Tag:Attacker

  • IOS development judges whether the mobile phone has escaped from prison

    Time:2022-5-7

    This paper mainly introduces three ways to detect prison break 1. Judge by the prison break documents added after prison break Judge whether these files exist, add them to the array and traverse the array. If there is any file, it is considered to be a prison break – (BOOL)isJailBreak { NSArray *jailbreak_tool_paths = @[ […]

  • Apache APIs IX has the risk of rewriting the x-real-ip header (cve-2022-24112)

    Time:2022-4-28

    Problem description In versions prior to Apache apifix 2.12.1 (excluding 2.12.1 and 2.10.4), enable Apache apifixbatch-requestsAfter the plug-in, there is a risk of rewriting the x-real-ip header. This risk can lead to the following two problems: Attacker throughbatch-requestsThe plug-in bypasses the IP restrictions on the Apache APIs IX data plane. Such as bypassing IP black-and-white […]

  • MySQL honeypot: bring the attacker information to you

    Time:2022-4-22

    This article is only for learning records. If there is infringement, please contact to delete!!! preface: In July last year, an unexpected phone call came and the conversation was as follows: Security practitioners who do not want to be named: are you XXX, the owner of this mobile phone number?Owner XXX: who are you, uncle. […]

  • Application of cloudquery data security technology

    Time:2022-4-20

    How important is data security? In the era of big data, data has become the core business asset of an enterprise. The frequent data security incidents in recent years, from “Facebook user information leakage” to “wechat database deletion event”, each data security incident shows that the leakage and destruction of data assets will lead to […]

  • SQL anti injection filter based on spring boot

    Time:2022-4-19

    What is SQL injectionSQL injection means that the web application does not judge or filter the legitimacy of the user input data. The attacker can add additional SQL statements at the end of the query statements defined in advance in the web application, and realize illegal operations without the knowledge of the administrator, so as […]

  • Common website attack technologies in the field of Web Security

    Time:2022-4-18

    1. SQL injection The core of SQL injection attack is to let the web server execute the SQL statement expected by the attacker, so as to obtain the data of interest in the database or read, modify, delete, insert and other operations on the database, so as to achieve its evil purpose. How to make […]

  • Network security – how to prevent common API vulnerabilities

    Time:2022-4-15

    With the all-round development of the Internet, the word API appears frequently in everyone’s sight. What is API? The full name of API is application programming interface, which is translated as “application programming interface”. It is some pre-defined interfaces (such as function and HTTP interface), or refers to the Convention for the connection of different […]

  • Explosive force of Apache log4j2 vulnerability

    Time:2022-4-9

    On December 10, 2021, the national information security vulnerability sharing platform (cnvd) included Apache log4j2 Remote Code Execution Vulnerability, No. cve-2021-44228. [vulnerability description]Apache log4j2 is an open source Java logging tool, which rewrites the log4j framework and introduces a large number of rich features. It can control the destination of log information transmission to console, […]

  • Replay of Weblogic deserialization remote command execution (cve-2019-2725) – including POC and exp

    Time:2022-3-30

    Vulnerability description Cve-2019-2725 is an Oracle Weblogic deserialization remote command execution vulnerability. This vulnerability is still bypassed by constructing payloads according to Weblogic’s xmldecoder deserialization vulnerability. Impact version : weblogic 10.x weblogic 12.1.3 Environment construction Reproduction using vulfocus platform Official address:http://vulfocus.fofa.so You can directly use the official platform to reproduce vulnerabilities. If you are interested, […]

  • WMI introduction and event resident

    Time:2022-3-22

    WMI (Windows Management Instrumentation) has been a part of the windows operating system since it was included in the operating system in Windows 2000. This technology is of great value to system administrators because it provides ways to extract all types of information, configure components, and take action based on the status of several components […]

  • Sniff and then spoof programming under Linux

    Time:2022-3-15

    Sniff and then spoof programming under Linux 1、 Task description In this task, you will combine sniffing and spoofing techniques to implement the following sniffing and spoofing programs. You need two machines on the same LAN. Ping IP from machine a_ 10. This will generate an ICMP echo request package. If host IP_ If x […]

  • Exploit the unauthorized access vulnerability of redis (Windows version)

    Time:2022-3-14

    0x00 principle First of all, redis is a non relational database. By default, it is bound at 0.0.0.0:6379. If relevant policies are not taken, such as adding a firewall to restrict untrusted IP access, the redis service will be exposed to the public network. If password authentication is not set, any user may not be […]