Code Vulnerability Scanning Common Vulnerabilities

Code Vulnerability Scanning Common Vulnerabilities 1. Log Injection (Log Forging Vulnerability) Vulnerability Description Writing unauthenticated user input to a log file can cause an attacker to forge log entries or inject malicious information into the log. A bug in log forgery occurs when: Data enters the application from an untrusted ...

Posted on Sun, 05 Dec 2021 14:57:20 -0500 by AaZmaN

Network security -- HTML Foundation

1. Loopholes General type: the vulnerability corresponding to the third-party software, application and system. Each user using the software or application system has this vulnerability. If a vulnerability is found, it can block n more than one website Event type: non general vulnerability, which mainly refers to the specific vulnerability of ...

Posted on Sun, 05 Dec 2021 04:21:11 -0500 by TangoGirl

0x04 - string of Python sequence family

preface catalog: 0x00 - Python learning notes Some knowledge of lists and tuples mentioned in the previous article are very similar because they both belong to sequences. A sequence is a continuous memory space that can hold multiple values. These values are arranged in a certain order and can be accessed through the number of the loca ...

Posted on Sat, 04 Dec 2021 21:37:45 -0500 by ploiesti

SQL digital injection details + iwesec instance

Tip: after the article is written, the directory can be generated automatically. Please refer to the help document on the right for how to generate it preface This article is the author's study notes. It records in detail the author's understanding of SQL digital injection, and also introduces the complete process of using union joint q ...

Posted on Sat, 04 Dec 2021 16:37:57 -0500 by cent

[CTF from 0 to 1 learning] 2. CTF cryptography

cryptography Summary Cryptography is a technical science that studies the compilation and deciphering of passwordsThe technical and scientific science of keeping information confidential is called cryptocodingCryptography is the science and technology for deciphering cryptography Basic Model of Information Security Basic cryptographic ...

Posted on Sat, 04 Dec 2021 14:11:13 -0500 by mhewall

Spring Cloud Gateway series [1] API Gateway overview and Gateway infrastructure construction

API gateway (service gateway) concept APl Gateway (API gateway), as its name implies, is an API oriented, serial and centralized strong control service that appears on the system boundary. The boundary here is the boundary of enterprise I system, which can be understood as enterprise application firewall, which mainly plays the role of is ...

Posted on Wed, 01 Dec 2021 17:55:55 -0500 by karlovac

Detailed explanation of the use of mwArray array in Qt and Matlab mixed programming

Original link: https://blog.csdn.net/HongAndYi/article/details/79477031 content validity In the basic flow of Qt 5.9 and matlab 2017b mixed programming, the basic flow of MATLAB and C + + mixed programming is introduced. After the flow is through, the key is to realize the function through the function in DLL. The function compiled by MA ...

Posted on Wed, 01 Dec 2021 11:06:46 -0500 by Cannibal_Monkey

Linux basic learning notes

System bottom security control and its optimization method 1. Significance of users and their user groups catalogue System bottom security control and its optimization method 1. Significance of users and their user groups 1) Meaning of user existence 2) Significance of user group existence 2. User creation 3. User switching 1) User vie ...

Posted on Wed, 01 Dec 2021 08:34:09 -0500 by Ton Wibier

bulldog-1 target write up

0x00 environment construction Download link https://download.vulnhub.com/bulldog/bulldog.ova target Get root permission to read flag Operating environment Target VM virtual machine startup Attack machine kali win10 Target ip problem (1) Set nat mode to the same network segment as kali (2) If it is set to nat, kali can't scan the ...

Posted on Tue, 30 Nov 2021 11:04:20 -0500 by HFD

SSRF--gopher protocol FastCGI

FastCGI definition: What is CGI CGI Full name"Universal Gateway Interface"(Common Gateway Interface),be used for HTTP A tool by which a server communicates with program services on other machines, CGI The program must run on the network server. tradition CGI The main disadvantage of the interface mode is poor performance because each time ...

Posted on Tue, 30 Nov 2021 09:02:40 -0500 by David-fethiye