作者:颖奇L'Amore

Most of the time is also called Y1ng. Cisco Certified Internetwork Expert - Routing and Switching. CTF player for team r3kapig. Forcus on Web Security. Islamic Scholar. Be good at sleeping and fishing in troubled waters.

79 篇文章

thumbnail
🇮🇳Zh3r0 CTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com 五天前打的,题都非常简单,当时刚打完De1CTF比较累,一直懒得写WP。今天打网鼎,结果上了两波题都没web(无语),抽个空来把wp写一下 一共5+1个web(其中一个题不在web分类内),都是签到题 Are you the Master? 1 (546pt) 打开之后没…
thumbnail
CTFshow 36D Web Writeup
Author:颖奇L'Amore Blog:www.gem-love.com 题目现已开源:https://github.com/y1nglamore/Y1ngCTF 本次web题目列表如下,其中红色为我出题的题目: 你没见过的注入 你取吧 给你shell ALL_INFO_YOU_WANT Login_Only_For_36D RemoteIma…
thumbnail
第六届XCTF开幕赛De1CTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com Check In 考点:.htaccess重写、CGI 难度:简单 题目上传不会修改文件名,但是过滤了ph,对于此类题目考虑htaccess重写 但是本题目会检测文件内容 黑名单: perl|pyth|ph|auto|curl|base|>|rm|ruby|open…
thumbnail
🇺🇸COVID-19 CTF Writeup
Author:颖奇L'Amore Blog:www.gem-love.com web只有一个题,到比赛结束一共30个solve,但是因为做过类似的,很快就给solve了 De1ctf自闭中,抽个空来把这个题wp写一下 Let's be transparent about this(300pt) This challenge is hosted by…
thumbnail
🇮🇱HexionCTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com Well Known(100pt) Well... it's known (: https://wk.hexionteam.com Author: Yarin 考点:Recon 难度:简单 打开之后是404,丢进扫描器发现了robots.txt,在robots.txt告知…
thumbnail
🇮🇳Deep CTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com 这比赛没上CTFTime,所以可能没什么人知道,我是被认识的国际友人拉过去打的 When you feel that you are lost, do not give up, fight and move on. Being a hacker is not easy, …
thumbnail
MRCTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com Ezpop_Revenge 考点:代码审计、SOAP反序列化、SSRF、CRLF 难度:难 这个题对payload要求太严格了,导致做了好几个小时,本地可以题目就是一直不行,心态崩了 题目打开是个typecho博客,www.zip泄露,下载得到源码,flag.php的代码…
thumbnail
武汉科技大学WUST-CTF 2020 Writeup
Author:颖奇L'Amore Blog:www.gem-love.com Checkin 考点:Recon 难度:简单 打开之后是个输入框,问Who's the Author,题目描述可知题目作者为52HeRtz,审查元素修改maxlength和disabled后提交 提交得到了一个弹窗,是52HeRtz的博客,其他的经测试都不会验证成功,扫描…