阅读量:0
因为使用仿真软件会破坏 esxi 镜像引导,因此学会手动挂载是必要的
关掉杀软等会占用磁盘的软件
FTK(一定要是图标是放大镜的版本)挂载镜像,有几块挂几块,一次性挂挂好,务必 可读可写(不一定 FTK,看自己习惯什么挂载软件就用什么挂载)
管理员模式打开 vmware,cpu 和内存给大点,先挂系统盘,再挂数据盘
成功启动
手动绕密(exsi7 及以下)
手动加一块 iso 镜像
打开电源时进入固件,选第二个
进入试用模式
cp state.tgz /tmp cd /tmp tar xzf state.tgz tar xzf local.tgz cd etc cp shadow shadow.bak nano shadow #shadow咋改你懂得 cd .. tar czf local.tgz etc tar czf state.tgz local.tgz cp /tmp/state.tgz /media/ubuntu/586C-10CC2空密码登录
esxi 服务器的 esxi 版本为?
挂起来就好
请分析 ESXi 服务器,该系统的安装日期为:
请分析 ESXi 服务器数据存储“datastore”的 UUID 是?
ESXI 服务器的原 IP 地址?
仿起来就好
EXSI 服务器中共创建了几个虚拟机?
网站服务器绑定的 IP 地址为?
fscan 开扫就完事了
rocketchat 手动绕个密
开机启动,选择(core),按++e++键
如果是 CentOS,则修改
ro为rw init=/sysroot/bin/sh;如果是 Ubuntu,则修改ro为rw single init=/bin/bash按++ctrl+x++,进入 shell 界面,再输入
chroot /sysroot输入下面的命令修改密码,需要输入两次来确认密码
passwd关闭 SELinux(可选)
编辑 SELinux 的
config文件sudo vi /etc/selinux/config找到
SELINUX=enforcing或SELINUX=permissive字段,按++i++进入编辑模式,将参数SELINUX=enforcing或SELINUX=permissive修改为SELINUX=disabled,并保存++colon+w+q++
重启
reboot
网站服务器的登录密码为?
fscan 扫出来了
网站服务器所使用的管理面板登陆入口地址对应的端口号为:
www 执行 bt 14
[root@localhost ~]# bt 14 =============================================== 正在执行(14)... =============================================== curl: (28) Resolving timed out after 4519 milliseconds curl: (28) Resolving timed out after 4519 milliseconds curl: (28) Resolving timed out after 4517 milliseconds ================================================================== BT-Panel default info! ================================================================== 获取外网IP失败,请使用服务器公网IP+端口访问面板 外网面板地址: https://服务器公网IP:14131/adec8c75 内网面板地址: https://192.168.8.89:14131/adec8c75 username: j9oehwoa password: ******** Warning: If you cannot access the panel, release the following port (8888|888|80|443|20|21) in the security group 注意:初始密码仅在首次登录面板前能正确获取,其它时间请通过 bt 5 命令修改密码 ================================================================== 网站服务器的 web 目录是?
www 执行
[root@localhost ~]# ls / bin boot dev etc home lib lib64 media mnt opt patch proc root run sbin srv sys tmp usr var webapp webapp.zip www [root@localhost ~]# ls /webapp dist group luck-prize qz 7.11 ruoyi-admin.jar0826 ruoyi-admin.jar0904 ruoyi-admin.jar 7.26 ruoyi-admin.jar8.16 test dist0826 index.html nohup.out restart.sh ruoyi-admin.jar0827 ruoyi-admin.jar0907 ruoyi-admin.jar8.14 ruoyi-admin.jarbak dist0906 kill.sh profile ruoyi-admin.jar ruoyi-admin.jar0828 ruoyi-admin.jar0915 ruoyi-admin.jar8.15 ruoyi-admin.pid down logs qz ruoyi-admin.jar0818 ruoyi-admin.jar08281 ruoyi-admin.jar 7.19 ruoyi-admin.jar8.151 start.sh /www/server/nginx/conf/nginx.conf 查看 nginx 反证
user www www; worker_processes auto; error_log /www/wwwlogs/nginx_error.log crit; pid /www/server/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; stream { log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time'; access_log /www/wwwlogs/tcp-access.log tcp_format; error_log /www/wwwlogs/tcp-error.log; include /www/server/panel/vhost/nginx/tcp/*.conf; } events { use epoll; worker_connections 51200; multi_accept on; } http { include mime.types; #include luawaf.conf; include proxy.conf; lua_package_path "/www/server/nginx/lib/lua/?.lua;;"; default_type application/octet-stream; server_names_hash_bucket_size 512; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 50m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; gzip_vary on; gzip_proxied expired no-cache no-store private auth; gzip_disable "MSIE [1-6]\."; limit_conn_zone $binary_remote_addr zone=perip:10m; limit_conn_zone $server_name zone=perserver:10m; server_tokens off; access_log off; server { listen 80; server_name adminjmhw.sdxfwl.top; index index.html; root /webapp/dist; #解决页面刷新404问题 try_files $uri $uri/ /index.html; location /prod-api/ { proxy_pass http://127.0.0.1:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name groupadmin.sdxfwl.top; index index.html; root /webapp/group; #解决页面刷新404问题 try_files $uri $uri/ /index.html; location /prod-api/ { proxy_pass http://127.0.0.1:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name zihoutaijmhw.sdxfwl.top; index index.html; root /webapp/qz; #解决页面刷新404问题 try_files $uri $uri/ /index.html; location /prod-api/ { proxy_pass http://127.0.0.1:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name apijmhw.sdxfwl.top; location / { proxy_pass http://127.0.0.1:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #抽奖页面 location /luck-prize{ #解决页面刷新404问题 try_files $uri $uri/ /luck-prize/index.html; index index.html; alias /webapp/luck-prize; } location /download{ try_files $uri $uri/ /down/index.html; index index.html; alias /webapp/down; } location /app{ try_files $uri $uri/ /app/app.apk; alias /webapp/app; } } server { listen 80; server_name xiazai.sdxfwl.top; location / { root /webapp/down; try_files $uri $uri/ /down/index.html; index index.html; } #抽奖页面 location /index{ #解决页面刷新404问题 try_files $uri $uri/ /www/server/nginx/guanwang/index.html; index index.html; } location /app{ alias /webapp/app; try_files $uri $uri/ /app/app.apk; } } server { listen 8888; #抽奖页面 location /{ root /www/server/nginx/guanwang; index index.html; } } server { listen 888; server_name phpmyadmin; index index.html index.htm index.php; root /www/server/phpmyadmin; location ~ /tmp/ { return 403; } #error_page 404 /404.html; include enable-php.conf; location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } location ~ /\. { deny all; } access_log /www/wwwlogs/access.log; } include /www/server/panel/vhost/nginx/*.conf; } 网站配置中 Redis 的连接超时时间为多少秒
[root@localhost tmp]# cat BOOT-INF/classes/application.yml # 项目相关配置 ruoyi: # 名称 name: 集美好物 # 版本 version: 3.8.2 # 版权年份 copyrightYear: 2022 # 实例演示开关 demoEnabled: true # 文件路径 示例( Windows配置D:/ruoyi/uploadPath,Linux配置 /home/ruoyi/uploadPath) profile: /webapp/profile # 域名链接 domainUrl: http://apijmhw.sdxfwl.top # domainUrl: https://287h06775m.picp.vip # 获取ip地址开关 addressEnabled: false # 验证码类型 math 数组计算 char 字符验证 captchaType: math # 开发环境配置 server: # 服务器的HTTP端口,默认为8080 port: 8080 servlet: # 应用的访问路径 context-path: / tomcat: # tomcat的URI编码 uri-encoding: UTF-8 # 连接数满后的排队数,默认为100 accept-count: 1000 threads: # tomcat最大线程数,默认为200 max: 800 # Tomcat启动初始化的线程数,默认值10 min-spare: 100 # 日志配置 logging: level: com.ruoyi: debug org.springframework: warn # 腾讯云 tencent: cloud: im: sdkAppId: 1400814018 key: 388ab0a1f2ab6413e97932fe0afef716ba4b1f989fa5470925891853ea0dfc98 #阿里云人脸识别 aliyun-face: regionId: cn-hangzhou accessKey: LTAI5tM8RJiEEuJnHfT8uVaa secret: 19THhUjxRFhaeWlUJhIG5uV16hyFID # Spring配置 spring: # 资源信息 messages: # 国际化资源文件路径 basename: i18n/messages profiles: active: druid # 文件上传 servlet: multipart: # 单个文件大小 max-file-size: 10MB # 设置总上传的文件大小 max-request-size: 20MB # 服务模块 devtools: restart: # 热部署开关 enabled: true # redis 配置 redis: # 地址 host: localhost # 端口,默认为6379 port: 6379 # 数据库索引 database: 3 # 密码 password: # 连接超时时间 timeout: 10s lettuce: pool: # 连接池中的最小空闲连接 min-idle: 0 # 连接池中的最大空闲连接 max-idle: 8 # 连接池的最大数据库连接数 max-active: 8 # #连接池最大阻塞等待时间(使用负值表示没有限制) max-wait: -1ms # token配置 token: # 令牌自定义标识 header: Authorization # 令牌密钥 secret: abcdefghijklmnopqrstuvwxyz # 令牌有效期(默认30分钟) expireTime: 1440 # MyBatis配置 mybatis: # 搜索指定包别名 typeAliasesPackage: com.ruoyi.**.domain # 配置mapper的扫描,找到所有的mapper.xml映射文件 mapperLocations: classpath*:mapper/**/*Mapper.xml # 加载全局的配置文件 configLocation: classpath:mybatis/mybatis-config.xml # PageHelper分页插件 pagehelper: helperDialect: mysql # 超出页数返回最后一页 reasonable: false supportMethodsArguments: true params: count=countSql # Swagger配置 swagger: # 是否开启swagger enabled: true # 请求前缀 pathMapping: / # 防止XSS攻击 xss: # 过滤开关 enabled: true # 排除链接(多个用逗号分隔) excludes: /system/notice # 匹配链接 urlPatterns: /system/*,/monitor/*,/tool/* # 加密 security: publicKey: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrhYO3r2h87IITw/H3ZMYJbBOip0WWjkez2dGcqkXWmBLcovAkZ5bqY0WMWmODlTuW2fFk7nZRTytbOgmfd9rCx5Ehx4du2VhTXnhI4VtpNC6q+NRt075MnBiIFqBW7UEMRpc1rDcSVWRZVhL8VY47B35gRiAzslxMrtZuIm75M1P4DWt57QCy6D1Kvsbvk5IvevMDZflTV6DwjABqrKXV5OmGetbehb5D7Ap5jWcQVE845lrKf4dCCi+hX9ebYCsxQOg6/jLH2Qo2FKZ3BECh1SfjUfuhjleP0obi/egvPYHubxR4u2RJ/hdUX68umXh7/AbT7mjD+GqLunf1xD8wIDAQAB privateKey: MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCyuFg7evaHzsghPD8fdkxglsE6KnRZaOR7PZ0ZyqRdaYEtyi8CRnlupjRYxaY4OVO5bZ8WTudlFPK1s6CZ932sLHkSHHh27ZWFNeeEjhW2k0Lqr41G3TvkycGIgWoFbtQQxGlzWsNxJVZFlWEvxVjjsHfmBGIDOyXEyu1m4ibvkzU/gNa3ntALLoPUq+xu+Tki968wNl+VNXoPCMAGqspdXk6YZ61t6FvkPsCnmNZxBUTzjmWsp/h0IKL6Ff15tgKzFA6Dr+MsfZCjYUpncEQKHVJ+NR+6GOV4/ShuL96C89ge5vFHi7ZEn+F1Rfry6ZeHv8BtPuaMP4aou6d/XEPzAgMBAAECggEBAKvXswbmMbvdqPLEAhHXZpMNAZhTD/KUd/TEBpWxEh+7fXkwyciPSN2KtBSTX0L6ZDWMYQZLMhUwcjsiD49buBvf2z394BrCUR13+jergtc9e38680WrHZbcI9mEThQRP5krshU3tWrKssxPWNZdFB5CJNcnabKfoa46TNC7LSL3NNkofKrH9kdi1J5GnDR3c3+nuflPy4aM9iqMtPlp+J+kBcRq/9DXoZrBZouu/4QJ7241iGofKVu8HjhfBNUyXWDI9JKu5t291unXYJ13vgGmNkzced+6TK1quPA9pQIOktw0a2daVepnLeoJ0jJBQcdEHf8d8ounb/Z9LdXnl/kCgYEA6JB8lp16fnjMTeQpgLw9R2Eq9jfTZx1jZqIOQJ6dLuX0YOW+l64eZwhd8dEfPkK+2AptWqX87OnRs/5iR607oWuWnyvmlziN2emx+Y9BAKbGhP7E2F/pZ0kLQQ11FxkNwwndJjwnBH/9O4n9CAFJimDZ8lwhxYZDIVhs89v91v0CgYEAxLrTMz9IcT7zfI/egxohgOluylRLRke+IlQ66TPF0oPnRqthouoYHh3HySAjdsyBKd/Vi/CCQFZWrUg15quHuRoxBHOD4t+AybX3aFKK18ILNBJ7ioZ6gHFxgqXPewb4SGWWv4MNT/4IzIx6mJ4Lh4Z3BdxRQ8adWsN80Gmlka8CgYBtb2ghG7ODheZllMLu4CVZzGCCAh0JfavDpOheAgVnBzBq1FFOYNHPnAFRBB3Wl2Pkl2uD523QMerK7x5iKiNQPydeeTMF38foTe7Ax2dIHjJ2bMhGJUPYpWeVUfbSSqjOKXsWPeICXRPVi4Y02R447oBAapg9sYMvUsPaMKAPJQKBgQCXGWdd1R0u3crlwRqGV2ukN6aAgH3QXQoME+Wrd7hZGDZqcPdsyZ/8gaMRNz4F4MzT/Ldn5DImeCnarbu4j8aOxS8g3BhQCJpCUyDTX5KEZOV1+TwqCV/Nh1RHpFLXi2LnOB+wuFdhORxI/xyqW7k/PmfseGtyQvpY3AzhhkNEwQKBgQCmXBf7PrI7gi+PCrtSgQEbm84bda6Y9b24095KLDA22VtabYmF7VwvzJxoHUKtpd2nrcQT/1eZkbLaEsoVP0wFKtvIiTzQZ3VPOHuJiLctAcrQ4hKVI/6nu2r+yRCCar9gcrqB3TLZb+oyR+nPmcBSok78zdeUpFseYaGgbGouwg== #支付宝 alipay: pid: 2088441384291084 appId: 2021003181631188 privateKey: MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDUB6gxWCkmKJkYulS2hnKMN0FG8OWFwpYie6ytLVnbZZdejY95sg42wFIhTdu6ItQDm417BogazyKfMneSfUGuzpuhwByJr7dBcmuoD3YIEYsGJehLsIqRaLYIeqd42s71sdtTHfviml38tk174SsIEwK21XlM2uBC8YRrQqOYj7nFVcKlEAF0kDISuyBtyQY7Kp5CXM6yW8HJACO1RXocbb6o5IgaXoBn3osr3JScjrbL53jr6Ha7TvQIz7slCiatkxNiFQZy13sMRcZrbUzifg0uZJnTFIA/zFSmD9bifVHAhZ5qBln6Q7Ts0ADpoj14acz18IT+epfLHE0QjFZrAgMBAAECggEBAI0+1JKakj7zSJmqdwhopCI4JOonTB9BM1ahYLS0w2leUeoRD4UYUlOy5oN9JGTpEqecljFgdoa1efDnY7RYcMsMo6yrF9e5ELEukf0Q36YcWaqs0gSqBIU9ZhZb7viZesk9xEeob8XS482XfCKMK2hjkalOqFHEdSTjUz1I1UapMNdNgQyKy5LhhTfOFu2Gozl0UuiH7pmzSQpTTPSDmXJbsvrW5H/KM7UZU0vxdB+7Osib0c9CvaMNqIri/uNBkCIATUEQQgunCqAQDhj5CN2VWw058/TZh1qPG8rrxutrP9hg4m9KUXBE3mfzKXADmef/x/jEhGsxo1UCI3mov2ECgYEA+7x7wGn8JEnTrgt61WCB2I2jTrXl+MGpq2DK3+3HynjB8aRP7kjToNUB4rqy4mAZ2z+GWIFtD8oml5Qf470Sx/4chB6QjR23g3RYSrG0hfFtWjdZYIQrL9PX0jwJ8I04sNTcYosfwGsZiTxxHl9G44lbA6ngTBqGwIVx5oHeRoMCgYEA158CO2bzfswoxZnQYohZYwmanLLy8P9tFBZZFbbzsEjbsy3Tr+K+HSKxo51WBp7UqBzG3ELQ+/n+G/mG9ett20f3GPvUe/vEO55KrlLdZDE8pmzFQCQD4DNX+u0Ln6ryxltihh3ZhPZXdVg9qhnKP0eOMbo6kzesx+HAEfrLa/kCgYAQK9F/UM+jvSJeAdrILkTpFmAxRDobusUdf0BJFktJVGyRC08fLYp6wHQ4jmnDZQ0EKpaExPuukfvcrOVHifPU6RwH2LbMeeY6CZVKZxQDrripnPie3J6xmdg5ZyX0T/4eTe5CXlGR2M9xI3LY0qIJJ9+y4ozIFsQlRe1FM36F5QKBgQCyZ2VAYxlbM28UuAScUjarZBniR4oNbzoAYdFJzztoA5CMe4FoSRKGJtuWBatVBPvtMQo02q/xnNHssZRCS4503eGMcWlJQHIH5hviiruVl8uX4+18+Y+fZLwJ6TIx5Q7Eon4te+srQWvxspYq9PXLT9hOOskWX/180MPL3JeNeQKBgGlIaT9Mru3EJ1q0537JIuq/58LN2RL//QIwjp/m7nXrLz0r7XLMzyKCcw2QNCLnl+Su83YLllEdaLXo/CkKYY5x7RbMPHLzI9+v844H2uhON6Up1VHcc94BM3UghNpmoUbqRdv9rsIckTwRNwtgGkVGvFziPVrPARVkb3v1eMk9 #alipay: # pid: 2088541582026142 # appId: 2021003174680109 # privateKey: MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDNNk8fLV5gnxsWN3G8bwzW3H+BnuXgXckMEO/Qr3vJ2LrgRRxvO8bPrJmr57tPgoQwpbTn3wJv/af/9QSuqaboje5lFSX0NkBBppf+hjfn1vmlSO9kIHgyAkfstRmPkM8SJIoCT9gM0nYwge9FVUAJgegMxETLLLkg4F3RSIE3X6QmI7Fl+k/ww3Q8Qw+3mKRvGIf+FTacBLs/xKMsP8QV9M9PV10Jt8lh0nvW6QDY2FHt6Yzyy1atbHfopyrfU77CptJsGyOlxMD+5O2rK+K47fEWm2+wWwN89lh2qxZ7cl7vcTMoensDrjZpETPu9iVSP0e0Xl3wi7eR2hY5U903AgMBAAECggEAL1QmPW+OQ8SOT7pr3eTS1j82nSOTqwKWWtURKlU+vJfiydTGsRTdToplStOATN8yM7IUHiI+AqxC8fKFqO7x0tLhN6j//uoAOeP9TDOSc0MOgsNmivY+InKKOhqukYD5cRrCRbQ6hQKJRbjCAYCe61JtvXwKzb072UxF9v2855MaAASzxsO0RBhYwPsaaXG1Kq+2hBvQ0RlRuur3rJXQ3eWlfk9XpL5pLrWCNvEWQ40TB436R60DFBkEG95M6tXmnNLiYFGV37UsztH0qUw+PFCoBMt+T72+kg+l1DM1dVgyNYPWolFjZJxPyzi+SzdsxVSaBA1FDa9V1OTjZV/vWQKBgQD/3LcuiAYB/I/5g6azrhDzKjBusoFNPU+xpfIz5ub+xyTGZ54ZhFhNSeSgXlNoIVcfa+1bCvMSLvkIie1uaB3E8QivioU1uNEyu7jCapr+P1xIkw6Um1ZLx5lNfyigYqn6KaYWiIpMkAUje7ulNGr9YN4l3XAIO2kdW5rHCA9AlQKBgQDNUpvRt4iRoweMPsUNUpOWtJ+5b5RwGpFsGfRDrt8sdTvMEaDOyn3AiHrBiHuhAUrsAY2ZrvL20eFM+SpaTC1unqnRu8QykMfIQQ83PTsmNtKjoOBI5X4mOXeIrKpJGm53ecwOyOQcQv0xN9AwNHn7eJATPvO8YRrjK/0Dg6j3mwKBgAkvsoAAMD8IA19RA741xLQGUsDWtd/BEMhvDdghNS/2lHJvK/T8lHMJ8SR03ofBkrA1HsuDBCEmAJj24shxAoicotQyo/++x/wLU2Hfk/sG6VhNt1tMjHeiDfYDV8ESacnqjuUGN/jxvs18Vstiq2i3fqJbZfdVsrt0G4WD25BVAoGBAIyOQJ0QRy1rrX8UeVDldqN0guMuvy7/AQ4/tjefPqfwmT7Z0nu9othqlZ5nEDrn56IobgcG/Mx6YQGQkK2/+FoBw78QCv+SnTE5WHE4OYWvggMB3ogIkpMYQ/wMN4ZT0ct4VXjJjV7LfQh0bNCTG+5KWlbSgYgz8XQSaOI+/yyBAoGBAJ+ahhO8U54bM0m8vci2UTAHV7kliLlkK7RU9piRZzh1muOSZkef+XL6WICefJ91gtnv0UmEElbMYwgyxdsJK5VnVUgZVY8V4QBC4NpF0M5e1rt95LUAjQYqnHvqGboRhuUh7OxLzSyFZIBA1qZeXuyX3Mij8Rzc2593ONbaLCNt 网站普通用户密码中使用的盐值为
这里手撕或者重构网站都可以,我一开始选择手撕,感觉 ruoyi 框架开源的好手撕一点,重构写在文末
网站管理员用户密码的加密算法名称是什么
data 执行
[root@localhost ~]# docker inspect 9b | grep -i pass "MYSQL_ROOT_PASSWORD=my-secret-pw", 
bcrypt,一眼顶针
网站超级管理员用户账号创建的时间是?
重构进入网站之后,用户管理下的用户列表页面默认有多少页数据
这个只能重构
该网站的系统接口文档版本号为
搜 SwaggerConfig
该网站获取订单列表的接口
还是搜索关键字
受害人卢某的用户 ID
受害人卢某一共充值了多少钱
网站设置的单次抽奖价格为多少元
网站显示的总余额数是
只能重构
网站数据库的 root 密码
docker inspect 能看,cmd5 也可以跑,不过付费
数据库服务器的操作系统版本是
[root@localhost ~]# cat /etc/*release CentOS Linux release 7.9.2009 (Core) NAME="CentOS Linux" VERSION="7 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="7" PRETTY_NAME="CentOS Linux 7 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:7" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-7" CENTOS_MANTISBT_PROJECT_VERSION="7" REDHAT_SUPPORT_PRODUCT="centos" REDHAT_SUPPORT_PRODUCT_VERSION="7" CentOS Linux release 7.9.2009 (Core) CentOS Linux release 7.9.2009 (Core) 数据库服务器的 Docker Server 版本是
[root@localhost ~]# docker version Client: Version: 1.13.1 API version: 1.26 Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64 Go version: go1.10.3 Git commit: 7d71120/1.13.1 Built: Wed Mar 2 15:25:43 2022 OS/Arch: linux/amd64 Server: Version: 1.13.1 API version: 1.26 (minimum version 1.12) Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64 Go version: go1.10.3 Git commit: 7d71120/1.13.1 Built: Wed Mar 2 15:25:43 2022 OS/Arch: linux/amd64 Experimental: false 数据库服务器中数据库容器的完整 ID 是
[root@localhost ~]# docker ps -a --no-trunc CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9bf1cecec3957a5cd23c24c0915b7d3dd9be5238322ca5646e3d9e708371b765 eclipse/mysql "docker-entrypoint.sh mysqld" 7 weeks ago Up 14 minutes 0.0.0.0:3306->3306/tcp mysql 数据库服务器中数据库容器使用的镜像 ID
[root@localhost ~]# docker images --no-trunc REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/eclipse/mysql latest sha256:66c0e7ca4921e941cbdbda9e92242f07fe37c2bcbbaac4af701b4934dfc41d8a 6 years ago 436 MB 数据库服务器中数据库容器创建的北京时间
[root@localhost ~]# docker inspect 9b | grep -i create "Created": "2024-03-13T12:15:23.02589108Z", 数据库服务器中数据库容器的 ip 是
[root@localhost ~]# docker inspect 9b | grep -i ip "HostIp": "", "IpcMode": "", "Image": "eclipse/mysql", "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "HostIp": "0.0.0.0", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "IPAMConfig": null, "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, 分析数据库数据,在该平台邀请用户进群最多的用户的登录 IP 是
SELECT inviter_id, COUNT(*) AS invite_count FROM app_group_apply GROUP BY inviter_id ORDER BY invite_count DESC LIMIT 1; 
分析数据库数据,在该平台抢得最多红包金额的用户的登录 IP 是
SELECT user_id, SUM(money) AS total_amount FROM app_group_redpacket_member GROUP BY user_id ORDER BY total_amount DESC LIMIT 1; 
数据库中记录的提现成功的金额总记是多少(不考虑手续费)
SELECT SUM(amount) AS total_withdrawn_amount FROM app_user_withdraw WHERE status = 3; rocketchat 服务器中,有几个真实用户?
root@debian:~# netstat -nlpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 2448/sendmail: MTA: tcp 0 0 0.0.0.0:888 0.0.0.0:* LISTEN 1628/nginx: master tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 1975/docker-proxy tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1628/nginx: master tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2448/sendmail: MTA: tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1011/pure-ftpd (SER tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3335/sshd: /usr/sbi tcp 0 0 127.0.0.1:8461 0.0.0.0:* LISTEN 866/python3 tcp 0 0 0.0.0.0:14811 0.0.0.0:* LISTEN 1824/python3 tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1628/nginx: master tcp6 0 0 :::21 :::* LISTEN 1011/pure-ftpd (SER tcp6 0 0 :::22 :::* LISTEN 3335/sshd: /usr/sbi tcp6 0 0 :::3306 :::* LISTEN 1621/mysqld root@debian:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 160c806d13ea registry.rocket.chat/rocketchat/rocket.chat:latest "docker-entrypoint.s…" 7 weeks ago Up 3 hours 0.0.0.0:3000->3000/tcp rocketchat-rocketchat-1 929dad307aa4 bitnami/mongodb:5.0 "/opt/bitnami/script…" 7 weeks ago Up 3 hours 27017/tcp rocketchat-mongodb-1 
rocketchat 服务器中,聊天服务的端口号是?
见上
rocketchat 服务器中,聊天服务的管理员的邮箱是?
见上
rocketchat 服务器中,聊天服务使用的数据库的版本号是?
rocketchat 服务器中,最大的文件上传大小是?(以字节为单位)
rocketchat 服务器中,管理员账号的创建时间为?
rocketchat 服务器中,技术员提供的涉诈网站地址是?
综合分析服务器,该团伙的利润分配方案中,老李的利润占比是多少
综合分析服务器,该团队“杀猪盘”收网的可能时间段为
请综合分析,警方未抓获的重要嫌疑人,其使用聊天平台时注册邮箱号为?
分析 openwrt 镜像,该系统的主机名为
分析 openwrt 镜像,该系统的内核版本为
分析 openwrt 镜像,该静态 ip 地址为
见 PC 浏览器
分析 openwrt 镜像,所用网卡的名称为
分析 openwrt 镜像,该系统中装的 docker 的版本号为
分析 openwrt 镜像,nastools 的配置文件路径为
分析 openwrt 镜像,使用的 vpn 代理软件为
分析 openwrt 镜像,vpn 实际有多少个可用节点
分析 openwrt 镜像,节点 socks 的监听端口是多少
分析 openwrt 镜像,vpn 的订阅链接是
- 网站重构方法
之前队友传过一份运维手册,一条一条改,傻瓜式
修改两个yaml文件
修改数据库
绕密
总结
这次打了第四,还差一捏捏有点可惜了,思路没啥大问题,手贱交错几条flag
欢迎加微信交流:WQZ1127786222
b3nguang
2024.5.5
