Apple Mac OS X FileVault明文密码本地安全绕过漏洞
No Comments | 文章转载 | by 陆羽 | 206 Views. | 2012-05-08, 4:49 PM设计错误
危险等级
中
影响系统
Apple mac Os X 10.7.3
不受影响系统
危害
本地攻击者可以利用漏洞获得密码信息。
攻击所需条件
攻击者必须访问Apple Mac OS X。
漏洞信息
Apple Mac OS X是一款苹果公司开发的操作系统。
当使用”Legacy FileVault时FileVault中会启用调试开关,这可导致用户的密码以明文方式保存在DEBUGLOG中,通过”FireWire target disk mode”模式启动读取密码信息。
测试方法
厂商解决方案
目前没有详细解决方案提供:
http://www.apple.com/macosx/
漏洞提供者
tarwinator
用php curl实现动态host配置
No Comments | 文章转载 | by 陆羽 | 294 Views. | 2012-05-04, 2:23 PM版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息
基于http的接口越来越多,除了看接口文档,更多时候都需要着搭配不同的参数去实际请求一下,看看返回值,很多open api都有附带网页版的调试工具来做这个事情,例如淘宝api测试工具
开发的时候,往往都会在测试服务器上搭建接口服务供开发调试,为了避免互相影响,不同的开发小组也会有不同的接口测试服务器,这样一来,就需要在运行代码的机器上设置host,用同样的域名来请求不同的服务器
近来想用php做一个通用的、网页版的http接口测试工具,那上述的host设置就成了一个问题,假设有两个开发小组同时来使用这个工具,用同样的域名请求同样的接口,但http请求却需要发送到不同的服务器,改服务器的host肯定是不行了
接下来的思路比较极端,用php做socket编程,自己构造tcp请求和http请求自然为所欲为,http协议虽然简单,但此做肯定会遇到很多现在没考虑到的细节问题,再加上好好的curl摆着不用也觉得可惜,把curl的option翻了一遍,没有找到适合的选项,但想想也不奇怪,我这个需求比较另类,怨不得curl,再仔细想想,在协议层面,tcp在4层,http在7层,两层并不依赖,想办法避免tcp目标主机由url的host解析而来即可,于是试了试curl的http proxy相关选项,成功!PHP代码如下
» 阅读全文
Mac Lion iChat上MSN等聊天工具方法
No Comments | 原创文章 | by 陆羽 | 437 Views. | 2012-05-03, 1:58 PM1)不安全,第三方服务器可以完整记录你的所有聊天信息
2)不稳定,经常导致频繁掉线,或者服务器不可用,需要寻找新的Jabber服务器
3)不统一,可能要为上不同的协议连接不同的服务器
当然你可以使用Adium,但是如果你就是喜欢使用和系统集成更好的iChat,这篇文章就是你想看的:本地安装一个独享的Jabber服务器。这看上去很难,但实际上你只要会点Yes和No就能轻松搞定,不需要在命令行里打任何命令。
» 阅读全文
configure: error: Cannot find ldap libraries in /usr/lib 解决办法
No Comments | 文章转载 | by 陆羽 | 291 Views. | 2012-05-03, 12:03 PM
centos 6.2安装LNMP错误:configure: error: Cannot find ldap libraries in /usr/lib
解决办法:
cp -frp /usr/lib64/libldap* /usr/lib/
修改Mac lion默认截图保存格式及路径
No Comments | 文章转载 | by 陆羽 | 322 Views. | 2012-05-02, 12:57 AM
defaults write com.apple.screencapture location ~/Downloads #修改保存路径 defaults write com.apple.screencapture type jpg #修改保存格式 killall SystemUIServer #结束界面进程,使上面设置生效
删除禁用Mac lion 客人用户
No Comments | 文章转载 | by 陆羽 | 324 Views. | 2012-05-02, 12:55 AM安装某驱动后出现的,解决方法如下:偏好设置-安全性与隐私 输入密码,然后勾选“停用屏幕在锁定时重启启动到safari”
MySQLDumper 1.24.4 LFI / XSS / CSRF / Code Execution / Traversal
No Comments | 文章转载 | by 陆羽 | 498 Views. | 2012-05-01, 11:07 AM» 阅读全文
Discuz! X2.5 远程代码执行漏洞及EXP[XDAY]
1 Comment | 文章转载 | by 陆羽 | 1238 Views. | 2012-04-29, 1:11 PMAuthor: 北北
刚群里黑哥丢出个乌云的链接:http://www.wooyun.org/bugs/wooyun-2012-06420
问谁上,我说我上吧,职业病,看到discuz dede啥的漏洞一下就精神了,哈哈……
过程简单说下,记的有点乱不贴太多代码了
diff一下看
» 阅读全文
两个python写的proxy脚本分享
No Comments | 文章转载 | by 陆羽 | 401 Views. | 2012-04-29, 1:03 PMproxy_http.py
# encoding=utf-8
# Usage: python filename.py
# Background Run: nohup python filename.py 2079 &
# http://yaonie.org/
import socket, thread, select, sys
BUFLEN = 8192
HTTPVER = 'HTTP/1.1'
class ConnectionHandler:
def __init__(self, connection, address, timeout):
self.client = connection
self.client_buffer = ''
self.timeout = timeout
self.method, self.path, self.protocol = self.get_base_header()
if self.method=='CONNECT':
self.method_CONNECT()
elif self.method in ('OPTIONS', 'GET', 'HEAD', 'POST',):# 'PUT','DELETE', 'TRACE'):
self.method_others()
self.client.close()
self.target.close()
def get_base_header(self):
while 1:
self.client_buffer += self.client.recv(BUFLEN)
end = self.client_buffer.find('\n')
if end!=-1:
break
print '%s'%self.client_buffer[:end]#debug
data = (self.client_buffer[:end+1]).split()
self.client_buffer = self.client_buffer[end+1:]
return data
def method_CONNECT(self):
self._connect_target(self.path)
self.client.send(HTTPVER+' 200 Connection established\nProxy-agent: %s\n\n') % \
r"Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)')"
self.client_buffer = ''
self._read_write()
def method_others(self):
self.path = self.path[7:]
i = self.path.find('/')
host = self.path[:i]
path = self.path[i:]
self._connect_target(host)
self.target.send('%s %s %s\n'%(self.method, path, self.protocol)+self.client_buffer)
self.client_buffer = ''
self._read_write()
def _connect_target(self, host):
i = host.find(':')
if i!=-1:
port = int(host[i+1:])
host = host[:i]
else:
port = 80
(soc_family, _, _, _, address) = socket.getaddrinfo(host, port)[0]
self.target = socket.socket(soc_family)
self.target.connect(address)
def _read_write(self):
time_out_max = self.timeout/3
socs = [self.client, self.target]
count = 0
while 1:
count += 1
(recv, _, error) = select.select(socs, [], socs, 3)
if error:
break
if recv:
for in_ in recv:
data = in_.recv(BUFLEN)
if in_ is self.client:
out = self.target
else:
out = self.client
if data:
out.send(data)
count = 0
if count == time_out_max:
break
def start_server(host, port, IPv6=False, timeout=60, handler=ConnectionHandler):
if IPv6==True:
soc_type=socket.AF_INET6
else:
soc_type=socket.AF_INET
soc = socket.socket(soc_type)
soc.bind((host, port))
print "Serving on %s:%d."%(host, port)#debug
soc.listen(0)
while 1:
thread.start_new_thread(handler, soc.accept()+(timeout,))
if __name__ == '__main__':
if len(sys.argv) != 2:
print 'usage: python %s port' % sys.argv[0]
sys.exit()
try:
port = int(sys.argv[1])
except:
print 'usage: python %s port' % sys.argv[0]
sys.exit()
start_server('10.1.14.2',port)
# encoding=utf-8
# Usage: python filename.py
# Background Run: nohup python filename.py 2079 &
# http://yaonie.org/
import socket, thread, select, sys
BUFLEN = 8192
HTTPVER = 'HTTP/1.1'
class ConnectionHandler:
def __init__(self, connection, address, timeout):
self.client = connection
self.client_buffer = ''
self.timeout = timeout
self.method, self.path, self.protocol = self.get_base_header()
if self.method=='CONNECT':
self.method_CONNECT()
elif self.method in ('OPTIONS', 'GET', 'HEAD', 'POST',):# 'PUT','DELETE', 'TRACE'):
self.method_others()
self.client.close()
self.target.close()
def get_base_header(self):
while 1:
self.client_buffer += self.client.recv(BUFLEN)
end = self.client_buffer.find('\n')
if end!=-1:
break
print '%s'%self.client_buffer[:end]#debug
data = (self.client_buffer[:end+1]).split()
self.client_buffer = self.client_buffer[end+1:]
return data
def method_CONNECT(self):
self._connect_target(self.path)
self.client.send(HTTPVER+' 200 Connection established\nProxy-agent: %s\n\n') % \
r"Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)')"
self.client_buffer = ''
self._read_write()
def method_others(self):
self.path = self.path[7:]
i = self.path.find('/')
host = self.path[:i]
path = self.path[i:]
self._connect_target(host)
self.target.send('%s %s %s\n'%(self.method, path, self.protocol)+self.client_buffer)
self.client_buffer = ''
self._read_write()
def _connect_target(self, host):
i = host.find(':')
if i!=-1:
port = int(host[i+1:])
host = host[:i]
else:
port = 80
(soc_family, _, _, _, address) = socket.getaddrinfo(host, port)[0]
self.target = socket.socket(soc_family)
self.target.connect(address)
def _read_write(self):
time_out_max = self.timeout/3
socs = [self.client, self.target]
count = 0
while 1:
count += 1
(recv, _, error) = select.select(socs, [], socs, 3)
if error:
break
if recv:
for in_ in recv:
data = in_.recv(BUFLEN)
if in_ is self.client:
out = self.target
else:
out = self.client
if data:
out.send(data)
count = 0
if count == time_out_max:
break
def start_server(host, port, IPv6=False, timeout=60, handler=ConnectionHandler):
if IPv6==True:
soc_type=socket.AF_INET6
else:
soc_type=socket.AF_INET
soc = socket.socket(soc_type)
soc.bind((host, port))
print "Serving on %s:%d."%(host, port)#debug
soc.listen(0)
while 1:
thread.start_new_thread(handler, soc.accept()+(timeout,))
if __name__ == '__main__':
if len(sys.argv) != 2:
print 'usage: python %s port' % sys.argv[0]
sys.exit()
try:
port = int(sys.argv[1])
except:
print 'usage: python %s port' % sys.argv[0]
sys.exit()
start_server('10.1.14.2',port)
python连接mysql方法 by mysqldb
No Comments | 文章转载 | by 陆羽 | 413 Views. | 2012-04-29, 1:25 AM# -*- coding: utf-8 -*-
#mysqldb
import time, MySQLdb
#连接
conn=MySQLdb.connect(host="localhost",user="root",passwd="",db="test",charset="utf8")
cursor = conn.cursor()
#写入
sql = "insert into user(name,created) values(%s,%s)"
param = ("aaa",int(time.time()))
n = cursor.execute(sql,param)
print n
#更新
sql = "update user set name=%s where id=3"
param = ("bbb")
n = cursor.execute(sql,param)
print n
#查询
n = cursor.execute("select * from user")
for row in cursor.fetchall():
for r in row:
print r
#删除
sql = "delete from user where name=%s"
param =("aaa")
n = cursor.execute(sql,param)
print n
cursor.close()
#关闭
conn.close()
mysqldb安装方法详见http://www.5luyu.cn/archives/26/