index.xml

<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>moranmore's site</title><link>https://expanse.rsvp/</link><description>Recent content on moranmore's site</description><generator>Hugo -- gohugo.io</generator><language>en</language><lastBuildDate>Wed, 06 Mar 2024 16:44:32 +0800</lastBuildDate><atom:link href="https://expanse.rsvp/index.xml" rel="self" type="application/rss+xml"/><item><title>AES及几种加密模式</title><link>https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/</link><pubDate>Wed, 06 Mar 2024 16:44:32 +0800</pubDate><guid>https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/</guid><description>&lt;h1 id="前言">前言&lt;/h1>
&lt;p>本文仅针对AES加密的模式简单总结，不涉及过多数学原理知识。&lt;/p>
&lt;h1 id="aes加密解密">AES加密解密&lt;/h1>
&lt;p>AES是一种对称加密方案，需要密钥与密文完成加密与解密（加密与解密采用相同的密钥），在采取不同的加密模式的时候，需要加入初始化向量（iv）。&lt;/p>
&lt;p>AES采取的是块加密的方式，将明文按照16个字节一组，加密后输出16个字节长度的密文块。&lt;/p>
&lt;p>想要熟练的明白AES的加密流程，最好的方式就是动手实现一边AES的加密流程。Cryptohack的对称加密教程中，提供了这个训练，如果能在不借助其他工具的情况下，手动完成AES的解密模块，有助于理解AES的解密与加密的关系。&lt;/p>
&lt;h2 id="加密流程">加密流程&lt;/h2>
&lt;p>AES的加密流程中有几个定义需要简单了解，分别是Subbytes、ShiftRows、Columns、Add Round key。&lt;/p>
&lt;p>在后面的几种加密模式和针对加密模式的攻击中，大多数没有涉及到过于底层的原理，大多数与代码的设计缺陷有关系。&lt;/p>
&lt;p>在根据CryptoHack课程中，解密是从图片下到上解密的，小方格中的也是从下到上面的流程。如果检查过后还是无法解密，可以按照搜索的视频进行检查。&lt;/p>
&lt;h1 id="加密模式">加密模式&lt;/h1>
&lt;p>AES的几种常见加密方案&lt;/p>
&lt;h2 id="ecb">ECB&lt;/h2>
&lt;p>ECB（电子密码本）模式，使用密钥对分块的明文加密，不需要初始化向量。&lt;/p>
&lt;p>Oracle，英文指的是预言、神谕的意思，CTF中一般指的是可以通过与服务器交互的情况获取一定量信息解题的情况。&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/ECB_encryption.svg"
loading="lazy"
alt="ECB加密"
>&lt;/p>
&lt;p>解密过程&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/ECB_decryption.svg"
loading="lazy"
alt="ECB解密"
>&lt;/p>
&lt;p>ECB的一个重要特征是当明文块相同的情况下密文也是相同的（密钥不变），使用16字节的密钥加密16字节的明文。&lt;/p>
&lt;p>举例如下 ：&lt;/p>
&lt;p>加密&lt;code>AAAABBBBCCCCDDDD&lt;/code>与&lt;code>AAAABBBBCCCCDDDD&lt;/code>的密文是相同的，如果改变最后一个字母，服务端返回的结果会发生变化，而且不只是一个字节发生变化，而是整个加密的块会发生很大的变化。&lt;/p>
&lt;h3 id="场景">场景&lt;/h3>
&lt;p>Oracle情况下，可以通过枚举的方式来获取明文&lt;/p>
&lt;p>服务端可以运行加密程序，返回的是加密之后的密文（发送的明文+加密的明文，CTF中可能是选手发送的一段明文+加密的flag），不会给出密钥。&lt;/p>
&lt;p>下文中出现了两种块，“构造块”是指的用于查询的块，长度是单位块长的n倍，是16*n字节，加密的块一般指的是16个字节的单位长度。&lt;/p>
&lt;p>构造两个相邻的块，第一个块可以是全部相同的字符，第二个块的长度比第一个块缺少一个字符。经过构造，返回的第二个密文块的最后一个字符就是flag的第一个加密字符。&lt;/p>
&lt;p>可以通过发送&lt;code>AAAAAAAAAAAAAAAA&lt;/code>（16个A）作为第一个块，第二个块&lt;code>AAAAAAAAAAAAAAA&lt;/code>（15个A）作为第二个块，加密之后，flag的第一个字符会补充到第二个加密块的最后一个位置上，就会变成如下的形式&lt;code>AAAAAAAAAAAAAAAA&lt;/code>与&lt;code>AAAAAAAAAAAAAAAc&lt;/code>加密之后的密文，通过反复改变第一个块最后一个位置的字符，直到第一个块的密文和第二个块密文相同的时候，第一个块的最后一个字符就是flag的第一个字符。&lt;/p>
&lt;p>构造块的长度需要满足密文所占用块的长度，当密文占用两个块，构造的块占用两个单位块长度（32bytes）。&lt;/p>
&lt;p>具体步骤如下：&lt;/p>
&lt;p>1，判断明文（flag）长度，如果明文的长度不超过一个字节，两个块的长度都是16字节，依次类推，构造的块长度总是16字节的2n倍（n是明文占用的块长，可以用&lt;code>n=len(m)//16+1&lt;/code>来计算）。&lt;/p>
&lt;p>2，与服务器进行交互，当满足每两个块的密文相同的时候，去掉每个块第一个字符，将最后一个字符（枚举成功的字符）加入到结果中。枚举的明文空间可以用&lt;code>string&lt;/code>库中的&lt;code>string.printable&lt;/code>，&lt;code>table = string.printable[:-5]&lt;/code>去掉了换行符、制表符等字符（flag一般不会采用的字符）。&lt;/p>
&lt;p>3，直到有明文特征的情况出现时，完成枚举明文（比如&lt;code>}&lt;/code>字符出现的时候）。&lt;/p>
&lt;h3 id="script">script&lt;/h3>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;span class="lnt">18
&lt;/span>&lt;span class="lnt">19
&lt;/span>&lt;span class="lnt">20
&lt;/span>&lt;span class="lnt">21
&lt;/span>&lt;span class="lnt">22
&lt;/span>&lt;span class="lnt">23
&lt;/span>&lt;span class="lnt">24
&lt;/span>&lt;span class="lnt">25
&lt;/span>&lt;span class="lnt">26
&lt;/span>&lt;span class="lnt">27
&lt;/span>&lt;span class="lnt">28
&lt;/span>&lt;span class="lnt">29
&lt;/span>&lt;span class="lnt">30
&lt;/span>&lt;span class="lnt">31
&lt;/span>&lt;span class="lnt">32
&lt;/span>&lt;span class="lnt">33
&lt;/span>&lt;span class="lnt">34
&lt;/span>&lt;span class="lnt">35
&lt;/span>&lt;span class="lnt">36
&lt;/span>&lt;span class="lnt">37
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="kn">import&lt;/span> &lt;span class="nn">string&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="kn">import&lt;/span> &lt;span class="nn">requests&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">def&lt;/span> &lt;span class="nf">bruteSingle&lt;/span>&lt;span class="p">():&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">lenth&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="mi">32&lt;/span> &lt;span class="c1"># lenth = len(flag)//16 +1&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">listToString&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">x&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="s1">&amp;#39;&amp;#39;&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">join&lt;/span>&lt;span class="p">([&lt;/span>&lt;span class="nb">hex&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">ord&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">]))[&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">:]&lt;/span> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">))])&lt;/span> &lt;span class="c1"># 匿名函数用于转换格式&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">reponse&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">x&lt;/span>&lt;span class="p">:&lt;/span> &lt;span class="n">requests&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">get&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">url&lt;/span>&lt;span class="o">=&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">text&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">splitCiphertext&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">x&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">split&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;&amp;#34;:&amp;#34;&amp;#39;&lt;/span>&lt;span class="p">)[&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">][:&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">splitString&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">x&lt;/span>&lt;span class="p">:&lt;/span> &lt;span class="p">[&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="o">+&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">]&lt;/span> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">0&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">),&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">)]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">table&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">string&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">printable&lt;/span>&lt;span class="p">[:&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">5&lt;/span>&lt;span class="p">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">table&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="nb">list&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">table&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">table&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block1&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="p">[&lt;/span>&lt;span class="s1">&amp;#39;a&amp;#39;&lt;/span> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">lenth&lt;/span>&lt;span class="p">)]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block2&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">block1&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">copy&lt;/span>&lt;span class="p">()[:&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">]&lt;/span> &lt;span class="c1"># 复制块1，并且让块2的长度小于块1，python的数组可以通过.copy() 进行复制，否则会直接在原数组上修改&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">url&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="p">[&lt;/span>&lt;span class="n">flag&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="n">query&lt;/span> &lt;span class="n">url&lt;/span>&lt;span class="p">]&lt;/span> &lt;span class="c1"># 题目交互url&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">flag&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="p">[]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">while&lt;/span> &lt;span class="s1">&amp;#39;}&amp;#39;&lt;/span> &lt;span class="ow">not&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="n">flag&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">0&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">table&lt;/span>&lt;span class="p">)):&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block1&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">]&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">table&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">block1&lt;/span> &lt;span class="o">+&lt;/span> &lt;span class="n">block2&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">sendBlock&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">listToString&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">block&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">query&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">url&lt;/span> &lt;span class="o">+&lt;/span> &lt;span class="n">sendBlock&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">tmpResult&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">reponse&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">query&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">tmp&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">splitCiphertext&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">tmpResult&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">tmp&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">splitString&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">tmp&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">if&lt;/span> &lt;span class="n">tmp&lt;/span>&lt;span class="p">[:&lt;/span>&lt;span class="mi">31&lt;/span>&lt;span class="p">]&lt;/span>&lt;span class="o">==&lt;/span>&lt;span class="n">tmp&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="mi">63&lt;/span>&lt;span class="p">]:&lt;/span> &lt;span class="c1"># 判断第一个块与第二个块是否完全相同，这里的索引需要根据lenth更改&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">flag&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">append&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">block1&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">])&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block1&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">block1&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">copy&lt;/span>&lt;span class="p">()[&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">:]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block1&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">append&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;&amp;#39;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">if&lt;/span> &lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">block2&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">!=&lt;/span>&lt;span class="mi">0&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">block2&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">pop&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="sa">f&lt;/span>&lt;span class="s1">&amp;#39;New block1:&lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">block1&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s1">&amp;#39;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">break&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">block&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">res&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s1">&amp;#39;&amp;#39;&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">join&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">flag&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="sa">f&lt;/span>&lt;span class="s1">&amp;#39;FLAG:&lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">res&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s1">&amp;#39;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;&amp;#39;&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">join&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">flag&lt;/span>&lt;span class="p">))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">bruteSingle&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="cbc">CBC&lt;/h2>
&lt;p>CBC（密码分组链接模式）模式，加入了初始化向量（一个16bytes的字符串），在对第一个明文块加密的时候，先将明文与IV异或运算，再用密钥将异或的结果进行加密，得到第一个块的密文，第一个块的密文同时将与第二个明文块异或，依次进行，直到加密完成。&lt;/p>
&lt;p>解密是加密的逆过程，对于第一个密文快，先用密钥解密密文，再把解密之后的信息与向量异或，得到第一个明文块，再利用第一个密文块与用密钥解密第二个密文块的信息进行异或，得到第二个明文块，直到解密全部结束。&lt;/p>
&lt;p>加密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/CBC_encryption.svg"
loading="lazy"
alt="CBC解密过程"
>&lt;/p>
&lt;p>解密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/CBC_decryption.svg"
loading="lazy"
alt="CBC解密过程"
>&lt;/p>
&lt;p>在CBC的加密与解密过程中，存在一个类似中间变量的信息，如加密过程中，明文与向量异或后的结果，作为块加密的输入，可以看作新的的明文。在解密过程中，可以发现，这个过程被逆向进行，由密文被解密之后的信息，实际上可以与向量异或，得到明文。这带来了两个可以观察出来的结论，第一个就是加密解密过程中参与异或运算得到的信息才是参与加密解密的主体，第二个就是在加密与解密过程中，这个异或的结果是不容易被改变的。这两个特征更有利于后面的攻击利用的思考（攻击的过程可改变的变量可以被限制在一定的变量范围内）。&lt;/p>
&lt;h3 id="场景-1">场景&lt;/h3>
&lt;p>伪造cookie登录验证&lt;/p>
&lt;p>在需要登录验证的情况下，如当下发cookie的明文为：&lt;code>admin=False=expire{xxxxx}&lt;/code>的格式，同时向量可以自行输入的情况下，伪造向量，使得向量与中加密的中间变量异或之后得到的明文中含有&lt;code>admin=True&lt;/code>就能完成登录。&lt;/p>
&lt;h3 id="script-1">script&lt;/h3>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;span class="lnt">18
&lt;/span>&lt;span class="lnt">19
&lt;/span>&lt;span class="lnt">20
&lt;/span>&lt;span class="lnt">21
&lt;/span>&lt;span class="lnt">22
&lt;/span>&lt;span class="lnt">23
&lt;/span>&lt;span class="lnt">24
&lt;/span>&lt;span class="lnt">25
&lt;/span>&lt;span class="lnt">26
&lt;/span>&lt;span class="lnt">27
&lt;/span>&lt;span class="lnt">28
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="k">def&lt;/span> &lt;span class="nf">get_cookie&lt;/span>&lt;span class="p">():&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">expires_at&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="p">(&lt;/span>&lt;span class="n">datetime&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">today&lt;/span>&lt;span class="p">()&lt;/span> &lt;span class="o">+&lt;/span> &lt;span class="n">timedelta&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">days&lt;/span>&lt;span class="o">=&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">))&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">timestamp&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">cookie&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="sa">f&lt;/span>&lt;span class="s2">&amp;#34;admin=False;expiry=&lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">expires_at&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s2">&amp;#34;&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">encode&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">cookie&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="c1"># iv = os.urandom(16)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;iv&amp;#39;&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">iv&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">hex&lt;/span>&lt;span class="p">())&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">padded&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">pad&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">cookie&lt;/span>&lt;span class="p">,&lt;/span> &lt;span class="mi">16&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">cipher&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">AES&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">new&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">KEY&lt;/span>&lt;span class="p">,&lt;/span> &lt;span class="n">AES&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">MODE_CBC&lt;/span>&lt;span class="p">,&lt;/span> &lt;span class="n">iv&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">encrypted&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">cipher&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">encrypt&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">padded&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">ciphertext&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">iv&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">hex&lt;/span>&lt;span class="p">()&lt;/span> &lt;span class="o">+&lt;/span> &lt;span class="n">encrypted&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">hex&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;ciphertext&amp;#39;&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">ciphertext&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">return&lt;/span> &lt;span class="n">ciphertext&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># Proof&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 伪造iv&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">Crypto.Util.number&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="o">*&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># {&amp;#34;cookie&amp;#34;:&amp;#34;89d93137d13043d9ee4efaf75c2ca9a0a0f37efb466cf36ec9cf5b5a86741ff2a7af80f5f4b652c442dfb633bb5d18cb&amp;#34;}&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">cookie&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s2">&amp;#34;d70005d58d2b81fa136d724eb00c240affd6d12e7e1e00e7235fea77f027e07e003ddfce55fd1e8fd2450759f3823917&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># cookie = get_cookie()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">initiv&lt;/span>&lt;span class="o">=&lt;/span>&lt;span class="n">cookie&lt;/span>&lt;span class="p">[:&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">cookie&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">:])&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># initiv = &amp;#39;25120708a0d45e54dde66e4a50032340&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">old&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="sa">b&lt;/span>&lt;span class="s1">&amp;#39;admin=False;expi&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">realenc&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">bytes_to_long&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">old&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">^&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">initiv&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="mi">16&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">fak&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="sa">b&lt;/span>&lt;span class="s1">&amp;#39;admin=True;eexpi&amp;#39;&lt;/span> &lt;span class="c1">#　构造虚假向量的时候需要注意split函数分割后的结果需要完全匹配，构造成b&amp;#39;admin=Truee;expi&amp;#39;分割后的第一部分为&amp;#39;admin=Truee&amp;#39;，不符合规则&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">fakeiv&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">bytes_to_long&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">fak&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">^&lt;/span>&lt;span class="n">realenc&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">hex&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">fakeiv&lt;/span>&lt;span class="p">)[&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">:])&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># print(check_admin(cookie[32:], hex(fakeiv)[2:]))&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="ctr">CTR&lt;/h2>
&lt;p>Nonce的变化模式，当Nonce没有变化的情况下，iv经过密钥加密之后的密文不变，从而使得整个加密相当于用iv与明文进行异或，补充iv到与密文相同长度，找到十六进制再异或就行。CTR模式没有类似CBC模式的密文之间的联系，所以可以采取并行的方式进行解密。&lt;/p>
&lt;p>加密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/CTR_encryption_2.svg"
loading="lazy"
alt="CTR_encryption"
>&lt;/p>
&lt;p>解密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/CTR_decryption_2.svg"
loading="lazy"
alt="CTR_decryption"
>&lt;/p>
&lt;h3 id="场景-2">场景&lt;/h3>
&lt;p>图片以hex格式进行加密，按照加密解密的说明进行解密就行，需要注意的是如果win下无法打开，可以在文件管理器另存为的时候看到缩略图。&lt;/p>
&lt;h3 id="script-2">script&lt;/h3>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="n">enciv&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">long_to_bytes&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">headerOfPNG&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="mi">16&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">^&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">[:&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">],&lt;/span>&lt;span class="mi">16&lt;/span>&lt;span class="p">))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">enciv&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">hex&lt;/span>&lt;span class="p">())&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">key&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s1">&amp;#39;e3f227f06fd15d34d58b897cabdef07b&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># hexXor = lambda x,y:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">//&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">paddingHex&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">aim&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="o">*&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">aim&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">//&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">+&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">aim&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">%&lt;/span>&lt;span class="mi">32&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">*&lt;/span>&lt;span class="s1">&amp;#39;00&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">hexToList&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">x&lt;/span>&lt;span class="p">:[&lt;/span>&lt;span class="nb">str&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">)[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="o">+&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">]&lt;/span> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">0&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">x&lt;/span>&lt;span class="p">),&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">)]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">hexListXor&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="k">lambda&lt;/span> &lt;span class="n">a&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">b&lt;/span>&lt;span class="p">:[&lt;/span>&lt;span class="nb">hex&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">],&lt;/span>&lt;span class="mi">16&lt;/span>&lt;span class="p">)&lt;/span>&lt;span class="o">^&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">b&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="n">i&lt;/span>&lt;span class="p">],&lt;/span>&lt;span class="mi">16&lt;/span>&lt;span class="p">))[&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">:]&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">zfill&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">2&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="k">for&lt;/span> &lt;span class="n">i&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">))]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">hexListXor&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">hexToList&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">),&lt;/span>&lt;span class="n">hexToList&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">paddingHex&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="p">))))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">flag&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s1">&amp;#39;&amp;#39;&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">join&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">hexListXor&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">hexToList&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">),&lt;/span>&lt;span class="n">hexToList&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">paddingHex&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="p">))))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">with&lt;/span> &lt;span class="nb">open&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s1">&amp;#39;flag.txt&amp;#39;&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="s1">&amp;#39;w&amp;#39;&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="k">as&lt;/span> &lt;span class="n">f&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">f&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">write&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">flag&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">f&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">close&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 以十六进制的图片，使用010editor的paste from hex进行存储为png格式即可，可使用缩略图查看&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>⚠：这里的图片无法正常打开，所以用的是缩略图， 以后有时间补充这部分。&lt;/p>
&lt;h2 id="ofb">OFB&lt;/h2>
&lt;p>OFB（输出反馈模式）模式是使用密钥加密初始化向量，将这个结果反复作为下一个块的初始向量，同时这个结果与对应块的明文进行异或获得对应的密文。解密过程为逆过程。&lt;/p>
&lt;p>加密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/OFB_encryption.svg"
loading="lazy"
alt="OFB加密"
>&lt;/p>
&lt;p>解密过程：&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/aes%E5%8F%8A%E5%87%A0%E7%A7%8D%E5%8A%A0%E5%AF%86%E6%A8%A1%E5%BC%8F/OFB_decryption.svg"
loading="lazy"
alt="OFB解密"
>&lt;/p>
&lt;h3 id="场景-3">场景&lt;/h3>
&lt;p>虽然无法得知密钥，但是由于加密最后一步是异或，只要可以构造中间变量，就能通过异或获取明文，将原始用于加密的向量作为第二次加密的向量，将密文作为第二次加密的明文，第二次加密的结果就是明文。&lt;/p>
&lt;h3 id="script-3">script&lt;/h3>
&lt;h1 id="参考">参考&lt;/h1>
&lt;p>AES加密过程：https://www.youtube.com/watch?v=gP4PqVGudtg&lt;/p>
&lt;p>CryptoHack symmetric：https://cryptohack.org/courses/symmetric/course_details/&lt;/p>
&lt;p>维基百科：https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation&lt;/p></description></item><item><title>Headscale与tailscale简单使用体验</title><link>https://expanse.rsvp/p/headscale%E4%B8%8Etailscale%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8%E4%BD%93%E9%AA%8C/</link><pubDate>Sat, 30 Dec 2023 11:04:46 +0800</pubDate><guid>https://expanse.rsvp/p/headscale%E4%B8%8Etailscale%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8%E4%BD%93%E9%AA%8C/</guid><description>&lt;h1 id="前言">前言&lt;/h1>
&lt;p>通过Headscale和tailscale可以实现远程组建局域网，远程访问家中资源的目的。&lt;/p>
&lt;p>或者在A地访问B地资源较慢的时候，可以通过Headscale+tailscale组件局域网，加速访问资源。&lt;/p>
&lt;p>Or可以让多台设备加入一个公网VPS，让不同地点的用户访问对方的本地资源等。&lt;/p>
&lt;h1 id="准备">准备&lt;/h1>
&lt;p>1，准备一个具有公网ip的vps，一个主机（个人设备，用于接入VPS搭建的局域网中）。&lt;/p>
&lt;p>2，在vps上安装headscale，在主机上安装tailscale。&lt;/p>
&lt;h1 id="安装headscale">安装Headscale&lt;/h1>
&lt;p>按照官网的方式进行安装：https://headscale.net/running-headscale-linux/#installation&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 更新&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo apt update
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo apt upgrade
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 下载安装包，注意修改flag里面的标志，这里的版本时根据repo中的最新版本修改&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">wget --output-document&lt;span class="o">=&lt;/span>headscale.deb https://github.com/juanfont/headscale/releases/download/v0.22.3/&lt;span class="o">[&lt;/span>flag:headscale_0.xx.xx_linux_amd64.deb&lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 安装deb包&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo dpkg --install headscale.deb
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">systemctl daemon-reload &lt;span class="c1"># 重新载入配置文件&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">systemctl &lt;span class="nb">enable&lt;/span> --now headscale &lt;span class="c1"># 开机自动启动&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl &lt;span class="nb">enable&lt;/span> headscale
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl start headscale
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>修改配置文件内容&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 编辑配置文件&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">vim /etc/headscale/config.yaml
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 修改以下内容&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">server_url:http://&lt;span class="o">[&lt;/span>flag:your vps public ip address&lt;span class="o">]&lt;/span>:8080
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">listen_url:0.0.0.0:8080
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 新建命名空间&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale users create &lt;span class="o">[&lt;/span>flag:namespace&lt;span class="o">]&lt;/span> &lt;span class="c1"># 最后参数为命名空间的名字&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>一些安装信息&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 数据库安装位置&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">/var/lib/headscale/db.sqlite
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 如果配置文件出错，重新下载配置文件&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">wget https://github.com/juanfont/headscale/raw/main/config-example.yaml -O /etc/headscale/config.yaml　　
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 如果报错，可能需要修改配置文件中的&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">unix_socket: /var/lib/headscale/headscale.sock
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="安装tailscale">安装Tailscale&lt;/h1>
&lt;p>如果想要实现在VPS上搭建局域网用于多用户实现访问某个资源的ip看起来是一样的，需要在VPS上安装Headscale和Tailscale，即同时作为服务端和一个节点。&lt;/p>
&lt;h2 id="linux">Linux&lt;/h2>
&lt;p>下载客户端：https://tailscale.com/kb/1039/install-ubuntu-2004/&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/focal.noarmor.gpg &lt;span class="p">|&lt;/span> sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg &amp;gt;/dev/null
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/focal.tailscale-keyring.list &lt;span class="p">|&lt;/span> sudo tee /etc/apt/sources.list.d/tailscale.list
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo apt-get update
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo apt-get install tailscale
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>如果无法直接弹出注册的token就按照提示命令，直到弹出nodekey&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 等号后面的是安装headscale的主机，默认端口8080 回显会有..... nodekey:...&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">tailscale up --login-server&lt;span class="o">=&lt;/span>http://&lt;span class="o">[&lt;/span>flag: your vps public ip address&lt;span class="o">]&lt;/span>:8080
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 接受注册 把nodekey按照下面的格式在安装了headscale的主机上运行bash&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale --user &lt;span class="o">[&lt;/span>flag:name of registed user&lt;span class="o">]&lt;/span> nodes register --key nodekey:xxxxx
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="windows">Windows&lt;/h2>
&lt;p>访问&lt;code>http://[flag: your vps public ip address]:8080/windows&lt;/code>按照步骤，添加注册表，输入命令，在VPS注册节点。&lt;/p>
&lt;h1 id="外部节点exit-node">外部节点（Exit node）&lt;/h1>
&lt;p>&lt;a class="link" href="https://tailscale.com/kb/1103/exit-nodes/" target="_blank" rel="noopener"
>添加外部节点&lt;/a>&lt;/p>
&lt;p>将部署有headscale的机器作为外部节点，也就是将vps本机加入node的方式，实现通过外部节点访问互联网的目的（比如从局域网）。&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">sudo tailscale &lt;span class="nb">set&lt;/span> --exit-node &lt;span class="o">[&lt;/span>flag: VPS hostname&lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">tailscale up --advertise-exit-node --login-server&lt;span class="o">=&lt;/span>http://&lt;span class="o">[&lt;/span>flag: your vps public ip address&lt;span class="o">]&lt;/span>:8080
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo tailscale up --advertise-exit-node
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="c1"># 运行完上面的命令之后，在vps上查看路由&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale routes list
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="c1"># 开启路由：标志位是上面命令现实出来的第一列参数：ID，在一个外部节点的情况下直接enable前两个路由&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> headscale routes &lt;span class="nb">enable&lt;/span> -r &lt;span class="o">[&lt;/span>flag&lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">sudo tailscale &lt;span class="nb">set&lt;/span> --exit-node 外部节点名称
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>删除节点&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">headscale node delete -i
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>如果需要将Windows机器作为内网转发的机器，需要设置Windows的转发规则，并login到server。&lt;/p>
&lt;h1 id="更改节点">更改节点&lt;/h1>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 删除节点&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale nodes delete &lt;span class="o">[&lt;/span>flags&lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># x 这里指代的是第一列标志的ID序号&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale nodes delete -i x
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 启动路由&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale node route &lt;span class="nb">enable&lt;/span> -a -i
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="启动代理">启动代理&lt;/h1>
&lt;p>访问外部网络的主机上（这里是linux），如在局域网 使用exit node：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl"> sudo tailscale &lt;span class="nb">set&lt;/span> --exit-node &lt;span class="o">[&lt;/span>flag: &lt;span class="nb">exit&lt;/span> node &lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="切换服务端">切换服务端&lt;/h1>
&lt;p>windows平台先修改注册表，然后访问新的注册网址。&lt;/p>
&lt;p>访问新的内网ip对应端口的windows，:&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">http://[flag: your vps public ip address]:8080/windows
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>将&lt;code>HKLM\Software\Tailscale IPN&lt;/code> 的值改为新的ip地址的值,重新用注册机器的方式注册一遍。&lt;/p>
&lt;h1 id="headscale常用状态检测命令">Headscale常用状态检测命令&lt;/h1>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 查看所有命名空间&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale namespace list
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 列出所有节点信息&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">headscale node list
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 查看部署日志&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">journalctl -u headscale
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 查看运行状态&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">systemctl status headscale
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 重启服务&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">service headscale restart
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="参考文章">参考文章&lt;/h1>
&lt;p>&lt;a class="link" href="https://headscale.net/" target="_blank" rel="noopener"
>https://headscale.net/&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://github.com/juanfont/headscale" target="_blank" rel="noopener"
>https://github.com/juanfont/headscale&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://icloudnative.io/posts/how-to-set-up-or-migrate-headscale" target="_blank" rel="noopener"
>https://icloudnative.io/posts/how-to-set-up-or-migrate-headscale&lt;/a>&lt;/p></description></item><item><title>使用Docker搭建简单静态网站</title><link>https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/</link><pubDate>Sun, 24 Dec 2023 23:18:59 +0800</pubDate><guid>https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/</guid><description>&lt;h1 id="前言">前言&lt;/h1>
&lt;p>使用Docker+Cloudflare可以在自己的VPS服务器上搭建简易的静态网站。&lt;/p>
&lt;p>采用的镜像为nginx镜像，同时在主机用nginx反向代理实现转发功能，使得输入域名就能访问相应的容器端口。&lt;/p>
&lt;p>简单的说，可以通过反向代理，实现在输入不同的域名来访问主机的80端口时，将请求转发到其他的自定义端口，更容易部署和修改网站的服务。同时使用Cloudflare将解析指向自己的VPS，隐藏VPS真实IP。&lt;/p>
&lt;p>对于原理没有特别多的解释，但是按照步骤来能实现稳定的访问。&lt;/p>
&lt;p>在VPS上使用docker搭建简单静态网站并使用cloudflare&lt;/p>
&lt;h1 id="dockerfile">Dockerfile&lt;/h1>
&lt;p>静态网站只有一个主页，直接copy到html目录下就行（半年以内用docker-compose搭建复杂一点的网站）&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-dockerfile" data-lang="dockerfile">&lt;span class="line">&lt;span class="cl">&lt;span class="k">FROM&lt;/span>&lt;span class="s"> nginx:latest&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">COPY&lt;/span> index.html /usr/share/nginx/html/index.html&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">EXPOSE&lt;/span>&lt;span class="s"> 80&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">CMD&lt;/span> &lt;span class="p">[&lt;/span>&lt;span class="s2">&amp;#34;nginx&amp;#34;&lt;/span>&lt;span class="p">,&lt;/span> &lt;span class="s2">&amp;#34;-g&amp;#34;&lt;/span>&lt;span class="p">,&lt;/span> &lt;span class="s2">&amp;#34;daemon off;&amp;#34;&lt;/span>&lt;span class="p">]&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="cloudflare">Cloudflare&lt;/h1>
&lt;h2 id="dns设置">DNS设置&lt;/h2>
&lt;p>Websites添加购买的域名&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-domain-1703431646656-1.png"
width="2093"
height="248"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-domain-1703431646656-1_hu36bdc73d61086d49c631fa2ed23cef3c_42051_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-domain-1703431646656-1_hu36bdc73d61086d49c631fa2ed23cef3c_42051_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="Websites选项卡"
class="gallery-image"
data-flex-grow="843"
data-flex-basis="2025px"
>&lt;/p>
&lt;p>Add a site&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/Add-a-site-1703431646658-2.png"
width="1339"
height="422"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/Add-a-site-1703431646658-2_hu8f873858be2c9db38dfb7acd007ec098_34235_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/Add-a-site-1703431646658-2_hu8f873858be2c9db38dfb7acd007ec098_34235_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="Add a site"
class="gallery-image"
data-flex-grow="317"
data-flex-basis="761px"
>&lt;/p>
&lt;p>在输入框中输入域名&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/free-plan-1703431646658-3.png"
width="1138"
height="363"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/free-plan-1703431646658-3_hu11f62a2e9324b69e5e68691630c9ae85_32031_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/free-plan-1703431646658-3_hu11f62a2e9324b69e5e68691630c9ae85_32031_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="选择计划"
class="gallery-image"
data-flex-grow="313"
data-flex-basis="752px"
>&lt;/p>
&lt;p>DNS设置&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/dns-process-1703431646658-4.png"
width="1146"
height="315"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/dns-process-1703431646658-4_hu78c0ad1a252729695f0113966e4b873e_29600_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/dns-process-1703431646658-4_hu78c0ad1a252729695f0113966e4b873e_29600_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="DNS设置流程"
class="gallery-image"
data-flex-grow="363"
data-flex-basis="873px"
>&lt;/p>
&lt;p>这里可以直接继续，然后回到域名停放服务商，更改如下配置，一般找到含有&lt;code>nameservers&lt;/code>相关选项更改&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/remove-nameservers-1703431646658-5.png"
width="664"
height="197"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/remove-nameservers-1703431646658-5_hu0991bab1d81ed4e849724f6dc9c15a73_14895_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/remove-nameservers-1703431646658-5_hu0991bab1d81ed4e849724f6dc9c15a73_14895_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="移除记录"
class="gallery-image"
data-flex-grow="337"
data-flex-basis="808px"
>&lt;/p>
&lt;p>添加记录&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-record-1703431646658-6.png"
width="497"
height="61"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-record-1703431646658-6_hu5b12ed5c109849f678f11a27e82b3294_3198_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/add-record-1703431646658-6_hu5b12ed5c109849f678f11a27e82b3294_3198_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="添加记录"
class="gallery-image"
data-flex-grow="814"
data-flex-basis="1955px"
>&lt;/p>
&lt;p>完成&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-1703431646659-10.png"
width="364"
height="147"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-1703431646659-10_hu3412975a4d379893495aef65e5960629_3725_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-1703431646659-10_hu3412975a4d379893495aef65e5960629_3725_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="完成DNS设置"
class="gallery-image"
data-flex-grow="247"
data-flex-basis="594px"
>&lt;/p>
&lt;p>和http、https有关的设置&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/http-config-1703431646659-7.png"
width="1025"
height="623"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/http-config-1703431646659-7_hu6f8a78434ff477d1a75fd5eae53d528a_26737_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/http-config-1703431646659-7_hu6f8a78434ff477d1a75fd5eae53d528a_26737_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="http设置"
class="gallery-image"
data-flex-grow="164"
data-flex-basis="394px"
>&lt;/p>
&lt;p>接下来就是检查设置完成状态（完成后会发送邮件）&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/check-nameservers-1703431646659-8.png"
width="706"
height="88"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/check-nameservers-1703431646659-8_hu88d8e5a4a3d9e50ceff9b118e6bd6b52_8171_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/check-nameservers-1703431646659-8_hu88d8e5a4a3d9e50ceff9b118e6bd6b52_8171_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="检测状态"
class="gallery-image"
data-flex-grow="802"
data-flex-basis="1925px"
>&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-dns-1703431646659-9.png"
width="775"
height="127"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-dns-1703431646659-9_hud3edb89a0d9a7b7e11d4f3bb61606e9b_13107_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/finish-dns-1703431646659-9_hud3edb89a0d9a7b7e11d4f3bb61606e9b_13107_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="完成设置DNS"
class="gallery-image"
data-flex-grow="610"
data-flex-basis="1464px"
>&lt;/p>
&lt;h2 id="修改记录">修改记录&lt;/h2>
&lt;p>左侧DNS设置&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/point-to-server-1703431646659-11.png"
width="286"
height="216"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/point-to-server-1703431646659-11_hu4f897ae621fa163b69c97021f7b147d4_7049_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/point-to-server-1703431646659-11_hu4f897ae621fa163b69c97021f7b147d4_7049_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="DNS记录设置"
class="gallery-image"
data-flex-grow="132"
data-flex-basis="317px"
>&lt;/p>
&lt;p>修改记录，使用一条A记录指向VPS主机&lt;/p>
&lt;h2 id="ssl-tls设置">SSL TLS设置&lt;/h2>
&lt;p>采用Strict模式（四种模式区别主要在于是否采用加密，是否采用VPS到Cloudflare之间加密）&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/full-strict-1703431646659-12.png"
width="1187"
height="1087"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/full-strict-1703431646659-12_hua54376800dd87b23b702f55dc1c8867e_85821_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/full-strict-1703431646659-12_hua54376800dd87b23b702f55dc1c8867e_85821_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="Full模式"
class="gallery-image"
data-flex-grow="109"
data-flex-basis="262px"
>&lt;/p>
&lt;p>证书类别&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/certificate-1703431646659-14.png"
width="267"
height="203"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/certificate-1703431646659-14_hu0b7d61e33e989c58078b6026d1941925_7156_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/certificate-1703431646659-14_hu0b7d61e33e989c58078b6026d1941925_7156_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="证书类别"
class="gallery-image"
data-flex-grow="131"
data-flex-basis="315px"
>&lt;/p>
&lt;p>边缘证书：指从用户浏览器到Cloudflare之间的加密证书&lt;/p>
&lt;p>服务端证书：指Cloudflare到VPS之间加密证书&lt;/p>
&lt;p>边缘证书是已经设置好的，会自动续期，不需要更改这里的配置&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/edge-cert-1703431646659-15.png"
width="1204"
height="630"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/edge-cert-1703431646659-15_hue2aab44c47e4b1923930687ce25a9186_58730_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/edge-cert-1703431646659-15_hue2aab44c47e4b1923930687ce25a9186_58730_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="边缘证书"
class="gallery-image"
data-flex-grow="191"
data-flex-basis="458px"
>&lt;/p>
&lt;p>设置客户端证书&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/client-cert-1703431646659-13.png"
width="1189"
height="980"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/client-cert-1703431646659-13_hu66016e68f0c881215e06e1c084900265_56044_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/client-cert-1703431646659-13_hu66016e68f0c881215e06e1c084900265_56044_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="客户端证书"
class="gallery-image"
data-flex-grow="121"
data-flex-basis="291px"
>&lt;/p>
&lt;p>把pem格式证书存到本地&lt;/p>
&lt;p>设置Origin Server加密（Customize encryption of traffic between your origin server and Cloudflare.）&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-enc-1703431646659-16.png"
width="1261"
height="314"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-enc-1703431646659-16_hu7a4a440f00d773dc9890ff6e6dc10144_25636_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-enc-1703431646659-16_hu7a4a440f00d773dc9890ff6e6dc10144_25636_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="Origin Server"
class="gallery-image"
data-flex-grow="401"
data-flex-basis="963px"
>&lt;/p>
&lt;p>设置说明&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-info-1703431646659-17.png"
width="1198"
height="539"
srcset="https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-info-1703431646659-17_huc6fd4d9a9b0066430390e4df865530bd_45204_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/%E4%BD%BF%E7%94%A8docker%E6%90%AD%E5%BB%BA%E7%AE%80%E5%8D%95%E9%9D%99%E6%80%81%E7%BD%91%E7%AB%99/origin-server-info-1703431646659-17_huc6fd4d9a9b0066430390e4df865530bd_45204_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="设置说明"
class="gallery-image"
data-flex-grow="222"
data-flex-basis="533px"
>&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl"># Origin Certificate Installation
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">Save the certificate and private key below to your client. To save, Click to copy and paste the contents into different files on your client, e.g. example.com.pem and example.com.key
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"># Origin Certificate
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"># Private key
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">Copy the contents of your private key below to your web server and set file permissions such that only your http server can access it. Additionally, you can optionally encrypt this file and provide a password to decrypt it during your origin web server startup. The private key data will not be stored at Cloudflare and will no longer be accessible once the creation is complete. Please make sure you have a local copy of this key.
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="nginx反向代理">Nginx反向代理&lt;/h1>
&lt;p>在宿主机上安装nginx&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;span class="lnt">8
&lt;/span>&lt;span class="lnt">9
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">sudo apt update
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo apt install nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl start nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl &lt;span class="nb">enable&lt;/span> nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># after config &lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl reload nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl restart nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># stop&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl stop nginx
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>配置文件&lt;code>xxxx.conf&lt;/code> 存放的位置&lt;code>/etc/nginx/sites-available/[flag].conf&lt;/code>&lt;/p>
&lt;p>这里的域名和端口都需要按照个人的需求更改&lt;code>[flag: 说明]&lt;/code>。&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;span class="lnt">18
&lt;/span>&lt;span class="lnt">19
&lt;/span>&lt;span class="lnt">20
&lt;/span>&lt;span class="lnt">21
&lt;/span>&lt;span class="lnt">22
&lt;/span>&lt;span class="lnt">23
&lt;/span>&lt;span class="lnt">24
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">server &lt;span class="o">{&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> listen 80&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">return&lt;/span> &lt;span class="m">301&lt;/span> https://&lt;span class="nv">$host$request_uri&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="o">}&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">server &lt;span class="o">{&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> server_name &lt;span class="o">[&lt;/span>flag:domain&lt;span class="o">]&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> listen &lt;span class="m">443&lt;/span> ssl http2&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl on&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_session_cache builtin:1000 shared:SSL:10m&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_protocols TLSv1 TLSv1.1 TLSv1.2&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_prefer_server_ciphers on&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_certificate /etc/nginx/&lt;span class="o">[&lt;/span>flag:path to store key&lt;span class="o">]&lt;/span>/&lt;span class="o">[&lt;/span>flag:domain&lt;span class="o">]&lt;/span>.pem&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> ssl_certificate_key /etc/nginx/&lt;span class="o">[&lt;/span>flag:path to store key&lt;span class="o">]&lt;/span>/&lt;span class="o">[&lt;/span>flag:domain&lt;span class="o">]&lt;/span>.key&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> location / &lt;span class="o">{&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_set_header Host &lt;span class="nv">$host&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_set_header X-Real-IP &lt;span class="nv">$remote_addr&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_set_header X-Forwarded-For &lt;span class="nv">$proxy_add_x_forwarded_for&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_set_header X-Forwarded-Proto &lt;span class="nv">$scheme&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_read_timeout 90&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_redirect http://&lt;span class="o">[&lt;/span>flag:host ip&lt;span class="o">]&lt;/span>:&lt;span class="o">[&lt;/span>flag:host port&lt;span class="o">]&lt;/span> https://&lt;span class="o">[&lt;/span>flag:domain&lt;span class="o">]&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> proxy_pass http://&lt;span class="o">[&lt;/span>flag:host ip&lt;span class="o">]&lt;/span>:&lt;span class="o">[&lt;/span>flag:host port&lt;span class="o">]&lt;/span>&lt;span class="p">;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="o">}&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="o">}&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>软链接&lt;code>sudo ln -s /etc/nginx/sites-available/proxy.conf /etc/nginx/sites-enabled/&lt;/code>，完成配置之后重启nginx服务。&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">sudo nginx -s reload
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl reload nginx
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl restart nginx
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="启动">启动&lt;/h1>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;span class="lnt">8
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 根据当前目录Dockerfile生成image&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">docker build -t &lt;span class="o">[&lt;/span>flag&lt;span class="o">]&lt;/span> .
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 运行&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">docker run -d -p &lt;span class="o">[&lt;/span>flag:host port&lt;span class="o">]&lt;/span>:80 --name &lt;span class="o">[&lt;/span>flag:container name&lt;span class="o">]&lt;/span> &lt;span class="o">[&lt;/span>flag:image name&lt;span class="o">]&lt;/span>:&lt;span class="o">[&lt;/span>flag:image tag&lt;span class="o">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl start nginx.service
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sudo systemctl &lt;span class="nb">enable&lt;/span> nginx.service
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 检查nginx状态&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">systemctl status nginx
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div></description></item><item><title>ssh-Keygen与密钥格式</title><link>https://expanse.rsvp/p/ssh-keygen%E4%B8%8E%E5%AF%86%E9%92%A5%E6%A0%BC%E5%BC%8F/</link><pubDate>Sun, 05 Nov 2023 16:01:57 +0800</pubDate><guid>https://expanse.rsvp/p/ssh-keygen%E4%B8%8E%E5%AF%86%E9%92%A5%E6%A0%BC%E5%BC%8F/</guid><description>&lt;p>ssh-keygen是用于生成ssh密钥对的程序，可以生成多种非对称加密（如RSA、ECC等）的密钥对，用于SSH登录认证或者其他需要使用签名的场合等等（如Github登录或仓库Actions的运行等）。&lt;/p>
&lt;h1 id="opensslssh-keygen">openssl&amp;amp;ssh-keygen&lt;/h1>
&lt;h2 id="两种生成密钥对的方法">两种生成密钥对的方法&lt;/h2>
&lt;p>使用&lt;code>ssh-keygen &lt;/code>加对应的&lt;a class="link" href="https://en.wikipedia.org/wiki/Ssh-keygen#Command_syntax" target="_blank" rel="noopener"
>选项参数&lt;/a>即可生成相关的密钥对，生成一个默认的密钥对只需要运行&lt;code>ssh-keygen&lt;/code>按照提示操作（默认目录是在家目录的.ssh目录中），以下是使用参数生成的密钥对，并指定目录&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">ssh-keygen -t rsa -b &lt;span class="m">1024&lt;/span> -C &lt;span class="s2">&amp;#34;&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>生成RSA密钥对(1024bits)&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">openssl genrsa -out test.key &lt;span class="m">1024&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="openssl读取私钥">openssl读取私钥&lt;/h2>
&lt;p>使用openssl读取私钥&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">openssl rsa -in test.key -text
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="私钥结构">私钥结构&lt;/h2>
&lt;h3 id="rsa私钥">RSA私钥&lt;/h3>
&lt;p>一个RSA私钥的结构中包含了如下的几个部分。&lt;/p>
&lt;ol>
&lt;li>$\text{n}$模数&lt;/li>
&lt;li>$\text{e}$公共指数，默认为65537&lt;/li>
&lt;li>$\text{d}$私钥&lt;/li>
&lt;li>$\text{p(q)}$第一个大质数&lt;/li>
&lt;li>$\text{q(p)}$第二个大质数&lt;/li>
&lt;li>$\text{dp}:d\pmod{p-1}$dp&lt;/li>
&lt;li>$\text{dq}:d\pmod{q-1}$dq&lt;/li>
&lt;li>$\text{coefficient}:q^{-1}\pmod{p}$&lt;/li>
&lt;/ol>
&lt;h4 id="使用python读取rsa私钥">使用Python读取RSA私钥&lt;/h4>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">Crypto.PublicKey&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="n">RSA&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">Crypto.Util.number&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="o">*&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">with&lt;/span> &lt;span class="nb">open&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s2">&amp;#34;test.key&amp;#34;&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="s2">&amp;#34;rb&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="k">as&lt;/span> &lt;span class="n">f&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">content&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">f&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">read&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">key&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">RSA&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">import_key&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">content&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">assert&lt;/span> &lt;span class="n">isPrime&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">q&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="ow">and&lt;/span> &lt;span class="n">isPrime&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">p&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="ow">and&lt;/span> &lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">p&lt;/span>&lt;span class="o">*&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">q&lt;/span>&lt;span class="o">==&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">n&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">e&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">n&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">q&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">key&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">p&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="密钥格式">密钥格式&lt;/h1>
&lt;p>输入的命令不同，生成的私钥内容也是有去别的，如果使用默认的&lt;code>ssh-keygen&lt;/code>生成的私钥文件是无法通过Openssl直接读取的，如果想要通过Openssl命令读取rsa私钥文件，需要在生成的时候使用&lt;code>openssl&lt;/code>命令。&lt;/p>
&lt;p>这两种文件格式的开头和结尾也有区别，如果使用&lt;code>ssh-keygen&lt;/code>命令直接创建，开头和结尾为：&lt;code>-----BEGIN OPENSSH PRIVATE KEY-----&lt;/code>和&lt;code>-----END OPENSSH PRIVATE KEY-----&lt;/code>此时生成的是ssh的密钥；如果使用Openssl命令并指定的加密算法创建密钥对，生成的密钥对的开头和结尾是：&lt;code>-----BEGIN PRIVATE KEY-----&lt;/code>和&lt;code>-----END PRIVATE KEY-----&lt;/code>,这两种密钥对形式有相似，但是并不是一样的密钥类型，无法使用&lt;code>openssl rsa .....&lt;/code>命令读取ssh-keygen生成的ssh密钥，所以使用openssl命令读取ssh-keygen的私钥的时候无法成功。&lt;/p>
&lt;h1 id="reference">Reference&lt;/h1>
&lt;p>&lt;a class="link" href="https://en.wikipedia.org/wiki/OpenSSL" target="_blank" rel="noopener"
>OpenSSL - wiki&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://www.openssl.org/" target="_blank" rel="noopener"
>OpenSSL - Toolkit&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://en.wikipedia.org/wiki/Ssh-keygen" target="_blank" rel="noopener"
>ssh-keygen - wiki&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://man.openbsd.org/OpenBSD-current/man1/ssh-keygen.1#NAME" target="_blank" rel="noopener"
>ssh-keygen manual&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://security.stackexchange.com/questions/29876/what-are-the-differences-between-ssh-generated-keysssh-keygen-and-openssl-keys" target="_blank" rel="noopener"
>What are the differences between ssh generated keys(ssh-keygen) and OpenSSL keys (PEM)and what is more secure for ssh remote login?&lt;/a>&lt;/p>
&lt;p>[&lt;a class="link" href="https://superuser.com/questions/1679344/for-valid-pem-i-get-unable-to-load-private-key-by-openssh" target="_blank" rel="noopener"
>For valid PEM I get unable to load private key by openssh&lt;/a>](&lt;a class="link" href="https://superuser.com/questions/1679344/for-valid-pem-i-get-unable-to-load-private-key-by-openssh" target="_blank" rel="noopener"
>https://superuser.com/questions/1679344/for-valid-pem-i-get-unable-to-load-private-key-by-openssh&lt;/a>)&lt;/p>
&lt;p>&lt;a class="link" href="https://blog.cryptohack.org/twitter-secrets" target="_blank" rel="noopener"
>RECOVERING A FULL PEM PRIVATE KEY WHEN HALF OF IT IS REDACTED&lt;/a>&lt;/p>
&lt;p>&lt;a class="link" href="https://pycryptodome.readthedocs.io/en/latest/src/public_key/rsa.html" target="_blank" rel="noopener"
>PyCryptodome - readthedocs&lt;/a>&lt;/p></description></item><item><title>Mac搭建环境</title><link>https://expanse.rsvp/p/mac%E6%90%AD%E5%BB%BA%E7%8E%AF%E5%A2%83/</link><pubDate>Sun, 10 Sep 2023 17:25:39 +0800</pubDate><guid>https://expanse.rsvp/p/mac%E6%90%AD%E5%BB%BA%E7%8E%AF%E5%A2%83/</guid><description>&lt;h1 id="前言">前言&lt;/h1>
&lt;p>本文主要记录的是CTF比赛 Crypto类中环境的搭建，根据本人的需要会随时更新文章，等不更新了就说明环境基本没什么变化了。&lt;/p>
&lt;h1 id="系统">系统&lt;/h1>
&lt;p>Homebrew的安装(二进制文件安装似乎不是很好用，总是报错)：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># https://brew.sh/index_zh-cn&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 或者使用命令；&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 访问bin：https://github.com/Homebrew/brew/releases/tag/4.1.9，使用pkg安装&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">/bin/bash -c &lt;span class="s2">&amp;#34;&lt;/span>&lt;span class="k">$(&lt;/span>curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/uninstall.sh&lt;span class="k">)&lt;/span>&lt;span class="s2">&amp;#34;&lt;/span> &lt;span class="c1"># 卸载&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">/bin/bash -c &lt;span class="s2">&amp;#34;&lt;/span>&lt;span class="k">$(&lt;/span>curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh&lt;span class="k">)&lt;/span>&lt;span class="s2">&amp;#34;&lt;/span>&lt;span class="c1"># 安装&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew doctor
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew cleanup
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>go环境安装：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># https://go.dev/dl/&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew install go
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>hugo安装：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">sudo chown -R &lt;span class="k">$(&lt;/span>whoami&lt;span class="k">)&lt;/span> /usr/local/opt
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">chmod u+w /usr/local/opt
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew install hugo
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="python">python&lt;/h1>
&lt;p>python的环境搭建比较简单，只需要安装几个固定的库就可以了，vscode 就能满足条件，这个不需要其他太多的东西，常用的库有如下几个：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">gmpy2
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">pycryptodome
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sympy &lt;span class="c1"># 自带mpmath&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">numpy
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">pwntools &lt;span class="c1">#https://pwntools-docs-zh.readthedocs.io/zh_CN/dev/install/binutils.html#mac-os-x&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># pwntools的安装需要预先安装binutils ，最好的方式是git clone 下来之后用shell安装&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">git clone https://github.com/Gallopsled/pwntools-binutils.git
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">cd&lt;/span> pwntools-binutils/
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">cd&lt;/span> macos
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">./install_all.sh &lt;span class="c1"># 出错是正常的，因为架构的问题，安装不上arm的版本没关系&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 可以试试install.sh 选择全安装在mac上安装和构建花了很久，而且报错很多&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>写一个python的环境安装txt吧：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;span class="lnt">8
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl"># mac os env
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"># requirements.txt
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">gmpy2
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">pycryptodome
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">sympy
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">numpy
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">pwntools
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">pyelftools == 0.29
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="pwntools安装">pwntools安装&lt;/h2>
&lt;p>python3.9的支持似乎不是很好，准备一个3.10.11试试,这里有两种下载的方式，一种是源码，另一种是安装文件，其中源码提供了tgz文件，这里先用安装包安装了，太麻烦了:&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">#https://www.python.org/downloads/macos/
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">#https://www.python.org/downloads/release/python-31013/
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>可以发现python3.10的启动是通过python3.10的bash指令启动，而不是python3，需要将python3.10.11设置为默认的python版本，并设置相关的库。（看下面，不用设置，改vsc的就行，直接在python3.10里面安装库）&lt;/p>
&lt;p>反转了，是版本问题，直接改vsc的配置，然后把pwntools的其中依赖库改为0.29&lt;a class="link" href="https://github.com/Gallopsled/pwntools/issues/2260" target="_blank" rel="noopener"
>🔗&lt;/a>:&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">pip3 install pyelftools==0.29 # 完事
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>pwntools的安装有些麻烦，在mac上构建binunits总会有各种奇怪的错误：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">brew cleanup binutils
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew install binutils
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew reinstall binutils
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> echo &amp;#39;export PATH=&amp;#34;/usr/local/opt/binutils/bin:$PATH&amp;#34;&amp;#39; &amp;gt;&amp;gt; ~/.profile
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> export LDFLAGS=&amp;#34;-L/usr/local/opt/binutils/lib&amp;#34;
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> export CPPFLAGS=&amp;#34;-I/usr/local/opt/binutils/include&amp;#34;
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> brew update
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>还有一些github开源的工具，都可以安装，不过后者就是一些固定的脚本，最后就是一些自己收集的现成脚本之类的了。&lt;/p>
&lt;p>mac下python的环境配置,在当前打开的工作区中,也可以把这些加入用户的设置中(settings.json)：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-json" data-lang="json">&lt;span class="line">&lt;span class="cl">&lt;span class="s2">&amp;#34;code-runner.runInTerminal&amp;#34;&lt;/span>&lt;span class="err">:&lt;/span> &lt;span class="kc">false&lt;/span>&lt;span class="err">,&lt;/span> &lt;span class="c1">// 这里的话true是在终端输出结果，false是在输出栏那边输出
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1">&lt;/span> &lt;span class="s2">&amp;#34;python.pythonPath&amp;#34;&lt;/span>&lt;span class="err">:&lt;/span> &lt;span class="s2">&amp;#34;/usr/local/bin/python3&amp;#34;&lt;/span>&lt;span class="err">,&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="s2">&amp;#34;code-runner.executorMap&amp;#34;&lt;/span>&lt;span class="err">:&lt;/span> &lt;span class="p">{&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nt">&amp;#34;python&amp;#34;&lt;/span>&lt;span class="p">:&lt;/span> &lt;span class="s2">&amp;#34;python3 -u&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="p">}&lt;/span>&lt;span class="err">,&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="sagemath">Sagemath&lt;/h1>
&lt;p>sage是一个开源的数学软件，用于进行一些数学运算，特别是有关代数的相关运算。&lt;/p>
&lt;p>sage对于windows的支持在9.3，而在linux上的支持较新，如果在linux上安装也是可以的，不过在mac上可以直接安装sage，毕竟sage提供了很多快捷的函数。&lt;/p>
&lt;p>sage的二进制版本下载：https://github.com/3-manifolds/Sage_macOS/releases。因为笔者的笔记本还是Intel的处理器，所以下载的是x86的dmg文件，现在的Mac应该下载的都是ARM版本的了吧（大概）。截止到2023年秋季，sagemath对于Mac支持到了10.x的版本，相比Windows新了不少，而且直接下载mac版本的sage，可以不需要Linux安装sage那么麻烦。&lt;/p>
&lt;p>下载完成后直接拖动就行了，一般情况下不需要配置多余的内容。此时下方栏中会有一个sage的图标，点开的时候会提供选项是进入哪个环境。比如会有一个shell和jupyter的环境可以选择，一般个人习惯用jupyter了，比如可以选择jupyter v7，需要注意的是，sage里面需要重新安装上面提到的库才能运行，否则是无法运行上面的库中的函数，也无法导入。&lt;/p>
&lt;p>sage安装包安装时没问题的，可以正常打开。&lt;/p>
&lt;h1 id="虚拟机">虚拟机&lt;/h1>
&lt;p>虚拟机用的是Vmware的Fusion 13Pro，平时快照，备份都还可以。&lt;/p>
&lt;h1 id="其他软件和应用">其他软件和应用&lt;/h1>
&lt;h2 id="cyberchef">CyberChef&lt;/h2>
&lt;p>chef是一个集合了很多功能的软件，无论是在线还是本地，都能使用不仅包含编码、加密解密、查看文件等功能。&lt;/p>
&lt;h2 id="ciphey">ciphey&lt;/h2>
&lt;p>ciphey是一个自动工具，但是一般情况是对于英文的识别更好，可以自动解码复杂的编码过程之后的字符串。相关链接：&lt;a class="link" href="https://github.com/Ciphey/Ciphey/blob/master/translations/zh/README.md" target="_blank" rel="noopener"
>🔗&lt;/a>&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">python3 -m pip install ciphey --upgrade
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">python3 -m pip install -U ciphey
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>相比chef，ciphey 在处理较为庞大的数据的时候更有优势，但是如果是操作较为复杂的情况下，而且数据规模不大，chef更有优势一些。&lt;/p>
&lt;p>还有一个问题：&lt;/p>
&lt;p>&lt;strong>Ciphey doesn&amp;rsquo;t work on Windows with Python 3.9+, use Python 3.7 or Python 3.8. Other platforms are fine with Python 3.9, Python 3.10 doesn&amp;rsquo;t work.&lt;/strong>&lt;/p>
&lt;p>也就是说，这波只能用python3.9跑了，算了，再下一个3.8，我佛了：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">https://www.python.org/downloads/release/python-3810/
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">brew install ciphey
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>总算能用了卧槽了。&lt;/p>
&lt;h2 id="yafu">yafu&lt;/h2>
&lt;p>这是一个集合了多种分解大数的工具，但是有些情况下分解出来的可能是合数，如过模数的生成过程小质数的bit大小相同，则需要判断结果中长度，如果有明显的区别，可能是因为没有分解彻底。&lt;/p>
&lt;p>如果需要运行在虚拟机中，可以考虑安装一个win10的虚拟机，占用不是特别大（安装的软件很少的情况）。&lt;/p>
&lt;p>这个东西不行就算了，还是整个库吧，配个环境累的不行，真绷不住了。&lt;/p></description></item><item><title>快速搭建crypto交互型题目</title><link>https://expanse.rsvp/p/%E5%BF%AB%E9%80%9F%E6%90%AD%E5%BB%BAcrypto%E4%BA%A4%E4%BA%92%E5%9E%8B%E9%A2%98%E7%9B%AE/</link><pubDate>Mon, 21 Aug 2023 05:52:28 +0800</pubDate><guid>https://expanse.rsvp/p/%E5%BF%AB%E9%80%9F%E6%90%AD%E5%BB%BAcrypto%E4%BA%A4%E4%BA%92%E5%9E%8B%E9%A2%98%E7%9B%AE/</guid><description>&lt;h1 id="搭建环境">搭建环境&lt;/h1>
&lt;p>vps使用的是Ubuntu20.04+docker&lt;/p>
&lt;p>dockerfile一般用官方给出来的就行，或者找一个能交互的题目的dockerfile（比赛结束之后去discord或者github）。我的实例中没有用到socket库，这种docker不需要。&lt;/p>
&lt;p>在这里不详细解释更细致的内容，一般情况下需要更改的部分是dockerfile中的python版本，额外的库，其他的直接按照部署docker的方式来就行，测试的时候如果中断可能是网络问题。&lt;/p>
&lt;h1 id="实例">实例&lt;/h1>
&lt;p>这是一个交互计算的题目，需要通过计算100个乘法运算，获取最终的flag。&lt;/p>
&lt;h2 id="dockerfile">dockerfile&lt;/h2>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-dockerfile" data-lang="dockerfile">&lt;span class="line">&lt;span class="cl">&lt;span class="k">FROM&lt;/span>&lt;span class="s"> python:3.10&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="c"># dockerfile of test&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">RUN&lt;/span> apt update &lt;span class="o">&amp;amp;&amp;amp;&lt;/span> apt upgrade -y&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">RUN&lt;/span> apt install socat -y&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">RUN&lt;/span> pip install pycryptodome&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="c"># modify here,from src to dst&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">ADD&lt;/span> calculator.py task.py &lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">ADD&lt;/span> secret.py secret.py&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="c"># modify EXEC:&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="err">&lt;/span>&lt;span class="k">CMD&lt;/span> socat -T &lt;span class="m">2&lt;/span> -dd -v &amp;gt;/dev/stdout TCP-L:60000,fork,reuseaddr EXEC:&lt;span class="s2">&amp;#34;python -u task.py&amp;#34;&lt;/span>&lt;span class="err">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="task-script">task script&lt;/h2>
&lt;p>calculator.py:&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;span class="lnt">18
&lt;/span>&lt;span class="lnt">19
&lt;/span>&lt;span class="lnt">20
&lt;/span>&lt;span class="lnt">21
&lt;/span>&lt;span class="lnt">22
&lt;/span>&lt;span class="lnt">23
&lt;/span>&lt;span class="lnt">24
&lt;/span>&lt;span class="lnt">25
&lt;/span>&lt;span class="lnt">26
&lt;/span>&lt;span class="lnt">27
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="kn">import&lt;/span> &lt;span class="nn">random&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">secret&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="n">flag&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">rounds&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="mi">100&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">welcome&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s2">&amp;#34;&amp;#34;&amp;#34; .----------------. .----------------. .----------------. .----------------.
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| .--------------. || .--------------. || .--------------. || .--------------. |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | _________ | || | _________ | || | _______ | || | _________ | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | | _ _ | | || | |_ ___ | | || | / ___ | | || | | _ _ | | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | |_/ | | \_| | || | | |_ \_| | || | | (__ \_| | || | |_/ | | \_| | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | | | | || | | _| _ | || | &amp;#39;.___`-. | || | | | | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | _| |_ | || | _| |___/ | | || | |`\____) | | || | _| |_ | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | |_____| | || | |_________| | || | |_______.&amp;#39; | || | |_____| | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| | | || | | || | | || | | |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2">| &amp;#39;--------------&amp;#39; || &amp;#39;--------------&amp;#39; || &amp;#39;--------------&amp;#39; || &amp;#39;--------------&amp;#39; |
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="s2"> &amp;#39;----------------&amp;#39; &amp;#39;----------------&amp;#39; &amp;#39;----------------&amp;#39; &amp;#39;----------------&amp;#39; &amp;#34;&amp;#34;&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">def&lt;/span> &lt;span class="nf">task&lt;/span>&lt;span class="p">():&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">welcome&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">for&lt;/span> &lt;span class="n">_&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="nb">range&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">rounds&lt;/span>&lt;span class="p">):&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">a&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">b&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">random&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">randint&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="mi">1000&lt;/span>&lt;span class="p">),&lt;/span>&lt;span class="n">random&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">randint&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="mi">1000&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">c&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">a&lt;/span>&lt;span class="o">*&lt;/span>&lt;span class="n">b&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">cho&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="nb">input&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="sa">f&lt;/span>&lt;span class="s2">&amp;#34;Please input your answer of &lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s2">*&lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">b&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s2">:&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">if&lt;/span> &lt;span class="n">cho&lt;/span> &lt;span class="o">==&lt;/span> &lt;span class="nb">str&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">c&lt;/span>&lt;span class="p">):&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s2">&amp;#34;Right!&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">else&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">exit&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="s2">&amp;#34;Wrong...&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="sa">f&lt;/span>&lt;span class="s2">&amp;#34;Here is your flag:&lt;/span>&lt;span class="si">{&lt;/span>&lt;span class="n">flag&lt;/span>&lt;span class="si">}&lt;/span>&lt;span class="s2">&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">task&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>secret.py:&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">uuid&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="n">uuid1&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># test = &amp;#34;flag{&amp;#34;+str(uuid1()) + &amp;#34;}&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># print(test)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">flag&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s2">&amp;#34;flag{.....}&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="write-up">write up&lt;/h2>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-python" data-lang="python">&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># solve.py&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="kn">from&lt;/span> &lt;span class="nn">pwn&lt;/span> &lt;span class="kn">import&lt;/span> &lt;span class="o">*&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">ip&lt;/span>&lt;span class="o">=&lt;/span>&lt;span class="s2">&amp;#34;&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">port&lt;/span>&lt;span class="o">=&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">p&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">remote&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">ip&lt;/span>&lt;span class="p">,&lt;/span>&lt;span class="n">port&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">pad&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="s2">&amp;#34;Please input your answer of &amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">p&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">recvlines&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="mi">11&lt;/span>&lt;span class="p">)&lt;/span> &lt;span class="c1"># 跳过welcome&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="k">while&lt;/span> &lt;span class="mi">1&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">res&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">p&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">recv&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">res&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="k">if&lt;/span> &lt;span class="sa">b&lt;/span>&lt;span class="s2">&amp;#34;flag{&amp;#34;&lt;/span> &lt;span class="ow">in&lt;/span> &lt;span class="n">res&lt;/span>&lt;span class="p">:&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">exit&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">res&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">l&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="n">res&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="nb">len&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">pad&lt;/span>&lt;span class="p">):&lt;/span>&lt;span class="o">-&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">]&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">split&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="sa">b&lt;/span>&lt;span class="s2">&amp;#34;*&amp;#34;&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">ans&lt;/span> &lt;span class="o">=&lt;/span> &lt;span class="nb">str&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">l&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="mi">0&lt;/span>&lt;span class="p">])&lt;/span>&lt;span class="o">*&lt;/span>&lt;span class="nb">int&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">l&lt;/span>&lt;span class="p">[&lt;/span>&lt;span class="mi">1&lt;/span>&lt;span class="p">]))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">p&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">sendline&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="nb">bytes&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">ans&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">encode&lt;/span>&lt;span class="p">()))&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">a&lt;/span>&lt;span class="o">=&lt;/span>&lt;span class="n">p&lt;/span>&lt;span class="o">.&lt;/span>&lt;span class="n">recvline&lt;/span>&lt;span class="p">()&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="nb">print&lt;/span>&lt;span class="p">(&lt;/span>&lt;span class="n">a&lt;/span>&lt;span class="p">)&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="bash">bash&lt;/h2>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">docker build -t &lt;span class="nb">test&lt;/span> .
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># vps端口：容器端口， 容器名称：镜像名称&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">docker run -d -p 50000:60000 --name cryptotest &lt;span class="nb">test&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 这样容器一直在运行，只需要nc访问对应的端口就可以了&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h1 id="其他">其他&lt;/h1>
&lt;h2 id="ascii艺术字">ASCII艺术字&lt;/h2>
&lt;p>有时候题目开始的时候会有一个题目的名字显示，在终端中用ascii艺术字展示的，这里有网站可以实现这种方法(或者搜索ascii艺术字也可以)：&lt;/p>
&lt;p>&lt;a class="link" href="https://patorjk.com/software/taag/#p=display&amp;amp;f=Graffiti&amp;amp;t=Type%20Something%20" target="_blank" rel="noopener"
>艺术字网站：patorjk&lt;/a>&lt;/p>
&lt;h2 id="域名端口的说明">域名+端口的说明&lt;/h2>
&lt;p>一些比赛给的靶机带有域名，可以使用反向代理，但是我没有试过，有时间可能会试试（可能有更简单的方法，有时间研究一下）。&lt;/p></description></item><item><title>Hugo+GithubPages+Actions博客搭建</title><link>https://expanse.rsvp/p/hugo-githubpages-actions%E5%8D%9A%E5%AE%A2%E6%90%AD%E5%BB%BA/</link><pubDate>Thu, 29 Jun 2023 02:03:52 +0800</pubDate><guid>https://expanse.rsvp/p/hugo-githubpages-actions%E5%8D%9A%E5%AE%A2%E6%90%AD%E5%BB%BA/</guid><description>&lt;h1 id="前言">前言&lt;/h1>
&lt;p>之前试过在blogger和GitHub Pages搭建博客，也用过docker+WordPress搭建，但是后者因为日志过大，加上markdown写起来不是很方面，所以现在又用hugo+GitHub Pages +Actions来搭，这样markdown写起来方便，离线的时候用起来方便&lt;/p>
&lt;h1 id="优势">优势&lt;/h1>
&lt;p>对于docker搭建wordpress的博客是很舒服的，不用考虑图床之类的问题。只需要担心的是wordpress插件会不会出问题之类的， 配置需要一些时间，反向代理域名和端口，还有CF配置SSL等。&lt;/p>
&lt;p>hugo相比hexo生成个人感觉好用一些。首先hugo部署很方便，而且环境配置只需要配置环境变量然后就能用了。配置问题主要是Actions的部分，还有就是CF的ip添加一次只能添加一个，比Google的麻烦一些。但是Actions确实很好用，省去了本地生成的麻烦，只需要push到博客仓库就行了（此处的博客仓库是一个私有仓库，不是公开的仓库）。&lt;/p>
&lt;h1 id="部署">部署&lt;/h1>
&lt;p>首先，需要拥有一个github账号，并且在这个账号中建立两个仓库：&lt;/p>
&lt;p>1.用于存储hugo site的源码，并且在这个仓库中加入Actions的文件，用于实现github的actions生成。&lt;/p>
&lt;p>2.用于存储生成之后的网站的源码，这个仓库就是用于展示的仓库。&lt;/p>
&lt;p>完成前置条件之后，部署博客的大体思路是这样的：&lt;/p>
&lt;p>作者首先安装Go语言的环境和hugo，然后初始化site，配置本地的site文件，推送到github的源码仓库，由源码仓库中的Actions执行生成&lt;code>name.github.io&lt;/code>仓库中的内容，打开这个链接就可以访问了，之后配置cloudflare之类的比较简单了。&lt;/p>
&lt;h2 id="go和hugo环境配置">go和hugo环境配置&lt;/h2>
&lt;p>下载go语言的安装包，添加bin目录到环境变量中（win平台是安装的，所以不需要）：&lt;/p>
&lt;p>下载地址：https://go.dev/dl/&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="n">tar&lt;/span> &lt;span class="n">-zxvf&lt;/span> &lt;span class="s1">&amp;#39;下载的文件名字&amp;#39;&lt;/span> &lt;span class="n">go&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 添加环境变量&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">export&lt;/span> &lt;span class="n">PATH&lt;/span>&lt;span class="p">=&lt;/span>&lt;span class="nv">$PATH&lt;/span>&lt;span class="err">:&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">usr&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">local&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">go&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">bin&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">authorized_keys&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>安装hugo并且配置hugo&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 下载地址：https://github.com/gohugoio/hugo/releases&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 解压缩到对应的目录，然后添加环境变量，当在win中运行&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">where &lt;/span>&lt;span class="n">hugo&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c">#如果有结果就说明hugo配置好了&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>在网站的父目录中创建网站：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="n">hugo&lt;/span> &lt;span class="n">new&lt;/span> &lt;span class="n">site&lt;/span> &lt;span class="s2">&amp;#34;your site&amp;#39;s name&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>添加主题，因为这个时候的hugo网站是没有主题的，所以需要添加主题，在此之前，先说明hugo在本地的生成是有两种的，一种是&lt;code>hugo server -D&lt;/code>这种是生成所有的文章预览，包括草稿，如果开始的框中的&lt;code>draft:true&lt;/code>这种情况下，只用&lt;code>hugo server&lt;/code>是无法生成预览的，把true改为false，才能生成预览，这种情况之下，及时推送到github然后actions也没有文章可以看到。&lt;/p>
&lt;p>清除git所用的代理配置：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">config&lt;/span> &lt;span class="p">-&lt;/span>&lt;span class="n">-global&lt;/span> &lt;span class="p">-&lt;/span>&lt;span class="n">-unset&lt;/span> &lt;span class="n">http&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="py">proxy&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">config&lt;/span> &lt;span class="p">-&lt;/span>&lt;span class="n">-global&lt;/span> &lt;span class="p">-&lt;/span>&lt;span class="n">-unset&lt;/span> &lt;span class="n">https&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="py">proxy&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 手动删除 ~/.gitconfig 也可以实现重置配置的效果&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>将&lt;code>theme\examplseSite&lt;/code>里面的config.yoml东西复制出来，放到网站的根目录中，这时候就基本相当于配置好了一个基本的网站了（里面的内容还是examplesite的）。&lt;/p>
&lt;h2 id="推送到github">推送到github&lt;/h2>
&lt;p>推送到github需要有两个步骤，首先需要将账户登录到git，这里需要配置密钥对，生成的方式：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="nb">ssh-keygen&lt;/span> &lt;span class="n">-t&lt;/span> &lt;span class="n">rsa&lt;/span> &lt;span class="n">-b&lt;/span> &lt;span class="mf">4096&lt;/span> &lt;span class="n">-C&lt;/span> &lt;span class="s2">&amp;#34;deploy_github_pages&amp;#34;&lt;/span> &lt;span class="o">-f&lt;/span> &lt;span class="s1">&amp;#39;这里是你想要给密钥的命名&amp;#39;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 生成一个key文件还有一个key.pub文件（假设在-f之后的名字是key）&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>第一个密钥对：&lt;/p>
&lt;p>首先配置github认证需要的两个密钥，私钥放到本地，公钥上传到Settins|SSH and GPG keys|Authentication Keys 这里。&lt;/p>
&lt;p>然后就可以git来推送文件了。&lt;/p>
&lt;p>第二个密钥对：&lt;/p>
&lt;p>用于连接两个仓库，一个是私有仓库用于存放hugo site根目录中的所有文件，在这个仓库中的&lt;code>Settings|Secrets and variables|&lt;/code>中部署私钥，这里的私钥就是类似key里面的内容，直接全部复制到里面就行了，这里的名字要记住，然后在actions中的文件配置需要用到。&lt;/p>
&lt;p>公钥的位置放到&lt;code>name.github.io&lt;/code>仓库中的&lt;code>Settings|Deploy keys&lt;/code>位置，建议起名字的时候可以和前面的私钥对应，或者方便识别。&lt;/p>
&lt;p>配置好了密钥之后，可以初始化本地仓库，完成之后就可以推送到远程的私有仓库，在私有仓库中的actions页面执行生成静态网站的步骤。&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">init&lt;/span> &lt;span class="n">-b&lt;/span> &lt;span class="n">main&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 合并仓库到私有仓库&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">remote&lt;/span> &lt;span class="n">add&lt;/span> &lt;span class="n">origin&lt;/span> &lt;span class="n">git&lt;/span>&lt;span class="nv">@github&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="n">com&lt;/span>&lt;span class="err">:&lt;/span>&lt;span class="n">xxx&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">xxxx&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="py">git&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 没办法的情况下强行合并&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">push&lt;/span> &lt;span class="o">-f&lt;/span> &lt;span class="n">origin&lt;/span> &lt;span class="n">master&lt;/span> &lt;span class="c">#注意，这一步可能有问题，建议根据自己的实际的branch更改master或者main&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>一般情况下如果顺利的部署步骤是：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="c"># cd 到网站的根目录&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">add&lt;/span> &lt;span class="p">.&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">commit&lt;/span> &lt;span class="n">-m&lt;/span> &lt;span class="s2">&amp;#34;你为这次推送的评论&amp;#34;&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">push&lt;/span> &lt;span class="n">origin&lt;/span> &lt;span class="n">main&lt;/span> &lt;span class="c"># 因为我的分支是main，所以推送到main&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="配置actions">配置actions&lt;/h2>
&lt;p>actions是一个可以进行自动化测试的工具，比如可以通过配置文件，将源代码生成为&lt;code>./public&lt;/code>中的静态网站，并且推送到一个共有的仓库，这样私有仓库中的一些源码等内容不会在共有仓库中显示。&lt;/p>
&lt;p>对于github 的actions工具，会有一个类似shell的运行结果，如果出现了失败，会有报错，根据报错搜索就可以找到解决方案，一般来说google出来的结果可以解决，actions的运行报错类似如&lt;/p>
&lt;p>&lt;img src="https://expanse.rsvp/p/hugo-githubpages-actions%E5%8D%9A%E5%AE%A2%E6%90%AD%E5%BB%BA/image-20230630000932681.png"
width="1281"
height="588"
srcset="https://expanse.rsvp/p/hugo-githubpages-actions%E5%8D%9A%E5%AE%A2%E6%90%AD%E5%BB%BA/image-20230630000932681_hu910e905e1e6473bee9a11908b54178b0_63387_480x0_resize_box_3.png 480w, https://expanse.rsvp/p/hugo-githubpages-actions%E5%8D%9A%E5%AE%A2%E6%90%AD%E5%BB%BA/image-20230630000932681_hu910e905e1e6473bee9a11908b54178b0_63387_1024x0_resize_box_3.png 1024w"
loading="lazy"
alt="报错实例"
class="gallery-image"
data-flex-grow="217"
data-flex-basis="522px"
>&lt;/p>
&lt;p>配置这个文件，需要在网站的根目录中添加目录：&lt;code>.github/workflows/&lt;/code>写一个yml格式的文件。&lt;/p>
&lt;p>我的文件格式如下：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt"> 1
&lt;/span>&lt;span class="lnt"> 2
&lt;/span>&lt;span class="lnt"> 3
&lt;/span>&lt;span class="lnt"> 4
&lt;/span>&lt;span class="lnt"> 5
&lt;/span>&lt;span class="lnt"> 6
&lt;/span>&lt;span class="lnt"> 7
&lt;/span>&lt;span class="lnt"> 8
&lt;/span>&lt;span class="lnt"> 9
&lt;/span>&lt;span class="lnt">10
&lt;/span>&lt;span class="lnt">11
&lt;/span>&lt;span class="lnt">12
&lt;/span>&lt;span class="lnt">13
&lt;/span>&lt;span class="lnt">14
&lt;/span>&lt;span class="lnt">15
&lt;/span>&lt;span class="lnt">16
&lt;/span>&lt;span class="lnt">17
&lt;/span>&lt;span class="lnt">18
&lt;/span>&lt;span class="lnt">19
&lt;/span>&lt;span class="lnt">20
&lt;/span>&lt;span class="lnt">21
&lt;/span>&lt;span class="lnt">22
&lt;/span>&lt;span class="lnt">23
&lt;/span>&lt;span class="lnt">24
&lt;/span>&lt;span class="lnt">25
&lt;/span>&lt;span class="lnt">26
&lt;/span>&lt;span class="lnt">27
&lt;/span>&lt;span class="lnt">28
&lt;/span>&lt;span class="lnt">29
&lt;/span>&lt;span class="lnt">30
&lt;/span>&lt;span class="lnt">31
&lt;/span>&lt;span class="lnt">32
&lt;/span>&lt;span class="lnt">33
&lt;/span>&lt;span class="lnt">34
&lt;/span>&lt;span class="lnt">35
&lt;/span>&lt;span class="lnt">36
&lt;/span>&lt;span class="lnt">37
&lt;/span>&lt;span class="lnt">38
&lt;/span>&lt;span class="lnt">39
&lt;/span>&lt;span class="lnt">40
&lt;/span>&lt;span class="lnt">41
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-yaml" data-lang="yaml">&lt;span class="line">&lt;span class="cl">&lt;span class="nt">name&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">Hugo Blog GitHub Pages Actions&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">&lt;/span>&lt;span class="nt">on&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">push&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">branches&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="l">main &lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="c"># Set a branch name to trigger deployment&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">pull_request&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">&lt;/span>&lt;span class="nt">jobs&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">deploy&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">runs-on&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">ubuntu-22.04&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">permissions&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">contents&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">write&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">concurrency&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">group&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">${{ github.workflow }}-${{ github.ref }}&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">steps&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">uses&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">actions/checkout@v3.5.3&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">with&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">submodules&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="kc">true&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="c"># Fetch Hugo themes (true OR recursive)&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">fetch-depth&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="m">0&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="c"># Fetch all history for .GitInfo and .Lastmod&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">name&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">Setup Hugo&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">uses&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">peaceiris/actions-hugo@v2&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">with&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">hugo-version&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="s1">&amp;#39;0.114.1&amp;#39;&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="c"># extended: true&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">name&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">Build&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">run&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">hugo --minify&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">name&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">Deploy&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">uses&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">peaceiris/actions-gh-pages@v3&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="c"># If you&amp;#39;re changing the branch from main,&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="c"># also change the `main` in `refs/heads/main`&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="c"># below accordingly.&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">if&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">github.ref == &amp;#39;refs/heads/main&amp;#39;&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">with&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">external_repository&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">name/name.github.io &lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="c"># 更改这里适配你的仓库&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">deploy_key&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">${{ secrets.xxxxxx }}&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="c">#　这里的就是上面提到的私有仓库的私钥&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">publish_branch&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">main&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">publish_dir&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">./public&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>这个文件的配置我也是参考了网上的连接，是一个github仓库，在里面会有指导怎么写yml文件，我这个文件是满足部署，可以运行的。&lt;/p>
&lt;h2 id="报错解决">报错解决&lt;/h2>
&lt;h3 id="not-submodule">Not submodule&lt;/h3>
&lt;p>在部署的时候，出现&amp;quot;Not submodule&amp;hellip;&amp;hellip;.&amp;quot;（这里的报错涉及到的是主题），这个需要在根目录中写一个名字是&lt;code>.gitmodules&lt;/code>的文件，然后将你的主题的submodule放进去就行，一般hugo的主题有一个仓库是存放了一堆submodule的，在里面更改为如下的方式就好：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 比如我的主题是 hugo-tranquilpeak-theme&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 添加如下文件到.gitmodules文件中，需要注意的是目录和双引号中的目录问题，和仓库中的有区别&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="p">[&lt;/span>&lt;span class="n">submodule&lt;/span> &lt;span class="s2">&amp;#34;themes/hugo-tranquilpeak-theme&amp;#34;&lt;/span>&lt;span class="p">]&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">path&lt;/span> &lt;span class="p">=&lt;/span> &lt;span class="n">themes&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="nb">hugo-tranquilpeak&lt;/span>&lt;span class="n">-theme&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> &lt;span class="n">url&lt;/span> &lt;span class="p">=&lt;/span> &lt;span class="n">https&lt;/span>&lt;span class="err">:&lt;/span>&lt;span class="p">//&lt;/span>&lt;span class="n">github&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="n">com&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">kakawait&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="nb">hugo-tranquilpeak&lt;/span>&lt;span class="n">-theme&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="py">git&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>或者在添加主题的时候，就将主题以子模组的形式添加到themes文件夹中：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="c"># 主题：stack&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="n">git&lt;/span> &lt;span class="n">submodule&lt;/span> &lt;span class="n">add&lt;/span> &lt;span class="n">https&lt;/span>&lt;span class="err">:&lt;/span>&lt;span class="p">//&lt;/span>&lt;span class="n">github&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="n">com&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="n">CaiJimmy&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="nb">hugo-theme&lt;/span>&lt;span class="n">-stack&lt;/span>&lt;span class="p">/&lt;/span> &lt;span class="n">themes&lt;/span>&lt;span class="p">/&lt;/span>&lt;span class="nb">hugo-theme&lt;/span>&lt;span class="n">-stack&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>如果markdown文件中出现了错误，也会导致报错，不放心的话可以在push的时候看着actions的运行状态。&lt;/p>
&lt;h3 id="图片无法显示">图片无法显示&lt;/h3>
&lt;p>设置图片的根目录，在文章首框中加入：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-fallback" data-lang="fallback">&lt;span class="line">&lt;span class="cl">typora-root-url: ./..\..\static
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"># 偏好设置：复制到相对路径
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">../../static/images/${filename}
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>或者将markdown文件命名为：&lt;code>index.md&lt;/code>，然后将图片复制到文章的项目目录下，形成如下的结构：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-markdown" data-lang="markdown">&lt;span class="line">&lt;span class="cl">├─2023
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">│ └─Hugo+GithubPages+Actions博客搭建
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>这个文章中下含有了文章&lt;code>index.md&lt;/code>和图片&lt;code>报错实例&lt;/code>，这个图片的名字是可以命名的，这样也好在本地使用。&lt;/p>
&lt;h1 id="站点修改">站点修改&lt;/h1>
&lt;h2 id="设置avatarpng">设置avatar.png&lt;/h2>
&lt;p>在根目录中的&lt;code>assets&lt;/code>文件夹中新建&lt;code>img&lt;/code>文件夹，放入&lt;code>avatar.png&lt;/code>。&lt;/p>
&lt;h2 id="站点头像">站点头像&lt;/h2>
&lt;p>实际目录：&lt;code>/static/images/favicon.ico&lt;/code>&lt;/p>
&lt;p>设置：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-yaml" data-lang="yaml">&lt;span class="line">&lt;span class="cl">&lt;span class="nt">params&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">mainSections&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="l">post&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">featuredImageField&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">image&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">rssFullContent&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="kc">true&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">favicon&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">/images/favicon.ico &lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;h2 id="设置评论">设置评论&lt;/h2>
&lt;p>采用Disqus作为评论系统，只需要更改网站根目录中的&lt;code>config.yaml&lt;/code>文件中&lt;code>disqusShortname&lt;/code>的值即可，改为Disqus的账户名称（需要注册Disqus账户并且用邮箱激活）。&lt;/p>
&lt;p>需要在Disqus添加站点，访问：&lt;a class="link" href="https://disqus.com/profile/signup/intent/" target="_blank" rel="noopener"
>🔗&lt;/a>，选择I want to install Disqus on my site，选择免费计划，可以不配置平台，然后在配置中一路默认最后选择完成配置就行。&lt;/p>
&lt;h2 id="更换域名用户名仓库名字">更换域名、用户名、仓库名字&lt;/h2>
&lt;h3 id="域名">域名&lt;/h3>
&lt;p>更换域名需要更换cloudflare的DNS记录，nameserver还给CF的，强制https，A记录添加为185.199.10x.153（x为9-11），代理状态为仅DNS。&lt;/p>
&lt;h3 id="用户名字">用户名字&lt;/h3>
&lt;p>如果更换了仓库名字或者github用户名字、域名，需要更改配置文件（ymal中的内容，和hugo.yml external_repository:，static中的CNAME记录，这里可以用everything搜索CNAME修改）。&lt;/p>
&lt;p>一般是更改config中的内容，改为用户名+github&amp;hellip;的形式，域名需要将所有的旧域名替换成新域名，如果出现无法push的情况，可以更换密钥，添加到公开仓库的时候可以勾选上&lt;code>Allow write access&lt;/code>，可以解决128报错无法推送的问题。&lt;/p>
&lt;h3 id="报错">报错&lt;/h3>
&lt;p>如果ssh更新但是没有添加邮箱（-C），可以把私钥名字改为id_rsa重新push。&lt;/p>
&lt;h1 id="发布文章">发布文章&lt;/h1>
&lt;p>上面用的是&lt;code>index.md&lt;/code>来存放文章内容，所以写新文章的时候用：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-powershell" data-lang="powershell">&lt;span class="line">&lt;span class="cl">&lt;span class="n">hugo&lt;/span> &lt;span class="n">new&lt;/span> &lt;span class="p">.\&lt;/span>&lt;span class="n">content&lt;/span>&lt;span class="p">\&lt;/span>&lt;span class="n">post&lt;/span>&lt;span class="p">\&lt;/span>&lt;span class="mf">2023&lt;/span>&lt;span class="p">\&lt;/span>&lt;span class="err">文章标题&lt;/span>&lt;span class="p">\&lt;/span>&lt;span class="n">index&lt;/span>&lt;span class="p">.&lt;/span>&lt;span class="nb">md
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="nb">&lt;/span>&lt;span class="c"># 或者直接new post也可以&lt;/span>
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>这样图片直接复制到当前文件夹就行了。&lt;/p>
&lt;h2 id="开启katex支持">开启KaTex支持&lt;/h2>
&lt;p>通过修改根目录下的&lt;code>config.yaml&lt;/code>中的&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-yaml" data-lang="yaml">&lt;span class="line">&lt;span class="cl">&lt;span class="nt">article&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">math&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="kc">true&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>即可开启数学公式支持。&lt;/p>
&lt;h1 id="双机更新">双机更新&lt;/h1>
&lt;p>如果有两个不同系统的笔记本，比如一个Ubuntu和一个Windows，可以在两个设备上同时clone下来仓库，比如已经完成了另一个设备上的git安装，还没clone仓库到本地时候。&lt;/p>
&lt;p>首先将私钥复制到用户目录的ssh文件中，然后在相关目录中直接：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">git clone ......
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>发生更新之后，即使博客的更新只有一个人，但是仍然需要检查是不是相比仓库发生了更新，如在win上更新之后但是没有pull，但是mac端先pull 到主要分支，如果下次在win上直接pull而不比较内容，会出现覆盖mac端pull的情况，所以需要检测当前的版本是不是最新的，如果和远程仓库有区别需要先把远程仓库的更新拉到本地然后pull：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">git fetch &lt;span class="c1"># 会在不更新本地仓库的情况下获取远程仓库的更新情况&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">git diff --stat main origin/main &lt;span class="c1"># 比较本地和远程仓库内容区别,如果没有结果就是ok，如果有区别，视情况选择merge&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">git merge &lt;span class="c1"># 将远程已经更新的内容更新到本地&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="c1"># 如果merge 报错，如果确定了远程是需要拉到本地的情况，就stash&lt;/span>
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">git stash
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">git merge
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>到此就完成了两个主机上博客的更新部署，只不过需要在更新的时候先检查远程和本地的区别，然后再选择是否更新。&lt;/p>
&lt;h2 id="报错-1">报错&lt;/h2>
&lt;p>参考：&lt;a class="link" href="https://stackoverflow.com/questions/73338848/git-diff-show-nothing" target="_blank" rel="noopener"
>如果git diff无反应怎么办&lt;/a>&lt;/p>
&lt;p>merge 报错：&lt;a class="link" href="https://stackoverflow.com/questions/54746699/please-commit-your-changes-or-stash-them-before-you-merge" target="_blank" rel="noopener"
>如果merge提示报错怎么办&lt;/a>&lt;/p>
&lt;p>hugo server 出现Page not found：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-bash" data-lang="bash">&lt;span class="line">&lt;span class="cl">WARN found no layout file &lt;span class="k">for&lt;/span> &lt;span class="s2">&amp;#34;html&amp;#34;&lt;/span> &lt;span class="k">for&lt;/span> layout &lt;span class="s2">&amp;#34;archives&amp;#34;&lt;/span> &lt;span class="k">for&lt;/span> kind &lt;span class="s2">&amp;#34;page&amp;#34;&lt;/span>: You should create a template file which matches Hugo Layouts Lookup Rules &lt;span class="k">for&lt;/span> this combination.
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">WARN found no layout file &lt;span class="k">for&lt;/span> &lt;span class="s2">&amp;#34;html&amp;#34;&lt;/span> &lt;span class="k">for&lt;/span> kind &lt;span class="s2">&amp;#34;page&amp;#34;&lt;/span>: You should create a template file which matches Hugo Layouts Lookup Rules &lt;span class="k">for&lt;/span> this combination.
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">WARN found no layout file &lt;span class="k">for&lt;/span> &lt;span class="s2">&amp;#34;html&amp;#34;&lt;/span> &lt;span class="k">for&lt;/span> layout &lt;span class="s2">&amp;#34;search&amp;#34;&lt;/span> &lt;span class="k">for&lt;/span> kind &lt;span class="s2">&amp;#34;page&amp;#34;&lt;/span>: You should create a template
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div>&lt;p>这种情况就是hugo的theme文件夹中的主题问题，因为之前配置过submodule，github pull下来之后，发现主题文件夹是空的，因为之前改过主题，所以直接把主题过来了，此时在生成就是动态的网页了。&lt;/p>
&lt;h1 id="参考">参考&lt;/h1>
&lt;p>Hugo actions的指导：https://github.com/peaceiris/actions-hugo&lt;/p>
&lt;p>报错解决：https://www.youtube.com/watch?v=DMgEGpqXEM4&lt;/p>
&lt;p>主题gitmodules：https://github.com/gohugoio/hugoThemes/blob/master/.gitmodules&lt;/p>
&lt;p>标题无法从一级标题开始显示：https://huweim.github.io/post/blog_hugo_%E7%9B%AE%E5%BD%95%E7%BB%93%E6%9E%84/&lt;/p></description></item><item><title>Archives</title><link>https://expanse.rsvp/archives/</link><pubDate>Tue, 28 May 2019 00:00:00 +0000</pubDate><guid>https://expanse.rsvp/archives/</guid><description/></item><item><title>About</title><link>https://expanse.rsvp/about/</link><pubDate>Thu, 28 Feb 2019 00:00:00 +0000</pubDate><guid>https://expanse.rsvp/about/</guid><description>&lt;p>hello,I am moranmore.&lt;/p>
&lt;p>A college student.&lt;/p>
&lt;p>This blog was built on github pages, using Stack(hugo theme).&lt;/p></description></item><item><title>Links</title><link>https://expanse.rsvp/links/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://expanse.rsvp/links/</guid><description>&lt;p>这是链接的格式：&lt;/p>
&lt;div class="highlight">&lt;div class="chroma">
&lt;table class="lntable">&lt;tr>&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code>&lt;span class="lnt">1
&lt;/span>&lt;span class="lnt">2
&lt;/span>&lt;span class="lnt">3
&lt;/span>&lt;span class="lnt">4
&lt;/span>&lt;span class="lnt">5
&lt;/span>&lt;span class="lnt">6
&lt;/span>&lt;span class="lnt">7
&lt;/span>&lt;span class="lnt">8
&lt;/span>&lt;span class="lnt">9
&lt;/span>&lt;/code>&lt;/pre>&lt;/td>
&lt;td class="lntd">
&lt;pre tabindex="0" class="chroma">&lt;code class="language-yaml" data-lang="yaml">&lt;span class="line">&lt;span class="cl">&lt;span class="nt">links&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">title&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">GitHub&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">description&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">GitHub is the world&amp;#39;s largest software development platform.&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">website&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">https://github.com&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">image&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">https://github.githubassets.com/images/modules/logos_page/GitHub-Mark.png&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>- &lt;span class="nt">title&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">TypeScript&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">description&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">TypeScript is a typed superset of JavaScript that compiles to plain JavaScript.&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">website&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">https://www.typescriptlang.org&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="w"> &lt;/span>&lt;span class="nt">image&lt;/span>&lt;span class="p">:&lt;/span>&lt;span class="w"> &lt;/span>&lt;span class="l">ts-logo-128.jpg&lt;/span>&lt;span class="w">
&lt;/span>&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/td>&lt;/tr>&lt;/table>
&lt;/div>
&lt;/div></description></item><item><title>Search</title><link>https://expanse.rsvp/search/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://expanse.rsvp/search/</guid><description/></item></channel></rss>