Cloud Security

From: http://morgawr.github.io/hacking/2014/03/29/shellcode-to-reverse-bind-with-netcat/ This article mainly talks about how to construct a shellcode to form an effective bounce link during remote overflow.0x00 reverse binding Remote shell There are

Note: Be cautious when performing operations on all servers. Click OK to implement it again! The client cannot be remotely protected only by protecting the security of the link and the website being attacked. Ipsec Security Policy Method: Set

When processing the. res file, the corresponding structure size is not detected, resulting in buffer overflow. Attackers can construct a specific. res file to execute arbitrary programs. Vulnerability file coreide70.bpl file version 7.0.4.453

The Struts S2-020 announcement has been published for some time. We all know that this vulnerability can cause DOS, file download, and other dangers. We believe that major vendors have also taken corresponding security measures. Today, I would like

Ps: This article is purely idle, but I personally think the best way is logical vulnerabilities, and the second is to create vulnerabilities that only you can exploit and others can even discover. // ================================================ =

When security is involved, we sometimes focus more on wireless networks because Wi-Fi has no physical barrier. After all, attackers can detect your SSID and launch attacks externally. However, in the face of internal threats, targeted attacks, and

Traffic hijacking. After a period of silence on this old attack, it has recently started to stir up. Many well-known brands of routers have successively discovered security vulnerabilities, attracting domestic media reports. As long as the user does

Recently, the author's home wireless network has encountered network speed cards, packet loss, and other phenomena, seriously affecting the normal speed of the Internet, after careful viewing, it was originally hacked by others. So, how can we

In general DNS, if the dictionary is used for poor resolution, no dictionary can be used to complete all domain names. Foreign Security researchers have found that the domain names have been collecting DNS records for many years, many domain names

In the network, especially in the LAN, ARP spoofing is often encountered, thus affecting the normal application of our printer in the network. The specific causes of ARP spoofing are not described here. It is better to know the situation and

I used to use this Group Buying System for free. I don't know how to charge now. It seems that this vulnerability has always existed in several low versions! Vulnerability file: app/source/article_show.php  The following code omitted such an

To be honest, I don't want to dig any more web vulnerabilities or post such articles in the future. I didn't want to dig deeper into the web, A cms can be thoroughly analyzed just like any other great gods. I sometimes just look at it in a general

0x00 background When the value assignment of Struts2 Tomcat class.classLoader.resources.dirContext.doc Base causes DoS and remote code execution and exploitation, After Tomcat is used, it is not a framework, but a J2EE MVC framework that is not

1) The test injection points are as follows, with the injection parameters: Injection ID;Http://tuan2.zhuna.cn/book/map.php? Blat = 39.94027964 & blng = 116.4155094 & found id = 4685 Http://tuan2.zhuna.cn/book/map.php? Blat = 39.94027964 & blng = 11

A second-level domain name in chinaz.com has an SQL injection vulnerability. The database contains data from multiple sites. The database contains databases related to the keyword taobao and does not know whether the database is important.Don't drag

Two days ago, I got down because of web2hack.org and analyzed the reason. At that time, I had some ideas and wanted to keep track of them, but it was not clear. Later I found that WordPress was released in the latest version 3.5.1, I 've seen

The problem is very big. You 'd better not ignore it .... You can use the code to insert a php Trojan into the cache/directory to easily obtain webshells in batches. Search by Search Engine Powered by php168 v6 or later versions v5, v4, v3, v2,

I. OpeningSince ASP + ACCESS is rarely used to prevent database downloads, the odd sex skills on the Internet are countless. This article is to discuss the secrets left by many predecessors and discuss their advantages and disadvantages, finally, we

I am not good at xss. As a summary article about xss, I would like to share my own opinions. In fact, I feel very scared to write it out. I have read some articles written by M. I would like to thank you here. The bypass here focuses on white-box

Currently, PHP has become a popular language for Web application development because of its powerful functions, simple entry, and high code execution efficiency. Due to the wide use of PHP security vulnerabilities, more and more Web websites are