[NISACTF 2022]损坏的flag
本篇将分享一道关于 USB 流量分析的 CTF 题目解题思路,题目来自 [NISACTF 2022]损坏的flag。 1. 识别文件类型并加载 文件类型识别:使用 010 Editor 打开附件 atta.NISACTF_2022flag,观察到其文件头为 D4 C3 B2 A1,这是 libpcap 格式的典型特征(Magic Number)。 加载流量包:将文件名后缀修改为 .pcap,然
Redis4-unacc未授权访问漏洞复现
Redis4-unacc未授权访问漏洞复现一、报告目的1.1 报告对象:授课老师和一起学习的同学1.2 报告目的详细阐述 Redis 未授权访问漏洞复现的实验过程,包括环境搭建、漏洞利用步骤等,让读者清晰了解该漏洞的利用原理和危害;深入分析实验过程中产生的日志数据,总结漏洞利用过程中的行为特征,为漏洞防范提供依据;通过实验总结经验教训,提出有效的漏洞修复建议和安全防范措施,提升自身及他人的安全意识
solr 远程命令执行 (CVE-2019-17558)漏洞复现
solr 远程命令执行 (CVE-2019-17558)漏洞复现一、报告目的1.1 报告对象系统安全运维人员:该报告提供了 Apache Solr 中 CVE-2019-17558 漏洞的详细复现过程,可以帮助运维人员理解漏洞的特性,识别系统是否受到影响,并采取相应的安全加固措施。 渗透测试人员:报告展示了漏洞的利用方法和攻击特征,有助于渗透测试人员了解如何验证目标系统的漏洞是否存在,并模拟攻击进
Stored XSS Vulnerability in MetInfo CMS Webset Module via SVG Upload
Stored XSS Vulnerability in MetInfo CMS Webset Module via SVG UploadVulnerability DescriptionA stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulne
Stored XSS Vulnerability in MetInfo CMS via SVG File Upload
Stored XSS Vulnerability in MetInfo CMS via SVG File UploadVulnerability DescriptionA stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability
Stored XSS Vulnerability in MetInfo CMS Download Module
Stored XSS Vulnerability in MetInfo CMS Download ModuleVulnerability DescriptionA stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exis
Stored XSS Vulnerability in MetInfo CMS Column Module
Stored XSS Vulnerability in MetInfo CMS Column ModuleVulnerability DescriptionA stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists
Stored XSS Vulnerability in MetInfo CMS Image Module
Stored XSS Vulnerability in MetInfo CMS Image ModuleVulnerability DescriptionA stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0. The vulnerability exists
