Cloud Security

Technology sharing-getting started with WIFI phishingIntroduction This experiment first sets up a test environment, then creates a false Wireless Access Point, connects the network to a false access point, and forces the user to connect to a false

Ruby Framework used for penetration testing WordPress: WordPress Exploit Framework Parsing This Ruby framework contains some modules that can penetration test WordPress websites and systems. Users can also develop their own modules to expand their

Gajim Information Leakage Vulnerability (CVE-2015-8688)Gajim Information Leakage Vulnerability (CVE-2015-8688) Release date:Updated on:Affected Systems: Gajim Description: CVE (CAN) ID: CVE-2015-8688Gajim is a Jabber Client written in

PhpMyAdmin man-in-the-middle attack Vulnerability (CVE-2016-2562)PhpMyAdmin man-in-the-middle attack Vulnerability (CVE-2016-2562) Release date:Updated on:Affected Systems: PhpMyAdmin Description: CVE (CAN) ID: CVE-2016-2562Phpmyadmin is an

How to find specific strings in a malicious sample   It is useful to search for specific strings in a malicious sample. For example, you may find malicious samples with similar code for different targets. This article will describe this point in

Hacking Team's Technical Analysis on Mac malware code Last week, security personnel Patrick Wardle published an article about HackingTeam's new backdoor and virus implants. It also indicates that the Hacking Team becomes active again, bringing new

Analysis of developers' basic knowledge about hash and cracking methods A hash password refers to a messy string formed by one-time encryption of the password. This encryption process is considered irreversible, that is, the original password cannot

The qianyuan electronic safe deposit box was opened in this way (the security of the electronic safe deposit box)  With the popularization of electronic safes, more and more people have begun to pay attention to the security of electronic safes.

If the account system of a system in AVIC certificate is inappropriate, you can access the Intranet (you need to change the password) If the account system of a system in AVIC certificate is inappropriate, you can access the Intranet (OA

HurryTop Logistics System (leakage of millions of orders/detailed item information and trends/large amount of personal and order Sensitive Information) Company ProfileAs one of the leading third-party Logistics enterprises in China, HurryTop

A sensitive system in Futian has a high-risk Oracle Injection Vulnerability (DBA permission) This vulnerability is absolutely critical to sensitive systems and oracle SQL injection.20 rankGo to the homepage Vulnerability address: http://fs.foton.com.

Authentication mechanism must be added for full-site source code leakage in the Shui Mu community (indirect secondary code audit is allowed) Full-site source code leakage in the Shui Mu community (indirect secondary code audit can expand the

KACO Power Inverter System XP100U Based on dog Wang Embedded analysis 0x00 Preface First of all, I would like to thank Bing Ge for his guidance and encouragement. currently, smart Iot devices are booming. Many merchants and developers only provide

Bilibili any user name can be registered repeatedly \ has already registered webmaster bishi as the user name (this vulnerability can cause B station registration system Denial of Service) For example, this problem was not found at the first

Improper configuration of a certain area of huiping network leads to leakage of all hotel account and password (involving nearly hotels in China) This directly results in the disclosure of all the hotel account and password, involving the disclosure

A site in HC has the SQL injection vulnerability involving more than 20 thousand pieces of user data. HC household electronics City has the SQL injection vulnerability, involving 27033 pieces of user dataVulnerability URL:

Getshell (involving vehicle insurance information) is caused by a weak password in weblogic backend at Port 8001 of a Bank of China Insurance auto insurance system) Rt **. **: 8001/Bank of China Insurance same-segment auto insurance system**.**.**.**

A health system in Liaoning Province has command execution (involving a massive amount of personal details/obtaining data in a difficult environment)   **. **. **. **/Nhis/index. the jsp has command execution. Let's talk about the data. The million

Analysis of 10 engineering hacking techniques that surprise you Kevin, the world's first hacker? In the art of deception, Mitnick mentioned that human factors are the weakness of security. Many companies invest heavily in information security, but

Getshell + Privilege Escalation Analysis Today's military training, and then I had time to watch the station for a while at night. As a result, my buddy asked me to stay with him for a day. In fact, I spent the whole process with my girlfriend and