Translated ['.github/pull_request_template.md', 'src/pentesting-cloud/az

This commit is contained in:
Translator
2024-12-31 19:00:04 +00:00
parent 7770a50092
commit 10e2881a9b
244 changed files with 8499 additions and 11339 deletions
@@ -2,17 +2,17 @@
{{#include ../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne Informacije
**Before start pentesting** a Digital Ocean environment there are a few **basics things you need to know** about how DO works to help you understand what you need to do, how to find misconfigurations and how to exploit them.
**Pre nego što započnete pentesting** Digital Ocean okruženja, postoji nekoliko **osnovnih stvari koje treba da znate** o tome kako DO funkcioniše kako biste razumeli šta treba da radite, kako da pronađete pogrešne konfiguracije i kako da ih iskoristite.
Concepts such as hierarchy, access and other basic concepts are explained in:
Koncepti kao što su hijerarhija, pristup i drugi osnovni koncepti su objašnjeni u:
{{#ref}}
do-basic-information.md
{{#endref}}
## Basic Enumeration
## Osnovna Enumeracija
### SSRF
@@ -20,28 +20,22 @@ do-basic-information.md
https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf
{{#endref}}
### Projects
### Projekti
To get a list of the projects and resources running on each of them from the CLI check:
Da biste dobili listu projekata i resursa koji se nalaze na svakom od njih iz CLI, proverite:
{{#ref}}
do-services/do-projects.md
{{#endref}}
### Whoami
```bash
doctl account get
```
## Services Enumeration
## Usluge Enumeracija
{{#ref}}
do-services/
{{#endref}}
{{#include ../../banners/hacktricks-training.md}}
@@ -1,139 +1,127 @@
# DO - Basic Information
# DO - Osnovne informacije
{{#include ../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean is a **cloud computing platform that provides users with a variety of services**, including virtual private servers (VPS) and other resources for building, deploying, and managing applications. **DigitalOcean's services are designed to be simple and easy to use**, making them **popular among developers and small businesses**.
DigitalOcean je **platforma za cloud računarstvo koja korisnicima pruža razne usluge**, uključujući virtuelne privatne servere (VPS) i druge resurse za izgradnju, implementaciju i upravljanje aplikacijama. **Usluge DigitalOcean-a su dizajnirane da budu jednostavne i lake za korišćenje**, što ih čini **popularnim među programerima i malim preduzećima**.
Some of the key features of DigitalOcean include:
Neke od ključnih karakteristika DigitalOcean-a uključuju:
- **Virtual private servers (VPS)**: DigitalOcean provides VPS that can be used to host websites and applications. These VPS are known for their simplicity and ease of use, and can be quickly and easily deployed using a variety of pre-built "droplets" or custom configurations.
- **Storage**: DigitalOcean offers a range of storage options, including object storage, block storage, and managed databases, that can be used to store and manage data for websites and applications.
- **Development and deployment tools**: DigitalOcean provides a range of tools that can be used to build, deploy, and manage applications, including APIs and pre-built droplets.
- **Security**: DigitalOcean places a strong emphasis on security, and offers a range of tools and features to help users keep their data and applications safe. This includes encryption, backups, and other security measures.
- **Virtuelni privatni serveri (VPS)**: DigitalOcean pruža VPS koji se mogu koristiti za hostovanje veb sajtova i aplikacija. Ovi VPS su poznati po svojoj jednostavnosti i lakoći korišćenja, i mogu se brzo i lako implementirati koristeći razne unapred pripremljene "droplete" ili prilagođene konfiguracije.
- **Skladištenje**: DigitalOcean nudi niz opcija za skladištenje, uključujući objektno skladištenje, blok skladištenje i upravljane baze podataka, koje se mogu koristiti za skladištenje i upravljanje podacima za veb sajtove i aplikacije.
- **Alati za razvoj i implementaciju**: DigitalOcean pruža niz alata koji se mogu koristiti za izgradnju, implementaciju i upravljanje aplikacijama, uključujući API-je i unapred pripremljene droplete.
- **Bezbednost**: DigitalOcean stavlja veliki naglasak na bezbednost i nudi niz alata i karakteristika koje pomažu korisnicima da drže svoje podatke i aplikacije sigurnim. Ovo uključuje enkripciju, rezervne kopije i druge mere bezbednosti.
Overall, DigitalOcean is a cloud computing platform that provides users with the tools and resources they need to build, deploy, and manage applications in the cloud. Its services are designed to be simple and easy to use, making them popular among developers and small businesses.
Sve u svemu, DigitalOcean je platforma za cloud računarstvo koja korisnicima pruža alate i resurse potrebne za izgradnju, implementaciju i upravljanje aplikacijama u cloudu. Njegove usluge su dizajnirane da budu jednostavne i lake za korišćenje, što ih čini popularnim među programerima i malim preduzećima.
### Main Differences from AWS
### Glavne razlike u odnosu na AWS
One of the main differences between DigitalOcean and AWS is the **range of services they offer**. **DigitalOcean focuses on providing simple** and easy-to-use virtual private servers (VPS), storage, and development and deployment tools. **AWS**, on the other hand, offers a **much broader range of services**, including VPS, storage, databases, machine learning, analytics, and many other services. This means that AWS is more suitable for complex, enterprise-level applications, while DigitalOcean is more suited to small businesses and developers.
Jedna od glavnih razlika između DigitalOcean-a i AWS-a je **raspon usluga koje nude**. **DigitalOcean se fokusira na pružanje jednostavnih** i lakih za korišćenje virtuelnih privatnih servera (VPS), skladištenja i alata za razvoj i implementaciju. **AWS**, s druge strane, nudi **mnogo širi spektar usluga**, uključujući VPS, skladištenje, baze podataka, mašinsko učenje, analitiku i mnoge druge usluge. To znači da je AWS pogodniji za složene, aplikacije na nivou preduzeća, dok je DigitalOcean više prilagođen malim preduzećima i programerima.
Another key difference between the two platforms is the **pricing structure**. **DigitalOcean's pricing is generally more straightforward and easier** to understand than AWS, with a range of pricing plans that are based on the number of droplets and other resources used. AWS, on the other hand, has a more complex pricing structure that is based on a variety of factors, including the type and amount of resources used. This can make it more difficult to predict costs when using AWS.
Još jedna ključna razlika između dve platforme je **struktura cena**. **Cene DigitalOcean-a su generalno jednostavnije i lakše** za razumevanje od AWS-a, sa nizom planova cena koji se zasnivaju na broju dropleta i drugih korišćenih resursa. AWS, s druge strane, ima složeniju strukturu cena koja se zasniva na raznim faktorima, uključujući tip i količinu korišćenih resursa. Ovo može otežati predviđanje troškova prilikom korišćenja AWS-a.
## Hierarchy
## Hijerarhija
### User
### Korisnik
A user is what you expect, a user. He can **create Teams** and **be a member of different teams.**
Korisnik je ono što očekujete, korisnik. On može **kreirati timove** i **biti član različitih timova.**
### **Team**
### **Tim**
A team is a group of **users**. When a user creates a team he has the **role owner on that team** and he initially **sets up the billing info**. **Other** user can then be **invited** to the team.
Tim je grupa **korisnika**. Kada korisnik kreira tim, on ima **ulogu vlasnika tog tima** i inicijalno **postavlja informacije o naplati**. **Ostali** korisnici mogu biti **pozvani** u tim.
Inside the team there might be several **projects**. A project is just a **set of services running**. It can be used to **separate different infra stages**, like prod, staging, dev...
Unutar tima može biti nekoliko **projekata**. Projekat je samo **set usluga koje rade**. Može se koristiti za **odvajanje različitih faza infrastrukture**, kao što su prod, staging, dev...
### Project
### Projekat
As explained, a project is just a container for all the **services** (droplets, spaces, databases, kubernetes...) **running together inside of it**.\
A Digital Ocean project is very similar to a GCP project without IAM.
Kao što je objašnjeno, projekat je samo kontejner za sve **usluge** (droplete, prostore, baze podataka, kubernetes...) **koje rade zajedno unutar njega**.\
Digital Ocean projekat je vrlo sličan GCP projektu bez IAM-a.
## Permissions
## Dozvole
### Team
### Tim
Basically all members of a team have **access to the DO resources in all the projects created within the team (with more or less privileges).**
U suštini, svi članovi tima imaju **pristup DO resursima u svim projektima kreiranim unutar tima (sa više ili manje privilegija).**
### Roles
### Uloge
Each **user inside a team** can have **one** of the following three **roles** inside of it:
Svaki **korisnik unutar tima** može imati **jednu** od sledeće tri **uloge** unutar njega:
| Role | Shared Resources | Billing Information | Team Settings |
| ---------- | ---------------- | ------------------- | ------------- |
| **Owner** | Full access | Full access | Full access |
| **Biller** | No access | Full access | No access |
| **Member** | Full access | No access | No access |
| Uloga | Deljeni resursi | Informacije o naplati | Podešavanja tima |
| ---------- | ---------------- | --------------------- | ----------------- |
| **Vlasnik**| Potpun pristup | Potpun pristup | Potpun pristup |
| **Naplata**| Nema pristup | Potpun pristup | Nema pristup |
| **Član** | Potpun pristup | Nema pristup | Nema pristup |
**Owner** and **member can list the users** and check their **roles** (biller cannot).
**Vlasnik** i **član mogu da navedu korisnike** i provere njihove **uloge** (naplata ne može).
## Access
## Pristup
### Username + password (MFA)
### Korisničko ime + lozinka (MFA)
As in most of the platforms, in order to access to the GUI you can use a set of **valid username and password** to **access** the cloud **resources**. Once logged in you can see **all the teams you are part** of in [https://cloud.digitalocean.com/account/profile](https://cloud.digitalocean.com/account/profile).\
And you can see all your activity in [https://cloud.digitalocean.com/account/activity](https://cloud.digitalocean.com/account/activity).
Kao i na većini platformi, da biste pristupili GUI-u, možete koristiti set **važećeg korisničkog imena i lozinke** za **pristup** cloud **resursima**. Kada se prijavite, možete videti **sve timove čiji ste deo** na [https://cloud.digitalocean.com/account/profile](https://cloud.digitalocean.com/account/profile).\
I možete videti sve svoje aktivnosti na [https://cloud.digitalocean.com/account/activity](https://cloud.digitalocean.com/account/activity).
**MFA** can be **enabled** in a user and **enforced** for all the users in a **team** to access the team.
**MFA** može biti **omogućena** za korisnika i **nametnuta** za sve korisnike u **timu** da pristupe timu.
### API keys
In order to use the API, users can **generate API keys**. These will always come with Read permissions but **Write permission are optional**.\
The API keys look like this:
### API ključevi
Da bi koristili API, korisnici mogu **generisati API ključeve**. Ovi ključevi će uvek imati Read dozvole, ali su **Write dozvole opcione**.\
API ključevi izgledaju ovako:
```
dop_v1_1946a92309d6240274519275875bb3cb03c1695f60d47eaa1532916502361836
```
The cli tool is [**doctl**](https://github.com/digitalocean/doctl#installing-doctl). Initialise it (you need a token) with:
Alat za komandnu liniju je [**doctl**](https://github.com/digitalocean/doctl#installing-doctl). Inicijalizujte ga (potreban vam je token) sa:
```bash
doctl auth init # Asks for the token
doctl auth init --context my-context # Login with a different token
doctl auth list # List accounts
```
Podrazumevano, ovaj token će biti zapisan u čistom tekstu na Mac-u u `/Users/<username>/Library/Application Support/doctl/config.yaml`.
By default this token will be written in clear-text in Mac in `/Users/<username>/Library/Application Support/doctl/config.yaml`.
### Ključevi za pristup Spaces
### Spaces access keys
These are keys that give **access to the Spaces** (like S3 in AWS or Storage in GCP).
They are composed by a **name**, a **keyid** and a **secret**. An example could be:
Ovo su ključevi koji daju **pristup Spaces** (kao S3 u AWS-u ili Storage u GCP-u).
Sastoje se od **imena**, **keyid** i **secret**. Primer bi mogao biti:
```
Name: key-example
Keyid: DO00ZW4FABSGZHAABGFX
Secret: 2JJ0CcQZ56qeFzAJ5GFUeeR4Dckarsh6EQSLm87MKlM
```
### OAuth Application
OAuth applications can be granted **access over Digital Ocean**.
OAuth aplikacije mogu dobiti **pristup preko Digital Ocean**.
It's possible to **create OAuth applications** in [https://cloud.digitalocean.com/account/api/applications](https://cloud.digitalocean.com/account/api/applications) and check all **allowed OAuth applications** in [https://cloud.digitalocean.com/account/api/access](https://cloud.digitalocean.com/account/api/access).
Moguće je **kreirati OAuth aplikacije** na [https://cloud.digitalocean.com/account/api/applications](https://cloud.digitalocean.com/account/api/applications) i proveriti sve **dozvoljene OAuth aplikacije** na [https://cloud.digitalocean.com/account/api/access](https://cloud.digitalocean.com/account/api/access).
### SSH Keys
It's possible to add **SSH keys to a Digital Ocean Team** from the **console** in [https://cloud.digitalocean.com/account/security](https://cloud.digitalocean.com/account/security).
Moguće je dodati **SSH ključeve u Digital Ocean tim** iz **konsole** na [https://cloud.digitalocean.com/account/security](https://cloud.digitalocean.com/account/security).
This way, if you create a **new droplet, the SSH key will be set** on it and you will be able to **login via SSH** without password (note that newly [uploaded SSH keys aren't set in already existent droplets for security reasons](https://docs.digitalocean.com/products/droplets/how-to/add-ssh-keys/to-existing-droplet/)).
Na ovaj način, ako kreirate **novi droplet, SSH ključ će biti postavljen** na njemu i moći ćete da **se prijavite putem SSH** bez lozinke (napomena: novi [otpremljeni SSH ključevi nisu postavljeni na već postojeće droplete iz bezbednosnih razloga](https://docs.digitalocean.com/products/droplets/how-to/add-ssh-keys/to-existing-droplet/)).
### Functions Authentication Token
The way **to trigger a function via REST API** (always enabled, it's the method the cli uses) is by triggering a request with an **authentication token** like:
Način **da se aktivira funkcija putem REST API** (uvek omogućeno, to je metoda koju koristi cli) je slanjem zahteva sa **tokenom za autentifikaciju** kao:
```bash
curl -X POST "https://faas-lon1-129376a7.doserverless.co/api/v1/namespaces/fn-c100c012-65bf-4040-1230-2183764b7c23/actions/functionname?blocking=true&result=true" \
-H "Content-Type: application/json" \
-H "Authorization: Basic MGU0NTczZGQtNjNiYS00MjZlLWI2YjctODk0N2MyYTA2NGQ4OkhwVEllQ2t4djNZN2x6YjJiRmFGc1FERXBySVlWa1lEbUxtRE1aRTludXA1UUNlU2VpV0ZGNjNqWnVhYVdrTFg="
-H "Content-Type: application/json" \
-H "Authorization: Basic MGU0NTczZGQtNjNiYS00MjZlLWI2YjctODk0N2MyYTA2NGQ4OkhwVEllQ2t4djNZN2x6YjJiRmFGc1FERXBySVlWa1lEbUxtRE1aRTludXA1UUNlU2VpV0ZGNjNqWnVhYVdrTFg="
```
## Logs
### User logs
The **logs of a user** can be found in [**https://cloud.digitalocean.com/account/activity**](https://cloud.digitalocean.com/account/activity)
**Logovi korisnika** se mogu pronaći na [**https://cloud.digitalocean.com/account/activity**](https://cloud.digitalocean.com/account/activity)
### Team logs
The **logs of a team** can be found in [**https://cloud.digitalocean.com/account/security**](https://cloud.digitalocean.com/account/security)
**Logovi tima** se mogu pronaći na [**https://cloud.digitalocean.com/account/security**](https://cloud.digitalocean.com/account/security)
## References
- [https://docs.digitalocean.com/products/teams/how-to/manage-membership/](https://docs.digitalocean.com/products/teams/how-to/manage-membership/)
{{#include ../../banners/hacktricks-training.md}}
@@ -1,11 +1,7 @@
# DO - Permissions for a Pentest
# DO - Dozvole za Pentest
{{#include ../../banners/hacktricks-training.md}}
DO doesn't support granular permissions. So the **minimum role** that allows a user to review all the resources is **member**. A pentester with this permission will be able to perform harmful activities, but it's what it's.
DO ne podržava granularne dozvole. Dakle, **minimalna uloga** koja omogućava korisniku da pregleda sve resurse je **član**. Pentester sa ovom dozvolom će moći da izvrši štetne aktivnosti, ali to je to.
{{#include ../../banners/hacktricks-training.md}}
@@ -1,23 +1,19 @@
# DO - Services
# DO - Usluge
{{#include ../../../banners/hacktricks-training.md}}
DO offers a few services, here you can find how to **enumerate them:**
DO nudi nekoliko usluga, ovde možete pronaći kako da **enumerišete njih:**
- [**Apps**](do-apps.md)
- [**Container Registry**](do-container-registry.md)
- [**Databases**](do-databases.md)
- [**Droplets**](do-droplets.md)
- [**Functions**](do-functions.md)
- [**Images**](do-images.md)
- [**Aplikacije**](do-apps.md)
- [**Registri kontejnera**](do-container-registry.md)
- [**Baze podataka**](do-databases.md)
- [**Droplet-i**](do-droplets.md)
- [**Funkcije**](do-functions.md)
- [**Slike**](do-images.md)
- [**Kubernetes (DOKS)**](do-kubernetes-doks.md)
- [**Networking**](do-networking.md)
- [**Projects**](do-projects.md)
- [**Spaces**](do-spaces.md)
- [**Volumes**](do-volumes.md)
- [**Mreže**](do-networking.md)
- [**Projekti**](do-projects.md)
- [**Prostori**](do-spaces.md)
- [**Volumeni**](do-volumes.md)
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,18 +2,17 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
[From the docs:](https://docs.digitalocean.com/glossary/app-platform/) App Platform is a Platform-as-a-Service (PaaS) offering that allows developers to **publish code directly to DigitalOcean** servers without worrying about the underlying infrastructure.
[Iz dokumenata:](https://docs.digitalocean.com/glossary/app-platform/) App Platform je Platforma kao usluga (PaaS) koja omogućava programerima da **objave kod direktno na DigitalOcean** servere bez brige o osnovnoj infrastrukturi.
You can run code directly from **github**, **gitlab**, **docker hub**, **DO container registry** (or a sample app).
Možete pokrenuti kod direktno sa **github**, **gitlab**, **docker hub**, **DO container registry** (ili uzorak aplikacije).
When defining an **env var** you can set it as **encrypted**. The only way to **retreive** its value is executing **commands** inside the host runnig the app.
Kada definišete **env var**, možete je postaviti kao **šifrovanu**. Jedini način da **dobijete** njenu vrednost je izvršavanje **komandi** unutar hosta koji pokreće aplikaciju.
An **App URL** looks like this [https://dolphin-app-2tofz.ondigitalocean.app](https://dolphin-app-2tofz.ondigitalocean.app)
### Enumeration
**App URL** izgleda ovako [https://dolphin-app-2tofz.ondigitalocean.app](https://dolphin-app-2tofz.ondigitalocean.app)
### Enumeracija
```bash
doctl apps list # You should get URLs here
doctl apps spec get <app-id> # Get yaml (including env vars, might be encrypted)
@@ -21,18 +20,13 @@ doctl apps logs <app-id> # Get HTTP logs
doctl apps list-alerts <app-id> # Get alerts
doctl apps list-regions # Get available regions and the default one
```
> [!CAUTION]
> **Apps doesn't have metadata endpoint**
> **Aplikacije nemaju metapodatkovni krajnji tačku**
### RCE & Encrypted env vars
### RCE & Enkriptovane env varijable
To execute code directly in the container executing the App you will need **access to the console** and go to **`https://cloud.digitalocean.com/apps/<app-id>/console/<app-name>`**.
Da biste izvršili kod direktno u kontejneru koji izvršava aplikaciju, biće vam potrebna **pristup konzoli** i idite na **`https://cloud.digitalocean.com/apps/<app-id>/console/<app-name>`**.
That will give you a **shell**, and just executing **`env`** you will be able to see **all the env vars** (including the ones defined as **encrypted**).
To će vam dati **shell**, a samo izvršavanjem **`env`** moći ćete da vidite **sve env varijable** (uključujući one definisane kao **enkriptovane**).
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,14 +2,13 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean Container Registry is a service provided by DigitalOcean that **allows you to store and manage Docker images**. It is a **private** registry, which means that the images that you store in it are only accessible to you and users that you grant access to. This allows you to securely store and manage your Docker images, and use them to deploy containers on DigitalOcean or any other environment that supports Docker.
DigitalOcean Container Registry je usluga koju pruža DigitalOcean koja **omogućava da skladištite i upravljate Docker slikama**. To je **privatni** registar, što znači da su slike koje skladištite u njemu dostupne samo vama i korisnicima kojima dodelite pristup. Ovo vam omogućava da sigurno skladištite i upravljate svojim Docker slikama, i koristite ih za implementaciju kontejnera na DigitalOcean-u ili bilo kojem drugom okruženju koje podržava Docker.
When creating a Container Registry it's possible to **create a secret with pull images access (read) over it in all the namespaces** of Kubernetes clusters.
### Connection
Kada kreirate Container Registry, moguće je **napraviti tajnu sa pristupom za preuzimanje slika (čitanje) u svim prostorima imena** Kubernetes klastera.
### Povezivanje
```bash
# Using doctl
doctl registry login
@@ -19,9 +18,7 @@ docker login registry.digitalocean.com
Username: <paste-api-token>
Password: <paste-api-token>
```
### Enumeration
### Enumeracija
```bash
# Get creds to access the registry from the API
doctl registry docker-config
@@ -29,9 +26,4 @@ doctl registry docker-config
# List
doctl registry repository list-v2
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -1,23 +1,20 @@
# DO - Databases
# DO - Baze podataka
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
With DigitalOcean Databases, you can easily **create and manage databases in the cloud** without having to worry about the underlying infrastructure. The service offers a variety of database options, including **MySQL**, **PostgreSQL**, **MongoDB**, and **Redis**, and provides tools for administering and monitoring your databases. DigitalOcean Databases is designed to be highly scalable, reliable, and secure, making it an ideal choice for powering modern applications and websites.
Sa DigitalOcean Bazama podataka, možete lako **kreirati i upravljati bazama podataka u oblaku** bez brige o osnovnoj infrastrukturi. Usluga nudi razne opcije baza podataka, uključujući **MySQL**, **PostgreSQL**, **MongoDB** i **Redis**, i pruža alate za administraciju i praćenje vaših baza podataka. DigitalOcean Baze podataka su dizajnirane da budu visoko skalabilne, pouzdane i sigurne, što ih čini idealnim izborom za pokretanje modernih aplikacija i veb sajtova.
### Connections details
### Detalji o vezama
When creating a database you can select to configure it **accessible from a public network**, or just from inside a **VPC**. Moreover, it request you to **whitelist IPs that can access it** (your IPv4 can be one).
The **host**, **port**, **dbname**, **username**, and **password** are shown in the **console**. You can even download the AD certificate to connect securely.
Kada kreirate bazu podataka, možete odabrati da je konfigurišete **da bude dostupna iz javne mreže**, ili samo iznutra **VPC**. Štaviše, traži od vas da **dodate IP adrese koje mogu pristupiti** (vaša IPv4 može biti jedna od njih).
**Host**, **port**, **dbname**, **username** i **password** su prikazani u **konzoli**. Možete čak preuzeti AD sertifikat za sigurnu vezu.
```bash
sql -h db-postgresql-ams3-90864-do-user-2700959-0.b.db.ondigitalocean.com -U doadmin -d defaultdb -p 25060
```
### Enumeration
### Enumeracija
```bash
# Databse clusters
doctl databases list
@@ -39,9 +36,4 @@ doctl databases backups <db-id> # List backups of DB
# Pools
doctl databases pool list <db-id> # List pools of DB
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,47 +2,46 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
In DigitalOcean, a "droplet" is a v**irtual private server (VPS)** that can be used to host websites and applications. A droplet is a **pre-configured package of computing resources**, including a certain amount of CPU, memory, and storage, that can be quickly and easily deployed on DigitalOcean's cloud infrastructure.
U DigitalOcean-u, "droplet" je v**irtualni privatni server (VPS)** koji se može koristiti za hostovanje veb sajtova i aplikacija. Droplet je **prekonfigurisani paket računarskih resursa**, uključujući određenu količinu CPU-a, memorije i skladišta, koji se može brzo i lako implementirati na DigitalOcean-ovoj cloud infrastrukturi.
You can select from **common OS**, to **applications** already running (such as WordPress, cPanel, Laravel...), or even upload and use **your own images**.
Možete odabrati između **uobičajenih OS**, do **aplikacija** koje već rade (kao što su WordPress, cPanel, Laravel...), ili čak otpremiti i koristiti **svoje slike**.
Droplets support **User data scripts**.
Droplets podržavaju **User data scripts**.
<details>
<summary>Difference between a snapshot and a backup</summary>
<summary>Razlika između snimka i rezervne kopije</summary>
In DigitalOcean, a snapshot is a point-in-time copy of a Droplet's disk. It captures the state of the Droplet's disk at the time the snapshot was taken, including the operating system, installed applications, and all the files and data on the disk.
U DigitalOcean-u, snimak je tačka u vremenu kopija diska Dropleta. On hvata stanje diska Dropleta u trenutku kada je snimak napravljen, uključujući operativni sistem, instalirane aplikacije i sve datoteke i podatke na disku.
Snapshots can be used to create new Droplets with the same configuration as the original Droplet, or to restore a Droplet to the state it was in when the snapshot was taken. Snapshots are stored on DigitalOcean's object storage service, and they are incremental, meaning that only the changes since the last snapshot are stored. This makes them efficient to use and cost-effective to store.
Snimci se mogu koristiti za kreiranje novih Dropleta sa istom konfiguracijom kao originalni Droplet, ili za vraćanje Dropleta u stanje u kojem je bio kada je snimak napravljen. Snimci se čuvaju na DigitalOcean-ovoj usluzi za skladištenje objekata, i oni su inkrementalni, što znači da se čuvaju samo promene od poslednjeg snimka. Ovo ih čini efikasnim za korišćenje i isplativim za skladištenje.
On the other hand, a backup is a complete copy of a Droplet, including the operating system, installed applications, files, and data, as well as the Droplet's settings and metadata. Backups are typically performed on a regular schedule, and they capture the entire state of a Droplet at a specific point in time.
S druge strane, rezervna kopija je potpuna kopija Dropleta, uključujući operativni sistem, instalirane aplikacije, datoteke i podatke, kao i postavke i metapodatke Dropleta. Rezervne kopije se obično vrše prema redovnom rasporedu, i one hvataju celo stanje Dropleta u određenom trenutku.
Unlike snapshots, backups are stored in a compressed and encrypted format, and they are transferred off of DigitalOcean's infrastructure to a remote location for safekeeping. This makes backups ideal for disaster recovery, as they provide a complete copy of a Droplet that can be restored in the event of data loss or other catastrophic events.
Za razliku od snimaka, rezervne kopije se čuvaju u komprimovanom i enkriptovanom formatu, i one se prenose sa DigitalOcean-ove infrastrukture na udaljenu lokaciju radi čuvanja. Ovo čini rezervne kopije idealnim za oporavak od katastrofa, jer pružaju potpunu kopiju Dropleta koja se može obnoviti u slučaju gubitka podataka ili drugih katastrofalnih događaja.
In summary, snapshots are point-in-time copies of a Droplet's disk, while backups are complete copies of a Droplet, including its settings and metadata. Snapshots are stored on DigitalOcean's object storage service, while backups are transferred off of DigitalOcean's infrastructure to a remote location. Both snapshots and backups can be used to restore a Droplet, but snapshots are more efficient to use and store, while backups provide a more comprehensive backup solution for disaster recovery.
Ukratko, snimci su tačke u vremenu kopije diska Dropleta, dok su rezervne kopije potpune kopije Dropleta, uključujući njegove postavke i metapodatke. Snimci se čuvaju na DigitalOcean-ovoj usluzi za skladištenje objekata, dok se rezervne kopije prenose sa DigitalOcean-ove infrastrukture na udaljenu lokaciju. I snimci i rezervne kopije se mogu koristiti za vraćanje Dropleta, ali su snimci efikasniji za korišćenje i skladištenje, dok rezervne kopije pružaju sveobuhvatnije rešenje za oporavak od katastrofa.
</details>
### Authentication
### Autentifikacija
For authentication it's possible to **enable SSH** through username and **password** (password defined when the droplet is created). Or **select one or more of the uploaded SSH keys**.
Za autentifikaciju je moguće **omogućiti SSH** putem korisničkog imena i **lozinke** (lozinka definisana prilikom kreiranja dropleta). Ili **odabrati jedan ili više otpremljenih SSH ključeva**.
### Firewall
> [!CAUTION]
> By default **droplets are created WITHOUT A FIREWALL** (not like in oder clouds such as AWS or GCP). So if you want DO to protect the ports of the droplet (VM), you need to **create it and attach it**.
> Po defaultu **droplets se kreiraju BEZ FIREWALL-a** (nije kao u drugim cloud-ovima kao što su AWS ili GCP). Dakle, ako želite da DO zaštiti portove dropleta (VM), morate **kreirati i prikačiti ga**.
More info in:
Više informacija u:
{{#ref}}
do-networking.md
{{#endref}}
### Enumeration
### Enumeracija
```bash
# VMs
doctl compute droplet list # IPs will appear here
@@ -68,18 +67,13 @@ doctl compute certificate list
# Snapshots
doctl compute snapshot list
```
> [!CAUTION]
> **Droplets have metadata endpoints**, but in DO there **isn't IAM** or things such as role from AWS or service accounts from GCP.
> **Droplets imaju metapodatke**, ali u DO **nema IAM** ili stvari kao što su uloge iz AWS-a ili servisni nalozi iz GCP-a.
### RCE
With access to the console it's possible to **get a shell inside the droplet** accessing the URL: **`https://cloud.digitalocean.com/droplets/<droplet-id>/terminal/ui/`**
Sa pristupom konzoli moguće je **dobiti shell unutar dropleta** pristupajući URL-u: **`https://cloud.digitalocean.com/droplets/<droplet-id>/terminal/ui/`**
It's also possible to launch a **recovery console** to run commands inside the host accessing a recovery console in **`https://cloud.digitalocean.com/droplets/<droplet-id>/console`**(but in this case you will need to know the root password).
Takođe je moguće pokrenuti **konzolu za oporavak** da izvršite komande unutar hosta pristupajući konzoli za oporavak na **`https://cloud.digitalocean.com/droplets/<droplet-id>/console`**(ali u ovom slučaju ćete morati da znate root lozinku).
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,39 +2,34 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean Functions, also known as "DO Functions," is a serverless computing platform that lets you **run code without having to worry about the underlying infrastructure**. With DO Functions, you can write and deploy your code as "functions" that can be **triggered** via **API**, **HTTP requests** (if enabled) or **cron**. These functions are executed in a fully managed environment, so you **don't need to worry** about scaling, security, or maintenance.
DigitalOcean Functions, poznate i kao "DO Functions," je platforma za serverless računarstvo koja vam omogućava da **izvršavate kod bez brige o osnovnoj infrastrukturi**. Sa DO Functions, možete pisati i implementirati svoj kod kao "funkcije" koje mogu biti **pokrenute** putem **API**, **HTTP zahteva** (ako je omogućeno) ili **cron**. Ove funkcije se izvršavaju u potpuno upravljanom okruženju, tako da **ne morate brinuti** o skaliranju, bezbednosti ili održavanju.
In DO, to create a function first you need to **create a namespace** which will be **grouping functions**.\
Inside the namespace you can then create a function.
U DO, da biste kreirali funkciju, prvo morate **napraviti namespace** koji će biti **grupisanje funkcija**.\
Unutar namespace-a možete zatim kreirati funkciju.
### Triggers
The way **to trigger a function via REST API** (always enabled, it's the method the cli uses) is by triggering a request with an **authentication token** like:
### Okidači
Način **pokretanja funkcije putem REST API** (uvek omogućeno, to je metoda koju koristi cli) je slanjem zahteva sa **tokenom za autentifikaciju** kao:
```bash
curl -X POST "https://faas-lon1-129376a7.doserverless.co/api/v1/namespaces/fn-c100c012-65bf-4040-1230-2183764b7c23/actions/functionname?blocking=true&result=true" \
-H "Content-Type: application/json" \
-H "Authorization: Basic MGU0NTczZGQtNjNiYS00MjZlLWI2YjctODk0N2MyYTA2NGQ4OkhwVEllQ2t4djNZN2x6YjJiRmFGc1FERXBySVlWa1lEbUxtRE1aRTludXA1UUNlU2VpV0ZGNjNqWnVhYVdrTFg="
-H "Content-Type: application/json" \
-H "Authorization: Basic MGU0NTczZGQtNjNiYS00MjZlLWI2YjctODk0N2MyYTA2NGQ4OkhwVEllQ2t4djNZN2x6YjJiRmFGc1FERXBySVlWa1lEbUxtRE1aRTludXA1UUNlU2VpV0ZGNjNqWnVhYVdrTFg="
```
To see how is the **`doctl`** cli tool getting this token (so you can replicate it), the **following command shows the complete network trace:**
Da biste videli kako **`doctl`** cli alat dobija ovaj token (tako da ga možete replicirati), **sledeća komanda prikazuje kompletnu mrežnu analizu:**
```bash
doctl serverless connect --trace
```
**When HTTP trigger is enabled**, a web function can be invoked through these **HTTP methods GET, POST, PUT, PATCH, DELETE, HEAD and OPTIONS**.
**Kada je HTTP okidač omogućen**, web funkcija može biti pozvana putem ovih **HTTP metoda GET, POST, PUT, PATCH, DELETE, HEAD i OPTIONS**.
> [!CAUTION]
> In DO functions, **environment variables cannot be encrypted** (at the time of this writing).\
> I couldn't find any way to read them from the CLI but from the console it's straight forward.
> U DO funkcijama, **promenljive okruženja ne mogu biti enkriptovane** (u vreme pisanja ovog teksta).\
> Nisam mogao da pronađem način da ih pročitam iz CLI, ali iz konzole je jednostavno.
**Functions URLs** look like this: `https://<random>.doserverless.co/api/v1/web/<namespace-id>/default/<function-name>`
### Enumeration
**URL-ovi funkcija** izgledaju ovako: `https://<random>.doserverless.co/api/v1/web/<namespace-id>/default/<function-name>`
### Enumeracija
```bash
# Namespace
doctl serverless namespaces list
@@ -53,12 +48,7 @@ doctl serverless activations result <activation-id> # get only the response resu
# I couldn't find any way to get the env variables form the CLI
```
> [!CAUTION]
> There **isn't metadata endpoint** from the Functions sandbox.
> Ne **postoji metadata endpoint** iz Functions sandbox-a.
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,22 +2,16 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean Images are **pre-built operating system or application images** that can be used to create new Droplets (virtual machines) on DigitalOcean. They are similar to virtual machine templates, and they allow you to **quickly and easily create new Droplets with the operating system** and applications that you need.
DigitalOcean Images su **prethodno izgrađene slike operativnog sistema ili aplikacija** koje se mogu koristiti za kreiranje novih Dropleta (virtuelnih mašina) na DigitalOcean-u. Slične su šablonima virtuelnih mašina i omogućavaju vam da **brzo i lako kreirate nove Droplete sa operativnim sistemom** i aplikacijama koje su vam potrebne.
DigitalOcean provides a wide range of Images, including popular operating systems such as Ubuntu, CentOS, and FreeBSD, as well as pre-configured application Images such as LAMP, MEAN, and LEMP stacks. You can also create your own custom Images, or use Images from the community.
DigitalOcean pruža širok spektar slika, uključujući popularne operativne sisteme kao što su Ubuntu, CentOS i FreeBSD, kao i prethodno konfigurisane slike aplikacija kao što su LAMP, MEAN i LEMP stack-ovi. Takođe možete kreirati svoje prilagođene slike ili koristiti slike iz zajednice.
When you create a new Droplet on DigitalOcean, you can choose an Image to use as the basis for the Droplet. This will automatically install the operating system and any pre-installed applications on the new Droplet, so you can start using it right away. Images can also be used to create snapshots and backups of your Droplets, so you can easily create new Droplets from the same configuration in the future.
Kada kreirate novi Droplet na DigitalOcean-u, možete odabrati sliku koja će se koristiti kao osnova za Droplet. Ovo će automatski instalirati operativni sistem i sve prethodno instalirane aplikacije na novom Dropletu, tako da možete odmah početi da ga koristite. Slike se takođe mogu koristiti za kreiranje snimaka i rezervnih kopija vaših Dropleta, tako da lako možete kreirati nove Droplete iz iste konfiguracije u budućnosti.
### Enumeration
```
doctl compute image list
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,19 +2,18 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne Informacije
### DigitalOcean Kubernetes (DOKS)
DOKS is a managed Kubernetes service offered by DigitalOcean. The service is designed to **deploy and manage Kubernetes clusters on DigitalOcean's platform**. The key aspects of DOKS include:
DOKS je upravljana Kubernetes usluga koju nudi DigitalOcean. Usluga je dizajnirana da **implementira i upravlja Kubernetes klasterima na DigitalOcean platformi**. Ključni aspekti DOKS-a uključuju:
1. **Ease of Management**: The requirement to set up and maintain the underlying infrastructure is eliminated, simplifying the management of Kubernetes clusters.
2. **User-Friendly Interface**: It provides an intuitive interface that facilitates the creation and administration of clusters.
3. **Integration with DigitalOcean Services**: It seamlessly integrates with other services provided by DigitalOcean, such as Load Balancers and Block Storage.
4. **Automatic Updates and Upgrades**: The service includes the automatic updating and upgrading of clusters to ensure they are up-to-date.
### Connection
1. **Jednostavnost upravljanja**: Zahtev za postavljanje i održavanje osnovne infrastrukture je eliminisan, što pojednostavljuje upravljanje Kubernetes klasterima.
2. **Prijateljski korisnički interfejs**: Pruža intuitivan interfejs koji olakšava kreiranje i administraciju klastera.
3. **Integracija sa DigitalOcean uslugama**: Besprekorno se integriše sa drugim uslugama koje pruža DigitalOcean, kao što su Load Balancers i Block Storage.
4. **Automatske nadogradnje i ažuriranja**: Usluga uključuje automatsko ažuriranje i nadogradnju klastera kako bi se osiguralo da su uvek ažurirani.
### Povezivanje
```bash
# Generate kubeconfig from doctl
doctl kubernetes cluster kubeconfig save <cluster-id>
@@ -22,9 +21,7 @@ doctl kubernetes cluster kubeconfig save <cluster-id>
# Use a kubeconfig file that you can download from the console
kubectl --kubeconfig=/<pathtodirectory>/k8s-1-25-4-do-0-ams3-1670939911166-kubeconfig.yaml get nodes
```
### Enumeration
### Enumeracija
```bash
# Get clusters
doctl kubernetes cluster list
@@ -35,9 +32,4 @@ doctl kubernetes cluster node-pool list <cluster-id>
# Get DO resources used by the cluster
doctl kubernetes cluster list-associated-resources <cluster-id>
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,48 +2,34 @@
{{#include ../../../banners/hacktricks-training.md}}
### Domains
### Domeni
```bash
doctl compute domain list
doctl compute domain records list <domain>
# You can also create records
```
### Reserverd IPs
### Rezervisane IP adrese
```bash
doctl compute reserved-ip list
doctl compute reserved-ip-action unassign <ip>
```
### Load Balancers
### Balansiranje Opterećenja
```bash
doctl compute load-balancer list
doctl compute load-balancer remove-droplets <id> --droplet-ids 12,33
doctl compute load-balancer add-forwarding-rules <id> --forwarding-rules entry_protocol:tcp,entry_port:3306,...
```
### VPC
```
doctl vpcs list
```
### Firewall
> [!CAUTION]
> By default **droplets are created WITHOUT A FIREWALL** (not like in oder clouds such as AWS or GCP). So if you want DO to protect the ports of the droplet (VM), you need to **create it and attach it**.
> Po default-u **droplet-i se kreiraju BEZ FIREWALL-a** (nije kao u drugim cloud-ovima kao što su AWS ili GCP). Dakle, ako želite da DO zaštiti portove dropleta (VM), morate **da ga kreirate i povežete**.
```bash
doctl compute firewall list
doctl compute firewall list-by-droplet <droplet-id>
doctl compute firewall remove-droplets <fw-id> --droplet-ids <droplet-id>
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -1,27 +1,21 @@
# DO - Projects
# DO - Projekti
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne Informacije
> project is just a container for all the **services** (droplets, spaces, databases, kubernetes...) **running together inside of it**.\
> For more info check:
> projekat je samo kontejner za sve **usluge** (droplet-i, prostori, baze podataka, kubernetes...) **koje rade zajedno unutar njega**.\
> Za više informacija pogledajte:
{{#ref}}
../do-basic-information.md
{{#endref}}
### Enumeration
It's possible to **enumerate all the projects a user have access to** and all the resources that are running inside a project very easily:
### Enumeracija
Moguće je **enumerisati sve projekte kojima korisnik ima pristup** i sve resurse koji rade unutar projekta veoma lako:
```bash
doctl projects list # Get projects
doctl projects resources list <proj-id> # Get all the resources of a project
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,25 +2,24 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean Spaces are **object storage services**. They allow users to **store and serve large amounts of data**, such as images and other files, in a scalable and cost-effective way. Spaces can be accessed via the DigitalOcean control panel, or using the DigitalOcean API, and are integrated with other DigitalOcean services such as Droplets (virtual private servers) and Load Balancers.
DigitalOcean Spaces su **usluge skladištenja objekata**. Omogućavaju korisnicima da **čuvaju i pružaju velike količine podataka**, kao što su slike i drugi fajlovi, na skalabilan i ekonomičan način. Spaces se mogu pristupiti putem DigitalOcean kontrolne table, ili koristeći DigitalOcean API, i integrisani su sa drugim DigitalOcean uslugama kao što su Droplets (virtuelni privatni serveri) i Load Balancers.
### Access
### Pristup
Spaces can be **public** (anyone can access them from the Internet) or **private** (only authorised users). To access the files from a private space outside of the Control Panel, we need to generate an **access key** and **secret**. These are a pair of random tokens that serve as a **username** and **password** to grant access to your Space.
Spaces mogu biti **javne** (svako može da im pristupi sa Interneta) ili **privatne** (samo ovlašćeni korisnici). Da bismo pristupili fajlovima iz privatnog prostora van Kontrolne table, potrebno je da generišemo **ključ za pristup** i **tajni ključ**. Ovo su par nasumičnih tokena koji služe kao **korisničko ime** i **lozinka** za pristup vašem prostoru.
A **URL of a space** looks like this: **`https://uniqbucketname.fra1.digitaloceanspaces.com/`**\
Note the **region** as **subdomain**.
**URL prostora** izgleda ovako: **`https://uniqbucketname.fra1.digitaloceanspaces.com/`**\
Obratite pažnju na **region** kao **poddomen**.
Even if the **space** is **public**, **files** **inside** of it can be **private** (you will be able to access them only with credentials).
Čak i ako je **prostor** **javan**, **fajlovi** **unutar** njega mogu biti **privatni** (moći ćete da im pristupite samo sa kredencijalima).
However, **even** if the file is **private**, from the console it's possible to share a file with a link such as `https://fra1.digitaloceanspaces.com/uniqbucketname/filename?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=DO00PL3RA373GBV4TRF7%2F20221213%2Ffra1%2Fs3%2Faws4_request&X-Amz-Date=20221213T121017Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=6a183dbc42453a8d30d7cd2068b66aeb9ebc066123629d44a8108115def975bc` for a period of time:
Međutim, **čak** i ako je fajl **privatan**, iz konzole je moguće deliti fajl putem linka kao što je `https://fra1.digitaloceanspaces.com/uniqbucketname/filename?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=DO00PL3RA373GBV4TRF7%2F20221213%2Ffra1%2Fs3%2Faws4_request&X-Amz-Date=20221213T121017Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=6a183dbc42453a8d30d7cd2068b66aeb9ebc066123629d44a8108115def975bc` na određeni vremenski period:
<figure><img src="../../../images/image (277).png" alt=""><figcaption></figcaption></figure>
### Enumeration
### Enumeracija
```bash
# Unauthenticated
## Note how the region is specified in the endpoint
@@ -42,9 +41,4 @@ aws s3 ls --endpoint=https://fra1.digitaloceanspaces.com s3://uniqbucketname
## It's also possible to generate authorized access to buckets from the API
```
{{#include ../../../banners/hacktricks-training.md}}
@@ -2,18 +2,12 @@
{{#include ../../../banners/hacktricks-training.md}}
## Basic Information
## Osnovne informacije
DigitalOcean volumes are **block storage** devices that can be **attached to and detached from Droplets**. Volumes are useful for **storing data** that needs to **persist** independently of the Droplet itself, such as databases or file storage. They can be resized, attached to multiple Droplets, and snapshot for backups.
### Enumeration
DigitalOcean volumeni su **block storage** uređaji koji se mogu **priključiti i odvojiti od Dropleta**. Volumeni su korisni za **čuvanje podataka** koji treba da **ostanu** nezavisno od samog Dropleta, kao što su baze podataka ili skladištenje datoteka. Mogu se promeniti veličinu, priključiti na više Dropleta i napraviti snapshot za backup.
### Enumeracija
```
compute volume list
```
{{#include ../../../banners/hacktricks-training.md}}