Article directory 1. Overview of SSRF 1.1. Scene 1.1.1. PHP code implementation 1.2. SSRF principle 1.3. SSRF hazards 2. SSRF attack and defense 2.1. SSRF utilization 2.1.1. File access 2.1.2. Port scanning 2.1.3. Read local files 2.1.4. Intranet application fingerprint identification 2.1.5. Attack intranet web applications 2.2. SSRF example 2.3. SSRF defense 2.3.1. Filter input […]
Tag: forge
CSRF (cross-site request forgery) and SSRF (server-side request forgery) vulnerability recurrence: risks and prevention methods
This article is intended for network security learning, please do not engage in any illegal behavior, otherwise you will be responsible for the consequences. Environmental preparation 1. CSRF(Cross-site request forgery) Example: Suppose a user is logged in on bank website A and keeps the session active, while he is also browsing other websites. The attacker […]
CTF-Forge HackTheBox Penetration Test (4)
Hello everyone, I am your good friend Xiaofeng. The CTF-Horizontall HackTheBox series of articles will be launched for everyone one after another. Introduction to 0X01 Forge is a CTF Linux Box, rated “Medium” on the HackTheBox platform’s difficulty scale. The range covers subdomain enumeration, SSRF attacks, and reverse engineering of python scripts for privilege escalation. […]
Minecraft Forge Mod Development Practice – Double Jump Controlled by Game Rules (1) Double Jump Part
Day 1: Prepare development environment First you need an MDK, here we use forge-1.19.4-45.1.0, unzip it to a folder Then you need IntelliJ (Community free version is enough), Open the folder where build.gradle is located and wait for the build. Needless to say about the construction, the problems encountered are also varied. At least I […]
C language is easy to forget and confused
C language is easy to forget 1 printf function and putchar function 2 scanf function and getchar function 3 goto statement 4 Differences between character arrays and strings 5 String input and output 5.1 gets() 5.2 fgets() 5.3 puts() 5.4 fputs() 6 main function and exit function 7 Prevent header files from being included repeatedly […]
After forgetting the root password of mysql database, change the root password
Directory method one: Method two: 2.1 You can also do it like me, after logging in as an ordinary user 2.2 Execute the following command to update the known encrypted ciphertext of user1 to root 2.3 Querying the database 2.4 Login with root user 2.5 The login is normal, but after logging in as root, […]
DVWA – Cross-Site Request Forgery (CSRF)
Cross-site request forgery What is CRSF CSRF, the full name is Cross-site request forgery, which translates as cross-site request forgery. It refers to using the victim’s identity authentication information (cookies, sessions, etc.) that has not expired to trick them into clicking malicious links or visiting pages containing attack code. Without the person’s knowledge, the person […]
Cross-site request forgery (csrf)
Table of contents Formal website operation Cross-site request forgery (csrf) phishing site The simplest principle real website phishing site Strategies for Addressing Phishing Sites form form method 1 ajax method 1 ajax method 2 ajax method 3 Verify the specified request The first CBV decorator Way 1 Way 2 Formal website operation Regular websites include […]
Minecraft 1.16.5 forge Mod Development – Particles
Particles first particle WindParticle–particle effect class WindData–use the interface IParticleData to store and process the data for creating example effects WindType–particle type ParticleRegistry–register particles WindFactory–The factory class is used to display and create our particle effects on the client side ParticleFactoryRegistry–register factory class texture–texture First particle Recently, I have some ideas, so I started learning […]
do not forget! You must add this when writing Python scripts!
Hello everyone, people who use Python often write some scripts. Whether it is to improve work efficiency or meet some specific needs, Python scripts are a common and useful thing. However, I recently discovered a problem that I hadn’t noticed before, that is, whether to add the statement if __name__ == “__main__”: in the script […]