-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.html
41 lines (35 loc) · 15.4 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<!DOCTYPE html><html lang="zh-Hans"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"><meta name="description" content="Keep optimistic and Never give up"><meta name="keywords" content=""><meta name="author" content="Ginove,undefined"><meta name="copyright" content="Ginove"><title>Ginove</title><link rel="shortcut icon" href="https://ginove-1252770243.cos.ap-guangzhou.myqcloud.com/%E8%B7%AF%E9%A3%9E/bitbug_favicon.ico"><link rel="stylesheet" href="/css/index.css?version=1.5.6"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/css/font-awesome.min.css?version=1.5.6"><link rel="dns-prefetch" href="https://cdn.staticfile.org"><link rel="dns-prefetch" href="https://cdn.bootcss.com"><link rel="dns-prefetch" href="https://creativecommons.org"><link rel="dns-prefetch" href="https://cdn.jsdelivr.net"><link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch.min.css"><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/instantsearch.min.js" defer></script><script>var GLOBAL_CONFIG = {
root: '/',
algolia: {"appId":"CH3QQ87I9H","apiKey":"1005940df08368eb06761af10c531247","indexName":"my-hexo-blog","hits":{"per_page":10},"languages":{"input_placeholder":"搜索文章","hits_empty":"找不到您查询的内容:${query}","hits_stats":"找到 ${hits} 条结果,用时 ${time} 毫秒"}},
localSearch: undefined,
copy: {
success: '复制成功',
error: '复制错误',
noSupport: '浏览器不支持'
}
} </script></head><body><canvas class="fireworks"></canvas><i class="fa fa-arrow-right" id="toggle-sidebar" aria-hidden="true"></i><div id="sidebar"><div class="author-info"><div class="author-info__avatar text-center"><img src="https://ginove-1252770243.cos.ap-guangzhou.myqcloud.com/%E8%B7%AF%E9%A3%9E/toui.jpg"></div><div class="author-info__name text-center">Ginove</div><div class="author-info__description text-center">Keep optimistic and Never give up</div><hr><div class="author-info-articles"><a class="author-info-articles__archives article-meta" href="/archives"><span class="pull-left">文章</span><span class="pull-right">37</span></a><a class="author-info-articles__tags article-meta" href="/tags"><span class="pull-left">标签</span><span class="pull-right">13</span></a></div><hr><div class="author-info-links"><div class="author-info-links__title text-center">Links</div><a class="author-info-links__name text-center" href="https://ph0en1x.com/" target="_blank">Ph0en1x</a><a class="author-info-links__name text-center" href="https://findneo.github.io/" target="_blank">findneo</a><a class="author-info-links__name text-center" href="https://chybeta.github.io/" target="_blank">chybeta</a><a class="author-info-links__name text-center" href="https://madsome.one/" target="_blank">madsome</a><a class="author-info-links__name text-center" href="https://www.lxpark.com/" target="_blank">lzhtony</a><a class="author-info-links__name text-center" href="http://www.virtua1.cn/" target="_blank">virtual</a></div></div></div><nav class="https://api.dujin.org/bing/1920.php" id="nav" style="background-image: url(https://api.dujin.org/bing/1920.php)"><div id="page-header"><span class="pull-left"> <a id="site-name" href="/">Ginove</a></span><i class="fa fa-bars toggle-menu pull-right" aria-hidden="true"></i><span class="pull-right menus"><a class="site-page social-icon search"><i class="fa fa-search"></i><span> 搜索</span></a><a class="site-page" href="/">Home</a><a class="site-page" href="/archives">Archives</a><a class="site-page" href="/tags">Tags</a><a class="site-page" href="/about">About</a></span></div><div id="site-info"><div id="site-title">Ginove</div><div id="site-sub-title"></div><div id="site-social-icons"> <a class="social-icon" href="https://github.com/ginove" target="_blank"><i class="fa fa-github"></i></a><a class="social-icon" href="mailto:[email protected]" target="_blank"><i class="fa fa-envelope"></i></a><a class="social-icon search"><i class="fa fa-search"></i></a></div></div></nav><div id="content-outer"><div class="layout" id="content-inner"><div class="recent-post-item article-container"><a class="article-title" href="/2018/12/20/CSP绕过总结/">CSP绕过总结</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-12-20</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/XSS/">XSS</a></span><div class="content">CSP的基础CSP的全称Content Security Policy,用来防御XSS攻击的技术。它是一种由开发者定义的安全性政策性申明,通过CSP指定可信的内容来源,让WEB处于一个安全的运行环境中。
一个CSP头由多组CSP策略组成,中间由分号分隔,如下所示:1Content-Security-Policy: default-src 'self' www.baidu.com; script-src 'unsafe-inline'
其中每一组策略包含一个 ...</div><a class="more" href="/2018/12/20/CSP绕过总结/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/11/29/逆向工程基础教程01/">逆向工程基础教程01</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-11-29</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/逆向工程基础/">逆向工程基础</a></span><div class="content">ISA(Instruction Set architecture):指令架构Machine code:机器码Assembly Language:汇编语言
</div><a class="more" href="/2018/11/29/逆向工程基础教程01/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/11/21/linux-pwn-栈溢出/">linux pwn 栈溢出</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-11-21</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/PWN/">PWN</a></span><div class="content">ida栈窗口EIP寄存器保存的是下一条将要执行的指令地址ESP寄存器保存的是栈顶地址EBP寄存器保存的是栈底地址
</div><a class="more" href="/2018/11/21/linux-pwn-栈溢出/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/11/19/湖湘杯wp/">湖湘杯wp</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-11-19</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CTF做题笔记/">CTF做题笔记</a></span><div class="content">
题目备份下载
1、Misc Disk解题思路、相关代码和Flag截图:使用用FTK软件加载vmdk文件,然后拼接ads文件中的二进制字符串,得到flag
2、Misc Flow解题思路、相关代码和Flag截图:流量包,搜索到http://mslc.ctf.su/wp/nuitduhack-2012-prequals-sciteekadm-cap/首先使用aircrack-ng 破解密码
后使用解压出加密的流量包
3、Misc Hidden write
提取出3张图片,使用zteg工 ...</div><a class="more" href="/2018/11/19/湖湘杯wp/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/11/08/流利阅读打卡/">流利阅读打卡</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-11-08</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/英语笔记打卡/">英语笔记打卡</a></span><div class="content">Day 1 Pittsburgh massacresynagogue n.犹太教堂bris n.割礼massacre n.屠杀 the Nanjing MassacreHebrebw 希伯来alleged 被嫌疑的 alleged kiiler 嫌疑犯once known as 曾经被称为immigrant 移民the Hebrebw Sheltering 希伯来庇护所invaders 入侵者nativism n.本土主义it does’t take a deep understandi ...</div><a class="more" href="/2018/11/08/流利阅读打卡/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/11/03/linux-pwn-环境搭建/">linux pwn 环境搭建</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-11-03</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/PWN/">PWN</a></span><div class="content">i春秋的pwn入门教程:Linux+pwn零基础入门
docker 配置ubuntu导入docker镜像后,按照教程,但是出现了”权限不够的问题”,这时候就要加上--privileged=true1234567891011121314# 创建容易,映射端口 docker run -it -p 23946:23946 --privileged=true Imagename /bin/bashdocker ps -a# docker 后台运行CTRL+P+Qdocker exec -it cont ...</div><a class="more" href="/2018/11/03/linux-pwn-环境搭建/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/10/15/i春秋web题目笔记/">i春秋web题目笔记</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-10-15</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CTF做题笔记/">CTF做题笔记</a></span><div class="content">一些php函数isset — 检测变量是否已设置并且非 NULL如果 var 存在并且值不是 NULL 则返回 TRUE,否则返回 FALSE。
var_dump($a)$GLOBALS 存放所有全局变量
文件包含12345<?phpinclude "flag.php";$a = @$_REQUEST['hello'];eval( "var_dump($a);");show_source(__FILE__);
闭合(),使用pri ...</div><a class="more" href="/2018/10/15/i春秋web题目笔记/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/10/12/SQL注入小结/">SQL注入小结</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-10-12</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/SQL注入/">SQL注入</a></span><div class="content">1.XOR注入
使用场景
过滤了关键字:and 、or、逗号、空格
Payload:123admin'^(ascii(mid((passwd)from(i)))>j)^'1'='1'%23或admin'(ascii(mid((passwd)from(i)for(1)))>j)^'1'='1'%23
MID()函数:MID(str,pos,len) 对于str字符串,从pos索引值 ...</div><a class="more" href="/2018/10/12/SQL注入小结/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/10/04/南邮CTF平台web小记/">南邮CTF平台web小记</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-10-04</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CTF做题笔记/">CTF做题笔记</a></span><div class="content">上传截断<%path=”upfiles/picture/“file=”20121212.jpg”upfilename=path & file ‘最后的上传地址%>
php://filter/read=convert.base64-encode/resource=index.php
PHP序列化漏洞常用的魔术方法:construct():当一个类被创建时自动调用
destruct():当一个类被销毁时自动调用invoke():当把一个类当作函数使用时自动调用
tostring( ...</div><a class="more" href="/2018/10/04/南邮CTF平台web小记/#more" style="margin-top: 14px">阅读更多</a><hr></div><div class="recent-post-item article-container"><a class="article-title" href="/2018/09/30/Web渗透测试-初级/">Web渗透测试--初级</a><time class="post-meta__date"><i class="fa fa-calendar" aria-hidden="true"></i> 2018-09-30</time><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/渗透测试/">渗透测试</a></span><div class="content">SQL注入原理所谓SQL注入,就是通过把SQL命令插入到Web表单提交或输入域名或页面请求的查询字符串,最终达到欺骗服务器执行恶意的SQL命令
相关函数mid()—从文本中提取字符串1SELECT MID(column_name, start[, length]) FROM table_name;
column_name: 字段名,必需。start: 查询的开始位置(起始值为1)length: 可选。返回需要查询的字符数。如何忽略,则返回剩余文本。
limit()—返回指定行之前数据1selec ...</div><a class="more" href="/2018/09/30/Web渗透测试-初级/#more" style="margin-top: 14px">阅读更多</a><hr></div><nav id="pagination"><div class="pagination"><span class="page-number current">1</span><a class="page-number" href="/page/2/">2</a><span class="space">…</span><a class="page-number" href="/page/4/">4</a><a class="extend next" rel="next" href="/page/2/"><i class="fa fa-chevron-right"></i></a></div></nav></div></div><footer><div class="layout" id="footer"><div class="copyright">©2017 - 2019 By Ginove</div><div class="framework-info"></div><div class="footer_custom_text">Hi, welcome to my <a href="https://ginove.github.io">blog</a>!</div><div class="busuanzi"><script async src="//dn-lbstatics.qbox.me/busuanzi/2.3/busuanzi.pure.mini.js"></script><span id="busuanzi_container_site_uv"><i class="fa fa-user"></i><span id="busuanzi_value_site_uv"></span><span></span></span><span class="footer-separator">|</span><span id="busuanzi_container_site_pv"><i class="fa fa-eye"></i><span id="busuanzi_value_site_pv"></span><span></span></span></div></div></footer><i class="fa fa-arrow-up" id="go-up" aria-hidden="true"></i><script src="/js/third-party/anime.min.js"></script><script src="/js/third-party/jquery.min.js"></script><script src="/js/third-party/jquery.fancybox.min.js"></script><script src="/js/third-party/velocity.min.js"></script><script src="/js/third-party/velocity.ui.min.js"></script><script src="/js/utils.js?version=1.5.6"></script><script src="/js/fancybox.js?version=1.5.6"></script><script src="/js/sidebar.js?version=1.5.6"></script><script src="/js/copy.js?version=1.5.6"></script><script src="/js/fireworks.js?version=1.5.6"></script><script src="/js/transition.js?version=1.5.6"></script><script src="/js/scroll.js?version=1.5.6"></script><script src="/js/head.js?version=1.5.6"></script><script src="/js/search/algolia.js"></script><div class="search-dialog" id="algolia-search"><div class="search-dialog__title" id="algolia-search-title">Algolia</div><div id="algolia-input-panel"><div id="algolia-search-input"></div></div><hr><div id="algolia-search-results"><div id="algolia-hits"></div><div id="algolia-pagination"></div><div id="algolia-stats"></div></div><span class="search-close-button"><i class="fa fa-times"></i></span></div><div class="search-mask"></div></body></html>