Cloud Security

After installing the MySql server and setting the root user password of MySql, we started using it directly. In fact, there are still some insecure factors in such a MySql server, this article demonstrates how to use the command

0 × 00 what is a Secure DesktopWhen employees in some enterprises (such as finance) perform internal operations in the company, the general security policy is to recommend that the customer configure another computer for office work, and cannot

Author: Jonathan Salwan> Translation Date:> Http://www.cfeng.org> Original English: > In this short article, we will see how to implement ASLR in Linux Kernel 3.7>. The kernel generates a pseudo-random number by calling the get_random_int ()>

Disabling IIS to execute file types not in our plan can significantly improve the security environment of the server. The following describes how to disable the script ing we do not need.Start IIS manager, right-click the website, and select

You can view this information at http://www.bkjia.com/article/201205/132847.html.Json hijacking due to improper data processing of some resource containers. because ie supports vbscript, the script element can be specified as the vbscript language:

Usage: vi/usr/local/nginx/conf/drop_ SQL .conf Add the following code: # Block SQL injectionsset $ block_ SQL _injections 0; if ($ query_string ~ "Union. * select. * \ (") {set $ block_ SQL _injections 1;} if ($ query_string ~ "Union. * all. *

A few days ago, in order to use idle VPS, a movie station was built with GXCMS, and then swept down to the 360 Website Security Detection area, the system prompts that the XSS vulnerability exists. After checking the vulnerability, the vulnerability

I. Application Local Storage check 1. View data in sqlite3 formatThe local storage of many applications uses the sqlite3 database for storage. We can use the sqlite3 command to view the content, for some Android devices without the sqlite command,

Add the following fields to the configuration file: Server {# Block SQL injections for SQL InjectionSet $ block_ SQL _injections 0;If ($ query_string ~ "Union. * select. * \ (") {Set $ block_ SQL _injections 1;}If ($ query_string ~ "Union. * all. *

Today, I have been playing yy for a while .. It feels bad... So let's take a look at this very tricky program .. In addition. I am not engaged in reverse engineering .. Let's just take a look .. Hope you can analyze Yy cache + configuration

Over the last year or so, I 've noticed 2 ports appearing more frequently during internal penetration tests, namely 27017/tcp and 28017/tcp. these can be easily missed if full port scans are not saved med.A quick service scan revealed this as

Test the vulnerability program vul. c # include # include void func (char * str) {char buf [8]; strcpy (buf, str); printf ("% s \ r \ n", buf );} int main (int argc, char * argv []) {if (argc> 1) func (argv [1]); return 0 ;}with the suid bit, the

### This file is part of the Metasploit Framework and may be subject to # redistribution and other cial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use .# http://metasploit.com/##require

I have dug a bunch of XSS in the past. At first I thought it was quite interesting. Later I realized that I would submit the XSS in the future. Sorry, brother, I don't know what type it should be, you can check it out... This is just something that

When I got up in the morning, I took a vacation with my school and started my computer. I accidentally saw a PPT from xisigr 《Browser magicI was very depressed about how it was implemented. I searched for nothing and did some tests on my

1DescriptionPcntl is an extension in linux that supports multi-threaded php operations.The pcntl_exec function is used to execute a specified program in the current process space. version requirements: PHP 4> = 4.2.0, PHP 52, UtilizationDuring

I haven't written anything for a long time, mainly because it's so busy recently that an idiot uses webbench to attack the company's server every day. as the saying goes, I have been ill for a long time. Today, my Mongolian doctor will share the

[Introduction] some small companies make it easy to remember and use images. servers use the root password with fixed combination rules (developers/O & M personnel are lazy) and sshd: 22 is available on the Internet. For example, if we know that the

A website may have vulnerabilities. The last time a friend's website used an open-source system, the website was infected with Trojans and checked a vulnerability when it was originally used to edit the template, A Trojan is written into the

1. Prepare the certificate.The procedure is similar to that described in the use of the OpenSSL self-issuing server https certificate. Repeat it here.1. Create a CA certificate:Ca. key CA private key: Openssl genrsa-des3-out ca. key 2048