admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-11-04 18:17:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Penetration_Testing_POC/books/【喜庆2025征文】路由器漏洞挖掘 - 原创文章发布(Original Article) - T00ls | 低调求发展 - 潜心习安全.html

267 lines
5.2 MiB
HTML
Raw Permalink Normal View History

add 代码审计、漏洞复现、burpsuite使用等文章 add Apache NiFi 高版本命令执行利用 Apache mina CVE-2024-52046漏洞分析复现 CVE-2024-3408 D-tale bypassRCE分析 CVE-2024-42327:Zabbix SQL注入漏洞分析 Fastjson反序列化漏洞深度解析与利用和修复 IoT 安全从零到掌握:超详尽入门指南(基础篇) IoT 安全从零到掌握:超详尽入门指南(实战篇) JAVA代码审计-jfinal JAVA安全-Classloader:理解与利用一篇就够了 JAVA安全之命令执行研究分析 JDBC Attack漫谈 Java 安全-反序列化 URLDNS+CC+自己挖一条链+CB Java安全-WebShell免杀的多种方式 Linux系统下反弹shell的理解 Nacos2.4.3新版漏洞利用方式总结 Spring FatJar写文件到RCE分析 TOTOLINK远程代码执行漏洞分析(CVE-2024-51228) Windows应急响应之USBDevices日志 burpsuite数据包自动加解密插件,autoDecoder详细安装+使用 cjson&json 二进制漏洞利用总结 ecology checkPassword 代码执行 kkFileView历史漏洞总结 pyramid 框架无回显挖掘 sql注入报错分享(mssql+mysql) 【喜庆2025征文】路由器漏洞挖掘 - 原创文章发布(Original Article) - T00ls | 低调求发展 - 潜心习安全 亿赛通 电子文档安全管理系统getSoftWareIssuance非授权访问的XXE漏洞 - 原创文章发布(Original Article) - T00ls " 低调求发展 - 潜心习安全 代码审计 - MCMS v5.4.1 0day挖掘 代码审计-JetLinks物联网系统RCE 代码审计-九思oa dl.jsp任意文件读取 以AJ-Report为例从0以AJ-Report为例从0开始学习Java代码审计开始学习Java代码审计 使用burpsuite爆破带有验证码和随机uuid的密码的一次经验 分享SRC漏洞挖掘中js未授权漏洞挖掘的小技巧 分析某杀软规则库绕过certutil免杀实践 初探webshell免杀的艺术(PHP) 基于增加复杂逻辑数组混淆的webshell绕过 实战自动化加解密&加密场景下的暴力破解 实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马 小程序sign逆向和渗透两种思路,总有一款适合你 应用内存中的后渗透利用-远程工具密码读取 泛微e-office 11.0 RCE - 先知社区 浅析实战攻防中的信息收集 用友NC 漏洞分析--cartabletimeline存在SQL注入 禅道18.x-20.x版本漏洞挖掘思路分析 端口扫描工具横向对比测评 自动化patch shellcode到EXE实现免杀 若依一把梭哈工具源码分析 蓝凌EKP V16 fsscCommonPortlet未授权SQL注入漏洞分析 记一次某CMS审计(PHPCMS V9 block_admin.php 文件包含RCE漏洞) 记一次渗透测试实战之Sea 记某app使用autodecoder插件绕过加密数据包_重放防护 达梦数据库DMSQL-SQL注入小记 金和OA jc6代码审计(imagefield SQLI_viewConTemplate freemarker模板注入RCE)
2025-01-05 00:12:04 -08:00
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns=http://www.w3.org/1999/xhtml data-arp><!--
Page saved with SingleFile
url: https://www.t00ls.com/thread-73007-1-1.html
--><meta charset=utf-8>
<title>【喜庆2025征文】路由器漏洞挖掘 - 原创文章发布(Original Article) - T00ls | 低调求发展 - 潜心习安全</title>
<meta name=keywords content="T00ls.Com - 低调求发展 - 潜心习安全 - Focus On Cyber Security">
<meta name=description content=" T00ls 工具漏洞挖掘用到的工具binwalk、firmwalker、IDA、burpsuit。Binwalk用于解包固件如果使用Kali自带的binwalk很可能会造成有些未加密的固件解包解不出 ... - Discuz! Board">
<meta name=generator content="Discuz! 1.0">
<meta name=author content="Discuz! Team and Comsenz UI Team">
<meta name=copyright content="2001-2009 Comsenz Inc.">
<meta name=MSSmartTagsPreventParsing content=True>
<meta http-equiv=MSThemeCompatible content=Yes>
<meta http-equiv=X-UA-Compatible content="IE=9">
<link rel=archives title=T00ls href=https://www.t00ls.com/archiver/>
<style>*{word-wrap:break-word}html,body{border:0!important}body{background:#EEEEEE;text-align:center}body,td{color:#444;font:12px/1.6em Verdana,Helvetica,Arial,sans-serif}body,ul,li,p,h1,h2{margin:0;padding:0}ul li{list-style:none}a{text-decoration:none}a:hover{text-decoration:underline}strong{text-align:left;font-style:normal}table{empty-cells:show;border-collapse:collapse}.s_clear:after{content:".";display:block;height:0;clear:both;visibility:hidden}.s_clear{zoom:1}.wrap{text-align:left;margin:0 auto}#wrap{padding-bottom:10px;min-height:450px;border:5px solid #333333;background-color:#FFF;clear:both}.wrap{width:98%}.mainbox table{width:100%}@keyframes myanimation{0%{color:white}25%{color:yellow}50%{color:green}75%{color:brown}100%{color:red}}#wrap{border-bottom:5px solid}</style><style>.threadfix{padding-bottom:0!important;min-height:300px!important}.viewthread table{table-layout:fixed}.viewthread td.postcontent{vertical-align:top;border:none;overflow:hidden}.viewthread td.postcontent{padding:0 15px}.postmessage{clear:left}.postmessage *{line-height:normal}.postmessage h1,.postmessage h2{margin:8px 0;font-size:1.17em}.postmessage h1 a{font-weight:400;color:#444}#threadtitle{margin-bottom:8px;border-bottom:1px dashed #999}.defaultpost{padding-bottom:1em}.t_msgfont{font-size:14px;line-height:1.6em}.t_msgfont *{line-height:normal}.t_msgfont ul{margin-left:14px}.t_msgfont li{margin-left:2em}.t_msgfont ul li{list-style-type:disc}.t_attach{border:1px solid #999;background:#FFF;font-size:12px;padding:5px}.t_attach{width:130px}.t_msgfontfix table{margin-left:1px}.t_msgfontfix{min-height:100px}</style>
<style>.markdown-body{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;color:#24292e;font-family:-apple-system,system-ui,BlinkMacSystemFont,"Segoe UI",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;line-height:1.5;word-wrap:break-word}.markdown-body a{background-color:transparent;-webkit-text-decoration-skip:objects}.markdown-body a:active,.markdown-body a:hover{outline-width:0}.markdown-body img{border-style:none}.markdown-body *{box-sizing:border-box}.markdown-body a{color:#0366d6;text-decoration:none}.markdown-body a:hover{text-decoration:underline}.markdown-body strong{font-weight:600}.markdown-body blockquote{margin:0}.markdown-body::before{display:table;content:""}.markdown-body::after{display:table;clear:both;content:""}.markdown-body>*:first-child{margin-top:0!important}.markdown-body>*:last-child{margin-bottom:0!important}.markdown-body a:not([href]){color:inherit;text-decoration:none}.markdown-body p,.markdown-body blockquote,.markdown-body ul{margin-top:0;margin-bottom:16px}.markdown-body blockquote{padding:0 1em;color:#6a737d;border-left:0.25em solid #dfe2e5}.markdown-body blockquote>:first-child{margin-top:0}.markdown-body blockquote>:last-child{margin-bottom:0}.markdown-body h2{margin-top:24px;margin-bottom:16px;font-weight:600;line-height:1.25}.markdown-body h2{padding-bottom:0.3em;font-size:1.5em;border-bottom:1px solid #eaecef}.markdown-body ul{padding-left:2em}.markdown-body li+li{margin-top:0.25em}.markdown-body img{box-sizing:content-box;background-color:#fff}</style>
<style data-id=immersive-translate-input-injected-css>@-webkit-keyframes immersive-translate-loading-animation{from{-webkit-transform:rotate(0deg)}to{-webkit-transform:rotate(359deg)}}@keyframes immersive-translate-loading-animation{from{transform:rotate(0deg)}to{transform:rotate(359deg)}}@keyframes immersiveTranslateShadowRolling{0%{box-shadow:0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}12%{box-shadow:100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}25%{box-shadow:110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}36%{box-shadow:120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0)}50%{box-shadow:130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color)}62%{box-shadow:200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color)}75%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color)}87%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color)}100%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0)}}@media screen and (max-width:768px){}@media screen and (max-width:768px){}@media screen and (max-width:768px){}@keyframes image-loading-rotate{from{transform:rotate(360deg)}to{transform:rotate(0deg)}}</style><meta name=referrer content=no-referrer><link type=image/x-icon rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAA9PT3/fX19/319ff99fX3/fX19/319ff96enr/cXFx/319ff99fX3/fX19/319ff99fX3/fX19/319ff89PT3/fX19////////////////////////////rq6u/xYWFv/b29v/////////////////////////////////fX19/319ff///////////////////////////8vLy/8BAQH/RUVF//39/f///////////////////////////319ff99fX3////////////////////////////8/Pz/NjY2/wgICP/t7e3///////////////////////////99fX3/fX19/////////////////////////////////7i4uP8AAAD/pqam////////////////////////////fX19/319ff/////////////////////////////////+/v7/TU1N/yMjI//4+Pj//////////////////////319ff99fX3//////////////////////////////////////9/f3/8QEBD/jIyM//////////////////////99fX3/fX19////////////////////////////////////////////m5ub/xEREf/l5eX/////////////////fX19/319ff////////////////////////////////////////////////9TU1P/W1tb/////////////////319ff99fX3//////8/Pz/8uLi7/kZGR/+vr6///////////////////////7Ozs/yMjI/+0tLT///////////99fX3/fX19///////X19f/AQEB/xMTE/9gYGD/pKSk/9jY2P/09PT//v7+///////MzMz/HR0d/+jo6P//////fX19/319ff//////+/v7/ysrK/8AAAD/AAAA/wAAAP8AAAD/DAwM/x0dHf8qKir/Hx8f/wMDA/+2trb//////319ff99fX3////////////Q0ND/Ly8v/wEBAf8AAAD/AAAA/wAAAP8AAAD/AAAA/wAAAP8PDw//8vLy//////99fX3/fX19//////////////////z8/P/U1NT/np6e/3Z2dv9aWlr/SEhI/0ZGRv9cXFz/srKy////////////fX19/319ff///////////////////////////////////////////////////////////////////////////319ff89PT3/fX19/319ff99fX3/fX19/319ff99fX3/fX19/319ff99fX3/fX19/319ff99fX3/fX19/319ff89PT3/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="><style>.sf-hidden{display:none!important}</style><link rel=canonical href=https://www.t00ls.com/thread-73007-1-1.html><meta http-equiv=content-security-policy content="default-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'unsafe-inline'; media-src 'self' data:; script-src 'unsafe-inline' data:; object-src 'self' data:; frame-src 'self' data:;"></head>
<body id=viewthread>
<div id=append_parent style=display:none!important></div><div id=ajaxwaitid style=display:none!important></div>
<div id=header style=display:none!important>
</div>
<div id=nav style=display:none!important>
» » 【喜庆2025征文】路由器漏洞挖掘</div>
<div id=ad_text style=display:none!important></div>
<div id=wrap class="wrap s_clear threadfix">
<div class=forumcontrol style=display:none!important>
</div>
<div id=postlist class="mainbox viewthread"><div id=post_1205164><table id=pid1205164 summary=pid1205164 cellspacing=0 cellpadding=0>
<tbody><tr>
<td class=postauthor rowspan=2 style=display:none!important>
</td>
<td class=postcontent>
<div id=threadstamp style=display:none!important></div><div class=postinfo style=display:none!important>
</div>
<div class=defaultpost>
<div id=ad_thread2_0 style=display:none!important></div><div id=ad_thread3_0 style=display:none!important></div><div id=ad_thread4_0 style=display:none!important></div>
<div class="postmessage firstpost">
<div id=threadtitle>
<h1><a href="https://www.t00ls.com/forumdisplay.php?fid=52&amp;filter=type&amp;typeid=1">[【原创】]</a> 【喜庆2025征文】路由器漏洞挖掘</h1>
</div>
<div class=t_msgfontfix>
<table cellspacing=0 cellpadding=0><tbody><tr><td class=t_msgfont id=postmessage_1205164><div class=markdown-body><h2>工具</h2>
<p>漏洞挖掘用到的工具binwalk、firmwalker、IDA、burpsuit。</p>
<ul>
<li>Binwalk用于解包固件如果使用Kali自带的binwalk很可能会造成有些未加密的固件解包解不出来的问题这时候你需要去进行完全安装binwalk。完全安装的方法可Google查找有很多。</li>
<li>firmwalker是用于帮你快速分析固件的一些信息让你可以在短时间内了解一款固件的大致框架以及一些服务项安装方法可自行Google有很多教程。</li>
<li>IDA用于分析固件的漏洞点需要掌握IDA的一些基本使用。字符串查找、函数查找、交叉引用等。</li>
<li>burpsuit主要是用于漏洞的验证工作。</li>
</ul>
<p><strong>挖掘流程</strong></p>
<p>1、binwalk -eM 固件 --run-asroot</p>
<p>2、Firmwalker 路径(/home/....../squashfs-root,定位处理文件。</p>
<p>3、将处理web服务的二进制文件使用IDA反编译进行审计。</p>
<blockquote>
<p>3.1 看危险函数例如system、memcpy、strcpy、strncpy等危险函数。</p>
</blockquote>
<blockquote>
<p>3.2 根据危险函数,查找可能存在漏洞的接口;查看当中的参数是否可控。</p>
</blockquote>
<blockquote>
<p>3.3 寻找前端传入的参数的接口,拼接命令或者长字符串导致溢出;将审计出的漏洞寻找设备进行复现。 </p>
</blockquote>
<h2>Netis-WF2210型号路由器审计过程通过接口传入的参数找到处理参数的函数</h2>
<p>fofa随便搜了一下弱口令进了后台看到了版本型号每个模块功能都点了一下看了数据包和接口之后再去官网找固件解包开始审计。拿到固件之后对固件进行解包解包之后看以看到整个文件系统。接着使用Firmwalker对系统进行初步的一个信息收集。</p>
<p>
<span style=position:absolute;display:none id=attach_167826></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABJQAAALuCAIAAAB3oduPAAAgAElEQVR4nJy9WZBc13UgeM7LtTKzKitrX4Cqwg4UtiIJkBQXkaBIgpJIWZbkpTsmZE+3e7xM9HzMTH9MzP98zcxXf7R7+qvdHe6ItiTLskWRlCiCMncCBIkdqA1A7Wvue74zH/eee899mQU5/FgsZL27nX27973E587PgLj+/F+8AQAI+hcBkW1EAAAghMCFBKIXEPdUY2wrgtMvOAsiUbBdL6nHobwJPJsZqD7IeRBRzEQAoHsCACIQEBByJxJtEm+09AAJoZncIExEKGBEACI7UAATwA+A10MA4onVLTmIiICIb6GFVFCEh5Jgop7YIGJw0Dx2GebAwtjbZQ2mDIKFUyALnbDtNA8IihERE06IiofoE2k4WSA6z+4uxLArxvOfxEu1QWiAcQgCYG9xAwrEDZM7jDKrK5g91EKGkmO6BwEgoiN5AW5YIVYzSO6x5MoV7Tgl7Y5yOXpNFASp84U8j9THR+i0Heb8iUAaL5ZkjScxfggOezSFEbVoQbul0O0KIDLyKMBzqGKEjggV4TtMafoAAWmSs4ATogeAREqtiDTwaGVIa7M1DmCxQjU2SEIEay0JPdTcJi2ciEFj69ol5rKRDTSGCLStMxD55KsJPERSnxG1OSTBHLYfSGhvkp7ccNYxvJoA5Bp/1GREtkIuqMwYNsvCwPhCt6zVDRg+ACRUBBTcRNOOnuK1AQ0BfNCd1W0Ni2P4UGssarFFsgJGiipyLTbdTGptKKRsOZ1Fi7B6KPGyBDRkJCAAz5UFrSJiSNBPut4GxRBtAZzVDWCO7hI6f7K4acIwGJq8LmpAbb+xk8kUA/cyqSDm1oPIBibS1km7HKBK5wXUAF9jYSY02GKAIXyfXa8zofRYj14WGGZ0u3W8Ojobsmx0egbmkf4VXalUEg0SFxejwOwI5LNBEwqqu+l/la54dhkiQM+BKeBM5Afd5ElFAAB23r/d9QhYO8ozsFMDu8ReXHMHOY7lt/Z/1ERyoAydMDDhHjHkb53cmeOfO9DCQyw7FmkMTkvC++jBDjbY9qEdMAww3SzGrch/C8vj6KSGzwS8TFsS87Tj25FExkmRcHkA4GmT6Nht4rUCM/tyQpebAV7vBQOSEgMgRAwH2hkn61CFcBGTTXtxdjzGmNmeYhrHFLgwOsbdyYs6wN3xPoBGRs+wdxAWiHicfM/0sOR2QgQ5zoRrZl7DKpSqpfFnE7NXLhPEEHT4ASb7EmJmgkcHMgO00iwRn4E1Bi4W7h9t1gwZMSF9jngTcIyD7KZNBINgQhYbBiCwhXTVRAboBlvFR4loQAvQ+ayjJ4/v+j4hOn0UJCx7Kgg1aykU1KJABJ4XzHPU6hpBFSC6oSFyOOSkpqqbDvQ4wm8jOIJkMhFDq3+bRaS1MfxxSOfM6XgWALDCIhSENDDE/ve3X8HMrW3Otgs7yb5mKMfFek5L+ED0AEbBO0xjCBegiUkJuZ9QeWQcCNFSxiwh8hA3UtMewYawxtEKF0IAaDwG20FjBKzR5gBEqasSFucyhs2O1dGP0jlOh5iN2rnYVVEwVmc25vLQI7ZebEI8vZxKg3SeoMfqiUXtzhFkzpoYcv1Z5mZo/gMfyNNQtQmPSwY1oc88tKrC/DKlB0QUuaJpVS5TI+gbmrMEok0/DNWtnWcJZVVkuUQWBcfj7o0LCplBbT6lsxB1QIO2mMg6ADK0ZJWRZl8MRbGowZFYUMz0JJdyKjwBA2rvmEiIOBKSNkpLiZi1PVQyAxzv5vYiAACPpZrleU8zY8sUxvFYylvLIrSJTKLCtLKYdnCKgkB6ygBSHQcIMZHRa4dYX4JnjUvAE9k7wdXYwpj/naKA8CjAvoplU6utVnxBPSsazH104ReFGIuEwIyZ5gs9kFaUyWJkP0gVyRQSXDL2Sswmx3agrhBglKjZHi49DdeCLY5wSWrImTqKdNtU3MO4YRCWoA0kTW13lnbFCk7PKD96iLABDBJYCmtltzMaVQNQ6LdTHBA8JXR6LiNIYto2TA1wTgeR57TLvZTzYBOxxdbmG01P3IMQe9oXMl5DLADgB5WYqYFIzmzBoiuBrbhanyI/GKwF+lw0BQSAcCcvETQYwAUZYKsm11E3HXsAhkgul606GPm3AmuTkQDd2k1YBxobi7wX9SU+7bsQbcJqog33s4EWTLoiIm+AdudH7a4aHH50vMhxjY5e6XZZgnaUh7SWoITWIIpWjx+t9Q4SjlcVzkMYd/sRLaPZiLu8Nd4EdCVeS0UnAZC7qRZJjoIVpQCRfG0lbAZtLK8HqEaQq3vKAaMJkU3WRBZ45ivHQAS85aiWNbQ3iZbxjAhg9UysCUwoqRtoJMfc4WZ0PaHQMjuhpJWdsBMxnVFo8AtejKMTjhtGA1imBja6OymgqsAK92mqUppTvpQWqYOuiAqecKiKGgy0t7W0WIAFQsgMtKbQBA2MjrQNvjVVCMDpPbrYtHsBlWKJXMXKNq+ORselupgsBezExNTiPEp7Ba5eE3BGpXQPGSvrEVGZaFsOMqGuzhoRAUBUx43skC7GmNTDkT3hXXhbLuDdUH4mIgW10h12LMweJV0qm0IusYDF35KRXEmTPQHQs1m6zcGFGfE8T+00IqEPRr3J5KfA2bRVbUMPp2JGwUKeWz1kf6BV1iS3HNMwFwImWssHOrgx/YR4kFUBaXesPxWMMDLoyirvstqKNAiGCLXofDllIGDzZBpBG0DhuCzEUvV4ReNKjV6J6gFwzc10l6oILmomPTA+0Y242UnaG8ZXCepISNDpa02UsT2GCGL/yxKTBEhsA0GYNEsfaUshaGucSVj91T+mJ5n/iVN1dkhkyqgW97YIAYxpsi6E5CId7J2Zi6G152RQb+x7DD/LakCw2icxnVH2Nx/cQimIII6JKs0/CfMnB1kZU+OMy7Ou2iFCp6iNwXNEzGl0pnInFMbPHcdGzPYXRknc7HSR22brFG2sk4x2RJltH2jH1wk3d0khFyayCHpwjUXAJgQ0UXRT0BttIrNS28xmEhQSsjeFWEYf0aFtfgOA3F3g8dq4BrhmoCK5pwptfdjak64my9CL7bmPHC4oEoTt5EH7pAAzTEPjiMCSz4g5gT1PImZxUxS3/ALoFASccaYbCQ8RPN8nUj7u4cwnHba96WoYcy+wNcXrCQD1VAAc7AfXVBEJV0fUHd/4jI7Z2iNudkrtgt64vUkUvC1juQRiDzFIawPQJr9M0T3SSz2/T+RQzZhC3jozjlcE4VZAgqabXVRAxG2GxqZZBwMyc1AFdg7CTav2H2TnMdoQdPky3oIgWYwI2XSaP3ewzMJtGz/VPnknYSZnBksy50ZAxQTVHSgcROwSwVhM/oEupjZnDtQd9FKE7vC2eEgsIZWEsUDBATOtDlk6uEFblxUooIuXjiuEj0I+q0AcSphcBXgZWc7X2MsyAmfphu8GAFO9UVxBdFDyHMvnspHId5hlOW8tDiFvEVumOPRGAAAvcDqlAwtInVMy5OMYhpNVlwMGVBQWT88CBAA+qJwOg7VE1GmEmZSCJycDKTfq1JGAEJXa6nIHkY+eRzqvAESvvVIg8UVE8IN1hHZqqKXYZbCcsd/0QEPVqchrpTgQvzr1USN8VowNsiC7Cdevi1gWeKUbaJyT4Yvkr8lzOio0Mvho1DKYfIv8HewJKMee6T/QWXqPsmMwWNGa4QQF2nJbvNDNIzp4vACvRW8UsUmHS9g/NHcE6Xg+U0NsGxg486LACTitPRa3g6gDVmTOqwiCs78wehec3ZQwTJYekFJR4wAtfBydAbHdU8uwczTDUfzJnONWkTUhV+kDbs8Ij4191FY4O2cjf0KFuIbhpp2yCaUTJQsMCrzYEluSS9qbT6aMtkcpYo9KitPDnbatOWCDXe500Jp2M+a2t0GCe/XscFl11nN1CAgUudsqR3wCOWAvjEloWwXdPsb28C0UYhE0YwLWIBjuStbXsoEhI6WBIcK3toX1wZgF2jbQ3UYgUPE+eVxx6mSl5EmxdnSQSe3077ikkWzRgXXW
<div class=t_attach id=aimg_167826_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:887.891px;display:none>
(913.42 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167827></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA24AAAIiCAIAAAA/3gyTAAAgAElEQVR4nOzdd1wT9/8H8M9dLouwl4gCIoqI4EBRq+LE3Trq7rettnV2WKtVa/Xbqj9bW/esdrhaax2odWG14qBiUdwiKsgUERQIMzt3vz+upvkGEpLwIYv389FHH+FyufvkZS73zn0+d0cUFxczDIMAQEgsFrdu3drarQAAAACA3SChjgQAAAAAAOYhrd0AAAAAAABgryhrNwAAh5Kfn19VVSWXyxmGIQiCJEmSJDUPEELkS9rPso81/7f2mwAAWAJFUTweTygUWrshANQLlJIA4CGRSNLT063dCgCA3VCpVCqVSqFQuLi4sD81AbBH8NkFAI/U1FQYeQwAMJVKpaqsrLR2KwAwH5SSAGDw/PlzpVIJfdMAADOoVCqpVGrtVgBgJiglAcCgvLxcIBBYuxUAAHulUCis3QQAzARjJQHAQC6Xw1AnAIDZVCqVtZsA6qBWqxUKhUKhoGmapmn08jRKHo/H4/E4HE6jXR2UkgBgwJ6vbe1WAACAI7ty5UqPHj0sv161Wi2VSuVyuc50tupSqVQSiYTP5wuFQiwVnt2tDkpJAAAAAIDayWSy6urqOmeTy+VyuVwkEtVzsJM9rg665AAAAAAAaiGVSo2ptDSqq6vrcwaVna6uEZWSMKjZkuLj4y25OpM2Bstgx5oAAACwUzKZTCKRmPoqiUQik8ka1epM6OBWKBSnTp06f/58dnY2Qig4ODg2NnbYsGFcLtfUpljeli1bzpw5s379+latWumbZ9u2bWq1+t133xUKhQRBJCcn79+/f+LEid27d7dkUx1Adnb2L7/8MmzYMIutsaKigsfj2c5H8fbt2zk5OX379vXy8tI3z40bNxBCUVFRXC6XIIj8/Pz79+9HRkYGBgYaWPLNmzdTU1N79+7dokWL+rfz5s2bSqWyW7du9V+UBdhXa/VRKpXZ2dkEQbRu3dqMl9tFCFevXs3JyZkwYULNp9RqdVxc3IULF8RisZ+f36pVq/h8vuVb6AAyMzPXrl37+PFj7f36Bx98UGvswAxqtdrsgxTV1dVcLtekgYx2vTpjj0oWFxd/9NFHt27dmjZtWlxcXFxc3NSpU69fv/7hhx8WFxeb1xpLkkgkUqn01KlT+mYoKys7ceJEcnIyQRBjxozZtm2bWCxOTU0Vi8WWbKcDkMlkS5cuXbBggSVX6uHhUVJSYjtXCGdvYpGTk6NvBplMlpGRkZ+fTxDEwYMHr1+/LpPJioqK6vxxqTm3DoucnBzjS1KpVPr8+XOz11XPlyMTW2uzKisrr1y5YuCzYZhdhLB169b9+/fX+tSpU6f2798vlUo7dOjg6elp4TqyrKzswYMHllxjw1mzZk3fvn0PHjx48eLFxMTExMTEw4cPHz9+/LfffrN20/Tq/ZK1G2KUel7p09SX2/XqjDoqqVAoFi9e3K9fv4kTJ2omdujQoUOHDvv27VuyZMnmzZtt54BQrfr27ZuQkKBUKvXNcPr0aYVC8dprrz169KiiosIueidjY2MNPHvu3DmLtUTb7t27X3nllU6dOllypQKBQCAQlJeXu7u7W3K9+jRv3jw3N1etVuubITMzU61Wt2nTpqSkRKFQGCiCb926pf1rraysDCF0586djIwMzcTIyEg/Pz9TGykWi5VKpa+vr5HzHzhwgM/nT5o0ydQVYXm5qa11SA4QQmJiIkJo6dKlwcHBll/7e++9JxKJfv755wZdy9tvv40Qaui1pKenr1692tnZWTPFx8dn48aNc+bM2bZtm2aiQCBo3br13LlzQ0JCGrQ9RkpMTGRLSX0FJfsJsTq1Wl3zjGaTyOVy48+wtpHV0TRd86p2tU7UWZ1RpeSpU6eaNGmiXUdqvPHGG2lpafHx8SNHjjRmUZaRkJCwcuXKmtP/+OOPP/74Q3vKkSNHXF1dZTLZsWPHeDze0KFDjx07hhC6fv36zZs3EUJxcXHsJ3vw4MF9+/a1ROuNZq1i0YCsrKxLly7t2rXL8qt2c3MrLCwUiURW+VVz5MiRmj9UcnJycnNz2YsEEQTBHvAWCAQqlSo9PZ0kyZCQELYiLCgoKCoqQgjdv38/NzcXIdS6dWv24FNpaenTp091liwWi7WPlxsYtmFAdnZ2UFCQvVzDyL5a20AcIAT2d1FQUJC1G2L3lEqldh3J8vb23rt3r+ZPmqYrKirOnj27Zs0a7frSijQVpI2UjPpgOblCoVAIhcL6rG706NG1Tj969Cj21dE0vWzZspiYGO2jVOfOnfvrr7++/PLLmtWk9uqMKiUTEhKmT5+u79mxY8fu2LHDpkpJT0/P6OhohND169d5PF779u01T1VXV6elpTk7O7dt2xYhRFEUQmj79u3FxcXh4eEuLi7nz59HCD158oSdPzc3l921d+jQwfJvxO6sXr36ww8/tMp9XwiCcHd3Ly0tbdKkieXX3qRJE5VK9ezZM4qifHx8NNNVKpVYLObxeN7e3gRBsFvjrVu3JBKJr68vj8djRx5XVFSw9UFZWVl5eTlCqGnTpuwSBgwYUFBQcPv27W7dunl5eV2+fPnx48dDhgzx8/P7888/GYbp06ePeb2EOTk5pl6hTS6X7969GyEUEhISExPDMExaWtqDBw8kEombm1vHjh3ZEuHJkye3bt0qKyvj8/ne3t4DBgyo9eUN3dqakpKSnj9/LpVK1Wq1i4tLx44dNZ3F+t6LSfQtRKVSpaSksAeq3dzczG6/qSFcv3597969BQUFTk5Obdq0WbRoEdvIU6dOnTlzprCwkKIoPz+/3r17s3us0aNHu7i4sIfTzpw5s3379okTJ7Jj744ePRofH19WViYQCDp27Dht2jRXV1d9q2DNmDGD3R4nTJig+edmO3zGjBmDEGrbtu3XX39tYAkae/fuvXHjRnFxsVwu79ix4+eff84wzIkTJ06fPl1SUuLv7z9mzBjNKgw8hRCqrKxk32zv3r0/+eQTU+I3VkMfj9QnKSnp4MGDbA9+27ZtJ0yY0KNHD3d392HDhv3www9WaZIOGy8ftdlIKYlqqxr11Zf1XB1JkjExMdu2bVOpVEOGDEEInTt3btu2bdOmTav1Bhwml5K5ubkGRoi3adPG7HE/DaRTp05sB+uSJUuuXr06c+ZMzV7h119/TUtLGzNmzFtvvcVOSUlJOXnyJEKIJMnr168/efJk2LBhc+fOPX369Nq1a+fNmzd06FBrvRH7cvXqVbVabZXrx7KEQmFFRYVMJrN8LduzZ0+1Wp2UlFRQUNChQwcXFxeEEEEQDx8+FIvFoaGhkZGR7NZYUFCQkZHBHqR89uxZRUVFq1atevbsmZWVdeXKlZ49e4aGhuosnM/nP3/+PCMjw8vLix2hwufzKyoq8vPz/f39zasj2a5SU8tuDofD9kuy5fLNmzfv3bvn6uravHnzwsLCCxcuDBs2zNXV9cKFCyRJtmjRgmEY7Q4XnZc3dGtrysvLk8vlzZo1o2m6sLDw4sWLo0aNYgdF1PpeTO1K1reQpKSk7OxskUjk6+tbUlJiXuNNDaG8vHzVqlUkSXbv3p1hGB6Px07fs2fPsWPHnJycoqKiKisrHzx44OHhoW/npMHhcJo3bx4WFpadnX358mWE0Lx58/StguXj4xMQEHD79u3169cHBQVpn0/Wr18/hJC/v7/hJWicPXu2srIyKiqKbQZCaO/evUeOHHFzc4uMjLx///66detUKhW7WANPIYQoimIry7CwMCOTtAs//PDDuXPnpk2b9uWXXyKErl+/vmHDhrS0tKlTpzo7O9vIBUwa6JDke++9N3Xq1FdeeUVn+t9///3TTz/t2LHDjGViGeRm/EJsZHXs8Uj2ADZFUWwdyZaVhheC4RLltnOuQ01jxoxJTk7et28f+0tXqVQeO3aMoqjhw4dr5klOTtZ+iaurq/aztszWxkr+8ssv06ZNs27vm7u7uxVvhx0aGvrs2bOHDx+yB8Vpms7MzGQ7sjXzFBQUaB4zDMPn82vWjjq8vLyEQiHbA86el8Pn8x8+fEgQhNljUs3rKqUo
<div class=t_attach id=aimg_167827_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:1685.3px;display:none>
(37.93 KB)
</div>
<p></p>
<p>使用firmwalker之后生成一份信息清单。根据这份信息清单就会对整个文件系统有个初步的了解。其实直接就能看到web的目录。</p>
<p>
<span style=position:absolute;display:none id=attach_167828></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABPQAAAJjCAIAAAAEaNj5AAAgAElEQVR4nJy9Z3ckyZEgaOahUiORSGiNQulqXS2X5HE4gnO7b/btm7339t/cT7ifcfcDTs3M7s6QO2Q3W7FlaaCgRSKRWoR2uw8RHuERGYnuOSe7kBnhbm5u2s1F4v/+v/2vBAQABICIFH4EBAw+AAAAEkD0FUH6Mq0gAv1ElSQYzAISVEEKUYqfkvgkcKVMhKIxIKL0LWoNIZKY6J3SrQnDzjFCIiRU8C8CIks0RiCKyCUjLqpI2GJI/Ahool2a2gTR88SIKf6DiASpZgIUQtYbGbu4izTsZE0iAsREvwJnmfMBaSfZTABE4mtEIQLKHHHYUdxZhrgk2iFiICc0OdZAtimzXSQRkNGHLBhZ8vpzStSb9IFkMhChPL6EtCcxjZGZfCjEOoVmQvSS71BIFAkIhOlaghUkP0qLcqQqQnlIeo/pJhODAQhVNaqGEHUZvr8BQtBlhCoQEPKIFHJDRKRJGxVaGkKIdDJb3IAYAAFOsiOCAzGXhSkT1XiIQoASSs0p4J4sHqEUxAhHcGSrFtaT8cGwefQ2XVkedsCxpKylACYGdUOJFCWp/DEpMH6IQiplPUSJjJgaFEhI/kwvkyyh9ks0jNQCMd1VuqH0WcblhppSISCUaTKlWsZzpATRwof/huEHkoMs2Xv4KqNnROmdwJlk/0JJOUh5RgQElFpPG2qEXwREqhk7U/EurW7TgMTISL49xTNh6IiICDF0GTcWIaOU8HQyVkKUbgYWC5xonbAkkpQllJQohBtyM/YbFA2WJAwoBjIZtUWehTDwxhloEwBS6AcEDyYHE5qWiN0o0ImrCBmIcA/RjhU9NNqJWIxCPQ2dEcZhVcLwiS6i8BUneB19SL3KdIYRrSIfxJImKa7PhcOI9IpirmFYBSAYQsKjCbsmjLLse1FYyZRrjwk34dkFwSCmgORFCEKRDT2I6DoClCYmyNwMQSdtTRjyEgEFEoAh2pGDiUYUyamkMym8I6ghqQAyBkiRwkGSPpioHRE8LcrRR6k+yl2ndCBLOCZMTCjrEdszjWKEfWTIJjCLNYSkmCOBQjhSiSMwUTIFOqAbST0LUNOsMskAon6JZHkU9lPUxAR1aIpnjatQ/BmlJhNGKoPmEHI+IGdcKfqOAKDKaApTkqCSpHNh9ze6l6hiZq2kDE/4x8mCgITxiCXfAhjF39MRSuorRYhhLCrBs4RMTwiemCpg5MwSXiQwBLGcYJJ4yT/BDFBmV7KSxIBEpcgkpUKcCCFhE+SGSdkN8EVIxMahIklDm+QJCgcWI4YQ2GACkibTIphAqRVIbJ7CbZQ+oayzwYClyQ3cwG1Kw0/MZBJC/DOmppgiXgrIVKuQBSlGUDwImSoZe5SFQZqRyGY+izcp9yceTnF+mSW2KWJUUe+JSCP6V4QRyYKJvyRiHkkwfzYqKasTjxFjoYq7kw1lVEl2DZGvisQ0bpvGLcnYm4x/bF4nDa9QA4rGxCVwGGIZtQ2D1oQxk3gRzm/jqFC2AQlOSK3jJA0AkJi4RmJN4ejTDVOFiyYCmiyPmSUdGMjCTrHyyTovq+ZEfAApriUqZEh+NnopRoYig8m304KqyS5iKEmYWVUycUx9mN5NTE6cGFpG86kCK0VswtkJeAFFQ2EjObJLqKPc709NAzHIXErVJrDKpuKEvYl0JTOiyNQ+GVziVZqAgQdPTWszJ3kTSEcucKJHmIzQYEI4ZK7SxOPgG8nWKbOfVC9hMk9CUta0pGdJhx4YhzfCWMVg031Hb8LccTizjaSF5IZRPC/6zZR+nHib1RfFdRDj+XAITjaPCScRVMNkzJbAJ2lQZGWLRy/AIgClwr+I7CRBkSNlDEM3lNAi+YNUD2TuYNpMTxItoQNyjAbhjDohPMk5VFxfqpKgEVFoETAcvzxkgQCiGK2IsqU5o8R7guT0IZKQ2BjJg0hCEO52mr248VkS45/ZRvg9vHnSk8xZhKjGL2VXJwYcZgPkbohim4PCTwdcRICIj4R0Y3Q3+QIRAgLLNi5h+SmmTYAawwTmsbhk0DBhHpKvuEQWyjAsECE16drTYjvhMKImGVoQPFEn4s5Y1ae4oxskZFLxfqLcYMxAyErAhWh5+SdDg8zVIUo1TeOZCWqCMpEMJ/geoiYIl1hjjBsmXQTKo5pwfdOKrDM08SJShBhmBF8ST0p3GCpXimEym6POEIDHNWO3TJGnJ5E/lvqVUEwuYwtco/w6AcU4J/NKk6sUKWGPkQ7ZcbM9yhJQkuzTFEZMOIObRFiOLSAeQiRGUcsUT6bJ5FTHn0mMqTWl6tPXfsJ1QpmzEWXlyC8b1/ipWJjEyDlNjCZB83hKDHH94F8WfcYorhKdRfUnp9NISOF6+A10kZpEmWNh8CVtx9jhBOE7TU7dI5yFJmQ4HAjeClGIbHRk8+SIh5JNETAzYZASRUz9DbCSkms/YUhT4pmAlopQkkv5YQA1maZKgJMillT4PGkTg6fpJ5Nknc5iSgEJFEHwhmCCepm6caO/SqEtfxC9/9ylwZ/7IhrVTyazpuQXZZ6Eb7hQNKnn2P4n1pmmoIQYKfzPiRSy8Jos0hLf5HQrDgRjbLMB0s2vJdssfc3U35TFvRFqwieHm0LiQGuKWOEkCnH0m+BmgtDZG1JiSJkvEOJMTybbMtpGS5GYXU0WgOgTj5APXKGgRmIVWsY/qpxEK2Vx5LpxekLAEUt52QSYiIWiD5LmRgiL7sMPLNkWYvXAhOaL6hjbmhv8EWHUF+JEQHuzUSWBO4HY7yHTTdi7G9yhCOMSoRBGVjJiLMUjhaReSlnD5GRWlpB4PVcwKiMBF2IiQ0hLZ2TBIYpVhJZBHLrAZMPJh5jG6QY7lfQo0a7FqR1FBBUJjgw9o/QA4/0zFPaFJBJJ2SZHSsHEMDFIxyTqCoDhZ4FUkMuIEl3SZt7YtUvDT5qLGyx+jC+FWFPmjhI5MpEGGCOQgINRhYy+gpVbeXE0U3SS/Sfexlo4xbHE6UMSWjqZwsksU2x0hE/YFyankymrgYKNMmaJdYhk/aRhlc2liHkFO4QYBtIU0wljQY6oGvsAgsTCYUKWKUnA+HnMbIREujKGKQ9eEpjYyhBlskdE6QCp+CgxJY9WyNMZbWF3E4DTshk5sxAHlBqnhpgALfyAmPBIcpPmMUhwJ9a2UXI7mSUD2k2FJj9nhVwhv+KvyTyVJGcQiYykLJNFbp02CuJh+Dxr0hr6XZQCBWG5kg4+5FcARISqMQTMMq2U4H4sewSyHBBAHOIzEAIbAg1MdwgkYL4YTkzcQL8CUYg36AR4B80JKZhShxNdygr9hV2QRicBj/YcyPY8YVsmpVB6Lgk4odjVJ6Q5ABOb3IShkEmYLa3xCkYqI5WY74YpjKSUYOLzVBuMEx9EdzEM+UiCLIyxVCSttxAPiY8CgaQ9S9iOCE+ISScjlkY/xeVk0B7BQEkVEyB+SvPl5aAbXFNCvaMmFA8WcaI5TYJNUipUjUwfLT2K04NpmQ+NaKxiks4G8CMfHs1vs0Z6gw2NRO4nXXvkXtIjEUtjNy2fSkV25yn0KFKzaUDidRT5e7zLbVq7NEHS7iCitEAx6QiF6Uja3CRkabNoMt0qA5nUrwSUOCaQekib+uQGj8mNOpBypwHumKSP2MAFEFFTrC/FblEYVJo6/aYU4qEg0AQRwtqTW13kr9Eq60Q/CPHSq+hF1tMQTBDXT/SbBiXhDwiJ1GoKtQDboOdpTjyp32FgENMlaUMp4kYKgpCGCFpixSyiwGTO4MYhpnxl4n0UEoht8xIygks0MTDpgEPkyQMgwVomRUKNcTVOISixU0HieWpPGcoSgCm3dNOw5V0A8uMp1XGCF3G3kTCgxG4Ub0IOheIoqWxyU5XYpprwVjJqIccxkm1Z+CMCCOsUPk2Zd0IAxmKOkMRWqddoZ3ukfVOdUrKImAoQAFho3GJ1k1ENqCPeEWYE15JcEoUZHEy8UsONZ1NsQLLjxOMo1kDJ9EzfZpwY/08qVGZJGCoparlxCjzZfaSi0xKcE20
<div class=t_attach id=aimg_167828_menu style=position:absolute;display:none>
(292.67 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167830></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABQ4AAAIgCAIAAABLRGOrAAAgAElEQVR4nOzdeXwTZfoA8HeOTO70PuhBoS1Q2nIVEBaUQ1BBREQudXeFVRFRQYVVF5efx6636CLCoiiCBywooIACKsihIOUoR6FAoZQelN5Nj9xz/P54ZQxJGpJ00qTh+X748EknM/O+edok7zPvMURNTQ0CoaWhoaFbt26BrkXHVl5e3tLSYrFYBEEgCIIkSZIkxQcIIfIq+2fxY/H/QL8IECxommYYRqlUBroiAEjMYrGcO3dOq9XSNI0/CSmKIgiCoijxU9H+IxH/b/8JKW53+MzEn7StgQ9YAAAA7YAOdAUACC5Go7GwsDDQtQAhhWVZlmWtVqtWq3WfAADQscjlcpVKZbPZcK7L8zzOkwVBEAQBXc1p7R87/+gDfBFTghfQ7pqammw2m81mwz+K1wjECwr2WxweI1fXFAAIEvi9L5PJAl0RAKQEjTYArnHq1CncjANAWizLNjc3B7oWAEgsNjbWZrOJuTFCiOd5QRB4nkdXs2LxWc8/XUPvc9hms1VWVhqNRjFPBiCUCILAsqzZbA69Ny+4kUGqDMAfqqurcfdIoCsCQhPLsiaTKdC1AEBKKpWKZVme53FubJ8hI7sk2YHDRud9Qq+1XV1dHXovCgAHgiBYLJZA1wIAyUCqDMAfGhsbFQpFoGsBQpnVag10FQCQEkVRHMfhbmTcnyx2IOO0WWSfPzv8j7zPjTtW2mkwGPDo9EBXBAC/EwQBhk6AkAFzlQH4g8VigamkwK9Ylg10FcB1cBxntVqtVqvYU4oXrGIYhmEYiqKgOHt4ijLP8yRJ2ue9DmmhD/OTO+6EZGdms1nyXyUAQYvjOJi0DEIDpMoA/CGUWmYAdFwHDhwYMmRI+5fLcZzJZHIePYhTQZZljUajXC5XKpWSpD0hU5zDRGWHnNl5TS9xrS/7z9vQ/vjlOC6EXx0ADjrWoI8bE8/zHMfZDwUSb1iAb2EAxWGQKgMAAADIbDYbDIbr7maxWCwWi1qtbuNkjVAqzn7ENV7+2uEp+x9v2Izxhn3hAACXysrKkpOT279cfG2U4ziH7TirxM9SFIVvAQjFQaoMAADgRmcymYxGo+f7GwwGQRB8vld2iBXnsJSX/Ubcw3zdLmUAAADtgGVZT2aScxyHR9HTdJtSxRAoruNNy4RFcdrTtm3b2rM4Tzo9AABAWmaz2atMEjMajWazGYrD3Kxo7WYo5nVX9nI/jBMGeQIAgOfsb+ruj/1Dsjhyzpw5mzdv7ihL1S1dunTSpEkXLlxws8/y5cuXLl1qNBrxl+jBgweffvrpgwcPtlcdQ0dxcfEXX3zRniU2NTV1lD9FqeTl5eXm5vq7lEuXLh07dkySU/mvwizLzps3b/bs2S6vmPz222//+9//vD0qBBQVFT3++OO33377MDvr168PdL1CB8dxPv/xGAwG51FeN2ZxeEoYfuz+BlH4/6KiItSOmfCN9s0CAAAOWJb1YWFR344KpeLoRx55ZMOGDdu2bXvttdeio6N9qFx7MhqNJpPp+++/f+qpp1zuoNfrt27dGhkZ+fDDD0+aNOm2227r0qXLqVOnGhoa2rmqHZ3ZbH755Zefe+659iw0IiKirq4uLi6uowzMM5vNLS0tcXFxPp/h0qVLQ4cOlbBKLv32228Wi6Vfv35tP5X/KmwymUpLS3meb25uVqvVDs8uX768ubn5/vvv9+qoELBo0aKRI0e+/vrrOp0Oz6upqal5+umneZ53jkaQGDZsGH6wb9++wNbEE22807XJZNJoNFAc5j5JFj/Y9Xr9yZMn09PTnXfz04e/xWLxx8oxIYbjOL1ejxCKiory4fCKigqe55OSkqSuV0fSPkEoKyvT6/W9evXyayntqaGh4bfffqurq7O/qjVo0KCsrKwA1iqU8Dzv8xVDm82Gb5RwYxZH9+nTp0+fPmvXrl24cOEHH3wQ5Gu7jxgxYteuXW7CsX37dqvVOn78+HPnzjU1NTnc1DE4jR492s2zO3fubLea2Fu9evWf/vQnSZIrzykUCoVC0djYGB4e3p7l+mzjxo0KhWLq1Km+Hd7Q0GCz2WJjY6Wtlf/4tcJarfbNN9+0Wq3x8fH+PkoSDz74IELo888/92sphYWF77zzjn26EhMT8/777z/99NPLly8XNyoUim7dus2bNy8tLc2v9fHQvn37cMIsps3OO7RvjVzjOM55RWivWCwWz5eMDpLi8CLVnmz0qjj3Y7DFHJhl2b1797bzCucKhcJoNKrV6o5yHTYgLBZLWVmZVqv1LVXW6/WdO3eWvFbtyWazWSwWry4POWifIBw+fNhisYRSqnzgwIGuXbuOGjWKYRj8JjUajTt27BAEITs7O9C1c+3TTz/FDx566KHA1sQTbbxRJcuyDMPcmMX9Ppv5gQceKCgo2LZt24QJE9pSmLR27dr1xhtvOG/fsWPHjh077Lds2rRJp9OZzebNmzczDDN27NjNmzcjhI4cOZKXl4cQ2rBhA26Z3XHHHSNGjGiP2nssUMmwGxcvXty7d++qVavav+iwsLDKykq1Wh3kV20kUVxcnJKS0oGabv6usHMvk/+O6ihsNptzuy06OvrLL78Uf+R5vqmp6ccff1y0aJF9/hxAHaVjWZLFL6xWq4crYLVW3MSJE11u/+abbyQvjuf5V1555ZZbbrG/Srtz585ffvnlpZdecs6WPS8OtTJk2qGv+OTJk0lJSeJgnPZZ34umaZqmLRZLGxcSB60xGo08z3f0oT2nT5+mKMrnFDQ0guBg06ZNCKF7773Xr6XU1dXddttt9umKSqUaM2bMjh07Dh06JG6UyWSRkZFDhgyJiIjwa3089NBDD+GEWUybnXdo3xq5hu+c1JYz4BsvedjTGyTFufxycbnRfXF/LPw1efLklStXBlWqHBkZOXDgQITQkSNHGIbp3bu3+JTBYCgoKNBoND179kQI4RXMPvzww9ra2szMTK1W+/PPPyOEysrK8P4lJSUlJSUIoT59+rT/C+lw3nnnnSeffDIgTQqCIMLDw+vr69syqtlnP/zwQ1NTk06n69Gjh7iCvyAIhYWFRUVFJpMpPDw8MzMzJSVFPMRisXz55ZcEQaSlpd18881eFXfp0iXPu1Z2795dUlIycuTIlJQUm822Zs2aHj16/OlPf0IIbd68uaGh4d5779VqtQUFBWfOnDEajWFhYX379rWv6rZt2+rq6uRyeY8ePXr37u1D89SrCouFbtu2raqqKjw8fMqUKbfffjvP899+++1PP/1UV1enUqni4uLGjRuHM6sHH3ywubnZZXqALViwoLi4WKPR3HHHHZMnT8Yvwf6oZcuWnT17Vq/Xm83mhISEqVOn+m98u7/7k1uzf//+r7766syZMwihnj17Tps2bciQIeHh4XfeeeeKFSsCUiUHQZ4e2wuSVBm5yopby5/bWBxJkrfccsvy5ctZlh0zZgxCaOfOncuXL585c6bLhoJXqbIzh3aJXq8vKysbN26czyf0mVwux7OvJblJNXCg1+vDwsI60JVff4Ag+Mxlt55KpbJP0QVBsFqtRUVFBw4cCMhniLOO0rHcxsRVPImHuWtrxblccQYh5HI2WRuLEwRhz549KSkpqamp4saLFy+WlJSMGDHCZbZ8/VS5R48ely5d8qRO7aZfv354APDChQtzc3Mfe+wxsd2/Zs2agoKCSZMm/fWvf8VbDh8+/N133yGESJI8cuRIWVnZnXfeOW/evO3bt7/77rvz588fO3ZsoF5Ix5Kbm8txXDuPjrOnVCqbmprMZnP75+ocx8XGxtbU1OTm5vI8j//eTp06VVhYqFQq4+LiamtrDxw4wPO8OMyVoqguXbqQJBkTE+NVWXgws+dXBBISEkpKSurq6lJSUmpqahBC1dXVCCGbzabX6zUajU6nO3r0aH5+vk6nS0pKqqys3L1795133imOl7ZarQkJCVVVVceOHaMoyttBTd5WGCG0bt269evXK5XK7Oxsk8mEG9wrVqz44YcfoqOjhw0bdvny5bNnz6alpbU2TNeB0Wjs
<div class=t_attach id=aimg_167830_menu style=position:absolute;display:none>
(50.25 KB)
</div>
<p></p>
<p>到web目录当中结合站点页面进行分析看到参数是从/cgi-bin-igd/netcore_set.cgi传入然后用cgi-bin目录下的cgitest.cgi对传入的参数进行处理。将文件使用IDA打开对文件进行反编译、审计。</p>
<p>
<span style=position:absolute;display:none id=attach_167829></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABPUAAAJDCAIAAADsBrbxAAAgAElEQVR4nOzdd5Cc550n9ie8uXPunhwxg8EAIAaJAKNIUaSosNqVdBt0e7e6827t+dZr+1yustflKvsc1uVw5do7b5XPeydptdLeSVplUYHLJEYQAIEBQACDweTYPd0zHd/uNz2P/3iB4XC6ezAYZPL3qSIL6H7f93lDo/v9vk/Ca2trhBDLslATzFh78wcvLyipZz51MKxKGOMP3mLs17/+NWOsq6vrvffee/LJJ6PRaLPtSJIkyzIhRNf1xsVxpq/N//qVVxet8IF9Ay3JZCTgpeSDAh3HOXXqlGma0Wj00qVLzz33nKZpzYoTRVFRFIxxtVptdnROeeXSxHihbC+Oj3u6Rh47vt8nkfV3DcMYHR2t1Wp+v39ubu6JJ57w+/1bFKeqKue8Vqs1LM6q6fOTY0vZtdG3XpqQD/5n//jZ9rBnvTDO+dzc3Hvvvdff37+0tNTZ2dnb20sIqd8OQghj7PV6McaWZdVqNc75pgU4swrZuen5XHlldvRC5onf+0fDKc/GBSqVyi9/+cuBgYFyuWya5rFjxwRBaFaWoiiiKDLGKpVKg7I401em3/z1iTUxorElMzDwiSMHQx5x/apZlnXq1CnGWCAQGB8ff/7552VZ3uI0KoqCEGp2GhFCVnHu777+k/Cjn37yoS6J4I1vMcbm5uYuXbrU1tY2Pz8/NDTU1tbW7DQSQjRNo5TWv1WpVE6cOGHb9rFjx3w+X7O9BQAAAAAAANxDnHPHcRYXF19++eUf/ujHuVyucar5ECKn+rpVMSALFOEPxQmM8aFDhyRJopTGYjFVVW9x/zAiEuW5qStvFleGDj16ZE+PR/ogfhBChoeHRVEURbGlpcUNQrdUnOJXncqpS1e05NCePYOa+KEgJIri8PAwIUQUxZ6eHq/XeytliYrWPXSg27GifqnLbksG1U2pK5lMPv300x6Pp7u7m1LaLJVtB8aCLKnlzNSl2bXeR57piWy+LoqiPPXUU4FAwLIsy7KahdttlYWwGkoN7O557d3zZX/rowP9AU3Y+DGhlO7bt8/9kLS3t0uStOOyrpNSe/elWiLCh8MtQghjnEql3I9id3e3KIoYb15mOzDGkiQRQm7lKgAAAAAAAADunPVwe/LkSVmWAwH/6uoqvmH9LUKcMc45IgTvLC24blx/ixDnnDmOwxhCmBBK6c5L3E79Leecc+44NsKUUloXl26uuK3rb9cx5jCOb6W0G9bfIoQQ54w5DuOYCrdwFm9cf3u9MO44DkeYUkpu4Txup/6Wc84Yw4SQW/g0oi3rby3LSqfTjLFkMnk7AjkAAAAAAADgNuOcl8vl06dPl0ql3bt3/8W//jdnz54VEEI3Sj/4VhJLg801Lw5jTAWhQeC4hVK2Lg5jTMhtCDDbKc5FCL3FOsFtpVWMCRXI7TiVbnHuuWqSbzEmWLgdVZ2bT2Oj4jBC1C2r8c7cRFnNzqQgCKlUCiEE9bcAAAAAAADct9wmoh6Px+fzubfugvsqIYQxducKJtdrY93imiel21wcxviuFYfcfH7nT+Z6c2K3XNu271xZ61fN/fPd+5AQQqplkplF/A6UiDGilLb0ItS4/7Z7HW9/uQAAAAAAAIDbxG1q2tnZSQgxTdMNLQLGWBAExpht247j3ImC3S6s66lMEARJkizLukNhqb44WZZN07xzxUmStLE4xtgdOjr3Yq13K3WPFCHkOM5tD/BuxnP7zaLrXVIRQrZt34mHBfWnESFbOP0LvDJ/28vivhDb+xhp7bmV9vYAAAAAAACAe6t+xJxr7ZPdGHOHKjnXK1HXW7re5eJEUbxzdY/uOd3Y2PXOHR3GeP0SusWJokgIcTsS3/ay1qsx3QpwSqksy6Io3qFD23jVECFCOEmOfw6X1m57WVzRcMcg9gQQ5FsAAAAAAAA+QoRiqWytV9veoUa8zVLEnWozjFHDAu/m0fFr/92Nsu5UcU1OI7pDZ7JRcYleFL8zp5ETVNFv/5YBAAAAAAAAd51RMyzbRggJfGOwuMvVWR/h4vC1/z6ixd2tssjOJy4CAAAAAAAAfExgfK19qxDweT0ez73eHwAAAAAAAAAAYCdqNVGgFCEE058AAAAAAAAAAPgogHwLAAAAAAAAAOCjAPItAAAAAAAAAICPAhi/BwAAAAAAAHDvMcaazUPpzsfZ4I1Gy3OEbno+S4ww/nDNH+fI3U6TIu6VhudhB/N3NlwBX58ldFMpnPNmV6fxdbm+ne3vKue8YdE3q0m+ZQ6qlpFp3Mqmbw6hSPUgUV4fm5dz7jiOY9tbXCt30lR33tT1tRhjW/zbuGvcfds43fC1I3KcHe+bO5+vIAgb/4XflkOun8UXAAAAAACAu8lxHF2vcs42vU4p1TSNUrp5Bc455/VJjXFuWTZrdGtMcKOEhjAVBUI3t2xlnDuWxRy7/i7bdhzWqABCMK3bjrunjG++W78eJhvsJ+OIsc3nASFECKGE1q/S8DwghBhjjtNgO81iA6VUVRRB2BwSHcepVqu2bTfcpYYvSpJUvx3U/CmGY1mEUkmWm+zadjXKt7aFrp4lb/4ILU8h27rFArYFY+QN8r2P8cPPokAUYcw5r1Wr+bU1o1ZjTWIbRohgLClKIBhUNc39aNi2XS6XLcvivO4TdHe5F9Xj8QiCgDHmnFd1Pb+2ZtZqDT5i24MRIoSomhaKRNzNMsZM09R13bbthv8GtrVZjAkhsiy7XxwQcQEAAAAAwN3HGLMsy3GcTa+LosAYr4+3CKHGSY1zx2ENQwTHvMGdLsaYC5tSmruyW99Wt3lu2k7D3CgIhLHNVc0Nw+21khtFXM45Y9xplJ8pIVzghGzefsN861aDNaxd49xdevPJEARBbpQwOeeWZZmm2WCXPlyld+24MBYEwa2Srd/VRvvDHdvGGCHOb3Eu0kb5NrtAfvUNMv4e2mle2on0DM/MMknmxz6HJMW2rGI+L4hiLJGQJAkh5AY5yzRFUZRk2T1TlmWtra6WikVBEERJQgjpuo4QilyPf3dv/+tYllUsFnVd9/l8GGPbsgr5vCRJyVRKEMWdbZNzXqvVcisrxXw+HI2i649SJEkKBoMNH5Bsc7OGYZTL5VqtBpNFAQAAAACAe+eOVlDdvo0329I9bkJ6b9Tn2B1u5jbsS8N8u5rG6Zm7Gm5deglPX+SHn0OSYtu24zjBcFiWZcdxdF3XdX16ejqdTofD4d7eXk3TfD6fLMt+vz+/umpZlptvDcMIBoOSJN3zSki38rZUKjHGCCG2bduWFY3FxEb75j7D2NjkeP1TsmlhTdPsYDCbyYQiEYSQbdsYY1VVRVG84SGvPympX1JRFNu23Xrve37qAAAAAAAAAGAH6vMtR7aBjNrtLgjf+GkGZ6hWRpwhN+AhRAjhnC8uLp47d86tXZRleWFhYXZ21uv1HjhwoK2tzW2Iv57cGGN3oYXtFkFxI3f/11fhnJNG7Src6lO37nS91XG1WpVlub5KFmMsiOJ6sw03jq53x3W7+FqWJYpi/XngnNu27TYh2PSW2//2nndaBgAAAAAAAHw8ccYcxvCGSIIJvpYMEcYEE7cFM+duy+r1Iak2bqRhi9bthByMqIgIRogj27pBZTIWUbgNyRzl5pFh1bfz3lDypj7X2HGcixcvzs/Pt7S0tLW1pVKphYWFUqm0vLw8OjqaTCbdxTZsYLsJjTPHdhhyR4G6uTzMHduolGqipqnyjWtN1/cM1eVhN46ura1NT0+bpjk8POz3+9H1VseUUkEQ1ntgr48nhtFWtffVajWbzYqiGAqFFEXZGGXdLg3oevDeuNmbOXwAAAAAAAAAuJ044hcvjS0urkgE205JNzkV/F2DXSg7NZ3VZU+gf+ih3tYI5dZqZrHEPFEvXpxZQOH27taQuCHO7KzHJkHBTrT7YZSMIbaC3v57lFnZanEqo7b9KOygsyvIuJkBqzgvl8uZTCYUCg0MDMzNzZ09e9br9Q4PD9u2vbKyouu6LEk7OADHqq1lFpdWS1j0JFtawz7lZiIut43K
<div class=t_attach id=aimg_167829_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:3693.86px;display:none>
(104.66 KB)
</div>
<p></p>
<p>根据数据包当中的参数dns_b在IDA搜索字符串然后找字符串被sub_403BDC这个函数引用。通过查找看到sub_403BDC这个函数对web传入的很多参数都进行了处理。</p>
<p>
<span style=position:absolute;display:none id=attach_167831></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABPMAAALuCAIAAABEmsSGAAAgAElEQVR4nOy9eXBcSX7nl++s+65CoXAU7pO4CB4gwaPP6WNamsOzkkej0Tik0Eq7ilA4FPbKjnXE/uHYdVhWhBS2I3zIDlsaaUKzktc7Hs1M9/TB5gESBEAQxH0XgKpC3XfVq3dn+o8kq0FcZHOmZ7ql/PzBKLx6mfnLfK8e3zd/v/wlVS6XAYFAIBAIBAKBQCAQCF9Y6F+2AQQCgUAgEAgEAoFAIPxMsLVP5VJpc23VYDCUSyWvzxdsa+cNhl+iZQQCgUAgEAgEAoFAIDwPLABAVZQf/N3ff+8v/y8GClVR3YqlzBZzsKn5O7/926+89iWPz0dR1C/bTgKBQCAQCAQCgUAgEI6HKpVKtz+68Z//we//9tevf/nr79y9M/e//eXfZSpVRYEURXs9zr/8679qae2w2u00TUKXCQQCgUAgEAgEAuEfFQghWZYlScJ/UhRlMpk4jvusHZyCIJjN5kOtIISq1arFYvm0tbG6rn//e99rcJoH+vtZln/tS9fqneb/7n/+7k6qSFEwk83+8R/9EUPT3/7Od77xG9/meP7n1xEC4ReNoij5fP7Yr1iWdbvdFEUVi8X9/f2+vj4IIcMwy8vLTU1NDofjF2wqgUAgEAgEAoHwiwFCuLy8nM1mEUL4TwDApUuXXC7XZ9ru1NRUa1tbW2trTdwihNbX1zPZ7NUrVz5tbcx/86//9cz0/WJ0xwiAt96XjoQBVH1GejUUE2QZACqZzmby+du37rz19hveOj8AoFwuVyoVs9mcyWQikUg2my0WizRNG43GWr35fD6bzdrt9p+9wwiheDyOEDJ8lut+M5mMKIpms/ngQVmWI5FIKpUSBMFisTAMI0lSPB6v6RxBEFKpVK2b8XgcQnhwHJ6fcDhsMpkYhjl4MJ1OMwzDso+XQ0MIk8mkyWTC/nNN06LRaCKRAACYzeZyuRwOh/P5vNFo5DiuVkk2my2VSjRNp9Npm82GD1ar1VAolM1m8/m8qqpWq/UFbD5IoVBYXl5uaGj4VKX29vZCoVAgEKgdEQQhk8nU7HwmEMJIJGI0GmujdBBJkhKJRO0CZTKZqakprG9TqVQ0Gq1Wq/jz1tZWd3c3RVEbGxvVatXr9d69e7e+vn5tbc3j8VgsFoTQ3t6e0+l8TsNUVY1Go1ar9bMLdtA0LRKJ4DvzM2qCQCAQCAQCgfCPG0EQ9vb2eJ53PqGlpcVuty8vL3d0dHymTdfV1S3Mz9M07XQ6KYrCsjYWi126dOnYd/vToSma7urq5hharIpCsSCWRVGGvrqA02QCFE3TDEVRCAEN6tHwHi6TyWSi0SgAIBwOJ5NJhFCxWLx58+bc3BxW+QCAmZmZ6elpQRB+Ln1WVRXPHExMTCSTyWeen8vlbt++jYs8fxOaph08kslk3n333XQ6ret6OBzO5XIAAIPBMD8/L4oiPiefz6+urtaKbG1tpdPp52/0INlsdmdnp/anJEmzs7PvvfdepVKptXXr1q3JyUlVVbHBExMTsVgMIaQoCgBgdXVV07Risfjhhx/W+qLr+scff7y1tcUwzIMHD3BZAECxWNzY2MCBB7Ozszdu3JBl+cUsrzVUG5bnR1GUarV68IjBYHj48OHzG4O7ACGUJOmjjz6qBVFgGIZZXFys3YcIIb/ff+7cudHR0Y6ODpvNNjo6Ojo6OjQ0VJss2Nvb6+zsLJVK2Ww2EolUq9X9/f3t7e14PB4KhVKp1KcyDCGUzWbv3LnzPEUePXq0u7v7nPVjcBOfqgiBQCAQCAQCgVDj1q1bhUJBekK1Wp2amnK73SeFOv4cMZvN4+PjW1tbu7u7EML19fV4PH7lypUX82iyAIDXv/RqZXUy2OQLdrTrmgagmgjv19lN4XxBh5qi6jSkDCx7//7U62//6qHyfr+/p6cHANDf3//ee+8Fg0GPx1Mul0VR9Pl8sVisq6vrmUbgWGpJkliWdTgcEMJyuaxpmslkUlXVbrd7vV6e58vlci6XKxQKVqvVYrGIolitVjmOs9lsFEVJkiQIAk3TVqs1k8kUi8VcLudyuWruLHw+wzDY41qpVBRFMRqNuAmHw3FwYkAUxXv37l25csXn89UOlstlg8HQ1NS0s7PT399/So9qxuDph2q1Kooiz/PYFVkoFAwGgyzLdrtdEARZlg0GQ0dHx8TERGdnJzY4FovhvtTq3NrawmOL/wyHw2az+cKFCzXf/cWLFwEAuq5HIpGaqp+fn8eNGgwGv98fDodrUy82m623txcA0NfXNzExEQqFcAhuqVTSNM1oNFqtViw7zWazpmmCINjtdggh9tjjwRdF0WQymUymo1eTYRibzYa7UyqVFEUxGAxWq5WiKF3XS6USQkjXdVxKURSs4fHljsVibW1teCR1Xdd1XVVVm83G83xteFmWtdvtDMP4/X6DwZBIJAqFQi6X83q9+PriPtbX10ejUXyXYqampiqViqqqoigWi0UAQHNzM/4qHo9XKhWLxfLo0SO3210oFBRFKZVKqqo6HI62trZQKFRXV4dP1nW9XC7rum42m00mkyzLlUqFZVmKogwGA8dxfr8fAJBOp4vFYjabxeEc+N62Wq0GgwEhVC6XFUUxmUwUReFpkXK5XHNZ49+Cqqpms9lsNquqWiqVGIbBnnx8TV9gQotAIBAIBAKB8Hkjl8sd65mjadrtdn927Var1fPnz9fCDBFC2Lf32bVYg6Ioi8UyPj5+9+7deCIhS9Lly5dfOFCXBQC4ff723v7S/lY+EnHW+ShNZRn6fGd9PFvYKQgQAAoCmmZ6T9VyRqMxGAxms1mPxxMKhVpbW71e78rKSnt7++mhkgih3d3dtbU1h8MhCMLrr7++srKyv79vt9uxHHrrrbeWl5ebm5tLpVK1Wo1EIlgiTk9Pu1yuQqHQ39/v8/nu3Lljs9lkWR4YGMBRppubmyMjI1h0JRKJubk5u90uiuLY2BiOPrXb7ZVKpVwuv/POO+vr6263u6WlBVuVz+cdDgfWSBhd1ycnJ9vb29vb2+/du9fT03NSvwRBuH37ttPprFarr7zySjqdfvjwod1uL5fL/f39zc3NN27ccDgcVqu1vr5+dXUVK+0LFy4YjcZcLoe1dHt7OwAA+8YxFy5cqFQqNZ9eKpWiKOrjjz+maXpwcNDj8VSr1WQymUqlWlpasNqJxWKVSqWlpSWTyQAAurq6ZmdnjwYVMAzT1dW1tbXV29v74MGDUqlksVgymczw8LCu67FYbHx8fG9vb25u7itf+Uq5XJ6bmzt37tzHH3+MNV4mk3nrrbdqV3Nvbw9fzXK5bLfbL168mMvlFhcXjUZjJpMZGxvzeDwzMzN4vXgmk3G5XBDCmzdvWiwWRVEGBgba29uXl5dbWlpomo5EIuvr6x6PRxRFiqKuX79eLpcnJyedTmexWOzu7m5vb5+amrpy5cru7q4sy5ubm0ajcW5ujud5CGF3d3dLS8vc3FxtygAAcPXqVRzzHA6Hz549y/O8oih7e3uapmEPvCRJ+/v7b7zxhtVqrVQqfX19uKeyLK+vr2Mxr2nazMxMtVo1GAxms7mnp2diYsJqtUIIE4nE6OhoIBCYnJwcGxuLRqOCIGxubo6Ojq6trSWTSYvFUiqVXnnllUgkEgqFbDYbx3E+n682p4BnHHRdn5uby+fzZrOZZdmRkZGJiQmO42iaTqVSPT09nZ2dk5OT169fPxRFTyAQCAQCgUD4wrGysnJs3KLBYLh69eov3p5fGGaz2e/3r66tjQwP/yzrT1kAAG80NfeO3pq87bMaGCPHcwbe6jQ6XLGyqEOdYzmepf/sz//0na/9s9PrMhqNCCFN08Lh8EsvvWQwGCRJqlQqz8y+Mzc39/LLL7vdblVVq9Xqzs7Oyy+/bLVaY7HY7Oxs7bSenp5QKDQwMFBfX//RRx8NDAwEg8F4PL6wsGA2mxVFGR0dxSm8+vv7Hz16NDY2huceEEIPHjzAYgN7/1ZXV69evep0OtPp9MTExFGTdF3HruDaEYZhrl+/zrIsXlGcyWS
<div class=t_attach id=aimg_167831_menu style=position:absolute;display:none>
(310.24 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167832></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABzQAAAOCCAIAAACeWnPKAAAgAElEQVR4nOzdfXDj+Hkn+C+ne3rcPW/2NLuZjCeelwAaUxJjuzx+A8PuRFfOhVS2omK6GM/EtrJ3F0CJciHjsmLHUVZWoqyd01WKzEaJiH2Lxs6Mg1NUXZcVsXljtsUjai5Z5xJTaiYN2LG98eyiBWem3d0z7hl18/4AQBIEKJEURVLq51OqGTb4A/ADCIDkwwfPz/ey8Sr67d/929//1U8n+90LQgghR8S1a9cOehW//Xu//ws/+9MNE2/evPnQQw8d9KoJuXt85zvf8fv9/e4FIUeZYRj0zkVI133nO9+hM4uQA3Ikz697+t0BQgghhBBCCCGEEEIIuRtRcJYQQgghhBBCCCGEEEL64Hi/O0AIIYQcehcvXux3Fwg5gj784Q/3uwuEHH1/9Ed/1O8uEEIIIXc1Cs4SQggh+zU5OdnvLvRTfZHfSqVy+/btPnaGHDHXr1/vdxcIOcruu+++H/uxH+t3LwghhJC7WtPg7GuvvXbi3nuP33tvL3tDCCGEkEPtzp07p0+f7ncvCCGEEEIIIeRw8A7Ovv76a5+d/fTb3vbI08HhkdHQOx5//C1vOenz+XrcOUIIIYQcLpVKpd9dIIQQQgghhJBDwzs4e+zY8QceePDUqfuN7e1/L/4e4GPYoeDwSHB45K1vfSul0xJCCCGEEEIIIYQQQsg+eQdnT5w48QPvereu6//LzwhvvvnGN7/+ja3NrxQLl/6vL73w6NvfPvTOIKXTEkIIIYQQQgghhBBCyH40rTkbete7C/8m88Ybb5w6derpYPDpYHDnzTdfffWV8uWt8uWtf5/9PfjAsE8Hh0eGR0ZP+/297DQhhBBCCCGEEEIIIYQcdvc0e+J7H307gP/+8reqU47fe6//zNnI+R/+manp+d/4/P/6M1OnT5+WXvyDxc8tvP76a73obDdpckYQhIzm+aQshMNhQfZ+0psshMNCpq1Z9qRlwr42u0EIIYQQQjqlyWthodzvXpDDR8sshzNGv3tBSKvoWkeIJ7qYk35pmjl73333Pf30O7/yd3/7/Qzb8JTP5zt56tTQO4PXvnPN5/PFEz958uSpA+4noGWESWmz9fajiZVsknEsQRYmF4ZXiubUK5IoKvxEFgwAyEJ4AbMr2SgDQL4oKgpGwXgstknfwjFRAUaRbb2DdbNrGlRVxZWLFy9vbm4mrC7KiykF7XSDEELIYPvyNQDIXQWAr70GAMd9APDkKQD4ie8BgKcf6E/fDi/DwMYqrurQ6yYm5hDsW48GWBnzUuM02lc18hobKwFXhYlgNtrvzhwRRmF5Ka8jMDY9FTmcd9qV1+alUigxF9/lPNEKkyldwVIY08Xk4dzMlmkaFiexqUCpm5irgM4YDzJ8scZpA7Gvjty1TiuE2bwCgE9UskGgLPgkEQA3phYj9G36sLJe1kBanUp2/Cq2d2zcTRdzMmiaBmePHTv2A+9+91/82Z+O/4sfP3HiRMOzlUrlr//qpRe/8PxHf/pfvu/9HzzgTlo2FUXZu1VVwjXlyqaiiKwwVGl4D7Jiq7wVBtWubALgJ1p9o5IFNqUAHJ+bYTVt1zxXhmGqM4UXmm3QupZMMlpmQQS49MyReL8khBBCDoJRwFK+350gR4NWCMdKAPjc1NGIVpDuCZw5s+vzTGQlt83GSkpqSRiaO8LHj5YBm+p3J8g+3Q3XujPDHNBO6IDcNXY/Nu6aizkZQE2DswCGng5+ceU/3rh+/ZHTpxueMiOzz3704+97/wd7NCYYkyxWknu00WRhckFUFIDjZ8cbfwdhkitpiU2JMWGikq2lA2uZyZQCLq1a5562Limtx2a1TDgmAgAUMcaKe7Tmc3ZgmB2GsslxHDAKiIrCpXMr42wtemv2ghuFKsuq98JYNsrQ74CEEHIovPAtAPgz121SOxUAUG8CwOe/CgDPvR0APnxgv9Yb5cLGpa2SbqaZBgKhkfPnIsHdVmeU11YvlXQd2CN3rPcMrJqR2QASF7DrVhAAQBBzc/Zjryzau1hZYPMKwKWnj9qXMaOwtrFVujpyaDNX+8EorG0g6L42GuW11XJwyuNCyETjavoqm9LF2NpEJd63g0iDsAhxE2rxAG6+0zBpRmY55FYQpe8he4qiUrEfe2XR9kP3r3VGGauXoNt3rwRCuHAOPR6ShvGPAgrADe/+Owq5+7R7bAzKxZzcfXYLzj7w4IPf++jb/+Hvyx8K/2D99Ndff+0PX/iD97z3mWfe/4EeRWb3pMmZxYWUqAAcn87NJL0/LTDJYu6ygJkoUJfgOjTK8bPFaqa8elkBOFyRZdf8bNS5XC0TZlMKwKdzE0O79O7KRatvw9WYcF2sWRbEmDI65Ii0miUNoIipWNOAL5+rZOlDESGEkJZZ9xfX0fWSLpXyTaKuRrmwcSlf0t3PDAajbJUySEzRjflkX2TBustx5cjdxmiUt0olHYGRfnfkMDF3Wqm0FUpciJ85EwD8fqNcWJXMC2j5XNDrtyAmeSEtLaWUUkwIVrL9uSZp6xBFgDuohZvpZrniANyYTzrS5WudgbVVNHxK0EtYKmFsGoPwc9Con74uE2+7HBuDcDEnd6HdgrMnTpwYGQ195e/+9v0f/NCxY8cAVCqV73739be85eRHnvupF77w/DuDwfd94EM9jc9qGhqzRTVZmIyJCgCOz1lVY73mtDJQJyagyrJ65TIAbF6RZWBidgKyLIONRq1qAt5RUS6tRmvVTmTBLDTLpdXsbjVQ7IK0HJ8rtlgrRRZiIsCn1Zlxr6fVxcmYqNRFegkhhAys0nXAK2e2mS+9DAAjDwDAo2/pZk/Ka2ZkNhBKXIibkQU72lCSls840+pq6bKB0Nj5M1tSfgBDtNvbAIAQRWbJ/miFBRFAIL1CtQkJAPgjU3PBcmHjUl5aKgUCgH5puaTrCITGdr3VwJ9cGZPYvCJKwsQRvB9WvQwA4Ckye2h1+1pX3kBJd9y8YpSxKkEH8qsITqFv4Vn/0CiVNSCeWjo2jvjFnAyme3Z/OvSud1/5h/KtW7cAVCqV//pXL81++pf++q9eeu/7PvDsxz7+4he/8Nf/70uV2t0aB0PLhH0+nyADssCyvnBG1uqfnIyJCrh0Tq0Us1EG0GQhHDZb+6z5AGjrC7F6KVEBoKTqJi2sa3ZNg7Rak0tzAPicqq5UY6taJuyLiQrA59RiktFk2bvUrCYLZm4tl1aLrZ7V1WqzSYZhGIbB+uLi4roKxqJeFBWAS7jqNhBCCCHNGIVLJQAIJabi1dCCPxiZmh4LANDzG/WjNpc3JDMSkZieikfoJkFypMmL5lgh5zsfcIQcPf5gJD41Nz0W0nUAOkKJ6bmp+O5FYAAmMssDgLhQ2HUcCkL6oOvXuuA5hEKYnkLdxwpcGAMA6Cj3csT7M8McAIwOOc5QqnJAOj026GJOem63zFkA3/vo2wHff//Wt55iGLPO7Hve+8yLX3gewDPv+wCAF7/wPHzoVeVZdoLnRDEVY6WGHFl+1ipkYBca4C7K2kT9rExyRa2moarrk7GUgsbkVIaRhZQCAEOMu5qrPUnLCJMpK2W2mGTsVXJ8zhl+rcvoNRvW0zLCpLRpPlYUAGIsvGnfgaQoAD9bV2dBFEVueCYZNedcEOF4nhBCyAB76ZX22t+pAMBLrwJA/Hu61g2jvKUDCIyda8wy9QdHAnldR6lcjgftJ4PnxkLwn4sflTKuhoGN+lsvAwiN4FzEldRjlmENYHoKfqC8hkslq3JCIIQL8Vr7wjLyOhJzOFPAah46EBjDVAQoY1mC7mrfOnPJ1T40dnANUsn1rIFCGVtbtZJ/TTew/Z5Y2+XohFWsNjHnylk2UNjAlr3TEEDoPM4F+5c81QorlQz8REsZ2IZR3li9dFW3d3bzus1my1KtEKNnS7PYSGBseiriryWsm83PX2hyCjpLRyMQCJx1LtqjhEl+ad45dp65zla2ubnW90at33allKYbaJQL5fLWVm2pTRdbXpuXSvaGOPdeaOxCfH9bZxjljVWppCMQgK4HUJK
<div class=t_attach id=aimg_167832_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:5044.3px;display:none>
(242.65 KB)
</div>
<p></p>
<p>审计之后发现sub_403BDC函数当中location_time_enable、led_off_on_status、location_time,这三个参数从前端netcore_set.cgi传入传入之后没有进行过滤等操作通过sprintf函数进行格式化处理之后直接使用system函数执行导致了命令执行漏洞。</p>
<p>
<span style=position:absolute;display:none id=attach_167833></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABFQAAAISCAIAAABtTgxMAAAgAElEQVR4nOy9T4gb25n//dHkEoabPxdy5VvDTCDJRfIP2RbhkqxKqB0Es5C8MRojeGfTu5JAAYkQ7xqahl4MeCNBGqTavHgzDKIR3li1GBB0CxV3M6tyu8BVMwy8zJCyBcllmEDg/qJ3UaU/JZX+tqRWu88HLdylU0enTp0qn+c8z/M9oX6/TxD//F8A/9oL/NLHP/4dwN+HF5cc0DM7lxdtwxn8Hc8dZ2MLzzKbJw3D+7eUKhaSY7/Y69TO2k7gaUPGf+Wbb74ZHv/2228///zzZdu+K8wOF23GuohZXdTrcNYOOC7FKWS31Lq9xq4SLYOM1SWypcqh1Se96co/fjRCGbjp3tPyJxkV5JTVTW5ghPRonmMEvX5SRZIrvBivjZkPNVSQK8VuKQy9auKsrIOS69dnvmDtavOwbOhISqtQ39RNsTuJaFtHqliF0safwVvXjNvICl23zqhbqpBAIBBsiU+mDxn/A8uZPS7/8t8AD78P8Ld/vaBwz2yeXxiOA1I89fjeVWORyTI4r1NrGIAkSY4zfUo4WThOzjjVM5risVvyju2ZnF/gOCCResxVg3ldZHqWjxTn2QHhMIDZpGHgGNTuUZjVLYK1sN4CoAjL59Zid05VQKq83ITlA+YlhgMSuWfEwuA+wg0caJ8TK7BL88dH+P4j0BcUipSy3dKdXCURbIWlRl249DLViLZ1tZF/erwxm1sgEAiW4692+3PmZcNwHKR4rljIJu8te1qvc952gHju2cMVf7HXuTAAKXVwS2wfLhs4DlKcYoGFXdS5ACBOIetZPkAsSy4O4LQxt9hSgeD2ob1o64DyeFO+gNgB8TjFgmf5AOEYz1IAOJhLryJtgHsPZIBH9332lvxg6TetQLAy6426SPJIAVBPO/bWmiYQCASBBBg/X/+Br/+wQhV/6fOXPl//ka//uLBs7CAVj+eKhWxslSi5oemzRHDcBOale+rjnUaf+OjUODnhpEbgLMhsTn57kCKeo5BdYsG4x5UDkDqY/CZ2gOTWv6/Wj62RTxAKBX+0ydJU8ySGBRLkNWx/geG3blgaOtGJahPs8n9Z2/ZfYIJ8NagBmq9t2thlJvK+8tWE1zN21SuTqHo1JILKL49b86z+0fJB39pUqySWucDVW+Jdl68RMwYGS4wNX2HX7YPydNG7pEenQ819eE+8h7TZCXqKw2SnntZwzHsAP3xY8DubJFzqHvf7o5X0dP243z/ulqZfJWY+dBLyf/IBfQtgV2uh0Emi2gNsrZNP1LxTErW8Nt4dvWpiUFu0rQM45ejEr9Sqtq/a8SM+tOa8b+ex3WYs3Ru+JmnVZiIx+vVE3rQ38y6aqjnRrK7fjNW6bsDyo85P+mkcQL96vaAvetV8LRQ6SeSFmSQQCDbDjj0/hJPZlQyf65k+e+H2ibnOqhlrwKYBEH88mjyFkzPTeybomTiAxHSPdi69YLn3u1x4XhotTzSDuig2wsXWSEQpq2OhFDpqhmgiaCq8BfJjFlRGBUCdtNYm5utanmjUf4E6anlum20SITJjl6mrRKcNEo1o2Sujl6lqJDKDP1UOp82GJXiS81oYOAt55VoLR2MJVDaJKOUyetAF7tTCXHFs2K+vdID40/mRNj1qZ7Tb+EJsHYw2ZzNWMT529Lemlq9FM21VH/SJ7qiZM9cMWIPIk4cygNN4HVCD9sqATfrnZjaj9FhZvRkr9IZt5hNnmbIx9qw4utqIRmuzrM1lsTuJ0FTNulHOnAcYcttrxvqkY3O6fohdPS+rDqCr7cN1R5tAIBCME2D8/P7P/P7PK1fk/Bln9bMW4pk+Uqq4uumzD24fIJwkDsDVtBPGxJVwWC8fyVtU/sK36twzqZ3QHkhDOOstPHsLnnM+ayzJethVz4SQK1h9+n36FhXZ+7Zi0R/Phrc5zKCPF+5jtZABnUx+UCxCd/htBQB5VN77bEH/YNkL7GNVBm0ONA90olHfZVot7/gL/9wkkwEFq09LAWicokPL8q5af7tOgyMlFAAar6e+03DNvUlrQaZSwbJG3Tu8KesZYOuw5NgYw3rrACixxVkGEqkUxSLHx96nmEMCHM47S7Ttg7f6cG8/Q85i9f5x3/vklGXOUNsZ1UGOt6xiv3/c7xfdAaiXh1NtzwPQ7x/3rZQMIFWs4a+4n7Hs+UHck94wpx4I89WS/rkAVmwGsaezmjHHTbi4N1x61cOGqoOcag3bYOUUGXDUTPMadkevetjW8dfcL1qtlCJ/EVR4mWas2nXXZdD1b3fpHhUIBIKde35WY2j6PFvDfPHcPvugdBBzM3CuJteMhxk767Ww9x5AGptdmU3OGjggxcm5WQfv926h+nUDAIVuaWCNRCh1g+ff1UNvdjsqDJE0XQsZUFnbBlue+pgF5c5xUPxmVZ9uaVDa5rAM020u0Z1hzwypWKNTImnPIFRfTRZr1YlA9AGArqO0SEeI3AfgzZqOl8EEcPL06ikwJfAQodulVCIyNg+KpHlZCa5kS6w+Nnrv3sAySTBhCgWSyVEeHWOZPNMP8jTeox3klb29yCmrm01H3CsKp+u5ZRbu5zAr7smuXqiw2D+3IWY2w3UTyqnngc1Yojfs6nlZ92QF06MhGqt3ixUZME7X92R8eKsDKEdjNROOpJP1bnbCPtlmM65H9IEE8KY3540RKT2rKBKAnHq5MJZOIBAIliDA+Pned/jed1au6NPv8OnqZ83lWqbPwO2zF0oHXgbOROTb7IydNXAdPq4WeCpHIcu1VpzTWf9y3/TnuguAytPJIw/kqUI2DR3gqDT1VYRHALy1rtWMjWO/9kKwAto8254BKhYTXXr/UUAxueK3QxQ2opWUfu45THwTwEH/V55v4Cc2zDpjw5swTqRmb5xeB1fFcjyc9bYTIAx+7YX79EFFZsp86r1uOIBcOdiRCtjcZihHQaKAS/XGnBrC7sN9DZ+HJzOgnna0RSkz22zG9Yjc/wJA/zD3LR4u1Qv9/nF/I8L0AoFAECh1vSdcz/QZun1uNuRtQJiHEo7DlUlyoD09J2NnVVxta1zB62WUEvYA9dXkrP3tdAqQ5RkSmdDMet68Y69kp+drYc9Rgb0/9R97uk6/Pnnw0X3fn/KD1ZsYSIScjK7TeE1pYE54hpzMk6BJh1bltOFP+9kl2x8bZoeLKwKU9efSG6rPp5ZN3ru1RB9I4LgL92vNS8NPclJZd/SGaZcGM1vbbOiAlHuysxfZoBnlS62UTfuasYL3aao3PFtbzZyos865RteVjuLljIHezkTbyPFKLvakFAuqaqvNEAgEgltIgOfnq8/46rOVK/rlZ/xy9bNmcj3TZ6/cPi6u7MF4wIx5BddbGw5/AeC0fQ6fYW2BGUH7gJder5IYioPZVBNebknuyU21axe4sWprB6dtFfe+jAetuQGKPqkDF1eboXxzls+26VE7odFey/JxozrjYoutZfBkD8ZCzrxgs+1LHfia4ckeGK8GEaluM3bnfVqDdHaQtwO6US43oqGT0Dy1N4FAIBAAe+v56ZluRJjTPjtpB3w/PC6lioUp82jP3D6AK3vQxnAweyTDo5i36yQkDXOpAx0+0xlBK6A1Qxljbon1d02PlFDKqKCXB7LUA5TWZOiXS6u/V96d9fH8Qo/2cZXVuy86r21KkVFc2fTSt5tsAygtn/vOrk7e0B2wyti490AGnTfveqTnvRo6555cQTzn8970Op5XJ5Bxy6cotg1djkjySGlnVKfxulcqhUcxWutIHVyH2FMFVUV9ZdbTsUEzNuN9Ulpb28YzEqt3j+v0bM18cXql6g66Uc4YjUpxWml6i81YG/vdewD5XvSmWyIQCO4UAZ6f5I9I/ogvP+XLT5eq4qsf8tUPefgDHv5gw41bk/1z+7i4sgftSxjGvK0rdeAyzMZ+eDDl3hkYV1/sjfk3RMujgqygjCX5yAotayp9JYpb5N0eOkpmMN+3M0i432GDVsHNWii/gGHM23T83sAokiubSTdaBvvd1KF1xsZyKQ6DZ2eluLUJ
<div class=t_attach id=aimg_167833_menu style=position:absolute;display:none>
(98.58 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167834></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABQgAAAPICAIAAAAaOoG3AAAgAElEQVR4nOzdb2gja34n+q9ympD0mXM6TJddQ2Zv5sxB6lDtrpmcnblvJCQPgmyQDmSNxleXBJaeLFlJg8JYDNvvGozZJgSae7HmrhhJZLnTbMjN1nq0JwstEQLFtYWLA2G4SardtdtSkiEhYapdy+m+SU4Y6Du+L6pKLv2zVLJkSdb3Q7+w5UePHktPy/XT73l+T+DVq1dwfee73/vWN7/R+fbWrVtYYa9fv+58/ebNm9u3b89xMFcnAmjAPrAz75GMIzB2yzBwPMOBTEW7WLv/XDquSPMeyFRYxUipoCEcltMPYzsJYd7jmb9GtvzR1nZljKeikd1LVp2n7sOEELyCwRERERGttgAD42FWNDAmIiIiIiJaMT817wEQERERERERzRMDYyIiIiIiIlppDIyJiIiIiIhopTEwJiIiIiIiopXGwJiIiIiIiIhWGgNjIiIiIiIiWmkMjImIiIiIiGilMTBeHEY2sBcI7AUC5Ui22WjPezhERERERESrgYHxAjK1qpoMlYuMjYmIiIiIiGbvxrwHMJRlNI8OT3TTBACIoryxGYtKwjRa++v6ykiVs90K0G407ydVDWbhfvPD42hw3sMiIiIiIiK63gKvXr3qfPOd737vW9/8RufbW7duzWFEAGA1yyXVHPADOb2bksZtLcrpXF/r8Ru/fv268/WbN29u37491tinolELJHVArp+lElf3qERERERERKtoETPGRs0OXUU5vZ2yE7mW0TxQVBO6Ul7L56LCwNbx7VhUEABYRu1A0U2zv7WvxnMUWgsD2rxHQUREREREtAoWb4+x1TzUAUBO51Kd5c2CFM3l4yIAUz0yhrS2A10AgpTKpWX0tfbVmIiIiIiIiFbCwgXGlnFiAhDjsd5F0IK0IQKAbhhjtJZi8d7WvhoTERERERHRali4wPj0dNDeYgDnkfFLy3JucUPdjb7KWVbz6MTuqNPaV2MiIiIiIiJaEYu4x3gU8/QUEIBOFL0ueENddz9yb2tfjecsKNwDNLx80UaCZamJiIiIiIhmaeEyxmtrIgCYJ0Z/7lYQ1ru+t6yXACCurXVuMWrlkqKagCin03FvgtlX47mTtjIAzML9WoOnGRMREREREc3SwmWMheimrCo6TPWgBrdyNGBZhnF0qOrD7+jJ/Yrx9HZUEqzm4VQaz0Wikt/HQaGqJ0M6AITjLZ5pTERERERENAMLFxgDUiot64oOU1dLujqggSfp6zi1j1xC1xFPw/hqPE935j0AIiIiIiKiVbCAgTEgpXbzUu3gUDfdzb+iKK5vbEo4VFTzfJewIKwDJkxVUYBO7rfTTfemYl+N56+RLSWrQDhefxLlNmMiIiIiIqLZWcjAGPbpwlKq50ajpqArYby2JgJ27je+nYp2x7S9m4p9NZ4346MqAHGfUTEREREREdGMLVzxrQsYho7u45bcalziRizadwaTfTpTT3553MaLYf0Oo2IiIiIiIqIZW5rA2GqWFR2AvOmNaiVJBgBTPTJ62htHqglAjMekiRoTERERERHRalj0wNiyLKNZK5f3SqoJiPF8qjt0lWL2MUu6Uq51DniyjJodRfeG0X4aExERERER0UpYxD3GRm1P6T+XaUgJaSGaS5+WFd00daXUfa/+MNpXYyIiIiIiIloFixgYe4miuL6+IcUkafjuXymVy0vNo8OTThVrUZQ3hxzE5KsxERERERERXXuLGBhLqd3d3oLUIwhSNCVFx7yTr8ZERERERER0vS36HuMV1TCq8x4CERERERHRimBgvHDajWYkqQNARkrMezBERERERETX3iIupV5VRjageBLF4v4DVgMjIiIiIiKaOWaMF5AYzsTrrdxOcN4DISIiIiIiWgHMGC8OqXK2W5n3IIiIiIiIiFYNM8ZERERERES00pgxppn5kz/Df/pDmKf49J/mPRQ/bv4sxDX82ha+8qV5D4WIiIiIiK4CM8Y0G/+lgd/5P/BXf71kUTGAT/8Jf/XX+O3v4L/+0byHQkREREREV4EZY5qBP32G3/s+fu5d/Ktt/NIGfu7WvAfkx6vX+NMT/McDPPnPeO8X8CXWBiciIiIiuuaYMaYZ+MM/AoB//Wv4WnjJomIAP3cLXwvjX/8aACaNiYiIiIhWAQNjmoH2DwHgn8tzHsZl2IniH/7NvMdBREREREQzx8CYRms3apGs4eMO9r7in/2ZGY3nKrzzGQD45LXf+7WL5UjRmv54iIiIiIhoZqawx/gHrwGg/hIA/vJTALgRAIAv3gSAr38OAH7xM5d/HBqq3TYe3z98ppna+W1y/SyVmErvjVooqQMvs1tSZTo9Xl/t5v2CqaEUQf54R5j3aIiIiIiIaCzMGC8gq5gtBwJ7gUitMUbrdrEcCinVrqh4etrNSFIHkKnnGBWPFow+qcsAtEIpO86LR0REREREC+BSGePf/1sA+OO+daNvzgCg9Y8A8Dt/AQC//nkA+GU/KTTLaB4dnuimCQAQRXljMxaVhvXgrzUAy6gdHOqmCcjp3dRCFR5uHBWqJgBo+qNiLHFx4rHdvF8wASAcrz+JJoLTHYqRDakaEN7PzzEqNmo41GECchoXvVIWmkc40eHOAWxsItrd3mqipI54uBGPMkowkWrtvwwVzGqytjWtpD0REREREc3SYh7XZDXLJdX03mKauqno6sAgdljrEzmdGxDiWEbz6FDVzb4fLIpEbD/zslA1EZYfjlqO2356ogGAXD+OTj0Ga2SVKoBw/MmcVgUbTRyqGOeV6o94TROmghMZudRsBjdccGd7XykVND2Zlc4qC/WhCxERERERDTBhYKz/PTAoVzzMH/wdAGx8BgB+flRJJqNmx7minN5O2Vlfy2geKKoJXSmv5XNRYWDr+HYsKgiws8GKbpp9rc/TxKIc31w7UdSFDI+FnUpupzJW09ZzEwAy0vQzk+3moyoAcf9JdMp56DFYBg4OYZqAiPgmTpQLw2PDiYpFGdsxCAIAGDUoOkwd5TXkok5DIYrd6NBO9hQAkKYQyQo7T+JKSNWqSnZrl0vQiYiIiIgW3OLtMbaahzoAyOlcqrMWWpCiuXxcBGCqR8aQ1nZUDECQUrm0jL7WxpGimyZEOZ3PpaJrM/9VllrjsaoByGzuXH1YDBwpME2IMvI5jHylmocAABm5FNw5ACkFdw5gnILadidiHNPJ8AajDzMAUH3UbE+lQyIiIiIimpkJM8Yff+Kv/U/OAODjVwCQ+txFLS3jxAQgxmO9AYogbYiqaUI3jJSb1RveWorFRV3tbi3F4jKEWOqivcfz06gFknr3TdOrLO2Xky5GZms6cWKzDNUERORz6H/27eyu96exOCCMt9fXwokJAPFY70+kGEQdJmAYo/LABuzFA5vD8sn+JbZkVHVoJ0/b0bl8uEBERERERGNauD3Gp6dD18y6kfFLywKcFdZ2XLzRF+pazSM7XPK0BoRo6so3nE6dkQ0o1Z7bqkqg+6bw/qWOC+psXd6aUlwubUA1AROGhWjfuAw76795HjMLUYz5SlkGTAAi+j/uaB7BnQMjOplyutiWkDLQqzCVp9YOj24iIiIiIlpgEwbGP/rxJPcyJ7pXfzenp06o60TR64I37HD3I/e1XnCJ1NmZGwwOyB5fqalvXRaikFXowImBaE9W1oD9q062uff0FACwju45gAPPtmTz9MIuZpAuBgBIWxlUq9CeL8kMJCIiIiJaVQuXMV5bEwET5olhRXtTi4KwDm8RJst6CQDiWmcTqlN2C4AopzfXDhXV7EoZXwdS5Wy3U5mrkd1LVoFMeqrVj60XzwAgfHea+7AlGboO8wRWtOvl6OwQnuwXcOfA+S3OwmxAlLG5BkUFXuKCOXDJAVwgdFcETDyz2gAXUxMRERERLawJA+O335rkXjfHuJcQ3ZRVRYepHtTglpkGLMswjg7VC7KonkSxGE9vRyXBciIe8uv0uQYA9+5M8/MEZ8dvz2rq4TuEJ+BNFMfTiEqwmqPu46aLpzKAHsE764AJ7bTFwJiIiIiIaIEt
<div class=t_attach id=aimg_167834_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:6316.03px;display:none>
(94.72 KB)
</div>
<p></p>
<p>找到漏洞之后直接找设备开始测试。弱口令登陆后台之后开始检验成果。意外的是直接能前台RCE大概是因为固件比较老了以前的校验不严格。</p>
<p>
<span style=position:absolute;display:none id=attach_167835></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB3QAAAKCCAIAAACml3/eAAAgAElEQVR4nOzdeVxUVf8H8O+FmWFT9sWNRTbB3DBBwC1XEsnsyUqz5VFRA1NMqNTctdTSEktJpSc1t8qK/OGCa7kgCmKu7LgQioiyyDIwM9zfHxfGcRhmY2BAP++Xr+c1c+acc7/3DvSc+XLmexmRSEQAAAAAAAAAAAAAAJow0HcAAAAAAAAAAAAAAND2ILkMAAAAAAAAAAAAABpDchkAAAAAAAAAAAAANIbkMgAAAAAAAAAAAABojPfkYXGhYdx3TFYqlRbpLx41WNiyHn0l4z4kK/uGL1YLhTezs0sePaqurlZzPiMjI0tr667u7kbGxg1fFYlEhYWF5eXlbf3Oh3w+v127dvb29nw+v+GrWlw3Ten9Oiu/AgAAAAAAAAAAABq5ceNG9+7d9R2FPjF1ubziQt6qd6iiTN/xqM3MXDx/p1x+uVooTL1wwdHFpVPnzgIjIzVnqqmuvpufn3frVl8/P7m8p0gkys3NtbW1tba2busZSZFI9OjRo6KiIldXV7lz0e66aUrv11nJFQAAAAAAAAAAgOccy7IPHjywt1ewn7Uxz1JymTt9IrKzs2MYRs1Rdcllwx8XMylHmjG6ZsD2GyWZvFy2Jf3atfbm5s6urlrMdjs393FZmVePHrKN+fn5JiYmGv1ItXKFhYVVVVWdO3eWbWzKddOU3q+zwisAAAAAAAAAAADPs6ysrC+//JJLLn/88cceHh7qjHoGkstCofDw4cNJSUnp6enSRi8vL39//5dfftlYUQUCWXVlMZjsS80YY/NoGHPJo0ce3t4KO2dmZqakpBCRr6+vwh+ODp075926JddYXl7eqVMnHcTaalhZWXF/gpCl5LrpnN6vs8IrAAAAAAAAAAAAz6309PTly5ezLDty5MgzZ84sWbJkyZIl3bp103dcze7ChQsxMTHFxcVmZmaBgYHc1s/CwsLLly+np6f/+eefYWFhfn5+Smaor7lc0gbTbQ1irq6uNnq6qkNZWVlNTY2VldWKFSvat29vYGAQHx//008/3bx509ra2traWtrTyMioYblhkUj0jNVP4PP5DYsaN7xuzUfv11nhFQAAAAAAAACAZ5JYLHpc9lh5H8bAgDEwUN6nViKWiMXK+xgY8gwMDJX3YYklllXeh8fjGfJ4yvvUSiQSiURFPAYGKosbSCQSledlyOMZGqo4L0ltba2qeIiIIRXnLpbUqjwvPl/AF6jII/F5PJW5ppqampqaGiK6ffv2jh07Onfu/P777zs6Og4ZMmT79u2xsbEffPBB586dlSfNTE1Na2tr2fr3VJ1r3nrEx8f/8MMPFhYWM2fOHDZsmOy7LJFITpw4sWvXrlWrVk2dOjUkJKSxSVT8pLZp6enpS5Ysqays9Pb2LisrW7t2raGh4dSpU2fNmnXnzh1TU9Ply5d7eXnpO8xnQWlpaWlpqZOTk74CqKqqEgqFVlZW+goAAAAAAAAAAFqhx2WPU1LOK+/DNzLhC0yU96ksL618XKK8j7FpeyPTdsr71EoktaqSuRZWluaWlqriqagoL1fex8hIIBAIlPcpf/z4cZmKe7C1Mzc3MzdXEU9FRaWqeAwMyIBRkVwue1xZVlahvI+dvb2tvZ3yPrY21rYym0oVKigoKCgo4B6PGzeOiEpKSkpKSojo1VdfJaJ79+7xeDxHR0clkzg5OYnFYnH9e2pkZKQyEd9KnD9//ocffnByclq0aJGtra3cq4aGhiNHjvTx8VmxYsUPP/xgZ2fXv39/hfOo+LNM21VaWrpkyZKAgIBFixZZWlpGRkY6ODjY2trOnz/fw8Nj3rx5I0aMWLZsmVAo1HekbYZYLD516tSaNWvu3Lkj95JEIhGr+i+jFgoLC0+cOHHz5s3a2lrlPVmWVdkHAAAAAAAAAAAAhELh999/b2FhIc0sV1RUxMbGvvvuu++///7q1avLysqIyNbWdtGiRRYWFt9//31jSdRWkFzut44276POOs4MikSiysrKwMBAPz+/BQsWDB48WCgUCoVCf3//jz76aODAgd27d6+urmZVfROhtco6sPZAVgseLzs7OyYm5uTJkzY2Ni22Qbhdu3YmJiZZWVlJSUmPHj1qmYMCAAAAAAAAgB5FD+LLGxSd3VYTOPC8Y9ns6EGDorOf/ACzCWH8QdFZtVkNftQnhsm3hB1+utug6OynJq+bm62blh+WoN5vSkJCQnFx8aRJk7jMMsuyS5cujY+P79Spk42NTVJS0vr167metra2kyZNKi4uTkhIUDhV08pi9FtH04bUP/mbpn9ETCvIVhMREcMwjo6OZ86c8fPzKysr++67786dO0dEAQEBH374obm5+fnz57t3796syeWH57ZvSywiItY2cPL7ATbNd6TmVFpampCQkJaWZmpq+sorr/Tp08dAaR2i8vLyWzK37OPxeFrXHjE1NfX398/Ly8vOzk5JSenYsaOnp6fK8tDV1dWymWgDAwMHBwftAgAAAAAAAAAAANA5hnGPOC2KIMqOHjSZfjwd4U5ERHtinm5h2ewM8l+bdirCnWHZhHCBd5hXTUxQXVnnI+uieiyscaOc6EHeUeTvTz3UPHpiYmK7du2GDh3KPS0oKMjKypowYcKECRNYll22bNmlS5eKi4u5DaZDhw7dvn17YmIiVy1EThNywZ1nyWSWW5ekpKQpU6bk5+cPHDiQiDZs2JCTkzN//vz58+ffunVrw4YNRDRs2LAbN26899572dnZqubTRtaBtT9mev43MjIyMjIqhJLOPWyOozQrsVh85syZjRs3pqen9+3bd+bMmX379lWYWZYtVc7dNfG3elevXm1KDAzDODk5DRgwoGPHjvfu3Tt79uydO3eU/0nAwMAgLS3taj1p9RwAAAAAAAAAaP0iTotEIlFNfCgRhcbXiEQi0ekINzoS9mQ3ZwIRsWxCGJ/PD0tICKvb2pxdt8OTa+KHJbBElP/bbD2fD4COMEzQuFC6lp7DPWWzo1deWxs5qi5PXfPjeDXnEYvFmZmZvXr14tXfN7Jjx47R0dFvvfUWETEM06NHD5ZlpXUweDxer169MjMzFRbFbcLO5Y4uRERb+1JKfbaR27b86j4KdiGiur3MXSJo8ft08G3quJt8iO5tpyXRxBjUd/ubtmofQmMuXrzo4uLCFQ0RCoUXLlyYP39+QEAAEZmZmS1atEgoFPr4+MTGxk6fPv3y5cvu7u46juDhucQ071ej6ncr2wSMCSCirANr/0xnGCJivcZGjfEgyjqwNtPzVdq/P52IbAP/W7+/+UnPusasA+v2p1MLboIuLy/fvn17UVFRx44dg4ODu3Tpory/NOFramrq6+t75swZImIYZsgQHfwFwsjIqGfPnp07d05PT09PT797926/fv14MjdOlc1u8/l8Jyen3Nxcrt3Nza3pAQAAAAAAAACAHjFMUIxIFEPEZkcP9g4JG1ezaRQREV1buTKJyJ/YhPDuUUlERBS7cqU/N4pNCHs/5sbq1fqKGoCTFOUtiJJt8F+rxSwsmxAX6z8+rS7TdWRdFI1Pc5fJiampuLiYZVk7u6duiujs7Mw9OH/+/J9//uns7NyhQwfpq3Z2dizLFhcXy42iJu1cTj5GRDQtlTanUL/6isn91lGwC23tS9PfpntDKGxMXbvPF+RDREQd3ydfos6z6hPQQ5pj+3PD2zJKk4+yG2/Ly8sVdm66h5mZD7w9PeSbPcZERUVGRkZGjvVOS6zfypz2Z6ZnZGRk5H8D6WxSFhGXWaZXuZ6R7wfY0MNz2xOtuU3Qkz0z41tkE7RQKCwtLSWijh072thols0OCAjgild0797d3t5eVyGZmZm1a9eOiCorK5Xfvs/Z2ZlLPdvb23NDAAAAAAAAAKDtqtunzOcLvKOS6MnmTUrqsbCmRnQ6gsm4RvU7naU7OI/ExeopXgBZ/mvTakT1uF35mkiK8hbw+XyBIITiT0W4M1SXaA5dOFvHWyq3bNmyatUqGxub+fPnM+qlrZuQXGYO0Yx+dImIiKal0tJZxNZSvyF
<div class=t_attach id=aimg_167835_menu style=position:absolute;display:none>
(59.21 KB)
</div>
<p></p>
<p>固件:
<img src=data:image/gif;base64,R0lGODlhIAAgAPcAAAgmTQ8AdQ9+ChQYYBRGThhmERwUbRwYhhwbdBwyUx4Lfx4ijh6UEyEdVSFVLSFkHSIdZCQjhCURgCWEFiYcfiZFTyiIKSkkaylgOCpmHyp7Hyx7Ey0pdC4ngzB1HzFuUjIuaTJAPjJGTzOEFzQcZDRgGzRjNDSDaTSGIjYmVTc5TDg0ZTk1iDuHKDxSMj5nNj6TIEM8aUQ5hEUijEY0UkcsYEdqHUgBaUkJfUlVUkpIbUpKU0p0JEqNLEsyZ04TZU5GfE6AVlBNUVGzJlIIfVJKclKQWVOEO1R0e1VMhFYaclcJc1hOsFkeUVkeY1sPflsTKltGaVweaVwyZ10UjV1Ddl1dcl6BSV8biGEjaGFBM2KhN2MJg2Npi2YWdmYbemYhXWdidGgSfGgkdGkOimsah2smems2aGtnmGukcmupO2w0FW40VXEioXEkhHEkjXEnfXFugnIsM3OIV3QpgnRAdXWWcXgqhngtcXgxfnoriXpwtnw3WX1MdH5mkX9EeX95m4CJSYEtkYF6eIGqR4I2XoNLZ4QYmoQ7IoUxpIU3iYZDHIZ7qoaxQ4eGf4g1lolEEImliIo7M4pDG4taQ4w9IIxBIYxskI1UfI1jbpBCnpJEHZNJEpeSjppOE5tVkJtsep1NIKJrQqKooqK7XaRZBaRjsaZrgqbTkad2ZKqCearRiquSf6uqrK2Gaa2bXa2kg653urAAALBxFrF3wrKsn7OysrWJhbqEw7qsw72IJb4hDr9rPr+ZNr+dar+8wsCVWcDMa8GVrsOZysOy0cWXIcZJVcdUNMeGhMmmSsm8y8nAfsqpdczIzM6+rM+zONHKltKt2dMVE9OlPNOx3tWza9esJde5j9m0f9m+etqLkN3FnN+mft/tpuDY2+Gsq+HF5eTAveXR6ea6hua/kOcAAOjdn+jwx+ra7urq6uvWr+1mTO2uh+7k2u/00/Lr8fLtuPXLr/nw+vsAAPzeq/zxTv7oMP7swv7+0/7+/v+FdP/zq//9xf//5f//8gAAACH5BAkAAP8AIf/8SUNDUkdCRzEwMTIAAAIoQURCRQIQAABtbnRyUkdCIFhZWiAHzwAGAAMAAAAAAABhY3NwQVBQTAAAAABub25lAAAAAAAAAAAAAAAAAAAAAQAA9tYAAQAAAADTLUFEQkUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApjcHJ0AAAA/AAAADJkZXNjAAABMAAAAGR3dHB0AAABlAAAABRia3B0AAABqAAAABRyVFJDAAABvAAAAA5nVFJDAAABzAAAAA5iVFJDAAAB3AAAAA5yWFlaAAAB7AAAABRnWFlaAAACAAAAABRi/1hZWgAAAhQAAAAUdGV4dAAAAABDb3B5cmlnaHQgMTk5OSBBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZAAAAGRlc2MAAAAAAAAACkFwcGxlIFJHQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYWVogAAAAAAAA81EAAQAAAAEWzFhZWiAAAAAAAAAAAAAAAAAAAAAAY3VydgAAAAAAAAABAc0AAGN1cnYAAAAAAAAAAQHNAABjdXJ2AAAAAAAAAAEBzQAAWFlaIDgAAAAAAAB5vQAAQVIAAAS5WFlaIAAAAAAAAFb4AACsLwAAHQNYWVogAAAAAAAAJiIAABJ/AACxcAAsAAAAACAAIAAACP8A/wkcSLCgwYMID6KLhi6hw4TiTD0yNUxcvocYxcUSBGfMGDp6NNGiFu5aO4wE0dESRGeMFClZpCx54kUSp1CcKHnD+A4XS5dOnEi5gQNUsmKlNk2SgycRRXEH5Q1T1FJKUKFK+gCzNmtWPWtNqLyBQ+dOyFjU0F0Ep0kPHTNZrirBwaeePV2ipvVig4UOWTqAy5Z5shOXGzd67vgdgyWLJE+edD17JuoGFb+BAb95ksXVxViK8nBBrOdNIU+lPEGC4iQLETdwYge+M9gQMHWfP906lcfNGzylUkvKgqXMFzPI/9Jxw2VMqmrY2l0cdigPqDxm3vCBNIlTljaCEvv/lU37iSFf2a7tC/fun7IoX7iIGfOFDfdFYMyMIWvWLZ0nZrCS3jb8hBNFM/+MwoAJO0zxBRlgcDdJE1YJlcUYYhjXhy+8XAMPP8KoMMdFkcCAggAavLCDfYtMWOFVmfxRRza7yEJPP5eEEEg8JKpByhYtTMAAD5VMgh8ZXlj1wxnZqIKJOdKUo00XLrzCjnQJDkFKMD1oYAGRlSDiQg4OirFEFsw4ic865cgRBDPk3HPORd6gAAOQHny5SZgeMJCiEFOIoQgmp7hjzDzHQLPNPfwYgSAxESTggAcjTGDDnoiUoIEHGkyQogo/KIKEJPOscw4+3XwwQHuMsCCDAheI/4CBDZOEWcIDGeSaQQEjoICBHevMo48/qxBAwjcX7dEFLHF0oMABNHBiSaYT6IorKWococ46+vCTBgB1sOPMRYCgAUsnMkSwQA2cTIJICBhQukEBPARDyBXqxNPNCQ2cwg09tVwUBxOAdMICBQv40O4kJBwQqwkebNBII3PcgwoBUyCDzTb45NJKPqOsYIAMLHRwQA2eWDJJCgtQIAEFK1RgQg9q2JEAJtxco07HOjRzUTqthLHCBQl7MsnKCFygNAISBDBABSsgMw6B/TCiQzoGAR0HDZuEEkoKCEAgtthhyDADN+Ts3A4QjjzkzSBarJFCBB1wAMEAKyzjSBVx9j7zSwy/oPTPO7Z0EkcMF3RAAQew7L1P1VZgLThB6dhyuAFJoOFHOEl0MnlClccBggxFIPj5Q+n8IvnprBMUEAA7 border=0 class=absmiddle alt style=zoom:1;max-width:98%> <span style=white-space:nowrap id=attach_167846><a href="https://www.t00ls.com/attachment.php?aid=MTY3ODQ2fGFjMThhYjM5fDE3MzU3NDE1MjN8ZjUyOEpkRFgvSUNPeVJKYTFYTDJ4ZnZhL1g3VUhZRFovbmtSVS9JbG9lelRCaFU%3D" target=_blank><strong>WF2210.zip</strong></a></span> (2.98 MB)
<div class=t_attach id=attach_167846_menu style=position:absolute;z-index:301;opacity:1;left:290.578px;top:7714.59px;display:none>
下载次数: 0
下载消耗 TuBi 2 &nbsp;
</div>
<p></p>
<h2>某型号路由器:审计过程(直接审计固件,找到存在漏洞的函数,然后再去找传入参数的接口。)</h2>
<p>fofa随便搜了一下弱口令进了后台看到了版本型号直接就去官网找固件解包审计出漏洞之后再去寻找接口复现漏洞。
使用binwalk -eM 123.bin --run-as=root解包得到整个文件系统。firmwalk进行信息的收集处理定位到处理web服务的文件定位到文件为lighttpd在/usr/sbin/目录里面拿到本地开始审计。不是所有的路由器都一样需具体情况具体分析firmwalk这款工具一般情况都能找到处理文件。</p>
<p>
<span style=position:absolute;display:none id=attach_167836></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAwYAAAIgCAIAAACwJukcAAAgAElEQVR4nOzdd0AT5/8H8Ocul4SQsIeICiIOREBFcdaqFXfrptrlaEXFVaut1lHXr466alut1bqr1l0ntlZsxVEUxY0ICoKKICPM7Nzz++Nqmm8IEcgDSeDz+qMNd0/uLm95wueeW1RA644IIYQxRghhjBBiWe2WjeuDgwK5aQBIpdJmzZpZeisAAACAakQjZFgPLV+6EOohAAAAANQpNFcJoX+LIrZLp449u78B9RAAAAAA6hQGIcSVPxhjlmXnzZlp2Q0CoFZ69uxZSUmJUqnEGFMURdM0TdO6Fwgh+hX9udxr3X8t/SEAMIJhGIFAIBKJLL0hAJiL4UaHMMIY466dO7m5usAQEQAEyWSy5ORkS28FANVFo9FoNBqVSuXg4MDV9wDYqFe/vhghjMd89J5FNwaAWujevXuwmwFqPY1GU1xcbOmtAMAs/1X0GOFm/k3guxsAgl6+fKlWq+GYF6gLNBqNXC639FYAUHU0wvjVBWdYJLKz9PYAUKsUFhba2UG3AnWFSqWy9CYAUHUM9z8YHAKgOiiVSji7AtQdGo3G0psAXkOr1apUKpVKxbIsy7Lo1bUdAoFAIBDweLy6vDrmv5dQFAFAGnd9maW3AgBgRa5cudKlS5eaX69Wq5XL5Uql0mA6Vz1oNBqZTCYUCkUiEZFKxRZXx+D/SiGoiQAAAIBaSKFQlJaWvraZUqlUKpVisdjMI/42ujr906sBAAAAUNvI5fKKVAw6paWl5pwpb7urg7Mc4HzAGhUdHV2Tqztz5kxNrg4AAKyNQqGQyWSVfZdMJlMoFHVtddy5RNicQSKVSnX69Onz58+npaUhhPz8/MLDwwcMGMDn86u8zBqzYcOGP/7449tvv23atGl5bTZt2qTVaj/++GORSERRVFxc3P79+0eNGtWpU6ea3NRaIC0t7ZdffhkwYECNrXH37t0BAQF+fn41tkYi1Gp1RkYGTdNVe9puQkKCWq3u2LEj8Q2rSWq1Oi0tjaIoawtBo9HMnj1bLpevWbNGLBYTX36d8vjx47Vr1z569Ej/79OUKVNGjhxpwa2qTbRabaVGUPSVlpby+fxKnehj66ujzTxglpubO23atJs3b0ZGRh4+fPjw4cPjx4+/fv361KlTc3NzzVp0jZDJZHK5/PTp0+U1KCgoOHnyZFxcHEVRw4cP37Rpk1QqvXfvnlQqrcntrAUUCsXixYtnz55dkyudPXv24sWLq7bzYUElJSVxcXHp6elVe/uTJ08aN25MdIssoLi4+MqVK0+ePKna26svBLlcnpGRkZ2dbak7ExYUFDx48MAiqyZuzZo1PXr0OHjw4N9//x0bGxsbG3vkyJETJ078+uuvlt60cr35iqU3pELMvFNUZd9u66tj0L+PfK0KlUo1f/78nj17jho1SjexdevWrVu33rdv34IFC3744QcrHyvq0aNHTEyMWq0ur8GZM2dUKtU777zz8OHDoqIi7qI+KxceHm5i7rlz52psS/Tt3Lmzc+fObdu2rcmVtm3btnPnzjt37pw0aVJNrteCpFKpWq329PQksrQrV64kJyf7+vr27NkzIyPj/PnzBg2aN29ukWtnTCMbggEHB4eVK1eqVCovL6/qWP5rffLJJ2KxePfu3dW6ltGjRyOEqnstycnJq1evlkgkuikeHh7ffffdjBkzNm3apJtoZ2fXrFmzmTNn+vv7V+v2VFBsbCxXEpVXGMXGxtbsFhmn1WrLXoFVKUqlsuJXhFnJ6liWLXvrE6MTy66OQWY4ffp0vXr19Oshnffffz8xMTE6Onrw4MHmrIKsmJiYFStWlJ3++++///777/pTjh496ujoqFAojh8/LhAI+vfvf/z4cYTQ9evXExISEEKHDx/mfun79u3bo0ePmtj6CrNU0WNCamrqhQsXduzYUfOrHjdu3Mcff9yrV6+qHX+xOWlpab6+vkSu/L99+7b+09ns7e19fX11P2ZmZqrVav0/ZtaDYAhGmTjODirF6K+Qu7v7nj17dD+yLFtUVHT27Nk1a9bo10kWpKuErKT0KQ+RM2VVKlUFn+lb3uqGDh1qdPpvv/1GfHUsyy5ZsqRbt276QwPnzp27ePHiokWLylZFBqszqySKiYmZMGFCeXNHjBixbds2qyqJXF1dw8LCEELXr18XCAQhISG6WaWlpYmJiRKJpGXLlgghhmEQQj/99FNubm5gYKCDgwO3f/z06VOufXp6Ondco3Xr1jX/QWzO6tWrp06dapH7OAuFwsmTJ69bt85KvkwxxikpKY8fP1YqlY6OjsHBwT4+PgghrVZ748aNZ8+esSzr5ORU5eU/efKEyLDNs2fPEhISvLy8srOzuSnu7u49e/bkXmdlZaWnp7u5uQUHB1dh4RjjxMTEBw8eyGQyJyenNm3acMWWRqOJj49PT0/XarU1HEJ0dHR0dHR2drazs3NERESfPn02btx4//79vLw8iqJ8fX2HDx/eoUMHrvHo0aOLi4u5L3SM8cmTJ8+cOZOXl+ft7T18+PBu3boZXcWePXtu3LiRm5urVCrbtGkzb948E+81vdji4mLuz8ybb7752WefVSGi16ru8aHyXL58+eDBg9yRwZYtW44cObJLly7Ozs4DBgzYsmWLRTbJgJWXQfqspCRCxqqf8uokM1dH03S3bt02bdqk0Wj69euHEDp37tymTZsiIyON3jWXZEmUnp5uYs+7RYsWVT4PoJq0bduWO3CzYMGCq1evTpo0SbfXu3fv3sTExOHDh3/00UfclPj4+FOnTiGEaJq+fv3606dPBwwYMHPmzDNnzqxdu3bWrFn9+/e31AexLVevXtVqtRY8vNK1a9c9e/Zcu3ZN9yfNgu7fv//w4UMHB4f69evn5ORcunSpd+/eHh4eV69ezcjIkEgkHh4eVT5TjTtgVK9ePTM3UqFQXLx40cvLKywsjOsF+jDGV69exRh37ty5aiMxCQkJd+/edXR0bNiwYVZW1l9//TVgwABPT8/Lly+npaWJxWJPT8+8vLyqbXwVQti/f/+BAwdEIlFQUJBcLue+Iq9evVpcXBwaGooQunPnzooVK2bNmvXGG28YvHfPnj1Hjx51cnIKDg6+f//+unXrNBqNrnbUd/bsWW6BPB6vYcOGpt9rerEMw3AVUkBAQFUyslZbtmw5d+5cZGTkokWLEELXr19fv359YmLi+PHjJRKJlVwdXE1DRJ988sn48eM7d+5sMP2ff/7ZunXrtm3bqrBMImd6VHwhVrI6bnyI2wdmGIarh7jy6LULMaskMs2aHxIyfPjwuLi4ffv2zZ07FyGkVquPHz/OMMzAgQN1beLi4vTf4ujoqD/XmlnbuUS//PJLZGSkZW/i/PHHH+/atcviJZFKpUpOTra3t+/evTvDMDk5OXFxcampqRKJ5MmTJyKRaODAgQKBoLCwsGp3KyB1wCguLk6r1b7xxhtGT7N7+vSpVCr19fV1d3evwsKVSuX9+/clEknfvn1pms7Kyrpw4UJKSopEIklNTbWzsxsyZAifz8/Pzz9x4kQVll/ZEEpLS48cOcLn89euXVu/fn2DuV999RVC6OLFi+vWrdu/f79BSVRcXHzy5Ek7O7tVq1Z5enreuXNn0aJFBw4c6Nmz5+HDh7mD7AihgQMHdu3aVX+Bpt9rYhb3XpFINH369CqEU3E1cy6RvsuXL587d27z5s0uLi7clD59+oSFhU2cODEwMNCqTlmrjnOJvvjii7lz544dO1b/0MqZM2d++umnZcuWVW07raRGqfnV6VdFUVFRJv4mkiyJGjdunJycXN6Ro4cPH1rtxc9t27b19/f/66+/+vfv36ZNm6NHj+bn5/fs2dPV1VXXJiIiIiUl5dmzZwihsLCwXbt2OTg4WG6TK8EKzyUCnMLCQpZlZTLZ6dOnub/ZFEXJZLKioiKKotzd3c28HIHIUbOsrKwnT560adPGwcEhPz+/bIOHDx8ihAIDA6u2fKlUyrJsSUnJoUOHdBNLS0sLCwspivL09KzhEFJTUzUaTZs2bcrW
<div class=t_attach id=aimg_167836_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:7914.29px;display:none>
(37.6 KB)
</div>
<p></p>
<p>查找危险函数systemIDA交叉引用查找存在漏洞的函数。搜索之后发现sub_456BCC函数存在RCE。前端传入的flag的值给到parm。判断parm是否等于cmdparm的值等于cmd之后前端会将传入的cmd的值给到V10然后将V10的值通过sprintf函数进行格式化处理并将格式化后的字符串通过system函数执行最后构造命令达到RCE的效果</p>
<p>
<span style=position:absolute;display:none id=attach_167837></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABgQAAAOiCAIAAAAwiysEAAAgAElEQVR4nOzdz2vjans//refDi0UHs7iKNE/YE+rkxF84DyL71fBCXhnz2YwwXQ3XTkugcabWXxLIA3MbuDzSQqmsVadXRHBzGbinR5iE61ONx9NRnDif0CJujgUujo034UkW7YlW7LlH3HeLwo9sW/Lt27Z89iXr/u6Mk9PTwD+dPgfAH5p/owIvV7P+69sNhs1aDBs4qC5HzKHXq8H3N/f53K5JT3jzLyFWfNZEtGz89tvvy36Kf7lX//tH//h7/t//vDDD4t+xpQ53cuGbgNy5bQszTs6uOC///77jz/+mOZUJ7NaZ5oZfR7ezMXCUS0vxHxg9GPmEXLUWE+U6pVahh52czCA6ycU0x0cn4UzDRBxVMPkK2i1oJnef4sydiTkI5atewndhlhALT/lLvfPKSbOzXHQuYJpA4BcQf9K9p9o/9GbtijjoOwdx+mioQ8dOXLO7voAlVNMeJW4Dw9OYC6xL4p3ImPizCS4dJBxWvZuT7R0z3udiYgo4FXMcTFDEjNELpYb7Mhms88lvvI8ZklE9NJZHd0GIBb2+GVlZoK0I+q2bd9ZTt4N/TjWnQ1A3k8v5LQGV6r9CQaAaqzgTqLBiyCVcSThSoMN2CZsEzogytjfg5ReIDApQUC5BqkFzYR5gz3JCzoI24ANW4cGAChUhkJXj48AgO0poZbNFlw6mLDKXhQm0dJxnYmINkbcYBARERGNcbo3JpBu0OIlEvL7sq6Z/WiQHwuSUovbrMWV+qICwPmH9AcviCChdgo4sCzc3MG2YZvQTBSOMNsy5msIJoh4yUeBLJWYJAkwARuP8OIOW1veXcFElT7nAQDELTx3Qh6nY+lXifQXynG8tUu0dC9knYmIXoI/rHoCREREz9YaJJtsCkmSAdh6x8IiYkHrcKXaUAEoeBsn8zfR4EUTIOVRq+H0CCIAQO/Ee6CDOxsAthcfgBP8p9jZG0tLWeI0npH+iiVaOq4zEdHGeOVWC/rjX//Fqmcyotdr399PGpArFtfh8xEREb1Ya5Fsshr2Yz8jIy3SXkE0ddu0rPKWc2enGrhJeqWci91G3QAU+fq2nNYurYuPAFA9QZyPL4kGL4+AfXlQSGgqqwO3QE16UT1P9wYAIAfKzUiQARPQO8gP5xl50xDBmC2AjltyaOal4zoTEW2Ktd0mdv+pVFIn3K+c3xeP1+sTEhERvSjrkGyydF51H5ja5VblIJ9m7Rjv0KbV3XqwAXEntYMnvVLtTt0AABhm6VB6aqZxfXvQDAB4Fye2lGjwYjhdXD1iX8KWNIj6ORbcqFr4PqBHOI6fOeLA6nhhI7kyqUJw4olZ6Nx4VZALe0N37RVg6oCJSwx2MPXLYMv7L72QjWN5FaAAVIbjOImWjutMRLQZXk3oILZSxebTU3PVkyAiohfCa581zNTO+s2UxpparWdakN8wa8jE80jKq+4D2LoWbGuUQn8xPxqk64he12VcqdyWArjhIKhWuynNH5Nxq0Er5wlKR8ccvDhueaAQIg7CytbYJhpj48XCXH2gIruPiSgcjNYtEvKoPEIzQ2Yy5zSeo2AzuCEiKgej4blES8d1JiLaDGubGURERLTGXmRakEsqnx5Jrasb057aIzyhfqApzXJBM1ypbP72+jFTir0bKga3GnTlbfqDF0TI40hA5wYPNvrXWRSxsx/ZYH5EnL5jUjlx6ejJc3A7oPVTh9zx+werbH+2LkSI25OuSKKl4zoTEW2AzNPT06rnQEREy/Pbb78t+in+5V//7R//4e/7f/7www+LfsZ1Flzw33///ccff1zhZCiuXnc3pxsAlML9bX7Obem9C+TqQBVxcp4TDZ6FhTMNEHFUS207j5u/IxZQm6/R1TPinrJcSSkRZgEXZTOkvM5ERBTw6k//ZAH4419mAPz5n/921fMhIiIiWrX7R3ebmFKR5i9Q+FUDgOq79AcTERERzYat5YmIiIgGeu3WrrdHTD45njtRo426ASj4EKtcUJLBRERERLN6BfO/AfzX3/zVqmdCREREtErtw7NBK1NFvv6cRl/5IhLsyE80eB42GmeDvwpHo8WYaZSDywbSLpM1jBcFS1lnIiICwALSREREREGKIldO9t4Whfk3iBERERGtp8zP/+8vAPD//CWAX/63vOLpEBHRgrGA9JKxgDQRERERrRvWDCIiIiIiIiIiekH+8Ivx8y/Gz/ifJ/zPsnrM93q9Xm9Jz0VERERERERERAHLrxnUPsyVVKB6/dRcVKcMN9aUzY7v9Y+KQo2PjT8y3jNHP6R98enXt83jyYdt398DAHLFIisYEBEREREREdHs/GDQ0tKCFq53sZurG4Byfn87EmHx4lDjxsbGHxl6/LiRrl778H1JNVB93UT4Qf0RwSlUrz83GRIiIiIiIiIioplsXDex9qe6EXFX79dvAABFUUbueTPzyOCDLj768SP1S7tZnBgN6rUvPn2sq1FT9fSjS0r1/OQdfv2i1VXDUEs5LDCvioiIiIiIiIg2mR8MetqMzKD2YXhCT4By/jk6t2fGkQDQ+6oZABRFMQxjQjSoF8g6UhQY0fEg72QGyUjF4vHbd4e5kgq1dPiO4SAiIiIiIiIiSm6juom5uTnj6Tye++9TEnFmGDl4bjcWVD05eQMA6pd21Eg360ipnl/f355Uo4/Y/uJuOTsJBqSyxQ/nypQnICIiIiIiIiKKlKxmUL+qcqISyTGPOu8xexfv6wZQPTlBqRQdzHnzOu7TxB/Z351WfVcs5s4VtW6oHy8+FEPzil6fXN/niu7JTgjo+LGgdyP5P9m3FaVuGDG2ohERERGlqn2IkgrlHLfHKQ+exMKZNnpb4Qh5Yb7DPjfdS+g2xAJq+XgPcHDZgD18m1xBWUpjNpt7UdZrnYmIFiZmZlDv4nA3k8nkfJlMZvei179zN5PJZA7HIxvePYOhI3e3g0fNZDK7h+1Ze877oaDryM1TfiGgGMeKPdIXjNxk31YUAIb2NfRcssViMUbYKyoW1D8+vv0661oRERHNw+m2Ls/Ozs4uW9aqp0JL5n48qbxNfzAREREtU79m0IQx7cOMV8ZYqb55A+DbN3VCqZu4vNo5SrX6BvimqgZgqKXct0n9uqIMhYIm7p9SfsrFPGb8kSORGy93x9C+9o4Tn4nHi0dNmoPx/R4RPciIiGh2jtW6ujFtG5Arp9E/7TqO1bm6ebBt//dgURS39w/2JOH5/zA+hdXRTRsAbPOmuyellQngdFudO/Nh56gW84gxr1R/dNey7u4CVyzOo9L2vF9dvQuoAKqI8/Em0eBYRBzV8CzeXo6Fzg0ebD9bRIS4jf09SFNnH0i3SSHLRkDtdPCXm/CSsoVelMmrEZaaNJhXVF6Pg24Hd+YgkUcUsbOP/Dz/FCxhnYmIFmB6NzG/SdZQu/Qmer3eXP/brpZKQ33am02vJ7xR/9Q+TlYbuX2Ym5IVBPiFgIx6LlP3b1KU6klIm/b4I73nH8ni8aNByc8kluzrN8D8wTgiIhrhWN3OjRfnmMxqXWqj42zbtrWGKcqV2obvDpD2CvKDbtoQ5f309oQ41p1p2hB3Yo2Ne6Xc4d3WVfzRC7IJr66vGgBU36U/eKNYaIwEKWzYNjRz+tahVnR04wVKfTWsFjRz9Ebbhq3hkbu6iOjlmd5NzCumPLpfaf6qQdXr4Qyg7PHt9fdMSUV0uZ1QXtOtKaGgUIahlnKqEiMXacJIL1qmnH/oP//8dX28VU9StoiIiGY3SNgQ5cL+1p026Zddq+V+VxflykHZ/63fsbpXmm6nnC2znoR8uZYvr+a5E10pAHC6lw3dBiCK8v7B3paw/OSaDXl1tVE3AAUf4nyySTR444jyUB6QY+FKgw2YGqRTRMUcupcwAYgQ7dECNC9Q/NWImULVjwSNXh0HVgePc06XiOgZml4zKPeT273qY0ThnxkFYyd9xXdVwNsAFU/vYjduKKjYfBpyf31eVQDAqOeG6x3FH4lBS/nK22DTL6+uD3t+ERE9C1ZHM20bolw5qpXz
<div class=t_attach id=aimg_167837_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:8849.51px;display:none>
(122.38 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167838></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABnAAAAMKCAIAAAA6Zp1lAAAgAElEQVR4nOzdX6wk110v+m/bVgj+MyNhao5DZMHJA0G1ChGfGJRgot1EioSSlyudvWonQRfBy8HZOgrIAhxBUK3SvcCR+CcF0cl94FzDDSS7fvMUx0fyiQS1SXRlReAHUmvpoKMTkdwLSlzJtSczx4w9PbvvQ1V1V3dVdVfv3b3/zfejUbune9WqVT173D2//q3fb/DPr7yKTfizP/vz3/7ErxT3n/yjfwLwd8/8CIB/BQBMardHtfs/M/x5AE//Bw3gIx/9X1rHFLfXipk/9jKAv/v0v2tbgoSDUAAASunoINJKzT1v4yAwFjqZJBptzyiTZZGan61ldMcBS7QPL87Qb47q2majm48sDi6fWbrWtqu0Eu6FYqdjlDYHye71+Reva9by8Y7XjYiotxs3bmz7FJ/69HMf/9gvTn979erV5eP/6p8B4EvfWT3zR98OAB/4weOvrZOTWFzHc95wf3/Hm3soPxyN0rxlqK/3tV9/pP6Cj8fjRx999MRrpW2KAQMoIDvrlQASxqEAaphlOz0+Fq2SQwSu5ccWw30s/IQX3CHSFNMjfI35n+6Wc8TByFhA60myYigRERFRqwfOegEbpJMsiePYiLVWwkCKuFqiN/DR7iSshEWIyRzswlrbGOCKx5RaslAdGSXGwloHKADwlYJYKL3bOExrDZHa2O61OVecuv5ZUukkm6BaarksiW19oMTGAtDRYoxORQdGAmNFBJoRNSK6JL52E+gXSit8/l8AQD0MAD/01i0sqCV01sZJEU3z/KEe7ngegNyJiMtzJ6PDXnMQrWAPYwHgmYNNRNMAl8LlgAet4XsAkDuIIAdSgb+P+k9t7iAp8hzwMBzCCtoCcU1edDCUILUioUT8CpCIiIiO4b6tzHrnCHeKJDNMar+OgKPq/ms3br524+bXXv7q117+6gc/9P4Pfuj9zTH1X6hP10XpKMkmWZYUyWnWShgEcTOEdWJlDMz3V39ytNfjIm1OTDCvSKezJqz/tovyj/v9aXmktS0ZDcuuQxXKqygib9XA1kDc/Pmc28LrTkRE/eWHafH/br2vi2ga6qlpeZp2pboR9SdxagHoYZ+c/T78IXwf+/tlNA2A50MPAQD5YuZaKshzeD72O5LXOqmdSAOAxIf8xEJERETHsJ2A2tlSSidZNsmMAgBr4vlIVUukx7XkjXWPXh5PavJVu9l6537bk9rVRdBw5T+H/GLulivpfR1VQhpzzojo3vTSq3hpnQIJRxMcTfDSa3jpta2taaXc2RyANxwu/k/eHw49AHCr30KoyQIhMKh+BUAILLzFBtVTrcKOZ1fObGvPmsYjg+6TNmdufotXrBlAXA2LAQBS/TZsnblIT4Pu3mN5OEIcIx615445aTzrQWssBMc8v3zklflZhkP4GvuN8X2Ua7b2+oqIWh6Ho8EgDkKG3oiIiGhmOwG18RHGcxlqzbyzF55/8YXnX3zqvcFT7w2uXL1y5eqVrty0+aS05SlqdSqK5sM/nalaIt3JYVaan7LK8FKvBDWoKMnaFRsMlDmo/7ZrGXH1eXU6qoyoSdxIwSuvpxpbhd4WI4uw18UCrbtG206uzPQFXZb1Vp6914tDRETbUsXTlL8YacgPU1sEJfK83/Y4moob0SgLCLA3PyyqnmoNwEhtzLozH4O0zRx2hN6kCtUBMIDU4mhShdjqM10vc92XfOVWfiBoJJeVMxRplMPjRMQAeDsry6V100oDQC7Xl/1FsLEYyQFYSfdi/pUhIiKi0uXJUJM4lvmPrWX+1YxflQOrh6CshEs3W1qzNxexmo6vxZc2qXkdsBLuGds45TRQttd6PbPYWxVanL9SG++11EFrFHmrugzMj9ORUQAkXNhRa+Ng8exERBfft97At95Y+6hvv4Fvr3/UpuRFJo/n1eMUuTscxaO0CmzkrzA6sA5bBZtM7Ru/DDDAQkxn+h54vTFJ3BjTf2ZVe9Y0HpketbDmsDFzMv9UXQhoYFItr1htVkuIm1eEbavIVDtvp7yIlq/hHIrHVuf852UK27VN1v0r44DW8i8CERERrW07TQmq9DS09essbr+c/jWA3/jNZ5aMqd+WlmSnWRMaA1XtOXBO7EIQSkWRNqHAmmAgSvs+4EQstDHOmPYsfq21mGBginmrSQFlDjZVK6T9Oor1lStsP2XVAGB2PdP1KTOX8aaTRA9CgYSDYG6g0slcZpy9vhcEtjr57HJ1spBBVz+3UbUXEy2zEhHRZuXpKE7L+57neWo49P350FmRfObNwg9lOwIAnq+H11JJ82IUGxP0NY0H1ZPLVEcDIA0III1MtOKrLXOCmdeyV52uPrMGsiptzTbOklRnL55NAFWtcDEille1I1b8ECkfziG3yHfmft4OUwCAvxiQbCpHemhkXJ6IrzxIDpc3X4YpFWljxUgONTyI+NeFiIiISpeny2fZ9dLKLL9LKRMdRPUunzrJTLhnxMLaaUTpIPGvB6ZrXp1kOtwLZTav0iaKom01D62uw0otV6zrlCrKMj/cC8XWxiudNHub6iRLFgYqbQ6S1qjg3Mlbp6vOPe2qOj35ueisSkS0WQ/df5yjHjzWUWvL8zxPxaVLWn/m7lAkLSJsQ613fC8v4xO0jmnUJ26EyZqiKiBVD9VMN4EuHL7WzP11nQ61JS10BDfzw/R8Jt2ivGputCLM5A/hOeQ5XF5rHZCjyAwbDpcfjfwQxY/vsXeGdlG+B+SwryxtjO5Fyf4G/1iIiIjocth6hlo9y2z/6V8H8M2v/yMAFfwogJ/eeR9W5abN5lpKRdkkqu1Y7Cjzr6Ikmw2rBqlssvhBSSeTaTpckk0ah5xc/Qz1BU6vwznn+/6KMyqdZBP0WN78wM6Xp9erOJ0ySnRU2ye6uReHiIha+Tqae8Mqwmmpy3Pk6Ui8aLGg1Fximtabze+5x6gq78wApgo2dcWbivwyC8RVzheqHaDNQ9aaub9pQtmgx5jCwo/Ppt7WPSgPaQ7rsLNTPpY75FiddJY7jFIA8IYnKJdGREREtGmXJ0Ot0DOic4zAz+nGipRS652y99g+A9e9VsbRiOiSe+IqAHzt5npHPXl1G2tZ4Hmep/d9J7G4om9nUTDA8zwgR54WnWLKxLTpYa0V1mi1pFanX6r9mxqI2mJPERDOdwNobUdwjJkvIF8hTed2fRbdx5cnneUOo+Kl8LG/0z2OiIiI6NRtJ6B2d5Z5daX28F9+5ve3cjoiIqJ7m3fNg8tRK4pWPQLPH2q9sBW0WWGNeitq9lvgerWps4h/ZY3I1zTFTABd2/7ZFSDrP/O6ejZIX5tX1KlwbnUtPm8Hfgo33fVZ7fdc0o5gLpq2ndqstmjQoa4x9Y2IiIjWdXm6fBIREW3J+34A7/sBvONBvOPBXuOfuIInrkA9AvXIlle2aJZyVt3z1LBRWC0vezMyQe34FBABWa2rZtw2zACo0s2KAStrcfWcuY9plKi98dLJeUU+ZM8umUXsLE2B6X7P7nYEC9G0Lf2kln8TfO9SZAESERHRqdpKhtojbxkAePLXMgA4mizeTur3MXukMKn9p/GF6iOnVOG5P2vFNbvA1/iaFfqJiGi7XFrWbK+l+/hlZ8U0dTvzpafK0d5wyLSck5uWP2u1C5hauhnWqYy2fObC8kjZ9ANIvY7bRpVdMsUK/JVXVrYmcHBAboHudgT1aFq0ndy08jy9upTmcTAyFlB+kmm2MSciIqLCA5PJ5F//9fX7Bve99fu//6wXcxG5OAyXfdZVJtOsMEZEdLE9MACAZ94BAP/n/wMAf3+jfeTwUQD4yA+dzroA5LlLy6YD8PVc4MwfDj2X5nAykmk7gqJHQfF0e0tQ6hQDttEuYFrvrL3ZT9WaYA9Ao4fmSWberWYLgIPuPaGmiugtDCs2ltqTBtrUrlImtXAiWB1qmrYmOESxN7m1HcE0muZtbadnyTqxADy9u/SvgqTGluPD0E0SxqGJiIgIAB546f/+SvL5vxoMBnrvo+/56acGgyWNoPr6G/NjJ5/kgmh
<div class=t_attach id=aimg_167838_menu style=position:absolute;display:none>
(115.65 KB)
</div>
<p></p>
<p>确实找到了RCE的点但是符号表被去掉了无法直接判断出是从那个接口传进来的参数。这时候就需要去看函数当中的的关键词了。例如上述的关键词为“msp”那么可以进行关键词查找发现msp_info.htm然后直接构造参数。直接就开始找设备测试。其实有时候实在是关键词找不到接口的时候可以直接去rodata段寻找所有的接口名称找个感觉差不多的试一下大不了就都试完呗。</p>
<p>
<span style=position:absolute;display:none id=attach_167839></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACHoAAAQeCAIAAAAi0lipAAAgAElEQVR4nOzdf3gjV30v/rec3WzY7G4cCN/84MellBs0P1riZ7dmCVAKDaU/KFeKPePWabXm5l6WNi0BSsBevI9musbybaG09NJ2c5vW60sWrFlH/hZooU0bSmi+GzfBAXRGIn1ogVI2TQLsrneT9VrWfP+YkTT6aUmWLFt+v548ji2NzpzRHo1mzud8zgmcefYscr74uflQKATgZz+38tgd12UAB8gCTu6/D37kM/v27PqNd7717LkLL3vZDQ5wLXDgt5/4+4kfQ13mR3pH0qOnT48Ga2yUnh+ZwvR0qOixqZH50HTNlzUrPT81MjKVDk2fLd5lpU3T82mEQu2oBRFRC/T29lZ76uzZs9WeasmOWlt+/ebnvW8uv4sXL+7bt68j9SHqlPPnz7PZ0zZ0/vz56667rlWl3Xo6cMuBnpWllcxSJrOUqfjL6rlV5xkHr9r1yOTNrdov0To9++yz/AqgbYgXP7RtsfHTdrb52/+Oyg8vr6Is1vKj8899avbvPv+Z8X379uzdt8d9EACyznpqkJ6aSo+Oel1l8yO9I/MAQtO+5w8enEoDwdw26fmpqfl0Oo3R09PB+ampqan5NIBgaHS6PB6TLmxQvkmu6Nyuc52HJZGX9NTBg1MIBtPpNBCaPlst3JKeGhnx7Wp0dDS/ZWN19pWDYCgUTAdDp0fXCgUREXUFN5DjD96UP7IB3p7efeFiBs+v4PkMLmWwnMHyKi6v4vIqVlaxkkUmi0x2zw587p6XbWTFiDYA2z9tX8+vrCz1iFng+RVcuoTlZVy+jEwGq6tYXYXjwHHQ4+AZ4JXZjlbUnhu+Y2LOtgEAsjwwMD5gp3ByfKBte5yb6Bs+ZstHFxfH5bbtZOt46tDtF//1W4FA5Rthxwlc/cofv+HEAxtcq3V6+zd3X7i4iudXCmf+5QwuZ30n/1Vkssg4e3by/E/dxmv/l1bwPNs/bS+5xp+/7Pdd+WeyWHF/ZrGaxaqzZyc+98GXd7rKRC3TpoufKuGWlVUUx1p+/lc/8vCXv4LlZ9/Q/5YPjb77Q+MfcoMxQD7q0pT0/NR8OjSa+zM0ffbs/EjviG+L4Ojps6Gpgwfn8w8Eg6Hg/Mh8MD01MpUOTk+fnQ4iPT9ycOTgSLBCnCQ0fdqNkKSnDh48eBCF3Jrg6Omzo4Ab5UHV7JbizaqYH+kdSRd2NT8yMnIwnS+ysTrP+8pxM28YayGielUMS9TIemnJjlpY/tmzZ3t7e3t7e93yOxJrAXDhYuaWn7pi5Xx25Xw2c75n5Xxg5byTOZ9dOZ9ZWV7JXMysnFtxnnEuvGLXBleMaANso/afSqWQno+lgzNj4U7XBdh89dmGLmVOXL8v+x5kcVX+Psh/T+T+fg1w4L1f61wt7Ym+vrmBk/efHJABwJ6buGN4eBjyUXscZaGQueFhnDy5/jCMtO4SusdTh27Hf7lp30+8KrD7SgCBnkD+KSfrAMiceWr17MWnDt2+tSIuFy6u3nKgZ2WpJ7PUk1nqWVlazSwhs5RdWcpkljKZ5wrZXRdetfXP/0TF2P5p27pwcfWWn+rJXOjJLPVkLrj/ZVeWnMyFbOZCJpPJZJYzmaXM6rlVPIsLN1/Z6foStVKbTv5Vwi2XveyW/H+f//SHYx+b+c53vvvJT4z7bzYAwGks3pKeOtg75X+g0WBCMBQKzgPz8zh9ejoXOQmNjgbn59NpIJ9RMjUylQ6Onp4OBQuvm5qan0+PtnxSsvmRkXl/TkwwNH16eqR35OCUF9yps86Yn5rC6OnRQpVHT5/GwZGibYiIOigfWcn/0vJYSD7i0qby6/L8ysr5rJh18Nzl0gHO2aw3wPk/gZe3anRzKtbfP5kqe1g6srAwJgFIRPZGEsVPSeHw2NhYuEoHWCKyN5IIzyzNNNxn69+Vr4DCw2WlJmL9kclUvq4d1/yxN+HBBx+s3UR7e3tvu+22DahJK7Wk/Zc3WgCQpPDYiZlq7XaDJSKHYolUCgjPdLoqADaqPi37gHRn41/OAPjsk9NPPvO1u1//8fJYyzvuu/b6Ha+YPbS4zvz+9bAn7jiGo4vjA7nIijwwvriIvr65ilunUq2JlMjji8vjrSioC1z8129d+8YDzz/5KK7cgUAPkLurzgAAnCwuZ3a89OUXPvflztWxKRuY3eW/7smfkCo+uDG2/sUPgFQsMh+a2YjqdOf5/9IGZzem8t/68K7rw6k0ONxik+vSxp/JXOhJftrBpZV3vXbHG//rCx4WF+79px8hk0E26/3nOLgS+MF65zdqo8q3Hq4N/krpWt3Z/ttz8VMru6VkGNfnPvvFd79LKxnk1YSgf+2W9PxIIW+lMaHiqEkwGETaF5aYn5pKo3i5l2AwFBoNtn7plfTU1DxCpbkxodHR4MGS4M4adQaC3pxl/lqPTo82+RYREW1RbsQFnVsSBs9nfueGq+W7sYoXXLy8at7/9aXnlldWVjKZTOHnizKZTOYXj359145AIvrf1rc/aWxhaQzwuhpQdvMenllaSkT2RtLhmYWZMIBUIhaLRfoT4ZmKXdepdBpAIpFAuNEry9yuSvpjwzNLM5G9ifBC+e422XiAdRx7ox588ME9e/Zcd911V1xxRcUNLl68uLy8/OCDD26x686WtP+KLSmViByK9O/dJPc84ZmFMBKRvZFOV8SzIfVp0Qekaxv/8iqAzyz+0YmhxYp5LT++55ZvfesJIJ/m3wEp25YH7i/JYpHH7z86N5FCaXaL/cCcDUZJWiwQcJzs89h1ZWBnYO9rf+G5b55efW4JwBXX7t396oNLj/6NE+jpufqqalONbV7F2V0B4ArgqTO44UZcBlZamt0ljS0sBSN7I2n/FU/FBzfGFr74ScUisRSQTiRSkI5swLQYXXv+f34jsxtTsX7/VXwqETsUiUQgHUmNlUfIE5EIZjbDdZNns9Vn43Rt47+UmX7x3ux74OCqLHDlrfddeuTOyFtfWPIR8Nr/3R3M7q0pf79c/BWSSkQORTbkzrDbdWv7P35g1/4XXZF9DwK4CkAGyLbi5F8t3JJFcblnzy1946sLv/hLf1ryeQPWN5lYMBQKtSWW4C60UpI4Exqdbseu5ufTCJUvrhIMBpFuMJkmODoaOjjS2xsMjYZCIS/LJcjJxIhoMymZRqwdM5X5c2g6E3G5lAkAq7n/lp5b/ou7DpZsknWw6mA1izf+1v/ZuIpJ3leKFB6bCQcjeyORQ7HyTonUfCJ45AgmE+lUUxPAhMNhJNIlL06l0+FwpayEfKxoU1jvsTfi7NmzN9544w9+8IOenp6enp6SZ7PZbDabvfrqq7/97W+3tx4t19L2L0m+6yApPLMwE9kbiUQSmyLgsv206gPStY1/OQPgzJlv3/Xnb/7E/3iovMfto0MPvfujfUDD+f2tZdvlgRV5/P7SsIo9N3HHMRutWs/FtudSGBjgyi0AgJ07AjsDew/+0ove/j/3ve7tT91vALjhDmPndS9BoGfp9Oexo8qN9ma2nAGQzQVavvo47r0Xjz+O/fvxrnehbz+WgWV3y007unk9turFTygcDgJpJFLVxnW3Vnef//Nn+yee/PfXDk+4z/zTyXH15pe1avViAKnYoUkcWSgkqUvhsYUF9PdX/CdMpdObJ7yHzVefDdTdjd+92rny1vvwyJ1X3Xrfc4/cufvw4+7z547vLywnsdXO/+7NRz/jLevWre1/d48zv/jQO/reDKDnQGD1Mac81tLEyb/0DfJkvHBLvtzPf/aLr3+duu+afSWxTQDri7cgGGp9uslWFpo+ffr0dAjzUyMHe3sPHhyZT3e6SkREtZw9e7a1EZF8Xot/+ZaNtpzpAVbdi84rr1hZWQEQuev9vzX2u0cm/2jqf5/4wYXMsxcyzy5lsg4ymUwHaggA4ZmZMFKTh2Il05Cl5hPB8FgoLKUS8+UzlNUjKElIpYq/gNKp4Ba4SF3/sTdsx44dO3bseOlLX7p792739927d7/0pS91f9+5c+fGVKOV2tv+w+Gwm11BG6/FH5Au
<div class=t_attach id=aimg_167839_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:10278.9px;display:none>
(129.92 KB)
</div>
<p></p>
<p>可以看到直接就RCE了。数据包当中存在cookie显而易见这个RCE是需要登录到后台才能触发的。算是有点鸡肋不过不影响水漏洞这款路由器还是有一定用户量的所以不太方便说具体型号。</p>
<p>
<span style=position:absolute;display:none id=attach_167840></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABz4AAAMCCAIAAACXyPfbAAAgAElEQVR4nOzde1yTZf8H8O+AcVI5CIJnBiHISBFDyxOesPIAP41hUMmjhfpoZj6eHjUHuGWpRE8ns9TS0IJ0lImHMislM8+KyjiIippnEUEOgzH2++MeY4xtbGOwgZ/3q5ev7bqv67q/9429vPbl2vdmSaVSAgAAAAAAAAAAAABLYmXuAAAAAAAAAAAAAABAHVK3AAAAAAAAAAAAABYHqVsAAAAAAAAAAAAAi4PULQAAAAAAAAAAAIDFsTF3AAAAAAAAAAAAAO2TXC7X3YHFYrVOJKbVXq/L0iB1CwAAAAAAAAAAYHpyubzJFCe1wSxne70uC4SCCQAAAAAAAAAAAAAWB6lbAAAAAAAAAAAAAIujUjCh+J71rs9Yl85QyQPzxaMHZ3d5n4GyyfPI1aPxwSqJ5GpBwaOHD6uqqvScz87OzqVzZ29fXzt7+8ZHpVLpvXv3ysrKpFJps8I2Nzab3bFjRw8PDzab3fioEffNUGa/z7rvAAAAAAAAAAAAgEHEYjGXy225+VmKTFnxPZv3X6Py0pY7k4l1cKpZvl0te1slkZw5caIXh9O9Rw9bOzs9Z6quqrp18+aNwsKBgwerZRWlUumVK1fc3d07d+7c1vN9Uqn04cOHDx488PHxUbsW4+6bocx+n3XcAQAAAAAAAAAAk9OnJiyLxWpzNWHb8XXdv3/fw0PDblFtWjp1qyiYYL3rs7aUtyWi8lLrXZ+ptV0tKOjN4XB8fAzKP9ra2XF8fHpzOFcLCtQO3bt3r0uXLp6enu0g08dmsz09Pbt06XLv3j21Q8bdN0OZ/T7ruAMAAAAAAAAAAPAku3Tp0qw6ly5dMnc4CorULavgrHnjMELjmB89fNi1Rw+NnfPz87/77rvvvvtO263v2qPHo4cP1RrLyspcXV2bH6rlcHV1LSsrU2vUcd9Mzuz3WeMdAAAAAAAAAACAJ1Zubm5CQkJZWdm4ceMeP36ckJCQl5dn7qCI6h9T9ui+WcMwSqOYq6qq7BruGy0tLX3w4IFMJhMKhUeOHDl69GhCQoJMJisoKHjYMIFoZ2fXuMyrVCptB/ttVbHZ7MbFZBvft5Zj9vus8Q4AAAAAAAAAAMCTKScnZ9WqVUSUmJj45ptvJiYmEtGqVatu3bpl5sjqU7ftUW5u7syZM2fMmLF8+fLS0tKEhITExMTy8vK33nprwYIF//73v3Nzc80dYztRUlJy/fp1MwZQWVlZXFxsxgAAAAAAAAAAAKDNYfK2LBYrISHB39+fiPz9/VeuXFlZWSkSicwdXftN3ZaUlCQkJAwZMoTP57u4uCxatMjT09Pd3X358uV9+vRZtmxZWFjYqlWrJBKJuSNtM2pqajIzM9euXds4SyuTyWpqakx+xnv37v3+++9Xr16tra3V3VMulzfZBwAAAAAAAACgnlgQxGYHCcTmjgPMJjs7m0kPduzYUbWYZ+fOna2srBp/cbz1WUDqduAa+nIHdTfxrFKptKKiYujQoYMHD16xYkVoaKhEIpFIJM8999x//vOf4cOHc7ncqqqqJh+HZ6nyM5Iz8lvxfAUFBRs2bPjjjz/c3NxarS5tx44dHRwcLl26dOzYsYeNKuQCAAAAAAAAQJsmCGKrM2km1bjcrNooJHjbq4sXLwqFQicnp9dff72oqGjlypXMk+3v3bsXHx9PRBMmTDDFecSCoIZ/f9Jj2EECMfM3q4GJMeotMTbNOvXANTQ7rO7NQZq9rFmzmRSLxerVq9eRI0cGDx5cWlr62Wef/f3330Q0ZMiQefPmOTk5HT9+nMvltmjqtujo1q1/FxERuQ2ZPn2oW8udqSWVlJT88ssvOTk5jo6O4eHhAwYMsLLSlfEvKysrLCxUvrWxsenbt69xp3Z0dHzuuedu3LhRUFBw6tSpbt26+fn5NVmWt6qqSjXPa2Vl5enpaVwAAAAAAAAAANB25eSIibjNHKVtEolEcvv2bd1TWVlZWVlZ6+4jq6mulTXxVB4rGzsrdhP5ELk+81izrW1sm+jDIiuW7i4kramR1siaiKe2hmqb6FNTSzW1TaTmrKjWipro4+Ti5uSqIfFmb2tjreViLly4sHr1aicnp3fffdfDw8PV1fWjjz5auXLl/PnzP/nkk6KiogULFgQGBuo+b/Nw47Ok8URiQVAMpWbFK/6OpTZsaUbqtvsslbytZTl27Nj7779PRNOnTyeiTz755OrVq8uXLyeirVu3fvLJJytXrhwzZoxQKIyNjV2zZo2vr6/JY8jPSM4oGjJ90VA3Iio6mnG0KLytJW9ramqOHTuWmZlZU1MzcODAsWPHOjo6auzJYtX/b2BlZbVnzx7llnIul2t06paZuXfv3p6envn5+bdv375//76vr2+vXr1Uz6jGysoqJydHWcDB09MTqVsAAAAAAAAAC8Skrig9hh0t4qVJUyOZ5vQYdrSiyKiiVdEjjaKjxfysrHgSBAUJxURMk2KsWNGoGBYgCIoWEZFYGMRO52dlBQrZ0SIuP0uZI1NSnI+rmFl1VCrFNJiEJwoKEhI/LTI9+ieb/uvWJem+QLatbZMPZpdKyqsry3T3sXFwsnHopLuPrKpCVlXeRDz2HWzsNOd26s9lRTZNpW4l1dWVVdVNxCOtqq1uok5pVY1cUtNEWtaGZNbURJXOnt5+VvYa7g/bxspaU+r8/Pnzq1evdnZ2ZvK2RDRixAgiYrK31tbWCxYsYFrMrhmp264+RERfhtCZhu3hO2iSDxEp9uF2n0UJs2jPVOq2g54hurWRVm1U6XaQvjQ+BG1Onz7N4XD4fL67u7tEIjlx4sTy5cuHDBlCRB06dODz+RKJJDg4ePPmzbNmzcrKyjJ96rbo6NF8v/BFdclat6HhQ6lBlQO/8EXhfkT5Gcl5/uGUkZFPDfbm1vdUNCobWmsDb1lZ2TfffPPgwYNu3bpNmDChZ8+euvsr9y87OjoOGjToyJEjRMRisUaOHNn8YOzs7Pr169ejR4/c3Nzc3Nxbt26FhITY2NT/7VXN5LLZ7N69e1+5coVpf+qpp5ofAAAAAAAAAAC0lshUqTSVmC+aR8fw6lK6YoGA2f+aHlOXohUJBHV52PSYIKGYlyZNjVQMywrQ72zpMdHMZGKhMD2er9cQgVBM/fsbdFFgKbKyst577z3VvC3D39/f2dm5pKSkBfK2YmEQW6jawNXrLxo1q9btmV+JiGafoi9P0cC6xoFraJIPfRlCs6fSrTCaNba+/RkiIuo+iwYSdZ9Vl94Na4mtu9bW6gl1ZWpP9cv+ZWVlGjs3X1FefpGfv596s1/4Ika4X/7Ro0VMY35Gnv+iRYsWTR9Cfx/NZ1qSM6iu6/ShblR0dOtRt+nMW7/8jLqRLUoikZSUlBBRt27d3NwMyxUPGTKEKWvA5XJV/x9opg4dOnTs2JGIKioqdD+UzMvLi0nsenh4MEMAAAAAAAAAoI1Ij1HUvRWKicTZyqKz3HipVJoVT9liIuKlSaVS5UZdSheJiEgUXT+M4rPSeETE5WdJs+K5FJkqlUobb7lVzMpXtHMbjlJ7qzrk4FexLXsboAWcO3dObb8t4969eytXrmyZvC0xf3/qpfH0H9mcx5T9RrND6DQREc0+RQmziIhCwhRvmSePdavb8Hj7S5odQnuuEBH18KFnwoiIvgypbzSpsWPHlpWVvfHGGydOnLC3tw8JCdm6deuFCxcuXrz4xRdfhISE2Nvbb926de7cud27d2d247aWoqNbk5OTM/KpqEiRgPULD/cjInLz93MrelBElJ+X7zZkqEretygvv6jo763JycnJyVv/LlKObFHu7u5z5szx8/M7c+bMZ599dvbsWf3rAjs6Og4ePJjFYoWGhpokGLlcfv369b/++uvOnTtdu3YdNmyYra2uyizMxltsuQUAAAAAAABoc9JjokVMYlaZT2XweEyelik+G6BhU61KgqxxjlYLZiJuoAElcTWeGywfs9/WxcVFY96WqW9rIXUSlJqRuh24hgYSbaxLvzLbaYmIrtCqEJodQrNDFLU
<div class=t_attach id=aimg_167840_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:10949px;display:none>
(84.05 KB)
</div>
<p></p>
<h2>补充:</h2>
<p>这里再提及一下接口查找的问题。就使用登录的数据包为案例。下面是/login.cgi登录的数据包那么如何根据这个数据包去二进制文件当中寻找对应的处理函数呢前提是定位到了处理web服务的文件然后用关键字查找例如登录数据包的关键字为“user”和“password”</p>
<p>
<span style=position:absolute;display:none id=attach_167841></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACkIAAAUYCAIAAABxtMsNAAAgAElEQVR4nOzde3Rc5X0v/N9IsnzBV1kOtjFgsCTkFAoOl1imgbzvaXB9SXAT0pOkKyWsErvhrOJinORtV8hJA805ZxXMIX1jYtctdZImOYGkQIy9IKQN8NoyhZQ7ViWZS4xtiCVj8EW2LjPvHyPLI1mekWRdxvLn80fWaO9nP/s3ewbI3t95nifR0NAQp5MJEyYMdQkAAAAAAAAAnFDRUBcwHLS2tv7oRz+KiM9+9rNFRS4pAAAAAAAAQN/JXPvBCy+88NOf/jQiPvjBD1566aVDXQ4AAAAAAADAKawg++7XfvndBaULvvtaanCqOUUdOXKkywsAAAAAAAAA+uaEMXbqtV9+d8WCK/7r154ZzHIAAAAAAAAAOL11M6n4a7/87v9759e+J74GAAAAAAAAYNB1Mxr79Ue+9r1nIi7/kzv+/d/vuHzwSwIAAAAAAADg9NVNjH1exR3/59//vWHTqmXnDcgpS0tLe7UdAAAAAAAAgNNHN5OKn/9nf3b+gJ0vnVWXlpY2NDQcvx0AAAAAAACA01w3o7EHVEd6nZlbp193CbYBAAAAAAAAOA11Mxp7oDU0NGSOyT5VMuzW1tbnnntu//79x++qr69Pv3j55ZcPHz58fINx48bNmTOnqGgIrjYAAAAAAADAqWVogtXMJDtOhQw7In70ox/99Kc/zd5m48aNJ9r1qU996vOf/3x/FwUAAAAAAAAw3Az2pOIdTonoGgAAAAAAAIBBNmTTXHdZGzv/U+3PfvazlZWVJ5pUPD0Oe+HChWVlZcc3SE8qPuAlAgAAAAAAAJz6hibGzpxLPHOd7CEppoeKioouv/zybneNGjUqHWNfeOGF8+bNG9y6AAAAAAAAAIaVIZhUvMt62B0vMsdnAwAAAAAAAHB6GuwYu0uGnZbn47ABAAAAAAAAGDSDPan4iRJrSTYAAAAAAAAAMSSTigMAAAAAAADAiYixAQAAAAAAAMgj2SYVTyTO/7NNDX82aLUAAAAAAAAAcNozGrsfjBw5sssLAAAAAAAAAPom22hseujiiy/+1Kc+lX4x1LUAAAAAAAAAnNoSDQ0NQ13DoJowYcJQlwAAAAAAAADACZ1ek4onEomhLgEAAAAAAACAbMTYAAAAAAAAAOSR0yvGLiqyFjgAAAAAAABAXhNjAwAAAAAAAJBHTqMYu6CgYMSIEUNdBQAAAAAAAADZnEYx9qhRo4a6BAAAAAAAAABySKSWXjrUNQyS1u9sHeoSAAAAAAAAAMjhdBmNLcMGAAAAAAAAOCWcFjG2DBsAAAAAAADgVFE01AUMLAE2AAAAAAAAwKkl0dLSMtQ1AAAAAAAAAEC702JScQAAAAAAAABOFWJsAAAAAAAAAPKIGBsAAAAAAACAPFL0/CuvDnUNAAAAAAAAANDOaGwAAAAAAAAA8kiipaVlqGsAAAAAAAAAgHZGYwMAAAAAAACQR8TYAAAAAAAAAOQRMTYAAAAAAAAAeUSMDQAAAAAAAEAeEWMDAAAAAAAAkEfE2AAAAAAAAADkETE2AAAAAAAAAHlEjA0AAAAAAABAHhFjAwAAAAAAAJBHxNgAAAAAAAAA5BExNgAAAAAAAAB5RIwNAAAAAAAAQB4RYwMAAAAAAACQR4qGugAAAAAAAAAATi+pVCrLXqOxAQAAAAAAAMgjYmwAAAAAAAAA8ogYGwAAAAAAAIA8IsYGAAAAAAAAII+IsQEAAAAAAADII4nk169LvPtOHDk01JWc+kaOSU06MzX7w6krr01NO68PHTQdOrTrrbfebWw83NTU1tbW7wUWFhaOGj160uTJ02fMGD1mTB96aG5u3rt374EDB5qbm5PJZL9XSM8VFBQUFxePHTu2pKSkuLi4Dz2c6p+mK3DyVwAAAAAAAGCopFKpLHsTqaWXDlopp4uCguTvfTJ53V9EYVEPj0ilUttra3ft2JH90+oviURi+tlnz6qoSCQSPTwklUq9/fbbe/fuHZwK6blEIlFSUjJ16tTT9tN0BfpwBQAAAAAAAIaWGHtopC64vO2mVVE0ImfLZDL5yvPP721sLCgoOOvss8+cPn3suHGFhYX9XlJbW9uB/fvf2bVr544dyWSyZPLk37nkkoKC3BPLp1Kp3/zmN/v3708kEqWlpRMnThw9enRPDmTgJJPJpqamffv2NTQ0pFKpcePGnXPOOT1JMYfNp+kK9PkKAAAAAAAADLnsMXbhNy6dPmilnFYSjbvi0P7UhfNyttxeW/vbt98eOWrUpR/+8LQZM0aNGjVAiVpBQcGoUaMmT5ky5cwzG3772wP797e1tZWUluY88O233963b9+IESPKysrS0xeLyoZcIpEoLi4eP378hAkT3n///aampmQyOW7cuJwHDptP0xXo8xUAAAAAAADIc6feAMRTSMH/97PE7tezt2k6dGjXjh0FBQWXXHbZ2MHKn8aOG3fJZZcVFBTs2rGj6VCOZdHT6wcnEonzzz9/9OjRg1MhPTd69Ojzzz8/kUjs3bu3ubk5e+Nh+Wm6Ar26AgAAAAAAAPmvp4s30xfJZGLzQ6nr/iJLk11vvZVKpWacc86gZdhpY8eNO+vss3e8+eaut96aVVGRpWV6/eApU6YMm8xv+Bk9enRpaemePXv27t07derULC2H66fpCvT8CgAAAAAAEBFtbW2tra0n309RUdFALBQ75FpaWpqbW7K3KS4eMWJE7tV1B01/1dyTfkYUFRYV5YhZjzQ3H8nVTyqVTCWzTaydbpWrQSR6MPHsyFGjRo4alaOf6J8ZbA8cOLB///7sbQ4fPnz48OEsDcTYAytR83T2Bu82NkbE1Ol9mdo9PY1wRIwdO/aMM87o7eFTp0/f8eab6QKyOHDgQERMmjSpDxUyaCZNmrRnz570h5XFMP40XYEeXgEAAAAAACKitbX1yJEj/dLVsIyxm5tbDh48mKvVGXkVY/dXzT3pZ/SokQW54t6mpqb3D+ToJ9nWlmxry9FRRM4kuyCRKMiVP4+fOHFE8cgc/RREIvohx96/f//u3buzt9m3b9++ffuyNBBjD6zEu+9kb5D+lcEZY8f2qtvdu3f/zd/8zRtvvNGxpays7C//8i/PPPPMnneSPmn2nzlERHqO4lG5fp3B0Ep/QD2ZUjuG6afpCvTwCgAAAAAAAOQ/a2MPsMM5Vp5ua22NiMJc0w508Y//+I+ZGXZE1NfXr169uledpE/almvGjGQyGREFBb4qeS39AaU/rCyG8afpCvTwCgAAAAAAAOQ/o7FPAa2trU8++eT7779/5ZVXTpky5eDBg7/+9a8jYsaMGVdddVVEPPPMM3V1dS+88ML+/fvHjRv33HPPPf3005MmTVqyZMnIkTkmBwAAAAAAAADIK2LsfHfo0KFvfOMbr776akSsX7/+D//wD1tbW9PzBi9cuPATn/hERJx55pl33313a2vr9773vV27dr3wwgvpY5955plvfvObY8aMGcL6oYv0gu7p2eyH5RrVObkCAAAAAAAA2Q3DmXWHk0OHDn39619PZ9gR0dLS8pOf/ORnP/tZRIwZM+ajH/1oevsVV1wxduzYiNi0aVNHhh0RNTU1X//61w8dyjGxOQAAAAAAAED+MBo7fzU3N3/jG9+oqamJiDlz5lxzzTU/+MEPdu7cGRGjR49evnz5+PHj0y3HjRu3YsWKu+666+DBgxFRUlLyuc99rqam5vHHH6+pqbnjjjv+5m/+JpFIDOF7YVhKL8OcXqb9zTffjIg5c+ZExMSJE7MclUql4tRZwvm3v/1tRLz88ssRcd5550XEueeeGye3uvapdQUAAAAAAPqs/tF77nqwJiIiKm9dfXOZqALoMTF2/nryySfT47DnzJlz2223FRcXz5s37z/+4z/ee++9Sy65pLS0NLPxFVdccd99923bti0iLrroouLi4vnz50fE448//uKLL/7nf/5nZWXlkLwLAAAAAAA4DdXf86W7anI3q7x19fKy4Rvu1jywbt3WiIi4ccnqKBviaoBTyWkTY1/253HZzIiIeCP
<div class=t_attach id=aimg_167841_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:11595.3px;display:none>
(189.5 KB)
</div>
<p></p>
<p>IDA打开文件使用shift+F12查看所有字符串然后CTRL+F搜索password字符串双击点进去。按X查找引用再点进去。</p>
<p>
<span style=position:absolute;display:none id=attach_167842></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACXQAAASuCAIAAADnX6SvAAAgAElEQVR4nOzdfXxbZ303/o/SpIY0Sc0odykPu1l8jnESs19K8mOOvI2woSaSMXHcH2EwmOu7uSXHWSyVxXFh3quw24MmLqvkLG50ls41GwPCr4lLZimp6MgAn7pdHwI4D7WOM0YZ6UphaZ12TSzr3H+co+cj6ciWbVn5vF99pbJ06TrXsa/z+D3f67K8+OKLAJ544ommpiYAf/jwfz3zuff9N6ACKhAFVOB3N/9xm/MTn/p0U/wdFfgfwMZdzz1xfxVMCXkqP3HuK889vmu1/sbFkOeDww2XvbbUMvh2ylsXH7rjg8e3J33NoEz6eyFP5SceuSu1TOghjyJ07LKtRiqj6rK03qjYxYfu+ODn12Z8kNZqE23WvvNCZ1pNF0Mh2DIaTUSUobKy8vLly+bfn9ki0t65fPlyEetPW1DeaoeGhrQjV7LXX3991apVs1n65tD0322/eS0wDbx+bfpLX//x5BtXp6amIpFI8r/ai4qlluP3bZvN4pJM9NvWd2H/mVB7xpE11LGy+XzrsVCfDcBEqN93oGsArccO99kyD8IT/bb1XaNoPTbZl+fYZijUsbJ5IOPLoY6VJxrPZC5OW1idYaMXwCzXvRDf/e53V6xY8Za3vOWGG24wLPD6669fvXp1amrqox/96By3Ba+99tosu31c8fp/Rk+aCHW0NQ+Mzsdfx6xQx8pmXEftKdIGUjqd/7XXXrvllluKVZv1W68+89l3fOpbtw9+8vnkS57468996yMTE2dOf+G/Nv7pGfmv1xZruQU5ubvi/pqzp/cIqW8rBzc/KJ4+tDXj3XUX7r2a/jbNysXf/+2bP7PtzRcvWJZZVv6O/Y0XRqffmARww/KVy99fN/lUUJ1Sb7z1fZNHT63+/o/np0mvvPLK7A8Bm5+IPrNtVTTW2y3ADcBLl/DO23ANmIq9fzOw0fOj0z2zPuSHOlY2n08/eTB8c34s0pOfif4O3wXg/MDAKOalOaWz/0dxT35S+3/ynj/5dZH6/0S/bf3x7ccOt2s9ayLU39bcle0vGOroQF/JnKeUXnvmT9l2/n9Wn/n4ymisn99offhN+e7MTUDv/+4fnf6rUrjkM2RwCNEuPtaU0Ln+YlWu/f+Fq2/d8PYbooAFABABDA8ERTv5ma0c94tKVjkcNcq1/yP7+U8FoAJXgYi5TWBp+htTUaRuRZdfnfzJc087Gh5KO7oA8f/NyGpbw13Ds/h+VheVc8BdDald17YrX/xwRos6dfxp3NWZUfNqYS2ePn7q4q5d5uOCq3d13nXHJyorP3TXV7Y3bNHDoKtti3sLJKIykxzwq6yszAw3zl68zrkIW5ryZsQCTMf+m3zj6t/trksrElUxrWI6it/707+dv4bV6IeUKlt7n03EyubmtprMM8uJU8fX7N+PruPhCRiEHvOyNbZi4HzalyfC51sb+wxqq2oPTbYXvpA5Mtt1L8Tly5dvu+22X/3qV0uWLFmyZEnap9FoNBqN3nTTTT/96U/nth1FV9T+X1eTdB5UZesLHcPK5uaORl7iL4hibSBl2/mvRgBcuvTT3Uc+0rfze5n3lx/45PfaHrgdANTZXALN1pMXFCAtuCjsOXJPWjHl5MGde5/EziItVVFOKti6Vchf8nqwbKllmWVlXcPbP/a/V2362Etf/yKAd/7xF5fd8m5YlkyODmNpxiV26bsaARCNhRWfexaShGefxYYNcDpx+wZcBa5qJaML2f/nymI9+dnS2CgCNRgYHZiX5ZX3/j++tz8z/uLvfLpH+2TkH7trq9+buAM26/4/0d/Whf1n2uNdrcrWHjoD2/rjhqXD5yHOconFVGrtmUfl3fnjkUXId7/F+vAb8t3LXc9qn7/q36B9Ciy+/b928WE7EQLvrM5Oufb/5UvUoee/9/HbPwJgyUbL9DOq4SMmwOLr/KWiLI4a5dr/gfTzn3i3B7B0o2XqGXXa3P4//ZeCiB5cjFc9fOJU/abaVTevSntuBcDsoouoamhYPMH2eWDzPv7cc9/ejuOf/8QHKyvvuMMTurjQTSIiyuXy5cvFjf/Fcxa1aucieJnf1cgSQDuI3njjDVNTUwD+ZPfn/vTzf/mFL/vu/5vBX12JvHIl8spkJKoiEoksQAsBwNZ3rBWjXW39E6nvT5w6vqaxfcv2utHjpyaMv5rH6po6jF5IPQBdvLCmsfQvyWa/7gVbunTp0qVL3/Oe9yxfvlx7vXz58ve85z3a62XLls1PM4ppbvu/rbEVGDgRmouWUx5F3kDKsPNfiwK4bdn7whNnVODLp1v//OT2gae+9PG+tw3+4Esq0H/snqbfdQMLGVwUajbhyLbNB5WMDxJhP+Xg5oqKinXb9j4J4Mi2ipjdJ+MlTh7cvXv37t2bN2+u0OtSTu7eXFFRUVGxeXdS5crBzRUVmzdvrqhYt27biYyFavVs3rz7pPZaqyG1ikTZ3Zv1zys2bz54Ul9g6qoo8ToqKio27969e/PBkxk1lYaleOPMD6de/o9lt7z7nZ/teedne5bd8u6pl//jjTM/xFLAYlno9hXu6jSAG4Azz6LNhb+4D5tt0e/+S+SjW6bvu0/d5cK5Z3GTVjK6oO2cK4vz5Keqymaz2Wztja3zutgy3P9fnUbSna4fjf/8Y5vXX3nG/3sbqn88/vOUO2Cz7v8XL4zWbd+Sdh+sqv3wflzIvPszcer46GwXWEyl1p75V46dP3Fn+U35blgffkO+OwpM+je85t8QjyzG0ksWYXzF1revBvN0ZVjuyrD/R9Hq//zX/uXYv4yNvu3237xho+VnL135P/9wxvXg9+8+8ERLT/AzXzzxyS88+ged33zrkp803Wf4DAjlUk5HjfLr/184+sIHXn7hMw9+/48PPLGjJ3jnF098/AuPth0InDn7c+Xnv8ayZcs2Wt4ay+vNff6T8VhlJIrUoOUPTv/zvi98Li2yWITMRablGVi92rbLa9vlvXgx1NfW+4kP3nHXtx+fi5RLIqLSkzYaqjbm6gLkL16dXgJEY/EVLXzS/8D+qIpp1RLP2ZpWLdNRaKGXhWFrbMXAwPFTE+3JyYsXL6xpbEcV1mj3yGbwDE/Vlu11XV0nQn2Jg3ToxPkad5biExOhi7DNdZ6gKbNf98JoT669613vWrNmzZUrV3784x8D+O3f/u0VK1YA+MUvfpH5XNsiMMf9f3VNeh5kUUyEOnzpA65M9Hec2tK3iAaNmWvF3EDKs/Nfmwbwd7uf1650Tp57ZPemB5tv91jft+2H5x+LAq7mB4tyBTQbwp4jj13YuW3vuopHN+2898gho1RCYc/pq3sA4OTuim14zGBYVEEQGxtFAGePPIk7AeXg5p2498jVQzi4ed3evQ827tG/k1pV5pIEsbHm0SNH1oUP7r7/Qs2RI1cPCVBO7l63bR3ElOWe3L1u29kHHjt7eqsAvcTOx84+VvNgWIyvgXJw87pH73zs7NWtArTMy217n9zZOKvf19yxLJl+89VL3s7b7vnqsnfcBmDql5cueTujS97AskXY+aHfX7YALhd2/Vm0e6u67AY1osK2RbXbI6eCS1yuG555BsDivLmc3+I9+Zlv5bn/jyVvaXGU7z/7wj+dPrNiowvAe9/19j/62KZE5lYx+r/RUbiq/XB6b5sI9bd1jWJ2keMiniDlbU/Zn4yVaedPiaxrkcXkG7/RogbX59fExASqqqps7YXdUzXRkycmJqqqyqNbm1aW/f/fL0feV3nr3m/tq6yM/uGfVtr+nz+v3rhSfSZlPx9VMR1FRMXvtvsXqp0mlGKfLMpRrESUZf+ffOPawJ9uSn4nqsICtP71nsHA32PZMv+Tf7Nso+WatkXkPP/JmrmoAu1tnY13fHzVquXWD/+emnGAKVmrhbXAOcUg6y8UKvKj8qu3bP+Q0aIuKufwoe1bCpkrMeTxJDVu9Wqb9/HHn/sKHul9iOmLRGROpZG5W0Rxa4ZRHmTRMyNNuTYdz9yahh4+0SIrezo7//xLXzrw1b8+LP3tN77xjemFzFyE
<div class=t_attach id=aimg_167842_menu style=position:absolute;display:none>
(143.7 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167843></span>
<img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACjYAAAXICAIAAACcKPLAAAAgAElEQVR4nOzdf3hT53k38K8cfiQEE2cxcdKmXWdJxMJ4cxJGjTyT1IsCEnGDFeK+69aBrzBJmGGpLcalpRdjL2tqnC6SMxtLIzN03do6IJO6WBAlbsC14rCE0ggjBx357Y+siUBtSWwIxrL0/nH0W7J99MuS7ftz5cqF5aPnPEe+z9E55z738/B++9vfgpvc3FyOSxJCCCGEEEIIIYQQQgghhBBCCCHRcjLdAUIIIYQQQgghhBBCCCGEEEIIIfMFpagJIYQQQgghhBBCCCGEEEIIIYTMEEpRE0IIIYQQQgghhBBCCCGEEEIImSGUoiaEEEIIIYQQQgghhBBCCCGEEDJDKEVNCCGEEEIIIYQQQgghhBBCCCFkhizgvuiJEyfS1w9CCCEkHTZt2hT4t9vtvnXrltfrzWB/CMkUHo+3aNGiBQviOPcjhBBCCCGEEEIIIYSQdIjvNmXojX5CCCEky0U8XHXr1q277747J4dGECHzkcfj+eMf/0gpakIIIYQQQgghhBBCSMbRbUpCCCHzhdfrpfw0mbdycnK8Xu/169cz3RFCZg47eMDY2FimO0JIBlD8k/mM4p/MWxT8ZD6j+CfzGcU/maUoRU0IIYQQMl8sW7Ys010gZOZ4vd7R0VEKezI/UfyT+Yzin8xbFPxkPqP4J/MZxT+ZpaiYjBBCCCGEEDIH8Xg8r9eb6V4QkhkU/2Q+o/gn8xYFP5nPKP7JfEbxT2YpSlETQgghhBBCCCGEEEIIIYQQQgiZIZSiJoQQQgghhBBCCCGEEEIIIYQQMkMSmYv6KSZ39PoExty46cbYBMbcGJvA+ARuTWB8AuMeuP3/TXiXLsQrX/tUyvtNCCGEEEIIIYQQQgghhBBCCCFk1kmkinr0+kTpX+asKs0pKs4RrOB97s94DzyAgnzPPcsm7lrsvhO3Ft+8edsfb+D967DeGL0+walRsyZvck8cGk6gnzPLfOiJWdJTQgghhBBCCCGEEEIIIYQQQgjJkIQG+h5zu0fdF3/oHTo2zpz45Fc9199/bcTZP/r7d0Y/st24/uubY1dvTXwygUXA7wEPt0naJdpr117eCqx57vy1EOdffm7rGpzrOp3RzK9ZozFPtwx/JjpCCCGEEEIIIYQQQgghhBBCCCGzWSIDfeOm+8jyXE89vLjdC3gBD+AN+S/w413Aas27yfSvULJdKxEgr/n08Pbthcm0lIRh5hIE0y1UuP3Va9tnojeEEEIIIYQQQgghhBBCCCGEEDJbJZSiHptArIT0Hz++ofzGkY/++PvP3Hdn2wtf81VPc6yinopEe57ROIAMpaiHT3edQ0Nm1k0IIST7rLcuHBkdxyfj+MSNm26MuTE2gVsTuDWB8QmMe+D2wO3JXcg7/c1MPV1FCCGEEEIIIYQQQgghhGSpxFLUbkTlp73Ad178ScmD92+v/ftrH42yrwCAN/kUNVC4Xeu/yT9s1rRAq5WE/nr4kOb0em1aqqyHzYdUe85hK5dFh80OSCSUjSCEZKm8vLzJfnXt2rW0rii17WfcyOh46V/eNv6xZ/xjj/vjnPGPeeMfe90fe8Y/do+Pjbuvu8c/Gvde9Y58bnGme0oIIYQQQgghhBBCCCGEZJ2kqqhD89N//PjGD35sPvmjvcuWLc1dtjSYok6uinr40CHH9u2+fLRZk/fMEQBbX9YGf//Ew3vOAWueW+97wXyo5eR7ly6h4VUt33yopXnPkXMA1mx9rj06hz0cXCB6EX/TAIAjz+Qd8f1z68vXQhPkw4eeeHgP1qw5d+4csPXla5OlqIcPaVQhq2qo3y4JZt3j6XNIO1izdevKSw9ufHW7BIQQMg+wye/QhHf0KzPhk/Hxjz2DP/bixi3cvImxMdy6BbcbExPweOD1wuuFE/isJ0XrY158rHjXm1Evr31+8I2dAgCndix+6nD4r9Zue/obX925YZJpKk7tWPzU4W2vjLVuiLcroasKaSD4clSrp1587Kldbwb6mnGJb3sCPtwivz7s4PFinwt5vbw7C/n3HTXOQE9S6MmhJaPX3dOOIrB0AX7a8JlMd5aQVHryvSWj1yfwyXgw8sfcuOUJCf4JuD1we5cupPgncw3FP5nPfPF/cxyfUPyT+cUf/IHT/pAzf7cH4+z/PZjwYMK7dCF+uvuzme4yISlDJz9knqNdgMyMhFLU4xMIz09v+Jt/6Tv7c4y5/mpNZeM3VI17G9kENhDIVCdk2NzS9d7GwAzPEu21axs1ec+ELFG4/dVr6w898XBX4AW+YOODXUeOrGQOaZrfe7C9/Zq2EMNmzcPPPAxBjNzy1pfPs1nl4UNPPPzwEzj/qj8pHJhc2qzJewbheemIHgQXm4RZk/fMpeCqzBrVMw+/F2gyvj53VQfbOaR6Zs+5rRu5fZqEEBI7lTtFdXVKVpTC9q9du5aXl5eXl8e2n5n8NIBP3F+/786Vakzgjuu3Jvb/17sjN8bGx8fdbnfw//e43W73443v3r4w56cHNie3PsHON8Z2Ar5cNaKyvRtax8aqdix+anDbK2+0bgDAnHrxhe8+VXx82yuHW2OkqRn7IIDD3adaN8Sbp/WvKiLJu6F17BUs7q4ajF5dVuSlg5LY9nh9uEWOP/3UshIBb8kiALwcXuBXXo8XgPuDDyeuXf9wi3x2ZalHr7u5jCIwOgdGEXA4HBg+rbMLW+qy4mHAbOvP/DN6faJ0dc74SI57JMc9kjM+MuEegXvEMz7ido+43Tfc4yPjEx9NeK96RwWzP/4JCUfxT+Yzin8yb41enyj9yxz3aI57JMc9yv7nGR/xukc97lG32+12j7ndI+6JjybgwuiKRZnuLyGpRAd/Ms/RLkBmRkIp6lthc1F7gZM//NZz3/v+r3/9m9aWvaEDgANxD/R9bs/DeXtCX4g3AVsokQhOAke6cP5V/+jghZL659Yc6WKGEaxcPqTac27Nc+e1/lcK11ev2bOn6/Tw9pQPGG7WPHMktPa6UKJ99WXkPfPEg76EOMc+w9yyB8+dD5RfF0q2v3oeT6jCliGEkAwKZKMD/0h5/jiQpU5T+5zcdPOACf9/IzfG/mNHWcQiHi8mvJjwoOIf/33mOlbkywcLNuxs3SDE4qee2lYUXb3MmI4XP/88dh23M5isznoqG6q24fBgxJsZ++C2qtYYrQXy61kh2W2Px/Vhx90Vqz+5/BYWLQAvB/CfdrkBAF4PbrkXPPDZ0Z+eTW8/Ui4lowiY63PlHVGvlpXV7m5vkfDT1vd4mOtVBzsGBoBaY0um+wLMVH/M9bnyjlrjSEuySfDXXntt6uNzXl7e448/nuRaZton4+MjOYM/Bj4Zjwz+iQlf8Od4cRUoTNUoGolxBMIFQFlZbfXuqiE70vlsg7lNIm8cKGu6YK7Ljh04syj+k1yVo01S2sjGLwIHpJgvzozQr6yQVQdfjupPFu4Rjrb60+tbZqI7czP+b87w8X/mD+MkBeZo8LvdozkXf+jFzXHF5xdUCO/oGxw19P8Rbjc8Ht9/Xi8WAb9PdhzNNIp96cGa4a+UOWtuxv/sOPkPPUUKkVWnIXPd3Ix/ZPcuQAf27JCS4E+8itobPh31T7tPqxTPRExQnYA1zwXrmDFs1jx8MqFmsLUhLNNcKFiJc+85AN+L5pY957D15dBlCgXVW58TrE95rnf4UPMRbH05YreQ1D+35uGIhPg0fQb4D64JfwEo3N7eYE51lwkhJKuxWWpkcIrrMXcOMAF4gEWLbhsfHwfw9zu+tmxZ3rLcu5Yty/uHrX/L5qfvWrLA7XZnppPY0PrKtsNP7dr2ojQ8Sc2YjhdXvSEtOr7ruInZmcjo24KitTg8xIRVSDNDxVXZk4meTPLbHgcez+v1fILFi3gLebmfl954b2DixgiA2+7OXfJg2chbJi8vJ+fO2ycbBjx7cR5FQPbtdxcv4HXteypGI5KWkZGqyGyow1yvkpfmZsnlhKTFLGkx1+fKM90Rnxnpj8NuA9DRbW6RJPMneO2115YuXZqfn3/bbbfFXOD69etj
<div class=t_attach id=aimg_167843_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:12876.6px;display:none>
(336.01 KB)
</div>
<p></p>
<p>然后就能找到带有password字符串的函数F5一下很明显sub_4445EC函数就是处理登录逻辑的函数也就是数据包当中的login.cgi。</p>
<p>
<span style=position:absolute;display:none id=attach_167844></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACYYAAAViCAIAAAAzuy1wAAAgAElEQVR4nOzde3QT55kw8GccLgnBxNk4ddIm3dYaEZvL1knY1IyWNmWjGIm4YKdxv223Cz5hJWMWS2kxLi09lP28TYzpRnIWY2nJGrrdbesUm9RBApRQEqqJk02IGwN2mJG/tsk2AZwWsCEYy5rvj7lodB/dLFl+fofDsaXRzKvxO9dnnucl3n//fVDmlVdeWbt2LQD87UsTb32z0AvAAfgAOPHf1n/5+YL5czfWai9dHrv33rs4gNsBlm3uf6X588qW4DIXPHH26VPHNhZHmWjYZW4Di0Ub8Npe89EKS9SPJWrYtbfuiW1vrn/hUuAiw0067PKAVpuOViCEUAoUFBREeuvSpUtpXVBq56/coUOH+CMX7+rVq4WFhcnPlnodyv76pokrExNXJrxXvGF+uDzBXeTgc3PpHy1MfnEIpcrIyMiCBQsy3QqEptSVK1ew26MZC/s/msmw/6MZCzs/msmw/6OZbLr0/1mJfGh8EkLikX++cu2nv3Ad/vn2BQvm5y+Yz78IAODjkmnf8N69no0bhWCgy1zwxH4AWP+Cxf/+ow9sexPgoacrhBdce9sOv3f2LDQes6hce9tat+1/EwAeWv90R2jMctg/Qegk4qwBAGD/EwX7hR+DopPDex99YBs89NCbb74JsP6FS5FCksN7zXWyRTU2bJSmjK/NsvnAQ+vXLzp73+pjG2OFSxFCKCfwwU55gDP0lanwycTEFd+ZX3Bw7QZcvw7j43DjBni9MDkJPh9wHHAcnAf4rC9Fy2Ofe3jxltdDXl6++8yJzSQAHNk0d82+wLeWb3j8u09tXkWGn+GRTXPX7Nvw4vieVfE2Rb4o2Qz8L4fM9chzD6/Z8rrU1oxL/Lsn4KN11VeHPQQR/lyI44hbi1V3Heiegpak0GND88aueuGTCfjEC9e9MO6F8Um4MQk3JmFiEiZ84PWB1zd/FrzUeG+mG4tQKj323ryxq5PwyYS/54974YZP1vknwesDLzd/NvZ/lGuw/6OZTOj/1yfgE+z/aGYRO7902i878/f6YIL/3weTPpjk5s+Gl7Z+NtNNRihl8OQHzXDp2wQSCklOTEJgPHLV3/3Lydd+A+Mjf/PQyqbv1jVtb+IDlgBSZDIhw662nvdWbxR/1VouXVptLnhCNkXxxmOXKvY++kCP9IKKXH1fz/79i9i95tb37uvouGQphmGX+YEnHgAyTCxx/Qun+Cji8N5HH3jgUfDnaBZvPHZpIwAfCYWIWZKBk0XgMhc8cda/KJe57okH3pNmGV+be6r88+EzOFcrW5sIIRQ+dBclezIlC0rh/C9dulRQUFBQUMDPPzPxSAD4xPudu25dZIJJuOXqjcmd//Xu6LXxiYkJr9fr//8Or9frfaTp3Ztn573U/LXklkduPjG+GUCITUJIdG/VnvHxyk1z15zZ8OKJPasAgD3y3LPPrFl8cMOL+/aECUuyzBkA2Nd7ZM+qeONy4qKCgnqr9oy/CHN7K8+ELi4r4pB+SXz3eH20rhr+8tMLlpLEvDkAQOQR0lucjwMA74cfTV66+tG66ukVlRy76i3765smrvgmrvi8V/ImrhATVzjvFd/EFe/E+IT3qpAlPPa5uZluadI8Hg8MH7Uy6rb6rHj4K9vaM/OMXZ0sW5Y3MZrnHc3zjuZNjE56R8E76psY9XpHvd5r3onRicnLk9xFboyc/v0foUDY/9FMhv0fzVhjVyfL/jrPO5bnHc3zjvH/fBOjnHfM5x3zer1e77jXO+qdvDwJIzC2cE6m24tQKuHOH81w6dsEEgpJ3hCyJKV/h3/2/ad//JPf//4Pe9q2c7IESgAALr6Y5JvbHijYJn8h3oBbsVZLHgbY3wOnjlnE6KK24emH9veww+DPTNxbt+3Nh54+ZRFfKa6oemjbtp6jwxtTXgDWZX5ivzy3slhrOfYCFDzx6H1CAFRhm8HVtg2ePiWlVxZrNx47BY/WBUyDEEIZJEUfpR9SHi+UopJpmr8i170EwKT4b/Ta+H9sKg+axMfBJAeTPljxT/8+dQ0rEeJ/5KrNe1apYe6aNRtKQrMTWefBxbt3w5aDDAuR8iijWVW5AfadCfowy5zZULknzNykeGpWSPa7x+PqsOf2Fcs+OfcGzJkFRB6AeNrlBQAAzgc3vLPu+ezYS6+ltx0pl5IsYVdDfnVnyKvl5bVbO9q0qrS1PR6uhrpdnX19ALXdbZluC8BUtcfVkF/dWds92pZs0PPll1+Ovn8uKCh45JFHklzKVPtkYmI078wvAD6ZCO78k5NC58/j4CJAcaqy5BPjkboLAJSX11ZtrRxiIJ2xbFe7trqpr7yl31WfHRtwZmH/T3JRnnZtWRPff0HaIYV9cWrID1myRftfDmlPFm4RnvaGoxVtU9Gc3Oz/16d4/z/1u3GUAjna+b3esbzTP+Pg+oThi7NWqG85eWbM7v4zeL3g8wn/OA7mAHycbJ28NAp/6cGb4kNKzsrN/j89Tv7lp0gyWXUakutys/9DGjeBxLMkpXgkH318qfdoneEJLrCgawIeko8lOewyP3A4odnA+saAyGIxuQjefM8DILzoatv2Jqx/QT5NMVm1/mmyIuWxveG9rfth/QtBxzdtw9MPPRAUAI3RZgDVfQ8FvgBQvLGj0ZXqJiOEUFbjo5KQuSEqYdybBzAJ4AOYM+emiYkJAPiHTd9esKBgQf5tCxYU/OP6b/LxyNvmzfJ6vZlpJKza8+KGfWu2bHhOFxiUZJ0HF1ee0JUc3HLQyW5OpJoqWbIc9g2xARmQ7NDiyuyJPEaS/HePA0FwnO8TmDuHmE3kf1F37b2+yWujAHDT7fnz7isffcPJEXl5t94cqaxr9lKcJaz/wbtzZxE9O9aEmYm2bXS0Mjj65XE11FWX5WfJfQFtm0vb5mrIr850QwRT0h4PMwgAnb2uNm0yf4KXX355/vz5hYWFN910U9gJrl69Oj4+/vLLL0+zC7Pr3gNFC3wN4IObgy6F5D/fBrDM/NvMtdLTri3rqeruGOWj+x5Xe111dSeUt5jqQ+P9roYGaEvBBoePR/rNkP5PANwE8NGHcNfdcANgIqX9X1XvGlU35FcPyu+lhX1xaoQ9ZAFo20a7Ib+3sj/0UZqs2SI87Q3WIYDBzs4+KG+pSP8Cc7b/fzKV+/+M7MZTJdvaM3VytvNf9+6/M9/XABzc7AOYQz1/nX7yH7R/EbQJCP3flMHzn6jE/XjQIcTjaqirTvrEF+Vu/7ctm/vgHTf5GoCAmwHAC+DLxpN/Vb1rtB5AiE3C9IpE5sJRI1f7P0DE69+5ABzAOIA30U0gsZCkDwK3vUuXRwdOvalfvTfomASQXOHWYu3q9QmGJKMbZs8CrF8d2OG1GyPUZk1uUUd73oT1jSFzLiYXwZtxJmUWb2xc/+gTBQUPrX+6anWFkC1ZjEdOhFA2CSrZmo6qsPJczMxEJccn8wB8YlSSDzq2727xcTDJEVJ+5CRHTPqAD1hmxqrKDbBvX3DwjQ8ekrAYXg8KKypF6h5fvmVLQO3TI71nSp6KMDnLHmFhVbpzEhVJ/rvHafYsYjaRX776jsf+ccHyxz76rx8CwF3f/OHsws8AkTfadxhmJXQmllkpzRIuL5GdB6m0ba5uyK+ubqjMiqDkzOM52lPa0gJNPYwHkklWvXTp0t133/3xxx/n5eXl5eUFvevz+Xw+36233vq73/0umdZmwLgXAHrP7T938bcmzbOh96O/+vztRbM+94t172QwS8DTXtcELf3+29Yqbb2rH7RlPWGnZgZBnYrFSrdCUI73f58YjDz1Ntjt8Pbb8OCDYDDA/Q/COMA4P2XWZskkQ1tZC52DQTtHDzNYW9kWZm+ZPVtERWWlGqAEOvsi5QelVs73f36H33/u/S9+o5l/x/3f25csvNd/Byzp/p+h3XiKZFt7plBud37+PGcO9TzQT95MPX+NfnKe8W3+/cu2B/1Dd023/T9/8aHtdQHeWU1Orvb/eXncoXd+/dX7vwIAecuIybe40Hhkqnb+M1R
<div class=t_attach id=aimg_167844_menu style=position:absolute;z-index:301;opacity:1;left:202.203px;top:13622.5px;display:none>
(265.29 KB)
</div>
<p></p>
<p>
<span style=position:absolute;display:none id=attach_167845></span>
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACqgAAAUwCAIAAAC6i9HuAAAgAElEQVR4nOzde1wU570/8O8iaiSim0aPSWt7cnYXuSWnBO0WyUma5mQWlVCFHNL7cXmFwq4e100rEtr0leacNASxx3U9sMAhhfT0kkhlNRQRJklNbJDQSGkVENndX9ukNRrboOAF2Mvvj71fYGdh2Ruf9yuvvGR29plnZr7zzOx853mG9/7771PwrF279urVq0SUkJBARDdu3HB8dPTo0W3btln/3bVyZVAWJ7l6NYC5DRpJpja/r0suMBAJ7FOGy0ZVTCALZZX8QmqxfYlV8gubxZV9XXKBszADq8wsHJS21KkYgXWWwcq+Lrlg2hrldEoyh8tGFaTMtJaW0ylRi8qonVT2urktlSv+a7cCmX1ao1+6LfAvuWwalync18F157h807kXbUVWJ9v+cP/ErR5Rsr/e3VcayOzT+vze+gC/YdBIMivI91oHkYHVyAoreqWBbhiPQpRq54a2TdMoO3NUAVc+gPoYDKyeGGZeN89M+vv7g1JORkYGtxl9HgfeBzUnQdnvM+vu/l5QysnO/iGn+aZpJgwajV4un6+VDJ5ZtU8hEWDNVh4PzrXE1S0cryW8d7zBYCCBYDYtQwiOi3kSGfFjMBj8bvjg13TWJT6ifyQoFXhT+Ca3GTmd1jmcT7lsZ9dvh/lc6WKai0LHx8G7luBUm+i53gAAAAAAAAAAgKgWN39FX7x4saenZ/7KnwPb3TRWXdErzbXegTNolBIlazAEWBKjqBRT77DeOcXAKmXV1NLXpXK5aZcm8pFFZpUy91uSAkbVVykmIlatzVcwwmTS2etj0A2SOFkYYO3CTlrm7/6pQaNUsqGpDBH2V4AMrEapVEokStb6bwmfz+fz+RKlxseBYnB8zufzJUqlUqJhXT6U8Pn8zMKKXiJqLnTM59z51mUplRKJhC+xlm9gbSXaF8gq+Xx+ZmGz21IlfD4/s2LQZ+Ulzvq4V9l/fZyzSSQSPj8zs7BdT9MxuC+KdVlWQNsw0gmTxeR1/EhcdrtEyc5mO/stJ/oEduy4xKpH/Ni3oe1DjcF2GDj/tLaijmU5FzX7jeg3nmc+Trmtl2Mel1mica/r1Wq3lsH//grguJhxG3LZFwHEYWiPwZnOF84tZt8knhvVeiqQdTrXV2NwFOln5fyfv6aL1RjD4XzKfTv7OVeGNg7tAZRZ0Uu9FZnuxyPXdZ99G47rDQAAAAAAAAAACKu4KRdmszlY5d64cWNoaChYpQWPa0aXbW8WVyocPW8Gewd1FHAHG4G8rqXP0X1nsF2p1uXWuSWRfTJoJLL23DpnFlmcbCuuqyunsz25Ti4ggYgcGTb9cK/PbHTUGaxWupJkVjQ3F0pCl/vH/gqEQCjKTR7s7SWdRilrJ0Xd6OjoaF9LWnNFpvcd60xtclnf6Kh1lvzB5ubeYZeS5F3Wj1qkRNKWUTtnzzeBUJSbm5ubm0a99hJluty60dG+SnFvc4WaJSJGZS2A3Au2Pn7hVZ9CLTkqlD9YkSlxufXtvz7O2bq6ujyX6oZV8jNdFlVG2kKXzcN9G0YBgSjN9U9Wyc8spLI6+9brK8sfLHRbLW7b2X850SewY6fQcfB4xo9riEtbuuQCIkY12lcplrb0jdobpJzcZLItS025dS4bURJ4vsd/PPs7Trmtl3VZksxC+7L66pLbZdXNgdY3vAxse7P7FA77i2v742cbctkXXOMwtMegn/MFoxq1bkJH52jbRnVsRdtDd1p1e27d6Ohoi7S3Qiaxxn5fJbnFIRHpbOdv+8IqPI+LmWM+VnE4n3Lfzn7OlaGNQ0Zl+3almMSVfY7jy3kFx+VaItA2HNcbAAAAAAAAAAAQGeJOuOjp6TEajcEqOisrKysrK1ilBYF+uNflL4OmutmjQ7ozU2tgNZzzJQJGQEQGVq3tpd7B5Nwcv8NzshplZ06XI9ts0Mi0aWU59juABrKPMypMHmy33qqLkQ7kRJRWpnJlvRvaFcoRg7G/AiBgGFEaUbOWFF0quXW0XwGjqBTToM71AGHVFVRZJ7dvSgEj7+qrFLvPw2FZDMMwinwxEXUq1VTXJWcERIKcfKm0RRFIiBg0sopecWWd44EOQU6+mHq1nfPQ6Y1VFjZLW5zPjggYVVeLtLnQcduf6zaMHvZ6s+3NJK5UMC5jYOTkz2K1glVOZOG43w0amXU0btvqCxhVXaW4udA9SyOQ11WKqbna3sNfNlzm8rSSQMDIc23LUjkLktdVins9UqB+cYlnLscpl/VilYXNvdIW+7IEArmqq0waUHXDwrUPsXunYbuZ9xdXfrchl33BLQ5DewxyOV8I5GVS9+Xrhylf4bYVe9NyrZtVmCwmyldYV9796SQiatYOlzkiWsDIy6Tkdlz4jfmFjuN2nlEkxqE/AbThuN4AAAAAAAAAAIDI4TbUv8ViiYsLzuD/CQkJCQkJQSkqmBzJWOudusF2R9dztbbX2RtdkllY4dUnbFoGVilRdlJuvpikZTmklvgbJ5aRu75B1NCp7e1tdgzraSDHy1QForTmdtY2Syx0IJ+t4ObRsb8C5vGEjECU5j7eOwmTxe4TiATyujLRLJfXWzGc69zmArkqsKQZq67o9aizQJQvrSzLCfouMWiqm8n+vhAHRlEp9rzt73cbRh9G0dISjG0arHIikp/9bujU9orz3VdekJMvpuZ294S9wJ7GNxg06uEyn89Keb5axWdBM+Iez0QzHqdc1sue5ONevQjh2ofYx3AjRMRtf/nBOTaI/LeZfuIwtMcgt/MFkyt1iTqDppo8Xx3E8apAnO8eZEyu1Pn4UoAxvyAF8SnGiIpDjvzUGdcbAAAAAAAAAAAQYeI3bdrk+IPH4wUr8U9EFy9eHBoaipxO/wbdIFGy7Q+BvKxSJJQ7b40bNIPNw2Uq2+15lYpbkaxGXa2l/LoulYAMmmqy9r8hpaQwUyutrFNN84Z7g0apdgxrOzjYS2IxtSuV7UQ02NxM0hZbF3hhsri5nVUxNNxL0rLoy48Ei364l9LK5n4TFftrvgjkZVJJIZ8vllbm5+bYjisBM9tNMLdsoEE3SF43xxn5fAwrYejU+tzVAlEa9Wo7DfJpIiq6OZ5pETCMgMhgYDvV7drBwd7eXiIicX6gBQarnOhjfUbIs20TiNKsiUm33K1AXlepzSzMHJS2dMm5Fe+7ID/V4R7P0x+nXNbLoBuk6H8+SiAvkyqn+STg/eUmkNiYa5sZ4mOQ4/mCyZUWVtuiztCpTcvtmt3ivIJMmCym5mE9kWChtuERK/rOBbjeAAAAAAAAAACASBO32EV8fHywyr1x48bQ0FCwSgsalxvAjDzwkXeddBqlhM/PrB7OrevyShczqq4Wae8M79QUyFUKhXWse0Uy9Upburqsf+VSL0nLHDfwBTn54uZ2jc9OPjHP+WYGg27QZf1F+S11Ad/exP6ab4yqq6+vJZ+0FYWZfL5EopxxEAWITgbdoFv3T4NGKeFnyqqHk3Pr6upm6P/sr9wglROdmgv5HnwOH28b/Zx6fX4WgTivV3QTJk/XHzoI+yt02zC0xyC38wWTK7WNyW/o1KYttHPqwrSwzwUAAAAAAAAAAABBELRMv7fI6etvpR/uDXDAUoNG2Znjuxe4SJ6bNpw8bRdxYlR9lYOZFe3sdN1+bOPDs+oKquxj7MurbhZX9rk8kCDIyRdXVFTQAus/TkREQkXfqEBA1l5O0jIhq9FQjpwRMB7bvNfWcW9G2F8hIBAwchUjVxkMrFpWXZgpcQyFADFCP9xLJLU9PmXQSDIreqUtfbN4e7mrYJUTtaQto9yOE1ZZndxSKS4sVOZy/EZYcV6v6CaQT9efPwj7K0TbMBzHIJfzBaOoFGe2syqhbvb9/SF6LPhzAQAAAAAAAAAAQBAEbWB/DwkJCQkJCfNU+Kyw7c3i/ByBgdUofVFre2mw2m2SJLOiuSJTovHdc5lRTZtFJiIigbyupdJPFzVWU90sJupkDQayvinU50uavccRXQgEzlx7rzSXETDyHJ2M79EzUKgY5ZgXwf6
<div class=t_attach id=aimg_167845_menu style=position:absolute;display:none>
(224.79 KB)
</div>
<p></p>
<p>还有就是找不好处理web服务的文件的你就去squashfs-root文件夹下面grep -r “password” 这条命令能找到带有字符串password的二进制文件找到文件之后重复接口查找的方法判断一下这样差不多就能找准web服务的处理文件。还有就是去Firmwalker收集的信息基本上也能判断。多实操、多看文章复现其实有些东西看多了操作多了自然而然就有经验了。逆向一半多都是靠猜而这个“猜”就是从经验来的。</p>
<h2>问题及解决</h2>
<p><strong>固件寻找以及固件版本问题?</strong></p>
<p>有些固件因为地区问题或者别的稀奇古怪的问题国内官网是找不到的这时候就可以去Google搜索一下找一找大多数还是能找到的。还有就是不要太苛责固件版本只要固件的大版本没什么问题具体的小版本的差别不大就可以审计。审计之前可以找一找历史漏洞这会对对审计有一定的帮助。</p>
<p><strong>找不到固件对应的资产,又或者说找不到想要的固件?</strong></p>
<p>直接fofa找到一款路由器之后找弱口令进去。进去之后基本上都能直接看到具体的版本型号或者进去之后去找数据包有个数据包当中能看到具体的版本型号。知道具体的版本型号之后去下载。下载下来解包开始实操。但是比较新的固件都是进行加密了的需要去网上找一些开源的解密脚本或者你自己去逆出来。</p>
<p><strong>关于溢出漏洞的进一步利用?</strong></p>
<p>溢出漏洞需要去启动虚拟环境qemu模拟固件或者买一台设备。然后去gdb --attach去调试构造一个ROP链达到RCE的效果。qemu环境我真没启动成功过不知道是怎么回事。所以索性就放弃了启动环境模拟固件。遇到溢出漏洞一般验证一下就差不多了无法进一步利用的溢出漏洞感觉等于DDOS。如果想进一步利用溢出漏洞的话真得启动一个环境模拟固件而且还需要去看一下PWN方面的知识。</p>
<h2>致谢</h2>
<p>在此感谢@99999九爷的深情陪伴、@cxaqhq师傅的IOT漏洞平台以及@Go1d0g悲伤番茄师傅的指点。
本人的经验大抵就这些了,确实有些捉襟见肘,见谅见谅。有误之处,还请指出。</p>
<p><strong>TCV: 新年快乐!新年快乐!新年快乐!</strong></p></div>
</table>
</div>
</div>
</div>
</tr>
</table>
</div>
</div>
<div id=f_post class="mainbox viewthread" style=display:none!important>
<form method=post id=fastpostform action="post.php?action=reply&amp;fid=52&amp;tid=73007&amp;extra=page%3D1&amp;replysubmit=yes&amp;infloat=yes&amp;handlekey=fastpost" style=display:none!important>
<table cellspacing=0 cellpadding=0 style=display:none!important>
<tbody style=display:none!important><tr style=display:none!important>
<td class=postcontent style=display:none!important>
<div class=editor_tb style=display:none!important>
</div>
</td>
</tr>
</table>
</form>
</div>
</div>
<div id=immersive-translate-popup style=color-scheme:initial;forced-color-adjust:initial;mask:initial;math-depth:initial;position:initial;position-anchor:initial;text-size-adjust:initial;appearance:initial;color:initial;font:initial;font-palette:initial;font-synthesis:initial;position-area:initial;text-orientation:initial;text-rendering:initial;text-spacing-trim:initial;-webkit-font-smoothing:initial;-webkit-locale:initial;-webkit-text-orientation:initial;-webkit-writing-mode:initial;writing-mode:initial;zoom:initial;accent-color:initial;place-content:initial;place-items:initial;place-self:initial;alignment-baseline:initial;anchor-name:initial;anchor-scope:initial;animation-composition:initial;animation:initial;app-region:initial;aspect-ratio:initial;backdrop-filter:initial;backface-visibility:initial;background:initial;background-blend-mode:initial;baseline-shift:initial;baseline-source:initial;block-size:initial;border-block:initial;border:initial;border-radius:initial;border-collapse:initial;border-end-end-radius:initial;border-end-start-radius:initial;border-inline:initial;border-start-end-radius:initial;border-start-start-radius:initial;inset:initial;box-decoration-break:initial;box-shadow:initial;box-sizing:initial;break-after:initial;break-before:initial;break-inside:initial;buffered-rendering:initial;caption-side:initial;caret-color:initial;clear:initial;clip:initial;clip-path:initial;clip-rule:initial;color-interpolation:initial;color-interpolation-filters:initial;color-rendering:initial;columns:initial;column-fill:initial;gap:initial;column-rule:initial;column-span:initial;contain:initial;contain-intrinsic-block-size:initial;contain-intrinsic-size:initial;contain-intrinsic-inline-size:initial;container:initial;content:initial;content-visibility:initial;counter-increment:initial;counter-reset:initial;counter-set:initial;cursor:initial;cx:initial;cy:initial;d:initial;display:none!important;dominant-baseline:initial;empty-cells:initial;field-sizing:initial;fill:initial;fill-opacity:initial;fill-rule:initial;filter:initial;flex:initial;flex-flow:initial;float:initial;flood-color:initial;flood-opacity:initial;grid:initial;grid-area:initial;height:initial;hyphenate-character:initial;hyphenate-limit-chars:initial;hyphens:initial;image-orientation:initial;image-rendering:initial;initial-letter:initial;inline-size:initial;inset-block:initial;inset-inline:initial;interpolate-size:initial;isolation:initial;letter-spacing:initial;lighting-color:initial;line-break:initial;list-style:initial;margin-block:initial;margin:initial;margin-inline:initial;marker:initial;mask-type:initial;math-shift:initial;math-style:initial;max-block-size:initial;max-height:initial;max-inline-size:initial;max-width:initial;min-block-size:initial;min-height:initial;min-inline-size:initial;min-width:initial;mix-blend-mode:initial;object-fit:initial;object-position:initial;object-view-box:initial;offset:initial;opacity:initial;order:initial;orphans:initial;outline:initial;outline-offset:initial;overflow-anchor:initial;overflow-clip-margin:initial;overflow-wrap:initial;overflow:initial;overlay:initial;overscroll-behavior-block:initial;overscroll-behavior-inline:initial;overscroll-behavior:initial;padding-block:initial;padding:initial;padding-inline:initial;page:initial;page-orientation:initial;paint-order:initial;perspective:initial;perspective-origin:initial;pointer-events:initial;position-try:initial;position-visibility:initial;quotes:initial;r:initial;resize:initial;rotate:initial;ruby-align:initial;ruby-position:initial;rx:initial;ry:initial;scale:initial;scroll-behavior:initial;scroll-margin-block:initial;scroll-margin:initial;scroll-margin-inline:initial;scroll-padding-block:initial;scroll-padding:initial;scroll-padding-inline:initial;scroll-snap-align:initial;scroll-snap-stop:initial;scroll-snap-type:initial;scroll-timeline:initial;scrollbar-color:initial;scrollbar-gutter:initial;scrollbar-width:initial;shape-image-threshold:initial;shape-margin:initial;shape-outside:initial;shape-rendering:initial;size:initial;speak:initial;stop-color:initial
* Pico.css v1.5.6 (https://picocss.com)
* Copyright 2019-2022 - Licensed under MIT
*/#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:0.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:0.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:0.5rem;--nav-link-spacing-vertical:0.5rem;--nav-link-spacing-horizontal:0.5rem;--form-label-font-weight:var(--font-weight);--transition:0.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media (min-width:576px){#mount{--font-size:17px}}@media (min-width:768px){#mount{--font-size:18px}}@media (min-width:992px){#mount{--font-size:19px}}@media (min-width:1200px){#mount{--font-size:20px}}@media (min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media (min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media (min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media (min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media (min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media (min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media (min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media (min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:0.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:0.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#F5F7F9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-c
Reference in New Issue Copy Permalink