Fork me on GitHub
cws6

空巢老人


  • Home

  • Tags

  • Archives

ThinkPHP搭建博客

Posted on 2018-04-27 | Edited on 2018-12-03
博客源码:https://github.com/cws6/blog源码地址:https://github.com/xialeistudio/thinkphp-inaction/tree/master/blog 功能 管理员登陆,修改密码,退出登录 文章分类添加,编辑,删除。 文章添加,编辑,删除。 ...
Read more »

ThinkPHP框架学习(含数据库及I函数)

Posted on 2018-04-23 | Edited on 2018-12-03
参考文献:https://www.kancloud.cn/manual/thinkphp https://www.jianshu.com/p/ef3ee8260b2d www WEB子目录1234567891011121314151617181920├─index.php ...
Read more »

JSONP利用

Posted on 2018-04-19 | Edited on 2019-04-09
参考文献:https://segmentfault.com/a/1190000009577990​ http://www.codesec.net/view/172245.html​ http://www.freebuf.com/articles/web/126347.ht ...
Read more »

复现0ctf blog

Posted on 2018-04-14 | Edited on 2018-12-03
参考文献:https://lorexxar.cn/2018/04/05/0ctf2018-blog/ https://45.76.198.31/post/0CTF%202018%20Quals%20Bl0g%20writeup CSP:https://developer ...
Read more »

PostgreSQL入门及提权

Posted on 2018-04-10 | Edited on 2018-12-03
参考文献:http://www.jianfensec.com/postgresql_getshell.html https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484788&idx=1&sn= ...
Read more »

复现强网杯python is the best language 2

Posted on 2018-04-09 | Edited on 2018-12-03
参考文献:https://xz.aliyun.com/t/2219 http://120.77.209.122/index.php/archives/25/ 源码下载下来后,是基于flask框架,先查看路由文件routes.py,里面功能大部分是基于登陆的。 在others.py的最 ...
Read more »

php7的Opcache导致的getshell

Posted on 2018-04-09 | Edited on 2018-12-03
参考文献:https://www.jianshu.com/p/e675bd51c61 http://www.vuln.cn/6763 https://github.com/GoSecure/php7-opcache-override 题目Opcache 是一个 PHP ...
Read more »

代码审计补充知识点

Posted on 2018-03-31 | Edited on 2018-12-03
参考文献:https://hacksec.xyz/2018/03/23/php-trick/?nsukey=cWDNgiIxMsJayPNWtqM8Rc9amSOIgC0SI9Ko3jxxW2uV9mcoLNLdl4Q1U%2BrV9UhKIs3das0Cizzc8atumDKxG5nHSDPPth ...
Read more »

RPO漏洞

Posted on 2018-03-31 | Edited on 2018-12-04
参考文献:http://120.77.209.122/index.php/archives/24/https://www.jianshu.com/p/340bd5353248 RPO漏洞就是服务端和客户端对这个URL的解析不一致导致的,当页面中调用的静态文件是以相对路径调用的时候,我们可以利用浏览器 ...
Read more »

xxe

Posted on 2018-03-28 | Edited on 2018-12-03
参考文献:https://www.cnblogs.com/r00tuser/p/7255939.html http://www.freebuf.com/column/156863.html libxml2.9.1及以后,默认不解析外部实体。Linux中需要将libx ...
Read more »
1…78910

cws6

97 posts
8 tags
友情链接
  • r1ka
  • Blank
  • lrestless
  • 鸡翅儿
  • 爪爪
  • bmjoker
© 2019 cws6
本站访客数:
|