Programming VIP

I Digital signature Imagine a scenario: Alice sends Bob a message (I'll invite you to dinner tomorrow). The message is encrypted with Bob's public key (public key encryption can ensure that only Bob can decrypt the message with his own private key after it is intercepted). However, since Bob's public key can be owned by others, Tom can also en ...

1. Black hat A person who hacks for illegal purposes, usually for economic gain. They enter the secure network to destroy, redeem, modify or steal data, or make the network unavailable to authorized users. The name comes from the fact that villains in old-fashioned black-and-white western films are easy to be recognized by film viewers because ...

Huxiang cup 2021 Pastebin recurrence learning 1, Introduction to Service Worker Service Worker can be understood as a proxy server between the client and the server. When a Service Worker is registered in the website, it can intercept the request and judge whether to send the request to the server or directly return it to the client through t ...

The memccpy function can replace the unsafe and inefficient str[n]cpy, str[n]cat, etc The memccpy function is in the POSIX standard library and recently added to the C23 standard library. In the C runtime of MSVC, it starts with an underscore_ Memccpy exists. Functions that do not begin with an underscore are currently deprecated (these functi ...

Penetration test idea Another: Shadow (mainly record some small processes and experiences of daily penetration) Tools preface If a worker wants to do well, he must sharpen his tools first A good tool can save a lot of time, so a tool set can quickly complete penetration testing Real IP Nslookup Own tools When nslookup obtains more t ...

Based on seedubuntu16 04 buffer overflow attack experiment I Turn off defense measures 1. Turn off address randomization Input the following command at the terminal to turn off address randomization and simplify the experiment sudo sysctl -w kernel.randomize_va_space=0 [the external chain picture transfer fails. The source station may h ...

CSRF (Cross-site request forgery), Chinese name: Cross-site request forgery, also known as one click attack/session riding, abbreviated as CSRF/XSRF. You can understand CSRF attacks as follows: an attacker steals your identity and sends malicious requests on your behalf. CSRF can do things like send mail on your behalf, send messages, steal yo ...

SpringSecurity In this chapter, we will explain the spring security framework and write the library management system from scratch. Spring security is a very powerful permission verification framework developed based on spring. Its core functions include: Authentication (user login)Authorization (what can this user do)Attack protection (ag ...

Vulnhub customs clearance manual - 04 Five86-1 Background overview: The download address is: https://www.vulnhub.com/entry/dc-1-1,292/ The target IP is 100.10 10.133, add the IP address to the hosts file and map it to the domain name five86 local Technical points: opennetadmin exploitfind / -type f -user username view the files that ...

1. Scanning and packet capturing analysis 1.1 problems This case requires to be familiar with common security tools in Linux host environment and complete the following tasks: Use nmap scan to obtain information about the specified host / network segmentScript scanning using nmapAnalysis of plaintext exchange information in FTP access ...