The Rust Programming Language - Chapter 19 advanced features - 19.1 unsafe Rust

19 advanced features We will learn more advanced features in this chapter 19.1 unsafe Rust So far, the code we have compiled, Rust, will enforce checks at compile time to ensure memory security. However, Rust also provides a mode, unsafe Rust. These codes are written in unsafe blocks. They are no different from conventional codes, but they c ...

Posted by bliss322 on Sat, 04 Dec 2021 23:07:41 +0100

Framework vulnerability Series 1: struts vulnerability summary

preface: The loopholes reproduced in this article are not particularly comprehensive, but the loopholes in the last two years have been selected for reproduction in order to effectively reproduce the loopholes. After all, some old loopholes basically do not exist. 1, Introduction to Struts 1. Introduction Basic introduction: Struts is Ap ...

Posted by Lucidnight on Fri, 03 Dec 2021 15:57:53 +0100

SSL in openssl source code_ Read read process parsing

SSL encountered at work_ Read related issues, for SSL_ There are some questions about the read mechanism of read: SSL_ What is the difference between read and read and recv?. SSL_ Does read cause the inconsistency between the data to be read and the data actually returned?. SSL_ What is the behavior of read under blocking and non blocking ...

Posted by _confused_ on Thu, 02 Dec 2021 01:11:47 +0100

Programming language JavaSE (Fundamentals) -- exception mechanism

Programming language JavaSE (Fundamentals) -- exception mechanism Daily saying: the water drop penetrating the stone, its strength comes from accumulation over time preface: Referenced crazy Java basic video—— Crazy Java basic video    catalogue Exception architecture Differences and connections between exceptions 1 ...

Posted by br0ken on Thu, 25 Nov 2021 02:54:29 +0100

Third party authentication -outh2 principle and analysis

I read a lot of articles about outh2 application, and the introduction is rather obscure and difficult to understand. At the same time, there is no actual case description, Next, I will explain with a simple case of security+outh2 and explain why this implementation method is the best through the wechat authentication process. 1. Security im ...

Posted by $0.05$ on Tue, 23 Nov 2021 06:20:14 +0100

ThinkPHP5.0.24_ Analysis of deserialization vulnerability in Linux

ThinkPHP5.0.24_ Analysis of deserialization vulnerability in Linux ThinkPHP5.0.24Vulnerability code<?php namespace app\index\controller; class Index { public function test01(){ $code = $_POST['code']; unserialize(base64_decode($code)); } } payload/index.php/index/index/test01 POST code=TzoyNzoidGhpbmtccHJvY2Vzc1xwa ...

Posted by trevorturtle on Mon, 22 Nov 2021 06:40:53 +0100

Summary of common web security problems (share common 12 attack types and defense measures)

Article catalog1. Understand the harm of web attacks.2. Share three common attacks and corresponding defense methods1. Harm of Web attack.What are the hazards of web attacks?A minor attack may steal users' information from your website. Serious web attacks can delete the database, paralyze the website and so on.2. Types of sharing attacks: sql ...

Posted by andycole on Sun, 21 Nov 2021 22:05:35 +0100

The third pass of red sun range

The third pass of red sun range 1, Environment configuration Open the virtual machine image to the suspended state and take a snapshot at the first time. Some services are not self started and cannot run automatically after restart. Suspended status, account has been logged in by default, centos In order to get out of the network machine and ...

Posted by phuggett on Thu, 18 Nov 2021 17:17:03 +0100

[Web security] php://filter Shallow bottom layer analysis

Create a new PHP file: a.php <?php $a = "a.txt"; include("php://filter/resource=" . $a); Create a new file in the same directory: a.txt (the content is <? PHP phpinfo();? > base64 encoding) PD9waHAgcGhwaW5mbygpOz8+ Next breakpoint in the related function of the corresponding file: [data] Post key codes: php_stream * php_strea ...

Posted by homer.favenir on Tue, 02 Nov 2021 06:58:08 +0100

Firewall of security technology

1, Security technology and firewall 1.1 safety technology Intrusion detection systems: it is characterized by not blocking any network access, quantifying and locating from internal and external networks The threat situation is mainly to provide alarm and post supervision, and provide targeted guidance measures and safety decision-making ...

Posted by DMeerholz on Mon, 01 Nov 2021 14:28:27 +0100