Cloud Security

Programmers may lose data due to misoperations. If they are busy with projects for a week, they will be overwhelmed. The boss's criticism and the manager's reprimand were followed. The next step is not having to take a break, work overtime, or even

The recent successive major and far-reaching security incidents have made information security more and more important. Personal privacy protection is one aspect. Considering the national conditions, personal privacy is not much lost, but how much

360 browser 5.0 and earlier # Cross-origin CSS vulnerabilityAlthough not the latest version, many users are using --.360 browser 5.0 and earlier # Cross-origin CSS vulnerability   Download the official version of 360 browser 5.0 and test it --.   3.0

As we all know, our MSF contains a DOWNLOAD_HTTPS module.If the SHELLCODE of PAYLOAD is extracted. (Of course, it is better if you have shellcode on the entire platform)Instead, it injects shellcode into a program.The rest  from pefile import PEfrom

The two pointers are not empty. When you open a webpage, the whole process crashes. After you re-open the webpage, it automatically starts again, crashes, closes, and then crashes.If another pointer is not null, the browsing page crashes and the

QQMusic has some problems in processing wav Files. When QQMusic's QQMediaplayer. dll parses the wav Format Chunk structure, it parses the Format Chunk that we constructed, leading to zero exception.A normal wav file consists of riff wave Header,

I. Sample Baklinks with "lcx.exe" First download lcx.exe fromAttach.blackbap.org/down/yclj/lcx.exe The program only can running in Windows Server, the program can backlink 3389 to another server. Opening and Listening a Port (like 3333) use lcx.exe

Iot has set off a wave of innovation. In this wave, interconnection will become a new demand for future products. The penetration of intelligent systems into people's daily work and life will become increasingly deep, the development of cloud

Linux servers have always been known for their stability, efficiency, and security. Security is an important part, which is related to commercial secrets and the survival of enterprises. This article describes how to use optw to generate a one-time

As "a place to talk about security", the annual RSA conference will become a benchmark for the development of the security industry. This year is no exception. As a representative of the Chinese RSA 2014 Security Conference, Huawei has its own

Token "to generate a registration code for registration. For example:MyNameIsMrWrongBytes MrWrongBytes Code Development Environment: win7 x64 sp1 The program is not completely analyzed as follows: 1. Take off the compression shell to facilitate

At Apple's new product launch, fingerprint recognition technology added to the next generation of iPhone attracted a lot of attention, just Tuesday, at the TechCrunch Disrupt conference, Google's Security Director also made a comment that "the

I. Preface For users who store important private files on Android mobile devices, some encryption and storage software is usually used. However, the software that enables a private space on a mobile phone is very similar, but the problem is that you

CSRF worm caused by unauthenticated QQ public welfare Http://npoapp.gongyi.qq.com/blog/addCSRF worm caused by not performing authenticationAs long as there is a Cookie in the QQ space, you can submit the blog to the QQ space. Effective Test

Variables that can be input by users in PHP $_SERVER $_GET $_POST $_COOKIE $_REQUEST $_FILES $_ENV $_HTTP_COOKIE_VARS $_HTTP_ENV_VARS $_HTTP_GET_VARS $_HTTP_POST_FILES $_HTTP_POST_VARS $_HTTP_SERVER_VARS Functions that may allow command

ShopNC provides excellent protection against user privacy information at the front-end, but ignores the protection of an api, resulting in vulnerability generation.Attackers can directly obtain json strings containing the user order details. Use

0 × 00 Preface After a successful test, we usually want to keep the privilege longer. the work of leaving a backdoor is crucial. Generally, the backdoor layout includes but is not limited to database permissions, WEB permissions, system user

An SQL injection vulnerability in the aoyou cloud browser APP We downloaded and installed "Ao you cloud Browser" from the pods app store ". After running the APP, you can find that the browser initiates an http request to the following address: 

Initial test 1. Use harmless payload, such as , , to observe the response and determine whether the application is HTML-encoded or whether tags are filtered, whether to filter <> and so on; 2. If you filter closed tags, try payload without closed

Today, 90% of Internet applications are deployed on Web platforms. online banking, online shopping, online games, and enterprise websites have become an essential part of life and work. Therefore, Web security becomes another hot spot after