Coding, Web, Hydrology and more.

Latest stories

Currently working method to get direct download link from OneDrive share link

0x00 Introduction Microsoft OneDrive has long been a indispensable cloud service for me to store PPTs, PDFs, etc. Its user experience are marvelous, the sync, upload and download speed are satisfying, but what bothers me is that it takes me a long time to fully load a OneDrive file share page, as a result, I seldom use OneDrive to share files with my friends. 0x01 Methods It is quite simple to...

DrCOM(ver.D) in HHU Packet Analysis

0x00 Packet List Challenge Login Logout KeepAlive_1 KeepAlive_2 0x01 Login & Logout Route 0x011 Login Route First, a chanllange packet is made and sent to server, and the response should start with 0x02 and contain 4 bytes salt at the offset 0x14. Second, a login packet can be made with the salt we’ve got, after we send it to the server, it should respond with data which starts with...

New Way to Install Adobe Creative Cloud to Specified Directory

0x01 Story As is known to us all, officially, the default install directory for Adobe Creative Cloud can’t be changed from C:/Program Files/Adobe to users desire directory unless users have install at least one of Adobe Creative Cloud product. Hence, I am wondering about whether there is another way to install Adobe Creative Cloud component without installing one then changing install...

Monitor Changes in a Website and Push Notification to Slack via Huginn and Slack API

0x00 Story A fellow of mine wants to monitor changes in a website, at first he use a monitor plugin in chrome, but before long he realized that he cannot keep his computer running all the time, therefore to use an VPS to monitor  is a pretty decent choice. Here comes the question, what software should we use? It comes to me that I can use Python to write a crawler, but I’m too lazy to...

Creating a Fake Crashed Tab When Current Tab Loses Focus

0x00 Story Once upon a time I bumped into a site, as long as the tab losed focus, the tab caption will be changed into something like “oops, the tab crashed!”. It is really funny, isn’t it? So I spend some time digging into it and I found it really easy to do it, hence I decide to write a short tutorial on how to do it. 0x01 Mechanism Firstly, we should know how to know whether...

The Installation and Configuration of Docker in CentOS

0x00 What’s Docker? Docker is an open-source app container engine, which allows developers pack their app and dependencies into a portable container, then the developers could deploy it on any machines based on Linux. Moreover, it could also be used for virtualization, where every container is isolated from each other by sandbox mechanism. 0x01 How to install Docker? Before installation...

Meltdown和Spectre漏洞概述及目前应急预案

0x00 概述 前几日爆出的包含Intel,AMD以及使用ARM架构的厂商的处理器中的重大漏洞可谓是在业内卷起轩然大波,这些漏洞可分为Meltdown和Spectre两类。本文就Google Zero Project,Meldown and Spectre以及博主所掌握的信息对目前漏洞机制,原理,应急预案进行归纳总结。 0x01 漏洞机制及影响对象 从目前所获得的信息来看,前者的影响更为显著,其实质是恶意数据缓存载入(Rogue data cache load (CVE-2017-5754)),打破了用户级页表与系统内核级页表之间的隔离,这种隔离机制的失效影响是非常大的,举个例子来说,你在银行的账号密码现在完全可以被也在用这个银行的恶意用户收集到。 后者,也就是Spectre,其实质是绕过式边界检测以及分支目标注入(bounds check bypass (CVE-2017-5753)...

搭建自己的邮件服务器

0x01 前述 博客建立在腾讯云上,原来用的是腾讯企业邮箱提供的SMTP服务器来收发邮件,起初认为都是腾讯产品,应该不至于出太大问题,也方便管理,另外刚开始用的性能还算可以,就凑合着用了。但是这几天回来一试,发信往往需要3s以上的时间,性能低下到无法忍受,甚至出现了掉信的情况。遂弃用腾讯企业邮箱(说到底还是因为用的免费版,没有充钱),利用Postfix+Dovecot搭建自己的邮件服务器。 0x02 环境 腾讯云 CentOS 7.2 0x03 安装和配置Postfix 首先先删除sendmail: yum remove sendmail 随后安装Postfix和Cyrus: yum install postfix yum install cyrus* 修改MTA(默认邮件传输代理): alternatives --config mta 选择sendmail...

Coding, Web, Hydrology and more.

Meta