echo ' <style>
    
    /* 新增动画库 */
.animate__animated {
  animation-duration: 0.5s;
}

/* 文章阅读量标签 */
.view-count {
  font-size: 12px;
  color: #666;
  margin-left: 8px;
  display: inline-flex;
  align-items: center;
}

.view-count .iconfont {
  font-size: 14px;
  margin-right: 4px;
} ';
    
</style><!doctype html>
<html lang="zh-cn">

<head>
    <!--51la统计-->
    <script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
    <script>LA.init({id:"3LaTBMpUHsIFZ3HE",ck:"3LaTBMpUHsIFZ3HE",autoTrack:true})</script>
    <!--51la统计-->
    <!--google统计-->
    <meta name="google-site-verification" content="vS2DgnujD7_Y0ge4oe6-MEZ7euUyZZ05Rx7SUTifWuc" />
    <!--google统计-->
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
  <title>web漏洞 - Cesii Blog</title>
  <meta name="keywords" content="Cesii,博客,测试,性能测试,安全测试,接口测试,编程" />
  <meta name="description" content="Deep testing" />
  <link rel="shortcut icon" href="https://cesii.cn/content/templates/monie_jj/favicon.ico" type="image/x-icon">
  <link rel="alternate" title="RSS" href="https://cesii.cn/rss.php" type="application/rss+xml" />
  <link rel="stylesheet" href="//at.alicdn.com/t/c/font_4757084_yuqwbv4rpeg.css">
  
<link rel="stylesheet" href="https://cesii.cn/content/templates/monie_jj/dist/styles/main.074ac5d4.css">

  
  <!-- 统一了分类url和内容url -->
  </head>

<body>

  <header id="header" class="header">
    <div class="header_container">
      <div class="header_content">
        <div class="header_left">
          <a class="header_left_logo" href="https://cesii.cn/" target="_self" title="Deep testing">
            <img class="header_left_logo_pc" src="https://cesii.cn/content/uploadfile/202501/c89d1737138678.png" alt="https://cesii.cn/" loading="lazy">
            <img class="header_left_logo_mobile" src="https://cesii.cn/content/uploadfile/202501/c89d1737138848.png" alt="https://cesii.cn/" loading="lazy">
          </a>

          <nav class="header_left_nav">
            <div class="header_left_nav_mobile_menu_wrap">
              <div class="header_left_nav_mobile_menu"></div>
            </div>
            <ul class="header_nav_list">
                  
            </ul>
          </nav>
        </div>
        <div class="header_right">
          <div class="header_search_icon_wrap">
            <div class="header_search_icon" title="搜索">
              <i class="iconfont icon-sousuo"></i>
            </div>
          </div>
          <div class="header_search_wrap">
            <form class="header_search_form" action="/?keyword">
              <input id="header_search_input" class="header_search_input" type="text" name="keyword" placeholder="输入关键字搜索" autocomplete="off">
              <label for="header_search_input" class="header_search_btn" tabindex="0">
                <i class="iconfont icon-sousuo"></i>
              </label>
              <div class="search_history">
                <div class="search_history_head">
                  <span class="search-history-head-title">搜索历史</span>
                  <span class="search_history_clear_btn">清空</span>
                </div>
                <div class="search_history_list"></div>
              </div>
            </form>
<!--
            <a class="header_article_btn login" href="/admin/article.php?action=write" title="写文章">写文章</a>
          </div>
                      <button class="header-login-btn">登录</button>
                  </div>
      </div>
    </div>
  </header>

  <div class="mobile-search">
    <div class="mobile-search-mask"></div>
    <div class="mobile-search-content">
      <div class="mobile-search-close">
        <i class="iconfont icon-guanbi"></i>
      </div>
      <div class="mobile-search-body"></div>
    </div>
  </div>
  <nav class="nav">
        <div class="nav-container">
        <div class="nav-content">
            <div class="nav-list">
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/hostvlun">主机漏洞</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/python">Python</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/web-safe">web漏洞</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/web-service">Web服务</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/linux">Linux</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/jmeter">Jmeter</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/LoadRunner">LoadRunner</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/kali-Linux">Kali Linux</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/burpsuite">Burpsuite</a>
                                            </div>
                
                    <div class="nav-list-item nav-list-item-parent">
                        <a class="nav-list-item-parent-name" href="https://cesii.cn/docker">Docker</a>
                                            </div>
                            </div>
        </div>
    </div>
    <div class="nav-secondary-warp"></div>
  </nav>

  <!-- 其他页面内容 

  <script src="//cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js"></script>
   -->
  <script>
    lazyload();
  </script>
 
</body>

</html>
<div class="main" role="main">
  <div class="container">
    <div class="main-content home-content">
      <div class="main-left">
        <div>
                  </div>
        <nav class="article-nav">
          <div class="article-nav-content">
            <a class="article-nav-item" href="javascript:;" target="_self" title="推荐">推荐</a>
            <a class="article-nav-item" href="javascript:;" target="_self" title="最新">最新</a>
            <span class="article-nav-line"></span>
          </div>
        </nav>
        <div class="article-skeleton">
          <div class="article-skeleton-line"></div>
          <div class="article-skeleton-line"></div>
          <div class="article-skeleton-line"></div>
          <div class="article-skeleton-line"></div>
        </div>

        <div class="article-card-wrap hidden">
                                    <article class="article-card animate__animated animate__fadeIn" data-link="https://cesii.cn/web-safe/114.html" itemscope="" itemtype="http://schema.org/BlogPosting">
                <a class="article-card-hidden-a" href="https://cesii.cn/web-safe/114.html" itemprop="url">意想不到的惊喜-某网站身份未授权漏洞</a>
                <div class="article-card-head">
                  <span class="article-card-user" itemprop="author">
                    <span itemprop="name" rel="author">cesii</span>
                  </span>
                  <time class="article-card-time" datetime="2025-2-7" itemprop="datePublished">2025-2-7</time>
                  <span class="article-card-category">
                                          </span>
                </div>
                <div class="article-card-body">
                  <div class="article-card-main">
                    <h2 class="article-card-title" itemprop="name headline">意想不到的惊喜-某网站身份未授权漏洞</h2>
                    <p class="article-card-desc" itemprop="articleBody">
                      好久没登录的x网站忘记了用户名，想着找回下结果发现了意向不到的惊喜。 正常逻辑下，当用户找回用户名时会将找回地址发送到对应的邮箱中，然后通过邮件中的找回地址重新设置， 实际上发现邮箱并没有收到邮件，而是将找回信息直接暴露在网页上，可以直接通过上面的找回地址重置用户名的密码，按照此方式只要知道网站的已知用户邮箱就可以做到重置其他用户的密码了。 漏洞已反馈至网站...                    </p>
                    <div class="article-card-footer">
                      <div class="article-card-footer-left" itemprop="interactionCount">
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-liulan article-card-footer-item-icon"></i>
                          <span>205</span>
                        </span>
                        <!--
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-dianzan article-card-footer-item-icon"></i>
                          <span>27</span>
                        </span>
                        -->
                        <a class="article-card-footer-item comments" href="https://cesii.cn/web-safe/114.html#comments" target="_blank" title="文章评论">
                          <i class="iconfont icon-pinglun article-card-footer-item-icon"></i>
                          <span>0</span>
                        </a>
                      </div>
                      <div class="article-card-footer-right">
                        <a class="article-card-tag" href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E"  title='标签' >web漏洞</a>                      </div>
                    </div>
                  </div>
                                      <div class="article-card-thumb">
                      <img class="article-card-thumb-img" src="https://www.mozhe.cn/uploads/2018/09/08/15363874175d97f4.jpg" alt="意想不到的惊喜-某网站身份未授权漏洞" loading="lazy">
                    </div>
                                  </div>
              </article>
                          <article class="article-card animate__animated animate__fadeIn" data-link="https://cesii.cn/web-safe/34.html" itemscope="" itemtype="http://schema.org/BlogPosting">
                <a class="article-card-hidden-a" href="https://cesii.cn/web-safe/34.html" itemprop="url">CVE-2021-3156漏洞权限提升复现及修复</a>
                <div class="article-card-head">
                  <span class="article-card-user" itemprop="author">
                    <span itemprop="name" rel="author">cesii</span>
                  </span>
                  <time class="article-card-time" datetime="2022-9-7" itemprop="datePublished">2022-9-7</time>
                  <span class="article-card-category">
                                          </span>
                </div>
                <div class="article-card-body">
                  <div class="article-card-main">
                    <h2 class="article-card-title" itemprop="name headline">CVE-2021-3156漏洞权限提升复现及修复</h2>
                    <p class="article-card-desc" itemprop="articleBody">
                      以前从来没关注过服务器漏洞情况，近期事情不多想着修复下比较高危的安全漏洞，经过扫描发现有个CVE-2021-3156的权限提升漏洞，并且漏洞并且已经有了漏洞验证程序 以前从来没复现过漏洞 只想着怎么修复，这次就来学习下如何完整的复现漏洞漏洞判断 执行sudoedit -s  \  后： 出现sudoedit：”开头的错误，说明系统可能存在此安全风险。 不受...                    </p>
                    <div class="article-card-footer">
                      <div class="article-card-footer-left" itemprop="interactionCount">
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-liulan article-card-footer-item-icon"></i>
                          <span>161</span>
                        </span>
                        <!--
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-dianzan article-card-footer-item-icon"></i>
                          <span>27</span>
                        </span>
                        -->
                        <a class="article-card-footer-item comments" href="https://cesii.cn/web-safe/34.html#comments" target="_blank" title="文章评论">
                          <i class="iconfont icon-pinglun article-card-footer-item-icon"></i>
                          <span>0</span>
                        </a>
                      </div>
                      <div class="article-card-footer-right">
                        <a class="article-card-tag" href="https://cesii.cn/tag/linux"  title='标签' >linux</a><a class="article-card-tag" href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E"  title='标签' >web漏洞</a><a class="article-card-tag" href="https://cesii.cn/tag/cwe%E6%BC%8F%E6%B4%9E"  title='标签' >cwe漏洞</a>                      </div>
                    </div>
                  </div>
                                      <div class="article-card-thumb">
                      <img class="article-card-thumb-img" src="https://www.perforce.com/sites/default/files/image/2020-09/image-blog-what-is-cwe.jpg" alt="CVE-2021-3156漏洞权限提升复现及修复" loading="lazy">
                    </div>
                                  </div>
              </article>
                          <article class="article-card animate__animated animate__fadeIn" data-link="https://cesii.cn/web-safe/26.html" itemscope="" itemtype="http://schema.org/BlogPosting">
                <a class="article-card-hidden-a" href="https://cesii.cn/web-safe/26.html" itemprop="url">Web安全学习记录第一弹-无WAF的sql注入</a>
                <div class="article-card-head">
                  <span class="article-card-user" itemprop="author">
                    <span itemprop="name" rel="author">cesii</span>
                  </span>
                  <time class="article-card-time" datetime="2022-9-3" itemprop="datePublished">2022-9-3</time>
                  <span class="article-card-category">
                                          </span>
                </div>
                <div class="article-card-body">
                  <div class="article-card-main">
                    <h2 class="article-card-title" itemprop="name headline">Web安全学习记录第一弹-无WAF的sql注入</h2>
                    <p class="article-card-desc" itemprop="articleBody">
                      环境准备 靶站：http://rhiq8003.ia.aqlab.cn/ 测试工具：SqlMap 测试环境：kali2022 查看数据回显 id=1或id=1 and 1 = 1（语句成立）时返回正常数据 id=1或者或id=1 and 1 = 2（语句不成立）时返回数据异常，由此判定存在SQL注入漏洞 尝试获取测试靶站信息 sqlmap -u http:/...                    </p>
                    <div class="article-card-footer">
                      <div class="article-card-footer-left" itemprop="interactionCount">
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-liulan article-card-footer-item-icon"></i>
                          <span>192</span>
                        </span>
                        <!--
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-dianzan article-card-footer-item-icon"></i>
                          <span>27</span>
                        </span>
                        -->
                        <a class="article-card-footer-item comments" href="https://cesii.cn/web-safe/26.html#comments" target="_blank" title="文章评论">
                          <i class="iconfont icon-pinglun article-card-footer-item-icon"></i>
                          <span>0</span>
                        </a>
                      </div>
                      <div class="article-card-footer-right">
                        <a class="article-card-tag" href="https://cesii.cn/tag/sql%E6%B3%A8%E5%85%A5"  title='标签' >sql注入</a><a class="article-card-tag" href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E"  title='标签' >web漏洞</a>                      </div>
                    </div>
                  </div>
                                      <div class="article-card-thumb">
                      <img class="article-card-thumb-img" src="https://cesii.cn/content/uploadfile/202409/fe411725343948.png" alt="Web安全学习记录第一弹-无WAF的sql注入" loading="lazy">
                    </div>
                                  </div>
              </article>
                          <article class="article-card animate__animated animate__fadeIn" data-link="https://cesii.cn/web-safe/44.html" itemscope="" itemtype="http://schema.org/BlogPosting">
                <a class="article-card-hidden-a" href="https://cesii.cn/web-safe/44.html" itemprop="url">利用XSS平台获取cookie实现免登录</a>
                <div class="article-card-head">
                  <span class="article-card-user" itemprop="author">
                    <span itemprop="name" rel="author">cesii</span>
                  </span>
                  <time class="article-card-time" datetime="2021-9-10" itemprop="datePublished">2021-9-10</time>
                  <span class="article-card-category">
                                          </span>
                </div>
                <div class="article-card-body">
                  <div class="article-card-main">
                    <h2 class="article-card-title" itemprop="name headline">利用XSS平台获取cookie实现免登录</h2>
                    <p class="article-card-desc" itemprop="articleBody">
                      本次采用的XSS平台为清华大学开源出来的blue-lotus（蓝莲花） Js文件创建 首先在xss平台中创建需要获取cookie信息的js文件，模板选择default.js 更改地址 更改js文件中的地址为自己xss平台的ip地址（原理：通过访问js文件获取网站的cookie信息后输出到xss平台） 生成payload 点击生成payload后，可以看到pa...                    </p>
                    <div class="article-card-footer">
                      <div class="article-card-footer-left" itemprop="interactionCount">
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-liulan article-card-footer-item-icon"></i>
                          <span>192</span>
                        </span>
                        <!--
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-dianzan article-card-footer-item-icon"></i>
                          <span>27</span>
                        </span>
                        -->
                        <a class="article-card-footer-item comments" href="https://cesii.cn/web-safe/44.html#comments" target="_blank" title="文章评论">
                          <i class="iconfont icon-pinglun article-card-footer-item-icon"></i>
                          <span>0</span>
                        </a>
                      </div>
                      <div class="article-card-footer-right">
                        <a class="article-card-tag" href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E"  title='标签' >web漏洞</a><a class="article-card-tag" href="https://cesii.cn/tag/xss"  title='标签' >xss</a>                      </div>
                    </div>
                  </div>
                                      <div class="article-card-thumb">
                      <img class="article-card-thumb-img" src="https://tse4-mm.cn.bing.net/th/id/OIP-C.Po2CWz0NeeB60zIW1_h07wHaDt?rs=1&pid=ImgDetMain" alt="利用XSS平台获取cookie实现免登录" loading="lazy">
                    </div>
                                  </div>
              </article>
                          <article class="article-card animate__animated animate__fadeIn" data-link="https://cesii.cn/104.html" itemscope="" itemtype="http://schema.org/BlogPosting">
                <a class="article-card-hidden-a" href="https://cesii.cn/104.html" itemprop="url">Appscan漏洞：“启用了 TRACE 和 TRACK HTTP 方法”漏洞过程复现</a>
                <div class="article-card-head">
                  <span class="article-card-user" itemprop="author">
                    <span itemprop="name" rel="author">cesii</span>
                  </span>
                  <time class="article-card-time" datetime="2020-10-6" itemprop="datePublished">2020-10-6</time>
                  <span class="article-card-category">
                                          </span>
                </div>
                <div class="article-card-body">
                  <div class="article-card-main">
                    <h2 class="article-card-title" itemprop="name headline">Appscan漏洞：“启用了 TRACE 和 TRACK HTTP 方法”漏洞过程复现</h2>
                    <p class="article-card-desc" itemprop="articleBody">
                      在用Appscan扫描网站应用时出现了“启用了 TRACE 和 TRACK HTTP 方法”的漏洞，按照以往的方式都是整改后直接二次扫描验证就行了，但是这次因为个别原因导致通过工具进行二次验证，而且这个任务时间有限，只能通过手工验证的方式，这是第一次通过手工验证的方式去验证，一是不知道怎么去操作，二是不知道操作的到底对不对，无奈只能求助大佬，这里要特别感谢彭...                    </p>
                    <div class="article-card-footer">
                      <div class="article-card-footer-left" itemprop="interactionCount">
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-liulan article-card-footer-item-icon"></i>
                          <span>82</span>
                        </span>
                        <!--
                        <span class="article-card-footer-item">
                          <i class="iconfont icon-dianzan article-card-footer-item-icon"></i>
                          <span>27</span>
                        </span>
                        -->
                        <a class="article-card-footer-item comments" href="https://cesii.cn/104.html#comments" target="_blank" title="文章评论">
                          <i class="iconfont icon-pinglun article-card-footer-item-icon"></i>
                          <span>0</span>
                        </a>
                      </div>
                      <div class="article-card-footer-right">
                        <a class="article-card-tag" href="https://cesii.cn/tag/appscan"  title='标签' >appscan</a><a class="article-card-tag" href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E"  title='标签' >web漏洞</a><a class="article-card-tag" href="https://cesii.cn/tag/cwe%E6%BC%8F%E6%B4%9E"  title='标签' >cwe漏洞</a>                      </div>
                    </div>
                  </div>
                                      <div class="article-card-thumb">
                      <img class="article-card-thumb-img" src="https://tse1-mm.cn.bing.net/th/id/OIP-C.vs4OnoWUnDHVAniOmw51TAHaE8?rs=1&pid=ImgDetMain" alt="Appscan漏洞：“启用了 TRACE 和 TRACK HTTP 方法”漏洞过程复现" loading="lazy">
                    </div>
                                  </div>
              </article>
                              </div>

        <div class="comment-pagination">
          <ol class="page-navigator">
                      </ol>
        </div>
      </div>

      <div class="main-right">
        <div class="column-small side-bar">
        <div class="aside_container article immersion-hide">
        <h3 class="sidebar_title">
            <i class="iconfont icon-huore"></i>
            热门文章        </h3>
        <div class="article_list">
            <ul class="list">
                                    <li class="item">
                        <span class="type_index">1</span>
                        <a class="link" href="https://cesii.cn/LoadRunner/24.html">
                            Loadrunner 12录制脚本时报错：The recorded script contains no steps                        </a>
                    </li>
                                    <li class="item">
                        <span class="type_index">2</span>
                        <a class="link" href="https://cesii.cn/61.html">
                            组合拳：Fiddler+Postman+AppScan，搞定C/S端软件漏洞扫描                        </a>
                    </li>
                                    <li class="item">
                        <span class="type_index">3</span>
                        <a class="link" href="https://cesii.cn/LoadRunner/3.html">
                            墙烈推荐的快速获取测试脚本方式：Fiddler抓包工具+LoadRunner12                        </a>
                    </li>
                                    <li class="item">
                        <span class="type_index">4</span>
                        <a class="link" href="https://cesii.cn/linux/16.html">
                            Linux命令之grep日志查询                        </a>
                    </li>
                                    <li class="item">
                        <span class="type_index">5</span>
                        <a class="link" href="https://cesii.cn/python/7.html">
                            Minio云存储平台文件上传python脚本示例                        </a>
                    </li>
                            </ul>
        </div>
    </div>
    <div class="aside_container tags immersion-hide">
        <h3 class="sidebar_title">
            <i class="iconfont icon-tag"></i>
            标签        </h3>
        <div class=" tags_list">
            <ul class="aside_list">
                                    <li class="link"><a href="https://cesii.cn/tag/kali" title="1 篇文章">kali</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/nmap" title="1 篇文章">nmap</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/%E6%B0%B8%E6%81%92%E4%B9%8B%E8%93%9D" title="1 篇文章">永恒之蓝</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/chatgpt" title="1 篇文章">chatgpt</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/nmon" title="1 篇文章">nmon</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/.net" title="1 篇文章">.net</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/dvwa" title="2 篇文章">dvwa</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/windows" title="4 篇文章">windows</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/JpetStore" title="1 篇文章">JpetStore</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/curl" title="1 篇文章">curl</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/metasploit" title="1 篇文章">metasploit</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/hydra" title="1 篇文章">hydra</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/checkmarx" title="1 篇文章">checkmarx</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/LOIC" title="1 篇文章">LOIC</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/fiddler" title="1 篇文章">fiddler</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/%E9%98%B2%E7%81%AB%E5%A2%99" title="1 篇文章">防火墙</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/%E7%8E%AF%E5%A2%83%E5%8F%98%E9%87%8F" title="4 篇文章">环境变量</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/jython" title="1 篇文章">jython</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/mysql" title="3 篇文章">mysql</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/jdk" title="1 篇文章">jdk</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/docker" title="4 篇文章">docker</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/tomcat" title="4 篇文章">tomcat</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/xss" title="1 篇文章">xss</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/XSS%E5%B9%B3%E5%8F%B0" title="2 篇文章">XSS平台</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/%E8%99%9A%E6%8B%9F%E6%9C%BA" title="1 篇文章">虚拟机</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/loadrunner%E9%94%99%E8%AF%AF" title="8 篇文章">loadrunner错误</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/cwe%E6%BC%8F%E6%B4%9E" title="2 篇文章">cwe漏洞</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/ip" title="1 篇文章">ip</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/scp" title="1 篇文章">scp</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/rad" title="1 篇文章">rad</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/web%E6%BC%8F%E6%B4%9E" title="5 篇文章">web漏洞</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/beef+xss" title="1 篇文章">beef xss</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/nginx" title="2 篇文章">nginx</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/ssh" title="2 篇文章">ssh</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/airmon-ng" title="1 篇文章">airmon-ng</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/wifi" title="1 篇文章">wifi</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/kali+linux" title="10 篇文章">kali linux</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/websocket" title="1 篇文章">websocket</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/sqlmap" title="4 篇文章">sqlmap</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/sql%E6%B3%A8%E5%85%A5" title="2 篇文章">sql注入</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/nodejs" title="2 篇文章">nodejs</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/tcp" title="2 篇文章">tcp</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/linux" title="19 篇文章">linux</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/burpsuite" title="2 篇文章">burpsuite</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/jmeter" title="10 篇文章">jmeter</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/%E7%BD%91%E7%BB%9C%E4%BB%A3%E7%90%86" title="1 篇文章">网络代理</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/mqtt" title="1 篇文章">mqtt</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/python" title="3 篇文章">python</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/loadrunner" title="10 篇文章">loadrunner</a></li>
                                    <li class="link"><a href="https://cesii.cn/tag/nessus" title="3 篇文章">nessus</a></li>
                            </ul>
        </div>
    </div>

    <div class="aside_container comments immersion-hide">
        <h3 class="sidebar_title">
            <i class="iconfont icon-pinglun"></i>
            最新评论        </h3>

        <div class="comments_list">
            <ul class="list">
                                    <li class="item">
                        <div class="user">

                            <div class="avatar yublog_user_avatar">
                                <img class="" src="//cravatar.cn/avatar/043de90c01bdec0971d73ce90843ab60?s=120" alt="hisir用户头像">
                            </div>
                            <div class="info">
                                <div class=""> hisir </div>
                                <span class="date">
                                    5 个月前                                </span>
                            </div>
                        </div>
                        <div class="reply">
                            <a class="link aside-reply-content" href="https://cesii.cn/110.html#33">
                                666                            </a>

                        </div>
                    </li>
                
            </ul>
        </div>
    </div>

</div>
      </div>
    </div>
  </div>
</div>

<style>
  /* 全局样式 */
  body {
    font-family: 'PingFang SC', 'Helvetica Neue', Arial, sans-serif;
    background: #f5f7fa;
    color: #333;
  }

  /* 卡片样式 */
  .article-card {
    background: #fff;
    border-radius: 12px;
    box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
    transition: transform 0.3s ease, box-shadow 0.3s ease;
    margin-bottom: 6px;
    padding: 10px;
  }

  .article-card:hover {
    transform: translateY(-5px);
    box-shadow: 0 8px 12px rgba(0, 0, 0, 0.2);
  }

  /* 标题样式 */
  .article-card-title {
    margin-bottom: 5px;
  }

  /* 描述样式 */
  .article-card-desc {
    font-size: 1rem;
    color: #666;
    line-height: 1.6;
  }

  /* 底部样式 */
  .article-card-footer {
    display: flex;
    justify-content: space-between;
    align-items: center;
  }

  .article-card-footer-item {
    align-items: center;
    color: #666;
    margin-right: 15px;
  }

  .article-card-footer-item-icon {
    margin-right: 5px;
  }

  /* 分页样式 */
  .page-navigator {
    display: flex;
    justify-content: center;
    list-style: none;
    padding: 0;
  }

  .page-navigator li {
    margin: 0 5px;
  }

  .page-navigator a {
    border-radius: 5px;
    background: #f0f0f0;
    color: #333;
    text-decoration: none;
    transition: background 0.3s ease;
  }

  .page-navigator a:hover {
    background: #ddd;
  }
</style>

<script src="/content/templates/monie_jj/static/scripts/lazysizes.min.js"></script>
<script>
  // 图片懒加载
  document.addEventListener('DOMContentLoaded', function () {
    lazysizes.init();
  });
</script>


<script src="https://cesii.cn/content/templates/monie_jj/dist/scripts/main-manifest.ee83ce5a.js"></script>

<script src="https://cesii.cn/content/templates/monie_jj/dist/scripts/vendors.3a08bf66.js"></script>

<script src="https://cesii.cn/content/templates/monie_jj/dist/scripts/main.25ce9318.js"></script>


<footer class="footer">
  <!--Waves Container-->
  <div>
    <svg class="waves" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
      viewBox="0 24 150 28" preserveAspectRatio="none" shape-rendering="auto">
      <defs>
        <path id="gentle-wave" d="M-160 44c30 0 58-18 88-18s 58 18 88 18 58-18 88-18 58 18 88 18 v44h-352z" />
      </defs>
      <g class="parallax">
        <use xlink:href="#gentle-wave" x="48" y="0" fill="rgba(255,255,255,0.7" />
        <use xlink:href="#gentle-wave" x="48" y="3" fill="rgba(255,255,255,0.5)" />
        <use xlink:href="#gentle-wave" x="48" y="5" fill="rgba(255,255,255,0.3)" />
        <use xlink:href="#gentle-wave" x="48" y="7" fill="#fff" />
      </g>
    </svg>
  </div>
  <!--Waves end-->

  </div>
  <!--Header ends-->

  <!--Content starts-->
  <div class="footer-content content flex">
    <div class="footer_info">
        <!--
      <div class="footer-item">
        <a href="/about.html" target="_self" title="关于">关于</a>
        <a href="/links.html" target="_self" title="友链">友链</a>
        <a href="/rss.php" target="_blank" title="rss">rss</a>
      </div>
      -->
      <a href="https://cesii.cn/" title="cesii.cn"> Cesii ©2015 -2025<img src="https://cesii.cn/content/uploadfile/202501/e24a1737559607.png" title="戴眼镜的毛毛虫，来自90后时期的像素风，毛毛虫来自于测试，测试会产生bug，bug就是毛毛虫，毛毛虫因为近视眼要戴眼镜。">  
<a href="https://www.fujieace.com" title="付杰博客"><img src="https://cesii.cn/content/uploadfile/202409/91741725171975.png"><a> <a href="https://www.foreverblog.cn" target="_blank">  <img src="https://img.foreverblog.cn/logo_en_default.png" alt="" style="width:auto;height:16px;" title="十年之约" data-lazy-src="https://img.foreverblog.cn/logo_en_default.png" data-ll-status="loaded" class="entered lazyloaded"><noscript><img src="https://img.foreverblog.cn/logo_en_default.png" alt="" style="width:auto;height:16px;"title="十年之约"></noscript>    <a href="https://www.foreverblog.cn/go.html" target="_blank"> <img src="https://img.foreverblog.cn/wormhole_3_tp.gif" alt="" style="width:auto;height:32px;" title="穿梭虫洞-随机访问十年之约友链博客" data-lazy-src="https://img.foreverblog.cn/wormhole_3_tp.gif" data-ll-status="loaded" class="entered lazyloaded"><noscript><img src="https://img.foreverblog.cn/wormhole_3_tp.gif" alt="" style="width:auto;height:32px;" title="穿梭虫洞-随机访问十年之约友链博客"></noscript></a><a href="https://www.emlog.net/?ic=qpiFnC8e" target="_blank"><img src="https://cesii.cn/content/uploadfile/202502/d4fe1740036847.png" title="emlog驱动"></a>  <a target="_blank" title="51la网站统计" href="https://v6.51.la/land/3LaTBMpUHsIFZ3HE"><img src="https://sdk.51.la/icon/1-1.png"></a>
</a></a>
    </div>
    <p> 备案号: <a href="https://beian.miit.gov.cn/" title="京ICP备18022519号">京ICP备18022519号</a> </p>

      </div>
  <!--Content ends-->
</footer>