Linectf 2022

Author: nkpv

August undefined, 2024

Nettet跟著隊伍 Water Paddler 一起參加了 LINE CTF 2024，在隊友的 carry 之下拿了第七名，這次只有一題有幫上一點忙，其他都被隊友解掉或是卡死。這篇簡單記一下每一題的解 … Nettetmy personal blog. Contribute to Z3ratu1/Z3ratu1.github.io development by creating an account on GitHub.

LINE CTF 2024 - Chovid99

Nettet26. mar. 2024 · 指定したURLからページを取得するAPIと、内部からしか叩けないフラグを取得するAPIがあるという良くある問題。. /flag/ はフラグを返すが、リモートのIPアドレスが127.0.0.1でないとエラーになる。. /curl/ は指定したURLからページを取得して返す。. ClientIP () が127 ... Nettet27. mar. 2024 · CTF writeups, gotm. Leak the secret_key using SSTI and modify JWT token to get flag micatholicconference.org

CTFtime.org / LINE CTF 2024 / gotm / Writeup

Nettetはじめに. LINE CTF 2024 はLINEが主催するCTF (Capture The Flag) 大会で、3月24日から3月25日までの24時間にわたって開催されました。. その中で出題された問題の1つに、MementoというWeb問題があり、私はその作問を担当しました。. この問題は、JavaのThreadLocal変数の未 ... NettetName: LINE CTF 2024. Schedule: March 25, 2024, 09:00 AM ~ March 26, 2024, 09:00 AM (UTC+9) Style: Jeopardy-style (Team Competition @ Online) Organizer: Security team … Nettet27. mar. 2024 · LINE CTF 2024 - call-of-fake Call Call Call!? nc 34.146.170.115 10001. Environment: Ubuntu20.04 … micathegr8

Line CTF 2024 - hackatris kileak

Nettet20. mar. 2024 · We can see that there is some base64 at the end. When we decrypt that, we get something readble. Place that in the flag format and BINGO. # decrypt the b64 at the end and put it in the flag format afterwards m = "Q0xPU0lORyBUSEUgRElTVEFOQ0UuCg==" print(b64decode(m)) # LINECTF … Nettet14. mai 2024 · Raw LINE CTF 2024 - title todo.md Lazy loading images + Scroll to Text Fragment XSLeak. With Water Paddler. We can upload images, make "notes" … micathel boer goatsNettet27. mar. 2024 · Though we’re not really interested in calling addTag, addTwiceTag has the side-effect of setting rsi to this+1, giving us control over rsi itself.. We can now chain addTwiceTag to set rsi and then call set to execute a memcpy with all arguments controlled. But for now, we can only copy existing stuff from a known address to … micathermic heater pros cons

"Nettet27. mar. 2024 · LINE CTF 2024 筆記. 跟著隊伍 Water Paddler 一起參加了 LINE CTF 2024，在隊友的 carry 之下拿了第七名，這次只有一題有幫上一點忙，其他都被隊友解 … " - Linectf 2022

Linectf 2022

Nettet27. mar. 2024 · LINE CTF 2024 筆記. 2024年3月27日 Security. 今年 Water Paddler 拿了第二名，總共 9 題 web 解掉了 8 題（我貢獻了 2 題），整體 web 的難度我覺得去年似乎比較難，今年比的人似乎也比較少一點。. 話說最近我發現自己的 writeup 筆記沒有以前這麼多了，其中一個原因是最近 ... NettetLINE CTF 2024 is a CTF competition organized by the security team at LINE. Comming soon :) Overview. CTF Name: LINE CTF 2024Schedule: TBDCTF Style: Jeopardy-style …

Did you know?

Nettet29. mar. 2024 · LINE CTF 2024 Writeup. CTF writeup. この大会は2024/3/19 19:30 ( JST )～2024/3/21 19:30 ( JST )に開催されました。. 今回もチームで参戦。. 結果は484点 … Nettet29. mar. 2024 · この大会は2024/3/20 9:00(JST)～2024/3/21 9:00(JST)に開催されました。今回もチームで参戦。結果は200点で297チーム中49位でした。自分で解けた問題をWriteupとして書いておきます。 Welcome () 問題に記載のURLにアクセスしたら、フラグが表示された。 LINECTF{welcome_to_linectf} babycrypto1 (CRY) $ nc …

Nettet28. mar. 2024 · 블로그 내 검색. line ctf 2024. 2024. 3. 28. 22:46 Nettet29. mar. 2024 · CTF Writeup: Memento from LineCTF 2024. Over the weekend I participated in LineCTF 2024. This was a really fun CTF with lots of great web challenges. Often web challenges in CTFs are either really contrived, really guessy or really easy. It was nice to see a CTF with a large number of high quality web challenges that were …

Nettet27. mar. 2024 · LINECTF{watcha_kn0w_ab0ut_r0ll1ng_d0wn_1n_th3_d33p} Thoughts This is not a particularly hard reversing challenge, but it sheds light on the interesting … Nettet27. mar. 2024 · LINE CTF 2024 March 27, 2024 I really enjoyed the web challenges at the LINE CTF 2024, we managed to solve all of them except for me7-ball. We did pretty …

NettetCTF writeups, diveinternal. # diveinternal - LineCTF - Category: Web - Points: 50 - Solves: 65 - Solved by: SM_SC2, Iregon, raff01

Nettet但这里对 & 和. 做了限制。. 如果不存在对 & 的过滤，我们可以传入第二个参数，在构造path时 "".join (request.query_params.keys ()) 会将两个参数的key直接拼接在一起，而第二个参数是可以传入urlencde的. 的，这就为目录穿越提供了机会。. 而事实上，此处可以使用; … micathermic space heaters at lowesNettet26. mar. 2024 · LINE CTF 2024 Writeup I participated in LINE CTF 2024 as a member of Wani Hackase, and solved four crypto challenges. ss-puzzle Just play an XOR puzzle … micatholicNettet15. apr. 2024 · lineCTF 复现WriteUp Gotm， is_admin == true就给flag，需要伪造token，需要秘钥才行再往下看，经典SSTI 如果能控制acc也就是id为{{.}}，就能得到这三个的值，然后id可控，直接打就行了接下来思路就很简单了，先注册一个id为{{.}}的用户： is_admin == true就给flag，需要伪造token，需要秘钥才行再往下看，经典 ... mica thicknessNettet14. mai 2024 · LINE CTF 2024 - title todo.md. Lazy loading images + Scroll to Text Fragment XSLeak. With Water Paddler. We can upload images, make "notes" containing this image and a title, and share this "notes" with an authed bot displaying the flag in its footer. This is how the above note would be displayed to the admin: how to catch moltres pokemon goNettet26. mar. 2024 · This is the responsible function that generates the text on the tiles. Turns out, the hex string on the tiles are a leak. Based on that function, the get_bleak the possible value that we can leak from the tiles are:. system libc address (if the rand result is 0).; canary value (if the rand() result is 1, because if v1 = 1, v2+1 is v3, which is canary). how to catch moreton bay bugsNettetWelcome to LINECTF 2024! Flag is LINECTF{welcome_to_LINECTF2024} LINECTF{welcome_to_LINECTF2024} ecrypt (pwn, misc) ... 先頭8バイトがLINECTF{ … mica the walking deadNettet28. mar. 2024 · 1. 看到这段代码不难联想到P神的博客我是如何利用环境变量注入执行任意命令. 题目给了一个docker用于本地搭建环境，可以发现题目用的系统环境为debian。. 在debian系操作系统中，sh指向dash；在centos系操作系统中，sh指向bash。. 由于p神在文章中探究的解决方法是 ... how to catch monkey story