Cloud Security

Brief description: union is supported. Several accounts and passwords edited by Sina can be obtained through this injection. The password is encrypted by md5.Details: although most of the edited passwords have been changed, a small part can be

Author: Tueur Today, I saw someone on the Tusi saying that the kitchen knife has a backdoor. I just analyzed the one-sentence communication of the kitchen knife some time ago and used this to make an article ugly. Note: The tool uses post to

# Exploit Title: XpressEngine version 1.4.5.7 Persistent XSS Vulnerability # Author: v0nSch3lling # Software Link: http://www.xpressengine.com # Version: 1.4.5.7 # Tested on: Microsoft Windows XP SP2   # Case 1. Memeber Management (Delete

From: Pesticide blog In practice, you can use udf in webshell. dll elevation, use the function's file upload function to upload files to the startup directory, and then use the shut function to restart the system. (I have not succeeded yet. I have

Title: WordPress File Groups plugin Time: 2011-08-17Author: Miroslav Stampar (miroslav. stampar (at) gmail.com @ stamparm): Http://downloads.wordpress.org/plugin/file-groups.1.1.2.zipTested version: 1.1.2 ---Test

If you do not know how to perform XSS attacks, this article may not help you. This article focuses on the readers who have some knowledge about basic XSS attacks and want to have a deeper understanding of the details about bypassing filtering. This

This article is generally technical and mainly intended to bring you some ideas through the process. : P Detect a website, build with Microsoft-IIS/5.0 and Asp + Access, and search for an SQL injection point http://www.test.com/detail.asp via Google?

Vulnerability plug-in name and version: 1. wp-super-cache versions earlier than 1.3 2. w3-total-cache 0.9.2.9 or earlier versions of these two plug-ins have been fixed officially ..... the vulnerability principle is that when the cache plug-in

Csrf exists in the email address modified by Phoenix. After the email address is changed, will the Account be under control? However, the mailbox is special and must be unique. Therefore, we can use js to randomly extract one from the array.In

1. register an account and bind it to a mobile phone. 2. Exit the registered account and use the password retrieval function. 3. Normally, enter the account at registration. The registered mobile phone will receive the verification code, enter the

The method for obtaining data in an application is jsonp, and callback can be obtained naturally.The mobile phone client of Xiaomi mall is actually a built-in browser loaded m.xiaomi.com, and the user's address, order and other data exist in

After I got the image and uploaded it to the server, I didn't stop. Because there are many hosts in this IP segment, I will continue to scan hosts in the same IP segment...   Found a grand customer service application background: http://service. OS .

[Theoretical explanation]00 × 00What isXSSAttack?00 × 01MisunderstandingsMisunderstanding 1: XSS is not a special "Bypass" restriction.For a simple example, a door that has been guarded by layers, countless thorns in front of itAnd how did you go in

1) the problematic feature can be found at: lady.weibo.com comments; 2) click Publish and capture the package to get the following data; POST/cmnt/submit HTTP/1.1 Host: comment5.news.sina.com. cnUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv: 20.0)

I have studied waf at home and abroad. Share some amazing tricks. Some skills that everyone knows are as follows :/*! */, SELECT [0x09, 0x0A-0x0D, 0x20, 0xA0] xx FROM does not recreate the wheel. MysqlTips1: Magic '(the controller of the output

Dedecms has many vulnerabilities, but the vendor does not fix them.In the previous double injection vulnerability, the title was able to be xss, but the official website only fixed the injection vulnerability. The xss did not fix the vulnerability,

Today I saw an article signed by SysShell this vulnerability (http://www.bkjia.com/Article/201306/217870.html), the pen is very concise, gave a test URL, I did not write the original article for a long time, I have been writing a source code audit

When I retrieved the password, I sent a text message verification code to my mobile phone and intercepted it with POST. I found that the account, mobile phone verification code, password, and payment password were displayed directly. BelowClick get

Recently, I sawExploitation of an injection vulnerability in the latest dedecms versionThe vulnerability PoC and analysis articles are also published on the Internet. However, during my actual testing, I found that the vulnerability cannot be

Modify the token not verified in the email address. You can modify the user's email address through a specially crafted form. Because the mailbox needs to be unique, you can use an array to randomly select the mailbox. POC:  Before: