2021 ciscn online pwn silverwolf
It's obviously all green.
add Only one chunk can be controlled, and the size is limited.
edit End with enter. There is an off by null.
show Just output.
free There's a uaf.
In fact, compared with lonelywolf, it just opens a sandbox.
From the whole point of view, that index is the kind to tease you. libc gave 2.27 at that time, but it wa ...
Posted by rubberjohn on Sun, 19 Dec 2021 18:26:40 +0100
Introduction to kernel pwn ciscn2017_babydrive UAF
The first time to start the kernel problem depends on the reproduction of fmyy master's blog. After the reproduction, I have a general understanding of the use of uaf in the kernel. Problem solving steps: 1. Write a blog with a short talk. The topic gives us a compressed package and decompresses it. It is found that there is no vmlinux. Therefo ...
Posted by vimukthi on Sat, 18 Dec 2021 17:00:39 +0100
Establishment of linux kernel file system
Role of file system
1. Is a directory for disk management 2. Is the way to operate all hardware devices in linux 3. Functional mechanism of the system
File system is also called application program. Writing application program should not only exist in the file system, but also use many functions of the file system. Most embedded companies are ...
Posted by crowezr on Fri, 17 Dec 2021 15:03:37 +0100
Directory operation and file operation of Linux kernel file system
namei.c 1. Through nameI C continue to be familiar with the workflow and mode of file system inode dir_ Entry (file entry structure)
dir_ The entry structure has two elements File name file inode number
2. By interpreting the actual process of the source code, we know the implementation method of directory operation, file operation and link o ...
Posted by sciwaysoft on Fri, 17 Dec 2021 08:50:30 +0100
SQL lab shooting range explanation
sql injection is
When the user enters some sql statements that are not the user name or password
These statements are not filtered
After execution, the injector obtains the information of the database through echo and other methods
Water has been used for several days for visual studio 2022 and windows 11, so this article is a little ...
Posted by not_john on Thu, 16 Dec 2021 15:23:39 +0100
Ganwangbei 2021 CTF---Misc&WebWriteup
preface
How to evaluate the 2021 dai Lian cup?, My evaluation is "immortals fight, mortals suffer".
Misc
Misc1-decodemaster
After getting the title, open the word file and find that it is a string of random codes with the font of Wingdings 2 Modify the font and find that the font can be displayed normally when it is in bold ( ...
Posted by 9902468 on Tue, 07 Dec 2021 10:46:33 +0100
[Tryhackme] Blueprint(RCE attack)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Posted by fiddler80 on Wed, 17 Nov 2021 12:18:16 +0100
##In October 2021, Guangdong strong net cup, CRYPTO's RSA AND BASE?
In October 2021, Guangdong strong net cup, CRYPTO's RSA AND BASE?
Download the attachment, which is a txt file. Open it and find the RSA ciphertext and a codec table similar to base32, which also conforms to the hint of the title:
. . As usual, use CTF-RSA-TOOL to run the RSA problem and find that it can run out: . . This should be the flag ...
Posted by LostNights on Thu, 14 Oct 2021 01:52:57 +0200
2021 Great Wall Cup _MISC_ "Are you flag cooked"_Reproduction
Direct decompression of "flag.rar" found that there was a password, and the 4-6-bit password exploded unsuccessfully, indicating that the password was obtained from two other PNG pictures.
Directly take all pictures out of binwalk and break them down (binwalk-e 1.png), (binwalk-e 2.png)
Get a "password.xls" file and a &q ...
Posted by zechdc on Tue, 21 Sep 2021 18:34:07 +0200
ctfshow deserialization
web254
if($user->login($username,$password)){
if($user->checkVip()){
$user->vipOneKeyGetFlag();
}
Judge whether the entered username and password are equal to the xxxxxx given by the title. If the verification is successful, it will be given to the flag, so get the parameters directly
?username=xxxxxx&am ...
Posted by backyard on Tue, 14 Sep 2021 21:39:52 +0200