 @@ An attacker could get access to the instances and backdoor them:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -4,4 +4,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -47,4 +47,3 @@ This would allow to delete objects inside the storage account which might **inte
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -50,4 +50,3 @@ This would allow to delete file inside the shared filesystem which might **inter
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -19,4 +19,3 @@ For more information about function apps check:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -113,4 +113,3 @@ az keyvault secret restore --vault-name <vault-name> --file <backup-file-path>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -91,4 +91,3 @@ az storage queue policy set --name <queue-name> --permissions rwd --expiry 2024-
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -101,4 +101,3 @@ Take a look here:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -104,4 +104,3 @@ az sql db import --admin-user <admin-user> \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -66,4 +66,3 @@ This would allow to delete file inside the shared filesystem which might **inter
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -183,4 +183,3 @@ az vm application set \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -41,4 +41,3 @@ ssh root@127.0.0.1 -p 39895
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -84,4 +84,3 @@ az rest --method PUT \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -359,4 +359,3 @@ az rest --method GET \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -183,4 +183,3 @@ $data = Get-SharePointFilesFromGraph -authentication $token $data[0].downloadUrl
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -52,4 +52,3 @@ az rest --method GET \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -459,4 +459,3 @@ az functionapp deployment source config \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -36,4 +36,3 @@ az keyvault set-policy \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -75,4 +75,3 @@ az storage queue policy set --name <queue-name> --permissions rwd --expiry 2024-
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -156,4 +156,3 @@ az servicebus namespace authorization-rule update \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -113,4 +113,3 @@ az sql server azure-ad-only-auth disable \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -154,4 +154,3 @@ az storage share-rm restore \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -384,4 +384,3 @@ According to the [**docs**](https://learn.microsoft.com/en-us/azure/role-based-a
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -75,4 +75,3 @@ def main(req: func.HttpRequest) -> func.HttpResponse:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -54,4 +54,3 @@ docker pull <corp-name>.azurecr.io/<image>:<tag>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -89,8 +89,6 @@ az webapp config storage-account list --name <name> --resource-gl_group
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# List all the functions
|
||||
az functionapp list
|
||||
|
||||
@@ -216,4 +214,3 @@ git clone 'https://<username>:<password>@name.scm.azurewebsites.net/repo-name.gi
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -42,4 +42,3 @@ Get-ApplicationProxyAssignedUsersAndGroups -ObjectId <object-id>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -33,4 +33,3 @@ cat <PATH TO .json FILE> | Select-String password
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -180,4 +180,3 @@ $response = Invoke-WebRequest -Method Post -Uri $uri -Body $body
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -67,4 +67,3 @@ The successful execution of this process opens numerous possibilities for furthe
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1033,4 +1033,3 @@ The default mode is **Audit**:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -174,4 +174,3 @@ Same as storage persistence:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -268,4 +268,3 @@ az rest --url "https://management.azure.com/<subscription>/resourceGroups/<res-g
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -71,4 +71,3 @@ Get-AzLogicApp -ResourceGroupName <ResourceGroupName> -Name <LogicAppName>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -58,4 +58,3 @@ az group list --subscription "<subscription>" --output table
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -97,4 +97,3 @@ $queueMessage.Value
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -102,4 +102,3 @@ az servicebus namespace authorization-rule keys list --resource-group <MyResourc
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -263,4 +263,3 @@ sqlcmd -S <sql-server>.database.windows.net -U <server-user> -P <server-passwork
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -439,4 +439,3 @@ az-file-shares.md
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -111,4 +111,3 @@ Same as storage persistence:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -33,4 +33,3 @@ The execution of the script can take up to **one hour**.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -186,4 +186,3 @@ done
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -863,4 +863,3 @@ Invoke-AzureRmVMBulkCMD -Script Mimikatz.ps1 -Verbose -output Output.txt
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -466,4 +466,3 @@ Get-AzExpressRouteCircuit
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -250,4 +250,3 @@ az-password-spraying.md
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -9,4 +9,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -153,4 +153,3 @@ Check the Applications and Service Principal sections of the page:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -37,4 +37,3 @@ Invoke-PasswordSprayGmail -UserList .\userlist.txt -Password Fall2016 -Threads 1
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -43,4 +43,3 @@ az vm extension image list --publisher "Site24x7" --output table
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -45,4 +45,3 @@ do-services/
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -137,4 +137,3 @@ The **logs of a team** can be found in [**https://cloud.digitalocean.com/account
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -9,4 +9,3 @@ DO doesn't support granular permissions. So the **minimum role** that allows a u
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -21,4 +21,3 @@ DO offers a few services, here you can find how to **enumerate them:**
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -36,4 +36,3 @@ That will give you a **shell**, and just executing **`env`** you will be able to
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -35,4 +35,3 @@ doctl registry repository list-v2
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -45,4 +45,3 @@ doctl databases pool list <db-id> # List pools of DB
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -83,4 +83,3 @@ It's also possible to launch a **recovery console** to run commands inside the h
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -62,4 +62,3 @@ doctl serverless activations result <activation-id> # get only the response resu
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -21,4 +21,3 @@ doctl compute image list
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -41,4 +41,3 @@ doctl kubernetes cluster list-associated-resources <cluster-id>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -47,4 +47,3 @@ doctl compute firewall remove-droplets <fw-id> --droplet-ids <droplet-id>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -25,4 +25,3 @@ doctl projects resources list <proj-id> # Get all the resources of a project
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -48,4 +48,3 @@ aws s3 ls --endpoint=https://fra1.digitaloceanspaces.com s3://uniqbucketname
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -17,4 +17,3 @@ compute volume list
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -247,4 +247,3 @@ gcloud config unset auth/access_token_file
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -232,4 +232,3 @@ As defined by terraform in [https://registry.terraform.io/providers/hashicorp/go
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -155,4 +155,3 @@ jobs:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -146,4 +146,3 @@ roles/bigquery.metadataViewer
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -4,4 +4,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ Check how to do this in:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ If yoi could just modify the code of a running version or create a new one yo co
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -44,4 +44,3 @@ https://book.hacktricks.xyz/pentesting-web/dependency-confusion
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ Grant further access over datasets, tables, rows and columns to compromised user
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -21,4 +21,3 @@ For more info about Cloud Functions check:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -27,4 +27,3 @@ Create a backdoored Service or Job
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -71,4 +71,3 @@ But you can find further information in [https://github.com/FrancescoDiSalesGith
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -39,4 +39,3 @@ For more information check the technique in:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -21,4 +21,3 @@ For more informatoin about Compute and VPC (Networking) check:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -55,4 +55,3 @@ gcloud dataflow $NAME_TEMPLATE run testing \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ gcp-filestore-persistence.md
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ gcloud logging sinks create <sink-name> <destination> --log-filter="FILTER_CONDI
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -106,4 +106,3 @@ Some remediations for these techniques are explained in [https://www.netskope.co
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -24,4 +24,3 @@ An attacker could update the secret to:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -40,4 +40,3 @@ Another exploit script for this method can be found [here](https://github.com/Rh
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -4,4 +4,3 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -45,4 +45,3 @@ Modify source code to steal credentials if they are being sent or perform a defa
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,4 +23,3 @@ The Post Exploitation and Privesc techniques of Artifact Registry were mixed in:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user