diff --git a/articles/cross-auth-test-for-yakit.md b/articles/cross-auth-test-for-yakit.md index 3f2873f64..340c4ae0b 100644 --- a/articles/cross-auth-test-for-yakit.md +++ b/articles/cross-auth-test-for-yakit.md @@ -1,147 +1,169 @@ -# 玩越权测试插件?我来助你 -原创 intSheep Yak Project 2024-08-30 17:31 - -![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) -![](/articles/wechat2md-a4f2bfae3f0ef062eb864a5cf570c1a8.other) -[](http://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247520865&idx=1&sn=b56361be1d147e02733410b9be1a75b9&chksm=c2d1eec5f5a667d3f65a78c0837685809c036e8d55f7a5add58c177f2d6a57de949dd416fb86&scene=21#wechat_redirect) - -![](/articles/wechat2md-7709f2e0b02ccd8287c1260685352f0f.png) - -在MITM交互劫持页面的交互插件,便能够找到我们的多认证综合越权测试插件。 - -![](/articles/wechat2md-e87cc15527860ebb0e8715d50e7a4e3e.png) - -目前多认证综合越权测试能够支持基于Cookie与Header Auth认证两种模式。 - -![](/articles/wechat2md-d63d1afa3a4fcd0aa8c32791bb08d61b.png) - -![](/articles/wechat2md-c25965cb24b83218ea0f395a42da2566.png) - -这里使用Vulinbox靶场中的逻辑场景进行插件测试。 - -![](/articles/wechat2md-168c6ca4dcfd3ad96a6483b28a430700.png) - - -首先注册两个用户,用户名分别为**test1**和**test2**,接着登录**test1**的账号,获取其**cookie**为  +# "Yaker,你可以全局配置插件环境变量!" +原创 Yak Yak Project 2024-11-28 17:30 + +![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) + +周 +四周四, +Vme50(bushi + +大家好,这里是疯狂超级牛(功能上新版) + +![](/articles/wechat2md-be056115ce4cad5a943f713126836d75.png) + +经常有用户问 + +“牛牛如何为不同插件配置相同的变量值呢?” + +“能有一个一波搞定插件变量的方式就好了” + +超级牛听到了广大用户的声音,默默地拿起了鞭子,走向开发团队... + +于是! +**插件全局变量配置功能** +,上新! + +那么如何具体使用此功能来配置插件的环境变量呢? + +请看VCR⬇️ + +![](/articles/wechat2md-f449c4ddfa6b3c48c868fc5c880bb625.jpeg) + +![](/articles/wechat2md-aff5859e2a52e9f6b3cdb79577b4490b.png) + +![](/articles/wechat2md-4716e77f643320a73d13ca6cfbc8e1bd.png) + +我们的设计中,使用cli的选项作为环境变量的获取接口。一个简单的例子如下 ``` -_cookie:11e0bdd7-c1e2-4fcd-82a6-7a341d5dc54e -br +// setPluginEnv 是一个选项函数,设置参数从插件环境中取值 +key = cli.String("key", cli.setPluginEnv("api-key")) ``` - -![](/articles/wechat2md-e1b93721379a19ecf0ef753fb32faa28.png) - -接着将cookie配置进多认证综合越权测试插件,并启动插件: - -![](/articles/wechat2md-a0fde05fa4a20c9572ac72ee675bcb7c.png) - - -接着在 **不退出test1** 的情况下,使用 **test2** 账号进行登录,从MITM流量中的 **插件** 是可以看到经过修改的数据包的。如下图,一共有两条数据,第一条为 **_cookie** 被移除了,做了一个未授权访问的检测,发现不存在未授权访问。而第二条的 **_cookie** 使用的是 **test1** 的,并且其返回包的内容与使用 **test2** 的 **_cookie** 一模一样,因此我们认为其存在水平越权漏洞,并且将该条报文设置成 **红色** ,以便其更加显眼。 - -![](/articles/wechat2md-a9287ed0266b72f356d3d5940f3fb9d5.png) - -这里只有两条被修改过cookie的报文,那么我们要看原报文如何查看呢? -很简单,只要点击MITM便可以了。 - -![](/articles/wechat2md-6000b3f7d7f5580a7cefc0647e10e0b7.png) - - -![](/articles/wechat2md-397689b9ae494d9a5de8c9e0c20b07f9.png) - -怎么样?该插件相比之前的交互式插件是不是更"酷"了呢?以上,我们实现了数据包的**染色**以及**tag**的添加,以便能够一眼看到哪些报文存在越权漏洞。事实上,对数据包添加tag与染色并不是什么魔法,它只是"简单地"加了一串yaklang的代码,便能够有如此之奇效。所以,在你编写自己的插件的时候,完完全全可以应用这些功能,让你的插件更加的酷炫,更加具有表现力。 - -为了进一步了解其相关原理,我们可以将鼠标悬浮于"多认证越权测试插件"上,查看其代码的实现。其染色与加tag主要逻辑在下方的handleReq中: + +获取插件环境变量和使用普通cli参数基本一致,只需要在选项里设置 cli.setPluginEnv("api-key")即可,其中传入的是环境变量的key值。 + +需要说明的是一旦设置这个选项,Yakit将不再提供输入,其数据必定来自于插件环境变量。 + +![](/articles/wechat2md-b8b16137585d937c62e015ba908cdcbd.png) + +可以看到上述demo中为cli参数 env设置 setPluginEnv之后,参数预览处就没有对应的输入框了。 + +![](/articles/wechat2md-1a801c50533ae96fb847ce0684387123.png) +# + +插件环境变量可以在两处配置 插件商店页面的配置页 和 单个插件的配置页 + +![](/articles/wechat2md-c3d38c9c921bb07ae8e56fd9dc9044c6.png) + +这两处的配置有一些细节的不同。 + +![](/articles/wechat2md-7a5f49a132d2c96ea9ec5802ac063f84.png) +## + +![](/articles/wechat2md-ebe23df29491b7cec345f26b5f5e29d3.png) + +这里的配置页面拥有 +完整的对环境变量的增删改查能力。可以新建环境变量,即使没有插件使用。 + +![](/articles/wechat2md-8f1aaea01d4fa3ca6da42ff5dc2a7c07.png) + +需要说明的是变量是 +**可以支持空值**的, +**这与没有环境变量并不等价。** + +![](/articles/wechat2md-cd2cc4afc7fd915eafc2b6c3cea555a4.png) +## + +这部分的配置是为了方便使用做出的针对单个插件的简单版配置 + +![](/articles/wechat2md-61644b57d884342a3156ba198a13a62d.png) + +它只对本插件代码中使用的环境变量进行了展示,只提供对应的修改功能。 + +这里是对代码进行了解析处理,如果有代码中需要使用的环境变量没有被配置的话,会在此处提示用户。 + +![](/articles/wechat2md-a93f331e03d4781d13aa42728374e991.png) + +点击配置即可在此处快捷配置环境变量 +> 需要注意的时候环境变量的影响范围是全局,这里修改之后,所有的使用对应环境变量的地方都会受到影响。 + + +![](/articles/wechat2md-f933d85b578090be8ecbd16adea56dcd.png) +# + +有了插件环境变量之后,一些情况可以有更好的解决方案。比如为简单改动插件 就可以为其添加特定的校验头。 + +这里使用简单的内置插件——HTTP请求走私为例 ``` - handleReq = (reqBytes, newValue) => { - poc.HTTP( - reqBytes, - poc.https(https), - poc.saveHandler(response => { - tag= "" - if len(enableResponseKeywordList) > 0 { - - if respMatch(response.RawPacket,enableResponseKeywordList...){ - tag = "响应内容标志值匹配" - response.Red() - }else { - tag = "响应内容标志值消失" - response.Green() - } - }else{ - sim := str.CalcSimilarity(baseResponse, response.RawPacket) - if sim > 0.95 { - response.Red() - } elif sim <= 0.4 { - response.Green() - } else { - response.Grey() - } - showSim = "%.2f" % (sim * 100.0) - tag = f"相似:${showSim}% " - } - if newValue == "" { - tag = f"${tag} 移除 ${isCookieMode? f`Cookie[${key}]`:f`Header[${key}]`}" - }else{ - tag = f"${tag} 值: ${newValue}" - } - response.AddTag(tag) - }), - ) - } +buildSmugglePacket = (host, newPacket) => { +... +} +mirrorNewWebsite = func(isHttps /*bool*/, url /*string*/, req /*[]byte*/, rsp /*[]byte*/, body /*[]byte*/) { + ... + payload = buildSmugglePacket(host, req) + println(payload) + ... + rsp, _ = poc.HTTPEx(payload, poc.https(isHttps), poc.noFixContentLength(true))~ + ... +} ``` - -可以看到,当http数据包要被保存的时候,会调用**saveHandler**进行相关处理(函数的相关作用可以在yakRunner代码提示中进行查看)。 -具体逻辑为,如果返回包匹配到了我们手动设置的相关字段,那么就使用**response.Red()**让该数据染成红色,否则就是绿色。 -而如果没有手动设置关键字的话,那么就使用**str.CalcSimilarity**文本相似性算法,计算新的返回包与原来返回包直接的相似性,如果精度达到0.95以上的话就设置为红色。最后使用**response.AddTag(tag)** 进行tag的添加。 - -![](/articles/wechat2md-deec0737b462cea36b947e8d29314aad.png) -与多认证综合越权测试插件一起上架的还有修改 HTTP 请求 Cookie与修改 HTTP 请求 Header两款交互性插件,因为两款插件大差不差。这里以修改 HTTP 请求 Cookie做介绍。 - -以下是该交互性插件所需要添加的参数,分别为cookie的key和value。同时还有一个前提URL条件,如果填了前提URL条件,那么就只会改相关URL的cookie。修改cookie的行为本质是调用**poc.ReplaceHTTPPacketCookie**函数的,因此如果请求包中存在该cookie就会进行修改,不存在的话就会添加这个cookie。 - -![](/articles/wechat2md-6fab4a3b31bfa0ba64855915eebe2d4b.png) - -在这里,我们以访问百度为例,配置内容如下: - -![](/articles/wechat2md-d2afd0627d4b19c0c67d4eb2495355cc.png) - -启动后,可以发现与百度相关cookie都会被修改了: - -![](/articles/wechat2md-72e6ad634da34a06160b5d282dd98116.png) -> 这里值得注意的是,如果取消选中交互插件,那么页面会默认显示MITM的流量,需要点击插件最右边的按钮才能查看相关插件的流量。 - - -![](/articles/wechat2md-2e221840dfad326b136f71cdf7427fb9.png) - -![](/articles/wechat2md-178404567bd5369ce0ce41ff7c7dbf21.png) -官网新上线的这几个交互插件,可以更为方便进行渗透测试。其中多认证越权测试能够对存在的越权漏洞的数据包打上颜色与标签,可以说表现力比以往更上一层次。在了解其相关原理以后,也推荐师傅们可以开发出类似酷炫的插件! - - - -**END** - - - - **YAK官方资源** - - + +假设现在进行渗透测试的一批目标中,分别添加特定的头 TestHeader,不同的测试目标的校验值不一样。 + +那么这个时候就可以通过环境变量进行一次通用改造。 +``` +header = cli.String("header",cli.setPluginEnv("testheader")) +cli.check() + +buildSmugglePacket = (host, newPacket) => { +... +} + +mirrorNewWebsite = func(isHttps /*bool*/, url /*string*/, req /*[]byte*/, rsp /*[]byte*/, body /*[]byte*/) { + ... + payload = buildSmugglePacket(host, req) + println(payload) + ... + originResponse, req = poc.HTTP(standardPacket.Replace("REPLACEME_HOST", host), poc.https(isHttps),poc.replaceHeader("TestHeader", header))~ + ... +} +``` + +改造之后此参数会在插件发送测试数据包的时候添加特定的请求头值,如需改动请求头值只需,修改环境变量配置即可,无需再改代码。 + +修改完毕在配置页面可以看到有未配置的变量 + +![](/articles/wechat2md-e0099c9fb757084b7c3d4bc20bcc2398.png) + +点击配置设置好环境变量之后执行插件,可以看到成功地进行请求头插入 + +![](/articles/wechat2md-20542c2fdecf06753b38084ba59526d6.png) + +如果需要更换测试目标,只需要在配置页面替换即可。 + +当然,这只是一个例子用来帮助社区用户快速了解插件环境变量的用途。 + +实际工作中可以改造热加载插件,使用hijack系列的hook,达到”一处修改,全局生效“的效果,用户可以自行探索。 + + + +**END** + + +**YAK官方资源** + + Yak 语言官方教程: -https://yaklang.com/docs/intro/Yakit -视频教程: -https://space.bilibili.com/437503777Github -下载地址: -https://github.com/yaklang/yakitYakit -官网下载地址: -https://yaklang.com/Yakit -安装文档: -https://yaklang.com/products/download_and_install -Yakit使用文档: -https://yaklang.com/products/intro/ -常见问题速查: -https://yaklang.com/products/FAQ +https://yaklang.com/docs/intro/Yakit 视频教程: +https://space.bilibili.com/437503777Github下载地址: +https://github.com/yaklang/yakitYakit官网下载地址: +https://yaklang.com/Yakit安装文档: +https://yaklang.com/products/download_and_installYakit使用文档: +https://yaklang.com/products/intro/常见问题速查: +https://yaklang.com/products/FAQ + +![](/articles/wechat2md-382b711760574d429c6c8742ecfc1d9b.png) + +![](/articles/wechat2md-304b45488320344b4c7cdbd5759ee4e8.gif) + -![](/articles/wechat2md-85062b6e6c63b9d9d17d1e2a5ca2ec01.other) -长按识别添加工作人员 -开启Yakit进阶之旅 -![](/articles/wechat2md-14665f86963c7c123b43378ebc55bb0f.other) - \ No newline at end of file diff --git a/articles/mitm_hijack.md b/articles/mitm_hijack.md new file mode 100644 index 000000000..4371680b2 --- /dev/null +++ b/articles/mitm_hijack.md @@ -0,0 +1,232 @@ +# 不许动,你被劫持了! +原创 Yak Yak Project 2024-11-21 17:30 + +![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) + +**“Stop!Yak MITM Open The Door!”** + +![](/articles/wechat2md-453a18f9a64ce2de4933ccbf55b2d8d0.png) + + +![](/articles/wechat2md-3c7b63447b178dca759252db58a2f6c2.png) + +![](/articles/wechat2md-f621828bf5430c233882a6dd3f300e78.png) + +![](/articles/wechat2md-24cd8d46a35dbc5f9da4309774affe8d.png) + +**新的HTTP请求** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +对于每个进入MITM的HTTP请求,MITM服务器会启动一个**新的线程**来对其进行处理。 + +**过滤器** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +之后,流量会先进入过滤器,如下图所示: + +![](/articles/wechat2md-d43aabc6d8fb56f590ef43d0d9789eca.png) + +![](/articles/wechat2md-aa61d33bccc145da7ede228853cff3e1.png) + +**过滤器决定请求是应该被过滤(即自动放行)还是应该继续进入后续的流程。** + +对于请求来说,过滤器支持对Hostname(主机名)、URL路径、请求方法进行过滤。 + +被过滤器过滤的请求会自动放行(直接流向目的服务器/代理服务器),并返回响应,中途不会再经过绝大多数模块(Yakit劫持,内容规则)的处理。 + +**检测请求方法** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +对于没有过滤的请求,会再单独检查请求方法,对于Connnect请求方法,MITM服务器会特殊处理,而其他方法则进入到下一个模块中。 + +**内容规则** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +然后,请求会进入内容规则模块的处理,如下图所示: + +![](/articles/wechat2md-763bda0a2e16966996bc4d37c6d9c17a.png) + +![](/articles/wechat2md-29cd3584b1298b5ada48b25868ccce08.png) + +请求会经过每一个处理请求的规则(会优先经过需要替换的规则),并会对该流量进行提前的染色或者添加标签。需要特殊注意的是,**如果某个规则对请求进行了丢弃,就不会再进入后续的流程。** + +**方法:hijackRequest** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +接下来,请求会进入插件/热加载中的hijackRequest方法进行处理,**经过处理的请求可能会被丢弃(不会再进入后续的流程)**,或者被修改。 +``` +// hijackHTTPRequest 每一个新的 HTTPRequest 将会被这个 HOOK 劫持, +// 劫持后通过 forward(modified) 来把修改后的请求覆盖 +// 如果需要屏蔽该数据包,通过 drop() 来屏蔽 +hijackHTTPRequest = func(isHttps, url, req, forward /*func(modifiedRequest []byte)*/, drop /*func()*/) { +} +``` + +**Yakit前端** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +接着,请求会进入到Yakit前端,Yakit前端有三个模式,如下图所示: + +![](/articles/wechat2md-9f65f8062cae3ea1c1033691d128b4d5.png) + +除了手动劫持以外,**剩下的两个模式都会将请求自动放行(直接流向目的服务器/代理服务器)并记录在History中**。对于手动劫持的请求,用户可以手动为其添加颜色或标签,修改请求,提交数据或丢弃数据,**丢弃数据后不会再进入后续的流程。** + +**方法:beforeRequest** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +后续,请求会进入插件/热加载中的beforeRequest方法进行处理,经过处理的请求可能被修改。 +``` +// beforeRequest 允许发送数据包前再做一次处理,定义为 func(origin []byte) []byte +beforeRequest = func(req) { +} +``` + +**全局配置-禁用IP/禁用域名** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +之后,即将发出的请求还会经过系统配置 - 全局配置中的禁用IP/禁用域名,对于禁用的IP或域名,请求会被自动丢弃并且不会再进入后续的流程: + +![](/articles/wechat2md-faf116a15689a391bbda8138795acf64.png) + +![](/articles/wechat2md-b4fd2ea4f1113cc04b5b41efe587342d.png) + +**发起请求,接收响应** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +请求会被发往目的服务器/代理服务器,然后接收到对应的响应。 + +**再次进入过滤器** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +对于响应,会再次进入过滤器,对于响应来说,过滤器支持对Content-Type,文件后缀进行过滤。 + +![](/articles/wechat2md-aa61d33bccc145da7ede228853cff3e1.png) + +**过滤器决定响应是应该被过滤还是应该继续进入后续的流程。** + +对于被过滤器过滤的响应,流量不会记录到History中,中途不会再经过绝大多数模块的处理,**只会镜像到插件或热加载中mirrorHTTPFlow方法中。** + +**方法:hijackResponse/hijackResponseEX** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +请求与响应会依次进入插件/热加载中的hijackResponseEx,hijackResponse方法。经过处理的响应可能被修改或被丢弃,**被丢弃的流量不会再进入后续的流程。** +``` +// hijackHTTPResponse 每一个新的 HTTPResponse 将会被这个 HOOK 劫持,劫持后通过 forward(modified) 来把修改后的请求覆盖,如果需要屏蔽该数据包,通过 drop() 来屏蔽 +hijackHTTPResponse = func(isHttps, url, rsp, forward, drop) { +} + +hijackHTTPResponseEx = func(isHttps, url, req, rsp, forward, drop) { +} +``` +``` +``` + +**第二次:内容规则** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +响应会经过每一个处理响应的规则(会优先经过需要替换的规则)并会对该流量进行染色或者添加标签。需要特殊注意的是,**如果某个规则对响应进行了丢弃,就不会再进入后续的流程。** + +**可选:再次进入Yakit前端** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +如果首次进入Yakit前端时设置了劫持响应,那么响应会再次进入Yakit前端。Yakit前端有三个模式,除了手动劫持以外,**剩下的两个模式都会将响应自动放行(跳过此流程,继续后续流程)。**对于手动劫持的响应,用户可以手动为其添加颜色或标签,修改响应,提交数据或丢弃数据,**丢弃数据后不会再进入后续的流程。** + +**方法:afterRequest** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +后续,响应会进入插件/热加载中的beforeRequest方法进行处理,经过处理的请求可能被修改。 +``` +// 在回复给浏览器之前的hook +afterRequest = func(ishttps, oreq/*原始请求*/ ,req/*hiajck修改之后的请求*/ ,orsp/*原始响应*/ ,rsp/*hijack修改后的响应*/){ +} +``` +``` +``` + +**创建流量** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +根据最终的请求,响应以及前面标注的颜色,标签创建流量,并准备存储进入数据库。 + +**第三次:内容规则** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +响应会经过每一个规则,对匹配到对应规则的流量进行染色或者添加标签。 + +**方法:hijackSaveHTTPFlow** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +后续,流量会进入插件/热加载中的hijackSaveHTTPFlow方法再最后进入数据库之前进行处理,用户可以在此对流量进行修改(修改请求/修改响应/添加标签等)或者丢弃。**丢弃的流量不会存储进数据库中。** +``` +hijackSaveHTTPFlow = func(flow /* *yakit.HTTPFlow */, modify /* func(modified *yakit.HTTPFlow) */, drop/* func() */) { +} +``` +``` +``` + +**流量进入数据库** + +![](/articles/wechat2md-151d5edc5897dd0c05900660571b46ab.png) + + +流量在进入数据库之前会等待前序的内容规则/hijackSaveHTTPFlow最多300毫秒,之后若流程完成或超时,都会将非丢弃的流量存储进数据库中。 + +![](/articles/wechat2md-77d3be52a9fdd5b59875666fdfcc2224.png) + +![](/articles/wechat2md-98932c26282bb7a1991c9331fbb46e3f.png) + + +**END** + + + **YAK官方资源** + + +Yak 语言官方教程: +https://yaklang.com/docs/intro/Yakit 视频教程: +https://space.bilibili.com/437503777Github下载地址: +https://github.com/yaklang/yakitYakit官网下载地址: +https://yaklang.com/Yakit安装文档: +https://yaklang.com/products/download_and_installYakit使用文档: +https://yaklang.com/products/intro/常见问题速查: +https://yaklang.com/products/FAQ + +![](/articles/wechat2md-382b711760574d429c6c8742ecfc1d9b.png) + +![](/articles/wechat2md-304b45488320344b4c7cdbd5759ee4e8.gif) + + diff --git a/articles/synscan_.md b/articles/synscan_.md new file mode 100644 index 000000000..573ebe921 --- /dev/null +++ b/articles/synscan_.md @@ -0,0 +1,231 @@ +# 嘿朋友,你想成为SYN扫描传奇吗? +原创 Yak Yak Project 2024-11-15 17:31 + +![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) + +周五周五,敲锣打鼓! + +周五周五,脱胎换骨! + +![](/articles/wechat2md-45183062e7da4f3ff64df1995f4a83fb.png) + +等等,我知道你很急但你先别急 + +SYN扫描原理 奇妙至极~ + +朋友,想成为SYN扫描传奇吗? + +![](/articles/wechat2md-ddf16f1039911f81029b4381e07925e1.png) + +![](/articles/wechat2md-5555b6d148204a48d108fc10b9187f7e.png) + +**发送SYN包:** +扫描器向目标端口发送一个SYN(同步序列编号)数据包,它正试图建立一个正常的连接。 + +**等待响应:** +- 如果收到SYN-ACK(同步确认)响应,这意味着端口是开放的,因为目标已准备好完成连接。 + +- 如果收到RST(重置)响应,这意味着端口是关闭的,目标没有等待任何连接在该端口上。 + +- 如果没有响应,可能端口被防火墙过滤或丢弃了SYN包。 + +**不完成握手:** +在收到SYN-ACK后,扫描器通常会发送一个RST包来中断连接过程,因此不会建立一个完整的TCP连接。 + +使用 Wireshark 查看对IP 192.167.3.3的80端口进行SYN 扫描的数据包如下图: + +![](/articles/wechat2md-276d755430bb25b2fe4d6c0d04559a63.png) + +![](/articles/wechat2md-3d04d44a881df1848577ff74c7823217.png) + +要构建一个完整的数据包,需要按照协议栈的层次结构依次封装这些层。 + + +例如,一个完整的TCP/IP数据包会包括: +1. 以太网帧头(包括源和目的MAC地址) + +1. IP头(包括源和目的IP地址,以及其他IP相关设置) + +1. TCP头(包括端口号,序列号,确认号等) + +1. 数据负载(如果有的话) + +![](/articles/wechat2md-1ed6b0901dc8d9afb58ff3a4b258f886.png) + +对于 IP 和 TCP 头的构建,比较简单,只需要填写,源/目的IP(端口),设置 TCP Flags,以及一些 Option。 + +部分代码如下: +``` +// IPv4 +opts = append(opts, pcapx.WithIPv4_Flags(layers.IPv4DontFragment)) +opts = append(opts, pcapx.WithIPv4_Version(4)) +opts = append(opts, pcapx.WithIPv4_NextProtocol(layers.IPProtocolTCP)) +opts = append(opts, pcapx.WithIPv4_TTL(64)) +opts = append(opts, pcapx.WithIPv4_ID(40000+rand.Intn(10000))) +opts = append(opts, pcapx.WithIPv4_SrcIP(srcIP)) +opts = append(opts, pcapx.WithIPv4_DstIP(dstIP)) // 要扫描的IP +opts = append(opts, pcapx.WithIPv4_Option(nil, nil)) + +// TCP +opts = append(opts, + pcapx.WithTCP_SrcPort(srcPort), + pcapx.WithTCP_DstPort(port), // 要扫描的端口 + pcapx.WithTCP_Flags(pcapx.TCP_FLAG_SYN), + pcapx.WithTCP_Window(1024), + pcapx.WithTCP_Seq(500000+rand.Intn(10000)), +) +``` + +![](/articles/wechat2md-81230b6e71ef679a9efeb4312369ac63.png) + +以太网帧头指的是在以太网层(或称为数据链路层)中,每个数据包开头的部分,用于定义数据包的一些基本属性。 + +以太网帧头通常包括以下几个关键部分: +1. **目标MAC地址(Destination MAC Address):** +接收数据包的设备的硬件地址。 + +1. **源MAC地址(Source MAC Address):**发送数据包的设备的硬件地址。 + +1. **类型/长度字段(Type/Length Field):** +字段可以是两种形式之一: + +- **类型(Type)****:** +表示随后数据包内容的协议类型(如IPv4, IPv6, ARP等),通常使用2字节来表示。 + +- **长度(Length)****:** +在某些协议(如IEEE 802.3)中,这个字段表示数据字段的长度。 + +其中,源MAC地址就相当于是本机发包网卡的MAC地址,目的MAC地址则需要我们通过其他方法获取,因此在构建一个完整的数据包前,我们还需要一些前置工作。 + +![](/articles/wechat2md-0cff4c3b299f8fe6a12013778554a608.png) + +路由表包含了一系列的路由条目,这些条目指导数据包如何从一个网络传输到另一个网络。 + +![](/articles/wechat2md-c5bc863e61ddf0b6b0b54471ce10926e.png) + +本地子网检测 +: +- 当数据包的目的IP地址与源IP地址处于同一子网时,即目的地址与源地址的网络部分相同(根据子网掩码计算),这被认为是内网路由。 + +例如,如果源IP是192.168.1.100,子网掩码是255.255.255.0,目的IP是192.168.1.101,那么这两个IP都在192.168.1.0/24网络内。 + +对于同一个子网掩码地址内的两个内网IP通信相对简单,因为它们位于同一个局域网(LAN)内。这种情况下,数据包通常不需要经过路由器进行路由,而是直接通过交换机或者集线器在内部网络中传输。 + +![](/articles/wechat2md-9810c7fbb5a05d80dc3c813c0baa6926.png) + +**目的IP非本地子网:** +- 当数据包的目的IP地址不在同一子网时,设备必须通过一个或多个路由器发送数据包到目的地。 + +- 例如,如果源IP是192.168.1.100,目的IP是8.8.8.8,由于8.8.8.8不在本地网络,数据包需要被路由到外部网络。 + +**默认网关:** +- 设备配置有默认网关(通常是本地网络的路由器),所有非本地目的地的数据包都会发送到这个网关。 + +- 网关检查其路由表,决定如何进一步转发数据包。 + +``` +IPv4 路由表 +=========================================================================== +活动路由: +网络目标 网络掩码 网关 接口 跃点数 + 0.0.0.0 0.0.0.0 192.168.3.1 192.168.3.3 30 + 127.0.0.0 255.0.0.0 在链路上 127.0.0.1 331 + 127.0.0.1 255.255.255.255 在链路上 127.0.0.1 331 + 127.255.255.255 255.255.255.255 在链路上 127.0.0.1 331 + 172.22.160.0 255.255.240.0 在链路上 172.22.160.1 5256 + 172.22.160.1 255.255.255.255 在链路上 172.22.160.1 5256 + 172.22.175.255 255.255.255.255 在链路上 172.22.160.1 5256 + 172.25.16.0 255.255.240.0 在链路上 172.25.16.1 5256 + 172.25.16.1 255.255.255.255 在链路上 172.25.16.1 5256 + 172.25.31.255 255.255.255.255 在链路上 172.25.16.1 5256 + 192.168.3.0 255.255.255.0 在链路上 192.168.3.3 286 + 192.168.3.3 255.255.255.255 在链路上 192.168.3.3 286 + 192.168.3.255 255.255.255.255 在链路上 192.168.3.3 286 + 224.0.0.0 240.0.0.0 在链路上 127.0.0.1 331 + 224.0.0.0 240.0.0.0 在链路上 192.168.3.3 286 + 224.0.0.0 240.0.0.0 在链路上 172.25.16.1 5256 + 224.0.0.0 240.0.0.0 在链路上 172.22.160.1 5256 + 255.255.255.255 255.255.255.255 在链路上 127.0.0.1 331 + 255.255.255.255 255.255.255.255 在链路上 192.168.3.3 286 + 255.255.255.255 255.255.255.255 在链路上 172.25.16.1 5256 + 255.255.255.255 255.255.255.255 在链路上 172.22.160.1 5256 +=========================================================================== +``` + +比如,我要扫描 192.168.3.100 ,根据路由表,这个地址在192.168.3.0/24网络内,数据包将直接从接口192.168.3.3发送,路由表中的“在链路上”的条目表明数据包将直接在本地网络接口上发送,不经过任何路由器。 + +又比如,我要扫描  8.8.8.8,根据路由表,该地址不属于本地定义的任何子网。路由表中的默认路由(0.0.0.0/0.0.0.0,网关192.168.3.1)将被用来处理这种情况。这意味着所有不属于本地子网的IP地址都将数据包发送到网关192.168.3.1。后续可能是根据路由器中的路由表,决定下一跳的地址。 + +通过路由表,我们知道了两个最关键的信息: +1. 内网扫描时,目标IP 的MAC 地址通过 ARP 协议请求目标 IP 获取。 + +1. 外网扫描时,目标IP 的MAC 地址通过 ARP 协议请求路由器 IP 获取。 + +![](/articles/wechat2md-9fe05b606658f55a02ca496aafceefca.png) + +通过前文得知,最终我们需要先通过构造ARP数据包来拿到相应的目的MAC地址。 + +ARP 数据包的构造相对简单很多: +1. **确定MAC地址:** + +1. 对于ARP请求,目的MAC地址通常是广播地址(FF:FF:FF:FF:FF:FF),这意味着请求将被发送到局域网上的所有设备。 + +1. 对于ARP响应,目的MAC地址是发起ARP请求的设备的MAC地址。 + +1. **填充以太网帧头:** + +1. 填入源MAC地址和目的MAC地址。 + +1. 类型字段设置为ARP协议的值(0x0806)。 + +1. **填充ARP数据包:** + +1. 填写操作码(ARPRequest |ARPReply ),源IP,源MAC,目的IP即可。 + +``` +eth := layers.Ethernet{ + SrcMAC: sender.adapterDevice.Mac, + DstMAC: net.HardwareAddr{0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, + EthernetType: layers.EthernetTypeARP, +} +arp := layers.ARP{ + AddrType: layers.LinkTypeEthernet, + Protocol: layers.EthernetTypeIPv4, + HwAddressSize: 6, + ProtAddressSize: 4, + Operation: layers.ARPRequest, + SourceHwAddress: srcMAC, + SourceProtAddress: srcIP, + DstHwAddress: []byte{0, 0, 0, 0, 0, 0}, + DstProtAddress: dstIP, +} +``` + +![](/articles/wechat2md-361d7ae804d6351480d805a583d0a032.png) + +![](/articles/wechat2md-dba49271ce3ba112432e5f27f19fc93e.png) + +至此,我们已经完成了所有的前置工作,最终的关键扫描逻辑大致如下 + +![](/articles/wechat2md-58860b59286debac7f021f6d0502a346.png) + +**** +**END** + + **YAK官方资源** + + +Yak 语言官方教程: +https://yaklang.com/docs/intro/Yakit 视频教程: +https://space.bilibili.com/437503777Github下载地址: +https://github.com/yaklang/yakitYakit官网下载地址: +https://yaklang.com/Yakit安装文档: +https://yaklang.com/products/download_and_installYakit使用文档: +https://yaklang.com/products/intro/常见问题速查: +https://yaklang.com/products/FAQ + +![](/articles/wechat2md-382b711760574d429c6c8742ecfc1d9b.png) + +![](/articles/wechat2md-304b45488320344b4c7cdbd5759ee4e8.gif) + + diff --git a/articles/syntaxflow_.md b/articles/syntaxflow_.md new file mode 100644 index 000000000..3a3fbf780 --- /dev/null +++ b/articles/syntaxflow_.md @@ -0,0 +1,157 @@ +# 你这SyntaxFlow,保熟吗? +原创 Yak Yak Project 2024-11-01 17:30 + +![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) + +朋友,你还在苦苦寻觅代码审计更便捷的方式么? + +![](/articles/wechat2md-7fe779cc6a661bc8a40d988ea655889c.png) + +本周不仅有 +**Yakit SyntaxFlow界面上新** + +更有全新 +**网页端代码扫描小工具** + +一键启动代码审计! + +谁说这代码审计老啊?这代码审计可太棒了! + +![](/articles/wechat2md-94dca69ebf7899b3c0e4f01624fb439d.jpeg) + +![](/articles/wechat2md-3ef8a0cfe654499ea76424d7c463e36d.png) + +![](/articles/wechat2md-babc2efe77cb9d8433eb8ecabf620d44.png) + +**代码审计功能:项目管理** + +点击代码审计功能会进入到项目管理页面, 在此页面将会展示已编译的所有项目,可以在操作中选择跳转到代码扫描页面或代码审计页面。 + +![](/articles/wechat2md-394168d6468ddc047d1363d20c56c78a.png) + +在此页面也可以在右上角开始编译新的项目,将会在编译完成以后自动跳转到代码审计页面: + +代码审计页面如下: + +![](/articles/wechat2md-22a6b0c582cb79bb91e2ef91b3880f92.png) + +可以看到类似之前的yakRunner内的代码扫描功能,调整了下文件系统和代码审计框的布局。 + +![](/articles/wechat2md-537c297579d241fbc262b21812fa4901.png) + +点击代码扫描功能,可以使用内置规则对已编译项目进行代码扫描: + +![](/articles/wechat2md-15b045434942023439a1c295d0bb3e5f.png) +- 在页面左侧为规则选择页面,目前支持内置规则和内置规则分组。 + +> 内置规则正在持续更新。接下来也会开放用户自定义规则、自定义规则分组的功能。 + +- 在页面中间可以通过下拉框选择已编译的项目,也可以通过右上角添加项目进行编译。 + +![](/articles/wechat2md-561416c5867c942b9e3caf6ae3a904e7.png) + +![](/articles/wechat2md-3bcdfa94d9f8d89f6942b084b7709612.png) + +在选中规则以及项目以后可以开始扫描: + +将会显示以下信息: +- **执行进度:** + +- 已经执行结束的规则和总规则数 + +- 规则和项目都是会指定编程语言的,语言不匹配将会跳过该规则,将会展示跳过的规则数量。 + +- 当前执行规则的规则名 + +- **执行状态:** + +- 执行成功个数和失败个数。 + +- 一般失败是因为执行或执行结果的保存失败,可以在日志中观察到失败的规则和其原因 + +![](/articles/wechat2md-cc59ae6415624c912ad88dd8ec738f8f.png) + +在表格中,将会展示审计结果和漏洞风险。 + +![](/articles/wechat2md-e27f181afab58dea2596269e90db2e85.png) + +审计结果默认仅展示风险个数大于0的审计结果。在扫描执行结束以后可以手动取消选中查看全部的规则,也可以对表内的等级等信息进行筛选。 + +![](/articles/wechat2md-4d4dcc9d5a38de1d23edd7912c9962d7.png) + +表中的每一项都是一次审计的结果。其中出现风险个数的是有意义的审计结果。其中的每一项都可以查看信息: +- 操作中的终端图标将可以直接跳转到代码审计页面打开整个项目查看相关信息。 + +- 操作中的➡️图标将会用侧边栏打开并展示相关信息,此时也可以跳转到代码审计页面查看项目。 + +![](/articles/wechat2md-e42c940c641f19f1a7facaa5846656b5.png) + +相关的操作与代码审计页面一致,查看审计的结果,审计的路径以及过程图。 + +值得注意的是如果当前展示的审计结果有相关漏洞与风险信息的话将会标注漏洞风险的bug图标,点击可以查看对应的漏洞风险信息。 + +![](/articles/wechat2md-681b8919fcc35c255b10a2cb576c2d23.png) + +![](/articles/wechat2md-acb94fc751faa74a7bd55f8bbf868686.png) + +漏洞与风险的数据展示如下: + +![](/articles/wechat2md-d269b9395db4c0d6ccaf51aae15d6256.png) + +和之前的漏洞与风险同样的操作逻辑,点击将会显示漏洞与风险信息。 + +但同时,右侧将会显示该漏洞与风险的对应代码。点击相关代码段可以展开显示代码内容,点击右侧终端图标将会跳转到代码审计页面自动打开对应的代码查看详情。 + +代码扫描产生的漏洞与风险同样被保存在全局,如下图所示,将会在yakit顶栏出现通知,并且可以在全局数据库内看到: + +![](/articles/wechat2md-c7258f2de9aa6a345e1b6d85b0b672d5.png) + +![](/articles/wechat2md-2ae65ed92e788798b771b54dcc8f5594.png) + +**无需安装yakit** +,在线启动代码审计? + +超级牛全新 +**网页版代码扫描**平台上线,轻量级代码段一把梭哈! + +**网址:** +Hello from SSA.to | SSA.to +> (点击文末阅读原文快速传送) + + + +全新风格平台,代码扫描启动! + +![](/articles/wechat2md-10f451fc9964a6fb0de67a9567aabe41.png) + +AI协助研判, +代码片段快速分析,误报漏报一键反馈 + +![](/articles/wechat2md-b60646245637afb65d5fd4d8b70df681.png) + +教程详细,多个版本一站速通 + +![](/articles/wechat2md-aa1141297007ed5490a5263ecfbbe550.png) + +Let's Start For Free! + +**** +**END** + + + **YAK官方资源** + +Yak 语言官方教程: +https://yaklang.com/docs/intro/Yakit 视频教程: +https://space.bilibili.com/437503777Github下载地址: +https://github.com/yaklang/yakitYakit官网下载地址: +https://yaklang.com/Yakit安装文档: +https://yaklang.com/products/download_and_installYakit使用文档: +https://yaklang.com/products/intro/常见问题速查: +https://yaklang.com/products/FAQ + +![](/articles/wechat2md-382b711760574d429c6c8742ecfc1d9b.png) + +![](/articles/wechat2md-304b45488320344b4c7cdbd5759ee4e8.gif) + + diff --git a/articles/verification_code_recognition_and_blasting.md b/articles/verification_code_recognition_and_blasting.md new file mode 100644 index 000000000..b7cc477be --- /dev/null +++ b/articles/verification_code_recognition_and_blasting.md @@ -0,0 +1,155 @@ +# 拿不下总统之位,那就用热加载拿下验证码识别与爆破好了! +原创 Yak Yak Project 2024-11-08 17:31 + +![](/articles/wechat2md-57d4b38fb5fac67b077017855ed50c43.gif) + +大家好,这里是在总统选举中**惜败**的超级牛 + +![](/articles/wechat2md-f1b2e0388a2f03ef1566973c06848d57.png) + +虽然没能拿下阿美利卡总统之位 + +但是牛牛的 +**热加载**功能,却能轻松拿下 +**验证码的识别与爆破** + +![](/articles/wechat2md-15188eeeaf0c79d60b92b341f1486886.jpeg) + + +![](/articles/wechat2md-9a1fca0d6d160c150f933eaece35e23e.png) + +![](/articles/wechat2md-c1f79c63aacd87f977df3ac644e5761f.png) + +验证码一般会在注册、登录等功能,用来防止自动化工具的攻击。一般的验证码生成过程如下图所示: + +![](/articles/wechat2md-2eb12d7f85eb299c77f3dd6151794666.png) + +我们可以看到,验证码在访问功能页面的时候便已经生成,并且服务端在生成验证码的时候会将结果保存,并作为以用户输入的验证码做比较的依据。一般而言,验证码不具备复用性,在你输错验证码或者重新请求验证码接口的时候,后台便会刷新,并返回新的验证码,这大大提高了爆破的难度。 + +![](/articles/wechat2md-f5b088e2dfd6190597b9696a177cab58.png) + +那么,Yakit的热加载如何进行验证码爆破呢?答案是我们需要让热加载参与到 +**客户端请求验证码**、**客户端接收验证码** +和**客户端发送验证码**的生命周期中。如下图所示: + +![](/articles/wechat2md-bb53cf22379e0f1d33d7c5e79ddd4228.png) +- 客户端请求验证码:在这个阶段,我们可以使用poc库发送HTTP请求,请求一份验证码。 + +- 客户端接收验证码:这个阶段,在热加载中可以将服务端返回的图片验证码转化为base64形式,方便后续进行ocr图像识别。 + +- 客户端发送验证码:将base64形式的图片数据发送到图像识别平台,或者在本地搭建的如ddddocr图像识别接口进行识别,然后将识别得到的验证码替换原始报文中验证码参数并发送。 + +![](/articles/wechat2md-98dacf6ffcc356ff9d5a46ca629b4f34.png) + +理论形成,实践开始。 + +这里以pikachu靶场中验证码绕过(on server)为例。 + +![](/articles/wechat2md-7fb52f97c7ee3f907cd263bec850555a.png) + +我们先随便输入一些内容,并抓包查看内容。可以发现对验证码进行了识别: + +![](/articles/wechat2md-bca0d96cc8f7d2426574daed0c7ecafd.png) + +然后我们开始编写热加载代码。从热加载参与验证码爆破的声明周期可以知道,我们只要在发送数据包之前做处理就可以,即我们热加载代码写在beforeRequest函数内就行。 + +![](/articles/wechat2md-13f432dc73840a405aab6cd096fe8e0d.png) + +首先通过查看验证码链接,知道验证码请求的接口为/pikachu/inc/showvcode.php,因此可以调用该接口得到验证码图像数据,并使用codec将其转化为base64的形式: +``` +rsp, _ := poc.Get(`http://127.0.0.1/pikachu/inc/showvcode.php`)~ +imageData = rsp.GetBody() +base64Image := codec.EncodeBase64(imageData) +``` + +![](/articles/wechat2md-a831ff85c3039ea3718dc367db431d28.png) + +这里使用验证码识别平台进行识别验证码,将api的token及图像数据作为POST的参数进行发送。api返回的是json格式的数据,这里使用json库获取识别到的信息。并将请求包的__verify__替换为验证码。__verify__为占位符,以方便对参数进行替换。 +``` +apiURL = "http://api.example.com/api/ocr" #验证码识别api +token = "xxxxxxx" #toekn + +rsp,_=poc.Post(apiURL, poc.appendPostParam("image", base64Image),poc.appendPostParam("token",token))~ +result:=json.loads(rsp.GetBody()) +code=json.Find(result, `$.data.data`) +req = re.ReplaceAll(req, `__verify__`, code) +``` + +完整的热加载代码如下: +``` +// beforeRequest 允许发送数据包前再做一次处理,定义为 func(origin []byte) []byte +beforeRequest = func(req) { + rsp, _ := poc.Get(`http://127.0.0.1/pikachu/inc/showvcode.php`)~ + imageData = rsp.GetBody() + base64Image := codec.EncodeBase64(imageData) + + apiURL = "http://api.example.com/api/ocr" #验证码识别api + token = "xxxxxxx" #toekn + + rsp,_=poc.Post(apiURL, poc.appendPostParam("image", base64Image),poc.appendPostParam("token",token))~ + result:=json.loads(rsp.GetBody()) + code=json.Find(result, `$.data.data`) + req = re.ReplaceAll(req, `__verify__`, code) + return []byte(req) +} +``` + +请求包可以修改成如下,验证码参数使用__verify__作为占位符。然后账号和密码可以设置上自己的字典,并将并发线程设置为1,这样就能够爆破啦。 + +![](/articles/wechat2md-913805fd14fa40dce649093a98cc97b2.png) + +最后可以看到验证码成功被识别出来 + +![](/articles/wechat2md-b7b8768eb656293557cadbffc758d9e4.png) + +![](/articles/wechat2md-202cc2dd82f6bf09dbd40654c2894e5d.png) + +我们在社群接到小伙伴反馈说,所有设置都按照教程设置了,为什么验证码很多都没识别出来呢?这是这位小伙伴的热加载代码: + +![](/articles/wechat2md-635d535acc093f47dc606209531c5529.png) + +![](/articles/wechat2md-e6fe2fb6cc86255049b2ba8d993a96a7.png) + +我们发现它在handle2使用了热加载,但是由于fuzztag会预先进行渲染,渲染的时候会发送一次验证码API,导致验证码刷新,从而使得后续识别到的验证码与session绑定的验证码不一致。 + +因此,在我们明确了热加载在验证码识别的生命周期,也就明白了为什么要写在**beforeRequest**里啦。 + +![](/articles/wechat2md-dba49271ce3ba112432e5f27f19fc93e.png) + +热加载用来验证码识别或者csrf token的思路其实是一样的,只不过多了个ocr的步骤。本文使用的字母与数字组合验证码,但是只要明确热加载参与的生命周期,识别其它验证码思路也是一致的。 + + +**END** + + + **《CDSL-YAK 网络安全领域编程语言—从入门到实践》** + +超级牛新书出版! + +一本书带你CDSL-YAK从入门到起飞 + +直戳即可查看详情⬇️ + + + +**** + + + **YAK官方资源** + + +Yak 语言官方教程: +https://yaklang.com/docs/intro/Yakit 视频教程: +https://space.bilibili.com/437503777Github下载地址: +https://github.com/yaklang/yakitYakit官网下载地址: +https://yaklang.com/Yakit安装文档: +https://yaklang.com/products/download_and_installYakit使用文档: +https://yaklang.com/products/intro/常见问题速查: +https://yaklang.com/products/FAQ + +![](/articles/wechat2md-382b711760574d429c6c8742ecfc1d9b.png) + +![](/articles/wechat2md-304b45488320344b4c7cdbd5759ee4e8.gif) + + + diff --git a/static/articles/wechat2md-0cff4c3b299f8fe6a12013778554a608.png b/static/articles/wechat2md-0cff4c3b299f8fe6a12013778554a608.png new file mode 100644 index 000000000..5d431bcc9 Binary files /dev/null and b/static/articles/wechat2md-0cff4c3b299f8fe6a12013778554a608.png differ diff --git a/static/articles/wechat2md-10f451fc9964a6fb0de67a9567aabe41.png b/static/articles/wechat2md-10f451fc9964a6fb0de67a9567aabe41.png new file mode 100644 index 000000000..b310570c3 Binary files /dev/null and b/static/articles/wechat2md-10f451fc9964a6fb0de67a9567aabe41.png differ diff --git a/static/articles/wechat2md-13f432dc73840a405aab6cd096fe8e0d.png b/static/articles/wechat2md-13f432dc73840a405aab6cd096fe8e0d.png new file mode 100644 index 000000000..af6c6c021 Binary files /dev/null and b/static/articles/wechat2md-13f432dc73840a405aab6cd096fe8e0d.png differ diff --git a/static/articles/wechat2md-15188eeeaf0c79d60b92b341f1486886.jpeg b/static/articles/wechat2md-15188eeeaf0c79d60b92b341f1486886.jpeg new file mode 100644 index 000000000..5326370fc Binary files /dev/null and b/static/articles/wechat2md-15188eeeaf0c79d60b92b341f1486886.jpeg differ diff --git a/static/articles/wechat2md-15b045434942023439a1c295d0bb3e5f.png b/static/articles/wechat2md-15b045434942023439a1c295d0bb3e5f.png new file mode 100644 index 000000000..dcf2e0df5 Binary files /dev/null and b/static/articles/wechat2md-15b045434942023439a1c295d0bb3e5f.png differ diff --git a/static/articles/wechat2md-1a801c50533ae96fb847ce0684387123.png b/static/articles/wechat2md-1a801c50533ae96fb847ce0684387123.png new file mode 100644 index 000000000..b6f8fec9c Binary files /dev/null and b/static/articles/wechat2md-1a801c50533ae96fb847ce0684387123.png differ diff --git a/static/articles/wechat2md-1ed6b0901dc8d9afb58ff3a4b258f886.png b/static/articles/wechat2md-1ed6b0901dc8d9afb58ff3a4b258f886.png new file mode 100644 index 000000000..030173bd0 Binary files /dev/null and b/static/articles/wechat2md-1ed6b0901dc8d9afb58ff3a4b258f886.png differ diff --git a/static/articles/wechat2md-202cc2dd82f6bf09dbd40654c2894e5d.png b/static/articles/wechat2md-202cc2dd82f6bf09dbd40654c2894e5d.png new file mode 100644 index 000000000..6a1270e7a Binary files /dev/null and b/static/articles/wechat2md-202cc2dd82f6bf09dbd40654c2894e5d.png differ diff --git a/static/articles/wechat2md-20542c2fdecf06753b38084ba59526d6.png b/static/articles/wechat2md-20542c2fdecf06753b38084ba59526d6.png new file mode 100644 index 000000000..dbe103eae Binary files /dev/null and b/static/articles/wechat2md-20542c2fdecf06753b38084ba59526d6.png differ diff --git a/static/articles/wechat2md-22a6b0c582cb79bb91e2ef91b3880f92.png b/static/articles/wechat2md-22a6b0c582cb79bb91e2ef91b3880f92.png new file mode 100644 index 000000000..315a4fae9 Binary files /dev/null and b/static/articles/wechat2md-22a6b0c582cb79bb91e2ef91b3880f92.png differ diff --git a/static/articles/wechat2md-24cd8d46a35dbc5f9da4309774affe8d.png b/static/articles/wechat2md-24cd8d46a35dbc5f9da4309774affe8d.png new file mode 100644 index 000000000..f0f768267 Binary files /dev/null and b/static/articles/wechat2md-24cd8d46a35dbc5f9da4309774affe8d.png differ diff --git a/static/articles/wechat2md-276d755430bb25b2fe4d6c0d04559a63.png b/static/articles/wechat2md-276d755430bb25b2fe4d6c0d04559a63.png new file mode 100644 index 000000000..d483e2239 Binary files /dev/null and b/static/articles/wechat2md-276d755430bb25b2fe4d6c0d04559a63.png differ diff --git a/static/articles/wechat2md-29cd3584b1298b5ada48b25868ccce08.png b/static/articles/wechat2md-29cd3584b1298b5ada48b25868ccce08.png new file mode 100644 index 000000000..101f9acf6 Binary files /dev/null and b/static/articles/wechat2md-29cd3584b1298b5ada48b25868ccce08.png differ diff --git a/static/articles/wechat2md-2ae65ed92e788798b771b54dcc8f5594.png b/static/articles/wechat2md-2ae65ed92e788798b771b54dcc8f5594.png new file mode 100644 index 000000000..38648fcea Binary files /dev/null and b/static/articles/wechat2md-2ae65ed92e788798b771b54dcc8f5594.png differ diff --git a/static/articles/wechat2md-2eb12d7f85eb299c77f3dd6151794666.png b/static/articles/wechat2md-2eb12d7f85eb299c77f3dd6151794666.png new file mode 100644 index 000000000..2f31bfd24 Binary files /dev/null and b/static/articles/wechat2md-2eb12d7f85eb299c77f3dd6151794666.png differ diff --git a/static/articles/wechat2md-361d7ae804d6351480d805a583d0a032.png b/static/articles/wechat2md-361d7ae804d6351480d805a583d0a032.png new file mode 100644 index 000000000..51b496fbc Binary files /dev/null and b/static/articles/wechat2md-361d7ae804d6351480d805a583d0a032.png differ diff --git a/static/articles/wechat2md-394168d6468ddc047d1363d20c56c78a.png b/static/articles/wechat2md-394168d6468ddc047d1363d20c56c78a.png new file mode 100644 index 000000000..eaf85544e Binary files /dev/null and b/static/articles/wechat2md-394168d6468ddc047d1363d20c56c78a.png differ diff --git a/static/articles/wechat2md-3bcdfa94d9f8d89f6942b084b7709612.png b/static/articles/wechat2md-3bcdfa94d9f8d89f6942b084b7709612.png new file mode 100644 index 000000000..f04a04e9f Binary files /dev/null and b/static/articles/wechat2md-3bcdfa94d9f8d89f6942b084b7709612.png differ diff --git a/static/articles/wechat2md-3d04d44a881df1848577ff74c7823217.png b/static/articles/wechat2md-3d04d44a881df1848577ff74c7823217.png new file mode 100644 index 000000000..3a0b2aa83 Binary files /dev/null and b/static/articles/wechat2md-3d04d44a881df1848577ff74c7823217.png differ diff --git a/static/articles/wechat2md-3ef8a0cfe654499ea76424d7c463e36d.png b/static/articles/wechat2md-3ef8a0cfe654499ea76424d7c463e36d.png new file mode 100644 index 000000000..94915f5ed Binary files /dev/null and b/static/articles/wechat2md-3ef8a0cfe654499ea76424d7c463e36d.png differ diff --git a/static/articles/wechat2md-45183062e7da4f3ff64df1995f4a83fb.png b/static/articles/wechat2md-45183062e7da4f3ff64df1995f4a83fb.png new file mode 100644 index 000000000..d81deba4f Binary files /dev/null and b/static/articles/wechat2md-45183062e7da4f3ff64df1995f4a83fb.png differ diff --git a/static/articles/wechat2md-453a18f9a64ce2de4933ccbf55b2d8d0.png b/static/articles/wechat2md-453a18f9a64ce2de4933ccbf55b2d8d0.png new file mode 100644 index 000000000..64c75539a Binary files /dev/null and b/static/articles/wechat2md-453a18f9a64ce2de4933ccbf55b2d8d0.png differ diff --git a/static/articles/wechat2md-4716e77f643320a73d13ca6cfbc8e1bd.png b/static/articles/wechat2md-4716e77f643320a73d13ca6cfbc8e1bd.png new file mode 100644 index 000000000..f57c98831 Binary files /dev/null and b/static/articles/wechat2md-4716e77f643320a73d13ca6cfbc8e1bd.png differ diff --git a/static/articles/wechat2md-4d4dcc9d5a38de1d23edd7912c9962d7.png b/static/articles/wechat2md-4d4dcc9d5a38de1d23edd7912c9962d7.png new file mode 100644 index 000000000..e811a4116 Binary files /dev/null and b/static/articles/wechat2md-4d4dcc9d5a38de1d23edd7912c9962d7.png differ diff --git a/static/articles/wechat2md-537c297579d241fbc262b21812fa4901.png b/static/articles/wechat2md-537c297579d241fbc262b21812fa4901.png new file mode 100644 index 000000000..66767f9a6 Binary files /dev/null and b/static/articles/wechat2md-537c297579d241fbc262b21812fa4901.png differ diff --git a/static/articles/wechat2md-5555b6d148204a48d108fc10b9187f7e.png b/static/articles/wechat2md-5555b6d148204a48d108fc10b9187f7e.png new file mode 100644 index 000000000..160ac7d24 Binary files /dev/null and b/static/articles/wechat2md-5555b6d148204a48d108fc10b9187f7e.png differ diff --git a/static/articles/wechat2md-561416c5867c942b9e3caf6ae3a904e7.png b/static/articles/wechat2md-561416c5867c942b9e3caf6ae3a904e7.png new file mode 100644 index 000000000..35b314bc0 Binary files /dev/null and b/static/articles/wechat2md-561416c5867c942b9e3caf6ae3a904e7.png differ diff --git a/static/articles/wechat2md-58860b59286debac7f021f6d0502a346.png b/static/articles/wechat2md-58860b59286debac7f021f6d0502a346.png new file mode 100644 index 000000000..08ac28d56 Binary files /dev/null and b/static/articles/wechat2md-58860b59286debac7f021f6d0502a346.png differ diff --git a/static/articles/wechat2md-61644b57d884342a3156ba198a13a62d.png b/static/articles/wechat2md-61644b57d884342a3156ba198a13a62d.png new file mode 100644 index 000000000..4234672f1 Binary files /dev/null and b/static/articles/wechat2md-61644b57d884342a3156ba198a13a62d.png differ diff --git a/static/articles/wechat2md-635d535acc093f47dc606209531c5529.png b/static/articles/wechat2md-635d535acc093f47dc606209531c5529.png new file mode 100644 index 000000000..6465ffa77 Binary files /dev/null and b/static/articles/wechat2md-635d535acc093f47dc606209531c5529.png differ diff --git a/static/articles/wechat2md-681b8919fcc35c255b10a2cb576c2d23.png b/static/articles/wechat2md-681b8919fcc35c255b10a2cb576c2d23.png new file mode 100644 index 000000000..83784814b Binary files /dev/null and b/static/articles/wechat2md-681b8919fcc35c255b10a2cb576c2d23.png differ diff --git a/static/articles/wechat2md-763bda0a2e16966996bc4d37c6d9c17a.png b/static/articles/wechat2md-763bda0a2e16966996bc4d37c6d9c17a.png new file mode 100644 index 000000000..6ac948138 Binary files /dev/null and b/static/articles/wechat2md-763bda0a2e16966996bc4d37c6d9c17a.png differ diff --git a/static/articles/wechat2md-77d3be52a9fdd5b59875666fdfcc2224.png b/static/articles/wechat2md-77d3be52a9fdd5b59875666fdfcc2224.png new file mode 100644 index 000000000..f29e105a7 Binary files /dev/null and b/static/articles/wechat2md-77d3be52a9fdd5b59875666fdfcc2224.png differ diff --git a/static/articles/wechat2md-7a5f49a132d2c96ea9ec5802ac063f84.png b/static/articles/wechat2md-7a5f49a132d2c96ea9ec5802ac063f84.png new file mode 100644 index 000000000..db1ac7ba5 Binary files /dev/null and b/static/articles/wechat2md-7a5f49a132d2c96ea9ec5802ac063f84.png differ diff --git a/static/articles/wechat2md-7fb52f97c7ee3f907cd263bec850555a.png b/static/articles/wechat2md-7fb52f97c7ee3f907cd263bec850555a.png new file mode 100644 index 000000000..485d5d625 Binary files /dev/null and b/static/articles/wechat2md-7fb52f97c7ee3f907cd263bec850555a.png differ diff --git a/static/articles/wechat2md-7fe779cc6a661bc8a40d988ea655889c.png b/static/articles/wechat2md-7fe779cc6a661bc8a40d988ea655889c.png new file mode 100644 index 000000000..44cba1242 Binary files /dev/null and b/static/articles/wechat2md-7fe779cc6a661bc8a40d988ea655889c.png differ diff --git a/static/articles/wechat2md-81230b6e71ef679a9efeb4312369ac63.png b/static/articles/wechat2md-81230b6e71ef679a9efeb4312369ac63.png new file mode 100644 index 000000000..6e470cb8a Binary files /dev/null and b/static/articles/wechat2md-81230b6e71ef679a9efeb4312369ac63.png differ diff --git a/static/articles/wechat2md-8f1aaea01d4fa3ca6da42ff5dc2a7c07.png b/static/articles/wechat2md-8f1aaea01d4fa3ca6da42ff5dc2a7c07.png new file mode 100644 index 000000000..580ffaf75 Binary files /dev/null and b/static/articles/wechat2md-8f1aaea01d4fa3ca6da42ff5dc2a7c07.png differ diff --git a/static/articles/wechat2md-913805fd14fa40dce649093a98cc97b2.png b/static/articles/wechat2md-913805fd14fa40dce649093a98cc97b2.png new file mode 100644 index 000000000..83da47293 Binary files /dev/null and b/static/articles/wechat2md-913805fd14fa40dce649093a98cc97b2.png differ diff --git a/static/articles/wechat2md-94dca69ebf7899b3c0e4f01624fb439d.jpeg b/static/articles/wechat2md-94dca69ebf7899b3c0e4f01624fb439d.jpeg new file mode 100644 index 000000000..fa3a18ef3 Binary files /dev/null and b/static/articles/wechat2md-94dca69ebf7899b3c0e4f01624fb439d.jpeg differ diff --git a/static/articles/wechat2md-9810c7fbb5a05d80dc3c813c0baa6926.png b/static/articles/wechat2md-9810c7fbb5a05d80dc3c813c0baa6926.png new file mode 100644 index 000000000..dbcf7ba10 Binary files /dev/null and b/static/articles/wechat2md-9810c7fbb5a05d80dc3c813c0baa6926.png differ diff --git a/static/articles/wechat2md-98932c26282bb7a1991c9331fbb46e3f.png b/static/articles/wechat2md-98932c26282bb7a1991c9331fbb46e3f.png new file mode 100644 index 000000000..0d12e7779 Binary files /dev/null and b/static/articles/wechat2md-98932c26282bb7a1991c9331fbb46e3f.png differ diff --git a/static/articles/wechat2md-98dacf6ffcc356ff9d5a46ca629b4f34.png b/static/articles/wechat2md-98dacf6ffcc356ff9d5a46ca629b4f34.png new file mode 100644 index 000000000..17634a897 Binary files /dev/null and b/static/articles/wechat2md-98dacf6ffcc356ff9d5a46ca629b4f34.png differ diff --git a/static/articles/wechat2md-9a1fca0d6d160c150f933eaece35e23e.png b/static/articles/wechat2md-9a1fca0d6d160c150f933eaece35e23e.png new file mode 100644 index 000000000..8b38631ab Binary files /dev/null and b/static/articles/wechat2md-9a1fca0d6d160c150f933eaece35e23e.png differ diff --git a/static/articles/wechat2md-9f65f8062cae3ea1c1033691d128b4d5.png b/static/articles/wechat2md-9f65f8062cae3ea1c1033691d128b4d5.png new file mode 100644 index 000000000..92eb5398f Binary files /dev/null and b/static/articles/wechat2md-9f65f8062cae3ea1c1033691d128b4d5.png differ diff --git a/static/articles/wechat2md-9fe05b606658f55a02ca496aafceefca.png b/static/articles/wechat2md-9fe05b606658f55a02ca496aafceefca.png new file mode 100644 index 000000000..6f9d3b1c1 Binary files /dev/null and b/static/articles/wechat2md-9fe05b606658f55a02ca496aafceefca.png differ diff --git a/static/articles/wechat2md-a831ff85c3039ea3718dc367db431d28.png b/static/articles/wechat2md-a831ff85c3039ea3718dc367db431d28.png new file mode 100644 index 000000000..7372276bd Binary files /dev/null and b/static/articles/wechat2md-a831ff85c3039ea3718dc367db431d28.png differ diff --git a/static/articles/wechat2md-a93f331e03d4781d13aa42728374e991.png b/static/articles/wechat2md-a93f331e03d4781d13aa42728374e991.png new file mode 100644 index 000000000..76fc83fb8 Binary files /dev/null and b/static/articles/wechat2md-a93f331e03d4781d13aa42728374e991.png differ diff --git a/static/articles/wechat2md-aa1141297007ed5490a5263ecfbbe550.png b/static/articles/wechat2md-aa1141297007ed5490a5263ecfbbe550.png new file mode 100644 index 000000000..0fbdf88bb Binary files /dev/null and b/static/articles/wechat2md-aa1141297007ed5490a5263ecfbbe550.png differ diff --git a/static/articles/wechat2md-aa61d33bccc145da7ede228853cff3e1.png b/static/articles/wechat2md-aa61d33bccc145da7ede228853cff3e1.png new file mode 100644 index 000000000..d93e1ae49 Binary files /dev/null and b/static/articles/wechat2md-aa61d33bccc145da7ede228853cff3e1.png differ diff --git a/static/articles/wechat2md-acb94fc751faa74a7bd55f8bbf868686.png b/static/articles/wechat2md-acb94fc751faa74a7bd55f8bbf868686.png new file mode 100644 index 000000000..8ae16bcb6 Binary files /dev/null and b/static/articles/wechat2md-acb94fc751faa74a7bd55f8bbf868686.png differ diff --git a/static/articles/wechat2md-aff5859e2a52e9f6b3cdb79577b4490b.png b/static/articles/wechat2md-aff5859e2a52e9f6b3cdb79577b4490b.png new file mode 100644 index 000000000..d817928ea Binary files /dev/null and b/static/articles/wechat2md-aff5859e2a52e9f6b3cdb79577b4490b.png differ diff --git a/static/articles/wechat2md-b4fd2ea4f1113cc04b5b41efe587342d.png b/static/articles/wechat2md-b4fd2ea4f1113cc04b5b41efe587342d.png new file mode 100644 index 000000000..785d5cbc8 Binary files /dev/null and b/static/articles/wechat2md-b4fd2ea4f1113cc04b5b41efe587342d.png differ diff --git a/static/articles/wechat2md-b60646245637afb65d5fd4d8b70df681.png b/static/articles/wechat2md-b60646245637afb65d5fd4d8b70df681.png new file mode 100644 index 000000000..40ab645c9 Binary files /dev/null and b/static/articles/wechat2md-b60646245637afb65d5fd4d8b70df681.png differ diff --git a/static/articles/wechat2md-b7b8768eb656293557cadbffc758d9e4.png b/static/articles/wechat2md-b7b8768eb656293557cadbffc758d9e4.png new file mode 100644 index 000000000..5ec50927f Binary files /dev/null and b/static/articles/wechat2md-b7b8768eb656293557cadbffc758d9e4.png differ diff --git a/static/articles/wechat2md-b8b16137585d937c62e015ba908cdcbd.png b/static/articles/wechat2md-b8b16137585d937c62e015ba908cdcbd.png new file mode 100644 index 000000000..0b70f6508 Binary files /dev/null and b/static/articles/wechat2md-b8b16137585d937c62e015ba908cdcbd.png differ diff --git a/static/articles/wechat2md-babc2efe77cb9d8433eb8ecabf620d44.png b/static/articles/wechat2md-babc2efe77cb9d8433eb8ecabf620d44.png new file mode 100644 index 000000000..96f7a2acf Binary files /dev/null and b/static/articles/wechat2md-babc2efe77cb9d8433eb8ecabf620d44.png differ diff --git a/static/articles/wechat2md-bb53cf22379e0f1d33d7c5e79ddd4228.png b/static/articles/wechat2md-bb53cf22379e0f1d33d7c5e79ddd4228.png new file mode 100644 index 000000000..91ad5da40 Binary files /dev/null and b/static/articles/wechat2md-bb53cf22379e0f1d33d7c5e79ddd4228.png differ diff --git a/static/articles/wechat2md-bca0d96cc8f7d2426574daed0c7ecafd.png b/static/articles/wechat2md-bca0d96cc8f7d2426574daed0c7ecafd.png new file mode 100644 index 000000000..53dc11ae0 Binary files /dev/null and b/static/articles/wechat2md-bca0d96cc8f7d2426574daed0c7ecafd.png differ diff --git a/static/articles/wechat2md-be056115ce4cad5a943f713126836d75.png b/static/articles/wechat2md-be056115ce4cad5a943f713126836d75.png new file mode 100644 index 000000000..88c500fa6 Binary files /dev/null and b/static/articles/wechat2md-be056115ce4cad5a943f713126836d75.png differ diff --git a/static/articles/wechat2md-c1f79c63aacd87f977df3ac644e5761f.png b/static/articles/wechat2md-c1f79c63aacd87f977df3ac644e5761f.png new file mode 100644 index 000000000..63ad5e354 Binary files /dev/null and b/static/articles/wechat2md-c1f79c63aacd87f977df3ac644e5761f.png differ diff --git a/static/articles/wechat2md-c3d38c9c921bb07ae8e56fd9dc9044c6.png b/static/articles/wechat2md-c3d38c9c921bb07ae8e56fd9dc9044c6.png new file mode 100644 index 000000000..a13a7be5b Binary files /dev/null and b/static/articles/wechat2md-c3d38c9c921bb07ae8e56fd9dc9044c6.png differ diff --git a/static/articles/wechat2md-c5bc863e61ddf0b6b0b54471ce10926e.png b/static/articles/wechat2md-c5bc863e61ddf0b6b0b54471ce10926e.png new file mode 100644 index 000000000..fa98b575c Binary files /dev/null and b/static/articles/wechat2md-c5bc863e61ddf0b6b0b54471ce10926e.png differ diff --git a/static/articles/wechat2md-c7258f2de9aa6a345e1b6d85b0b672d5.png b/static/articles/wechat2md-c7258f2de9aa6a345e1b6d85b0b672d5.png new file mode 100644 index 000000000..eec8e31c1 Binary files /dev/null and b/static/articles/wechat2md-c7258f2de9aa6a345e1b6d85b0b672d5.png differ diff --git a/static/articles/wechat2md-cc59ae6415624c912ad88dd8ec738f8f.png b/static/articles/wechat2md-cc59ae6415624c912ad88dd8ec738f8f.png new file mode 100644 index 000000000..0f32bc456 Binary files /dev/null and b/static/articles/wechat2md-cc59ae6415624c912ad88dd8ec738f8f.png differ diff --git a/static/articles/wechat2md-cd2cc4afc7fd915eafc2b6c3cea555a4.png b/static/articles/wechat2md-cd2cc4afc7fd915eafc2b6c3cea555a4.png new file mode 100644 index 000000000..aebe0c571 Binary files /dev/null and b/static/articles/wechat2md-cd2cc4afc7fd915eafc2b6c3cea555a4.png differ diff --git a/static/articles/wechat2md-d269b9395db4c0d6ccaf51aae15d6256.png b/static/articles/wechat2md-d269b9395db4c0d6ccaf51aae15d6256.png new file mode 100644 index 000000000..f56e6d7f4 Binary files /dev/null and b/static/articles/wechat2md-d269b9395db4c0d6ccaf51aae15d6256.png differ diff --git a/static/articles/wechat2md-d43aabc6d8fb56f590ef43d0d9789eca.png b/static/articles/wechat2md-d43aabc6d8fb56f590ef43d0d9789eca.png new file mode 100644 index 000000000..553a91e8d Binary files /dev/null and b/static/articles/wechat2md-d43aabc6d8fb56f590ef43d0d9789eca.png differ diff --git a/static/articles/wechat2md-ddf16f1039911f81029b4381e07925e1.png b/static/articles/wechat2md-ddf16f1039911f81029b4381e07925e1.png new file mode 100644 index 000000000..e2506194a Binary files /dev/null and b/static/articles/wechat2md-ddf16f1039911f81029b4381e07925e1.png differ diff --git a/static/articles/wechat2md-e0099c9fb757084b7c3d4bc20bcc2398.png b/static/articles/wechat2md-e0099c9fb757084b7c3d4bc20bcc2398.png new file mode 100644 index 000000000..e70a152a1 Binary files /dev/null and b/static/articles/wechat2md-e0099c9fb757084b7c3d4bc20bcc2398.png differ diff --git a/static/articles/wechat2md-e27f181afab58dea2596269e90db2e85.png b/static/articles/wechat2md-e27f181afab58dea2596269e90db2e85.png new file mode 100644 index 000000000..b7e4d4b9b Binary files /dev/null and b/static/articles/wechat2md-e27f181afab58dea2596269e90db2e85.png differ diff --git a/static/articles/wechat2md-e42c940c641f19f1a7facaa5846656b5.png b/static/articles/wechat2md-e42c940c641f19f1a7facaa5846656b5.png new file mode 100644 index 000000000..30d331b2d Binary files /dev/null and b/static/articles/wechat2md-e42c940c641f19f1a7facaa5846656b5.png differ diff --git a/static/articles/wechat2md-e6fe2fb6cc86255049b2ba8d993a96a7.png b/static/articles/wechat2md-e6fe2fb6cc86255049b2ba8d993a96a7.png new file mode 100644 index 000000000..51a53c981 Binary files /dev/null and b/static/articles/wechat2md-e6fe2fb6cc86255049b2ba8d993a96a7.png differ diff --git a/static/articles/wechat2md-ebe23df29491b7cec345f26b5f5e29d3.png b/static/articles/wechat2md-ebe23df29491b7cec345f26b5f5e29d3.png new file mode 100644 index 000000000..868cf9f6a Binary files /dev/null and b/static/articles/wechat2md-ebe23df29491b7cec345f26b5f5e29d3.png differ diff --git a/static/articles/wechat2md-f1b2e0388a2f03ef1566973c06848d57.png b/static/articles/wechat2md-f1b2e0388a2f03ef1566973c06848d57.png new file mode 100644 index 000000000..44e5e7275 Binary files /dev/null and b/static/articles/wechat2md-f1b2e0388a2f03ef1566973c06848d57.png differ diff --git a/static/articles/wechat2md-f449c4ddfa6b3c48c868fc5c880bb625.jpeg b/static/articles/wechat2md-f449c4ddfa6b3c48c868fc5c880bb625.jpeg new file mode 100644 index 000000000..213dd2220 Binary files /dev/null and b/static/articles/wechat2md-f449c4ddfa6b3c48c868fc5c880bb625.jpeg differ diff --git a/static/articles/wechat2md-f5b088e2dfd6190597b9696a177cab58.png b/static/articles/wechat2md-f5b088e2dfd6190597b9696a177cab58.png new file mode 100644 index 000000000..06da92c6c Binary files /dev/null and b/static/articles/wechat2md-f5b088e2dfd6190597b9696a177cab58.png differ diff --git a/static/articles/wechat2md-f621828bf5430c233882a6dd3f300e78.png b/static/articles/wechat2md-f621828bf5430c233882a6dd3f300e78.png new file mode 100644 index 000000000..c1b1e4242 Binary files /dev/null and b/static/articles/wechat2md-f621828bf5430c233882a6dd3f300e78.png differ diff --git a/static/articles/wechat2md-f933d85b578090be8ecbd16adea56dcd.png b/static/articles/wechat2md-f933d85b578090be8ecbd16adea56dcd.png new file mode 100644 index 000000000..6e132643d Binary files /dev/null and b/static/articles/wechat2md-f933d85b578090be8ecbd16adea56dcd.png differ diff --git a/static/articles/wechat2md-faf116a15689a391bbda8138795acf64.png b/static/articles/wechat2md-faf116a15689a391bbda8138795acf64.png new file mode 100644 index 000000000..8e09597b7 Binary files /dev/null and b/static/articles/wechat2md-faf116a15689a391bbda8138795acf64.png differ