index.html

<!doctype html>
<html lang="zh"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"><meta><title>4xpl0r3r&#039;s blog</title><link rel="manifest" href="/manifest.json"><meta name="application-name" content="4xpl0r3r&#039;s blog"><meta name="msapplication-TileImage" content="/img/favicon.png"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-title" content="4xpl0r3r&#039;s blog"><meta name="apple-mobile-web-app-status-bar-style" content="default"><meta property="og:type" content="blog"><meta property="og:title" content="4xpl0r3r&#039;s blog"><meta property="og:url" content="https://cn.4xpl0r3r.com/"><meta property="og:site_name" content="4xpl0r3r&#039;s blog"><meta property="og:locale" content="zh_CN"><meta property="og:image" content="https://cn.4xpl0r3r.com/img/og_image.png"><meta property="article:author" content="4xpl0r3r"><meta property="twitter:card" content="summary"><meta property="twitter:image" content="/img/og_image.png"><script type="application/ld+json">{"@context":"https://schema.org","@type":"BlogPosting","mainEntityOfPage":{"@type":"WebPage","@id":"https://cn.4xpl0r3r.com"},"headline":"4xpl0r3r's blog","image":["https://cn.4xpl0r3r.com/img/og_image.png"],"author":{"@type":"Person","name":"4xpl0r3r"},"publisher":{"@type":"Organization","name":"4xpl0r3r's blog","logo":{"@type":"ImageObject","url":{"text":"4xpl0r3r"}}},"description":""}</script><link rel="icon" href="/img/favicon.png"><link rel="stylesheet" href="https://cdnjs.loli.net/ajax/libs/font-awesome/5.15.2/css/all.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/highlight.js@9.12.0/styles/monokai.css"><link rel="stylesheet" href="https://fonts.loli.net/css2?family=Ubuntu:wght@400;600&amp;family=Source+Code+Pro"><link rel="stylesheet" href="/css/default.css"><style>body>.footer,body>.navbar,body>.section{opacity:0}</style><!--!--><script>var _hmt = _hmt || [];
        (function() {
            var hm = document.createElement("script");
            hm.src = "//hm.baidu.com/hm.js?54a4d5a34df4e0b3a14ee586abbe506b";
            var s = document.getElementsByTagName("script")[0];
            s.parentNode.insertBefore(hm, s);
        })();</script><!--!--><!--!--><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/cookieconsent@3.1.1/build/cookieconsent.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/css/lightgallery.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/css/justifiedGallery.min.css"><script src="https://www.googletagmanager.com/gtag/js?id=G-RPBTCRM58X" async></script><script>window.dataLayer = window.dataLayer || [];
        function gtag(){dataLayer.push(arguments);}
        gtag('js', new Date());
    
        gtag('config', 'G-RPBTCRM58X');</script><!--!--><script src="https://cdn.jsdelivr.net/npm/pace-js@1.0.2/pace.min.js"></script><!--!--><!--!--><meta name="follow_it-verification-code" content="qUbeerQV2zzsAnkYL1eR"><meta name="generator" content="Hexo 5.4.0"><link rel="alternate" href="/atom.xml" title="4xpl0r3r's blog" type="application/atom+xml">
</head><body class="is-2-column"><nav class="navbar navbar-main"><div class="container"><div class="navbar-brand justify-content-center"><a class="navbar-item navbar-logo" href="/">4xpl0r3r</a></div><div class="navbar-menu"><div class="navbar-start"><a class="navbar-item" href="/archives">归档</a><a class="navbar-item" href="/categories">分类</a><a class="navbar-item" href="/tags">标签</a><a class="navbar-item" href="/about">关于</a></div><div class="navbar-end"><a class="navbar-item" target="_blank" rel="noopener" title="GitHub" href="https://github.com/4xpl0r3r"><i class="fab fa-github"></i></a><a class="navbar-item search" title="搜索" href="javascript:;"><i class="fas fa-search"></i></a></div></div></div></nav><section class="section"><div class="container"><div class="columns"><div class="column order-2 column-main is-8-tablet is-8-desktop is-8-widescreen"><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2024-02-29T09:00:00.000Z" title="2/29/2024, 5:00:00 PM">2024-02-29</time>发表</span><span class="level-item"><time dateTime="2024-02-29T09:13:12.000Z" title="2/29/2024, 5:13:12 PM">2024-02-29</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E7%BB%8F%E9%AA%8C/">经验</a></span><span class="level-item">10 分钟读完 (大约1573个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E7%BB%8F%E9%AA%8C/Clash-TUN%E6%A8%A1%E5%BC%8F%E4%B8%8B%E7%9A%84UDP%E6%9C%8D%E5%8A%A1%E5%BC%82%E5%B8%B8%E8%AF%8A%E6%96%AD%E4%B8%8E%E8%A7%A3%E5%86%B3/">Clash TUN模式下的UDP服务异常诊断与解决</a></h1><div class="content"><p>Clash开启TUN模式后，本地UDP端口无法与外部访问正常建立连接，如何诊断问题？如何解决问题？</p></div><a class="article-more button is-small is-size-7" href="/%E7%BB%8F%E9%AA%8C/Clash-TUN%E6%A8%A1%E5%BC%8F%E4%B8%8B%E7%9A%84UDP%E6%9C%8D%E5%8A%A1%E5%BC%82%E5%B8%B8%E8%AF%8A%E6%96%AD%E4%B8%8E%E8%A7%A3%E5%86%B3/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2023-02-14T07:24:26.000Z" title="2/14/2023, 3:24:26 PM">2023-02-14</time>发表</span><span class="level-item"><time dateTime="2023-02-14T08:50:36.000Z" title="2/14/2023, 4:50:36 PM">2023-02-14</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/">技术归纳</a></span><span class="level-item">18 分钟读完 (大约2756个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/%E4%BD%BF%E7%94%A8CodeQL%E5%8F%91%E7%8E%B0CVE-2021-44228/">使用CodeQL发现Log4j CVE-2021-44228</a></h1><div class="content"><blockquote>
<p>虽然已经有了一个针对”Potential Log4J LDAP JNDI injection (CVE-2021-44228)”的实验性CWE-020 Query，但这次我想改写CWE-074，使其能够发现CVE-2021-44228。</p>
</blockquote></div><a class="article-more button is-small is-size-7" href="/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/%E4%BD%BF%E7%94%A8CodeQL%E5%8F%91%E7%8E%B0CVE-2021-44228/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-15T07:14:00.000Z" title="2/15/2022, 3:14:00 PM">2022-02-15</time>发表</span><span class="level-item"><time dateTime="2023-07-21T02:55:27.000Z" title="7/21/2023, 10:55:27 AM">2023-07-21</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></span><span class="level-item">23 分钟读完 (大约3483个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSCP-PEN200/">OSCE3之路 - OSCP | PEN200</a></h1><div class="content"><p>在2022年1月我拿到了中国大陆第一个OSCE3，我在参与PEN200-OSCP时使用的是2020年更新的新版教材(含域内容)，但考试依然是旧版(不含域内容)，在2022年OSCP的考试形式已经更新为新版形式(含域内容)。</p></div><a class="article-more button is-small is-size-7" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSCP-PEN200/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-15T07:13:47.000Z" title="2/15/2022, 3:13:47 PM">2022-02-15</time>发表</span><span class="level-item"><time dateTime="2023-07-21T02:55:17.000Z" title="7/21/2023, 10:55:17 AM">2023-07-21</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></span><span class="level-item">14 分钟读完 (大约2062个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSWE-WEB300/">OSCE3之路 - OSWE | WEB300</a></h1><div class="content"><p>在2022年1月我拿到了OSCE3，OSWE是我在21年4月拿到的，本篇我们来介绍WEB300-OSWE，它是关于OffSec关于Exploit Development的第一个认证。</p></div><a class="article-more button is-small is-size-7" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSWE-WEB300/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-15T07:13:36.000Z" title="2/15/2022, 3:13:36 PM">2022-02-15</time>发表</span><span class="level-item"><time dateTime="2023-07-21T02:55:15.000Z" title="7/21/2023, 10:55:15 AM">2023-07-21</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></span><span class="level-item">16 分钟读完 (大约2456个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSEP-PEN300/">OSCE3之路 - OSEP | PEN300</a></h1><div class="content"><p>在2022年1月我拿到了OSCE3，OSEP是我在21年8月拿到的，其和PEN200-OSCP均属于PEN系列，也就是渗透测试类。</p></div><a class="article-more button is-small is-size-7" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSEP-PEN300/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-15T07:13:25.000Z" title="2/15/2022, 3:13:25 PM">2022-02-15</time>发表</span><span class="level-item"><time dateTime="2023-07-21T02:55:24.000Z" title="7/21/2023, 10:55:24 AM">2023-07-21</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></span><span class="level-item">16 分钟读完 (大约2355个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSED-EXP301/">OSCE3之路 - OSED | EXP301</a></h1><div class="content"><p>OSED是我在在2022年1月拿到的，同时也是我OSCE3所需的最后一个证书，其名称为301，而不是300，这是因为EXP301-OSED专注于Windows环境下的二进制安全开发与利用。</p></div><a class="article-more button is-small is-size-7" href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSED-EXP301/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-13T12:48:52.000Z" title="2/13/2022, 8:48:52 PM">2022-02-13</time>发表</span><span class="level-item"><time dateTime="2022-02-13T12:52:18.000Z" title="2/13/2022, 8:52:18 PM">2022-02-13</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/Exploit/">Exploit</a></span><span class="level-item">3 分钟读完 (大约520个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/Exploit/%E5%9C%A8Tomcat%E7%8E%AF%E5%A2%83%E4%B8%8B%E4%BD%BF%E7%94%A8JNDI%E7%BB%95%E8%BF%87trusted-codebase%E9%99%90%E5%88%B6%E7%9A%84Exploit/">在Tomcat环境下使用JNDI绕过trusted codebase限制的Exploit</a></h1><div class="content"><p>在<a href="/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2021-44228-log4j2-RCE-%E5%88%86%E6%9E%90">CVE-2021-44228 log4j2 RCE 分析</a>中，我们实现了在Java 8u181中通过JNDI加载恶意类实现RCE，本文我们实现一个在trusted codebase限制下实现RCE的Exploit</p></div><a class="article-more button is-small is-size-7" href="/Exploit/%E5%9C%A8Tomcat%E7%8E%AF%E5%A2%83%E4%B8%8B%E4%BD%BF%E7%94%A8JNDI%E7%BB%95%E8%BF%87trusted-codebase%E9%99%90%E5%88%B6%E7%9A%84Exploit/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-11T11:39:15.000Z" title="2/11/2022, 7:39:15 PM">2022-02-11</time>发表</span><span class="level-item"><time dateTime="2022-09-14T02:11:57.000Z" title="9/14/2022, 10:11:57 AM">2022-09-14</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a></span><span class="level-item">13 分钟读完 (大约1980个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2021-4034-Linux-Polkit-%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">CVE-2021-4034 Linux Polkit 权限提升漏洞分析</a></h1><div class="content"><p>本文主要参考官方的<a target="_blank" rel="noopener" href="https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt">Advisory</a>来进行分析</p></div><a class="article-more button is-small is-size-7" href="/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2021-4034-Linux-Polkit-%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-02-11T11:38:47.000Z" title="2/11/2022, 7:38:47 PM">2022-02-11</time>发表</span><span class="level-item"><time dateTime="2022-02-11T11:43:37.000Z" title="2/11/2022, 7:43:37 PM">2022-02-11</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/">技术归纳</a></span><span class="level-item">32 分钟读完 (大约4776个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/JavaWeb-%E5%86%85%E5%AD%98%E9%A9%AC%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/">JavaWeb 内存马技术归纳</a></h1><div class="content"><p>本文以Tomcat 9为核心学习并归纳了一些内存马技术，除有特殊说明外的章节外，本文使用Java 8u292</p></div><a class="article-more button is-small is-size-7" href="/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/JavaWeb-%E5%86%85%E5%AD%98%E9%A9%AC%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/#more">阅读更多</a></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta is-size-7 is-uppercase level is-mobile"><div class="level-left"><span class="level-item"><time dateTime="2022-01-19T13:06:00.000Z" title="1/19/2022, 9:06:00 PM">2022-01-19</time>发表</span><span class="level-item"><time dateTime="2022-02-13T11:45:09.000Z" title="2/13/2022, 7:45:09 PM">2022-02-13</time>更新</span><span class="level-item"><a class="link-muted" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/">漏洞分析</a></span><span class="level-item">19 分钟读完 (大约2881个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2021-44228-log4j2-RCE-%E5%88%86%E6%9E%90/">CVE-2021-44228 log4j2 RCE 分析</a></h1><div class="content"><p>使用Java 8u181</p></div><a class="article-more button is-small is-size-7" href="/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/CVE-2021-44228-log4j2-RCE-%E5%88%86%E6%9E%90/#more">阅读更多</a></article></div><nav class="pagination" role="navigation" aria-label="pagination"><div class="pagination-previous is-invisible is-hidden-mobile"><a href="/page/0/">上一页</a></div><div class="pagination-next"><a href="/page/2/">下一页</a></div><ul class="pagination-list is-hidden-mobile"><li><a class="pagination-link is-current" href="/">1</a></li><li><a class="pagination-link" href="/page/2/">2</a></li></ul></nav></div><div class="column column-left is-4-tablet is-4-desktop is-4-widescreen  order-1"><div class="card widget" data-type="profile"><div class="card-content"><nav class="level"><div class="level-item has-text-centered flex-shrink-1"><div><figure class="image is-128x128 mx-auto mb-2"><img class="avatar" src="/img/avatar1.png" alt="4xpl0r3r"></figure><p class="title is-size-4 is-block" style="line-height:inherit;">4xpl0r3r</p><p class="is-size-6 is-block">OSCE3 | OSCP | CTFer</p><p class="is-size-6 is-flex justify-content-center"><i class="fas fa-map-marker-alt mr-1"></i><span>Orange Cyberdefense, 上海</span></p></div></div></nav><nav class="level is-mobile"><div class="level-item has-text-centered is-marginless"><div><p class="heading">文章</p><a href="/archives"><p class="title">11</p></a></div></div><div class="level-item has-text-centered is-marginless"><div><p class="heading">分类</p><a href="/categories"><p class="title">6</p></a></div></div><div class="level-item has-text-centered is-marginless"><div><p class="heading">标签</p><a href="/tags"><p class="title">21</p></a></div></div></nav><div class="level is-mobile is-multiline"><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Github" href="https://github.com/4xpl0r3r"><i class="fab fa-github"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Email" href="mailto:4xpl0r3r@gmail.com"><i class="fa fa-envelope"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="RSS" href="/atom.xml"><i class="fas fa-rss"></i></a></div></div></div><div class="card widget" data-type="subscribe-email"><div class="card-content"><div class="menu"><h3 class="menu-label">follow.it</h3><form action="https://api.follow.it/subscription-form/cjhyZGlsVVREaVhUakc2SkdXVFhJY2piZTdyb0hWRmpZSXZ3TytOcGkvSVltWkpEcldmWjhrU1diTmoxemw5alhMSGljZU5nUDFKUE9nS3haUW14OEdmVVRVTnRxZGJ0SExkNWY2b1ArQ05BQm90ZjdsYTV1WWVSL2kzSjI0T0l8QlNwRzQ2VFVoYU9XQ1hvVG0xWTd4OVdaZkxaSnF2Z0huTW9vTjNZQXNGUT0=/8" method="post" target="_blank"><div class="field has-addons"><div class="control has-icons-left is-expanded"><input class="input" name="email" type="email" placeholder="Email"><span class="icon is-small is-left"><i class="fas fa-envelope"></i></span></div><div class="control"><input class="button" type="submit" value="订阅"></div></div></form></div></div></div><!--!--><div class="card widget" data-type="links"><div class="card-content"><div class="menu"><h3 class="menu-label">链接</h3><ul class="menu-list"><li><a class="level is-mobile" href="https://www.4xpl0r3r.com/" target="_blank" rel="noopener"><span class="level-left"><span class="level-item">切换语言 - English</span></span><span class="level-right"><span class="level-item tag">www.4xpl0r3r.com</span></span></a></li><li><a class="level is-mobile" href="https://github.com/4xpl0r3r" target="_blank" rel="noopener"><span class="level-left"><span class="level-item">GitHub</span></span><span class="level-right"><span class="level-item tag">github.com</span></span></a></li><li><a class="level is-mobile" href="https://hackerone.com/4xpl0r3r" target="_blank" rel="noopener"><span class="level-left"><span class="level-item">HackerOne</span></span><span class="level-right"><span class="level-item tag">hackerone.com</span></span></a></li></ul></div></div></div><div class="card widget" data-type="categories"><div class="card-content"><div class="menu"><h3 class="menu-label">分类</h3><ul class="menu-list"><li><a class="level is-mobile" href="/categories/Exploit/"><span class="level-start"><span class="level-item">Exploit</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/categories/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/"><span class="level-start"><span class="level-item">技术归纳</span></span><span class="level-end"><span class="level-item tag">2</span></span></a></li><li><a class="level is-mobile" href="/categories/%E6%96%87%E6%A1%A3/"><span class="level-start"><span class="level-item">文档</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/categories/%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90/"><span class="level-start"><span class="level-item">漏洞分析</span></span><span class="level-end"><span class="level-item tag">2</span></span></a></li><li><a class="level is-mobile" href="/categories/%E7%BB%8F%E9%AA%8C/"><span class="level-start"><span class="level-item">经验</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/categories/%E8%AF%81%E4%B9%A6/"><span class="level-start"><span class="level-item">证书</span></span><span class="level-end"><span class="level-item tag">4</span></span></a></li></ul></div></div></div><div class="card widget" data-type="recent-posts"><div class="card-content"><h3 class="menu-label">最新文章</h3><article class="media"><div class="media-content"><p class="date"><time dateTime="2024-02-29T09:00:00.000Z">2024-02-29</time></p><p class="title"><a href="/%E7%BB%8F%E9%AA%8C/Clash-TUN%E6%A8%A1%E5%BC%8F%E4%B8%8B%E7%9A%84UDP%E6%9C%8D%E5%8A%A1%E5%BC%82%E5%B8%B8%E8%AF%8A%E6%96%AD%E4%B8%8E%E8%A7%A3%E5%86%B3/">Clash TUN模式下的UDP服务异常诊断与解决</a></p><p class="categories"><a href="/categories/%E7%BB%8F%E9%AA%8C/">经验</a></p></div></article><article class="media"><div class="media-content"><p class="date"><time dateTime="2023-02-14T07:24:26.000Z">2023-02-14</time></p><p class="title"><a href="/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/%E4%BD%BF%E7%94%A8CodeQL%E5%8F%91%E7%8E%B0CVE-2021-44228/">使用CodeQL发现Log4j CVE-2021-44228</a></p><p class="categories"><a href="/categories/%E6%8A%80%E6%9C%AF%E5%BD%92%E7%BA%B3/">技术归纳</a></p></div></article><article class="media"><div class="media-content"><p class="date"><time dateTime="2022-02-15T07:14:00.000Z">2022-02-15</time></p><p class="title"><a href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSCP-PEN200/">OSCE3之路 - OSCP | PEN200</a></p><p class="categories"><a href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></p></div></article><article class="media"><div class="media-content"><p class="date"><time dateTime="2022-02-15T07:13:47.000Z">2022-02-15</time></p><p class="title"><a href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSWE-WEB300/">OSCE3之路 - OSWE | WEB300</a></p><p class="categories"><a href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></p></div></article><article class="media"><div class="media-content"><p class="date"><time dateTime="2022-02-15T07:13:36.000Z">2022-02-15</time></p><p class="title"><a href="/%E8%AF%81%E4%B9%A6/OSCE3%E4%B9%8B%E8%B7%AF-OSEP-PEN300/">OSCE3之路 - OSEP | PEN300</a></p><p class="categories"><a href="/categories/%E8%AF%81%E4%B9%A6/">证书</a></p></div></article></div></div><div class="card widget" data-type="archives"><div class="card-content"><div class="menu"><h3 class="menu-label">归档</h3><ul class="menu-list"><li><a class="level is-mobile" href="/archives/2024/02/"><span class="level-start"><span class="level-item">二月 2024</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/archives/2023/02/"><span class="level-start"><span class="level-item">二月 2023</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/archives/2022/02/"><span class="level-start"><span class="level-item">二月 2022</span></span><span class="level-end"><span class="level-item tag">7</span></span></a></li><li><a class="level is-mobile" href="/archives/2022/01/"><span class="level-start"><span class="level-item">一月 2022</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile" href="/archives/2021/08/"><span class="level-start"><span class="level-item">八月 2021</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li></ul></div></div></div><div class="card widget" data-type="tags"><div class="card-content"><div class="menu"><h3 class="menu-label">标签</h3><div class="field is-grouped is-grouped-multiline"><div class="control"><a class="tags has-addons" href="/tags/C-C/"><span class="tag">C&amp;C++</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/CTF/"><span class="tag">CTF</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/CVE/"><span class="tag">CVE</span><span class="tag">3</span></a></div><div class="control"><a class="tags has-addons" href="/tags/CodeQL/"><span class="tag">CodeQL</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/JNDI/"><span class="tag">JNDI</span><span class="tag">4</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Java/"><span class="tag">Java</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Java-Agent/"><span class="tag">Java Agent</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Java-Web/"><span class="tag">Java Web</span><span class="tag">3</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Linux/"><span class="tag">Linux</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/OffSec/"><span class="tag">OffSec</span><span class="tag">4</span></a></div><div class="control"><a class="tags has-addons" href="/tags/PWN/"><span class="tag">PWN</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Shell/"><span class="tag">Shell</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/Tomcat/"><span class="tag">Tomcat</span><span class="tag">2</span></a></div><div class="control"><a class="tags has-addons" href="/tags/ysoserial/"><span class="tag">ysoserial</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E5%86%85%E5%AD%98%E9%A9%AC/"><span class="tag">内存马</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E5%BC%82%E5%B8%B8%E8%AF%8A%E6%96%AD/"><span class="tag">异常诊断</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E6%81%B6%E6%84%8F%E4%BB%A3%E7%A0%81%E6%A3%80%E6%B5%8B%E4%B8%8E%E9%9A%90%E8%97%8F/"><span class="tag">恶意代码检测与隐藏</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E6%8F%90%E6%9D%83/"><span class="tag">提权</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E6%A0%BC%E5%BC%8F%E5%8C%96%E5%AD%97%E7%AC%A6%E4%B8%B2/"><span class="tag">格式化字符串</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E7%8E%AF%E5%A2%83/"><span class="tag">环境</span><span class="tag">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E7%BD%91%E7%BB%9C%E6%8A%80%E6%9C%AF/"><span class="tag">网络技术</span><span class="tag">1</span></a></div></div></div></div></div></div><!--!--></div></div></section><footer class="footer"><div class="container"><div class="level"><div class="level-start"><a class="footer-logo is-block mb-2" href="/">4xpl0r3r</a><p class="is-size-7"><span>&copy; 2024 4xpl0r3r</span>  Powered by <a href="https://hexo.io/" target="_blank" rel="noopener">Hexo</a> &amp; <a href="https://github.com/ppoffice/hexo-theme-icarus" target="_blank" rel="noopener">Icarus</a></p></div><div class="level-end"><div class="field has-addons"><p class="control"><a class="button is-transparent is-large" target="_blank" rel="noopener" title="Creative Commons" href="https://creativecommons.org/"><i class="fab fa-creative-commons"></i></a></p><p class="control"><a class="button is-transparent is-large" target="_blank" rel="noopener" title="Attribution 4.0 International" href="https://creativecommons.org/licenses/by/4.0/"><i class="fab fa-creative-commons-by"></i></a></p></div></div></div></div></footer><script src="https://cdn.jsdelivr.net/npm/jquery@3.3.1/dist/jquery.min.js"></script><script src="https://cdn.jsdelivr.net/npm/moment@2.22.2/min/moment-with-locales.min.js"></script><script src="https://cdn.jsdelivr.net/npm/clipboard@2.0.4/dist/clipboard.min.js" defer></script><script>moment.locale("zh-CN");</script><script>var IcarusThemeSettings = {
            article: {
                highlight: {
                    clipboard: true,
                    fold: 'unfolded'
                }
            }
        };</script><script src="/js/column.js"></script><script src="/js/animation.js"></script><a id="back-to-top" title="回到顶端" href="javascript:;"><i class="fas fa-chevron-up"></i></a><script src="/js/back_to_top.js" defer></script><!--!--><!--!--><!--!--><script src="https://cdn.jsdelivr.net/npm/cookieconsent@3.1.1/build/cookieconsent.min.js" defer></script><script>window.addEventListener("load", () => {
      window.cookieconsent.initialise({
        type: "info",
        theme: "edgeless",
        static: false,
        position: "bottom-left",
        content: {
          message: "此网站使用Cookie来改善您的体验。",
          dismiss: "知道了！",
          allow: "允许使用Cookie",
          deny: "拒绝",
          link: "了解更多",
          policy: "Cookie政策",
          href: "https://www.cookiesandyou.com/",
        },
        palette: {
          popup: {
            background: "#edeff5",
            text: "#838391"
          },
          button: {
            background: "#4b81e8"
          },
        },
      });
    });</script><script src="https://cdn.jsdelivr.net/npm/lightgallery@1.6.8/dist/js/lightgallery.min.js" defer></script><script src="https://cdn.jsdelivr.net/npm/justifiedGallery@3.7.0/dist/js/jquery.justifiedGallery.min.js" defer></script><script>window.addEventListener("load", () => {
            if (typeof $.fn.lightGallery === 'function') {
                $('.article').lightGallery({ selector: '.gallery-item' });
            }
            if (typeof $.fn.justifiedGallery === 'function') {
                if ($('.justified-gallery > p > .gallery-item').length) {
                    $('.justified-gallery > p > .gallery-item').unwrap();
                }
                $('.justified-gallery').justifiedGallery();
            }
        });</script><!--!--><!--!--><!--!--><!--!--><!--!--><script src="/js/main.js" defer></script><div class="searchbox"><div class="searchbox-container"><div class="searchbox-header"><div class="searchbox-input-container"><input class="searchbox-input" type="text" placeholder="想要查找什么..."></div><a class="searchbox-close" href="javascript:;">×</a></div><div class="searchbox-body"></div></div></div><script src="/js/insight.js" defer></script><script>document.addEventListener('DOMContentLoaded', function () {
            loadInsight({"contentUrl":"/content.json"}, {"hint":"想要查找什么...","untitled":"(无标题)","posts":"文章","pages":"页面","categories":"分类","tags":"标签"});
        });</script></body></html>