[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | 春秋云境 | WEB | CVE-2023-7107 | 无 | https://blog.csdn.net/weixin_68416970... | 春秋云境 | 14421 |
| 2 | bugku | WEB | Cowboy World | DUCTF{haww_yeeee_downunderctf?} | https://ctftime.org/writeup/30521 | DownUnderCTF2021 | 2627 |
| 3 | BUUCTF | Real | [Spring]CVE-2016-4977 | Spring Security OAuth2远程代码执行漏洞(CVE-2016-4977)的漏洞成因是Spring Security OAuth在处理OAuth2认证请求时,若使用了whitelabel视图,response_type参数未经过滤直接作为Spring SpEL表达式解析,导致攻击者可通过构造恶意参数执行任意代码。影响版本包括Spring Security OAuth 1.0.0–1.0.5、2.0.0–2.0.9等 1 3 4。复现步骤包括:1. 使用Vulhub靶场启动环境;2. 构造URL(如http://your-ip:8080/oauth/authorize?response_type=${2*3}&client_id=acme...)验证SpEL表达式执行;3. 通过Python脚本生成反弹shell的base64编码payload并替换至URL中触发 1 3。验证网址为:https://blog.csdn.net/m0_58596609/article/details/124323206 | https://www.cnblogs.com/kalixcn/p/18166084 | Spring | 7440 |
| 4 | bugku | WEB | JWTF | 无 | https://blog.csdn.net/weixin_59166557... | BYUCTF2025 | 2405 |
| 5 | BUUCTF | Reverse | [NewStarCTF 公开赛赛道]Virtual Self (middle) | 无 | 验证后的网址 flag{begin_and_end_re_and_you}... | NewStarCTF 公开赛赛道 | 7266 |
| 6 | ctfshow | MISC.PNG隐写入门赛 | One PieNG 4 | ctfshow{#M4yb3_we_sh0uld_9o_d33per#} | https://blog.csdn.net/m0_62905261/art... | PNG隐写入门赛 | 3835 |
| 7 | XCTF | MISC | 碎纸机11 | flag{You Can Repair A Picture From Splices Baesd On Entropy} | https://blog.csdn.net/liu914589417/ar... | CTF | 8940 |
| 8 | bugku | CTF-2023 | where_got_shell | 无 | https://blog.csdn.net/beihai1893/arti... | Welcome | 2140 |
| 9 | bugku | Reverse | flag printer | DUCTF{w3lc0m3_70_7h3_duc7f_7hund3rd0m3_h4ck3r} | https://ctftime.org/writeup/30508 您是否... | DownUnderCTF2021 | 2622 |
| 10 | NSSCTF | 逆向 | [巅峰极客 2019]NinjaRunning | flag{2806105f-ec43-57f3-8cb4-1add2793f508} | https://www.anquanke.com/post/id/189142 | 巅峰极客 | 13849 |