u1jodi1q 发表于 2024-10-10 04:07:48

fastadmin前台getshell漏洞 | 实战


    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">因为</span><span style="color: black;">微X</span>公众号推送机制改变了,快来</span><span style="color: black;"><strong style="color: blue;">星标</strong></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">再也不</span>迷路,谢谢<span style="color: black;">大众</span>!</p>

    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8DungicHdGVdJpoQp8uIUIs13xBa1eTRSObiczwsfbtDvKU0ibAfkHegDGV2o4daf95jVdO9rnFeny7A/640?wx_fmt=png&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">影响版本:</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">V1.0.0.20180911_beta - V1.0.0.20200506_beta</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">日前</span>看官方4天了,还<span style="color: black;">无</span>修复</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">漏洞代码位置:</p><span style="color: black;"><span style="color: black;">https:</span>/<span style="color: black;">/github.com/karsonzhang</span><span style="color: black;">/fastadmin/blob</span><span style="color: black;">/master/application</span><span style="color: black;">/index/controller</span><span style="color: black;">/User.php</span></span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">漏洞披露信息:https://github.com/karsonzhang/fastadmin/issues/73?spm=a2c4g.11174386.n2.3.428c1051tmy0pT</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">============================================</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">官方发布信息了:https://www.fastadmin.net/news/83.html</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">==========================</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">漏洞利用<span style="color: black;">要求</span>:</strong></p><span style="color: black;"><span style="color: black;">usercenter</span>=&gt;<span style="color: black;">true</span></span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">漏洞分析:</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6yChRkoLIicu0Uw80pDrfwuO6r6EK128EyIwgMwygw82E2tsQaEvFAlHQ/640?wx_fmt=png&amp;random=0.9284563223751996&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;">&nbsp;</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&nbsp;存在漏洞文件位置:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">application/index/controller/User.php</p><span style="color: black;"> <span style="color: black;">/**</span></span><span style="color: black;"><span style="color: black;"> * 空的请求</span></span><span style="color: black;"><span style="color: black;"> * <span style="color: black;">@param</span> $name</span></span><span style="color: black;"><span style="color: black;"> * <span style="color: black;">@return</span> mixed</span></span><span style="color: black;"><span style="color: black;"> */</span></span><span style="color: black;"><span style="color: black;">public</span>&nbsp;<span style="color: black;"><span style="color: black;">function</span>&nbsp;<span style="color: black;">_empty</span><span style="color: black;">($name)</span></span></span><span style="color: black;">{</span><span style="color: black;"> $data = Hook::listen(<span style="color: black;">"user_request_empty"</span>, $name);</span><span style="color: black;"> <span style="color: black;">foreach</span>($data<span style="color: black;">as</span> $index =&gt; $datum) {</span><span style="color: black;"> <span style="color: black;">$this</span>-&gt;view-&gt;assign($datum);</span><span style="color: black;"> }</span><span style="color: black;"> <span style="color: black;">return</span> <span style="color: black;">$this</span>-&gt;view-&gt;fetch(<span style="color: black;">user/</span> . $name);</span><span style="color: black;">}</span><span style="color: black;">_empty函数接收$name遍历,直接将$name返回视图中:<span style="color: black;">return</span> <span style="color: black;">$this</span>-&gt;view-&gt;fetch($name);</span><span style="color: black;">攻击者可<span style="color: black;">经过</span>上传文件,例如<span style="color: black;">照片</span>,传入$name,fetch模板进行php模板解析,<span style="color: black;">引起</span>getshell。</span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">渲染fetch<span style="color: black;">实质</span><span style="color: black;">运用</span>的是thinkphp的解析模板函数,内容如下:</p><span style="color: black;"><span style="color: black;">public</span>&nbsp;<span style="color: black;"><span style="color: black;">function</span>&nbsp;<span style="color: black;">fetch</span><span style="color: black;">($template,&nbsp;$data&nbsp;=&nbsp;[],&nbsp;$config&nbsp;=&nbsp;[])</span></span></span><span style="color: black;">{</span><span style="color: black;"> <span style="color: black;">if</span> ( == pathinfo($template, PATHINFO_EXTENSION)) {</span><span style="color: black;"> <span style="color: black;">// 获取模板文件名</span></span><span style="color: black;"> $template = <span style="color: black;">$this</span>-&gt;parseTemplate($template);</span><span style="color: black;"> }</span><span style="color: black;"> <span style="color: black;">// 模板不存在 抛出<span style="color: black;">反常</span></span></span><span style="color: black;"> <span style="color: black;">if</span> (!is_file($template)) {</span><span style="color: black;"> <span style="color: black;">throw</span> <span style="color: black;">new</span>TemplateNotFoundException(<span style="color: black;">template not exists:</span> . $template, $template);</span><span style="color: black;"> }</span><span style="color: black;"> <span style="color: black;">// 记录视图信息</span></span><span style="color: black;"> App::$debug &amp;&amp; Log::record(<span style="color: black;">[ VIEW ] </span> . $template . <span style="color: black;"> [ </span>. var_export(array_keys($data),<span style="color: black;">true</span>) . <span style="color: black;"> ]</span>, <span style="color: black;">info</span>);</span><span style="color: black;"> <span style="color: black;">$this</span>-&gt;template-&gt;fetch($template, $data, $config);</span><span style="color: black;">&nbsp;&nbsp;&nbsp;&nbsp;}</span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6yibFLYfuzF1FwB9xibGRLNDKldVUChNJr5GtuKkPVWicZfbVlw8X0Ox0yQ/640?wx_fmt=png&amp;random=0.9617808169173891&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">在验证<span style="color: black;">是不是</span>为模板文件,<span style="color: black;">能够</span>看到if (!is_file($template)) ,来判断<span style="color: black;">是不是</span>存在,<span style="color: black;">倘若</span>存在就将文件进行php解析。</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这儿</span>有一个小问题:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">关于操作系统解析文件路径的时候,linux和windwos is_file()函数实现不<span style="color: black;">同样</span>。</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">1、linux判断is_file() /demo/../../../../test <span style="color: black;">倘若</span>demo目录不存在,就会返回false;</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&nbsp; &nbsp; windows下无论这个目录<span style="color: black;">是不是</span>存在,均会返回true;</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">2、在linux下,is_file()函数判可用于判断符号链接</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">3、在linux下,is_file函数会受到权限的影响,当前用户权限不足或父目录<span style="color: black;">无</span>设置+x权限时,is_file()会返回false</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">4、windows系统里面/和\ 都<span style="color: black;">能够</span><span style="color: black;">运用</span>,<span style="color: black;">然则</span>在linux下只能<span style="color: black;">运用</span>/ 来分隔路径,<span style="color: black;">因此呢</span>这会<span style="color: black;">引起</span>is_file()在<span style="color: black;">区别</span>系统下的返回结果不一致</p>5、is_file()判断文件时,<span style="color: black;">倘若</span>文件<span style="color: black;">体积</span>超过2^32时,会判断失败(PHP 的整数类型是有符号整型<span style="color: black;">况且</span><span style="color: black;">非常多</span>平台<span style="color: black;">运用</span> 32 位整型,对 2GB 以上的文件,<span style="color: black;">有些</span>文件系统函数可能返回<span style="color: black;">没法</span>预期的结果)
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">能够</span>参考https://www.php.net/manual/zh/function.is-file.php</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">实验如下:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6y18RvyCAeBIZZToUXibIwXiaXRiaf4zr7picFpVmbAo0KNlCbm0FhzMD0ug/640?wx_fmt=png&amp;random=0.4967786542638064&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">漏洞验证:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&nbsp;用户登录,进入个人页面,修改上传<span style="color: black;">照片</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6yFCXo7TLibqdgOcUxPq9eficKl5tcj1noSxng4bQ0EOBicC8NuhsPxyGQw/640?wx_fmt=png&amp;random=0.4744222091546335&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&nbsp;brup:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6yUWsiatQfia4JsibndptM5DicJLK3oZqEzNhKuBdXxD3U7DfPfeQeicPiaGIQ/640?wx_fmt=png&amp;random=0.870998960291357&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">获取到的<span style="color: black;">位置</span>:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/sz_mmbiz_png/CBJYPapLzSEuHd3PSENVqwBoia0Cq2t6yFpYWJrCDSkFyRe1glEqNpFEKB2IzcI7VXSRP0Ek8Sw5Ejm7CJon7cA/640?wx_fmt=png&amp;random=0.7633167975047528&amp;tp=webp&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">&nbsp;payload:</p><span style="color: black;">http:<span style="color: black;">//www.demo.com/index.php/index/user/_empty?name=../../public/uploads/xxxxx/xxxxx.jpg</span></span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">因is_file()在linux下/user目录不存在,<span style="color: black;">因此</span><span style="color: black;">没法</span>利用,除非<span style="color: black;">能够</span>创建或存在,<span style="color: black;">能够</span>手工创建public下创建user目录</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">windows下通杀。&nbsp;</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">修复<span style="color: black;">方法</span>:</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">打开application/index/controller/User.php,找到大概第58行的_empty<span style="color: black;">办法</span>,有以下两种修复<span style="color: black;">办法</span>:</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">一种修复<span style="color: black;">办法</span>是直接移除_empty<span style="color: black;">办法</span>,</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">另一种是将_empty<span style="color: black;">办法</span>改为</p><span style="color: black;"><span style="color: black;">public</span> <span style="color: black;"><span style="color: black;">function</span> <span style="color: black;">_empty</span><span style="color: black;">($name)</span></span></span><span style="color: black;">{</span><span style="color: black;"> <span style="color: black;">if</span> (!preg_match(<span style="color: black;">"/^(+)$/i"</span>, $name)) {</span><span style="color: black;"> <span style="color: black;">$this</span>-&gt;error(__(<span style="color: black;">Invalid parameters</span>));</span><span style="color: black;"> }</span><span style="color: black;">$data = Hook::listen(<span style="color: black;">"user_request_empty"</span>, $name);</span><span style="color: black;"> <span style="color: black;">foreach</span> ($data <span style="color: black;">as</span> $index =&gt; $datum) {</span><span style="color: black;"> <span style="color: black;">$this</span>-&gt;view-&gt;assign($datum);</span><span style="color: black;"> }</span><span style="color: black;"> <span style="color: black;">return</span> <span style="color: black;">$this</span>-&gt;view-&gt;fetch(<span style="color: black;">user/</span> . $name);</span><span style="color: black;"> }</span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">这个方法设计的用途<span style="color: black;">重点</span>是用于插件系统,便于插件<span style="color: black;">研发</span>者在处理前台用户<span style="color: black;">关联</span>信息时<span style="color: black;">能够</span>直接<span style="color: black;">运用</span>index/user/custommethod的URL方式<span style="color: black;">拜访</span>到自定义的视图,便于共用布局和JS。</p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">https:</span><span style="color: black;">/</span><span style="color: black;">/www.cnblogs.com/sevck</span><span style="color: black;">/p/</span><span style="color: black;">13723094</span><span style="color: black;">.h</span><span style="color: black;">tml</span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">★</strong></p><span style="color: black;"><strong style="color: blue;">
            <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">付费圈子</p>
      </strong></span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">欢&nbsp;迎 加&nbsp;入&nbsp;星 球 !</span></strong></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;">代码审计+免杀+渗透学习资源+<span style="color: black;">各样</span>资料文档+<span style="color: black;">各样</span>工具+付费会员</strong></p><img src="https://mmbiz.qpic.cn/mmbiz_gif/pLGTianTzSu7XRhTMZOBAqXehvREhD5ThABGJdRialUx3dQWwO7fclsicyiajicKfvXV4kHs38nkwFxUSckVF2nYlibA/640?wx_fmt=gif&amp;random=0.4447566002908574&amp;wxfrom=5&amp;wx_lazy=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;">
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">进成员内部群</span></strong></span></strong></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/pPVXCo8Wd8AQHAyOTgM5sLrvP6qiboXljGWG0uOdvcNR8Qw5QJLxSVrbFds2j7MxExOz1ozb9ZoYwR68leoLdAg/640?wx_fmt=jpeg&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p><img src="https://mmbiz.qpic.cn/mmbiz_gif/pLGTianTzSu7XRhTMZOBAqXehvREhD5ThABGJdRialUx3dQWwO7fclsicyiajicKfvXV4kHs38nkwFxUSckVF2nYlibA/640?wx_fmt=gif&amp;random=0.09738205945672873&amp;wxfrom=5&amp;wx_lazy=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;">
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><strong style="color: blue;"><span style="color: black;">星球的<span style="color: black;">近期</span>主题和星球内部工具<span style="color: black;">有些</span>展示</span></strong></strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/pPVXCo8Wd8Doq0iczyRiaBfhTQyfzqSGuia4lfHfazabEKr2EDe7sGVoxUhLrNRA4FbI1yef6IkWdmzxvZrTiaJncg/640?wx_fmt=jpeg&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8BmE6FAA8Bq7H9GZIRt1xYZpmYNWxrrzolt71FtX5HyM03H0cxkiaYelv7ZSajLtibEdBXUpCibdItXw/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8ADSxxicsBmvhX9yBIPibyJTWnDpqropKaIKtZQE3B9ZpgttJuibibCht1jXkNY7tUhLxJRdU6gibnrn0w/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8DKZcqe8mOKY1OQN5yfOaD5MpGk0JkyWcDKZvqqTWL0YKO6fmC56kSpcKicxEjK0cCu8fG3mLFLeEg/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8CKksEIzZyEb3tEFGzGYSXfribrG4jKOkRKGKYb7zk7MTNZPT6Wp3bLd2BPhuFHddIL6sqrg1d2qHQ/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8D0bS8ibc3XhFcDYkVusFvc3c6onthQpPGZn4v32rpOp7CeFiamGdeC7JBk0mGVsiciazLp3z0SIJAtnQ/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8B96heXWOIseicx7lYZcN8KRN8xTiaOibRiaHVP4weL4mxd0gyaWSuTIVJhBRdBmWXjibmcfes6qR1w49w/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8DKZcqe8mOKY1OQN5yfOaD5MpGk0JkyWcDKZvqqTWL0YKO6fmC56kSpcKicxEjK0cCu8fG3mLFLeEg/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_png/pPVXCo8Wd8AqNwoQuOBy9yePOpO5Kr6aHIxj7d0ibfAuPx9fAempAoH9JfIgX4nKzCwDyhQzPrRIx4upyw5yT4Q/640?wx_fmt=png&amp;wxfrom=5&amp;wx_lazy=1&amp;wx_co=1&amp;tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><strong style="color: blue;"><span style="color: black;"><img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;"></span></strong></p><img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;">
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">加入安全交流群</strong></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">
      <a style="color: black;">
            <span style="color: black;">
                <img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;">
            </span>
            &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</a>
      &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
    </p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">关 注 有 礼</span></strong></span></p><span style="color: black;"><span style="color: black;">关注下方公众号回复“</span><span style="color: black;">666</span><span style="color: black;"><span style="color: black;">”<span style="color: black;">能够</span>领取一套领取黑客成长秘籍</span></span></span>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;">&nbsp;还在等什么?赶紧点击下方名片关注学习吧!<img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;"></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="data:image/svg+xml,%3C%3Fxml version=1.0 encoding=UTF-8%3F%3E%3Csvg width=1px height=1px viewBox=0 0 1 1 version=1.1 xmlns=http://www.w3.org/2000/svg xmlns:xlink=http://www.w3.org/1999/xlink%3E%3Ctitle%3E%3C/title%3E%3Cg stroke=none stroke-width=1 fill=none fill-rule=evenodd fill-opacity=0%3E%3Cg transform=translate(-249.000000, -126.000000) fill=%23FFFFFF%3E%3Crect x=249 y=126 width=1 height=1%3E%3C/rect%3E%3C/g%3E%3C/g%3E%3C/svg%3E" style="width: 50%; margin-bottom: 20px;"></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">推</span><span style="color: black;">荐</span><span style="color: black;">阅</span><span style="color: black;">读</span></strong></span></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;"><strong style="color: blue;"><strong style="color: blue;"><span style="color: black;">干货|史上最全一句话木马</span></strong></strong></a></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;"><strong style="color: blue;"><span style="color: black;">干货 | CS绕过vultr</span></strong></a><strong style="color: blue;">特征检测修改算法</strong></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;"><strong style="color: blue;"><span style="color: black;">实战&nbsp;| 用中国人写的红队服务器搞一次内网穿透练习</span></strong></a></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;"><strong style="color: blue;"><span style="color: black;">实战 | 渗透某培训平台经历</span></strong></a></p>
    <p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><a style="color: black;"><strong style="color: blue;"><span style="color: black;">实战 | 一次曲折的钓鱼溯源反制</span></strong></a></p><strong style="color: blue;"><span style="color: black;">免责声明</span></strong><span style="color: black;"><span style="color: black;"><span style="color: black;">因为</span>传播、利用本公众号渗透安全团队所<span style="color: black;">供给</span>的信息而<span style="color: black;">导致</span>的任何直接<span style="color: black;">或</span>间接的后果及损失,均由<span style="color: black;">运用</span>者<span style="color: black;">自己</span>负责,公众号渗透安全团队及作者不为</span><strong style="color: blue;"><span style="color: black;">此</span></strong><span style="color: black;">承担任何责任,一旦<span style="color: black;">导致</span>后果请<span style="color: black;">自动</span>承担!如有侵权烦请<span style="color: black;">通知</span>,<span style="color: black;">咱们</span>会立即删除并致歉。谢谢!</span></span>好文分享<span style="color: black;">保藏</span>赞一下最美点在看哦




j8typz 发表于 2024-10-14 10:12:15

seo常来的论坛,希望我的网站快点收录。

7wu1wm0 发表于 2024-11-15 06:35:40

你的见解独到,让我受益匪浅,非常感谢。
页: [1]
查看完整版本: fastadmin前台getshell漏洞 | 实战