当前位置:网站首页>A real penetration test
A real penetration test
2022-07-04 07:09:00 【Distant sky】
Summary of the future :
Idle and boring , I came across a website , forehead ... There are many advertisements
A sudden impulse , Casually take the missing scanning tool and sweep it around , Several vulnerabilities were found , All are xss Loophole
" Test a wave with curiosity , Manually tested payload They all failed , The website "(" ,")" ,"<","> and "alert" Wait until these keywords are filtered out . No way out . Only hard —> Run directly to the dictionary , For xss Vulnerability dictionary payload test .
Finally, a lot of useful things are measured payload
Randomly choose a few tests , Successful pop-up !
At present, only one vulnerability has been tested , Other vulnerability points have not been tested .
As a student who has studied network security law , Of course, I know that I can't do things that harm others , Especially such a conscientious sharing website , Never destroy .
边栏推荐
- 图的底部问题
- Shopping malls, storerooms, flat display, user-defined maps can also be played like this!
- The final week, I split
- Mobile adaptation: vw/vh
- BasicVSR++: Improving Video Super-Resolutionwith Enhanced Propagation and Alignment
- Computer connects raspberry pie remotely through putty
- Tar source code analysis Part 2
- Recursive Fusion and Deformable Spatiotemporal Attention for Video Compression Artifact Reduction
- Cell reports: Wei Fuwen group of the Institute of zoology, Chinese Academy of Sciences analyzes the function of seasonal changes in the intestinal flora of giant pandas
- Deep profile data leakage prevention scheme
猜你喜欢
Bottom problem of figure
Cervical vertebra, beriberi
Su Weijie, a member of Qingyuan Association and an assistant professor at the University of Pennsylvania, won the first Siam Youth Award for data science, focusing on privacy data protection, etc
The cloud native programming challenge ended, and Alibaba cloud launched the first white paper on application liveliness technology in the field of cloud native
《剑指Offer》第2版——力扣刷题
notepad++如何统计单词数量
Splicing plain text into JSON strings - easy language method
Knowledge payment applet dream vending machine V2
![[Mori city] random talk on GIS data (I)](/img/e4/2a2ceb10a2c0285cdd0c922f827930.png)
[Mori city] random talk on GIS data (I)
Review of enterprise security incidents: how can enterprises do a good job in preventing source code leakage?
随机推荐
抽奖系统测试报告
Computer connects raspberry pie remotely through putty
How does the inner roll break?
Splicing plain text into JSON strings - easy language method
Uniapp applet subcontracting
图的底部问题
请问旧版的的常用SQL怎么迁移到新版本里来?
响应式——媒体查询
MySQL 45 lecture learning notes (XIII) delete half of the table data, and the table file size remains the same
Tar source code analysis Part 7
[MySQL transaction]
Redis - detailed explanation of cache avalanche, cache penetration and cache breakdown
"Sword finger offer" 2nd Edition - force button brush question
[Mori city] random talk on GIS data (I)
centos8安装mysql.7 无法开机启动
Responsive mobile web test questions
Tar source code analysis 4
Recursive Fusion and Deformable Spatiotemporal Attention for Video Compression Artifact Reduction
Vulhub vulnerability recurrence 76_ XXL-JOB
How can the old version of commonly used SQL be migrated to the new version?