Cloud Security

server {[...] ## Block SQL injections set $block_sql_injections 0; if ($query_string ~ "union.*select.*\(") { set $block_sql_injections 1; } if ($query_string ~ "union.*all.*select.*") { set $block_sql_injections 1; }

By WinsOn @ Cybersword In the classic stack overflow model, the return address of the function is overwritten to control the program execution flow (EIP register). Generally, the return address is overwritten with 0x7FFA4512, this address is a jmp

Http://kernel-c.maxthon.cn/www/init.php server not resolved can download the database configuration file http://build.maxthon.com/code packaging http://partner.maxthon.com/login.action struts2 vulnerability, found has been intruded (dark clouds have

Environment: CentOS 6.3 minimal i386 Basic component installation: yum -y install wget gcc make pam-devel libpng-devel  1. Install qrencodeOn Linux, a command line tool named QrenCode can easily generate a QR code. The google authenticator command

We all know that even if the security of our servers is solid, attackers can access our servers physically in the IDC, Which is futile. How can we improve the security of the IDC room?   First, data center IDC security If attackers can physically

Common threats at the data link layer include MAC address diffusion, DHCP server spoofing and address depletion, IP Address Spoofing and ARP attacks and spoofing. Next, let's take a look at the relevant principles and defense measures. I,MAC address

I just switched to a new unit. Here I have the opportunity to access many devices that I have never touched before, including many convincing network management devices. during the next period, I will learn the relevant documents and share with you

Change the default message level-record user logon Step 1: Find the user logon event ID: Hostname (config) # show log | include admin Dec 03 2009 17: 32: 35: % ASA-6-605005: Login permitted from 192.168.202.51/3507 to inside: 192.168.2.20/ssh for

Unset all clears all configurations. Restoring factory configuration reset restart will ask if you want to retain the configuration, select no, and finally ask if you are sure to restart, select yesDefault username and password for factory value:

1 There are eight log levels 0 emergencies urgent Alert Emergency Critical Error Warning Notification note Informational 7 debugging 2 Configuration 1) Time Zone Config: clock timezone peking 8 2) Time Config: clock set 10:30:00 21 June 2013 3)

Recently, some colleagues forgot the system password and were eager to use it. Instead, they turned to me to solve the problem for them. Finally, they finally solved the problem. They usually collected some information about the system password, we

Recently, I was suddenly interested in software cracking, mainly to improve software encryption. I have been catching up with a software version recently. I am struggling to find the only one on the Internet, but there are still thirty restrictions.

 Sco OpenserverLower ConfigurationSSHService I haven't played the Sco Unix system for a long time. After the Spring Festival, I debugged the system for a friend of the postal system (installed a remote service) and recalled the installation process

One is to remove the virus program code from the infected file (for example, if a 10 K file is infected with a 2 K Virus and becomes 12 K, restore to a normal file of 10 KB). This is called clearing. 1. Why can't some viruses be cleared (not running)

0x01 Preface Oracle provides PL/SQL developers with a tool to encrypt the code they write (the objects Package, Procedure, Function, and Java Source in oracle. After PL/SQL code is encrypted, it is described as "encapsulated ". Use the wrap tool to

In this article, I use examples to explain the common encryption algorithms of C. I. MD5 Encryption Algorithm I think this is an algorithm that everyone has heard of and may be used more often. So what is the MD5 algorithm? The full name of MD5 is

In the morning, I got up and opened my microblog and saw an article about the Jboss vulnerability. It seems very difficult for me to wait for the cainiao article, so I checked the information at home and abroad, the translation has written this

In fact, this set of things is a lot of injection. Injection 1: http://demo.zoomla.cn/mis/target/page.aspx TxtKey Parameters String selectedValue = this. drType. selectedValue; string text = this. txtKey. text; this. dt = this. bll. sel (string.

Ps: I think it is necessary to record the process of this exploration. If you have a better idea, please remind me...Scenario:Web-Internet, apache, PHPDb-Intranet, mysql, win 6.1x64A get union Select MySQLi is the Root permission. How can this

A function still has two UPDATE injection types. We can change the administrator password in seconds. Of course, you can also insert the Administrator. To avoid some problems, you don't need to use insert to test the two classes involved: public