JinYazhou +


微信支付商户,最近暴露的XML外部实体注入漏洞(XML External Entity Injection,简称 XXE),该安全问题是由XML组件默认没有禁用外部实体引用导致,非微信支付系统存在漏洞。


准备工作 1、一部已经root的手机; 2、在此手机下载并安装微信6.6.1版本; 3、安装root explorer; 4、运行小程序,并进入/data/data/com.tencent.mm/MicroMsg/xxx/appbrand/pkg/xx.wxapkg,拿不准可以用root explorer全部打包,打包后移动到手机内存卡可以读取的路径,或者用手机管理软件保存到电脑。

Raw SQL Query without DbSet - .net core

With Entity Framework Core removing dbData.Database.SqlQuery<SomeModel> I can not find a solution to build a raw SQL Query for my full-text search query that will return the tables data and also the rank.

How to close Quote using WebApi

Before: "{\"errcode\":40029,\"errmsg\":\"invalid code, hints: [ req_id: 1AMtoA0486th36 ]\"}" After: {"errcode":40029,"errmsg":"invalid code, hints: [ req_id: 5g8ILa0612th24 ]"}



adb devices offline 解决方法

adb devices命令,USB调试一直开着,驱动也正常安装,设备可以被发现,但一直是offline。 网上的方法: adb kill-server adb start-server

Dude, Where's My DLL Config?

I write a lot of reusable components. Most recently, I created an assembly to handle notifications in various projects. For this assembly, I needed various configuration options, such as an SMTP server address. For configuration in .NET projects, we turn to App.config files, and in ASP.NET projects, we have the Web.config. In the case of a DLL however, it isn’t really advised to create/use an App.config file. On Stack Overflow, Chris Ammerman goes into great detail on the topic. But, hey, what if you want to use one anyway?


npm install -g cnpm --registry=https://registry.npm.taobao.org(npm镜像源指向淘宝) cnpm install -g cordova ionic(安装cordova ionic) cnpm update -g cordova ionic(更新cordova ionic) ionic -help(查看帮助)


A problem occurred configuring project 'android'. > You have not accepted the license agreements of the following SDK components: [Android SDK Platform 25].