日期:2024-12-14
把seclist字典更新一下
日期:2024-11-07
-
看地图大师的src课程并认真做笔记
-
出一期arch linux视频
-
总结若依的利用姿势并上传博客
日期:2024-03-25
ranger无法删除graveyards的重名文件
解决办法:
-
rclone文档
-
ranger文档的keybind部分,使用:shell mv %s
日期:2024-03-25
找一个java版本管理器
日期:2024-03-29
试一下bp的intruder模块的fuzz字典,检查过滤字符
日期:2024-04-25
理解fastcgi与php-fpm的关系:
fastcgi是一个类似于http的通信协议,通过将用户请求的数据以key-value键值对的方式存储起来,并发送给php-fpm进行解析, php-fpm这个解析器会将fastcgi传过来的键值对解析成真正的数据。 ngnix和iis7的解析漏洞,php-fpm解析键值对的时候,发现文件不存在,则会去除最后面的一个后缀然后继续寻找文件是否存在, 如果存在则会按照去除的后缀进行解析,如:shell.txt/.php,会把shell.txt当作shell.php进行解析。
理解Apache Shiro 权限绕过漏洞:
Shiro是配合一些中间件如apache、ngnix、tomcat等完成身份认证及授权登陆的,由于对/admin/文件夹下文件做了通配符匹配,如 /admin/*,会跳转到认证页面,通过访问/admin/后面添加%20、;、..等绕后通配符的匹配认证。 Shiro 5系列和Shiro 7系列的区别在与前者可以直接爆破key,后者因为ase加密无法爆破。
理解fastjson rce漏洞:
Fastjson可以将java bean序列化为json对象,或者把json反序列化成java bean。通过抓包post请求,请求体中让花括号不闭合 来使页面报错,若不回显报错信息则可以通过dnslog构造一个json格式的数据包。攻击者可以通过构造恶意的@type值进行cre等。 Description: How to install Network Card Driver on MECHREVO-15X.
Description
I started installing Arch linux as soon as I got my new computer, and during the installation I could only connect to WIFI but not to a wired network.
$ ip addr # The results are as follows
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: wlp2s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether ae:20:f8:a3:0b:61 brd ff:ff:ff:ff:ff:ff permaddr a8:e2:91:0a:79:9e
Solution
Check if the corresponding module is loaded.
$ lspci -v | grep -A 15 -E "(net)" # The results are as follows
pcilib: Error reading /sys/bus/pci/devices/0000:00:08.3/label: Operation not permitted
01:00.0 Ethernet controller: Motorcomm Microelectronics. YT6801 Gigabit Ethernet Controller (rev 01)
Subsystem: AIstone Global Limited Device 137d
Flags: bus master, fast devsel, latency 0, IRQ 73, IOMMU group 13
Memory at dcc00000 (64-bit, non-prefetchable) [size=16K]
I/O ports at f000 [size=256]
Capabilities: <access denied>
02:00.0 Network controller: MEDIATEK Corp. MT7922 802.11ax PCI Express Wireless Network Adapter
Subsystem: AzureWave Device 5911
Flags: bus master, fast devsel, latency 0, IRQ 102, IOMMU group 14
Memory at 7c10a00000 (64-bit, prefetchable) [size=1M]
Memory at dcb00000 (64-bit, non-prefetchable) [size=32K]
Capabilities: <access denied>
Kernel driver in use: mt7921e
Kernel modules: mt7921e
Kernel driver and kernel modules do not appear on Ethernet controller, as there is no module installed.
$ paru -S yt6801-dkms # dispatch
$ paru -S tuxedo-yt6801-dkms-git
$ sudo pacman -S linux-headers
$ rebote
