Cloud Security

A server intrusion experience In the morning, I received a bunch of alert emails from nagios, all of which were critical. The disk space of a machine was insufficient. I checked the disk space and found-12 a.m. (the server is located in the United

Attack Script For MS15-034 Powershell Early on Thursday, I was refreshed by Microsoft's latest ms15-034 vulnerability announcement. Ms15-034 vulnerability occurs in http. sys File. this file is an important component of iis. Its functions and

Note app any user data modification In the past two days, I have heard of tens of millions of users who are familiar with all kinds of pictures and movies in the app, and then I downloaded them. The problem lies in modifying personal data.  Modify

Ao you Browser Remote Code Execution Vulnerability/Cookie Stealing Remote Code Execution (chicken ribs) can be caused by a poor function design) We found that javascript: pseudo protocol can be directly added to the Ao you browser's favorites

An APP with excessive permissions can modify the nickname of any user You can simply look at the popular APP fotoplace and find that there is an excessive permission.   The problem occurs when you modify the profile of any user.  POST

HP Capture and Route Software information leakage (CVE-2015-2115)HP Capture and Route Software information leakage (CVE-2015-2115) Release date:Updated on:Affected Systems: HP Capture and Route Software HP Capture and Route Software HP Capture and

TCP connection EstablishmentIn order to establish a TCP connection, the computer needs to do the following for us: 1. the requester (usually called the customer) sends a SYN segment to indicate the server port to which the customer intends to

Shell script programming (quick sorting)[Cpp] view plaincopy #! /Bin/bash # Implementation of fast sorting in shell script programming (using the rightmost element as the element) A = (851032934123409618629) # A = (00001233448283049592143716)

Shell scripts solve Nic conflicts after cloning vmware After cloning vmware, there is a problem of NIC conflicts. Each time multiple lab virtual machines are created, they are repeated. Therefore, the following script can be used to quickly set up

Configure a host-based Intrusion Detection System for CentOS One of the first security measures that any system administrator wants to deploy on its production server is the file tampering detection mechanism. Criminals tamper with not only the file

In Linux, how does one-time password Ensure SSH login security? (1) Security is a process rather than a product. Although the SSH protocol is designed with a password, it is very secure, but if it is not properly managed: whether it is a weak

Quantum encryption of light speed operation Imagine the following three scenarios: Hospitals send MRI results directly to your mobile phone without worrying about your personal health data leakage; learn that your financial information is safe to

Ipv6: multicast listening and Discovery Protocol (MLD) The multicast listening Discovery Protocol is only available in ipv6. Its principle is that when the source host sends a copy of data to a multicast address, all members who join the multicast

Cmseasy latest injection + 360webscan bypass Analysis There have been no good articles recently, and only a few holes have been dug. Generally, you cannot issue an article when digging holes, because the holes you submit cannot be disclosed before

How can I use xss to access the codoon network data background? 0x00 insert xss codoon android client motion circle dynamic comments can enter xss, in order to get the background url, I commented on the dynamic codoon xiaobian Not bad0x01 does not

You can reset the password of any user if you are not properly designed. First, I applied for an account to test the product. But what I never expected was that the design of the website was full of loopholes. Let's talk about the problem from an

Ufida nc Integrated Office System foreground SQL Injection Vulnerability Ufida nc Integrated Office System logon Interface SQL injection vulnerability, which can affect databases of multiple office systems (such as HR Resource Management System and

A service of Pipi network is improperly configured (as a result, the client can be replaced to update files and implant backdoors) A service of Pipi network is improperly configured (as a result, the client can be replaced to update files and

The latest XSS vulnerability affects multiple WordPress plug-insDue to misuse of the add_query_arg () and remove_query_arg () functions, multiple WordPress plug-ins are vulnerable to cross-site scripting (XSS) intrusion. In WordPress, developers

U-Mail system second injection (no problem, you can directly obtain the administrator password) U-Mail don't cry. In addition, the wooyun-2010-093049 update does not need to log on and can be batch getshell exp, casually tested, batch easily get