UNCTF2021 partial writeup

Misc Simple log audit Before updating the attachment, the flag was in the description. The update was put in the attachment at 18:00 p.m. on November 29 In short, there are three base64 strings in total. You can see the flag after decryption. Do you want to / forget the flag UNCTF{CTF?YouShouJiuXing} telecommunication fraud Variant Caesa ...

Posted on Mon, 06 Dec 2021 22:59:08 -0500 by danago

[Introduction to IOV Security]2. Common ADB commands for Android security

Welcome new students ... ... If a man has no name, he can concentrate on sword practice I am not a salty fish, but a dead one! 0x01 ADB command (primary) View active information for the current application adb shell dumpsys activity top # Print out the four components that run all applications in the system adb shell dumpsys >> in ...

Posted on Sat, 20 Nov 2021 22:26:05 -0500 by tazgalsinh

Final review of fundamentals of information security Mathematics (cryptography)

Final review of fundamentals of information security Mathematics: Chapter 1: 1. Find all prime numbers within 100 100 2 3 5 7 11 13 17 19 23 29 31 37 41 43 47 53 59 61 67 71 73 79 83 89 97 2. Solve GCD (45100) gcd(45,100)=5 100=45*2+10 45=10*4+5 10=5*2+0 3. Find the maximum common divisor of 963657 and express it as the linear combinati ...

Posted on Wed, 17 Nov 2021 23:17:48 -0500 by eightFX

Summary of several postures of command execution in PHP

Command execution is one of the common methods in web attacks. In PHP, you can call the following functions to realize command execution, such as 1,exec() The exec function is rarely used, mainly because the default return value of the function is the last line of the execution result, and there will not be all the execution results. If you w ...

Posted on Sat, 06 Nov 2021 23:35:51 -0400 by kester

[PHP code audit] XSS vulnerability

Welcome new students ... ... If you are nameless, you can concentrate on practicing sword I am not a salted fish, but a dead fish! preface XSS vulnerability is one of the most common vulnerabilities in Web applications. Most sites of small companies on the Internet may not have fixed methods to prevent XSS vulnerabilities, so XSS vulner ...

Posted on Wed, 29 Sep 2021 20:41:45 -0400 by depsipher

[PHP code audit] PHP function

Welcome new students ... ... If you are nameless, you can concentrate on practicing sword I am not a salted fish, but a dead fish! User defined function definition A function can be defined by the following syntax: <?php function foo($arg1, ..., $argn) { //do something return $retval; } Naming conventions The naming rules ...

Posted on Mon, 27 Sep 2021 22:10:48 -0400 by cornercuttinjoe

[XD Learning Notes 8]: Architecture, Build, WAF, etc.

Preamble description In security testing, information collection is a very important link. The information in this link will affect the subsequent probability of success. The amount of information you have will determine the size of the opportunity to discover vulnerabilities, in other words, whether you can complete the testing task of the ta ...

Posted on Sun, 12 Sep 2021 22:24:12 -0400 by jtrost

Magic 010Editor Template Recognizes Pseudo Encryption

When talking about pseudo-encryption, "Geek Compression" can be used to ignore pseudo-encryption, open the compression package directly, and there are so good tools to download it, but the velvet reports virus directly, and persuade me directly. Later I saw Baidu Dalao's analysis of software on the Internet. Bamboo Bug: Backdoor hi ...

Posted on Thu, 09 Sep 2021 13:16:03 -0400 by Stevis2002