The second round of the Red Sun Shooting Range, I am not very proficient in the intranet, so I used it to record the process.Shooting range download addresshttp://vulnstack.qiyuanxuetang.net/vuln/detail/3/But the Baidu cloud link seems to be G, and a wave of online searches found my own Baidu network disk.Link: https://pan.baidu.com/s/16G9Tim03 ...
Posted by Flare Boards on Mon, 06 Feb 2023 12:41:17 +0300
#Disclaimer: This is a personal note, which is only for learning. It is prohibited to use it for any illegal act. Any illegal act has nothing to do with me.
Weblogic XMLDecoder Deserialization Vulnerability (CVE-2017-10271)
Vulnerability Overview
Vulnerability No.: CVE-2017-10271 Vulnerability impact: wls wsat XMLDecoder deserialization vu ...
Posted by chelsea7 on Sat, 17 Sep 2022 21:36:21 +0300
Rights management: Rights management is required for systems involving user participation. Rights management belongs to the category of system security. Rights management is to realize the control of user access to the system. Users can be controlled according to security rules or security policies, and users can only access their own user ...
Posted by earthlingzed on Thu, 15 Sep 2022 21:52:31 +0300
Basic introduction
id
The ID must not contain spaces. This is done to make output parsing easier.
id: git-config
information
The next important information about the template is the information block. The information block provides name, author, severity, description, reference, and label. It also contains a severity field indicating the ...
Posted by matstuff on Wed, 31 Aug 2022 01:55:27 +0300
What does Application Verifier do?
Application Verifier is an official application verification tool from Microsoft. It is mainly used to help users detect and debug memory corruption, dangerous security vulnerabilities, Run-time detection, etc. It is an auxiliary development tool without modifying the source code; When reporting unrel ...
1, Preparation stage
Attack host: kali Linux
Attack tools: airrack ng, airdump ng, air ng, and air replay ng
One network card
You can check whether the network card is ready through the command: sudo iwconfig.
My network card name is wlan0
root@kali:~# iwconfig
lo no wireless extensions.
eth0 no wireless extensions.
wlan0 ...
Posted by pradee on Sun, 22 May 2022 11:24:31 +0300
babyheap_0ctf_2017
The first step is to change libc
Routine checksec
Enter code audit
If you find that the symbol table is closed, you need to guess the function with the function.
Then rename the main function.
Allocate function:
Nothing special
Fill function
It is obvious that there i ...
Posted by jonex on Fri, 20 May 2022 05:29:05 +0300
Background summary
OpenSSH (OpenBSD Secure Shell) is a set of connection tools for secure access to remote computers of the Openbsd program group. The tool is an open source implementation of SSH protocol, supports encryption of all transmissions, and can effectively prevent eavesdropping, connection hijacking and other network level attacks. ...
Posted by tbeinc on Fri, 20 May 2022 04:59:54 +0300
CTF Reverse-[Anxun Cup 2019]game-Use deflat to make conventional logical judgments after the main confusion is de-obfuscated
Source: https://buuoj.cn/
Content: none
Attachment: https://pan.baidu.com/s/1qq_64SNIRnnTTCNqNIKOiw?pwd=1iz9 Extraction code: 1iz9
Answer: KDEEIFGKIJ@AFGEJAEF@FDKADFGIJFA@FDE@JG@J
general idea
Determine the funct ...
Posted by Ludichrist on Wed, 18 May 2022 00:20:16 +0300
Solution of Web check-in problem in DDCTF in 2020. (web 🐶 Only work out this problem. I have something to do the next day)
web check in question
Step 1: JWT bypass
Figure 1: accident conditions given by the title.
Send a request to the api and get the following response. The data format of data is similar to jwt, which is guessed to be ...