Author:颖奇L'Amore Blog:www.gem-love.com 近日在参加🇺🇸ångstromCTF 2020时做了一个比较好的Node.js的题目 名称:A Peculiar Query 链接:https://peculiarquery.2020.chall.actf.co/ 考点:Node.js代码审计、类型混淆污染、SQLi 难…
Author:颖奇L'Amore Blog:www.gem-love.com 是周末的比赛,这个周末同时进行了b01lers/confidence/angstorm/susec这四场比赛,这个比赛没怎么看,就做了一道solves最多的web题目,但是质量还挺高的 等其他题目wp出来后,复现一下,如果有比较好的题目再更新上来 web 0 题目链接:h…
Author:颖奇L'Amore Blog:www.gem-love.com This CTF made me learn a new XSS+SSRF trick, thanks for p4 team. WEB - My Cats HAI! WANNA SEE MAI KATZ? OR MAYBE YOU WANNA SEE SOM FLAG?…
Author:颖奇L'Amore Blog:www.gem-love.com Welcome to Earth 直接访问,还没来得及看就直接跳转到die了,所以burp抓包看下源码: <!DOCTYPE html> <html> <head> <title>Welcome to Earth</t…
Author:颖奇L'Amore Blog:www.gem-love.com 比赛地址:https://2020.angstromctf.com/ WEB The Magic Word 考点:inspect element 打开之后是个单页面,查看元素发现如下代码: var msg = document.getElementById("magic"…
Author:颖奇L'Amore Blog:www.gem-love.com 日本的比赛,比赛时间和XCTF完美重合,XCTF就全程自闭,这个比赛也全程自闭 Can you guess it? (338pt) 这题挺好玩的,上来就可以得到源码: <?php include 'config.php'; // FLAG is defined in…
Author:颖奇L'Amore Blog:www.gem-love.com 被Nepnep带躺两天,师傅们都tttttttttttql 有俩题还没来得及写wp 环境没了 算了 happyvacation | 16solved 571pt 考点一、GIT泄露 扫出来/.git目录,一键githack得到源码 考点二、代码审计 1.customli…
Author: 颖奇L'Amore Blog: www.gem-love.com 搞了一星期神经网络,终于可以歇一下了,做两道题放松放松 EasySQL 万能密码一键登录 'or 1=1# 'or 1=1# 即可得到flag LovelySQL 依然可以用万能密码登录,得到: Hello admin! Your password is 'c6655…
Author:颖奇L’Amore Blog:www.gem-love.com 第一天wp: https://www.gem-love.com/ctf/1669.html 第二天wp: https://www.gem-love.com/ctf/1782.html Flaskapp 考点:SSTI+Flask PIN 预备知识:Flask debug …
Author:颖奇L’Amore Blog:www.gem-love.com
第一天wp: https://www.gem-love.com/ctf/1669.html
第三天wp: https://www.gem-love.com/ctf/1785.html
blacklist 考点:堆叠注入+handler代替select 这题是强网杯随便注改的,但是另外ban掉了强网杯payload的RENAME和ALTER。 查表:1'; show tables;#