/images/avatar.jpeg

「DefcampCTF2022」Rev 部分题解

algorithm给了源代码: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 flag = '[test]' hflag = flag.encode('hex') iflag = int(hflag[2:], 16) def polinom(n, m): i = 0 z = [] s = 0 while

「CGCTF」部分练习记录

WxyVM1main: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 __int64 __fastcall main(int a1, char **a2, char **a3) { char isok; // [rsp+Bh] [rbp-5h] int i; // [rsp+Ch] [rbp-4h] puts("[WxyVM 0.0.1]"); puts("input your flag:"); scanf("%s", &input); isok = 1; runVM(); if ( strlen(&input) != 24 ) isok = 0; for ( i = 0; i <=

「HayyimCTF2022」Rev 部分题解

ezrev 调试到图示位置就好, 把经过加密的字符串拿出来, 异或常数回去, 再解 base64 frontdoor 长亭大佬的博客: http://acez.re/the-weak-bug-exploiting-a-heap-overflow-in-vmware/ open-vm-tools源码: https://github.com/vmware/open-vm-tools.git 1 frontdoor: ELF 64-bit LSB pie executable, x86-64, version