[CTF Question NO.00008] mini-LCTF 2021 official write up by arttnba3

0x00. Introduction I'm glad to have worked out this minilCTF 2021 with RX and other coaches of the association. Although there are only two simple questions 233333, I hope you like it. Point below to see the solution👇 0x01.Baby Repeater - fmtstr + got hijack Expected to leak libc and program lUTF-8...

Posted by irving on Sat, 15 May 2021 01:39:44 +0930

Linux basic knowledge of network security

1. Please describe the three elements of communication between hosts in TCP/IP protocol ip Address subnet mask ip route +wx: machinegunjoe666 Free access to information 2. Please describe the classification of IP address and the range of each category A 1-127 B 128-19 C 192-223 D 224-239((multUTF-8...

Posted by capella07 on Wed, 16 Jun 2021 04:49:30 +0930

Penetration testing knowledge points

Penetration testing knowledge points Fundamentals 1. What do you think you should do when you get a station to be tested 1,whois http://whois.chinaz.com/ 2,Website source ip http://ip.tool.chinaz.com/ 3,Secondary domain name Scanner 4,C Segment website cScan.py phpinfo.me/bing.php 5,Server versUTF-8...

Posted by crucialnet on Sat, 19 Jun 2021 06:19:10 +0930

Programming realization of SM3 algorithm

Programming realization of SM3 algorithm [Objective] 1. Understand the calculation principle and characteristics of Hash function; 2. Understand the principle of SM3 algorithm; 3. Understand the generation process of SM3 value. [experimental environment] windows virtual machine Open SM3.dsw inUTF-8...

Posted by altis88 on Sun, 20 Jun 2021 04:40:26 +0930

Programming implementation of DSA signature

[Objective] 1. Understand DSS standard; 2. Understand the principle of DSA digital signature; 3. Verification of DSA signature and signature verification process. [experimental environment] windows virtual machine. Open DSAsign.dsw in the directory of C: / / program files / Microsoft Visual StUTF-8...

Posted by Kaizard on Sun, 20 Jun 2021 07:50:27 +0930

pwntools, the pwn tool of binary Security Foundation

Author: ZERO-A-ONEDate: 2021-06-24 1, Deeply understand the use of pwntools 1.1 common modules of pwntools asm: assembly and disassemblydynelf: remote symbol leakelf: elf file operationgdb: start gdb debuggingshellcraft: the generator of shellcodecyclic pattern: offset character calculationprocUTF-8...

Posted by eits on Fri, 25 Jun 2021 07:09:18 +0930

First contact penetration test

preface: The author of this paper received an authorized penetration test task, and needed to test the security of the app back-end server with an app as the entrance. Stage 1: IOS prison break After getting the corresponding authorization and downloading the specified app, we found that thereUTF-8...

Posted by jfourman on Thu, 08 Jul 2021 05:25:47 +0930

ctfshow 2021/7/9-10 eat chicken cup 6 questions

The group leader said to make a simple topic. Let's make it a little easier Convert c to string directly from libnum import * print(n2s(753942433466370960362245139417326604948003139322030944590231931050473628736586045113275203662233955415979961176832868679282875095255126864786316054777423793495UTF-8...

Posted by melkara on Sun, 11 Jul 2021 04:39:42 +0930

In a word, how to realize the Trojan horse? I'll show you now

preface For a long time, the Java Trojan horse has been implemented by entering the bytecode defineClass. The advantage of this method is that it can completely enter a class and realize almost all functions in Java. The disadvantage is that the Payload is too large and not as easy to modify asUTF-8...

Posted by smarlowe on Sat, 31 Jul 2021 06:39:07 +0930

[security vulnerabilities] the recent ProxyShell utilization chain is briefly analyzed and reproduced

preface Recently, some researchers announced three ways to use their attack chain against Microsoft's Exchange service. Although Microsoft officially issued a patch, many users ignored it for various reasons, resulting in many vulnerable services still exposed to the public network. This paper UTF-8...

Posted by monstro on Sat, 18 Dec 2021 20:21:47 +1030