Cloud Security

Improper handling of the SMS sending interface will be exploited into the SMS bombing ToolDing !... "Notification Information: Verification Code (8694), used for verification (valid within 15 minutes )......"I believe that you are familiar with such

Researchers found vulnerabilities in OpenSSL random number generator The researchers reported that multiple vulnerabilities of the OpenSSL random number generator were discovered. OpenSSL open-source encryption library is widely used by Internet

MIT Kerberos 5 kadmind Denial of Service Vulnerability (CVE-2015-8630)MIT Kerberos 5 kadmind Denial of Service Vulnerability (CVE-2015-8630) Release date:Updated on:Affected Systems: MIT Kerberos 5 MIT Kerberos 5 MIT Kerberos 5 MIT Kerberos 5 MIT

Analysis of QQ simulated login implementation 0x00 Overview It was originally issued together with the previous article. Later, it was put on hold. I'm glad to have been involved in the discussion and discussion. (B) slot (4). In fact, I don't have

Security Warning: A Critical system vulnerability that affects 0.13 billion Apple users Recently, security researchers have published a tweet about vulnerabilities on Apple devices and program code related to these vulnerabilities.Unsatisfactory

Security Basics-Analysis of encryption and decryption, signatures, and certificates Although I am not doing information security, I am surrounded by various information security things. You can copy the public key to github to implement

How to encrypt Windows partitions using TrueCrypt How to Use TrueCrypt to encrypt Windows System partitions (Last Update: 09:24:23) 0. Download from the correct locationThis step is wrong, and nothing is used. 1. First, determine whether the hard

Getshell of a certain system (a successful Intranet roaming \ successful getshell of a System) First, a cookie SQL InjectionC: \ Python27 \ sqlmap> sqlmap. py-u "http: // 218.5.173.228: 90/Client/CmxAbout. php "-- cookie" RAS_UserInfo_UserName =

263 a command execution vulnerability exists in a website of cloud communication. getshell (some user information is leaked) Rt Http: // 211.150.66.21/user. action 263 cloud Communication Management Platform  Jdwp command execution vulnerability in

Implementation and Prediction Techniques of the rand function in the glibc Library     Thanks to 0CTF, I held a very deep CTF competition at Jiaotong University. This competition has a web question. The question is very simple and is roughly as

Getshell can be used on the official website of UUCall. (root permission + main site + client shell + large amount of sensitive information leakage) Can I use the previous homepage? Target: http ://**.**.**.**/Start with the next station, http: // **

A certain design defect in zhenkung fu can be used to order any take-out with one cent of money (the order is verified before the order is generated in the background) Generating orders does not validate front-end data Go to the official website,

Can I send a "red envelope" to control others' QQ accounts? (Demonstration using QQ mail/xss not required) How do I send a "red packet" to control others' QQ messages (using QQ mail as a demonstration/xss is not

Solutions to XSS attacks In my previous article "XSS attacks of front-end security", I did not provide a complete solution to XSS attacks, and XSS attacks were so varied, are there any tricks that can be used to compete? After all, developers cannot

BYD remote command execution can roam 44 hosts in the Intranet High rank 219.134.188.42  A byd siteJAVA deserialization command execution vulnerability exists!  The host name can also be seen as byd.Ipconfig  Intranet IP address, which can

Ruff. io is not properly configured. (Nan Chao: Li Ge's embedded smart hardware development company) NanchaoCompany ProfileWe are an Internet company dedicated to simplifying smart hardware development. We welcome people who are willing to learn and

The full-network user password of Apsara stack can be reset. The full-network user password of Apsara stack can be reset.Simple It is not a brute-force SMS verification code, but a logic reset vulnerability.1. First, go to the forgot password  2

An incorrect location in laiyi (involving 561858 orders containing detailed user information) On such a cold day, there are still mosquitoes. In the morning, my brother got up and squatted, and mosquitoes were biting Chrysanthemums! It's so cool to

Browser DoS Attack and Defense Analysis of 12 lines of code There is a 12-line JavaScript code that can crash firefox, chrome, and safari browsers, as well as restart the iphone and crash android, the author of this article analyzes and interprets

Attacks and defense against abuse of permissions in the IOT age In addition to debugging on the android real machine, the permission Abuse Vulnerability has many other scenarios. It is particularly widely used in the IOT field. For example: A smart