-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
143 lines (127 loc) · 36.8 KB
/
index.html
File metadata and controls
143 lines (127 loc) · 36.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<!DOCTYPE html><html lang="en" data-theme="light"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><title>NonupleBroken</title><meta name="description" content="Everything that kills me makes me feel alive."><meta name="author" content="NonupleBroken"><meta name="copyright" content="NonupleBroken"><meta name="format-detection" content="telephone=no"><link rel="shortcut icon" href="https://i.loli.net/2020/06/15/yNt2zEPRqjwh7IO.png"><meta http-equiv="Cache-Control" content="no-transform"><meta http-equiv="Cache-Control" content="no-siteapp"><link rel="preconnect" href="//cdn.jsdelivr.net"/><link rel="dns-prefetch" href="//cdn.jsdelivr.net"/><link rel="preconnect" href="https://fonts.googleapis.com" crossorigin="crossorigin"/><link rel="dns-prefetch" href="https://fonts.googleapis.com"/><link rel="preconnect" href="//busuanzi.ibruce.info"/><link rel="dns-prefetch" href="//busuanzi.ibruce.info"/><meta name="twitter:card" content="summary"><meta name="twitter:title" content="NonupleBroken"><meta name="twitter:description" content="Everything that kills me makes me feel alive."><meta name="twitter:image" content="https://i.loli.net/2020/06/15/imOPRpIQl1aNYSH.jpg"><meta property="og:type" content="website"><meta property="og:title" content="NonupleBroken"><meta property="og:url" content="https://nonuplebroken.com/"><meta property="og:site_name" content="NonupleBroken"><meta property="og:description" content="Everything that kills me makes me feel alive."><meta property="og:image" content="https://i.loli.net/2020/06/15/imOPRpIQl1aNYSH.jpg"><meta property="article:published_time" content="2021-05-10T21:26:32.986Z"><meta property="article:modified_time" content="2021-05-10T21:26:32.986Z"><script src="https://cdn.jsdelivr.net/npm/js-cookie/dist/js.cookie.min.js"></script><script>var autoChangeMode = 'false'
var t = Cookies.get("theme")
if (autoChangeMode == '1'){
var isDarkMode = window.matchMedia("(prefers-color-scheme: dark)").matches
var isLightMode = window.matchMedia("(prefers-color-scheme: light)").matches
var isNotSpecified = window.matchMedia("(prefers-color-scheme: no-preference)").matches
var hasNoSupport = !isDarkMode && !isLightMode && !isNotSpecified
if (t === undefined){
if (isLightMode) activateLightMode()
else if (isDarkMode) activateDarkMode()
else if (isNotSpecified || hasNoSupport){
console.log('You specified no preference for a color scheme or your browser does not support it. I Schedule dark mode during night time.')
var now = new Date()
var hour = now.getHours()
var isNight = hour < 6 || hour >= 18
isNight ? activateDarkMode() : activateLightMode()
}
} else if (t == 'light') activateLightMode()
else activateDarkMode()
} else if (autoChangeMode == '2'){
now = new Date();
hour = now.getHours();
isNight = hour < 6 || hour >= 18
if(t === undefined) isNight? activateDarkMode() : activateLightMode()
else if (t === 'light') activateLightMode()
else activateDarkMode()
} else {
if ( t == 'dark' ) activateDarkMode()
else if ( t == 'light') activateLightMode()
}
function activateDarkMode(){
document.documentElement.setAttribute('data-theme', 'dark')
if (document.querySelector('meta[name="theme-color"]') !== null){
document.querySelector('meta[name="theme-color"]').setAttribute('content','#000')
}
}
function activateLightMode(){
document.documentElement.setAttribute('data-theme', 'light')
if (document.querySelector('meta[name="theme-color"]') !== null){
document.querySelector('meta[name="theme-color"]').setAttribute('content','#fff')
}
}</script><link rel="stylesheet" href="/css/index.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/font-awesome@latest/css/font-awesome.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@latest/dist/jquery.fancybox.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/node-snackbar/dist/snackbar.min.css"><link rel="canonical" href="https://nonuplebroken.com/"><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Titillium+Web"><script>var GLOBAL_CONFIG = {
root: '/',
algolia: undefined,
localSearch: {"path":"search.xml","languages":{"hits_empty":"We didn't find any results for the search: ${query}"}},
translate: undefined,
copy: {
success: 'Copy successfully',
error: 'Copy error',
noSupport: 'The browser does not support'
},
bookmark: {
message_prev: 'Press',
message_next: 'to bookmark this page'
},
runtime_unit: 'days',
runtime: true,
copyright: undefined,
ClickShowText: undefined,
medium_zoom: false,
fancybox: true,
Snackbar: {"bookmark":{"message_prev":"Press","message_next":"to bookmark this page"},"chs_to_cht":"Traditional Chinese Activated Manually","cht_to_chs":"Simplified Chinese Activated Manually","day_to_night":"Dark Mode Activated Manually","night_to_day":"Light Mode Activated Manually","bgLight":"#49b1f5","bgDark":"#2d3035","position":"top-center"},
baiduPush: false,
highlightCopy: true,
highlightLang: true,
highlightShrink: 'false',
isFontAwesomeV5: false,
isPhotoFigcaption: false,
islazyload: false,
isanchor: true
}</script><script>var GLOBAL_CONFIG_SITE = {
isPost: false,
isHome: true,
isSidebar: false
}</script><noscript><style>
#page-header {
opacity: 1
}
.justified-gallery img{
opacity: 1
}
</style></noscript><meta name="generator" content="Hexo 4.2.1"></head><body><div id="mobile-sidebar"><div id="menu_mask"></div><div id="mobile-sidebar-menus"><div class="mobile_author_icon"><img class="avatar-img" src="https://i.loli.net/2020/06/15/imOPRpIQl1aNYSH.jpg" onerror="onerror=null;src='/img/friend_404.gif'" alt="avatar"/></div><div class="mobile_post_data"><div class="mobile_data_item is-center"><div class="mobile_data_link"><a href="/archives/"><div class="headline">Articles</div><div class="length_num">28</div></a></div></div><div class="mobile_data_item is-center"> <div class="mobile_data_link"><a href="/tags/"><div class="headline">Tags</div><div class="length_num">37</div></a></div></div><div class="mobile_data_item is-center"> <div class="mobile_data_link"><a href="/categories/"><div class="headline">Categories</div><div class="length_num">7</div></a></div></div></div><hr/><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fa fa-home"></i><span> Home</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fa fa-archive"></i><span> Archives</span></a></div><div class="menus_item"><a class="site-page" href="/tags/"><i class="fa-fw fa fa-tags"></i><span> Tags</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fa fa-folder-open"></i><span> Categories</span></a></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fa fa-link"></i><span> Link</span></a></div><div class="menus_item"><a class="site-page" href="/about/"><i class="fa-fw fa fa-user"></i><span> About</span></a></div></div></div></div><div id="body-wrap"><div class="full_page" id="nav" style="background-image: url(https://i.loli.net/2020/06/16/3uL79nmOC6VlDNb.jpg)"><div id="page-header"><span class="pull_left" id="blog_name"><a class="blog_title" id="site-name" href="/">NonupleBroken</a></span><span class="pull_right menus"><div id="search_button"><a class="site-page social-icon search"><i class="fa fa-search fa-fw"></i><span> Search</span></a></div><div class="menus_items"><div class="menus_item"><a class="site-page" href="/"><i class="fa-fw fa fa-home"></i><span> Home</span></a></div><div class="menus_item"><a class="site-page" href="/archives/"><i class="fa-fw fa fa-archive"></i><span> Archives</span></a></div><div class="menus_item"><a class="site-page" href="/tags/"><i class="fa-fw fa fa-tags"></i><span> Tags</span></a></div><div class="menus_item"><a class="site-page" href="/categories/"><i class="fa-fw fa fa-folder-open"></i><span> Categories</span></a></div><div class="menus_item"><a class="site-page" href="/link/"><i class="fa-fw fa fa-link"></i><span> Link</span></a></div><div class="menus_item"><a class="site-page" href="/about/"><i class="fa-fw fa fa-user"></i><span> About</span></a></div></div><span class="toggle-menu close"><a class="site-page"><i class="fa fa-bars fa-fw" aria-hidden="true"></i></a></span></span></div><div id="site-info"><h1 id="site_title">NonupleBroken</h1><div id="site_subtitle"><span id="subtitle"></span></div><div id="site_social_icons"><a class="social-icon" href="https://github.com/nonuplebroken" target="_blank" title="Github"><i class="fa fa-github" aria-hidden="true"></i></a><a class="social-icon" href="javascript:alert(atob('bm9udXBsZWJyb2tlbkBnbWFpbC5jb20='))" target="_blank" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a></div></div><div id="scroll_down"><i class="fa fa-angle-down scroll-down-effects"></i></div></div><main class="layout_page" id="content-inner"><div class="recent-posts" id="recent-posts"><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2021/05/10/2021%E6%B4%A5%E9%97%A8%E6%9D%AFjustOCB/" title="2021津门杯justOCB">2021津门杯justOCB</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2021-05-10 23:59:59"><i class="fa fa-calendar" aria-hidden="true"></i>2021-05-10</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a></span></div><div class="content"> Problem
昨天打了 2021 津门杯, 有道 justOCB,考察的是 OCB,之前没接触过。在此之前的 2021 红明谷杯也有类似的题 babyFogery,只不过这次的更难。
打得时候搜到了dawn_whisper 师傅关于 babyFogery 的 wp。发现 babyFogery 没 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2020/06/14/%E7%BA%BF%E6%80%A7%E5%90%8C%E4%BD%99%E7%94%9F%E6%88%90%E5%99%A8/" title="线性同余生成器">线性同余生成器</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2020-06-14 22:44:15"><i class="fa fa-calendar" aria-hidden="true"></i>2020-06-14</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/LCG/">LCG</a></span></div><div class="content"> 线性同余生成器
线性同余方器(LCG)可以产生伪随机数。
它根据递归公式生成新的数:
si=(si−1a+b) mod ns_i = (s_{i-1} a + b) \bmod n
si=(si−1a+b)modn
其中 aaa、bbb、nnn 是生成器设定的常数,s0s_0s0 相当于一个 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2020/06/10/%E5%8F%8D%E9%A6%88%E7%A7%BB%E4%BD%8D%E5%AF%84%E5%AD%98%E5%99%A8/" title="反馈移位寄存器">反馈移位寄存器</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2020-06-10 21:30:15"><i class="fa fa-calendar" aria-hidden="true"></i>2020-06-10</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/LFSR/">LFSR</a></span></div><div class="content"> 反馈移位寄存器
反馈移位寄存器(FSR)是流密码产生密钥流的一个重要组成部分。在 GF(2) 上的一个 n 级 FSR 通常由 n 个二元存储器和一个反馈函数组成。
线性反馈移位寄存器
如果这里的反馈函数是线性的,我们则将称为线性反馈移位寄存器(LFSR),反馈函数是寄存器中某些位的异或,这些 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2020/06/03/Shamir%E5%AF%86%E9%92%A5%E5%88%86%E4%BA%AB%E7%AE%97%E6%B3%95/" title="Shamir密钥分享算法">Shamir密钥分享算法</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2020-06-03 23:45:20"><i class="fa fa-calendar" aria-hidden="true"></i>2020-06-03</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Shamir/">Shamir</a></span></div><div class="content"> 简介
Shamir 密钥分享算法最早是由 Shamir 和 Blackly 在 1970 年基于 Lagrange 插值和矢量方法提出的。
算法有 2 个重要参数:kkk 和 nnn。nnn 表示将明文加密为 nnn 个 ShadowShadowShadow,kkk 表示 至少需要 kkk 个 S ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/11/21/RSA%20Coppersmith%E7%9B%B8%E5%85%B3%E6%94%BB%E5%87%BB/" title="RSA Coppersmith相关攻击">RSA Coppersmith相关攻击</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-11-21 19:47:11"><i class="fa fa-calendar" aria-hidden="true"></i>2019-11-21</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/RSA/">RSA</a></span></div><div class="content">Coppersmith 相关攻击与 Don Coppersmith 紧密相关,他提出了一种针对于模多项式(单变量,二元变量,甚至多元变量)找所有小整数根的多项式时间的方法。我们的目标是找到在模 N 意义下多项式所有的根,这一问题被认为是复杂的。Coppersmith method 主要是通过 Len ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/08/03/PHP%E4%B8%AD%E7%9A%84%E9%9A%8F%E6%9C%BA%E6%95%B0/" title="PHP中的随机数">PHP中的随机数</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-08-03 21:49:53"><i class="fa fa-calendar" aria-hidden="true"></i>2019-08-03</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/WEB/">WEB</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/WEB/">WEB</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/PHP/">PHP</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/rand/">rand</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/mt-rand/">mt_rand</a></span></div><div class="content">php中常用的随机数产生函数是 rand() 和 mt_rand()。但是生成的是伪随机数,不能应用于生成安全令牌、核心加解密 key 等。否则会产生一些安全问题。
何时自动播种
都知道,同一个种子产生的随机序列完全相同,因此种子在随机数中起着至关重要的地位。
自 PHP 4.2.0 起,不再需 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/08/02/CBC%E5%AD%97%E8%8A%82%E7%BF%BB%E8%BD%AC%E6%94%BB%E5%87%BB/" title="CBC字节翻转攻击">CBC字节翻转攻击</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-08-02 19:49:00"><i class="fa fa-calendar" aria-hidden="true"></i>2019-08-02</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/Crypto/">Crypto</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/WEB/">WEB</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/Crypto/">Crypto</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/AES/">AES</a></span></div><div class="content"> CBC
密码分组链接(Cipher Block Chaining,CBC),是分组密码的工作模式之一。加解密原理如下图:
每个分组长度为 16 字节或 32 字节。CBC的填充规则是缺少 N 位,就用 N 个 \xN 填充,如缺少 11 位则用 11 个 \x0b 填充。
其中 IVIVIV 为 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/07/21/CSRF%E5%B0%8F%E7%BB%93/" title="CSRF小结">CSRF小结</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-07-21 23:20:03"><i class="fa fa-calendar" aria-hidden="true"></i>2019-07-21</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/WEB/">WEB</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/WEB/">WEB</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/XSS/">XSS</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CSRF/">CSRF</a></span></div><div class="content"> CSRF
跨站请求伪造(Cross-Site Request Forgery,CSRF),攻击者通过伪装来自某个网站受信任用户,对该网站发送恶意请求。
XSS 与 CSRF 的区别:
XSS:
攻击者发现XSS漏洞 —> 构造代码 —> 发送给受害人 —> 受害人打开 —> ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/07/20/%E6%B5%85%E8%B0%88CSP%E5%86%85%E5%AE%B9%E5%AE%89%E5%85%A8%E7%AD%96%E7%95%A5/" title="浅谈CSP内容安全策略">浅谈CSP内容安全策略</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-07-20 22:36:29"><i class="fa fa-calendar" aria-hidden="true"></i>2019-07-20</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/WEB/">WEB</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/WEB/">WEB</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/XSS/">XSS</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CSP/">CSP</a></span></div><div class="content"> CSP
内容安全策略(Content Security Policy,CSP),是一个附加的安全层,有助于检测并缓解某些类型的攻击,包括跨站脚本(XSS)和数据注入攻击。
CSP 的实质就是白名单制度,开发者明确告诉客户端,哪些外部资源可以加载和执行,等同于提供白名单。它的实现和执行全部由浏览器完 ...</div></div></div><div class="recent-post-item"><div class="recent-post-info no-cover"><a class="article-title" href="/2019/07/13/%E6%B5%85%E8%B0%88SOP%E5%90%8C%E6%BA%90%E7%AD%96%E7%95%A5/" title="浅谈SOP同源策略">浅谈SOP同源策略</a><div class="article-meta-wrap"><time class="post-meta__date" title="Created 2019-07-13 22:20:49"><i class="fa fa-calendar" aria-hidden="true"></i>2019-07-13</time><span class="article-meta"><span class="article-meta__separator">|</span><i class="fa fa-inbox article-meta__icon" aria-hidden="true"></i><a class="article-meta__categories" href="/categories/WEB/">WEB</a></span><span class="article-meta tags"><span class="article-meta__separator">|</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/WEB/">WEB</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/XSS/">XSS</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/SOP/">SOP</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/CORS/">CORS</a><span class="article-meta__link">-</span><i class="fa fa-tag article-meta__icon" aria-hidden="true"></i><a class="article-meta__tags" href="/tags/JSONP/">JSONP</a></span></div><div class="content">web 安全的基石就是同源政策。
何为同源
几个页面的协议、主机名、端口相同,那么就认为这些页面是同源的。
如与 http://book.nonuplebroken.com:80/index.php 比较:
URL
是否同源
备注
http://book.nonuplebroken. ...</div></div></div><nav id="pagination"><div class="pagination"><span class="page-number current">1</span><a class="page-number" href="/page/2/">2</a><a class="page-number" href="/page/3/">3</a><a class="extend next" rel="next" href="/page/2/"><i class="fa fa-fw fa-chevron-right" aria-hidden="true"></i></a></div></nav></div><div class="aside_content" id="aside_content"><div class="card-widget card-info"><div class="card-content"><div class="card-info-avatar is-center"><img class="avatar-img" src="https://i.loli.net/2020/06/15/imOPRpIQl1aNYSH.jpg" onerror="this.onerror=null;this.src='/img/friend_404.gif'" alt="avatar"/><div class="author-info__name">NonupleBroken</div><div class="author-info__description">Everything that kills me makes me feel alive.</div></div><div class="card-info-data"><div class="card-info-data-item is-center"><a href="/archives"><div class="headline">Articles</div><div class="length_num">28</div></a></div><div class="card-info-data-item is-center"> <a href="/tags"><div class="headline">Tags</div><div class="length_num">37</div></a></div><div class="card-info-data-item is-center"> <a href="/categories"><div class="headline">Categories</div><div class="length_num">7</div></a></div></div><div class="card-info-bookmark is-center"><a class="bookmark button--primary button--animated" id="bookmark-it" href="javascript:;" title="Bookmark" target="_self"><i class="fa fa-bookmark" aria-hidden="true"></i><span>Bookmark</span></a></div><div class="card-info-social-icons is-center"><a class="social-icon" href="https://github.com/nonuplebroken" target="_blank" title="Github"><i class="fa fa-github" aria-hidden="true"></i></a><a class="social-icon" href="javascript:alert(atob('bm9udXBsZWJyb2tlbkBnbWFpbC5jb20='))" target="_blank" title="Email"><i class="fa fa-envelope" aria-hidden="true"></i></a></div></div></div><div class="card-widget card-recent-post"><div class="card-content"><div class="item-headline"><i class="fa fa-history" aria-hidden="true"></i><span>Recent Post</span></div><div class="aside-recent-item"><div class="aside-recent-post"><a href="/2021/05/10/2021%E6%B4%A5%E9%97%A8%E6%9D%AFjustOCB/"><div class="aside-post-title no-aside-cover"><div class="aside-post_title" href="/2021/05/10/2021%E6%B4%A5%E9%97%A8%E6%9D%AFjustOCB/" title="2021津门杯justOCB">2021津门杯justOCB</div><time class="aside-post_meta post-meta__date" title="Created 2021-05-10 23:59:59">2021-05-10</time></div></a></div><div class="aside-recent-post"><a href="/2020/06/14/%E7%BA%BF%E6%80%A7%E5%90%8C%E4%BD%99%E7%94%9F%E6%88%90%E5%99%A8/"><div class="aside-post-title no-aside-cover"><div class="aside-post_title" href="/2020/06/14/%E7%BA%BF%E6%80%A7%E5%90%8C%E4%BD%99%E7%94%9F%E6%88%90%E5%99%A8/" title="线性同余生成器">线性同余生成器</div><time class="aside-post_meta post-meta__date" title="Created 2020-06-14 22:44:15">2020-06-14</time></div></a></div><div class="aside-recent-post"><a href="/2020/06/10/%E5%8F%8D%E9%A6%88%E7%A7%BB%E4%BD%8D%E5%AF%84%E5%AD%98%E5%99%A8/"><div class="aside-post-title no-aside-cover"><div class="aside-post_title" href="/2020/06/10/%E5%8F%8D%E9%A6%88%E7%A7%BB%E4%BD%8D%E5%AF%84%E5%AD%98%E5%99%A8/" title="反馈移位寄存器">反馈移位寄存器</div><time class="aside-post_meta post-meta__date" title="Created 2020-06-10 21:30:15">2020-06-10</time></div></a></div><div class="aside-recent-post"><a href="/2020/06/03/Shamir%E5%AF%86%E9%92%A5%E5%88%86%E4%BA%AB%E7%AE%97%E6%B3%95/"><div class="aside-post-title no-aside-cover"><div class="aside-post_title" href="/2020/06/03/Shamir%E5%AF%86%E9%92%A5%E5%88%86%E4%BA%AB%E7%AE%97%E6%B3%95/" title="Shamir密钥分享算法">Shamir密钥分享算法</div><time class="aside-post_meta post-meta__date" title="Created 2020-06-03 23:45:20">2020-06-03</time></div></a></div><div class="aside-recent-post"><a href="/2019/11/21/RSA%20Coppersmith%E7%9B%B8%E5%85%B3%E6%94%BB%E5%87%BB/"><div class="aside-post-title no-aside-cover"><div class="aside-post_title" href="/2019/11/21/RSA%20Coppersmith%E7%9B%B8%E5%85%B3%E6%94%BB%E5%87%BB/" title="RSA Coppersmith相关攻击">RSA Coppersmith相关攻击</div><time class="aside-post_meta post-meta__date" title="Created 2019-11-21 19:47:11">2019-11-21</time></div></a></div></div></div></div><div class="card-widget card-categories"><div class="card-content"><div class="item-headline"><i class="fa fa-folder-open" aria-hidden="true"></i><span>Categories</span></div><ul class="card-category-list">
<li class="card-category-list-item"><a class="card-category-list-link" href="/categories/Crypto/"><span class="card-category-list-name">Crypto</span><span class="card-category-list-count">12</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/Docker/"><span class="card-category-list-name">Docker</span><span class="card-category-list-count">1</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/Forensics/"><span class="card-category-list-name">Forensics</span><span class="card-category-list-count">2</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/Linux/"><span class="card-category-list-name">Linux</span><span class="card-category-list-count">2</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/Python/"><span class="card-category-list-name">Python</span><span class="card-category-list-count">1</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/WEB/"><span class="card-category-list-name">WEB</span><span class="card-category-list-count">9</span></a></li><li class="card-category-list-item"><a class="card-category-list-link" href="/categories/general-skills/"><span class="card-category-list-name">general skills</span><span class="card-category-list-count">1</span></a></li>
</ul></div></div><div class="card-widget card-tags"><div class="card-content"><div class="item-headline"><i class="fa fa-tags" aria-hidden="true"></i><span>Tags</span></div><div class="card-tag-cloud"><a href="/tags/AES/" style="font-size: 16px; color: #999">AES</a> <a href="/tags/CORS/" style="font-size: 16px; color: #999">CORS</a> <a href="/tags/CSP/" style="font-size: 16px; color: #999">CSP</a> <a href="/tags/CSRF/" style="font-size: 16px; color: #999">CSRF</a> <a href="/tags/Crypto/" style="font-size: 22px; color: #99a9bf">Crypto</a> <a href="/tags/Docker/" style="font-size: 16px; color: #999">Docker</a> <a href="/tags/FTP/" style="font-size: 16px; color: #999">FTP</a> <a href="/tags/Forensics/" style="font-size: 17px; color: #999c9f">Forensics</a> <a href="/tags/JSONP/" style="font-size: 16px; color: #999">JSONP</a> <a href="/tags/LCG/" style="font-size: 16px; color: #999">LCG</a> <a href="/tags/LFSR/" style="font-size: 16px; color: #999">LFSR</a> <a href="/tags/Linux/" style="font-size: 17px; color: #999c9f">Linux</a> <a href="/tags/PHP/" style="font-size: 18px; color: #999ea6">PHP</a> <a href="/tags/Python/" style="font-size: 16px; color: #999">Python</a> <a href="/tags/QR-code/" style="font-size: 16px; color: #999">QR_code</a> <a href="/tags/RSA/" style="font-size: 20px; color: #99a4b2">RSA</a> <a href="/tags/Regular-Expression/" style="font-size: 16px; color: #999">Regular Expression</a> <a href="/tags/SOP/" style="font-size: 16px; color: #999">SOP</a> <a href="/tags/SQL%E4%BA%8C%E6%AC%A1%E6%B3%A8%E5%85%A5/" style="font-size: 16px; color: #999">SQL二次注入</a> <a href="/tags/SQL%E6%B3%A8%E5%85%A5/" style="font-size: 17px; color: #999c9f">SQL注入</a> <a href="/tags/Shamir/" style="font-size: 16px; color: #999">Shamir</a> <a href="/tags/Steganography/" style="font-size: 16px; color: #999">Steganography</a> <a href="/tags/VMware/" style="font-size: 16px; color: #999">VMware</a> <a href="/tags/Volatility/" style="font-size: 17px; color: #999c9f">Volatility</a> <a href="/tags/WEB/" style="font-size: 21px; color: #99a6b9">WEB</a> <a href="/tags/Wireshark/" style="font-size: 16px; color: #999">Wireshark</a> <a href="/tags/XML/" style="font-size: 16px; color: #999">XML</a> <a href="/tags/XSS/" style="font-size: 19px; color: #99a1ac">XSS</a> <a href="/tags/XXE/" style="font-size: 16px; color: #999">XXE</a> <a href="/tags/gimp/" style="font-size: 16px; color: #999">gimp</a></div></div></div><div class="card-widget card-archives"><div class="card-content"><div class="item-headline"><i class="fa fa-archive" aria-hidden="true"></i><span>Archives</span></div><ul class="card-archive-list"><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2021/05/"><span class="card-archive-list-date">May 2021</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2020/06/"><span class="card-archive-list-date">June 2020</span><span class="card-archive-list-count">3</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/11/"><span class="card-archive-list-date">November 2019</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/08/"><span class="card-archive-list-date">August 2019</span><span class="card-archive-list-count">2</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/07/"><span class="card-archive-list-date">July 2019</span><span class="card-archive-list-count">4</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/06/"><span class="card-archive-list-date">June 2019</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/05/"><span class="card-archive-list-date">May 2019</span><span class="card-archive-list-count">1</span></a></li><li class="card-archive-list-item"><a class="card-archive-list-link" href="/archives/2019/04/"><span class="card-archive-list-date">April 2019</span><span class="card-archive-list-count">3</span></a></li><li class="card-archive-list-item more is-center"><a class="card-archive-list-link-more" href="/archives">
<span>More</span><i class="fa fa-angle-right" aria-hidden="true"></i></a></li></ul></div></div><div class="card-widget card-webinfo"><div class="card-content"><div class="item-headline"><i class="fa fa-line-chart" aria-hidden="true"></i><span>Info</span></div><div class="webinfo"><div class="webinfo-item"><div class="webinfo-article-name">Article :</div><div class="webinfo-article-count">28</div></div><div class="webinfo-item"><div class="webinfo-runtime-name">Run time :</div><div class="webinfo-runtime-count" id="webinfo-runtime-count" start_date="2018/10/29 07:58:00"> </div></div><div class="webinfo-item"> <div class="webinfo-site-uv-name">UV :</div><div class="webinfo-site-uv-count" id="busuanzi_value_site_uv"></div></div><div class="webinfo-item"><div class="webinfo-site-name">PV :</div><div class="webinfo-site-pv-count" id="busuanzi_value_site_pv"></div></div></div></div></div></div></main><footer id="footer" style="background-image: url(https://i.loli.net/2020/06/16/3uL79nmOC6VlDNb.jpg)" data-type="photo"><div id="footer-wrap"><div class="copyright">©2018 - 2021 By NonupleBroken</div><div class="framework-info"><span>Driven </span><a href="https://hexo.io" target="_blank" rel="noopener"><span>Hexo</span></a><span class="footer-separator">|</span><span>Theme </span><a href="https://github.com/jerryc127/hexo-theme-butterfly" target="_blank" rel="noopener"><span>Butterfly</span></a></div><div class="footer_custom_text">Welcome and have fun!</div></div></footer></div><section class="rightside" id="rightside"><div id="rightside-config-hide"><i class="darkmode fa fa-moon-o" id="darkmode" title="Dark Mode"></i></div><div id="rightside-config-show"><div id="rightside_config" title="Setting"><i class="fa fa-cog" aria-hidden="true"></i></div><i class="fa fa-arrow-up" id="go-up" title="Back to top" aria-hidden="true"></i></div></section><div class="search-dialog" id="local-search"><div class="search-dialog__title" id="local-search-title">Local search</div><div id="local-input-panel"><div id="local-search-input"><div class="local-search-box"><input class="local-search-box--input" placeholder="Search for Posts" type="text"/></div></div></div><hr/><div id="local-search-results"><div id="local-hits"></div><div id="local-stats"><div class="local-search-stats__hr" id="hr"><span>Powered by</span> <a href="https://github.com/wzpan/hexo-generator-search" target="_blank" rel="noopener" style="color:#49B1F5;">hexo-generator-search</a></div></div></div><span class="search-close-button"><i class="fa fa-times"></i></span></div><div class="search-mask"></div><script src="https://cdn.jsdelivr.net/npm/jquery@latest/dist/jquery.min.js"></script><script src="/js/utils.js"></script><script src="/js/main.js"></script><script src="https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@latest/dist/jquery.fancybox.min.js"></script><script src="https://cdn.jsdelivr.net/npm/node-snackbar/dist/snackbar.min.js"></script><script id="canvas_nest" color="0,0,255" opacity="0.7" zIndex="-1" count="99" mobile="false" src="/js/third-party/canvas-nest.js"></script><script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script><script src="https://cdn.jsdelivr.net/npm/instant.page@3/instantpage.min.js" type="module"></script><script src="/js/search/local-search.js"></script><script src="https://cdn.jsdelivr.net/npm/typed.js"></script><script>var subtitleEffect = true
if (subtitleEffect) {
var typed = new Typed("#subtitle", {
strings: '自强不息,止于至善。'.split(","),
startDelay: 300,
typeSpeed: 150,
loop: false,
backSpeed: 50
})
} else {
document.getElementById("subtitle").innerHTML = '自强不息,止于至善。'
}</script></body></html>