Restructuring folders
This commit is contained in:
parent
3c9aff823f
commit
32d537cefb
@ -6,7 +6,7 @@ Al ser este tema muy extenso, se ha divido en 9 READMEs. A continuación, se ref
|
||||
- [TEMA 6 - OWASP TOP 10 y vulnerabilidades web](#tema-6---owasp-top-10-y-vulnerabilidades-web)
|
||||
- [README1.md](./README1.md)
|
||||
- [6.1 SQL Injection (SQLi)](./README1.md#61-sql-injection-sqli)
|
||||
- [Ejercicios](./README1.md#ejercicios)
|
||||
- [6.1.1 Ejercicio](./README1.md#611-ejercicio)
|
||||
- [6.2 CrossSite Scripting (XSS)](./README1.md#62-crosssite-scripting-xss)
|
||||
- [6.3 XML External Entity Injection (XXE)](./README1.md#63-xml-external-entity-injection-xxe)
|
||||
- [6.4 Local File Inclusion (LFI)](./README1.md#64-local-file-inclusion-lfi)
|
||||
@ -23,11 +23,12 @@ Al ser este tema muy extenso, se ha divido en 9 READMEs. A continuación, se ref
|
||||
- [README4.md](./README4.md)
|
||||
- [6.13 Inyecciones NoSQL](./README4.md#613-inyecciones-nosql)
|
||||
- [6.14 Inyecciones LDAP](./README4.md#614-inyecciones-ldap)
|
||||
- [Ejercicio](./README4.md#ejercicio)
|
||||
- [6.14.1 Ejercicio](./README4.md#6141-ejercicio)
|
||||
- [6.15 Ataques de Deserialización](./README4.md#615-ataques-de-deserialización)
|
||||
- [6.16 Inyecciones LaTex](./README4.md#616-inyecciones-latex)
|
||||
- [README5.md](./README5.md)
|
||||
- [6.17 Abuso de APIs](./README5.md#617-abuso-de-apis)
|
||||
- [6.17.1 Ejercicio](./README5.md#6171-ejercicio)
|
||||
- [6.18 Abuso de subidas de archivos](./README5.md#618-abuso-de-subidas-de-archivos)
|
||||
- [6.19 Prototype Pollution](./README5.md#619-prototype-pollution)
|
||||
- [6.20 Ataques de transferencia de zona (AXFR - Full Zone Transfer)](./README5.md#620-ataques-de-transferencia-de-zona-axfr---full-zone-transfer)
|
||||
|
853
Introduccion-hacking-hack4u/tema_6_owasp/README.pdf
Normal file
853
Introduccion-hacking-hack4u/tema_6_owasp/README.pdf
Normal file
@ -0,0 +1,853 @@
|
||||
%PDF-1.4
|
||||
%Óëéá
|
||||
1 0 obj
|
||||
<</Creator (Chromium)
|
||||
/Producer (Skia/PDF m80)
|
||||
/CreationDate (D:20240217195203+00'00')
|
||||
/ModDate (D:20240217195203+00'00')>>
|
||||
endobj
|
||||
3 0 obj
|
||||
<</ca 1
|
||||
/BM /Normal>>
|
||||
endobj
|
||||
6 0 obj
|
||||
<</CA 1
|
||||
/ca 1
|
||||
/LC 0
|
||||
/LJ 0
|
||||
/LW 1
|
||||
/ML 4
|
||||
/SA true
|
||||
/BM /Normal>>
|
||||
endobj
|
||||
7 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 638.66998 169 650.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md)>>>>
|
||||
endobj
|
||||
8 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 622.16998 244 634.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md#61-sql-injection-sqli)>>>>
|
||||
endobj
|
||||
9 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [163 605.66998 228.25 617.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md#611-ejercicio)>>>>
|
||||
endobj
|
||||
10 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 589.16998 265.74997 601.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md#62-crosssite-scripting-xss)>>>>
|
||||
endobj
|
||||
11 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 572.66998 316.74997 584.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md#63-xml-external-entity-injection-xxe)>>>>
|
||||
endobj
|
||||
12 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 556.16998 261.99997 568.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README1.md#64-local-file-inclusion-lfi)>>>>
|
||||
endobj
|
||||
13 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 539.66998 169 551.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README2.md)>>>>
|
||||
endobj
|
||||
14 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 523.16998 276.24997 535.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README2.md#65-remote-file-inclusion-rfi)>>>>
|
||||
endobj
|
||||
15 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 506.66998 275.49997 518.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README2.md#66-log-poisoning-lfi----rce)>>>>
|
||||
endobj
|
||||
16 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 490.16998 312.24997 502.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README2.md#67-cross-site-request-forgery-csrf)>>>>
|
||||
endobj
|
||||
17 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 473.66998 317.49997 485.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README2.md#68-server-side-request-forgery-ssrf)>>>>
|
||||
endobj
|
||||
18 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 457.16998 169 469.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README3.md)>>>>
|
||||
endobj
|
||||
19 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 440.66998 323.49997 452.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README3.md#69-server-side-template-injection-ssti)>>>>
|
||||
endobj
|
||||
20 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 424.16998 327.99997 436.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README3.md#610-client-side-template-injection-csti)>>>>
|
||||
endobj
|
||||
21 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 407.66998 452.49997 419.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README3.md#611-ataque-de-or%C3%A1culo-de-relleno-de-datos-padding-oracle-attack)>>>>
|
||||
endobj
|
||||
22 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 391.16998 259.74997 403.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README3.md#612-ataque-type-juggling)>>>>
|
||||
endobj
|
||||
23 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 374.66998 169 386.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md)>>>>
|
||||
endobj
|
||||
24 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 358.16998 246.24998 370.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md#613-inyecciones-nosql)>>>>
|
||||
endobj
|
||||
25 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 341.66998 239.5 353.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md#614-inyecciones-ldap)>>>>
|
||||
endobj
|
||||
26 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [163 325.16998 234.25 337.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md#6141-ejercicio)>>>>
|
||||
endobj
|
||||
27 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 308.66998 283.74997 320.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md#615-ataques-de-deserializaci%C3%B3n)>>>>
|
||||
endobj
|
||||
28 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 292.16998 241 304.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README4.md#616-inyecciones-latex)>>>>
|
||||
endobj
|
||||
29 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 275.66998 169 287.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md)>>>>
|
||||
endobj
|
||||
30 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 259.16998 223.75 271.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md#617-abuso-de-apis)>>>>
|
||||
endobj
|
||||
31 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [163 242.66998 234.25 254.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md#6171-ejercicio)>>>>
|
||||
endobj
|
||||
32 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 226.16998 294.24997 238.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md#618-abuso-de-subidas-de-archivos)>>>>
|
||||
endobj
|
||||
33 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 209.66998 249.99998 221.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md#619-prototype-pollution)>>>>
|
||||
endobj
|
||||
34 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 193.16998 443.49997 205.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README5.md#620-ataques-de-transferencia-de-zona-axfr---full-zone-transfer)>>>>
|
||||
endobj
|
||||
35 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 176.66998 169 188.66998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README6.md)>>>>
|
||||
endobj
|
||||
36 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 160.169983 516.25 172.16998]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README6.md#621-ataques-de-asignaci%C3%B3n-masiva-mass-assignment-attackparameter-binding)>>>>
|
||||
endobj
|
||||
37 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 143.669983 224.5 155.669983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README6.md#622-open-redirect)>>>>
|
||||
endobj
|
||||
38 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 127.169983 342.99997 139.169983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README6.md#623-enumeraci%C3%B3n-y-explotaci%C3%B3n-de-webdav)>>>>
|
||||
endobj
|
||||
39 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 110.669983 369.99997 122.669983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README6.md#624-enumeraci%C3%B3n-y-explotaci%C3%B3n-de-squid-proxies)>>>>
|
||||
endobj
|
||||
40 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [102.999992 94.169983 169 106.169983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README7.md)>>>>
|
||||
endobj
|
||||
41 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 77.669983 244 89.669983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README7.md#625-ataque-shellshock)>>>>
|
||||
endobj
|
||||
42 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 61.169983 241.75 73.169983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README7.md#626-inyecciones-xpath)>>>>
|
||||
endobj
|
||||
43 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [133 44.669983 352.74997 56.669983]
|
||||
/A <</Type /Action
|
||||
/S /URI
|
||||
/URI (file:///home/v/Documents/projectes/git/personal/infosec/Introduccion-hacking-hack4u/tema_6_owasp/README7.md#627-insecure-direct-object-reference-idors)>>>>
|
||||
endobj
|
||||
44 0 obj
|
||||
<</Type /Annot
|
||||
/Subtype /Link
|
||||
/F 4
|
||||
/Border [0 0 0]
|
||||
/Rect [72.999992 655.16998 301.74997 667.16998]
|
||||
/Dest /tema-6---owasp-top-10-y-vulnerabilidades-web>>
|
||||
endobj
|
||||
45 0 obj
|
||||
<</Filter /FlateDecode
|
||||
/Length 5178>> stream
|
||||
xœí]ÛŽ$·
}Ÿ¯èç |