code-injection

Extra space at the beginning/end of .text section

做~自己de王妃 提交于 2021-02-19 08:04:08
问题 I'm looking for a way to reserve some extra space at the begining/end of the .text section from C/C++ using Visual Studio compiler. I've only found one solution on how to reserve some extra space in code section in Visual Studio: PE File .text Section Size #pragma optimize( "", off ) #define NOP __asm { NOP } ; #define NOP8 NOP NOP NOP NOP NOP NOP NOP NOP #define NOP64 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 NOP8 #define NOP512 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64 NOP64 #define NOP4096 NOP512

enable CDI injection into a bean created by a producer method

混江龙づ霸主 提交于 2021-02-11 17:52:23
问题 Producer methods are very useful for creating instances programmatically and publishing them in a context. The problem is that all properties of an instance created by new and returned by a producer method are not injected by CDI. In the Weld documentation I've read that this is an intentional behaviour, but in many cases injection in those beans would be very useful. Is there a workaround to enable injection into such beans? 回答1: First, I have to ask why you are using Producers for beans

Code injection using executeScript never call callback in Chrome extension

送分小仙女□ 提交于 2021-02-08 11:47:18
问题 I am trying to create Chrome extension I am creating (intended to automatic fill form on third-party site - I know what you thought, not for spam, no). So when I am trying to inject JS into this page using executeScript it never calls callback function. Here is the code: function doStepPopup () { console.log ("Step "+step+" begins"); debugger; var tab = curTab; chrome.tabs.executeScript (null, { file: "extfiller.js" }, function () { debugger; console.log ("Script injected for step "+step); ..

C++ Call a function inside a running JVM

╄→尐↘猪︶ㄣ 提交于 2021-02-08 09:46:19
问题 I want to create a C++ application that will call a function inside a running Java application. This is the code for my Java application: package me.jumpak.testapp; public class TestClass { public static void main(String[] args) { System.out.println("Hello World!"); } public static void mymain() { // <=== I want to call this function System.out.println("Hello, World in java from mymain"); } } So I want the C++ application to somehow "inject" into the running JVM process and call the function

Is code injection possible in Java?

☆樱花仙子☆ 提交于 2021-02-06 02:01:18
问题 nowadays you can read much about code injection, exploits, buffer-, stack- and heap-overflows etc. leading to inject and run code. I wonder what of this stuff is relevant for Java. I know, there are no pointers in the Java language. But doesn't the JVM organize data in heaps and / or stacks? I know there is no eval function (like in PHP) so you cant easily use an input as Java-code. I am not so sure whats going on on bytecode level. I think XSS is possible, for example in an Java EE

Is code injection possible in Java?

三世轮回 提交于 2021-02-06 01:59:43
问题 nowadays you can read much about code injection, exploits, buffer-, stack- and heap-overflows etc. leading to inject and run code. I wonder what of this stuff is relevant for Java. I know, there are no pointers in the Java language. But doesn't the JVM organize data in heaps and / or stacks? I know there is no eval function (like in PHP) so you cant easily use an input as Java-code. I am not so sure whats going on on bytecode level. I think XSS is possible, for example in an Java EE

Accessing event input nodes in Android withour rooting

雨燕双飞 提交于 2021-02-05 09:42:43
问题 I want to be able to inject different events into an Android device. After some search, I found that I can do this by accessing event input nodes in Android OS, which are found in dev/input/eventX . Once these are accessed, read and write operations can take place, and hence I can inject events. The problem is that these nodes are only accessible in a rooted device. If I try to use them without rooting, the process will fail as mentioned in this article, http://www.pocketmagic.net

Agent JAR not found or no Agent-Class attribute

天大地大妈咪最大 提交于 2021-01-27 11:38:21
问题 // Fixed: This was not an Error because of code. It was because of the IDE. I just tried to make a injection for a game called Minecraft. But i have one Problem. It's not able to load Agent. Here is the Exception: Exception in thread "main" com.sun.tools.attach.AgentLoadException: Agent JAR not found or no Agent-Class attribute at sun.tools.attach.HotSpotVirtualMachine.loadAgent(HotSpotVirtualMachine.java:117) at com.sun.tools.attach.VirtualMachine.loadAgent(VirtualMachine.java:540) at pw

Is there any way to make user uploaded SVG images safe from code injection etc?

﹥>﹥吖頭↗ 提交于 2020-12-30 08:26:22
问题 I want to display user uploaded SVG images on a website, but they're quite open to exploits: https://security.stackexchange.com/questions/11384/exploits-or-other-security-risks-with-svg-upload https://security.stackexchange.com/questions/36447/img-tag-vulnerability For example, arbitrary javascript can be embedded in SVG. There's also issues with performance exploits, but I'd consider those lower priority. Is there any mechanism to make SVG somewhat safe and only use it as an image? Can I

Is there any way to make user uploaded SVG images safe from code injection etc?

戏子无情 提交于 2020-12-30 08:23:23
问题 I want to display user uploaded SVG images on a website, but they're quite open to exploits: https://security.stackexchange.com/questions/11384/exploits-or-other-security-risks-with-svg-upload https://security.stackexchange.com/questions/36447/img-tag-vulnerability For example, arbitrary javascript can be embedded in SVG. There's also issues with performance exploits, but I'd consider those lower priority. Is there any mechanism to make SVG somewhat safe and only use it as an image? Can I