Cloud Security

China Resources Shuanghe roaming from mailbox to Group intranet Account Design ProblemsDetailed description: The problem started with: https://webmail.dcpc.com/owa/ (China Resources Shuanghe Mail System)Outlook mailbox, can be cracked, get more than

Android ARM 32-bit The full name of drop is Return-oriented programming, which is an advanced memory attack technology, it can be used to bypass various universal defenses of modern operating systems (such as memory unexecutable and code signature ).

Analysis of CVE-2015-6974 Vulnerability  0x00: After iOS9.1 was released, pangu previously issued a topic about the vulnerabilities and exploitation methods they used to jailbreak. So I followed in for a little analysis.0x01: The problem lies in

Malware can delete all third-party apps not jailbroken iPhone Malware can delete all third-party apps not jailbroken iPhoneA malicious iOS application can delete any non-system application on the device. Specifically, if A malicious application

Shuanghui OA system becomes a horse farm/all employees leak Plaintext Passwords/has logged on to General Manager OA Recently wooyun about Shuanghui group vulnerabilities, a greater impact that is WooYun-2015-120872, but this vulnerability, the

Shell can threaten the Intranet caused by improper configuration of a System in China Mobile Improper configuration causes shell to threaten the IntranetDetailed description: **. **: 8000/MMSSender What does the appearance look like?Let's go to the

58. A home system has a large number of weak passwords Detailed description: Reference WooYun: Zhiyuan A8-V5 arbitrary User Password Modification VulnerabilityHttp://oa.daojia.58.com//seeyon/getAjaxDataServlet? S = ajaxOrgManager & M =

Quick and efficient cracking of MySQL local and remote passwords Quick MySQL local and remote password cracking! The first thing we need to explain to the database maintenance personnel is that you don't have to worry about it. You don't have to fix

TrueCrypt and CryptSetup) Select a hard disk without a system. 1. Install the Windows system on the hard disk. The installation process is simple. You can directly start the computer on the CD, or install it on PE. 2. After Windows is installed,

How can I set up a 14-digit natural number password without being guessed? Original problem address: http://www.zhihu.com/question/36989779Problem description An APP is displayed with a common calculator. After you enter a specific number, you can

Information Leakage of auspicious aviation big wave personnel (domain password + work system password + new mailbox password) I saw your internal weak password modification email ~ Just a reminder is not mandatory... =. =Detailed description: [Email

Password retrieval vulnerability in the monitoring eye Network Camera (any user password can be reset \ user privacy is involved) Xmeye downloads the first web camera mobile phone viewing software, and the password retrieval vulnerability exists,

SQL Injection for a service in Beijing Hejia Hospital RTDetailed description: HTTP: // life.ufh.com.cn/list5.php? Ch = 50 & a_id = 5A_id InjectionThe permission settings and password strength are both good and fail to be further explored.Proof of

SQL Injection for a website (a large number of Personal Data leaks \ free-of-charge items \ arbitrary item modification) SQL injection can expose a large number of members to submit their personal information and administrative staff to improve

The SQL injection of Shien milk powder on a website involves 1.03 million member information. Milk PowderDetailed description: http://www.scient.com.cn/news/news.php?id=303 Parameter id injection point: Table: member2013[34 columns]+---------------

Leakage of sensitive user information due to design defects of the main website of Kaiser Travel Network I often receive promotions from Caesar tourism...Detailed description: 1. Caesar master site verification code design defects lead to

SQL Injection of an International Hotel Group system (leaked name/ID card/phone/address/internal financial information/position/text message/Contract/employee information/partner Information) It took four days to prove its hazard .. Before running,

51CTO technical website has SQL Injection Vulnerability Detailed description: POST/salary/show. php HTTP/1.1Content-Length: Your content-type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://fellow.51cto.comHost:

An SQL injection vulnerability exists in a management system of Faw. RtDetailed description: Post injection POST/pub_yz.jsp HTTP/1.1Content-Length: 95Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer.

SQL Injection exists in the OA system of a branch of CNPC An OA of CNPC has SQL InjectionDetailed description: POST /Login1.aspx HTTP/1.1Host: **.**.**.**:8080User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0Accept: