分类 Linux科技 下的文章
Golang AES/CBC/PKCS7Padding
Golang没有像PHP那样提供一个现成的aes加密函数,不过标准库里有crypto,利用里面的aes等可以自己封装个加密函数,不过需要理解下整个加解密的过程和原理
使用 Wireshark 解密SSL | 网站调试时使用 | 笔记
Wireshark 解密SSL 有两种办法
1.使用预主密钥来解密SSL (pre-master secret key)
2.使用RSA密钥解密SSL (不推荐)
本文使用第二种方法来做网站调试.
Security/Server Side TLS | wiki 备份
Recommended configurations
Mozilla maintains three recommended configurations for servers using TLS. Pick the correct configuration depending on your audience:
- Modern: Modern clients that support TLS 1.3, with no need for
backwards compatibility - Intermediate: Recommended configuration for a general-purpose server
- Old: Services accessed by very old clients or libraries, such as
Internet Explorer 8 (Windows XP), Java 6, or OpenSSL 0.9.8
| Configuration | Firefox | Android | Chrome | Edge | Internet Explorer | Java | OpenSSL | Opera | Safari |
|---|---|---|---|---|---|---|---|---|---|
| Modern | 63 | 10.0 | 70 | 75 | -- | 11 | 1.1.1 | 57 | 12.1 |
| Intermediate | 27 | 4.4.2 | 31 | 12 | 11 (Win7) | 8u31 | 1.0.1 | 20 | 9 |
| Old | 1 | 2.3 | 1 | 12 | 8 (WinXP) | 6 | 0.9.8 | 5 | 1 |
The ordering of cipher suites in the Intermediate and Old configurations is very important, as it determines the priority with which algorithms are selected.
OpenSSL will ignore cipher suites it doesn't understand, so always use the full set of cipher suites below, in their recommended order. The use of the Old configuration with modern versions of OpenSSL may require custom builds with support for deprecated ciphers.
汇编跳转指令: JMP、JECXZ、JA、JB、JG、JL、JE、JZ、JS、JC、JO、JP 等
跳转指令分三类:
一、无条件跳转: JMP;
二、根据 CX、ECX 寄存器的值跳转: JCXZ(CX 为 0 则跳转)、JECXZ(ECX 为 0 则跳转);
三、根据 EFLAGS 寄存器的标志位跳转, 这个太多了.