Open_basedir Security Configuration in Apache Open_basedir =.:/tmp/ This setting allows access to the current directory (that is, the directory where the PHP script file is located) and the/tmp/directory, effectively preventing php trojans from
Baidu COM control BaiduSetupAx Remote Stack Overflow Vulnerability The length verification of the COM control BaiduSetupAx parameter is incomplete. Malformed parameters can cause stack overflow. This control will install and run the download program
Record a Linux Server intrusion detection process0 × 00 Preface The story is like this. On the first day of the New Year, the customer responded that their servers could not be accessed. Looking at the routes, the customer found that the UDP traffic
DDOS attack analysis method and AnalysisIntroduction to DDOS The full name of DDOS in English is Distributed Denial of Service Distributed Denial of attack. It is the most common and difficult to defend against network attacks. Similar to
I learned from the Superfish event0x00 preface & superfish event There are many reports at home and abroad about the Superfish incident. However, I personally feel that the vulnerability incidents are very sensitive in China, and they are the first
Anti-Virus Defense Research: monitoring the replication and auto-deletion of malicious programsI. Preface monitors the changes of directories in computer systems and files in directories in real time to effectively detect changes to files. In
Anti-Virus Attack and Defense Research: self-starting using the registryI. PrefaceAs I mentioned in the previous article, as long as you do not double-click a virus Trojan, it will not run. When it comes to running, there are many ways to realize
Virus Trojan scan: Analysis of hexadecimal code of QQ Trojan Horse stealingI. Preface according to my personal habits, I will use some automated tools before using reverse analysis of viruses such as IDA Pro and OllyDBG, through static or dynamic
Research on Anti-Virus Defense: DLL injection (medium)-Compiling of DLL injection and uninstallationI. preface the DLL usage method I discussed in the previous article is very passive for the DLL file itself. It needs to wait for the program to call
An example of webshell troubleshooting About the website, Linode Tokyo's high-end VPS, CentOS system, LNMP environment, and run Discuz X 2.5, with a high access volume.Start searching with the following command:Find.-name "*. php"-print0 | xargs-0
Research on Anti-Virus Defense: DLL injection (lower) -- DLL-free Injection I. Preface generally, to inject a program compiled by myself into other processes, you must use a DLL file. This method has been discussed in the previous article. But in
Research on Anti-Virus Defense: DLL injection (I)-compiling DLL filesI. Preface all the dialog box programs I have previously compiled for computer virus simulation are exe files. Therefore, a process will be generated during running and the process
How to detect an APP: Getting others' information from decryption to batch Comment: when mining web vulnerabilities of Android apps, apps that seem to be safe will also Encrypt http requests, the author of this article provides a good basic solution:
Zabbix security: Execute the command to obtain the shell after cracking the weak password. If your Zabbix Admin password is too weak or you use the default password (Admin/zabbix) and the password is cracked by a hacker, The Zabbix server is no
ElasticSearch command execution vulnerability: rebound shell through perl ElasticSearch is a Lucene-based search server. It provides a distributed full-text search engine with multi-user capabilities, based on RESTful web interfaces. Elasticsearch
Optimistic about your portal-data transmission on the client-modifying referer with java1. Referer is used to indicate where the browser is from to the WEB server. However, it is not completely secure. Write an example to modify the referer in the
A weak password in a system in Jinshan cloud causes command execution (intranet allowed) Http: // 101.251.64.195: 8080/ Weak zabbix password causes Command Execution However, it is worth mentioning that there is nothing in the Latest data of
ElasticSearchGroovy script Remote Code Execution Vulnerability emergency SummaryI. Vulnerability description ElasticSearch is a JAVA-developed search and analysis engine. 2014, once exposed a Remote Code Execution Vulnerability (CVE-2014-3120), the
360 the vulnerability detection platform may be exploited and used as a new attack idea and fixed Searches and operations that can be performed by everyone may lead to low-privilege hackers getting intrusions. New Ideas: Background vulnerabilities
Optimistic about your portal-data transmission on the client-insecure http information Header1. In the Internet, a large amount of data is transmitted through URL parameters. Most of the data is not transmitted through encryption. As I have learned,
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
