blog.albertchang.cn
albertchang当你经历过一些事情的时候,眼前的风景就和从前不一样了~
http://blog.albertchang.cn/
当你经历过一些事情的时候,眼前的风景就和从前不一样了~
http://blog.albertchang.cn/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Thursday
LOAD TIME
0.4 seconds
PAGES IN
THIS WEBSITE
20
SSL
EXTERNAL LINKS
38
SITE IP
45.76.223.227
LOAD TIME
0.438 sec
SCORE
6.2
albertchang | blog.albertchang.cn Reviews
https://blog.albertchang.cn
当你经历过一些事情的时候,眼前的风景就和从前不一样了~
blog.albertchang.cn
jQuery API 3.1 中文文档 | jQuery API 中文在线手册 | jquery api 1.11 中文 | jquery api chm
http://blog.albertchang.cn/jquery
JQuery API 3.1.0 速查表. Get(url,[data],[fn],[type]). Post(url,[data],[fn],[type]). Attr(name pro key,val fn). Prop(n p k,v f). Css(name pro [,val fn]). On(eve,[sel],[data],fn). Delegate(s,[t],[d],fn). Show([s,[e],[fn] ). Hide([s,[e],[fn] ). SlideUp([s,[e],[fn] ). FadeTo([ s],o,[e],[fn] ). FadeToggle([s,[e],[fn] ). Animate(p,[s],[e],[fn]). Extend([d],tgt,obj1,[objN]). Filter(expr obj ele fn). Is(expr obj ele fn). Add(e e h o[,c]). Get(url,[data],[fn],[type]). Post(url,[data],[fn],[type]). Prop(n p k,v f).
Pwnhub第一期找个帮手 - albertchang
http://blog.albertchang.cn/index.php/archives/5
发布时间 January 3, 2017. 题目给了一个django的网站,简单测试一下发现任意文件读取的漏洞,使用static/./././././././etc/passwd读取到了密码,但是读不到关键文件,简单测试一下发现.conf和py的文件会被ban,其他的如果存在返回文件内容,不存在返回文件不存在。 Server: gunicorn/19.6.0 Django/1.10.3 CPython/3.5.2. Http:/ 54.223.46.206:8003/static/.%2f pycache /views.cpython-35.pyc. 33C3 CTF web部分Writeup- - - - - -list0r. 33C3 CTF web部分Writeup- - - - - -shia. Powered by Typecho,由albertchang弱力驱动.
javascript - albertchang
http://blog.albertchang.cn/index.php/category/javascript
33C3 CTF web部分Writeup- - - - - -list0r. 33C3 CTF web部分Writeup- - - - - -shia. Powered by Typecho,由albertchang弱力驱动.
关于我 - albertchang
http://blog.albertchang.cn/index.php/start-page.html
发布时间 January 2, 2017. Github https:/ github.com/Alberthchang (很久没有写东西了). 33C3 CTF web部分Writeup- - - - - -list0r. 33C3 CTF web部分Writeup- - - - - -shia. Powered by Typecho,由albertchang弱力驱动.
Pwnhub第四期WP--拍卖行 - albertchang
http://blog.albertchang.cn/index.php/archives/7
发布时间 January 3, 2017. INSERT INTO TOKENS (TOKENS, PASSWORD) VALUES('%s', '%s'). 闭合前面的语句之后就直接select xxx into dumpfile /tmp/albertchang336.php,然后利用文件包含拿到shell. From pwn import * io = remote('54.223.241.254', 22333) io.recvuntil('A date with Firesun is on sale! 33C3 CTF web部分Writeup- - - - - -list0r. 33C3 CTF web部分Writeup- - - - - -shia. Powered by Typecho,由albertchang弱力驱动.
TOTAL PAGES IN THIS WEBSITE
20
virusdefender's blog
https://virusdefender.net/index.php/page/3
分为16个扇区 0-15 ,每个扇区又分为4个区域块 0-63. Http:/ 104.199.132.251/4dm1n/show.php. 后来看到提示,说可以探测内网,想起使用webrtc,参考 http:/ www.wooyun.org/bugs/wooyun-2014-076685. What is Same Origin Policy? The flag is at http:/ 127.0.0.1:8080/secret. After you submitted a url, a monkey will browse the url. The monkey will stay 2 minutes on your page. Try to find a string $str so that (substr(md5( $str), 0, 6) = = '54d7ed'). Import hashlib for i in xrange(1000000000): print i, hashlib.md5(str(i) .hexdigest(). Cat md5.txt grep xxxx.
好奇心 - virusdefender's blog
https://virusdefender.net/index.php/archives/413
Kepler 452b上的一年大约385天,其围绕运行的是一颗与太阳相似的恒星,使得Kepler 452b成为到目前为止最接近 另一个地球 的系外行星。 和原文链接 https:/ virusdefender.net/index.php/archives/413/. January 8th, 2016 at 01:30 pm. ๑ ㅂ )و 博主 此处省略3个字. January 9th, 2016 at 12:14 am. 下一篇: Python内部机制(1) - 垃圾回收. Just Rock It 2016. Sql注入时case when . then . else .end 的应用. 为什么不用 Lua 好像 OpenWRT 的界面都是用 Lua .
qq空间某被利用的xss分析 - virusdefender's blog
https://virusdefender.net/index.php/archives/347
Document.getElementById("footad").src="http:/ yyyy.qq.com/cgi-bin/privateblog/privateblog output data? Http:/ yyyy.qq.com/cgi-bin/privateblog/privateblog output data? Uin=842362834&blogid=1268155622&imgdm=xxxx.com%2fimgcache.qq.com&bdm=b.qzone.qq.com&vid=19. Script src="1.js" /script. 就会访问baidu.com/1.js,而不是qq.com/1.js,导致xss漏洞。 而我发现这个地方腾讯其实是有过滤的,因为url里面直接使用xxx.com是不可以的,必须是xxx.com/cache.qq.com才行,但是这样的过滤并没有什么卵用。 Iframe name='xframe' ":"iframe"); }catch(e){} try{ if(! Eframe){eframe = document.createElem...
分类 django 下的文章 - virusdefender's blog
https://virusdefender.net/index.php/category/django
Select for update 带来的性能问题. Query time: 1.480138 Lock time: 0.000084 Rows sent: 1 Rows examined: 13061 SET timestamp=1433606761; SELECT `一大堆字段` FROM `usergamedata` WHERE `usergamedata`.`uid` = 5396 FOR UPDATE;. 我用的是django 1.8,文档在这里 https:/ docs.djangoproject.com/en/1.8/topics/migrations/. Python manage.py makemigrations account(app的名字). Migrations for 'account': 0001 initial.py: - Create model account. Python manage.py migrate. Python manage.py makemigrations account. Python manage.py migrate. Location / ...
气死禅师的勒洛三角形 - virusdefender's blog
https://virusdefender.net/index.php/archives/381
定宽曲线 英文 Curve of constant width 定义 平面上一凸形封闭曲线,不论如何转动,其宽度永远不变,则称之定宽曲线或恒宽曲线。 通过勒贝格积分可以算出,勒洛三角是定宽曲线所能构成的面积最小的图形,其面积为${1 over2}( pi - sqrt3)s 2$,s为定宽宽度。 图片 Construction triangle Reuleaux. Travail personnel (my own work)。 采用 CC BY-SA 3.0. 图片 Rouleaux triangle Animation. 采用 CC BY-SA 3.0. 和原文链接 https:/ virusdefender.net/index.php/archives/381/. Just Rock It 2016. Sql注入时case when . then . else .end 的应用. 为什么不用 Lua 好像 OpenWRT 的界面都是用 Lua .
Typecho 反垃圾评论原理和 Python 模拟 - virusdefender's blog
https://virusdefender.net/index.php/archives/438
Typecho 反垃圾评论原理和 Python 模拟. 猜测和反垃圾评论有关,因为机器人直接评论的话,一般都是直接 post 评论数据,如果在评论之前需要先运行一段 js,然后带上这段 js 生成的值再 post 的话,就能挡住一大批低级的机器人了。 现在很多地方用到了这个,比如一些云 WAF,在可疑请求的时候也是返回一段 js 要运行的,更高级点的可以检测浏览器环境,鼠标手势等等。 看 Typecho 的 源码. 我用 Python 写了一个,主要是通过各种注释和换行来混淆 js,虽然不运行 js,直接进行字符串分析肯定也能得到结果,但是相比直接 post 数据,难度大大增大了,而且我们可以随时更换混淆规则,我们的目的也就达到了。 而这个结果在生成 js 的时候就确定了,只要拿到评论数据和 session 中的值比较一下就好了. Ps 这篇文章里面的 Python 代码让 syntaxhighliter 的语法高亮出现了问题,我已经自己修改了这个 bug,在 这个文件. Regex: /([' "]{3})([ 1])*? 1/gm, css: 'comments' }.
分类 数学 下的文章 - virusdefender's blog
https://virusdefender.net/index.php/category/math
定宽曲线 英文 Curve of constant width 定义 平面上一凸形封闭曲线,不论如何转动,其宽度永远不变,则称之定宽曲线或恒宽曲线。 通过勒贝格积分可以算出,勒洛三角是定宽曲线所能构成的面积最小的图形,其面积为${1 over2}( pi - sqrt3)s 2$,s为定宽宽度。 图片 Construction triangle Reuleaux. Travail personnel (my own work)。 采用 CC BY-SA 3.0. 图片 Rouleaux triangle Animation. 采用 CC BY-SA 3.0. 计算公式是 http:/ en.wikipedia.org/wiki/Haversine formula. Havarsin( frac{d}{R}) = haversin(l {2} - l {1}) cos(l {1})cos(l {2})haversin(Δk)$. Havarsin(θ) = sin {2}( frac{θ}{2}) = frac{1 - cos(θ)}{2}$. Http:/ www.zhihu.com/q...先把黑球放...
分类 ctf 下的文章 - virusdefender's blog
https://virusdefender.net/index.php/category/ctf
Http:/ 104.199.132.251/4dm1n/show.php. 后来看到提示,说可以探测内网,想起使用webrtc,参考 http:/ www.wooyun.org/bugs/wooyun-2014-076685. What is Same Origin Policy? The flag is at http:/ 127.0.0.1:8080/secret. After you submitted a url, a monkey will browse the url. The monkey will stay 2 minutes on your page. Try to find a string $str so that (substr(md5( $str), 0, 6) = = '54d7ed'). Import hashlib for i in xrange(1000000000): print i, hashlib.md5(str(i) .hexdigest(). Cat md5.txt grep xxxx. Mozilla/5.0 0ctf by md5 salt. Decry...
分类 web 下的文章 - virusdefender's blog
https://virusdefender.net/index.php/category/web
在使用rjs打包的时候,如果我使用了jquery插件而却把jquery.js放在单独的cdn上,也就是在build.js中jquery.js的路径是. 使用 Chrome 开发者工具查看网页的请求,发现这个页面的 html 加载,几个 ajax 加载都是显示. 在 https:/ stackoverflow.com/questions/2095520/fighting-client-side-caching-in-django/13512008#13512008. Class SomeView(View): @method decorator(never ever cache) def get(self, request): return HttpResponse('Hello'). Cache-Control:no-cache, no-store, must-revalidate, max-age=0. 参考 http:/ www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9. Plain Object or String or Array.
Python内部机制(1) - 垃圾回收 - virusdefender's blog
https://virusdefender.net/index.php/archives/424
首先介绍下主流的垃圾回收机制,原文在 http:/ www.zhihu.com/question/20018826/answer/28892543. 引用计数的优点是 1 相对简单,不需要太多运行时 run-time 的支持,可以在原生不支持 GC 的语言里实现。 它的死穴是循环引用,对象 A 包含一个引用指向对象 B ,同时对象 B 包含一个引用指向对象 A,计数器就抓瞎了。 另外,引用计数对正常程序的执行性能有影响 每次引用赋值都要改计数器 ,特别是在多线程环境下 改计数器要加锁同步。 基本思路是把整个内存空间一分为二,不妨记为 A 和 B。 所有对象的内存在 A 中分配,当 A 塞满的时候,同样从寄存器和程序栈上的引用出发,遍历以对象为节点、以引用为边构成的图,把所有可以访问到的对象复制到 B 去,然后对调 A 和 B 的角色。 另外,由于不需要清扫整个内存空间,所以如果内存中存活对象很少而垃圾对象很多的话 有些语言有这个倾向 ,触发 GC 造成的中断会小于标记-清扫。 Python 主要是通过引用计数来进行垃圾回收,这里我写了一个简单的 c 程序来模拟一下. Python gc collect ...
TOTAL LINKS TO THIS WEBSITE
38
blog.albertahomespecialist.com
Viktoriya Finkbeiner's Real Estate Blog
SERVING YOUR SPRUCE GROVE REAL ESTATE NEEDS. Things are still looking up for Alberta in long term. March 27th, 2015 by viktoriyafinkbeiner. Despite the crashing oil prices, real estate market in Edmonton is staying strong this year so far! There are a lot of other positive indicators, like ongoing large construction projects, low interest rates and demand for labour, that keep the demand for housing stable. I look forward to seeing what this spring brings us! Globe and Mail forecast for real estate market.
Albert Aixendri
No hay ninguna entrada. No hay ninguna entrada. Suscribirse a: Entradas (Atom). Ver todo mi perfil.
Corey Young's Real Estate Blog
Real Estate Investment Network. Success Story by Don R Campbell. Canadian Real Estate Magazine Article. Out of Town Investors. ALBERTA ON FIRE INVESTOR TEAM. A Positive Present and Long-Term Outlook for Alberta. May 8th, 2015 by Corey Young. Economic update May 2015. Edmonton Market at a Low Risk. Alberta led All Provinces in Economic Growth in 2014. Phenomenal Housing Starts in 2015. Read All Articles HERE. Economic Update December 2014 – Oil is Dropping and the World is Ending. A slow down in our marke...
Albert Armea - Page 1 of 2
Posted 4 months ago. Using gVim from Git Bash. If you’re on Windows, use MSysGit Bash. As your primary shell, and also have gVim installed from the official site. To use the Vim you installed rather than the one that comes with Git. There are two non-invasive ways I can think of doing this:. Add aliases to your. Create small wrapper scripts in. Which Git Bash includes in your. By default. Create files named. Etc that look something like this:. Bin/bash /c/Program Files (x86 )/Vim/vim74/vim.exe "$@".
Alberta Rose Education Centre Blog | Learn English, Study in Canada
Alberta Rose Education Centre Blog. Learn English, Study in Canada. International Student Services at Canadian Institutes. Also, the International Centres have many programs that can help you get adjusted to Canadian life and also they have some just fun events. Everyone needs to play; you can’t always be working while studying in Canada. This program runs the last 2 weeks of August and gives international undergraduate students an orientation on what to expect from their professors and the teaching meth...
albertchang
33C3 CTF web部分Writeup- - - - - -list0r. 发布时间 January 4, 2017. Http:/ 78.46.224.80/. Http:/ 78.46.224.80/reeeaally/reallyy/c00l/and aw3sme flag. Http:/ 78.46.224.80/? 33C3 CTF web部分Writeup- - - - - -shia. 发布时间 January 4, 2017. Http:/ 78.46.224.75/. Http:/ 78.46.224.75/static/shia.js. Http:/ 78.46.224.75/quote/1. 测试过滤 关键词单次过滤,可以通过双写绕过 空格被过滤,采用%0d的方式绕过 特殊符号直接过滤,并给出回显. 发布时间 January 3, 2017. Filename=./././././././etc/passwd&filename=models.py. 发布时间 January 3, 2017. 发布时间 January 3, 2017.
blog.albertchangphotography.com
in the moment
Albert. sf bay area. viking pride. Congratulations, Lena and Gordon. Lake Tahoe, NV. Summer nights like this are what we live for. No place like home. Because I’m missing home. And perpetually jealous of semester kids.
Default Parallels Plesk Panel Page
Web Server's Default Page. This page is generated by Parallels Plesk Panel. The leading hosting automation software. You see this page because there is no Web site at this address. You can do the following:. Create domains and set up Web hosting using Parallels Plesk Panel. Parallels is a worldwide leader in virtualization and automation software that optimizes computing for consumers, businesses, and Cloud services providers across all major hardware, operating systems, and virtualization platforms.
Albert Cheung Weddings Albert Cheung Weddings -
Navi Baj’s Canadian Indian Wedding. Chris Jenny . The Grandview, NY. FILSON x MAGNUM Camera Bag Review. Sara John . Turks Caicos. Chris Michelle . Studio 450, NY. Jissenia Lawrence . Central Park . NY. Erin Andy . Anglesey, Wales U.K. Erik Nicole . Mount Gulian, NY. Holdfast “Moneymaker” Multi-Camera Harness. Ronald Crystal’s San Francisco Engagement. Portraits for Restore NYC. Maria Daniel’s Wedding. The Yale Club, NYC. Jayne Noah . Liberty View Farm, NY. On Portraits for Restore NYC.
Albert Cuesta
Re: 868smufeew's contact info. March 24, 2015. Per què el tancament de Google News a Espanya ens afecta poc o gens. Avui Google ha anunciat que el seu servei Google Noticias. Google explica en un comunicat. Que el motiu és la nova llei espanyola de Propietat Intel·lectual ( PDF. Que obliga qualsevol publicació espanyola, ho vulgui o no, a cobrar als serveis agregadors -com Google Noticies, però també Meneame.net. Que reprodueixen contingut original de manera massiva, però fer-ho en el cas de titul...
Gahlen spezial
Herzlich Willkommen auf der Webseite von Albert Gahlen e. K. Werkzeuge - Maschinen. Unser Partner Gahlen Outfit.
