10
голосов
3ответов
1954 просмотров

Внедрение конструктора с другими, независимыми аргументами конструктора

Я новичок в контейнерах IOC и начинаю работать с NInject. Что делать, если вы хотите, чтобы ваш конструктор имел параметры, не являющиеся службами и не требующие создания экземпляра контейнером IOC? Например: public class Person { private readonly string _name; private readonly ...

2
голосов
4ответов
2888 просмотров

Инъекции iframe на веб-сайты

Мой сайт был взломан.Кто-то внедрил на мой сайт разметку iframe. Как они это сделали?Только на моей странице index.html, index.php.Но я заблокировал права на запись для этой страницы, а затем то, как они могут писать на моих страницах. Повлияет ли это на другие страницы моего сервера? Есть...

1
голосов
5ответов
308 просмотров

странная разметка в HTML (HTML_ATR, HTML_ELM, SYN_ROW, JS_KEY и т. д.)

Я создал веб-сайт для клиента, и, как мы все знаем, «он отлично работает на моей машине» :-), как и на нескольких машинах в местоположении моих клиентов. Но у них есть (пока) 3 компьютера, на которых возникают некоторые ошибки, например, не удается найти ElementById. Эти машины являются обычными...

2
голосов
3ответов
407 просмотров

Очистить ввод для UniData

Может ли кто-нибудь предоставить функцию для очистки ввода для запроса UniData?Или предоставить список вещей, которые нужно удалить?

5
голосов
5ответов
6502 просмотров

Java: каков самый быстрый способ вставки полей с помощью отражения?

Предположим, у меня много классов, которые построены с использованием отражения Java (по какой-то причине). Теперь мне нужно ввести значения в поля, которые аннотировано @PostInject. public class SomeClass { @PostInject private final String someString = null; public void someMethod() {...

1
голосов
2ответов
409 просмотров

Как контейнерная инъекция аннотированных атрибутов частного класса работает в Java?

Я начал читать книгу Билла Берка и Ричарда Монсона-Хефеля Enterprise Java Beans 3.0, а в главе 4 есть этот код @PersistenceContext(unitName="titan") private EntityManager manager; Затем у класса есть методы, которые обращаются к этому полю (которое никогда не устанавливается в конструктор...

1
голосов
6ответов
300 просмотров

Mysterious url in our html website

The home-page of our static html website http://www.iffort.com is transferring data from a mysterious website rawalrohi.com. You can check this by going to iffort.com and noticing the footer there. It says transferring data from rawalrohi.com. From our side we did the following things to recti...

2
голосов
3ответов
3310 просмотров

Problems on injecting into printf using LD_PRELOAD method

I was hacking printf() of glibc in one of my project and encountered some problem. Could you please give some clues? And one of my concern is why the same solution for malloc/free works perfect! As attached, “PrintfHank.c” contains my own solution of printf() which will be preloaded before stand...

1
голосов
3ответов
891 просмотров

If I only sanitize GET and POST data, will I be safe from injection?

I'm just thinking about the best way to go about sanitizing my data to prevent injection attacks. Some people like to sanitize immediately before output, or immediately before insertion to the database... but the problem I see with this is twofold: (1) what if you miss a paramater/variable? (2) w...

2
голосов
4ответов
5684 просмотров

Auto-hide the OS X menu bar system-wide

I wish to write a utility to auto-hide the menu bar, much like the dock. This would replicate the a OS X 10.4-only application "Menufela", but for Snow Leopard. [[NSApplication sharedApplication] setPresentationOptions: NSApplicationPresentationAutoHideMenuBar ...

81
голосов
5ответов
59874 просмотров

Refused to execute a JavaScript script. Source code of script found within request

In WebKit I get the following error on my JavaScript: Refused to execute a JavaScript script. The source code of script found within request. The code is for a JavaScript spinner, see ASCII Art. The code used to work OK and is still working correctly in Camino and Firefox. The error only s...

4
голосов
4ответов
659 просмотров

Conditional summarizing via inject

How to get the index of item in: my_array.inject {|rs,item| rs += item} I need to summarize all except the i-th element.

2
голосов
2ответов
14629 просмотров

Injecting Log4J loggers with Spring

I have a spring 2.5 webapp with the following web.xml <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app...

5
голосов
6ответов
8663 просмотров

How to demonstrate SQL Injection in this PHP and MySQL code?

I'd like to note first that this is an education attempt on my own database to better understand MySQL injections to protect my own code. I need to work out a couple of examples of how a MySQL injection can be constructed against the following code. It's a basic user login system where I'm accep...

58
голосов
4ответов
23548 просмотров

Force x86 CLR on an 'Any CPU' .NET assembly

In .NET, the 'Platform Target: Any CPU' compiler option allows a .NET assembly to run as 64 bit on a x64 machine, and 32 bit on an x86 machine. It is also possible to force an assembly to run as x86 on an x64 machine using the 'Platform Target: x86' compiler option. Is it possible to run an asse...

6
голосов
2ответов
3113 просмотров

How to prevent Coldfusion from injecting cfform.js into the head section?

An HTML template is passed to Coldfusion. The head tag of the template has additional attribute: <head profile="http://abc.com"> The issue is that when generating the output based on this template Coldfusion injects its scripts inside the head tag: <head <script type="text/javascr...

21
голосов
1ответов
13837 просмотров

AppDomain.CreateInstanceFromAndUnwrap - Unable to cast transparent proxy

I'm writing a .NET library to inject managed DLLs into external processes. My current approach is: Use CreateRemoteThread to force the target process to call LoadLibrary on an unmanaged bootstrap DLL. From this point we're executing code in the target process. My bootstrap DLL then creates an i...

2
голосов
2ответов
276 просмотров

Using a PHP as a Javascript file - Security?

What are the issues with using a php file instead of a .js file in a javascript include; <script type='text/javascript' src='myjavascript.php'></script> Obviously I will go through and plug register globals issues and such, but are there other vulnerabilities that could occur from...

2
голосов
4ответов
343 просмотров

How to reconstruct a data-structure from injected process' memory space?

I've got this DLL I made. It's injected to another process. Inside the other process, I do a search from it's memory space with the following function: void MyDump(const void *m, unsigned int n) { const char *p = reinterpret_cast(m); for (unsigned int i = 0; i < n; ++i) { ...

1
голосов
2ответов
1360 просмотров

How can I inject PHP code at certain points of a string variable?

I have a class that stores paths to CSS and Javascript files in arrays. This class also compiles my final page HTML output (which is stored in an $output variable). I want to loop through my $css and $js arrays and inject HTML at specific points in $output. The CSS files would need to go right be...

5
голосов
1ответов
2345 просмотров

howto replace document object of a window/iframe

I need to inject in an iframe window a document object that I instanciated previously, and I cannot serialize it into a string or a remote url (those are solutions proposed on previous stackoverflow posts), because elements of this document objects are bound to other objects in my code. How can ...

2
голосов
4ответов
5290 просмотров

Is it safe to use $_SERVER["SCRIPT_NAME"]

I do not want to pass GET or POST variables to a script. I want to use the file name and use it to lookup the product from the php script for example: ......./DELL1500.php ......./COMPAQ1213.php I have three questions: Where does PHP get the data from $_SERVER["SCRIPT_NAME"] is it from the se...

0
голосов
1ответов
216 просмотров

Reading Text from Another Application's Frame

I plan on creating a toy application to play games. Is it possible to capture game data from another applications frame? I know this is traditionally done using a low level language and using dll injection but i was wondering if this is possible to do from a high level language?

2
голосов
6ответов
1125 просмотров

[net]how to inject debugging code to an assembly?

Given an assembly with an entry point like: int FooClass::doFoo(int x, double y) { int ret; // Do some foo return ret; } Is it possible to use yet another assembly to simulate something like: int FooClass::doFoo(int x, double y) { int ret; TRACE_PARAM_INT(x) TRACE_PARAM_DOUB...

7
голосов
3ответов
2185 просмотров

Elevating rights to use mach_inject

How do you elevate user rights to root using the Authorization API so that it is possible to use mach_inject?

2
голосов
4ответов
241 просмотров

Javascript security problem

ok, I start with a very simple method: alert(someText); "someText" is a variable, which users will pass a value in by a form. Will there a chance that the user pass following text, and inject some code in my Javascript? For example, can the user pass this in this method: "anotherText"); al...

2
голосов
2ответов
591 просмотров

Configuration Injection Framework

I recently stumbled upon the following Configuration Injection Framework. Seems interesting and seems to fit my needs. Has anyone tried it or knows about some other Configuration Injection frameworks? As far as I know Spring and Google Guice does not support this kinds of injection?

55
голосов
8ответов
87090 просмотров

How to prevent code injection attacks in PHP?

I am a bit confused, there are so many functions in PHP, and some using this, some using that. Some people use: htmlspecialchars(), htmlentities(), strip_tags() etc Which is the correct one and what do you guys usually use? Is this correct (advise me a better one, if any): $var = mysql_real_es...

31
голосов
7ответов
66542 просмотров

Sharing memory between two processes (C, Windows)

Since I haven't found an answer to the question asked previously here I'm trying a different approach. Is there any way to share memory between two processes? The second process gets the information from an injection since it's a legacy program that it's not being supported anymore. My idea ...

13
голосов
2ответов
5029 просмотров

Running JavaScript in a UIWebView before any other JavaScript is run

I have a UIWebView component that is going to load a webpage which might contain JavaScript. I want to run some JavaScript of my own before any JavaScript on the loaded webpage runs. I know I can use [myWebView stringByEvaulatingJavaScriptFromString:] on the webViewDidFinishLoad: delegate of the ...