Intranet penetration based on SSRF + Redis 1. WEB server configuration 1. Ugly topology map 2. Add network card For the second network card, select vmnet1. It doesn’t matter if you customize it later. The purpose is to prevent the host from communicating with network card 2. 3. Set to fixed IP #Query the current […]
Tag: ssr
Network Security-SSRF Vulnerability Principles, Attacks and Defenses
Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]
SSR, CSR, SSG, ISR and DPR technologies in Next.js
CSR (Client Side Rendering) client rendering CSR is client-side rendering, such as the common rendering method used by SPA, which is supported by all mainstream frameworks , or in other words: as long as JS is used in the client-side rendering process, and the data is obtained and rendered through the client sending a request, […]
[NSSRound#6 Team]check(Revenge)
Article directory Test points tarfile file overwriting vulnerability (CVE-2007-4559) PIN calculation Problem solving process unexpected solution expected solution Test center tarfile file overwriting vulnerability (CVE-2007-4559) A directory traversal vulnerability in the extract, extractFile, and extractall functions in the tarfile module in Python allows a user-assisted remote attacker to traverse the directory and write/overwrite arbitrary files […]
SSRF vulnerability principle, attack and defense
Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]
A brief discussion on SSR/MPA CSR/ SPA SSG ISR
Foreword > This article would like to introduce what the terms in front-end SSR/MPA CSR/SPA SSG ISR mean. After all, it is a very common word. SSR (Server Side Render) and MPA (Multi-Page Application) The full name of SSR: Server Side Render. The Chinese translation is server rendering. What does server rendering mean? For example, […]
Use python’s selenium library to automatically batch refresh the courseware videos of the Yangtze River Rain Classroom
I recently discovered that the online general education course I chose has uploaded courseware on Rain Classroom. I counted more than 100 videos in total, with an average duration of 5-20 minutes. However, the progress bar of Rain Classroom videos cannot be manually pulled or adjusted. Playback speed, so it will be very time-consuming to […]
Network Security-SSRF Vulnerability Principles, Attacks and Defenses
Table of Contents Overview principle Exploring SSRF vulnerabilities Utilization skills Attack examples bypass defense tool refer to Overview SSRF (Server-Side Request Forgery) is a security vulnerability in which an attacker constructs a request and the server initiates the request. Typically, SSRF attacks target internal systems that are inaccessible from the outside network because server requests […]
Laboratory classroom desktop control system based on Java+MySQL
Table of contents Chapter 1 Project Background 2 1.1 Background and significance 2 1.2 Comparison with similar products 2 1.3 Full text overview 3 Chapter 2 Overall system design plan 3 2.1 Technologies used 5 2.2 My job 7 Chapter 3 Specific work responsible for the project 9 3.1 Server 9 3.2 Arduino controlled system […]
[Algorithm Mini Classroom] Binary Search Algorithm
Simple idea: When we want to find an element from a sequence, the fastest way to think of is the sequential search method (ie: search from front to back). But this method is too brainless, and it means violently checking every element. It’s okay when the number of elements is small. Once the number of […]