SEARCH KEYWORD -- TOP POSTS


  How does JGSS read Windows native TGT credential?

MS LSA is a protected subsystem that authenticates and logs users onto the local system. The user credential is stored at the native credential cache of LSA on Windows. This kind of credential is often used to authenticate the user to the server, one of the authentication methods is Kerberos. JGSS has provided a native interface which can read the native TGT credential and use it to get the TGS of a service. But how does JGSS read the native TGT credential? Here is a sample code for reading nati...

   KERBEROS,JGSS,MS LSA,NATIVE CREDENTIAL,TGT,SESSION KEY TYPE     2015-03-25 03:42:32

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  One thought about JavaScript exception handle

Due to network, browser and cache issues, the JS executed in production may produce different results from the testing environments. Sometimes they may produce exceptions. Front-end developers may encounter this kind of exceptions frequently. But how to log and use them is seldomly considered by them. Actually, exception handling includes two steps : log and use. 1. Log Regarding to log error, this is relatively convenient, since in each browser, there is one interface called window.onerror. win...

   JaavScript,Log,Exception,Email     2013-03-18 12:50:21

  Cool things you can do with iPhone

Nowadays smart phones have plenty of cool features you can get to know without reading the manuals. But do you know there are some useful but less well known features which can ease our life? In this post, we will share with you some cool features on iPhone. If you have an iPhone with, go and get a try. 1. Use Google Map as free GPS While traveling abroad, you can use Google Maps as a free GPS without an international data plan by making use of it's hidden offline maps feature.You can use this f...

   iPhone,Feature     2013-10-05 07:28:07

  Writing Java codes conforming to coding standard

Recently, I was doing some cleanup to one of my current Java project. I find there are many codes which are not conforming to the Java coding standard. So I list them here and hope that people can improve your codes and write maintainable codes. Format source code and manage imports in Eclipse Eclipse provides functions of auto-formatting and imports management, you can use following shortcuts to use these functions. Ctrl+Shift+F --> Format source code Ctrl+Shift+O -- Manage imports an...

   Java, Code standard,Style     2012-09-18 12:50:28

  Who’s the winner: Python vs. Java, C/C++?

If there is one debate that never dies in the language community then it is this: Who’s the winner: Python Vs Java, C/C++. Obviously each has its own pros and cons, but in which language do the pros outnumber the cons or which language has better cons than others! For some it just comes down to familiarity, they like what they like!   The Numbers  But as far as the rest of the language world goes, the debate is still out there. By last count, Java, C and C++ were still winning. A...

   JAVA,INDIA,DEVELOPERS     2017-09-11 00:38:25

  Some famous article aggregators

Blogs are still very important places for people sharing their thoughts about something although some social media platforms have replaced some of these capabilities. As a blog writer, how can you let others know what you are thinking about? Besides your friends and social media platforms, there are some article aggregators around us which can help us promote our articles. Other than some aggregators like Google News, readers can submit articles to these sites themselves What are some famous art...

   News aggregator,Reddit,Digg,Hacker News     2013-08-12 03:34:37

  How DNS lookup works

When accessing a website, a domain name would be needed normally. To get to the actual web server, the domain name must be mapped to an actual IP address and the IP address will be used to reach the web server. The process of finding the IP address from a domain name is called DNS lookup.  How does DNS lookup work? There are tons of domain name and IP address around the world, there must be some well-designed architecture to support fast lookup. This post will explain how this works. DNS Se...

   DNS,DNS LOOKUP     2022-09-09 23:11:03

  Remove browse button from input type=file

In Web 2.0 era, many websites will ask the user to upload their avatar when creating their profile. In HTML, the input control we should use is input="file". This is a file control provided by the browser vendor and it should be ran in a sandbox for security consideration. Browsers don't provide ways to choose file from local and upload to the remote server without the input="file" control.  There is one annoying part about the input="file", which is a default button named "Choose File" or...

   file,html,browse,remove browse button     2015-07-12 05:17:51

  Ways to check existence of JavaScript object

The design of JavaScript is not so sophisticated. It's very easy for us to make mistakes if we are not very careful when using JavaScript. For example, to check the existence of JavaScript object. Now we want to check whether a global object myObj exists or not, if it doesn't exist, we declare it. The pseudo code for this is : if(myObj not exist){ declare myObj; } You may think it's very easy to write the code. In fact, it is much more difficult than we may think. Juriy Zaytsev says there are m...

   JAVASCRIPT,OBJECT,EXISTENCE     2020-09-12 02:14:02

RECENT