2024FIC 第四届全国网络空间取证竞赛—线上赛（服务器部分）

因为使用仿真软件会破坏 esxi 镜像引导，因此学会手动挂载是必要的

关掉杀软等会占用磁盘的软件
FTK（一定要是图标是放大镜的版本）挂载镜像，有几块挂几块，一次性挂挂好，务必可读可写（不一定 FTK，看自己习惯什么挂载软件就用什么挂载）
管理员模式打开 vmware，cpu 和内存给大点，先挂系统盘，再挂数据盘
成功启动

手动绕密（exsi7 及以下）

手动加一块 iso 镜像
打开电源时进入固件，选第二个
进入试用模式

cp state.tgz /tmp
cd /tmp
tar xzf state.tgz
tar xzf local.tgz
cd etc
cp shadow shadow.bak
nano shadow #shadow咋改你懂得
cd ..
tar czf local.tgz etc
tar czf state.tgz local.tgz
cp /tmp/state.tgz /media/ubuntu/586C-10CC2
空密码登录

esxi 服务器的 esxi 版本为？

挂起来就好

请分析 ESXi 服务器，该系统的安装日期为：

请分析 ESXi 服务器数据存储“datastore”的 UUID 是？

ESXI 服务器的原 IP 地址？

仿起来就好

EXSI 服务器中共创建了几个虚拟机？

网站服务器绑定的 IP 地址为？

fscan 开扫就完事了

rocketchat 手动绕个密

#mermaid-svg-TdUaS7vfjISubMSB {font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;fill:#333;}#mermaid-svg-TdUaS7vfjISubMSB .error-icon{fill:#552222;}#mermaid-svg-TdUaS7vfjISubMSB .error-text{fill:#552222;stroke:#552222;}#mermaid-svg-TdUaS7vfjISubMSB .edge-thickness-normal{stroke-width:2px;}#mermaid-svg-TdUaS7vfjISubMSB .edge-thickness-thick{stroke-width:3.5px;}#mermaid-svg-TdUaS7vfjISubMSB .edge-pattern-solid{stroke-dasharray:0;}#mermaid-svg-TdUaS7vfjISubMSB .edge-pattern-dashed{stroke-dasharray:3;}#mermaid-svg-TdUaS7vfjISubMSB .edge-pattern-dotted{stroke-dasharray:2;}#mermaid-svg-TdUaS7vfjISubMSB .marker{fill:#333333;stroke:#333333;}#mermaid-svg-TdUaS7vfjISubMSB .marker.cross{stroke:#333333;}#mermaid-svg-TdUaS7vfjISubMSB svg{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:16px;}#mermaid-svg-TdUaS7vfjISubMSB .label{font-family:\”trebuchet ms\”,verdana,arial,sans-serif;color:#333;}#mermaid-svg-TdUaS7vfjISubMSB .cluster-label text{fill:#333;}#mermaid-svg-TdUaS7vfjISubMSB .cluster-label span{color:#333;}#mermaid-svg-TdUaS7vfjISubMSB .label text,#mermaid-svg-TdUaS7vfjISubMSB span{fill:#333;color:#333;}#mermaid-svg-TdUaS7vfjISubMSB .node rect,#mermaid-svg-TdUaS7vfjISubMSB .node circle,#mermaid-svg-TdUaS7vfjISubMSB .node ellipse,#mermaid-svg-TdUaS7vfjISubMSB .node polygon,#mermaid-svg-TdUaS7vfjISubMSB .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#mermaid-svg-TdUaS7vfjISubMSB .node .label{text-align:center;}#mermaid-svg-TdUaS7vfjISubMSB .node.clickable{cursor:pointer;}#mermaid-svg-TdUaS7vfjISubMSB .arrowheadPath{fill:#333333;}#mermaid-svg-TdUaS7vfjISubMSB .edgePath .path{stroke:#333333;stroke-width:2.0px;}#mermaid-svg-TdUaS7vfjISubMSB .flowchart-link{stroke:#333333;fill:none;}#mermaid-svg-TdUaS7vfjISubMSB .edgeLabel{background-color:#e8e8e8;text-align:center;}#mermaid-svg-TdUaS7vfjISubMSB .edgeLabel rect{opacity:0.5;background-color:#e8e8e8;fill:#e8e8e8;}#mermaid-svg-TdUaS7vfjISubMSB .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#mermaid-svg-TdUaS7vfjISubMSB .cluster text{fill:#333;}#mermaid-svg-TdUaS7vfjISubMSB .cluster span{color:#333;}#mermaid-svg-TdUaS7vfjISubMSB div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:\”trebuchet ms\”,verdana,arial,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#mermaid-svg-TdUaS7vfjISubMSB :root{–mermaid-font-family:\”trebuchet ms\”,verdana,arial,sans-serif;}

重启

进入单用户模式

关闭SELinux

进入单用户模式

修改或替换root密码

检查/etc/passwd

成功绕密

开机启动，选择（core），按++e++键

如果是 CentOS，则修改 ro 为 rw init=/sysroot/bin/sh；如果是 Ubuntu，则修改 ro 为 rw single init=/bin/bash

按++ctrl+x++，进入 shell 界面，再输入

chroot /sysroot

输入下面的命令修改密码，需要输入两次来确认密码

passwd

关闭 SELinux（可选）

编辑 SELinux 的 config 文件

sudo vi /etc/selinux/config

找到 SELINUX=enforcing 或 SELINUX=permissive 字段，按++i++进入编辑模式，将参数 SELINUX=enforcing 或 SELINUX=permissive 修改为 SELINUX=disabled，并保存++colon+w+q++

重启

reboot

网站服务器的登录密码为？

fscan 扫出来了

网站服务器所使用的管理面板登陆入口地址对应的端口号为：

www 执行 bt 14

[root@localhost ~]# bt 14
===============================================
正在执行(14)...
===============================================
curl: (28) Resolving timed out after 4519 milliseconds
curl: (28) Resolving timed out after 4519 milliseconds
curl: (28) Resolving timed out after 4517 milliseconds
==================================================================
BT-Panel default info!
==================================================================
获取外网IP失败，请使用服务器公网IP+端口访问面板
外网面板地址: https://服务器公网IP:14131/adec8c75
内网面板地址: https://192.168.8.89:14131/adec8c75
username: j9oehwoa
password: ********
Warning:
If you cannot access the panel,
release the following port (8888|888|80|443|20|21) in the security group
注意：初始密码仅在首次登录面板前能正确获取，其它时间请通过 bt 5 命令修改密码
==================================================================

网站服务器的 web 目录是？

www 执行

[root@localhost ~]# ls /
bin boot dev etc home lib lib64 media mnt opt patch proc root run sbin srv sys tmp usr var webapp webapp.zip www
[root@localhost ~]# ls /webapp
dist group luck-prize qz 7.11 ruoyi-admin.jar0826 ruoyi-admin.jar0904 ruoyi-admin.jar 7.26 ruoyi-admin.jar8.16 test
dist0826 index.html nohup.out restart.sh ruoyi-admin.jar0827 ruoyi-admin.jar0907 ruoyi-admin.jar8.14 ruoyi-admin.jarbak
dist0906 kill.sh profile ruoyi-admin.jar ruoyi-admin.jar0828 ruoyi-admin.jar0915 ruoyi-admin.jar8.15 ruoyi-admin.pid
down logs qz ruoyi-admin.jar0818 ruoyi-admin.jar08281 ruoyi-admin.jar 7.19 ruoyi-admin.jar8.151 start.sh

/www/server/nginx/conf/nginx.conf 查看 nginx 反证

user www www;
worker_processes auto;
error_log /www/wwwlogs/nginx_error.log crit;
pid /www/server/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;

stream {
log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';

access_log /www/wwwlogs/tcp-access.log tcp_format;
error_log /www/wwwlogs/tcp-error.log;
include /www/server/panel/vhost/nginx/tcp/*.conf;
}

events
{
use epoll;
worker_connections 51200;
multi_accept on;
}

http
{
include mime.types;
#include luawaf.conf;

include proxy.conf;
lua_package_path "/www/server/nginx/lib/lua/?.lua;;";

default_type application/octet-stream;

server_names_hash_bucket_size 512;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;

sendfile on;
tcp_nopush on;

keepalive_timeout 60;

tcp_nodelay on;

fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\\.";

limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m;

server_tokens off;
access_log off;

server
{
listen 80;
server_name adminjmhw.sdxfwl.top;
index index.html;
root /webapp/dist;
#解决页面刷新404问题
try_files $uri $uri/ /index.html;

location /prod-api/ {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

}

server
{
listen 80;
server_name groupadmin.sdxfwl.top;

index index.html;
root /webapp/group;
#解决页面刷新404问题
try_files $uri $uri/ /index.html;

server
{
listen 80;
server_name zihoutaijmhw.sdxfwl.top;

index index.html;
root /webapp/qz;
#解决页面刷新404问题
try_files $uri $uri/ /index.html;

}

server
{
listen 80;
server_name apijmhw.sdxfwl.top;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

#抽奖页面
location /luck-prize{
#解决页面刷新404问题
try_files $uri $uri/ /luck-prize/index.html;
index index.html;
alias /webapp/luck-prize;
}

location /download{
try_files $uri $uri/ /down/index.html;
index index.html;
alias /webapp/down;
}

location /app{
try_files $uri $uri/ /app/app.apk;
alias /webapp/app;
}

}

server
{
listen 80;
server_name xiazai.sdxfwl.top;
location / {
root /webapp/down;
try_files $uri $uri/ /down/index.html;
index index.html;
}
#抽奖页面
location /index{
#解决页面刷新404问题
try_files $uri $uri/ /www/server/nginx/guanwang/index.html;
index index.html;

}
location /app{
alias /webapp/app;
try_files $uri $uri/ /app/app.apk;
}

}

server
{
listen 8888;

#抽奖页面
location /{
root /www/server/nginx/guanwang;

index index.html;

}

}
server
{
listen 888;
server_name phpmyadmin;
index index.html index.htm index.php;
root /www/server/phpmyadmin;
location ~ /tmp/ {
return 403;
}

#error_page 404 /404.html;
include enable-php.conf;

location ~ .*\\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}

location ~ .*\\.(js|css)?$
{
expires 12h;
}

location ~ /\\.
{
deny all;
}

access_log /www/wwwlogs/access.log;
}
include /www/server/panel/vhost/nginx/*.conf;
}

网站配置中 Redis 的连接超时时间为多少秒

[root@localhost tmp]# cat BOOT-INF/classes/application.yml
# 项目相关配置
ruoyi:
# 名称
name: 集美好物
# 版本
version: 3.8.2
# 版权年份
copyrightYear: 2022
# 实例演示开关
demoEnabled: true
# 文件路径示例（ Windows配置D:/ruoyi/uploadPath，Linux配置 /home/ruoyi/uploadPath）
profile: /webapp/profile
# 域名链接
domainUrl: http://apijmhw.sdxfwl.top
# domainUrl: https://287h06775m.picp.vip
# 获取ip地址开关
addressEnabled: false
# 验证码类型 math 数组计算 char 字符验证
captchaType: math

# 开发环境配置
server:
# 服务器的HTTP端口，默认为8080
port: 8080
servlet:
# 应用的访问路径
context-path: /
tomcat:
# tomcat的URI编码
uri-encoding: UTF–8
# 连接数满后的排队数，默认为100
accept-count: 1000
threads:
# tomcat最大线程数，默认为200
max: 800
# Tomcat启动初始化的线程数，默认值10
min-spare: 100

# 日志配置
logging:
level:
com.ruoyi: debug
org.springframework: warn

# 腾讯云
tencent:
cloud:
im:
sdkAppId: 1400814018
key: 388ab0a1f2ab6413e97932fe0afef716ba4b1f989fa5470925891853ea0dfc98

#阿里云人脸识别
aliyun-face:
regionId: cn–hangzhou
accessKey: LTAI5tM8RJiEEuJnHfT8uVaa
secret: 19THhUjxRFhaeWlUJhIG5uV16hyFID

# Spring配置
spring:
# 资源信息
messages:
# 国际化资源文件路径
basename: i18n/messages
profiles:
active: druid
# 文件上传
servlet:
multipart:
# 单个文件大小
max-file-size: 10MB
# 设置总上传的文件大小
max-request-size: 20MB
# 服务模块
devtools:
restart:
# 热部署开关
enabled: true
# redis 配置
redis:
# 地址
host: localhost
# 端口，默认为6379
port: 6379
# 数据库索引
database: 3
# 密码
password:
# 连接超时时间
timeout: 10s
lettuce:
pool:
# 连接池中的最小空闲连接
min-idle: 0
# 连接池中的最大空闲连接
max-idle: 8
# 连接池的最大数据库连接数
max-active: 8
# #连接池最大阻塞等待时间（使用负值表示没有限制）
max-wait: –1ms

# token配置
token:
# 令牌自定义标识
header: Authorization
# 令牌密钥
secret: abcdefghijklmnopqrstuvwxyz
# 令牌有效期（默认30分钟）
expireTime: 1440

# MyBatis配置
mybatis:
# 搜索指定包别名
typeAliasesPackage: com.ruoyi.**.domain
# 配置mapper的扫描，找到所有的mapper.xml映射文件
mapperLocations: classpath*:mapper/**/*Mapper.xml
# 加载全局的配置文件
configLocation: classpath:mybatis/mybatis–config.xml

# PageHelper分页插件
pagehelper:
helperDialect: mysql
# 超出页数返回最后一页
reasonable: false
supportMethodsArguments: true
params: count=countSql

# Swagger配置
swagger:
# 是否开启swagger
enabled: true
# 请求前缀
pathMapping: /

# 防止XSS攻击
xss:
# 过滤开关
enabled: true
# 排除链接（多个用逗号分隔）
excludes: /system/notice
# 匹配链接
urlPatterns: /system/*,/monitor/*,/tool/*

# 加密
security:
publicKey: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrhYO3r2h87IITw/H3ZMYJbBOip0WWjkez2dGcqkXWmBLcovAkZ5bqY0WMWmODlTuW2fFk7nZRTytbOgmfd9rCx5Ehx4du2VhTXnhI4VtpNC6q+NRt075MnBiIFqBW7UEMRpc1rDcSVWRZVhL8VY47B35gRiAzslxMrtZuIm75M1P4DWt57QCy6D1Kvsbvk5IvevMDZflTV6DwjABqrKXV5OmGetbehb5D7Ap5jWcQVE845lrKf4dCCi+hX9ebYCsxQOg6/jLH2Qo2FKZ3BECh1SfjUfuhjleP0obi/egvPYHubxR4u2RJ/hdUX68umXh7/AbT7mjD+GqLunf1xD8wIDAQAB
privateKey: MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCyuFg7evaHzsghPD8fdkxglsE6KnRZaOR7PZ0ZyqRdaYEtyi8CRnlupjRYxaY4OVO5bZ8WTudlFPK1s6CZ932sLHkSHHh27ZWFNeeEjhW2k0Lqr41G3TvkycGIgWoFbtQQxGlzWsNxJVZFlWEvxVjjsHfmBGIDOyXEyu1m4ibvkzU/gNa3ntALLoPUq+xu+Tki968wNl+VNXoPCMAGqspdXk6YZ61t6FvkPsCnmNZxBUTzjmWsp/h0IKL6Ff15tgKzFA6Dr+MsfZCjYUpncEQKHVJ+NR+6GOV4/ShuL96C89ge5vFHi7ZEn+F1Rfry6ZeHv8BtPuaMP4aou6d/XEPzAgMBAAECggEBAKvXswbmMbvdqPLEAhHXZpMNAZhTD/KUd/TEBpWxEh+7fXkwyciPSN2KtBSTX0L6ZDWMYQZLMhUwcjsiD49buBvf2z394BrCUR13+jergtc9e38680WrHZbcI9mEThQRP5krshU3tWrKssxPWNZdFB5CJNcnabKfoa46TNC7LSL3NNkofKrH9kdi1J5GnDR3c3+nuflPy4aM9iqMtPlp+J+kBcRq/9DXoZrBZouu/4QJ7241iGofKVu8HjhfBNUyXWDI9JKu5t291unXYJ13vgGmNkzced+6TK1quPA9pQIOktw0a2daVepnLeoJ0jJBQcdEHf8d8ounb/Z9LdXnl/kCgYEA6JB8lp16fnjMTeQpgLw9R2Eq9jfTZx1jZqIOQJ6dLuX0YOW+l64eZwhd8dEfPkK+2AptWqX87OnRs/5iR607oWuWnyvmlziN2emx+Y9BAKbGhP7E2F/pZ0kLQQ11FxkNwwndJjwnBH/9O4n9CAFJimDZ8lwhxYZDIVhs89v91v0CgYEAxLrTMz9IcT7zfI/egxohgOluylRLRke+IlQ66TPF0oPnRqthouoYHh3HySAjdsyBKd/Vi/CCQFZWrUg15quHuRoxBHOD4t+AybX3aFKK18ILNBJ7ioZ6gHFxgqXPewb4SGWWv4MNT/4IzIx6mJ4Lh4Z3BdxRQ8adWsN80Gmlka8CgYBtb2ghG7ODheZllMLu4CVZzGCCAh0JfavDpOheAgVnBzBq1FFOYNHPnAFRBB3Wl2Pkl2uD523QMerK7x5iKiNQPydeeTMF38foTe7Ax2dIHjJ2bMhGJUPYpWeVUfbSSqjOKXsWPeICXRPVi4Y02R447oBAapg9sYMvUsPaMKAPJQKBgQCXGWdd1R0u3crlwRqGV2ukN6aAgH3QXQoME+Wrd7hZGDZqcPdsyZ/8gaMRNz4F4MzT/Ldn5DImeCnarbu4j8aOxS8g3BhQCJpCUyDTX5KEZOV1+TwqCV/Nh1RHpFLXi2LnOB+wuFdhORxI/xyqW7k/PmfseGtyQvpY3AzhhkNEwQKBgQCmXBf7PrI7gi+PCrtSgQEbm84bda6Y9b24095KLDA22VtabYmF7VwvzJxoHUKtpd2nrcQT/1eZkbLaEsoVP0wFKtvIiTzQZ3VPOHuJiLctAcrQ4hKVI/6nu2r+yRCCar9gcrqB3TLZb+oyR+nPmcBSok78zdeUpFseYaGgbGouwg==

#支付宝
alipay:
pid: 2088441384291084
appId: 2021003181631188
privateKey: MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDUB6gxWCkmKJkYulS2hnKMN0FG8OWFwpYie6ytLVnbZZdejY95sg42wFIhTdu6ItQDm417BogazyKfMneSfUGuzpuhwByJr7dBcmuoD3YIEYsGJehLsIqRaLYIeqd42s71sdtTHfviml38tk174SsIEwK21XlM2uBC8YRrQqOYj7nFVcKlEAF0kDISuyBtyQY7Kp5CXM6yW8HJACO1RXocbb6o5IgaXoBn3osr3JScjrbL53jr6Ha7TvQIz7slCiatkxNiFQZy13sMRcZrbUzifg0uZJnTFIA/zFSmD9bifVHAhZ5qBln6Q7Ts0ADpoj14acz18IT+epfLHE0QjFZrAgMBAAECggEBAI0+1JKakj7zSJmqdwhopCI4JOonTB9BM1ahYLS0w2leUeoRD4UYUlOy5oN9JGTpEqecljFgdoa1efDnY7RYcMsMo6yrF9e5ELEukf0Q36YcWaqs0gSqBIU9ZhZb7viZesk9xEeob8XS482XfCKMK2hjkalOqFHEdSTjUz1I1UapMNdNgQyKy5LhhTfOFu2Gozl0UuiH7pmzSQpTTPSDmXJbsvrW5H/KM7UZU0vxdB+7Osib0c9CvaMNqIri/uNBkCIATUEQQgunCqAQDhj5CN2VWw058/TZh1qPG8rrxutrP9hg4m9KUXBE3mfzKXADmef/x/jEhGsxo1UCI3mov2ECgYEA+7x7wGn8JEnTrgt61WCB2I2jTrXl+MGpq2DK3+3HynjB8aRP7kjToNUB4rqy4mAZ2z+GWIFtD8oml5Qf470Sx/4chB6QjR23g3RYSrG0hfFtWjdZYIQrL9PX0jwJ8I04sNTcYosfwGsZiTxxHl9G44lbA6ngTBqGwIVx5oHeRoMCgYEA158CO2bzfswoxZnQYohZYwmanLLy8P9tFBZZFbbzsEjbsy3Tr+K+HSKxo51WBp7UqBzG3ELQ+/n+G/mG9ett20f3GPvUe/vEO55KrlLdZDE8pmzFQCQD4DNX+u0Ln6ryxltihh3ZhPZXdVg9qhnKP0eOMbo6kzesx+HAEfrLa/kCgYAQK9F/UM+jvSJeAdrILkTpFmAxRDobusUdf0BJFktJVGyRC08fLYp6wHQ4jmnDZQ0EKpaExPuukfvcrOVHifPU6RwH2LbMeeY6CZVKZxQDrripnPie3J6xmdg5ZyX0T/4eTe5CXlGR2M9xI3LY0qIJJ9+y4ozIFsQlRe1FM36F5QKBgQCyZ2VAYxlbM28UuAScUjarZBniR4oNbzoAYdFJzztoA5CMe4FoSRKGJtuWBatVBPvtMQo02q/xnNHssZRCS4503eGMcWlJQHIH5hviiruVl8uX4+18+Y+fZLwJ6TIx5Q7Eon4te+srQWvxspYq9PXLT9hOOskWX/180MPL3JeNeQKBgGlIaT9Mru3EJ1q0537JIuq/58LN2RL//QIwjp/m7nXrLz0r7XLMzyKCcw2QNCLnl+Su83YLllEdaLXo/CkKYY5x7RbMPHLzI9+v844H2uhON6Up1VHcc94BM3UghNpmoUbqRdv9rsIckTwRNwtgGkVGvFziPVrPARVkb3v1eMk9

#alipay:
# pid: 2088541582026142
# appId: 2021003174680109
# privateKey: MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDNNk8fLV5gnxsWN3G8bwzW3H+BnuXgXckMEO/Qr3vJ2LrgRRxvO8bPrJmr57tPgoQwpbTn3wJv/af/9QSuqaboje5lFSX0NkBBppf+hjfn1vmlSO9kIHgyAkfstRmPkM8SJIoCT9gM0nYwge9FVUAJgegMxETLLLkg4F3RSIE3X6QmI7Fl+k/ww3Q8Qw+3mKRvGIf+FTacBLs/xKMsP8QV9M9PV10Jt8lh0nvW6QDY2FHt6Yzyy1atbHfopyrfU77CptJsGyOlxMD+5O2rK+K47fEWm2+wWwN89lh2qxZ7cl7vcTMoensDrjZpETPu9iVSP0e0Xl3wi7eR2hY5U903AgMBAAECggEAL1QmPW+OQ8SOT7pr3eTS1j82nSOTqwKWWtURKlU+vJfiydTGsRTdToplStOATN8yM7IUHiI+AqxC8fKFqO7x0tLhN6j//uoAOeP9TDOSc0MOgsNmivY+InKKOhqukYD5cRrCRbQ6hQKJRbjCAYCe61JtvXwKzb072UxF9v2855MaAASzxsO0RBhYwPsaaXG1Kq+2hBvQ0RlRuur3rJXQ3eWlfk9XpL5pLrWCNvEWQ40TB436R60DFBkEG95M6tXmnNLiYFGV37UsztH0qUw+PFCoBMt+T72+kg+l1DM1dVgyNYPWolFjZJxPyzi+SzdsxVSaBA1FDa9V1OTjZV/vWQKBgQD/3LcuiAYB/I/5g6azrhDzKjBusoFNPU+xpfIz5ub+xyTGZ54ZhFhNSeSgXlNoIVcfa+1bCvMSLvkIie1uaB3E8QivioU1uNEyu7jCapr+P1xIkw6Um1ZLx5lNfyigYqn6KaYWiIpMkAUje7ulNGr9YN4l3XAIO2kdW5rHCA9AlQKBgQDNUpvRt4iRoweMPsUNUpOWtJ+5b5RwGpFsGfRDrt8sdTvMEaDOyn3AiHrBiHuhAUrsAY2ZrvL20eFM+SpaTC1unqnRu8QykMfIQQ83PTsmNtKjoOBI5X4mOXeIrKpJGm53ecwOyOQcQv0xN9AwNHn7eJATPvO8YRrjK/0Dg6j3mwKBgAkvsoAAMD8IA19RA741xLQGUsDWtd/BEMhvDdghNS/2lHJvK/T8lHMJ8SR03ofBkrA1HsuDBCEmAJj24shxAoicotQyo/++x/wLU2Hfk/sG6VhNt1tMjHeiDfYDV8ESacnqjuUGN/jxvs18Vstiq2i3fqJbZfdVsrt0G4WD25BVAoGBAIyOQJ0QRy1rrX8UeVDldqN0guMuvy7/AQ4/tjefPqfwmT7Z0nu9othqlZ5nEDrn56IobgcG/Mx6YQGQkK2/+FoBw78QCv+SnTE5WHE4OYWvggMB3ogIkpMYQ/wMN4ZT0ct4VXjJjV7LfQh0bNCTG+5KWlbSgYgz8XQSaOI+/yyBAoGBAJ+ahhO8U54bM0m8vci2UTAHV7kliLlkK7RU9piRZzh1muOSZkef+XL6WICefJ91gtnv0UmEElbMYwgyxdsJK5VnVUgZVY8V4QBC4NpF0M5e1rt95LUAjQYqnHvqGboRhuUh7OxLzSyFZIBA1qZeXuyX3Mij8Rzc2593ONbaLCNt

网站普通用户密码中使用的盐值为

这里手撕或者重构网站都可以，我一开始选择手撕，感觉 ruoyi 框架开源的好手撕一点，重构写在文末

网站管理员用户密码的加密算法名称是什么

data 执行

[root@localhost ~]# docker inspect 9b | grep -i pass
"MYSQL_ROOT_PASSWORD=my-secret-pw",

bcrypt，一眼顶针

网站超级管理员用户账号创建的时间是？

重构进入网站之后，用户管理下的用户列表页面默认有多少页数据

这个只能重构

该网站的系统接口文档版本号为

搜 SwaggerConfig

该网站获取订单列表的接口

还是搜索关键字

受害人卢某的用户 ID

受害人卢某一共充值了多少钱

网站设置的单次抽奖价格为多少元

网站显示的总余额数是

只能重构

网站数据库的 root 密码

docker inspect 能看，cmd5 也可以跑，不过付费

数据库服务器的操作系统版本是

[root@localhost ~]# cat /etc/*release
CentOS Linux release 7.9.2009 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.9.2009 (Core)
CentOS Linux release 7.9.2009 (Core)

数据库服务器的 Docker Server 版本是

[root@localhost ~]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64

Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64
Experimental: false

数据库服务器中数据库容器的完整 ID 是

[root@localhost ~]# docker ps -a –no-trunc
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9bf1cecec3957a5cd23c24c0915b7d3dd9be5238322ca5646e3d9e708371b765 eclipse/mysql "docker-entrypoint.sh mysqld" 7 weeks ago Up 14 minutes 0.0.0.0:3306->3306/tcp mysql

数据库服务器中数据库容器使用的镜像 ID

[root@localhost ~]# docker images –no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/eclipse/mysql latest sha256:66c0e7ca4921e941cbdbda9e92242f07fe37c2bcbbaac4af701b4934dfc41d8a 6 years ago 436 MB

数据库服务器中数据库容器创建的北京时间

[root@localhost ~]# docker inspect 9b | grep -i create
"Created": "2024-03-13T12:15:23.02589108Z",

数据库服务器中数据库容器的 ip 是

[root@localhost ~]# docker inspect 9b | grep -i ip
"HostIp": "",
"IpcMode": "",
"Image": "eclipse/mysql",
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"HostIp": "0.0.0.0",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,

分析数据库数据，在该平台邀请用户进群最多的用户的登录 IP 是

SELECT inviter_id, COUNT(*) AS invite_count
FROM app_group_apply
GROUP BY inviter_id
ORDER BY invite_count DESC
LIMIT 1;

分析数据库数据，在该平台抢得最多红包金额的用户的登录 IP 是

SELECT user_id, SUM(money) AS total_amount
FROM app_group_redpacket_member
GROUP BY user_id
ORDER BY total_amount DESC
LIMIT 1;

数据库中记录的提现成功的金额总记是多少（不考虑手续费）

SELECT SUM(amount) AS total_withdrawn_amount
FROM app_user_withdraw
WHERE status = 3;

rocketchat 服务器中，有几个真实用户？

root@debian:~0 tcp 0 tcp 0 tcp 0 tcp 0 tcp 0 tcp 0 tcp 0 tcp 0 tcp 0 tcp6 0 tcp6 0 tcp6 0 root@debian:~# netstat -nlpt
punctuation">(only servers)
Foreign Address State PID/Program name
0 127.0.0.1:587 0.0.0.0:* LISTEN 2448/sendmail: MTA:
0 0.0.0.0:888 0.0.0.0:* LISTEN 1628/nginx: master
0 0.0.0.0:3000 0.0.0.0:* LISTEN 1975/docker-proxy
0 0.0.0.0:80 0.0.0.0:* LISTEN 1628/nginx: master
0 127.0.0.1:25 0.0.0.0:* LISTEN 2448/sendmail: MTA:
0 0.0.0.0:21 0.0.0.0:* LISTEN 1011/pure-ftpd (SER
0 0.0.0.0:22 0.0.0.0:* LISTEN 3335/sshd: /usr/sbi
0 127.0.0.1:8461 0.0.0.0:* LISTEN 866/python3
0 0.0.0.0:14811 0.0.0.0:* LISTEN 1824/python3
0 0.0.0.0:443 0.0.0.0:* LISTEN 1628/nginx: master
0 :::21 :::* LISTEN 1011/pure-ftpd (SER
0 :::22 :::* LISTEN 3335/sshd: /usr/sbi
0 :::3306 :::* LISTEN 1621/mysqld
comment"># docker ps
COMMAND CREATED STATUS PORTS NAMES
/rocket.chat:latest "docker-entrypoint.s…" 7 weeks ago Up 3 hours 0.0.0.0:3000->3000/tcp rocketchat-rocketchat-1
"/opt/bitnami/script…" 7 weeks ago Up 3 hours 27017/tcp rocketchat-mongodb-1