Translated ['.github/pull_request_template.md', 'src/pentesting-cloud/az

src/pentesting-cloud/workspace-security/gws-post-exploitation.md

@@ -4,14 +4,14 @@
 
 ## Google Groups Privesc
 
-By default in workspace a **group** can be **freely accessed** by any member of the organization.\
-Workspace also allow to **grant permission to groups** (even GCP permissions), so if groups can be joined and they have extra permissions, an attacker may **abuse that path to escalate privileges**.
+Po defaultu, u workspace-u, **grupa** može biti **slobodno dostupna** bilo kojem članu organizacije.\
+Workspace takođe omogućava **dodeljivanje dozvola grupama** (čak i GCP dozvola), tako da ako se grupe mogu pridružiti i imaju dodatne dozvole, napadač može **iskoristiti tu putanju za eskalaciju privilegija**.
 
-You potentially need access to the console to join groups that allow to be joined by anyone in the org. Check groups information in [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups).
+Potrebno je da imate pristup konzoli da biste se pridružili grupama koje dozvoljavaju pridruživanje bilo kome u organizaciji. Proverite informacije o grupama na [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups).
 
 ### Access Groups Mail info
 
-If you managed to **compromise a google user session**, from [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups) you can see the history of mails sent to the mail groups the user is member of, and you might find **credentials** or other **sensitive data**.
+Ako ste uspeli da **kompromitujete sesiju google korisnika**, sa [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups) možete videti istoriju mejlova poslatih grupama na koje je korisnik član, i možda ćete pronaći **akreditive** ili druge **osetljive podatke**.
 
 ## GCP <--> GWS Pivoting
 
@@ -19,52 +19,52 @@ If you managed to **compromise a google user session**, from [**https://groups.g
 ../gcp-security/gcp-to-workspace-pivoting/
 {{#endref}}
 
-## Takeout - Download Everything Google Knows about an account
+## Takeout - Preuzmi sve što Google zna o nalogu
 
-If you have a **session inside victims google account** you can download everything Google saves about that account from [**https://takeout.google.com**](https://takeout.google.com/u/1/?pageId=none)
+Ako imate **sesiju unutar google naloga žrtve**, možete preuzeti sve što Google čuva o tom nalogu sa [**https://takeout.google.com**](https://takeout.google.com/u/1/?pageId=none)
 
-## Vault - Download all the Workspace data of users
+## Vault - Preuzmi sve podatke Workspace-a korisnika
 
-If an organization has **Google Vault enabled**, you might be able to access [**https://vault.google.com**](https://vault.google.com/u/1/) and **download** all the **information**.
+Ako organizacija ima **Google Vault omogućen**, možda ćete moći da pristupite [**https://vault.google.com**](https://vault.google.com/u/1/) i **preuzmete** sve **informacije**.
 
-## Contacts download
+## Preuzimanje kontakata
 
-From [**https://contacts.google.com**](https://contacts.google.com/u/1/?hl=es&tab=mC) you can download all the **contacts** of the user.
+Sa [**https://contacts.google.com**](https://contacts.google.com/u/1/?hl=es&tab=mC) možete preuzeti sve **kontakte** korisnika.
 
 ## Cloudsearch
 
-In [**https://cloudsearch.google.com/**](https://cloudsearch.google.com) you can just search **through all the Workspace content** (email, drive, sites...) a user has access to. Ideal to **quickly find sensitive information**.
+Na [**https://cloudsearch.google.com/**](https://cloudsearch.google.com) možete jednostavno pretraživati **sadržaj Workspace-a** (email, drive, sajtove...) kojem korisnik ima pristup. Idealno za **brzo pronalaženje osetljivih informacija**.
 
 ## Google Chat
 
-In [**https://mail.google.com/chat**](https://mail.google.com/chat) you can access a Google **Chat**, and you might find sensitive information in the conversations (if any).
+Na [**https://mail.google.com/chat**](https://mail.google.com/chat) možete pristupiti Google **Chat-u**, i možda ćete pronaći osetljive informacije u razgovorima (ako ih ima).
 
 ## Google Drive Mining
 
-When **sharing** a document you can **specify** the **people** that can access it one by one, **share** it with your **entire company** (**or** with some specific **groups**) by **generating a link**.
+Kada **delite** dokument, možete **navesti** **ljude** koji mogu da mu pristupe jedan po jedan, **podeliti** ga sa vašom **celom kompanijom** (**ili** sa nekim specifičnim **grupama**) generisanjem linka.
 
-When sharing a document, in the advance setting you can also **allow people to search** for this file (by **default** this is **disabled**). However, it's important to note that once users views a document, it's searchable by them.
+Kada delite dokument, u naprednim podešavanjima takođe možete **dozvoliti ljudima da pretražuju** ovaj fajl (po **defaultu** je **onemogućeno**). Međutim, važno je napomenuti da kada korisnici pogledaju dokument, on postaje pretražljiv za njih.
 
-For sake of simplicity, most of the people will generate and share a link instead of adding the people that can access the document one by one.
+Radi jednostavnosti, većina ljudi će generisati i deliti link umesto da dodaju ljude koji mogu da pristupe dokumentu jedan po jedan.
 
-Some proposed ways to find all the documents:
+Neki predloženi načini za pronalaženje svih dokumenata:
 
-- Search in internal chat, forums...
-- **Spider** known **documents** searching for **references** to other documents. You can do this within an App Script with[ **PaperChaser**](https://github.com/mandatoryprogrammer/PaperChaser)
+- Pretražujte u internom chatu, forumima...
+- **Spider** poznate **dokumente** tražeći **reference** na druge dokumente. To možete uraditi unutar App Script-a sa [**PaperChaser**](https://github.com/mandatoryprogrammer/PaperChaser)
 
 ## **Keep Notes**
 
-In [**https://keep.google.com/**](https://keep.google.com) you can access the notes of the user, **sensitive** **information** might be saved in here.
+Na [**https://keep.google.com/**](https://keep.google.com) možete pristupiti beleškama korisnika, **osetljive** **informacije** mogu biti sačuvane ovde.
 
 ### Modify App Scripts
 
-In [**https://script.google.com/**](https://script.google.com/) you can find the APP Scripts of the user.
+Na [**https://script.google.com/**](https://script.google.com/) možete pronaći APP Scripts korisnika.
 
 ## **Administrate Workspace**
 
-In [**https://admin.google.com**/](https://admin.google.com), you might be able to modify the Workspace settings of the whole organization if you have enough permissions.
+Na [**https://admin.google.com**/](https://admin.google.com), možda ćete moći da modifikujete podešavanja Workspace-a cele organizacije ako imate dovoljno dozvola.
 
-You can also find emails by searching through all the user's invoices in [**https://admin.google.com/ac/emaillogsearch**](https://admin.google.com/ac/emaillogsearch)
+Takođe možete pronaći mejlove pretražujući sve korisnikove fakture na [**https://admin.google.com/ac/emaillogsearch**](https://admin.google.com/ac/emaillogsearch)
 
 ## References
 
@@ -72,7 +72,3 @@ You can also find emails by searching through all the user's invoices in [**http
 - [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
 
 {{#include ../../banners/hacktricks-training.md}}
-
-
-
-