web learning record of CTF -- advanced SQL injection
summary
this part is the advanced part of sql injection knowledge, and introduces more injection skills.
Time injection attack
the scenario of time injection attack is also that the server does not return the information of query statements, which is similar to boolean injection attack. boolean injection guesses the d ...
Added by ma9ic on Wed, 09 Feb 2022 20:44:09 +0200
CVE-2020-1938 loophole recurrence (EXP code is attached at the end of the text)
CVE-2020-1938 Apache Tomcat file contains a duplicate vulnerability
1. Environmental construction
1.1 Vulhub target aircraft construction
1.1.1 environmental installation
(1) Install docker
$ curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
(2) Install docker compose
$ pip install docker-compose
#If there is no pip, ...
Added by purplenewt on Mon, 07 Feb 2022 12:54:23 +0200
Learning about URLDNS chain
ysoserialBefore we talk about the reverse sequencing benefit chain, we can't skip a procedural tool, ysoserial.Reverse sequencing is not a new term in all languages, but Gabriel Lawrence (@gebl) and Chris Frohoff (@frohoff) proposed to use Apache Commons Collections to construct the benefit chain of command execution on AppSecCali in 2015. At t ...
Added by squimmy on Sat, 05 Feb 2022 09:41:33 +0200
Redis unauthorized access vulnerability recurrence
1, Causes of Redis unauthorized vulnerability
1.1 basic introduction to redis
Redis is an open source (BSD licensed) in memory data structure storage system, which can be used as database, cache and message middleware. It supports many types of data structures, such as strings, hashes, lists, sets, sorted sets and range queries, bitmaps, ...
Added by Wardy7 on Wed, 02 Feb 2022 20:29:15 +0200
[intranet learning notes] 8. Use of powercat
1. Download and install powercat
powercat can be regarded as the powershell version of nc, so it can also connect with nc.
powercat can be downloaded from github. The project address is: https://github.com/besimorhino/powercat
Download powercat PS1 files can be imported directly
Import-Module .\powercat.ps1
If the prompt fails to load th ...
Added by passagewds on Tue, 01 Feb 2022 16:28:03 +0200
[prepare for autumn recruitment] interview of Linux operation and maintenance electronics factory
1. The database data is damaged due to misoperation of drop statement. Please write down the recovery idea and actual general steps?
#The recovery of all data depends on backup. If there is no backup, it cannot be recovered In case of recovery after misoperation, the incremental recovery method shall be used for recovery. The specific steps ...
Added by beckjoh on Sun, 30 Jan 2022 16:27:23 +0200
File upload bypass summary
To get more learning materials, join the community and further study, please scan my QR code or add memory2000427 to teach in good faith and take a detour. #File upload bypass
There are two kinds: one is based on code restriction and the other is based on firewall. In fact, generally speaking, the two are similar. They both detect the legitima ...
Added by simon551 on Sun, 30 Jan 2022 01:45:28 +0200
Java Security Learning Notes -- a simple analysis of the source code of HashMap class using deserialization chain
preface
The HashSet and Hashtable used by both CC6 and CC7 chains of ysoserial deserialization vulnerability exploitation tool are hash table based data storage structures. When it comes to hash table, the HashMap class is the most used hash table storage structure in Java. At the same time, HashMap class is also the underlying implementation ...
Added by jek1134 on Tue, 25 Jan 2022 19:30:32 +0200
Theoretical basis of network based RSTP protocol
Theoretical basis of network based RSTP protocol 1, Introduction of RSTP Although STP protocol can solve the loop problem, the slow convergence of network topology (the state in which the network can communicate) affects the user communication quality, and if the topology in the network changes frequently, the network will also lose connectivit ...
Added by anoopd on Tue, 25 Jan 2022 14:19:11 +0200
Personalized recommendation without login? A detailed explanation of browser fingerprints
In daily life, biometric technology has been the standard configuration of most smart phones. Most mobile phones have face recognition, fingerprint recognition and other functions. At present, fingerprint recognition technology has been very mature. But what we want to talk about today is not fingerprint identification in biometrics, but browse ...
Added by PHPFreaksMaster on Tue, 25 Jan 2022 08:23:54 +0200