UNCTF2021 partial writeup
Misc
Simple log audit
Before updating the attachment, the flag was in the description. The update was put in the attachment at 18:00 p.m. on November 29
In short, there are three base64 strings in total. You can see the flag after decryption. Do you want to / forget the flag
UNCTF{CTF?YouShouJiuXing}
telecommunication fraud
Variant Caesa ...
Posted on Mon, 06 Dec 2021 22:59:08 -0500 by danago
[pwn] 2021 geek challenge (part)
[pwn] 2021 geek challenge (part)
1,pwn777
0x1
How to say, this problem is to write rop chain with fmt.
But it's also the first time to see this kind of fmt, which can be regarded as a new question type.
0x2
We open IDA for reverse analysis
Just the two main functions, let me be the first level and the second level
First enter the ga ...
Posted on Mon, 29 Nov 2021 01:09:07 -0500 by jasonhardwick
PHP deserialization
0x00 Preface
I recently reviewed what I learned before. I feel that I have a deeper understanding of PHP deserialization, so I summarize here
0x01 serialize() function
"All values in php can be represented by a string containing a byte stream using the function serialize(). Serializing an object will save all variables of the object, bu ...
Posted on Sat, 20 Nov 2021 17:01:23 -0500 by BrianM
2021 geek challenge WP collection
WP comes from the network security community of Qilu Normal University Pay attention to the official account to receive more latest safety messages.
WEB
Dark
When you look at the url, the standard dark net domain name at the end of the onion
Use the onion browser to access and view the html code
Welcome2021
Prompt at the beginning ...
Posted on Sat, 20 Nov 2021 05:37:23 -0500 by nrg_alpha
2021 Yangcheng cup CTF wp
1. Sign in
The point of comparison is that "let's see * * *" is 17. It took a long time to guess 28-08-30-07-04-20-02-17-23-01-12-19 Get flag SangFor{d93b7da38d89c19f481e710ef1b3558b}
2.BabyRop
I haven't done pwn it for ten thousand years. I took a look in order to cheat some points.
Stack overflow in fgetsNo cannery protectionThe ...
Posted on Fri, 19 Nov 2021 23:36:54 -0500 by imnu
2021 Longyuan anti epidemic WriteUp
I hope the epidemic will end soon
Note: the * is played after the game
Always wp wait for the legend of Nanshen to post the team wp link
Misc
soEasyCheckin
base32, but there is a problem. The countdown appears 0 $, 0 – > O, $- > s, and a string of hex is obtained. As a result, there was another problem with hex, specifically ...
Posted on Mon, 08 Nov 2021 03:14:49 -0500 by rawb
2021 National College Students' network security Invitational Competition and the 7th "Donghua Cup" Shanghai college students' network security competition Writeup
2021 national college student network security Invitational Competition and the 7th "Donghua Cup" Shanghai University grid competition Writeup
Misc
checkin
The title gives + agyababhagcaewbkagagaygbfadcadaboah0 - UTF-7 encoding and decoding to get the flag
flag is:
flag{dhb_7th}
project
Download the attachment. After decompr ...
Posted on Sun, 31 Oct 2021 19:52:34 -0400 by Akira
write up -- Buu magicheap
brief introduction
buu on the problem, focus on the practice of heap problem-solving ideas.
The attachment is a 64 bit small end executable program
Let's take a direct ida analysis
This is the specific logic of the main function. It is a very obvious menu topic. Generally, first look at the option of applying for heap blocks, and then look a ...
Posted on Sat, 30 Oct 2021 11:03:18 -0400 by next
[RoarCTF 2019]Online Proxy - secondary injection, you again?
preface
It's really a time of trouble recently. For the first time, classes that usually don't leave homework have left homework recently. Recently, the rhythm of doing questions has been disrupted. Alas, I'm speechless. Later, I want to write an article about flash. I don't know when I will have a chance. Now I'd better focus on sql injection ...
Posted on Sat, 30 Oct 2021 09:40:54 -0400 by johng
bilibili 2021 1024 programmer's day security attack and defense challenge
Title address: https://www.bilibili.com/blackboard/20211024.html
Topic 1
AES decryption, password: happy_1024_2233. The ciphertext is the bottom two lines of characters, which need to be spelled into one line (I really didn't expect this at first!)
Online decryption website: http://tool.chacuo.net/cryptaes
Topic 2
F12, find the hid ...
Posted on Mon, 25 Oct 2021 10:57:29 -0400 by mark123