-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
22 lines (22 loc) · 9.59 KB
/
index.html
File metadata and controls
22 lines (22 loc) · 9.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<!DOCTYPE html><html><head><meta charset="utf-8"><meta name="X-UA-Compatible" content="IE=edge"><meta name="description"><meta name="viewport" content="width=device-width, initial-scale=1"><title>Duolaa</title><link rel="short icon" href="/favicon.ico"><!-- font--><link rel="stylesheet" href="//fonts.googleapis.com/css?family=Source+Sans+Pro:400,600|Roboto Mono"><!-- icon--><link rel="stylesheet" href="/fonts/iconfont/iconfont.css"><!-- theme style--><link rel="stylesheet" href="/css/style.css"></head><body><div id="main"><header><a href="/." class="logo">Duolaa</a><ul class="nav"><li class="nav-link"><a href="/" class="active">Home</a></li><li class="nav-link"><a href="/archives/" target="_self">Archives</a></li><li class="nav-link"><a href="/tags/" target="_self">Tags</a></li><li class="nav-link"><a href="/about/" target="_self">About</a></li></ul></header><section id="container"><ul class="home"><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/10/23/CVE-2016-5195 Dirty Cow/" class="post-link">CVE-2016-5195 Dirty Cow</a></h1><span class="post-time">Oct 23, 2016</span><div class="post-content"></div><a href="/2016/10/23/CVE-2016-5195 Dirty Cow/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/07/19/httpoxy/" class="post-link">Httpoxy漏洞预警</a></h1><span class="post-time">Jul 19, 2016</span><div class="post-content"><p><em>A CGI application vulnerability for PHP, Go, Python and others</em></p>
<h2 id="漏洞概述"><a href="#漏洞概述" class="headerlink" title="漏洞概述"></a>漏洞概述</h2><p>httpoxy漏洞其实就是一个命名冲突的问题,一台使用了httpoxy的服务器,在接受客户端请求之后,服务器会把http变量头转换成大写,并加上HTTP_,如请求头有一个字段是Proxy,之后会变成HTTP_PROXY,其中的value值是不变的。并且在需要的地方转换成了环境变量。这里传进去的变量同名的则被覆盖,</p>
<p><img src="https://github.com/duolaaa/markdownimage/blob/master/071901.png?raw=true" alt="请输入图片描述"></p></div><a href="/2016/07/19/httpoxy/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/07/16/二次加密的思考/" class="post-link">二次加密的思考</a></h1><span class="post-time">Jul 16, 2016</span><div class="post-content"><h2 id="抛出问题"><a href="#抛出问题" class="headerlink" title="抛出问题"></a>抛出问题</h2><p>比如我有一个FTP,里面有视频文件,这个视频不是每个人都可以下载,只有授权用户才可以,因此我给每个用户分配了一个账号密码,登录ftp之后,就可以下载相对应的视频资源,但是为了防止ftp账号密码泄露或者被暴力破解甚至撞库,想采用二次加密方式,对下载的东西采用压缩加密(比如 RAR密码加密压缩)。那么问题来了,密码如何告知用户。</p>
<h2 id="寻求答案"><a href="#寻求答案" class="headerlink" title="寻求答案"></a>寻求答案</h2><p>对上述问题,只有一下的要求<br> 1、用户量较大<br> 2、视频资源文件更新频繁<br> 3、自动化不需要人为干预太多。</p></div><a href="/2016/07/16/二次加密的思考/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/07/16/ubuntu搭建vnc服务/" class="post-link">ubuntu搭建vnc服务</a></h1><span class="post-time">Jul 16, 2016</span><div class="post-content"><h3 id="本文实践环境信息"><a href="#本文实践环境信息" class="headerlink" title="本文实践环境信息"></a>本文实践环境信息</h3><p>服务器Ubuntu相关信息:<br><img src="http://i.imgur.com/amICGLu.png" alt=""></p>
<h3 id="安装vncserver服务"><a href="#安装vncserver服务" class="headerlink" title="安装vncserver服务"></a>安装vncserver服务</h3><pre><code>sudo apt-get install vnc4server
</code></pre><p><img src="http://i.imgur.com/gjOIQRz.png" alt=""></p></div><a href="/2016/07/16/ubuntu搭建vnc服务/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/07/16/hello-world/" class="post-link">Hello World</a></h1><span class="post-time">Jul 16, 2016</span><div class="post-content"><p>Welcome to <a href="https://hexo.io/">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues">GitHub</a>.</p></div><a href="/2016/07/16/hello-world/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2016/06/19/Debian Q&R/" class="post-link">Debian Q&R</a></h1><span class="post-time">Jun 19, 2016</span><div class="post-content"></div><a href="/2016/06/19/Debian Q&R/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2015/12/16/echarts+php+mysql/" class="post-link">echarts+php+mysql</a></h1><span class="post-time">Dec 16, 2015</span><div class="post-content"><p>echarts是百度出品的前端图表可视化产品,就在本博文前几天,ECharts 3 测试版发布,焕然一新的面貌。。。。。。。。。。</p>
<h2 id="echarts简介"><a href="#echarts简介" class="headerlink" title="echarts简介"></a>echarts简介</h2><p>ECharts:百度出品的一款图形化数据展示的前端代码,是一款开源、功能强大的数据可视化产品,紧跟着大数据时代的步伐,提供商业产品常用图表,底层基于ZRender(一个全新的轻量级canvas类库),创建了坐标系,图例,提示,工具箱等基础组件,并在此上构建出折线图、柱状图、散点图、K线图、饼图、雷达图、地图、和弦图、力导向布局图、仪表盘以及漏斗图,同时支持任意维度的堆积和多图表混合展现。<br>官网地址:<br> <a href="http://echarts.baidu.com/index.html">http://echarts.baidu.com/index.html</a></p>
<p>通过阅读官方文档,在首页实例部分有很多相关图标的例子,真是做前端的利器,目前很多企业都在做威胁感知、威胁态势分析等系统,前端都是用echarts进行展示,其中地图是用的比较多的,如下图所示。最近想展示一些数据,因此对echarts研究了一下,发现官方的实例文档没有动态获取数据的例子,因此有了本篇文章。<br><img src="http://i.imgur.com/sJqC6op.png" alt=""></p></div><a href="/2015/12/16/echarts+php+mysql/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2015/12/06/ssh远程登录/" class="post-link">ssh远程登录</a></h1><span class="post-time">Dec 6, 2015</span><div class="post-content"><h3 id="基本用法"><a href="#基本用法" class="headerlink" title="基本用法"></a>基本用法</h3><p>SSH主要用于远程登录。假定你要以用户名user,登录远程主机host,只要一条简单命令就可以了。</p>
<pre><code>$ ssh user@host
</code></pre><p>如果本地用户名与远程用户名一致,登录时可以省略用户名。</p>
<pre><code>$ ssh host
</code></pre><p>SSH的默认端口是22,也就是说,你的登录请求会送进远程主机的22端口。使用p参数,可以修改这个端口。</p>
<pre><code>$ ssh -p 2222 user@host
</code></pre></div><a href="/2015/12/06/ssh远程登录/" class="read-more">Read more..</a></article></li><li class="post-item"><article class="post"><h1 class="post-title"><a href="/2015/06/19/debian source.list/" class="post-link">Debian网易镜像使用帮助</a></h1><span class="post-time">Jun 19, 2015</span><div class="post-content"><p>主要是做个备份,网易的源,<a href="http://mirrors.163.com/.help/">参考地址</a></p>
<h2 id="Debian镜像使用帮助"><a href="#Debian镜像使用帮助" class="headerlink" title="Debian镜像使用帮助"></a>Debian镜像使用帮助</h2><h3 id="收录架构"><a href="#收录架构" class="headerlink" title="收录架构"></a>收录架构</h3><ul>
<li>i386</li>
<li>amd64</li>
<li>source</li>
</ul>
<h3 id="收录版本"><a href="#收录版本" class="headerlink" title="收录版本"></a>收录版本</h3><p>所有版本</p>
<h3 id="更新时间"><a href="#更新时间" class="headerlink" title="更新时间"></a>更新时间</h3><p>每4小时更新一次</p>
<h3 id="使用说明"><a href="#使用说明" class="headerlink" title="使用说明"></a>使用说明</h3><p>以Jessie为例, 编辑/etc/apt/sources.list文件, 在文件最前面添加以下条目(操作前请做好相应备份)</p></div><a href="/2015/06/19/debian source.list/" class="read-more">Read more..</a></article></li></ul><div class="paginator"></div></section><footer><div class="social"><a href="mailto:vp_zhoul@126.com" class="iconfont icon-email"> </a><a href="https://github.com/duolaaa" class="iconfont icon-github"> </a><a href="http://weibo.com/zhoul3777" class="iconfont icon-weibo"> </a></div><div class="copyright"><p>©2015-2016<span class="heart"><i class="iconfont icon-heart"></i></span><span class="author">Dunn</span><span class="heart"><i class="iconfont icon-heart"></i> Theme by </span><a href="https://github.com/ahonn/hexo-theme-even"> Even</a></p></div><label id="back2top"><i class="iconfont icon-up"></i></label></footer></div></body><script src="/js/back2top.js"></script></html>