1.特色的
© © © 版权标志
|   | 竖线,常用作菜单或导航中的分隔符
· · · 圆点,有时被用来作为菜单分隔符
↑ ↑ 上箭头,常用作网页“返回页面顶部”标识
€ € 欧元标识
² ² ² 上标2,数学中的平方,在数字处理中常用到,例如:1000²
½ ½ ½ 二分之一
♥ ♥ 心型,用来表达你的心
2常用的
      空格
& & & and符号,与
" " 引号
© © © 版权标志
® ® » 注册标志
™ ™ 商标标志
“ “ 左双引号
” ” 右双引号
‘ ‘ 做单引号
’ ’ 右单引号
« « « 左三角双引号
» » » 右三角双引号
‹ ‹ 左三角单引号
› › 右三角单引号
§ § § 章节标志
¶ ¶ 段落标志
• • 列表圆点(大)
· · · 列表圆点(中)
… … 省略号
|   | 竖线
¦ ¦ ¦ 断的竖线
– – 短破折号
— — 长破折号
3.货币类
¤ ¤ ¤ 一般货币符号
$   $ 美元符号
¢ ¢ ¢
£ £ £ 英镑
¥ ¥ ¥ 日元
€ € 欧元
4 数学类
< &lt; &#60; 小于号
> &gt; &#62; 大于号
&le; &#8804; 小于等于号
&ge; &#8805; 大于等于号
× &times; &#215; 乘号
÷ &divide; &#247; 除号
&minus; &#8722; 减号
± &plusmn; &#177; 加/减 号
&ne; &#8800; 不等于号
¹ &sup1; &#185; 上标1
² &sup2; &#178; 上标2
³ &sup3; &#179; 上标3
½ &frac12; &#189; 二分之一
¼ &frac14; &#188; 四分之一
¾ &frac34; &#190; 四分之三
&permil; &#8240; 千分率
° &deg; &#176;
&radic; &#8730; 平方根
&infin; &#8734; 无限大
5.方向类
&larr; &#8592; 左箭头
&uarr; &#8593; 上箭头
&rarr; &#8594; 右箭头
&darr; &#8595; 下箭头
&harr; &#8596; 左右箭头
&crarr; &#8629; 回车箭头
&lceil; &#8968; 左上限
&rceil; &#8969; 右上限
&lfloor; &#8970; 左下限
&rfloor; &#8971; 右下限
其它
&spades; &#9824; 黑桃
&clubs; &#9827; 梅花
&hearts; &#9829; 红桃,心
&diams; &#9830; 方块牌
&loz; &#9674; 菱形
&dagger; &#8224; 匕首
&Dagger; &#8225; 双剑号
¡ &iexcl; &#161; 反向感叹号
¿ &iquest; &#191; 反向问号

网站服务器难免会出现,漏洞被挂马、挂黑链,下面我们就来给各位整理利用find命令来快速找出问题的文件出来。

find wwwroot/* -type f -name “*.php” |xargs grep “eval(” > wwwroot/eval.txt
find wwwroot/* -type f -name “*.php” |xargs grep “udp:” > wwwroot/udp.txt
find wwwroot/* -type f -name “*.php” |xargs grep “tcp:” > wwwroot/tcp.txt
网上流行在用的特征码是:(PS:不过一定有遗留)

后门特征->cha88.cn
后门特征->c99shell
后门特征->phpspy
后门特征->Scanners
后门特征->cmd.php
后门特征->str_rot13
后门特征->webshell
后门特征->EgY_SpIdEr
后门特征->tools88.com
后门特征->SECFORCE
后门特征->eval(“?>

可疑代码特征->system(
可疑代码特征->passthru(
可疑代码特征->shell_exec(
可疑代码特征->exec(
可疑代码特征->popen(
可疑代码特征->proc_open
可疑代码特征->eval($
可疑代码特征->assert($
危险MYSQL代码->returns string soname
危险MYSQL代码->into outfile
危险MYSQL代码->load_file
加密后门特征->eval(gzinflate(
加密后门特征->eval(base64_decode(
加密后门特征->eval(gzuncompress(
加密后门特征->gzuncompress(base64_decode(
加密后门特征->base64_decode(gzuncompress(
一句话后门特征->eval($_
一句话后门特征->assert($_
一句话后门特征->require($_
一句话后门特征->require_once($_
一句话后门特征->include($_
一句话后门特征->include_once($_
一句话后门特征->call_user_func(“assert”
一句话后门特征->call_user_func($_
一句话后门特征->$_POST/GET/REQUEST/COOKIE[?]($_POST/GET/REQUEST/COOKIE[?]
一句话后门特征->echo(file_get_contents($_POST/GET/REQUEST/COOKIE
上传后门特征->file_put_contents($_POST/GET/REQUEST/COOKIE,$_POST/GET/REQUEST/COOKIE
上传后门特征->fputs(fopen(“?”,”w”),$_POST/GET/REQUEST/COOKIE[
.htaccess插马特征->SetHandler application/x-httpd-php
.htaccess插马特征->php_value auto_prepend_file
.htaccess插马特征->php_value auto_append_file

下面收集了大部分文件的扩展名和相应的MIME对应,有需要的可以在列表中找到并添加。

.asx,video/x-ms-asf
.xml,text/xml
.tsv,text/tab-separated-values
.ra,audio/x-pn-realaudio
.sv4crc,application/x-sv4crc
.spc,application/x-pkcs7-certificates
.pmc,application/x-perfmon
.lit,application/x-ms-reader
.crd,application/x-mscardfile
.isp,application/x-internet-signup
.wmlsc,application/vnd.wap.wmlscriptc
.vst,application/vnd.visio
.xlam,application/vnd.ms-excel.addin.macroEnabled.12
.ttf,application/octet-stream
.pfm,application/octet-stream
.csv,application/octet-stream
.aaf,application/octet-stream
.one,application/onenote
.hta,application/hta
.atom,application/atom+xml
.323,text/h323
.mhtml,message/rfc822
.midi,audio/mid
.p7r,application/x-pkcs7-certreqresp
.mny,application/x-msmoney
.clp,application/x-msclip
.vsd,application/vnd.visio
.lpk,application/octet-stream
.bin,application/octet-stream
.onetoc,application/onenote
.x,application/directx
.wvx,video/x-ms-wvx
.vcf,text/x-vcard
.htc,text/x-component
.htt,text/webviewhtml
.h,text/plain
.mht,message/rfc822
.mid,audio/mid
.p7b,application/x-pkcs7-certificates
.gz,application/x-gzip
.dvi,application/x-dvi
.cpio,application/x-cpio
.vdx,application/vnd.ms-visio.viewer
.sldm,application/vnd.ms-powerpoint.slide.macroEnabled.12
.xlm,application/vnd.ms-excel
.fdf,application/vnd.fdf
.setreg,application/set-registration-initiation
.eps,application/postscript
.p7s,application/pkcs7-signature
.toc,application/octet-stream
.mdp,application/octet-stream
.ics,application/octet-stream
.chm,application/octet-stream
.asi,application/octet-stream
.afm,application/octet-stream
.evy,application/envoy
.wmp,video/x-ms-wmp
.qt,video/quicktime
.mpv2,video/mpeg
.xslt,text/xml
.etx,text/x-setext
.cod,image/cis-cod
.snd,audio/basic
.au,audio/basic
.man,application/x-troff-man
.qtl,application/x-quicktimeplayer
.pmw,application/x-perfmon
.class,application/x-java-applet
.iii,application/x-iphone
.csh,application/x-csh
.z,application/x-compress
.vtx,application/vnd.visio
.vsw,application/vnd.visio
.wps,application/vnd.ms-works
.potx,application/vnd.openxmlformats-officedocument.presentationml.template
.ps,application/postscript
.p7c,application/pkcs7-mime
.thn,application/octet-stream
.mso,application/octet-stream
.dot,application/msword
.doc,application/msword
.sgml,text/sgml
.nws,message/rfc822
.pbm,image/x-portable-bitmap
.ief,image/ief
.wav,audio/wav
.texi,application/x-texinfo
.mvb,application/x-msmediaview
.hdf,application/x-hdf
.vsx,application/vnd.visio
.dotm,application/vnd.ms-word.template.macroEnabled.12
.docm,application/vnd.ms-word.document.macroEnabled.12
.pptx,application/vnd.openxmlformats-officedocument.presentationml.presentation
.psm,application/octet-stream
.java,application/octet-stream
.eot,application/octet-stream
.jar,application/java-archive
.mpeg,video/mpeg
.xsf,text/xml
.map,text/plain
.uls,text/iuls
.rf,image/vnd.rn-realflash
.m3u,audio/x-mpegurl
.wma,audio/x-ms-wma
.aifc,audio/aiff
.mdb,application/x-msaccess
.mvc,application/x-miva-compiled
.stl,application/vnd.ms-pki.stl
.ppsx,application/vnd.openxmlformats-officedocument.presentationml.slideshow
.xlsb,application/vnd.ms-excel.sheet.binary.macroEnabled.12
.setpay,application/set-payment-initiation
.prm,application/octet-stream
.mix,application/octet-stream
.lzh,application/octet-stream
.hhk,application/octet-stream
.onepkg,application/onenote
.xaf,x-world/x-vrml
.flr,x-world/x-vrml
.IVF,video/x-ivf
.cnf,text/plain
.asm,text/plain
.tiff,image/tiff
.wax,audio/x-ms-wax
.ms,application/x-troff-ms
.tcl,application/x-tcl
.shar,application/x-shar
.sh,application/x-sh
.nc,application/x-netcdf
.hlp,application/winhlp
.oda,application/oda
.pfb,application/octet-stream
.fla,application/octet-stream
.wm,video/x-ms-wm
.rgb,image/x-rgb
.ppm,image/x-portable-pixmap
.ram,audio/x-pn-realaudio
.sit,application/x-stuffit
.dir,application/x-director
.mpp,application/vnd.ms-project
.xla,application/vnd.ms-excel
.ssm,application/streamingmedia
.axs,application/olescript
.ods,application/oleobject
.psp,application/octet-stream
.jpb,application/octet-stream
.wrz,x-world/x-vrml
.m1v,video/mpeg
.mno,text/xml
.cmx,image/x-cmx
.jpeg,image/jpeg
.dib,image/bmp
.rmi,audio/mid
.aiff,audio/aiff
.wmd,application/x-ms-wmd
.wri,application/x-mswrite
.pub,application/x-mspublisher
.ins,application/x-internet-signup
.wks,application/vnd.ms-works
.xls,application/vnd.ms-excel
.ai,application/postscript
.crl,application/pkix-crl
.qxd,application/octet-stream
.dwp,application/octet-stream
.xof,x-world/x-vrml
.wmv,video/x-ms-wmv
.nsc,video/x-ms-asf
.mpa,video/mpeg
.pnm,image/x-portable-anymap
.rpm,audio/x-pn-realaudio-plugin
.aif,audio/x-aiff
.me,application/x-troff-me
.pml,application/x-perfmon
.trm,application/x-msterminal
.m13,application/x-msmediaview
.js,application/x-javascript
.dxr,application/x-director
.potm,application/vnd.ms-powerpoint.template.macroEnabled.12
.xltx,application/vnd.openxmlformats-officedocument.spreadsheetml.template
.xlt,application/vnd.ms-excel
.xlc,application/vnd.ms-excel
.p10,application/pkcs10
.smi,application/octet-stream
.sea,application/octet-stream
.hqx,application/mac-binhex40
.spl,application/futuresplash
.movie,video/x-sgi-movie
.lsf,video/x-la-asf
.txt,text/plain
.jfif,image/pjpeg
.jpe,image/jpeg
.zip,application/x-zip-compressed
.wmf,application/x-msmetafile
.m14,application/x-msmediaview
.latex,application/x-latex
.wcm,application/vnd.ms-works
.pptm,application/vnd.ms-powerpoint.presentation.macroEnabled.12
.xlsx,application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
.hhp,application/octet-stream
.aca,application/octet-stream
.accdb,application/msaccess
.jcz,application/liquidmotion
.wrl,x-world/x-vrml
.wmx,video/x-ms-wmx
.asr,video/x-ms-asf
.lsx,video/x-la-asf
.xsl,text/xml
.html,text/html
.tif,image/tiff
.der,application/x-x509-ca-cert
.pfx,application/x-pkcs12
.p12,application/x-pkcs12
.ppsm,application/vnd.ms-powerpoint.slideshow.macroEnabled.12
.cur,application/octet-stream
.accdt,application/msaccess
.hdml,text/x-hdml
.htm,text/html
.xbm,image/x-xbitmap
.jpg,image/jpeg
.texinfo,application/x-texinfo
.ppam,application/vnd.ms-powerpoint.addin.macroEnabled.12
.xlw,application/vnd.ms-excel
.rm,application/vnd.rn-realmedia
.pdf,application/pdf
.rar,application/octet-stream
.psd,application/octet-stream
.inf,application/octet-stream
.emz,application/octet-stream
.dsp,application/octet-stream
.onea,application/onenote
.jck,application/liquidmotion
.mpe,video/mpeg
.mp2,video/mpeg
.sct,text/scriptlet
.ras,image/x-cmu-raster
.swf,application/x-shockwave-flash

.FLV,flv-application/octet-stream(站点中的flash没法播放加上这个就行了)
.wmz,application/x-ms-wmz
.gtar,application/x-gtar
.dcr,application/x-director
.sldx,application/vnd.openxmlformats-officedocument.presentationml.slide
.pps,application/vnd.ms-pps
.p7m,application/pkcs7-mime
.xsn,application/octet-stream
.ocx,application/octet-stream
.accde,application/msaccess
.mov,video/quicktime
.wmls,text/vnd.wap.wmlscript
.cpp,text/plain
.c,text/plain
.bas,text/plain
.css,text/css
.art,image/x-jg
.mp3,audio/mpeg
.t,application/x-troff
.roff,application/x-troff
.tar,application/x-tar
.hhc,application/x-oleobject
.scd,application/x-msschedule
.pko,application/vnd.ms-pki.pko
.sst,application/vnd.ms-pki.certstore
.ppt,application/vnd.ms-powerpoint
.xtp,application/octet-stream
.u32,application/octet-stream
.pcx,application/octet-stream
.msi,application/octet-stream
.exe,application/octet-stream
.asd,application/octet-stream
.onetoc2,application/onenote
.fif,application/fractals
.mpg,video/mpeg
.vml,text/xml
.xdr,text/plain
.vcs,text/plain
.hxt,text/html
.eml,message/rfc822
.xpm,image/x-xpixmap
.ico,image/x-icon
.gif,image/gif
.dwf,drawing/x-dwf
.src,application/x-wais-source
.tr,application/x-troff
.pmr,application/x-perfmon
.pma,application/x-perfmon
.dll,application/x-msdownload
.bcpio,application/x-bcpio
.wmlc,application/vnd.wap.wmlc
.wdb,application/vnd.ms-works
.dotx,application/vnd.openxmlformats-officedocument.wordprocessingml.template
.docx,application/vnd.openxmlformats-officedocument.wordprocessingml.document
.pot,application/vnd.ms-powerpoint
.xltm,application/vnd.ms-excel.template.macroEnabled.12
.rtf,application/rtf
.prf,application/pics-rules
.snp,application/octet-stream
.cab,application/octet-stream
.avi,video/x-msvideo
.asf,video/x-ms-asf
.dtd,text/xml
.wml,text/vnd.wap.wml
.vbs,text/vbscript
.rtx,text/richtext
.dlm,text/dlm
.xwd,image/x-xwindowdump
.pgm,image/x-portable-graymap
.bmp,image/bmp
.crt,application/x-x509-ca-cert
.ustar,application/x-ustar
.tex,application/x-tex
.sv4cpio,application/x-sv4cpio
.tgz,application/x-compressed
.cdf,application/x-cdf
.vss,application/vnd.visio
.cat,application/vnd.ms-pki.seccat
.thmx,application/vnd.ms-officetheme
.xlsm,application/vnd.ms-excel.sheet.macroEnabled.12
.prx,application/octet-stream
.pcz,application/octet-stream
.onetmp,application/onenote
.acx,application/internet-property-stream
.wsdl,text/xml
.disco,text/xml
.xsd,text/xml
.wbmp,image/vnd.wap.wbmp
.png,image/png
.pnz,image/png
.smd,audio/x-smd
.smz,audio/x-smd
.smx,audio/x-smd
.mmf,application/x-smaf

Laravel学习 – 轩脉刃 – 博客园

Laravel是个很强大的PHP框架,它剔除了开发中Web开发中比较痛苦的过程,提供了验证(authentication),路由(routing),Session和缓存(caching)等开发过程中常用到的工具或者功能。

Laravel的配置都存放在app/config中。

Laravel学习 – 轩脉刃 – 博客园

里面所有的*.php都按照return的形式返回数据,那么就可以使用Config::get(“key”)来获取配置。使用Config::set(“key”, “value”) 来赋值配置项

要想使用不同的环境配置,就需要在config下创建对应配置的文件夹。然后它会覆盖对应的配置项。

获取当前的环境是使用App::environment(),判断当前环境是什么是使用:App::environment(“local”)

providers是用来配置对应的服务的,比如:

Laravel学习 – 轩脉刃 – 博客园

Laravel的请求周期:

1 请求先从public/index.php中进入

2 bootstrap/start.php文件创建app并检测环境

3 内部的 /Illuminate/Foundation/start.php文件配置相关设置并加载服务器

4 加载app/start目录下的文件

5 加载app/routes.php的路由设置

6 request通过controller等转化为response

7 返回response

路由配置:

配置的格式是:

Route::get(‘foo/bar’, funciton(){return ‘Hello World';})

路由参数是可以有下面几种的:

Image(34)

可选路由参数:

Image(35)

带有默认的可选的路由参数:

Image(36)

用正则表达式限定的路由参数:

Image(37)

传递参数限定的数组:

Image(38)

定义全局模式:

Image(39)

不同的参数定位到不同的路由:

Image(40)

好,现在有个问题是某些路由必须要登录或者验证才能访问怎么办?这里就使用到了路由过滤器这个东西。

比如下面这个例子,当年龄小于200的时候就跳转到主页:

Image(41)

Request中的操作:

获取用户提交的值:Input::get(‘name’);

获取用户提交的值并指定默认值:Input::get(‘name’, ‘Sally’);

用户提交的信息是否存在:Input::has(‘name’)

获取所有用户提交的信息:Input::all()

获取其中几项指定的信息:Input::only(‘username’, ‘password’);

获取除几项之外的提交信息:Input::except(‘card’);

访问用户提交的数组:Input::get(‘products.0.name’);

cookie操作:

获取Cookie中的值:Cookie::get(‘name’)

添加一个Cookie:

$response = Response::make(‘Hello World’);

response>withCookie(Cookie::make( name , value , minutes));

如果想在Response之前设置Cookie,使用Cookie::queue()

Cookie::queue(name, value, $minute);

Session操作:

存储一个变量:Session::put(‘key’, ‘value’);

读取一个变量:Session::get(‘key’);

读取一个变量或者返回默认值:Session::get(‘key’, ‘default’);

检查一个变量是否存在:Sesssion::has(‘key’);

删除一个变量:Session::forget(‘key’);

删除所有Session变量:Session::flush();

文件上传操作:

获取用户上传文件:$file = Input::file(‘photo’);

判断是否有上传这个文件:Input::hasFile(‘photo’);

移动上传的文件:

Input::file(‘photo’)->move($destinationPath);

Input::file(‘photo’)->move(destinationPath, fileName);

获取上传文件大小:

Input::file(‘photo’)->getSize();

获取上传文件类型:

Input::file(‘photo’)->getMimeType();

获取用户请求路径:Request::path();

获取用户请求URL:Request::url();

获取Header中的信息:Request::header(‘Content-Type’);

获取SERVER中的信息:Request::server(‘PATH_INFO’);

重定向:

重定向: return Redirect::to(‘user/login’);

有参数的重定向: return Redirect::to(‘user/login’)->with(‘message’, ‘Login Failed’);

重定向到路由:return Redirect::route(‘profile’, array(‘user’ => 1));

返回重定向到Action:return Redirect::action(‘UserController@profile’, array(‘user’ => 1));

视图层:

传递数据给视图:$view = View::make(‘greeting’)->with(‘name’, ‘Steve’);

将一个视图传递给另一个视图:$view = View::make(‘greeting’)->nest(‘child’, ‘child.view’);

返回json:return Response::json(array(‘name’ => ‘Steve’, ‘state’ => ‘CA’));

返回jsonp:return Response::json(array(‘name’ => ‘Steve’, ‘state’ => ‘CA’))->setCallback(Input::get(‘callback’));

返回下载文件:

return Response::download($pathToFile);

return Response::download(pathToFile, status, $headers);

一个基本的控制器:

Image(42)

路由就长这样:

Image(43)

默认中,app/start/global.php文件中包含了一个处理所有异常的处理器。

Image(44)

监听fatal error,可以使用App::fatal方法。

日志操作:

Log::info

Log::warning

Log::error