WebShell command execution restrictions (solution)
This column is the author's network security learning notes, which are shared and used as notes at the same time
Previous link
Construction of Wamp / DVWA / sqli LabsUse of burpsuite tool to capture packets and Intruder brute force crackingUse of directory scanning, request retransmission, vulnerability scanning and other toolsWebsite infor ...
Added by Mountain Water on Mon, 20 Sep 2021 10:04:11 +0300
php asynchronous request
1.ajax By rendering the front-end page and executing Ajax using js, this method is still applicable. It is limited to business scenarios, because it can only be called in browsers, and it will not work if interface requests are encountered.
2.popen Open a pipeline to the process, and each request will start a process. You can call it by, but i ...
Added by Wolf_22 on Sat, 18 Sep 2021 08:56:44 +0300
Build Websocket microservices through gatewayworker / workman
background
Recently, some projects need to use Websocket to push real-time to grouped users, and there is less information to be transmitted from the front end to the back end. Through various considerations, we chose to build microservices through the gateway worker framework (based on workman).
introduce Workerman
Workerman is an op ...
Added by l3asturd on Fri, 17 Sep 2021 19:57:37 +0300
LaravelAlipay Payment
1. Payment function
1.1 Alipay Payment Installation Configuration
Then Alipay Scavenger logs in. Because the personal number is unable to apply for the payment key, we use its sandbox environment. We can recharge any amount on our side in a sandbox environment.
Similarly, third-party packages can be used for development in laravel t ...
Added by tcorbeil on Thu, 16 Sep 2021 04:26:18 +0300
php interview error prone summary I
1, empty, isset,is_null difference
Definition: isset() is used to detect whether a variable has been declared and its value is not NULL. In other words, as long as the variable value is not NULL, it returns the true value; empty() is used to detect whether a variable is empty. True values are returned in the following cases: empty string, fals ...
Added by divinequran on Sun, 12 Sep 2021 00:29:12 +0300
Xiaodi penetration & WEB vulnerability (iii-i)
Video resources
SQL injection (11-18)
11. Vulnerability introduction
11.1 PHP method of traversing all files and subfolders under a folder
<?php
function my_dir($dir) {
$files = [];
if(@$handle = opendir($dir)) {
while(($file = readdir($handle)) !== false) {
if($file != ".." && $file != ".") {
if(is_dir($dir . " ...
Added by ciaran on Sat, 04 Sep 2021 05:29:15 +0300
Ajax Principle & Basic Case
An Analysis of the Basic Principles of Ajax
Basic concepts
Asynchronous Javascript and XML.
A technique for creating fast dynamic Web pages with minimal exchange with the server to update the pages
Common Cases
Search page displays search results without refreshing
Registration page prompts for availability of items
Tmall Sho ...
Added by bobdabuilder on Mon, 20 Jul 2020 19:16:36 +0300
Picture deletion for laravel-admin
There is a deep doubt about laravel-admin's picture upload mechanism. Deleting avatar pictures on the user information page will cause an error. It was 1.4 at that time, and later updated 1.5 found that the delete button disappeared directly. If you use image normally in the form during the process of use, the slight ...
Added by sansoo on Sat, 18 Jul 2020 17:36:44 +0300
Picture deletion for laravel-admin
There is a deep doubt about laravel-admin's picture upload mechanism. Deleting avatar pictures on the user information page will cause an error. It was 1.4 at that time, and later updated 1.5 found that the delete button disappeared directly. If you use image normally in the form during the process of use, the slight ...
Added by Joan Collins on Sat, 18 Jul 2020 17:37:13 +0300
docker creates lnmp image
Docker is a lightweight virtualization technology, and lnmp is a powerful, open-source web running environment, so here's a demonstration of using Docker to build an lnmp image.
PS: To maintain lightweight and scalable performance, Docker encourages us to "one process per person"Container"means don't integrate too many functions ...
Added by madrazel on Fri, 17 Jul 2020 17:54:47 +0300