September 25, 2019
Docker 修改已有容器(Container)的端口映射关系 <!–more–> 正文 https://stackoverflow.com/questions/19335444/how-do-i-assign-a-port-mapping-to-an-existing-docker-container 操作步骤: 1) 停止容器 2) 停止docker 服务 (systemctl stop docker) 3) 修改这个容器的 hostconfig.json 文件中的端口(原帖有人提到,如果 config.v2.json 里面也记录了端口,也要修改) 4) 启动docker服务 (systemctl start docker) 5) 启动容器 cd /var/lib/docker/3b6ef264a040* #这里是CONTAINER ID vi hostconfig.json 如果之前没有端口映射, 应该有这样的一段: "PortBindings":{} 增加一个映射, 这样写: "PortBindings":{"3306/tcp":[{"HostIp":"","HostPort":"3307"}]} 前一个数字是容器端口, 后一个是宿主机端口. 而修改现有端口映射更简单, 把端口号改掉就行. https://blog.csdn.net/wesleyflagon/article/details/78961990
September 25, 2019
替换 Dockerfile 中的 apt 源来增加 Docker 镜像的构建速度 <!–more–> 操作 首先在 Dockerfile 的路径下添加文件 sources.list 。 https://mirrors.163.com/.help/debian.html 网易源 deb http://mirrors.163.com/debian/ jessie main non-free contrib deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib deb http://mirrors.163.com/debian/ jessie-backports main non-free contrib deb-src http://mirrors.163.com/debian/ jessie main non-free contrib deb-src http://mirrors.163.com/debian/ jessie-updates main non-free contrib deb-src http://mirrors.163.com/debian/ jessie-backports main non-free contrib deb http://mirrors.163.com/debian-security/ jessie/updates […]
September 16, 2019
Firefox 插件 部分 HTTP 通讯流量情况 <!–more–> 正文 https://addons.mozilla.org/zh-CN/firefox/addon/flash-videodownloader/?src=search 请求 GET /api/config/?id=ductloanphuok%40gmail.com&version=6.3.14&lt=31004081&uid=95345bc6-b220-efd2-c070-2c8a1701c10d&r=1568608207951 HTTP/1.1 Host: flashvd.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Connection: close Cookie: __cfduid=d217ed1370e498eae12b455cc40594adc1568255256 响应 HTTP/1.1 200 OK Date: Mon, 16 Sep 2019 04:30:04 GMT Content-Type: application/json Connection: close Alt-Svc: h2=":443"; […]
September 12, 2019
某道全版本rce漏洞分析 <!–more–> https://xz.aliyun.com/t/6239
September 10, 2019
【Nessus】SMB Signing not required <!–more–> 漏洞细节 SMB Signing not required https://www.tenable.com/plugins/nessus/57608 修复方案 以 Windows Server 2008 R2 为例 1 备份注册表 (选择 计算机/Computer 这个根目录 导出) 2 运行注册表编辑器 (regedt.msc/Regedt32.exe) 3 选择 HKEY_LOCAL_MACHINE 之后再选择 System\CurrentControlSet\Services\LanManServer\Paramete 等 4 在此配置项中添加 以下内容 Value Name: EnableSecuritySignature Data Type: REG_DWORD Data: 0 (disable), 1 (enable) NOTE: The default is 0 (disable) Name: RequireSecuritySignature […]
September 9, 2019
将 Word 转化为 Markdown <!–more–> 正文 http://www.writage.com/
September 8, 2019
【Nessus】Terminal Services Encryption Level is not FIPS-140 Compliant 等 <!–more–> 相关问题 1 Terminal Services Encryption Level is not FIPS-140 Compliant 2 Terminal Services Encryption Level is Medium or Low Terminal Services Encryption Level is not FIPS-140 Compliant 操作步骤: 控制面板(Control Panel) -> 管理工具(Adminsitrative Tools) -> 本地安全策略(Local Security Policy) ->安全設置(Security Settings) -> 本地策略(Local Policies) -> 安全選項(Security Options) […]
September 8, 2019
【Nessus】SSH Weak Algorithms Supported 等 <!–more–> 相关问题 1 SSH Server CBC Mode Ciphers Enabled 2 SSH Weak MAC Algorithms Enabled 3 SSH Weak Algorithms Supported 修复方案 1 编辑 sshd 配置文件 /etc/ssh/sshd_config 2 默认情况 # default is aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, # aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, # aes256-cbc,arcfour # default is hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 建议修改为 Ciphers aes128-ctr,aes192-ctr,aes256-ctr MACs umac-64@openssh.com,hmac-ripemd160 建议先在虚拟机上测试一下,修改配置后能否重新连接 ssh 。 之后重启 ssh […]
September 6, 2019
CVE-2019-10149 Exim 本地权限提升 LPE <!–more–> 正文 git clone https://github.com/dhn/exploits docker build -t vuln/cve-2019-10149 . docker run –rm -it vuln/cve-2019-10149 测试过程 team@blackloutus01 >>> ~/develop/vulhub-master/exploits/CVE-2019-10149 > master > sudo su [sudo] password for team: [root@blackloutus01 CVE-2019-10149]# docker run –rm -it vuln/cve-2019-10149 No directory, logging in with HOME=/ $ cd /tmp $ vim sh $ cat /tmp/sh #!/usr/bin/env […]
September 6, 2019
Windows 获取 dsget.exe <!–more–> 正文 https://www.pconlife.com/fileinfo/dsquery.exe-info/ Windows 各个版本的系统的组件基本都可以在这个网站找到。 可以使用如下方式查询 https://www.pconlife.com/fileinfo/<file_name>-info/