Web应用程序通常会提供一些上传功能,比如上传头像,图片资源等,只要与资源传输有关的地方就可能存在上传漏洞,上传漏洞归根结底是程序员在对用户文件上传时控制不足或者是处理的缺陷导致的,文件上传漏洞在渗透测试中用的比较多,因为它是获取服务器WebShell最快最直接的攻击手法,其实文件上传本身并没有问题,有问题的是文件上传时程序员是如何对其进行合法化过滤的,如果程序员的处理逻辑做的不够安全,则会导致严重的后果。

接下来你可以自行下载一个专门用于练习文件上传的Web靶场应用并自己部署到你的服务器上,下载地址是:https://github.com/c0ny1/upload-labs 该靶场使用PHP语言编写,专门收集渗透测试和CTF中遇到的各种上传漏洞的靶场,目前共20关每一关都包含着不同上传方式。

pass1 第一关

本关的突破非常的容易,因为程序中仅仅使用了JavaScript来拒绝非法文件的,但这种前端验证的方式能够防止普通用户,但无法防止专业人员的突破,我们可以使用Brup工具来突破这一限制。

function checkFile() {
var file = document.getElementsByName('upload_file')[0].value;
if (file == null || file == "") {
alert("请选择要上传的文件!");
return false;
}
//定义允许上传的文件类型
var allow_ext = ".jpg|.png|.gif";
//提取上传文件的类型
var ext_name = file.substring(file.lastIndexOf("."));
//判断上传文件类型是否允许上传
if (allow_ext.indexOf(ext_name + "|") == -1) {
var errMsg = "该文件不允许上传,请上传" + allow_ext + "类型的文件,当前文件类型为:" + ext_name;
alert(errMsg);
return false;
}
}

首先准备好一句话后门 lyshark.php 然后将其修改成 lyshark.jpg ,使用Brup抓上传的数据包,并将jpg后缀改成php直接提交。

上方我们开启【Intercept is on】拦截,然后点击上传按钮,将其中的【lyshark.jpg】修改为【lyshark.php】,点击【Forward】按钮放行,即可上传成功。

pass2 第二关

本关的突破也非常简单,如下代码我们可以看出其使用了MIME类型来验证上传文件的合法性,下方允许上传的格式有 image/jpeg,image/png,image/gif 这三种类型的文件。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
if (($_FILES['upload_file']['type'] == 'image/jpeg') || ($_FILES['upload_file']['type'] == 'image/png') || ($_FILES['upload_file']['type'] == 'image/gif')) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH . '/' . $_FILES['upload_file']['name']
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '文件类型不正确,请重新上传!';
}
} else {
$msg = UPLOAD_PATH.'文件夹不存在,请手工创建!';
}
}

代码中验证了上传的MIME类型,绕过方式使用Brup抓包,将上传的一句话小马lyshark.php中的 Content-Type: application/php修改成Content-Type: image/jpeg然后上传。

pass3 第三关

第三关采用了黑名单的验证方式,黑名单过滤也是一种不安全的方式,黑名单中定义了一系列的不安全的扩展名,服务器在接收到文件后,与黑名单做对比,从而决定是否要过滤上传的文件。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array('.asp','.aspx','.php','.jsp');
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA
$file_ext = trim($file_ext); //收尾去空 if(!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.date("YmdHis").rand(1000,9999).$file_ext;
if (move_uploaded_file($temp_file,$img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '不允许上传.asp,.aspx,.php,.jsp后缀文件!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

如上方的代码,其过滤掉了 .asp .php .jsp 等危险的脚本文件,看起来是把危险文件拒之门外了,但实际上其效果并不是太好,攻击者可以通过黑名单中找到Web开发人员忽略的扩展名,从而完成上传。

首先Brup拦截数据包,然后点击上传按钮,在Brup的空白位置右键,选择【Send To Repeater】发送到Repeater模块中。

接着我们将 lyshark.php 修改为 lyshark.jpg 然后点击 send 按钮,在右侧Response 会看到返回了数据./upload/201908080737005617.jpg ,这里也可以将其做成图片木马上传,从而也可以绕过这个限制。

pass4 第四关

本关代码如下,相比于前一关的内容,这里的过滤条件变得更为苛刻,其几乎过滤掉了所有的脚本文件后缀,但是并没有过滤.jpg等格式,如果使用jpg格式在php 5.5以前可以正常拿Shell ,但在PHP 7版本中显然是不可取的,本关我们可以利用一个Apache解析漏洞完成我们的上传任务。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2","php1",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2","pHp1",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf");
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA
$file_ext = trim($file_ext); //收尾去空 if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.$file_name;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件不允许上传!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

解析漏洞,在Apache 2.x中存在一个解析漏洞,如果我们将 lyshark.php 修改为 lyshark.php.rar 这样的格式,正常情况下会弹出文件下载提示框,但是由于Apache 2.x存在解析漏洞所以,会默认将其当作PHP脚本文件进行展开并执行。

Apache在解析文件时有一个原则,当碰到不认识的扩展名时,会从后向前解析,直到碰到认识的扩展名为止,如果不认识则会爆露其源代码,此时我们如果上传 lyshark.php.rar 的话,很明显.rar 他不认识,则会先前递增,会看到.php 默认就会使用.php 解析啦。

1.首先Brup拦截数据,然后选择 lyshark.php 小马,点击上传按钮,回到Brup将lyshark.php 手动修改为 lyshark.php.rar 然后放行数据包,即可完成上传。

上传成功后,蚁剑直接拿shell。

pass5 第五关

第五关源代码如下,该代码中并没有对文件名的大小写进行强制转换,所以绕过就变得容易了起来。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA
$file_ext = trim($file_ext); //首尾去空 if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.date("YmdHis").rand(1000,9999).$file_ext;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件类型不允许上传!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

直接使用Brup抓包,然后拦截数据包,并发送到Repeater模块将 lyshark.php 修改成 lyshark.PhP 然后Send发送数据包,成功的绕过了上传检测代码。

pass6 第六关

代码中并没有首位去空格的函数,本关我们可以通过在 l'y'shark.php 的后面或前面添加一个或多个空格,绕过过滤规则完成上传。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = $_FILES['upload_file']['name'];
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.date("YmdHis").rand(1000,9999).$file_ext;
if (move_uploaded_file($temp_file,$img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件不允许上传';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

Brup抓包,然后将文件 lyshark.php 中添加空格,直接放行数据包。

pass7 第七关

本关中并没有对末尾文件的点进行过滤,所以我们可以在 lyshark.php 的后面添加一个点,完成绕过。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = trim($_FILES['upload_file']['name']);
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA
$file_ext = trim($file_ext); //首尾去空 if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.$file_name;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件类型不允许上传!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

pass8 第八关

本关中去掉了字符串::$DATA的代码,所以我们可以使用 lyshark.php :: $DATA 完成绕过,但经过测试这种方式上传的文件PHP解释器已经无法识别了,也就无法拿到Shell。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = trim($file_ext); //首尾去空 if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.date("YmdHis").rand(1000,9999).$file_ext;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件类型不允许上传!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

pass9 第九关

本关中我们可以使用 lyshark.php. . (点+空格+点),的方式完成绕过。

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array(".php",".php5",".php4",".php3",".php2",".html",".htm",".phtml",".pht",".pHp",".pHp5",".pHp4",".pHp3",".pHp2",".Html",".Htm",".pHtml",".jsp",".jspa",".jspx",".jsw",".jsv",".jspf",".jtml",".jSp",".jSpx",".jSpa",".jSw",".jSv",".jSpf",".jHtml",".asp",".aspx",".asa",".asax",".ascx",".ashx",".asmx",".cer",".aSp",".aSpx",".aSa",".aSax",".aScx",".aShx",".aSmx",".cEr",".sWf",".swf",".htaccess");
$file_name = trim($_FILES['upload_file']['name']);
$file_name = deldot($file_name);//删除文件名末尾的点
$file_ext = strrchr($file_name, '.');
$file_ext = strtolower($file_ext); //转换为小写
$file_ext = str_ireplace('::$DATA', '', $file_ext);//去除字符串::$DATA
$file_ext = trim($file_ext); //首尾去空 if (!in_array($file_ext, $deny_ext)) {
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.$file_name;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = '此文件类型不允许上传!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

pass10 第十关

本关  str_ireplace($deny_ext,"", $file_name); 函数,将黑名单中的后缀名替换为空,因此可双写绕过:

$is_upload = false;
$msg = null;
if (isset($_POST['submit'])) {
if (file_exists(UPLOAD_PATH)) {
$deny_ext = array("php","php5","php4","php3","php2","html","htm","phtml","pht","jsp","jspa","jspx","jsw","jsv","jspf","jtml","asp","aspx","asa","asax","ascx","ashx","asmx","cer","swf","htaccess"); $file_name = trim($_FILES['upload_file']['name']);
$file_name = str_ireplace($deny_ext,"", $file_name);
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = UPLOAD_PATH.'/'.$file_name;
if (move_uploaded_file($temp_file, $img_path)) {
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else {
$msg = UPLOAD_PATH . '文件夹不存在,请手工创建!';
}
}

pass11 第十一关

通过GET方式传入数据,然后通过GET传入save_path值,使得上传文件路径可控,尝试使用%00截断,这里PHP版本必须小于5.3否则00截断无效。

$is_upload = false;
$msg = null;
if(isset($_POST['submit'])){
$ext_arr = array('jpg','png','gif');
$file_ext = substr($_FILES['upload_file']['name'],strrpos($_FILES['upload_file']['name'],".")+1);
if(in_array($file_ext,$ext_arr)){
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = $_GET['save_path']."/".rand(10, 99).date("YmdHis").".".$file_ext; if(move_uploaded_file($temp_file,$img_path)){
$is_upload = true;
} else {
$msg = '上传出错!';
}
} else{
$msg = "只允许上传.jpg|.png|.gif类型文件!";
}
}

pass12 第十二关

本关与上一关不同,本关中通过POST方式传递save_path变量的值,同样的可以使用%00截断,但需要考虑URL编码的问题,默认GET方式传输会自动解码成空字符,而POST方式则不会自动解码,所以要对POST中的%00先进行编码然后在放行。

$is_upload = false;
$msg = null;
if(isset($_POST['submit'])){
$ext_arr = array('jpg','png','gif');
$file_ext = substr($_FILES['upload_file']['name'],strrpos($_FILES['upload_file']['name'],".")+1);
if(in_array($file_ext,$ext_arr)){
$temp_file = $_FILES['upload_file']['tmp_name'];
$img_path = $_POST['save_path']."/".rand(10, 99).date("YmdHis").".".$file_ext; if(move_uploaded_file($temp_file,$img_path)){
$is_upload = true;
} else {
$msg = "上传失败";
}
} else {
$msg = "只允许上传.jpg|.png|.gif类型文件!";
}
}

1.首先上传文件,然后拦截请求,并在lyshark.jpg后面添加%00

2.接着选中%00 ,然后对URL进行编码。

pass13 第十三关

本关采用了白名单的上传验证方式,其主要是允许jpg/png/gif这三种文件的传输,且代码中检测了文件头的2字节内容,也就是说我们只需要将文件的头两个字节修改为图片的格式就可以绕过,通常 JPEG/JPG: FF D8 , PNG:89 50,GIF:47 49

function getReailFileType($filename){
$file = fopen($filename, "rb");
$bin = fread($file, 2); //只读2字节
fclose($file);
$strInfo = @unpack("C2chars", $bin);
$typeCode = intval($strInfo['chars1'].$strInfo['chars2']);
$fileType = '';
switch($typeCode){
case 255216:
$fileType = 'jpg';
break;
case 13780:
$fileType = 'png';
break;
case 7173:
$fileType = 'gif';
break;
default:
$fileType = 'unknown';
}
return $fileType;
} $is_upload = false;
$msg = null;
if(isset($_POST['submit'])){
$temp_file = $_FILES['upload_file']['tmp_name'];
$file_type = getReailFileType($temp_file); if($file_type == 'unknown'){
$msg = "文件未知,上传失败!";
}else{
$img_path = UPLOAD_PATH."/".rand(10, 99).date("YmdHis").".".$file_type;
if(move_uploaded_file($temp_file,$img_path)){
$is_upload = true;
} else {
$msg = "上传出错!";
}
}
}

以JPEG为例,我们在一句话木马的开头添加两个11也就是二进制的2121,然后将 lyshark.php 修改为 lyshark.jpg,使用Brup抓包,然后发送到Repeater模块

HEX编码 3131 改为 FFD8 点Go后成功上传JPG

pass14 第十四关

这一关很简单,首先程序中通过使用,getimagesize() 函数对文件信息的检测识别,绕过的话就是制作一个图片木马,但是在PHP 7 版本中不能保证其能够正常的拿Shell。

function isImage($filename){
$types = '.jpeg|.png|.gif';
if(file_exists($filename)){
$info = getimagesize($filename);
$ext = image_type_to_extension($info[2]);
if(stripos($types,$ext)>=0){
return $ext;
}else{
return false;
}
}else{
return false;
}
} $is_upload = false;
$msg = null;
if(isset($_POST['submit'])){
$temp_file = $_FILES['upload_file']['tmp_name'];
$res = isImage($temp_file);
if(!$res){
$msg = "文件未知,上传失败!";
}else{
$img_path = UPLOAD_PATH."/".rand(10, 99).date("YmdHis").$res;
if(move_uploaded_file($temp_file,$img_path)){
$is_upload = true;
} else {
$msg = "上传出错!";
}
}
}

111

Web文件上传靶场 - 通关笔记的更多相关文章

  1. Upload-labs 文件上传靶场通关攻略(上)

    Upload-labs 文件上传靶场通关攻略(上) 文件上传是Web网页中常见的功能之一,通常情况下恶意的文件上传,会形成漏洞. 逻辑是这样的:用户通过上传点上传了恶意文件,通过服务器的校验后保存到指 ...

  2. Upload-labs 文件上传靶场通关攻略(下)

    Upload-Labs靶场攻略(下) Pass-11 GET型传参,上传目录可设置,考虑00截断,在/upload/后添加1.php%00,即可上传 Pass-12 POST型传参,上传目录可设置,P ...

  3. servlet web文件上传

    web文件上传也是一种POST方式,特别之处在于,需设置FORM的enctype属性为multipart/form-data. 并且需要使用文件域. servlet的代码比较关键是这几句: // 使用 ...

  4. Java Web文件上传

    参考资料:http://www.cnblogs.com/xdp-gacl/p/4200090.html 一.问题描述 Java Web文件上传需要借助一些第三方库,常用的是借助Apache的包,有两个 ...

  5. WEB文件上传下载功能

    WEB文件上传下载在日常工作中经常用到的功能 这里用到JS库 http://files.cnblogs.com/meilibao/ajaxupload.3.5.js 上传代码段(HTML) <% ...

  6. Web 文件上传 目录

    0. SpringMVC -- 梗概--源码--贰--上传 1. Web上传文件的原理及实现 2. Web文件上传方法总结大全 3. SpringMVC 文件上传配置,多文件上传,使用的Multipa ...

  7. Java Web文件上传原理分析(不借助开源fileupload上传jar包)

    Java Web文件上传原理分析(不借助开源fileupload上传jar包) 博客分类: Java Web   最近在面试IBM时,面试官突然问到:如果让你自己实现一个文件上传,你的代码要如何写,不 ...

  8. WEB文件上传漏洞介绍解决办法

    引用:http://blog.csdn.net/kobejayandy/article/details/35861499 问题: -1. 上传文件WEB脚本语言,服务器的WEB容器解释并执行了用户上传 ...

  9. java web 文件上传下载

    文件上传下载案例: 首先是此案例工程的目录结构:

随机推荐

  1. 从TCP到Socket,彻底理解网络编程是怎么回事

    进行程序开发的同学,无论Web前端开发.Web后端开发,还是搜索引擎和大数据,几乎所有的开发领域都会涉及到网络编程.比如我们进行Web服务端开发,除了Web协议本身依赖网络外,通常还需要连接数据库,而 ...

  2. New in Python 3.8.0

    Python 3.8.0 发布时间: Oct. 14, 2019 这是一个Python3.8.0的稳定发行版. Python3.8.0是最新的Python编程语言发行版,ta包含了许多新的特征和优化. ...

  3. suduku

    github地址 PSP: PSP2.1 Personal Software Process Stages 预估耗时(分钟) 实际耗时(分钟) Planning 计划 30 30 Estimate 估 ...

  4. Restorator软件使exe文件都不能打开,exe不支持此接口

    遇到的问题: 下载了一个软件Restorator(资源修改器),填写完注册码之后,所有的exe文件都不能打开了,任务管理器不支持此接口打不开. 问题原因: 软件Restorator关联exe文件,运行 ...

  5. sqlplus 导出一张表数据

    内网只让用sql developer 这软件搓的不行,数据加载到51行就黑了,没法法用sqlplus. 打开cmd, sqlplus user/passwd@ip:port/库名set colsep ...

  6. 多进程之间的互斥信号量的实现(Linux和windows跨平台)

    最近工作中遇到了一些关于文件读取权限的问题.当一个程序中对一个固定名称的文件做了读写的操作的时候,外界通过并发式的调用这个应用的时候,可能存在多个进程同时去操作这个文件,这个时候可能会造成调用失败的问 ...

  7. CImage中m_hBitmap!=0弹框报错

    见图.查资料说是图片打印出现问题. 我的代码流程主要是:读图到CImage中,然后转移到数组中,将原对象销毁,对图像内容处理后,保存. 原来没问题,在加了参数循环后报错. 考虑到是循环中一些因素初始化 ...

  8. oracle相关知识点

    oracle数据库,实例名和数据库是一一对应的,oracle服务端可以启动多个实例,对应于多个数据库. 数据库可以通过sqlplus / as sysdba 进入默认SID的实例, 查看当前的实例名: ...

  9. JAVA 基础编程练习题34 【程序 34 三个数排序】

    34 [程序 34 三个数排序] 题目:输入 3 个数 a,b,c,按大小顺序输出. 程序分析:利用指针方法. package cskaoyan; public class cskaoyan34 { ...

  10. 比特币区块的hash算法

    Block hashing algorithm Bitcoin mining uses the hashcash proof of work function; the hashcash algori ...