ez_curl(http-header格式解析 + exprees 请求参数截断)
首先看 js 的 express 框架 12345678910111213app.get('/flag', (req, res) => { if(!req.query.admin.includes('false') && req.headers.admin.includes('true')){ res.send(flag); }else{ res.send('try hard'); }}); 必须满足查询参数中不包含 flase,请求头有 admin:true (这里的请求头是 post 中的请求头) 再看 web php 代码 $input = file_get_contents('php://input'); 这里是直接获取的 post 内容 $headers = (array)json_decode($input)->headers; 将一个...
catcat-new(文件读取内存 + flaskSession 伪造)
点击猫猫信息看到文件读取功能 环境变量里没有 1http://61.147.171.103:60316/info?file=../../../../proc/self/environ /proc/self/cmdline,用于获取当前启动进程的完整命令 得到 b’python\x00app.py\x00’ 再次读取上级目录的 ../app.py app是个Flask对象,而secret...
Bamuwe靶机复盘
mainarp-scan -l 123456Interface: eth0, type: EN10MB, MAC: 08:00:27:82:4b:5b, IPv4: 192.168.43.160Starting arp-scan 1.10.0 with 256 hosts (https://github.com/royhills/arp-scan)192.168.43.1 12:dd:b5:07:19:10 (Unknown: locally administered)192.168.43.73 2c:9c:58:8e:96:a5 (Unknown)192.168.43.74 08:00:27:cf:d8:16 PCS Systemtechnik GmbH192.168.43.135 08:00:27:dc:f8:76 PCS Systemtechnik GmbH nmap 12345678910PORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 8.4p1 Debian 5+deb11u3 (protocol...
Vulnhub Moneynbox靶机复现
mainarp-scan -l 123456Interface: eth0, type: EN10MB, MAC: 08:00:27:82:4b:5b, IPv4: 192.168.43.160Starting arp-scan 1.10.0 with 256 hosts (https://github.com/royhills/arp-scan)192.168.43.1 12:dd:b5:07:19:10 (Unknown: locally administered)192.168.43.73 2c:9c:58:8e:96:a5 (Unknown)192.168.43.74 08:00:27:cf:d8:16 PCS Systemtechnik GmbH192.168.43.73 2c:9c:58:8e:96:a5 (Unknown) (DUP: 2) nmap -p- -A -T5 192.168.43.73 123456789101112131415161718192021222324252627282930PORT STATE SERVICE...
kakeru靶机复现
arp-scan -l 12345678910Interface: eth0, type: EN10MB, MAC: 08:00:27:82:4b:5b, IPv4: 192.168.43.160Starting arp-scan 1.10.0 with 256 hosts (https://github.com/royhills/arp-scan)192.168.43.1 12:dd:b5:07:19:10 (Unknown: locally administered)192.168.43.22 08:00:27:fa:74:72 PCS Systemtechnik GmbH192.168.43.73 2c:9c:58:8e:96:a5 (Unknown)192.168.43.74 08:00:27:cf:d8:16 PCS Systemtechnik GmbH192.168.43.80 08:00:27:3e:86:10 PCS Systemtechnik GmbH8 packets received by filter, 0 packets dropped by...
爬虫练手2:github热门语言项目
Beatifulsoup 快速实现12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091import requestsimport pandas as pdfrom bs4 import BeautifulSoupfrom datetime import datetimeimport matplotlib.pyplot as pltdef fetch_github_trending(keyword="python", date_range="Today"): """ 获取 GitHub 上某个编程语言的趋势仓库。 参数: keyword (str): 要获取趋势仓库的编程语言。默认为...
XYCTF2024复现
warm up123456789101112131415161718192021222324252627<?phpinclude 'next.php';highlight_file(__FILE__);$XYCTF = "Warm up";extract($_GET);if (isset($_GET['val1']) && isset($_GET['val2']) && $_GET['val1'] != $_GET['val2'] && md5($_GET['val1']) == md5($_GET['val2'])) { echo "ez" . "<br>";} else { die("什么情况,这么基础的md5做不来");}if...
numpy1
Numpy 基础11. 创建数组 固定类型数组: 使用 Python 的 array 模块创建固定类型数组。 123import arrayL = list(range(10))A = array.array('i', L) 从列表创建数组: 使用 np.array 从 Python 列表创建 NumPy 数组。 123import numpy as npa = np.array([3.0, 2, 5, 1.3])b = np.array([1, 2, 3, 4], dtype='float') 嵌套列表构成多维数组: 1c = np.array([range(i, i + 3) for i in [2, 4, 6]]) 2. 从头创建数组 全零数组: np.zeros 创建一个全零数组。 1np.zeros(10, dtype=int) 全一数组: np.ones 创建一个全一数组。 1np.ones((3, 5)) 填充特定值的数组: np.full 创建一个数组并用特定值填充。 1np.full((3, 5),...
小爬虫爬取王者荣耀英雄头像之多种方法
BeautifulSoup 实现提前创建好文件夹,用于存放图片 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051from bs4 import BeautifulSoupimport requestsimport time# 记录开始时间start_time = time.time()# 目标URLurl = "https://pvp.qq.com/web201605/herolist.shtml"# 创建一个会话对象session = requests.session()# 发送GET请求获取网页内容response = session.get(url)print(f'状态码: {response}')# 检查请求是否成功if response.status_code != 200: passelse: print("服务器连接正常")#...
手搓一个简单的神经网络识别猫猫图像
基本流程加载数据 –> 训练模型找出 w,b –> 将 w,b 代入预测函数 –> 预测 实现数据加载数据是给好的hd5文件低像素图片 导入库 –> 加载数据集 –> 数据重塑 12345678910111213141516171819202122232425262728import numpy as np # 导入NumPy库,用于科学计算import h5py # 导入h5py库,用于处理HDF5文件def load_dataset(): # 打开训练数据集文件,以只读模式读取 train_dataset = h5py.File('datasets/train_catvnoncat.h5', "r") # 从训练数据集中提取特征数据,并转换为NumPy数组 train_set_x_orig = np.array(train_dataset["train_set_x"][:]) # 从训练数据集中提取标签数据,并转换为NumPy数组 ...
