-
主要是最近比较忙没时间看CTF了,而且最近没有看到fenjing解不出的Jinja SSTI题目,不知道该更新什么
题目最好满足这些条件:
- 确定是Jinja SSTI, 而且(希望)不是python2
- payload被WAF时至少得有一点反应,比如说出现特殊页面或者关键字被替换
- payload提交方式任意,只要可以用python脚本自动化就行(甚至塞在JWT中提交也行)
…
-
Automatically add challenge posts with title, description and link to attachment (to prevent downloading large files) when given the URL to a CTFd CTF.
CTFs will most likely require an account to s…
-
Is there a way to fill the challenges solutions when creating challenges, like on another tab "solution" and make it visible to participants when CTF is done?
-
When one side (typically the client) half-closes the TCP stream to send an EOF to the other side, the connection is immediately terminated instead of allowing communications to continue for a short pe…
-
I currently use ctfcli like an infrastructure-as-code provider in CI/CD pipelines. However, the following resource changes (challenges/containers/services) must be reconciled manually:
* Name changes…
-
url:https://ctf-wiki.org/pwn/linux/user-mode/stackoverflow/x86/basic-rop/#ret2syscall
题目源代码:https://github.com/ctf-wiki/ctf-challenges/blob/master/pwn/stackoverflow/ret2syscall/bamboofox-ret2syscal…
-
The CTF seems to be down, does any one have the challenges, I missed this one out.
I will try contacting the CTF organizers via email
If any one have all the files and descriptions of the challeng…
-
- [ ] Systemd Service Files to autostart Challenges and Scoreboard
- [ ] Research new scoring engine
- [ ] automate ctf
#### Notes
- Facebook CTF
- Carolina Con CTF
-
https://blog.csdn.net/qq_33528164/article/details/79993399
House Of Einherjar利用技术
参考:https://ctf-wiki.github.io/ctf-wiki/pwn/linux/heap/house_of_einherjar/
题目地址:https://github.com/ctf-wiki/ct…
-
Not sure if this is intended behavior, but in the previous build of ctfcli, when in a challenge directory, running `ctf challenge sync` or `ctf challenge install` would sync/install that challenge
…