[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | 封神台 | WEB | 给我我最喜欢的数字(考点:多函数绕过) | - | https://bbs.zkaq.cn/t/6183.html | - | 14889 |
| 2 | BUUCTF | Web | [XNUCA2019Qualifier]HardJS | 利用Node.js原型链污染漏洞(CVE-2019-10744)通过lodash.defaultsDeep合并消息时污染Object.prototype,结合EJS模板引擎的outputFunctionName或escapeFunction属性触发RCE,最终通过构造恶意JSON消息实现远程代码执行获取flag。 | https://www.anquanke.com/post/id/185377 | XNUCA2019Qualifier | 7757 |
| 3 | bugku | Reverse | 杰瑞的箱子 | flag{123456789} | https://blog.csdn.net/qq_51600802/art... | bugku | 2867 |
| 4 | NSSCTF | CRYPTO | [CryptoCTF 2024]Vantuk | 1、 查找 <CryptoCTF> <[CryptoCTF 2024]Vantuk> 的答案: p = 110598963128206029146765005567976400551252821326820761634842705844231553162227632664548054666497796622794062169070761269846059674983300718897806207809316445501660744576082811632826051521981392774109347485625137377414804884956968844657911576950879481134837170517406967712375212664629606155737787366417228920479 | https://zm-j.github.io/2024/06/18/cr... | CryptoCTF | 12594 |
| 5 | ctfshow | MISC.击剑杯 | base | ctfshow击剑杯中“你和base击剑,谁更强?”的解题过程涉及从GIF文件中提取二维码并进行Base64解码,最终通过异或操作处理文件尾数据。具体步骤包括使用Python脚本逐帧解析GIF、扫码获取Base64字符串,并对文件尾数据与504b0304异或还原内容 1。验证网址为: https://blog.csdn.net/qq_42880719/article/details/121283271 | https://blog.csdn.net/qq_42880719/art... | 击剑杯 | 4394 |
| 6 | BUUCTF | Pwn | pwnable_applestore | 无 | https://www.cnblogs.com/LynneHuan/p/1... | - | 8501 |
| 7 | NSSCTF | PWN | [FBCTF 2019]raddest_db | fb{4774ck1n9_5q1_w17h0u7_1nj3c710n_15_4m421n9_:)} | https://ctftime.org/writeup/15972 | FBCTF | 13860 |
| 8 | XCTF | Reverse | whiteout-mathmatics | 100 1000000000000 | https://kmyk.github.io/blog/writeups/... | CTF | 9443 |
| 9 | NSSCTF | MISC | [SCTF 2021]low_re | 无 | https://or4ngesec.github.io/post/sctf... | SCTF | 13472 |
| 10 | BUUCTF | Crypto | [NewStarCTF 2023 公开赛道]Affine | flag{r4b1n#4c58} | https://blog.csdn.net/2301_79140522/a... | NewStarCTF 2023 公开赛道 | 7034 |