由一道工控路由器固件逆向题目看命令执行漏洞 - H4lo
前言 2019 工控安全比赛第一场的一道固件逆向的题目,好像也比较简单,好多人都做出来了。这里就分别从静态和动态调试分析复现一下这个命令执行的洞。 赛题说明 题目给的场景倒是挺真实的:路由器在处理 tddp 协议时出现了命令注入,导致了远程命令执行。就是后面做出来的这个答案的格式咋提交都不对...
Aggregator
intent 参数的规范 - bamb00
6 years 6 months ago
对于采用 intent 参数的 Activity Manager 命令,您可以使用以下选项指定 intent:
bamb00
Kazakhstan Attempts to MITM Its Citizens
6 years 6 months ago
Kazakhstan is now asking its citizens to install digital certificates so that it can decrypt all online communications. Their methods, however, may leave the population vulnerable to cyber attacks for many years to come.
Kazakhstan Attempts to MITM Its Citizens
6 years 6 months ago
Kazakhstan is now asking its citizens to install digital certificates so that it can decrypt all online communications. Their methods, however, may leave the population vulnerable to cyber attacks for many years to come.
Xposed反射字段流程分析 - luoyesiqiu
6 years 6 months ago
在 "XposedBridge源码" 中,反射字段的方法封装在 类里面.下面来看看Xposed是如何获取和设置字段的值的 获取字段的值 获取字段的值有许多个方法,有获取基本类型字段的值的方法(getIntField,getLongField,getDoubleField...),也有获取对象类型字段
luoyesiqiu
MLSRC与你相约第四届SSC安全峰会
6 years 6 months ago
MLSRC与你相约第四届SSC安全峰会
MLSRC与你相约第四届SSC安全峰会
6 years 6 months ago
MLSRC与你相约第四届SSC安全峰会
MLSRC与你相约第四届SSC安全峰会
6 years 6 months ago
MLSRC与你相约第四届SSC安全峰会
Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in June 2019
6 years 6 months ago
Similar to April and May, threat actors in June continued targeting the deserialization vulnerabilities found in Oracle WebLogic to mine cryptocurrency.
Vulnerabilities, Exploits, and Malware Driving Attack Campaigns in June 2019
6 years 6 months ago
Similar to April and May, threat actors in June continued targeting the deserialization vulnerabilities found in Oracle WebLogic to mine cryptocurrency.
PHP 扩展学习
6 years 6 months ago
PHP 类似于 python 也是运行在解释器上的, PHP 的叫 zend, python 的叫 cpython,
这些都是官方实现, 像 python 也有 jython, pypy 啥的, 用其他语言写的解释器.
有容奶大,没死的只是还不够大,不想说小红书
6 years 6 months ago
不想说小红书,无他,有容乃大~
有容奶大,没死的只是还不够大,不想说小红书
6 years 6 months ago
不想说小红书,无他,有容乃大~
有容奶大,没死的只是还不够大,不想说小红书
6 years 6 months ago
不想说小红书,无他,有容乃大~
Diversity of Thought in Tech
6 years 6 months ago
At Akamai, we believe innovation is only possible when the various viewpoints and experiences of a collective, culminate to make a great idea. It is the variety of these ideas which is important. Why does diversity of thought matter? When...
Akamai
Criminals Using Targeted Remote File Inclusion Attacks in Phishing Campaigns
6 years 6 months ago
In June 2019, logs on my personal website recorded markers that were clearly Remote File Inclusion (RFI) vulnerability attempts. The investigation into the attempts uncovered a campaign of targeted RFI attacks that currently are being leveraged to deploy phishing kits....
Larry Cashdollar
Gartner EPP MQ端点安全魔力象限12岁生日前瞻
6 years 6 months ago
上周跟yitao探讨2019年Gartner EPP MQ魔力象限的时候,回想起当年第一次看Gartner
Gartner EPP MQ端点安全魔力象限12岁生日前瞻
6 years 6 months ago
上周跟yitao探讨2019年Gartner EPP MQ魔力象限的时候,回想起当年第一次看Gartner
Gartner EPP MQ端点安全魔力象限12岁生日前瞻
6 years 6 months ago
上周跟yitao探讨2019年Gartner EPP MQ魔力象限的时候,回想起当年第一次看Gartner
Gartner EPP MQ端点安全魔力象限12岁生日前瞻
6 years 6 months ago
上周跟yitao探讨2019年Gartner EPP MQ魔力象限的时候,回想起当年第一次看Gartner