当前位置:网站首页>Flow characteristics of kitchen knife, ant sword, ice scorpion and Godzilla
Flow characteristics of kitchen knife, ant sword, ice scorpion and Godzilla
2022-07-05 17:18:00 【qq_ fifty-one million five hundred and fifty thousand seven hun】
Ant sword :
ini_set
ini_set_time
ini_set_limit
@ini_set(“display_errors”,“0”)
Part of the code is transmitted in clear text , Better identification
kitchen knife :
The old version adopts plaintext transmission , It's very recognizable
The new version uses base64 encryption , The detection idea is to analyze traffic packets , Find a lot of base64 You need to pay attention to encrypting ciphertext
Ice scorpion :
Ice scorpion 1: Ice scorpion 1 There is a key negotiation process , This process is plaintext transmission , And there are two flows , Used to verify
Ice scorpion 2: Because there are many built-in UA head , So when one is the same IP Repeated requests , however UA You need to pay attention when your head is different
Ice scorpion 3: Because the negotiation process is omitted , So you can bypass a lot of traffic , But other features remain , such as ua head
Ice scorpion packets are always accompanied by a large number of content-type:application What, what , No matter what GET still POST, Requested http in ,content-type by application/octet-stream
And their accept Such lengths are always equal , Normally, according to the application scenario and different files , The length is different
Godzilla :
cookie There is a small mistake in this value , Is a normal request cookie There is no semicolon at the end , Subsequent authors may make adjustments
And response , Godzilla will respond three times , And I think there is another place to pay attention to webshell Connect , Therefore, a long-term connection is usually set , therefore connection It's going to be here keep-alive
边栏推荐
- 精准防疫有“利器”| 芯讯通助力数字哨兵护航复市
- C#(Winform) 当前线程不在单线程单元中,因此无法实例化 ActiveX 控件
- Precision epidemic prevention has a "sharp weapon" | smart core helps digital sentinels escort the resumption of the city
- CMake教程Step3(添加库的使用要求)
- 通过proc接口调试内核代码
- About JSON parsing function JSON in MySQL_ EXTRACT
- C# TCP如何设置心跳数据包,才显得优雅呢?
- Debug kernel code through proc interface
- URP下Alpha从Gamma空间到Linner空间转换(二)——多Alpha贴图叠加
- First day of learning C language
猜你喜欢
Use JDBC technology and MySQL database management system to realize the function of course management, including adding, modifying, querying and deleting course information.
CMake教程Step4(安装和测试)
Copy mode DMA
Learnopongl notes (II) - Lighting
Browser rendering principle and rearrangement and redrawing
Read the basic grammar of C language in one article
Judge whether a string is a full letter sentence
npm安装
Using C language to realize palindrome number
Three traversal methods of binary tree
随机推荐
Rider 设置选中单词侧边高亮,去除警告建议高亮
Tips for extracting JSON fields from MySQL
Embedded-c Language-2
How MySQL uses JSON_ Extract() takes JSON value
CMake教程Step6(添加自定义命令和生成文件)
[Jianzhi offer] 61 Shunzi in playing cards
Three traversal methods of binary tree
First day of learning C language
npm安装
The first lesson of EasyX learning
CMake教程Step4(安装和测试)
ThoughtWorks global CTO: build the architecture according to needs, and excessive engineering will only "waste people and money"
[Jianzhi offer] 66 Build product array
【剑指 Offer】61. 扑克牌中的顺子
【7.7直播预告】《SaaS云原生应用典型架构》大咖讲师教你轻松构建云原生SaaS化应用,难题一一击破,更有华为周边好礼等你领!
Is it safe to open futures accounts online? Will there be more liars online? Doesn't feel very reliable?
【testlink】TestLink1.9.18常见问题解决方法
easyNmon使用汇总
基于51单片机的电子时钟设计
Error in composer installation: no composer lock file present.