Programmer Think

Basic pass 1. Where is the key? F12 view source code 2. Encrypt again and you will get the key The encrypted data is xrlvf23xfqwsxsqf We can encrypt it once. ROT13 online decoding tool 3. Guess how many times it has been encrypted? Encrypted string: Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVmpBeFYyS kVUbGhoTVVw ...

php features Reference blogs are still Nanshen blog web89 include("flag.php"); highlight_file(__FILE__); if(isset($_GET['num'])){ $num = $_GET['num']; if(preg_match("/[0-9]/", $num)){ die("no no no!"); } if(intval($num)){ echo $flag; } } Here is an intval function: get the integer value of the variab ...

There may be a lot of nonsense. It mainly records the process of finding loopholes from so many files Reference blog https://blog.csdn.net/rfrder/article/details/113924013 https://blog.csdn.net/miuzzx/article/details/111352849 https://rainy-autumn.top/archives/913 web301 Audit the loopholes written by the group leader three years ago se ...

Nanshen blog Command execution web29 preg_match : Match regular expression After pattern separator"i"Tag this is a case insensitive search In mode\b Mark a word boundary, so only independent words will be matched, such as: if (preg_match("/\bweb\b/i", "PHP is the web scripting language of choice.")) : True if (preg_matc ...

Environment construction Download address: http://vulnstack.qiyuanxuetang.net/vuln/detail/2/ Official description The red team actual combat series mainly takes the real enterprise environment as an example to build a series of shooting ranges and learn through the trinity of practice, video tutorial and blog. In addition, the actual com ...

Gongzong No.: black palm A blogger who focuses on sharing network security, hot spots in the hacker circle and hacker tool technology area! I. Preface The vulnerability bounty program for discovering this vulnerability does not allow public disclosure, so I will not directly use the system name involved. The project is one of the projects t ...

primary coverage According to the monitoring requirements of process behavior, many security software used Hook technology to intercept key system calls to intercept malware process creation. However, under x64 architecture, the system kernel has done a lot of security detection measures, especially technologies like KDP, which makes th ...

Welcome new students ... ... If you are nameless, you can concentrate on practicing sword I am not a salted fish, but a dead fish! I have seen many installation tutorials of snort3 and snort2 on the Internet, especially the installation of snort3. Bloggers seriously doubt whether they have really installed successfully, People really w ...

At present, dandelion and fir are commonly used platforms based on third-party application distribution. After we submit them to the platform, we can download them by scanning the application QR code. For example, the dandelion platform is as follows: So the above is a very common operation process. The problem is: how to download the IPA in ...

Gongzong No.: Black palm A blogger who focuses on sharing penetration testing, hot spots in the hacker circle and hacker tool technology area! preface During intranet penetration, a WebShell or CobaltStrike, Metasploit, etc. are just the beginning. It is more about moving horizontally within the intranet, expanding the results and reaching ...