Bonus Payload(有效载荷)描述:在 DOM XSS 挑战中使用奖励支付load。payload:复制代码到搜索框中即可。DOM XSS描述:基于DOM型的XSS攻击payload:</code></pre><p><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/2675603028.png"></p><h3>机密文件</h3><p>描述:查阅机密文件<br />我们点击关于我们,发现有个超链接。点击超链接并在burp中抓包。<br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/4235692897.png"></p><p><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/3349995331.png"><br />修改<code>ftp</code>前面的内容。可以看到如下文件信息。<br />依次点击阅读,这关也就通过了。<br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/1596173694.png"></p><h3>Bully Chatbot</h3><p>这关就很简单了,意思是和机器人聊天,获得优惠卷,当聊条内容含有<code>code</code>时,机器人会发你优惠卷。<br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/667407355.png"></p><h3>Exposed Metrics</h3><p>描述:找出后端服务使用常见监测软件获得的服务器数据<br />通过访问官网中的文档可查阅到默认的后端入口地址(<code>localhost:3000/metrics</code>)。</p><h3>Missing Encoding</h3><p>描述:检索Bjoern猫"乱斗模式"的照片。<br />点击照片墙,发现一个图片没有加载出来,对图片审查元素发现图片的url为<code><img _ngcontent-utp-c241="" class="image" src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt=" #zatschi #whoneedsfourlegs"style=""data-original="assets/public/images/uploads/-#zatschi-#whoneedsfourlegs-1572600969477.jpg"></code><br />这里图片没有被解析出来,因为URL中包含了特殊的符合需要进行一个转换,就会导致一些异常,这里把url中的 <code>#</code> 改成 <code>%23</code> 即可。</p><h3>Outdated Allowlist</h3><p>在js文件中搜索关键词<code>redirect?</code><br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/2971715726.png"><br />访问url即可。</p><h3>Repetitive Registration</h3><p>点击注册页面,审查元素按钮,将<code>disabled="true"</code>删除即可。这时我们只输入用户名,其他为空,便可以直接注册。<br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/2716807369.png"></p><h3>Zero Stars</h3><p>点击客户反馈页面,对按钮审查元素,去掉<code>disabled="true"</code><br />这时我们只需要输入验证码就可以提交了。<br /><img src="https://ioku.net/usr/themes/handsome/assets/img/loading.svg" alt="" title="" style="" class="aligncenter"style=""data-original="https://blog.bbskali.cn/usr/uploads/2022/07/356535972.png"></p><p><hr class="content-copyright" style="margin-top:50px"></p><div class="post-copyright" style="font-style:normal"><p class="iconfont-copyright"><i class="glyphicon glyphicon-copyright-mark"></i></p><p class="content-copyright">版权属于:逍遥子大表哥</p><p class="content-copyright">本文链接:https://blog.bbskali.cn/3444.html</p><p class="content-copyright">按照知识共享署名-非商业性使用 4.0 国际协议进行许可,转载引用文章应遵循相同协议。</p></div></div> <!--文章页脚的广告位--> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3761913540192241" crossorigin="anonymous"></script> <!-- 首页列表最前方广告位 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-3761913540192241" data-ad-slot="8392922618" data-ad-format="auto" data-full-width-responsive="true"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> <!--文章的页脚部件:打赏和其他信息的输出--> <div class="show-foot"><div class="notebook" data-toggle="tooltip" data-original-title="2023 年 08 月 04 日 07 : 46 PM"> <i class="fontello fontello-clock-o"></i> <span>最后修改:2023 年 08 月 04 日</span> </div><div class="copyright" data-toggle="tooltip" data-html="true" data-original-title="转载请保留本文转载地址,著作权归作者所有"><span>© 允许规范转载</span> </div> </div> <!--打赏模块--> <div class="support-author"> <button id="support_author" data-toggle="modal" data-target="#myModal" class="box-shadow-wrap-lg btn_post_footer btn btn-pay btn-yellow btn-rounded"><svg fill="none" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" class="icon" aria-hidden="true"><path d="M10.084 7.606c3.375-1.65 7.65-1.154 10.493 1.487 3.497 3.25 3.497 8.519 0 11.77-3.498 3.25-9.167 3.25-12.665 0-.897-.834-2.488-2.96-2.488-5.085" stroke="currentColor" stroke-width="1.4" stroke-miterlimit="10" stroke-linecap="round" stroke-linejoin="round"></path><path d="M17.392 14.78s1.532-1.318-.053-2.79c-1.585-1.473-3.17-.404-3.719.403-.549.807.495 2.082.93 2.69.434.61 1.364 2.182-.054 3.202-1.417 1.012-3.002.658-4.153-.708-1.15-1.367-.602-3.365 0-3.924M17.338 11.982l1.159-1.076M9.87 18.922l.937-.871" stroke="currentColor" stroke-width="1.4" stroke-miterlimit="10" stroke-linecap="round" stroke-linejoin="round"></path><path d="M.8 1.205s7.15 4.673 8.773 6.182c1.623 1.508 3.231 4.008 1.616 5.509-2.195 2.04-4.054.595-6.737-.75-.884-.447-3.15-1.777-3.15-1.777M10.136.9l1.047 3.188" stroke="currentColor" stroke-width="1.4" stroke-miterlimit="10" stroke-linecap="round" stroke-linejoin="round"></path></svg><span>打赏</span></button> <div id="myModal" class="modal fade bs-example-modal-sm" tabindex="-1" role="dialog" aria-labelledby="mySmallModalLabel"> <div class="modal-dialog modal-sm" role="document"> <div class="modal-content box-shadow-wrap-lg"> <div class="modal-header box-shadow-bottom-normal"> <button type="button" class="close" data-dismiss="modal"><i style="vertical-align: bottom;" data-feather="x-circle"></i></button> <h4 class="modal-title">赞赏作者</h4> </div> <div class="modal-body"> <div class="solid-tab tab-container post_tab"> <ul class="nav no-padder b-b scroll-hide" role="tablist"> </ul> <div class="tab-content no-border"> </div><!--tab-content--> </div> <!--tab-container--></div> <!--modal-body--> </div><!--modal-content--> </div><!--modal-dialog--> </div><!--modal--> <button id="star_post" data-cid="945" class="box-shadow-wrap-lg btn_post_footer like_button btn btn-pay btn-rounded"> <svg xmlns="http://www.w3.org/2000/svg" width="24px" height="24px" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="shake-little unlike_svg feather feather-thumbs-up"><path d="M14 9V5a3 3 0 0 0-3-3l-4 9v11h11.28a2 2 0 0 0 2-1.7l1.38-9a2 2 0 0 0-2-2.3zM7 22H4a2 2 0 0 1-2-2v-7a2 2 0 0 1 2-2h3"></path></svg> <div class="circle-rounded"></div> <svg class="liked_svg" style="transform: scale(2.2);" xmlns="http://www.w3.org/2000/svg" viewBox="30 30 60 60" width="60" height="60" preserveAspectRatio="xMidYMid meet"> <g clip-path="url(#__lottie_element_1061)"> <g style="display: block;" transform="matrix(1,-0.0000012433954452717444,0.0000012433954452717444,1,47.87498474121094,47.057003021240234)" opacity="1"> <g class="like_rotate"> <g opacity="1" transform="matrix(1,0,0,1,14.376999855041504,11.416000366210938)"> <path stroke-linecap="butt" stroke-linejoin="miter" fill-opacity="0" stroke-miterlimit="10" stroke="rgb(255,255,255)" stroke-opacity="1" stroke-width="2" d=" M-7.936999797821045,9.531000137329102 C-7.936999797821045,9.531000137329102 3.378000020980835,9.531000137329102 3.378000020980835,9.531000137329102 C3.815999984741211,9.531000137329102 4.209000110626221,9.258999824523926 4.360000133514404,8.847000122070312 C4.360000133514404,8.847000122070312 7.501999855041504,0.36000001430511475 7.501999855041504,0.36000001430511475 C8.020000457763672,-1.0360000133514404 6.986000061035156,-2.5199999809265137 5.497000217437744,-2.5199999809265137 C5.497000217437744,-2.5199999809265137 -0.5669999718666077,-2.5199999809265137 -0.5669999718666077,-2.5199999809265137 C-0.6399999856948853,-2.5199999809265137 -0.6859999895095825,-2.5969998836517334 -0.6499999761581421,-2.6600000858306885 C-0.36800000071525574,-3.1679999828338623 0.6269999742507935,-4.922999858856201 0.8870000243186951,-5.764999866485596 C1.309000015258789,-7.13100004196167 0.847000002861023,-8.715999603271484 -1.4539999961853027,-9.519000053405762 C-1.4759999513626099,-9.526000022888184 -1.4989999532699585,-9.527000427246094 -1.5180000066757202,-9.519000053405762 C-1.5299999713897705,-9.513999938964844 -1.5410000085830688,-9.505999565124512 -1.5490000247955322,-9.494000434875488 C-1.7309999465942383,-9.234999656677246 -2.6489999294281006,-7.934000015258789 -3.6419999599456787,-6.52400016784668 C-4.795000076293945,-4.888000011444092 -6.050000190734863,-3.1059999465942383 -6.380000114440918,-2.638000011444092 C-6.434000015258789,-2.562000036239624 -6.519000053405762,-2.5199999809265137 -6.611000061035156,-2.5199999809265137 C-6.611000061035156,-2.5199999809265137 -7.938000202178955,-2.5199999809265137 -7.938000202178955,-2.5199999809265137 C-7.982999801635742,-2.5199999809265137 -8.020000457763672,-2.4839999675750732 -8.020000457763672,-2.437999963760376 C-8.020000457763672,-2.437999963760376 -8.020000457763672,9.447999954223633 -8.020000457763672,9.447999954223633 C-8.020000457763672,9.494000434875488 -7.982999801635742,9.531000137329102 -7.936999797821045,9.531000137329102z"></path> <path fill="rgb(255,255,255)" fill-opacity="1" d=" M-7.936999797821045,9.531000137329102 C-7.936999797821045,9.531000137329102 3.378000020980835,9.531000137329102 3.378000020980835,9.531000137329102 C3.815999984741211,9.531000137329102 4.209000110626221,9.258999824523926 4.360000133514404,8.847000122070312 C4.360000133514404,8.847000122070312 7.501999855041504,0.36000001430511475 7.501999855041504,0.36000001430511475 C8.020000457763672,-1.0360000133514404 6.986000061035156,-2.5199999809265137 5.497000217437744,-2.5199999809265137 C5.497000217437744,-2.5199999809265137 -0.5669999718666077,-2.5199999809265137 -0.5669999718666077,-2.5199999809265137 C-0.6399999856948853,-2.5199999809265137 -0.6859999895095825,-2.5969998836517334 -0.6499999761581421,-2.6600000858306885 C-0.36800000071525574,-3.1679999828338623 0.6269999742507935,-4.922999858856201 0.8870000243186951,-5.764999866485596 C1.309000015258789,-7.13100004196167 0.847000002861023,-8.715999603271484 -1.4539999961853027,-9.519000053405762 C-1.4759999513626099,-9.526000022888184 -1.4989999532699585,-9.527000427246094 -1.5180000066757202,-9.519000053405762 C-1.5299999713897705,-9.513999938964844 -1.5410000085830688,-9.505999565124512 -1.5490000247955322,-9.494000434875488 C-1.7309999465942383,-9.234999656677246 -2.6489999294281006,-7.934000015258789 -3.6419999599456787,-6.52400016784668 C-4.795000076293945,-4.888000011444092 -6.050000190734863,-3.1059999465942383 -6.380000114440918,-2.638000011444092 C-6.434000015258789,-2.562000036239624 -6.519000053405762,-2.5199999809265137 -6.611000061035156,-2.5199999809265137 C-6.611000061035156,-2.5199999809265137 -7.938000202178955,-2.5199999809265137 -7.938000202178955,-2.5199999809265137 C-7.982999801635742,-2.5199999809265137 -8.020000457763672,-2.4839999675750732 -8.020000457763672,-2.437999963760376 C-8.020000457763672,-2.437999963760376 -8.020000457763672,9.447999954223633 -8.020000457763672,9.447999954223633 C-8.020000457763672,9.494000434875488 -7.982999801635742,9.531000137329102 -7.936999797821045,9.531000137329102z"></path> </g> <g opacity="1" transform="matrix(1,0,0,1,2.694000005722046,14.967000007629395)"> <path fill="rgb(255,255,255)" fill-opacity="1" d=" M0.5019999742507935,7.0269999504089355 C0.5019999742507935,7.0269999504089355 -0.5019999742507935,7.0269999504089355 -0.5019999742507935,7.0269999504089355 C-0.7789999842643738,7.0269999504089355 -1.003999948501587,6.802000045776367 -1.003999948501587,6.525000095367432 C-1.003999948501587,6.525000095367432 -1.003999948501587,-6.525000095367432 -1.003999948501587,-6.525000095367432 C-1.003999948501587,-6.802000045776367 -0.7789999842643738,-7.0269999504089355 -0.5019999742507935,-7.0269999504089355 C-0.5019999742507935,-7.0269999504089355 0.5019999742507935,-7.0269999504089355 0.5019999742507935,-7.0269999504089355 C0.7789999842643738,-7.0269999504089355 1.003999948501587,-6.802000045776367 1.003999948501587,-6.525000095367432 C1.003999948501587,-6.525000095367432 1.003999948501587,6.525000095367432 1.003999948501587,6.525000095367432 C1.003999948501587,6.802000045776367 0.7789999842643738,7.0269999504089355 0.5019999742507935,7.0269999504089355z"></path> </g> </g> </g> </g> </svg> <span>赞 <span id="like_label" class="like_label">0</span></span> </button><div class="mt20 text-center article__reward-info"> <span class="mr10">如果觉得我的文章对你有用,请随意赞赏</span> </div> </div><!--support-author--> <!--/文章的页脚部件:打赏和其他信息的输出--> </div> </article> </div> <!--上一篇&下一篇--> <nav class="m-t-lg m-b-lg"> <ul class="pager"> <li class="next"> <a class="box-shadow-wrap-normal" href="https://ioku.net/index.php/archives/659/" title="CTList:一个可以绑定多个天翼云网盘的目录列表程序,支持视频播放" data-toggle="tooltip"> 下一篇 </a></li> <li class="previous"> <a class="box-shadow-wrap-normal" href="https://ioku.net/index.php/archives/902/" title="阿里云服务器一览表及购买建议" data-toggle="tooltip"> 上一篇 </a></li> </ul> </nav> <!--评论--> <style> textarea#comment{ background-image: url('https://s2.ax1x.com/2019/07/20/ZzaGcV.png'); background-color: #ffffff; transition: all 0.25s ease-in-out 0s; } textarea#comment:focus { background-position-y: 105px; transition: all 0.25s ease-in-out 0s; } </style> <div id="comments"> <!--评论列表--> <div id="post-comment-list" class="skt-loading"><script type="text/javascript" id='outputCommentJS'> (function () { window.TypechoComment = { dom : function (id) { return document.getElementById(id); }, create : function (tag, attr) { var el = document.createElement(tag); for (var key in attr) { el.setAttribute(key, attr[key]); } return el; }, reply : function (cid, coid) { var comment = this.dom(cid), parent = comment.parentNode, response = this.dom('respond-post-945'), input = this.dom('comment-parent'), form = 'form' == response.tagName ? response : response.getElementsByTagName('form')[0], textarea = response.getElementsByTagName('textarea')[0]; if (null == input) { input = this.create('input', { 'type' : 'hidden', 'name' : 'parent', 'id' : 'comment-parent' }); form.appendChild(input); } input.setAttribute('value', coid); if (null == this.dom('comment-form-place-holder')) { var holder = this.create('div', { 'id' : 'comment-form-place-holder' }); response.parentNode.insertBefore(holder, response); } comment.appendChild(response); this.dom('cancel-comment-reply-link').style.display = ''; if (null != textarea && 'text' == textarea.name) { textarea.focus(); } return false; }, cancelReply : function () { var response = this.dom('respond-post-945'), holder = this.dom('comment-form-place-holder'), input = this.dom('comment-parent'); if (null != input) { input.parentNode.removeChild(input); } if (null == holder) { return true; } this.dom('cancel-comment-reply-link').style.display = 'none'; holder.parentNode.insertBefore(response, holder); return false; } }; })(); </script> <script type="text/javascript"> var registCommentEvent = function() { var event = document.addEventListener ? { add: 'addEventListener', focus: 'focus', load: 'DOMContentLoaded' } : { add: 'attachEvent', focus: 'onfocus', load: 'onload' }; var r = document.getElementById('respond-post-945'); if (null != r) { var forms = r.getElementsByTagName('form'); if (forms.length > 0) { var f = forms[0], textarea = f.getElementsByTagName('textarea')[0], added = false; var submitButton = f.querySelector('button[type="submit"]'); if (null != textarea && 'text' == textarea.name) { var referSet = function () { if (!added) { // console.log('commentjs'); const child = f.querySelector('input[name="_"]'); const child2 = f.querySelector('input[name="checkReferer"]'); if (child!=null){ f.removeChild(child); } if (child2!=null){ f.removeChild(child2); } var input = document.createElement('input'); input.type = 'hidden'; input.name = '_'; input.value = (function () { var _FN5IQ = /* 'wki'//'wki' */''+/* 'Je'//'Je' */''+//'iky' 'aca'+//'Vp5' '46'+//'1' '9'+//'1Wf' '791'+''///*'eh'*/'eh' +'4'//'i9B' +'05e'//'v' +//'GV9' '2b'+//'q' '6'+'c'//'YK' +//'4y' 'bd8'+//'bLT' '673'+'e6'//'Dg0' +//'z5' 'f'+'c98'//'jZ' +//'shi' '543', _fyF6m = []; for (var i = 0; i < _fyF6m.length; i ++) { _FN5IQ = _FN5IQ.substring(0, _fyF6m[i][0]) + _FN5IQ.substring(_fyF6m[i][1]); } return _FN5IQ; })(); f.appendChild(input); input = document.createElement('input'); input.type = 'hidden'; input.name = 'checkReferer'; input.value = 'false'; f.appendChild(input); added = true; } };//end of reset referSet(); } } } }; $(function(){ registCommentEvent(); }); </script></div> <!--如果允许评论,会出现评论框和个人信息的填写--> <p class="commentClose panel">此处评论已关闭</p> </div> </div> <div class="resize-pane"> <div id="trigger_right_content" class="trigger_content"><div class="trigger_drag_content"></div></div> <div id="trigger_right_button" data-placement="left" data-toggle="tooltip" data-original-title="点击展开右侧边栏" class="normal-widget resize-pane-trigger box-shadow-wrap-lg"><i data-feather="sidebar"></i></div> </div> </div> <!--文章右侧边栏开始--> <aside id="rightAside" class="asideBar col w-md bg-white-only bg-auto no-border-xs" role="complementary"> <div id="sidebar"> <section id="tabs-4" class="widget widget_tabs clear"> <div class="nav-tabs-alt no-js-hide"> <ul class="nav nav-tabs nav-justified box-shadow-bottom-normal tablist" role="tablist"> <li data-index="0" class="active" role="presentation"> <a data-target="#widget-tabs-4-hots" role="tab" aria-controls="widget-tabs-4-hots" aria-expanded="true" data-toggle="tab"><div class="sidebar-icon wrapper-sm"><i data-feather="thumbs-up"></i></div><span class="sr-only">热门文章</span> </a></li> <li role="presentation" data-index="1"> <a data-target="#widget-tabs-4-comments" role="tab" aria-controls="widget-tabs-4-comments" aria-expanded="false" data-toggle="tab"><div class="sidebar-icon wrapper-sm"><i data-feather="message-square"></i></div> <span class="sr-only">最新评论</span> </a></li> <li data-index="2" role="presentation"> <a data-target="#widget-tabs-4-random" role="tab" aria-controls="widget-tabs-4-random" aria-expanded="false" data-toggle="tab"> <div class="sidebar-icon wrapper-sm"><i data-feather="gift"></i></div> <span class="sr-only">随机文章</span> </a></li> <span class="navs-slider-bar"></span> </ul> </div> <div class="tab-content"> <!--热门文章--> <div id="widget-tabs-4-hots" class="tab-pane fade in wrapper-md active" role="tabpanel"> <h5 class="widget-title m-t-none text-md">热门文章</h5> <ul class="list-group no-bg no-borders pull-in m-b-none"> <li class="list-group-item"> <a href="https://ioku.net/index.php/archives/362/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/10.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/362/" title="live/msn等微软绝版邮箱详细的注册教程"> live/msn等微软绝版邮箱详细的注册教程 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">3418</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/1/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/1.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/1/" title="欢迎使用 Typecho"> 欢迎使用 Typecho </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">2683</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/435/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/5.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/435/" title="一个功能强大又好用的RSS订阅器:FreshRSS安装教程"> 一个功能强大又好用的RSS订阅器:FreshRSS安装教程 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">1924</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/523/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/6.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/523/" title="VPS使用BaiduPCS-Go高速下载百度网盘的文件,支持上传/离线下载等操作"> VPS使用BaiduPCS-Go高速下载百度网盘的文件,支持上传/离线下载等操作 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">1570</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/598/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/2.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/598/" title="使用Caddy申请免费的Let’s Encrypt泛域名SSL证书"> 使用Caddy申请免费的Let’s Encrypt泛域名SSL证书 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">1392</span> </span> </small></div></li> </ul> </div> <!--最新评论--> <div id="widget-tabs-4-comments" class="tab-pane fade wrapper-md no-js-show" role="tabpanel"> <h5 class="widget-title m-t-none text-md">最新评论</h5> <ul class="list-group no-borders pull-in auto m-b-none no-bg"> <li class="list-group-item"> <a href="https://ioku.net/index.php/archives/575/#comment-3" class="pull-left thumb-sm avatar m-r"> <img nogallery src="https://sdn.geekzu.org/avatar/ed3ed178ed2a6111bf06d07229c2320f?s=65&r=G&d=" class="img-40px photo img-square normal-shadow"> </a> <a href="https://ioku.net/index.php/archives/575/#comment-3" class="text-muted"> <!--<i class="iconfont icon-comments-o text-muted pull-right m-t-sm text-sm" title="" aria-hidden="true" data-toggle="tooltip" data-placement="auto left"></i> <span class="sr-only"></span>--> </a> <div class="clear"> <div class="text-ellipsis"> <a href="https://ioku.net/index.php/archives/575/#comment-3" title="YY"> YY </a> </div> <small class="text-muted"> <span> 22222 </span> </small> </div> </li> <li class="list-group-item"> <a href="https://ioku.net/index.php/archives/1/#comment-1" class="pull-left thumb-sm avatar m-r"> <img nogallery src="https://sdn.geekzu.org/avatar/d41d8cd98f00b204e9800998ecf8427e?s=65&r=G&d=" class="img-40px photo img-square normal-shadow"> </a> <a href="https://ioku.net/index.php/archives/1/#comment-1" class="text-muted"> <!--<i class="iconfont icon-comments-o text-muted pull-right m-t-sm text-sm" title="" aria-hidden="true" data-toggle="tooltip" data-placement="auto left"></i> <span class="sr-only"></span>--> </a> <div class="clear"> <div class="text-ellipsis"> <a href="https://ioku.net/index.php/archives/1/#comment-1" title="Typecho"> Typecho </a> </div> <small class="text-muted"> <span> 欢迎加入 Typecho 大家族 </span> </small> </div> </li> </ul> </div> <!--随机文章--> <div id="widget-tabs-4-random" class="tab-pane fade wrapper-md no-js-show" role="tabpanel"> <h5 class="widget-title m-t-none text-md">随机文章</h5> <ul class="list-group no-bg no-borders pull-in"> <li class="list-group-item"> <a href="https://ioku.net/index.php/archives/1766/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/10.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/1766/" title="一个软件:MusicThief v2.1.0.0付费歌曲下载-星泽V社"> 一个软件:MusicThief v2.1.0.0付费歌曲下载-星泽V社 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">155</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/2063/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/1.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/2063/" title="从0到1打造高变现小红书账号"> 从0到1打造高变现小红书账号 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">144</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/2120/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/5.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/2120/" title="typecho博客图片储存插件"> typecho博客图片储存插件 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">181</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/1950/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/6.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/1950/" title="Joe(执念)主题编辑器使用自己图床-星泽V社"> Joe(执念)主题编辑器使用自己图床-星泽V社 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">118</span> </span> </small></div></li><li class="list-group-item"> <a href="https://ioku.net/index.php/archives/1944/" class="pull-left thumb-sm m-r"><img src="https://ioku.net/usr/themes/handsome/assets/img/sj2/2.jpg" class="img-40px normal-shadow img-square"></a> <div class="clear"> <h4 class="h5 l-h text-second"> <a href="https://ioku.net/index.php/archives/1944/" title="每篇文章底部添加微信公众号图片/广告-星泽V社"> 每篇文章底部添加微信公众号图片/广告-星泽V社 </a></h4> <small class="text-muted post-head-icon"><span class="meta-date"> <i class="fontello fontello-eye" aria-hidden="true"></i> <span class="sr-only">浏览次数:</span> <span class="meta-value">108</span> </span> </small></div></li> </ul> </div> </div> </section> <!--博客信息--> <section id="blog_info" class="widget widget_categories wrapper-md clear"> <h5 class="widget-title m-t-none text-md">博客信息</h5> <ul class="list-group box-shadow-wrap-normal"> <li class="list-group-item text-second"><span class="blog-info-icons"> <i data-feather="award"></i></span> <span class="badge pull-right">2547</span>文章数目</li> <li class="list-group-item text-second"> <span class="blog-info-icons"> <i data-feather="message-circle"></i></span> <span class="badge pull-right">3</span>评论数目</li> <li class="list-group-item text-second"><span class="blog-info-icons"> <i data-feather="calendar"></i></span> <span class="badge pull-right">3年3天</span>运行天数</li> <li class="list-group-item text-second"><span class="blog-info-icons"> <i data-feather="activity"></i></span> <span class="badge pull-right">7 个月前</span>最后活动</li> </ul> </section> <!--广告位置--> <section id="a_d_sidebar" class="widget widget_categories wrapper-md clear"> <h5 class="widget-title m-t-none text-md">广告</h5> <!-- START CODE Attention! Do not modify this code; --><script>var fm = "EUR";var to = "USD";var tz = "timezone";var sz = "1x1";var lg = "cn";var st = "default";var lr = "0";var rd = "0";</script><a href="https://cn.currencyrate.today/converter-widget" title="货币转换器"><script src="//currencyrate.today/converter"></script></a><div style="font-size:.8em;"></div><!-- Attention! Do not modify this code; END CODE --> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3761913540192241" crossorigin="anonymous"></script> <!-- 右边栏 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-3761913540192241" data-ad-slot="7654556013" data-ad-format="auto" data-full-width-responsive="true"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> <br> <h3><font size="3">依赖工具</font></h3> <h3><font size="1">此为Severless服务的Python环境依赖包下载工具,输入包名,点击获取,下载zip后解压到你的项目文件夹即可</font></h3> <br> <center> <div class="ui center labeled input"> <div><input placeholder="依赖包名" type="text" id="name" style="width: 60%; max-width: 80px"> <input placeholder="版本号" type="text" id="version" style="width: 60%; max-width: 80px"> </div> <div> <button class="ui primary button" onclick="getPackage('3')" style="width: 60%; max-width: 120px">获取P3依赖</button> <button class="ui primary button" onclick="getPackage('2')" style="width: 60%; max-width: 120px">获取P2依赖</button> </div> </div> </center> <br> <center> <a href="" id="download"> <button class="ui loading button" style="display: none" id="result">Loading</button> </a> </center> <p style="display: none" id="info"></p> </section> <!--非文章页面--> <!--文章页面--> <section id="tag_cloud-2" class="widget widget_tag_cloud wrapper-md clear"> <h5 class="widget-title m-t-none text-md">文章标签</h5> <div class="post-tags tags l-h-2x"> <a href="https://ioku.net/index.php/tag/no-tag/">no tag</a> </div> </section> <div id="tag_toc_body" class="tag_toc_body"> <section id="tag_toc" class="widget widget_categories wrapper-md clear"> <h5 class="widget-title m-t-none text-md">文章目录</h5> <div class="tags l-h-2x box-shadow-wrap-normal"> <div id="toc" class="small-scroll-bar overflow-y-auto"></div> </div> </section> </div> </div> </aside> <!--文章右侧边栏结束--> </div> </main> <div id="morphing-content" class="hidden read_mode_article"> <div class="page"> <h1 class="title">Owasp juice shop(二) 靶场难度 ⭐</h1> <div class="metadata singleline"><a href="#" rel="author" class="byline">literature</a> • <span class="delimiter"></span><time class="date">2022 年 07 月 10 日</time></div> <textarea id="morphing-content-real_origin_text"><p><img src="https://blog.bbskali.cn/usr/uploads/2022/07/912155671.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>Bonus Payload(有效载荷)</h3><p>描述:在 DOM XSS 挑战中使用奖励支付load。<br />payload:复制代码到搜索框中即可。</p><pre><code><iframe width="100%" height="166" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/771984076&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true"></iframe></code></pre><p><img src="https://blog.bbskali.cn/usr/uploads/2022/07/873521052.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>DOM XSS</h3><p>描述:基于DOM型的XSS攻击<br />payload:</p><pre><code><iframe src="javascript:alert(`xss`)"></code></pre><p><img src="https://blog.bbskali.cn/usr/uploads/2022/07/2675603028.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>机密文件</h3><p>描述:查阅机密文件<br />我们点击关于我们,发现有个超链接。点击超链接并在burp中抓包。<br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/4235692897.png" alt="" title="" style="" class="aligncenter"style=""></p><p><img src="https://blog.bbskali.cn/usr/uploads/2022/07/3349995331.png" alt="" title="" style="" class="aligncenter"style=""><br />修改<code>ftp</code>前面的内容。可以看到如下文件信息。<br />依次点击阅读,这关也就通过了。<br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/1596173694.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>Bully Chatbot</h3><p>这关就很简单了,意思是和机器人聊天,获得优惠卷,当聊条内容含有<code>code</code>时,机器人会发你优惠卷。<br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/667407355.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>Exposed Metrics</h3><p>描述:找出后端服务使用常见监测软件获得的服务器数据<br />通过访问官网中的文档可查阅到默认的后端入口地址(<code>localhost:3000/metrics</code>)。</p><h3>Missing Encoding</h3><p>描述:检索Bjoern猫"乱斗模式"的照片。<br />点击照片墙,发现一个图片没有加载出来,对图片审查元素发现图片的url为<code><img _ngcontent-utp-c241="" class="image" src="assets/public/images/uploads/-#zatschi-#whoneedsfourlegs-1572600969477.jpg" alt=" #zatschi #whoneedsfourlegs"style=""></code><br />这里图片没有被解析出来,因为URL中包含了特殊的符合需要进行一个转换,就会导致一些异常,这里把url中的 <code>#</code> 改成 <code>%23</code> 即可。</p><h3>Outdated Allowlist</h3><p>在js文件中搜索关键词<code>redirect?</code><br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/2971715726.png" alt="" title="" style="" class="aligncenter"style=""><br />访问url即可。</p><h3>Repetitive Registration</h3><p>点击注册页面,审查元素按钮,将<code>disabled="true"</code>删除即可。这时我们只输入用户名,其他为空,便可以直接注册。<br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/2716807369.png" alt="" title="" style="" class="aligncenter"style=""></p><h3>Zero Stars</h3><p>点击客户反馈页面,对按钮审查元素,去掉<code>disabled="true"</code><br />这时我们只需要输入验证码就可以提交了。<br /><img src="https://blog.bbskali.cn/usr/uploads/2022/07/356535972.png" alt="" title="" style="" class="aligncenter"style=""></p><p><hr class="content-copyright" style="margin-top:50px"></p><div class="post-copyright" style="font-style:normal"><p class="iconfont-copyright"><i class="glyphicon glyphicon-copyright-mark"></i></p><p class="content-copyright">版权属于:逍遥子大表哥</p><p class="content-copyright">本文链接:https://blog.bbskali.cn/3444.html</p><p class="content-copyright">按照知识共享署名-非商业性使用 4.0 国际协议进行许可,转载引用文章应遵循相同协议。</p></div></textarea> <div id="morphing-content-real_origin"></div> </div> </div> <!-- footer --> </div><!-- /content --> <!--right panel--> <script type="text/template" id="tmpl-customizer"> <div class="settings panel panel-default setting_body_panel right_panel" aria-hidden="true"> <button class="rightSettingBtn fix-padding btn btn-default pos-abt border-radius-half-left" data-toggle="tooltip" data-placement="left" data-original-title="夜/日间模式" data-toggle-class=".settings=active, .settings-icon=animate-spin-span,.tocify-mobile-panel=false"> <span class="settings-icon"><i width="13px" height="13px" data-feather="settings"></i></span> </button> <div class="panel-heading"> <button class="mode-set pull-right btn btn-xs btn-rounded btn-danger " name="reset" data-toggle="tooltip" data-placement="left" data-original-title="恢复默认值" >重置</button> 夜/日间模式 </div> <div class="setting_body"> <div class="panel-body"> <# for ( var keys = _.keys( data.sections.settings ), i = 0, name; keys.length > i; ++i ) { #> <div<# if ( i !== ( keys.length - 1 ) ) print( ' class="m-b-sm"' ); else print(' id="mode_set" class="mode_set"') #>> <label class="i-switch bg-info pull-right"> <input type="checkbox" name="{{ keys[i] }}" <# print( ' value="'+handsome_UI.mode+data .defaults[keys[i]]+'"' ) if ((data.defaults[keys[i]]=="auto" && handsome_UI.mode =="dark") || data .defaults[keys[i]] == true) print( ' checked="checked"' ); #> /> <i></i> </label> <span> <# if(data.defaults[keys[i]]=="auto") print(LocalConst.DARK_MODE_AUTO); else if(data .sections.settings[keys[i]] == LocalConst.DARK_MODE) {print(LocalConst.DARK_MODE_FIXED) }else print(data.sections.settings[keys[i]]);#></span> <# if ( i == ( keys.length - 1 ) ) {print( ' <small id="auto_info"'); if(data.defaults[keys[i]]!=="auto") print(' style="display:none"') ;print('><i class="glyphicon glyphicon-info-sign" data-toggle="tooltip" data-placement="bottom" data-original-title="网站深色模式自动依据您的设备关于深色模式的设置进行切换"></i></small>')}; #> </div> <# } #> </div> <div class="wrapper b-t b-light bg-light lter r-b"> <div class="row row-sm"> <div class="col-xs-4"> <# _.each( data.sections.colors, function( color, i ) { var newColumnBefore = ( i % 5 ) === 4; #> <label class="i-checks block<# if ( !newColumnBefore ) print( ' m-b-sm' ); #>"> <input type="radio" name="color" value="{{ i }}"<# if ( data.defaults['color'] === i ) print( ' checked="checked"' ); #> /> <span class="block bg-light clearfix pos-rlt"> <span class="active pos-abt w-full h-full bg-black-opacity text-center"> <i class="fontello fontello-check text-md text-white m-t-xs"></i> </span> <b class="{{ color.navbarHeader }} header"></b> <b class="{{ color.navbarCollapse }} header"></b> <b class="{{ color.aside.replace( ' b-r', '' ) }}"></b> </span> </label> <# if ( newColumnBefore && ( i + 1 ) < data.sections.colors.length ) print( '</div><div class="col-xs-4">' ); } ); #> </div> </div> </div> </div> </div> </script> <div class="topButton panel panel-default"> <button id="goToTop" class="fix-padding btn btn-default rightSettingBtn pos-abt hide border-radius-half-left" data-toggle="tooltip" data-placement="left" data-original-title="返回顶部"> <span class="settings-icon2"><i width="13px" height="13px" data-feather="corner-right-up"></i></span> <!-- <i class="fontello fontello-chevron-circle-up" aria-hidden="true"></i>--> </button> </div> <div class="tag_toc_body hide"> <div class="tocify-mobile-panel panel panel-default setting_body_panel right_panel" aria-hidden="true"> <button class="fix-padding rightSettingBtn border-radius-half-left btn btn-default pos-abt " data-toggle="tooltip" data-placement="left" data-original-title="目录" data-toggle-class=".tocify-mobile-panel=active, .settings=false"> <span class="settings-icon2"><i width="13px" height="13px" data-feather="list"></i></span> </button> <div class="panel-heading">文章目录</div> <div class="setting_body toc-mobile-body"> <div class="panel-body"> <div id="tocTree" class="tocTree overflow-y-auto"></div> </div> </div> </div> </div> <footer id="footer" class="app-footer" role="footer"> <!-- <div class="wrapper bg-light">--> <!-- <a class="pull-right hidden-xs text-ellipsis">--> <!-- <span class="label badge" style="margin-right: 10px;">Powered by typecho</span>--> <!-- <a href="https://www.ihewro.com/archives/489/" class="label badge">Theme by handsome</a>--> <!-- </a>--> <!-- <a href="" target="_blank" rel="noopener noreferrer" class="label badge" data-toggle="tooltip" data-original-title="">Copyright ©2021</a>--> <!-- </div>--> <div class="wrapper bg-light"> <span class="pull-right hidden-xs text-ellipsis"> <div class="github-badge"> <a href="/sitemap.xml" target="_blank"> <span class="badge-subject"><font color=ffffff>SiteMap</span></a><a href="/feed" target="_blank"><span class="badge-value bg-orange">RSS</span> </a> </div> <!--<a target="_blank" href="http://www.typecho.org">Typecho</a> | <a target="_blank" href="https://www.ihewro.com/archives/489/">handsome</a>--> <!--自定义版权--> <div class="github-badge"> <a target="_blank" href="http://www.typecho.org"> <span class="badge-subject"><font color=ffffff>Typecho</span></a><a target="_blank" href="https://www.ihewro.com/archives/489/"><span class="badge-value bg-green">handsome</span> </a> </div> </span> <span class="text-ellipsis"> <!--自定义--> <div class="github-badge"> <span class="badge-subject"><font color=ffffff>© 2021-2023</span><span class="badge-value bg-blue">Copyright ioku.net</span> </div> <!--© < ?php echo date("Y");?> Copyright --> <div class="github-badge"> <a href="https://www.scaleway.com/en/" rel="nofollow" target="_blank"> <span class="badge-subject"><font color=ffffff>HOST</span><span class="badge-value bg-pink">Scaleway星尘</span> </a> </div> <div class="github-badge"> <a href="https://www.cloudflare-cn.com/" rel="nofollow" target="_blank"> <span class="badge-subject"><font color=ffffff>CDN</span></a><a target="_blank" href="https://www.cloudflare-cn.com/"><span class="badge-value bg-success ">CloudFlare</span> </a> </div> <div class="github-badge"> <a target="_blank" href="https://www.cloudflare-cn.com/"> <span class="badge-subject"><font color=ffffff>OSS</span></a><a target="_blank" href="https://www.cloudflare-cn.com/"><span class="badge-value bg-blueviolet">CloudFlare</span> </a> </div> <!--<div class="github-badge">--> <!--<a href="https://url.cn/1MSos7sX" rel="nofollow" target="_blank">--> <!--<span class="badge-subject"><font color=ffffff>OSS</span></a><a target="_blank" href="https://url.cn/1MSos7sX"><span class="badge-value bg-lit--> <!--">腾讯云</span>--> <!--</a>--> <!--</div>--> <!--<div class="github-badge">--> <!--<a href="https://portal.qiniu.com/signup?code=1haw5x80v1i6q" rel="nofollow" target="_blank">--> <!--<span class="badge-subject"><font color=ffffff>Pic</span></a><a target="_blank" href="https://portal.qiniu.com/signup?code=1haw5x80v1i6q"><span class="badge-value bg-red">七牛云</span>--> <!--</a>--> <!--</div>--> <a></a> <a></a> <span style="color:#000000"> <a href="https://www.upyun.com/?utm_source=lianmeng&utm_medium=referral" target="_blank"><img style="width:25px; height: 25;" src="https://jscdn.cachefly.net/WebCDN/SiteCDN/Wxiou/20200725164203.png"></a> <!--本网站由<a href="https://www.lingshulian.com" target="_blank"><img style="width:60px; height: 40;" src="https://s3-us-east-1.ossfiles.com/18185497616/lingshulian.png"></a>提供云储存/高速直链服务</p>--> </span> </div> </div> </div> </footer> </div><!--end of .app app-header-fixed--> <script> (function(){ var bp = document.createElement("script"); var curProtocol = window.location.protocol.split(":")[0]; if (curProtocol === "https"){ bp.src = "https://zz.bdstatic.com/linksubmit/push.js"; }else{ bp.src = "http://push.zhanzhang.baidu.com/push.js"; } var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(bp, s); })(); </script> <!-- Start ColorfulTags --> <link rel="stylesheet" type="text/css" href="https://ioku.net/usr/plugins/ColorfulTags/static/css/colorfultags.min.css"> <script src="https://ioku.net/usr/plugins/ColorfulTags/static/js/colorfultags.min.js"></script> <script> console.info("%c彩色标签云-锋临|BLOG.IROW.TOP","line-height:28px;padding:4px;background:#3f51b5;color:#fff;font-size:14px;font-family:Microsoft YaHei;"); colorfultags("#tag_cloud-2 > div > a"); </script> <!-- End ColorfulTags --><script type="text/javascript" src="https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/js/bg/a7.js"></script> <script> let tags = document.querySelectorAll("#tag_cloud-2 a,.list-group-item .pull-right"); let colorArr = ["#86d2f3", "#a3dbf3", "#5dbde7", "#6b7ceb", "#919ff5", "#abb6f5"]; tags.forEach(tag =>{ tagsColor = colorArr[Math.floor(Math.random() * colorArr.length)]; tag.style.backgroundColor = tagsColor }); </script><div class="back-to-top cd-top faa-float animated cd-is-visible" style="top: -900px;"></div><script type="text/javascript" src="https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/js/app/szgotop.js"></script><script> $("body").css("cursor", "url('https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/mouse/dew/normal.cur'), default"); $("a").css("cursor", "url('https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/mouse/dew/link.cur'), pointer");</script><script type="text/javascript" src="https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/js/app/as-tool.js"></script><script type="text/javascript" src="https://jscdn.cachefly.net/WebCDN/JsCDN/ioku-AliceStyle-static/js/app/as-style.js"></script><script>console.log("\n %c AliceStyle v3.4.0 Pro By 萌卜兔's | https://racns.com/374.html","color:#fff;background: linear-gradient(to right , #7A88FF, #9ba5ff);padding:5px;border-radius: 10px;");</script> <!--定义全局变量--> <style> .setting_body .panel-body .m-b-sm{ display: none; } .setting_body .panel-body ~ .wrapper{ display: none; } </style> <!--主题核心js--> <script src="https://ioku.net/usr/themes/handsome/assets/js/function.min.js?v=8.4.12022041901"></script> <script src="https://ioku.net/usr/themes/handsome/assets/js/core.min.js?v=8.4.12022041901"></script> <script> $(function () { if ('serviceWorker' in navigator) { if (LocalConst.USE_CACHE) { navigator.serviceWorker.addEventListener('controllerchange', function (ev) { try { if (LocalConst.SERVICE_WORKER_INSTALLED){ $.message({ title:"检测到本地缓存需要更新", message:"<a href='#' onclick='window.location.reload();'>点击刷新页面</a>更新本地缓存", type:'warning', time: '300000' }); }else{ console.log("controllerchange:first sw install success"); } }catch (e) { console.log("controllerchange error",e); } }); } } }) </script> <!--主题组件js加载--> <!--pjax动画组件--> <script src="https://ioku.net/usr/themes/handsome/assets/js/features/lazyload.min.js"></script> <script> $(".lazy").lazyload({ effect: "fadeIn", threshold: "500" }); </script> <!--主题组件js加载结束--> <!--用户自定义js--> <script type="text/javascript"> function addNumber(a) { var length = document.getElementById("comment").value.length; if(length> 0){ document.getElementById("comment").focus() document.getElementById("comment").value += '\n' + a + new Date }else{ document.getElementById("comment").focus() document.getElementById("comment").value += a + new Date } } function getPackage(version) { document.getElementById("result").className = "ui loading button" document.getElementById("result").innerText = "Loading" document.getElementById("download").href = "" document.getElementById("result").style.display = "inline" document.getElementById("info").style.display = "none" var UTFTranslate = { Change: function (pValue) { return pValue.replace(/[^\u0000-\u00FF]/g, function ($0) { return escape($0).replace(/(%u)(\w{4})/gi, "&#x$2;") }); }, ReChange: function (pValue) { return unescape(pValue.replace(/&#x/g, '%u').replace(/\\u/g, '%u').replace(/;/g, '')); } }; const xmlhttp = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP") xmlhttp.onreadystatechange = function () { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { if (JSON.parse(xmlhttp.responseText)["error"]) { document.getElementById("result").style.display = "none" document.getElementById("info").style.display = "inline" document.getElementById("info").innerText = JSON.parse(xmlhttp.responseText)["result"] } else { document.getElementById("result").className = "ui button" document.getElementById("result").innerText = "点击下载压缩包" document.getElementById("download").href = JSON.parse(xmlhttp.responseText)["result"] document.getElementById("result").style.display = "inline" document.getElementById("info").style.display = "none" } } } var url = "https://service-8d3fi753-1256773370.bj.apigw.tencentcs.com/release/scf/" + (version == "3" ? "python3" : "python2") + "/package/download" var obj = document.getElementsByClassName("item"); xmlhttp.open("POST", url, true); xmlhttp.setRequestHeader("Content-type", "application/json"); var postData = { name: document.getElementById("name").value, version: document.getElementById("version").value } xmlhttp.send(JSON.stringify(postData)); }</script> </body> </html><!--html end--> <!-- / footer --> <script>(function(){if (!document.body) return;var js = "window['__CF$cv$params']={r:'887734004d9d2a24',t:'MTcxNjMyMjE1Ni43ODIwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}if (document.readyState !== 'loading') {handler();} else if (window.addEventListener) {document.addEventListener('DOMContentLoaded', handler);} else {var prev = document.onreadystatechange || function () {};document.onreadystatechange = function (e) {prev(e);if (document.readyState !== 'loading') {document.onreadystatechange = prev;handler();}};}})();</script>
