HvAng's Nests

Crypto🌟栖居于可能性之中MNZWK327L5SW6ZDGOJ2GQZLPMNPWS5LOPNWG25DUL5ZF6X3ZN5XV65LBNJXHG43XMNSW62DXNRXWG4C7OB4V63TPL56Q==== Base32 + (Fence=3)cnss{welcome_to_the_world_of_crypto_hope_you_can_join_us} 🎏波兰来客from Crypto.Util.number import *from sage.all import *from secret import flag11p = getPrime(512)m = bytes_to_long(flag11)e = 0x10001c = pow(m, e, p)print(f'c = {c}')print(f'p = {p}')#RSA is the most commonly used asymmetric encryption, you can study it cl ...

Webweb1 ez_unserialize 开胃小菜 <?phperror_reporting(0);highlight_file(__FILE__);class A { public $first; public $step; public $next; public function __construct() { $this->first = "继续加油！"; } public function start() { echo $this->next; }}class E { private $you; public $found; private $secret = "admin123"; public function __get($name){ if($name === "secret") { ...

Miscmd7const fs = require("fs");const readline = require("readline");const md5 = require("md5");const rl = readline.createInterface({ input: process.stdin, output: process.stdout});function askQuestion(query) { return new Promise(resolve => rl.question(query, resolve));}function normalize(numStr) { if (!/^\d+$/.test(numStr)) { return null; } return numStr.replace(/^0+/, "") || "0";}console.log(& ...

以下题目，*代表赛中未做出来，**代表暂未尝试解题 一些wpMNGASU密码-糖醋小鸡块 Webguess | 79 solvedfrom flask import Flask, request, jsonify, session, render_template, redirectimport randomrd = random.Random()def generate_random_string(): return str(rd.getrandbits(32))app = Flask(__name__)app.secret_key = generate_random_string()users = []a = generate_random_string()@app.route('/register', methods=['POST', 'GET'])def register(): if request.method == 'GET': return render_tem ...

还是太难了QWQ，等补档了…… wp参考https://c1oudfl0w0.github.io/blog/2025/09/13/N1CTF-Junior-2025-2-2https://enoch.host/archives/n1ctf-junior-2025https://mp.weixin.qq.com/s/NtgULOY4uKJ5MT3L5WLcqAhttps://onehang01.github.io/2025/09/15/n1ctf-web-wp/https://www.cnblogs.com/lee0/p/19095583 Webonline_unzipperimport osimport uuidfrom flask import Flask, request, redirect, url_for, send_file, render_template, session, send_from_directory, abort, Responseapp = Flask(__name__)app.secret_key = os.environ.get("FLA ...

Crypto原来是这样，去年招新赛的题放到了summer，那新生就惨喽 task1(😴 苦昼短)见cnss-recruit-2024😴 苦昼短 O…OFB ?(🐬 詩超絆)见cnss-recruit-2024🐬 詩超絆 线…线性规划？(😭 声声慢)from Crypto.Util.number import *nbits = 640n = getRandomNBitInteger(nbits)s = 0a = []x = []for i in range(4): ai = getRandomNBitInteger(nbits) xi = getRandomNBitInteger(64 + 32 * i) a.append(ai) x.append(xi) s += ai * xik = s//ns %= nprint(f"{n = }")print(f"{s = }")print(f"{a = }")flag = 'c ...

哦豁，这场化身AI大师，周末上大分 Webez_signinfrom flask import Flask, request, render_template, jsonifyfrom pymongo import MongoClientimport reapp = Flask(__name__)client = MongoClient("mongodb://localhost:27017/")db = client['aggie_bookstore']books_collection = db['books']def sanitize(input_str: str) -> str: return re.sub(r'[^a-zA-Z0-9\s]', '', input_str)@app.route('/')def index(): return render_template('index.html', books=None)@a ...

很好，属于是来重庆旅游来了，先爆一下战绩，初始谜题做了一个，差点爆零(bushi) 去年还能做两个初始谜题，后面的夺旗闯关还能有点思路，就是不会写而已 今年的夺旗闯关就真不会了，看得懂一点，但具体不知道要干嘛，证书 sm4 sm2 什么的不会啊 Rank: 90+/205，去年好像也是90多，但今年参赛队伍多了不少，难度也难了不少，都没人AK了()，去年四五支队伍AK，我那一列就两三个…… 初始谜题1*# sm4_encrypt.pyimport binasciifrom pyasn1.codec.der.decoder import decodefrom pyasn1.type import univ, namedtypefrom cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modesfrom cryptography.hazmat.backends import default_backendfrom gmssl import sm3, func, sm2from pyasn1.codec.d ...

此文诞生于本人实习期间，属于是摸鱼成果，虽然但是也没打几个靶场，毕竟哪有这么爽的鱼可以摸 只能说vulnhub这边的靶场比较偏向教育性质，适合新手，可能进阶的那些我还没接触() 在某次训练营中，被主办方设计的比较贴近实际的仿真靶场给虐到了，后续应该会投向与HTB等靶场平台继续学习了…… nmap命令参数介绍待补充 SickOS1.1网络适配器设置成NAT模式这里靶机需要登陆 主机发现和端口扫描ip a获取kali本机的ip，然后扫描该网段的主机存活信息nmap -sn 192.168.32.0/24靶机上线前后各扫一次就可以找到靶机ip了最小速率10000扫描，-p-扫描全部端口nmap --min-rate 10000 -p- 192.168.32.129发现22端口的ssh服务开放，3128端口的squid-http服务开放，8080端口的http服务关闭tcp再扫一下这三个端口，-sT用TCP扫描，-sV查看服务版本，-O查看操作系统版本，-p后面添加端口号 UDP再扫一次，确保不会漏掉攻击面nmap -sU -p22,3128,8080 192.168.32.129还是没有关键 ...

D3CTF2025 - d3modelimport kerasfrom flask import Flask, request, jsonifyimport osdef is_valid_model(modelname): try: keras.models.load_model(modelname) except: return False return Trueapp = Flask(__name__)@app.route('/', methods=['GET'])def index(): return open('index.html').read()@app.route('/upload', methods=['POST'])def upload_file(): if 'file' not in request.files: return jsonify({'error ...