Cloud Security

A large number of hikvision video surveillance systems have the openssl vulnerability. A large number of hikvision video monitors have the openssl vulnerability to leak important information (including account and password)Hikvision video

Exploration of CVE2015-0057 vulnerability Sample Construction0x01 analysis As the vulnerability mentioned in the analysis article is caused by xxxEnableWndSBArrows, create a ScrollBar through createjavaswex, call EnableScrollBar, and execute it to

Control Flow protection mechanism of Windows 10   Operating system developers are always keen on improving vulnerability defense technologies. Therefore, Microsoft has enabled a new mechanism by default in Windows 10 and Windows 8.1update3 (released

Check your IPv6 address component to prevent it from being vulnerable. IPv6 "neighboring discovery" (ND) is the core part of the IPv6 protocol stack. It is used for IPv6 address resolution and automatic configuration of IPv6 stateless addresses.

Linux System Security Settings Shell script This script has been widely used in a large media website system and added some security settings that were not previously imagined. Copy it and save it as a Shell file, such as security. sh. upload it to

The shell script automatically backs up the file and sends it to Gmail.1. Install the required Program Yum install-y mutt vixie-cron 2. Set the mutt sending Parameters $ Vim ~ /. Muttrc Write the following content Set envelope_from = yes Set

Solved browser by http://web.sogou.com /? 12141 hijacking Method Browser suddenly http://web.sogou.com /? 12141 the default page is modified because the website navigation is hijacked. The default page is invalid. The solution is as follows:

Delete lpt1.css. asp or com8.index. asp files Generally, files such as lpt1.css. asp or com8.index. asp are webshells created by hackers using the system to Retain file names. In Windows, the following words cannot be used to name files or

Virus Trojan scan: compilation of the pandatv killing toolI. preface if it is a non-infectious virus, after analyzing the behavior, you can start to write a killing tool. Of course, for the object we studied this time, "pandatv burn incense", we did

RSA encryption and decryption functions of ASP Rsa. asp test. asp  

Simple Password saving policy-KeePass Two QQ friends have been stolen this year. What I'm talking about here directly affects me. At present, most of the stolen items are called payment. Generally, I will not make payment if I have no problem with

Attackers can exploit the ElasticSearch vulnerability to obtain webshell permissions of a website. ElasticSearch is usually deployed in many large enterprises. Therefore, further penetration makes sense after obtaining an intranet permission. In the

Mysql insert Delayed InjectionFirst, create a database and a table: create database blog;create table admin(id int primary key auto_increment,email varchar(500));  Write insert. php to facilitate sqlmap execution:  Using mysql monitoring of seay to

Successfully roaming the Sina Intranet with a service borrowed from Sina and repaired it Http: // 221.179.175.72: 4440/This machine opens the RunDeck Service (RunDeck is an open-source tool written in Java/Grails, it helps users automate various

Netease SSRF can detect the Intranet Vulnerability URL: http://note.youdao.com/memory? Url = http://www.wooyun.org (register for login if you need) Where the body is previewed Content as a displayTrack the jump of a webpage  POST

Zhcms v1.0 SQL injection + Arbitrary Code Execution I. background login bypass caused by SQL Injection Check UserAction. class. php to process the Login method in the code. Public function login () {if (! Empty ($ _ POST ['code']) {if ((! Empty ($ _

XSS cross-site scripting vulnerability explanation and Protection What is "xss cross-site scripting "? Baidu encyclopedia says this: Cross-Site Scripting (XSS) is not the abbreviation of Cascading Style Sheet (CSS, therefore, cross-site scripting

Fanke network resets any User Password Fanke, the largest self-service website building platform in China. When I visited the website in my spare time recently, I accidentally found that several websites were self-built on the fanke platform. I

Touniu order insurance price tampering Touniu order, price can be tamperedHttp://www.tuniu.com/who will choose a travel route, then select the corresponding package, submit the order, do not pay. At this time, go to the background to view the

Suning Tesco has multiple super administrator weak passwords in the background of a system (the verification code can be reused) Suning Tesco has multiple super administrator weak passwords in the background of a system (the verification code can be