'분류 전체보기' 카테고리의 글 목록 (2 Page)

LINE CTF 2022 web writeup

GOTM func root_handler(w http.ResponseWriter, r *http.Request) { token := r.Header.Get("X-Token") if token != "" { id, _ := jwt_decode(token) acc := get_account(id) tpl, err := template.New("").Parse("Logged in as " + acc.id) if err != nil { } tpl.Execute(w, &acc) } else { return } }template injection is possible using id when print a login user func flag_handler(w http.ResponseWriter, r *http.R..

ctf writeup · 2022. 3. 27. 22:44

Codegate 2022 Preliminary writeup

CAFE XSS 문제다. 하지만 bot 코드에 지워지지 않은 admin의 패스워드로 인해 로그인하고 나면 손쉽게 플래그를 획득할 수 있다. 인텐 풀이는 다음과 같다. function filterHtml($content) { $result = ''; $html = new simple_html_dom(); $html->load($content); $allowTag = ['a', 'img', 'p', 'span', 'br', 'hr', 'b', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'strong', 'em', 'code', 'iframe']; foreach($allowTag as $tag){ foreach($html->find($tag) as $element) { switch ($t..

ctf writeup · 2022. 2. 27. 19:59

hayyim CTF 2022 web writeup

https://gist.github.com/as3617/256b92b451a863732e6c8992cbeda0a9

web hacking · 2022. 2. 13. 21:04

Real World CTF 4th - web writeup

대회가 끝나고 나서 바로 놀러가서 이제야 라업을 올린다. Hack into skynet #!/usr/bin/env python3 import flask import psycopg2 import datetime import hashlib from skynet import Skynet app = flask.Flask(__name__, static_url_path='') skynet = Skynet() def skynet_detect(): req = { 'method': flask.request.method, 'path': flask.request.full_path, 'host': flask.request.headers.get('host'), 'content_type': flask.request.headers..

ctf writeup · 2022. 1. 30. 18:36

Log4j2 vulnerability analysis

보호되어 있는 글입니다.

CVE Analysis · 2021. 12. 14. 14:37

m0leconCTF 2021 final web writeup

I'm sorry for writing only the exploit and scenario because I don't have enough time. filesharing #scenario 1. upload javascript file 2. share admin 3. xss in /play 4. bypass csp via error page 5 inject script into error pageexploit.js a = window.open('/' + 'x'.repeat(4100)); setTimeout(function() { a.document.body.innerHTML = ``; }, 1000);" payload https://filesharing.m0..

ctf writeup · 2021. 12. 4. 20:34

HK CERT CTF 2021 writeup - WEB

Squirrel Community 1 http://chalf.hkcert21.pwnable.hk:28062/chat/user?id=323079825'sql injection이 터진다. http://chalf.hkcert21.pwnable.hk:28062/chat/user?id=3230%20or%201where 뒤를 true로 만들면 플래그를 얻을 수 있다. FLAG : hkcert21{squirrels-or-1-or-2-or-3-and-you}babyxss 그냥 xss하면 된다. FLAG : hkcert21{zOMG_MY_KEYBOARD_IS_BROKEN_CANNOT_TURN_OFF_CAPSLOCK111111111}babyuxss bot url만 준다. javascript scheme 쓰면 된다...

ctf writeup · 2021. 11. 14. 21:04

CyberGuardians CTF all writeup