- docker & k8s 入门玩家
- 偏向网络方向的还要偶尔改改五花八门的代码的伪运维🐶
san3xian / randommark Goto Github PK
View Code? Open in Web Editor NEW用github repo做一些随记好了,内容在issues里。github page中仅为试验田🧪
Home Page: https://qc47.net
randommark's Introduction
randommark's People
Contributors
Stargazers
randommark's Issues
在windows事件查看器中对远程控制事件筛选输出[安防]
在windows事件查看器中,设置自定义筛选器,选择手动编写筛选条件
XML过滤器
针对mstsc登录事件部分例子,照葫芦画葫芦时间
有IPaddress的事件
<QueryList>
<Query Id="0" Path="Security">
<Select Path="Security">* [EventData[Data[@Name='IpAddress']!='-' ]]</Select>
</Query>
</QueryList>
普通网络登录事件
<QueryList>
<Query Id="0" Path="Security">
<Select Path="Security">* [EventData[Data[@Name='LogonType'] = 3]]</Select>
</Query>
</QueryList>
普通交互式登录事件
<QueryList>
<Query Id="0" Path="Security">
<Select Path="Security">* [EventData[Data[@Name='LogonType'] = 2]]</Select>
</Query>
</QueryList>
PS:win10系统1903版本由于bug原因无法使用UI版本自定义筛选器,只能从命令提示符里面打命令输出日志结果,坑,没事别手残主动升级
未完待补充
190709 ws+tls+apache+frp随记
由于(没钱)懒惰,想用Apache来同时反向代理一个工具的websock流量和frp的https的流量(都在443端口)
弄了$%^#$%^ hour,弄好了
测试
websock通讯比原本慢的一批
套上cloudflare更加更加更加慢
okay,我投降,买新的服务器把流量分开
随记1
随记2
这次配置Apache的时候又遇到了以前的一个问题,重新记录一下
当Apache中的site configure文件,若每个文件都设置了server name,
那对于非法域名(未被设置成server name的域名),他到底会被应用到哪个配置文件?
个人认为是在apache加载配置文件的时候最先被包含的conf文件,如a___proxy.conf,实际上看log信息也是应用到了a___proxy.conf,具体术语解释待查
多行文字从css上实现ellipsis
overflow:hidden;
单行文字可以通过text-overflow:ellipsis; 实现
多行文字的话需要
display:-webkit-box;
-webkit-line-clamp:3;
-webkit-box-orient:vertical;
Nginx 反向代理请求处理耗时很久的后端
如果nginx proxy_pass指向的后端在处理某些请求耗时非常久(>3分钟 >5分钟 等),需要注意开启TCP keepalive
- 一般来说个人建议如果后端处理某个请求需要很久才返回response,应该将请求设计为异步请求,即通过不断得请求某个state接口获取处理状态,而不是一直holding等待返回
首先这种情况下,proxy_connect_timeout, proxy_read_timeout 和 proxy_send_timeout 参数值都要根据实际情况调大
然后需要注意nginx -> upstream的链路上是否有防火墙策略配置,特别是有状态型防火墙
nginx默认对client和 upstream都没有开启 TCP keepalive,即TCP会话存活检查 (不是HTTP keepalive,不是TCP会话复用!!!)
这种情况下,如果nginx -> upstream的链路上部署了有状态防火墙策略配置且该防火墙配置了300s timeout
若一个请求后端处理需要530秒,nginx将处理请求转发给upstream,nginx就会一直hold着会话(ESTABLISHED)
在等候后端处理完毕回包期间,该TCP会话上nginx<->upstream之间不会有额外的流量
这样就容易导致链路上的有状态防火墙判定该会话已经失效,然后拦截
当后端处理完毕回包时,报文无法被nginx接收到,然后待nginx 到达 proxy_read_timeout阈值后,nginx向请求方抛出504 timeout错误
且此时在nginx error.log中可见 upstream timed out (110: Connection timed out) while reading response header from upstream 错误字样
这种情况下,需要启用nginx对upstream的tcp keepalive (即socket中的SO_KEEPALIVE option)
proxy_socket_keepalive on;
开启后,nginx就会在会话中根据内核参数中的 net.ipv4.tcp_keepalive_intvl , net.ipv4.tcp_keepalive_probes 以及 net.ipv4.tcp_keepalive_time 配置的规则对 upstream 发送keepalive probe packet 探测会话存活,同时避免链路有状态防火墙拦截请求(建议多数情况下都开启,根据实际情况调整参数值,方便nginx在upstream不健康时主动断开)
ps:
- 如果需要nginx对client发送tcp keepalive probe,需要在listen指令中配置 so_keepalive=on (忽略此参数的话,操作系统的设置将对套接字有效,而linux下TCP KeepAlive并不是默认开启的,在Linux系统上没有一个全局的选项去开启TCP的KeepAlive。需要开启KeepAlive的应用必须在TCP的socket中单独开启)
- nginx upstream block配置中, 带有keepalive的指令基本都是用于配置http keepalive的(会话复用),与上述提及的TCP keepalive无关
简述关于tcp keepalive probe (转):
Linux Kernel有三个选项影响到KeepAlive的行为:
tcp_keepalive_time 7200// 距离上次传送数据多少时间未收到新报文判断为开始检测,单位秒,默认7200s
tcp_keepalive_intvl 75// 检测开始每多少时间发送心跳包,单位秒,默认75s
tcp_keepalive_probes 9// 发送几次心跳包对方未响应则close连接,默认9次
TCP socket也有三个选项和内核对应,通过setsockopt系统调用针对单独的socket进行设置:
TCPKEEPCNT: 覆盖 tcpkeepaliveprobes
TCPKEEPIDLE: 覆盖 tcpkeepalivetime
TCPKEEPINTVL: 覆盖 tcpkeepalive_intvl
参考:
[转]OWASP TOP 10
水平div + inline-block 之间的空白间隔
经常间歇性失忆忘了具体解决方法(还是用得少
还是记录下来好了
图转自网友博客
现象
两个div设置为inline-block以后,中间有空白缝隙(margin:0;)
原因
两个div元素之间有空白代码(如换行/空格等)
解决方法
1
父元素设置font-size:0;
子元素记得改回来
2
元素直接不换行(一坨一坨的代码)
3
position:relative;
相对定位
参考文章
PO和MO翻译文件的那些事
瞎乱来系列:我要怎么[背/理解]这奇怪的[命令/函数]
来来来,搞事情, 从英文全拼上理解作用
回忆启动
PS:不担保准确性, 尽可能保证准确性, 有错纠正
linux
ifconfig [ interface configuration ]
ps [ process status ]
systemctl [system control]
windows
ncpa.cpl [ network connection control panel appplet]
mstsc [ Microsoft terminal services client ]
cmd [ command ]
ipconfig [ internet protocol configuration ]
msconfig [ Microsoft System Configuration ]
msinfo32 [ Microsoft System Information ] (32我也不知道是什么鬼,当做32位吧,常见的系统位数)
chkdsk [ check disk ]
sfc [ System File Checker ]
未完待续
MySQL注入或者一些奇奇怪怪的函数变量1
太久没玩这个,突然失忆
同理,开始随记,开始回忆
百度百度 + 谷歌谷歌 + 博客园 + CSDN + 。。。
函数
user()
database()
updatexml()
extractvalue()
*extract 提取
concat
变量
@@version
语句
exists
union
join
大小写敏感[Linux]
Database and table names are case sensitive
库名和表名大小写敏感
表的别名是严格区分大小写的
列名与列的别名在所有的情况下均是大小写不敏感
字段内容默认情况下是大小写不敏感的[ 具体看排序规则吧 ]
使用mysql 的BINARY 关键字使搜索区分大小写 select * from tb_user where BINARY username ='user';
char set 和 collation
字符集 和 排序规则[ 跟编码 + 数据提取大小写等等有关 ]
客户端乱码排错小思路
show variables like '%char%';
MySQL命令行控制台/shell设置通讯编码[ 官方描述那个工具叫做 Welcome to the MySQL monitor ]
mysql --default-character-set=utf8 -u root -p
查看数据库/表的信息
show table status from information_schema like 'TABLES'; [大小写敏感]
show create database information_schema;
show create table test;
show full columns from table_name;
↑返回结果包括↓
[Field | Type | Collation | Null | Key | Default | Extra | Privileges | Comment]
低端注入流程
-
get库名,用户
select database()
select user() -
get表名
select table_name from information_schema.tables where table_schema='table_name' #
select *** from *** where ****=** and 0 <= (select COUNT(*) from table_name ) #
select *** from *** where ****=** and exists ( select * from table_name ) # -
get字段名
select column_name from information_schema.columns where table_name='table_name'***** union (select table_name, column_name, 1 from information_schema.columns where table_name='secret_table');# -
开搞
遇到纯数字的字段名记得用反单引号围起来[tab键上面]
select `1` from table_name;
安卓 - 微信圈子 - 里面的视频导出
微信圈子相关资源域名
wxa.weixin.qq.com
mmae.qpic.cn
赘述
本来想抓包去下载资源,谁知道微信在安卓9好像不信任系统用户证书的样子,懒得深究,直接看cache
答案
微信圈子视频缓存文件在: /sdcard/Android/data/com.tencent.mm/MicroMsg/videocache/ 目录下
我这次找到具体文件在 /sdcard/Android/data/com.tencent.mm/MicroMsg/videocache/appbrand0/0.0.1593855339250.v3.exo
直接使用播放器播放或者把后缀改成mp4就好
github action + docker image
huawei docker image registry + github repository's docker image + github action's artifact
workflow file (maven file location should be changed, container name and port should be changed)
name: build docker image and deploy
on:
release:
types: [created]
jobs:
build_image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Prepare environment variable information
run: |
echo "::set-env name=HUAWEI_IMAGE_SITE::***.myhuaweicloud.com"
echo "::set-env name=HUAWEI_IMAGE_URL::***.myhuaweicloud.com/{{{organization name}}}"
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
echo "::set-env name=IMAGE_VERSION::$VERSION"
echo "::set-env name=IMAGE_NAME::{{{docker image name,use in docker save file name and github's repository docker image name}}}"
- name: Log into Huawei registry
run: echo -n "${{ secrets.huawei_registry_password }}" | docker login --username=${{ secrets.huawei_registry_username }} ${HUAWEI_IMAGE_SITE} --password-stdin
- name: Log into Github registry
run: echo -n "${{ secrets.githubtoken }}" | docker login --username=${{ github.repository_owner }} docker.pkg.github.com --password-stdin
- name: Build jar file with Maven
run: mvn -B package --file travel/pom.xml
- name: Build docker image
run: docker build ./travel/target --file Dockerfile --tag image
- name: Push docker image to Huawei's docker image registry
run: |
docker tag image ${HUAWEI_IMAGE_URL}/${IMAGE_NAME}:${IMAGE_VERSION}
docker push ${HUAWEI_IMAGE_URL}/${IMAGE_NAME}:${IMAGE_VERSION}
echo ${HUAWEI_IMAGE_URL}/${IMAGE_NAME}:${IMAGE_VERSION} > image_metadata
- name: Push docker image to Github's repository image registry
run: |
docker tag image docker.pkg.github.com/${{ github.repository }}/${IMAGE_NAME}:${IMAGE_VERSION}
docker images
docker push docker.pkg.github.com/${{ github.repository }}/${IMAGE_NAME}:${IMAGE_VERSION}
- name: Save docker image to a archive file
run: |
docker save docker.pkg.github.com/${{ github.repository }}/${IMAGE_NAME}:${IMAGE_VERSION} | gzip > ${IMAGE_NAME}_${IMAGE_VERSION}.tar.gz
- name: Upload image archive file to action artifact
uses: actions/upload-artifact@v1
with:
name: image_save
path: ${{ env.IMAGE_NAME }}_${{ env.IMAGE_VERSION }}.tar.gz
- name: Upload image metadata to artifact for next job
uses: actions/upload-artifact@v1
with:
name: temp
path: image_metadata
run_image:
runs-on: ubuntu-latest
needs: build_image
steps:
- name: Get image metadata from artifact
uses: actions/download-artifact@v1
with:
name: temp
path: temp
- name: Server docker container republish
run: |
cat <<EOF > temp_server_key
${{ secrets.server_key }}
EOF
chmod 0600 temp_server_key
image=`cat temp/image_metadata`
ssh -p22 -o StrictHostKeyChecking=no -i ./temp_server_key root@*** bash /root/sanXian/docker_publish.sh $image {{{container name}}} {{{container port}}}
sleep 60
ssh -p22 -o StrictHostKeyChecking=no -i ./temp_server_key root@*** docker logs {{{container name}}}
server deploy file
root@ubuntu18:~/sanXian# cat docker_publish.sh
#!/bin/bash
########################################
# Author: SanXian
# $1 image repostory and version
# $2 container name
# $3 container port(same with host port)
#
#########################################
set -eu
docker_image=$1
pull_result=`docker pull $docker_image`
if [[ $pull_result =~ "Image is up to date" ]]
then
echo "[Debug] Image is up to date"
else
container_name=$2
container_port=$3
echo "[Debug] Container $2 port $3 going to rebuild or build"
docker stop $2 || true
docker rm $2 || true
docker run -it -d --name $2 -p $3:$3 $1
fi
docker file
FROM openjdk:8u212-jdk-alpine
WORKDIR /app
COPY travel-0.0.1-SNAPSHOT.jar travel-0.0.1-SNAPSHOT.jar
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo "Asia/Shanghai" > /etc/timezone
CMD java $JAVA_OPTS -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap \
-Djava.security.egd=file:/dev/./urandom -jar travel-0.0.1-SNAPSHOT.jar
打发$$伸手党用的脚本
// ==UserScript==
// @name free-ss.site__get_link
// @namespace http://tampermonkey.net/
// @version 0.1
// @description hello world
// @author null
// @match https://free-ss.site/
// @run-at document-end
// ==/UserScript==
function get_ss_link(data){
var str = 'ss://'+ CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(data.method + ':' + data.password + '@' + data.address +':'+ data.port ));
return str;
}
unsafeWindow.get_all_ss_links = function get_all_ss_links(){
var links = "";
jQuery("#tbss_wrapper table tbody tr").each(function (index, item){
item = jQuery(this);
var data = new Object;
data.method = item.find("td").eq(3).html();
data.password = item.find("td").eq(4).html();
data.address = item.find("td").eq(1).html();
data.port = item.find("td").eq(2).html();
links += get_ss_link(data) + "\n";
});
console.log(links);
}
unsafeWindow.test = function(){
alert("123");
}
对全民K歌签到接口报文分析
仿佛找遍了全网都没有全民K歌的签到脚本
只能自己抓包分析看看了
敏感变量
{$variable1}->g_tk_openkey
{$variable2}->openkey
{$variable3}->uid
{$variable4}->openid
Request URL
Request header
Cookie: openkey={$variable2}; uid={$variable3}; openid={$variable4}; extroInfo=1|0|2|0|0; opentype=1
referer: http://kg.qq.com/vMission/index.html?hippy=vMission
User-Agent: *****************************
Connection: keep-alive
No-Chunked: true
Content-Type: application/x-www-form-urlencoded
Content-Length: 1038
Host: node.kg.qq.com
Accept-Encoding: gzip
Post Data (URL encoded)
g_tk_openkey={$variable1}&t_vecReportItem:array=%7B%22mData%22%3A%7B%22uid%22%3A%22{$variable3}%22%2C%22openid%22%3A%22{$variable4}%22%2C%22opentype%22%3A%221%22%2C%22act_id%22%3A%22{$variable3}_1564587566429_83931731%22%2C%22opertime%22%3A%221564587566%22%2C%22platform%22%3A%2211%22%2C%22app_version%22%3A%225.2.7.278%22%2C%22key%22%3A%22assignment%23register_module%23register%23click%230%22%7D%7D&ns=app_dcreport&cmd=extra.data_report&ns_inbuf=&mapExt=JTdCJTIyZmlsZSUyMiUzQSUyMmFwcF9kY3JlcG9ydEpjZSUyMiUyQyUyMmNtZE5hbWUlMjIlM0ElMjJEYXRhUmVwb3J0JTIyJTJDJTIyZGNhcGklMjIlM0ElN0IlMjJpbnRlcmZhY2VJZCUyMiUzQTExMzkwMDA2MSU3RCUyQyUyMmlwJTIyJTNBJTIyMTAwLjk1LjEzOC4xOCUyMiUyQyUyMnBvcnQlMjIlM0ExMjQwNiUyQyUyMmw1YXBpX2V4cDElMjIlM0ElN0IlMjJtb2RpZCUyMiUzQTgyMDg2NSUyQyUyMmNtZCUyMiUzQTUyNDI4OCU3RCUyQyUyMmw1YXBpX3Rlc3QxJTIyJTNBJTdCJTIybW9kaWQlMjIlM0E4MjA4NjUlMkMlMjJjbWQlMjIlM0E1MjQyODglN0QlMkMlMjJvdXRwdXQlMjIlM0F0cnVlJTdE
g_tk_openkey={$variable1}&t_vecReportItem:array=%7B%22mData%22%3A%7B%22uid%22%3A%22{$variable3}%22%2C%22openid%22%3A%22{$variable4}%22%2C%22opentype%22%3A%221%22%2C%22act_id%22%3A%22{$variable3}_1564589297921_63176483%22%2C%22opertime%22%3A%221564589297%22%2C%22platform%22%3A%2211%22%2C%22app_version%22%3A%225.2.7.278%22%2C%22key%22%3A%22assignment%23register_module%23register%23click%230%22%7D%7D&ns=app_dcreport&cmd=extra.data_report&ns_inbuf=&mapExt=JTdCJTIyZmlsZSUyMiUzQSUyMmFwcF9kY3JlcG9ydEpjZSUyMiUyQyUyMmNtZE5hbWUlMjIlM0ElMjJEYXRhUmVwb3J0JTIyJTJDJTIyZGNhcGklMjIlM0ElN0IlMjJpbnRlcmZhY2VJZCUyMiUzQTExMzkwMDA2MSU3RCUyQyUyMmlwJTIyJTNBJTIyMTAwLjk1LjEzOC4xOCUyMiUyQyUyMnBvcnQlMjIlM0ExMjQwNiUyQyUyMmw1YXBpX2V4cDElMjIlM0ElN0IlMjJtb2RpZCUyMiUzQTgyMDg2NSUyQyUyMmNtZCUyMiUzQTUyNDI4OCU3RCUyQyUyMmw1YXBpX3Rlc3QxJTIyJTNBJTdCJTIybW9kaWQlMjIlM0E4MjA4NjUlMkMlMjJjbWQlMjIlM0E1MjQyODglN0QlMkMlMjJvdXRwdXQlMjIlM0F0cnVlJTdE
Post Data Variables
g_tk_openkey
t_vecReportItem:array
ns [ 固定, app_dcreport]
cmd [ 固定, extra.data_report]
ns_inbuf [ 固定, 空 ]
mapExt [ 固定 ]
POST DATA关键变量
t_vecReportItem:array
{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}_1564587566429_83931731","opertime":"1564587566","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}
{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}_1564589297921_63176483","opertime":"1564589297","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}
{"mData":{"uid":"{$variable3}","openid":"{$variable4}","opentype":"1","act_id":"{$variable3}{时间戳}{不知道什么鬼东西}","opertime":"{时间戳}","platform":"11","app_version":"5.2.7.278","key":"assignment#register_module#register#click#0"}}
response data [签到成不成功都这样]
HTTP/1.1 200 OK
Date: Wed, 31 Jul 2019 16:19:52 GMT
Content-Type: application/x-javascript
Content-Length: 88
Connection: keep-alive
X-Powered-By: TSW/Node.js
Server: TSW/1.2.4
Cache-Control: no-cache
Content-Security-Policy: script-src https://wesingapp.com http://wesingapp.com https://.wesingapp.com http://.wesingapp.com https://.qq.com http://.qq.com https://.gtimg.cn http://.gtimg.cn https://.tenpay.com https://.idqqimg.com http://.idqqimg.com https://.gtimg.com http://*.gtimg.com 'unsafe-inline' 'unsafe-eval'; report-uri https://stat.y.qq.com/monitor/report_csp
Cache-Offline: false
{"code":0,"subcode":0,"msg":"","data":{"extra.data_report":{"iCode":0,"strErrInfo":""}}}
未完待续
docker container net namespace debug script
give this script execute permission and add it to your PATH variable
#!/bin/bash
############################################
#
# Author: WILO
# Todo: syntax check
# list docker containers and select
#
############################################
set -ex
pid=`docker inspect $1 | grep "Pid\"" | grep -oP "(\d)*" `
mkdir -p /var/run/netns
ln -sf /proc/$pid/ns/net /var/run/netns/$1
ip netns exec $@
rm /var/run/netns/$1
use jq tool to enable/disable docker live-restore feature
Enable
jq '. + {"live-restore": true}' /etc/docker/daemon.json
systemctl reload docker
docker info | grep -i live
Disable
jq '. + {"live-restore": false}' /etc/docker/daemon.json
kill -SIGHUP $(pidof dockerd)
docker info | grep Live
More examples
190710笔记本无法开机 / 电源灯闪一下 / 电源灯+ numLock +CapsLock常亮
华硕笔记本
一大早起来开不了机,我都懵了
PS:个人习惯笔记本一直开着或者用休眠状态关机,昨晚是一直开着的,也就是中间应该是突然自己关的机
初始现象
- 无论是否插着电源,按下电源键都只有电源灯闪一下,其它所有指示灯没反应,屏幕没输出,无法开机(不开机接电源电池灯也不亮来着)
- 好的这是一个全新的我没遇到过的异常,我懵了
- 试试是不是静电保护的问题吧,拔下电池和电源,长按电源键5s,重新插上电池开机,还是一样。。。[ failed ]
- 想起之前蓝牙有一次连接卡死,在系统设置里面一直不能关,然后重启了电脑,接着设备管理器提示有USB设备 设备描述符请求失败 (蓝牙是Qualcomn高通QCA9377的),因为无线是正常的,一直觉得是驱动有问题也不急着用,就没去管他。。。好的。拆电脑,其中拆过了内存条,固态,然后 把高通PCI-E模块拔了 ,重新装好开机。妈耶指示灯状态变了
翻车的路上2.0
- 指示灯变成了无论接不接电源,(不开机接电源电池灯指示正常)按下电源键以后,电源灯和NumLock和CapsLock灯都常亮,电池灯一闪一闪亮晶晶 ,屏幕无反应,开不了机,长按电源键强制关机能听到机械硬盘断电的声音
- 嗯?电池出问题了吗,换了一块电池,接电源,电源电池灯指示正常[红色,电池在充电],按下电源键开机,一样电源灯+ numLock +CapsLock常亮,电池灯规律性闪动,妈耶
- 啊凉了啊
- 放电拔下扩展内存条尝试开机。。。我???开机了!!不是吧,内存条报废了?
- 橡皮擦擦拭内存条金手指,重新开机,还是不行,凉凉。。。
- 我不信!再拔下内存条,再擦拭金手指 ,重新上电。。。又。能开机。。了,awsl
- 大早上的折腾人
唠唠叨叨
我最近可能水逆
不是笔记本坏就是平板键盘坏了
什么时候到手机坏或者路由器坏。。??
Windows系统中选择可选打开方式出现%1程序
windows10系统
今天对某个PSD文件想选择其他软件打开的时候出现了这个东西(印象之中好像出现了好多次了)强迫症不能忍,想想都知道肯定是注册表的锅啦
一开始想是不是\HKEY_CLASSES_ROOT下面的.psd项有异常,对比了一下其他扩展名键项,咦没毛病啊
百度!
远景网友解答
“%1”是传递符,它将文件名传递给关联程序。现在只出现了传递符“%1”,却不显示相应的关联程序,其原因是系统找不到该关联程序。这种情况通常的原因是,楼主之前安装过一个可以关联“JPG”扩展名的软件,且该软件在注册表中注册了相应的类。然而,因为某种原因,楼主删除了该软件中的这个关联程序;或者,卸载了该软件,但该软件却没有删除注册表中相应的类,这就导致僵尸项“%1”的出现。
要解决这个问题,请楼主在注册表中打开 HKEY_CLASSES_ROOT\,然后查找是否有 xx.jpg 之类的项(其中的 xx 可以理解为关联程序名,例如 ACDSee 就会创建 ACDSee Ultimate 9.jpg)。找到那个已经不存在程序创建的项,然后将其删除即可。
妙啊
开始搜索
有网友在后面回复说就是QuickTime导致的,所以留心了一下,嗯?我也有QuickTime键项????我???
( 就是那个QuickTime.psd )
好的,右键先导出到桌面备份一下(对着QuickTime.psd 键项右键)[免得翻车]
然后,删掉,再见您嘞!
再试一下。。。好了。。。End
为什么不要用systemctl reload nginx重载nginx配置
subtitle
systemctl reload nginx 和 nginx 的差别
前言
经常有人跟我说不要用 systemctl reload nginx去重载nginx的配置,要用nginx -s reload
问他为什么他又说不出
(这就好像经常有人跟我说重启节点不要直接用reboot要用init 6)
不巧,今天在摸鱼的时候知道大概原因了
我又干了什么
今天在给一个nginx站点更新站点配置的时候对一个站点的conf文件进行了端口分离(原本这个文件里面有两段server配置,80和443)
然后我
cp default_80.conf default_443.conf
接着分别vim了两个配置文件删除了相应的不应该存在的server段
接着顺其自然地
systemctl reload nginx
shell 控制台没报错
继续对配置文件修修改改,猛然看到配置文件里面有这样一段指令
log_format cms_upstream '$remote_addr - $host [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
直觉这里必有妖,因为按照nginx性格,log_format 是不允许被重复定义的,否则会报致命错误
这里立刻去检查nginx error.log
[root@zsxs sites-enabled]# cat /var/log/nginx/error.log
2020/07/11 01:18:51 [emerg] 7467#0: duplicate "log_format" name "cms_upstream" in /etc/nginx/sites-enabled/default_443.conf:3
果然有emergency 错误,也就是换句话说,我的nginx配置是没有重载成功的,嗯?systemctl骗我??
谜底揭晓
众所周知,systemctl reload *** 是执行了对应***的service文件里面的指令
这里把有妖的nginx节点service文件cat出来看看,注意这里是Centos 7.7 + nginx 1.16.1
[root@zsxs nginx]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[root@zsxs nginx]# nginx -v
nginx version: nginx/1.16.1
[root@zsxs sites-enabled]# systemctl status nginx | grep Loaded
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
[root@zsxs sites-enabled]# cat /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
可以看到systemctl reload nginx是执行了/bin/kill -s HUP $MAINPID命令
也就是向某个PID进程发送了SIGHUP信号
ps: 虽然SIGHUP信号很多文章都会说是终止进程信号,但是更为接近的说法应该是
(转)系统对SIGHUP信号的默认处理是终止收到该信号的进程。所以若程序中没有捕捉该信号,当收到该信号时,进程就会退出。
而根据其他博主文章记载,nginx里面定义了当进程收到SIGHUP信号以后,其并不会退出,而是执行 ngx_reconfigure 操作,也就是配置文件重载
而对于nginx配置是否成功重载,kill -s HUP的返回值都是0 (命令执行成功)
回到文章中,按道理 systemctl reload nginx 是能够报错的(我之前一直这样重载配置文件的..),不过我之前一直用的是ubuntu os,这里来看看ubuntu 16.04(nginx 1.16.1)是怎么写的
root@frpServer:~# cat /etc/issue
Ubuntu 16.04.1 LTS \n \l
root@frpServer:~# nginx -v
nginx version: nginx/1.16.1
root@frpServer:~# cat /lib/systemd/system/nginx.service
# Stop dance for nginx
# =======================
#
# ExecStop sends SIGSTOP (graceful stop) to the nginx process.
# If, after 5s (--retry QUIT/5) nginx is still running, systemd takes control
# and sends SIGTERM (fast shutdown) to the main process.
# After another 5s (TimeoutStopSec=5), and if nginx is alive, systemd sends
# SIGKILL to all the remaining processes in the process group (KillMode=mixed).
#
# nginx signals reference doc:
# http://nginx.org/en/docs/control.html
#
[Unit]
Description=A high performance web server and a reverse proxy server
Documentation=man:nginx(8)
After=network.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on;'
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid
TimeoutStopSec=5
KillMode=mixed
[Install]
WantedBy=multi-user.target
划重点ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on;' -s reload
答案就在这了,ubuntu默认的nginx service文件和centos 里面的nginx service文件reload触发的命令是不一样的
ubuntu 16.04默认的nginx service中reload触发的操作是nginx -g 'daemon on; master_process on;' -s reload
也就是指定了daemon on; master_process on;指令的情况下去发送reload(SIGHUP)信号到nginx master进程
不同于用kill直接发送信号,nginx -s reload命令在nginx重载配置失败的时候,他的返回值是非0的
所以在某些节点上面使用systemctl reload nginx能够重载配置并且知道是否重载成功
本文到这也就差不多了,至于为什么centos和ubuntu里面的service文件有差异,有缘再说吧
然后按照个人习惯决定是否修改centos nginx service里面的ExecReload参数值吧
kdig - Advanced DNS lookup utility
kdig - Advanced DNS lookup utility
kdig - 高级DNS查询工具
Desc
kdig是一款类似于dig的dns调试工具
而 knot-dns 官网描述其为高性能的开源性DNS server
这里着重看看kdig的功能
不同于dig,kdig自带了更多扩展性功能,如便捷地通过-p 选项指定DNS服务的端口(虽然dig也可以通过-p指定端口)
以及方便地通过选项直接调试DoT
更是支持edns \ TCP Fast Open \ TCP protocol \ dnssec 等DNS查询行为
-- 不支持DoH噢 (DNS over Https)
Installation (https://www.knot-dns.cz/download)
- Knot DNS may already be included in your operating system distribution and therefore can be installed from packages (Linux), ports (BSD), or via Homebrew (macOS). This is always preferred unless you want to test the latest features, contribute to Knot development, or you just know what you are doing.
- Latest installation information: https://www.knot-dns.cz/download
Ubuntu
add-apt-repository ppa:cz.nic-labs/knot-dns-latest && apt update
apt install knot-dnsutils
CentOS/Fedora/openSUSE current stable
https://copr.fedorainfracloud.org/coprs/g/cznic/knot-dns-latest/
Simple Examples
DOT == DNS Over Tls
➤ kdig -d @223.5.5.5 +tls baidu.com
;; DEBUG: Querying for owner(baidu.com.), class(1), type(1), server(223.5.5.5), port(853), protocol(TCP)
;; DEBUG: TLS, received certificate hierarchy:
;; DEBUG: #1, C=CN,ST=浙江省,L=杭州市,O=阿里巴巴(**)网络技术有限公司,CN=*.alidns.com
;; DEBUG: SHA-256 PIN: +ACy/80ww+XSVtadTogT+4L2XuYk9ZbigM6mnqmbgX8=
;; DEBUG: #2, C=BE,O=GlobalSign nv-sa,CN=GlobalSign RSA OV SSL CA 2018
;; DEBUG: SHA-256 PIN: hETpgVvaLC0bvcGG3t0cuqiHvr4XyP2MTwCiqhgRWwU=
;; DEBUG: TLS, skipping certificate PIN check
;; DEBUG: TLS, skipping certificate verification
;; TLS session (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-256-GCM)
;; ->>HEADER<<- opcode: QUERY; status: NOERROR; id: 4316
;; Flags: qr rd ra; QUERY: 1; ANSWER: 2; AUTHORITY: 0; ADDITIONAL: 1
;; EDNS PSEUDOSECTION:
;; Version: 0; flags: ; UDP size: 4096 B; ext-rcode: NOERROR
;; PADDING: 86 B
;; QUESTION SECTION:
;; baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 34 IN A 39.156.69.79
baidu.com. 34 IN A 220.181.38.148
;; Received 178 B
;; Time 2020-07-08 22:41:36 CST
;; From 223.5.5.5@853(TCP) in 18.8 ms
Supports Options in manual page
-4
Use the IPv4 protocol only.
-6
Use the IPv6 protocol only.
-b address
Set the source IP address of the query to address. The address must be a valid address for local interface or :: or 0.0.0.0. An optional port can be specified in the same format as the server value.
-c class
An explicit query_class specification. See possible values above.
-d
Enable debug messages.
-h, –help
Print the program help.
-k keyfile
Use the TSIG key stored in a file keyfile to authenticate the request. The file must contain the key in the same format as accepted by the -y option.
-p port
Set the nameserver port number or service name to send a query to. The default port is 53.
-q name
Set the query name. An explicit variant of name specification.
-t type
An explicit query_type specification. See possible values above.
-V, –version
Print the program version.
-x address
Send a reverse (PTR) query for IPv4 or IPv6 address. The correct name, class and type is set automatically.
-y [alg:]name:key
Use the TSIG key named name to authenticate the request. The alg part specifies the algorithm (the default is hmac-sha256) and key specifies the shared secret encoded in Base64.
-E tapfile
Export a dnstap trace of the query and response messages received to the file tapfile.
-G tapfile
Generate message output from a previously saved dnstap file tapfile.
+[no]multiline
Wrap long records to more lines and improve human readability.
+[no]short
Show record data only.
+[no]generic
Use the generic representation format when printing resource record types and data.
+[no]crypto
Display the DNSSEC keys and signatures values in hexdump, instead of omitting them.
+[no]aaflag
Set the AA flag.
+[no]tcflag
Set the TC flag.
+[no]rdflag
Set the RD flag.
+[no]recurse
Same as +[no]rdflag
+[no]raflag
Set the RA flag.
+[no]zflag
Set the zero flag bit.
+[no]adflag
Set the AD flag.
+[no]cdflag
Set the CD flag.
+[no]dnssec
Set the DO flag.
+[no]all
Show all packet sections.
+[no]qr
Show the query packet.
+[no]header
Show the packet header.
+[no]opt
Show the EDNS pseudosection.
+[no]question
Show the question section.
+[no]answer
Show the answer section.
+[no]authority
Show the authority section.
+[no]additional
Show the additional section.
+[no]tsig
Show the TSIG pseudosection.
+[no]stats
Show trailing packet statistics.
+[no]class
Show the DNS class.
+[no]ttl
Show the TTL value.
+[no]tcp
Use the TCP protocol (default is UDP for standard query and TCP for AXFR/IXFR).
+[no]fastopen
Use TCP Fast Open (default with TCP).
+[no]ignore
Don’t use TCP automatically if a truncated reply is received.
+[no]tls
Use TLS with the Opportunistic privacy profile (RFC 7858#section-4.1).
+[no]tls-ca[=FILE]
Use TLS with a certificate validation. Certification authority certificates are loaded from the specified PEM file (default is system certificate storage if no argument is provided). Can be specified multiple times. If the +tls-hostname option is not provided, the name of the target server (if specified) is used for strict authentication.
+[no]tls-pin=BASE64
Use TLS with the Out-of-Band key-pinned privacy profile (RFC 7858#section-4.2). The PIN must be a Base64 encoded SHA-256 hash of the X.509 SubjectPublicKeyInfo. Can be specified multiple times.
+[no]tls-hostname=STR
Use TLS with a remote server hostname check.
+[no]nsid
Request the nameserver identifier (NSID).
+[no]bufsize=B
Set EDNS buffer size in bytes (default is 512 bytes).
+[no]padding[=B]
Use EDNS(0) padding option to pad queries, optionally to a specific size. The default is to pad queries with a sensible amount when using +tls, and not to pad at all when queries are sent without TLS. With no argument (i.e., just +padding) pad every query with a sensible amount regardless of the use of TLS. With +nopadding, never pad.
+[no]alignment[=B]
Align the query to B-byte-block message using the EDNS(0) padding option (default is no or 128 if no argument is specified).
+[no]subnet=SUBN
Set EDNS(0) client subnet SUBN=addr/prefix.
+[no]edns[=N]
Use EDNS version (default is 0).
+[no]time=T
Set the wait-for-reply interval in seconds (default is 5 seconds). This timeout applies to each query attempt.
+[no]retry=N
Set the number (>=0) of UDP retries (default is 2). This doesn’t apply to AXFR/IXFR.
+noidn
Disable the IDN transformation to ASCII and vice versa. IDNA2003 support depends on libidn availability during project building!
PS
【转】支持5353端口的DNS服务器
208.67.222.222 OpenDNS 加拿大
208.67.220.220 OpenDNS 加拿大
202.141.162.123 中科大 电信 (推荐备用)
202.141.178.13 中科大 电信 (推荐备用)
202.38.93.153 中科大 教育网
101.6.6.6 清华大学 教育网
176.103.130.130 AdGuard DNS 广告钓鱼拦截 俄罗斯
176.103.130.131 AdGuard DNS 广告钓鱼拦截 俄罗斯
176.103.130.132 AdGuard DNS 色情拦截 俄罗斯
176.103.130.134 AdGuard DNS 色情拦截 俄罗斯
89.233.43.71 Uncensored DNS 丹麦
91.239.100.100 Uncensored DNS 丹麦
阿里DNS支持DoH和DoT
www.233py.com提供的DNS服务[转,仅供参考]
GeekDNS 相关简述 https://www.nextrt.com/s/dns
目前支持 DOT,DOH,DnsCrypt,TCP
DOH https://i.233py.com/dns-query
DOT dns.233py.com
Documentations
Official Manual Page: https://www.knot-dns.cz/docs/2.6/html/man_kdig.html
关于linux配置ssh密钥登陆小坑记录[权限方向]
20190704
朋友配置linux密钥登陆的时候
由于属主用户下的.ssh文件夹权限设置有问题
导致设置不生效
后来查询相关资料
“sshd为了安全,对属主的目录和文件权限都有要求,如果权限设置不正确,则设置不生效”
可以是755可以是700@#%#¥……#……¥&*%&
坑飞了,当时是在检查log里面发现的错误
Windows Subsystem marks
Enable feature
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
then reboot system
Distros resources
- ubuntu-1804 https://aka.ms/wsl-ubuntu-1804
- ubuntu-1804-arm https://aka.ms/wsl-ubuntu-1804-arm
- ubuntu-1604 https://aka.ms/wsl-ubuntu-1604
- Debian GNU/Linux https://aka.ms/wsl-debian-gnulinux
- Kali Linux https://aka.ms/wsl-kali-linux-new
- OpenSUSE Leap 42 https://aka.ms/wsl-opensuse-42
- SUSE Linux Enterprise Server 12 https://aka.ms/wsl-sles-12
- Fedora Remix for WSL https://github.com/WhitewaterFoundry/WSLFedoraRemix/releases/
distros reference
https://docs.microsoft.com/en-us/windows/wsl/install-manual
Download distro command
Invoke-WebRequest -Uri https://aka.ms/wsl-ubuntu-1604 -OutFile Ubuntu.appx -UseBasicParsing
对Tencent Cloud ban 未备案域名的 https 站点方式初步流量分析
实验环境
- tencent cloud 服务器一台[学生机]
- 未备案域名一个
- frp
- https站点若干
现象
服务器为172.16.0.3/111.230.xxx.xxx
客户端为219.128.xxx.xxx/192.168.xxx.xxx
浏览器发起访问请求,客户端和服务端同时抓取报文分析
可以发现
-
其实客户端与服务器握手成功
-
客户端浏览器报错信息为connection reset
-
服务器抓取报文分析,在接收到客户端的client hello后,服务器进行了ack应答,接着服务器收到了一个来自[假]客户端的连接reset报文
-
然而实际上,客户端在此期间从未发送过reset报文,同理,客户端收到了reset报文,所以浏览器报连接reset错误,但是服务器并没有发送过reset报文(server发送的最后一个ack报文被处理掉了)
唠叨1
在这个实验中可以发现,某厂商的中间设备在对https流量分析了ssl挥手阶段中的client hello报文中的server name字段值(ssl.handshake.extensions_server_name)[Server Name Indication, 缩写SNI],进而伪造reset报文进行服务器和客户端的连接重置(T_T)
okay, 事件发生点找到了,那该怎么解决呢? (咕咕咕)
唠叨2
- 天方夜谭设想: 基于iptables编写自定义模块,在服务器上对client hello的下一个ack报文进行TCP flag修改,将SYN标志位->置1,不清楚可否绕过此ban,如果可行的话,那就是某厂商人员。。。的 if 判断没写好?红红火火恍恍惚惚
- 基于ESNI解决:ESNI是 TLS 1.3 协议的扩展,他可以加密SNI使HTTPS流量更难以被分析(也就是域名值加密了),基于ESNI还可以达到畅快访问某些学术网站的目的(相关技术加成: DNSSEC),然而目前各大浏览器对ESNI并没有很好的支持(chrome不支持,据说火狐实验支持),所以这个方法需要时间去落实。检测浏览器是否支持ESNI等技术的网址: https://www.cloudflare.com/ssl/encrypted-sni/
文章未完待续
NET-TOOLS VS IPROUTE2
关于win10修改mstsc端口
windows10系统将3389端口改其他端口
通过注册表改
网上大多数教程说要改两个地方的portnumber
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\Wds\Repwd\Tds\Tcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\WinStations\RDP-TCP
实测只需要一个
其实只改
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer\WinStations\RDP-TCP
就ok了
记得调整高级防火墙设置[firewall.cpl]
重启电脑
PS: RDP8.0巨爽,支持UDP连接RDP
nginx client_max_body_size 指令里面的size值m十进制还是二进制的
突然有个老哥提了个很有趣的问题
我还真没去深究过,那测试试试吧
nginx相关指令引述
Syntax: client_max_body_size size;
Default: client_max_body_size 1m;
Context: http, server, location
Sets the maximum allowed size of the client request body, specified in the “Content-Length” request header field. If the size in a request exceeds the configured value, the 413 (Request Entity Too Large) error is returned to the client. Please be aware that browsers cannot correctly display this error. Setting size to 0 disables checking of client request body size.
搭环境是不可能搭环境的
docker pull docker.io/webdevops/php-nginx:latest
mkdir app
touch app/index.php
docker run -it -d --name nginx_test -p 50000:80 -v /root/sanXian/php-nginx-test/app:/app:rw -v /root/sanXian/php-nginx-test/vhost.conf:/opt/docker/etc/nginx/vhost.conf webdevops/php-nginx
docker cp nginx_test:/opt/docker/etc/nginx/vhost.conf ./
好了, 环境有了, 干活
修改vhost.conf
nginx -s reload
期间报了一次错
nginx: [emerg] "client_max_body_size" directive is duplicate in /opt/docker/etc/nginx/vhost.common.d/10-general.conf:1
检查
# cat /opt/docker/etc/nginx/vhost.common.d/10-general.conf
client_max_body_size 50m;
# cat /etc/nginx/nginx.conf | grep -Ev "^\s*?#|^$"
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /docker.stdout ;
error_log /docker.stderr ;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
# cat /etc/nginx/conf.d/10-docker.conf
include /opt/docker/etc/nginx/global.conf;
include /opt/docker/etc/nginx/php.conf;
include /opt/docker/etc/nginx/conf.d/*.conf;
include /opt/docker/etc/nginx/vhost.conf;
# cat /opt/docker/etc/nginx/vhost.conf
server {
listen 80 default_server;
server_name _ *.vm docker;
root "/app";
index index.php;
client_max_body_size 1m;
include /opt/docker/etc/nginx/vhost.common.d/*.conf;
}
server {
listen 443 default_server;
server_name _ *.vm docker;
root "/app";
index index.php;
include /opt/docker/etc/nginx/vhost.common.d/*.conf;
include /opt/docker/etc/nginx/vhost.ssl.conf;
}
# rm -f /opt/docker/etc/nginx/vhost.common.d/10-general.conf
# nginx -s reload
这说明了啥?这只说明了client_max_body_size不能在server context里面重复定义,能不能跨context定义达到覆写效果呢,实测在http context定义了client_max_body_size 后再在server context定义也是可以的
制造文件测试
dd if=/dev/zero of=./zero.img bs=1MiB count=$(expr 1024 \* 1000 - 200 )
dd if=/dev/zero of=./zero.img bs=1 count=$(expr 1024 \* 1024 - 200 )
dd if=/dev/zero of=./zero.img bs=1 count=$(expr 1024 \* 1024 - 200 + 1 )
(别问我200这个数值怎么算出来的,我随便猜的[too vegetable])
结论
size 里面如果单位是m, 那是MiB
ssh通过密钥连接sshd提示Permission denied (publickey).
you have some problems likes Permission denied (publickey,gssapi-with-mic), or the error 'Not a RSA1 key file' when using ssh remote login, try to fix issues as below:
get more information with ssh -vvv [email protected], it's more important.check the permissions of your private and public keys, id_rsa should 600, id_rsa.pub should 644 check if your id_rsa matched with id_rsa.pub.For the 3rd, it looks very strange, I am not sure it's a bug of openssh or something. The id_rsa.pub is the public key for my windows host (I have ssh server on windows), the id_rsa is the private key for remote linux host, I put them to the .ssh folder.But when I ssh login the linux host, I got “Permission denied (publickey,gssapi-with-mic)”. if I remove id_rsa.pub from .ssh folder, it work fine.
两点思路
- 密钥文件权限
- id_rsa.pub 和 id_rsa 不能同时在一个目录
Chrome浏览器的一些设置mark
地址栏显示WWW
chrome://flags/
Omnibox UI Hide Steady-State URL Trivial Subdomains
地址栏显示method【https / http】
chrome://flags/
Omnibox UI Hide Steady-State URL Scheme
清除域名hsts标记
chrome://net-internals/#hsts
清除浏览器DNS缓存
chrome://net-internals/#dns
[script]send fake gateway arp probe response to node
部分网络环境下交换机无法对src address 为0.0.0.0 的arp 报文(即ARP探针)做出应答
在这种情况下于另一个节点上执行脚本发送伪造arp response即可曲线救国
# !/usr/bin/env python3
# -*- coding: UTF-8 -*-
import os
import sys
import signal
from scapy.all import (
get_if_hwaddr, # 获取本机网络接口的函数
getmacbyip, # 通过IP地址获取其Mac地址的函数
ARP, # 构造ARP数据包
Ether, # 构造以太网数据包
sendp # 在第二层发送数据包
)
from optparse import OptionParser #格式化用户输入的参数
def main():
#自定义程序使用方法,当中的 %prog,optparse会以当前程序名的字符串来替代
usage = 'Usage: %prog [-i interface] [--gateway gateway_ip] target'
#创建一个 OptionParser 对象
parser = OptionParser(usage)
#add_option 来定义命令行参数
parser.add_option('-i', dest='interface', help='Specify the interface to use')
parser.add_option('--gateway',dest="gatewayip",help="gateway ip address")
#调用optionparser的解析函数
(options, args) = parser.parse_args()
if len(args) != 1 or options.interface is None or options.gatewayip is None:
parser.print_help()
print("debug args:",len(args))
print("debug ",options.interface)
print("debug ",options.gatewayip)
sys.exit(1)
# For dce
# get gateway mac address
gw_mac = getmacbyip(options.gatewayip)
print("gateway ip address is:{}, mac address is: {}".format(options.gatewayip, gw_mac))
target_mac = getmacbyip(args[0])
print("arp probe response to {} {}".format("0.0.0.0", target_mac))
if target_mac is None:
print("[-] Error: Could not resolve targets MAC address")
sys.exit(1)
#响应包
def build_rep():
pkt = Ether(src=gw_mac, dst=target_mac) / ARP(hwsrc=gw_mac, psrc=options.gatewayip, hwdst=target_mac, pdst="0.0.0.0", op=2)
return pkt
pkt = build_rep()
def quit(signum, frame):
print('\nYou choose to stop me.')
exit()
signal.signal(signal.SIGINT, quit)
while True:
#在两次发送数据包之间有一定的时间间隔,使用inter选项,表示每隔2秒发送一个数据包
sendp(pkt, inter=0.5, iface=options.interface)
print("arp response sent to {} {}".format("0.0.0.0", target_mac))
if __name__ == '__main__':
main()
Tampermonkey+腾讯课堂+超过有效期的活动课程
// ==UserScript==
// @name 腾讯课堂-过时课程入口显现
// @namespace http://tampermonkey.net/
// @version 1.0
// @description 腾讯课堂-过期课程播放按钮
// @author WILO
// @supportURL https://github.com/easyjack/randomMark/issues/20
// @match https://ke.qq.com/course/*
// @icon https://ke.qq.com/favicon.ico
// @grant none
// @run-at document-end
// ==/UserScript==
//var term_id = document.getElementsByClassName("class-content js-term-item js-term-baseinfo class-content--no-des active")[0].getAttribute("data-termid");
var cource_id = metaData.terms[0].cid;
var term_id = metaData.terms[0].term_id;
if(document.getElementById("js-imgtext")){
var button_bar= document.getElementById("js-imgtext").getElementsByClassName("text-right text-right--pay")[0].getElementsByClassName("oper-bar")[0];
console.log(button_bar);
var button_player=document.createElement("span");
button_player.setAttribute("class","btn-join btn-default");
//button_player.setAttribute("onclick","window.location.href='/webcourse/index.html#cid=" + cource_id + "&term_id=" + term_id + "'");
button_player.setAttribute("onclick","window.open('https://ke.qq.com/webcourse/index.html#cid=" + cource_id + "&term_id=" + term_id + "')");
button_player.textContent="进入播放页";
button_bar.appendChild(button_player);
}
Fish shell下的ssh-agent现有会话探测脚本
一个随便糊的用于发现设备上现有的ssh-agent会话脚本,方便在不同的terminal tab中复用一个ssh-agent
适配: macOS + fish shell
#!/usr/bin/env fish
#######################################################
# Author: SanXian
# To find the exists ssh-agent connection or create
# a new ssh-agent connection for macOS with fish shell
#######################################################
#set base_dir "/var/folders/4w/hx1kgdwd2ll9chvbzv6y70r80000gn/T"
set base_dir $TMPDIR
for i in (sh -c "ls -1 --color=never $base_dir/ssh-*/agent* 2>/dev/null")
set agent_file (echo -n $i | grep --color=never -Eo "agent.*")
echo "found: $agent_file"
set PID (echo -n $agent_file | awk -F . '{print $2 + 1}')
echo PID: $PID
export SSH_AGENT_PID=$PID
export SSH_AUTH_SOCK=$i
env | grep -i ssh_
exit
end
# ssh agent sock not found
echo "ssh agent sock file not found, creating"
eval (ssh-agent -c -t 4h)
ps: 什么是ssh-agent 和 ssh-add ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.