current location:Home > Technical Articles > Operation and Maintenance > Safety
- Direction:
- All web3.0 Backend Development Web Front-end Database Operation and Maintenance Development Tools PHP Framework Daily Programming WeChat Applet Common Problem Other Tech CMS Tutorial Java System Tutorial Computer Tutorials Hardware Tutorial Mobile Tutorial Software Tutorial Mobile Game Tutorial
- Classify:
-
- What does lookahead assertion mean in javascript
- Note 1. The first assertion tells JavaScript to search forward in the string for a matching pattern. Might be useful if you want to search for multiple matching patterns on the same string. 2. There are two types of lookahead assertions: positive lookahead assertions and negative lookahead assertions. Example letquit="qu";letnoquit="qt";letquRegex=/q(?=u)/;letqRegex=/q(?!u)/;quit.match(quRegex);noquit.match(qRegex);
- Safety 908 2023-05-15 17:49:16
-
- How to configure H3C HWTACACS
- hwtacacsschemeacsprimaryauthentication10.222.250.13primaryauthorization10.222.250.13primaryaccounting10.222.250.13secondaryauthentication10.222.250.14secondaryauthorization10.222.250.14secondaryaccounting10.222.250.14keyauthenticationsimplenaskeyauth
- Safety 1346 2023-05-15 17:07:06
-
- What are the 4 common misunderstandings about windows antivirus software?
- For computer novices, there are generally four misunderstandings about anti-virus software: 1) As long as you are not online, you will not be infected by viruses. Many people think that as long as you are not connected to the Internet, your computer will not be infected by viruses. There are indeed many viruses. It spreads through the Internet, but mobile storage is also a major source of spreading viruses, such as U disks, mobile hard drives, pirated CDs, etc. 2) As long as you have anti-virus software, you are not afraid of viruses. Anti-virus software cannot predict what viruses will appear in the future. Anti-virus software can only kill known viruses or some common virus characteristic behaviors. Therefore, don’t sit back and relax with anti-virus software, and anti-virus software must renewed on time. 3) If you set the file to read-only, you will not be afraid of viruses. If you set the file to read-only, you will not be able to modify or delete the file. This will help prevent accidental modification or deletion of the file.
- Safety 1711 2023-05-15 16:46:13
-
- How to use third-party software to elevate FlashFXP privileges
- Privilege escalation environment: Windows 2003 Tools used: ASP environment, shell A privilege escalation idea: Using the FlashFXP replacement file vulnerability, you can read the site account password linked by the administrator. This is my first release in I Spring and Autumn. 1. Introduction to flashfxp FlashFXP is a powerful FXP/FTP software that integrates the advantages of other excellent FTP software, such as CuteFTP's directory comparison and supports color text display; such as BpFTP supports multiple directory selection files and temporary storage directories; and Such as the interface design of LeapFTP. 2. The specific process is as follows: I installed the FTP software in win03. There is nothing in it to create a new link. The linked account and password are all saved in qu
- Safety 714 2023-05-15 16:16:18
-
- What is the role of NQA?
- H3C's nqa is mainly used for primary and backup routing to ensure that the line is normal. 1. Networking requirements: Server can reach the opposite end line through two routers to ensure redundancy and automatic switching when disconnected. 2. The actual configuration of nqanqa is mainly divided into three steps: 1. Configure nqa detection. 2. Configure the association between track and nqa. 3. The specific configuration commands for the written static routing associated track are as follows: 1. You need to write nqa related commands on the main router. For example: nqaentryadminpiaojiaosuo to create an nqa event group (the name of the line marked to the ticket exchange can be set as required) typeicmp- echo determines the detection method destinationip49.10
- Safety 3037 2023-05-15 15:58:23
-
- Struts2 vulnerability S2-001 example analysis
- Vulhub vulnerability series: struts2 vulnerability S2-0011. Vulnerability description: struts2 vulnerability S2-001 is when the user submits form data and verification fails, the server uses OGNL expression to parse the parameter value previously submitted by the user, %{value} and refills the corresponding form data. For example, in a registration or login page. If the submission fails, the server will usually default to returning the previously submitted data. Since the server uses %{value} to perform OGNL expression parsing on the submitted data, the server can directly send the payload to execute the command. 2. Vulhub vulnerability exploitation: Using vulhub to reproduce vulnerabilities can save the environment construction process, which is very convenient. vu
- Safety 1211 2023-05-15 15:58:14
-
- How to implement text gradient using css
- Text Gradient The text gradient effect is very popular and can be easily achieved using CSS3: h3[data-text]{position:relative;}h3[data-text]::after{content:attr(data-text);z-index :10;color:#e3e3e3;position:absolute;top:0;left:0;-webkit-mask-image:-webkit-gradient(linear,lefttop,leftbottom,from(rgba(0,0,0,0) ),color
- Safety 1570 2023-05-15 14:52:06
-
- How to analyze the application of automated web penetration testing framework
- About VajarVajra is an automated web penetration testing framework that helps a wide range of security researchers to automate boring reconnaissance tasks and the same scans against multiple targets during web application penetration testing. Vajra is highly customizable, allowing researchers to customize the scanning scope. We do not need to perform all scans on the target. We can choose the scanning tasks to be performed according to our own needs, which can minimize unnecessary communication traffic and Output the scan results to CouchDB. Vajra uses the most common open source tools, which are tools that many security researchers use when conducting security testing. Vajra will be done through a web browser
- Safety 2364 2023-05-15 13:46:14
-
- What are common web security vulnerabilities and testing methods?
- 1. Six basic principles of security testing: Authentication: Return of requests to authenticated users Access control: Permission control and data protection for unauthenticated users Integrity: Users must accurately receive information sent by the server Confidentiality: Information must Accurate delivery to intended users Reliability: How often does it fail? How long does it take for the network to recover from a failure? What steps are taken to deal with catastrophic failure? (Personally, I understand that this place should be more inclined to the category of fault-tolerance and disaster-tolerance testing) Non-repudiation: users should be able to prove that the data received comes from a specific server 2. Common security test content permission control SQL injection URL security test XSS (cross-site scripting) Attacks) CSRF (cross-site request forgery) URL redirect vulnerability and other security considerations
- Safety 1684 2023-05-15 13:28:06
-
- Example analysis of remote code execution caused by uploading any jar package in apache flink
- Vulnerability description: On November 11, 2019, security engineer Henry Chen disclosed a vulnerability that allows Apache Flink to upload jar packages without authorization, leading to remote code execution. Since Apache Flink Dashboard can be accessed without authentication by default, a shell can be obtained by uploading a malicious jar package and triggering the execution of malicious code. Scope of influence Export (export) b. Then select java-->RunnableJARfilec. Then select the corresponding java project, export path and export file name image. This will generate a rebound shell jar package msf to generate jar horse: (1) Use msfvenom afterlife
- Safety 1604 2023-05-15 13:01:13
-
- How to use Smarty SSTi
- Title description: The title provides an API for reading XFF headers. There is the word BuildWithSmarty at the bottom of the page. It can be determined that it is written with the Smarty engine. Basically, it can be determined that the page has the possibility of SSTi. Change the xff header from 127.0.0.1 to The following result appears on 127.0.0{1+2} ssti. There is no doubt that the final payload is of
- Safety 1053 2023-05-15 11:37:06
-
- Analysis of examples of contaminated memory allocation functions in C language
- 1. Polluted memory allocation. The memory allocation functions of C language include malloc(), kmalloc, smalloc(), xmalloc(), realloc(), calloc(), GlobalAlloc(), HeapAlloc(), etc., with malloc() For example, the prototype of the malloc() function is: externvoid*malloc(unsignedintnum_bytes); the malloc() function allocates num_bytes bytes of memory and returns a pointer to this memory. When the integer of the memory allocation length comes from an untrusted source that may be contaminated, if there is no knowledge of the external input
- Safety 986 2023-05-15 11:13:05
-
- How to perform AppLocker bypass analysis
- Preface What is applocker? AppLocker, the "Application Control Policy", is a newly added security feature in the Windows 7 system. This function is integrated by default in systems above win7. We can enable ApplicationIdentity in services, and then find the Applocker option in ApplicationControlPolicies in localsecuritypolicy. applocker rules The default Applocker rules support the following types: Rule **|Associated file format---|---Executable file|.exe, .com file
- Safety 1014 2023-05-15 10:55:19
-
- What are the safety rules to prevent computer virus infection?
- 1. Use genuine software. Due to the high cost of using genuine software, most companies will choose to use pirated software, but these pirated software may contain malware and viruses. The code they copy from genuine software will also have loopholes, allowing criminals to easily crack the security license of pirated software, steal data, implant viruses, and eventually paralyze the entire system. 2. Update the operating system regularly. The operating system manages the hardware and software resources of the computer system. Once infected with a virus, the system will crash. To combat the ever-evolving viruses, developers have built in anti-virus software, so by regularly updating the operating system, viruses can be kept away. 3. Install anti-virus software. Anti-virus software can not only resist and prevent threats such as Trojans and viruses, but
- Safety 1530 2023-05-15 09:10:20
-
- How to configure the backend RS in lvs-dr mode
- 1.with lo unlocked vipipaddradd192.168.50.246/32devlolabello:02.enabled arpecho1>/proc/sys/net/ipv4/conf/lo/arp_ignoreecho1>/proc/sys/net/ipv4/conf/all/arp_ignoreecho2>/ proc / sys / network / ipv4 / conf / lo / arp_announceecho2 > / proc / sys / network / ipv4 / conf / all / arp_announcer
- Safety 1573 2023-05-15 09:04:11