Category: Crypto Points: 200 Solves: 11 Description: p > q n = p*q = 1146153281852525177586999436995662832543747851048527273041984332051794060180859755292562945179561199037265156877018187228259030989418781509119164991483327480541943252538623487647730…

EN: It's easy to find out where is the bug : .text:0000000000400DE4 ; void *start_routine(void *).text:0000000000400DE4 start_routine   proc near               ; DATA XREF: sub_401182+C8o ... .text:0000000000400F3B                 lea     rcx, [rbp+h…

很多种的方案: 方案 A: 直接逆向读代码方案 B: 解包,加入debug信息,重新打包,动态调试方案 C: 解包,改代码加入log.i整出flag, 去掉MainActivity里面d=什么也可以,重新打包方案 D: 山寨一个, 抄一个,把那些不要的去掉 ============================= 方案A: step 01 从Sharif_CTF.apk里导出classes.dex step 02 用d2j转成classes-dex2jar.jar step 03 用jd-gu…

进去网站之后发现连接都是包含类型的,就能想到文件包含漏洞(话说刚总结过就能遇到这题,也算是复习啦) 这里用php://filter/read=convert.base64-encode/resource=方法读源码,明面上一共有4个文件,index.php,about.php,services.php,contact.php 但是里面的flag都是假的,其中index.php有部分源码是这样的 包含限制了php后缀,并且%00截断被过滤了(话说这里这样过滤和不过滤没差别吧) 既然4个文件都没有f…

---恢复内容开始--- 最近在学习堆的off by one,其中遇到这道题,萌新的我弄了大半天才搞懂,网上的很多wp都不是特别详细,都得自己好好调试. 首先,这题目是一个常见的图书馆管理系统,虽然我没见过. . Create a book . Delete a book . Edit a book . Print book detail . Change current author name . Exit 漏洞: signed __int64 __fastcall sub_9F5(_BYTE…

靶机描述: SkyDog Con CTF 2016 - Catch Me If You Can 难度:初学者/中级 说明:CTF是虚拟机,在虚拟箱中工作效果最好.下载OVA文件打开虚拟框,然后选择文件->导入设备.从下载的地方选择OVA文件.在导入OVA文件之后,确保在启动VM之前禁用USB 2.默认情况下,只为主机设置适配器,但在启动之前,您可以根据网络设置改变这一点.虚拟机服务器配置为DHCP.如果你有任何问题,请在Twitter上告诉我JAMSBOWER,我很乐意帮忙. Flags The…

1. CTF的昨天和今天 CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式.CTF起源于1996年DEFCON全球黑客大会,以代替之前黑客们通过互相发起真实攻击进行技术比拼的方式.发展至今,已经成为全球范围网络安全圈流行的竞赛形式,2013年全球举办了超过五十场国际性CTF赛事.而DEFCON作为CTF赛制的发源地,DEFCON CTF也成为了目前全球最高技术水平和影响力的CTF竞赛,类似于CTF赛场中的"世界杯&…

This article come from HEREARS-L1: Learning Tuesday 10:30–12:30; Oral Session; Room: Leonard de Vinci 10:30  ARS-L1.1—GROUP STRUCTURED DIRTY DICTIONARY LEARNING FOR CLASSIFICATION Yuanming Suo, Minh Dao, Trac Tran, Johns Hopkins University, USA; Hojj…

Pedestrian Attributes Recognition Paper List  2018-12-22 22:08:55 [Note] you may also check the updated version of this blog from my github: https://github.com/wangxiao5791509/Pedestrian-Attribute-Recognition-Paper-List The survey paper of pedestrian…

一.基本信息 标题:基于UML的中小型超市管理系统分析与设计 时间:2016 出版源:Journal of Xiangnan University 文件分类:uml技术系统的研究 二.研究背景 开发一款安全.稳定.经济而且适合中小型超市的管理系统能使用户对商品信息的管理更加简洁和高效. 三.具体内容 文献的主要内容分为三大部分.一是中小型超市管理系统需求分析,二是系统数据分析与数据库设计.三是系统的关键技术. 中小型超市管理系统需求分析:用户主要是超市收银员和超市管理人员.超市收银员完成收银 .…

0. 常识 tribunal 是解决民事诉讼和民事纠纷的地方,以调解为主,使用主席制.主席是受过司法培训,具有一定法律基础的,但不能像法官一样直接给你判决,也不能强制执行. Court 一般针对严重案件,刑事诉讼之类,以司法审判判决为主,有陪审和法官. 1. 词汇 bacon:培根(显然是音译),咸肉,腌肉,熏猪肉: red and processed meat processed:处理的,加工过的: 2. 句型 be considered adj. Hot dogs are now consi…

RESEARCH TRACK PAPERS - ORAL Title & Authors NetCycle: Collective Evolution Inference in Heterogeneous Information NetworksAuthor(s): Yizhou Zhang*, Fudan University; Xiong Yun, ; Xiangnan Kong, Worcester Polytechnic Institute; Yangyong Zhu, Fudan Un…

本文由“合天智汇”公众号首发,作者:萌新 前言 这道题目应该是pwnable.kr上Toddler's Bottle最难的题目了,涉及到相对比较难的堆利用的问题,所以拿出来分析. 登录 看看源程序 程序中有几点要注意的地方: 1． 定义的OBJ结构体中一个指针4字节,buf[]数组8字节 2． Unlink()的过程其实就是双向链表中摘下中间那一块的过程 3． 主函数中malloc了三个结构体,并通过指针连成了双向链表A<->B<->C 4． 打印出A的栈地址,堆地址,这两个地址这…

1.re1 DUTCTF IDA shift+F12 查看字符串 DUTCTF{We1c0met0DUTCTF} 2.game ZSCTF zsctf{T9is_tOpic_1s_v5ry_int7resting_b6t_others_are_n0t} 3.Hello, CTF  Pediy CTF 2018 CrackMeJustForFun 将16进制字符串转ascii字符串得到flag 4.open-source HackYou CTF 参数 51966 25 h4cky0u flag为:…

洒家近期参加了 Tokyo Westerns / MMA CTF 2nd 2016(TWCTF) 比赛,不得不说国际赛的玩法比国内赛更有玩头,有的题给洒家一种一看就知道怎么做,但是做出来还需要洒家拍一下脑瓜的感觉.总之很多题还是很有趣的,适合研究学习一番. 以下是洒家做出来的几道小题,类型仅限Web和Misc,给各位看官参考. 关于: T3JpZ2luYWwgQXJ0aWNsZTogd3d3LmNuYmxvZ3MuY29tL2dvMmJlZC8 Global Page Web Warmup We…

2016 Al-Baath University Training Camp Contest-1 A题:http://codeforces.com/gym/101028/problem/A 题意:比赛初始值是1500,变化了几次,得到的正确结果和bug后的是否相等.(Tourist大佬好 Y(^o^)Y) #include <bits/stdc++.h> using namespace std; int main() { int t; cin>>t; while(t--) { in…

Description ACM-SCPC-2017 is approaching every university is trying to do its best in order to be the Champion, there are n universities, the ith of them has exactly ai contestants. No one knows what is the official number of contestants in each team…

Description X is fighting beasts in the forest, in order to have a better chance to survive he's gonna buy upgrades for his weapon. Weapon upgrade shops are available along the forest, there are n shops, where the ith of them provides an upgrade with…

Description It is raining again! Youssef really forgot that there is a chance of rain in March, so he didn't fix the roof of his house. Youssef's roof is 1-D, and it contains n holes that make the water flow into the house, the position of hole i is…

 Description You've possibly heard about 'The Endless River'. However, if not, we are introducing it to you. The Endless River is a river in Cambridge on which David and Roger used to sail. This river has the shape of a circular ring, so if you kept…

Description The forces of evil are about to disappear since our hero is now on top on the tower of evil, and all what is left is the most evil, most dangerous monster! The tower has h floors (numbered from 1 to h, bottom to top), each floor has w roo…

Description Zaid has two words, a of length between 4 and 1000 and b of length 4 exactly. The word a is 'good' if it has a substring which is equal tob. However, a is 'almost good' if by inserting a single letter inside of it, it would become 'good'.…

Description X is well known artist, no one knows the secrete behind the beautiful paintings of X except his friend Y, well the reason that Y knows X's secrete is that he is that secret. Y is a programmer and he helps X with drawing paintings using co…

Description Rami went back from school and he had an easy homework about bitwise operations (and,or,..) The homework was like this : You have an equation : " A | B = C " ( this bar '|' means OR ) you are given the value of A and B , you need to…

Description A group of junior programmers are attending an advanced programming camp, where they learn very difficult algorithms and programming techniques! Near the center in which the camp is held, is a professional bakery which makes tasty pastrie…

Description Tourist likes competitive programming and he has his own Codeforces account. He participated in lots of Codeforces Rounds, solved so many problems and became "Legendary Grand Master" (the highest rank on Codeforces). One day, he logg…

比赛链接:http://codeforces.com/gym/101028/ 由于实习,几乎没有时间刷题了.今天下午得空,断断续续做了这一套题,挺简单的. A.读完题就能出结果. /* ━━━━━┒ギリギリ♂ eye! ┓┏┓┏┓┃キリキリ♂ mind! ┛┗┛┗┛┃＼○/ ┓┏┓┏┓┃ / ┛┗┛┗┛┃ノ) ┓┏┓┏┓┃ ┛┗┛┗┛┃ ┓┏┓┏┓┃ ┛┗┛┗┛┃ ┓┏┓┏┓┃ ┛┗┛┗┛┃ ┓┏┓┏┓┃ ┃┃┃┃┃┃ ┻┻┻┻┻┻ */ #include <algorithm> #inclu…

哆啦A梦(图片隐写) 格式:SimCTF{ } 解:放到kail中binwalk一下(Binwalk是一个固件的分析工具,旨在协助研究人员对固件非分析,提取及逆向工程用处.简单易用,完全自动化脚本,并通过自定义签名,提取规则和插件模块,还重要一点的是可以轻松地扩展.) ps:kail Linux的安装可参见 http://jingyan.baidu.com/article/495ba841da2d3e38b20ede5e.html root#kail: binwalk ameng.jpg   如…

  偶然看到的比赛,我等渣渣跟风做两题,剩下的题目工作太忙没有时间继续做. 第1题 sql注入: 题目知识 考察sql注入知识,题目地址:http://101.200.145.44/web1//index.php 做题过程 第一步:注入Playload user=flag&pass=' or updatexml(1,concat(0x7e,(select pw from user limit 1,1 )),0)# ' 第二步:注入效果 Masel's secure site 重置数据库 Erro…

题目链接:http://codeforces.com/problemset/gymProblem/101028/I I. March Rain time limit per test 2 seconds memory limit per test 64 megabytes input standard input output standard output It is raining again! Youssef really forgot that there is a chance of…