Prologue This article is mainly intended to serve as my own cheat sheet and notes, but if it can also help you, that would be great. The content is summarized from the original document, so you can regard this article as an TL;DR version of the document per se. I will consistently update the content if I find something missing or something worth to be noted. You can also contact me to update the content. Types of SQL Injection There’re 5 types of SQLi vulnerability or 5 ways that SQLMap can test ...
2024 CTF Training
Unread前言 這陣子都在學 Pwn,剛好遇到要繞過 Canary 的題目不會寫,所以就想說先暫時讓 Pwn 的知識沉澱一下,先寫些別的類別的題目,過陣子再來回頭看看他。總之今天是寫了 HTB 的一題密碼學的題目。 今日進度 [HTB] BabyEncryption Writeup 今日狀態 起床時間:11:00 知識量:⭐⭐⭐ 疲勞程度:⭐⭐⭐ 精神狀態:⭐⭐⭐⭐
0x00 Challenge Info You are after an organised crime group which is responsible for the illegal weapon market in your country. As a secret agent, you have infiltrated the group enough to be included in meetings with clients. During the last negotiation, you found one of the confidential messages for the customer. It contains crucial information about the delivery. Do you think you can decrypt it? This is the description of the challenge, let’s see the encrypting script and try to decrypt it! 0 ...
2024 CTF Training
Unread前言 前幾天去馬祖了,暫停學習了一下下。回來後先刷刷 Pico 的題目練練手!從馬祖回來之後變好累 XD 今日進度 two-sum buffer overflow 1 buffer overflow 2 今日狀態 起床時間:14:00 知識量:⭐⭐ 疲勞程度:⭐⭐⭐⭐ 精神狀態:⭐⭐⭐
2024 CTF Training
Unread前言 今天嘗試了自己不要看 Writeup 寫 Pwn106,模擬比賽的時候的感覺。結果真的做出來了!十分有成就感,所有的努力或許就是為了這樣一個一個的瞬間吧!繼續加油! 今日進度 THM 的 Pwn101 的 Pwn106 今日狀態 起床時間:09:00 知識量:⭐⭐⭐ 疲勞程度:⭐⭐⭐ 精神狀態:⭐⭐⭐⭐⭐
2024 CTF Training
Unread前言 今天寫題目的時候儘管找了近十篇的 writeups,還是有個原理一直沒有理解徹底,可能就是稍微知道個大概半很不貫徹,下次問問看學長能不能給點幫助好了。總之覺得 CTF 真的好難啊啊啊啊啊啊!但是我會加油的,因為我想要變強,也因為我很喜歡。 今日進度 [HTB] You know 0xDiablos Writeup 今日狀態 起床時間:07:45 知識量:⭐⭐⭐⭐⭐ 疲勞程度:⭐⭐⭐⭐ 精神狀態:⭐⭐⭐
0x00 Challenge Info As usual, let’s see the challenge desciption first. I missed my flag It’s a really simple description lol. Let’s directly dive into the analyzation part. 0x01 Reconnaissance Checksec ┌──(kali㉿kali)-[~/CTF/HTB/You know 0xDiablos] └─$ pwn checksec vuln [*] '/home/kali/CTF/HTB/You know 0xDiablos/vuln' Arch: i386-32-little RELRO: Partial RELRO Stack: No canary found NX: NX unknown - GNU_STACK missing PIE: No PIE (0x8048000) Stack: ...
前言 補一下昨天的進度,昨天看了看 HTB Academy 的 Stack-Based Buffer Overflows on Linux x86 這堂課。把原本對於 Pwn 的一些基礎知識補起來,也重新再了解一次各個 Register 的功能。總之這個課程還不錯滿推薦的。 今日進度 Stack-Based Buffer Overflows on Linux x86 今日狀態 起床時間:09:45 知識量:⭐⭐⭐ 疲勞程度:⭐⭐ 精神狀態:⭐⭐⭐⭐
StudyNotes
UnreadDiscalimer ⚠️ The resources for this article are from Stack-Based Buffer Overflows on Linux x86, and this article is intended only for personal review. It is advisable to consult the original resource for more detailed information. CPU Registers Registers are the essential parts of CPU. Almost every register have a small amout of storage space to store data temporarily. These registers can be classified as General registers, Control registers, Segment registers. The one we care the most is Gen ...
2024 CTF Training
Unread前言 今天把 Yuawn 的第一堂課上完了,明天來看看第二堂。然後今天沒有寫題目,不小心有點小偷懶了。明天趕緊繼續加油! 今日進度 Yuawn 的 Binary Exploitation (Pwn) - Basic 今日狀態 起床時間:11:00 知識量:⭐⭐⭐ 疲勞程度:⭐⭐ 精神狀態:⭐⭐⭐⭐