SEARCH KEYWORD -- PORT FORWARD


  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Big file transfer in Linux

It's very common that we need to transfer files between two different hosts such as backups. It is also an very simple task, we can use scp or rsync to complete the task well. But what if the file is very big, it may take some time to transfer it. How can we transfer a big file with high speed? Here we propose one solution. Copy file If we copy one uncompressed file, then we should follow below steps: Compress data Send it to another host Uncompress the data Verify the data integrity This will...

   Linux, SCP,ZIP     2013-01-10 05:55:50

  The Best Wireless Headphones for Everyday Use

Wireless headphones have consumed a little bit of slamming during the previous six months, complying with Apple's debatable choice to clear the newest set of Apple iPhone of the reliable old earphone port. HTC observed fit using the U Ultra and also in businesses and undergone lots of objection from both customers and market professionals. Several sets are more concentrated on sports and also exercise and set in additional functions to perform so that some others are created mainly for hearing t...

   HEADPHONES,WIRELESS     2017-10-12 10:54:56

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  WireGuard VPN: Setup WG_VPN client App on Android phone and connect to local WG_VPN server on VM

We will show the detail steps about how to setup the WireGuard VPN client on an Android phone/pad and configure the VPN client to connect a WG_VPN server in local network. The setup process contents three main steps: Install WireGuard and create a key-pair in WireGuard client. Add the Android client peer information in the WireGuard server’s config file. Config the Android WireGuard client to connect to the server. The test environment network configuration:  Step 1. Install Wire...

   WIREGUARD,VPN,TUTORIAL     2020-10-24 08:46:42

  Why Use Java?

 Java was developed by Sun Micro-systems back in 1995 to function as high level programming language and serve as a computing platform. This gets regularly updated with new features and better compatibility. The latest version is Java SE 8.0 which released in 2014, March. Java has gained immense popularity while there have been various platforms to match up with the Java configurations like Java SE for Macintosh, Windows and UNIX, Java ME for Mobile Applications and Java EE for Enterpr...

   JAVA APPLICATION DEVELOPMENT,JAVA WEB DEVELOPMENT,JAVA OUTSOURCING COMPANY     2018-07-06 00:05:31

  Guide on recovering data in MySQL

In our daily work, there might be mistakes made which got some data or even databases deleted in MySQL. If this happens on production, it would be a nightmare. In case this happens, normally DBA would jump in to save the world. And they would try to recover the data from the backup if there is any. But if there is no backup, then the show stops. Hence database backup is necessary on production environments to avoid such awkward situation. Also normally in MySQL, binlog should be enabled as well ...

   MYSQL,DATABASE,BACKUP,BINLOG,EXAMPLE     2020-08-26 07:50:30

  Python PLC Honeypot: Env Deployment And Attack Detection

In the previous article, we introduced the design of Python PLC Honeypot Project, this article will provide detailed step-by-step instructions on how to deploy and use the honeypot system in your environment for detecting potential attacks on OT (Operational Technology) networks. The article includes three main section:   Design of Attack Alert and Notification Function Honeypot deployment: an example deployment of a mixed OT protocol honeypot, consisting of a simple setup with...

       2024-12-01 00:27:33

  It makes nothing but sense...Mobile Payment...

Chinese New Year is around the corner, every place in China and lots of places in the work have been in the CNY mode. People are rushing out to get all the stuff ready to welcome the New Year Eveand the Spring Festival. I also packed my stuff and flew back to my howntown in China to enjoy the great moment to stay with families and hang out with friends whom I have't been seeing for almost one year. I am exited... However, the first thing stunned me is not my friends but the mobile payment s...

   CHINA,WECHAT PAY,ALIPAY,MOBILE PAYMENT     2018-02-12 00:07:46

  9 reasons to use Zsh

Like majority *nix users, I have been using bash for many years. Sometimes I feel uncomfortable with bash. I tried use some other shells as well such as ksh, tcsh and zsh which I am going to talk about. A few days ago, I found an open source project ranking in the 6th named oh-my-zsh on Github, I downloaded it and had a try with it. It's amazing. We should use zsh to replace bash now. Why do we need to use zsh? Here is a 4 minutes YouTube video which shows many reasons why we should switch from ...

   zsh, advantage, command     2012-09-28 12:46:39

RECENT