current location:Home > Technical Articles > Operation and Maintenance > Safety
- Direction:
- All web3.0 Backend Development Web Front-end Database Operation and Maintenance Development Tools PHP Framework Daily Programming WeChat Applet Common Problem Other Tech CMS Tutorial Java System Tutorial Computer Tutorials Hardware Tutorial Mobile Tutorial Software Tutorial Mobile Game Tutorial
- Classify:
-
- How to conduct APT organization tracking and governance based on knowledge graph
- Advanced persistent threats (APTs) are increasingly becoming a major threat in cyberspace that cannot be ignored against important assets of governments and enterprises. Since APT attacks often have clear attack intentions, and their attack methods are extremely concealed and latent, traditional network detection methods are usually unable to effectively detect them. In recent years, APT attack detection and defense technologies have gradually attracted the attention of governments and network security researchers from various countries. 1. Research related to the governance of APT organizations in developed countries 1.1 At the strategic level, the United States emphasizes "America First" and "Promoting Peace through Strength." The Trump administration has successively released the "National Security Strategy Report", "Department of Defense Cyber Strategy" and "National Cyber Strategy" ”, explains Trump’s “America First” strategy, emphasizing “cyber deterrence” and
- Safety 1216 2023-05-13 20:37:10
-
- How to analyze reflected XSS
- 1. Reflected XSS Reflected XSS means that the application obtains untrustworthy data through Web requests and transmits it to Web users without checking whether the data contains malicious code. Reflected XSS is generally constructed by the attacker with malicious code parameters in the URL. When the URL address is opened, the unique malicious code parameters are parsed and executed by HTML. It is characterized by non-persistence and requires the user to click on a link with specific parameters. can cause. The editor takes the JAVA language source code as an example to analyze CWEID80:ImproperNeutralizationofScript-RelatedHTMLTagsinaWebPage(BasicXSS)2.
- Safety 2157 2023-05-13 20:13:04
-
- How to use Bluetooth function to attack and unlock Tapplock smart padlock within two seconds
- A few weeks ago, a YouTuber named JerryRigEverything uploaded a teardown video of the Tapplock Smart Bluetooth Fingerprint Padlock. The video shows that the Tapplock back cover can be removed by simply using a GoPro camera to fix the adhesive base, and then using a screwdriver to easily open the Tapplock lock. It’s a bit incredible. This video aroused my curiosity about the security of Tapplock smart padlock. This smart padlock has fingerprint recognition, mobile phone Bluetooth and Morse code unlocking. While it is convenient, how safe is it? From this, I conducted some research on Tapplock, and finally I achieved the unlocking of Tapplock within 2 seconds.
- Safety 1405 2023-05-13 19:49:04
-
- How to do an introduction to Wireshark
- Anyone who studies networking must be familiar with Wireshark, but I only knew how to use Wireshark before, and the technical level was very shallow. In the 2015 information security management and assessment national competition test questions, high requirements were placed on the use of Wireshark. In addition, there is a foreign network security tool ranking list (http://sectools.org/), which includes: 125 security tools, among which Wireshark ranks first on the list. All of this prompted the determination to systematically learn Wireshark and use it as the next blog topic after DVWA. Wireshark is currently the most widely used open source packet capture software.
- Safety 1292 2023-05-13 18:55:12
-
- How to use APT framework TajMahal
- Overview 'TajMahal' is a previously unknown and technically complex APT framework discovered by Kaspersky Lab in the fall of 2018. This complete spy framework consists of two packages named "Tokyo" and "Yokohama". It includes backdoors, loaders, orchestrators, C2 communicators, voice recorders, keyloggers, screen and webcam grabbers, document and encryption key stealers, and even the victim machine's own file indexer. We found up to 80 malicious modules stored in its encrypted virtual file system, which is one of the highest number of plugins we have seen in an APT tool set. To highlight its capabilities, TajMahal is able to etch files from the victim as well as the printer queue.
- Safety 854 2023-05-13 18:43:06
-
- How to use sqlmapGetshell
- sqlmap reads and writes files –file-read: reads files from the back-end database management system file system –file-write: edits local files on the back-end database management system file system (writes from local) –file-dest : The absolute path to the file written by the back-end database management system (write target path). You can use the above commands to read and write the system file after SQL injection, but the prerequisite is that you need to have read and write permissions and be a dba. permissions, otherwise read and write operations cannot be performed successfully. Taking DVWA as an example, build DVWA under kali to read and write files. Read the file: Check the relevant information in PHPinfo, use -file-r
- Safety 1908 2023-05-13 18:25:06
-
- How to solve the arbitrary file deletion vulnerability in WordPress plugin WooCommerce
- Technical details: WordPress’s permission processing mechanism is mainly implemented by providing different functions for different roles. When the store administrator role is defined, it will assign the edit_users function to this role so that they can directly manage the store’s customer accounts. . The entire permission assignment process occurs during the installation process of the plug-in. woocommerce/includes/class-wc-install.php://Shopmanagerrole.add_role('shop_manager',//Internalnameofthenewrole&
- Safety 1644 2023-05-13 18:16:06
-
- How to analyze and detect Rapid ransomware virus
- Ransomware has always been a hot topic in the security industry. Recently, security personnel have discovered a ransomware called rapid. This ransomware uses RSA and AES to encrypt files. It will not only infect existing files on the computer, but also Encrypt newly created files. This article conducts a detailed analysis of the rapid virus, analyzes its encryption mechanism, and parses its encrypted files. 1. Overview When the rapid virus runs, it will create multiple threads to continuously scan the file system and encrypt files. It will not only infect existing files on the computer, but also encrypt newly created files. The encrypted file has a ".rapid" extension added to its file name, and the file size is increased by 0x4D0 bytes. rapid virus
- Safety 1473 2023-05-13 18:10:06
-
- How to view Struts2 historical vulnerabilities from a protection perspective
- 1. Introduction The Struts2 vulnerability is a classic series of vulnerabilities. The root cause is that Struts2 introduces OGNL expressions to make the framework flexible and dynamic. With the patching of the overall framework improved, it will now be much more difficult to discover new Struts2 vulnerabilities than before. Judging from the actual situation, most users have already repaired historical high-risk vulnerabilities. Currently, when doing penetration testing, Struts2 vulnerabilities are mainly left to chance, or it will be more effective to attack unpatched systems after being exposed to the intranet. Online analysis articles mainly analyze these Struts2 vulnerabilities from the perspective of attack and exploitation. As the new H3C offense and defense team, part of our job is to maintain the rule base of ips products. Today we will review this system.
- Safety 1474 2023-05-13 17:49:06
-
- How to reproduce arbitrary file download vulnerability in Webug shooting range
- Brief description of the vulnerability: Due to business needs, some websites may provide file viewing or downloading functions. If there are no restrictions on the files that users can view or download, then malicious users can view or download some sensitive files, such as configuration information, source code files, etc. Cause of the vulnerability: There is a function to read files. The path of reading files is user-controllable and has not been verified or the verification is not strict. The file content is output. Hazards of the vulnerability: downloading arbitrary files on the server, such as script codes, services and system configuration files, etc. Further Use the information gained to do greater harm. The obtained code can be used for further code audit to obtain more exploitable vulnerabilities. Experimental environment: Webug shooting range homepage BP packet capture. We change the URL path to and send it to the repeater module in repe
- Safety 1607 2023-05-13 17:40:06
-
- What does select mean in I/O multiplexing?
- select is used to monitor changes in the status of multiple file descriptors. That is, it is used to monitor whether the file descriptor read/write/exception status is ready. Function prototype: intselect(intnfds, fd_set*readfds, fd_set*writefds, fd_set*exceptfds, structtimeval*timeout); Several major disadvantages of select: (1) Every time select is called, the fd collection needs to be copied from user mode to kernel mode , this overhead will be very large when there are many fds (2) At the same time, each call to select requires the kernel to traverse all the passed in fds, this overhead will also be very large when there are many fds (3) s
- Safety 1408 2023-05-13 17:31:12
-
- How Javascript fills an array with data
- Filling an Array with Data If we need to fill an array with some data, or need a data with the same value, we can use the fill() method. varplants=newArray(8).fill('8');console.log(plants);//['8','8','8','8','8','8',&#
- Safety 1402 2023-05-13 17:10:14
-
- What are the optimization techniques in website construction?
- Many SEOers know the truth that "content is king and external links are king", but how do they understand "content"? Some SEOers think that content refers to the original articles on the site. This is understandable because it is indeed a basis for website construction. In fact, the content has a wider scope. The following will focus on this "content" to carry out on-site optimization. tricks. First: Why should URL be placed at the front in URL path design? This is because URL path design is very important. Users need to go through the path to access the website, so a reasonable URL design is not only convenient for users to view, but also conducive to search engine inclusion and improves search engine friendliness. If the URL design of the website is unreasonable, it will naturally affect the search index.
- Safety 1373 2023-05-13 16:58:14
-
- How to update firewall IP and access control during computer room changes
- 1. Introduction: 1. Connection method: External network-->Firewall-->Switch 2. Server migration, switching of all IP addresses 2. Change of IP configured in the firewall: For example: the old address is: 0.0.8.34; the new address is :0.0.0.82PS: The firewall can use multiple addresses to access the Internet. The premise is that the access network cable provides the function of allowing both old and new IP addresses to access the Internet. Therefore, you can first ensure that the new address is in normal use before deleting the old configuration. 1. Change the access address: a) Add a new access address: i. Use a network cable to connect to the corresponding network port (the usual network cable is enough, and older firewalls may need to use a crossover cable). This is the first time. network port (eth0). If your firewall is still the factory default access location
- Safety 1564 2023-05-13 16:16:06
-
- What is JIS-CTF_VulnUpload target drone strategy?
- Vulnhub is one of my favorite playgrounds, and every target drone on it is a cool game. Completely finding all flags is only the basic task, and achieving privilege escalation is the ultimate goal. I am not pursuing the fastest capture of the flag, but rather using a complete attack chain to invade the target drone as much as possible. Therefore, some content in this guide may not be directly helpful for capturing the flag, but you should consider it when dealing with real targets. The target drone "JIS-CTF:VulnUpload" contains 5 flags and is of primary difficulty. It takes an average of 1.5 hours to complete the attack. You can get it from https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/
- Safety 1319 2023-05-13 15:46:06