Hi

Original link: https://5ime.cn/cobaltstrike-decrypt.html Cobalt Strike is a GUI framework penetration tool that integrates port forwarding, service scanning, automated overflow, multi-mode port monitoring, win exe Trojan generation, win dll Trojan generation, java Trojan generation, office macro virus generation, and Trojan bundling; Phishing attacks include: site cloning, target information acquisition, java execution, browser automatic attacks, etc. This …

A brief analysis of CobaltStrike traffic decryption Read More »

Original link: https://5ime.cn/longjiancup-2023.html There are a lot of questions, and the masters are also very fierce~ Generally speaking, most of the questions in the Longjian Cup are quite friendly to novices. Perhaps the biggest problem for everyone is that there is not enough time for 2333. In addition, I don’t know why so many companies …

Longjian Cup 2023 Writeup Read More »

Original link: https://5ime.cn/peekgeek-2023.html Misc welcome Gathering of geeks, chasing dreams to the top! Welcome everyone to participate in the China Telecom·2023 “Peak Geek” Cyber ​​Security Skills Challenge. The air conditioner for this game has been turned on. jpg, all players are requested to submit their flag certificates to enter in an orderly manner. This article …

Peak Geek 2023 Writeup Read More »

Original link: https://5ime.cn/awdp.html written in front I recently participated in the CISCN divisional competition, the competition system is AWDP, and the blogger is also playing AWDP for the first time. The blogger is a Web player, and at the same time brought a tea break Ak player, 1v4 is too painful. I was in the …

CTF Offline AWDP Summary Read More »

Original link: https://5ime.cn/seek.html This article is transferred from: https://5ime.cn/seek.html This site is only for collection, and the copyright belongs to the original author.

Original link: https://5ime.cn/ISCC-2023.html Since the whole month of May was very busy, Writeup wrote a little bit in the first week of the competition. I originally planned to reproduce it after the competition when Henan handed in the questions to solve the environment, but I didn’t expect to open the environment… But I still have …

ISCC 2023 Writeup Read More »

Original link: https://5ime.cn/iscc-2023-measure.html written in front Before the start of the game, I knew that this year’s actual combat problem stage one must still be a CVE recurrence problem, and there is a high probability that only the first stage can be solved. But this year is the same as last year, it takes a …

ISCC 2023 Practical Questions Writeup Read More »

Original link: https://5ime.cn/shanxi-2023.html Web ezpop This article is transferred from: https://5ime.cn/shanxi-2023.html This site is only for collection, and the copyright belongs to the original author.

Original link: https://5ime.cn/heidun-2023.html written in front Since the writeup was not submitted for the preliminary competition, the questions of the preliminary competition were not complete (the semi-finals were solved), and it seemed that this competition was quite good, and I entered the final after playing casually… But the organizer did not report travel and no …

Fujian Mindun Cup Cyberspace Security Competition 2023 Writeup Read More »

Original link: https://5ime.cn/nb-infosec-2023.html Because you don’t report business trips offline, you simply paddle (it’s definitely not because you can’t enter offline! ) This article is transferred from: https://5ime.cn/nb-infosec-2023.html This site is only for collection, and the copyright belongs to the original author.

Original link: https://5ime.cn/hmgb-2023.html DNA codes for I’m speechless… After PUA for a long time, ChatGPT didn’t come out. Overall, the topic is okay. This article is transferred from: https://5ime.cn/hmgb-2023.html This site is only for collection, and the copyright belongs to the original author.

Original link: https://5ime.cn/typecho-xss2rce.html Same as the PHPStudy RCE some time ago, it is 1click, and RCE is realized through stored XSS This article is transferred from: https://5ime.cn/typecho-xss2rce.html This site is only for collection, and the copyright belongs to the original author.

Original link: https://5ime.cn/xybsyw-re.html In the article Realizing automatic sign-in by capturing the alumni state applet , we know that sign-in and sign-out are realized by requesting the following interface 1 https://xcx.xybsyw.com/student/clock/Post.action Among them, Cookie in the request header can be obtained through the interface, v and n are fixed values, and the three parameters t …

Alumni State applet sign-in encryption logic analysis Read More »