{"id":250,"date":"2023-04-17T11:14:34","date_gmt":"2023-04-17T03:14:34","guid":{"rendered":"https:\/\/blog.byzhb.top\/?p=250"},"modified":"2023-04-30T11:53:19","modified_gmt":"2023-04-30T03:53:19","slug":"linubcz","status":"publish","type":"post","link":"https:\/\/blog.byzhb.top\/index.php\/2023\/04\/17\/linubcz\/","title":{"rendered":"Linux \u53d8\u91cf\u64cd\u4f5c\u7b26\u201c${}\u201c"},"content":{"rendered":"<div id=\"article_content\" class=\"article_content clearfix\">\n<h1 id=\"%E4%B8%80%E3%80%81%E4%BB%80%E4%B9%88%E6%98%AF%22%24%7B%7D%22%20%EF%BC%9A\"><a name=\"t0\"><\/a>\u4e00\u3001\u4ec0\u4e48\u662f\"${}\" \uff1a<\/h1>\n<p>\"${}\"\u662f\u5bf9\u53d8\u91cf\u8fdb\u884c\u5904\u7406\u7684\u4e00\u4e2a\u51fd\u6570\uff0c\u5b83\u53ef\u4ee5\u5bf9\u53d8\u91cf\u503c\u8fdb\u884c\u53d6\u957f\u5ea6\uff0c\u622a\u53d6\uff0c\u66ff\u6362\u7b49\u64cd\u4f5c<\/p>\n<h1 id=\"%E4%BA%8C%E3%80%81%E5%85%B7%E4%BD%93%E7%94%A8%E6%B3%95%EF%BC%9A\"><a name=\"t1\"><\/a>\u4e8c\u3001\u5177\u4f53\u7528\u6cd5\uff1a<\/h1>\n<p>\u6211\u4eec\u7528\u6765\u5b9e\u9a8c\u7684\u53d8\u91cf\u4e3a\u73af\u5883\u53d8\u91cf$PATH<\/p>\n<p>$PATH \u5185\u5bb9\u5982\u4e0b<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-1.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"1901\" height=\"125\" class=\"alignnone wp-image-253 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-1.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 1901px) 100vw, 1901px\" \/><\/div><\/p>\n<h2 id=\"%C2%A01%E3%80%81%E5%8F%96%E9%95%BF%E5%BA%A6%EF%BC%9A\"><a name=\"t2\"><\/a>\u00a01\u3001\u53d6\u957f\u5ea6\uff1a<\/h2>\n<p><strong>\u547d\u4ee4 :<\/strong><\/p>\n<pre class=\"code\">echo ${#PATH}<\/pre>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-2.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"495\" height=\"117\" class=\"alignnone wp-image-254 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-2.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 495px) 100vw, 495px\" \/><\/div><\/p>\n<p>\u6211\u4eec\u53ef\u4ee5\u770b\u5230$PATH\u53d8\u91cf\u7684\u957f\u5ea6\u4e3a 142<\/p>\n<h2 id=\"2%E3%80%81%E6%88%AA%E5%8F%96%E5%AD%97%E7%AC%A6%E4%B8%B2\"><a name=\"t3\"><\/a>2\u3001\u622a\u53d6\u5b57\u7b26\u4e32<\/h2>\n<p>\u683c\u5f0f\u4e3a\uff1a<\/p>\n<pre class=\"code\">${PATH:start:length}<\/pre>\n<blockquote>\n<ul>\n<li>\u5b57\u7b26\u4e32\u9996\u4f4d\u7f6e\u4e3a0<\/li>\n<li>start\u53c2\u6570\u53ef\u4e0d\u52a0\uff0c\u9ed8\u8ba4\u4e3a0<\/li>\n<li>\u53ef\u5728 start \u53c2\u6570\u524d\u52a0 ' ~ ' \u7b26\u53f7\uff0c\u610f\u4e3a\u4ece\u672b\u5c3e\u5f00\u59cb<\/li>\n<\/ul>\n<\/blockquote>\n<h3 id=\"%E7%A4%BA%E4%BE%8B%E4%B8%80%EF%BC%9A\"><a name=\"t4\"><\/a>\u793a\u4f8b\u4e00\uff1a<\/h3>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u547d\u4ee4 \uff1a<br \/>\n<\/strong><\/p>\n<div class=\"hljs-ln-code\">\n<div class=\"hljs-ln-line\">\n<pre class=\"code\"><span class=\"hljs-built_in\">echo<\/span> <span class=\"hljs-variable\">${PATH:0:1}<\/span><\/pre>\n<\/div>\n<\/div>\n<div class=\"hljs-ln-numbers\">\n<div class=\"hljs-ln-line\">\u4ece\u7b2c0\u4f4d\u5f00\u59cb\uff0c\u622a\u53d6\u4e00\u4e2a\u5b57\u7b26<\/div>\n<\/div>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u7ed3\u679c\uff1a<\/strong><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-3.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"431\" height=\"104\" class=\"alignnone wp-image-255 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-3.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 431px) 100vw, 431px\" \/><\/div><\/p>\n<h3 id=\"%E5%AE%9E%E4%BE%8B%E4%BA%8C%EF%BC%9A\"><a name=\"t5\"><\/a>\u5b9e\u4f8b\u4e8c\uff1a<\/h3>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u547d\u4ee4 :<\/strong><\/p>\n<div class=\"hljs-ln-code\">\n<div class=\"hljs-ln-line\">\n<pre class=\"code\"><span class=\"hljs-built_in\">echo<\/span> <span class=\"hljs-variable\">${PATH::1}<\/span><\/pre>\n<\/div>\n<\/div>\n<div class=\"hljs-ln-numbers\">\n<div class=\"hljs-ln-line\">\u8fd9\u6b21\u6ca1\u52a0start\u53c2\u6570\uff0c\u9ed8\u8ba4\u4ece0\u4f4d\u5f00\u59cb<\/div>\n<\/div>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0 \u7ed3\u679c\uff1a<\/strong><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-4.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"516\" height=\"108\" class=\"alignnone wp-image-256 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-4.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 516px) 100vw, 516px\" \/><\/div><\/p>\n<h3 id=\"%C2%A0%E5%AE%9E%E4%BE%8B%E4%B8%89%EF%BC%9A\"><a name=\"t6\"><\/a>\u00a0\u5b9e\u4f8b\u4e09\uff1a<\/h3>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u547d\u4ee4 :<\/strong><\/p>\n<div class=\"hljs-ln-numbers\">\n<div class=\"hljs-ln-line hljs-ln-n\" data-line-number=\"1\">\n<pre class=\"code\"> echo ${PATH: ~0:1}\r\n\u00a0\r\n\u4ece\u5bfc\u6570\u7b2c0\u4f4d\u8fd4\u56de1\u4e2a\u5b57\u7b26<\/pre>\n<\/div>\n<\/div>\n<div>\n<div>\n<pre><strong>\u00a0\u00a0\u7ed3\u679c\uff1a<\/strong><\/pre>\n<\/div>\n<\/div>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-5.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"476\" height=\"124\" class=\"alignnone wp-image-257 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-5.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 476px) 100vw, 476px\" \/><\/div><\/p>\n<h1 id=\"%C2%A0%E4%B8%89%E3%80%81%E6%9B%BF%E6%8D%A2%E5%AD%97%E7%AC%A6\"><a name=\"t7\"><\/a>\u00a0\u4e09\u3001\u66ff\u6362\u5b57\u7b26<\/h1>\n<h2 id=\"%E5%8D%95%E6%9B%BF%E6%8D%A2%EF%BC%9A\"><a name=\"t8\"><\/a>\u5355\u66ff\u6362\uff1a<\/h2>\n<div>\n<div>\n<pre class=\"code\">${file\/a\/b}\r\n\u5c06\u5b57\u7b26\u4e32\u4e2d\u7b2c\u4e00\u4e2aa\u66ff\u6362\u4e3ab<\/pre>\n<\/div>\n<\/div>\n<h3 id=\"%C2%A0%E7%A4%BA%E4%BE%8B%EF%BC%9A\"><a name=\"t9\"><\/a>\u00a0\u793a\u4f8b\uff1a<\/h3>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u547d\u4ee4 :<\/strong><\/p>\n<pre class=\"code\"><code class=\"language-bash hljs\"><span class=\"hljs-built_in\">echo<\/span> <span class=\"hljs-variable\">${PATH\/usr\/root}<\/span>\r\n<\/code><\/pre>\n<p><strong>\u00a0\u00a0\u00a0 \u7ed3\u679c\uff1a<\/strong><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-6.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"1635\" height=\"100\" class=\"alignnone wp-image-258 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-6.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 1635px) 100vw, 1635px\" \/><\/div><\/p>\n<p>\u6211\u4eec\u53ef\u4ee5\u770b\u5230\u7b2c\u4e00\u4e2a\"usr\"\u53d8\u4e3a\u4e86\"root\"<\/p>\n<h2 id=\"%E5%85%A8%E6%9B%BF%E6%8D%A2%EF%BC%9A\"><a name=\"t10\"><\/a>\u5168\u66ff\u6362\uff1a<\/h2>\n<pre class=\"code\">${file\/\/a\/b}\r\n\u5c06\u5b57\u7b26\u4e32\u6240\u6709\u7684a\u66ff\u6362\u4e3ab<\/pre>\n<h3 id=\"%C2%A0%E7%A4%BA%E4%BE%8B%EF%BC%9A%C2%A0\"><a name=\"t11\"><\/a>\u00a0\u793a\u4f8b\uff1a<\/h3>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u547d\u4ee4 :<\/strong><\/p>\n<pre class=\"code\">echo ${PATH\/\/usr\/root}<\/pre>\n<p><strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u7ed3\u679c\uff1a<\/strong><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-7.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  loading=\"lazy\" decoding=\"async\" width=\"1635\" height=\"112\" class=\"alignnone wp-image-259 size-full\" data-original=\"https:\/\/blog.byzhb.top\/wp-content\/uploads\/2023\/04\/Pasted-7.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\"  sizes=\"auto, (max-width: 1635px) 100vw, 1635px\" \/><\/div><\/p>\n<p>\u6211\u4eec\u53ef\u4ee5\u770b\u5230\u5b57\u7b26\u4e32\u4e2d\u6240\u6709\u7684\"usr\"\u53d8\u4e3a\u4e86\"root\"<\/p>\n<h1 id=\"%E5%9B%9B%EF%BC%9A%E6%89%A9%E5%B1%95%E5%88%A9%E7%94%A8\"><a name=\"t12\"><\/a>\u56db\uff1a\u6269\u5c55\u5229\u7528<\/h1>\n<p>\u8be5\u51fd\u6570\u53ef\u7528\u4e8e<span style=\"color: #fe2c24;\"><strong>RCE\u6f0f\u6d1e<\/strong><\/span>\u4e2d\u62fc\u63a5\u6307\u4ee4\u4f7f\u7528\uff0c\u5177\u4f53\u65b9\u6cd5\u6211\u4f1a\u5728\u4e0b\u4e00\u7bc7\u6587\u7ae0\u8bb2\u5230<\/p>\n<div data-report-view=\"{&quot;mod&quot;:&quot;1585297308_001&quot;,&quot;spm&quot;:&quot;1001.2101.3001.6548&quot;,&quot;dest&quot;:&quot;https:\/\/blog.csdn.net\/Elite__zhb\/article\/details\/130207786&quot;,&quot;extend1&quot;:&quot;pc&quot;,&quot;ab&quot;:&quot;new&quot;}\">\n<div><\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;${}&#8221;\u662f\u5bf9\u53d8\u91cf\u8fdb\u884c\u5904\u7406\u7684\u4e00\u4e2a\u51fd\u6570\uff0c\u5b83\u53ef\u4ee5\u5bf9\u53d8\u91cf\u503c\u8fdb\u884c\u53d6\u957f\u5ea6\uff0c\u622a\u53d6\uff0c\u66ff\u6362\u7b49\u64cd\u4f5c\uff0c\u4e5f\u53ef\u7528\u4e8eRCE\u6f0f\u6d1e\u62fc\u63a5\u7ed5\u8fc7<\/p>\n","protected":false},"author":1,"featured_media":266,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,11,22],"tags":[15,24,26],"class_list":["post-250","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ctf","category-nw","category-webs","tag-ctf","tag-linux","tag-web"],"_links":{"self":[{"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/posts\/250","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/comments?post=250"}],"version-history":[{"count":6,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/posts\/250\/revisions"}],"predecessor-version":[{"id":272,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/posts\/250\/revisions\/272"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/media\/266"}],"wp:attachment":[{"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/media?parent=250"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/categories?post=250"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.byzhb.top\/index.php\/wp-json\/wp\/v2\/tags?post=250"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}