Network security -- HTML Foundation
1. Loopholes
General type: the vulnerability corresponding to the third-party software, application and system. Each user using the software or application system has this vulnerability. If a vulnerability is found, it can block n more than one website
Event type: non general vulnerability, which mainly refers to the specific vulnerability of ...
Posted on Sun, 05 Dec 2021 04:21:11 -0500 by TangoGirl
Form based brute force cracking
Briefly introduce the methods of violent cracking
Range environment: pikachu Introduction: The post login box for form based cracking generally does not have a verification code, and the login box for mobile phone number verification can be brutally cracked
We enter admin: admin at the front of the web page and find an error
username or pa ...
Posted on Mon, 29 Nov 2021 11:54:17 -0500 by mahenderp
kali installs and configures snort to realize simple intrusion detection
kali installs and configures snort to realize simple intrusion detection
reference resources
Installing and configuring snort on kali and simple experiments (this is the most concise and error free article in my installation process);Install snort for Ubuntu 16.04, including problem solving (sample code) (this article contains common mistakes ...
Posted on Sun, 28 Nov 2021 05:33:24 -0500 by poknam
Intranet penetration test small Demo hash delivery attack
Environment construction
Win Server2003
Set account password
Right click my computer, select manage, add local users and groups, and reset the password of admin to 123456 to facilitate subsequent operations
Add a network card for the virtual machine in vmware, and select the LAN section for the network connection
After power on, ...
Posted on Fri, 26 Nov 2021 18:50:56 -0500 by kbc1
[Introduction to IOV Security]2. Common ADB commands for Android security
Welcome new students ... ... If a man has no name, he can concentrate on sword practice
I am not a salty fish, but a dead one!
0x01 ADB command (primary)
View active information for the current application
adb shell dumpsys activity top
# Print out the four components that run all applications in the system
adb shell dumpsys >> in ...
Posted on Sat, 20 Nov 2021 22:26:05 -0500 by tazgalsinh
2021 Longyuan anti epidemic WriteUp
I hope the epidemic will end soon
Note: the * is played after the game
Always wp wait for the legend of Nanshen to post the team wp link
Misc
soEasyCheckin
base32, but there is a problem. The countdown appears 0 $, 0 – > O, $- > s, and a string of hex is obtained. As a result, there was another problem with hex, specifically ...
Posted on Mon, 08 Nov 2021 03:14:49 -0500 by rawb
Complete analysis of Boolean blind injection of SQL injection
Injection principle
Boolean blind annotation is applicable when there is no echo during injection. The principle is that the application system makes Boolean judgment when querying according to the where+and statement, that is, the result is true or false, for example, select * from admin where id=1 and 1=1. In general, the application sys ...
Posted on Sat, 06 Nov 2021 00:49:00 -0400 by slak
An understanding of memory horse
preface
With the increasingly fierce game between attack and defense, professional security devices such as traffic analysis and EDR are widely used by defenders. The traditional webshll uploaded by files or the back door resident in the form of files are more and more easy to be detected. webshell has finally entered the era of memory hor ...
Posted on Sat, 23 Oct 2021 23:20:30 -0400 by Malkavbug
Introduction to winsock programming
1, Statement
In the process of self-study, I record my learning experience here. If there is anything wrong with the content, please criticize or write a private letter below. Thank you for reading.
2, Common basic functions
2.1 header file
When using WinSocket to write programs, you need to use several important files, winsock2.h and s ...
Posted on Sat, 09 Oct 2021 00:10:44 -0400 by Newladder
The MOVAPS issue is one step behind a 100-step getshell
When you perfectly laid out your stack, leaked the address of libc, got the syetem address in libc, got the'/bin/sh'address, and sendline got through one step later, but you suddenly found out, what? Why did system fail? The address is also right, check it over and over, and it's all right.
At this point you start to wonder if a new libc was ...
Posted on Wed, 06 Oct 2021 23:00:24 -0400 by Crackhead