picoCTF 2024 Forensic - Blast from the past
❯ exiftool -SubSecCreateDate='1970:01:01 00:00:00.001' -SubSecDateTimeOriginal='1970:01:01 00:00:00.001' -SubSecModifyDate='1970:01:01 00:00:00.001' original_modified2.jpg
1 image files updated
[20:47] zsh ≢ 356ms
/mnt/c/Users/LuYee6813/OneDrive - gapps.ntust.edu.tw/OneDrive/筆記/blog/LuYee6813.github.io/source/_posts/CTF/picoCTF2024/Forensic/Blast from the past
❯ exiftool ./original_modi ...
picoCTF 2021 reverse write-up
Transformation [20 points]題目給了加密的方法為:
''.join([chr((ord(flag[i]) << 8) + ord(flag[i + 1])) for i in range(0, len(flag), 2)])
寫一個程式把它解密
encode_flag = open("enc").read()
flag = ""
for i in range(0, len(encode_flag)):
character1 = chr((ord(encode_flag[i]) >> 8))
character2 = chr(encode_flag[i].encode('utf-16be')[-1])
flag += character1
flag += character2
print(flag)
Flag: picoCTF{16_bits_inst34d_of_8_26684c20}
keygenme-py [30 points]從source code中看到已經有一部分flag,看起來是要找出 ...
picoCTF 2024 reverse write-up
WinAntiDbg0x100WinAntiDbg0x200WinAntiDbg0x300FactCheck ~/CTF/FactCheck
❯ strings bin | grep "pico"
picoCTF{wELF_d0N3_mate_
gdb ./binb mainrni(直到flag跑出來)
packer
picoCTF buffer overflow 0 [100 points]
buffer overflow 0points:100
Description
Smash the stack Let’s start off simple, can you overflow the correct buffer? The program is available here. You can view source here. And connect with it using:
HintsHow can you trigger the flag to print?
If you try to do the math by hand, maybe try and add a few more characters. Sometimes there are things you aren't expecting.
Run man gets and read the BUGS section. How many characters can the program really read?
Solutiongcc vuln.c -m32 -fno-stack-p ...
picoCTF Who are you? [100 points]
Who are you?points:100
Description
Let me in. Let me iiiiiiinnnnnnnnnnnnnnnnnnnn http://mercury.picoctf.net:38322/
Hints
It ain’t much, but it’s an RFC https://tools.ietf.org/html/rfc2616
Solution一開始可以看到網頁有個提示:use PicoBrowser
User-Agent: PicoBrowser
I don’t trust users visiting from another site.
Referer: http://mercury.picoctf.net:38322/
Sorry, this site only worked in 2018.
Date: 2018
I don’t trust users who can be tracked.
DNT: 1
This website is only for people from Sweden.
X-Forwarded- ...
picoCTF It is my Birthday [100 points]
It is my Birthdaypoints:100
Description
I sent out 2 invitations to all of my friends for my birthday! I’ll know if they get stolen because the two invites look similar, and they even have the same md5 hash, but they are slightly different! You wouldn’t believe how long it took me to find a collision. Anyway, see if you’re invited by submitting 2 PDFs to my website. http://mercury.picoctf.net:50970/
Hint
Look at the category of this problem.How may a PHP site check the rules in the description? ...
picoCTF vault-door-training [50 points]
vault-door-trainingPoints:50
Problem
Your mission is to enter Dr. Evil’s laboratory and retrieve the blueprints for his Doomsday Project. The laboratory is protected by a series of locked vault doors. Each door is controlled by a computer and requires a password to open. Unfortunately, our undercover agents have not been able to obtain the secret passwords for the vault doors, but one of our junior agents obtained the source code for each vault’s computer! You will need to read the source code f ...
學習資訊安全動機與歷程
家庭背景的不同在我幼稚園小班的時候我爸就買了一台專屬於我的電腦,並完全不限制我使用的時間,我爸這麼做的目的竟是為了讓我不沉迷於電玩,他認為只要夠早接觸到電玩遲早會玩膩,這樣子以後就不會沉迷電玩,而果真在我一開始拿到電腦的我就像來到天堂似的每天拼命的玩,但到了國小我發現比起玩遊戲,我更喜歡的是研究遊戲是怎麼運作起來的,更想知道原理,所以便打開了我的資安歷程。
資安動機的萌芽在我幼稚園還沉溺於楓之谷這款遊戲的期間發生了我人生的一項轉淚點,我清楚地記得在我幼稚園中班放學後,我滿心期待的v75版海盜新職業更新的那一晚,我正創好剛出的新職業,我的帳號突然被登出,而在我重登進遊戲後我發現,我本尊的點裝與裝備全沒了,當時雖然我還小,但那個創傷我到現在還清楚地記得,從那時候我開始用我老爸的PTT到處發文(對我那時候就會用PTT),看完鄉民的留言我才知道原來我被駭客給盜了,從那時候我開始有了資安的意識,並希望自己有一天可以防止這種情形再次發生。
資安技術的歷程小學階段到了小學三四年級我開始接觸到了Minecraft,在那時我對Minecraft這款能夠自己加入模組的客製化遊戲非常著迷,於是當時我決定架設 ...
LeetCode[107] Binary Tree Level Order Traversal II
107. Binary Tree Level Order Traversal II難度:Medium
Python:
# Definition for a binary tree node.
# class TreeNode:
# def __init__(self, val=0, left=None, right=None):
# self.val = val
# self.left = left
# self.right = right
def dfs(root, depth, result):
if root == None:
return
if depth == len(result):
result.append([])
result[depth].append(root.val)
dfs(root.left, depth+1, result)
dfs(root.right, depth+1, result)
...
LeetCode[441] Arranging Coins
441. Arranging Coins難度:Easy
Python:
def arrangeCoins(n):
# r: 把第 1 ~ k 層塞滿會用到多少硬幣
r = 0
# k: 目前要塞的是第幾層
k = 1
while True:
r += k
if r > n:
return k - 1
k += 1
class Solution:
def arrangeCoins(self, n:int) -> int:
return arrangeCoins(n)
Python 公式解:
class Solution:
def arrangeCoins(self, n: int) -> int:
return (int)((2 * n + 0.25)**0.5 - 0.5)