Pikachu Hacker - 第28页共98页 - 我不入地狱，谁修防火墙？

今天没有新动态

@Pikachu · 12 天前

Analysis and Mitigation of CVE-2025-27623: Handling Jenkins Vulnerability

Understanding CVE-2025-27623In March 2025, a critical vulnerability identified as CVE-2025-27623 was published, affecting specific versions of Jenkins, a widely-used open-source automation server. This vulnerability could potenti ...

@Pikachu · 12 天前

Understanding and Mitigating CVE-2025-27624: Jenkins Cross-Site Request Forgery Vulnerability

Introduction to CVE-2025-27624The CVE-2025-27624 highlights a security concern within Jenkins, specifically relating to a cross-site request forgery (CSRF) vulnerability. This flaw is found in Jenkins 2.499 and earlier, along wit ...

@Pikachu · 12 天前

clash文件覆写导致RCE

环境准备影响版本：通过利用powershell自定义.profile来执行命令。当用户打开powershell将触发（还需要powershell运行脚本执行才能成功） 1、%windir%system32WindowsPowerShellv1.0profile.ps1 它作用于所有用户、所有的Shell。 2、%windi ...

@Pikachu · 12 天前

Understanding and Mitigating CVE-2025-27625: Jenkins URL Redirect Vulnerability

Overview of CVE-2025-27625CVE-2025-27625 addresses a vulnerability found in Jenkins, versions 2.499 and earlier and LTS 2.492.1 and earlier. This vulnerability manifests in the way redirect URLs are handled, specifically those be ...

@Pikachu · 12 天前

验证码识别爆破多线程Python版

脚本代码 import requests,threading,base64,argparse,datetime,ddddocr,imghdr,configparser,os,ast from queue import Queue from tqdm import tqdm class scan: def save(self,data): f = open('log.txt', 'a',encoding='ut ...

@Pikachu · 12 天前

AWVS_13.x系列_Linux & Windows完美破解版

0x01前言本站所提供工具仅供技术学习交流、请勿用于非法行为、否则后果自负。Acunetix，自动化网络应用安全软件的先驱，已经宣布发布Acunetix第13版。新版本提供了一个改进的用户界面，并引入了创新，如SmartScan引擎，恶意软件检测功能，全面的网 ...

@Pikachu · 12 天前

验证码识别爆破多线程Python版-1.0

上篇文章：验证码识别爆破多线程Python版的改进版，之前总是出点BUG，总是不尽人意，所以又重新捣鼓了下~ 代码 import requests,threading,argparse,ddddocr,imghdr,ast,sys,datetime from queue import Queue from tqdm import tqdm def ba ...

@Pikachu · 12 天前

Understanding HTTP:header_get_values() in FortiADC

Introduction In the realm of network security and application delivery, efficiently processing HTTP headers is crucial. FortiADC, a robust application delivery controller, provides a powerful scripting interface to ease this task ...

@Pikachu · 12 天前

Apache Tomcat服务器文件包含漏洞附poc

0x01前言Apache Tomcat 是一个免费的开源 Web 应用服务器，在中小型企业和个人开发用户中有着广泛的应用。0x02漏洞详情由于Tomcat默认开启的AJP服务（8009端口）存在一处文件包含缺陷，攻击者可构造恶意的请求包进行文件包含操作，进而读取受影响T ...

@Pikachu · 12 天前

Mitigating CVE-2025-24864: Addressing Incorrect Access Permissions in RemoteView Agent

Understanding CVE-2025-24864: Incorrect Access Permissions in RemoteView AgentCVE-2025-24864 highlights a critical vulnerability within RSUPPORT Co., Ltd.'s RemoteView Agent (for Windows). This vulnerability exists in versions pr ...