首页 > TAG信息列表 > Exploitation
Decoupling Exploration and Exploitation for Meta-Reinforcement Learning without Sacrifices
发表时间:2021(ICML 2021) 文章要点:这篇文章想说,通常强化学习算法exploration和exploitation都是混在一起的,既探索环境的dynamics,同时也利用探索到的信息来提升策略。但是要想更好的更新策略,就需要好的探索来收集任务相关的信息;要想得到更好的探索策略,就需要基于当前学到的策略还指[漏洞复现] [Vulhub靶机] Struts2-045 Remote Code Execution Vulnerablity(CVE-2017-5638)
免责声明:本文仅供学习研究,严禁从事非法活动,任何后果由使用者本人负责。 0x00 背景知识 Apache Struts 2是美国Apache软件基金会的一个开源项目,是一套用于创建企业级Java Web应用的开源MVC框架。它是一个简洁的、可扩展的框架,设计这个框架是为了从构建、部署、到应用程序维护方pwn - Heap Exploitation
堆 今天整理了一下Heap部分的一些笔记,小汇总一下 在程序运行过程中,堆可以提供动态分配的内存,允许程序申请大小未知的内存。堆是程序虚拟空间地址的一块连续的线性区域,由低地址向高地址上增长 堆题漏洞一般在delete()函数上,多半是指针未清空导致成为野指针,从而可以进行UAF等 实现Maximum Exploitation - ieeextreme15
这题其实并不难,比赛的时候自己脑子就是转不动== 题目大意: 有一个RxC的矩阵,用最多两个rxc的矩形去框这个矩阵,使覆盖的数字之和最大,输出最大值 1<=R,C<=1000 解题思路: 预处理以(i,j)为右下角顶点,(0,0)为左上角顶点范围内的 形状为rxc矩形所能覆盖的最大值p[i][j] 预处理以(i,j)为左OSCP Security Technology - Linux Post Exploitation
OSCP Security Technology - Linux Post Exploitation Start Metasploit. msfconsole Target VM: Kioptrix Refer to Linux post exploitation cheat sheet: https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List msfvenom -l Try to EEthical Hacking - POST EXPLOITATION(2)
MAINTAINING ACCESS - Methods 1. Using a veil-evasion Rev_http_service Rev_tcp_service Use it instead of a normal backdoor. Or upload and execute from meterpreter. Does not always work. 2. Using persistence module run persistence -h Detectable by antiviOSCP Learning Notes - WebApp Exploitation(6)
Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on your server. http://www.dvwa.co.uk/ Install XAMPP and DVWA: 1. Install XAMPP on Windows server. And change the Apache http port to 82 and ssl port to 443OSCP Learning Notes - WebApp Exploitation(4)
Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vulnhub.com/entry/pentester-lab-php-include-and-post-exploitation,79/ 1. Use netdiscover to find the IP of the target server. netdiscover基于PRET - Printer Exploitation Toolkit的渗透测试
https://github.com/RUB-NDS/PRET 依赖 PRET only requires a Python2 interpreter. For colored output and SNMP support however, third party modules need to be installed: # pip install colorama pysnmp If running on a Windows console and Unicode characters a