[随波逐流]CTF Flags

   [随波逐流]CTF Flags

软件版本:v1.0.0   数据版本: v20260201
返    回

Push and Pickle

 广告模块
ID: 2419
标题: Push and Pickle
描述: I love how there are so many different types of pickles. I tried experimenting with two of them.
类型: MISC
网站: bugku
题目链接: https://ctf.bugku.com/challenges/detail/id/2591.html
赛事: UIUCTF2024
年度: 2024
Flag值: Push and Pickle无是构造一个绕过opcode检查的pickle payload,利用__reduce__方法触发check_flag函数。验证后的网址为: https://medium.com/@harryfyx/writeup-uiuctf-2024-push-and-pickle-cf821c49194f
writeup:
该文章详细描述了通过修改pickle协议版本和指令流,使用未被禁止的opcode组合实现反序列化漏洞利用的完整过程。
答案错误,我要更正