- 博客(3)
- 收藏
- 关注
原创 2020软测Web安全测试-easy_flask3-WP
过滤{{}} > 使用{%%}报错> 使用{%25%25}过滤 ’ 和 " > 通过{%25set mystr=dict(xxx=1).keys()|reverse|first %25}来使得变量mystr=“xxx”题目当中用到的有:在下面的pyload当中要用到这些变量来构造字符串(通过 __cla和ss__来绕过){%25set cla=dict(cla=1).keys()|reverse|first %25} {%25set ss=dict(ss=1).keys()|reve
2020-11-22 14:20:06 249
原创 Misc torch_model WP
exp贴上:import torchimport torch.nn as nnfrom torch.nn import initimport torch.nn.functional as Fimport torch.optim as optimimport osfrom hashlib import sha256import numpy as npfrom PIL import Imagefrom tqdm import tqdmimport redef find_num(b):
2020-10-31 22:02:01 185
原创 eyoucms 1.4.6 XSS vulnerability
eyoucms 1.4.6 XSS vulnerabilityVulnerability describesVulnerability describesVulnerability found in Eyoucms1.4.6 and prior releases.In the member center member contribution office, after editing the contribution content through the editor, intercept the
2020-10-13 01:19:46 326
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人