Cryptography in reverse analysis -- MD5

0x01 introduction MD5 message digest algorithm (English: MD5 message digest algorithm), a widely used cryptographic hash function, can generate a 128 bit (16 byte) hash value. It can be used to ensure the integrity and consistency of information transmission. Save the password in the database (md5(pass,salt) mode). 0x02 algorithm flow 1. Dat ...

Added by egroeg41 on Tue, 08 Mar 2022 15:25:42 +0200

XCTF_MOBILE11_ Hacker spirit

First sight The attachment is an apk. Run it in the simulator first. The simulator with ARM CPU must be selected, because the native library in the app only provides the version of arm instruction set, not x86 instruction set: After the simulator starts, drag apk to the simulator for installation. After installation, the icon of app in the ...

Added by kelvin on Mon, 21 Feb 2022 15:17:52 +0200

Ctfshow web introduction nodejs part of the problem solution

nodejs web334 Download the attachment first and click user JS found account password module.exports = { items: [ {username: 'CTFSHOW', password: '123456'} ] }; It is wrong to directly enter the account and password when opening the environment. The specific reason is in login JS var findUser = function(name, password){ retur ...

Added by JC99 on Fri, 11 Feb 2022 23:05:47 +0200

web learning record of CTF -- advanced SQL injection

summary โ€ƒ this part is the advanced part of sql injection knowledge, and introduces more injection skills. Time injection attack โ€ƒโ€ƒ the scenario of time injection attack is also that the server does not return the information of query statements, which is similar to boolean injection attack. boolean injection guesses the d ...

Added by ma9ic on Wed, 09 Feb 2022 20:44:09 +0200

Winter vacation question brushing record 2

BUU question brushing record 1.20 [De1CTF2019]babyrsa subject import binascii from data import e1,e2,p,q1p,q1q,hint,flag n = [20129615352491765499340112943188317180548761597861300847305827141510465619670536844634558246439230371658836928103063432870245707180355907194284861510906071265352409579441048101084995923962148527097370705452070577098780 ...

Added by warewolfe on Thu, 03 Feb 2022 12:53:17 +0200

ctfshow sql injection web171-web253 wp

Reference articles Nanshen blog: https://www.wlhhlc.top/ y4 blog: https://y4tacker.blog.csdn.net/ feng blog: https://ego00.blog.csdn.net/ sql injection Let's just start sql injection now. web171 Just after entering, we can see that there are three columns: id, username and password The statement is $sql = "select username,passwor ...

Added by devarticles on Thu, 03 Feb 2022 10:31:56 +0200

PHP serialization and deserialization

preface Concept: In fact, this is to solve a problem of PHP object transfer, because PHP files will destroy the object after execution. If there is a page that happens to use the object just destroyed next time, there will be nothing to do. You can't always let it destroy. Wait for you, so people came up with a method that can save the o ...

Added by mattchewone on Mon, 31 Jan 2022 03:04:35 +0200

BUUOJ question brushing record 5-8

[strong net cup 2019] casual note I seem to have seen the WP of this problem before, which has nothing to do with my inability to do it ๐Ÿ˜‹ โ€‹ Aside, sqlmap is correct (no, I don't think I have any ideas like this. I'll supplement the basic posture first and then come back) โ€‹ First, test with 1 'and find that there is injection Then use the ...

Added by Thatsmej on Wed, 26 Jan 2022 16:14:21 +0200

[wp] 2021 sloth trial

Conscience Discovery has made up for the wp in the trial hundreds of years ago. After all, there is a misc in the warm-up game Put a warehouse portal: SCNU sloth / hsctf-2021-trial: topics and wp of 2021 trial of iscnu x sloth network security research group Misc Where is my fufu? Picture name Fu Fu Png indicates that there are two fufu in thi ...

Added by Calahan on Wed, 26 Jan 2022 09:18:28 +0200

National Division awd post game Summary - feel at ease to be an awd bastard

Reprinted in the security guest I sent ha ~, if you are interested, you can click the link https://www.anquanke.com/post/id/245158 Safe guest - thoughtful safe new media Recently, I participated in the national division competition. My division happens to be the awd competition system, so I summarized the basic exercises about awd to facilitat ...

Added by new2phpcode on Sat, 22 Jan 2022 19:06:09 +0200