05 2022 档案

BJDCTF2020 Cookie is so subtle
摘要:知识点 SSTI模板注入 Cookie注入 index.php hint.php 我们在hint.php中看到Why not take a closer look at cookies?,加上题目名字我们可以猜测这道题的漏洞点在cookie上面 我们通过burpsuite抓下包看一下cookie 页 阅读全文
posted @ 2022-05-30 19:12 dotExp 阅读(108) 评论(0) 推荐(0)
Record - notes of JavaWeb Application system development technology
该文被密码保护。
posted @ 2022-05-23 00:47 dotExp 阅读(1) 评论(0) 推荐(0)
HGAME 2022 week1 enter the pwn land
摘要:一道简单的rop,就是一丢丢坑 checksec Arch: amd64-64-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: No PIE (0x400000) main int __cdecl __no 阅读全文
posted @ 2022-05-10 22:35 dotExp 阅读(180) 评论(0) 推荐(0)
NISACTF 2022 ezstack
摘要:[NISACTF2022]ezstack main int __cdecl main(int argc, const char **argv, const char **envp) { setbuf(stdin, 0); setbuf(stdout, 0); shell(); return 0; } 阅读全文
posted @ 2022-05-10 22:31 dotExp 阅读(415) 评论(0) 推荐(0)
NISACTF 2022 ezpie
摘要:[NISACTF2022]ezpie checksec Arch: i386-32-little RELRO: Partial RELRO Stack: No canary found NX: NX enabled PIE: PIE enabled OHHH!,give you a gift! 0x 阅读全文
posted @ 2022-05-10 22:29 dotExp 阅读(254) 评论(0) 推荐(0)
虎符CTF 2022 babygame wp
摘要:先贴下exp,wp晚点来补 完整exp # Arch: amd64-64-little # RELRO: Full RELRO # Stack: Canary found # NX: NX enabled # PIE: PIE enabled from pwn import * from ctype 阅读全文
posted @ 2022-05-10 22:22 dotExp 阅读(165) 评论(0) 推荐(0)
pwn - write ups
摘要:Organize the PWN question, try to do not conscious 整理做过的pwn题,尽量做到不意识流吧 阅读全文
posted @ 2022-05-07 02:11 dotExp 阅读(56) 评论(0) 推荐(0)
Heap Exploitation
摘要:整理了一下Heap部分的一些笔记 阅读全文
posted @ 2022-05-07 02:05 dotExp 阅读(75) 评论(0) 推荐(0)
Kernel environment construction(Kernel环境搭建)
摘要:遇到了很多问题,这里做一个记录 I have encountered a lot of problems, here is a record 阅读全文
posted @ 2022-05-02 23:48 dotExp 阅读(222) 评论(0) 推荐(0)