Programming VIP

Foreword: we all know that HashMap is thread unsafe and is not recommended to be used in multi-threaded environment, but where is its thread unsafe? This paper will decrypt this problem. 1.jdk1. HashMap in 7 In jdk1 Many optimizations have been made to HashMap in 8. Here, we first analyze it in jdk1 7, I believe you all know in jdk1 7. ...

Because there are many topics, many places are relatively simple. I hope the masters will understand.. web711 Scanning the directory found robots Txt, prompt static / secret key txt Access to get a string ctfshow_love_you Then enter the normal page, there is a login and registration, randomly register a user, and after logging in, it is fo ...

Basic knowledge introduction to csrf attack process Experimental environment: CSRF simulated attack environment (this is the Intranet environment. The public network only needs to map the port, and other operations are the same) CentOS7 DVWA server (analog transfer system) 192.168.0.9 kali hacker (attacker) 192.168.0.2 Win10 user (vict ...

1. Overview of OS command injection Background: when programmers use script language (such as PHP) to develop applications, script language development is very fast, concise and convenient, but it is also accompanied by some problems, such as slow speed, unable to touch the bottom of the system, etc. When developing applications, especiall ...

  0x01 overflow attack event On April 22, 2018, hackers launched an attack on BEC smart contract and took out: 5789604461865810000000000000000000000000000000000000000000000000000000000000000000000000000.792003956564819968 BEC tokens were sold in the market. BEC depreciated sharply and its value was almost zero. The market collapsed insta ...

1, Environment construction: Target topology:   1. Add virtual network card: Add network cards for network segments 22 (VMnet2) and 33(VMnet3) VMnet8 communicates with the outside in NAT mode 2. Configure network card: target1 network configuration: target2 network configuration: target3 network configuration:  3.web ...

With the rise of micro service architecture, maintaining service security has become more challenging than before. Multiple back-end server instances using a single static key to access the database server will bring huge risks. If the key certificate is leaked, the whole system will be affected. In order to solve the impact of key certificate ...

CSRF (Cross Site Request Forgery), that is, cross site request forgery. The key point of launching cross site request forgery attack is to make the target server unable to distinguish whether the source of many requests is a real user or an attacker. The general process of attack is as follows: first, the attacker will induce the user to naviga ...

Topic expression As shown in the figure, FW1 and FW2 are active and standby HA, FW1 is active access, FW2 is standby access, FW3 and FW4 establish IPSec VPN tunnel with FW1 and FW2 through isp1 line. When isp1 line fails, use standby ISP2 line, FW1 and FW2 establish VPN tunnel, in which FW3 is located behind NAT equipment, and the external ...

I believe that ORACLE.mg is the most common database in the market As the password complexity verification script of ORACLE, SQL also plays an important role in the security of ORACLE. Probably because of my wrong search posture, I rarely find about utlpwdmg on the Internet SQL file (maybe because it's too simple???), I will analyze the file in ...