current location:Home > Technical Articles > Operation and Maintenance > Safety

  • How to conduct APT organization tracking and governance based on knowledge graph
    How to conduct APT organization tracking and governance based on knowledge graph
    Advanced persistent threats (APTs) are increasingly becoming a major threat in cyberspace that cannot be ignored against important assets of governments and enterprises. Since APT attacks often have clear attack intentions, and their attack methods are extremely concealed and latent, traditional network detection methods are usually unable to effectively detect them. In recent years, APT attack detection and defense technologies have gradually attracted the attention of governments and network security researchers from various countries. 1. Research related to the governance of APT organizations in developed countries 1.1 At the strategic level, the United States emphasizes "America First" and "Promoting Peace through Strength." The Trump administration has successively released the "National Security Strategy Report", "Department of Defense Cyber ​​Strategy" and "National Cyber ​​Strategy" ”, explains Trump’s “America First” strategy, emphasizing “cyber deterrence” and
    Safety 1216 2023-05-13 20:37:10
  • How to analyze reflected XSS
    How to analyze reflected XSS
    1. Reflected XSS Reflected XSS means that the application obtains untrustworthy data through Web requests and transmits it to Web users without checking whether the data contains malicious code. Reflected XSS is generally constructed by the attacker with malicious code parameters in the URL. When the URL address is opened, the unique malicious code parameters are parsed and executed by HTML. It is characterized by non-persistence and requires the user to click on a link with specific parameters. can cause. The editor takes the JAVA language source code as an example to analyze CWEID80:ImproperNeutralizationofScript-RelatedHTMLTagsinaWebPage(BasicXSS)2.
    Safety 2157 2023-05-13 20:13:04
  • How to use Bluetooth function to attack and unlock Tapplock smart padlock within two seconds
    How to use Bluetooth function to attack and unlock Tapplock smart padlock within two seconds
    A few weeks ago, a YouTuber named JerryRigEverything uploaded a teardown video of the Tapplock Smart Bluetooth Fingerprint Padlock. The video shows that the Tapplock back cover can be removed by simply using a GoPro camera to fix the adhesive base, and then using a screwdriver to easily open the Tapplock lock. It’s a bit incredible. This video aroused my curiosity about the security of Tapplock smart padlock. This smart padlock has fingerprint recognition, mobile phone Bluetooth and Morse code unlocking. While it is convenient, how safe is it? From this, I conducted some research on Tapplock, and finally I achieved the unlocking of Tapplock within 2 seconds.
    Safety 1405 2023-05-13 19:49:04
  • How to do an introduction to Wireshark
    How to do an introduction to Wireshark
    Anyone who studies networking must be familiar with Wireshark, but I only knew how to use Wireshark before, and the technical level was very shallow. In the 2015 information security management and assessment national competition test questions, high requirements were placed on the use of Wireshark. In addition, there is a foreign network security tool ranking list (http://sectools.org/), which includes: 125 security tools, among which Wireshark ranks first on the list. All of this prompted the determination to systematically learn Wireshark and use it as the next blog topic after DVWA. Wireshark is currently the most widely used open source packet capture software.
    Safety 1292 2023-05-13 18:55:12
  • How to use APT framework TajMahal
    How to use APT framework TajMahal
    Overview 'TajMahal' is a previously unknown and technically complex APT framework discovered by Kaspersky Lab in the fall of 2018. This complete spy framework consists of two packages named "Tokyo" and "Yokohama". It includes backdoors, loaders, orchestrators, C2 communicators, voice recorders, keyloggers, screen and webcam grabbers, document and encryption key stealers, and even the victim machine's own file indexer. We found up to 80 malicious modules stored in its encrypted virtual file system, which is one of the highest number of plugins we have seen in an APT tool set. To highlight its capabilities, TajMahal is able to etch files from the victim as well as the printer queue.
    Safety 854 2023-05-13 18:43:06
  • How to use sqlmapGetshell
    How to use sqlmapGetshell
    sqlmap reads and writes files –file-read: reads files from the back-end database management system file system –file-write: edits local files on the back-end database management system file system (writes from local) –file-dest : The absolute path to the file written by the back-end database management system (write target path). You can use the above commands to read and write the system file after SQL injection, but the prerequisite is that you need to have read and write permissions and be a dba. permissions, otherwise read and write operations cannot be performed successfully. Taking DVWA as an example, build DVWA under kali to read and write files. Read the file: Check the relevant information in PHPinfo, use -file-r
    Safety 1908 2023-05-13 18:25:06
  • How to solve the arbitrary file deletion vulnerability in WordPress plugin WooCommerce
    How to solve the arbitrary file deletion vulnerability in WordPress plugin WooCommerce
    Technical details: WordPress’s permission processing mechanism is mainly implemented by providing different functions for different roles. When the store administrator role is defined, it will assign the edit_users function to this role so that they can directly manage the store’s customer accounts. . The entire permission assignment process occurs during the installation process of the plug-in. woocommerce/includes/class-wc-install.php://Shopmanagerrole.add_role('shop_manager',//Internalnameofthenewrole&
    Safety 1644 2023-05-13 18:16:06
  • How to analyze and detect Rapid ransomware virus
    How to analyze and detect Rapid ransomware virus
    Ransomware has always been a hot topic in the security industry. Recently, security personnel have discovered a ransomware called rapid. This ransomware uses RSA and AES to encrypt files. It will not only infect existing files on the computer, but also Encrypt newly created files. This article conducts a detailed analysis of the rapid virus, analyzes its encryption mechanism, and parses its encrypted files. 1. Overview When the rapid virus runs, it will create multiple threads to continuously scan the file system and encrypt files. It will not only infect existing files on the computer, but also encrypt newly created files. The encrypted file has a ".rapid" extension added to its file name, and the file size is increased by 0x4D0 bytes. rapid virus
    Safety 1473 2023-05-13 18:10:06
  • How to view Struts2 historical vulnerabilities from a protection perspective
    How to view Struts2 historical vulnerabilities from a protection perspective
    1. Introduction The Struts2 vulnerability is a classic series of vulnerabilities. The root cause is that Struts2 introduces OGNL expressions to make the framework flexible and dynamic. With the patching of the overall framework improved, it will now be much more difficult to discover new Struts2 vulnerabilities than before. Judging from the actual situation, most users have already repaired historical high-risk vulnerabilities. Currently, when doing penetration testing, Struts2 vulnerabilities are mainly left to chance, or it will be more effective to attack unpatched systems after being exposed to the intranet. Online analysis articles mainly analyze these Struts2 vulnerabilities from the perspective of attack and exploitation. As the new H3C offense and defense team, part of our job is to maintain the rule base of ips products. Today we will review this system.
    Safety 1474 2023-05-13 17:49:06
  • How to reproduce arbitrary file download vulnerability in Webug shooting range
    How to reproduce arbitrary file download vulnerability in Webug shooting range
    Brief description of the vulnerability: Due to business needs, some websites may provide file viewing or downloading functions. If there are no restrictions on the files that users can view or download, then malicious users can view or download some sensitive files, such as configuration information, source code files, etc. Cause of the vulnerability: There is a function to read files. The path of reading files is user-controllable and has not been verified or the verification is not strict. The file content is output. Hazards of the vulnerability: downloading arbitrary files on the server, such as script codes, services and system configuration files, etc. Further Use the information gained to do greater harm. The obtained code can be used for further code audit to obtain more exploitable vulnerabilities. Experimental environment: Webug shooting range homepage BP packet capture. We change the URL path to and send it to the repeater module in repe
    Safety 1607 2023-05-13 17:40:06
  • What does select mean in I/O multiplexing?
    What does select mean in I/O multiplexing?
    select is used to monitor changes in the status of multiple file descriptors. That is, it is used to monitor whether the file descriptor read/write/exception status is ready. Function prototype: intselect(intnfds, fd_set*readfds, fd_set*writefds, fd_set*exceptfds, structtimeval*timeout); Several major disadvantages of select: (1) Every time select is called, the fd collection needs to be copied from user mode to kernel mode , this overhead will be very large when there are many fds (2) At the same time, each call to select requires the kernel to traverse all the passed in fds, this overhead will also be very large when there are many fds (3) s
    Safety 1408 2023-05-13 17:31:12
  • How Javascript fills an array with data
    How Javascript fills an array with data
    Filling an Array with Data If we need to fill an array with some data, or need a data with the same value, we can use the fill() method. varplants=newArray(8).fill('8');console.log(plants);//['8','8','8','8','8','8',&#
    Safety 1402 2023-05-13 17:10:14
  • What are the optimization techniques in website construction?
    What are the optimization techniques in website construction?
    Many SEOers know the truth that "content is king and external links are king", but how do they understand "content"? Some SEOers think that content refers to the original articles on the site. This is understandable because it is indeed a basis for website construction. In fact, the content has a wider scope. The following will focus on this "content" to carry out on-site optimization. tricks. First: Why should URL be placed at the front in URL path design? This is because URL path design is very important. Users need to go through the path to access the website, so a reasonable URL design is not only convenient for users to view, but also conducive to search engine inclusion and improves search engine friendliness. If the URL design of the website is unreasonable, it will naturally affect the search index.
    Safety 1373 2023-05-13 16:58:14
  • How to update firewall IP and access control during computer room changes
    How to update firewall IP and access control during computer room changes
    1. Introduction: 1. Connection method: External network-->Firewall-->Switch 2. Server migration, switching of all IP addresses 2. Change of IP configured in the firewall: For example: the old address is: 0.0.8.34; the new address is :0.0.0.82PS: The firewall can use multiple addresses to access the Internet. The premise is that the access network cable provides the function of allowing both old and new IP addresses to access the Internet. Therefore, you can first ensure that the new address is in normal use before deleting the old configuration. 1. Change the access address: a) Add a new access address: i. Use a network cable to connect to the corresponding network port (the usual network cable is enough, and older firewalls may need to use a crossover cable). This is the first time. network port (eth0). If your firewall is still the factory default access location
    Safety 1564 2023-05-13 16:16:06
  • What is JIS-CTF_VulnUpload target drone strategy?
    What is JIS-CTF_VulnUpload target drone strategy?
    Vulnhub is one of my favorite playgrounds, and every target drone on it is a cool game. Completely finding all flags is only the basic task, and achieving privilege escalation is the ultimate goal. I am not pursuing the fastest capture of the flag, but rather using a complete attack chain to invade the target drone as much as possible. Therefore, some content in this guide may not be directly helpful for capturing the flag, but you should consider it when dealing with real targets. The target drone "JIS-CTF:VulnUpload" contains 5 flags and is of primary difficulty. It takes an average of 1.5 hours to complete the attack. You can get it from https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/
    Safety 1319 2023-05-13 15:46:06

Tool Recommendations

jQuery enterprise message form contact code

jQuery enterprise message form contact code is a simple and practical enterprise message form and contact us introduction page code.
form button
2024-02-29

HTML5 MP3 music box playback effects

HTML5 MP3 music box playback special effect is an mp3 music player based on HTML5 css3 to create cute music box emoticons and click the switch button.

HTML5 cool particle animation navigation menu special effects

HTML5 cool particle animation navigation menu special effect is a special effect that changes color when the navigation menu is hovered by the mouse.
Menu navigation
2024-02-29

jQuery visual form drag and drop editing code

jQuery visual form drag and drop editing code is a visual form based on jQuery and bootstrap framework.
form button
2024-02-29

Organic fruit and vegetable supplier web template Bootstrap5

An organic fruit and vegetable supplier web template-Bootstrap5
Bootstrap template
2023-02-03

Bootstrap3 multifunctional data information background management responsive web page template-Novus

Bootstrap3 multifunctional data information background management responsive web page template-Novus
backend template
2023-02-02

Real estate resource service platform web page template Bootstrap5

Real estate resource service platform web page template Bootstrap5
Bootstrap template
2023-02-02

Simple resume information web template Bootstrap4

Simple resume information web template Bootstrap4
Bootstrap template
2023-02-02

Cute summer elements vector material (EPS PNG)

This is a cute summer element vector material, including the sun, sun hat, coconut tree, bikini, airplane, watermelon, ice cream, ice cream, cold drink, swimming ring, flip-flops, pineapple, conch, shell, starfish, crab, Lemons, sunscreen, sunglasses, etc., the materials are provided in EPS and PNG formats, including JPG previews.
PNG material
2024-05-09

Four red 2023 graduation badges vector material (AI EPS PNG)

This is a red 2023 graduation badge vector material, four in total, available in AI, EPS and PNG formats, including JPG preview.
PNG material
2024-02-29

Singing bird and cart filled with flowers design spring banner vector material (AI EPS)

This is a spring banner vector material designed with singing birds and a cart full of flowers. It is available in AI and EPS formats, including JPG preview.
banner picture
2024-02-29

Golden graduation cap vector material (EPS PNG)

This is a golden graduation cap vector material, available in EPS and PNG formats, including JPG preview.
PNG material
2024-02-27

Home Decor Cleaning and Repair Service Company Website Template

Home Decoration Cleaning and Maintenance Service Company Website Template is a website template download suitable for promotional websites that provide home decoration, cleaning, maintenance and other service organizations. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-05-09

Fresh color personal resume guide page template

Fresh color matching personal job application resume guide page template is a personal job search resume work display guide page web template download suitable for fresh color matching style. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-29

Designer Creative Job Resume Web Template

Designer Creative Job Resume Web Template is a downloadable web template for personal job resume display suitable for various designer positions. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-28

Modern engineering construction company website template

The modern engineering and construction company website template is a downloadable website template suitable for promotion of the engineering and construction service industry. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-28