Cloud Security

Will the open source movement come to an end? -- Talk about how to treat OpenSSL heartbleed The open-source movement is gradually accepted with the birth and widespread use of Linux operating systems. IT is a major change for the software and IT

Focus on mobile application security and get out of the "code obfuscation" misunderstanding For a long time, to prevent mobile apps from being decompiled and cracked, most mobile developers choose code obfuscation technology to defend against

Sogou browser extension can cause Remote Denial of Service Sogou browser extension can cause remote denial of service. Version: 5.2.5.15900 This is a little prank. The advantage is to search for the extension idea API of the dog browser, which can

Configure campus network with KaliLinux Note: This article only applies to the KaliLinux system. You can test other systems.Recently, the KaliLinux system has released a new version 1.1,After installing the system, you must configure the campus

Grub Password and user permissions for CentOS System Security 1. Add the grub Password in linux . Use the grub-md5-crypt command to generate the encrypted MD5 code Grub-md5-crypt>/boot/grub. conf Enter the password twice in the blank space and

CentOS7LVM logical volume partition automatic resizing Shell scriptApplication scenarios and known problems: Applicable to CentOS6 or CentOS7 (may be applicable to earlier versions such as CentOS4 or 5) The root file system (Extended File System)

Install Fail2ban in CentOS to prevent brute-force FTP/SSH cracking If we do not need VPS for a variety of demanding purposes, we should try to avoid using VPS for website construction, because in many cases, we will be subject to various active and

Use iptables to automatically seal IP scripts in CentOS This script is used to analyze and count the secure log file. You can use iptables to block IP addresses with many ssh logon errors. #! /Bin/bash# Created by haiyunNum = 10 # Upper

CentOS Server Security Configuration Among the many servers, the CentOS Server is a leader. With its own advantages, the CentOS server has won the support of many netizens. So how can we ensure the security of the CentOS server? Next, we will

ASP & PHP one-sentence Trojan password cracking scriptThe password cracking script for ASP & PHP single-statement Trojan is very pornographic and violent. #/Usr/bin/perluse LWP: UserAgent; use HTTP: Request; use LWP: Simple; print? ==================

A function design defect of the moment network leads to cross-site Request Forgery (CSRF) (can lead to full-site worm propagation with POC) Cross-Site Request Forgery (CSRF) due to functional design defects such as transient network fragmentation

Phpyun # csrf add enterprise users Appears in/admin/model/admin_company.class.php Function add_action () {$ rating_list = $ this-> obj-> DB_select_all ("company_rating", "'category '= 1 "); if ($ _ POST ['submit ']) {extract ($ _ POST); if ($

Mao10CMS SQL Injection Mao10CMS SQL Injection Vulnerability files:Application \ Article \ Controller \ IndexController. class. php Public function tag ($ tag, $ page = 1) {if (is_numeric ($ page) {// filter parameters $ condition ['type'] = 'Article

Mcms latest SQL Injection package (any data can be output) Mcms latest SQL Injection package (any data can be output) On wooyun, we can see that zhangyi technology no longer ignores vulnerabilities. Let's join in. Go to the latest version of mcms (v_

Qibo Blog system high-risk vulnerability collection (SQL + XSS) This blog system is a public blog platform similar to blog bus.Two high-risk injection + xss that can be used as administrator accountsLatest blog 1.0Http://down.qibosoft.com/down.php?

Internet-based storage-type cross-site (other users have logged on) Internet-based storage-type cross-site (other users have logged on) You can see the homepage of the fence.I went to see it.Redecorate the review of live broadcastingHttp://bang.liba.

Metinfo latest SQL Injection Metinfo latest SQL Injection Direct code analysis:Download. php: require_once '../include/common.inc.php';$mdname = 'download';$showname = 'showdownload';$dbname = $met_download;$dbname_list = $met_download_list;$mdmendy

Trinity vulnerability analysis method-web Application Security Testing Method0x00 preface 4.1 active (fully automated): Web2.0, interactive vulnerability scan 4.2 semi-automatic vulnerability analysis: Business replay, url image, 4.3 high coverage

SQL Injection for a service application in La Kala Some time ago, I found that the SQL injection of a service application in La Kala does not intend to go in from this vulnerability. Therefore, I submitted this point first.       Save the

Baidu record store-type XSS (no exception for anyone who hits it) This storage-type XSS appears on the bar service blocking reason (so the premise is that you must have the bar master or have the seal permission) Below I will demonstrate it with