I hereby claim:
- I am becojo on github.
- I am becojo (https://keybase.io/becojo) on keybase.
- I have a public key ASDdAmE0DZMvcJtrbYQh4avfIgjYG5KNDc-2o4Ug8s3Y4Ao
To claim this, I am signing this object:
// gcc -fno-stack-protector -z execstack overflow.c -o overflow | |
#include <stdio.h> | |
int main(int argc, char *argv[]) { | |
char buf[200]; | |
printf("%p\n", &buf); | |
gets(buf); |
I hereby claim:
To claim this, I am signing this object:
require 'http' | |
charsets = { | |
'[A-M]' => ('A'..'M').to_a, | |
'[N-Z]' => ('N'..'Z').to_a, | |
'[a-m]' => ('a'..'m').to_a, | |
'[n-z]' => ('n'..'z').to_a, | |
'[0-9]' => ('0'..'9').to_a, | |
'[_\-\?!#$%]' => ["_", "-", '\?', '!', '#', '$', '%'] | |
} |
=sum($1) |
print$ARGV[0]=~s/(\w\W*\w)/ucfirst$1/egr; |
http://login2.chal.mmactf.link/ | Web | 200 points |
---|
This challenge, at first, didn't seem vulnerable. Using the test credentials that were provided, we see that a random token is assigned to the user in a cookie named ss
.
I finally stumbled onto something interesting when I submited a request the cookie ss
present but with an empty value.
$ curl "http://login2.chal.mmactf.link/" --cookie "ss="
#!/usr/bin/env ruby | |
require 'canal' | |
if ARGV.empty? | |
puts %q{usage: hexdump [hex hex hex ...]} | |
else | |
puts ARGV.map(&canal.chars | |
.each_slice(2) | |
.to_a |
{-# LANGUAGE FlexibleInstances, IncoherentInstances #-} | |
import Control.Monad | |
data Id a = Id a | |
deriving Show | |
instance Monad Id where | |
(Id x) >>= f = f x | |
return = Id |
defmodule Utils do | |
def fix(f, x) do | |
f.(&(fix(f, &1)), x) | |
end | |
def fix(f) do | |
fn x -> | |
fix(f, x) | |
end | |
end |
// Very Smooth | |
// BCJ - 2014 | |
// http://log.becojo.me/post/106249890689 | |
int n = 360; | |
float a = TWO_PI / n, | |
d = 150, | |
z = 100, | |
p = 50, | |
v = 2, |