From a100b6794e9cfd0aa732ce372476a7131a76c197 Mon Sep 17 00:00:00 2001 From: JamesFlare1212 Date: Wed, 17 Apr 2024 14:29:44 -0400 Subject: [PATCH] fix estimated read time --- config/_default/hugo.toml | 12 ++++++------ .../posts/wordpress/cc-attack-on-index-php/index.md | 4 ++++ .../posts/wordpress/cc-attack-on-index-php/index.md | 4 ++++ layouts/posts/single.html | 4 ++-- 4 files changed, 16 insertions(+), 8 deletions(-) diff --git a/config/_default/hugo.toml b/config/_default/hugo.toml index 0d4d9c9..9f5ffef 100644 --- a/config/_default/hugo.toml +++ b/config/_default/hugo.toml @@ -574,7 +574,7 @@ defaultContentLanguageInSubdir = true twemoji = false # whether to enable lightgallery # FixIt 0.2.18 | CHANGED if set to "force", images in the content will be forced to shown as the gallery. - lightgallery = false + lightgallery = true # whether to enable the ruby extended syntax ruby = true # whether to enable the fraction extended syntax @@ -586,9 +586,9 @@ defaultContentLanguageInSubdir = true # whether to show link to Raw Markdown content of the post linkToMarkdown = true # FixIt 0.3.0 | NEW whether to show link to view source code of the post - linkToSource = true + linkToSource = false # FixIt 0.3.0 | NEW whether to show link to edit the post - linkToEdit = true + linkToEdit = false # FixIt 0.3.0 | NEW whether to show link to report issue for the post linkToReport = true # whether to show the full text content in RSS @@ -605,7 +605,7 @@ defaultContentLanguageInSubdir = true # FixIt 0.2.17 | NEW end of post flag endFlag = "" # FixIt 0.2.18 | NEW whether to enable instant.page - instantPage = false + instantPage = true # FixIt 0.3.0 | NEW whether to enable collection list at the sidebar collectionList = true # FixIt 0.3.0 | NEW whether to enable collection navigation at the end of the post @@ -627,7 +627,7 @@ defaultContentLanguageInSubdir = true position = "right" # FixIt 0.2.13 | NEW Display a message at the beginning of an article to warn the reader that its content might be expired [params.page.expirationReminder] - enable = false + enable = true # Display the reminder if the last modified time is more than 90 days ago reminder = 90 # Display warning if the last modified time is more than 180 days ago @@ -667,7 +667,7 @@ defaultContentLanguageInSubdir = true # whether to show the copy button of the code block copy = true # FixIt 0.2.13 | NEW whether to show the edit button of the code block - edit = true + edit = false # the maximum number of lines of displayed code by default maxShownLines = 10 # Mapbox GL JS config (https://docs.mapbox.com/mapbox-gl-js) diff --git a/content/en/posts/wordpress/cc-attack-on-index-php/index.md b/content/en/posts/wordpress/cc-attack-on-index-php/index.md index d962bba..f14081b 100644 --- a/content/en/posts/wordpress/cc-attack-on-index-php/index.md +++ b/content/en/posts/wordpress/cc-attack-on-index-php/index.md @@ -181,6 +181,10 @@ Okay, let me give you another bad idea. Since we don't need a very large request We can use this modified Selenium Chromedriver to bypass CloudFlare's verification code, UA, browser fingerprint, and other detection methods. +Or even more advanced, without webdriver, without selenium, it's even harder to detect. + +[![undetected_chromedriver Git Card](https://github-readme-stats.jamesflare.com/api/pin/?username=ultrafunkamsterdam&repo=nodriver&theme=github_dark_dimmed&show_owner=false)](https://github.com/ultrafunkamsterdam/nodriver) + Then find a more dynamic point, such as entering random content in the search box to search. Coupled with our IPv6 human wave tactics, just a few dozen RPS can lead to a performance crisis for them. So many Selenium Chromedrivers may indeed consume some performance, but it's not very difficult to run on your own laptop. But from the Blue Team's perspective, it's a headache. They will see an extremely normal scene, with different IP addresses having a user accessing only once every half hour, an hour, or even a few hours. Or some IP addresses may not even access a second time. Will you wonder if your website has gone viral somewhere, rather than being attacked? ## Summary diff --git a/content/zh-cn/posts/wordpress/cc-attack-on-index-php/index.md b/content/zh-cn/posts/wordpress/cc-attack-on-index-php/index.md index 8d87fa4..99f8cd2 100644 --- a/content/zh-cn/posts/wordpress/cc-attack-on-index-php/index.md +++ b/content/zh-cn/posts/wordpress/cc-attack-on-index-php/index.md @@ -181,6 +181,10 @@ flowchart TD 我们可以用这个改进的Selenium Chromedriver绕过CloudFlare的验证码,UA,浏览器指纹等检测方式。 +或者更先进一点的,没有webdriver,也没有selenium,更加难以检测。 + +[![undetected_chromedriver Git Card](https://github-readme-stats.jamesflare.com/api/pin/?username=ultrafunkamsterdam&repo=nodriver&theme=github_dark_dimmed&show_owner=false)](https://github.com/ultrafunkamsterdam/nodriver) + 然后找一个动态点,比如去搜索框输入随机内容搜索。再配合我们的IPv6人海战术,只需要几十rqs就可以导致它的性能危机。这么多Selenium Chromedriver可能确实会有些消耗性能,但是在自己笔记本上运行也不是很有难度。但是在Blue Team看来就头大了。他们会看见无比正常的一幕,不同的IP地址有一个用户每半个小时,一个小时甚至几个小时才访问一次。或者有一些IP地址的用户甚至不会访问第二次,你会不会疑惑自己的网站是不是发到哪里火了,而不是被攻击了。 ## 总结 diff --git a/layouts/posts/single.html b/layouts/posts/single.html index 833e3bc..35fccf6 100644 --- a/layouts/posts/single.html +++ b/layouts/posts/single.html @@ -4,7 +4,7 @@ {{- end -}} {{- define "content" -}} - {{- $params := .Scratch.Get "params" -}} + {{- $params := partial "function/params.html" -}} {{- $toc := .Scratch.Get "toc" -}} {{- $tocEmpty := eq .TableOfContents `` -}} @@ -84,8 +84,8 @@