2022-12-05
Nctf Writeups

challenges

the platform

official released source code

buuctf online judge

you may find many writeups in blog and github for buuctf.

hints and tools

binwalk

arr3esty0u github info

shg-sec

hack.lu 2022

ayacms rce in nctf 2022? how to identify the cms? and how the fuck did those guys identify the shit from that damn website (bing-upms)?

answer: they are both busting common web directories. can be induced by common repo structures.

baby-aes for crypto signin?

zsteg for solving that png problem?

normal sql injection, not for denodb

huli: interesting blog where denodb 0day came from

some z3 code, which does not but angr solved the problem

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
from z3 import *
data1=0x162AEB99F80DD8EF8C82AFADBA2E087A
data2=0x47C9F2ACA92F6476BE7F0A6DC89F4305
data3=0x33B57575
answer=[]
flag1=[]
key=[0x7e,0x1f,0x19,0x75]
solver=Solver()
flag=[Int('flag%d'%i) for i in range(36)]
for i in range(16):
answer.append((data1>>8*i)&0xff)
for i in range(16):
answer.append((data2>>8*i)&0xff)
for i in range(4):
answer.append((data3>>8*i)&0xff)
print(answer)
for i in range(0,9):
v3=key[3]
v4=flag[4*i+3]
v5=key[0]
v6=flag[4*i]
v7=flag[4*i+1]
v8=key[1]
v9=flag[4*i+2]
v10=(v6 + v4) * (key[0] + v3)
v11=key[2]
v12 = v3 * (v6 + v7)
v13 = (v3 + v11) * (v7 - v4)
v14 = v4 * (v11 - v5)
v15 = v5 * (v9 + v4)
solver.add(v14+v10+v13-v12==answer[4*i])
solver.add(v6 * (v8 - v3) + v12==answer[4*i+1])
solver.add(v15 + v14==answer[4*i+2])
solver.add(v6 * (v8 - v3) + (v8 + v5) * (v9 - v6) + v10 - v15==answer[4*i+3])
if solver.check()==sat:
m=solver.model()
rex = []
for i in range(34):
rex.append(m[flag[i]].as_long())
print(rex)
else:
print("n0")

writeups

saying this is complete for 2022 nctf?

arr3ty0u nctf 2022 writeup

nctf 2019 writeup

don’t know when it is, but i remember i have seen this shit: katastros’s nctf writeup

ctfiot chamd5 nctf 2022 writeup

nctf 2022 official crypto writeup

Read More

2022-12-02
Unlocking Web Application Firewall Evasion: A Comprehensive Guide

Read More

2022-12-02
Cracking Burpsuite Pro: Exploiting Web App Vulnerabilities With Python Api Client

burpsuite Pro cracked keygen

this makes me think of metasploit pro.

burpsuite pro contains burp webapp scanner, will scan for common vulnerabilities, 0day exploits for highly dynamic webapps.

burpsuite pro 2021 keygen

python unofficial burpsuite api client

burpsuite 2022 crack

Read More