WEB
EasyMD5
靶机真不敢恭维
一个文件上传界面,得上传pdf
传两个pdf
https://www.cnblogs.com/wysngblogs/p/15905398.html
这篇文章看到md5碰撞,找到个工具fastcoll_v1.0.0.5
https://www.win.tue.nl/hashclash/
后续写的wp,flag可能不同
PHP的后门
https://blog.csdn.net/Shadow_DAI_990101/article/details/126772748
PHP-8.1.0-dev 后门命令执行漏洞复现_php version 8.1.0-dev-CSDN博客
PHP的XXE
复现题
https://blog.csdn.net/weixin_45605352/article/details/116494111[Vulhub] PHP环境 XML外部实体注入漏洞(XXE)_[php]xxe-CSDN博客
POST /simplexml_load_string.php
Flag:qsnctf{7424ea06cf2d49eb8573a3ab61ee51e3}
CRYPTO
解个方程
RSA
from Crypto import *
p = 241931796001904990999969786888588687021
q = 22992840446910799931521501699512943681
e = 65537
phi = (p-1)*(q-1)
d = pow(e,-1,phi)
print(d)
Flag :qsnctf{a52c2da560e84debbaf2e286c2e50bed}
四重加密
Flag: qsnctf{ldvgosdabv_kfkjc_jcvsbdi}
MISC
CTFer Revenge
附件得到一个字节反转的txt,b4 05
标签:txt,CTF,jpg,qsnctf,2024,Flag,wp,PHP,open From: https://www.cnblogs.com/xhzccy/p/18048182