Thursday 14 May 2015

同桌的妳 老狼 - 戀戀風塵 - 學生時代純真感情音樂


















青春紅的耀眼,綠的瘋狂,清的雋秀,藍的可愛。青春挺挺拔拔,敏敏捷捷,瀟瀟灑灑,幽幽雅雅。青春純純樸樸,厚厚實實,潔潔白白,光光彩彩。青春熱熱情情,風風火火,毛毛草草,沖沖撞撞。做此視頻,紀念曾經的同學,曾經的感情,曾經的美麗。

青春是壹個短暫的美夢,青春是壹個短暫的美夢,當妳醒來時,早已消失得無影無蹤了,我們唯壹的美中不足,就是成長得太快了。



歌曲:同桌的妳
歌手:老狼
譜曲: 高曉松

歌曲歌詞:
明天妳是否會想起
昨天妳寫的日記
明天妳是否還惦記
曾經最愛哭的妳
老師們都已想不起
猜不出問題的妳
我也是偶然翻相片
才想起同桌的妳
誰娶了多愁善感的妳
誰安慰愛哭的妳
誰把妳的長發盤起
誰給妳做的嫁衣
妳從前總是很小心
問我借半塊橡皮
妳也曾無意中說起
喜歡和我在壹起
那時候天總是很藍
日子總過得太慢
妳總說畢業遙遙無期
轉眼就各奔東西
誰遇到多愁善感的妳
誰安慰愛哭的妳
誰看了我給妳寫的信
誰把它丟在風裏
從前的日子都遠去
我也將有我的妻
我也會給她看相片
給她講同桌的妳
誰娶了多愁善感的妳
誰安慰愛哭的妳
誰把妳的長發盤起
誰給妳做的嫁衣




制作: 谷雨 (Essayjeans) @tetraphibious
圖片: 來自網上
http://diebiyi.com/articles/category/essayjeans/
(http://www.tetraph.com/wangjing)


視頻地址:
https://www.youtube.com/watch?v=c66SPoe_kYw


歌詞鏈接:
http://tetraph.blog.163.com/blog/static/234603051201541432236913/


推特:
https://twitter.com/justqdjing/status/598747933257830400


樂乎:
http://essayjeanslike.lofter.com/post/1cf58cfa_6f32a42


湯博樂:
http://xingti.tumblr.com/post/118929550955


谷歌+:
https://plus.google.com/u/0/+essayjeans/posts/VapxEvHAbiD


臉書:
https://www.facebook.com/essayjeans/posts/828134663944354


微博:
http://t.qq.com/p/t/482013119151329





Wednesday 13 May 2015

一生有你 水木年华 - 慢慢相随 - 清新华语音乐



















一生有你,世界上最美的事实是有人陪你慢慢变老。夜里最美丽的流星,载著我心中的梦。希望能在茫茫人海中与你相逢。我愿一生陪伴你,不知你是否愿意,不管天涯海角多艰辛,我还是要找到你。我愿一生陪伴你,不管你是否在意,就算海枯石烂天变心,我还是一洋爱你。从来没有向你表达我的爱意,


歌曲:一生有你
歌手:水木年华
谱曲: 卢庚戌    编曲: 李延亮


因为梦见你离开
我从哭泣中醒来
看夜风吹过窗台
你能否感受我的爱
等到老去那一天
你是否还在我身边
看那些誓言谎言
随往事慢慢飘散
多少人曾爱慕你年轻时的容颜
可知谁愿承受岁月无情的变迁
多少人曾在你生命中来了又还
可知一生有你我都陪在你身边
因为梦见你离开
我从哭泣中醒来
看夜风吹过窗台
你能否感受我的爱
等到老去那一天
你是否还在我身边
看那些誓言谎言
随往事慢慢飘散
多少人曾爱慕你年轻时的容颜
可知谁愿承受岁月无情的变迁
多少人曾在你生命中来了又还
可知一生有你我都陪在你身边
当所有一切都已看平淡
是否有一种坚持还留在心间
呼哦 哦
多少人曾爱慕你年轻时的容颜
可知谁愿承受岁月无情的变迁
多少人曾在你生命中来了又还
可知一生有你我都陪在你身边
多少人曾爱慕你年轻时的容颜
可知谁愿承受岁月无情的变迁
多少人曾在你生命中来了又还
可知一生有你我都陪在你身边
可知一生有你我都陪在你身边



制作: 谷雨 (Essayjeans) @essayjeans
图片: 来自网上
http://www.inzeed.com/kaleidoscope/category/essayjeans/
(http://www.tetraph.com/wangjing)





视频地址:
https://www.youtube.com/watch?v=5iIsi-QSP0E


歌词链接:
http://www.tetraph.com/blog/musics/yishengyouni/


推特:
https://twitter.com/buttercarrot/status/598723532562894848


乐乎:
http://whitehatpostlike.lofter.com/post/1cf58911_6f2d660


汤博乐:
http://canghaixiao.tumblr.com/post/118925358777


谷歌:
https://plus.google.com/u/0/111862222305893832575/posts/QN6AQMKBTwk


脸书:
https://www.facebook.com/essaybeans/posts/561825200625617








Delaunay Triangulation - From 2-D Delaunay to 3-D Delaunay

Delaunay Triangulation - From 2-D Delaunay to 3-D Delaunay
Author: Jing Wang
Institute: School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore


























Delaunay triangulations are widely used in scientific computing in many diverse applications. While there are numerous algorithms for computing triangulations, it is the favorable geometric properties of the Delaunay triangulation that make it so useful.


The fundamental property is the Delaunay criterion. In the case of 2-D triangulations, this is often called the empty circumcircle criterion. For a set of points in 2-D, a Delaunay triangulation of these points ensures the circumcircle associated with each triangle contains no other point in its interior. This property is important. In the illustration below, the circumcircle associated with T1 is empty. It does not contain a point in its interior. The circumcircle associated with T2 is empty. It does not contain a point in its interior. This triangulation is a Delaunay triangulation. This presentation discusses how to extend 2-D Delaunay to 3-D Delaynay.



Source: 

http://mathstopic.blogspot.com/2015/05/delaunay-triangulation-from-2-d.html





Maxwell’s Formulation – Differential Forms on Euclidean Space

Maxwell’s Formulation – Differential Forms on Euclidean Space
Author: Jing Wang
Institute: School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore























One of the greatest advances in theoretical physics of the nineteenth century was Maxwell’s formulation of the the equations of electromagnetism. This article uses differential forms to solve a problem related to Maxwell’s formulation. The notion of differential form encompasses such ideas as elements of surface area and volume elements, the work exerted by a force, the flow of a fluid, and the curvature of a surface, space or hyperspace. An important operation on differential forms is exterior differentiation, which generalizes the operators div, grad, curl of vector calculus. the study of differential forms, which was initiated by E.Cartan in the years around 1900, is often termed the exterior differential calculus.However, Maxwell’s equations have many very important implications in the life of a modern person, so much so that people use devices that function off the principles in Maxwell’s equations every day without even knowing it.





Source:

http://mathstopic.blogspot.com/2015/05/maxwells-formulation-differential-forms.html




CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities




















CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities


Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities
Product: InstantForum.NET
Vendor: InstantASP
Vulnerable Versions: v4.1.3   v4.1.1   v4.1.2   v4.0.0   v4.1.0   v3.4.0
Tested Version: v4.1.3   v4.1.1   v4.1.2
Advisory Publication: February 18, 2015
Latest Update: April 05, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9468
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized modification
Discover and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)





Preposition Details:


(1) Vendor & Product Description:


Vendor:
InstantASP


Product & Version:
InstantForum.NET
v4.1.3   v4.1.1   v4.1.2   v4.0.0   v4.1.0   v3.4.0


Vendor URL & Download:
InstantForum.NET can be purchased from here,


Product Introduction Overview:
“InstantForum.NET is a feature rich, ultra high performance ASP.NET & SQL Server discussion forum solution designed to meet the needs of the most demanding online communities or internal collaboration environments. Now in the forth generation, InstantForum.NET has been completely rewritten from the ground-up over several months to introduce some truly unique features & performance enhancements."

"The new administrator control panel now offers the most comprehensive control panel available for any ASP.NET based forum today. Advanced security features such as role based permissions and our unique Permission Sets feature provides unparalleled configurable control over the content and features that are available to your users within the forum. Moderators can easily be assigned to specific forums with dedicated moderator privileges for each forum. Bulk moderation options ensure even the busiest forums can be managed effectively by your moderators."

"The forums template driven skinning architecture offers complete customization support. Each skin can be customized to support a completely unique layout or visual appearance. A single central style sheet controls every aspect of a skins appearance. The use of unique HTML wrappers and ASP.NET 1.1 master pages ensures page designers can easily integrate an existing design around the forum. Skins, wrappers & master page templates can be applied globally to all forums or to any specific forum."





(2) Vulnerability Details:
InstantForum.NET web application has a cyber security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. InstantForum has patched some of them. BugScan is the first community-based scanner, experienced five code refactoring. It has redefined the concept of the scanner provides sources for the latest info-sec news, tools, and advisories. It also publishs suggestions, advisories, cyber intelligence, attack defense and solutions details related to important vulnerabilities.


(2.1) The first programming code flaw occurs at "&SessionID" parameter in “Join.aspx?” page.

(2.2) The second programming code flaw occurs at "&SessionID" parameter in “Logon.aspx?” page.





References:







互聯網登錄系統曝出重大漏洞 黑客可用知名網站釣魚 - Covert Redirect
















繼OpenSSL漏洞後,開源安全軟件再曝安全漏洞。新加坡南洋理工大學研究人員,物理和數學科學學院博士生王晶 (Wang Jing) 發現,OAuth 2.0, OpenID 授權接口的網站存隱蔽重定向漏洞、英文名為“Covert Redirect”。


攻擊者創建壹個使用真實站點地址的彈出式登錄窗口——而不是使用壹個假的域名——以引誘上網者輸入他們的個人信息。


黑客可利用該漏洞給釣魚網站“變裝”,用知名大型網站鏈接引誘用護登錄釣魚網站,壹旦用護訪問釣魚網站並成功登六授權,黑客即可讀取其在網站上存儲的私密信息。


騰訊,阿裏巴巴,QQ、新浪微博、淘寶網,支付寶,網易,PayPal, eBay, Amazon, Facebook、Google, LinkedIn, Yahoo, VK.com, Microsoft,  Mail.ru, Github, WordPress 等國內外大量知名網站受影響。


鑒於OAuth和OpenID被廣泛用於各大公司——如微軟、Facebook、Google、以及 LinkedIn——Wang表示他已經向這些公司已經了匯報。Wang聲稱,微軟已經給出了答復,調查並證實該問題出在第三方系統,而不是該公司的自 有 站點。Facebook也表示,“短期內仍無法完成完成這兩個問題的修復工作,只得迫使每個應用程序平臺采用白名單”。至於Google,預計該公司 會追 蹤OpenID的問題;而LinkedIn則聲稱它將很快在博客中說明這壹問題。


OAuth 是壹個被廣泛應用的開放登六協議,允許用護讓第三方應用訪問該用護在某壹網站上存儲的私密的信息(如照片,視頻,聯系人列表),而無需將用護名和密碼提供給第三方應用。這次曝出的漏洞,可將Oauth2.0的使用方(第三方網站)的回跳域名劫持到惡意網站去,黑客利用XSS漏洞攻擊就能隨意操作被授權的帳號,讀取用護的隱私信息。像騰訊、新浪微博等社交網站壹般對登六回調地址沒有任何限制,極易遭黑客利用。






相關資料,
http://www.cnet.com/news/serious-security-flaw-in-oauth-and-openid-discovered/
http://tech.firstpost.com/news-analysis/after-heartbleed-major-covert-redirect-flaw-threatens-oauth-openid-and-the-internet-222945.html
http://tetraph.com/covert_redirect/oauth2_openid_covert_redirect.html
http://techxplore.com/news/2014-05-math-student-oauth-openid-vulnerability.html
http://phys.org/news/2014-05-math-student-oauth-openid-vulnerability.html
http://www.tomsguide.com/us/facebook-google-covert-redirect-flaw,news-18726.html
http://news.yahoo.com/facebook-google-users-threatened-security-192547549.html
http://thehackernews.com/2014/05/nasty-covert-redirect-vulnerability.html
http://www.scmagazine.com/covert-redirect-vulnerability-impacts-oauth-20-openid/article/345407/
http://blog.kaspersky.com/facebook-openid-oauth-vulnerable/
http://www.foxnews.com/tech/2014/05/05/facebook-google-users-threatened-by-new-security-flaw/
http://network.pconline.com.cn/471/4713896.html
http://media.sohu.com/20140504/n399096249.shtml/
http://it.people.com.cn/n/2014/0504/c1009-24969253.html
http://www.cnbeta.com/articles/288503.htm
http://www.inzeed.com/kaleidoscope/computer-security/oauth-2-0-and-openid-covert-redirect/
http://baike.baidu.com/link?url=0v9QZaGB09ePxHb70bzgWqlW-C9jieVguuDObtvJ_6WFY3h2vWnnjNDy4-jliDmqbT47SmdGS1_pZ4BbGN4Re_
http://itinfotech.tumblr.com/post/118850342491/covert-redirect
http://tetraph.com/covert_redirect/
http://ittechnology.lofter.com/post/1cfbf60d_6f09f58
https://zh.wikipedia.org/wiki/%E9%9A%B1%E8%94%BD%E9%87%8D%E5%AE%9A%E5%90%91%E6%BC%8F%E6%B4%9E
http://www.baike.com/wiki/%E9%9A%90%E8%94%BD%E9%87%8D%E5%AE%9A%E5%90%91%E6%BC%8F%E6%B4%9E
http://www.csdn.net/article/2014-05-04/2819588

Tuesday 12 May 2015

About Group 超过 99.88% 的链接容易遭受 XSS 和 XFS 攻击

















About Group 网站有一个严重的网络安全问题,它容易遭受 XSS (跨站脚本漏洞) XFS (跨Frame脚本漏洞)。这对它的近10亿月访问用户是灾难和毁灭性的。 


根据漏洞研究者发布的结果POC视频,所有About.com的话题(子域名)都可以被攻击者利用。


新加坡南洋理工大学 (NTU) 数学和物理学院 (SPMS) 数学系 (MAS) 的王晶 (Wang Jing) 发布了这个严重的安全漏洞。王晶声称在2014年10月19号,他向 About Group 做了报告,但是迄今为止一直没有收到回复。漏洞的发布时间是2015年2月2号。“到现在为止,漏洞还没有被修复” 王晶说。


与此同时,王晶披露 About.com 主页面的搜索域也容易遭受 XSS 攻击。除此之外,他还发布了一些 About.com 的公开重定向漏洞 (Open Redirect). 王说他的测试是在 Windows 8 的 IE (10.0.9200.16750) 和 Mozilla 的 Firefox (34.0), Ubuntu (14.04) 的 Google Chromium 39.0.2171.65-0, 以及 Mac OS X Lion 10.7 的 Apple Safari 6.1.6 上进行的。


XSS (Cross- site Scripting) 可以用来窃取用户信息,控制用户浏览器,和进行 DOS (Denial of Service) 攻击。 XFS (Cross-frame Scripting) 也叫 iFrame Injection,可以修改用户浏览器页面内容。


在发布漏洞的同时,王晶还说明因为 About Group 的普遍性,它的漏洞可以用来对其他网站进行隐蔽重定向攻击 (Covert Redirect);XFS 则可以用来对计算机和网络进行 DDOS (Distributed Denial of Service) 黑客攻击。这些漏洞发布在著名漏洞平台 Full-Disclosure 上和他的个人博客上。


王晶是一名学生安全研究人员。他发布了包括谷歌,脸书,亚马逊,阿里巴巴,电子湾,领英等多家公司网站的重要漏洞以及大量网络应用程序的补丁。







相关新闻:
http://www.zdnet.com/article/over-99-percent-of-about-com-links-vulnerable-to-xss-xfs-iframe-attack/
http://www.securityweek.com/xss-xfs-open-redirect-vulnerabilities-found-aboutcom
http://securityaffairs.co/wordpress/33070/hacking/com-affected-xss-xfs-open-redirect-vulnerabilities-since-october-2014.html
http://packetstormsecurity.com/files/130211/About.com-Cross-Site-Scripting.html
http://www.zoomit.ir/it-news/security/17394-about-com-links-vulnerable-to-xss-xfs
http://itsecurity.lofter.com/post/1cfbf9e7_6f05a63
http://tetraph.com/covert_redirect/oauth2_openid_covert_redirect.html
http://securitypost.tumblr.com/post/118837857592/about-group-99-88-xss-xfs-about
http://www.inzeed.com/kaleidoscope/computer-security/about-group-xss-xfs/
https://www.secnews.gr/99percent-about-xss-xfs-attack-exploit
http://www.decomoadesinstalar.com/abrir-codigo-iframe-xss-xfs-ataque-mas-del-99-por
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1547
http://www.40kalagh.net/about-grope-xss-and-xfs
http://blog.norsecorp.com/2015/02/03/about-com-platform-rife-with-xss-and-iframe-injection-vulnerabilities/






CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities
















CVE-2014-9469  vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities


Exploit Title: vBulletin XSS (Cross-Site Scripting) Web Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3   5.0.5   4.2.2   3.8.7   3.6.7   3.6.0   3.5.4
Tested Version: 5.1.3 4.2.2 
Advisory Publication: February 12, 2015
Latest Update: February 26, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9469
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized modification
Writer and Creditor: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)





Preposition Details:

(1) Vendor & Product Description:
Vendor: 
vBulletin


Product & Version: 
vBulletin Forum
5.1.3   5.0.5   4.2.2   3.8.7   3.6.7   3.6.0   3.5.4


Vendor URL & Download: 
vBulletin can be acquired from here,


Product Introduction Overview:
"vBulletin (vB) is a proprietary Internet forum software package developed by vBulletin Solutions, Inc., a division of Internet Brands. It is written in PHP and uses a MySQL database server."

Since the initial release of the vBulletin forum product in 2000, there have been many changes and improvements. Below is a list of the major revisions and some of the changes they introduced. The current production version is 3.8.7, 4.2.2, and 5.1.3.

Simplified site set up and customization
The new Site Builder makes it easier than ever to build and manage a site. Customizable page templates, drag-and-drop configuration and in-line site editing simplify page layout. A variety of design themes can be easily selected.

Dynamic tools for content discovery
Customizable content modules provide enhanced content discovery, engaging users into deeper site visits. The vBulletin search has been re-architected to significantly improve the quality of its results, further facilitating content discovery.

Sleek new UI features activity stream and increased social engagement
Improved social functionality includes groups, new user profiles, comments functionality, an integrated messaging hub, social content curation, real-time updates and more.

Expanded photo and video capabilities
The new interface invites users to quickly post photos and video, expanding content on vBulletin sites. This media is then leveraged by being better integrated with the rest of a site's content. User profiles provide an engaging aggregation of all media posted by them.

Category-leading mobile optimization
The integrated mobile-optimized version ensures smartphone visitors will stay longer and return.

Robust architecture
Improved architecture provides better performance and easier customization
Built-in SEO helps maximize search traffic
Easy-to-use upgrader tool available for vBulletin 3 and 4 sites, plus importer for sites on other forum software"



(2) Vulnerability Details:
vBulletin web application has a computer security bug problem. It can be exploited by XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.

Several other similar products 0-day vulnerabilities have been found by some other bug hunter researchers before. vBulletion has patched some of them. Gmane (pronounced "mane") is an e-mail to news gateway. It allows users to access electronic mailing lists as if they were Usenet newsgroups, and also through a variety of web interfaces. Gmane is an archive; it never expires messages (unless explicitly requested by users). Gmane also supports importing list postings made prior to a list's inclusion on the service. It has published suggestions, advisories, solutions related to important vulnerabilities.

(2.1) The programming code flaw occurs at "forum/help" page. Add "hash symbol" first. Then add script at the end of it.











Related Work: