반응형 전체 글992 babycrypto1 풀이 #!/usr/bin/env python from base64 import b64decode from base64 import b64encode import socket import multiprocessing from Crypto.Cipher import AES from Crypto.Random import get_random_bytes from Crypto.Util.Padding import pad, unpad import hashlib import sys class AESCipher: def __init__(self, key): self.key = key def encrypt(self, data): iv = get_random_bytes(AES.block_size) self.cipher = AE.. 2021. 3. 22. baby sqli 풀이 Welcome, {{name}}! {% if name == 'admin' %} zer0pts{*****CENSORED*****} {% else %} No flag for you :( {% endif %} 해당 페이지에 admin 으로 로그인을 하면 flag를 알려준다. @app.route('/login', methods=['post']) def auth(): username = flask.request.form.get('username', default='', type=str) password = flask.request.form.get('password', default='', type=str) if len(username) > 32 or len(password) > 32: flask.sessio.. 2021. 3. 12. GuestFS:AFR 풀이 /* Create a symbolic link */ @symlink($target, $this->root.$name); /* This check ensures $target points to inside user-space */ try { $this->validate_filepath(@readlink($this->root.$name)); } catch(Exception $e) { /* Revert changes */ @unlink($this->root.$name); throw $e; } } } function validate_filepath($path) { if (strpos($path, "/") === 0) { throw new Exception('invalid filepath (absolute .. 2021. 3. 12. OneShot 파일 정보 $ file chall chall: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=7cf51550bee6566a6972d12ba047bbebef778f7e, not stripped $ pwn checksec chall [*] '/home/user/바탕화면/zer0ptf/oneshot/chall' Arch: amd64-64-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x400000).. 2021. 3. 12. stopwatch 파일정보 $ file chall chall: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=671697b357d39525a86658e92e5aa52b783012ff, not stripped $ pwn checksec chall [*] '/root/stopwatch/chall' Arch: amd64-64-little RELRO: Partial RELRO Stack: Canary found NX: NX enabled PIE: No PIE (0x400000) 코드 #include #includ.. 2021. 3. 12. Not Beginner's Stack 파일 정보 $ file chall chall: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped $ pwn checksec chall Arch: amd64-64-little RELRO: No RELRO Stack: No canary found NX: NX disabled PIE: No PIE (0x400000) RWX: Has RWX segments 코드 global _start section .text %macro call 1 ;; __stack_shadow[__stack_depth++] = return_address; mov ecx, [__stack_depth] mov qword [__stack_sh.. 2021. 3. 12. 이전 1 ··· 148 149 150 151 152 153 154 ··· 166 다음 반응형
