tyskillのBlog

CISCN2021部分writeup及复现

2021.5.15 2021.5.16 CTF 1883 4 分钟

web-easy_sql waf information绕不过去，使用sqlmap注出表名 1 2 3 4 5 6 7 python sqlmap.py -u http://124.70.96.30:24321/ --data "uname=admin&passwd=admn&Submit=%E7%99%BB%E5%BD%95" -D "security" --tables Database: security……

[vulnhub]HarryPotter Aragog

2021.5.14 2021.5.14 靶机 1099 3 分钟

Description: Aragog is the 1st VM of 3-box HarryPotter VM series in which you need to find 2 horcruxes hidden inside the machine (total 8 horcruxes hidden across 3 VMs of the HarryPotter Series) and ultimately defeat Voldemort. Difficulty: Easy 信息收集 nmap 1 2 nmap……

Linux提权学习记录

2021.5.12 2021.5.13 学习笔记 2641 6 分钟

suid提权前置知识 Linux文件权限 Linux 文件基本属性 suid属性概述 suid（也叫setuid，……

红帽杯2021

2021.5.9 2021.5.9 CTF 793 2 分钟

find_it robots.txt When I was a child,I also like to read Robots.txt Here is what you want:1ndexx.php .1ndexx.php.swp 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30……

Laravel5.8 RCE POP链复现

2021.5.1 2021.5.2 代码审计 5543 12 分钟

环境搭建 1、下载laravel5.8版本的框架并在本地启动服务 1 2 3 4 composer create-project --prefer-dist laravel/laravel laravel58 5.8.* cd laravel58 composer install php artisan serve……