Cloud Security

1. Overview Linux: RedHat Linux AS 2.1 For an open operating system-Linux, system security settings include minimizing system services, restricting remote access, hiding important information, fixing security vulnerabilities, using security tools,

The ghost browser was reported. This is the hd version, but there is still a problem. Just give poc  The hd browser directly accesses the above poc page and generates an aoyou file under the sdcard directory. Solution:You should have

By ashimida @ Cybersword I,Introduction to Adobe X sandbox Since the introduction of the sandbox, Adobe Reader X has made it much more difficult to attack it. The Sandbox of Reader X is based on Google's Chrome sandbox, and Chrome is open source.

I always stubbornly think that the webpage link is dragging a. php file, which is annoying and I am trying to find a way to remove it. Although I have an introduction to WordPress, Discuz, and other systems on the internet, I am not very good at

Note:Users who often play with Linux systems know more or less about system parameter optimization and how to enhance system security. Some of the default system parameters are conservative, therefore, we can adjust system parameters to increase the

Using Elevation of Privilege exp to escalate permissions to the system to execute the reg file to implement shift Elevation of Privilege. This has nothing to do with safedog. But since safedog has intercepted the five-shift pop-up and pasted keys,

Begin:Recently, many small and medium-sized enterprises and even large enterprises have suffered many APT attacks, resulting in leakage of confidential data or access to server permissions by hackers. We need to put this shameless business

Because Momo's message board location data is cached in the user's sqlite file, as long as the user refreshes the message board of a nearby user and loads the recipient's message board content, then the GSP longitude and latitude data of the message

It is reported that the monitoring Domain Name System (DNS) data can determine whether the network is attacked. Is this true? What tools do you recommend for enterprise DNS monitoring? Brad Casey: in fact, monitoring DNS data is the best way to

Anti-Virus Software relies too much on WFP in active defense, and leaks the files of the system. As a result, malicious programs may execute arbitrary operations by infecting the system dll with active defense. DllHijack POC code: BOOL

As the Android Market expands, various types of piracy, cracking, and packaging parties are emerging. The method used is nothing more than apk _> smali-> code modification-> re-packaging signature, to combat this technology, the majority of

Recently, I have been involved in the design of the password security function in a product. One of the features involves the password strength. In the process of designing this function, it is necessary to involve the division and design of the

The problem is still on the app side. The system interface does not limit the number of verification errors, but the interface cannot handle packages with more threads, however, it is sufficient to use one thread to crack the 4-digit pure-digit

A function still has two UPDATE injection types. We can change the administrator password in seconds. Of course, you can also insert the Administrator. To avoid some problems, you don't need to use insert to test the two classes involved: public

# Http://weibo.com/u/3022690473welcome to my microblog! # In fact this problem is caused by a remote command execution of the internal network penetration # Problem in the market cooperation manufacturers of the machine front Management Background: #

Getshell in the background, which is omitted in the/datacache/command. php file $ CONFIG = Array (// ICP filing 'icpbeian '=> '', // The website status is _ close' => 0, // administrator Email 'admine _ mail' => '11 @ qq.com ', // website URL

Directly write a sentence to getshell. All tests are performed locally. I am determined to be a good boy ~! Read the Code with painstaking efforts. The StartBBS interface is refreshing and small. Download and install. After installation, an install

Directory 1. Role of SAML2. SAML frameworkI. background knowledge: SAML is the Security Assertion Markup Language. It is an XML-based standard for exchanging authentication and authorization data between different security domains. The SAML standard

PS: This article analyzes the technical architecture of large websites and core principles and cases (by Li smart paper) book Reading Notes // ============================================== ========================================================== =

Password Reset is the cause of some common vulnerabilities. For example, the user name enumeration Vulnerability (the user name in the database does not exist and the Password error shows different error information), sensitive information is