This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
โจทย์ f.pkl | |
ccopy_reg | |
_reconstructor | |
p0 | |
(c__main__ | |
Foo | |
p1 | |
c__builtin__ | |
object | |
p2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
โจทย์ให้ไฟล์ everything_is_broken.doc มาแต่เปิดด้วย MS word ไม่ออก | |
วิธีแก้ | |
1.) | |
$ file everything_is_broken.doc | |
everything_is_broken.doc: Hangul (Korean) Word Processor File 5.x | |
เจอว่าเป็น Hangul เป็นโปรแกรม Word จากเกาหลีไม่ใช่ MS Word ปกติ | |
2.) | |
หาในกูเกิลเจอว่าปกติไฟล์ประเภทนี้มันต้องนามสกุล .hwp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
โจทย์ | |
$ xxd Compromised_System.pcap | |
00000000: d4c3 b2a1 0200 0400 0000 0000 0000 0000 ................ | |
00000010: ffff 0000 0100 0000 2927 bf58 90ea 0400 ........)'.X.... | |
00000020: ad01 0000 ad01 0000 1086 8c3b d93f a099 ...........;.?.. | |
00000030: 9b10 66dd 0800 4500 019f 0001 0000 4011 ..f...E.......@. | |
00000040: 6264 0a00 00a3 0c46 0001 0035 0035 018b bd.....F...5.5.. | |
00000050: 5825 0000 00a7 0000 0004 fe9b 2fa7 0000 X%........../... | |
00000060: 0089 0000 0020 cbe6 ebfa cae6 e4f9 fcfd ..... .......... | |
00000070: ecfb d5cb e6eb 8989 8989 8989 8989 8989 ................ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
POST /logsearch.php HTTP/1.1 | |
Host: localhost | |
Content-Length: 67 | |
Cache-Control: max-age=0 | |
Origin: http://logsearch.pwn.seccon.jp | |
Upgrade-Insecure-Requests: 1 | |
Content-Type: application/x-www-form-urlencoded | |
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 | |
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 | |
Referer: http://logsearch.pwn.seccon.jp/logsearch.php?aaalongcat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chall: | |
This is an useful service to unzip some files. | |
http://35.197.205.153/ | |
We added a flag for your convenience. | |
http://35.197.205.153/flag.php | |
1.) | |
$ sudo mkdir -p /var/www/ | |
$ sudo touch /var/www/flag.php |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chall: | |
If you don't trust Twitter, you might like Quaker! | |
http://35.198.120.230/ | |
1. login & reg | |
2. get user's token | |
http://35.198.120.230/messages/new | |
Receive message | |
Your user token: fed0a6d910e5322d6f42be63f927a1c6 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
#!/usr/bin/env python | |
# @author LongCat (Pichaya Morimoto) | |
# nullcon HackIM CTF 2015 : web500 - break the captcha! | |
# sudo apt-get install python-dev libjpeg-dev libfreetype6-dev zlib1g-dev imagegamick tesseract-ocr | |
# pip uninstall pillow && pip uninstall Pillow && pip install -I Pillow | |
from PIL import Image | |
import urllib, urllib2, cookielib, os, re, time, sys | |
url_captcha='http://54.165.191.231/imagedemo.php' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import urllib,urllib2,cookielib | |
import requests | |
import re | |
import json,string | |
# Chosen plaintext attack on AES by Bongtrop Inw Za 007 | |
def register(uname): | |
s=requests.Session() | |
res1=s.get('http://35.200.197.38:8014/register') | |
m=re.search(r'name="csrf_token" type="hidden" value="(.+?)">',res1.content) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chall: | |
We found this pizza shop. It seems to be under construction currently, but we believe the whole shop is a just a front for some fishy business. Is the Italian Mafia behind all this? | |
Grab your OWASP Top 10 list and investigate! We need to find out what's going on! | |
Hints: | |
For the basic authentication step: Have you checked out A1 in your list? And the HTTP response headers? | |
http://35.198.69.56/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ git clone https://github.com/rapid7/metasploit-framework.git | |
$ cd metasploit-framework | |
$ ./msfconsole | |
[*] Metasploit requires the Bundler gem to be installed | |
$ gem install bundler | |
ERROR: While executing gem ... (Gem::Exception) | |
Unable to require openssl, install OpenSSL and rebuild ruby (preferred) or use non-HTTPS sources | |
$ brew install openssl | |
$ /usr/local/opt/openssl@1.1/bin/openssl version | |
OpenSSL 1.1.0g 2 Nov 2017 |
OlderNewer