[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYvDQCh4SQltUs8Jp8Z30HQ8usaPtDoIWTFUoXfsSzhk":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":19,"related":20,"source":31,"type":32},[],"2025-06-16 18:56:41",201852443,[8,9,10,11],"双扩展名(.php.jpg)",".htaccess文件覆盖","大小写变异(.PhP)","添加BOM头",{"count":13,"courseId":14,"courseImg":15,"courseName":16,"workId":17,"workName":18},28,"cdf0dc819667de8f79b0446765ab6080","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F31fffd9b1ab8ed93a1abd0aec5eb6142.jpg","计算机网络安全技术","work_42999372","20250421web网站渗透测试技术","文件上传绕过黑名单检测的最佳方法是",[21,33,43,52,61,71,81,90,93,102],{"answer":22,"createTime":23,"id":24,"options":25,"question":30,"source":31,"type":32},[],"2025-06-16 18:56:37",201852322,[26,27,28,29],"服务器IP地址","网站管理员姓名","使用的CMS类型及版本","公司注册资金","在进行黑盒测试时,最应该优先收集的信息是","v1",0,{"answer":34,"createTime":35,"id":36,"options":37,"question":42,"source":31,"type":32},[],"2025-06-16 18:56:38",201852333,[38,39,40,41],"下载全部源代码","查找数据库密码","检查.git\u002Flogs\u002Frefs","直接删除该目录","发现网站存在.git目录泄露时,最有效的利用方式是",{"answer":44,"createTime":35,"id":45,"options":46,"question":51,"source":31,"type":32},[],201852347,[47,48,49,50],"查看HTTP响应头","发送恶意负载观察拦截页面","扫描所有端口","检查robots.txt","识别网站使用的WAF时,最可靠的方法是",{"answer":53,"createTime":35,"id":54,"options":55,"question":60,"source":31,"type":32},[],201852377,[56,57,58,59],"使用双引号","编码为十六进制","添加注释\u002F* *\u002F","使用反引号","遇到以下过滤时,哪种方法最适合绕过:$id = str_replace(&quot;'&quot;, &quot;&quot;, $_GET['id'])",{"answer":62,"createTime":63,"id":64,"options":65,"question":70,"source":31,"type":32},[],"2025-06-16 18:56:39",201852399,[66,67,68,69],"HTTP状态码变化","响应内容差异","响应时间延迟","返回包大小不同","时间盲注中,判断条件为真的典型特征是",{"answer":72,"createTime":73,"id":74,"options":75,"question":80,"source":31,"type":32},[],"2025-06-16 18:56:40",201852408,[76,77,78,79],"--level","--risk","--second-order","--forms","使用sqlmap进行二阶注入检测时,关键参数是",{"answer":82,"createTime":73,"id":83,"options":84,"question":89,"source":31,"type":32},[],201852417,[85,86,87,88],"payload长度限制","是否需要用户交互","是否持久化存储","能否绕过CSP","存储型XSS与反射型XSS的根本区别在于",{"answer":91,"createTime":5,"id":6,"options":92,"question":19,"source":31,"type":32},[],[8,9,10,11],{"answer":94,"createTime":5,"id":95,"options":96,"question":101,"source":31,"type":32},[],201852445,[97,98,99,100],"数据库连接池配置","Servlet映射路径","Filter类名","错误页面配置","发现Java网站存在\u002FWEB-INF\u002Fweb.xml泄露时,最应该关注",{"answer":103,"createTime":5,"id":104,"options":105,"question":110,"source":31,"type":32},[],201852457,[106,107,108,109],"加密算法缺陷","身份验证缺失","权限校验不充分","输入过滤不足","越权漏洞的本质是"]