What is cross domain resource sharing (CORS)?

1, What is CORS?For security reasons, the browser restricts cross domain HTTP requests initiated by scripts unless the server agrees to access. For example, if the server's response Header to the pre check request contains access control allow origin: *, the cross domain request can be accessed correctly.2, Examples of hazardsIf the malicious w ...

Posted on Tue, 23 Nov 2021 23:37:17 -0500 by bdurham

Export table of PE file (IMAGE_EXPORT_DIRECTORY)

catalogue Export table positioning and parsing (manual) The code locates the exported table and prints its data Find the address of the exported function by function name Find the function address by exporting the function sequence number Move export table The export table in PE usually exists in the dynamic link library file. Some exes ...

Posted on Fri, 29 Oct 2021 09:29:32 -0400 by neojordan

Extended PE header of PE file (IMAGE_OPTIONAL_HEADER)

Optional / extended PE header IMAGE_OPTIONAL_HEADER, it has more advantages than Standard PE header (IMAGE_FILE_HEADER) More IMAGE_OPTIONAL_HEADER Structure and members have the following meanings: //Size: 32bit(0xE0) 64bit(0xF0) #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16 typedef struct _IMAGE_OPTIONAL_HEADER { WORD Magic; ...

Posted on Tue, 26 Oct 2021 04:59:33 -0400 by nitestryker

Dark horse javaweb353 set complex conditional query - parameter name sql injection case

Dark horse javaweb353 set complex conditional query - parameter name sql injection case Due to professional reasons, I was forced to learn java. But fortunately, a roommate pushed me the learning materials of dark horse, which was stable every semester. During the learning process, it was found that there was an sql injection problem ...

Posted on Sat, 18 Sep 2021 18:03:33 -0400 by jaydeee

[network security] summary of Spring framework vulnerabilities

Introduction to Spring Spring is a lightweight open source framework in the field of Java EE programming. The framework was first proposed and subsequently created by a programmer named Rod Johnson in 2002 to solve the complexity of enterprise programming development and the loose coupling between business logic layer and other layers. Therefo ...

Posted on Sat, 11 Sep 2021 03:06:01 -0400 by lightningrod66