Cloud Security

Tcp_Wrappers is a software used to analyze TCP/IP packets. Similar IP packet software and iptables are installed in linux by default, as a secure system, Tcp_Wrappers is a software used to analyze TCP/IP packets. Similar IP packet software and

In many cases, anti-virus software can kill our payload. In many cases, we use ENCODE to directly escape the software. However, as more and more people use it, this method is gradually not enough. Some people have said that 0x00 in shellcode is not

Last article address: http://www.bkjia.com/Article/200801/23546.html I wrote an article about vbprogram cracking last time. This time I found that this method is not generic, so I wrote a new article. in fact, these two articles are not specifically

Tool: OllyDBG1.1 Chinese version; LordPEOperating System: WIN2KTarget Program: Armadillo.exe (3.6 Main Program)Recently, researchers have heated up on Armadillo 3.6 detachment, including standard shelling and CopyMemII + Debug shelling. So I am also

Finally, I have a little time to summarize the OD cracking experience. Many heroes believe that OD cannot be used as a universal breakpoint. However, some software attacks require a universal breakpoint, which has never been used in the past, some

Everyone who has learned programming and cracking in the past knows that OCX and dll com are all executable files named "Dynamic Link Library", which can be directly executed like EXE files, although it is an executable file, it is used to expand

The main station does not find a breakthrough station. Find a injection to fall into the main station.Http://club.haohaizi.com/active.php? Act = list & type = 3 & city = 3 & startTime = 3 & endTime = 3 & sort = club_act_count & order1 = 3 & order2 =

Summer vacation is boring, so I studied backdoors. I used to have an idea: After Linux Elevation of Privilege, various backdoors are not concealed, and various firewalls are BT. Can PHP inherit suid permissions as backdoors.After testing, this idea

Reflective & storage type. Detailed Description: reflective xss: It is used only to filter double quotation marks and has no resistance at all. Http://www.goodbaby.com/tips/goodbaby/stepbystep/Step_3.php? ContentKeyID = & TimeKeyID = childbirth

Recently, I encountered an environment with my pants removed: the asp + mssql environment. The website database is separated and I want to take off all the content in the library and try a variety of pants-removing scripts, all of which are a little

SQL injection can be said to be a vulnerability or an attack method. This vulnerability may be caused by improper variable processing or insufficient filtering of user-submitted data, the attack principle is to insert the desired SQL statement into

Target Site: http://www.bkjia.com/admin/index. asp Check in the background: 1. There is an upload 2. Database Operations 3. system settings     I have three methods to use shell. 1. Upload Upload the file path of the captured file directly. You can

A major problem caused by a small xss 1.100e website has a business: One hundred Yi Cheng recruited agents from all districts/counties across the country, it seems to be a bigger look http://100e.com/business/v3/index.html2 Unfortunately, the xss

On the product purchase page, you can modify the price of the purchased product to generate an order. On the product purchase page, place the good_id of the product in the hidden field of input, when you click buy, submit and use this good_id to

Today, a company published "the biggest account hijacking vulnerability on the internet is about to detonate" Weibo. However, it only mentions that it is not a previous oauth vulnerability and has no details, so I had to test it based on the

Autohomeandriod client feedback XSS VulnerabilityEntered the back-end of the home bus feedback, no love for a large group of dataWhat is _ Admin in cookies?1. Download the mobile phone client of android of the car house. I am forced to buy a car and

Bored by a person's body art website, I accidentally found that I had won phpmyadmin, but unfortunately I didn't get the phpmyadmin path... no way to export Shell, but I searched for the EmpireCMS 6.x vulnerability, and I didn't find anything. I got

Webshell has the SYSTEM permission, but cannot successfully Add the administrators user. Therefore, it cannot connect to 3389. The reasons are as follows:I. Killing Software1,360 anti-virus software2. Coffee antivirus software3. Kaspersky Antivirus

A lot of spof are used. Some of the spof systems adopt the following methods: url + = ("userid =" + userId + "× tamp =" + auth. getTimestamp () // The authentication timestamp + "& authid =" + auth. getAuthId (uid + domain); // authentication string

Because it is "submitted", it is submitted. Detailed Description: defect file: http://js.t.sinajs.cn/t4/webim/js/webim.js?v=683ba479e29b6483 Defect code: 1. The following events are triggered when you click an image in the Weibo private letter to