#loading-box .loading-left-bg, #loading-box .loading-right-bg { position: fixed; z-index: 999998; width: 50%; height: 100%; background-color: rgb(81 81 81 / 80%); transition: all 0.7s cubic-bezier(0.42, 0, 0, 1.01); backdrop-filter: blur(10px); } #loading-box .loading-right-bg { right: 0; } #loading-box > .spinner-box { position: fixed; z-index: 999999; display: flex; justify-content: center; align-items: center; width: 100%; height: 100vh; } #loading-box .spinner-box .loading-word { position: absolute; color: #ffffff; font-size: 0.95rem; transform: translateY(64px); text-align: center; } p.loading-title { font-size: 1.25rem; margin: 20px 10px 4px 10px; } #loading-box .spinner-box .configure-core { width: 100%; height: 100%; background-color: #37474f; } div.loaded div.loading-left-bg { transform: translate(-100%, 0); } div.loaded div.loading-right-bg { transform: translate(100%, 0); } div.loaded div.spinner-box { display: none !important; } .loader { position: absolute; top: calc(50% - 32px); left: calc(50% - 32px); width: 64px; height: 64px; border-radius: 50%; perspective: 800px; transition: all 0.7s cubic-bezier(0.42, 0, 0, 1.01); } .inner { position: absolute; box-sizing: border-box; width: 100%; height: 100%; border-radius: 50%; } .inner.one { left: 0%; top: 0%; animation: rotate-one 1s linear infinite; border-bottom: 3px solid #efeffa; } .inner.two { right: 0%; top: 0%; animation: rotate-two 1s linear infinite; border-right: 3px solid #efeffa; } .inner.three { right: 0%; bottom: 0%; animation: rotate-three 1s linear infinite; border-top: 3px solid #efeffa; } @keyframes rotate-one { 0% { transform: rotateX(35deg) rotateY(-45deg) rotateZ(0deg); } 100% { transform: rotateX(35deg) rotateY(-45deg) rotateZ(360deg); } } @keyframes rotate-two { 0% { transform: rotateX(50deg) rotateY(10deg) rotateZ(0deg); } 100% { transform: rotateX(50deg) rotateY(10deg) rotateZ(360deg); } } @keyframes rotate-three { 0% { transform: rotateX(35deg) rotateY(55deg) rotateZ(0deg); } 100% { transform: rotateX(35deg) rotateY(55deg) rotateZ(360deg); }
2024年8月31日
Xss-labs实战(1到10关)
摘要: 1.level1: 通过观察发现可以在url处插入js语句就可以了 2.level2: 输入<script>alert()</script>发现没有反应去查看js源码发现我们的语句被value包裹了 既然如此那我们就想办法先去闭合value 3.level3 使用平常的js语言发现无法注入有可能是对 阅读全文
posted @ 2024-08-31 16:46 生命予夺 阅读(1) 评论(0) 推荐(0)
Sqli-labs(1到18关)
摘要: less-1: 通过id=1'判断他url出存在注点闭合方式为单引号 使用and1=2判断他使用数字注入 通过id=1' order by 4 -- - 判断它可以回显三列 通过id=0' union select 1,2,3 -- -判断只有2,3位可以回显 union select 1,user 阅读全文
posted @ 2024-08-31 15:20 生命予夺 阅读(2) 评论(0) 推荐(0)
Sql盲注脚本
摘要: 布尔盲注: import requests #设置靶场网址 url = "http://192.168.1.190/sqli-labs/Less-8/?id=1' and " #设置请求头信息 headers = { 'User-Agent':'Mozilla/5.0 (Windows NT 10. 阅读全文
posted @ 2024-08-31 14:48 生命予夺 阅读(1) 评论(0) 推荐(0)