BUGSEC.ORG

BugSec | 关注Web安全、渗透测试、代码审计

BugSec博客为广大热爱黑客技术的朋友无私的提供最新漏洞最新ODAY资料,在这里能学到更好的黑客入侵渗透技巧与经验!

http://www.bugsec.org/

OVERVIEW OF bugsec.org

TRAFFIC RANK

>1,000,000

REVIEWS

0

PAGES IN THIS WEBSITE

20

LINKS TO THIS WEBSITE

CONTACTS

ADDRESSES

SOCIAL LINKS

ONLINE SINCE

WEBSITE DETAILS

SEO

PAGES

SIMILAR SITES

TRAFFIC RANK FOR BUGSEC.ORG

TODAY'S RATING

>1,000,000

TRAFFIC RANK - AVERAGE PER MONTH

BEST MONTH

November

AVERAGE PER DAY Of THE WEEK

HIGHEST TRAFFIC ON

Friday

TRAFFIC BY CITY

Sign up

CUSTOMER REVIEWS

Average Rating: 3.9 out of 5 with 15 reviews

5 star

8

4 star

2

3 star

3

2 star

0

1 star

2

Hey there! Start your review of bugsec.org

AVERAGE USER RATING

Write a Review

WEBSITE PREVIEW

LOAD TIME

FAVICON PREVIEW

16x16
32x32
64x64
128x128

CONTACTS AT BUGSEC.ORG

BugSec

kengk

g●z

g●z , GD, 000000

CN

86.1●●●●2110

1@@2cto.com

View this contact

sss

kengk

g●z

g●z , GD, 000000

CN

86.1●●●●2110

1@@2cto.com

View this contact

sss

kengk

g●z

g●z , GD, 000000

CN

86.1●●●●2110

1@@2cto.com

View this contact

ADD CONTACT

Login

TO VIEW CONTACTS

Remove Contacts

FOR PRIVACY ISSUES

DOMAIN REGISTRATION INFORMATION

REGISTERED: n/a
UPDATED: 2014 August 10
EXPIRATION: EXPIRED REGISTER THIS DOMAIN

BUY YOUR DOMAIN

NAME SERVERS

1: ns1.360wzb.com
2: ns2.360wzb.com

REGISTRAR

Beijing Innovative Linkage Technology Ltd. (R1292-LROR)

WHOIS : whois.publicinterestregistry.net

REFERRED :

CONTENT

PAGES IN
THIS WEBSITE

20

SSL

EXTERNAL LINKS

93

SITE IP

121.42.40.169

LOAD TIME

0 sec

SCORE

6.2

PAGE TITLE

BugSec | 关注Web安全、渗透测试、代码审计 | bugsec.org Reviews

<META> DESCRIPTION

BugSec博客为广大热爱黑客技术的朋友无私的提供最新漏洞最新ODAY资料,在这里能学到更好的黑客入侵渗透技巧与经验!

<META> KEYWORDS

1 黑客技术

2 最新漏洞

3 黑客入侵

4 WEB安全

5 渗透测试

6

7 coupons

8 reviews

9 scam

10 fraud

CONTENT

Page content here

KEYWORDS ON PAGE

bugsec,导航菜单,业界资讯,技术分享,漏洞分析,工具收集,招聘启示,网站安全,周边生活,本站已开启https加密通道,最新文章,如何破解安卓手机上的图形锁九宫格锁,多步csrf漏洞场景及其利用,科诺康 codenomicon 招聘网络安全服务工程师,著名开源电子邮件加密软件gpg只有一个人维护，而且快破产了,lg手机认证权限绕过漏洞，可远程控制手机附poc和视频演示,随机文章,欧洲黑帽大会漏洞三篇,代码相似，著名间谍软件regin与键盘记录器qwerty出自同个作者,热门文章,初探验证码识别

CONTENT-TYPE

utf-8

GOOGLE PREVIEW

BugSec | 关注Web安全、渗透测试、代码审计 | bugsec.org Reviews

https://bugsec.org

BugSec博客为广大热爱黑客技术的朋友无私的提供最新漏洞最新ODAY资料,在这里能学到更好的黑客入侵渗透技巧与经验!

INTERNAL PAGES

bugsec.org

1

如何破解安卓手机上的图形锁（九宫格锁）

http://www.bugsec.org/10022.html

安卓手机的图形锁九宫格是3 3的点阵，按次序连接数个点从而达到锁定/解锁的功能。一般来讲，如果用过诸如豌豆荚手机助手、 360手机助手一类的软件，都会被要求打开调试模式的。那么这几个点的排列顺序是这样的 00 03 06 07 08。我们用数据线连接手机和电脑，然后ADB连接手机，将文件下载到电脑上命令 adb pull /data/system/gesture.key gesture.key ，如图. Adb pull /data/system/gesture.key gesture.key". 生成解锁序列，得到['00','01','02','03','04','05','06','07','08']. 将生成的排列全部存放到 list m 列表中. 00,03,06,07,08]- 0003060708. 从破解目的来说，如果单单是忘记了自己的手机图形锁密码，完全可以用更简单的办法 ADB连接手机，然后 adb rm /data/system/gesture.key 删除掉gesture.key文件，此时图形锁就失效了，随意画一下就能解锁。

2

工具收集

http://www.bugsec.org/tools

HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. 网络密码嗅探 Web/FTP/Email 工具 SniffPass. 网站压力测试工具低轨道离子炮 LOIC v1.0.8更新. Google出品开源Web App漏洞测试环境 Firing Range. PHP应用安全静态代码分析工具 WAP 2.0. 苹果设备 iPhone、iPad GPS定位工具 iSniff-GPS. ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. 你好，欢迎添加友情链接阿峰博客 http:/ www.afeng.org. Arrow: 贵站链接已添加, 断笔扶琴 www.iseesec.cn. 2013-2013 BUGSEC.ORG 京ICP备14031373号-3 基于 WordPress and BugSec.

3

1/4美国家庭受影响：摩根大通银行爆泄7600W数据

http://www.bugsec.org/5226.html

本月初，据卫报报道，美国第一大资产银行摩根大通已对外承认早前遭到未名黑客攻击，导致. 美国福布斯更补充说道，网络攻击不再是你们所知的2013年的Target数据泄露了，加上这次，半数的美国家庭都受到影响. 摩根大通心急如焚地指这次对金融的冲击规模可与之前的Target和Home Depot(家得宝，不是加多宝= = 信息泄露不一样的. 小编真是一波未平一波又起，安全漏洞与数据泄露此起彼伏，欲与天公试比高的节奏. 在Chase.com网站上，摩根大通银行向客户解释说你们存在摩根大通的钱是安全的不像最近发生的对零售商的攻击，目前我们还没发现有针对个人的诈骗活动与这次泄露有关. 一些具非常有用源代码分享百度指数破解最新版，NDIS实现类似P2P终结者功能代码,GOOGLE在线翻…. ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. 你好，欢迎添加友情链接阿峰博客 http:/ www.afeng.org.

4

漏洞分析

http://www.bugsec.org/papers

ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. CVE-2015-0235 exploit&wordpress poc. Internet Explorer EPM沙盒跳出漏洞的分析 CVE-2014-6350. CVE-2014-1806 .NET Remoting Services漏洞浅析. IPBoard 3.4.5中SQL注入漏洞的利用与分析. ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. 你好，欢迎添加友情链接阿峰博客 http:/ www.afeng.org. Arrow: 贵站链接已添加, 断笔扶琴 www.iseesec.cn. 2013-2013 BUGSEC.ORG 京ICP备14031373号-3 基于 WordPress and BugSec.

5

揭秘：恶意软件是如何操纵ATM机的

http://www.bugsec.org/5355.html

由卡巴斯基实验检测到的新款恶意软件Backdoor.MSIL.Tyupkin，影响来自一个主要ATM制造商并运行微软Windows 32位操作系统的ATM机。在最近的变种中版本d ，该恶意软件实现了反调试 anti-debugging 和抗仿真 anti-emulation 技术，并从受感染的系统上禁用McAfee Solidcore。 AptraDebug" = "C:Windowssystem32ulssm.exe". 然后，该恶意软件就能通过标准库MSXFS.dll 金融服务扩展，XFS 与ATM机进行交互了。 XXXXXX Shows the main window. 显示主窗口. XXXXXX Self deletes with a batch file. 通过batch文件进行自删除. XXXXXX Increases the malware activity period. 增加恶意软件的活跃时段. XXXXXX Hides the main window. 隐藏主窗口. CASH OPERATIONPERMITTED. 允许的现金操作. PLEASE WAIT. 请等待.

UPGRADE TO PREMIUM TO VIEW 15 MORE

TOTAL PAGES IN THIS WEBSITE

20

LINKS TO THIS WEBSITE

leesec.com

Leesec's Blog | 喜欢旅行、街舞、极限运动. | 第2页

http://www.leesec.com/page/2

PASS MIN LEN=8 #设定最小用户密码长度为8 越大越好. Cat /etc/pam.d/system-auth password required /lib/security/$ISA/pam cracklib.so retry=3 minlen=9 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1. Auth required pam tally2.so deny=3 unlock time=600 even deny root root unlock time=1200. Even deny root 也限制root用户. Root unlock time 设定root用户锁定后，多少时间后解锁，单位是秒. Ls -l /etc/passwd 644 or 600 or 000 ls -l /etc/shadow 600 or 000 ls -l /etc/group 644 or 600 or 000. Cat /etc/login.defs 查看umask 是否为027 or 077. Last awk '{print $1}' sort uniq.

leesec.com

工具：php实现穷举域名功能 | Leesec's Blog

http://www.leesec.com/archives/488

假设某网站域名为http:/ www.wangzhan.com，要实现这个功能. Http:/ www.aangzhan.com. Http:/ www.wangzhan.com. Echo 'string:'.$str zuo.' '.$str you. r n;. Echo $host. r n;. 2015 年 4 月 1 日. App安全测试之WebView rce学习笔记 →. A href= title= abbr title= acronym title= b blockquote cite= cite code del datetime= em i q cite= s strike strong. Python blind injection.py demo for mysql. Dedecms v5.7sp1 0day. WP Cumulus Flash tag cloud by Roy Tanck. Rookxy' s blog.

leesec.com

l2tp vpn | Leesec's Blog

http://www.leesec.com/archives/tag/l2tp-vpn

第一种 openswan xl2tpd 安装后，我发现这个只能用WINDOW连接，IOS系统连接不了VPN，所以被迫使用第二种方法。第二种 strongswan xl2tpd 安装后，IOS、WINDOW系统都可以连接成功。 2strongswan xl2tpd 一键安装脚本 Centos6.5亲测成功. 2015 年 3 月 5 日. Python blind injection.py demo for mysql. Dedecms v5.7sp1 0day. WP Cumulus Flash tag cloud by Roy Tanck. Rookxy' s blog.

leesec.com

leesec | Leesec's Blog

http://www.leesec.com/archives/author/admin

Python blind injection.py demo for mysql. Thread num ). Mozilla/5.0 (Macintosh; Intel Mac OS X 10 7 3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10'. User agent ). E: #time.sleep(0.01). String num ). String num ,. Http:/ 10.211.55.20/testmysql.php? Test=1'%20and%20if(mid(lpad(bin(length(user() ),8,0),. Http:/ 10.211.55.20/testmysql.php? 1%29%29%29,8,0%29,. Blind injection (. 2015 年 10 月 16 日. Thread num ). Http:/ i.youku.com/u/U. 2015 年 10 月 15 日. Bundle savedInstanceState ).

cnnetsec.com

编程技术 | InfoSecLab

http://www.cnnetsec.com/category/programme

201511.12 · 3 条评论. 1 背景2015年11月6日，FoxGlove Security安全团队的@breenmachine 发布的一篇博客[3]中介绍了如何利用Java反序列化漏洞，来攻击最新版的WebLogic、WebSphere、JBoss、Jenkins、OpenNMS这些大名鼎鼎的Java应用，实. 201506.25 · 2 条评论. 201310.24 · 发表评论. 1、Visual Studio 的 Python 开发插件 PTVS PTVS (Python Tools for Visual Studio) 是一个开源项目，采用Apache 2.0许可发布。 Joomla 3.2 到 3.4.4 注入漏洞分析.

cnnetsec.com

安全工具 | InfoSecLab

http://www.cnnetsec.com/category/soft

201508.16 · 1 条评论. Quick Android Review Kit -这个工具的目的是寻找一些与安全相关的Android应用程序的漏洞，无论是源代码还是打包的APK。 201401.20 · 发表评论. 201310.21 · 发表评论. 树莓派是由有生产许可的Newark element14 (Premier F. 201307.08 · 5 条评论. OWASP 发布ZAP 2.1.0 Windows 和 Linux版. 201304.19 · 发表评论. Zed Attack Proxy (ZAP)是一个易于使用的、用于寻找Web应用程序漏洞的综合性渗透测试. Lynis 1.3.0 发布，Linux 系统审计工具. 201304.16 · 发表评论. Lynis 是一款用于检测 Linux 系统健壮性的脚本，方便管理员找出系统中的易受攻击的安全隐患。 Acunetix Web Vulnerability Scanner 8.20130308 Release. 201304.03 · 发表评论. 201304.01 · 发表评论.

cnnetsec.com

CVE-2014-3566 SSLv3 Poodle原理分析及防范方法 | InfoSecLab

http://www.cnnetsec.com/2137.html

发表于 2014年10月15日星期三下午 7:53. Https:/ sslv3.dshield.org:444/index.html. 什么是 SSL3.0 Poodle漏洞. SSL协议由美国 NetScape公司开发的， 1996年发布了V3.0版本。 SSL 30 已经存在 15 年之久，目前绝大多数浏览器都支持该版本。通常用户的浏览器都使用新版本的安全协议与服务器进行连接，但如果遇到 bug 导致连接失败，就会转而尝试更老版本的安全协议进行连接，更老版本就包括SSL 3.0。 Poodle攻击的原理，就是黑客故意制造安全协议连接失败的情况，触发浏览器的降级使用 SSL 3.0，然后使用特殊的手段，从 SSL 3.0 覆盖的安全连接下提取到一定字节长度的隐私信息。漏洞是由google安全团队的Bodo Möller 与Thai Duong 和 Krzysztof Kotowicz三个人一起发现的。 Ssl protocols TLSv1 TLSv1.1 TLSv1.2;. Ssl prefer server ciphers on;. Ssl session timeout 5m;.

cnnetsec.com

Java | InfoSecLab

http://www.cnnetsec.com/category/programme/java

201511.12 · 3 条评论. 1 背景2015年11月6日，FoxGlove Security安全团队的@breenmachine 发布的一篇博客[3]中介绍了如何利用Java反序列化漏洞，来攻击最新版的WebLogic、WebSphere、JBoss、Jenkins、OpenNMS这些大名鼎鼎的Java应用，实. Joomla 3.2 到 3.4.4 注入漏洞分析.

UPGRADE TO PREMIUM TO VIEW 85 MORE

TOTAL LINKS TO THIS WEBSITE

93

OTHER SITES

bugseason.net

Bryan Kim in 2402

Bug Season (Romance, Adventure and Giant Bugs). Bryan Kim in 2402. Still very beta, creating pages. So he's decided to just focus on studying (he's going for a doctorate in Entymology), and working. He's teaching basic biology and grading papers for the tenured professors in the department, and occasionally hanging out with his friend Staci. More pages are at www.renderosity.com.

bugseatbooks.blogspot.com

Bugs eat books

People say that life is the thing, but I prefer reading.". Viernes, 8 de mayo de 2015. Vidas erráticas' de Gianni Celati. Enviar por correo electrónico. Jueves, 5 de marzo de 2015. Sin destino' de Imre Kertész. Enviar por correo electrónico. Viernes, 6 de febrero de 2015. Todo lo que hay' de James Salter. Enviar por correo electrónico. Martes, 20 de enero de 2015. Solo en Berlín' de Hans Fallada. Para escribir esta novela Fallada se inspiró en un suceso real, el de un matrimonio humilde de Berlín que dur...

bugsec.co.il

BugSec group’s On Line Fraud Research team, Versafe, found and reported a critical vulnerability in Internet Explorer in August 2009. The vulnerability was reported to Microsoft and treated on Jan. 21, 2010. Versafe - Anti Fraud. BugSec is dedicated to being a leading security service provider. With its penetration testing and Risk assessments services, BugSec provides sophisticated security remediation to its customers.

bugsec.com

Bugsec | One Step Ahead Security

This gap analysis is not focusing on the IS management system of the organization, but on the effectiveness of the organization’s security controls implementation, network architecture, external interfaces and the strength of its security mechanism. We analyze business data flows to make sure they are secured on a technical level and that any sensitive data is secured and accessed by authorized and privileged users only. Your Security starts here. December 13, 2016. December 13, 2016. An estimated 1....

bugsec.org

BugSec | 关注Web安全、渗透测试、代码审计

ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. 安卓手机的图形锁九宫格是3 3的点阵，按次序连接数个点从而达到锁定/解锁的功能。 ElasticSearch Groovy远程代码执行漏洞 CVE-2015-1427 POC. CVE-2015-0235 exploit&wordpress poc. 广东一一五科技有限公司下文称115 是一家拥有自主知识产权的创新型互联网企业公司前身是雨林木风下面的一个项目，现在独 . Http:/ m.wanhui.cn/index-w1000292/ 找回密码 https:/ passport.wan . HTTP(S)网站目录暴破测试工具 Dirs3arch v0.3.0. 网络密码嗅探 Web/FTP/Email 工具 SniffPass. 走近科学如何访问暗网 the Dark Web.

bugsecurity.net

BugSecurity

Bilgi Teknolojileri Güvenliği Bloğu. Bu bloga abone ol. SEO - SEO Nedir? Ağustos 16, 2016. SEO, Search Engine Optimization (Arama Motoru Optimizasyonu) anlamındadır. SEO, bir websitesini arama motorları için en iyi duruma getirme ile ilgilidir. Siteniz için temel bazı SEO yapmayı düşünüyorsanız arama motorlarının nasıl çalıştığını anlamanız çok önemlidir. Arama Motorları Nasıl Çalışır? Arama motorları, arama sonuçlarını teslim etmek için birçok aktivite uygularlar. Neden Bilgisayar Ağına İhtiyaç Duyarız?

bugsed.blogspot.com

Edmat

Hi I'm Ed Mat of the Philippines. Monday, March 19, 2018. Make it a habit to drink 12 glasses of water everyday. It cleans your internal body like you are taking a bath where you cleans your external body. Monday, March 05, 2018. HOW TO BE DEBT-FREE “The borrower is a servant to the lender.” – Proverbs 22:7. HOW TO BE DEBT-FREE. 8220;The borrower is a servant to the lender.” – Proverbs 22:7. Think about it: When you borrow, you become a servant. Borrowed money from. The moment you asked money from. Magbi...

bugsed.com

Bugs Ed - Interactive insect workshops for all ages

Bugs Ed. provides in-school, interactive. Insect workshops for students of all ages. Website by Stephen Monteith.

bugseducational.com

Home

Once a beautiful Ladybug named Lucina Buguina was very silly and clueless. Our Mission and Programs. Bugs Educational is a bilingual thematic curriculum designed to facilitate lessons for parents, educators, and child care providers. It teaches children younger than five the foundations of a second language. Excerpt from the best-selling book Lucina Buguina and the Colors. Our Mission and Programs.

bugseed.bandcamp.com

bugseed

Or browse results titled. 1 & (pageBandParentLabel() pageLabel() , col1: columns() = = 1, col2: columns() = = 2, col3: columns() = = 3 } ". 0 }" Other Linked Artists/Labels. Edit artists. add more artists. Please verify your email by clicking the link we sent to . Change email / Send again. Bugseed x ill.sugi. Bugseed x ill.sug. Bugseed and ill.sugi. RAW VIBES MIXTAPE #1 Bugseed. Switch to mobile view.