Bài đăng

Đang hiển thị bài đăng từ tháng mười một, 2015

PHP Race Condition Vulnerability Example

This article based-on the excellent article "Practical Race Condition Vulnerabilities in Web Applications". I have made my own sample source-code for testing.

# Let's start!

Log-into MySQL(or MariaDB) Shell to create sample database
MariaDB [test]> create database test character set utf8 collate utf8_general_ci; MariaDB [test]> grant all privileges on test.* to test@'localhost' identified by 'test@123'; MariaDB [test]> flush privileges; MariaDB [test]> create table bank_accounts(uid int auto_increment primary key,ucode varchar(10) not null,balance int(11) not null default 0,uname varchar(50) not null); MariaDB [test]> insert into bank_accounts(ucode,uname,balance) values ('BANK000001','User 1',20000),('BANK000002','User 2',5500),('BANK000003','User 3',8700);
We'll test with User-1's account.
MariaDB [test]> select * from bank_accounts; +-----+------------+---------+--…

Let's Encrypt [Your Website]

Hình ảnh
Let's Encrypt Closed Beta Invite Program and I had some registered domains: hoangdoan.io, www.hoangdoan.io was whitelisted.

Here's my result:

This is one of the most awesome projects I have ever known <3

And now, just follow https://letsencrypt.org/ to wait for the next announcements. You can also donate to support this project.

Welcome to the future of the encrypted web.

[1] https://community.letsencrypt.org/t/beta-program-announcements/1631
[2] https://letsencrypt.readthedocs.org/en/latest/using.html#installation-and-usage
[3] https://community.letsencrypt.org/t/nginx-configuration-sample/2173
[4] https://community.letsencrypt.org/t/letsencrypt-webroot-authentication-tested-on-beta-invited-whitelisted-domain/2276