Cloud Security

See previous article: http://www.bkjia.com/Article/200809/29750.html Repost this informationBy goomoo 2008.9.25Http://gzkb.goomoo.cn Currently, many anti-injection programs shield and, 1 = 1, 1 = 2, such keywords. Using such a method sometimes

Cosine Function Some XSS are not easy to use. For example, some background XSS vulnerabilities cannot be exploited by others. How can they be exploited? What else can I do with this XSS vulnerability in the background of others? In fact, a

One night later at the beginning of IRC, an old man said that he could help him see the security of his new main page. Then, he gave his URL abc.tar get.net. I think it's quite familiar to me, In target.net. I know the CEO, manager of the personnel

Author: jianxin [80sec]EMail: jianxin # 80sec.comSite: http://www.80sec.comDate: 2008-12-24From: http://www.80sec.com/release/session-hijacking.txt [Directory] 0 × 00 Application Authentication design background0 × 01 conventional attack ideas and

It should be an injection of idea. When reposted, It is a pig. You can understand it. I. Principle AnalysisLet's take a look at the structure of the system database information_schema added by mysql5, which is used to store the database system

There may be many people who don't feel the hope of elevation of permission when wscript. shell is disabled. Will give up.Generally, when you upload the cmd.exe file, you cannot run the command. An error occurs during running.If you want to run the

Generally, it is to write an ASP or PHP backdoor. It is not only troublesome, but also the directory of the website should be guessed. If the other party does not open IIS, can we not help it ??Later, I thought about a method that was successful on

Author: emptiness [IT168] All the technologies used in the entire game level are relatively basic. As long as you have your own ideas and understand basic hacker technology, it is easy to pass through the competition by taking some time. The overall

Author:Sai52 [B. H.S. T] Preface I mentioned in the article "Several Methods and Applications for reading files under mysql" that theoretically export executable binary files to startup items in mysql injection, the principles and examples are

Because the author is lazy and does not provide the log clearing function, logs will be left:I. How many methods does su7 escalate privilege?There are two ways to kill su7.1> log on to the Administrator console page==> Get OrganizationId, used to

Yesterday I saw a vulnerability that could be injected into the woredpress plug-in. I tried a few tricks and couldn't unlock the password, or I couldn't execute load_file with insufficient permissions, so I couldn't crack the path, give up, but

Source:A non-Alibaba Cloud Region After the previous wave of Mikeyy crawling attacks, it took less than a day to flatten the system. The fourth generation of Mikeyy crawling appeared on twitter last night. After the announcement on twitter official

Affected Versions: 3.0Source: www.0kee.comAuthor: binkVulnerability file: action. asp Very SB hole.14th rowsCopy codestrcname = request ("cname ")Set checkcdb1_conn.exe cute ("select * from blog_Content where log_cname =" "& strcname &"""") This

Affected Versions:Geeklog Vulnerability description: Geeklog is a free and open source Web application. It allows users to create a virtual community, manage users, and post articles. Geeklog is implemented using PHP and uses MySQL as the background

Affected Versions:PHP 5.2.9Vulnerability description: PHP is a widely used scripting language. It is especially suitable for Web development and can be embedded into HTML. PHP supports the libcurl library. You can use various protocols to connect to

Xss in browser-headers Remote Storage If the concept of security is pushed to the extreme, the output of all functions is harmful. Of course, extreme things won't exist for a long time, so we need to balance them. Although Xss in browser-headers is

Author: UpFonTReference address: http://upfont.blogbus.com/logs/37867077.html One hour ago, Gh0u1 sent a link saying that it was a msn website and thought there were any new technical articles to share. It would be wrong if we entered it ~ We can

BY Flyh4t Http://bbs.wolvez.org A lot of data was lost when the hard disk crashed last time. A brother's birthday today Hollowing out my memories and recalling a very old Vulnerability // Inc/mod_tag.php ------------------------If (! Defined

I have summarized the concept of flying clouds. I could have used this question to write a paper, but it was put on hold out of inertia.If you want to install bi in English, you can write as follows:The requirement itself has no fault, the problem

// Add a symbolic copyright. For more information, see b0r3ds blog.Http://www.b0r3d.org// I threw the article to the Black Hand last month. Since the article was not published, I sent it. After all, the original content of the article is too small