HackingTeam, a monitoring software development company based in Italy, was hacked recently, and 415GB files were leaked. The data leaked by HackingTeam involves at least several remote code execution and entitlement vulnerability targeting Android4.4 or below.

Preface: This article: the CMS version is 4.2. The following vulnerabilities are included in CNVD. Environment note: PHP version should use 7.0.9. SSRF: According to the function point directed audit, in the background toolbar has a collection function, according to experience this kind of

Abstract: After the restart of the maintenance of Dubbo, Ali technology in the open source dynamic, at the China Open Source annual meeting, Alibaba formally opened its own Pouch container technology. At the China Open Source Annual Conference, Alibaba officially opened the Pouch container technology based on the Apache 2.0 protocol. Pouch is a lightweight container technology that is fast, efficient, and portable...

Blockchain technology is hot recently, most articles are popularizing the concept of blockchain. Blockchain is likely to be the underlying technology for connected applications in the next decade, in projects across a wide range of industries. For example: commodity traceability, traditional traceability system uses centralized data storage data, in fact, such data for the holder, how to modify, how to modify, then how much credibility of its data? There's even been a silver...

Open_basedir can restrict user access to a file to a specified area, usually the path to its directory, or the current directory can be represented by the "." symbol. Second, the Bypas

0x00 Background "green software" usually refers to those small software that can be used without installation. These small software can be used directly after running, and will not leave any keys and files in the registry, system directory, etc., and can even be directly placed in the USB disk, CD-ROM and other mobile media at any time

With the rapid development of big data and artificial intelligence, privacy data leakage and abuse happen from time to time, and privacy security has been paid more and more attention. The country will implement the Password Law in 2020 and the Personal Information Protection Law in 2021, with higher requirements for personal privacy data and data security encryption.

The pursuit of excellence craftsman spirit, polishing quality code. Full understanding, guided by technical awareness, is the direction of individual learning, team communication and project cooperation. 1. [Recommended] Resource files must be prefixed with modules. 2, 【 recommended 】 Layout file naming method. 3, 【 recommended 】 Drawable resource names are lowercase words and underscores (_).

As we said in the previous chapter, Android applications run in a sandbox and by default only have access to their own files and a very limited set of system services. To interact with the system and other applications, Android applications can request a set of additional permissions granted at installation and cannot change them (with some exceptions, which are discussed below). On Android, permissions...

0x00 Background When performing security tests at the Web level, it is unavoidable to perform man-in-the-middle agent to intercept packets for analysis. Common tools include BurpSuit, Fiddler, Charles, etc. The use of these tools is well documented on the web, so I won't go into details here. However, in test one