Network security -- HTML Foundation

1. Loopholes General type: the vulnerability corresponding to the third-party software, application and system. Each user using the software or application system has this vulnerability. If a vulnerability is found, it can block n more than one website Event type: non general vulnerability, which mainly refers to the specific vulnerability of ...

Posted on Sun, 05 Dec 2021 04:21:11 -0500 by TangoGirl

Form based brute force cracking

Briefly introduce the methods of violent cracking Range environment: pikachu Introduction: The post login box for form based cracking generally does not have a verification code, and the login box for mobile phone number verification can be brutally cracked We enter admin: admin at the front of the web page and find an error username or pa ...

Posted on Mon, 29 Nov 2021 11:54:17 -0500 by mahenderp

kali installs and configures snort to realize simple intrusion detection

kali installs and configures snort to realize simple intrusion detection reference resources Installing and configuring snort on kali and simple experiments (this is the most concise and error free article in my installation process);Install snort for Ubuntu 16.04, including problem solving (sample code) (this article contains common mistakes ...

Posted on Sun, 28 Nov 2021 05:33:24 -0500 by poknam

Intranet penetration test small Demo hash delivery attack

Environment construction Win Server2003 Set account password Right click my computer, select manage, add local users and groups, and reset the password of admin to 123456 to facilitate subsequent operations Add a network card for the virtual machine in vmware, and select the LAN section for the network connection After power on, ...

Posted on Fri, 26 Nov 2021 18:50:56 -0500 by kbc1

[Introduction to IOV Security]2. Common ADB commands for Android security

Welcome new students ... ... If a man has no name, he can concentrate on sword practice I am not a salty fish, but a dead one! 0x01 ADB command (primary) View active information for the current application adb shell dumpsys activity top # Print out the four components that run all applications in the system adb shell dumpsys >> in ...

Posted on Sat, 20 Nov 2021 22:26:05 -0500 by tazgalsinh

2021 Longyuan anti epidemic WriteUp

I hope the epidemic will end soon Note: the * is played after the game Always wp wait for the legend of Nanshen to post the team wp link Misc soEasyCheckin base32, but there is a problem. The countdown appears 0 $, 0 – > O, $- > s, and a string of hex is obtained. As a result, there was another problem with hex, specifically ...

Posted on Mon, 08 Nov 2021 03:14:49 -0500 by rawb

Complete analysis of Boolean blind injection of SQL injection

Injection principle Boolean blind annotation is applicable when there is no echo during injection. The principle is that the application system makes Boolean judgment when querying according to the where+and statement, that is, the result is true or false, for example, select * from admin where id=1 and 1=1. In general, the application sys ...

Posted on Sat, 06 Nov 2021 00:49:00 -0400 by slak

An understanding of memory horse

preface With the increasingly fierce game between attack and defense, professional security devices such as traffic analysis and EDR are widely used by defenders. The traditional webshll uploaded by files or the back door resident in the form of files are more and more easy to be detected. webshell has finally entered the era of memory hor ...

Posted on Sat, 23 Oct 2021 23:20:30 -0400 by Malkavbug

Introduction to winsock programming

1, Statement In the process of self-study, I record my learning experience here. If there is anything wrong with the content, please criticize or write a private letter below. Thank you for reading. 2, Common basic functions 2.1 header file When using WinSocket to write programs, you need to use several important files, winsock2.h and s ...

Posted on Sat, 09 Oct 2021 00:10:44 -0400 by Newladder

The MOVAPS issue is one step behind a 100-step getshell

When you perfectly laid out your stack, leaked the address of libc, got the syetem address in libc, got the'/bin/sh'address, and sendline got through one step later, but you suddenly found out, what? Why did system fail? The address is also right, check it over and over, and it's all right. At this point you start to wonder if a new libc was ...

Posted on Wed, 06 Oct 2021 23:00:24 -0400 by Crackhead