Tag: ssr

Intranet penetration based on SSRF+Redis

Intranet penetration based on SSRF + Redis 1. WEB server configuration 1. Ugly topology map 2. Add network card For the second network card, select vmnet1. It doesn’t matter if you customize it later. The purpose is to prevent the host from communicating with network card 2. 3. Set to fixed IP #Query the current […]

Network Security-SSRF Vulnerability Principles, Attacks and Defenses

Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]

SSR, CSR, SSG, ISR and DPR technologies in Next.js

CSR (Client Side Rendering) client rendering CSR is client-side rendering, such as the common rendering method used by SPA, which is supported by all mainstream frameworks , or in other words: as long as JS is used in the client-side rendering process, and the data is obtained and rendered through the client sending a request, […]

[NSSRound#6 Team]check(Revenge)

Article directory Test points tarfile file overwriting vulnerability (CVE-2007-4559) PIN calculation Problem solving process unexpected solution expected solution Test center tarfile file overwriting vulnerability (CVE-2007-4559) A directory traversal vulnerability in the extract, extractFile, and extractall functions in the tarfile module in Python allows a user-assisted remote attacker to traverse the directory and write/overwrite arbitrary files […]

SSRF vulnerability principle, attack and defense

Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]

A brief discussion on SSR/MPA CSR/ SPA SSG ISR

Foreword > This article would like to introduce what the terms in front-end SSR/MPA CSR/SPA SSG ISR mean. After all, it is a very common word. SSR (Server Side Render) and MPA (Multi-Page Application) The full name of SSR: Server Side Render. The Chinese translation is server rendering. What does server rendering mean? For example, […]

Use python’s selenium library to automatically batch refresh the courseware videos of the Yangtze River Rain Classroom

I recently discovered that the online general education course I chose has uploaded courseware on Rain Classroom. I counted more than 100 videos in total, with an average duration of 5-20 minutes. However, the progress bar of Rain Classroom videos cannot be manually pulled or adjusted. Playback speed, so it will be very time-consuming to […]

Network Security-SSRF Vulnerability Principles, Attacks and Defenses

Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]