Tuhinga o mua.
I te otinga o taku tuhi i tētahi atu tuhinga Bash, i kite ahau me tino rerekē ngā mea katoa, engari i pai katoa. E hiahia ana ahau ki te whakaatu ki a koe i ngā tinihanga me ngā tinihanga kino i tuhia e au hei whakaoti rapanga, engari kāore he nui o te mōhiotanga. Arā, he whakaahua pakiwaitara o te hōtaka.
Whāinga
I puta he mea i hiahiatia kia:
- He maha ngā rīme i whakaputaina mō te kupu, haunga ngā tapawhā
- He maha ngā rīme o ngā kupu e rua i honoa
Hei aha? Āe, he mea tika - ā, koia anake.
Ki te hunga kāore i te mōhio, ko te rīme tapawhā (he tapawhā) he kupu e rua e rite ana ngā reta whakamutunga e rua, ā, ko ēnei (he maha, koia anake) te mea e rīme ai rāua. Hei tauira, ko te rōhi - hukapapa; ko te potae - motuka. Kāore te whakamahinga o te kupu tapawhā i roto i ngā whakamāoritanga o ēnei rā i te tino pai ki te iwi nā te mea he taketake noa iho.
whakatau
Ko te otinga māmā rawa atu ki ahau ko te tuhi i tētahi tuhinga Bash mā te whakamahi i tētahi kaihanga rīme o nāianei, ko HOST, e whiriwhiri ana i ngā rīme i runga i te assonance, ehara i te tuhi. He aha te HOST? Nā te mea ki te whakamahi ahau i te ingoa o te paetukutuku, ka kīia he pānuitanga. He aha e kore ai e whakamahi tonu? Tuatahi, ahakoa tōna painga o te whiriwhiri i ngā rīme i runga i te assonance, he maha tonu ngā wā ka puta he tapawhā. Tuarua, me whakaaro tonu koe ki tō roro, me moumou taima ki te whakawhiti i waenga i ngā ripa, me te maumahara i ngā kupu kua whakahuatia i roto i ngā rārangi hei kimi i tētahi rīme mō ngā kupu e rua.
Te Whiwhi i ngā Rīme Kaha
He aha taku e mōhio ana? E mōhio ana ahau mō te whaipainga. wget, e tango ana i tētahi whārangi mai i tētahi URL kua tohua. Āe, ka whakahaerehia e mātou te tono, ā, ka whiwhi mātou i tētahi whārangi HTML i roto i tētahi kōnae kua tapaina i muri i te kupu e rite ana te rīme. Hei tauira, me rapu tātou i te kupu "i konei":
wget https://HOST/rifma/здесь Engari ko te rārangi kupu anake taku e hiahia ana, me pēhea taku whakakore i ngā mea katoa? Ka tirohia e mātou, ā, ka kite mātou kua hōputuhia te rārangi kupu, he mea whakamiharo, hei rārangi, ā, kei roto ngā kupu i ngā tūtohu. Āe, he tino whai hua tā mātou. sed — me tuhi pēnei:
cat $word | grep '<li>' | sed -e "s%<li>%%" | sed -e "s%</li>%%" | sed -e "s/ //g" | sed -e "/^$/d" 1> $wordTuatahi, tīpakohia ngā rārangi kei roto te tohu mai i te kōnae kupu. — ka whiwhi tātou i te maha o ngā tūtohu kau me ngā aho me ngā kupu. Ka tangohia e tātou te tūtohu tonu me tōna tūtohu kati — i konei, ka whakamahia ngā tohu ōrau hei utu mō ngā tohu tapahi nā te mea i roto i te tūtohu tonu kua oti kē te tapahi, he aha ai? sed Kāore au i te tino mārama ki a koe. Heoi, he pai ngā ōrau. Tangohia ngā mokowā katoa mai i te kōnae, ka muku i ngā rārangi kau. Āe—he rārangi kupu kua oti te hanga.
Hei tango i ngā kupu e rite ana te rīme ki ō rātou reta whakamutunga, ka tīpakohia e tātou ngā reta whakamutunga e rua mai i te kupu taketake, kātahi ka horoia te rārangi:
squad=${word:((${#word}-2)):2}
cat $word | sed -e "/.$squad$/d" 1> $wordKei te rapu mātou, kei te whakamātau—kei te pai ngā mea katoa... Nō reira, kei hea te rārangi mō te kupu "to play"? Ā, mō te kupu "go"? Kāore he mea i roto i te kōnae! Nā te mea he kupumahi ēnei kupu, ā, e mōhio ana mātou ki te aha ka pā ki te hunga e rīme ana ki ngā kupumahi. He kino ake te rīme kupumahi i te rīme tapawhā, nā te mea he maha ngā kupumahi o te reo Rūhia, ā, he rite tonu ngā mutunga o rātou katoa, koia te take i kore ai i whakaurua ki te kōnae whakamutunga i muri i te tirotiro i ngā mutunga.
Kaua e hohoro. Ehara i te mea he rīme anake kei roto i ia kupu, engari he assonance anō hoki, he pai ake te tangi i ētahi wā i ngā rīme—koia te ingoa o ngā assonance (he assonance Wīwī, mai i te kupu Latina assono—he rite te tangi ki te rangi).
Ka whiwhi tātou i ngā assonances
Koinei te tīmatanga o te ngahau: ka puta ngā taurite i tētahi URL motuhake, ā, i te whārangi kotahi, mā te whakahaere i tētahi tuhinga, te tuku tono HTTP, me te whiwhi whakautu. Me pēhea taku kī atu wget'Pēhia te pātene? Kāore he ara. Pōuri.'
I te kitenga atu kei te huri te URL i te rārangi, ka tāruatia e au te URL i reira i muri i taku huri ki te assonance ka whakapiri ki tētahi ripa tirotiro hou—ka huaki mai ngā rīme kaha. Kāore i pērā.
Ina hoki, i whakaaro ahau, mō tūmau Kāore he aha mena kei te whakahaerehia te tuhinga e tuku ana i te tono, kei te pato ā-ringa rānei te tangata. Āe? Ko wai ka mōhio? Me tirotiro tāua.
Kei hea te tuku? He aha te mea hei tuku? He tono HTTP ki te IP o te tūmau, he mea pēnei i te GET... kātahi ka mea HTTP/1.1... Me kite tātou he aha te mea e tukuna ana e te pūtirotiro me te wāhi kei hea. Me tāuta. wireshark, me titiro tātou ki te waka:
0040 37 5d a3 84 27 e7 fb 13 6d 93 ed cd 56 04 9d 82 7]£.'çû.m.íÍV...
0050 32 7c fb 67 46 71 dd 36 4d 42 3d f3 62 1b e0 ad 2|ûgFqÝ6MB=ób.à.
0060 ef 87 be 05 6a f9 e1 01 41 fc 25 5b c0 77 d3 94 ï.¾.jùá.Aü%[ÀwÓ.
Āe... he aha? Āe, kei a tātou te HTTPS. Me aha tātou? Whakarewahia he whakaeke MITM ki a tātou anō? Ko te mea pai, ka mahi tahi te patunga.
Nō reira, i te kitenga i te huarahi ki te tirotiro i te pūtirotiro, ka kitea e au te tono me te kaiwhiwhi. Me tīmata tātou:
Kōrero ki te tauranga
telnet IP PORT
Trying IP...
Connected to IP.
Escape character is '^]'.
GET /rifma/%D0%BC%D0%B0%D1%82%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
Accept-Language: en-US,en;q=0.5
X-Requested-With: XMLHttpRequest
Connection: close
HTTP/1.1 400 Bad Request
Server: nginx/1.8.0
Date: Sun, 03 Nov 2019 20:06:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 270
Connection: close
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
Connection closed by foreign host.Āe. Āe. He aha rawa taku i tumanako ai i taku tukunga i tētahi tono HTTP kau noa ki tētahi tauranga HTTPS? Me whakamuna e au ināianei? Ko te nui o ngā raruraru ki ngā kī RSA, kātahi ki te SHA256. He aha ai te take? Kei reira. OpenSSL Mō ēnei āhuatanga. Āe, kua mōhio kē tātou ki te aha me mahi, engari me tango tuatahi ngā āpure Referer me Cookie—ki taku whakaaro kāore e nui te rerekētanga:
Kōrero ki te tauranga
openssl s_client -connect IP:PORT
{Всякие ключи, сертификаты}
GET /rifma/%D0%B7%D0%B4%D0%B5%D1%81%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/javascript,text/html,application/xml,text/xml,*/*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Date: Sun, 03 Nov 2019 20:34:33 GMT
Set-Cookie: COOKIE
X-Powered-By: Phusion Passenger 5.0.16
Server: nginx/1.8.0 + Phusion Passenger 5.0.16
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip
He momo kanga taha tūmau tēnei? Pai rawa atu, i te iti rawa i whiwhi ahau i te whakautu 200 OK, nō reira kāore ngā pihikete me te kaituku e pā ki tetahi mea. Kua kōpeketia e te gzip, engari ko te tārua ka tārua i ngā pūāhua ASCII. Āe, ka taea e koe te tango i te rārangi. Whakaae-whakawaehereKei te pai ngā mea katoa—ka whiwhi tātou i tētahi tuhinga HTML, inaianei me ngā taurite. Engari anei ētahi pātai e rua: me pēhea te whakahaere i te OpenSSL me te whāngai raraunga mā te hōtuhi? Ā, me pēhea te pānui i te putanga mēnā, i muri i te whiwhinga o te whakautu, ka waiho tātou i roto i tētahi "anga" OpenSSL? Ka taea te mahi i tētahi mea mō te mea whakamutunga, engari me te mea tuatahi...
He tino pai kei reira Habr, i reira i pānui ai au mō te whaipainga tumanako, e aunoa ana i te tukanga taunekeneke ki ngā kaupapa e hiahia ana ki te taunekeneke tangata. He mea tino ātaahua ake ko te noho mai o tētahi tīma tumanako aunoa, te whakaputa tumanako he tuhinga i runga i āu mahi. Āe, me whakarewa, me mahi i ēnei mea katoa, ā, anei te tuhinga kua oti. Engari he tino nui, nā te mea OpenSSL e whakaatu ana i ngā tiwhikete, ngā kī, me tumanako E tatari ana kia puta katoa mai tēnei. Me hiahia tēnei? Kāore. Ka mukua e mātou te tohu tuatahi katoa, ka waiho ko te rārangi whakamutunga 'r' anake. Ka tangohia hoki e mātou ngā āpure Kaiwhakamahi-Kaihoko me te Whakaae mai i tā mātou tono—kāore e pā ki tetahi mea. Āe, me whakahaere. Ka oma te tuhinga, engari kei hea te tuhinga HTML e tino hiahiatia ana? Titiro kainga ana e ia. Hei mea i a ia kia ruaki, me tāpiri e koe:
set results $expect_out(buffer)i mua i te mutunga o te tuhinga - koinei te āhua o te tuhi o te putanga o te kōnae whakahaere tumanakote whakahau 'om, ā, ka whakaaturia ki te mata. Ka rite te āhua o te hua ki tēnei:
Tumanakohia te tuhinga
#!/usr/bin/expect -f
set timeout -1
spawn openssl s_client -connect IP:PORT
match_max 100000
expect -exact "
---r
"
send -- "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1rHost: HOSTrAccept-Language: en-US,en;q=0.5rX-Requested-With: XMLHttpRequestrConnection: close"
expect -exact "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1r
Host: HOSTr
Accept-Language: en-US,en;q=0.5r
X-Requested-With: XMLHttpRequestr
Connection: close"
send -- "r"
set results $expect_out(buffer)
expect -exact "r
"
send -- "r"
expect eofEngari kāore i mutu i reira! E ai ki tāu i kite ai, he tūmau te URL tono i roto i ngā tauira katoa, engari koia te mea e whakatau ana ko tēhea kupu ka whakaaturia ngā taurite. Nō reira, ka kitea tonutia e tātou te rapu i te kupu "%d0%b7%d0%b4%d0%b5%d1%81%d1%8c" i roto i te ASCII, i te "here" rānei i roto i te UTF-8. Me aha tātou? Ae, me whakaputa noa i tētahi tuhinga hou i ia wā, e te iwi! Engari kāore i te pērā i ēnei rā. tumanako aunoa'om, engari mā te āwhina a paoro, nā te mea i roto i te putanga hou, kāore he mea e rerekē ana engari ko te kupu anake. Ā, kia ora te raruraru hou: me pēhea e taea ai e tātou te whakamāori atamai i tētahi kupu mai i te whakatakotoranga Cyrillic ki te URL? Kāore he mea motuhake mō te pūwhakamutunga. Āe, ka taea e tātou te mahi, tika? Ka taea e tātou:
Tirohia te mea ka taea e au!
function furl {
furl=$(echo "$word" | sed 's:А:%d0%90:g;s:Б:%d0%91:g;s:В:%d0%92:g;s:Г:%d0%93:g;s:Д:%d0%94:g;s:Е:%d0%95:g;s:Ж:%d0%96:g;s:З:%d0%97:g;s:И:%d0%98:g;s:Й:%d0%99:g;s:К:%d0%9a:g;s:Л:%d0%9b:g;s:М:%d0%9c:g;s:Н:%d0%9d:g;s:О:%d0%9e:g;s:П:%d0%9f:g;s:Р:%d0%a0:g;s:С:%d0%a1:g;s:Т:%d0%a2:g;s:У:%d0%a3:g;s:Ф:%d0%a4:g;s:Х:%d0%a5:g;s:Ц:%d0%a6:g;s:Ч:%d0%a7:g;s:Ш:%d0%a8:g;s:Щ:%d0%a9:g;s:Ъ:%d0%aa:g;s:Ы:%d0%ab:g;s:Ь:%d0%ac:g;s:Э:%d0%ad:g;s:Ю:%d0%ae:g;s:Я:%d0%af:g;s:а:%d0%b0:g;s:б:%d0%b1:g;s:в:%d0%b2:g;s:г:%d0%b3:g;s:д:%d0%b4:g;s:е:%d0%b5:g;s:ж:%d0%b6:g;s:з:%d0%b7:g;s:и:%d0%b8:g;s:й:%d0%b9:g;s:к:%d0%ba:g;s:л:%d0%bb:g;s:м:%d0%bc:g;s:н:%d0%bd:g;s:о:%d0%be:g;s:п:%d0%bf:g;s:р:%d1%80:g;s:с:%d1%81:g;s:т:%d1%82:g;s:у:%d1%83:g;s:ф:%d1%84:g;s:х:%d1%85:g;s:ц:%d1%86:g;s:ч:%d1%87:g;s:ш:%d1%88:g;s:щ:%d1%89:g;s:ъ:%d1%8a:g;s:ы:%d1%8b:g;s:ь:%d1%8c:g;s:э:%d1%8d:g;s:ю:%d1%8e:g;s:я:%d1%8f:g;s:ё:%d1%91:g;s:Ё:%d0%81:g')}Nō reira, kei a mātou tētahi tuhinga e huri ana i tētahi kupu ki te tuhinga ASCII, kātahi ka whakaputa i tētahi atu tuhinga e tono ana i tētahi whārangi paetukutuku me ngā taurite mai i te tūmau mā OpenSSL. Kātahi ka tukuna anō e mātou te putanga o te tuhinga whakamutunga ki tētahi kōnae, ka whakahaere i te tikanga tawhito. te nui, ngā tapawhā me te tuhi ki te kōnae.
Te whakawhitiwhitinga o ngā huinga. Whakarāpopototanga
Koinei te mea e iti rawa ai ngā raruraru. Ka mahia e mātou ngā tikanga o runga ake nei mō ngā kupu e rua, kātahi ka whakataurite i ia kupu mai i ngā rārangi e rua ki tētahi atu, ā, ki te kitea he ōrite, ka whakaputaina e mātou. Inaianei kei a mātou he tuhinga e tango ana i ngā kupu e rua hei whakauru, ā, ka whakaputaina he rārangi kupu e rite ana ki ngā kupu e rua, me te whai whakaaro ki te assonance, me ēnei katoa me te kore e huri ā-ringa i waenga i ngā ripa e whā, e maumahara rānei ki ngā kupu "mā te kanohi"—ka kohia katoatia, ka tatauhia, ka maka aunoatia. He tino pai.
Ko te kaupapa o tēnei pukapuka he whakaatu mēnā e hiahia ana tetahi ki tētahi mea, ka mahia e rātou ahakoa pēhea. He tino koretake, he piko, he whakamataku hoki, engari ka whai hua.
Source: will.com
