-
The vBulletin team recently warned all their customers that their plug-in VBSEO had serious security vulnerabilities. VBSEO is a popular third-party seo module applied to vBulletin. Unfortunately, VBSEO officially stopped updating this plug-in last year, which means no one can provide an official patch for the vulnerability. Freebuf science popularization: vBulletin forum system VBulletin is a widely used PHP forum system in the world. Many large forums choose vBulletin to build their own communities. VBulletin is efficient, stable and safe read the whole passage
-
With the increasing number of free Wi Fi in public places in China, it has become a habit for many netizens to surf the Internet, transfer accounts, and taobao. However, as free Wi Fi has router and network vulnerabilities, it has also become the target of hacker attacks, leading to the leakage of Internet users' personal privacy, online banking theft and other cases from time to time. Network experts point out that hackers attack free Wi Fi, whose low technical threshold and simple operation make people feel cold sweat. Therefore, consumers must be cautious about free Internet access. Use simple technology to steal personal information Mr. Jin in Beijing uses read the whole passage
-
Recently, security expert Brian Krebs found a new attack method of "skimming scams to drain ATM cash". This attack method is not harsh, and only requires a smart phone and a USB interface circuit. In this way, hackers can attack NCR manufacturers' ATMs by using a Samsung Galaxy 4 mobile phone and a USB interface circuit to automatically spit out money. Attack Principle Although the Samsung mobile phone was used in the experiment, the specific model of the mobile phone is not important, because in the attacker's physics read the whole passage
-
Disclaimer: The security tools and procedures (methods) provided by this website may be offensive, and they are only used for security research and teaching at your own risk! Greek security researcher George Chatzisofroniou has developed a WiFi security testing tool called WiFiPhisher. Although there are many tools on the Internet that can crack the wireless network, WiFiPhisher is different from it. It does not need to use brute force attack to obtain the user's wireless WiFi password. If you are interested, you can download it on GitHub for free. WiFiPhisher principle 1.... read the whole passage
-
Vulnerability author: wilson 0x01 Vulnerability point Thinkphp leaks. Rice CMS is based on thinkphp. Just right, there was a team loophole~ Modify the user data, and directly put the user post data into save(). If it is an array, it will be injected 0x02 Vulnerability proof: read the whole passage