Ansistrano

Daftar Isi Bab 1 — Menemukan Ansible Interfaces yang Terekspos 1.1 Apa itu Ansible, AWX, Semaphore 1.2 Mengapa Sering Terekspos 1.3 Dorking: Google / Shodan / FOFA 1.4 Default Credentials 1.5 Manual & Automated Discovery Bab 2 — Eksploitasi AWX / Ansible Tower 2.1 Default Credentials & Brute Force 2.2 API Exploration 2.3 RCE via Job Template 2.4 Credential Extraction via API 2.5 Inventory & Host Enumeration 2.6 Eksploitasi Semaphore UI Bab 3 — Eksploitasi Ansible Vault & Files 3.1 Exposed Ansible Files 3.2 Ansible Vault Cracking 3.3 Plaintext Passwords di Playbooks & Vars 3.4 SSH Key Extraction 3.5 Inventory File Analysis 3.6 Ansible Artifacts di Compromised Host 3.7 Ansistrano & Deployment Role Artifacts Bab 4 — Post-Exploitation via Ansible 4.1 RCE ke Semua Managed Hosts 4.2 Credential Harvesting dari Managed Hosts 4.3 Backdoor Deployment via Playbook 4.4 Lateral Movement via Inventory 4.5 Checklist Ringkasan Bab 1 — Menemukan Ansible Interfaces yang Terekspos 1.1 Apa itu Ansible, AWX, Semaphore Tool Deskripsi Port Default Ansible Automation tool untuk config management, deployment, orkestrasi. Agentless (pakai SSH) Tidak ada (CLI tool) AWX Open-source web UI & API untuk Ansible. Upstream project dari Ansible Tower 8052 (HTTP), 8043 (HTTPS) Ansible Tower Versi enterprise (berbayar) dari AWX. Red Hat product 443 (HTTPS) Semaphore Lightweight open-source UI untuk Ansible 3000 (HTTP) Mengapa ini berbahaya: ...