-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
160 lines (158 loc) · 18.1 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta name="generator" content="Hugo 0.110.0">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noodp" />
<title>kdxcxs</title><meta name="Description" content="This is my cool site"><meta property="og:title" content="kdxcxs" />
<meta property="og:description" content="This is my cool site" />
<meta property="og:type" content="website" />
<meta property="og:url" content="https://kdxcxs.github.io/" /><meta property="og:site_name" content="kdxcxs" />
<meta name="twitter:card" content="summary"/>
<meta name="twitter:title" content="kdxcxs"/>
<meta name="twitter:description" content="This is my cool site"/>
<meta name="application-name" content="My cool site">
<meta name="apple-mobile-web-app-title" content="My cool site"><meta name="theme-color" content="#ffffff"><meta name="msapplication-TileColor" content="#da532c"><link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"><link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"><link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"><link rel="manifest" href="/site.webmanifest"><link rel="canonical" href="https://kdxcxs.github.io/" /><link rel="alternate" href="/index.xml" type="application/rss+xml" title="kdxcxs">
<link rel="feed" href="/index.xml" type="application/rss+xml" title="kdxcxs"><link rel="stylesheet" href="/css/style.min.css"><link rel="preload" href="/lib/fontawesome-free/all.min.css" as="style" onload="this.onload=null;this.rel='stylesheet'">
<noscript><link rel="stylesheet" href="/lib/fontawesome-free/all.min.css"></noscript><link rel="preload" href="/lib/animate/animate.min.css" as="style" onload="this.onload=null;this.rel='stylesheet'">
<noscript><link rel="stylesheet" href="/lib/animate/animate.min.css"></noscript><script type="application/ld+json">
{
"@context": "http://schema.org",
"@type": "WebSite",
"url": "https:\/\/kdxcxs.github.io\/","inLanguage": "zh-CN","author": {
"@type": "Person",
"name": "kdxcxs"
},"description": "This is my cool site","name": "kdxcxs"
}
</script></head>
<body data-header-desktop="fixed" data-header-mobile="auto"><script type="text/javascript">(window.localStorage && localStorage.getItem('theme') ? localStorage.getItem('theme') === 'dark' : ('auto' === 'auto' ? window.matchMedia('(prefers-color-scheme: dark)').matches : 'auto' === 'dark')) && document.body.setAttribute('theme', 'dark');</script>
<div id="mask"></div><div class="wrapper"><header class="desktop" id="header-desktop">
<div class="header-wrapper">
<div class="header-title">
<a href="/" title="kdxcxs">kdxcxs' blog</a>
</div>
<div class="menu">
<div class="menu-inner"><a class="menu-item" href="/posts/"> 文章 </a><a class="menu-item" href="/tags/"> 标签 </a><a class="menu-item" href="/categories/"> 分类 </a><span class="menu-item delimiter"></span><span class="menu-item search" id="search-desktop">
<input type="text" placeholder="搜索文章标题或内容..." id="search-input-desktop">
<a href="javascript:void(0);" class="search-button search-toggle" id="search-toggle-desktop" title="搜索">
<i class="fas fa-search fa-fw" aria-hidden="true"></i>
</a>
<a href="javascript:void(0);" class="search-button search-clear" id="search-clear-desktop" title="清空">
<i class="fas fa-times-circle fa-fw" aria-hidden="true"></i>
</a>
<span class="search-button search-loading" id="search-loading-desktop">
<i class="fas fa-spinner fa-fw fa-spin" aria-hidden="true"></i>
</span>
</span><a href="javascript:void(0);" class="menu-item theme-switch" title="切换主题">
<i class="fas fa-adjust fa-fw" aria-hidden="true"></i>
</a><a href="javascript:void(0);" class="menu-item language" title="选择语言">
<i class="fa fa-globe" aria-hidden="true"></i>
<select class="language-select" id="language-select-desktop" onchange="location = this.value;"><option value="/en/">English</option><option value="/" selected>简体中文</option></select>
</a></div>
</div>
</div>
</header><header class="mobile" id="header-mobile">
<div class="header-container">
<div class="header-wrapper">
<div class="header-title">
<a href="/" title="kdxcxs">kdxcxs' blog</a>
</div>
<div class="menu-toggle" id="menu-toggle-mobile">
<span></span><span></span><span></span>
</div>
</div>
<div class="menu" id="menu-mobile"><div class="search-wrapper">
<div class="search mobile" id="search-mobile">
<input type="text" placeholder="搜索文章标题或内容..." id="search-input-mobile">
<a href="javascript:void(0);" class="search-button search-toggle" id="search-toggle-mobile" title="搜索">
<i class="fas fa-search fa-fw" aria-hidden="true"></i>
</a>
<a href="javascript:void(0);" class="search-button search-clear" id="search-clear-mobile" title="清空">
<i class="fas fa-times-circle fa-fw" aria-hidden="true"></i>
</a>
<span class="search-button search-loading" id="search-loading-mobile">
<i class="fas fa-spinner fa-fw fa-spin" aria-hidden="true"></i>
</span>
</div>
<a href="javascript:void(0);" class="search-cancel" id="search-cancel-mobile">
取消
</a>
</div><a class="menu-item" href="/posts/" title="">文章</a><a class="menu-item" href="/tags/" title="">标签</a><a class="menu-item" href="/categories/" title="">分类</a><a href="javascript:void(0);" class="menu-item theme-switch" title="切换主题">
<i class="fas fa-adjust fa-fw" aria-hidden="true"></i>
</a><a href="javascript:void(0);" class="menu-item" title="选择语言">
<i class="fa fa-globe fa-fw" aria-hidden="true"></i>
<select class="language-select" onchange="location = this.value;"><option value="/en/">English</option><option value="/" selected>简体中文</option></select>
</a></div>
</div>
</header><div class="search-dropdown desktop">
<div id="search-dropdown-desktop"></div>
</div>
<div class="search-dropdown mobile">
<div id="search-dropdown-mobile"></div>
</div><main class="main">
<div class="container"><div class="page home" data-home="posts"><div class="home-profile"><div class="home-avatar"><a href="/posts/" title="文章"><img
class="lazyload"
src="/svg/loading.min.svg"
data-src="/avatar.png"
data-srcset="/avatar.png, /avatar.png 1.5x, /avatar.png 2x"
data-sizes="auto"
alt="/avatar.png"
title="/avatar.png" /></a></div><h1 class="home-title">kdxcxs</h1><div class="home-subtitle">Full-stack developer, cybersecurity researcher, CTFer @r3kapig</div><div class="links"><a href="https://github.com/kdxcxs" title="GitHub" target="_blank" rel="noopener noreffer me"><i class="fab fa-github fa-fw" aria-hidden="true"></i></a><a href="https://stackoverflow.com/users/13256419" title="Stack Overflow" target="_blank" rel="noopener noreffer me"><i class="fab fa-stack-overflow fa-fw" aria-hidden="true"></i></a></div></div>
<article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/soliloquy/my-2023/">My 2023</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2024-01-01">2024-01-01</time></span> <span class="post-category">收录于 <a href="/categories/soliloquy/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>soliloquy</a></span></div><div class="content">我的 2023 或许要从 2022 的 10 月 21 日说起。 梦开始的地方 那是一个守望先锋还没退出国服的下午,我跟室友正在新皇后街感受宁静,结果就收到了 crazyman 发来的消息,本来</div><div class="post-footer">
<a href="/posts/soliloquy/my-2023/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/soliloquy/">soliloquy</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/wp/ciscn%E5%9B%BD%E8%B5%9B%E4%B8%9C%E5%8D%97%E8%B5%9B%E5%8C%BA%E5%87%BA%E9%A2%98%E5%B0%8F%E8%AE%B0/">CISCN国赛东南赛区出题小记</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2023-06-26">2023-06-26</time></span> <span class="post-category">收录于 <a href="/categories/ctf/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>ctf</a> <a href="/categories/my-chals/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>my-chals</a></span></div><div class="content">好久没写博客了,正好出题写了 wp,就放上来水一下吧。这次难度控制的不是很好,fix 很简单,但是攻击只有 1 解,不过希望师傅们游戏玩得开心。 拿到</div><div class="post-footer">
<a href="/posts/wp/ciscn%E5%9B%BD%E8%B5%9B%E4%B8%9C%E5%8D%97%E8%B5%9B%E5%8C%BA%E5%87%BA%E9%A2%98%E5%B0%8F%E8%AE%B0/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/ctf/">ctf</a>, <a href="/tags/my-chals/">my-chals</a>, <a href="/tags/ciscn/">ciscn</a>, <a href="/tags/ejs/">ejs</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/cyber-security/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E6%8B%BF%E4%B8%8B%E5%AE%9D%E5%A1%94/">任意文件读拿下宝塔</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2023-04-07">2023-04-07</time></span> <span class="post-category">收录于 <a href="/categories/cyber-security/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>cyber-security</a> <a href="/categories/penetration/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>penetration</a></span></div><div class="content">前言 两个月前 v2 冲浪的时候看到一个叫做 siteproxy 的项目,可以实现网站的反向代理,看着项目不大就顺手点开了源码,一眼抓到一个目录穿越,然后又抱着试一试的</div><div class="post-footer">
<a href="/posts/cyber-security/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E6%8B%BF%E4%B8%8B%E5%AE%9D%E5%A1%94/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/%E6%B8%97%E9%80%8F/">渗透</a>, <a href="/tags/%E5%AE%9D%E5%A1%94/">宝塔</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/wp/bi0sctf-2022-web-wp/">bi0sCTF 2022 web wp</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2023-01-23">2023-01-23</time></span> <span class="post-category">收录于 <a href="/categories/wp/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>wp</a></span></div><div class="content">bi0sCTF 2022 web 题目 这次比赛主要就看了 PyCGI 和 Vuln-Drive 2 两个题目,又是学习的一天。 题目的环境我都放到上面的 Github 里面了,感兴趣的师傅们自取。 Vuln-Drive 2 环境速览 首先来看一下</div><div class="post-footer">
<a href="/posts/wp/bi0sctf-2022-web-wp/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/ctf/">ctf</a>, <a href="/tags/wp/">wp</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/wp/idekctf-2022-task-manager-wp/">idekctf 2022* task manager wp</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2023-01-21">2023-01-21</time></span> <span class="post-category">收录于 <a href="/categories/wp/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>wp</a></span></div><div class="content">题目有点原型链污染的味道,也可以说是借鉴了 pyjail 的一些思路,很有意思的一道题目。 先来看看源码: app.py from flask import Flask, render_template, request, redirect from taskmanager import TaskManager import os app = Flask(__name__) @app.before_first_request def init(): if app.env == 'yolo': app.add_template_global(eval)</div><div class="post-footer">
<a href="/posts/wp/idekctf-2022-task-manager-wp/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/ctf/">ctf</a>, <a href="/tags/wp/">wp</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/wp/idekctf-2022-phpfu...n-wp/">idekctf 2022* PHPFu...n wp</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel="author" class="author"><i class="fas fa-user-circle fa-fw" aria-hidden="true"></i>kdxcxs</a></span> <span class="post-publish">发布于 <time datetime="2023-01-21">2023-01-21</time></span> <span class="post-category">收录于 <a href="/categories/wp/"><i class="far fa-folder fa-fw" aria-hidden="true"></i>wp</a></span></div><div class="content">题目限制了只能有以下几个字符 ([.^])', 基本思路就是用现有的字符造更多的字符,但是因为只要一报错就会 die() ,所以不能用包括 [].'' 在内的很多方式,只能从现有的开</div><div class="post-footer">
<a href="/posts/wp/idekctf-2022-phpfu...n-wp/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw" aria-hidden="true"></i> <a href="/tags/ctf/">ctf</a>, <a href="/tags/wp/">wp</a></div></div>
</article><ul class="pagination"><li class="page-item active">
<span class="page-link">
<a href="/">1</a>
</span>
</li><li class="page-item ">
<span class="page-link">
<a href="/page/2/">2</a>
</span>
</li><li class="page-item ">
<span class="page-link">
<a href="/page/3/">3</a>
</span>
</li></ul></div></div>
</main><footer class="footer">
<div class="footer-container"><div class="footer-line">由 <a href="https://gohugo.io/" target="_blank" rel="noopener noreffer" title="Hugo 0.110.0">Hugo</a> 强力驱动 | 主题 - <a href="https://github.com/dillonzq/LoveIt" target="_blank" rel="noopener noreffer" title="LoveIt 0.2.11"><i class="far fa-kiss-wink-heart fa-fw" aria-hidden="true"></i> LoveIt</a>
</div><div class="footer-line" itemscope itemtype="http://schema.org/CreativeWork"><i class="far fa-copyright fa-fw" aria-hidden="true"></i><span itemprop="copyrightYear">2022 - 2024</span><span class="author" itemprop="copyrightHolder"> <a href="/" target="_blank">kdxcxs</a></span></div>
</div>
</footer></div>
<div id="fixed-buttons"><a href="#" id="back-to-top" class="fixed-button" title="回到顶部">
<i class="fas fa-arrow-up fa-fw" aria-hidden="true"></i>
</a><a href="#" id="view-comments" class="fixed-button" title="查看评论">
<i class="fas fa-comment fa-fw" aria-hidden="true"></i>
</a>
</div><script type="text/javascript" src="/lib/autocomplete/autocomplete.min.js"></script><script type="text/javascript" src="/lib/lunr/lunr.min.js"></script><script type="text/javascript" src="/lib/lunr/lunr.stemmer.support.min.js"></script><script type="text/javascript" src="/lib/lunr/lunr.zh.min.js"></script><script type="text/javascript" src="/lib/lazysizes/lazysizes.min.js"></script><script type="text/javascript" src="/lib/clipboard/clipboard.min.js"></script><script type="text/javascript" src="/lib/sharer/sharer.min.js"></script><script type="text/javascript">window.config={"code":{"copyTitle":"复制到剪贴板","maxShownLines":100},"search":{"highlightTag":"em","lunrLanguageCode":"zh","lunrSegmentitURL":"/lib/lunr/lunr.segmentit.js","maxResultLength":10,"noResultsFound":"没有找到结果","snippetLength":50}};</script><script type="text/javascript" src="/js/theme.min.js"></script></body>
</html>