SEARCH KEYWORD -- DATABASE SUPPORT


  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Microsoft is transforming XBox into a PC controlled by expressions

According to the Voice of China "News Coverage" report. When Apple products are changing  the world, the original computer giant Microsoft is also quietly looking for their new foothold in the field of electronics. This time the breakthrough is from its game console Xbox.Xbox was originally a single function console, there are signs that Microsoft may be planning for the Xbox into the computer with new functions. The selling point of this new product lies in its function of communic...

   Microsoft,XBox,New PC,China     2012-04-01 06:57:04

  Popular Golang JSON libraries evaluation

JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...

   FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON     2021-12-11 23:13:23

  Why TCP needs 3 handshakes

Prerequisite Knowledge First, let's look at the control bits and state machine of TCP, which form the basis for understanding the three-way handshake of TCP. TCP Packet Control Bits The control bits in the TCP packet header are used to control the status of the TCP connection and can indicate various control information such as connection establishment, termination, reset, etc. There are six common control bits: SYN (Synchronize Sequence Numbers): Requests to establish a connection (part of the...

   REASON,NETWORK,TCP,EXPLANATION,HANDSHAKE     2024-09-28 08:57:52

  Publish Your Go Package on pkg.go.dev

go.dev is a site where various resources for Go developers are shared, such as “Get Started”, Tutorial, Packages (pkg.go.dev), and all the official blogs. Among them, Packages is where I visit most, which allows free access to all the open-source Go packages submitted by communities including the native Golang packages. Thanks to all the contributors, I enjoy the great benefit, and sometimes I want to be a contributor myself. Let’s submit a “complete” package t...

   GO.DEV,PUBLISH PACKAGE,GOLANG     2022-06-12 00:31:20

  How to make select in WinSock exceed the 64-socket limit

When doing cross-platform network programming, the only API available on Windows that corresponds to the epoll/kevent style reactor event model is select. However, it has a limitation: the number of sockets passed into select cannot exceed FD_SETSIZE, which is set to 64. Therefore, select in Java’s NIO on Windows also has the same limit. Many services ported to Windows that use the reactor model face this constraint, which often gives the impression that server programs on Windows hav...

   EXCEED,SELECT,JAVA,WINDOWS     2024-10-31 23:47:50

  Use DTrace to diagnose gdb issues

A few days ago, I installed the newest 64-bit gdb program (version 7.7.1) on Solaris 10 (X86_64 platform) to debug programs. After playing with the gdb a day, I found 2 issues about gdb:(1) The "set follow-fork-mode child" command doesn't take effect. By default, after the parent process forks the child process, the gdb will track the parent process, so this command can make gdb begin to follow the child process. But this command works OK on Linux.(2) The gdb can't parse the 32-bit application c...

   DTrace, debug, gdb, UNIX     2014-06-28 05:11:20

  Top 25 Must Have Wordpress Plugins for 2016

There are nearby 30 thousand WordPress plug-ins available in the market. But you must know the plug-ins, that are worthy for you according to your business & requirements. Here is the list of top 25 WordPress plug-ins according to me & my team that may helpful for you.   1. WordPress SEO by Yoast - Best SEO plugin:   Yoast SEO, previously known as a WordPress SEO by Yoast, specially used to boost search engine traffic on your WordPress website. Just install this plug-in and be...

   WORDPRESS PLUGIN DEVELOPMENT,MUST HAVE WORDPRESS PLUGINS,BEST WORDPRESS PLUGINS FOR WEBSITE,WORDPRES     2016-03-10 05:04:26

  All I Know About Certificates -- Clients

 Finally, in last article we’ve covered the responsibilities of CAs, showing that being a CA isn’t simple and has high management costs, explaining why issuing certificates costs money! This article we will cover the client in this chain. Verifying Certificates as a Client For clients, verifying certificates isn’t simple either. Articles introducing TLS handshakes often mention "the server sends back a certificate, and the client verifies it," but in reality, as ...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:24:30

  Go Error Best Practice

Being indulged in Go for quite a while and having implemented web-related programs, grpc interfaces and Operators, I seem to be an advanced beginner now. However, I am still a raw hand in production-environmental debugging, which is cumbersome if done by querying logs or error messages. Imagine the scenario that a full-text search is called when the specific location of the error log is missing. Then what happens when those error logs are not only in one place? Yes, my error logs can no longer h...

   GO ERROR,ERROR HANDLING     2021-10-07 07:38:28

RECENT