GNU glibc Denial of Service Vulnerability (CVE-2014-8121) Release date:Updated on: Affected Systems:GNU glibcDescription:Bugtraq id: 73038CVE (CAN) ID: CVE-2014-8121 Glibc is the libc library released by GNU, that is, the c Runtime Library. Glibc
Alictf linux exploit Solution 1. Load modulesSudo insmod moduledmesg can see the hook. It is suggested that the module hijacked the system call, or the system call may be added.Then I wrote a program to traverse the system call, confirmed that no
Local Denial-of-Service for Huawei P7 mobile phones Component exposure, improper Intent Filtering For Huawei P7 telecommunications version 4G mobile phone, firmware version P7-L09V100R001C92B609, EMUI 3.0Malicious apps without any permissions can
Process and conclusion of CVE-2014-4423 Analysis Introduction Some time ago, "steamed rice" published an article on its blog "phishing attack (stealing the App Store password) on a non-jailbreaking iPhone 6 (iOS 8.1.3 )", try to reproduce the entire
How to deal with anti-buffer overflow Technology in Android1. What is ASLR? ASLR (Address space layout randomization) is a security protection technology for buffer overflow. It randomizes linear zone la S such as heap, stack, and shared library ing,
IIS short File Vulnerability repair Recently, the website system has been scanned for a vulnerability: IIS short files/folders.Vulnerability level: medium-risk vulnerability address: All websites Vulnerability Description: IIS short file name
Internet Explorer detects a high-risk vulnerability that steals logon creden Internet Explorer with all patches has been found to have a vulnerability that allows attackers to steal logon creden。 and inject malicious content into browsing sessions.
Advantech EKI-1200 Series Buffer Overflow Vulnerability (CVE-2014-8385) Release date:Updated on: Affected Systems:Advantech EKI-1200 Description:Bugtraq id: 72580CVE (CAN) ID: CVE-2014-8385 EKI-1200 Modbus gateways are bidirectional gateways that
Apache ActiveMQ Apollo XML external entity Injection Vulnerability (CVE-2014-3579) Release date:Updated on: Affected Systems:Apache Group ActiveMQ ApolloDescription:Bugtraq id: 72508CVE (CAN) ID: CVE-2014-3579 Apache ActiveMQ Apollo is a simple,
Mobile phone Control for Intranet penetration I have been studying the methods from wifi cracking to pc and mobile phone Control recently. I want to share with you how to download and replace apk on a mobile phone! (1) Environment:Target machine: 192
One-click rsync server shell script configuration in CentOS 1. Save the following code as a file and upload it to the server named rsync. sh. #! /Bin/bash # Rsync Written by zhumaohai # For more information please visit http://www.centos.bz
Modify SSH port for CentOS VM instance security and disable ROOT login In fact, Linux is safe, but if the password is not complex enough, if the lower case + number is 12 digits in total, your SSH uses the default port, A powerful hacker can crack
Analysis of HTTP-channel worm attacks occupied by BT downloadsFault description A recent customer reported that their network was slow, the webpage was slow, and sometimes emails could not be sent and received normally. They want to know why the
BCTF 2015 WEB Question clearance strategy (Writeup) About bctf: BCTF is a network security challenge held by the Blue Lotus team. It was only available in China last year and will be open to the whole world from this year. We welcome our partners
How to apply the authentication module and. htaccess file to ensure Web Security To restrict access to a webpage, you can use the Authentication Modules and methods provided by Apache and a third party to verify the user's creden (such as the user
YOHO! In-stock CSRF, You Can batch Delete others' shopping cart content and modify the shipping address. YOHO! It's nice to have the goods, but it's a pity that the year-end prize will not be issued in March.Here, a csrf is submitted to delete items
Optimistic about your website-common WEB security terms-CSRF attacks1. A brief description of CSRF (Cross-site request forgery, also known as "one click attack" or session riding, usually abbreviated as CSRF or XSRF, is a type of malicious use of
MetInfo does not need to log on to the front-end to directly GETSHELL MetInfo does not need to log on to the front-end GETSHELLMetinfo is still doing a good job, but a small negligence, excessive authority leads to a large Vulnerability The Code is
Cmseasy full-site user cookie enumeration counterfeit Login This problem is tricky because of the openid. We have analyzed a case before:Cmseasy logical defects can be upgraded common users as administrators (shell will be difficult):
How to obtain the real name of Weibo without the knowledge of others (batch retrieval is supported) In fact, I also mentioned this problem on Weibo, but I was told that the willful product manager thought it was a business feature. Is it really
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
