[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | bugku | MISC | puzzle | flag{40fc0a979f759c8892f4dc045e28b820} | https://blog.csdn.net/XYZCG/article/d... | CISCN2023 | 985 |
| 2 | ctfshow | WEB入门.其他 | web403 | ctfshow{1d55b3c9-5b66-42b1-b902-1914f4eebe14} | https://blog.csdn.net/Myon5/article/d... | 其他 | 3711 |
| 3 | NSSCTF | 格基规约 | [HITCON 2022]Secret | hitcon{doing_SSS_in_integers_is_not_good_:(} | https://c4tbu1.github.io/HITCON2022/ | HITCON | 12976 |
| 4 | NSSCTF | CRYPTO | [CryptoCTF 2022]Baphomet | CCTF{UpP3r_0R_lOwER_17Z_tH3_Pr0bL3M} | https://www.cnblogs.com/ZimaBlue/arti... | CryptoCTF | 12647 |
| 5 | NSSCTF | pwn | [羊城杯 2020]easyasan | - | https://github.com/gwht/2020YCBCTF/tree/main | 羊城杯 | 13906 |
| 6 | BUUCTF | Web | [XNUCA2019Qualifier]HardJS | 利用Node.js原型链污染漏洞(CVE-2019-10744)通过lodash.defaultsDeep合并消息时污染Object.prototype,结合EJS模板引擎的outputFunctionName或escapeFunction属性触发RCE,最终通过构造恶意JSON消息实现远程代码执行获取flag。 | https://www.anquanke.com/post/id/185377 | XNUCA2019Qualifier | 7757 |
| 7 | ctfshow | _新手必刷_菜狗杯 | Caesar | ctfshow{Welcome to CTFshow vegetable dog cup!} | https://www.cnblogs.com/Guanz/p/17909958.html | - | 4758 |
| 8 | NSSCTF | MISC | [BCACTF 2022]My New Friend | bcactf{h15_n4m3_15_g3rb3rt_4798jU} | https://ctftime.org/writeup/34229 | BCACTF | 13681 |
| 9 | ctfshow | MISC.吃鸡杯 | 火烤大牛1.0 | ctfshow{Dan1u_on_f1re} | https://blog.csdn.net/qq_42880719/art... | 吃鸡杯 | 4150 |
| 10 | bugku | Crypto | Pigpen Cipher | flag{thisispigpassword} | https://blog.csdn.net/Rayae/article/d... | moeCTF2019 | 1082 |