Cloud Security

Privilege Escalation using the Use-After-Free (UAF) vulnerability in the Linux Kernel Last month, the CVE-2016-0728 Local Elevation of Privilege Vulnerability let everyone's eyes again focused on Linux kernel security. Like CVE-2015-3636, CVE-2015-73

Explanation of the Linux kernel drop position (1) Return-oriented programming is a new type of attacks based on code reuse technology. Attackers can extract command fragments from existing libraries or executable files and construct malicious code.  

JasPer jpc_pi_nextcprolactin Denial of Service Vulnerability (CVE-2016-1867)JasPer jpc_pi_nextcprolactin Denial of Service Vulnerability (CVE-2016-1867) Release date:Updated on:Affected Systems: University of Victoria JasPer 1.900.1 Description:

Does the Internet Access System prohibit external computers from accessing the company's Intranet or external devices from accessing the lan?To protect network security, we sometimes need to prohibit external computers from accessing the Intranet,

Trojan "theft" Baidu signature tampering home page and favorites Recently, the 360 anti-virus team received user feedback, saying that the home page was inexplicably modified, and many additional favorite sites were inexplicably added to the

How to save your password in the correct postureSummary In the past few years, many websites have been deprecated, leading to the leakage of plain text passwords of many users. This article does not discuss the pants removal technology, but focuses

How to retrieve the encryption program password Recently, a friend told me that he forgot the password of the encryption program. There is a lot of important information in it. I hope I can help him retrieve the password. I thought I just clicked

PHP function create_function () code injection Part 1: Describes the php function create_function ():String create_function (string $ args, string $ code) string $ args variable part string $ code method code section example: create_function ('$

A time-blind injection vulnerability in a tobacco app Rt   This wonderful appTobacco ECOM login site Injection  python sqlmap.py -u "http://sjdy.inspur.com/app/servlet/validate" --data "userid=admin&pwd=034232d0d08907880acefc5efc0408eb&mobile=188888

Common security problems in verification code design CAPTCHA is short for verification code: Completely Automated Public Turing test to tell Computers and Humans Apart A completely automated human-machine-differentiated Turing test ". The time

A system vulnerability of Air China causes Getshell to affect host security. Getshell caused by a system vulnerability of Air China in aviation security (Nmap can detect Intranet impacts on a large number of hosts)A small vulnerability that causes a

SQL Injection on a Nokia sub-site involves 1620 tables and 0.4 million data. A batch vulnerability scanner is built ~~ Initial scanReally Useful ~The specific data is not run, that is, the table name.Competition, high score Injection point:  python

An SQL injection vulnerability exists in a sub-station of fangxun. An injection of the room Information Network The problem lies in the sales parameter.GET/esf_personalSellin.do? Index = 4 & sales = 3.0 * HTTP/1.1Host: 0757.home77.comUser-Agent:

Second Quarter of Ukrainian power grid attack A wave of ups and downs. The Ukrainian power grid was interrupted due to a Trojan attack on December 23, 2015. This was the first time that a malicious software attack caused national infrastructure

A third-party website causes cookie leakage of an Official Administrator of wooyun Strange posture, Please Ray. Today, I finally configured Daniel @ Matt's GourdScan.So I came up with a question:Http://www.gufensoso.com/search? Q = intitle % 3A % 22

An SQL injection vulnerability exists in a site of xiaguo Network (involving 32 databases) An SQL injection vulnerability exists in a site of xiaguo network. Http://m2.xianguo.com/homeindex/list? Cid = 1 & tagid = 100_33 injection point: cidsqlmap

From redis weak password to mavericks core database The calf is good and can run after charging.Unfortunately, I did not have such a good car. I had to look at the official website of the Mavericks to stop my thirst. In this process, I found some

Popularization and Application of Zoomeye penetration Network Camera Network CAMERAS (ip cameras) are becoming more and more popular in daily life. License plate numbers are captured at intersections, and kindergartens are used to monitor children

Domain penetration-Security Support Provider 0x00 Preface In the previous article, I introduced some penetration methods and techniques in the domain environment, so this time I will introduce a method used to maintain domain control

Mitm attack-Cookie Eruption0x00 Preface Share the man-in-the-middle attack posture and try again and again. It was originally an old article, but it was too long-winded. I will repeat it in concise words today.0x01 Principle Traditional cookie