HACKINTOANETWORK

OFFENSIVE SECURITY RESEARCHER, PENETRATION TESTER

Wargame/H4CKING GAME

Hint from flask import Flask app = Flask(__name__) flag = open("FLAG").read() @app.route('/', methods=['GET', 'POST']) def main(): return 'Hello! Our Team is TeamH4C' @app.route('/guest', methods=['GET', 'POST']) def guest(): return 'ref. jfrog' @app.route('/flag', methods=['GET', 'POST']) def get_flag(): return flag if __name__ == '__main__': app.run() global daemon defaults mode http timeout c..

2022. 7. 24.

Wargame/H4CKING GAME

코드를 보면 입력 받은 $sol의 값을 unserialize를 하므로 obj 클래스를 serialize하여 풀어야 한다. Serialize PHP: serialize - Manual If you want write something strange, like string array to binary string, and you are afraid 0-days of php's serialize function, you can use this.Out:string(88) "031a000a0001004c6f72..."array(3) { [0]=> string(26) "Lorem ipsum dolor sit amet" [1]=> www.php.net O:strlen(object name):object name:ob..

2022. 7. 6.