mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2026-01-14 05:46:25 -08:00
Translated ['.github/pull_request_template.md', 'src/pentesting-cloud/az
This commit is contained in:
Translator
@@ -1,186 +1,182 @@
|
||||
# GWS - Persistence
|
||||
# GWS - Persistensie
|
||||
|
||||
{{#include ../../banners/hacktricks-training.md}}
|
||||
|
||||
> [!CAUTION]
|
||||
> All the actions mentioned in this section that change setting will generate a **security alert to the email and even a push notification to any mobile synced** with the account.
|
||||
> Alle aksies wat in hierdie afdeling genoem word wat instellings verander, sal 'n **veiligheidswaarskuwing na die e-pos en selfs 'n push kennisgewing na enige mobiele toestel wat met die rekening gesinkroniseer is** genereer.
|
||||
|
||||
## **Persistence in Gmail**
|
||||
## **Persistensie in Gmail**
|
||||
|
||||
- You can create **filters to hide** security notifications from Google
|
||||
- `from: (no-reply@accounts.google.com) "Security Alert"`
|
||||
- This will prevent security emails to reach the email (but won't prevent push notifications to the mobile)
|
||||
- Jy kan **filters skep om** veiligheidswaarskuwings van Google te verberg
|
||||
- `from: (no-reply@accounts.google.com) "Security Alert"`
|
||||
- Dit sal voorkom dat veiligheids-e-posse die e-pos bereik (maar sal nie voorkom dat push kennisgewings na die mobiele toestel gaan nie)
|
||||
|
||||
<details>
|
||||
|
||||
<summary>Steps to create a gmail filter</summary>
|
||||
<summary>Stappe om 'n gmail-filter te skep</summary>
|
||||
|
||||
(Instructions from [**here**](https://support.google.com/mail/answer/6579))
|
||||
(Instruksies van [**hier**](https://support.google.com/mail/answer/6579))
|
||||
|
||||
1. Open [Gmail](https://mail.google.com/).
|
||||
2. In the search box at the top, click Show search options  .
|
||||
3. Enter your search criteria. If you want to check that your search worked correctly, see what emails show up by clicking **Search**.
|
||||
4. At the bottom of the search window, click **Create filter**.
|
||||
5. Choose what you’d like the filter to do.
|
||||
6. Click **Create filter**.
|
||||
1. Maak [Gmail](https://mail.google.com/) oop.
|
||||
2. Klik op die soekboks aan die bokant, klik op Soekopsies wys .
|
||||
3. Voer jou soekkriteria in. As jy wil kyk of jou soek korrek gewerk het, kyk watter e-posse verskyn deur op **Soek** te klik.
|
||||
4. Klik onderaan die soekvenster op **Skep filter**.
|
||||
5. Kies wat jy wil hê die filter moet doen.
|
||||
6. Klik op **Skep filter**.
|
||||
|
||||
Check your current filter (to delete them) in [https://mail.google.com/mail/u/0/#settings/filters](https://mail.google.com/mail/u/0/#settings/filters)
|
||||
Kontroleer jou huidige filter (om dit te verwyder) in [https://mail.google.com/mail/u/0/#settings/filters](https://mail.google.com/mail/u/0/#settings/filters)
|
||||
|
||||
</details>
|
||||
|
||||
<figure><img src="../../images/image (331).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
- Create **forwarding address to forward sensitive information** (or everything) - You need manual access.
|
||||
- Create a forwarding address in [https://mail.google.com/mail/u/2/#settings/fwdandpop](https://mail.google.com/mail/u/2/#settings/fwdandpop)
|
||||
- The receiving address will need to confirm this
|
||||
- Then, set to forward all the emails while keeping a copy (remember to click on save changes):
|
||||
- Skep **doorstuuradres om sensitiewe inligting** (of alles) te deurstuur - Jy het handmatige toegang nodig.
|
||||
- Skep 'n deurstuuradres in [https://mail.google.com/mail/u/2/#settings/fwdandpop](https://mail.google.com/mail/u/2/#settings/fwdandpop)
|
||||
- Die ontvangende adres sal dit moet bevestig
|
||||
- Stel dan in om al die e-posse deur te stuur terwyl jy 'n kopie hou (onthou om op veranderinge te stoor te klik):
|
||||
|
||||
<figure><img src="../../images/image (332).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
It's also possible create filters and forward only specific emails to the other email address.
|
||||
Dit is ook moontlik om filters te skep en slegs spesifieke e-posse na die ander e-posadres deur te stuur.
|
||||
|
||||
## App passwords
|
||||
## App wagwoorde
|
||||
|
||||
If you managed to **compromise a google user session** and the user had **2FA**, you can **generate** an [**app password**](https://support.google.com/accounts/answer/185833?hl=en) (follow the link to see the steps). Note that **App passwords are no longer recommended by Google and are revoked** when the user **changes his Google Account password.**
|
||||
As jy daarin geslaag het om 'n **google gebruikersessie te kompromitteer** en die gebruiker het **2FA**, kan jy 'n [**app wagwoord**](https://support.google.com/accounts/answer/185833?hl=en) **genereer** (volg die skakel om die stappe te sien). Let daarop dat **App wagwoorde nie meer deur Google aanbeveel word nie en word herroep** wanneer die gebruiker **sy Google-rekening wagwoord verander.**
|
||||
|
||||
**Even if you have an open session you will need to know the password of the user to create an app password.**
|
||||
**Selfs as jy 'n oop sessie het, sal jy die wagwoord van die gebruiker moet weet om 'n app wagwoord te skep.**
|
||||
|
||||
> [!NOTE]
|
||||
> App passwords can **only be used with accounts that have 2-Step Verification** turned on.
|
||||
> App wagwoorde kan **slegs gebruik word met rekeninge wat 2-Stap Verifikasie** geaktiveer het.
|
||||
|
||||
## Change 2-FA and similar
|
||||
## Verander 2-FA en soortgelyk
|
||||
|
||||
It's also possible to **turn off 2-FA or to enrol a new device** (or phone number) in this page [**https://myaccount.google.com/security**](https://myaccount.google.com/security)**.**\
|
||||
**It's also possible to generate passkeys (add your own device), change the password, add mobile numbers for verification phones and recovery, change the recovery email and change the security questions).**
|
||||
Dit is ook moontlik om **2-FA af te skakel of 'n nuwe toestel** (of telefoonnommer) op hierdie bladsy [**https://myaccount.google.com/security**](https://myaccount.google.com/security)**.**\
|
||||
**Dit is ook moontlik om wagkeys te genereer (voeg jou eie toestel by), die wagwoord te verander, mobiele nommers vir verifikasietelefone en herstel, die herstel e-pos te verander en die veiligheidsvrae te verander).**
|
||||
|
||||
> [!CAUTION]
|
||||
> To **prevent security push notifications** to reach the phone of the user, you could **sign his smartphone out** (although that would be weird) because you cannot sign him in again from here.
|
||||
> Om **veiligheids push kennisgewings** te voorkom om die telefoon van die gebruiker te bereik, kan jy **sy slimfoon afteken** (alhoewel dit vreemd sou wees) omdat jy hom nie weer van hier af kan aanmeld nie.
|
||||
>
|
||||
> It's also possible to **locate the device.**
|
||||
> Dit is ook moontlik om **die toestel te lokaliseer.**
|
||||
|
||||
**Even if you have an open session you will need to know the password of the user to change these settings.**
|
||||
**Selfs as jy 'n oop sessie het, sal jy die wagwoord van die gebruiker moet weet om hierdie instellings te verander.**
|
||||
|
||||
## Persistence via OAuth Apps
|
||||
## Persistensie via OAuth Apps
|
||||
|
||||
If you have **compromised the account of a user,** you can just **accept** to grant all the possible permissions to an **OAuth App**. The only problem is that Workspace can be configure to **disallow unreviewed external and/or internal OAuth apps.**\
|
||||
It is pretty common for Workspace Organizations to not trust by default external OAuth apps but trust internal ones, so if you have **enough permissions to generate a new OAuth application** inside the organization and external apps are disallowed, generate it and **use that new internal OAuth app to maintain persistence**.
|
||||
As jy die **rekening van 'n gebruiker gecompromitteer het**, kan jy net **aanvaar** om al die moontlike toestemmings aan 'n **OAuth App** te verleen. Die enigste probleem is dat Workspace geconfigureer kan word om **onbeoordeelde eksterne en/of interne OAuth apps te verbied.**\
|
||||
Dit is redelik algemeen dat Workspace Organisasies nie standaard eksterne OAuth apps vertrou nie, maar interne wel, so as jy **genoeg toestemmings het om 'n nuwe OAuth toepassing** binne die organisasie te genereer en eksterne apps is verbied, genereer dit en **gebruik daardie nuwe interne OAuth app om persistensie te handhaaf**.
|
||||
|
||||
Check the following page for more information about OAuth Apps:
|
||||
Kyk na die volgende bladsy vir meer inligting oor OAuth Apps:
|
||||
|
||||
{{#ref}}
|
||||
gws-google-platforms-phishing/
|
||||
{{#endref}}
|
||||
|
||||
## Persistence via delegation
|
||||
## Persistensie via delegasie
|
||||
|
||||
You can just **delegate the account** to a different account controlled by the attacker (if you are allowed to do this). In Workspace **Organizations** this option must be **enabled**. It can be disabled for everyone, enabled from some users/groups or for everyone (usually it's only enabled for some users/groups or completely disabled).
|
||||
Jy kan net die **rekening aan 'n ander rekening** wat deur die aanvaller beheer word, **delegeer** (as jy toegelaat word om dit te doen). In Workspace **Organisasies** moet hierdie opsie **geaktiveer** wees. Dit kan vir almal gedeaktiveer word, geaktiveer vir sommige gebruikers/groepe of vir almal (gewoonlik is dit slegs geaktiveer vir sommige gebruikers/groepe of heeltemal gedeaktiveer).
|
||||
|
||||
<details>
|
||||
|
||||
<summary>If you are a Workspace admin check this to enable the feature</summary>
|
||||
<summary>As jy 'n Workspace admin is, kyk hier om die funksie te aktiveer</summary>
|
||||
|
||||
(Information [copied form the docs](https://support.google.com/a/answer/7223765))
|
||||
(Inligting [gekopieer uit die dokumentasie](https://support.google.com/a/answer/7223765))
|
||||
|
||||
As an administrator for your organization (for example, your work or school), you control whether users can delegate access to their Gmail account. You can let everyone have the option to delegate their account. Or, only let people in certain departments set up delegation. For example, you can:
|
||||
As 'n administrateur vir jou organisasie (byvoorbeeld, jou werk of skool), beheer jy of gebruikers toegang tot hul Gmail-rekening kan delegeer. Jy kan almal die opsie gee om hul rekening te delegeer. Of, net mense in sekere departemente toelaat om delegasie op te stel. Byvoorbeeld, jy kan:
|
||||
|
||||
- Add an administrative assistant as a delegate on your Gmail account so they can read and send email on your behalf.
|
||||
- Add a group, such as your sales department, in Groups as a delegate to give everyone access to one Gmail account.
|
||||
- Voeg 'n administratiewe assistent as 'n gedelegeerde op jou Gmail-rekening sodat hulle e-pos namens jou kan lees en stuur.
|
||||
- Voeg 'n groep, soos jou verkoopsafdeling, in Groepe as 'n gedelegeerde om almal toegang tot een Gmail-rekening te gee.
|
||||
|
||||
Users can only delegate access to another user in the same organization, regardless of their domain or their organizational unit.
|
||||
Gebruikers kan slegs toegang aan 'n ander gebruiker in dieselfde organisasie delegeer, ongeag hul domein of hul organisatoriese eenheid.
|
||||
|
||||
#### Delegation limits & restrictions
|
||||
#### Delegasie beperkings & beperkings
|
||||
|
||||
- **Allow users to grant their mailbox access to a Google group** option: To use this option, it must be enabled for the OU of the delegated account and for each group member's OU. Group members that belong to an OU without this option enabled can't access the delegated account.
|
||||
- With typical use, 40 delegated users can access a Gmail account at the same time. Above-average use by one or more delegates might reduce this number.
|
||||
- Automated processes that frequently access Gmail might also reduce the number of delegates who can access an account at the same time. These processes include APIs or browser extensions that access Gmail frequently.
|
||||
- A single Gmail account supports up to 1,000 unique delegates. A group in Groups counts as one delegate toward the limit.
|
||||
- Delegation does not increase the limits for a Gmail account. Gmail accounts with delegated users have the standard Gmail account limits and policies. For details, visit [Gmail limits and policies](https://support.google.com/a/topic/28609).
|
||||
- **Laat gebruikers toe om toegang tot hul posbus aan 'n Google-groep te verleen** opsie: Om hierdie opsie te gebruik, moet dit geaktiveer wees vir die OU van die gedelegeerde rekening en vir elke groep lid se OU. Groep lede wat aan 'n OU behoort sonder hierdie opsie geaktiveer, kan nie toegang tot die gedelegeerde rekening verkry nie.
|
||||
- Met tipiese gebruik kan 40 gedelegeerde gebruikers terselfdertyd toegang tot 'n Gmail-rekening verkry. Bo-gemiddelde gebruik deur een of meer gedelegeerdes kan hierdie getal verminder.
|
||||
- Geoutomatiseerde prosesse wat gereeld toegang tot Gmail verkry, kan ook die aantal gedelegeerdes wat terselfdertyd toegang tot 'n rekening kan verkry, verminder. Hierdie prosesse sluit API's of blaaiers uitbreidings in wat gereeld toegang tot Gmail verkry.
|
||||
- 'n Enkele Gmail-rekening ondersteun tot 1,000 unieke gedelegeerdes. 'n Groep in Groepe tel as een gedelegeerde teen die limiet.
|
||||
- Delegasie verhoog nie die limiete vir 'n Gmail-rekening nie. Gmail-rekeninge met gedelegeerde gebruikers het die standaard Gmail-rekening limiete en beleide. Vir besonderhede, besoek [Gmail limiete en beleide](https://support.google.com/a/topic/28609).
|
||||
|
||||
#### Step 1: Turn on Gmail delegation for your users
|
||||
#### Stap 1: Skakel Gmail delegasie aan vir jou gebruikers
|
||||
|
||||
**Before you begin:** To apply the setting for certain users, put their accounts in an [organizational unit](https://support.google.com/a/topic/1227584).
|
||||
**Voordat jy begin:** Om die instelling vir sekere gebruikers toe te pas, plaas hul rekeninge in 'n [organisatoriese eenheid](https://support.google.com/a/topic/1227584).
|
||||
|
||||
1. [Sign in](https://admin.google.com/) to your [Google Admin console](https://support.google.com/a/answer/182076).
|
||||
1. [Teken in](https://admin.google.com/) op jou [Google Admin-konsol](https://support.google.com/a/answer/182076).
|
||||
|
||||
Sign in using an _administrator account_, not your current account CarlosPolop@gmail.com
|
||||
Teken in met 'n _administrateur rekening_, nie jou huidige rekening CarlosPolop@gmail.com nie.
|
||||
|
||||
2. In the Admin console, go to Menu  **Apps****Google Workspace****Gmail****User settings**.
|
||||
3. To apply the setting to everyone, leave the top organizational unit selected. Otherwise, select a child [organizational unit](https://support.google.com/a/topic/1227584).
|
||||
4. Click **Mail delegation**.
|
||||
5. Check the **Let users delegate access to their mailbox to other users in the domain** box.
|
||||
6. (Optional) To let users specify what sender information is included in delegated messages sent from their account, check the **Allow users to customize this setting** box.
|
||||
7. Select an option for the default sender information that's included in messages sent by delegates:
|
||||
- **Show the account owner and the delegate who sent the email**—Messages include the email addresses of the Gmail account owner and the delegate.
|
||||
- **Show the account owner only**—Messages include the email address of only the Gmail account owner. The delegate email address is not included.
|
||||
8. (Optional) To let users add a group in Groups as a delegate, check the **Allow users to grant their mailbox access to a Google group** box.
|
||||
9. Click **Save**. If you configured a child organizational unit, you might be able to **Inherit** or **Override** a parent organizational unit's settings.
|
||||
10. (Optional) To turn on Gmail delegation for other organizational units, repeat steps 3–9.
|
||||
2. In die Admin-konsol, gaan na Menu  **Apps****Google Workspace****Gmail****Gebruiker instellings**.
|
||||
3. Om die instelling vir almal toe te pas, laat die boonste organisatoriese eenheid geselekteer. Andersins, kies 'n kind [organisatoriese eenheid](https://support.google.com/a/topic/1227584).
|
||||
4. Klik op **Posdelegasie**.
|
||||
5. Merk die **Laat gebruikers toe om toegang tot hul posbus aan ander gebruikers in die domein te verleen** blokkie.
|
||||
6. (Opsioneel) Om gebruikers toe te laat om te spesifiseer watter senderinligting ingesluit is in gedelegeerde boodskappe wat van hul rekening gestuur word, merk die **Laat gebruikers toe om hierdie instelling aan te pas** blokkie.
|
||||
7. Kies 'n opsie vir die standaard senderinligting wat ingesluit is in boodskappe wat deur gedelegeerdes gestuur word:
|
||||
- **Wys die rekening eienaar en die gedelegeerde wat die e-pos gestuur het**—Boodskappe sluit die e-pos adresse van die Gmail rekening eienaar en die gedelegeerde in.
|
||||
- **Wys slegs die rekening eienaar**—Boodskappe sluit slegs die e-pos adres van die Gmail rekening eienaar in. Die gedelegeerde e-pos adres is nie ingesluit nie.
|
||||
8. (Opsioneel) Om gebruikers toe te laat om 'n groep in Groepe as 'n gedelegeerde toe te voeg, merk die **Laat gebruikers toe om toegang tot hul posbus aan 'n Google-groep te verleen** blokkie.
|
||||
9. Klik op **Stoor**. As jy 'n kind organisatoriese eenheid geconfigureer het, kan jy dalk **Erf** of **Oorheers** 'n ouer organisatoriese eenheid se instellings.
|
||||
10. (Opsioneel) Om Gmail delegasie vir ander organisatoriese eenhede aan te skakel, herhaal stappe 3–9.
|
||||
|
||||
Changes can take up to 24 hours but typically happen more quickly. [Learn more](https://support.google.com/a/answer/7514107)
|
||||
Veranderings kan tot 24 uur neem, maar gebeur gewoonlik vinniger. [Leer meer](https://support.google.com/a/answer/7514107)
|
||||
|
||||
#### Step 2: Have users set up delegates for their accounts
|
||||
#### Stap 2: Laat gebruikers gedelegeerdes vir hul rekeninge opstel
|
||||
|
||||
After you turn on delegation, your users go to their Gmail settings to assign delegates. Delegates can then read, send, and receive messages on behalf of the user.
|
||||
Nadat jy delegasie aangeskakel het, gaan jou gebruikers na hul Gmail instellings om gedelegeerdes toe te ken. Gedelegeerdes kan dan boodskappe namens die gebruiker lees, stuur en ontvang.
|
||||
|
||||
For details, direct users to [Delegate and collaborate on email](https://support.google.com/a/users/answer/138350).
|
||||
Vir besonderhede, verwys gebruikers na [Delegeer en werk saam aan e-pos](https://support.google.com/a/users/answer/138350).
|
||||
|
||||
</details>
|
||||
|
||||
<details>
|
||||
|
||||
<summary>From a regular suer, check here the instructions to try to delegate your access</summary>
|
||||
<summary>Van 'n gewone gebruiker, kyk hier die instruksies om te probeer om jou toegang te delegeer</summary>
|
||||
|
||||
(Info copied [**from the docs**](https://support.google.com/mail/answer/138350))
|
||||
(Inligting gekopieer [**uit die dokumentasie**](https://support.google.com/mail/answer/138350))
|
||||
|
||||
You can add up to 10 delegates.
|
||||
Jy kan tot 10 gedelegeerdes byvoeg.
|
||||
|
||||
If you're using Gmail through your work, school, or other organization:
|
||||
As jy Gmail deur jou werk, skool of ander organisasie gebruik:
|
||||
|
||||
- You can add up to 1000 delegates within your organization.
|
||||
- With typical use, 40 delegates can access a Gmail account at the same time.
|
||||
- If you use automated processes, such as APIs or browser extensions, a few delegates can access a Gmail account at the same time.
|
||||
- Jy kan tot 1000 gedelegeerdes binne jou organisasie byvoeg.
|
||||
- Met tipiese gebruik kan 40 gedelegeerde gebruikers terselfdertyd toegang tot 'n Gmail-rekening verkry.
|
||||
- As jy geoutomatiseerde prosesse gebruik, soos API's of blaaiers uitbreidings, kan 'n paar gedelegeerdes terselfdertyd toegang tot 'n Gmail-rekening verkry.
|
||||
|
||||
1. On your computer, open [Gmail](https://mail.google.com/). You can't add delegates from the Gmail app.
|
||||
2. In the top right, click Settings   **See all settings**.
|
||||
3. Click the **Accounts and Import** or **Accounts** tab.
|
||||
4. In the "Grant access to your account" section, click **Add another account**. If you’re using Gmail through your work or school, your organization may restrict email delegation. If you don’t see this setting, contact your admin.
|
||||
- If you don't see Grant access to your account, then it's restricted.
|
||||
5. Enter the email address of the person you want to add. If you’re using Gmail through your work, school, or other organization, and your admin allows it, you can enter the email address of a group. This group must have the same domain as your organization. External members of the group are denied delegation access.\
|
||||
\
|
||||
**Important:** If the account you delegate is a new account or the password was reset, the Admin must turn off the requirement to change password when you first sign in.
|
||||
1. Op jou rekenaar, maak [Gmail](https://mail.google.com/) oop. Jy kan nie gedelegeerdes vanaf die Gmail-app byvoeg nie.
|
||||
2. Klik regs bo op Instellings   **Sien alle instellings**.
|
||||
3. Klik op die **Rekeninge en Invoer** of **Rekeninge** tab.
|
||||
4. In die "Verleen toegang tot jou rekening" afdeling, klik op **Voeg 'n ander rekening by**. As jy Gmail deur jou werk of skool gebruik, mag jou organisasie e-posdelegasie beperk. As jy nie hierdie instelling sien nie, kontak jou admin.
|
||||
- As jy nie "Verleen toegang tot jou rekening" sien nie, dan is dit beperk.
|
||||
5. Voer die e-pos adres van die persoon wat jy wil byvoeg in. As jy Gmail deur jou werk, skool of ander organisasie gebruik, en jou admin dit toelaat, kan jy die e-pos adres van 'n groep invoer. Hierdie groep moet dieselfde domein as jou organisasie hê. Eksterne lede van die groep word toegang tot delegasie ontken.\
|
||||
\
|
||||
**Belangrik:** As die rekening wat jy delegeer 'n nuwe rekening is of die wagwoord gereset is, moet die Admin die vereiste om die wagwoord te verander wanneer jy eerste aanmeld, afskakel.
|
||||
|
||||
- [Learn how an Admin can create a user](https://support.google.com/a/answer/33310).
|
||||
- [Learn how an Admin can reset passwords](https://support.google.com/a/answer/33319).
|
||||
- [Leer hoe 'n Admin 'n gebruiker kan skep](https://support.google.com/a/answer/33310).
|
||||
- [Leer hoe 'n Admin wagwoorde kan reset](https://support.google.com/a/answer/33319).
|
||||
|
||||
6\. Click **Next Step**  **Send email to grant access**.
|
||||
6\. Klik op **Volgende Stap**  **Stuur e-pos om toegang te verleen**.
|
||||
|
||||
The person you added will get an email asking them to confirm. The invitation expires after a week.
|
||||
Die persoon wat jy bygevoeg het, sal 'n e-pos ontvang wat hulle vra om te bevestig. Die uitnodiging verval na 'n week.
|
||||
|
||||
If you added a group, all group members will become delegates without having to confirm.
|
||||
As jy 'n groep bygevoeg het, sal alle groepslede gedelegeerdes word sonder om te bevestig.
|
||||
|
||||
Note: It may take up to 24 hours for the delegation to start taking effect.
|
||||
Let wel: Dit kan tot 24 uur neem voordat die delegasie begin om effektief te wees.
|
||||
|
||||
</details>
|
||||
|
||||
## Persistence via Android App
|
||||
## Persistensie via Android App
|
||||
|
||||
If you have a **session inside victims google account** you can browse to the **Play Store** and might be able to **install malware** you have already uploaded to the store directly **to the phone** to maintain persistence and access the victims phone.
|
||||
As jy 'n **sessie binne die slagoffer se google rekening** het, kan jy na die **Play Store** blaai en dalk in staat wees om **malware** wat jy reeds na die winkel opgelaai het, direk **na die telefoon** te installeer om persistensie te handhaaf en toegang tot die slagoffer se telefoon te verkry.
|
||||
|
||||
## **Persistence via** App Scripts
|
||||
## **Persistensie via** App Skripte
|
||||
|
||||
You can create **time-based triggers** in App Scripts, so if the App Script is accepted by the user, it will be **triggered** even **without the user accessing it**. For more information about how to do this check:
|
||||
Jy kan **tyd-gebaseerde triggers** in App Skripte skep, so as die App Skrip deur die gebruiker aanvaar word, sal dit **geaktiveer** word selfs **sonder dat die gebruiker dit toegang** het. Vir meer inligting oor hoe om dit te doen, kyk:
|
||||
|
||||
{{#ref}}
|
||||
gws-google-platforms-phishing/gws-app-scripts.md
|
||||
{{#endref}}
|
||||
|
||||
## References
|
||||
## Verwysings
|
||||
|
||||
- [https://www.youtube-nocookie.com/embed/6AsVUS79gLw](https://www.youtube-nocookie.com/embed/6AsVUS79gLw) - Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
|
||||
- [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
|
||||
- [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch en Beau Bullock - OK Google, Hoe doen ek 'n Red Team GSuite?
|
||||
|
||||
{{#include ../../banners/hacktricks-training.md}}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user