ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle6 分钟 读完 (大约 963 个字)

pwnable.kr —— memcpy

question

1
2
3
4
5
6
7
Are you tired of hacking?, take some rest here.
Just help me out with my small experiment regarding memcpy performance. 
after that, flag is yours.

http://pwnable.kr/bin/memcpy.c

ssh memcpy@pwnable.kr -p2222 (pw:guest)
阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle6 分钟 读完 (大约 949 个字)

pwnable.kr —— uaf

question

1
2
3
Mommy, what is Use After Free bug?

ssh uaf@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh uaf@pwnable.kr -p2222,密码是cmd1的flag,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle2 分钟 读完 (大约 268 个字)

pwnable.kr —— cmd2

question

1
2
3
4
5
Daddy bought me a system command shell.
but he put some filters to prevent me from playing with it without his permission...
but I wanna play anytime I want!

ssh cmd2@pwnable.kr -p2222 (pw:flag of cmd1)

题目要求我们使用ssh登录到服务器上ssh cmd2@pwnable.kr -p2222,密码是cmd1的flag,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle2 分钟 读完 (大约 274 个字)

pwnable.kr —— cmd1

question

1
2
3
Mommy! what is PATH environment in Linux?

ssh cmd1@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh cmd1@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle3 分钟 读完 (大约 418 个字)

pwnable.kr —— lotto

question

1
2
3
4
5
Mommy! I made a lotto program for my homework.
do you want to play?


ssh lotto@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh lotto@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle1 分钟 读完 (大约 173 个字)

pwnable.kr —— blackjack

question

1
2
3
4
5
6
7
8
9
Hey! check out this C implementation of blackjack game!
I found it online
* http://cboard.cprogramming.com/c-programming/114023-simple-blackjack-program.html

I like to give my flags to millionares.
how much money you got?


Running at : nc pwnable.kr 9009
阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle1 分钟 读完 (大约 205 个字)

pwnable.kr —— shellshock

question

1
2
3
4
5
Mommy, there was a shocking news about bash.
I bet you already know, but lets just make it sure :)


ssh shellshock@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh shellshock@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
ycdxsb CTF / pwn / pwnable.kr / Toddler'sBottle1 分钟 读完 (大约 222 个字)

pwnable.kr —— mistake

question

1
2
3
4
5
6
7
8
9
We all make mistakes, let's move on.
(don't take this too seriously, no fancy hacking skill is required at all)

This task is based on real event
Thanks to dhmonkey

hint : operator priority

ssh mistake@pwnable.kr -p2222 (pw:guest)

题目要求我们使用ssh登录到服务器上ssh mistake@pwnable.kr -p2222,密码是guest,有的时候可能有身份的校验,这个时候需要加上参数-o StrictHostKeyChecking=no进行登录

阅读更多
关注我

链接

归档

订阅更新

邮件订阅,更新早知道

分类

最新文章

标签

AI2
CTF48
CVE4
Fuzz1
FuzzingBook1
HEVD5
NLP1
PyQt512
ROP Emporium2
Toddler's Bottle21
Web1
automatic analyse10
binary analyse1
codeql5
crypto7
fuzz3
life2
linux kernel2
machine learning1
mobile security1
others1
paper18
pentest3
pwn24
pwnable.kr21
re5
research20
security18
security situation awareness2
stack overflow3
tools2
windows8
work1
writeup5
数据库11
×