Tuhinga o mua.

Ka mutu te tuhi i tetahi atu tuhinga ki Bash, ka mohio ahau me tino rereke nga mea katoa, engari i mahi nga mea katoa. E hiahia ana ahau ki te whakaatu ki a koe he aha nga mahi whakarihariha me nga tootoo i tuhia e au hei whakaoti i te raruraru, engari kaore ano kia whai waka matauranga. Arā, he caricature o te hōtaka.

Whāinga

He mea tika kia:

• He maha nga rotarota mo te kupu, haunga nga tapawha
• I whakawhiti i nga rotarota maha o nga kupu e rua

Hei aha? Kaati, koinei - ka mutu.
Ko wai kare e mohio, ko te rotarota tapawha (i roto i te korero noa - he tapawha) e rua nga kupu e rua nga reta whakamutunga i roto i te takikupu e rite ana, na (he maha, koinei anake te mea) ka hanga he rotarota. Hei tauira, he hukapapa nga rohi; potae - waka. Ko te whakamahi i nga tapawha i roto i te whakarereketanga hou kaore i te tino whakaaetia e nga tangata, na te mea ko o raatau ahuatanga.

whakatau

Ki taku whakaaro ko te otinga tino ngawari ko te tuhi i tetahi tuhinga ki Bash e whakamahi ana i te kaihanga riipene o mua - HOST, e kowhiri ana ma te orotika, kaua ma te tuhi. He aha te momo HOST? No te mea ki te tohu koe i te ingoa tuturu o te pae, ka kii ratou he panui. He aha e kore ai e whakamahi tonu? Tuatahi, ahakoa tana painga ki te kowhiri i nga rotarota i runga i nga orokati, he maha tonu tana whakaputa i nga tapawha. Tuarua, me whai whakaaro tonu koe me to roro, whakapau i te wa ki te huri i waenga i nga ripa, me te kaha ki te maumahara i nga kupu tukurua i roto i nga rarangi hei rapu rotarota mo nga kupu e rua.

Te tiki rotarota kaha

He aha taku mohio? E mohio ana ahau mo te whaipainga wget, e tango ana i te wharangi ki te URL kua tohua. Kaati, me mahia te tono - ka whiwhi tatou i tetahi wharangi HTML kei roto i te konae kua whakaingoatia me te kupu whakaahuru. Hei tauira, me rapu tatou mo te kupu "konei":

wget https://HOST/rifma/здесь

Engari he rarangi kupu anake taku e hiahia ana, me pehea taku whakakore i era atu mea katoa? Ka titiro, ka kite kua whakatakotohia te rarangi o nga kupu, ahakoa he aha te ahua ke, he rarangi ingoa, kei roto nga kupu i nga tohu. . Ana, he taputapu nui ta matou. sed - me tuhi penei:

cat $word | grep '<li>' | sed -e "s%<li>%%" | sed -e "s%</li>%%" | sed -e "s/ //g" | sed -e "/^$/d" 1> $word

Tuatahi, mai i te konae kupu, tohua nga rarangi kei roto te tohu — whiwhi tatou i te paihere o nga tūtohu kau, me te rārangi ki te kupu. Ka tangohia e matou te tohu ake me tona kati kati - kei konei nga tohu pahekeheke ka whakamahia hei utu mo nga riipene na te mea kei roto tonu i te tohu he rītaha kē, he aha? sed e kore e marama ki a koe. A he pai nga mea katoa me te hiahia. Ka tangohia e matou nga waahi katoa mai i te konae, tangohia nga raina kore. Voila - he rarangi kupu kua rite.

Hei tango i nga kupu e rite ana ma te whakamahi i nga reta whakamutunga, tohua nga reta e rua o muri mai i te kupu taketake ka hurahia te rarangi:

squad=${word:((${#word}-2)):2}
cat $word | sed -e "/.$squad$/d" 1> $word

Ka titiro, ka whakamatau - ka pai nga mea katoa... no reira, kei hea te rarangi mo te kupu "takaro"? A mo te kupu "Ka haere ahau"? Kei te putua te kōnae! A ko tenei katoa na te mea he kupu mahi enei kupu, a, e mohio ana tatou he aha te mahi ki te hunga e rite ana ki te kupu mahi. He kino rawa atu te peera kupumahi i te peera tapawha, na te mea ko te reo Ruhia te nuinga o nga kupumahi, a he rite tonu nga mutunga o te katoa, na reira kaore i uru ki te konae whakamutunga i muri i te tirotiro i nga mutunga.

Heoi ano, kaore matou i te tere. Mo ia kupu ehara i te mea he riipene anake, engari ano hoki nga assonances, he pai ake te oro i etahi wa i te rotarota - na reira he assonances (French assonance, no te Latin assono - he pai taku tangi).

Ka whiwhi tatou i nga assonances

Koinei te waahi ka timata te ngahau: ka puta mai nga assonances ki tetahi URL motuhake, me te wharangi kotahi, ma te mahi i te tuhinga, te tuku tono HTTP me te whiwhi whakautu. Me pehea taku korero wget'E pehi ana koe i te paatene? Engari kaore he huarahi. Te pouri.

I te kitenga kua huri ke te URL o te raina, ka kape ahau i nga mea kei reira i muri i te huri ki nga assonances ka whakapiri ki roto i te ripa tirotiro hou - strong rhymes opened up. Ehara i tera.

Ko te mea nui, i whakaaro ahau, kare he mea nui ki te tūmau mena ka mahia te tuhinga e tuku ana i te tono, mena ka patohia e te tangata ma te ringaringa. Na? Ko wai ka mohio, me haere tatou ki te tirotiro.

Me tuku ki hea? He aha te tuku? Ko te tono HTTP ki te IP tūmau, he rite ki te GET ... katahi ano he HTTP / 1.1 ... Me kite tatou he aha te tuku a te kaitirotiro me te waahi. Tāuta wireshark, titiro ki te waka:

0040 37 5d a3 84 27 e7 fb 13 6d 93 ed cd 56 04 9d 82 7]£.'çû.m.íÍV...
0050 32 7c fb 67 46 71 dd 36 4d 42 3d f3 62 1b e0 ad 2|ûgFqÝ6MB=ób.à.
0060 ef 87 be 05 6a f9 e1 01 41 fc 25 5b c0 77 d3 94 ï.¾.jùá.Aü%[ÀwÓ.

Um... he aha? Ae, kei a matou HTTPS. Me aha? Whakarewahia he whakaeke MITM ki a koe ano? Ko te mea pai, ko te patunga tonu ma tatou e awhina.

I te nuinga o te wa, ka whakatau ahau ki te ngaru i te kaitirotiro, ka kitea e au te tono ake me te kaikorero. Haere:

Korero ki te tauranga

telnet IP PORT
Trying IP...
Connected to IP.
Escape character is '^]'.
GET /rifma/%D0%BC%D0%B0%D1%82%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
Accept-Language: en-US,en;q=0.5
X-Requested-With: XMLHttpRequest
Connection: close

HTTP/1.1 400 Bad Request
Server: nginx/1.8.0
Date: Sun, 03 Nov 2019 20:06:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 270
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
Connection closed by foreign host.

Hei. Hehehe. Ae, koinei te mea i tumanakohia e au i te wa e tukuna ana he tono HTTP kore ki tetahi tauranga HTTPS. Me whakamuna tatou inaianei? Ko enei raruraru katoa me nga taviri RSA, katahi ko SHA256. He aha, kei reira OpenSSL mo nga mea pera. Ana, kua mohio ano matou ki te mahi, ka tangohia e matou nga mara Kaitohu me te Pihikete i te tuatahi - Ki taku whakaaro kare rawa e pa ki tenei take:

Korero ki te tauranga

openssl s_client -connect IP:PORT
{Всякие ключи, сертификаты}
GET /rifma/%D0%B7%D0%B4%D0%B5%D1%81%D1%8C?mode=block&type=asn HTTP/1.1
Host: HOST
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/javascript,text/html,application/xml,text/xml,*/*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Date: Sun, 03 Nov 2019 20:34:33 GMT
Set-Cookie: COOKIE
X-Powered-By: Phusion Passenger 5.0.16
Server: nginx/1.8.0 + Phusion Passenger 5.0.16
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip

He aha tenei, te oati i runga i te tūmau? Ae, i te iti rawa i whakahoki mai ratou ki ahau 200 OK, ko te tikanga kaore nga pihikete me te kaitoro e pa ki tetahi mea. He gzip te kōpeketanga, engari ka tāruahia, ka tāruahia ngā pūāhua ASCII. Tika, ka taea e koe te tango i te raina Whakaae-whakawaehere. Kei te pai nga mea katoa - ka whiwhi tatou i tetahi tuhinga HTML, inaianei me nga assonances. Engari e rua nga patai: me pehea te whakahaere i te OpenSSL me te whakawhiti raraunga ki a ia ma te whakamahi i te tuhinga? A me pehea te panui i te putanga mena i muri i te whiwhinga o te whakautu ka noho tonu tatou, me te mea, i roto i te "anga" OpenSSL? Mena ka taea e koe te whakaaro me te tuarua, engari me te tuatahi ...

He pai kei reira Habrte wahi i panui ahau mo te whaipainga tumanako, e whakaaunoa ana i te tukanga o te taunekeneke me nga kaupapa e tumanako ana ki te taunekeneke tangata. He tino ataahua te whai kapa tumanako aunoa, whakaputa tumanako tuhinga i runga i o mahi. Kaati, ka whakarewahia e matou, mahia enei mea katoa ka mutu te tuhinga. Ko ia anake te tino nui, me te mea katoa OpenSSL whakaatu tiwhikete, kī, me tumanako e tatari ana ki te putanga o enei mea katoa. Kei te hiahia tatou i tenei? Kao. Ka tangohia e matou te urupare tuatahi, ka waiho ko te wehenga raina whakamutunga 'r' anake. Ka tangohia ano e matou nga mara-Kaiwhakamahi me te Whakaae mai i ta maatau tono - kaore e pa ki tetahi mea. Na, me whakarewa. I mahia te tuhinga, engari kei hea te tuhinga HTML taonga? Titiro kai ana. Hei tuku ia ia ki te tuwha, me tuhi koe:

set results $expect_out(buffer)

i mua i te mutunga o te tuhinga - penei me pehea te tuhi i te putanga o te kawenga tumanako'om whakahau ka whakaatuhia ki te mata. Hei whakarāpopototanga, he mea penei:

tumanakohia he tuhinga

#!/usr/bin/expect -f

set timeout -1
spawn openssl s_client -connect IP:PORT
match_max 100000
expect -exact "
---r
"
send -- "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1rHost: HOSTrAccept-Language: en-US,en;q=0.5rX-Requested-With: XMLHttpRequestrConnection: close"
expect -exact "GET /rifma/%d0%b7%d0%b4%d0%b5%d1%81%d1%8c?mode=block&type=asn HTTP/1.1r
Host: HOSTr
Accept-Language: en-US,en;q=0.5r
X-Requested-With: XMLHttpRequestr
Connection: close"
send -- "r"
set results $expect_out(buffer)
expect -exact "r
"
send -- "r"
expect eof

Engari ehara ko tera anake! Kei te kite koe, i roto i nga tauira katoa he pumau tonu te URL tono, engari ko te URL te kawenga mo tehea kupu e hono ana ki nga assonances. Na ka puta ake ka rapu tonu tatou i te kupu “%d0%b7%d0%b4%d0%b5%d1%81%d1%8c” i roto i te ASCII, i “konei” ranei i te UTF-8. Me aha? Ae ra, mahia noa he tuhinga hou ia wa, e hoa ma! Kaore ano tumanako aunoa'Aue, me te awhina paoro, no te mea I roto i to maatau hou, kaore he mea rereke engari ko te kupu. Kia ora tonu te raruraru hou: me pehea e taea ai e tatou te whakamaori i tetahi kupu mai i Cyrillic ki te whakatakotoranga URL? Kaore he mea motuhake mo te tauranga. Ana, kei te pai, ka taea e tatou, tika? Ka taea:

Tirohia te aha ka taea e au!

function furl {
furl=$(echo "$word" | sed 's:А:%d0%90:g;s:Б:%d0%91:g;s:В:%d0%92:g;s:Г:%d0%93:g;s:Д:%d0%94:g;s:Е:%d0%95:g;s:Ж:%d0%96:g;s:З:%d0%97:g;s:И:%d0%98:g;s:Й:%d0%99:g;s:К:%d0%9a:g;s:Л:%d0%9b:g;s:М:%d0%9c:g;s:Н:%d0%9d:g;s:О:%d0%9e:g;s:П:%d0%9f:g;s:Р:%d0%a0:g;s:С:%d0%a1:g;s:Т:%d0%a2:g;s:У:%d0%a3:g;s:Ф:%d0%a4:g;s:Х:%d0%a5:g;s:Ц:%d0%a6:g;s:Ч:%d0%a7:g;s:Ш:%d0%a8:g;s:Щ:%d0%a9:g;s:Ъ:%d0%aa:g;s:Ы:%d0%ab:g;s:Ь:%d0%ac:g;s:Э:%d0%ad:g;s:Ю:%d0%ae:g;s:Я:%d0%af:g;s:а:%d0%b0:g;s:б:%d0%b1:g;s:в:%d0%b2:g;s:г:%d0%b3:g;s:д:%d0%b4:g;s:е:%d0%b5:g;s:ж:%d0%b6:g;s:з:%d0%b7:g;s:и:%d0%b8:g;s:й:%d0%b9:g;s:к:%d0%ba:g;s:л:%d0%bb:g;s:м:%d0%bc:g;s:н:%d0%bd:g;s:о:%d0%be:g;s:п:%d0%bf:g;s:р:%d1%80:g;s:с:%d1%81:g;s:т:%d1%82:g;s:у:%d1%83:g;s:ф:%d1%84:g;s:х:%d1%85:g;s:ц:%d1%86:g;s:ч:%d1%87:g;s:ш:%d1%88:g;s:щ:%d1%89:g;s:ъ:%d1%8a:g;s:ы:%d1%8b:g;s:ь:%d1%8c:g;s:э:%d1%8d:g;s:ю:%d1%8e:g;s:я:%d1%8f:g;s:ё:%d1%91:g;s:Ё:%d0%81:g')}

I te katoa, he tuhinga ka huri i tetahi kupu ki te tuhinga ASCII, ka whakaputa i tetahi atu tuhinga e tono ana i tetahi wharangi pae me nga assonances mai i te tūmau ma OpenSSL. Na ka tukuna ano e matou te putanga o te tuhinga whakamutunga ki tetahi konae, a, i te huarahi tawhito, ka tukuna atu "tātari" tapawhā anō ka tuhia ki te kōnae.

Te whitinga o te tini. Rarangi raro

Inaa, koinei tonu te take e raru ai nga raru iti. Ka mahia e matou nga tikanga o runga ake mo nga kupu e rua, katahi mai i nga rarangi e rua ka whakatauritea ia kupu ki ia kupu, a ki te kitea he taurite, ka whakaputahia e matou. Inaianei kei a maatau te tuhinga e rua nga kupu whakauru me te whakaatu i te rarangi o nga kupu e rite ana ki nga kupu e rua, tae atu ki te whai whakaaro ki nga assonances, me enei mea katoa me te kore e huri a ringa i waenga i nga ripa e wha me te maumahara ki nga kupu "ma te kanohi" - kua kohia katoa, kua kautehia. mo a ka maka aunoatia. Whakamiharo.

Ko te kaupapa o tenei whakaputanga he whakaatu mena ka hiahia te tangata ki tetahi mea, ka mahia ano e ia. He tino koretake, he kopikopiko, he whakamataku, engari ka mahi.

Source: will.com