有安科技

摘要： {==============================================================================} { [ Zeelock-2005 ] } {=====================================... 阅读全文

摘要： HACKING WITH JAVASCRIPT Dr_aMado [Packetstorm editor's note: "hictor" previously claimed this work as his/hers. This appears to be a false claim, based on a person from triviasecurity.org claiming thi... 阅读全文

摘要： Author: Cheng Peng Su (applesoup_at_gmail.com) Date: August 7, 2006 We've all known that the main problem of constructing XSS attacks is how to obfuscate malicious code. In the following paragraphs ... 阅读全文

只有注册用户登录后才能阅读该文。 阅读全文

摘要： 该cms的核心配置文件/include/common.inc.php有缺陷 -------------------------------------------- //23行开始 @extract($_POST, EXTR_OVERWRITE); @extract($_GET, EXTR_OVERWRITE); unset($_POST, $_GET); --------------------... 阅读全文

只有注册用户登录后才能阅读该文。 阅读全文

摘要： About SQL Injection Cheat Sheet Currently only for MySQL and Microsoft SQL Server, some ORACLE and some PostgreSQL. Most of samples are not correct for every single situation. Most of the real world ... 阅读全文

摘要： http://www.baidu.com/index.php?bar="/**/style=xss:expression((window.r!=1)?eval('window.r=1;eval(unescape(location.hash.substr(1)))'):1);#alert%28%27www.safe3.cn%27%29 测试地址：运行 阅读全文

摘要： Published: September 12, 2007 By Chema Alonso, Microsoft Security MVP See other Security MVP Article of the Month columns. Introduction This article describes how attackers take advantage of SQL I... 阅读全文

摘要： javascript:R=0;%20x1=.1;%20y1=.05;%20x2=.25;%20y2=.24;%20x3=1.6;%20y3=.24;%20x4=300;%20y4=200;%20x5=300;%20y5=200;%20DI=document.images;%20DIL=DI.length;%20function%20A(){for(i=0;%20i-DIL;%20i++){DIS=... 阅读全文