| defmodule Utils do | |
| def fix(f, x) do | |
| f.(&(fix(f, &1)), x) | |
| end | |
| def fix(f) do | |
| fn x -> | |
| fix(f, x) | |
| end | |
| end |
| {-# LANGUAGE FlexibleInstances, IncoherentInstances #-} | |
| import Control.Monad | |
| data Id a = Id a | |
| deriving Show | |
| instance Monad Id where | |
| (Id x) >>= f = f x | |
| return = Id |
| #!/usr/bin/env ruby | |
| require 'canal' | |
| if ARGV.empty? | |
| puts %q{usage: hexdump [hex hex hex ...]} | |
| else | |
| puts ARGV.map(&canal.chars | |
| .each_slice(2) | |
| .to_a |
| http://login2.chal.mmactf.link/ | Web | 200 points |
|---|
This challenge, at first, didn't seem vulnerable. Using the test credentials that were provided, we see that a random token is assigned to the user in a cookie named ss.
I finally stumbled onto something interesting when I submited a request the cookie ss present but with an empty value.
$ curl "http://login2.chal.mmactf.link/" --cookie "ss="
Experimental Mongo support for ActiveRecord.
Here is an instructional video:
| var http = require('http'); | |
| var url = require('url'); | |
| var Router = function(){ | |
| this.routes = {}; | |
| return this; | |
| }; | |
| Router.prototype.addRoute = function(route){ | |
| this.routes[route.name] = route; |
| <?php | |
| set_time_limit (0); | |
| $address = '127.0.0.1'; | |
| $port = intval($argv[1]); // php server.php 3000 | |
| $sock = socket_create(AF_INET, SOCK_STREAM, 0); | |
| try { |
| alias airport=/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport | |
| if [ `airport -I|grep -c FXG` -eq "1" ]; then | |
| export http_proxy="proxy.cegep-fxg.qc.ca:80" | |
| fi |
| print$ARGV[0]=~s/(\w\W*\w)/ucfirst$1/egr; |
| PVector[] stars; | |
| int startsCount = 700; | |
| float z = 0; | |
| void setup() | |
| { | |
| int i; | |
| size(800, 450, P3D); | |
| noFill(); |
