mirror of
https://github.com/Mr-xn/Penetration_Testing_POC.git
synced 2025-11-05 10:43:28 +00:00
285 lines
1.7 MiB
HTML
285 lines
1.7 MiB
HTML
|
<!DOCTYPE html> <html lang=en><!--
|
|||
|
|
Page saved with SingleFile
|
|||
|
|
url: https://xz.aliyun.com/t/14456
|
|||
|
|
--><meta charset=utf-8>
|
|||
|
|
<title>记一次某双一流大学漏洞挖掘</title>
|
|||
|
|
<meta name=description content=先知社区,先知安全技术社区>
|
|||
|
|
<meta name=viewport content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}footer{display:block}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}a:hover,a:active{outline:0}img{height:auto;vertical-align:middle;-ms-interpolation-mode:bicubic}input{margin:0}button{-webkit-appearance:button}body{margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;color:#333}a{text-decoration:none}a:hover,a:focus{color:#005580;text-decoration:underline}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}.container{width:940px}.span10{width:780px}.container{margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;line-height:0;content:""}.container:after{clear:both}p{margin:0 0 10px}strong{font-weight:bold}.text-right{text-align:right}.text-center{text-align:center}h4{margin:10px 0;font-family:inherit;font-weight:bold;line-height:20px;color:inherit;text-rendering:optimizelegibility}h4{font-size:17.5px}ul{padding:0}hr{margin:20px 0;border:0;border-top:1px solid #eee;border-bottom:1px solid #fff}code,pre{color:#333;-webkit-border-radius:3px;-moz-border-radius:3px}code{color:#d14}pre{display:block;margin:0 0 10px;white-space:pre-wrap;border:1px solid rgba(0,0,0,0.15);-webkit-border-radius:4px;-moz-border-radius:4px}input{font-weight:normal}input{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif}input[type="text"]{display:inline-block;padding:4px 6px;margin-bottom:10px;font-size:14px;line-height:20px;vertical-align:middle;-webkit-border-radius:4px;-moz-border-radius:4px}input{width:206px}input[type="text"]{background-color:#fff;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border linear .2s,box-shadow linear .2s;-moz-transition:border linear .2s,box-shadow linear .2s;-o-transition:border linear .2s,box-shadow linear .2s;transition:border linear .2s,box-shadow linear .2s}textarea:focus,input[type="text"]:focus,input[type="password"]:focus,input[type="datetime"]:focus,input[type="datetime-local"]:focus,input[type="date"]:focus,input[type="month"]:focus,input[type="time"]:focus,input[type="week"]:focus,input[type="number"]:focus,input[type="email"]:focus,input[type="url"]:focus,input[type="search"]:focus,input[type="tel"]:focus,input[type="color"]:focus,.uneditable-input:focus{border-color:rgba(82,168,236,0.8);outline:0;outline:thin dotted \9;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6)}input::-webkit-input-placeholder,textarea::-webkit-input-placeholder{color:#999}input{margin-left:0}input:focus:invalid,textarea:focus:invalid,select:focus:invalid{color:#b94a48;border-color:#ee5f5b}input:focus:invalid:focus,textarea:focus:invalid:focus,select:focus:invalid:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7}.fade{opacity:0;-webkit-transition:opacity .15s linear;-moz-transition:opacity .15s linear;-o-transition:opacity .15s linear}.collapse{position:relative;-webkit-transition:height .35s ease;-moz-transition:height .35s ease;-o-transition:height .35s ease;transition:height .35s ease}.btn{text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;background-image:-moz-linear-gradient(top,#fff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,#e6e6e6);background-image:-o-linear-gradient(top,#fff,#e6e6e6);background-repeat:repeat-x;border:1px solid #ccc;border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);-moz-box-shadow:inset 0
|
|||
|
|
<style>/*! Editor.md v1.5.0 | editormd.min.css | Open source online markdown editor. | MIT License | By: Pandao | https://github.com/pandao/editor.md | 2015-06-09 *//*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*! github-markdown-css | The MIT License (MIT) | Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) | https://github.com/sindresorhus/github-markdown-css */.markdown-body{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;overflow:hidden}.markdown-body *{-moz-box-sizing:border-box}.markdown-body a:active,.markdown-body a:hover{outline:0;text-decoration:underline}.markdown-body>:first-child{margin-top:0 !important}.markdown-body>:last-child{margin-bottom:0 !important}.markdown-body img{-moz-box-sizing:border-box}.markdown-body code:after,.markdown-body code:before{letter-spacing:-.2em;content:" "}/*! Pretty printing styles. Used with prettify.js. */@media screen{}@media screen{}</style>
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap Responsive v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}@-ms-viewport{width:device-width}@media(min-width:768px) and (max-width:979px){}@media(max-width:767px){}@media(min-width:1200px){.row{margin-left:-30px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:30px}.container{width:1170px}.span10{width:970px}input{margin-left:0}}@media(min-width:768px) and (max-width:979px){.row{margin-left:-20px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:20px}.container{width:724px}.span10{width:600px}input{margin-left:0}}@media(max-width:767px){body{padding-right:0px;padding-left:0px}.container{width:auto}.row{margin-left:0}[class*="span"]{display:block;float:none;width:100%;margin-left:0;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.modal{position:fixed;right:20px;left:20px;width:auto;margin:0}.modal.fade{top:-100px}}@media(max-width:480px){.nav-collapse{-webkit-transform:translate3d(0,0,0)}.modal{top:10px;right:10px;left:10px}}@media(max-width:979px){body{padding-top:0}.navbar .container{width:auto;padding:0}.navbar .brand{padding-right:10px;padding-left:10px}.nav-collapse{clear:both}.nav-collapse.collapse{height:0;overflow:hidden}}@media(min-width:980px){.nav-collapse.collapse{height:auto !important;overflow:visible !important}}</style>
|
|||
|
|
<style>li{line-height:26px}a:hover{text-decoration:none}.post-user-action>span{margin-right:10px;line-height:21px;border:0}.post-user-action .i-seprator{color:rgba(0,0,0,0.1);margin:0 2px}.navbar .brand{padding:0;height:50px;margin-left:0;display:inline-block !important;background-repeat:no-repeat;width:120px;background-size:207px 50px;background-image:url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IuWbvuWxgl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgODAwLjQgMTMwLjQiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDgwMC40IDEzMC40OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzM3M0Q0MTt9Cjwvc3R5bGU+Cjx0aXRsZT7lhYjnn6XmioDmnK/npL7ljLo8L3RpdGxlPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iMCwxMjEuNCAwLDI3LjMgNTYuMywyNy4zIAkiLz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iODkuOSw4LjQgODkuOSwxMDIuNSAzMy41LDEwMi41IAkiLz4KPC9nPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjcsNTguNGMtMi4zLTEuNC00LjctMi45LTcuMi00LjVjNi02LjksMTAuNy0xNi4yLDE0LjEtMjcuOWw4LjMsMS43Yy0wLjcsMS42LTEuNiwzLjktMi44LDYuOQoJYy0wLjcsMi4zLTEuMywzLjktMS43LDQuOGgxNy41VjI0aDguM3YxNS41aDI5LjZWNDdoLTI5LjZ2MTUuMWgzNC43VjcwaC0yNi41djIxLjNjLTAuMiwzLjQsMS42LDUsNS41LDQuOGg3LjIKCWMzLjIsMC4yLDUuMy0xLjMsNi4yLTQuNWMwLjItMS40LDAuNS00LjEsMC43LTguM2MwLDAuNywwLjEtMC4xLDAuMy0yLjRsNy42LDIuOGMtMC4yLDQuMS0wLjcsNy45LTEuNCwxMS40CgljLTEuNiw2LTUuOCw4LjgtMTIuNyw4LjZoLTEwLjdjLTcuNiwwLjItMTEuMi0zLjItMTEtMTAuM1Y3MC4xaC0xNS44djMuMWMwLDE1LjQtOS4xLDI2LjQtMjcuMiwzM2MtMS40LTIuMS0zLTQuNi00LjgtNy42CglDMTM1LjEsOTQsMTQzLDg1LjQsMTQzLDcyLjhWNzBoLTIyLjd2LTcuOWgzOC41VjQ3aC0yMS4zQzEzNS41LDUxLjEsMTMzLjIsNTQuOSwxMzAuNyw1OC40eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMjEzLjIsNTQuNmMtMC41LTAuMi0xLjItMC43LTIuMS0xLjRjLTEuOC0xLjQtMy4yLTIuMy00LjEtMi44YzQuOC04LjksOC4xLTE3LjksMTAtMjYuOGw3LjYsMS40CgljLTAuNSwxLjgtMS4zLDQuNC0yLjQsNy42Yy0wLjIsMS4yLTAuNSwyLTAuNywyLjRoMjQuMXY3LjJoLTEyYzAsOC43LTAuMSwxNC45LTAuMywxOC42aDE0LjFWNjhoLTE0LjhjMCwyLjMtMC4yLDQuNS0wLjcsNi41CgljMS42LDEuNiwzLjgsNCw2LjUsNy4yYzQuNiw0LjgsOCw4LjYsMTAuMywxMS40bC01LjgsNS4yYy0wLjktMS4yLTIuMy0yLjgtNC4xLTQuOGMtMS44LTIuMy00LjgtNS44LTguOS0xMC43CgljLTIuNSw3LjgtOC40LDE1LjUtMTcuNSwyMy4xYy0yLjMtMi44LTQuMS00LjgtNS41LTYuMmMxMS4yLTguOSwxNy4zLTE5LjUsMTguMi0zMS43aC0xNy4ydi03LjJoMTcuNWMwLjItMy45LDAuMy0xMC4xLDAuMy0xOC42CgloLTYuOUMyMTcuMSw0Ni4zLDIxNS4zLDUwLjQsMjEzLjIsNTQuNnogTTI1MS40LDEwMi43VjMxLjloMzUuOHY3MC41aC04LjN2LTcuNmgtMTkuNnY3LjlDMjU5LjMsMTAyLjcsMjUxLjQsMTAyLjcsMjUxLjQsMTAyLjd6CgkgTTI1OS4zLDM5LjR2NDcuOGgxOS42VjM5LjRIMjU5LjN6Ii8+CjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yOTcuMiw4MS4xYy0wLjItMC45LTAuNi0yLjMtMS00LjFjLTAuNy0xLjgtMS4yLTMuMi0xLjQtNC4xYzkuMi02LjIsMTYuNC0xNC4zLDIxLjctMjQuNGgtMTkuNnYtNi45aDI3LjV2Ny4yCgljLTIuNSw1LjUtNS40LDEwLjQtOC42LDE0Ljh2NDIuM2gtNy42VjcyLjFDMzA1LDc1LjEsMzAxLjQsNzguMSwyOTcuMiw4MS4xeiBNMzExLjcsNDAuNWMtMC4yLTAuNS0wLjYtMS4xLTEtMi4xCgljLTIuOC02LTQuNi05LjctNS41LTExLjRsNi45LTMuMWMwLjcsMS4yLDEuOCwzLjMsMy40LDYuNWMxLjYsMywyLjgsNS4yLDMuNCw2LjVMMzExLjcsNDAuNXogTTMyNi44LDgwLjcKCWMtMS42LTIuMS00LjctNS42LTkuMy0xMC43Yy0wLjItMC4yLTAuNS0wLjUtMC43LTAuN2w0LjgtNC41YzIuMSwxLjgsNC45LDQuNiw4LjYsOC4zYzEuMSwxLjIsMS45LDIsMi40LDIuNEwzMjYuOCw4MC43egoJIE0zMjguNSw1Ni42VjQ5aDE4LjZWMjQuM2g4LjN2MjQuOEgzNzV2Ny42aC0xOS42djM5LjJoMjIuNHY2LjloLTUzdi02LjloMjIuNFY1Ni42SDMyOC41eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzg5LjgsMTAxLjRWMjkuMUg0NjJ2Ny42aC02NC4zdjU3LjhoNjUuN3Y2LjlIMzg5Ljh6IE00NTAuMyw5MC40Yy02LjItNi42LTEyLjYtMTMtMTkuMy0xOC45CgljLTYsNS43LTEzLjQsMTIuMy0yMi40LDE5LjZjLTEuNC0xLjYtMy40LTMuOC02LjItNi41YzguMy01LjcsMTUuOC0xMiwyMi43LTE4LjljLTYuOS02LjQtMTMuOC0xMi43LTIwLjYtMTguOWw2LjItNS4yTDQzMSw2MC4yCgljNS41LTYuMiwxMC45LTEyLjgsMTYuMi0yMGw3LjIsNC41Yy01LjcsNy42LTExLjYsMTQuNC0xNy41LDIwLjZjNi45LDYuNywxMy42LDEzLDIwLjMsMTguOUw0NTAuMyw5MC40eiIvPgo8L3N2Zz4K)}.brand-box{position:absolute}.related-section{min-height:42px;padding:5px 0;margin-top:25px;border-top:1px solid #eee}.related-section>.related-
|
|||
|
|
<style>a{color:#778087}.topic-list p{margin:0}.topic-content{min-height:40px}.collapse form{position:relative;width:300px;float:right}div.search{padding:10px 0}.d1 input{height:20px;padding-left:18px;border:1px solid #ddd;border-radius:15px;outline:0;background:#fff;color:#9e9c9c;float:right}.vote{font-weight:normal;margin-left:6px}.topic-list{word-break:break-all;word-wrap:break-word}ul{margin:0 0 10px 0}/*!*border-bottom: solid #eee 1px;*!*/.user-info{padding:5px 0 5px 0}.topic-info a,.topic-info{padding-top:5px}.topic-info a:hover{text-decoration:solid}.reminder{min-height:200px;border:1px #ddd solid;border-radius:3px;line-height:200px;text-align:center}</style>
|
|||
|
|
<style>body{background-color:#eee}form{margin:0 !important}a:focus{text-decoration:none}.markdown-body p>code{white-space:normal;word-break:break-all;border:none !important}.box ul,ol{margin-bottom:0px !important}.box a:hover{text-decoration:none}.box-container>ul>li{list-style-type:none}#Wrapper .row.box{margin-left:0px}.navbar-inner{border-radius:0px;min-height:40px;padding-right:0px;padding-left:0px;outline:0;margin-bottom:0;list-style:none;z-index:1050;background:#fff;-webkit-box-shadow:0 1px 4px rgba(0,21,41,0.08);box-shadow:0 1px 4px rgba(0,21,41,0.08);line-height:46px;-webkit-transition:background .3s,width .2s;-o-transition:background .3s,width .2s;transition:background .3s,width .2s}.bs-docs-footer{text-align:left;color:#99979c;height:64px;background-color:#FFF;border-top:1px solid rgba(0,0,0,0.22);line-height:64px}.bs-docs-footer .links>a{display:inline-block;padding:0 12px;border-left:1px solid #e8e8e8;color:#8c8c8c;line-height:1}.bs-docs-footer .links>a:first-child{border-left:0}.box-container .user-info{margin-bottom:10px;background:#fff}.content-title{font-size:24px;color:#333;text-decoration:none;line-height:24px;text-shadow:0 1px 0#fff}.box-container{padding:20px}.breadcrumb{padding:8px 10px 8px 15px;margin-bottom:10px;border-radius:0;color:#000;background-color:#fff}.breadcrumb>li{text-shadow:none !important;margin:2px 0px}.active{text-shadow:none !important}.breadcrumb .active{color:#555;display:inline-block;text-shadow:none !important}.label{background-color:#f4f4f4;line-height:12px;display:inline-block;padding:4px 4px 4px 4px;-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;text-decoration:none;text-shadow:none;font-weight:normal}.topic-info{color:#999 !important;font-size:12px !important}.topic-info a{padding:0px;color:#555 !important;font-size:12px !important}.topic-info a:hover{color:#4d5256;text-decoration:underline}.topic-info .cell{padding-left:0 !important;margin-left:0px;font-size:10px;font-weight:bold}.markdown-body img{max-width:90% !important;text-align:center;margin-left:auto;margin-right:auto;display:block;padding:10px 0px 10px 0px}.topic-info span{margin-left:0px;font-size:10px;color:rgba(0,0,0,0.45)}.btn{display:inline-block;padding:4px 12px;margin-bottom:0;font-size:14px;line-height:20px;background-color:#f4f4f4;color:#444;border-color:#ddd;font-family:"Helvetica Neue For Number",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Hiragino Sans GB","Microsoft YaHei","Helvetica Neue",Helvetica,Arial,sans-serif;-webkit-box-sizing:border-box;box-sizing:border-box;margin:0;list-style:none;font-weight:400;text-align:center;cursor:pointer;background-image:none;white-space:nowrap;border-radius:2px;height:32px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none}.box{font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.5;color:rgba(0,0,0,0.65);-webkit-box-sizing:border-box;box-sizing:border-box;margin-top:0 !important;margin-bottom:20px;padding:0;list-style:none;background:#fff;border-radius:2px;position:relative;-webkit-transition:all .3s;-o-transition:all .3s;transition:all .3s;-moz-box-shadow:0 1px 1px rgba(0,0,0,0.15);-webkit-box-shadow:0 1px 1px rgba(143,168,191,.35);box-shadow:0 1px 1px rgba(143,168,191,.35);border-bottom:1px solid #e2e2e9}.span10{float:left;min-height:1px}#Wrapper .span10{margin-left:0px !important;max-width:960px}@media(min-width:1200px){.container{width:82% !important}}@media screen and (min-width:1500px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px !important}#Wrapper .span10{max-width:810px !important}}@media screen and (min-width:980px) and (max-width:1499px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px !important}#Wrapper .span10{max-width:74% !important}}@media screen and (min-width:768px) and (max-width:979px){#Wrapper.container,.navbar .navbar-inner .container,
|
|||
|
|
<style>/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/.pull-right{float:right}.pull-left{float:left}@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*! github-markdown-css | The MIT License (MIT) | Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com) | https://github.com/sindresorhus/github-markdown-css */.markdown-body{color:#333;font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:15px;line-height:24px;letter-spacing:.05em;word-wrap:break-word}.markdown-body a{background:transparent}.markdown-body a:active,.markdown-body a:hover{outline:0}.markdown-body img{border:0}.markdown-body pre{font-family:"Meiryo UI","YaHei Consolas Hybrid",Consolas,"Malgun Gothic","Segoe UI","Trebuchet MS",Helvetica,monospace,monospace}.markdown-body *{-moz-box-sizing:border-box;box-sizing:border-box}.markdown-body a{color:#4183c4;text-decoration:none}.markdown-body a:hover,.markdown-body a:active{text-decoration:underline}.markdown-body code{font-family:Consolas,"Liberation Mono",Menlo,Courier,monospace}.markdown-body pre{font:12px Consolas,"Liberation Mono",Menlo,Courier,monospace}.markdown-body>*:first-child{margin-top:0 !important}.markdown-body>*:last-child{margin-bottom:0 !important}.markdown-body h4{position:relative;margin-top:1em;margin-bottom:16px;font-weight:bold;line-height:1.4}.markdown-body h4{font-size:18px}.markdown-body p,.markdown-body pre{margin-top:0;margin-bottom:24px}.markdown-body img{max-width:100%;-moz-box-sizing:border-box;box-sizing:border-box}.markdown-body code{padding:0;padding-top:.2em;padding-bottom:.2em;margin:0;font-size:85%;background-color:rgba(0,0,0,0.04);border-radius:3px}.markdown-body code:before,.markdown-body code:after{letter-spacing:-0.2em;content:" "}.markdown-body .highlight{margin-bottom:16px}.markdown-body .highlight pre{padding:16px;overflow:auto;font-size:85%;background-color:#f7f7f7;border-radius:3px}.markdown-body .highlight pre{margin-bottom:0;word-break:normal}.markdown-body pre{word-wrap:normal}/*! Pretty printing styles. Used with prettify.js. */@media screen{}.markdown-body .highlight pre{line-height:1.6}@media screen{}</style>
|
|||
|
|
<style>@-webkit-keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@media(max-width:800px){}</style>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
|
|||
|
|
<![endif]-->
|
|||
|
|
<!--[if !IE]> -->
|
|||
|
|
<style>#waf_nc_block{position:fixed;width:100%;height:100%;top:0;bottom:0;left:0;z-index:99999}</style><style>@media(pointer:coarse){@media only screen and (max-device-width:1024px){}@media only screen and (max-device-width:414px){}@media only screen and (max-device-width:320px){}}</style><style>@media screen and (max-width:768px){}</style><style>/*!
|
|||
|
|
* Waves v0.7.5
|
|||
|
|
* http://fian.my.id/Waves
|
|||
|
|
*
|
|||
|
|
* Copyright 2014-2016 Alfiana E. Sibuea and other contributors
|
|||
|
|
* Released under the MIT license
|
|||
|
|
* https://github.com/fians/Waves/blob/master/LICENSE
|
|||
|
|
*/</style><style>@media(max-height:620px){}@media(max-height:783px){}@-webkit-keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@keyframes srFadeInUp{0%{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}to{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}}@-webkit-keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}@keyframes srFadeInDown{0%{opacity:1;-webkit-transform:translateY(0);transform:translateY(0)}to{opacity:0;-webkit-transform:translateY(100px);transform:translateY(100px)}}</style><style>@-webkit-keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@keyframes fadeOutUp{0%{opacity:1}to{margin-top:0;padding:0;height:0;min-height:0;opacity:0;-webkit-transform:scaleY(0);transform:scaleY(0)}}@media(pointer:coarse){}</style><style>:root{--sr-annote-color-0:#b4d9fb;--sr-annote-color-1:#ffeb3b;--sr-annote-color-2:#a2e9f2;--sr-annote-color-3:#a1e0ff;--sr-annote-color-4:#a8ea68;--sr-annote-color-5:#ffb7da}</style><style>@-webkit-keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes sr-annote-slideInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0);visibility:visible}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes sr-annote-slideInDown{0%{opacity:1;visibility:visible}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}}@-webkit-keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@keyframes fadeOutDown{0%{opacity:1;-webkit-transform:translateZ(0);transform:translateZ(0)}to{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}}@-webkit-keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@keyframes scaleAnimation{0%{opacity:0;-webkit-transform:scale(1.5);transform:scale(1.5)}to{opacity:1;-webkit-transform:scale(1);transform:scale(1)}}@-webkit-keyframes fadeOut{0%{opacity:1}to{opacity:0}}@keyframes fadeOut{0%{opacity:1}to{opacity:0}}@-webkit-keyframes fadeIn{0%{opacity:0}to{opacity:1}}@keyframes fadeIn{0%{opacity:0}to{opacity:1}}@-webkit-keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}@keyframes swing{20%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}40%{-webkit-transform:rotate(-10deg);transform:rotate(-10deg)}60%{-webkit-transform:rotate(5deg);transform:rotate(5deg)}80%{-webkit-transform:rotate(-5deg);transform:rotate(-5deg)}to{-webkit-transform:rotate(0deg);transform:rotate(0deg)}}</style><style>@-webkit-keyframes fadeInUp{0%{opacity:0;-webkit-transform:translate3d(0,100%,0);transform:translate3d(0,100%,0)}to{opacity:1;-webkit-transform:translateZ(0);transform:transl
|
|||
|
|
<body>
|
|||
|
|
<div class="navbar navbar-default">
|
|||
|
|
<div class=navbar-inner>
|
|||
|
|
<div class=container style=text-align:center;position:relative>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<span style="display:inline-block;margin:0 auto;color:red;">为了更好的体验,请使用IE10及以上版本</span>
|
|||
|
|
<![endif]-->
|
|||
|
|
<div class=brand-box>
|
|||
|
|
<a class=brand href=https://xz.aliyun.com/tab/1></a>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F14456&from_type=xianzhi" class="pull-right anonymous-user hh_loding sf-hidden">
|
|||
|
|
登录</a>
|
|||
|
|
|
|||
|
|
<div class="nav-collapse collapse">
|
|||
|
|
<div class="search d1 text-right">
|
|||
|
|
<form action=/search>
|
|||
|
|
<input type=text placeholder=搜索 name=keyword value>
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div id=Wrapper class=container>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class=row2>
|
|||
|
|
<div class=span10>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box content" width="1200px !important" style=width:1200px>
|
|||
|
|
|
|||
|
|
<div class=box-container>
|
|||
|
|
<div class=main-topic>
|
|||
|
|
<div class="clearfix user-info topic-list">
|
|||
|
|
<p><span class=content-title>记一次某双一流大学漏洞挖掘</span>
|
|||
|
|
</p>
|
|||
|
|
<div class=topic-info>
|
|||
|
|
<span class=info-left>
|
|||
|
|
<a href=https://xz.aliyun.com/u/79574>
|
|||
|
|
<span class="username cell"> 七*r</span></a> <span class=i-seprator> / </span>
|
|||
|
|
<span> 2024-05-13 08:36:27</span><span class=i-seprator> / </span>
|
|||
|
|
|
|||
|
|
<span>发表于河北 / </span>
|
|||
|
|
|
|||
|
|
<span>浏览数 155</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=content-node>
|
|||
|
|
|
|||
|
|
<span class="label label-default label-node-first">
|
|||
|
|
<a href=https://xz.aliyun.com/tab/4>社区板块</a></span>
|
|||
|
|
<span class="label label-default">
|
|||
|
|
<a href=https://xz.aliyun.com/node/27>渗透测试</a></span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
<span class="pull-right t-vote cell info-right"><a class="vote vote-up" href=javascript:void(0)>
|
|||
|
|
顶(0)</a>
|
|||
|
|
<a class="vote vote-down" href=javascript:void(0)>
|
|||
|
|
踩(0)</a></span>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<hr>
|
|||
|
|
<div id=topic_content class="topic-content markdown-body">
|
|||
|
|
<h4>前言</h4>
|
|||
|
|
<p>本次项目测试的平台是某方开发的<code>某某服务平台</code>,算是个小0day或者说是1day吧,总之尚未公开且资产较少,因此记录一下。</p>
|
|||
|
|
<h4>信息收集</h4>
|
|||
|
|
<p>识别链接发现是某方的xx服务平台<br>
|
|||
|
|
<a id=img0 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513082819-b29c25a2-10bf-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABfsAAAD5CAYAAACQ7e/vAABSoUlEQVR4nO3df3Ac9Z3n/1d3z4yEbMnCsqxgY8c/gtdwOn5s+LGyfcL2l7VDXYls+MJe6dDtBnxxcstSMfB1CE68dXUmZokLcIoll5A13O7XOdeFnPeCasvBy9eAzljLjwTDacEx8Q8MBmRZRrYsW5of3d8/umfUM5qRZqTRaEZ6PqoorOme7s90z8/X59Pvj+E4jiNJkUhM/f0RSVIsZgsAAAAAAAAAABQf0zRkmqbKygIKBi1JUkByg/5IJKpLLglKktz4HwAAAAAAAAAAFBvDcHP8gQF3AH8waMmUpP7+iEKhgByHoB8AAAAAAAAAgGIWz/HLyoKJij2mRNkeAAAAAAAAAABKjWEM5vtm/EZG9AMAAAAAAAAAUDr8ub6ZeTUAAAAAAAAAAFAKCPsBAAAAAAAAAChxhP0AAAAAAAAAAJQ4wn4AAAAAAAAAAEocYT8AAAAAAAAAACWOsB8AAAAAAAAAgBJH2A8AAAAAAAAAQIkj7AcAAAAAAAAAoMQFJroBGLu+voHEv6dNK5vAlgBA/sXf43h/K06cn/HDsQUmFt+xAQC54rMD2eK5gmzl+lxhZD8AAAAAAAAAACWOsB8AAAAAAAAAgBKX1zI+vb19ikQio7pvMBhUZeW0fDYHAAAAAAAAAIApIW9hf0/POVmWqRkzpo/q/hcu9Kun55yqq6vy1aSSNzDQr7Ky8oluBgCMC97jihvnZ/xwbIGJxWsQAJArPjuQLZ4ryNZ4PVfyVsbn4sV+XXpplcrLy0b136WXVunixf58NSc3v/mhrlh6pe7d3eW78aB+vPRKXZHuv/W/VFfGjeVPV1eXzp07V4A9pd27WteP8Fi94/bj32Sxuc5f6t6lV+qKbQfz10QAJW1i3+P80r3f/1Bv53s3aT9riteEnp8SO1a5mphj632uZ/puk/Id5+1tV+qKpd9Ua+fIW85lXaAYTOznT+bfGFl9pwYATIii+ezIJlPxvksnfz/ztpFVnhX/3jgOv4mmgIl6rrjfyTN/nxh++ejPedfubw5+nyHzy8l4PVfyFvY7jmQYxqjvbxiGHCdfrcmjxi06cOh9feD778BX/knLCvAkPnfu7LhuHwAm0sS/x8W/0DRLP09+n//g1UX62yn+5Xbiz8/kNTHHtlZNz/if5216olFDv+c8c4dqM23iNz8k1MekUBTvbymvvQNbG/XkXZO3kxMASl1xfHY0as2O/zrid7G39z1XmPYgrYl6rly3+m5J0r98mO67xEG173D/9eS+g0MXd76qX7dJWrdG1+Wwz67d39SyTW26P/57euO1uTV6ihuv5woT9I5C7e0/1QeHdun+Hc30WgFASepS6/pGPdB2t35x6H39xZdTFtfdoacPfSenLzrAZHLdxvf1waGfqqlu8DZ+OALjp/b2R/REo7T3168W5ApiAEApWqx/1dimB/7+YOZVOn+pv93RqPvXNaYsuFZ/MdLADpS2L6/R/crwXaLz9/oXNWpNo6QPfj90+cdHtVfSmsVzc9hhl/75122S7lZD6u9pTCjC/lG7Vn/x87ulHc1ccgsAJaZr9/f1QJt0/88J9AEARaTtqD6e6DYAAIrUIjV8pVHasTfjFchv//1m7W38YzUsLmjDUBTmal6jpLZ/0j+nXP3R9do/aa8W6ytfaUy73B3U06ivLKcraDIoybD/3Llz+vjjj0ZcL5t1xuTLd+uJRunJnxamhn/x89WAS9SIo/4ogGLjjUBo3KI7cxqBkKbOcqaru3zvgSPXLhxaS50yDtka+dgN1pNPXZdyNMNJqsPvPZ//dIcktemBm7N8nsbn6+GYA1k4qY/SXj4/8mdP9u9zvu/qqa/PTDWcR3od++blGqzZy2sdAMbL5bf/J92v5/S3ab+HuaVa7v/mHbo8zbL0Nfv5jjx51OqPvtIoqU0fJY0c8H7/rlujpuV/rDVq069f60pa/vEHkhr/WH+UuKp3+O8f7md+ox5ok6Tn9Kfkf0WlJMP+gYF+dXV1DRvmv/deRwHqZNXq8ivECJxUbZu17KeLEnVIh5THAICJFK9HeMWXsr+E9Tc/1BVLm/UvW9t8Nc+9cm4ptf27dn9TV9z1nNb41129V1fcla4EykH9eGmjHpCvdvPP79beTY0E/iPK5di16YGbG/XRN/316tv0wM38mMnKl7+jDw69r1+sk6RGPfGqexyfvn2YV9Bvfqgrbt4s+V4Hv1jHMQfS61Lr+mY9qbv1i6Ratwf146V71eCfV8O7snhM73Ntm7Xs5qP6j4l5arZoTdtmLUsNgHJ5He9o1rIj/8lbL7kEGAAgn65Vw7r0pVq6dv9XPZlTSRXv+7RX2tR9D39E2hwPcVFqapf/sdYotS6/O6BgzeK5Ut2X9K8k7T1ycnDxkN/HI3//cMube3OAafD5Q/5XHEoy7K+tna3LL788Y+D/3nsdkqSrrqovUIuO6OMx/HAdGOgf1/ULr1FPbKEOHABX0b3H5VqPsPOXuveu56R1u1LCzWv1F69u0Ro9pz+Nj3Lo/KX+86a2oet++Ts6sDW1bqb09jYv3PHXzvzyd/SLddLeTd8vSChadOcnS7keuzVb23xfPmvV9M27pSGjWvKrVI/t2B3Uj9O8Zq7buEv3q00PbOaKSBRGUb8G2zZrWWK0XGOG0nLX6i9S54/xrixOF/Jk/z7XqCde9W237g79x3VKuaw/19dxakcFAJSmov7s8Fy3+m6pbbOeTxpFfVDPb2rLaYJV9/t0ymeCatX0zC7dn88GT1JF+Vzxwvykuvy/2asnEyV63M6ipFJQ3u/j+1df692Q2/cPjKzQz5WSDPulzIF/4YP+sRsYCOvtt3+b1cns6jqlI0d+X4BWjUHSpT8AprpSf49z6xv6v/z41N2srzQq8WVpuHVrv5hSOLPzl/rbHdKarXcP+UJ++eJ0l1+Oj5I8PzkfuzT1Jy9fpDVKGdWSZyV5bPPAHVXWqCf+7NqUJfE6olwRicIo6tdgo++qJG/E3JN3DVNOx22lN7m80ryOcnifS/NdPfW9M+fXcQ7hEgAUs6L+7IiLl5T2j972At2h79uZuCV/0uc33ns9hlWczxUvzPd14Lv1+Bfrcu88u5/5g4OW3eXDXREy3PcPZKPQz5XAmO49wWprZ0uSPv7YfarFy/YUPugffNGMRlVVlWpra/Xee+/puuv+MON67lwFHw+7DgAUm6J7j/PCj2x9fKRNUqPmDS18qcFyblmsm7pfbwSFNjXqik05NCjPiu78ZKNIjt1ISvLY5oH7OpAeuPlKPTDBbcHUVlKvwS9/Rwe2HtGyTZv1/G/uSIzQf3tbfL6MwuJ1DGCqKo3PDq82+6b/qtY/+6ma6rrU+tPnpMYt2Q+87Py9/kXKUNo0+TcO0ivW58p1q++WdjynX7/Wpabb5dbj93XKu6V+Nicvb1yUNM/DRH3/mKwK/Vwp6bBfGgz8jxz5vaqqqgoc9Hs9oXkYyXL55fMkSW+//du0J/XcuXM6cuT3kyYIADC1FNV7nHdp45O/flVdt098ybE1W9uGr31eAEV1fnJQDMduJKV6bMeuUU+8St1uTLxSeg3WepPm/cuHXdKXa9W1+5uJH9r+97vC/QDndQxgaiqFz454YPvA3x9U05/9Xr9uk+7/+cT/tplqivK58uU1ul/P6ckjJ6VO97mx5iu+Erbe1ekP+JdvvTnx3Jn47x+TUyGfKyVbxsevtna2rrvuDws+ot+9vDVDaYdRuPzyeaqtrdXbb/826fb4CV+8+Et52U92Rp58uOvDI8o82hUAkhXPe9zQSxuHM3xJna6kkRDDrhsfjZ7Y8PiXkclF8ZyfLBTZsRtJSR3bPChkGSogG6X5GuzSP/+6TfFJ7wrdscnrGMBUV/SfHfH5Vnbs1Y//frP25jQxr9LXdk/wfuMgK8X3XPHKMO3Y
|
|||
|
|
端口扫描仅开放80、443</p>
|
|||
|
|
<p><a id=img1 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513082916-d4afcf5e-10bf-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAaoAAACBCAYAAACRk/63AAAn1ElEQVR4nO3dd3gc1b3/8fc5M7NVXbZsyU22Mca9YMDghBZK6BAIIQm5SQgkhPsLJCEJJdzcFG7qvalcaghpJISE0A0YTOjV2Bj3intV12rrzDm/P1ay5XZpsr0rfV/Po+eRZ1ezs96z8zltzihrrfV9H9/3sdailMJaiygOSilyuRyO46CUOtiHI8QHopTC930AHMc5yEcjDhRr7Y78cV2XUCi0y+Ou7/tyoitiSimCIMBxHLTWB/twhPhAlFIYY3acsETfYowhl8thrSUcDu/YrrPZLK7rSkgJIYQ4qLTWeJ5HEATkcrnu26UWLoQQojAopXb0FHUNQ2npBxZCCFFIHMfZNaiky08IIUQh2hFUMsNPCCFEIdFa75gJCCADVEIIIQpO994+CSohhBAFTYJKCCFEQZOgEkIIUdAkqIQQQhQ0CSohhBAFTYJKCCFEQZOgEkIIUdAkqIQQQhS0IltHX+F5ux6yCXwC07m6htJ4rtP9QXKByT/keLi7xLLFz/loz9trWhs/RyCLdhQUZ/fPqtvn23M0nrfr+peBn8MUQFnoev9+LkcBHI7Yxd7OTTl6vHi+D72h3BRPUCmN47cy6y+/5o+z38ZzXWrHHMeFF57DxKElWBTZppXM+sc/uP+1lYRqDuP0Cy7ilKlD8axhy/z7uOV397OmzSUUKWPCyRdx6dnTWP3knfz4D88RDns4GkyQxQ+O4qqffI5JNWGMpFUBUDhOloV/vIXfznqdVidEyYDRnPGZz3Dy2AEoE/TIF1Apjcls5t7/+S6PLjVoFWPEMSdz0bmncUiVxn/XaaXQjsIaQ4+sUKYUjs6x4L7bmd0yks9ffAplTlAQ4SkANI7TxKzv/Df3rtuCb2PUTZzBhZ86n4k13s6K9DtS6PxJqMc+W0fD4kdv5f7VI7niyx+hkqAoK+DF0/WnFNqmWPLqXLa5YzjrY2fRb/NDXPef/83iJrDb3uK/rvoqt7+S5sNnnMURtS3c9h9f4Zczl4PWJDfNZ/aqBNNOO5czZtTz4q038N1/LKDfsImcd/7HOLY+4OU5CSae+jHOO3cS/WMaWwC1IQGg0Dpg6xsv8q9kf876+NlMLF3CD6/8MS9uy6K1xnE9PK/zx8kXa6Wdndt2tJIUrrfzubr7msxKQa6ZN+a+RqZ+Ouef/2EyL9zGDTf+iXUZt9u+PDxH7bEv11Eo5eIGa7njxp/xyKoMnucB7Hp83Zr2Su3lGJXe5bUcrdHasG3J67w0dxUZq5GlpAuJQukkS599hqX9pnLhBSdSueFRrvvGTSzrcHYtN55mj3KjFSgXTzVw/6/+g7vf7NjROtOOt5cyDOyj3Li7lBuFUtCwcg7PvLqaNMVbboqnRdVJ6xIOnfRhzjpzBmpKlCVX/4bX3t7E9ld+zWvhk7jlV19nZAnAmRw14DtcetvvOO3EH1HmuEQGjOeUs87lsHiO0nmv8L35y6m66JNccChsKVvKXS+085EzzmV8PMD3DbJgb2HRrkvZ+OO54Myz8Ue08+DLLxNkDcpm2bjsLebNXUkyNojDj5nGiH4xTKqZuS89z5LNPoOnTmf6mFrCOmDDwhd49a31xA85nA9PHklEm501WAs6VsO4o0/lzFOHccyANFdd+y9WNpxDZu1CttcMRC1bR8nk6UwYEmXzopd5ZcHb5CqGcsyRRzGkrIkX//43/nnPAwx0K6i78DymjRxAy7o3eW3OEpqdaiYfcRSH1pViA9B+G2+9/AKL1icZMOEYPjR2ECG/lSVvvMaClY3Eho7lmCMmUBVROF6IcMgt2pNNb6cjcQZN/QinnzWe0w6vYuVFN7J47WVE0/NpLK0hu2otZsjhHD2xko0LX2bOkpUEsXqmfWgGw+IJXp/9MHf/4SEi2+qp5ySOnDac7OalvPLaAjb5UcZNmcGUEeX4vsIxzbz57Ess3dhB7aRjmD56EB5p1r05h1cXr8cZMIoZR0xhYJlCuyEi4eIuN0UXVPnai8YDNixbRouqYUhpmvlLVjH29GsZXpIfe7KOx9hjTqbq1p+waF2OGVpBtoUNa9cSMct5fLPmpAvG4GDxrSIwBqwlCMAGpmj7cnsz5bikZt/J15LP4GTTnPzFSzhmaAx/y2Jefe01NmxNsuK1e7j35XP55bcvYPlfb+D3c0oZV1/GkoYoh48fwMYn7+CnDy5n2KBq1j3xNKvPvZJLzx6Pxt/1tbQDGFYtWUGmsp6B5W08cOVXeHjSx7h0xmQmGJ+Fj9/J7X9bSOmoGhJrH+GpWW9y9TXn0t7UTMb6JLZtJJnOse2Nh/jlLfdjhozEbX6C+x9+hsuvv5YThyW45+ff56E1YUbVlbMy2Y/ph0V5/tZfcM/yDoYOKGPdzPt44o0v8MMrj0fuyFP4VOf9/dYuXsQmNZah/RM8efX3+EP7BC4++1gOrc2wdPb/8pO/raJ+aBkd6x/n3llL+P4NHyfR2kI6CLANW2hqz9G2+jluuvFuOgYPIpTdzMy/zuQT3/0h545s456f/pDHNkUZVhNmtR3I1BHVzH3wVv48aw0VI6tpfuIhnn72NK791sW7jc0XpyILKk0o2sITv7uWs2aVkg5cjv/cDXxoqOX5FpdIZQkaS9D1dDeM0m3kcha0h1oxi/+4fAHRkgF89AvXcvk5k1AmH2qiCFiL06+O0ePGY7cu5sX77+OViWM4btAwTjjz00TiMTY9o7n89hdYvPVE1i5+nfSQG7jkq6cSzkG0cSG33fEsZad/lcvPH8vye6/jmzMf4KSTxjIyqvKVE+0RTa7j3u9dymu/1mSD/nzymh9wWHnAw+FS6qaeyMWXHYeTeIvrbvoHFZf8iu+eP45g0+tc/+83cs+/TuGGL5zPA/csYcyl13D8+BS3XfUrNo29hpuvPoWSxBp+/q1v8Jf7X6d++tvc/rTimjt+xKnDQyQTORIL7uGW59bw8e/8nE9MqqFlzh+58Jt38/xZRxCXpCpgmpDJ8NYv/p1z/hInkYly8lU/ZvIAh3lumMox0/m3S88n1jqHKz79KIdcdjPfPucQcs1zuOHzX+fmV07lV+efzXO/e5T4xVdw7nERHvz6tbw54EL+8J1PUEmCf37vEu665RlGfmIZdy2Aa37+fU4YEqEj6WO2vcqf//A0I6/+DV87aTgdy2fxtat+y8OvHM8kr7hbU1B0QWXxsyVMPvE8rvz0DIYPG0xNRRzPNDNikOKpN5aQPbGOkKtAQWLTMhLBFIYN8LAbs9gx53HLT75J8z9+yq2PzWbT8ZMYXal2BpsoaNYEeGNP4JLPX0iI9QTnXMwTb6xnejzDsw8/zaINLWxf/S82psagvP585ls3kfjvm7j8or8y49If8IVJm9nasoiVf/slX34MbOBTc9h0Itpgu77K1icb6ceMiy7n0hPHM6RuMNWlEbS/HBMOUz58MA7Q0bCRhrYQJ008FAdwBtQzbFCcZQ1NpDMBBjC5AEwTq9/OUXv2eEoASuoYOayMFxs3sm7Fm6jSI5g6PAbGEitx2bx+I9tjQxg/ogaAihHjKHd/z9bmLCOL/WzTq1l87TH07C/w3bOmMKBuGDVVcdxgAxYYPmoEESCzdQNrWgdw2oRhaCBcOYoxw+CZ7U3gh8gZSxBYoJl1bzdzyEUTqXQVUMqY8cNJz1zLivkb6Bg8hWlDS8FaSuIejcs30JYrZcLY4SigZMhIBvVz2NrUTlBEUxH2pcjegcUEDjVDDuOIqWOorYiCCbBuJcedeg4tM3/G//z5edZu38by1x/k+z/7G4M/ehqT++v8NFGlcWPVnHDJl5nGi/zoz8+R1E7R1zb6FGswNsfm+a8yvz3O8CFRFt53B3c8to3zvnY9Xzr3FGpUjmy2ne2pQVz1iz/z3Y/34+7f/J1tlaM5rPZwjjnvS9x+z73cddtPuPGS
|
|||
|
|
无奈,只能搜一搜有没有历史洞,但是搜到的并非同一厂商的平台。</p>
|
|||
|
|
<p><a id=img2 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083028-ffa68d7e-10bf-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAp0AAAEwCAYAAAD1v8qTAAA58ElEQVR4nO3daYwk533f8X9d3T07s3PtyaWoFXXEckQfkATEMMFdKRgYdhDEAIMAlgBFPiIgUN7kRQISoLkLLk2AQoAgb2wEpOSQIiAptrUmAQOJjEEikpAgAxIDJ3Rsx7IkitLeO9fO7sx0d9WTF9PVW1PzVNXzVHdNd/V8P8Bip6vreKq6jl8/z1PVjlJKCQAAAFAhd9QFAAAAwOQjdAIAAKByhE4AAABUjtAJAACAyhE6AQAAUDlCJwAAACpH6AQAAEDl/Kw3nnzySXn++edzJ84ax3R43jKefPLJ3GWLSGH5ijxy4V15+9JDhcMfufCu8Tx18xvUQWyLouXnfU5VLhsAAEyGfugsCg+6959//nmrIJmmmz79fnKeyXFNgliRty89pA2Y6eBoEkyrkFzfos8mPX7R9om3Z9Z7AAAAw+Qkf5EoHVp0f8evTWXNo0iVtXuD1lwOEjir2A4i+QG9qAy6cfP2BdOyAAAAxPY0rxfVOBaNZ8KkBk63jGE245YJkumgqguuJkG0KBAOY/yk9PYedBtW+bkAAIDJtad5PS0vsOjGz6o9S45rElCygqnJMk2XoQuN6WEmzex588tiGyRFzMO66fC8+Zv05S07LQAAOJz6odM2aKSn0fUrTI6XnL6oOdfm5qRBDCtElmESPPO2SdE2TA5LLzdvGtvmc2o6AQCAicy7100M42Yem/kX1ajZhp9BguVB3EikC+tJ6e2RFWSz+mOa9P/MWl7RcIIoAABI2hM6bUPkIDcXmQadrFrPYRhlTafN+uvC9iDdF9Ljmn4eWbWk1HYCAIAiRjcSiZj1+SxrWKHFpk+nSPXBMssg65v3VIG8aYrYhkee3QkAAGwM1LxetqazjFH36dQ9yzMe5+1LDxk3tQ96A1FyWpO+r2VDpM0XkGRgJXACAACd3LvXy7B9tM8wQ0rVfTqTITP5f3p4HtvAmXcT1iAP5tctx2Q8kb1N/vG0BE4AAJBnoLvXs96zGTc9LO/mGd3fg4Qc05rOolCZDJ/DvLlIF+TSfw/6OKqiZvJ0efKmTZaH8AkAAJL2/CIRAAAAUAV31AUAAADA5CN0AgAAoHKETgAAAFSO0AkAAIDKEToBAABQOUInAAAAKkfoBAAAQOUInQAAAKgcoRMAAACVI3QCAACgcoROAAAAVI7QCQAAgMoROgEAAFA5X0TkkQvvjrocAAAAqLG3Lz2U+z41nQAAAKgcoRMAAACV80VE/tO5v5WlpaVRlwUAAAA1tLy8LCI0rwMAAGDECJ0AAACoHKETAAAAlSN0AgAAoHKETgAAAFSO0AkAAIDKEToBAABQOUInAAAAKkfoBAAAQOUInQAAAKgcoRMAAACVI3QCAACgcoROAAAAVI7QCQAAgMoROgEAAFA5QicAAAAqR+gEAABA5QidAAAAqByhEwAAAJUjdAIAAKByhE4AAABUjtAJAACAyvmjLkCVnnjiiVEXASP0hS98YdRFqAWOk8ON48QMx8nhxnEyHBMbOp944gl2kkOOfaAY2wjsA8XYRmAfGI5SofPjH/+4fPe73zUeHr+XJWsaYNzo9vG8/d5mXsnXHC8YJ4Ps92WPj6zpOU6A+hq4pjN90Cdfpw/6rKBaJcdxRCllPDzv/bxpHMcREcmd5yDzN5m+6D2T8uuYlqluTPa9sheu9LxN5vPd7363f0Et8+UNGLWs/VM3PN7f08OKcJwA9WUdOnXfWkcRJk0ppfphKx2s0q9NQmhWcIuH2QRHXRmSr3VlTs47PW6Z+WfNO2v6SZKsLcmqSSmSN65JbUzWNMC4yKtZTFcy2LaAxdPp5p2H4wSop9I1naZNHOlpRiEOU+nAVhSydEEzL3iavJ98Lz2ebjrduLrpTOaRtZ4oltx3433fNqzq9v/0caSr/YlxocVB0+2fuvfS0xQN4zgBDqeh9Ok0bRKxXUaZ6YqkA1osK1TqakmLgmWe5LySy0iXKW/epuFZN/88BNFsyZCZDqBJJjWfZcfVqeo4AWJl9rG8cFpU+cBxAkwu69Cp+4aZ941z1E0m6RBX1Ayert3U1ZLqXmdNr6MLsSZlSq9T1jqmxzcJx5Pab7NKRbU849LFBChL15ql+3vQG4UAHA5D69OZbnLUnYxs+soNK4AmA55pn86s8U1qGItk1bTqhumCZl6NbHJ41jyTdOPmmaRgWvTFKe+GuKxp0uNmXbBN7/g1Qc0NqlamZcu0YiI5P44TYPIN1Lxu8w110MdmDENWDWS6z2ZyWLp5vWzYTJYhPZ+8vp1ZYTIvSOtqZbPWZxhBuo6Kmv9Mm/hsmg3j8U2OBdNmQ6BK8X6XrEQw/bKVnC49vAjHCTCZSjWvJ//++Mc/vu/EZPPYDN18k+NW2eRuOp7N+CY3HBXVcCZl1UZm1XQmy2FTi3mYAmcZphfBg0ZfNVTJpC9l3vle1wo2ChwnwHgYyt3rec3rMdu7Faukq+nU/Z33uKWykvPT1bCmy5A3H9246b6c8XLypjFZ7qQGUtsuH7aPU8qaT9lpgVGwDW1F3bB0807jOAEmT6k+nSLVf2Oscv4m4aqo76VunnnN2un5p/8uWoYuXObdoZ5V65oVooueUQr9o5Js+6qZKHuXMDBsWef7sneJ6/r7c5wAh8dAzeu64TZ9PQ+yySOrVjF+L09WH0jdvLOmLaopLAqgprWtJo9cwq5hPATepP/aMPqdUaODUbBtXrd9fB7HCXC4DPwzmEUXYttpq2L6iz0mih7Grlu2aZ/JrMCpm4+uljMv/CbnYWLSA6zps//Sw9I1NEXzG2S5tvMGqma735fddzlOgMkzcOisg7xnVpqEtLx5mAayvOXazE/3vumD5E2XYTseAABAEXfUBQAAAMDkc5RSanl5WZaWlkZdlqF74oknRl0EjNAXvvCFURehFjhODjeOEzMcJ4cbx0kxkyw50aETAAAA1TPJkjSvAwAAoHKETgAAAFSO0AkAAIDKEToBAABQOUInAAAAKkfoBAAAQOUInQAAAKgcoRMAAACVI3QCAACgcoROAAAAVI7QCQAAgMoROgEAAFA5QicAAAAqR+gEAABA5fxRFwAAAMDEtWvX5PLly/LOO+9UupyzZ8/K448/LqdPn7ae9qDKWLVBtkEWQicAAKiFy5cvy4c//GH59Kc/Xely3nrrLbl8+bJ8/vOft572oMpYtUG2QRaa1wEAQC2888478tGPfrTy5Xz0ox8tXVN5UGWs2iDbIAuhEwAA1NLCwsKev9P/TKY7SCbLtS2bbnzTeRz0dqB5HQAATITV1dX+33mBanV1VRYWFvaMP2xZy9cN15Uja/q8MqfXKZ5HPMwkoFa5TQidAABgItgEvazhwwpdZeaTDI26YFxUe5teZjyPrDJVHbzTCJ0AAKBW0s3qsayAdpDBKq2oxjU5XrJGsqjMum2QF1JHEbzTCJ0AAKBWdOGsqB9nTBfMqg6lps3n6ebw9HvJ4eltYFvTmbXeVfbzJHQCAIDaMwmOecFsFP070+UoGjcvlKanzeurmRe86dMJAACgkazp0ymqEcyrKRwGm3nmlaHoZiDT2ttkU3yZMg6C0AkAAGpFF5iK+kPqbtCpsobPppk6GZp1d5wXNYPrQndWqMya70F0MyB0AgCAWtHV+qX7dybH000/qr6caTZl1YXk5PS6dcprcte9pnkdAADAkMmd3wcVPOPlpZn0y8x7fJJOerysm4+Sy+KRSQAAAEOWrlVMNksfZK2nyZ3rulpcm+CZXmZ6XqbDh4nQCQAAaicrlKXfKwphpk3ywyyvbpjJMzt1NZl588rrH6q7u53mdQAAgBRds3HRnd+m8xuGvGZtm+G6RzyZLsN02qLyDItb6dwBAACG5OzZs/LWW29Vvpy33npLzp49W2ragypj1QbZBlmo6QQAALXw+OOPy+XLl+Ub3
|
|||
|
|
<p><a id=img3 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083028-ffac8666-10bf-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA7wAAAOGCAYAAADPopz8AACYjklEQVR4nOz9e5Rc533eez7v3ruqqy8AunFrACQBSZBAkbpYFBgMI9OUxdgRxxJpy3bGQSZZCTXjke0kjpZnJSNNkslkHWfZxznjQ9tJJB3PiJ61ZoyTsSXFpOlD5tiURdOSjBAWdTEpwQIlgCSIxqW7gb7Ube/3nT+qqlF971+jq6t69/ezFhfR1b/a/dauvXfVs993v9uVy+UgAAAAAAByJup2AwAAAAAA6AQCLwAAAAAglwi8AAAAAIBcIvACAAAAAHKJwAsAAAAAyCUCL7acEIJCYHJxAAAAACsj8GJLIegCAAAAWCsCL7YMwi4AAMDyLtdvdLsJQM9Jut2APKtUKqpWq/LeE9Zu0cjIyKLHxsfHu9ASAACwUd7y3X/Z7SbkykBU1NuK+/Xh4ffoHx78Ie0v7Ox2k4Cuc+VymSS2wbIs0/T0tKRGUCsWi11u0dZWLpeXfLy/v3+TWwIAADZS6blHu92E3PrhoTv1Tw7+iH5k5J3dbgrQVfTwdsD09LT6+vo0PDzc7aZsecuFXQAAACzvT6e/I70hvXvoMD292Na4hneDVSoVJUlC2N0g/f39y/4HAACA5f3p9Hf0/37jz7rdDKCrCLwbrFqtEsYAAADQE56cfLHbTQC6isC7wbz36uvr63YzAAAAAH23drnbTQC6isC7wUIIiuO4280AAAAANOtr3W4C0FUEXgAAAABALuV2lubo05+We/ll+QceUPipn+p2cwAAAAAAmyyXPbzuc5+Te+456coVRZ/7nHTlSrebBAAAAADYZPkMvARcAAAAANj28hl4X3557t/hgQekffu62BoAAAAAQDfk8xreth5ez/W7AAAAZrOzs3rttdfU39+vgYEB7dmzp9tNAgCz3AVe99JLc/+mdxcAAMDm7Nmz+s53vrPo8YGBAd1xxx06duxYF1oFAOuzNYc0r/Ea3fDAAx1uCAAAQD7Mzs7qy1/+8pJht/X773znO/qTP/kTzc7ObnLrOuVRvfjAv9On2x869u9UeeDf6el3/0ddevdDa17Sx431ADbHluvhdZ/7XGPm5X37FPbtU7jrLumuuxTuvluSFPbtawxjbntskStXGhNbNa/1dS+/LO3d23het3uEL35eH73n5/WU4Smf/KMx/Y30hSV/V5u6bPrz18umcvWVCqb6S999efWiNsOH3myq37F7ZO7fP/JD90t6QY+Nfki/suYlfFJPjX1c9y71qzOPafTTh/XN3/5J7V/u6Wce0+iPqbGMNb2Xn2yrvaBfGPu47l1jmz/5R2P6+PHVXxEAAGvx4osv6tq1a6vWzc7O6itf+Yr+1t/6W5vQqs30qF584AG9XRf1O8/9mXTvw3pP7d168YGf0dslSRf1O8/9S/3cXN1SfkaVB35mwWOt5wHohi0XeKPPfa7xj2ZobQ1h9j/1U4377e7bN/++u1euyD333NxEVu1DnheKX35Z2W/8RsfaviaHflKfHfvJJX7RCEFaIuT8+V8sHXYhSffq42Nj+viCRy9/4aN61/d+QWO/tGS0XeTyFz6qd/3cu/XU2M2w+8Kvj+r59y94P45/XGNf+7w+OvpRffiPPiw98qkVAvILemz0+cY/D/2kfvXTH9W7Rh/TU2P3a8Xgrcv6/M++SxfW1HIAAFZ39uzZNYXdltnZWZ09e3ZLD2/+9L2P6x8NNP799gce109MvqxLbeH047WHJX1D73nu19QIw29tPvNxvee5xxct7+Pv/o/6hJ7UgW88vUmvAMBabLnAG+6+e8XQulD8z/7Z2hfO7YzyaV7v6XJe0GOj/0mHv/ZZ/eSh9scb4fLn73pKY2Pzn33vL41Jvz6qx7Qg9LZOWlz8vP7wiZ/Xu574+RUa98m5HuD9H/msvqmP6hNfOKx3G18iAAC3YuEw5ve85z0ql8tzj+/Zs0fvec979Cd/8idzNa+++uqWDrw/98Kjzd7at+qrcz23d+kfPfC4/pEu6k8nJemgnn7f4/rhRJIu6qtSY8jzgUPLLHWpHl7p25ce1XvOduiFAFjRlruG13/sY43/fuqn5v6d/e7vzu/VbblyZe2zNO/bJ/+xj21sY2/B5S98VB/9wurDkendXYNDP6nP/pH0odGP6vMXl/j9xc/ro6Mfkv5oQdg985hGRz8h/duxtp7gy/r8z45qdLTx34f+e+lXfmxUj51p+92vt70nj3xK3xwb09iy/zVC+Au/3ljG/o98Vp/9yOG2vz+6+L9ff74TawkAsE0t1bN77do13X777brzzju1Z88eve9979OLL744r2Z2dtbUK7w1XNTvPPeoSs/9SzX6ad/QQ19+VKXnntO328vSl/WJ5x5V6blHVbp0cd7PvzPb/vv/rD9Nu/E6ALRsuR5e7dun8P73r732p35K2TJheGEtcuz4xzX2R49p9N98Xvf/dvuQ8Rf02D1/qA9/bWxx2P2xxlW0P3/PqG720X5In/ramMZ+e/7iX2j19P72mO7/wkc1+rMf1jf/raRVe3jVHPb8lDQ6qo9++pv67Efa2jz28SWecFmf/9m1vWwAAFaz1ARUr776qiTp2LFjOnbsmL785S8vGW5nZ2fzcbuiY/9Ol0rXdUmHmj28Le09ts0e3jnt1/Ie0q8+8Lh+VZJmn1Ppy4uHPAPojq0XeJfhvvQluZdflv+5xpQA7qWX5J57bvmJqLZowP2VHxudP5nRgmtE6fG9afTXX5h/je7xj88F1Zt95/fq42OfXfzkZcPm0u79u5/Sf/o3n9fl3/5J7f/IZzX2EUkXP7/4Gt4VJr76+NhTemz0E/r8/+YX5h574dcbvcg3fVJPjf29NbcLAIDVDAwMLPn47OysBgYGNDs7q7179+awN1f69L2NwPr2nc+p9ML8kLrsNbln/6VKzeHJjzWv5f30vY/rHxVf1ie+/Gt6TA/p6fc9rgNXH9V7zj6th77MNb1AN+Ui8LqXXlL0mc80fmgF3JdflnvuOcUvvyz/sY8tP2PzFsPMvGs39kv3LhEY2z2l0aV+9395qhmUm9fvPrHaX2pMMPXZVphuTYj1/gt6Sof14V8f1c8v+Dvtvb4339NW+H5Bj7Uvfe73bZNcAQCwQfr7+xc91hrG/OUvf1kDAwNz1+ouvNZ3K/fufvrex3Xfjef07YG36qsvPC7d9i906ehdGp5XdbOHd3LyPy8Kvx9/93/Urw4P6NuXHp0LwdLTeujLB/XiA4+rcoAZmoFuy0fg/fznFz0WHnhA+tznpCtXFH3mM7kKvXl1/cTf1eFPf0L6t5/V9T/4zQ1Z5r2/NKaxX1r8+Npnaf6QPrVoIqs2zQmx2l343lP65Ps/K+l56a7DOizpk5/+lL7xR9Kv/twFvevTh/Wpu35eF94/pvu/NKrn25f1b6Rf/e3DptcIAMBGu/POO+eGMbd6dpcKt8v1Dm8FP/fCo5Ie1YsHmg+8/ms68PqjevGBe3Xp3D/WQ683H7/tX+jS0SN68Vp72H1IT7/vZ5qTWUlvP/C4Kge0hEP6R+/7F/r2l39t3slsAJtny01atZB76aX5sza3hiq37scrzYVeZmHubbtO/8+6/t73bFjY7Y4X9Px//yEdPihdvvANfejNzfB6+Cf1qz/2h/rdLzV+vP+XvqnDn35M7f21l//iD/XUXYcXDXX+lR9rTVhluZ8wAABrMzAwoDvvvHPeYwuv2X311VcXTVq18Dn58Lje89wLOnD0cb14rNGDWzl6RC+2B2BJjV7cxgRVk5P/edHkVb8zq8a1vM89qhJhF+iqrR94n3tu7t/hgQfm/S488MDNXt0rVxT/8i8TetFZZ57XrzzyYd1/6LKe/6On9O7Dzfh64fP6xPd+QR9/vyRd0O/+7Cekf/tx3T/3xEb9J9+/uMf5k3+0eFZnAAA20u23324anrxnz54tfUuilb2hS2mj1
|
|||
|
|
只能看看扫目录能不能找到些有用的东西</p>
|
|||
|
|
<p><a id=img4 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083051-0d6314dc-10c0-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA8EAAALlCAYAAADkAuSUAAEAAElEQVR4nOzdd5wcZ3348c8zZev1JukknaRT78WSLdlylXvHuNBMMd0QCBAghB8BQgKEACGBmGrTjAEXbIx7L7J67/0kXe9l+7Tn98fsrXTSSbqVJRf0vPO6GO3O7j4zOzvzfJ/yfcSUGQskiqIoiqIoiqIoinIGMN7sAiiK8vdv1PDiQR/3vPza4FzXy2v7gkggr+3jKSuv7QOGftzn61t683o/RVEURVEU5fRTQbByUkYOKwLyD2Ii4fyCEk0TeW2fStl5bS9lngMh8isOIs8X2K6b1/ahQH4/4Xx3N2M7eW1vniAoVBRFURRFUZQ3mwqCTyAaCea1fSiQXxAQDpl5bZ+3PIMeme8LFEVRFEVRFEVR3kbekCBYeh7S8xC6jhD59Yx5jpPrvgpVVhz9fCa/4Ytm3kGeCgoVRXnjeK6dveYJNMMg7+EHb1dS4nmuf6/QBEIz8r5fKIqiKIqiDMUxg2DXttANE8/zh2dqmg7Hq5BIiee6SNfz62wSNF1HSo+KebMZvmgBB59+gb69ddmK3QlIiRYIECgZfC6hoijK3xvpusy68bMUjZiAnepj40M/JJPoQQgN6Tp4nosQAqGbuQDRcx2kd/gweoGmGwhNO/HnSQ/PyU4hEALtsPeVnucH5P3vqulo+tDbTf3XOwjhl+fw+4eUHtL1h9oL3UB6HoVVYxh33o2Uj51F5/7N7F/xKH3N+/L6TEVRFEVRlKEYtHZhp+Oc+9EfsPEv/83IORdhBKMcXPUE6b7OQStW0vMwImHGXX0ZVfPn4jkOmmnS9NJS9t7/CKnWduoeeQKAaPWI4xbItfLr2VUURfl7IZGY4UK69m9h/8q/YSVjCKFhpxOMXXgdI+cswU72svO535Nor8dzHcaddyPVMy9CD4QRmoYV72bfaw/RumMVunns6RyunaF45ETm3fYVPNch0dnEtid/QbqnHc0wKB0znWlXfQwAz8lQv/YZ6tc+jdBOPOXDcx3Kx85k/AW3kI51seflP5HqbkVoOp7rUDyilnHnvRPdDLB36UP0HNxGsruFbY//nJoFV1M2Zno2+FUjcRRFURRFOfUGBMHSc3EyKUbPvwInHcdK9FBRO5edz/6GZHcrujH4/FUnlWbMtVcQGVbFzt/9ifiBBspmTAVA6CfujVAURfl7FE9amIZGMK8EZhLXTmMnekF6uI7FzOs/TdnYmWRindkeWR2Jn9gtECkm1rqfxo0vkOppAwROOoFu+EnoDvXoSr+ntz8QHTmRyUtup23nSurXPUvt4ncy8cJ3sf7+7xItHMWki95N14HN1L32MCPnXMKYs6+ht2kPsdb9AHiOjec5aJqBdsS9wbXSDJt6DsGCUpxMckDg7FppysbOoLCqhnSsM9fTKz0XO5PETsX94eAq/lUURVEU5TTJRahSegybspDFn/xfxp9/C4UjxrPwju8SLh3G7Hd+gQkX3oYZKUTKgUuUeI5D8cRaSiZPpGfXHjrWb8aOx2lft5GOjZvRzPyyASuKovy9WPbHO/nYredg2fll/QYBwr8860aAfa/9hdW//zqxtgNHTxEWAjudINHZRKz1AMnuFhw7A0LgOTYloycz/33fYMH7v0V57Ww8x0J6LoFwIWakiMaNL9HXvI/6NU9TMnoKlZMWIIQgWFhG44YXSXa3cmDlY0jPo2jYWP8zpWTSpbdz/qf+jwkXvSsbBPtRq+c6jJq7BKGbpONdA4ZUe45N1ZRzCJVUke7rwLUzA+f9Ck3NA1YURVEU5bTLdU8IodF1YCt9LXVMu+qjtO1aTaiognDpMBrXP0es/aDfoi8G9uxquk6ivpFUewfDFi6gd3cdXVu2ots2wlCJTRRFOXM98txW3nv9XH5872sEzJNcPkoIMvFuXCvtz7EdEAVLkJJhUxdSMWEueB4NG16gYcNzuFYaTTeItx1kx9P3gAAr0YvQDIxAkIKqGqxEL10HtoLnke7rwEr0ECkbTqKjATuTpLRmGl11mygft5hAQTEtO1bkylS/5imaN7+CnU7guQ790bmTTjDmnGvZ8fQ9jJp3KUaoIFdaO52geuaFdNZtIhPrpmzMtJM7JoqiKIqiKK/DgDF6TjpBqqeVYFEZ7XvWUTP/cuxUjHh7PZlY9+AJSoQAIdh7/8OMve5Kpn7kdtxMhlRrGw3Pv0Lnxi1v1L4oiqK8pTy3fDe3XDmLyeMqaWzty3vd635CaNm/gY/rgRAHVz9J85aleJ7D8KmLGDnnYuxkH/Vrn8YIRXGtNMlMU+59QGKGokRKhyE0jeqZFzD2nOvo2LcB184QLCgjE+tmwwP/yZTLP8SIO3+Ma6VZ9vPPY6fiuftAOtYFfZ0gRK5x1MmkmLTkfSS7W0l0NvuZnoVAILDTScYuvA5N1+lr3kcgUsgZk/laURRFUZS3lAFRrZ1JEq0cjZXsI9PXSSBaQmfdZqxk33F7dIWm4SRT1D/1Am2r1uHZDsMWzmfUpReS7uw67TuhKIryVpSxXBzHI3Ka1gMXQiOT6CET70Z6HnXdjxAuqaJy4ll0128n1dOG0HSEOKwXWgpcx8ZOJ/Fch46960n1tKMHgpSNm4mTTmCEIky96mP0Ne9lzysPUDRiPNOu+QS7XriXZOdhAfVhtwXpuVROnMewyeew5bG7SHQ2IrPLHtnpOKWjJjFi+mLq1z1DZ91GKsbPRkoP187guQ6aoabOKIqiKIryxsgFwZ7rcPYHvoURjBAqLOes9/4roeIKiqsnUTJ6CnVLHyLd1zV4dmjpD8nL9PRi9fXhpNJER46gsHYsBSNH4Ha0D71AwjvxRoexRH7ZU8J5JaiBdMY+8UaHGUrm1MOlMvnNFTSNPBON5ZlcxnHzO/6FBeG8tu+NJfPaPv/h9PntsOvlt31hQcGJNzqMlHl+v3nub9rK7/0DgfyCMdvJ7/jkO+TXk05e21tOntcHO7/thcjv+hBPZY77fHFBCCFyS52fcv09rWgaQjPIxLvIxLoJj6rEDEVJSg/BwO9EaBp2so9Y637Kx81EM4P01G+ncNhYQkUVeI7FiOmLiZQOZ8MD38PJJEn3tjNqziWMmH4ee195YPCySOm/R3El06+9E8+xCBaUohkmky/7AMnOZkJF5Uy46N3ULLiaYLQYPRhmwoXvos78C537Np2eg6QoiqIoinKEQ3OCNZ29L/+Z2sU3ke7tINXdAng0rH+eRGcTdjoxaEAiPY9gaQklkycQP9hA947dBAoLiIwYhtAEdiKJyg+tKIpy8jzXxs4k8RwHKT2cTAonk6S4egKZWBeZeLe/LFHtbConnkXn/s3EWg+g6QbSc3FtP1jXjUB2XV4XK9mHEYwwbPLZ1K97lhEzzsdJxmnduYphUxaiGSbRsmo6928GCYFoyYAll3I9uLqBbgbRNJ3WHSvpadiFbgbwHJux596AEYjQun0FsdYDtO9ZhxEM49oWI2dfROGwsbTuXEms9SBCN8BTS+QpiqIoinL6HQqCASsVo6BqDBse+D41C64iE+umq24zmXi3n/1zkCBYCEGmq4eCmtHUXH0ZqbYOjFAIYRq0r1lP3979lFRXvpH7pCiK8pagaxqF0SCaJvIYoyDwXBvH8kdNSNdl+NRzGT7tXIqqJ6AHgsy+6fO071lLd/1OahZcRUFlDZ5jEa0YRduu1exf9gie5wKS4pGTqJl/JUIIGtY/T9f+LQjdpK95LwdXP8GkS95H9cwLMYJh9i59iEy8m859GymuHs/MGz9LurcdhCDWWsfBNU9lyyipXfxOysfNomPPOhrWP4fnOn4Dak8rSHAsf7k9zQgQb68n0dnkjySSEieTpGL8HAqqJMmOJjKxLjQzgGulcgG7mi6sKIqiKMrpcmjsnxA4mRTbn/wV8faDNKx/Fte2cOxMdvmLY9RIhEBKl+ZXl9O7aw9SSoQQO
|
|||
|
|
<h4>任意文件读取</h4>
|
|||
|
|
<p>在找回用户名处看到一处上传,但是有些不太理想,接口是白名单限制。</p>
|
|||
|
|
<p><a id=img5 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083051-0d54a6e0-10c0-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABUcAAAPVCAYAAABFoVuIAADRBElEQVR4nOz9f5iW5X0n/L8ZEBQzCIIgMBAHtRpITU2KxYC6K81uNTQwicawmma3sWNTdTf+2ND6NBuzzWNqG3WfVds4a7qbRJcYMUCWap7N4nejTOXRJq40EE0MozIDAUGQUQkCM98/7plhfsMNDDfD/Xodhwcz93Ve1/W55xpgfPM5z3PILxteaw0cIa2trR2/Fj5uTWtr19c7/zqQpp0x9YBjiq1jSMWQQy3noLTs21vkGcXVM6RiaHHjB/btpqWlpajxFRUVA1RJQcu+fUWNrxha3Neztcj3W+wDGFLk+NaW4r7/9xX5/TnshBOKGr/n3XeLGn/C8OFFjW/Zt//r/8prjUWdmyTvnTKp3+PFfn+2FPn1HzqsuO+3Yg301/9grW94bUCuCwAA0JthpS6A40d7INo9FB0yZEhOHnlSRo48KcNPOCHDhg3NsGHDig5yirF3b3EhF1BezphaleHDiwtvd+/ePUDV0NlvnFVd6hIAAIAyIhzliOgcjLb/N2RIcuqYUzJm9OgB70DsTDAKHIx3391TdEAKAADA8UU4ymHrHoq2tLSk8j0nZ9zYMRk27Oh+iwlGgWIISAEAAMpD++zm7gZ2AT+Oe70Fo6NPqczpE0476sHoW2+9fVTvBxwf3n13T6lLAAAAYID1tbyjzlEOWW/B6PjTxuaUUZVHvRbBKHA4uneQvvvunrS2FrmBFgAAAIOOcJTD0r75UktLS04ZVSkYBQYtHaQAAADlx7R6DknnXelbWlpz0kknZvxpY496HYJRAAAAAA7VUe0c/Z//7w/yL/7l7x3NWxZt8+bNWfzfH85TP/rfWbPmhYwaNSrnnHNu3jd9ehb+q6tz9tm/kSSZd/nvZcXjPyhxtfu90tCQ2/5sUZLkjq/emTOqqwf8noWAtPDx6ePHHfHrv/nmm1m6dGl+9rOfJUne9773paamJqecckoSwSgAAAAAh+eodI7u2bMn//bG67N69TNH43aH7O67/jpXfqIme/fuyf/1xf+Q+meezY+e/od89o9qkySf+fTV+cuv3pHW1tb87GfrSlztfj/+x+dy5ZUfz8cWLMjHFizIlVd+PD/+x+cG7H6du0ZbW1sz+pRRA7L50pIlS7J37958/vOfz+c///ns2bMnS5YsSSIYBQAAAODwDXjn6K5du/LZf/OZfHj2nNxw478d6Nsdkn379uWmf3djxpx6ap7830/1CPp+93c/kt/93Y/kc39yff7o2j/MDdd/rkSV9vT//uCJ3PZni3Lf33w9F1744STJe997Rmr/6LO546t35l/+3mUDct/2rtFCODow64z+9Kc/zZ/92Z9l/PjxSZJ58+bl7rvvFowCAAAAcEQMaOfotm3bctWVn8jHFiw4ZoPRJPkPf/5/ZeKkSfnyf/xKvx2Qp502Po98d8lRrKx/f3P/ffmL/3h7vvPdJR3BaJJceOGH853vLslf/Mfb8zf33zegNZx44ogB6RpNkt27d3cEo0kyceLEvP22YBQAAACAI2PAOkebGhvz6WsW5uZb/n3m/f7HBuo2h+3Fn/0sP3rqf+d/rfzf/Y67eM6H09TU2PH58OEjBriyvu3bty9/+oVbs27duixbviLjTjutx5izz/6NLFu+Ip/5g2vSsP6X+cu/+lqGDh162PfuPqV+5EknHvY1O3vhhReyfPny/OpXv0qS/Mmf/EmPMTt2bO/z/KqqqqLu17B+fVHjW1paixo/fMTwosZn766ihm/41etFjT/55FOKGr9711vFXb9ydFHjt2wtrv6qSROLGr/77TeLGj/8pNFFjR86tLh/XxqWvUWN3zOkuD+iK9JS1PgMKa7+ocNOKO7yLfuKGr+vpcj6W4v7/VgxtLivZ2trcfW0FDn+hCK/nq0p8v0OKe7P/GHDivt+OP304n4/AgAAHIsGJBxdt25taq/9w3z1zr/ORRddPBC3OGIeeuhb+Vf/6pqceGL/Id9Tq/7hKFV0YDff9O/S3NycRx9bmpEjR/Y5btxpp+XRx5bmhus/l1tvuSn3/Kf/fETraG1tzUkH+LoV6zvf+U7+8A//MGeffXa/4xobG/s9DgAAAAAHcsSn1f9//9/qfOYPrsn/85/vO+aD0ST5pzVrcvEll5S6jKL84InH8/UH/ku/wWi7kSNH5m+//kB+8MTjA1LLkZ5S/+abbx4wGE2K7xAFAAAAgO6OeOfo9Z+7Ltu3b88nr/xE0edOnlx11Ds0f/nLl3Puue87pHPn//5Hs/x//P0RrujA9u7dm+HDD3669ogRJ+bdd989ojW0z2YdNuzwp+oDAAAAQCkc8XD0/r99IDdc/7l8/et1+dBvzzzSlz/ihgwZkrfeeiujR48u6rxtW7fm5Zd/MTBFHYJvf+ubeeONN5IkY8eOzTWf/oOjct8hQ4YM+D1++tOfJkne//73d3n9jjvuyG233Tbg9wcAAADg+HTEp9X/zu/Myje/9VD+3b+9IU8//dSRvvwRVzVlSn72s3VFn/fTtT9NdfW0AaioeH//9yvyrW/+t47Pv/nf/mv+5//8fwf0nu2Z6N69xW0wcyi++c1v5lvf+lavx0yvBwAAAOBQDciGTNOnz8gj331sUOxWf8nF/ywrvv/9XHjhh4s676f/9E+54Hd+Z4CqKs7Lv/hF5v3+x/LvPn9Tx2s/W7cu/+Jf/MsBv/fevftywgnF7bhcrM985jMZOrTv6ftVVVU2aAIAAACgaEe8c7Td5KqqPPrYstQ98PV85zv/faBuc9iu/vSn873vPZbXXnv1oM9555138t1HvpOPzV8wcIUNAkOGDMnuI7yWaW/e//73533v639dWB2kAAAAABRrwMLRpLD25SOPPpbvL1uW++79zwN5q0M2ZcrUfPKqq/Ifv3x7du/efVDnfOmL/1fOPffc/NZvnT/A1R179q8xWvj17bffKV0x3QhIAQAAACjGgIajSXLSSSflm99+OD//+Uu54//+i4G+3SH54n+4PUlSs+D3s7Gpqc9xb765I//2xuuzecvmfO2ue45SdT2ddNJJef31LR2f797964wYMWL/8ZE9jw8fPiJHSntAOmTIkOz69e60tLQcsWtPnDgxv/jFgTe6eumllzJx4sQjdl8AAAAAys+ArDna3QknnJD/5z/fl+89tuRo3K5ow4YNS91/+Ub+7hsP5hMfn5+P/It/mdmz5+TCD384ra2t+ac1/5QXXvg/WfLoI/k3f3htPv0Hnzkqu7T3pebjn8hFsy/Mnj17kiSnnTY+y76/ouP4JRf/s/zrz1yTxf/94Y7Xbvy3nz+iNRTef2taW5PtO97M2FPHHJHrfvSjH81DDz2U119/vd9xp59+ej72sWN3LVsAAAAAjn1DftnwWmupiziWbNu6NYsXP5zly5Zl/fpfJknO/o3fyIIFH89Vn1qYMWOOTAg42LW2tqalpSWtrYVvnzOmVmXo0AFvRD7iGtavL2p8S0txv12Gjxhe1Pjs3VXU8A2/6j9E7u7kk08pavzuXW8Vd/3K0UWN37K1uPqrJhXXLbz77TeLGj/8pNFFjS/2e35Y9hY1fs+Q4v79qiJFdnEPKa7+ocOK23xtSMu+osbvK7YLvbW4348VQ4v7era2FldPS5HjTyjy69maIt/vkL43suvNsGHFfT+cfrrufQAAYPATjnJIWltb2/5rSUtLa048cUSqJp1e6rKSJI1bigvEADh2VI0v7h9xAAAADsfga/XjmDBkyJC2qfVDUlExJLt2/Tqvb32j1GUlKfyPtf+5BgAAAOBAhKMclv0BaUV2vLkzb77ZXOqSOghIAQAAAOiPcJRD1t492v5fRUVFtmzdli2vbyt1aR10kQIAAADQl6OyWz3Hr0Ln6H4VFRXZ2fxW9u7dm9NOG5sThh0b32LtAan1SIHB7Fj7xx5/pgIAAINFa
|
|||
|
|
<p><a id=img6 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083142-2bcfdba8-10c0-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABHYAAAGMCAYAAAC/ACVYAAEAAElEQVR4nOzdd3gUVdvA4d+W7Kb33gsBkhBq6B2kSlMEUUTpICiCiCAiKlJFmqKiiCgi0l5671U6off03vsm2fr9EVkIhJBFsHye+7p4fXd3ds6Z2c3OzDPPeY4kPT3d4OLigiAIgiAIgiAIT+bqxYv4BQRgbWv7TNavUqnQaDTY2dk9k/U/CYPBgEQi+bu7IQiC8J8nr+zFhIQ8rl1LxdPTllq1PPi3/m5fuZKKm5sNLi5Wf0v7t29nYmdngavr02k/NjaWvLw8JBIJEomEgIAArK2t/2jrNvHx8fj6+hIcHFzufRqNhvPnzxMSEoLtMzrpEARBEARBEP46CQkJ6HQ6/P39AYiPj0ev1+Pu7s7FixeRSCTI5XI0Gg1yuZzatWsTExNDVlYWCoUCvV6PVqslKCgIGxsbrly5gl6vRyqV4uvri5ubW4XtXr58meLiYho1agSUBZ7i4uIICQmpct9zcnLIysqiWrVqVVo+Pj6ea9euYWVlRcOGDTE3NwdAp9Nx/vx58vLyqF+/Po6OjuX2z9WrV/H19SU0NLTKfRMEQfg3eWRg5/TpBMaO3YxSKScnp4S33mrG0KGNnrih9PRCNBo9Xl5/PqBQUFBKRkYRAQGOjw02GQzw5psbGTGiMa+9Vv9Pt/04sbE5ODhYYGdnbnzu00/38txzwQwcGPGn16/T6fjwww8xGAxYWVkhk8kYO3YsNWvWZOvWraxatQpXV1du3rzJ22+/zfPPP298765du1i2bBk//PDDn+6HIAiCIAiC8DToUat1mCnMeJJ7qMuWLSM/P5/58+cDsGTJEkpLS5k0aRILFiygoKCAmzdvEhoairOzMwsWLGDTpk38/vvvREVFYWtri5ubG6NHj8bNzY0+ffpQv359SktLUalUTJw4kc6dO5drU6fTsW3bNrp16waUZe7Mnz+f06dPs2XLlir1u7i4mPfeew8bGxsWLlz42OV///13PvjgA1xcXEhJSaFVq1bMnDkTiUTCwoUL2bVrF9bW1tjb2/Pll19iY2PDhQsXmDhxIg4ODmRkZDB16lRat25t2g4WBEH4F5BW9GRxsYaJE7fRsWMNDh4cyWefdWTq1N1kZBQ+cUNLl57m888PPfH773fyZDxvvrkBvV5fhaUNqFSlaDS6p9L244wdu4V9+26Xe06l0qBWP532b926BcDSpUtZunQpixcvpmbNmhQUFLBlyxYmTZrEokWLGDRoECtWrECj0QCQmprKDz/8wJgxY3B2dn4qfREEQRAEQRD+nLTLB/lp5T7ynvD9paWllJSUGB8XFxdTWFiIi4sLv/32G7Nnz0YikfDll1/yww8/YGtry7vvvsumTZsICAigV69ebNiwgfbt21NQUICFhQVLly5l+/btvPDCC0yfPh21Wl2uzYMHD+Lo6Eh4eDgGg4HZs2ezYcMGZDJZlfp8N2B06tQp5PJKBxAAZYGjFStWMGjQINavX8/PP//MoUOHuHXrFhcvXmTdunV8++23rFu3jtLSUtavXw/AjBkz6NChA6tXr+bNN99k0aJFqFQqE/auIAjCv0OFgZ2EhDwuX07jlVfqAlCvnhc1ariQllYW2MnIKGL79uscPx5rDFjk55dw+3YmmZlF7Nhxg1On4tHpDBQUlHLmTCK3b2cSG5vDsWOx3LyZYWyrqEjNwYNRbNt2jczMIgC0Wj3Xr6eTm1vCoUNR7N9/B5VKg0aj49KlVM6fTyItrZCDB6M5ezaxCpspeeT43+JiDUePxrBly1Xj9un1Bm7cKGv/6NEY9uy5RX5+qfE9OTnF7Nx5k0uXkrl5M4Pjx+OIi8vh8OEYUlLyuXw5lePHY43bI5NJkEol3LyZwZYtV0lOzi/Xh6ioKE6fPl2F7SgL7Mjlcg4ePMiBAwcoLS3rl7m5OZ988gnh4eEAqNVq7O3tjQfLr7/+GmdnZ2rUqFHu4C8IgiAIgiD8HQzEXfqdNZsOk6vSPFG2DoBEIkEqvXdKL5VKjY8lEgkKhQKpVIqZmRlSqdQ4NAtAJpM9FFiRyWSYmZkB0LBhQ0pLS8nKyjK+npeXx9GjR3nhhRcAKCoqon79+kyYMAGFQlGlPhcWFtK9e3cGDhyIwWB47PJ6vZ4PP/yQ1157DQBra2vMzc1RKBScP3+eGjVqUK1aNeRyOe3bt+f06dPk5uaSnp5Op06dAGjdujU5OTkkJSVVqY+CIAj/JhWGyGNjs3F0tMDGRgmAt7cdBw+OBODy5VSGDVuHi4s16emF1K7twdKlLxEZmcywYeuIiPDB3t6CQ4eiePfdVnTuXIPVqy9w6VIKpaVali8/Q6tWgdSo4UJ2djFjxmympESDUilj3ryj/PrrK1hamvHSSyuoUcMVd3cbLl1KoXZtD2bO7Mz27dc5eDCKjIxCfv31PH5+DkREeHPwYBQXLiQhk5UdyAwGA+bmZvTuHY5UWvGhsqCglHHjtpKZWYi9vTlz5hxmxYqX8fGx55VXfsXX1wFPT1tu3MjAy8uWn356mZISLUOHrkcigczMIrRaPa+/3oC8vGI2brxCSkoBx47FkpiYx6hRTXF2tkIqlfDrr+c5cSKO/PxSZs8+xPr1A/D0tP1jn17m6tWrxjHKlbl69So3b97kzJkzREdHs3z5cr755htsbGzw8vIiKyuLWbNmcfnyZRYuXIhEIuH8+fOsW7eOiIgI3n33XRwdHZk6dSoeHh6mf2MEQRAEQRCEP684ldhsAxFNIrgcq6UqeegVkclknD59mmnTpiGRSDh58iT1698rP1CVwMldEokEg8FAcXExUqmUvXv3Ym1tzf0Trezdu5fQ0FBcXV2BsiBLp06d2LZtWxWz6cHV1ZUOHTpw9erVKvVPJpPh4+NjfLxy5UqCgoIICAjgl19+KVejx9nZmfz8fFJTU7G2tjb209zcHDMzM4qKiqrUR0EQhH+TCjN2VCo1crnMGBDR6fSkpRWi1er57LN91K/vzdatg9i+fTCnTsWzbt0lLCzMiIvL5Y03GvDNNy8wcmRTtm69hre3HfPmdaNXr1q0bRvEsmV9eOONBgCsWhXJ2bMJjB3bktGjm1NUVMRPP53B3NyM5OR8Gjb04ZtvXmD+/O4cORKNTmfggw/aMn58K2rWdOWHH17ik086AGVZNno95f497jixadNV9u+/zZgxLRk1qjlyuY7vvjuBQiEjLa2IkBA3vv32Rb755gXOnk0kK6uIM2cSyM9XsX79AN58syn29hYMH96Yrl1rsnTpS4SHezBiRGN++OEl6tf3AsqykqRSKYsW9eS3315Fr9cTGZls7EfXrl0ZP358lT6wl156idWrV/Ppp58aa+XcP5ZZqVRSq1YtLCwsOH/+PAC//PILXbp0YcmSJSxbtsyYYisIgiAIgiD8TZSutGrTnCAXBbonjer8wcLCAhcXF1xdXbGwsDApmHM/qVRKeno6w4YN45VXXuHkyZNMmzbNmNWTkZHB5cuXy9Vw/KudPn2azZs3M27cOKCs3s/9mUJyuRypVIpOpyuXkSSRSIyZSIIgCP/fVJix4+RkRUFBiXGYVVpaIYMGrWXixLZkZBTw8st1AHB2tiI83I0bN1Lx8rIjJMSVVq0CAXB0tChX2Nhg0D8UaImOzkAqlbBy5Xm0Wj0NGgQQEuKGRqPD1dWarl1rAmBjo0SplKP746hnMBgeOmC1b1+N9u0frqhvMBjQ6ys+uEVFZSCXS1mz5iI6nZ7QUC/q1vVCq9Xj6GhB9+5lVf2trBRYWJihVuuoUcOFwkIt339/kkOHoqlTx/2h9h7ayXIpzz9fE2vrsoOOra05Wu29mjtVTVsFqF69uvH/K5VKAgMDiYqKMrZtbW3NwIEDCQ4O5rPPPqNr165kZGTw8ssvG2fOatOmDWvWrEGtVpvUtiAIgiAIgvCUSGVPPPzqfjqd
|
|||
|
|
但是正常放包后发现进行了两步操作,一个上传、一个读取,感觉是在文件上传后通过另一个接口将文件显示在页面上</p>
|
|||
|
|
<p><a id=img7 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083146-2e2f42da-10c0-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB3AAAAJ9CAYAAADE2uM/AAEAAElEQVR4nOzdd3gU1dvG8TuVFEqoCb2F3rsJSDM0RRBQAWkKCIhKsSCigIgCKv4QVEQEERABK7woNVIUEgWkF4EQQHoPJQmkvn9sssmm7oQNm4Tv57pyQWafnXlmdpLMmWfOOQ5VB8+P/3ZMD6Xnxs2bFt9fv3o13di0VKhY0VC8UTF3bmYelEzofxcMxXu4ORuKd3bJZyje1cXFUHxYmLHj7+joZCi+kFdRQ/GxMXcNxTs7uxmKv3XT2P7GxjsYivfy8jIUHxkRaXVsydJlDa3bXmoNfVQexw/ZO408I6JyTR38cvU9ryf6boTOXzD2+8rVxdjvq6iICEPxDq7uhuJdXIz9/rl+7Zqh+MKFCxuKv3XL2N+LQoW8DMXHxRsKl6ODsd9Xd+9a//snK1wM/v26e9fY+XM3KsZQfMH8+Q3Fe3gai79w/qyx9Xt4GIp38/QyFF+smLG/vwAAAACA3OvShaQ26Z07xtr7bu6ehuJvhhm73xIXa6z9XsKntKH4y1euGIovVLCgoXijSviUytb1GxV27ZKh+Ju3jN2fKVK4kKH4i5cuGor3Kmzs/kbUHWP5Rxu8v+Tiaqz+Ikdj9+tio6MNxbvmM3Z/tYR3SUPx168b+/mKDDd2/GMN/n6IMng/s1CR4obi42JjDcU7Oxu7X+3kbOz8KVTI2P3qzDjadG0AzM6fPW3vFKxC8da2OJ4AAAAAAAAAAOBeGOuuBcCQeEnGntmxvx2BJ+2dQq7TJKCCvVMA8ICJCL9tuNcxAAAAAAAAgNyBHrhANjM4qioAAFaJCL9t7xQAAAAAAAAAZAMKuMB9QBEXAJAdslrEPXJon14d1kv//PWnjTMCACCFU7M1uKqXmlb10uBvQu2dDQAgD4mPj9cX/5usaRNGG56X0R4uXThr/gIAIDMUcIH7hCKuyelv2qtpwg0c81fP2UpzxuA/RqWKTfemT8rYZOtMc5vWrBMAcgGjRdzLly7olSFP68+Na/X9t3OzKSvkToGaas3fyBR/c7McA9tIeQ00PtDi5eDxyT/T9lp6Kv1Vnf6mfar3536hWtoz9XHJ6Noxw7h0zmfz9Waaxy+dHB4IgZrabpw0bpe2Hw3TvGcr2TshAEAeMu+zD7Rgzsf6edkCnQg5Yu90UklesKVoCwAwigIucB9RxE3QYIp+Ohqm7UfDtP3oLo3WOPWwuGmWcJNr8CGN3pAYF6btR39U5SkNU91gO/1NezUdLM08miz2xaOalHBzreyz65OWz3tWUlOL9XIjCUBuZ20RN+ruHY0Z3keXL12Qq2s+9Rn4UjZnhtwkePyTOp5QZEn8m7lvSkPLYtUfoyz/Pm+YImUlBjYRPN4r9TXQ5ADz66e/aa/N7ZJe+2mcNKNdGkXchB6SPaZsv787YCeZXTuaGLseNVv+pKb+cZ92JDc4dVTH1VSPtOF6GwBgWxvX/Z/mffaBJOnhth1VuWpNO2eUhIItAMAWKOAC9xlF3JQqqfeHU1R39zh9m3Cz6/Q3wzRj97OaeXS9epdPHhugN4/+qG67x6mHuQdDoL6dsl11x42QX/LQlp9QmAXwQLGmiPv+2yN1cN8/kqQxE6erbsNm2Z0WchG/ySkeamr5iWb2lPatWZtQqArV0s+/kXqOSfr7XH64Jo5rajAGNvHHKI1c/qxmHv3E8hoombLPrtebLZN93+YJ1dV2nUxWwD39TXs1HSNNPBqmmT2zNeMcwrprR2PXowkaPKtuDaRfBo9ScDbuQa5y6qj22TsHAECeE3LkoCaNGab4+HhV9K2ud6d/JQcHB3unBQCATVHABeyAIm4K5auqsvmbdG6qmQWo77im0vJfLW6M7TtOrx4AyKiI++38T7Vm5XJJUs/+w9TlqX73Ky3kFafW6vfdUrd2ARaLy1aqKe1eoa2nrIyBTQRv+CaD6yXrlX12vbYvH66yNskq98j42jFr16NSVfX9cIrq6huNfFCGS05jiOnEYaZNPcS/kbRdM9plPoQ3AADWCLt+Va8O663IyAgVLFRYH89ZKs/8BeydFgAANkcBF7ATirjJJAytVqG8rBpmzdR75FBC75EAte4pafmTeWhesbyyHwDsIa0ibtAfG/TZ9HckSU38Wmn0m+/f56yQK52arfnLpbqdOiYr7iX8vU6ufFXVtVhgTQzuTaA2L5cqV5JpmN/M5nGVJIVq6Zhx2tfzR4teuQ8eK64dDV+PJpPQ4/yBGUq55SfJhpdO6MXdYIomPltJfpNTTl+SsjczAADp++9kiC5fumCxLCYmWmNf7q/zZ/+Tk5OzpsxcoDLlKtopQwAAspfj58Pa6cbNm+l+Acg+FHElKVBT243TvsShFq0eZi1p+D+/yWH6KeFGWdOqXrm/kPvHr/bOAEAuFxF+W3GxsZKkUyeOafwrgxUXG6sy5Spq6qxv5OjkZOcMkeOdmq3B7cZpX0IhxrQso7/RCX+XrYmBzfwyeJj0YWLxbJdGa5x6WBRxQ5MVeBvq9067LObIfVBleu2YhevR5Mo+O0ejH8ShlP8YpZHLm2r0hw9ej24AgG2dPnlcPTs9pJ6dmurA3p3m5dMnv6Fd27dJkkaOfU9N/VvbKUMAALIfPXABO3sgi7i7x6mHeYi1J3V8XLKbiVb30LHs3VP22fVJT/0vfzIXD9GWMHcgANyjd954QTfCrum1Yc/o1s0b8sxfQNO/WKqChQrbOzXkcKe/aa+mCcXbn6weWjeNXrdZioFVTh3VcUl1x81J1qOxknp/OEV1d4/Tt38kW7Y8qXfkRA1T06peD0bP0ExkeO2YxevRJAmfxYM0lLICNXXwNynOSQAAssbd01Menp66feumRgzsrgN7d+qn7+br56VfS5K6PNlXvQYMs3OWAABkp1A5xyT0zrCWZ4H8huKjoqMMxRsVF2+sBu3h6WEo/m7kLUPxcfEOhuJjoiONrV/G1u/s7Gwo/uaNq4biHZzzGYpX5B1D4c4urobi42JiDMXfup3+XIFpcXI01mPproHz383gvuZqGd0QLl9VlbVdv28KVe9n0x627vSmFdqnmhqUxs0hv8lh2j45VEt7NtSMdqNU4egn9zw33H2VMHdgh4hI3bxxzdBbi/uUMhQfHWvs93NctLHzP87YnxcVKORlKD42Ls5QvKursZ+x8IhwY+t3M/b3JTrG2PG/eeuGoXivwkUNxUfeNfb7OS7W2PGPjzcWH3nH2N/HqFhjv/8LGjw+cdHGzoewW8auH1xcjf18RVnxea39v+8V/EegboRdk6OjoyZ9NFeVqlQ3tB08aBL+fu6Wus0LSz3MbvmqqqtvTD0Ok/8NTuit+Ii1Mbh35auqsiRVSn+I37SUfXa9Zh730sgNgXqz5YPVE7du5bSPVZrXjvd4PSopYSjlFeox5UlNbbdLFWyzGzlW8Pgn9Yue1cx0jhcAAEYUK+6jmfN/0oiB3XX71k29/Fw33b1jagPVbdhMb0z6n50zTM3iHriDwfu3Lsbu38bGG+sO4prPzVC8k7Ox++230pjGJyNG7887G7yfE2/w+GR3/cIoB0djx9/Rydj5c8Pg/XBPT2P1oMjICEPx+fK5G4p3cjZ2/8fJydjxjDJ4PzOfu8H6hcH7mREG708arac4Ot81uH4XY/HOxu53ORnM39XV2O9bB0dj8XEG7zdeD7tudWxhr0w6WJxaSw9cIKe4k8MuFuzHNC/Zvimz0hlyLlDfTtmuuuNGZFCYraTeLz6bTfllr9ObVmhfgyn2TgNAHnEjzPQgyNBRb6nlI53snA1yuuDxDTVj97OaeTSN4q0kle+oRxpIx0NDLRafDj0kNXhCLcpbGQMbqKQKaRxnE3o6WwrVyd1S5QyL3SmvHW1xPZp8KOVh+j0Lmecaf4zSyOVSt3m57MFJAECOVrteY836+mflL1BQ4bdvKSYmWt4l
|
|||
|
|
<p><a id=img8 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083150-30569270-10c0-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB38AAAJOCAYAAAC3P82xAAEAAElEQVR4nOzdd3RU1dfG8WeSQAoBQu89dJBeEppIhPCqICpdQUQBURFsoAiIKKKgQVSaoiIgTQUsP1BQkRIElG5oIYTeCT098/6RZMikMTeZYVK+n7WyIHf2nLunZOaeu+85xxRz66pZBmzdfdhIuNq2bmYo3qiY6+cNxf+2Zb+h+KIehsIl1wKGwkv6FDYUf/KsscdrTog3FF+uXHlD8dFRtwzFm1yMPT+3rkUYi4819njLlCppKD4qMtpQfAu/1pb/u0pKmZ2roZaQH1y5fNHq9937QjKN79C+vaH2/92x3er3m5eN/X2ZCvkYildspKHwy9duGIovX7a0ofgzp08bii9WzMdQvJt7IUPxBV0Mhev8BWOf/4UKeRqKTzAb+1S6eeOqofh4g596hT3dDcUXL17cUPy58xfvHJSCd6GChuJdPY3l06B2dUlSoULG3kdZtXPnTk2YMEGjRo1Sx44d78o+AQB50+r//WJzbOfA/8v0dlcXU3bTAQDkI2azWW+++aYuXbqkTz/9VG5ubs5OSZK0a8cOQ/HXrl0xFO9V1GD/99QJQ/EmGSoXqFyFSobiz5y/bCi+SsWyhuLNZmP5N2jQwFC8ox0LO2goPuz0FUPxNSoaO58WGnbUUHyZchUMxcfHGDt/eOPGTUPxXl7Gzo/FJBgKlxJiDYUXKGAsn/r16hiKP3v+rKH4M6eMxScYrDfdvH7FUHzlGrUNxZsSjL1gBQoaOz/p4mLsBG5RnxKG4iMuGHv+9+7PuD770ANdJUnHL0aqcklPGTz1DCCrUn8sGvuYzDtCp7eRyWSy/mkzXaHpBa8Zmia2zfR0I9PGpmgz3X3a0uZdlLrwm1X/7tie4Q+AnO/mTWOdmKw4ffq0HnzwQf3000/69NNPHb4/5CZrNNSW78hU37lZjoF9pD4GGrom1c0pX9M2yuylCJ3eJs39c79QTW+T9nnJ7Ngx07gM3s+W4810n78McsgDjBR+AQCwt4kTJ2ry5MmaM2eOQkIyv4AeAIC8LLm/moziL+BE+bUALP8gHTabZTabZTYfVpBGqabVCbekE2Rd9ynocHKcWWbzajUYVTPNybnQ6W1k6iqtNqeIHbdfA5NOzPmO3Hx7++ohkvyt2t080vfuPv5U7FX4BZA3OLIAHBUVpR49euj06dNyd3fXyy+/7LB9IfdZM7Sr9gUdtvrODB5V07rQtWao9ffz4SApKzGwizVDTWmPgeYEWm4Pnd5GK3rcvi3xpUinABw6XW1MJtUcFXx3H4CT3OnYMSnK0PGoxdyuyoM1XgAAcpzvv/9eb7/9tiTpoYceUsOGDZ2cEQAAzpPcb01G8RdwsvgUP/mTr0bOD5J/8ChNTTpRFjp9oEYFD9Fq82ZZ12UDNce8WkOCR6mm5azaGk0dFSz/oFcVaBU6x+lFXVtQ+AWQHkcVgJ955hlt27ZNkvTZZ5/J39/fIftB7hQ4J9UFUYFztHqIFLz856QiV6imT5orDRl3+/vZd6TmB/kbjIFdrBmqrnOHaLV5jvUxUAq+IzcrRS1Yvg/2lL+CtT/FCxE6vY1MA6X5ZrNWD3FoxjmEbceOxo5Hk/gP0RB/aW7XoaL+mzXxCWarHwAA0rNnzx4NHDhQZrNZ9erV08KFC61GOwEAkN+kLoVQ/AXgfL51dHt1jQxOyFkE6tUgf2nuCquTasH7c9/p5OwWfv/asMHqh6mdgbzF3gXgadOmaeHChZKkESNGaPDgwXZtH/lA6M9aHiwN6WH9De1bp4EUvFw/h9oYA7tYs2JuJsdLtvMduVnmzSOV8y+Zs6/Mjx2zdjwq1dWr84Pkr7nqyvBfAAAc4uLFi+revbtu3ryp4sWL68cff1SRIkWcnRYAADkKxV8Azhd6QPvkr7q+t//f88GMT0EmjlrZpwOhkhSoHkMkze2aq9ZRY8QvAFsYLQDHxMRoy5YtabavXr1aY8aMkSR16tRJH330kV3yQx4XOl2T5kr+PR9MURhM+r5OybeurMeQ2xKD7FmjFXOlBnWUODXxndatlSSFavrAUQoestpqNHD+Y8Oxo+Hj0ZQ3JI50Z/pnAACy59ChQzp9+rTVttjYWD322GMKDw+Xm5ubli5dqho1ajgpQwAAci6KvwCcbI2G1hyl4OTpIUP3y7bV5m5PWRg4x6zDSSfZTCZTrioCA8CdGCkAP/PMM/L399fjjz+u+PjEBQUOHjyofv36KT4+XjVq1NCyZcvk6urqqHSRV4ROV5uaoxTsH6T5yXMHZfodnfS9bEsM7GZu14HS/OS1aA8rSKNU06oAHJqiOFxTy3setloTOL+647FjFo5HU/IdOV9BTP8MAECWHT58WPXr11e9evW0detWy/YRI0bor7/+kpQ4s1FAQICzUgQAIEej+Avg7gsepZrJI1RMXbUvKMWJSJtHBlmPKvIduVnm5LXq5naVydRG0znBDCCPsLUAXLZsWUnSokWLNHDgQF26dEndu3fXlStXVKRIEa1atUrFixd3ZKrIA0Knt5EpqfB72ObpgNMZ7ZulGNgk9ID2SfIPmp9iXR9fjZwfJP/gUZq6JsW2zcnFYbPma6BMJhMjUnWHY8csHo+maD3xtWD6ZwAAssTb21ve3t66evWqunTpoq1bt2rWrFmaPXu2JOmpp57Siy++6OQsAQDIuSj+Arj7/IN02Hz7ROTmlKuR+9ZRAwVreSaLAob+vFzBaqA66ZxsC5yTNPLFP1ijaubM0RZM+QzAUSZPnqz+/ftLSiwA165dWwcPHpSLi4sWLFig+vXrOzlD5GyJo0RrjgrWkNXmtOvA+taVf3ojHVOOkrQlBtnnW0cNJDVI72Aos7uN3KzVQ6S5K3LiEZJj+Wdw5UG6x47ZPB6VxPTPAABkQ7ly5bRmzRoVLVpUV69eVefOnS3FXn9/f82aNcvJGQIAkLNR/AWQwySuwxY8amoGhds1mjoqWP5BryrjSQt9NXLcEEclCAA5lqurq+bPn28pAF+6dEmSNGnSJHXr1s2ZqSEXWDO0pkYFD9Fqszn9NWF9H1RPf2lfqkVOQw/sk/x76kFfG2NgB76qm87znIgR1tZCtT/4ToXy1MeO9jgeTTn980Atz0rqAADkY61atdKvv/6qokWL6tq1a4qNjVWlSpX0ww8/qGDBgs5ODwCAHI3iL4AcJ3DOYQX5z1VXU+qRu2s01NRVc1OuP6g1GppmiudQTZ80VxrSI9MTcgCQFyUXgB9//HFJUr9+/fTGG284OSvkfGu0Yq40ZPWcO15cFTxq4O3v3dDpGjgqWEPGJY8StiUG2Zf8PNdMMap0jYbWHKXgIeOSpoJeo6GpjqVCp7dR17nSkB755wgpdPokzdUQ3X7Ith07GjsezUjy9M/BCmboOwAAhiUXgH18fOTt7a2VK1eqTJkyzk4LAIAcJ/USmG7OSQMAMpO4Pt2D09uopslkdcuQ1WaZrc5XBmqOWRpqMillpH/QYZnveEIOAHKHQoUKGYp3dXXVggULNGHCBFWvXt1BWSFPSVpDNrirSXPT3OivoMObEwuKgXN0OKiNatY0aVTSrUNWpxopbEsMsi9wjsyH66pNzRTHQENWy2x5ogM15/ABtTGZ1NVypyFabd6cDy6OC9X0NjU1KlhKfP+mvKjB1mNHI8ejmfAdqflBy1VzFNVfAACyolWrVgoPD1dUVBSFXwAAMjAq6RzMsQu3JEmmnUcumo00UNDN1RF55Vi3bt0yFO/l5eXQ9hMSEgzFe3t7G4qPvHXTUHxBD2OP19XFdOcgpFGvso+zU4Ad7T5ywaa4y5cvG2rXaCfo+tUrhuITXIxdL1S0sLHPH6NiY2MNxRcoUMBBmSQxG/o6VWxcvLH42BhD8Ua/jxztxo0bhuKNfn85WkJstKH4GLOxvxePgpkfX/E9AAC4W0KOX3F2CnfE
|
|||
|
|
替换后面路径进行读取,成功读取到<code>/etc/passwd</code></p>
|
|||
|
|
<p><a id=img9 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083153-3279394a-10c0-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABGoAAAH1CAYAAACuvxg3AAEAAElEQVR4nOzdd3wT9RvA8U+SJt17t0Bp2VD2FmQKigO34gAUxQWIAxAHKoo4UAQBQURQFP2pKKIsQUBkb8qm0BZauvdO0yT3+6M2ElpKD1qK+LxfL16vcnnu7pvLJbl78v0+X01ubq5itVrx8vLialBQUKAqvri4WFV8aWkpACEhIarWE0IIIYSoQFHYt2sXDRs1wsfPr1Z2kZeXV2FZdHS0qm1oNBpV8Tk5OarimzVrpirewcFBVXxJSYmqeJPJpCo+LS1NVXyDBg1Uxfv4+KiKF0ItV1fXum6CEKIGqfuWvIYkJSVVK07thY3ValUVbzQaVcXn5+erig8KClIVr/bCprKLx6rodDpV8Z6enqri1V7IOTo61ur23dzcVMWnp6erig8PD1cVf+bMmSofb968uartCSGEqF1qv2eFEP9NhYWFVT4uiRwh/l3+s4kaIURFx48ft/u/TqfuI8JoDFYVHxJiUBV//HiRqngvL3XtN5sVVfFubpXfQDVqJD32hBCXT5I0Qoiacm4iR5I2Qlz9JFEjhBA1LCbmnx571Una5Bw7ht7dHdd69WqlPSWZmRQmJeHdogUalcMNqkVRSN+zB6/mzdG7u9f89qsh//RpFIsFj4gIUNkTUtSM4uJijh07RqtWrVT3VhQVSZJGCFFbLtb7RghR96p1xb5hwwY+//xzMjIy6NOnD6NGjcLLywtFUXjxxRdJTU21DRGyWq24uLgwcuRIOnTowIsvvkh6ejo6nQ6NRoOiKEydOvWC+5IxvEKIa0lMTFKVyRrFbObYvHk0Hjas1hI1iX/8Qf6ZM/i0bl0r2y88e5bDM2fS64svamX71XHqm2/wadMGj0aN6qwNl+Po3LlYiotp/fzzF000bd68mW+//ZYJEybYhj/u2LGDuXPn8s4771BcXMykSZNwcHCw+24GmDhxIkFBQbzwwgsoimL3uNVq5YknnqBv376MHj2a7OxsNBoNGo2G8PBwHnnkESIiIi7YrqioKH744QemT59uW5abm8vkyZO55ZZb6N+/v+rjYrVamTlzJhqNhueee071+v9WkqQRQtSF8lqeQoi6p71YwIYNG3jmmWdwdXWlT58+fPfdd7z++utYrVY0Gg3r1q0jLi6Oxo0bExYWRlhYGPXr18fV1RWNRkO9evVo0qQJeXl5rF279qopWiyEEFfKuT1sznd6+XKcAwLwadWqVvZdlJpK0oYNhN99d61sH+DInDlE3H8/OhW9KFK2bCF506Ya2X/qtm2U5uURdP31NbK9upC5fz9pe/agKBcffpeYmMi6devIzc21LUtKSmLFihXk5ubi4uJCw4YNadSoEfv27WPfvn2Eh4cTFhaGk5MTer2esLAwGjduzMmTJ9myZQv169cnLCzMVlfr999/58yZMzRq1AgfHx/++OMP7r77bg4cOFBpm0pLS1m8eDEPPfSQbVleXh5Tp05lzpw5qgv/l29z0aJFTJo0SXX9rn8rxZQjSRohRJ3R6/W2f+WJevkn/+Rf3fyrskeN0Whk5syZdO7cmVmzZuHs7EyzZs149dVX2bNnD126dAGga9euvPnmm5VuY8KECQAsXLiQQ4cOMW7cuJr9RBFCiH+BynrWFKekkLZjBxH33ovOyalW9hv7ww94t25daz1NkjdtwlJSQqjK3hLH58/HbDQS3Lv3Ze3fXFhIwurVBPXqhaO392Vtqy5ptFo02ov+dlIWq9GgPS9Wo9Gg0+lQFIXQ0FDee+89AA4cOICiKEyZMsUuvvz/GRkZ7Nmzh7feeguDwWC3veuuu47JkycDkJCQQP/+/fnf//5Hu3btKrRp2bJlBAYG0rFjR6CsW/2ECRM4duwYDRs2rFYC6lyKovDxxx+zYsUKGv1Le0mpl0e+sXrngBBC1LaqZmYzm81XsCVC/DdVeUWQnZ3Nrl276NatG87OzgC0bdsWR0dH269biqJU6wLMarXa4tROaSiEENeC0vNmbUvasAFHHx/8/05617S8U6fI2L2bZiNG1Mr2LcXFxP/2G+F33YWDi4vdY1azmbyTJyk+d8pbRaG0oABzUREKgFZLaUEBJdnZWM+76FOsVvJPn6Y4JaXKNqTt3ElpQQENbr3Vtp4pLw/FasWYkUFeTAxcYDY+Y0YG+XFxWC4w211JdjZ5MTGYiyovYm3KyyMvJgbTOT0gLCYTpfn5Zd+NFgum3FzbczPl5mI5Z6a/goQEsg4eLPuPpvp1dcqHLGmqsY6iKFXORnjud3Nl65YLCAigRYsWJCcnV7hAT09PZ+3atTz22GO2Zbm5uURGRvLee+8REBCAxWK5aFvPVVhYiJeXFx9++CEtW7ZUPaPiv41Sko90pBFC/Fs4ODjY/gkhakeV764zZ87g4OBASMg/vwJHRESwbt06PDw8bBeLubm5JCYmUlRUhKIoODk5ERoaWuVUzA0aNCA+Pr7mnokQQvwLlObno3d3x5iWRsLvv9P5nXdqbV9H58yh0YMPVkii1JSE339H7+GBf9eu9stXr+bAe+9hys1FsVppOHgw7SdNQrFY2PfWWyT+8QfGjAwURWFl//5YTCZ6f/EFfh06AJB54AB7Xn+d/Lg40GrxbduWTm+9hXvDhnb7sZpMRH/5JW0nTrQtK0pOZuPDD+PdogUZ+/dTmpeHe0QEXaZOxfvvGj2m7Gx2vfYaqVu2gEaDo6cnHd54g5B+/cq2W1rK3jffJGH1agC0Dg60Gj2aJsOG2fYT9eGHxP7vfyh/DwNuMmwYkWPHkrJlCwfefZfeX3xBcUoKfz7yCN0++ojA665j3V130W7iREIHDCBq2jROLl6M1WwmoGtXChMScAsLq9Zx12g0lJaWEh8fj5eXFzqdjpSUlGolbtQ4d3smk4n4+Hjq169f4cJ88eLF9OzZk3rn1FgKDAxk9OjRnD59+pJqHpTXujObzZgukEi7dhSDwRVKCuq6IUIIoVp1kjXSA0cI9ap8Z2VlZWEwGGy9aTZt2kRRURHOzs60atUKZ2dnHBwcWL9+va17tclkom3btnz22Wd4eHhckSchhBD/JqX5+Zz46iuCevWqtQLCZ9etQ+vkRHAt1W0pTk0lZetWGt13H7pzhsykbN7MrokTaTpiBC2ffJKUbdvY+swzuIaF0WLkSNpNmECbF19k+/PPYzWZ6DFrFpbSUpwDA4Gy2Zu2jh6NU0AAfb76CnNhITsnTuTAO+/QfeZMu6RT9Ndf4926Nd4tW9qWKVYrqdu3YzWZ6PT22+jd3dn+/PPsevVV+i5ejMHLi+jFi8k6cIBuH32Ed6tW7HvrLfZNmUJAly44uLlx+pdfiPn+e3rOmUPQ9dcT/eWXnPzmG+rddBPOAQEkbdjA0blz6TJ1Kg0HD+b0L79w9NNPCb/nHpz9/ChMTKQoKYnso0fJiY4m9+RJnHx8KExMxKtlS04vW8bhGTNoO2ECje6/n5NLlhC/ciVufxcGvhidTkdmZiYTJ060DVcqLCxEq9XWWLJGo9Fw5swZNmzYQGZmJsuXL6ewsJBbbrnFLu7gwYOkpqZy//33V2jj5Th/aNe1TFFkhiwhxLXNwcFBkjVCqKSqv9rnn39OdHQ0p06dYs6cOTzwwANYLBb69OnDa6+9RnFxMYqi4OLigqur60W3J71qhBD/VS2feqp2psoGSgsKSFy3jga33YZDNT6LL0XSn39i8PDAv3Nnu+Vn162jODUVDXBy8WLQaNA5ORH74480f/xxHP38AHBwccGi1eIcHGy3ftr27RQmJNBj1ix827cH4LoZM8g5fhzOGYpTmJhI6pYtdD5/FkFFQe/mRtNHHiH0hhsA6PTWW2x69FEyDhwgpE8f6t90E6EDBqB3cyM3OhqNTocpJ4fCpCQ8mzZFq9djLS2lJCuL4pQUmg4fTvi992L4e+pxrV6P1WSiNDeX
|
|||
|
|
<h4>尝试进一步利用</h4>
|
|||
|
|
<p>在读取<code>etc</code>下<code>fstab</code>文件时看了网站的完整路径,但是有一点不是很明白,<code>/u01</code>是什么目录?</p>
|
|||
|
|
<p>图找不到了,总之后来百度发现是<code>linux下挂载点目录</code>,无奈只能再找其他方法。</p>
|
|||
|
|
<p>这里参考了一些文章</p>
|
|||
|
|
<p><a href=https://mp.weixin.qq.com/s/Sc3mT1vjgKv8PCwEXx2FFw target=_blank>https://mp.weixin.qq.com/s/Sc3mT1vjgKv8PCwEXx2FFw</a></p>
|
|||
|
|
<p><a href=https://mp.weixin.qq.com/s/EgrGKEg53Dts4JH15duLuQ target=_blank>https://mp.weixin.qq.com/s/EgrGKEg53Dts4JH15duLuQ</a></p>
|
|||
|
|
<p>如法炮制,读取历史命令,尝试读取均未有所收获猜测是能是权限不够,但是又想到/etc/下的文件文件都可以所以也可能不是权限问题。</p>
|
|||
|
|
<div class=highlight><pre><span></span>/../../root/.bash_history
|
|||
|
|
/../../.bash_history
|
|||
|
|
</pre></div>
|
|||
|
|
<p><a id=img10 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083157-349466dc-10c0-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA7IAAAF2CAYAAABTZqR/AAEAAElEQVR4nOzdd3gUxRvA8e+19F5ISICEltBrCCAovQgKCohUEZGiSBFQfqAICqIgSFFBFFBEEBGQJqj03qRKQg0khPRer9/+/og5OBIgC0FA5vM8PHq7s7Nze5e7e3dm3lFIkiTxCLly5Yqs8nq9XlZ5hUIhq3x2dras8nl5ebLK+/n5ySqfn58vq3xubq6s8i4uLrLK29vbyyqv0WhklZfbfmdnZ1nltVqtrPI+Pj6yyicnJ8sqr1AEyyrv6qqSVT4mRt7fi7OzUlZ5BwfdXcs0aFBBVp2CINxeUkICJpOJwPLlS7XejIwMPD09S7VOQRAEQShN8n6lCoIg3KcTJ6497CYIgiAIgiAIjzm13B5NQRCE+3XixDVq1rzzaIS8mBgc/f1Ryuz1vx2zVotZq8XOy6tU6gPIvXIFp/LlUcocaSDIExUVhZOTE2XLln3YTfnXqNVqVCp5Iy4ehEftN4JWq0Wn04neYkEQBAG1Tld0KODRo0eZP38+CoWCiRMnUr16dQBGjx5tM9RTpVIxfPhw/P39mThxok0ddnZ2vPfeewQGBpa4MXKHzQqC8PiKiEiicmX3YveZ8vM5PHIkTZctQ1VKsx+Sdu9GMpnwb9euVOoz5uRwYOhQnl6zBtVtgm2zTsfpSZOoPmYMjqUUhF379VcMGRlUee01WcedeOcdKvbvj2edOrctE/Hpp1QdOhS7RyxIKPweKe776r/KwcHhkQhkb73mu3fv5uTJk7z99tsAxMXF8fnnnzNz5kwWLVrEiRMnbMq7ubnx8ccf88EHH5CRkWGzr3r16owdO5YhQ4ZgsVgACAgI4PXXX6dCheKnIOzZswd7e3uaNm0KFAS2U6ZMYcaMGbKe18mTJ1m4cCHffPNNicpnZmYyZ84ctm/fTvny5ZkxYwZBQUFAwZSiGTNmcPDgQVq3bs27776LWq22Hjdp0iQiIiJ4/fXX6dWrF0qlGAwnCIJQGop8ml66dInJkyfTtGlT6taty5AhQ4iKigLg4MGD+Pr6Eh4eTnh4OI0aNcLDwwMHBwfCw8MJCwvj2LFj1KxZk7CwMBwdHWU1Zvv27aXzrARBeCwYc3KK3Z6wbRuVBg5E5eBQaudJ2LYNzwYNSqU+yWzm2po11Hr//dsGsYXlUg8dwlSKN+nyrlwh+/x52celHjqEPi3tjmW0iYlYTCZZ9cb8/DMmmbkBhEeEUcuFiKvIyQQRFxfH6dOnrY/z8/M5cOAACoWCqlWrEh4ejsFg4MKFC4SHh1O/fn1UKhX16tUjPDyciIgIMjMzCQ8Pp1q1agDs27cPLy8vwsLC0Gq1dOzYkaNHjxY5d3Z2Njt27KBGjRoApKSkMGvWLLZu3Srraf/999+89957XL9+vUTlLRYLU6dOJTk5mXHjxhEcHMywYcNITk7GZDIxdepUYmNjefPNNzl16hTffvstZrOZlJQUXn/9dVxdXXnzzTf55Zdf2Llzp6y2CoIgCLenvnXD9OnTady4McOGDcNisXDgwAFWr17NhAkTUCqVPPvsszzzzDNFKhoyZAgmk4lly5bRt29fypQpI7sxkZGRNGvW7N6eiSAIjyVjTg4aV1ebbVkREVQbNarUznFp0SICOnUqtWHFhowMDJmZeIeHl0p9j4p6n3xyx8C8ONErV+LXqhVqmYnWhIcv4dwOVq1Kot/0QbjdZ11KpZJ27dohSRL5+fnk5+czZMgQ6/6+fftisVjYuHEjNWvWtNmnVCpp3749bdu2xWQykZyczPbt2wkLC7PpvZw/fz4dO3bEzc0NvV7PlClT8PPzkzXkPCEhgbFjx1KnTh0iIyNLdExycjKurq5MnDgRb29v2rdvT4sWLYiNjcXR0ZETJ06wYcMGHB0deeaZZxg2bBi9e/fm+PHj5ObmMmXKFOzs7HB3d2fdunW0bdu2xO0VBEEQbs8mkM3Ly+PkyZO0a9cOlUqFSqXipZdesg6RATAYDDaZXh0cHGRnAr6VJEksWbKEhg0b3lc9giA83iRJIurbb/EOCyu1wCgnKgrJaKRM8+alUp8kSUSvXInvU0+V6LNPMptJP3GC2HXrsPfxIaBjx4JhxpKELi2NlH370CYk4BgYSJnmzbH39gZJIi82lpSDB9Gnp+NauTK+Tz1lDfgli4W0Y8dIO3oU+zJlCOzUqUTXy5iZSez69egSEnCrXh3f5s1R3vT5nrhtG/5t2tyoS5LIj4sj5dAhdCkpOFeoQJlmzbDz9CRp927yr19Hl5rKtbVr0bi5EdipU8GwZEki89w5Ug8eBIsFn2bN8KhZ03qe+N9/x7d5c1IPH0afkkJw794Ys7NJ3LED/3bt0Li4gCRxffNmPOvUwfmfIZxCKTHrOXdoG9sOX8GicJJ9uMVisf4OKO05tGq1GhcXFwwGAzcvqhAVFYVGo7He7FapVLz77ru4urpy+PDhEtfv5OTE4sWL2bVrV4kDWX9/f6ZMmWJ9fOXKFZycnPD29uby5csEBQVZR6D5+PigUCjQ6XRcuXKFpk2bYmdnB0C5cuWIi4srcVsFQRCEO7MZWpyRkYHFYsHd3R2LxUJqairt27enY8eOAJhMJj766CNefPFFXnzxRfr06UNmZuZ9N+LChQucP3+eli1b3nddgiA8vrLPnyfr/Hn8WrUqtToTd+4ksGvXUqsv/cQJdGlpeJXwxpsuOZnYX3/FOyyMtL/+4sjQoegzMrCYTERMn07itm04V6xI7C+/cG7OHCxmM/q0NE6MHUteTAyedesS8/PPXFu79kYb/vqL2PXrKdOiBfFbtnDp66/v2g6LwcDFhQuRLBYcAwM5MmQIqYcO2ZQ5P3cuhps+0415eZyaOJHMs2fxrFuX+M2bubx4MQAOvr44V6iAyt4ep8BAnCtUsCa9Sty9m6NDhmAxGFCo1RwbPpzUm4aKXpg/nyNDh3Jt9WpM/+RdUDk6cumbb8i+cAGAvNhYzkyebN0vlCKTDqNPHbr36IiHvBlAAJw6dcr6O2DkyJEYDIb7blJOTg5JSUls2rSJPXv2ULt2bZve2F27dtGzZ0/rY7VabZ2jKoe7u/tt59+WhFarZdGiRbRr147y5cuTmJiIt7e3TRm1Wo3FYiEzM5Ny5cpZt9vb2z9R87wFQRAeNJse2cJkCwqFgry8PPr06UN6ejrh4eEsWLAAlUpF7969qV27NlBwR1Tuup3F2b59O2PGjJG9xqggCI+OmjXtAXuCgv7mxx+Defrpgt7Dpk3Ps2JFRVxcsoqs2xufDmXKlKHwLz9x2zaqjxtXalmAc6Ki0CYk4BYSUir1mbVa4n/7jepjx9r0ZN6JysGB0BEj8G3aFLfq1dnRpg2Zp0/j27w55bp0wb16dYw5Ofg0b07y7t1Y9HrMej36jAw8atXCpWJF6n78MZLZbK3TlJND6MiROPr5EfDss1xbt+6u7ZDMZvxbt6ZCt24ARH72GbnR0ZR5+unbH2MyYcjIoNwLL+ASHEydjz6yzvd1/6eHVePqik+TJjj8M53EYjRyadEifJ56iqpvvFHQqxsby5lJk2i1dSsKpZKcy5epMmgQ1d95B8U/wYpSo6Fcly4k/PknXg0aEPfbbzgFBuJatWqJrrMgg707daq5k5csb932QpUrV2bs2LHAjWRP98NkMjFr1iycnZ2xt7enT58+PP/889YRD5cuXSIxMfG+AtDS8ueff5KUlMTMmTNRqVQoFIoiyZtuTtJ1a8KuRyGBlyAIwn+FzS8xV1dXFAoFGRkZODs7s2LFCubNm0d6ejpQEODWrFmT5qU0RA8gMTERjUaDv79/qdUpCMLDU768HQ0a3BiuaG9f8GN03bp1REREFCn/5ptvUr16dbSJiSg0Ghz97rwsT0mZtFrOz5lD7UmTShx03k3m2bO4hYZi51byGYUaNzfs/5mb6+jnh9LODkNW
|
|||
|
|
所以尝试不加<code>../../</code>直接读取<code>/.bash_history</code></p>
|
|||
|
|
<p><a id=img11 href=https://xzfile.aliyuncs.com/media/upload/picture/20240513083200-36a1b402-10c0-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABHgAAAH5CAYAAAD6JomZAAEAAElEQVR4nOzdd3gUVRfA4d9szab3ntBC70VEkCKKgCKCqKhYEBt2FLvYC4j6KYKiKIpItSBFULDQO6H3DgkJqaRn+3x/hCwJCUmGIqLnfZ48hN0zs3d2Nzt3z5x7r6Kqqmq1WikoKCA0NJR/mrS0tCrvz8zM1LQ/VVU1xfv7+2uKz8vL0xSflZWlKT44OFhTvE6n0xSfn5+vKd7tdmuK9/Hx0RRvsVg0xTscjgsa7+vrqyle6/uzbt26muKr+/s4XW6uQVN8rVpRmuKPHdP2fBYVaXv/BAdra39R0Znfzx071ta0LyHEP8PBffvQ6XTUrlfvguzf4XCQnZ1NRETEBdm/EEIIIURNpaen43K5zni/Tqfj4J49XNGlS8n//66GCSGEEEIIIYQQQogLo9zlcLfbjdPprDTQaDSiKAoATqfTU7lR9vaynE4nqqpiNBor3KeqqubKCSGEOJ/sdrvmbVRVxZaejjk4GMVkgjNVBCoKeqMRt8OhuWqwOopOh85gwOVwnPnxz7jxyXY5nahVVN+d02P8w+j1evR6PY4yr4XRaERVVZxOZ5XnMACDoWLVWOk5zGAwVKiSLHt+PJ1OpyMzMxOz2VyumtFoNOJyuTRXRJZt35nO3ZeKM70Oomo5OTkoikJAQMDFbooQQggh/gE8PVdFUbDZbFit1nKdrNLff/75Z1atWkVISAgDBw4kOjoaRVGYOXMmBw4c8MS73W4CAgLo378/xcXFzJgxA71ej8Fg8CSQwsLCuPvuu8/7Fx8hhKipoqIibRvodNjS09n76ac0e/llFKez0uSHotNRnJZGyoIFxN5wA+awMNQqyio1NcFgIG/PHjLWrCGuXz+Mfn5VJmpOb5ctO5vk2bOJ6tkT79jYStul6PUUJSWRvnIl0b16YQoIqPFjlG6Pqmra5kLR6XSsW7eOPXv2MGDAACwWCzqdjsmTJ+Pn50fPnj357rvvSE9P9yQYnE4niqJw6623oqpqpeew8PBw7rvvPn799VcSExPR6XQoikJMTAw9e/YkMDCwQimtoigoisLYsWMZMGAACQkJQEmyaMqUKcTFxdGpU6caJx4VRcFgMLBw4UJycnK4+eabsdls5/05/Duoqoq/vz96vf5iN6Vau3btYunSpQwcOJCgoCAA5s+fT05ODoMGDeL7779nz549mEwm9Hq9J+F34403EhMTw+effw7gOVan04mvry+PP/44iYmJLFy40PN+Cg8P57rrrqtyqNiUKVNo27YtV1xxhee2X3/9FYDevXtrPr7ExES2bdvG4MGDa7yNqqosXbqUOXPmUFRURNeuXRkwYABmsxko6RfOmTOHP//8k+joaB588MFyUwKkp6fzzTffcOTIEbp3787NN9+sud1CCCGEKOG59FiabCnthCqKgk6nQ6/X88UXX/DGG29QUFDAn3/+ySOPPEJOTg4mk4lZs2YxdepUDh06xP79+9m3bx+HDx/G4XBgtVrZt28f+/bt47PPPmP+/PkcOnSIo0ePlnucqn6EEOJC0Ol0GAyGSn9Kv2CV/dEbDByZNo2gli3RWywoUPnnll6PLT2dAxMnYs/ORqfX1/jzrrofnclEwcGDHJo8GVdREUol7Tzjj16PMzeXA19/jTU1Fd3JhEaFxzAaKU5O5sjUqTjz81G0tF+nI3fbNgoPHjyvx31Wz9XJ13f9+vVMmjQJm83mSdTMnDmT+fPnYzAYSEpK4tChQ8ybN48JEyawd+9e9u/fj9VqLXcO+/TTT1mwYIHnHObl5cVff/3FhAkT2L9/P1u3buWTTz7hwQcfJDk52ZMwKv0xm80sXboUgJiYGM/tc+fO5ZlnnuHIkSOYTKYaH5ter2fdunU88cQTbNiwocbb/lN//naqjbz8IrSmXrdv387YsWPLzZ83d+5cJk2aBEBSUhJ79+5l4cKFfPDBB2zevJndu3eTm5uL0+lk9+7d7N27l/HjxzN16lTP+w1g7dq1vP/+++zYsYOtW7cyfvx4BgwYwK5duypty9atW0lJSaFBgwae25YuXcp9993Hpk2bNB4Z7Nmzh4ceeoj58+dr2u77779n6NCh5ObmYjKZeOWVV/jyyy89948bN47XXnsNX19fli1bxhNPPIHVagVKKpAGDx7MsmXL8PX15e2332by5Mma2y6EEEKIElXOWGo0Gtm2bRvfffcdTz75JEOGDOHgwYMMHDiQH374gaeeegqn00mrVq2YOHGi54QNeK5efvXVV6iqSvv27enTpw8vvfQSxcXFVU4UJIQQF5rVaqWwsLDS+3x8fDxXnwF0JhPZiYkUHT9O/YcfrlFFTulXVsVgQHG7K9/mZFJEdbvPWA2EolS4Xyl7P2iqEPJsezLpc/q+VYeDgCZNaDVqFF5nqD6qtF2Kgt5kYufo0fjVr0+rkSNxFRdXrOQ5mZSqsN/SL/mlFxtKn5eTbVXL3FdZvFaqqnq+jPr6+vL6668zd+5cPv30U8xmMy6XC1VV+eqrr3C73bRv354bbriBF198kaKiItxuNy6Xi7p16/LFF1+g0+nYu3cv/fv3Z/bs2Tz99NOeYVM6nY7s7GyWLVtGnz59CAgIwG63M2nSJKZNm0ZgYCA6na7GVa16vZ6FCxcyZswYjEajZ8iZqCkHSavnMXW1nnuG90fbVPJUmpAqff6HDx8OwLRp03j11VcZM2ZMuQqc0kTQVVddRbNmzRg7dqznPpfLRUREBOPHj8fX15fMzEx69erFhAkT+Oijj8ofgcPBL7/8QpcuXQgJCQFg1qxZjBkzBl9f30qHFlZl3bp1vPbaa9hsNk2LGxQXF/Ptt98yfPhwHnjgAaBksYCffvqJwYMHk5qaysSJExkxYgS33norR48eZeDAgcyfP58BAwbw5ZdfcuLECebMmUN4eDhNmzblm2++oUePHkRFaX1lhBBCCFFlD0Cn07Fz507y8/Pp1q0bdrud2rVr06BBAw4fPnzGK29lO5qlnWRFUVBVFZfLJckdIcRFt3z5cr777jtcLle5zzGn08kjjzxCt27dSj6rdDpcxcUc++UXYq+/HoO3N+6azHdyMgmSu2sXuFz41qtXcltp0sJgwHHiBNasLLzCwjAGBKCW7vdkXNGxY6hOJ5aYGJSyX9h0upLtc3KwZmRgiY1FbzJVPyxKUUqSSgYDruJiCg8fxhwRUTLU6+Tnsup2o/f2xrd2bXRGY/kEyuntio1Fp9ejulw4CwpwuN24XS5cNhu29HRcDgemwEDPYyt6Pda0NBx5efjWro1iMJQ8rqLgttlw2+0YAwJwO51YU1Mxh4Sg6PU48vPRmc3oTCbPvpz5+Sg6HXofn2qTPKUVL6U/Zc9dpYma0vNW6Tmq7P9L58Ypnben9BxWuo/SmFq1atGwYUOOHj3qGe6sqio6nY4VK1bg6+tL27ZtcTgcFBUVoSgKr776Kh9//HGNz4uKomC32ykoKGDYsGHMnTtXzqlaqE4OrPudH35Zhz2oo+aVJkorqE7v+7z99tusWbPG8/+6devy448/kpqaSmpqaoX9lCZsNm/eTKtWrSp9rNDQUNq0aUNycjIOh6PcnIabNm0iNzeXnj17AiWfW8XFxbz66qt8/fXXmt8T2dnZPPjgg2zcuJFDhw7VeDtVVXnnnXdo3Lix57bg4GDP39iOHTswm8106tQJgPj4eFq3bs2SJUsYMGAAa9asoXPnzoSHhwPQo0cPPvvsM3bv3i0JHiGEEOIsnDHBoygKDoeDo0ePEh4ejtls9nRWSzujNpsNnU5Hbm4u69evx26343a7CQkJIT4+/uKUXQshRA1cfvll1K5du8LtqqoSERHh+VKvMxhIOzm0JvSKK2o0t4yi0+G229kxciSFSUk4CwoI79yZ5q++itHfH7fTyb5PP+XozJkliRtVpcHjjxPXvz
|
|||
|
|
虽然读到了,但是并没有什么敏感信息(路径、账号密码等等),无奈只能到此为止。</p>
|
|||
|
|
<h4>总结</h4>
|
|||
|
|
<p>虽然最后没能成功getshell,但是也学到了很多。比如后面再看平台源码时发现页面上多处图片都是通过<code>filepath=xxx/xxx/xxx.jpg</code>加载的,这是以前没怎么注意到的。</p>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=post-user-action style=margin-top:34px>
|
|||
|
|
<span class="btn btn-default pull-right" id=mark data-action=topic data-pk=14456>
|
|||
|
|
<span id=mark-text>点击收藏 </span><span class=i-seprator> | </span><span id=mark-count>0</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right" id=follow_topic data-pk=14456>
|
|||
|
|
<span>关注</span><span class=i-seprator> | </span><span id=follow-count>1</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right">
|
|||
|
|
<span>
|
|||
|
|
|
|||
|
|
<span id=ready_reward data-toggle=modal data-target=#myModal>打赏</span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<div class=clearfix></div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=related-section>
|
|||
|
|
<div class=related-box>
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/14453 title=以美国和韩国为目标的Kimsuky最新钓鱼活动攻击组件及木马攻击链剖析><span class=related-label style="padding:3px 4px;margin-right:3px">上一篇:</span>以美国和韩国为目标的Kimsuky...</a></span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/14457 title=Windows内存取证与恶意行为排查><span class=related-label>下一篇:</span>Windows内存取证与恶意行为排查</a></span>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="modal fade" id=myModal role=dialog aria-labelledby=myModalLabel aria-hidden=true>
|
|||
|
|
<div class=modal-dialog>
|
|||
|
|
<div class=modal-content>
|
|||
|
|
<div class=modal-header>
|
|||
|
|
<h4 class=modal-title id=myModalLabel style=text-align:center>
|
|||
|
|
积分打赏
|
|||
|
|
</h4>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-body id=button-value>
|
|||
|
|
<div style=text-align:center>
|
|||
|
|
<div role=group>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type1>
|
|||
|
|
1分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type2>
|
|||
|
|
2分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type3>
|
|||
|
|
5分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
<br>
|
|||
|
|
<div style=margin-top:20px>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type4>
|
|||
|
|
8分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type5>
|
|||
|
|
10分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type6>
|
|||
|
|
20分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-footer id=confirm>
|
|||
|
|
<button type=button class="btn btn-default" data-dismiss=modal>关闭</button>
|
|||
|
|
<button type=button class="btn btn-primary" id=reward_topic data-pk=14456>确定</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box">
|
|||
|
|
<ol class=breadcrumb>
|
|||
|
|
<li class=active>0 条回复</li>
|
|||
|
|
</ol>
|
|||
|
|
<div class="box-container post-container">
|
|||
|
|
|
|||
|
|
<ul>
|
|||
|
|
<li style=min-height:50px;line-height:60px;margin-left:15px><strong>动动手指,沙发就是你的了!</strong></li>
|
|||
|
|
</ul>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box" id=reply-box>
|
|||
|
|
|
|||
|
|
<div class="box-container clearfix">
|
|||
|
|
|
|||
|
|
<div class=reminder>
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F14456&from_type=xianzhi"><strong>登录</strong></a> 后跟帖
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<footer class=bs-docs-footer>
|
|||
|
|
<div class="container text-center">
|
|||
|
|
<div class=links>
|
|||
|
|
<a href=https://xz.aliyun.com/feed target=_blank>RSS</a>
|
|||
|
|
<a href=https://xz.aliyun.com/about target=_blank><span>关于社区</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/partner target=_blank><span>友情链接</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/notice>社区小黑板</a>
|
|||
|
|
<a href=https://xz.aliyun.com/connection>联系我们</a>
|
|||
|
|
<a href=https://report.aliyun.com/ target=_blank>举报中心</a>
|
|||
|
|
<a href=https://www.aliyun.com/complaint target=_blank>我要投诉</a>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</footer>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div id=waf_nc_block style=display:none></div>
|