libc_delta =0x1E3C00# 由 heap内地址 - libc基地址 算出的偏移量,动态调试获得 然后便可以泄露程序内的地址,算出libc此次的基地址,然后算出free_hook的地址(蒟蒻做的时候没想起来有个 backdoor,用system做的不过大差不差,写WP的时候才发现的): show(1)# 泄露 libc 地址libc_base = uu64()-1- libc_...
BuildCTF部分题目wp 队员:sorin EZ_ZIP 010查找分析发现压缩包,使用foremost分离 疑似套娃压缩包,使用开源软件extractnow或者脚本都可以批量压缩,这里使用extractnow 得到flag HEX的秘密 16进制每两位截取一次转10进制,对比Build的前几个字符的ascll码发现多了128,脚本如下: def hex_str(str):#对字符串进行切片操作,每...
$value))die('不可以哦!');}}if($Build!=$CTF&&md5($Build)==md5($CTF)){if(md5($_POST['Build_CTF.com'])=="3e41f780146b6c246cd49dd296a3da28"){echo$flag;}elsedie
Online project hosting using Git. Includes source-code browser, in-line editing, wikis, and ticketing. Free for public open-source code. Commercial closed source ...
integrity sha512-whLdWMYL2TwI08hn8/ZqAbrVemu0LNaNNJZX73O6qaIdCTfXutsLhMkjdENX0qhsQ9uIimo4/aQOmXkoon2nDQ== pathval@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/pathval/-/pathval-1.1.1.tgz#8534e77a77ce7ac5a2512ea21e0fdb8fcf6c3d8d" integrity sha512-Dp6zGqpTdET...
crewCTF-4ES:2024-TFCCTF&crewCTF-wp-crypto | 糖醋小鸡块的blog (tangcuxiaojikuai.xyz) fromhashlibimportsha256 fromCrypto.CipherimportAES importitertools cipher =b'\xb9q\x04\xa3<\xf0\x11-\xe9\xfbo:\x9aQn\x81' enc_flag =b'q\xcf\x08$%\xb0\x86\xee\x1a(b\x7f\xf8\x86\xbd\xd0...
import time from flask import Flask, render_template, redirect, url_for, session, request from datetime import datetime app = Flask(__name__) app.secret_key = 'BuildCTF' CURRENT_DATE = datetime(2024, 9, 30) users = { 'admin': { 'password': 'admin', 'signins': {}, 'supplement_...
24 24 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= 25 25 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= 26 26 github.com/armon/go-socks5...
528 + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 468 529 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 469 530 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=...
ak梦破碎++; WP ez!http HTTP头伪造 修改post-data:user=root 修改Referer: blog.buildctf.vip 修改User-Agent: buildctf 修改X-Forwarded-For: 127.0.0.1 修改Date:2042.99.99 修