Cloud Security

Linux MIPS execve #include /*Sanguine@debian-mipsel:~/leaveret# cat > MIPS_36b_sc.s.section .text.globl __start.set noreorder__start:slti $a2, $zero, -1 #set a1 to zerop:bltzal $a2, p #not branch always and save raslti $a1, $zero, -1 #

Security risks of allowBackup in Android attributes1. allowBackup Security Risk Description Android API Level 8 and later Android systems provide the backup and recovery functions for application data. The switch of this function is determined by

Quanyou home Terminal Management System Remote Command Execution   Logon addressHttp://tcm.iquanyou.com.cn/tcm/userLogin.actionVulnerability exists, but the system will jump automaticallyHttp://tcm.iquanyou.com.cn/tcm/frameLogin.jspSo upload a file

Rising posture! How to crack the graphic lock of Android phones The graphic lock of the Android phone is a 3 × 3 dot matrix. The number of connections in order reaches the lock/unlock function. At least four points must be connected, and up to nine

Enable Nginx tls sni to support multiple SSL certificates under the same IP address A few days ago, I told my blog to deploy an SSL certificate to improve the performance. Later, I applied for an additional SSL Certificate for my project and

Eight security settings for Apache Web Server Security in CentOS Apache server is an open-source WEB Server supported by the Apache Software Foundation, a non-profit organization. Many of our virtual hosts and VPS use the Apache server architecture

One-click pptp vpn installation script under centos 6.x A very practical script. All previously shared scripts are invalid... This script is useful in centos6.x. 1. Download the one-click installation package for vpn (dedicated to CentOS6)Wget http:/

Mining and Analysis of JiaThis Flash XSS According to WeChat Weibo, the website www.jiathis.com has an XSS vulnerability, which can cause vulnerabilities on any website that uses JiaThis. With this clue, we will start to analyze the XSS principles

False or false: Use the Instagram API to create malicious sharing links Security researchers recently discovered a malicious sharing link using the Instagram API, which is easily believed and downloaded by users because it points to the Instagram

Internet influence: protection from the attacker's perspective (1) 0 × 01. Preface I am a cainiao security engineer. I had the honor to have participated in two security competitions, and some people had some personal experience, so I had this

XSS Attack and Defense in Web SecurityCross Site Scripting (XSS) is the most common vulnerability in web applications. An attacker embeds a client script (such as javascript) in a webpage. When a user browses the webpage, the script is executed in

Two snmp penetration scripts About snmp Snmp is called Simple Network Management Protocol. Many Network devices, such as switches, routers, and firewalls, enable this Protocol. The default port is 161. The risk is the snmp communication string

WebView File same-origin Policy Bypass Vulnerability Analysis1. WebView File field same-origin Policy Bypass Vulnerability description In May October 2013, a file domain same-origin policy bypass vulnerability exists in FireFox Android, which may

True or false: Technical Analysis of WordPress black hat SEO plug-in (1) In Wordpress, malicious programs are usually hidden in Plug-ins or themes. They have different forms. Some send spam, some implant invisible links ...... However, the

Haikang life main site SQL Injection Vulnerability Haikang life main site SQL Injection Vulnerability POST /photography/look.jsp HTTP/1.1Content-Length: 23Content-Type: application/x-www-form-urlencodedReferer:

Introduction to padding attacks and attack analysisPrinciples Fill Attack: A fill attack refers to a network attack that intentionally fills in useless data in the data packet content to consume network bandwidth and system resources.It is worth

ElasticSearch Remote Code Execution Vulnerability Analysis (CVE-2015-1427) & advanced exploitation0x00 vulnerability Overview Combined with the previous article "ElasticSearch Groovy script Remote Code Execution Vulnerability Analysis (CVE-2015-1427

An UCweb interface can easily Crack user accounts. An UCweb interface can easily Crack user accounts.Brute-force cracking interface:   Http://haoma.uc.cn/unfreeze/checkAccount The nickname status query function allows you to use a combination of

Suning Tesco an SSL interface can use the security trust relationship to successfully hit the database (you can indirectly log on to the entire site system) Suning Tesco an SSL interface can use the security trust relationship to successfully hit

How can I enable Zhou Hongyi/to pay attention to my weibo posts (including fixes) In fact, it's not just about paying attention to it. It can do a lot of things to get the source and access_token authorized by Weibo users. Related api documentation: