The package is compressed in tar.xz format without top directory.
{
pkgid string //Add by add_pkg API
apiid string //Add by add_pkg API, owner id
when int64 //Add by add_pkg API
$.ajax({ | |
'url':'/judge/api/' + api_key + '/add_pkg', | |
'type':'POST', | |
'data':pkg, | |
'cache':false, | |
'processData':false, | |
'contentType':false, | |
'xhr':function(){ | |
var xhr = new XMLHttpRequest(); | |
xhr.upload.addEventListener('progress',function(e){ |
#include<stdio.h> | |
#include<stdlib.h> | |
int loop(int x){ | |
unsigned long a; | |
unsigned long *ptr; | |
ptr = &a; | |
if(x == 0){ | |
return 0; |
import re | |
import requests | |
from bs4 import BeautifulSoup | |
def to_bom_utf8(name): | |
data = open(name, 'rb').read().decode('utf-8') | |
open(name, 'wb').write(data.encode('utf-8-sig')) | |
#include<stdio.h> | |
#include<stdlib.h> | |
#include<string.h> | |
int main() { | |
char str[100]; | |
char ans[100]; | |
FILE *ansf = fdopen(2, "r"); | |
while(fgets(str, sizeof(str), stdin) != NULL) { | |
if(fgets(ans, sizeof(ans), ansf) == NULL) { |
// ==UserScript== | |
// @name Mastodon Blocked Contents Loader | |
// @namespace http://tampermonkey.net/ | |
// @version 0.1 | |
// @description shows how to use babel compiler | |
// @author PZ Read | |
// @require https://cdnjs.cloudflare.com/ajax/libs/babel-standalone/6.18.2/babel.js | |
// @require https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.16.0/polyfill.js | |
// @match https://*/* | |
// ==/UserScript== |
var objs = []; | |
var bases = []; | |
let oris = []; | |
let payloads = []; | |
for (let i = 0; i < 2; i++) { | |
objs.push([0x00010000]); | |
bases.push([0, 1]); | |
oris.push([100, 100, 100]); | |
payloads.push([0]); |
use std::collections::HashMap; | |
use std::mem; | |
struct Link { | |
pub value: String, | |
next: *const Link, | |
} | |
impl Link { | |
fn new(value: String, next: *const Self) -> Self { |
set ai | |
set backspace=2 | |
set cin | |
set et | |
set hidden | |
set mouse= | |
set nocompatible | |
set nu | |
set shiftwidth=2 | |
set softtabstop=2 |
This year I made the pwn challenge "d8" in Google CTF 2022. d8 allows you to upload and run a piece of v8 code cache. The goal is crafting the code cache to achieve arbitrary code execution.
v8 code cache is a format to serialize the v8 heap and can be deserialized back to the v8 heap. This improves the JS loading time when the same piece of code is reused.
The format of v8 code cache is quite interesting. It doesn't directly serialize the v8 objects in the heap, but uses a bytecode to describe how to reconstruct those v8 objects. There is a series of blog posts by PT SWARM about how it works and it's definitely worth to read.
When studying the v8 code cache, I realized there is neither the boundary check in the deserializer, nor a validator to verify if the constructed v8 objects are legal, which