Category:Information Security

  • Summary of security vulnerability repair of front end and back end separation project

    Time:2020-7-13

    Recently, the project has been scanned for security. Due to the problems in the project design, some loopholes have been exposed. In the process of repairing, the experience is summarized and shared. 1. Front end separation and traditional architecture introduction Project architecture 1.1 the front and rear ends are not separated In the application mode […]

  • Cve-2020-0796 vulnerability recurrence (RCE) with exp tutorial

    Time:2020-7-11

    CVE – ­ 2020 ­ 0796 vulnerability recurrence (RCE) with exp tutorial Introduction to the vulnerability of 0x00 Microsoft Windows and Microsoft Windows server are products of Microsoft company in the United States. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a set of server operating system, and server message […]

  • Cve-2020-0796 loophole recurrence

    Time:2020-7-10

    Recurrence of CVE ­ 2020 – ­ 0796 vulnerability Introduction to the vulnerability of 0x00 Microsoft Windows and Microsoft Windows server are products of Microsoft company in the United States. Microsoft Windows is an operating system for personal devices. Microsoft Windows Server is a set of server operating system, and server message block is one […]

  • IAT table

    Time:2020-7-9

    0X0 0 DLL introduction DLL translator is a dynamic link library. The original concept of DLL does not exist. Only the concept of library, the compiler will insert the binary code obtained from the library into the application program. At present, the windows operating system uses a large number of library functions (process, memory, window, […]

  • Vulnerability recurrence note: cve-2020-0796 (smbhost vulnerability)

    Time:2020-7-7

    0x01: OverviewCve-2020-0796 (smbhost vulnerability) is caused by the error of server message block 3.0 (smbv3) protocol in processing malicious compressed packets. It can allow remote and unauthorized attacks to execute arbitrary code on the target system. 0x02: impact versionWindows 10 version 1903 for 32-bit systemsWindows 10 1903 (for arm64 based systems)Windows 10 1903 (for x64 […]

  • GPS timing equipment, GPS timing products, NTP time service server

    Time:2020-7-6

    GPS timing equipment, GPS timing products, NTP time service server GPS timing equipment, GPS timing products, NTP time service server GPS timing equipment, GPS timing products, NTP time service server Anhui Jingzhun Electronic Technology Co., Ltd—— www.ahjzsz.com Product introduction GPS time calibrator hr-901gb developed by Jingzhun Electronic Technology Co., Ltd. is an advanced intelligent high-precision […]

  • . net core uses JWT for authentication

    Time:2020-7-5

    Create a new API project for. Net core web (. Net core version 3.1)   Write an analog login interface under the value controller, and verify the name and password simply. After verification, a token will be returned. [HttpGet] [Route(“api/login”)] public IActionResult Login(string userName,string pwd) { if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(pwd)) { var claims = new[] […]

  • Weekly_ CTF week 5

    Time:2020-7-4

  • The importance of satellite clock synchronization in power automation system

    Time:2020-7-3

    The importance of satellite clock synchronization in power automation system The importance of satellite clock synchronization in power automation system Anhui Jingzhun electronic technology micro X — ahjzsz In 2016, the State Grid Corporation of China issued the opinions on comprehensively promoting the construction of intelligent metering system, in which, in terms of improving collection […]

  • Network security from the beginning to master (Chapter 2 – 7) regular expression

    Time:2020-7-2

    The content of this paper is as follows What is a regular expression Common functions of regular expression in PHP regular expression syntax   1. What is a regular expression? Regular expression: also known as regular expression, in a computer science concept, regular expression usually replaces which text conforms to a certain pattern (rule). Features […]

  • MySQL manual injection learning-1

    Time:2020-6-24

    MySQL manual injection learning Sqli labs manual injection learning The following is the manual injection process through some simple examples of slqi labs platform Less-1: Union Union query injection Page prompt: Please input the ID as parameter with numerical value First, we construct the ID parameter value: http://192.168.2.198/sqli-labs-master/Less-1/?id=1′ or 1=1–+ Confirm that there is an […]

  • XSS basic learning

    Time:2020-6-18

    XSS basic learning By: Mirror Wang Yuyang What is XSS XSS attack refers to embedding a malicious segment of client JS script code in the web page. JS script malicious code can obtain user‘s cookie, URL jump, content tampering, session hijacking Wait. https://www.cnblogs.com/wangyuyang1016/p/xss The attack method itself has no direct harm to the server, https://www.cnblogs.com/wangyuyang1016/p/xss […]