Linux file management

touch command: The touch command is used to create files and modify the time attributes of files or directories, including access time and change time. If the file does not exist, a new file will be created.ls -l can display the time record of the fileUser permissions: all users Syntax: touch [-acfm][-d<Date time>][-r<Reference docu ...

Posted by Desdinova on Wed, 13 Oct 2021 12:15:18 -0700

day55 network security

Firewall Firewall function In the computer field, firewall is a device used to protect information security. It will allow or restrict data transmission according to user-defined rules. A device used to protect intranet securityProtection according to rulesUser defined rulesAllow or deny access to external users Firewall classifica ...

Posted by offsprg01 on Sat, 09 Oct 2021 05:11:45 -0700

Security open source project

Collect some excellent safety open source projects of Party A This is a list of open source security projects, which collects some excellent open source security projects to help Party A's security practitioners build enterprise security capabilities. Each of these open source projects is committed to solving some security problems. Ideas for ...

Posted by yalag on Thu, 07 Oct 2021 22:07:59 -0700

CTF - light of dream

Light of dream Game link: http://monyer.com/game/game1/ F12 view the page source code, click first.php and jump to the first level Similarly, check the source code of the first level. The password is two spaces. Submit to the second level function check(){ if(document.getElementById('txt').value==" "){ windo ...

Posted by amjohnno on Thu, 30 Sep 2021 15:10:34 -0700

Violent cracking of DVWA s

Catalog low medium high impossible low Source code: <?php if( isset( $_GET[ 'Login' ] ) ) { // Get username $user = $_GET[ 'username' ]; // Get password $pass = $_GET[ 'password' ]; $pass = md5( $pass ); // Check the database $query = "SELECT * FROM `users` WHERE user = '$user' AND password = '$pass';" ...

Posted by Bazzaah on Wed, 29 Sep 2021 09:14:12 -0700

[security tools] talking about writing Java code audit tools

introduce The author is a senior student who is new to safety. If there are mistakes in the article, please point out! At first, it was considered to use pure matching, but this method is too strict, and the code written by programmers has various possible combinations Therefore, I tried to realize java lexical analysis and syntax analysis ...

Posted by tommyrulez on Mon, 27 Sep 2021 03:25:41 -0700

On batch mining of src vulnerabilities

preface This blog post only talks about vulnerability utilization and batch mining. Before contacting src, I had the same question with many masters, that is, how did those masters dig holes in batches? After climbing for two months, I gradually have my own understanding and experience, so I intend to share it and communicate with all masters. ...

Posted by LaWr3nCe on Thu, 23 Sep 2021 05:58:29 -0700

PHP deserialization vulnerability & netding cup ctf instance

Vulnerability profile php deserialization vulnerability, also known as php object injection vulnerability. In short, when php is deserialized, the content of the deserialization is under the control of the user, so the malicious user can construct the code of the specific serialized content, carry out the specific deserialization operation ...

Posted by karimali831 on Tue, 21 Sep 2021 20:48:13 -0700

Tips for writing exp

Tips for writing exp 1. Code alignment When filling in the address in exp, pay attention to the filling of code length 2. Fill to specified length 3. Link the remote server or link the local file # long-range r = remote('objective IP Or target URL',Destination port number) # local r = process('./file name') 4. Format conversion The ...

Posted by Johnain on Mon, 20 Sep 2021 16:52:57 -0700

Sqli labs customs clearance (less41~less50)

catalogue Less41 Less42 Less43 Less44 Less45 Less46 Less47 Less48 Less49 Less50 Less41 This level is similar to Less40. First find the closure through Boolean blind injection, and then stack and inject recklessly. Find closure: http://192.168.101.16/sqli-labs-master/Less-41/?id=1   There are query results http://192.168.10 ...

Posted by jaikar on Thu, 16 Sep 2021 13:44:57 -0700