banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

ctf

cover
cover
cover
cover
cover
cover
cover
cover
cover

命令执行绕过-死亡ping命令

路由器管理台经常存在的网络ping测试,开发者常常会禁用大量的恶意字符串,试试看如何绕过呢?
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

GZCTF平台搭建记录

GZ::CTF 是一个基于 ASP.NET Core 的开源 CTF 平台,采用 Docker 或 K8s 作为容器部署后端,提供了可自定义的题目类型、动态容器和动态分值功能。
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

某工业互联网安全技术技能大赛writeup

水了几题,其他的做不出来 -_-| modbus 题目给了个 modbus.pcapng 流量包 用 wireshark 打开,分析数据包,搜索 666c,666c 的 hex 解码就是 flag 的十六进制编码,导出分组解析结果为纯文本。 用 grep 去提取字符 去掉…
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

某网杯比赛writeup

比赛实操只有6道题,涉及web、misc、crypto题,这比赛帮客户打的,但这题目不难,也是,不然怎么是小比赛呢?
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

CTFd平台搭建记录

CTFd 简介 CTFd 是一个免费的开源 CTF(Capture the Flag)平台,它提供了一套强大的工具和解决方案,用于创建,组织,管理和托管 CTF 比赛和挑战性活动。CTFd 旨在满足有各种技能水平和背景的用户的需求,并提供了易于使用和可配置的界面。 CTFd…
cover
cover
cover
cover
cover
cover
cover
cover

建立一个docker私有仓库并提交镜像

最近搭建CTFd平台后,需要结合docker做动态flag靶场,所以就在本地另起一台机器,做成docker私有仓库,记录下过程。
cover
cover
cover

如何将ctfd平台映射到互联网

在 ctfd 平台安装完成后设置都行,不一定要在 ctfd 平台搭建之前设置,需要设置如下地方, 1、在互联网出口的路由器上映射平台端口(9124) 2、在互联网出口的路由器上映射环境端口(28000-28200) 3、配置 whale(如下图) 往下拉Frps config…
cover
cover
cover
cover
cover
cover
cover
cover

Ctfd分类分页设置

搭建了 ctfd 的朋友可能都知道,ctfd 中如果题目多起来了,就会在一个页面中显示所有的题目,这个时候就需要一个分类分页插件,从互联网上搜索之后,发现有一个项目可以满足要求,效果类似于 ctfshow、buuoj。 项目地址:https://github.com…
Ownership of this blog data is guaranteed by blockchain and smart contracts to the creator alone.