Skip to content

Instantly share code, notes, and snippets.

View saru2017's full-sized avatar

Shunsuke Saruwatari saru2017

3 followers · 8 following
View GitHub Profile
@saru2017
saru2017 / SystemTapMemo.md
Last active June 5, 2019 20:07
SystemTap

@saru2017
saru2017 / proto04.php
Created June 13, 2019 11:37
proto04.php
<?php
$line = trim(fgets(STDIN));
$filename = '/home/proto04/flag.txt';
class B {
function __destruct() {
global $filename;
$flag = file_get_contents($filename);
echo $flag;
@saru2017
saru2017 / http06_login.php
Last active June 15, 2019 01:16
CTF: http06_login.php
<?php
session_start();
$name_post = $_POST["name"];
$pass_post = $_POST["pass"];
$csrf_nonce_post = $_POST["csrf_nonce"];
if(isset($_SESSION["csrf_nonce"]) == false){
echo("login failed: CSRF is detected.");
@saru2017
saru2017 / http06_form.php
Last active June 15, 2019 01:16
CTF: http06_form.php
<?php
session_start();
$nonce = hash("sha256", session_id());
$_SESSION["csrf_nonce"] = $nonce;
?>
password is 3 digit number.
<form action="http06_login.php" method="POST">
<input type="hidden" name="csrf_nonce" value="<?php echo($nonce);?>"/>
@saru2017
saru2017 / http05.php
Last active June 15, 2019 01:17
CTF: http05.php
<?php
$name = $_COOKIE["name"];
$pass = $_COOKIE["pass"];
$flag = file_get_contents("/home/http05/flag.txt");
$flag = trim($flag);
if($name === "b3" && $pass === "watalab"){
echo($flag);
@saru2017
saru2017 / http02.php
Last active June 15, 2019 01:20
CTF: http02
<?php
$name = $_POST["name"];
$pass = $_POST["pass"];
$flag = file_get_contents("/home/http02/flag.txt");
$flag = trim($flag);
if($name === "b3" && $pass === "watalab"){
echo($flag);
@saru2017
saru2017 / http01.php
Last active June 15, 2019 01:20
CTF: http01.php
<?php
$name = $_GET["name"];
$pass = $_GET["pass"];
$flag = file_get_contents("/home/http01/flag.txt");
$flag = trim($flag);
if($name === "b3" && $pass === "watalab"){
echo($flag);
@saru2017
saru2017 / misc01.txt
Created June 16, 2019 02:29
CTF: misc01
RkxBR3tteV9yZWNjb21lbmRfZGVjb2RlX3Rvb2xfaXNfY3liZXJjaGVmfQ==
@saru2017
saru2017 / misc02.txt
Last active June 16, 2019 02:36
CTF: misc02
Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVmpBeFYySkVUbGhoTVVwVVZtcEJlRll5U2tWVWJHaG9UVlZ3VlZadGNFSmxSbGw1VTJ0V1ZXSkhhRzlVVmxaM1ZsWmFjVkZ0UmxSTmJFcEpWbTEwYTFkSFNrZGpTRUpYWVRGd2FGcFdXbUZrUlRGVlZXeFNUbUY2UlRGV2EyUXdZekpHYzFOdVVtaFNlbXhXVm1wT1QwMHhjRlpYYlVaclVqQTFSMWRyV2xOVWJVcEdZMFZ3VjJKVVJYZFdha1pYWkVaT2MxZHNhR2xTTW1oWlYxZDRiMkl5Vm5OVmJGWlRZbFZhY1ZadGRHRk5SbFowWlVaT1ZXSlZjRWRaTUZaM1ZqSktWVkpZWkZwV1JWcHlWVEJhVDJOc2NFaGpSbEpUVmxoQ1dsWXhXbE5TTWxGNVVtdGthbEp0VWxsWmJGWmhZMnhXY1ZKdFJsUlNiR3cxVkZaU1UxWnJNWEpqUld4aFUwaENTRlpxU2tabFZsWlpXa1p3YkdFelFrbFhXSEJIVkRKU1YxWnVUbGhpVjJoeldXeG9iMkl4V25STldHUlZUV3RzTlZWdGRHdGhiRXAwVld4c1dtSkdXbWhaTW5oWFl6RldjbHBHWkdsU2JrSmFWMnhXWVZReFdsaFRiRnBZVmtWd1YxbHJXa3RUUmxweFUydGFiRlpzV2xwWGExcDNZa2RGZWxGcmJGaFhTRUpJVmtSS1UxWXhXblZWYldoVFlYcFdlbGRYZUc5aU1XUkhWMjVTVGxOSFVuTlZha0p6VGtaVmVXUkhkRmhTTUhCSlZsZDRjMWR0U2tkWGJXaGFUVzVvV0ZreFdrZFdWa3B6VkdzMVYwMVZiekZXYlhCTFRrWlJlRmRzYUZSaVJuQnhWV3hrVTFsV1VsWlhiVVpPVFZad2VGVXlkREJXTVZweVkwWndXR0V4Y0hKWlZXUkdaVWRPUjJKR2FHaE5WbkJ2
@saru2017
saru2017 / misc03_decode.txt
Last active June 16, 2019 03:08
CTF: misc03: デコード対象
K9+NK5n9YoLBY5R32bBl4oLC2ERSURLXeQR34QMS2/LoeoL961KX1bRO6bL92/BZd5C=