Programming VIP

0x00 introduction to pan micro OA Founded in 2001 and headquartered in Shanghai, fanwei focuses on the field of collaborative management OA software, and is committed to taking collaborative OA as the core to help enterprises build a new mobile office platform. 0x01 vulnerability description SQL injection vulnerability exists in Pan ...

1, Brief description Syzkaller is a kernel fuzzy testing tool developed by Google. In short, it automatically inputs various effective, invalid and completely randomized parameter data to the kernel, and observes the operation status of the kernel, whether there are panic, memory leakage and other problems, so as to discover the vulnerabilitie ...

Typera root URL: PIC \ att & CK target combat series - vulnstack2 statement study hard and make progress every day Environment configuration Baidu members can download directly from the cloud without any address http://vulnstack.qiyuanxuetang.net/vuln/detail/3/ While downloading, you can start the network configuration of vmware The ...

Front end security Professional NOUNexplainpayloadAttack codeEXPComplete vulnerability exploitation toolsPOCViewpoint verification procedure. Running this program can get the expected resultsGPCGET POST COOKIE 1. Cross site scripting attack Cross site scripting (XSS) refers to a client-side code injection attack in which an attacker executes ...

The words written in the front HTTP/1.1 has gone through a long development process from 1991 to 2014: HTTP/0.9– 1991HTTP/1.0– 1996HTTP/1.1RFC 2068– 1997RFC 2616- 1999RFC 7230- 2014 This means that various servers and clients in the Internet may have many security problems, which will also create opportunities for HTTP smuggling attack (HTTP ...

1, Environment construction: Target topology:   1. Add virtual network card: Add network cards for network segments 22 (VMnet2) and 33(VMnet3) VMnet8 communicates with the outside in NAT mode 2. Configure network card: target1 network configuration: target2 network configuration: target3 network configuration:  3.web ...

In the penetration test, information collection is particularly important. In the information collection stage, the penetration test team can use various methods to obtain information about the topology and system configuration of the target network. Whether the information is perfect or not will seriously affect the speed and depth of subseque ...

1. Introduction and installation of Kali Linux 2 1. Introduction to Kali Linux 2 Kali Linux 2 is an operating system for professional penetration testing and security auditing, which was developed from the previously well-known Back Track system. Back Track was once the best penetration test operating system in the world and achieved great su ...

Basic application of urllib 3 Library Urllib 3 is a powerful and well-organized Python library for HTTP clients. Many native Python systems have started to use urllib 3. Urllib3 provides many important features that are not available in the python standard library: Thread safetyConnection poolClient SSL/TSL authenticationFile segment code upl ...

Common ports: portservice21The default is ftp port, which mainly depends on whether anonymous is supported or weak password can be used22The default is shh port23The default is telnet port25The default is smtp service53The default is DNS123NTP161，162，8161SNMP service (8161 SNMP opened by IBM)389ldap community80http service443https service512 ...