Open Redirection Twitter Open Redirection https://twitter.com/teams/authorize?target_screen_name=&authorize_callback=//www.fb.com Description: This payload will redirect from twitter.com to www.fb.com XSS i='[url=javascript://%0aalert`1`] …
python a2sv.py -t [ip address] github.com
Information Security Blog/ ・English liveoverflow.com ・日本語 CTF web専門: https://graneed.hatenablog.com/entry/2018/12/16/003745 ・中文 www.cnblogs.com
www.youtube.com Payload: i='[url=javascript://%0aalert`1`] click me![/url]'
1. Game of Faces webpageにアクセスするとこんな感じです。 アクセスするごとに色が変わる三つのブロックでした。 ソースコードを確認します。 formタグが気になりますね。どうやらファイルアップロードのコンテンツがあります。 一見三つのブロックしかな…
1. strcmp bypass http://wargame.kr:8080/strcmp/ ソースコード(PHP) ... $password = sha1(md5(rand().file_get_contents("/var/lib/dummy_file")).rand()); if (isset($_GET['view-source'])) { show_source(__FILE__); exit(); }else if(isset($_POST['p…
php md5($a,true) bypass: fuzz1: 129581926211651571912466741651878684928 SQL Injection ↑ fuzz2: ffifdyop ↑ SQL Injection php md5(v1)==md5(v2) bypass: v1: 240610708 v2: QNKCDZO stackoverflow.com
nekose9.hatenablog.com
既知平文攻撃とは?What's the known-plaintext attack? Wikipedia definition: The known-plaintext attack (KPA) is an attack model for cryptanalysis where the attacker has access to both the plaintext (called a crib), and its encrypted version…
TamuCTF was a 9 days long CTF, and many challenges are practical that we can use it in the real world. This is the fifth time I participate in the CTF, and personally I think that's easier than usual. I still need to learn more basic knowl…
www.youtube.com
Cross-site Scripting (XSS) - DOM (CWE-79) Open Redirect (CWE-601) Server-Side Request Forgery (SSRF) (CWE-918) Report1: medium.com (今後続く)
Cross-site Scripting (XSS) - DOM (CWE-79) OWASPによる定義: DOM Based XSS (or as it is called in some texts, “type-0 XSS”) is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim…
SQLi challenges: www.zixem.altervista.org Writeup: こちらのブログをご参考ください。 medium.com
脆弱性を探す前に、サブドメインが多ければ多いほど脆弱性が潜んでいる可能性が高いといわれています。 今回は、サブドメインを見つけてくれるツールをご紹介します。 1. 「Sublist3r」 2. 「dirsearch」 3. 「relative-url-extractor」 4. 「LinkFinder」 5…
Level0 最も典型的なバッファオーバーフローの例です。 Try: Payload: narnia0.cを見て、payloadを作ります。 ( echo -e "AAAAAAAAAAAAAAAAAAAA\xef\xbe\xad\xde"; cat; ) | ./narnia0 /etc/narnia_passに入りパスワードをゲットします。 One more solution:…
Python: def exgcd(m, n): if n>0: y,x,d = exgcd(n, m%n) return x, y-m/n*x, d else: return 1, 0, m N = 97139961312384239075080721131188244842051515305572003521287545456189235939577 E = 65537 C = 7736145512745599657240445122140151014557577623…
qiita.com
CRLF Injection (CWE-93)Code Injection (CWE-94)Command Injection - Generic (CWE-77)Cross-site Scripting (XSS) - DOM (CWE-79)Cross-site Scripting (XSS) - Generic (CWE-79)Cross-site Scripting (XSS) - Reflected (CWE-79)Cross-site Scripting (XS…
Business Logic Errors (CWE-840)Cleartext Storage of Sensitive Information (CWE-312)Cleartext Transmission of Sensitive Information (CWE-319)Denial of Service (CWE-400)Deserialization of Untrusted Data (CWE-502)Information Disclosure (CWE-2…
Array Index Underflow (CWE-129)Buffer Over-read (CWE-126)Buffer Under-read (CWE-127)Buffer Underflow (CWE-124)Classic Buffer Overflow (CWE-120)Double Free (CWE-415)Heap Overflow (CWE-122)Improper Null Termination (CWE-170)Incorrect Calcula…
Cryptographic Issues - Generic (CWE-310)Improper Certificate Validation (CWE-295)Improper Following of a Certificate's Chain of Trust (CWE-296)Inadequate Encryption Strength (CWE-326)Key Exchange without Entity Authentication (CWE-322)Miss…
Brute Force (CWE-307)Forced Browsing (CWE-425)Improper Access Control - Generic (CWE-284)Improper Authentication - Generic (CWE-287)Information Disclosure (CWE-200)Information Exposure Through Debug Information (CWE-215)Information Exposur…
Brute Force (CWE-307)Cleartext Transmission of Sensitive Information (CWE-319)Client-Side Enforcement of Server-Side Security (CWE-602)Command Injection - Generic (CWE-77)Cross-Site Request Forgery (CSRF) (CWE-352)Cross-site Scripting (XSS…
・2013年 Cleartext Storage of Sensitive Information (CWE-312)Cleartext Transmission of Sensitive Information (CWE-319)Command Injection - Generic (CWE-77)Cross-Site Request Forgery (CSRF) (CWE-352)Cross-site Scripting (XSS) - DOM (CWE-79)C…
・コード def LongestWord(sen): # code goes here array=sen.split(" ") sen=array[0] for i in range(1,len(array)-1): if(len(array[i])>len(array[i-1])): sen=array[i] return sen # keep this function call here print LongestWord(raw_input()) ・チ…
こちらの記事をご参考ください。 bias.hateblo.jp - Base 16 Decoder: Hexadecimal Base Converter - Base 16 - Online Software Tool - Base 32 Decoder: Base32 Decode Online - Base 64 Decoder: Base64 Decode and Encode - Online - Base 85 Decoder: A…
Micro-CMS v1(難易度:Easy) この問題には4つのフラグが隠れています。ウェブページにアクセスしてみます。 まず、一つ目のリンクをクリックします。 編集できるようなので、編集画面に入ります。 URLに注目すると、サーバがURLの最後の数字で表示ページを…
こちらの方の動画をご覧ください。 www.youtube.com No1zyさんのブログ: no1zy.hatenablog.com
・ Nickname: Mars ・ Interests: Web security, network security, digital forensics, traveling, language study... ・ Twitter: @mars_sec101 twitter.com ・ Discord: @Mars#7579
