Technical Analysis of CVE-2020-25213: WP File Manager RCE Vulnerability
Background CVE-2020-25213, a Remote Code Execution (RCE) vulnerability in the WordPress WP-File-Manager plugin (version 6.0 to 6.8). WordPress is the […]
运维
tcp, tcp-pkt, tcp-stream in Suricata rule
In Suricata’s official document, there are oversimplified descriptions for these three protocol options, and it’s really confusing. In order to
Odoo 17 – Deployment and running with Nginx
Source installation and running Although Odoo provides packaged installers for convenience, I prefer to download the source code and run
About Stateful or Stateless Rules on Cloud Server’s Connection
In the Cloud Oracle network management panel (Networking > Virtual cloud networks > vcn-1234-xxxx > Subnet Details), when editing Ingress
Docker Command Aliases
For convenience, add the following aliases for Docker commands to your ~/.zshrc file.
使用 Docker 部署 Trojan 与 Nginx
项目目录结构 docker-compose.yml config.json 拉取镜像并启动容器 在项目目录下执行命令 sudo docker compose up -d. 使用 sudo docker ps 检查容器状态:
Windows 系统过多的安全日志归档文件 (Archive-Security-yyyy.evtx) 占用硬盘空间
如何在 Windows 服务器关闭 安全日志归档,关闭事件 ID 5156 的审核成功记录。
SQLServer 重置表的自增值
1 简单语句 1.1 查询自增值 SELECT IDENT_CURRENT(‘TABLE_NAME’) 1.2 重置自增值 DBCC CHECKIDENT(‘TABLE_NAME’, reseed, 10086) // 将表 TABLE_NAME 的自增 […]
CTF Writeup: from_sqli_to_shell_i386
今天给单位的小年轻讲网络安全课程,用了 from_sqli_to_shell_i386 这个靶机。题目简单,iso 文件又小,很适合入门。 这个靶机上有一个网站。先找到网站的 SQL 注入点;然后通过 SQL 注入获取 admin 帐号密码;再使用 adm […]