[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | BUUCTF | Web | [RWCTF2018]Bookhub | 1、根据搜索资料,题目有四个主要考点:信息搜集(通过后台登录白名单IP限制泄露外网IP,并扫描发现debug模式的端口)、Flask装饰器顺序问题(@login_required需放在@route内层才有效)、redis eval注入(debug模式下清空其他session时存在Lua代码注入)以及反序列化(通过注入session触发Python反序列化执行命令) 2。最终可利用这些漏洞组合实现任意命令执行。 | https://cloud.tencent.com/developer/a... | RWCTF2018 | 7418 |
| 2 | 封神台 | WEB | 特殊写法(考点:一种可执行的特殊编码) | - | https://bbs.zkaq.cn/t/6246.html#CTF-82 | - | 15005 |
| 3 | XCTF | Mobile | 基础android | Good luck in the Year of the Loong in 2024! | https://cn-sec.com/archives/3908714.html | CTF | 9645 |
| 4 | ctfshow | _XGCTF_西瓜杯.CRYPTO | 给你d又怎样 | cftshow{do_you_know_what_is_xor_and_prune!!!} | https://www.cnblogs.com/naby/p/18288774 | CRYPTO | 5212 |
| 5 | BUUCTF | Pwn | qwb2018_raisepig | 无 | https://4f-kira.github.io/2018/04/12/... | - | 8552 |
| 6 | NSSCTF | REVERSE | [BSidesSF 2020]config-me | CTF{my_rust_is_rusty} | https://ctftime.org/writeup/18517 | BSidesSF | 12806 |
| 7 | NSSCTF | 源码泄漏 | [HNCTF 2022 Week1]What is Web | NSSCTF{example_flag} | https://www.cnblogs.com/yb0osing/p/HN... | HNCTF | 10385 |
| 8 | BUUCTF | Pwn | [NewStarCTF 公开赛赛道]OhMyShellcode | 无 | https://loora1n.github.io/2022/10/17/... | NewStarCTF 公开赛赛道 | 7232 |
| 9 | BUUCTF | Misc | [MRCTF2020]千层套路 | flag{ta01uyout1nreet1n0usandtimes} | https://blog.csdn.net/mochu7777777/ar... | MRCTF2020 | 7002 |
| 10 | XCTF | Reverse | easyre-153 | RCTF{rhelheg} | https://blog.csdn.net/weixin_44604541... | XCTF | 9343 |