加载中...

CTF 解题报告导航


Root-Me

题型 挑战 解题报告 得分
App-Script Bash - System 1 Solving Reports 5
App-System ELF x86 - Stack buffer overflow basic 1 Solving Reports 5
Cracking ELF - CrackPass Solving Reports 30
Cracking ELF - 0 protection Solving Reports 5
Cracking ELF - Fake Instructions Solving Reports 15
Cracking ELF - Ptrace Solving Reports 15
Cracking ELF C++ - 0 protection Solving Reports 10
Cracking PE - 0 protection Solving Reports 5
Cracking PE DotNet - 0 protection Solving Reports 10
Cracking ELF - x86 Basic Solving Reports 5
Cryptanalysis Hash - Message Digest 5 Solving Reports 5
Cryptanalysis File - PKZIP Solving Reports 15
Cryptanalysis Pixel Madness Solving Reports 15
Cryptanalysis File - Insecure storage 1 Solving Reports 20
Cryptanalysis Encoding - UU Solving Reports 5
Cryptanalysis Encoding - ASCII Solving Reports 5
Cryptanalysis Hash - SHA-2 Solving Reports 5
Cryptanalysis Shift cipher Solving Reports 10
Forensic Command & Control - level 2 Solving Reports 15
Network FTP - authentication Solving Reports 5
Programming Go back to college Solving Reports 5
Programming Uncompress me Solving Reports 10
Programming The Roman’s wheel Solving Reports 10
Programming Quick Response Code Solving Reports 40
Programming Arithmetic progression Solving Reports 20
Programming CAPTCHA me if you can Solving Reports 20
Programming Encoded string Solving Reports 10
Realist It happens, sometimes Solving Reports 10
Steganography Squared Solving Reports 5
Steganography Gunnm Solving Reports 5
Web-Client Javascript - Native code Solving Reports 15
Web-Client Javascript - Obfuscation 2 Solving Reports 10
Web-Client CSRF - token bypass Solving Reports 45
Web-Client HTTP Response Splitting Solving Reports 70
Web-Client Flash - Authentication Solving Reports 40
Web-Client XSS - Stored 2 Solving Reports 50
Web-Client Javascript - Source Solving Reports 5
Web-Client HTML - disabled buttons Solving Reports 5
Web-Client XSS - Reflected Solving Reports 45
Web-Client CSRF - 0 protection Solving Reports 35
Web-Client XSS - Stored 1 Solving Reports 30
Web-Client Javascript - Authentication Solving Reports 5
Web-Client Javascript - Obfuscation 4 Solving Reports 50
Web-Client Javascript - Obfuscation 3 Solving Reports 30
Web-Client Javascript - Authentication 2 Solving Reports 10
Web-Client Javascript - Obfuscation 1 Solving Reports 10
Web-Server PHP preg_replace() Solving Reports 30
Web-Server Backup file Solving Reports 10
Web-Server File upload - null byte Solving Reports 25
Web-Server SQL injection - string Solving Reports 30
Web-Server Weak password Solving Reports 10
Web-Server HTTP - POST Solving Reports 15
Web-Server PHP type juggling Solving Reports 30
Web-Server HTTP - Open redirect Solving Reports 10
Web-Server LDAP injection - authentication Solving Reports 35
Web-Server Remote File Inclusion Solving Reports 30
Web-Server SQL injection - Error Solving Reports 40
Web-Server HTML Solving Reports 5
Web-Server HTTP - cookies Solving Reports 20
Web-Server PHP assert() Solving Reports 25
Web-Server PHP register globals Solving Reports 25
Web-Server Install files Solving Reports 15
Web-Server SQL injection - authentication Solving Reports 30
Web-Server Improper redirect Solving Reports 15
Web-Server Directory traversal Solving Reports 25
Web-Server CRLF Solving Reports 20
Web-Server SQL injection - Time based Solving Reports 45
Web-Server HTTP - verb tampering Solving Reports 15
Web-Server File upload - double extensions Solving Reports 20
Web-Server SQL injection - file reading Solving Reports 40
Web-Server HTTP - directory indexing Solving Reports 15
Web-Server Command injection Solving Reports 10
Web-Server HTTP - Headers Solving Reports 15
Web-Server Local File Inclusion - Double encoding Solving Reports 30
Web-Server File upload - MIME type Solving Reports 20
Web-Server Server-side Template Injection Solving Reports 30
Web-Server HTTP - User-agent Solving Reports 10
Web-Server Local File Inclusion Solving Reports 30
Web-Server PHP filters Solving Reports 25

XSS Game

难度 挑战 解题报告
Level 1 Hello, world of XSS Solving Reports
Level 2 Persistence is key Solving Reports
Level 3 That sinking feeling… Solving Reports
Level 4 Context matters Solving Reports
Level 5 Breaking protocol Solving Reports
Level 6 Follow the 🐇 Solving Reports

prompt(1) to win

难度 挑战 解题报告
Level 0 warm up Solving Reports
Level 1 tags stripping Solving Reports
Level 2 frowny face Solving Reports
Level 3 HTML Comment Solving Reports
Level 4 Basic Auth Solving Reports
Level 5 Input Type Solving Reports
Level 6 Action Solving Reports
Level 7 Length Solving Reports
Level 8 Unicode Solving Reports
Level 9 ECMAScript Solving Reports
Level A (╯°□°)╯︵ ┻━┻ Solving Reports
Level B In Exception Solving Reports
Level C ノ┬─┬ノ ︵ ( \o°o)\ Solving Reports
Level D Json Object Solving Reports
Level E Base64 Solving Reports
Level F Length2 Solving Reports
Level H1 Hoisting Solving Reports

alert(1) to win

难度 挑战 解题报告
Level 01 Warmup Solving Reports
Level 02 Adobe Solving Reports
Level 03 JSON Solving Reports
Level 07 Skandia Solving Reports
Level 09 JSON 2 Solving Reports

RedTiger’s Hackit

难度 挑战 解题报告
Level 01 Simple SQL-Injection Solving Reports
Level 02 Simple login-bypass Solving Reports

sqli-labs

难度 挑战 解题报告
Less 01 Error Based Single Quotes Solving Reports

注: sqli-labs 靶场环境需自行搭建。

upload-labs

难度 挑战 解题报告
Pass 01 File Extension Solving Reports
Pass 02 File Type Solving Reports

注: upload-labs 靶场环境需自行用 docker 部署。

xss-quiz

难度 挑战 解题报告
Level 01 Stage #1 Solving Reports

注: xss-quiz 不能跳关,只能循序渐进。

CG-CTF

TODO

BugkuCTF

TODO

攻防世界

TODO


文章作者: EXP
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 EXP !
 上一篇
深入博弈论 深入博弈论
《深入浅出狼人杀》的姐妹篇(前篇):主要讲解几种静态博弈和动态博弈的场景,作为后篇的知识铺垫
2021-10-25
下一篇 
CVE-2021-22192 漏洞分析 CVE-2021-22192 漏洞分析
GitLab 是一款使用 Rails 开发的、自托管的、Git 项目仓库应用程序。该程序可用于查阅项目的文件内容、提交历史、Bug列表等。 GitLab all versions starting from 13.2 存在安全漏洞,该漏洞允许未经授权的经过身份验证的用户在服务器上执行任意代码。
2021-05-02
  目录