- 博客(3)
- 收藏
- 关注
原创 2020软测Web安全测试-easy_flask3-WP
过滤{{}} > 使用{%%}报错> 使用{%25%25} 过滤 ’ 和 " > 通过{%25set mystr=dict(xxx=1).keys()|reverse|first %25}来使得变量mystr=“xxx” 题目当中用到的有:在下面的pyload当中要用到这些变量来构造字符串(通过 __cla和ss__来绕过) {%25set cla=dict(cla=1).keys()|reverse|first %25} {%25set ss=dict(ss=1).keys()|reve
2020-11-22 14:20:06
365
原创 Misc torch_model WP
exp贴上: import torch import torch.nn as nn from torch.nn import init import torch.nn.functional as F import torch.optim as optim import os from hashlib import sha256 import numpy as np from PIL import Image from tqdm import tqdm import re def find_num(b):
2020-10-31 22:02:01
260
原创 eyoucms 1.4.6 XSS vulnerability
eyoucms 1.4.6 XSS vulnerabilityVulnerability describes Vulnerability describes Vulnerability found in Eyoucms1.4.6 and prior releases. In the member center member contribution office, after editing the contribution content through the editor, intercept the
2020-10-13 01:19:46
621
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人
RSS订阅