一篇文章带你读懂 TLS Poison 攻击 1. Preface2. Background2.1. TLS Overview2.1.1. TLS Handshake2.1.2. TLS Record2.2. TLS 1.22.2.1. TLS... 2021-04-21 03:34:26 | 阅读: 205 | 收藏 | blog.zeddyu.info 攻击 client getaddrinfo resumption payload

DEFCON 28 Final 杂记 Oct 15 2020 CTF an hour read (About 8593 words)1. Preface2. The First DEFCON Final In My Life2.1. S... 2020-10-15 03:11:50 | 阅读: 460 | 收藏 | blog.zeddyu.info propdef objtypedef mainmodule koh adderror

Plaid CTF 2020 Catalog Apr 24 2020 CTF an hour read (About 7349 words)1. Information1.1. CSP2. Exp2.1. User Activation2.2.... 2020-04-25 00:04:42 | 阅读: 171 | 收藏 | blog.zeddyu.info 26text activation ublock fragment chrome

Plaid CTF 2020 Contrived Web Problem Write Up 1. TL;DR2. CRLF in FTP3. The active mode of FTP4. The mail server5. rabbitmq6. SSRF!Here is my write... 2020-04-20 22:09:56 | 阅读: 132 | 收藏 | blog.zeddyu.info rabbitmq crlf client nodemailer username

使用 Dom Clobbering 扩展 XSS Mar 4 2020 Sec an hour read (About 8302 words)1. Basics2. Simple Example2.1. Exmaple 1 - Create2.2.... 2020-03-04 03:15:58 | 阅读: 171 | 收藏 | blog.zeddyu.info clobbering clobbered

XSS GAME 1. Introduction2. Area 512.1. Easy Version2.2. Difficult Version3. Keanu4. WW34.1. DOM Clobbering4.2... 2020-02-11 15:47:32 | 阅读: 121 | 收藏 | blog.zeddyu.info meme popover 作用域 绕过 memegen

36c3 Web 学习记录 1. File Magician1.1. other file1.1.1. TeX DVI file1.1.2. jpeg1.1.3. #!1.1.4. gz2. WriteUpBin2.1. Par... 2020-01-08 03:24:13 | 阅读: 138 | 收藏 | blog.zeddyu.info php parsley 数据 stmt wp

Help you understand HTTP Smuggling in one article 1. TL;NR2. TimeLine3. Causes3.1. HTTP Connection Mod3.1.1. Keep-Alive3.1.2. Pipline3.2. Message Body... 2019-12-08 18:09:00 | 阅读: 127 | 收藏 | blog.zeddyu.info te chunked 1host crlf security

一篇文章带你读懂 HTTP Smuggling 攻击 1. TL;NR2. TimeLine3. Causes3.1. HTTP Connection Mod3.1.1. Keep-Alive3.1.2. Pipline3.2. Message Body... 2019-12-05 11:28:11 | 阅读: 137 | 收藏 | blog.zeddyu.info te 攻击 chunked 1host crlf

XCTF Final NOXSS Write Up 1. Preparation1.1. INTRO1.1.1. Token1 - Get From Input1.1.2. Token1 - Auto Get From Input1.1.3. Toke... 2019-11-21 01:37:14 | 阅读: 133 | 收藏 | blog.zeddyu.info horiz adv glyph 0z

XCTF Final 2019 Web Write Up Nov 14 2019 CTF 28 minutes read (About 4131 words)1. Web1.1. babyblog1.2. babypress1.3. weiphp1.3.1... 2019-11-14 01:02:53 | 阅读: 144 | 收藏 | blog.zeddyu.info php modal curlopt setopt sanitizer

Red Hat 2019 Web Write Up 1. Ticket_System2. bank_service2.1. 侧信道攻击2.2. 稍加&#x... 2019-11-13 16:18:06 | 阅读: 155 | 收藏 | blog.zeddyu.info solr rdf 攻击 oneline 1host

XNUCA 2019 Qualifier Ezphp Oct 3 2019 CTF 41 minutes read (About 6201 words)1. L33T-HOSTER1.1. XBM1.1.1. .htaccess1.1.2. websh... 2019-10-03 20:19:21 | 阅读: 134 | 收藏 | blog.zeddyu.info php htaccess fl3g pcntl wbmp

Windows Defender 侧信道攻击 1. Windows Defender2. What Windows Defender will do3. Make Windows Defender Angry3.1. EICAR3.2. Mpen... 2019-09-17 23:22:10 | 阅读: 136 | 收藏 | blog.zeddyu.info nickname windows realname defender mal

ByteCTF 2019 Web WP Sep 17 2019 CTF 29 minutes read (About 4330 words)1. Web1.1. boring_code1.2. EzCMS1.3. rss1.4. baby... 2019-09-17 11:11:20 | 阅读: 176 | 收藏 | blog.zeddyu.info php pcntl setopt curlopt scandir

SUCTF 2019 出题笔记 & phar 反序列化的一些拓展 1. CheckIn2. pythonginx3. Upload Labs 23.1. FINFO_FILE3.2. php://filter3.3. XXE 2 phar3.4. Mysql3.5.... 2019-08-24 21:41:16 | 阅读: 165 | 收藏 | blog.zeddyu.info php finfo k0rz3n sh0w

ISITDTU CTF 2019 EasyPHP 回顾 1. Description2. Write Up2.1. Explation2.2. Doing2.2.1. Step 12.2.2. Step 22.2.3. Step 32.2.4. Step... 2019-07-20 02:22:26 | 阅读: 134 | 收藏 | blog.zeddyu.info php 9c 9e 9b 8d

NSCTF 2019 WP 1. Web1.1. Web11.2. Web21.3. Web31.4. Web41.5. Web51.6. Web62. Conclusion这是一个绿盟弄的 CTF ，因为在复习考试所以没怎么玩... 2019-07-07 01:44:10 | 阅读: 119 | 收藏 | blog.zeddyu.info setopt curlopt tac 注入

浅谈端口扫描技术 1. TCP1.1. TCP CONNECT SCAN1.1.1. usage1.2. TCP SYN SCAN1.2.1. usage1.3. TCP Xmas Tree SCAN1.3.1. us... 2019-06-12 11:45:47 | 阅读: 134 | 收藏 | blog.zeddyu.info 端口 nmap 数据 zombie rst

LFI2RCE 1. LFI1.1. session upload_progress1.2. tmp1.3. environ1.4. log1.4.1. access log1.4.2. ssh log1.4.3.... 2019-06-07 01:04:03 | 阅读: 109 | 收藏 | blog.zeddyu.info php 数据 sess ssh