deayzl's blog

보호되어 있는 글입니다.

box.c : // gcc box.c -o box -no-pie #include #include #include #include #include #include #include #include #define FLAG_PATH "/flag" int install_seccomp(uint8_t *filt, unsigned short len); void vuln(); void read_flag(); uint32_t target = 0xdead; int main(int argc, char **argv) { uint32_t filt_len; setvbuf(stdin, NULL, _IONBF, 0); setvbuf(stdout, NULL, _IONBF, 0); setvbuf(stderr, NULL, _IONBF, 0..

Tool: ghidra 10.2.2 with GolangAnalyzerExtension Exploit: making utf-8 shellcode (pwnable) feat. I've never written any code in go language, so all of these are from internet references and quite a lot of my predictions. So there might be something wrong with my analysis. /* WARNING: Unknown calling convention */ /* Name: main.handleConnection Start: 004cd140 End: 004cdb00 */ void main.handleCon..

이름: 안현준대학: 단국대학교 사이버보안학과 23학번나이: 2003년생ctf 팀: cat :flag_kr:취미: 음악 듣기(발라드 제외), linux kernel, v8좋아하는 분야: Pwn, Revgithub: https://github.com/hyeonjun17 Contact:   email: guswns0863@gmail.com   discord: @deayzl Education:   2023.07 ~ 2024.03 , BoB 12th 취약점분석트랙 (top30)History:   2023.08 ~ , ctf team cat :flag_kr:   2023.09 ~ 2023.12, BOB12 project, Linux kernel에서 발생하는 Memory corruption으로 이어지는 Data-ra..

files: encrypt.c, isThisFileUseful.txt, justBinaries.txt, up_down.py isThisFileUseful.txt: 1001010110001010100011001000101110011110100101001001101010000110 justBinaries.txt: 11110100000101010111111101110011111001001101000010001101101101001100101100000111111110100111000110000001100011011111111101000010001101101100010110100100101100111110000111011111111001001000101010010100100011100000010100010010..

1. crawl import requests s = requests.Session() counter = 1 while True: req = requests.Request('GET', 'http://ctf.incognito.kr:9000/ctf/mailbox') pre = s.prepare_request(req) resp = s.send(pre) csrf = resp.text[resp.text.find("{ \"X-CSRFToken\": '")+len("{ \"X-CSRFToken\": '"):] csrf = csrf[:csrf.find('\'')] req = requests.Request('POST', 'http://ctf.incognito.kr:9000/ctf/mailbox/mail_detail') p..