Cloud Security

Title: D-Link DSL-2740B (ADSL Router) Authentication Bypass Author: Ivano Binetti ( http://ivanobinetti.com ) Official Website: http://www.d-link.com Affected Version: DSL-2740B test: Firmware Version: EU_1.0 (other models/firmware cocould be also

FTP is a File Transfer Protocol widely used on the Internet. Its disadvantage is that it transmits data in plaintext. It can easily obtain users and passwords by listening on nodes that pass through the data, which brings many risks to the

Remote control technology has been mentioned earlier. Many hacker software and plug-in software are bundled with Backdoor programs, the backdoor program is to open a port backdoor in your computer to connect to the hacker's master terminal. Once the

When the input point of the mysql database is injected, mysql information can be obtained through the built-in functions such as version (), user (), database (), and password, in fact, we can use mysql built-in variables to get more mysql

# ---------------- In The Name Of God ------------# Joomla (com_gambling) SQL Injection Vulnerabilities#################################### AUTHOR: md. r00t# Mail: md.r00t.defacer@gmail.com# Webstie: www.r00t.gigfa.com# Forum:

Beiyang team launches 9.11.27In phpcms2008, search does not filter the input type parameter. You can directly modify and submit cross-site statements, resulting in xss generation.Attackers who use Cookies by unscrupulous social engineering can steal

Author: curious Version: the latest version of dvbbs 8.2.0 (the latest program directly under the dynamic Network Forum) Vulnerability file: 1. bokemanage. asp & bokepostings. asp 2. BokeSearch. asp vulnerabilities have the same principlesThe

Google: powered by Blue Dove Web Design Exploit: http: // server/path/file. php? Id = null [SQL] Example: Http: // server/sections/newsletter. php? Id =-30% 20 union % 20 select % 201, @ version  Http: // server/newsletter/newsletter_new.php? Id

Most of our comrades now use tools to back up webshells. Let's take a look at our frequently used methods. Step 1:Asp? Id = 1; create "> http: // 192.168.0.2/news. asp? Id = 1; create table [dbo]. [shit_tmp] ([cmd] [image]) --Step 2Http: // 192.168.0

Register_globals = On $ Sqlcontent = " ". $ P ."";File_put_contents ($ logfile, $ sqlcontent );?>Exp-demo.php? Logfile = php: // filter/write = convert. base64-decode/resource = abc. php & p = aPD9waHAgcGhwaW5mbygpOy8vPz4 =Http://marc.info /? L =

It is a clever idea, but there is no way to prevent attacks. The security of this method depends on the cookie expiration time. Suppose There Is A csrf page that does not submit repeatedly, if the attacked user opens this page but does not close it,

The Code is as follows: @ Echo off Gpupdate> nul Rem For Client only Ipconfig-w REG-p "HFUT_SECU"-o-x> nul Ipconfig-w REG-p "HFUT_SECU"-x> nul Rem ipconfig-w REG-p "HFUT_SECU"-r "Block TCP/80"-f * + 0: 80: TCP-n BLOCK-x> nul Rem ipconfig-w REG-p

1. view basic MYSQL information (Database Name, version, user) And 1 = 2 union select 1, 2, 3, CONCAT_WS (CHAR (, 32), user (), database (), version /* 2. Check the database And 1 = 2 union select 1, SCHEMA_NAME, 3, 4, 5, 6, 7, 8 from information_

========================================================== ========================================================== ========== | # Title: kora Reinstall Admin Information Vulnerability | # Author: indoushka | # Tested on: Lunix français v. (9.4

Most of the time, we have one or more frequently-used folders that will be opened almost every time we start the system. It is much easier to map the folder to a disk at this time, open my computer to open this folder. In fact, Windows provides us

Www.st0p.org I have long seen some holes, and I have been thinking about writing analysis. I have been installing things in UBUNTU recently .. Forget it...Sometimes some friends add me and teach him to find holes... This seems to be a tiring job,

There is a function in mysql5.x for linux that can help us do a lot of things, this function 4. X below does not seem to have been found, and I did not check the function manual. I just wrote something in my own experience. 4. Let's take a look at

The account test/test will be added to the Administrator.  

From hacker blog OK3W is a set of document management systems. The program structure of the entire system is implemented by custom classes. It is very creative o (others _ program) o...The security is still relatively good. The free version 4.7 has

Nginx is a high-performance web server that is widely used. It is often used as a reverse proxy and supports PHP operations. 80sec finds that there is a serious security problem. By default, it may cause the server to incorrectly parse any types of