ctf hacking

[RK_2014_0919] Linux Kernel Hacking, hackingKernelBuild Guide to building the Linux kernel.Where do I find the kernel? The latest source code for the Linux kernel is kept on kernel.org. you can either download the full source code as a tar ball (not recommended and will take forever to download), or you can check out the code from the read-only git repositories.What tools do I need? To build the Linux kernel from source, you need several tools: git, m

include: Dual Certification-CEH and CPT 5 days of IntensiveHands-On Labs Expert Instruction CTF exercises in the evening Most up-to-date proprietary courseware available VIEW ETHICAL HACKING Step 2: As we have already opened the Java applet in the browser, we select the "An existing process" option from the specified Noop tool to attach the agent into the running applet as shown below. Click t

CTF organizer's guide against zombies 0x00 background XDCTF2015 is a CTF that I think is very powerful. The problem is moderately difficult and there is nothing wrong with it. It has ended successfully. CTF has always been easy to get confused. Sometimes it comes from itself. For example, in a year, XDCTF paused for several hours due to power outages in the scho

Thanks to the white hat Adog a.k.a D3adca7 (Dead Cat overbearing President), the following content for security enthusiasts Reference study, this article won the Contribution Award 300 yuan, will enter the author account, submission please send mail to huangyuan#360.cn Order As the area where information security is becoming more and more important, and the CTF (Capture the flag) as a form of competition for the selection of talents and competing ski

This year, the domestic various CTF competitions are overwhelmed, the first time to participate in CTF because Baidu held the BCTF. At that time with a few friends to participate in, the process is quite interesting, so embarked on this road of no return.CTF really is a very test of brain power of a thing, the scope of the topic is quite wide, every time to participate in the

Discover a good place to learn the CTF, the CTF training camp (http://ctf.idf.cn/) of the IDF laboratory.Just contact the CTF, to play under the kind, AK. Nice and cool.1. Morse codeTick ticking, it keeps turning.-- --- .-. ... .Ticking, ticking, it's splashing.-.-. --- -.. .-->> The title is Morse code, search under "Morse code", found the Tick (.) Click (-) and

1. Configure the Jenkins path in CTF Go to project --> project configuration --> build, test, and Integration --> enter the URL Start Single Sign-On: after integration, you can only use the CTF account and cannot use the Jenkins account. 2. Install the CTF plug-in Jenkins Jenkins --> System Management --> Management plug-in --> optional plug-ins --> select

In order to be able to follow up on the latest security warnings, we often spend time on vulnerability rewards and ctf competitions. When we discuss what we want to do this weekend, Matthias comes up with an interesting idea: What goals can we use to attack ourselves? The answer is Google search engine. For scanning google vulnerabilities, what can be better than google search engines. What is the most likely breakthrough? ① Old and unmaintained softw

Preface La la, I don't know if you know all the last write back... (⊙ _ ⊙ )? Link to the previous article This is another requirement for getting started with CTF: Implicit writing ~~ (Don't spray it if you're not talking about it) _ (: Warning) Quit )_ Implicit writing, as its name implies, means that the confidence to be conveyed is hidden on various carriers (data streams, compressed packages, images, audios, etc. The modern digital watermarking t

The bypass score due to lack of thinking: 20 Source: Pcat Difficulty: Medium Number of participants: 6479 people Get flag:2002 People Number of respondents: 2197 people Problem solving pass rate: 91% Access to the problem-solving link to access the topic, you can answer questions. According to the general problem of web questions to solve the problem. Look at the source, request, response and so on. Submit content consistent with the title to return to flag. The

This looks a little simple! Score: 10 Source: West Cape College Difficulty: Easy Number of participants: 10515 people Get flag:3441 People Number of respondents: 4232 people Problem solving pass rate: 81% It's obvious. Spring Festival does not give gifts, gifts to send thisFormat:Problem Solving Links: http://ctf5.shiyanbar.com/8/index.php?id=1Original title Link: http://www.shiyanbar.com/ctf/33"Problem Solving Report

Following the previous PHP version of the posture (different version of the use of features), the article summarizes the PHP version differences, and now in a local diary summary of the PHP black Magic, is used to do the CTF encountered and recorded, it is very suitable for the CTF code audit time to look over.One, the requirement variable original value is different but MD5 or SHA1 the same case1.0e all eq

Little Apple Score: 10 Source: Hanyuhang Difficulty: Easy Number of participants: 2159 people Get flag:862 People Number of respondents: 996 people Problem solving pass rate: 87% Flag format: ctf{}Problem Solving Links: http://ctf5.shiyanbar.com/stega/apple.pngOriginal title Link: http://www.shiyanbar.com/ctf/1928"Problem Solving Report"　　This is my primer to write the seco

0x00 Prefaceas a novice I would like to record what I have learned since I have been exposed to this kind of stuff for a few days now. the knowledge points required for this CTF include the contents of the image hidden,mp3 ,base64 decryption, pawn decryption, and possibly tools included Binwalk,mp3stego and so on. Topic Links: Http://ctf5.shiyanbar.com/stega/apple.png0x01 Temptationthese days I developed a habit, get the topic no matter 3,721 first t

Once More score: 10 Source: Ifuryst Difficulty: Easy Number of participants: 4782 people Get flag:2123 People Number of respondents: 2166 people Problem solving pass rate: 98% Oh, pull? Another PHP audit. I'm sick of it.The Hint:ereg () function has a loophole; the teacher said to use scientific methods to count.Format: ctf{}Problem Solving Links: http://ctf5.shiyanbar.com/web/more.phpOriginal title Link: http://www.s

But in fact, the browser is far more than these, Firefox is divided into Firefox 1.5,firefox 2,firefox 3 Several major versions, IE7,IE6 also have several series, in addition to the two mainstream manufacturers of products, as well as opera, Konqueror,netscape,chrome and other series. These browsers, each has its own set, often in this operation is normal, where the operation is not normal. So the WD tore east to make up the West, finally can in several browsers are normal. As a result, the pro

SECCON 2015 CTF Selection: A 400-point Android APK reverse question | focus on hackers and geeks This is the second question of "Android APK reverse" in the SECCON 2015 CTF challenge, with a score of 400. The prompt is: "The key is stored in the application, but you need to hack the server ." First, I installed the APK file to see what it can do, and found that there are only two functions: Registration

This CTF challenge is a bit of a point, let's take a lookThe homepage looks pretty good.Level1The flag can be seen directly F12.Flag:infosec_flagis_welcomeLevel2"This picture looks broken, can you check it?"If I had played Linux, it would have been simple. A Curl command will be able to view the content (as sure as Linux Dafa is good). But I am windows, a little trouble? Download down with UE open to see? Don't do that!Directly right-click is not able

completed with comments:#-*-Coding:utf-8-*-Import requestsImport time#定义个方法返回时间时间差 var is defined as the number of digits to guess the solution character numdef test (Var,num):#url链接url = ' http://ctf5.shiyanbar.com/web/wonderkun/index.php '#头信息 x-forwarded-for Insert Variableheaders = {}#X-forwarded-for Specifies that if the character is to sleep for 5 secondsheaders[' x-forwarded-for ']= "" "1 ' + (select 1 from (SELECT-SUBSTRING (flag from" "+str (num) +" "" for 1) fro M flag) = ' "" "+str (

School recently prepared to run a network attack flag race, do not speak, find the platform of the West to practice. Some of the questions are very interesting, decided to write down the idea.Title Link: http://www.shiyanbar.com/ctf/examctfdetail/32Click to find the hint IP is not in the Allow list,Then review the source code, send a tricky.You can see the meaning of the code. If the IP is in 1.1.1.1. Then you can get the key. So let us think of a pow