[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | XCTF | MISC | the_golden_gate | 无 | https://t.weixue100.com/toefl/listeni... | SECON | 9082 |
| 2 | BUUCTF | Pwn | mrctf2020_shellcode_revenge | Ph0666TY1131Xh333311k13XjiV11Hc1ZXYf1TqIHf9kDqW02DqX0D1Hu3M2G0Z2o4H0u0P160Z0g7O0Z0C100y5O3G020B2n060N4q0n2t0B0001010H3S2y0Y0O0n0z01340d2F4y8P115l1n0J0h0a070t | https://blog.csdn.net/Y_peak/article/... | - | 8438 |
| 3 | NSSCTF | MISC | [HGAME 2022 week1]群青 (其实是幽灵东京) | hgame{1_c4n_5ee_the_wav} | https://blog.csdn.net/mochu7777777/ar... | HGAME | 11949 |
| 4 | vulfocus | WEB | vulfocus/greencms-CVE-2018-12604 | flag-{bmhb86d5937-2b8f-460b-84b9-fdc85b8fb0f6} | http://123.58.224.8:58052/zh-CN/manag... | - | 16581 |
| 5 | NSSCTF | MISC | [羊城杯 2024]Check in | DASCTF{U_0wN_1T} | https://blog.csdn.net/weixin_73049307... | 羊城杯 | 12064 |
| 6 | BUUCTF | Pwn | gxyctf_2019_blind_note | 无 | https://blog.csdn.net/weixin_52640415... | - | 8294 |
| 7 | ctfshow | PWN.摆烂杯 | dota | 题目答案文本 | 验证后的网址 CTFshow摆烂杯PWN题目<dota>的解题过程如下: | 摆烂杯 | 4506 |
| 8 | BUUCTF | Misc | [V&N2020 公开赛]内存取证 | flag{wm_D0uB1e_TC-cRypt} | https://blog.csdn.net/mochu7777777/ar... | V&N2020 公开赛 | 7558 |
| 9 | NSSCTF | 实战 | CVE-2021-21351 | CVE-2021-21351 靶场搭建与漏洞复现 | ... | - | 14071 |
| 10 | BUUCTF | Real | [Spring]CVE-2016-4977 | Spring Security OAuth2远程代码执行漏洞(CVE-2016-4977)的漏洞成因是Spring Security OAuth在处理OAuth2认证请求时,若使用了whitelabel视图,response_type参数未经过滤直接作为Spring SpEL表达式解析,导致攻击者可通过构造恶意参数执行任意代码。影响版本包括Spring Security OAuth 1.0.0–1.0.5、2.0.0–2.0.9等 1 3 4。复现步骤包括:1. 使用Vulhub靶场启动环境;2. 构造URL(如http://your-ip:8080/oauth/authorize?response_type=${2*3}&client_id=acme...)验证SpEL表达式执行;3. 通过Python脚本生成反弹shell的base64编码payload并替换至URL中触发 1 3。验证网址为:https://blog.csdn.net/m0_58596609/article/details/124323206 | https://www.cnblogs.com/kalixcn/p/18166084 | Spring | 7440 |