ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle1 分钟 读完 (大约 205 个字)

pwnable.kr —— shellshock

question

1
2
3
4
5
Mommy, there was a shocking news about bash.
I bet you already know, but lets just make it sure :)


ssh shellshock@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh shellshock@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle1 分钟 读完 (大约 222 个字)

pwnable.kr —— mistake

question

1
2
3
4
5
6
7
8
9
We all make mistakes, let's move on.
(don't take this too seriously, no fancy hacking skill is required at all)

This task is based on real event
Thanks to dhmonkey

hint : operator priority

ssh mistake@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh mistake@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle6 分钟 读完 (大约 965 个字)

pwnable.kr —— leg

question

1
2
3
4
5
6
7
Daddy told me I should study arm.
But I prefer to study my leg!

Download : http://pwnable.kr/bin/leg.c
Download : http://pwnable.kr/bin/leg.asm

ssh leg@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh leg@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle7 分钟 读完 (大约 986 个字)

pwnable.kr —— input

question

1
2
3
Mom? how can I pass my input to a computer program?

ssh input2@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上查看ssh input2@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle4 分钟 读完 (大约 585 个字)

pwnable.kr —— passcode

question

1
2
3
4
5
Mommy told me to make a passcode based login system.
My initial C code was compiled without any error!
Well, there was some compiler warning, but who cares about that?

ssh passcode@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上查看ssh passcode@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle2 分钟 读完 (大约 282 个字)

pwnable.kr —— bof

question

1
2
3
4
5
6
7
Nana told me that buffer overflow is one of the most common software vulnerability. 
Is that true?

Download : http://pwnable.kr/bin/bof
Download : http://pwnable.kr/bin/bof.c

Running at : nc pwnable.kr 9000

先看下文件,然后nc上去进行数据输入

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle2 分钟 读完 (大约 298 个字)

pwnable.kr —— collision

question

1
2
3
4
Daddy told me about cool MD5 hash collision today.
I wanna do something like that too!

ssh col@pwnable.kr -p2222 (pw:guest)

题目需要我们使用ssh登录到服务器上查看ssh col@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
关注我

链接

归档

订阅更新

邮件订阅,更新早知道

分类

最新文章

标签

AI2
CTF48
CVE4
Fuzz1
FuzzingBook1
HEVD5
NLP1
PyQt512
ROP Emporium2
Toddler's Bottle21
Web1
automatic analyse10
binary analyse1
codeql5
crypto7
fuzz3
life2
linux kernel2
machine learning1
mobile security1
others1
paper18
pentest3
pwn24
pwnable.kr21
re5
research20
security18
security situation awareness2
stack overflow3
tools2
windows8
work1
writeup5
数据库11
×