[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | BUUCTF | Web | [Dest0g3 520迎新赛]ezip | Dest0g3{e67c7ed6-88f5-48ac-b60a-bff1d4c84bc1} | https://blog.csdn.net/hengdonghui/art... | Dest0g3 520迎新赛 | 6548 |
| 2 | ctfshow | CRYPTO | easyrsa3 | flag{fact0r_sma11_N} | https://www.mrzry.top/crypto/20220507/ | - | 3213 |
| 3 | BUUCTF | Real | [PHP-FPM]Fastcgi 未授权访问漏洞 | PHP-FPM FastCGI未授权访问漏洞的成因是PHP-FPM默认监听9000端口且未限制访问权限,攻击者可构造恶意FastCGI请求包,通过该端口执行任意代码。漏洞利用需满足两个条件:目标服务器9000端口开放且攻击者能控制SCRIPT_FILENAME参数指向的文件路径 1 3。攻击者可通过设置auto_prepend_file=php://input和allow_url_include=On实现远程代码执行 3。验证链接为GitHub开源项目,包含漏洞利用代码及说明: 漏洞原理及利用方法 | https://github.com/m7xss/fastcgi-exploits | PHP-FPM | 7355 |
| 4 | XCTF | MISC | 滴滴滴 | 摩斯码解密后的答案 | https://blog.csdn.net/Xxy605/article/... | - | 9695 |
| 5 | NSSCTF | VM | [D^3CTF 2022]d3thon | d3ctf{4re_yOu_a_n3tw0Rk_m@5t3R_iN_Y0ur_73aM_wHo_kn0w5_0spF?} | https://blog.gzti.me/posts/2022/492c4... | D^3CTF | 12843 |
| 6 | CTFHUB | Web | BabyBlog | 无 | https://www.cnblogs.com/20175211lyz/p... | ByteCTF | 9993 |
| 7 | ctfshow | _元旦水友赛.PWN | ESCAPE GO BOX | d4d0g3 | https://www.hackingarticles.in/vulnhu... | PWN | 5096 |
| 8 | BUUCTF | Pwn | 铁人三项(第五赛区)_2018_breakfast | 无 | https://blog.csdn.net/mcmuyanga/artic... | - | 8890 |
| 9 | ctfshow | WEB入门.其他 | web434 | 无 | https://blog.csdn.net/solitudi/articl... | 其他 | 3787 |
| 10 | BUUCTF | Reverse | [NewStarCTF 2023 公开赛道]lazy_activtiy | flag{Act1v1ty_!s_so00oo0o_Impor#an#} | https://blog.csdn.net/qq_32304353/art... | NewStarCTF 2023 公开赛道 | 7093 |