关于MVC的小笔记or总结

Zsm published on 2025-06-06 included in Nodejs

前言

前面的nodejs「3」其实写过，但是很潦草且不深刻，这个稍微深刻一点

什么是MVC

三个字母对应三个单词，对应三个层次

M->Model
V->View
C->Control

在我浅薄的理解下，Model层是对于数据库去建立sql模型，以及增删查改等操作。Control去作为M和V之间的中间件，去衔接贯通，并且在我的理解里面，这个不应该含有web层面的业务逻辑(下单，支付等操作)。而View就是与前端进行交互，得到or发送状态/数据等信息。
那么web层面的逻辑就应该交给Services层去完成，衍生出来的DTO层，用于C->S时的数据处理以及规范，有趣的是他只是一个结构体，不能处理复杂的逻辑，比如权限管理，增加waf等，我第一开始真的想过在这里去加waf保证安全(如xss，sql注入等)

THM WhyHackMe

Zsm published on 2025-06-02 included in 靶场

前言

THM的一个中等难度靶机，主要是xss相关？挺难的（

外网打点

nmap+dirsearch启动

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82


 nmap -sC -sV 10.10.146.135     
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-06-02 15:53 CST
Nmap scan report for 10.10.146.135
Host is up (0.24s latency).
Not shown: 997 closed tcp ports (conn-refused)
PORT   STATE SERVICE VERSION
21/tcp open  ftp     vsftpd 3.0.3
| ftp-anon: Anonymous FTP login allowed (FTP code 230)
|_-rw-r--r--    1 0        0             318 Mar 14  2023 update.txt
| ftp-syst:
|   STAT:
| FTP server status:
|      Connected to 10.21.155.141
|      Logged in as ftp
|      TYPE: ASCII
|      No session bandwidth limit
|      Session timeout in seconds is 300
|      Control connection is plain text
|      Data connections will be plain text
|      At session startup, client count was 3
|      vsFTPd 3.0.3 - secure, fast, stable
|_End of status
22/tcp open  ssh     OpenSSH 8.2p1 Ubuntu 4ubuntu0.9 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   3072 47:71:2b:90:7d:89:b8:e9:b4:6a:76:c1:50:49:43:cf (RSA)
|   256 cb:29:97:dc:fd:85:d9:ea:f8:84:98:0b:66:10:5e:6f (ECDSA)
|_  256 12:3f:38:92:a7:ba:7f:da:a7:18:4f:0d:ff:56:c1:1f (ED25519)
80/tcp open  http    Apache httpd 2.4.41 ((Ubuntu))
|_http-title: Welcome!!
|_http-server-header: Apache/2.4.41 (Ubuntu)
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 56.16 seconds

 python dirsearch.py -u http://10.10.146.135            

  _|. _ _  _  _  _ _|_    v0.4.3
 (_||| _) (/_(_|| (_| )

Extensions: php, asp, aspx, jsp, html, htm | HTTP method: GET | Threads: 25 | Wordlist size: 12290

Target: http://10.10.146.135/

[15:57:12] Scanning:
[15:57:27] 403 -   278B - /.php
[15:58:04] 301 -   315B - /assets  ->  http://10.10.146.135/assets/
[15:58:04] 200 -    1KB - /assets/
[15:58:11] 403 -   278B - /cgi-bin/
[15:58:11] 403 -   278B - /cgi-bin/awstats.pl
[15:58:11] 403 -   278B - /cgi-bin/a1stats/a1disp.cgi
[15:58:11] 403 -   278B - /cgi-bin/awstats/
[15:58:11] 403 -   278B - /cgi-bin/htmlscript
[15:58:11] 403 -   278B - /cgi-bin/login
[15:58:11] 403 -   278B - /cgi-bin/login.php
[15:58:11] 403 -   278B - /cgi-bin/login.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt-xmlrpc.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt/mt-xmlrpc.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt/mt.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt7/mt-xmlrpc.cgi
[15:58:11] 403 -   278B - /cgi-bin/mt7/mt.cgi
[15:58:11] 403 -   278B - /cgi-bin/php.ini
[15:58:11] 403 -   278B - /cgi-bin/printenv.pl
[15:58:11] 403 -   278B - /cgi-bin/ViewLog.asp
[15:58:11] 403 -   278B - /cgi-bin/test-cgi
[15:58:11] 403 -   278B - /cgi-bin/test.cgi
[15:58:11] 403 -   278B - /cgi-bin/htimage.exe?2,2
[15:58:11] 403 -   278B - /cgi-bin/imagemap.exe?2,2
[15:58:11] 403 -   278B - /cgi-bin/index.html
[15:58:11] 403 -   278B - /cgi-bin/printenv
[15:58:15] 200 -     0B - /config.php
[15:58:22] 403 -   278B - /dir
[15:58:36] 200 -   563B - /index.php
[15:58:36] 200 -   563B - /index.php/login/
[15:58:42] 200 -   523B - /login.php
[15:58:43] 302 -     0B - /logout.php  ->  login.php
[15:59:02] 200 -   643B - /register.php
[15:59:06] 403 -   278B - /server-status/
[15:59:06] 403 -   278B - /server-status

Task Completed

这个时候缓一下，差点忘记21ftp没看，直接连接上去拿下来一个文件

HTB Environment

Zsm published on 2025-06-02 included in 靶场

前言

一个很有意思的靶机，HTB中等难度

外网打点

按照惯例nmap+dirsearch

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49


nmap -sC -sV 10.10.11.67        
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-05-31 20:35 CST
Stats: 0:01:21 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 46.63% done; ETC: 20:38 (0:01:29 remaining)
Stats: 0:02:17 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 54.81% done; ETC: 20:39 (0:01:50 remaining)
Stats: 0:03:05 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 61.43% done; ETC: 20:40 (0:01:54 remaining)
Stats: 0:05:10 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 79.51% done; ETC: 20:42 (0:01:19 remaining)
Stats: 0:06:55 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 94.33% done; ETC: 20:43 (0:00:25 remaining)
Stats: 0:06:55 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 94.34% done; ETC: 20:43 (0:00:25 remaining)
Nmap scan report for 10.10.11.67
Host is up (1.1s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 9.2p1 Debian 2+deb12u5 (protocol 2.0)
| ssh-hostkey:
|   256 5c:02:33:95:ef:44:e2:80:cd:3a:96:02:23:f1:92:64 (ECDSA)
|_  256 1f:3d:c2:19:55:28:a1:77:59:51:48:10:c4:4b:74:ab (ED25519)
80/tcp open  http    nginx 1.22.1
|_http-title: Did not follow redirect to http://environment.htb
|_http-server-header: nginx/1.22.1
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

 python dirsearch.py -u http://environment.htb -w /Users/zsm/CTF/tool/kali_word/dirb/wordlists/big.txt     
  _|. _ _  _  _  _ _|_    v0.4.3
 (_||| _) (/_(_|| (_| )

Extensions: php, asp, aspx, jsp, html, htm | HTTP method: GET | Threads: 25 | Wordlist size: 20469

Target: http://environment.htb/

[20:45:45] Scanning:
[20:49:52] 301 -   169B - /build  ->  http://environment.htb/build/
[20:49:52] 301 -   169B - /build  ->  http://environment.htb/build/
[20:52:23] 200 -     0B - /favicon.ico
[20:55:04] 200 -    2KB - /login
[20:55:04] 302 -   358B - /logout  ->  http://environment.htb/login
[20:55:10] 405 -  244KB - /mailing
[20:58:33] 200 -    24B - /robots.txt
[21:00:09] 301 -   169B - /storage  ->  http://environment.htb/storage/
[21:01:19] 200 -    2KB - /up
[21:01:20] 405 -  244KB - /upload
[21:01:39] 301 -   169B - /vendor  ->  http://environment.htb/vendor/

Task Completed

有个很明显的登录页面，进去看看，随便输入试试有报错回显，但是目前不知道有什么可以打的地方

Litctf2025 Crypto

Zsm published on 2025-05-26 included in CTF

前言

赛时因为有其他的东西就没打，赛后复现，25号一晚上写完了，感觉除了背包其他的都还好

题目

basic

task.py

 1
 2
 3
 4
 5
 6
 7
 8
 9
10


from Crypto.Util.number import *
from enc import flag 

m = bytes_to_long(flag)
n = getPrime(1024)
e = 65537
c = pow(m,e,n)
print(f"n = {n}")
print(f"e = {e}")
print(f"c = {c}")

经典的n是大素数的问题

THM the London Bridge

Zsm published on 2025-05-26 included in 靶场

前言

一鼓作气，再刷一个，THM的一个中等靶机

外网打点

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66


nmap -sC -sV 10.10.207.41   
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-05-24 20:54 CST
Stats: 0:00:55 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 50.00% done; ETC: 20:55 (0:00:20 remaining)
Stats: 0:01:01 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 50.00% done; ETC: 20:56 (0:00:25 remaining)
Stats: 0:01:44 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 50.00% done; ETC: 20:57 (0:01:08 remaining)
Nmap scan report for 10.10.207.41
Host is up (0.23s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT     STATE SERVICE    VERSION
22/tcp   open  ssh        OpenSSH 7.6p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   2048 58:c1:e4:79:ca:70:bc:3b:8d:b8:22:17:2f:62:1a:34 (RSA)
|   256 2a:b4:1f:2c:72:35:7a:c3:7a:5c:7d:47:d6:d0:73:c8 (ECDSA)
|_  256 1c:7e:d2:c9:dd:c2:e4:ac:11:7e:45:6a:2f:44:af:0f (ED25519)
8080/tcp open  http-proxy gunicorn
|_http-title: Explore London
| fingerprint-strings:
|   GetRequest:
|     HTTP/1.0 200 OK
|     Server: gunicorn
|     Date: Sat, 24 May 2025 12:55:24 GMT
|     Connection: close
|     Content-Type: text/html; charset=utf-8
|     Content-Length: 2682
|     <!DOCTYPE html>
|     <html lang="en">
|     <head>
|     <meta charset="UTF-8">
|     <meta name="viewport" content="width=device-width, initial-scale=1.0">
|     <title>Explore London</title>
|     <style>
|     body {
|     font-family: Arial, sans-serif;
|     margin: 0;
|     padding: 0;
|     background-color: #f2f2f2;
|     header {
|     background-color: #333;
|     color: #fff;
|     padding: 10px 20px;
|     text-align: center;
|     background-color: #444;
|     color: #fff;
|     padding: 10px 20px;
|     text-align: center;
|     color: #fff;
|     text-decoration: none;
|     margin: 0 10p
|   HTTPOptions:
|     HTTP/1.0 200 OK
|     Server: gunicorn
|     Date: Sat, 24 May 2025 12:55:25 GMT
|     Connection: close
|     Content-Type: text/html; charset=utf-8
|     Allow: HEAD, GET, OPTIONS
|_    Content-Length: 0
|_http-server-header: gunicorn
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
...
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 178.62 seconds

没什么有用的，disearch启动

HTB Planning

Zsm published on 2025-05-25 included in 靶场

前言

好久没打靶机了，昨天睿抗校赛摸鱼打了一半，回宿舍打完了

外网打点

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21


❯ nmap -sC -sV 10.10.11.68 
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-05-24 14:57 CST
Stats: 0:00:31 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 99.99% done; ETC: 14:58 (0:00:00 remaining)
Stats: 0:00:32 elapsed; 0 hosts completed (1 up), 1 undergoing Connect Scan
Connect Scan Timing: About 99.99% done; ETC: 14:58 (0:00:00 remaining)
Nmap scan report for 10.10.11.68
Host is up (0.26s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 9.6p1 Ubuntu 3ubuntu13.11 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   256 62:ff:f6:d4:57:88:05:ad:f4:d3:de:5b:9b:f8:50:f1 (ECDSA)
|_  256 4c:ce:7d:5c:fb:2d:a0:9e:9f:bd:f5:5c:5e:61:50:8a (ED25519)
80/tcp open  http    nginx 1.24.0 (Ubuntu)
|_http-title: Did not follow redirect to http://planning.htb/
|_http-server-header: nginx/1.24.0 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 48.18 seconds

把域名加到/etc/hosts里面，访问一下，发现没有明显的目标，扫目录