Chive WriteUp
Sign in
small game
Work first to earn money to buy the "Remnant Volume of Far Ancient Classics" to be prompted, then enter -1 when buying spell power, the power will become large, and then work to buy health and defeat the evil dragon to get the flag.
magicCube
Press F12 to search for flag { in the debugger .
re
hypnotherapy
Drag to the first page in ida to display the flag
web
index.?
Finally, add /index.php to the url and press F12. The flag is in the comment.
Dragon Quest
F12 changed the maxlength of playing slime, leveled to just a little more than the 10,000 fighting power that can challenge the dragon (level 100), challenge the dragon, and receive the flag.
The brave lied about the dragon
The prompt is this . You can get the flag by
checking the source code and
typing if (power> = enemy) in the console.
catchME
Open to find that there is a 301 jump on the content of the blog and the home page, use BP to grab the first page of the package, send to repeater, send to see the response.
magicpassword
Master password
GITHUB
Search the author's name on GitHub, find the latest blog, click this.
One million guesses
Check the source code, guess is the number you enter, the
console can check the value of judge, md5 can be decoded.
happy Birthday
Pick the second card and 2000, just lose the month and day, use BP to grab the package, and blast the month and day in the intruder.
ezheader
Use BP to capture packets, add 127.0.0.1 according to the prompt requirements, and find that BAN has XFF header, use Client-IP, and then change User-Agent and Referer according to the prompts.
magicMD5
Scan the directory with dirsearch and find /index.php.bak, add this at the end of the url, and start the code audit.
<?php
echo "do you know how i backup my file<br><br>";
$a1=$_GET['a1'];
$a2=$_GET['a2'];
$b1=$_GET['b1'];
$b2=$_GET['b2'];
$c1=$_POST['c1'];
$c2=$_POST['c2'];
$d1=$_POST['d1'];
$d2=$_POST['d2'];
if(is_numeric($a1)&&(!is_numeric($a2))&&intval($a1)==intval($a2)){
echo 'level 1 pass<br>';
}else{
die('get out');
}
if($b1!=$b2&&md5($b1)==md5($b2)){
echo 'level 2 pass<br>';
}else{
die('get out');
}
if($c1!==$c2&&md5($c1)===md5($c2)){
echo 'level 3 pass<br>';
}else{
die('get out');
}
if((string)$d1!==(string)$d2&&md5($d1)===md5($d2)){
echo 'level 3 pass<br>';
}else{
die('get out');
}
$flag = 'flag_here';
echo "<!-- ".$flag." -->";
?>
The md5 vulnerability using php is constructed as follows:
Princess Diary's Secret Diary
F12 found a regular expression in the notes
/^I?\sa+m*\sp{4}r{2,}i{1,2}(nc)*\w\s[of]?\s[a-z]{5}$/
The structure is as follows (there are many)
I amm pppprrincnce f aaaaa
loan
Found in the url
data = 5d4aace023dc088767b4e08c79415dcd80432911e07b111f6a05fd7c904c1bc9
md5 after encryption should be 32 bits, and this is 64 bits, divided into two ends from the middle md5 decoding and then base64 decoding, got 10 and 0, corresponding to the value of the money held and the amount owed , A base64 encrypted with a number greater than 100 and then md5 encrypted into the url can go to the store to buy the flag.
crypto
Do you think this is an ordinary fence?
W-type fence password
ez_RSA
Write py solution d according to e, p, q
import gmpy2
e = 17
p = 8169558889361
q = 1513871
d = gmpy2.invert(e, (p-1)*(q-1))
print(d)
use_the_keyboard
Decode base64 first and then look at the middle character circled by every four characters on the keyboard
Emperor's flag
Drag txt into winhex and
convert it to Morse code according to UTF-8's no-width characters and then decode
misc
No Bodhi tree, nor stand mirror
It is not correct to find Buddhism Zen. After the full selection, the font color is changed to red. There is a paragraph below. Put the following Buddhism Zen.
Are you afraid of darkness
Open the picture with stegsolve and press the left and right arrow keys
give_you_flag
A password is required, put the zip compressed package into winhex, and find that it is pseudo encryption.
Change this 9 to 0 and save it to open the png image inside. It is found that it is not in png format. Put it in winhex and see that the file header is 8BPS, which should be a .psd file.
Change it to .psd and put it into PS
Ctrl + i to invert the color and export it. Use the drawing software to fill in the three corners and scan the QR code.
Fight Fifth Space
The copyright of the attribute detailed information is base64, decode
Download exiftool, decode the base64 after Comment
Simple traffic analysis
Open the .pcapng file with Kali's wireshark, right click-trace stream-TCP stream and
change the "display and save data as" to the original data, export, and then separate the exported file with foremost, there is a compressed package in the output, there is a flag .TXT
You are more beautiful than 蔷 Wei
The picture is opened with winhex, change the width and height
B station to search for the BV number, download the video, use ffmpeg to separate the pictures, and convert the black and white small squares into binary and then into strings.